/daten/src/linux-2.4.27-rsbac-v1.2.3/include/rsbac/pm.h

Go to the documentation of this file.
00001 /******************************* */ 00002 /* Rule Set Based Access Control */ 00003 /* Author and (c) 1999: Amon Ott */ 00004 /* API: Data structures */ 00005 /* and functions for Access */ 00006 /* Control Information / PM */ 00007 /* Last modified: 08/Feb/99 */ 00008 /******************************* */ 00009 00010 #ifndef __RSBAC_PM_H 00011 #define __RSBAC_PM_H 00012 00013 #include <linux/init.h> 00014 #include <rsbac/pm_types.h> 00015 00016 /***************************************************/ 00017 /* General Prototypes */ 00018 /***************************************************/ 00019 00020 /* All functions return 0, if no error occurred, and a negative error code */ 00021 /* otherwise. The error codes are defined in rsbac_error.h. */ 00022 00023 /****************************************************************************/ 00024 /* Initialization, including ACI restoration for all mounted devices from */ 00025 /* disk. After this call, all ACI is kept in memory for performance reasons,*/ 00026 /* but user and file/dir object ACI are written to disk on every change. */ 00027 00028 #ifdef CONFIG_RSBAC_INIT_DELAY 00029 extern int rsbac_init_pm(void); 00030 #else 00031 extern int rsbac_init_pm(void) __init; 00032 #endif 00033 00034 /* Some information about the current status is also available */ 00035 00036 extern int rsbac_stats_pm(void); 00037 00038 /* RSBAC attribute saving to disk can be triggered from outside 00039 * param: call lock_kernel() before writing? 00040 */ 00041 00042 #ifdef CONFIG_RSBAC_AUTO_WRITE 00043 extern int rsbac_write_pm(boolean); 00044 #endif /* CONFIG_RSBAC_AUTO_WRITE */ 00045 00046 /************************************************* */ 00047 /* Access functions */ 00048 /************************************************* */ 00049 00050 /***********************/ 00051 /* Helper lists / sets */ 00052 /***********************/ 00053 00054 /* All these procedures handle the semaphores to protect the targets during */ 00055 /* access. */ 00056 /* Trying to access a never created or removed set returns an error! */ 00057 00058 /* rsbac_pm_add_to_set */ 00059 /* Add a set member to a set sublist. Set behaviour: also returns success, */ 00060 /* if member was already in set! */ 00061 00062 int rsbac_pm_add_to_set(enum rsbac_pm_set_t, /* set type */ 00063 union rsbac_pm_set_id_t, /* set id */ 00064 union rsbac_pm_set_member_t); /* set member to add */ 00065 00066 00067 /* rsbac_pm_remove_from_set */ 00068 /* Remove a set member from a sublist. Set behaviour: Returns no error, if */ 00069 /* member is not in list. */ 00070 00071 int rsbac_pm_remove_from_set(enum rsbac_pm_set_t, /* see above */ 00072 union rsbac_pm_set_id_t, 00073 union rsbac_pm_set_member_t); 00074 00075 00076 /* rsbac_pm_clear_set */ 00077 /* Remove all members from a set. Set behaviour: Returns no error, */ 00078 /* if list is empty. */ 00079 00080 int rsbac_pm_clear_set(enum rsbac_pm_set_t, /* set type */ 00081 union rsbac_pm_set_id_t); /* set id */ 00082 00083 00084 /* rsbac_pm_set_member */ 00085 /* Return truth value, whether member is in set */ 00086 00087 boolean rsbac_pm_set_member(enum rsbac_pm_set_t, /* set type */ 00088 union rsbac_pm_set_id_t, /* set id */ 00089 union rsbac_pm_set_member_t); /* member */ 00090 00091 00092 /* rsbac_pm_pp_subset */ 00093 /* Return truth value, whether pp_set is subset of in_pp_set */ 00094 00095 boolean rsbac_pm_pp_subset (rsbac_pm_pp_set_id_t, 00096 rsbac_pm_in_pp_set_id_t); 00097 00098 00099 /* rsbac_pm_pp_superset */ 00100 /* Return truth value, whether pp_set is superset of out_pp_set */ 00101 00102 boolean rsbac_pm_pp_superset (rsbac_pm_pp_set_id_t, 00103 rsbac_pm_out_pp_set_id_t); 