/daten/src/linux-2.4.27-rsbac-v1.2.3/rsbac/adf/pm/pm_syscalls.c

Go to the documentation of this file.
00001 /*************************************************** */ 00002 /* Rule Set Based Access Control */ 00003 /* Implementation of the Access Control Decision */ 00004 /* Facility (ADF) - Privacy Model */ 00005 /* File: rsbac/adf/pm/syscalls.c */ 00006 /* */ 00007 /* Author and (c) 1999-2004: Amon Ott <ao@rsbac.org> */ 00008 /* */ 00009 /* Last modified: 13/Apr/2004 */ 00010 /*************************************************** */ 00011 00012 #include <linux/string.h> 00013 #include <rsbac/aci.h> 00014 #include <linux/sched.h> 00015 #include <linux/fs.h> 00016 #include <linux/stat.h> 00017 #include <linux/smp_lock.h> 00018 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) 00019 #include <linux/syscalls.h> 00020 #endif 00021 #include <rsbac/pm_types.h> 00022 #include <rsbac/pm.h> 00023 #include <rsbac/pm_getname.h> 00024 #include <rsbac/error.h> 00025 #include <rsbac/debug.h> 00026 #include <rsbac/helpers.h> 00027 #include <rsbac/adf.h> 00028 #include <rsbac/adf_main.h> 00029 00030 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) 00031 #include <linux/namei.h> 00032 #include <linux/file.h> 00033 #include <linux/mount.h> 00034 #endif 00035 00036 /************************************************* */ 00037 /* Global Variables */ 00038 /************************************************* */ 00039 00040 /************************************************* */ 00041 /* Declarations */ 00042 /************************************************* */ 00043 00044 00045 /************************************************* */ 00046 /* Internal Help functions */ 00047 /************************************************* */ 00048 00049 static int pm_get_file(const char * name, 00050 enum rsbac_target_t * target_p, 00051 union rsbac_target_id_t * tid_p) 00052 { 00053 int error = 0; 00054 struct dentry * dentry_p; 00055 struct nameidata nd; 00056 00057 /* get file dentry */ 00058 if ((error = user_path_walk(name, &nd))) 00059 { 00060 #ifdef CONFIG_RSBAC_DEBUG 00061 if (rsbac_debug_aef_pm) 00062 printk(KERN_DEBUG "pm_get_file(): call to user_path_walk() returned %i\n", error); 00063 #endif 00064 return(-RSBAC_EINVALIDTARGET); 00065 } 00066 dentry_p = nd.dentry; 00067 if (!dentry_p->d_inode) 00068 { 00069 #ifdef CONFIG_RSBAC_DEBUG 00070 if (rsbac_debug_aef_pm) 00071 printk(KERN_DEBUG 00072 "pm_get_file(): file not found\n"); 00073 #endif 00074 return(-RSBAC_EINVALIDTARGET); 00075 } 00076 if(S_ISREG(dentry_p->d_inode->i_mode)) 00077 { 00078 /* copy device and inode */ 00079 tid_p->file.device = dentry_p->d_sb->s_dev; 00080 tid_p->file.inode = dentry_p->d_inode->i_ino; 00081 tid_p->file.dentry_p = dentry_p; 00082 *target_p = T_FILE; 00083 } 00084 else if(S_ISFIFO(dentry_p->d_inode->i_mode)) 00085 { 00086 /* copy device and inode */ 00087 tid_p->file.device = dentry_p->d_sb->s_dev; 00088 tid_p->file.inode = dentry_p->d_inode->i_ino; 00089 tid_p->file.dentry_p = dentry_p; 00090 *target_p = T_FIFO; 00091 } 00092 else if(S_ISBLK(dentry_p->d_inode->i_mode)) 00093 { 00094 /* copy dev data */ 00095 tid_p->dev.type = D_block; 00096 tid_p->dev.id = dentry_p->d_inode->i_rdev; 00097 *target_p = T_DEV; 00098 } 00099 else if(S_ISCHR(dentry_p->d_inode->i_mode)) 00100 { 00101 /* copy dev data */ 00102 tid_p->dev.type = D_char; 00103 tid_p->dev.id = dentry_p->d_inode->i_rdev; 00104 *target_p = T_DEV; 00105 } 00106 else 00107 error = -RSBAC_EINVALIDTARGET; 00108 /* and free inode */ 00109 dput(dentry_p); 00110 /* return */ 00111 return(error); 00112 }; 00113 00114 /************************************************** */ 00115 /* Externally visible functions */ 00116 /************************************************* */ 00117 00118 /*****************************************************************************/ 00119 /* This function is called via sys_rsbac_pm() system call */ 00120 /* and serves as a dispatcher for all PM dependant system calls. */ 00121 00122 int rsbac_pm(enum rsbac_pm_function_type_t function, 00123 union rsbac_pm_function_param_t param, 00124 rsbac_pm_tkt_id_t tkt) 00125 { 00126 union rsbac_pm_all_data_value_t all_data; 00127 enum rsbac_target_t target; 00128 union rsbac_target_id_t tid; 00129 union rsbac_attribute_value_t attr_val; 00130 union rsbac_pm_target_id_t pm_tid; 00131 union rsbac_pm_target_id_t pm_tid2; 00132 union rsbac_pm_data_value_t data_val; 00133 int error = 0; 00134 rsbac_uid_t owner; 00135 enum rsbac_pm_role_t role; 00136 struct rsbac_pm_purpose_list_item_t pp_set; 00137 union rsbac_pm_set_id_t pm_set_id; 00138 union rsbac_pm_set_member_t pm_set_member; 00139 union rsbac_pm_tkt_internal_function_param_t tkt_i_function_param; 00140 struct rsbac_fs_file_t file; 00141 struct rsbac_dev_t dev; 00142 char tmp[80]; 00143 boolean class_exists = FALSE; 00144 00145 /* No processing possible before init (called at boot time) */ 00146 if (!rsbac_is_initialized()) 00147 return(-RSBAC_ENOTINITIALIZED); 00148 00149 get_pm_function_type_name(tmp,function); 00150 #ifdef CONFIG_RSBAC_DEBUG 00151 if(rsbac_debug_ds_pm) 00152 printk(KERN_DEBUG 00153 "rsbac_pm(): called for function %s (No.%i)\n", 00154 tmp,function); 00155 #endif 00156 /* Getting basic information about caller */ 00157 /* only useful for real process, not idle or init */ 00158 if (current->pid > 1) 00159 owner = current->uid; 00160 else /* caller_pid <= 1 -> kernel or init are always owned by root */ 00161 owner = 0; 00162 00163 /* getting owner's pm_role from rsbac system */ 00164 tid.user = owner; 00165 error = rsbac_get_attr(PM,T_USER,tid,A_pm_role,&attr_val,TRUE); 00166 if (error) 00167 { 00168 printk(KERN_WARNING 00169 "rsbac_pm(): rsbac_get_attr() for pm_role returned error %i", 00170 error); 00171 return(-RSBAC_EREADFAILED); /* something weird happened */ 00172 } 00173 role = attr_val.pm_role; 00174 00175 switch(function) 00176 { 00177 case PF_create_ticket: 00178 /* check, whether this ticket id already exists */ 00179 pm_tid.tkt = param.create_ticket.id; 00180 if(rsbac_pm_exists(PMT_TKT, 00181 pm_tid)) 00182 return(-RSBAC_EEXISTS); 00183 00184 /* Check caller's pm_role, if needed, get file id for filename from */ 00185 /* param.x.filename, and copy params to tkt_internal_func_params. */ 00186 /* This part depends on the function the ticket shall be for. */ 00187 switch(param.create_ticket.function_type) 00188 { 00189 case PTF_add_na: 00190 if(role != PR_data_protection_officer) 00191 return(-RSBAC_EPERM); 00192 tkt_i_function_param.add_na 00193 = param.create_ticket.function_param.add_na; 00194 break; 00195 00196 case PTF_delete_na: 00197 if(role != PR_data_protection_officer) 00198 return(-RSBAC_EPERM); 00199 tkt_i_function_param.delete_na 00200 = param.create_ticket.function_param.delete_na; 00201 break; 00202 00203 case PTF_add_task: 00204 if(role != PR_data_protection_officer) 00205 return(-RSBAC_EPERM); 00206 tkt_i_function_param.add_task 00207 = param.create_ticket.function_param.add_task; 00208 break; 00209 00210 case PTF_delete_task: 00211 if(role != PR_data_protection_officer) 00212 return(-RSBAC_EPERM); 00213 tkt_i_function_param.delete_task 00214 = param.create_ticket.function_param.delete_task; 00215 break; 00216 00217 case PTF_add_object_class: 00218 if(role != PR_data_protection_officer) 00219 return(-RSBAC_EPERM); 00220 /* class-id 0, IPC and DEV are used internally, reject */ 00221 if( !param.create_ticket.function_param.add_object_class.id 00222 || (param.create_ticket.function_param.add_object_class.id 00223 == RSBAC_PM_IPC_OBJECT_CLASS_ID) 00224 || (param.create_ticket.function_param.add_object_class.id 00225 == RSBAC_PM_DEV_OBJECT_CLASS_ID)) 00226 { 00227 printk(KERN_DEBUG 00228 "rsbac_pm(): add_object_class: reserved class-id 0, %u or %u requested!