00104 00105 00106 /* rsbac_pm_pp_only */ 00107 /* Return truth value, if there is not other item in out_pp_set than purpose */ 00108 00109 boolean rsbac_pm_pp_only (rsbac_pm_purpose_id_t, 00110 rsbac_pm_out_pp_set_id_t); 00111 00112 00113 /* rsbac_pm_pp_intersec */ 00114 /* Create intersection of pp_set and in_pp_set in in_pp_set */ 00115 /* If in_pp_set does not exist, it is created with all members of pp_set */ 00116 /* If pp_set does not exist or one of them is invalid, an error is returned */ 00117 00118 int rsbac_pm_pp_intersec (rsbac_pm_pp_set_id_t, 00119 rsbac_pm_in_pp_set_id_t); 00120 00121 00122 /* rsbac_pm_pp_union */ 00123 /* Create union of pp_set and out_pp_set in out_pp_set */ 00124 /* If out_pp_set does not exist, it is created with all members of pp_set */ 00125 /* If pp_set does not exist or one of them is invalid, an error is returned */ 00126 00127 int rsbac_pm_pp_union (rsbac_pm_pp_set_id_t, 00128 rsbac_pm_out_pp_set_id_t); 00129 00130 00131 /* rsbac_pm_create_set */ 00132 /* Create a new set of given type, using id id. Using any other set */ 00133 /* function for a set id without creating this set returns an error. */ 00134 /* To empty an existing set use rsbac_pm_clear_set. */ 00135 00136 int rsbac_pm_create_set (enum rsbac_pm_set_t, /* set type */ 00137 union rsbac_pm_set_id_t); /* set id */ 00138 00139 00140 /* rsbac_pm_set_exist */ 00141 /* Return truth value whether set exists, returns FALSE for invalid */ 00142 /* values. */ 00143 00144 boolean rsbac_pm_set_exist (enum rsbac_pm_set_t, /* set type */ 00145 union rsbac_pm_set_id_t); /* set id */ 00146 00147 00148 /* rsbac_pm_remove_set */ 00149 /* Remove a full set. After this call the given id can only be used for */ 00150 /* creating a new set, anything else returns an error. */ 00151 /* To empty an existing set use rsbac_pm_clear_set. */ 00152 00153 int rsbac_pm_remove_set (enum rsbac_pm_set_t, /* set type */ 00154 union rsbac_pm_set_id_t); /* set id */ 00155 00156 00157 /**************/ 00158 /* Main lists */ 00159 /**************/ 00160 00161 /* rsbac_pm_get_data() and rsbac_pm_set_data() change single data values. */ 00162 /* rsbac_pm_add_target() adds a new list item and sets all data values as */ 00163 /* given. rsbac_pm_remove_target() removes an item. */ 00164 00165 /* A rsbac_pm_[sg]et_data() call for a non-existing target will return an */ 00166 /* error.*/ 00167 /* Invalid parameter combinations return an error. */ 00168 00169 /* All these procedures handle the semaphores to protect the targets during */ 00170 /* access. */ 00171 00172 int rsbac_pm_get_data(enum rsbac_pm_target_t, /* list type */ 00173 union rsbac_pm_target_id_t, /* item id in list */ 00174 enum rsbac_pm_data_t, /* data item */ 00175 union rsbac_pm_data_value_t *); /* for return value */ 00176 00177 00178 int rsbac_pm_get_all_data(enum rsbac_pm_target_t, /* list type */ 00179 union rsbac_pm_target_id_t, /* item id in list */ 00180 union rsbac_pm_all_data_value_t *); /* for return value */ 00181 00182 00183 boolean rsbac_pm_exists(enum rsbac_pm_target_t, /* list type */ 00184 union rsbac_pm_target_id_t); /* item id in list */ 00185 00186 00187 int rsbac_pm_set_data(enum rsbac_pm_target_t, /* list type */ 00188 union rsbac_pm_target_id_t, /* item id in list */ 00189 enum rsbac_pm_data_t, /* data item */ 00190 union rsbac_pm_data_value_t); /* data value */ 00191 00192 00193 int rsbac_pm_add_target(enum rsbac_pm_target_t, /* list type */ 00194 union rsbac_pm_all_data_value_t); /* values for all */ 00195 /* data items, */ 00196 /* incl. item id */ 00197 00198 00199 int rsbac_pm_remove_target(enum rsbac_pm_target_t, /* list type */ 00200 union rsbac_pm_target_id_t); /* item id in list */ 00201 00202 #endif

Generated on Tue Aug 31 10:05:22 2004 for RSBAC by doxygen 1.3.8