\n", 00229 RSBAC_PM_IPC_OBJECT_CLASS_ID, 00230 RSBAC_PM_DEV_OBJECT_CLASS_ID); 00231 return(-RSBAC_EINVALIDVALUE); 00232 } 00233 /* copy class-id */ 00234 tkt_i_function_param.tkt_add_object_class.id 00235 = param.create_ticket.function_param.add_object_class.id; 00236 /* init pp_set-id for this ticket to 0 */ 00237 tkt_i_function_param.tkt_add_object_class.pp_set 00238 = 0; 00239 /* get purposes from user space and add them to set */ 00240 if(param.create_ticket.function_param.add_object_class.pp_list_p) 00241 { 00242 #ifdef CONFIG_RSBAC_DEBUG 00243 if(rsbac_debug_ds_pm) 00244 printk(KERN_DEBUG 00245 "rsbac_pm(): getting pp_list from user space\n"); 00246 #endif 00247 /* set a unique pp_set-id for this ticket (negative tkt-id) */ 00248 pm_set_id.pp_set = -param.create_ticket.id; 00249 if((error = rsbac_pm_create_set(PS_PP,pm_set_id))) 00250 { 00251 printk(KERN_WARNING 00252 "rsbac_pm(): rsbac_pm_create_set() for PP returned error %i", 00253 error); 00254 return(-RSBAC_EWRITEFAILED); 00255 } 00256 rsbac_get_user((u_char *) &pp_set, 00257 (u_char *) param.create_ticket.function_param.add_object_class.pp_list_p, 00258 sizeof(pp_set)); 00259 pm_set_member.pp = pp_set.id; 00260 if((error = rsbac_pm_add_to_set(PS_PP,pm_set_id,pm_set_member))) 00261 { 00262 printk(KERN_WARNING 00263 "rsbac_pm(): rsbac_pm_add_to_set() for PP returned error %i", 00264 error); 00265 rsbac_pm_remove_set(PS_PP,pm_set_id); 00266 return(-RSBAC_EWRITEFAILED); 00267 } 00268 00269 while(pp_set.next) 00270 { 00271 rsbac_get_user((u_char *) &pp_set, 00272 (u_char *) pp_set.next, 00273 sizeof(pp_set)); 00274 pm_set_member.pp = pp_set.id; 00275 if((error = rsbac_pm_add_to_set(PS_PP,pm_set_id,pm_set_member))) 00276 { 00277 printk(KERN_WARNING 00278 "rsbac_pm(): rsbac_pm_add_to_set() for PP returned error %i", 00279 error); 00280 rsbac_pm_remove_set(PS_PP,pm_set_id); 00281 return(-RSBAC_EWRITEFAILED); 00282 } 00283 } 00284 tkt_i_function_param.tkt_add_object_class.pp_set 00285 = -param.create_ticket.id; 00286 } 00287 break; 00288 00289 case PTF_delete_object_class: 00290 if(role != PR_data_protection_officer) 00291 return(-RSBAC_EPERM); 00292 tkt_i_function_param.delete_object_class 00293 = param.create_ticket.function_param.delete_object_class; 00294 break; 00295 00296 case PTF_add_authorized_tp: 00297 if(role != PR_data_protection_officer) 00298 return(-RSBAC_EPERM); 00299 tkt_i_function_param.add_authorized_tp 00300 = param.create_ticket.function_param.add_authorized_tp; 00301 break; 00302 00303 case PTF_delete_authorized_tp: 00304 if(role != PR_data_protection_officer) 00305 return(-RSBAC_EPERM); 00306 tkt_i_function_param.delete_authorized_tp 00307 = param.create_ticket.function_param.delete_authorized_tp; 00308 break; 00309 00310 case PTF_add_consent: 00311 if(role != PR_data_protection_officer) 00312 return(-RSBAC_EPERM); 00313 /* get file id */ 00314 if ((error = pm_get_file(param.create_ticket.function_param.add_consent.filename, 00315 &target, 00316 &tid))) 00317 { 00318 #ifdef CONFIG_RSBAC_DEBUG 00319 if (rsbac_debug_aef_pm) 00320 printk(KERN_DEBUG 00321 "rsbac_pm(): call to pm_get_file() returned error %i\n", 00322 error); 00323 #endif 00324 return(-RSBAC_EINVALIDTARGET); 00325 } 00326 /* target must be file */ 00327 if(target != T_FILE) 00328 return(-RSBAC_EINVALIDTARGET); 00329 tkt_i_function_param.tkt_add_consent.file = tid.file; 00330 tkt_i_function_param.tkt_add_consent.purpose 00331 = param.create_ticket.function_param.add_consent.purpose; 00332 break; 00333 00334 case PTF_delete_consent: 00335 if(role != PR_data_protection_officer) 00336 return(-RSBAC_EPERM); 00337 /* get file id */ 00338 if ((error = pm_get_file(param.create_ticket.function_param.delete_consent.filename, 00339 &target, 00340 &tid))) 00341 { 00342 #ifdef CONFIG_RSBAC_DEBUG 00343 if (rsbac_debug_aef_pm) 00344 printk(KERN_DEBUG 00345 "rsbac_pm(): call to pm_get_file() returned error %i\n", 00346 error); 00347 #endif 00348 return(-RSBAC_EINVALIDTARGET); 00349 } 00350 /* target must be file */ 00351 if(target != T_FILE) 00352 return(-RSBAC_EINVALIDTARGET); 00353 tkt_i_function_param.tkt_delete_consent.file = tid.file; 00354 tkt_i_function_param.tkt_delete_consent.purpose 00355 = param.create_ticket.function_param.delete_consent.purpose; 00356 break; 00357 00358 case PTF_add_purpose: 00359 if(role != PR_data_protection_officer) 00360 return(-RSBAC_EPERM); 00361 tkt_i_function_param.add_purpose 00362 = param.create_ticket.function_param.add_purpose; 00363 break; 00364 00365 case PTF_delete_purpose: 00366 if(role != PR_data_protection_officer) 00367 return(-RSBAC_EPERM); 00368 tkt_i_function_param.delete_purpose 00369 = param.create_ticket.function_param.delete_purpose; 00370 break; 00371 00372 case PTF_add_responsible_user: 00373 if(role != PR_data_protection_officer) 00374 return(-RSBAC_EPERM); 00375 tkt_i_function_param.add_responsible_user 00376 = param.create_ticket.function_param.add_responsible_user; 00377 break; 00378 00379 case PTF_delete_responsible_user: 00380 if(role != PR_data_protection_officer) 00381 return(-RSBAC_EPERM); 00382 tkt_i_function_param.delete_responsible_user 00383 = param.create_ticket.function_param.delete_responsible_user; 00384 break; 00385 00386 case PTF_delete_user_aci: 00387 if(role != PR_data_protection_officer) 00388 return(-RSBAC_EPERM); 00389 tkt_i_function_param.delete_user_aci.id 00390 = param.create_ticket.function_param.delete_user_aci.id; 00391 break; 00392 00393 case PTF_set_role: 00394 if(role != PR_data_protection_officer) 00395 return(-RSBAC_EPERM); 00396 tkt_i_function_param.set_role 00397 = param.create_ticket.function_param.set_role; 00398 break; 00399 00400 case PTF_set_object_class: 00401 if(role != PR_data_protection_officer) 00402 return(-RSBAC_EPERM); 00403 /* get file id */ 00404 if ((error = pm_get_file(param.create_ticket.function_param.set_object_class.filename, 00405 &target, 00406 &tid))) 00407 { 00408 #ifdef CONFIG_RSBAC_DEBUG 00409 if (rsbac_debug_aef_pm) 00410 printk(KERN_DEBUG 00411 "rsbac_pm(): call to pm_get_file() returned error %i\n", 00412 error); 00413 #endif 00414 return(-RSBAC_EINVALIDTARGET); 00415 } 00416 /* target must be file */ 00417 if( (target != T_FILE) 00418 && (target != T_FIFO) 00419 ) 00420 return(-RSBAC_EINVALIDTARGET); 00421 tkt_i_function_param.tkt_set_object_class.file = tid.file; 00422 tkt_i_function_param.tkt_set_object_class.object_class 00423 = param.create_ticket.function_param.set_object_class.object_class; 00424 break; 00425 00426 #ifdef CONFIG_RSBAC_SWITCH 00427 case PTF_switch_pm: 00428 if(role != PR_data_protection_officer) 00429 return(-RSBAC_EPERM); 00430 tkt_i_function_param.switch_pm 00431 = param.create_ticket.function_param.switch_pm; 00432 break; 00433 00434 case PTF_switch_auth: 00435 if(role != PR_data_protection_officer) 00436 return(-RSBAC_EPERM); 00437 tkt_i_function_param.switch_auth 00438 = param.create_ticket.function_param.switch_auth; 00439 break; 00440 #endif 00441 00442 case PTF_set_device_object_type: 00443 if(role != PR_data_protection_officer) 00444 return(-RSBAC_EPERM); 00445 /* get file id */ 00446 if ((error = pm_get_file(param.create_ticket.function_param.set_device_object_type.filename, 00447 &target, 00448 &tid))) 00449 { 00450 #ifdef CONFIG_RSBAC_DEBUG 00451 if (rsbac_debug_aef_pm) 00452 printk(KERN_DEBUG 00453 "rsbac_pm(): call to pm_get_file() returned error %i\n", 00454 error); 00455 #endif 00456 return(-RSBAC_EINVALIDTARGET); 00457 } 00458 /* target must be dev */ 00459 if(target != T_DEV) 00460 return(-RSBAC_EINVALIDTARGET); 00461 tkt_i_function_param.tkt_set_device_object_type.dev = tid.dev; 00462 tkt_i_function_param.tkt_set_device_object_type.object_type 00463 = param.create_ticket.function_param.set_device_object_type.object_type; 00464 tkt_i_function_param.tkt_set_device_object_type.object_class 00465 = param.create_ticket.function_param.set_device_object_type.object_class; 00466 break; 00467 00468 case PTF_set_auth_may_setuid: 00469 if(role != PR_data_protection_officer) 00470 return(-RSBAC_EPERM); 00471 /* get file id */ 00472 if ((error = pm_get_file(param.create_ticket.function_param.set_auth_may_setuid.filename, 00473 &target, 00474 &tid))) 00475 { 00476 #ifdef CONFIG_RSBAC_DEBUG 00477 if (rsbac_debug_aef_pm) 00478 printk(KERN_DEBUG 00479 "rsbac_pm(): call to pm_get_file() returned error %i\n", 00480 error); 00481 #endif 00482 return(-RSBAC_EINVALIDTARGET); 00483 } 00484 /* target must be file */ 00485 if(target != T_FILE) 00486 return(-RSBAC_EINVALIDTARGET); 00487 tkt_i_function_param.tkt_set_auth_may_setuid.file = tid.file; 00488 tkt_i_function_param.tkt_set_auth_may_setuid.value 00489 = param.create_ticket.function_param.set_auth_may_setuid.value; 00490 break; 00491 00492 case PTF_set_auth_may_set_cap: 00493 if(role != PR_data_protection_officer) 00494 return(-RSBAC_EPERM); 00495 /* get file id */ 00496 if ((error = pm_get_file(param.create_ticket.function_param.set_auth_may_set_cap.filename, 00497 &target, 00498 &tid))) 00499 { 00500 #ifdef CONFIG_RSBAC_DEBUG 00501 if (rsbac_debug_aef_pm) 00502 printk(KERN_DEBUG 00503 "rsbac_pm(): call to pm_get_file() returned error %i\n", 00504 error); 00505 #endif 00506 return(-RSBAC_EINVALIDTARGET); 00507 } 00508 /* target must be dev */ 00509 if(target != T_FILE) 00510 return(-RSBAC_EINVALIDTARGET); 00511 tkt_i_function_param.tkt_set_auth_may_set_cap.file = tid.file; 00512 tkt_i_function_param.tkt_set_auth_may_set_cap.value 00513 = param.create_ticket.function_param.set_auth_may_set_cap.value; 00514 break; 00515 00516 case PTF_add_authorized_task: 00517 case PTF_delete_authorized_task: 00518 /* copy parameters */ 00519 if(param.create_ticket.function_type 00520 == PTF_add_authorized_task) 00521 { 00522 tkt_i_function_param.add_authorized_task 00523 = param.create_ticket.function_param.add_authorized_task; 00524 } 00525 else 00526 { 00527 tkt_i_function_param.delete_authorized_task 00528 = param.create_ticket.function_param.delete_authorized_task; 00529 } 00530 /* DPOs are OK */ 00531 if(role == PR_data_protection_officer) 00532 break; 00533 /* if not DPO: */ 00534 /* is process owner responsible user for target task? */ 00535 /* get ru_set_id for target task */ 00536 if(param.create_ticket.function_type 00537 == PTF_add_authorized_task) 00538 { 00539 pm_tid.task 00540 = param.create_ticket.function_param.add_authorized_task.task; 00541 } 00542 else 00543 { 00544 pm_tid.task 00545 = param.create_ticket.function_param.delete_authorized_task.task; 00546 } 00547 if((error = rsbac_pm_get_data(PMT_TASK, 00548 pm_tid, 00549 PD_ru_set, 00550 &data_val))) 00551 return(-RSBAC_EREADFAILED); 00552 /* if ru_set is 0, there is no responsible user -> error */ 00553 if(!data_val.ru_set) 00554 return(-RSBAC_EPERM); 00555 /* check, whether owner is responsible user for this task */ 00556 pm_set_id.ru_set = data_val.ru_set; 00557 pm_set_member.ru = owner; 00558 if(!rsbac_pm_set_member(PS_RU,pm_set_id,pm_set_member)) 00559 { 00560 /* illegal issuer -> delete ticket */ 00561 rsbac_pm_remove_target(PMT_TKT,pm_tid); 00562 return(-RSBAC_EPERM); 00563 } 00564 /* OK, test passed */ 00565 break; 00566 00567 default: 00568 /* anything else should never be issued */ 00569 return(-RSBAC_EINVALIDVALUE); 00570 } 00571 00572 /* all checks passed -> add ticket */ 00573 all_data.tkt.id = param.create_ticket.id; 00574 all_data.tkt.issuer = owner; 00575 all_data.tkt.function_type = param.create_ticket.function_type; 00576 all_data.tkt.function_param = tkt_i_function_param; 00577 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) 00578 { 00579 struct timespec now = CURRENT_TIME; 00580 00581 all_data.tkt.valid_until = param.create_ticket.valid_for 00582 + now.tv_sec; 00583 } 00584 #else 00585 all_data.tkt.valid_until = param.create_ticket.valid_for 00586 + CURRENT_TIME; 00587 #endif 00588 error = rsbac_pm_add_target(PMT_TKT, 00589 all_data); 00590 if(error && (param.create_ticket.function_type == PTF_add_object_class)) 00591 { 00592 rsbac_pm_remove_set(PS_PP,pm_set_id); 00593 } 00594 return(error); 00595 /* end of create_ticket */ 00596 00597 case PF_add_na: 00598 if(role != PR_security_officer) 00599 return(-RSBAC_EPERM); 00600 /* get ticket data, deny, if not found */ 00601 pm_tid.tkt = tkt; 00602 if((error = rsbac_pm_get_all_data(PMT_TKT, 00603 pm_tid, 00604 &all_data))) 00605 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 00606 if( (error != -RSBAC_EINVALIDTARGET) 00607 && (error != -RSBAC_ENOTFOUND) 00608 ) 00609 printk(KERN_WARNING 00610 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 00611 error); 00612 return(-RSBAC_EPERM); /* execution denied */ 00613 } 00614 /* check ticket entries */ 00615 if( (all_data.tkt.function_type != PTF_add_na) 00616 || (all_data.tkt.function_param.add_na.task 00617 != param.add_na.task) 00618 || (all_data.tkt.function_param.add_na.object_class 00619 != param.add_na.object_class) 00620 || (all_data.tkt.function_param.add_na.tp 00621 != param.add_na.tp) 00622 || (all_data.tkt.function_param.add_na.accesses 00623 != param.add_na.accesses) ) 00624 return(-RSBAC_EPERM); 00625 00626 /* check, whether task exists */ 00627 pm_tid2.task = param.add_na.task; 00628 if(!rsbac_pm_exists(PMT_TASK, 00629 pm_tid2)) 00630 return(-RSBAC_EINVALIDVALUE); 00631 /* check, whether class exists (not for IPC, DEV and NIL) */ 00632 if( param.add_na.object_class 00633 && (param.add_na.object_class != RSBAC_PM_IPC_OBJECT_CLASS_ID) 00634 && (param.add_na.object_class != RSBAC_PM_DEV_OBJECT_CLASS_ID)) 00635 { 00636 pm_tid2.object_class = param.add_na.object_class; 00637 if(!rsbac_pm_exists(PMT_CLASS, 00638 pm_tid2)) 00639 return(-RSBAC_EINVALIDVALUE); 00640 } 00641 /* check, whether tp exists */ 00642 pm_tid2.tp = param.add_na.tp; 00643 if(!rsbac_pm_exists(PMT_TP, 00644 pm_tid2)) 00645 return(-RSBAC_EINVALIDVALUE); 00646 00647 /* get ticket issuer role */ 00648 tid.user = all_data.tkt.issuer; 00649 if((error = rsbac_get_attr(PM,T_USER, 00650 tid, 00651 A_pm_role, 00652 &attr_val, 00653 TRUE))) 00654 { 00655 printk(KERN_WARNING 00656 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 00657 error); 00658 return(-RSBAC_EREADFAILED); /* execution denied */ 00659 } 00660 00661 if(attr_val.pm_role != PR_data_protection_officer) 00662 { 00663 /* illegal issuer -> remove target */ 00664 rsbac_pm_remove_target(PMT_TKT,pm_tid); 00665 return(-RSBAC_EPERM); 00666 } 00667 00668 /* OK, all checks done. Now change data. */ 00669 /* First remove ticket to prevent repeated calls. */ 00670 rsbac_pm_remove_target(PMT_TKT,pm_tid); 00671 00672 /* check: lookup NA accesses for this id */ 00673 pm_tid.na.task = param.add_na.task; 00674 pm_tid.na.object_class = param.add_na.object_class; 00675 pm_tid.na.tp = param.add_na.tp; 00676 error = rsbac_pm_get_data(PMT_NA, 00677 pm_tid, 00678 PD_accesses, 00679 &data_val); 00680 switch(error) 00681 { /* if 0 -> found -> set accesses to new value */ 00682 case 0: 00683 data_val.accesses = param.add_na.accesses; 00684 rsbac_pm_set_data(PMT_NA, 00685 pm_tid, 00686 PD_accesses, 00687 data_val); 00688 return(0); 00689 00690 /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found -> add */ 00691 case -RSBAC_EINVALIDTARGET: 00692 case -RSBAC_ENOTFOUND: 00693 all_data.na.task = param.add_na.task; 00694 all_data.na.object_class = param.add_na.object_class; 00695 all_data.na.tp = param.add_na.tp; 00696 all_data.na.accesses = param.add_na.accesses; 00697 if((error = rsbac_pm_add_target(PMT_NA, 00698 all_data))) 00699 { 00700 printk(KERN_WARNING 00701 "rsbac_pm(): rsbac_pm_add_target() for NA returned error %i", 00702 error); 00703 return(error); /* execution failed */ 00704 } 00705 return(0); 00706 00707 default: 00708 printk(KERN_WARNING 00709 "rsbac_pm(): rsbac_pm_get_data() for NA/accesses returned error %i", 00710 error); 00711 return(-RSBAC_EREADFAILED); /* execution failed */ 00712 } 00713 00714 case PF_delete_na: 00715 if(role != PR_security_officer) 00716 return(-RSBAC_EPERM); 00717 00718 /* get ticket data, deny, if not found */ 00719 pm_tid.tkt = tkt; 00720 if((error = rsbac_pm_get_all_data(PMT_TKT, 00721 pm_tid, 00722 &all_data))) 00723 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 00724 if( (error != -RSBAC_EINVALIDTARGET) 00725 && (error != -RSBAC_ENOTFOUND) 00726 ) 00727 printk(KERN_WARNING 00728 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 00729 error); 00730 return(-RSBAC_EPERM); /* execution denied */ 00731 } 00732 /* check ticket entries */ 00733 if( (all_data.tkt.function_type != PTF_delete_na) 00734 || (all_data.tkt.function_param.delete_na.task 00735 != param.delete_na.task) 00736 || (all_data.tkt.function_param.delete_na.object_class 00737 != param.delete_na.object_class) 00738 || (all_data.tkt.function_param.delete_na.tp 00739 != param.delete_na.tp) 00740 || (all_data.tkt.function_param.delete_na.accesses 00741 != param.delete_na.accesses) ) 00742 return(-RSBAC_EPERM); 00743 00744 /* get ticket issuer role */ 00745 tid.user = all_data.tkt.issuer; 00746 if((error = rsbac_get_attr(PM,T_USER, 00747 tid, 00748 A_pm_role, 00749 &attr_val, 00750 TRUE))) 00751 { 00752 printk(KERN_WARNING 00753 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 00754 error); 00755 return(-RSBAC_EREADFAILED); /* execution denied */ 00756 } 00757 00758 if(attr_val.pm_role != PR_data_protection_officer) 00759 { 00760 /* illegal issuer -> remove target */ 00761 rsbac_pm_remove_target(PMT_TKT,pm_tid); 00762 return(-RSBAC_EPERM); 00763 } 00764 00765 /* OK, all checks done. Now change data. */ 00766 /* First remove ticket to prevent repeated calls. */ 00767 rsbac_pm_remove_target(PMT_TKT,pm_tid); 00768 /* remove NA */ 00769 pm_tid.na.task = param.delete_na.task; 00770 pm_tid.na.object_class = param.delete_na.object_class; 00771 pm_tid.na.tp = param.delete_na.tp; 00772 return(rsbac_pm_remove_target(PMT_NA, 00773 pm_tid)); 00774 00775 case PF_add_task: 00776 /* task-id 0 is used internally, reject */ 00777 if(!param.add_task.id) 00778 return(-RSBAC_EINVALIDVALUE); 00779 /* purpose-id 0 is invalid, reject */ 00780 if(!param.add_task.purpose) 00781 return(-RSBAC_EINVALIDVALUE); 00782 00783 if(role != PR_security_officer) 00784 return(-RSBAC_EPERM); 00785 /* get ticket data, deny, if not found */ 00786 pm_tid.tkt = tkt; 00787 if((error = rsbac_pm_get_all_data(PMT_TKT, 00788 pm_tid, 00789 &all_data))) 00790 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 00791 if( (error != -RSBAC_EINVALIDTARGET) 00792 && (error != -RSBAC_ENOTFOUND) 00793 ) 00794 printk(KERN_WARNING 00795 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 00796 error); 00797 return(-RSBAC_EPERM); /* execution denied */ 00798 } 00799 /* check ticket entries */ 00800 if( (all_data.tkt.function_type != PTF_add_task) 00801 || (all_data.tkt.function_param.add_task.id 00802 != param.add_task.id) 00803 || (all_data.tkt.function_param.add_task.purpose 00804 != param.add_task.purpose) ) 00805 return(-RSBAC_EPERM); 00806 00807 /* check, whether purpose exists */ 00808 pm_tid2.pp = param.add_task.purpose; 00809 if(!rsbac_pm_exists(PMT_PP, 00810 pm_tid2)) 00811 return(-RSBAC_EINVALIDVALUE); 00812 00813 /* get ticket issuer role */ 00814 tid.user = all_data.tkt.issuer; 00815 if((error = rsbac_get_attr(PM,T_USER, 00816 tid, 00817 A_pm_role, 00818 &attr_val, 00819 TRUE))) 00820 { 00821 printk(KERN_WARNING 00822 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 00823 error); 00824 return(-RSBAC_EREADFAILED); /* execution denied */ 00825 } 00826 00827 if(attr_val.pm_role != PR_data_protection_officer) 00828 { 00829 /* illegal issuer -> remove target */ 00830 rsbac_pm_remove_target(PMT_TKT,pm_tid); 00831 return(-RSBAC_EPERM); 00832 } 00833 00834 /* OK, all checks done. Now change data. */ 00835 /* First remove ticket to prevent repeated calls. */ 00836 rsbac_pm_remove_target(PMT_TKT,pm_tid); 00837 00838 /* try to add task */ 00839 all_data.task.id = param.add_task.id; 00840 all_data.task.purpose = param.add_task.purpose; 00841 all_data.task.tp_set = 0; 00842 all_data.task.ru_set = 0; 00843 return(rsbac_pm_add_target(PMT_TASK, 00844 all_data)); 00845 00846 case PF_delete_task: 00847 /* task-id 0 is used internally, reject */ 00848 if(!param.add_task.id) 00849 return(-RSBAC_EINVALIDVALUE); 00850 if(role != PR_security_officer) 00851 return(-RSBAC_EPERM); 00852 /* get ticket data, deny, if not found */ 00853 pm_tid.tkt = tkt; 00854 if((error = rsbac_pm_get_all_data(PMT_TKT, 00855 pm_tid, 00856 &all_data))) 00857 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 00858 if( (error != -RSBAC_EINVALIDTARGET) 00859 && (error != -RSBAC_ENOTFOUND) 00860 ) 00861 printk(KERN_WARNING 00862 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 00863 error); 00864 return(-RSBAC_EPERM); /* execution denied */ 00865 } 00866 /* check ticket entries */ 00867 if( (all_data.tkt.function_type != PTF_delete_task) 00868 || (all_data.tkt.function_param.delete_task.id 00869 != param.delete_task.id) ) 00870 return(-RSBAC_EPERM); 00871 00872 /* get ticket issuer role */ 00873 tid.user = all_data.tkt.issuer; 00874 if((error = rsbac_get_attr(PM,T_USER, 00875 tid, 00876 A_pm_role, 00877 &attr_val, 00878 TRUE))) 00879 { 00880 printk(KERN_WARNING 00881 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 00882 error); 00883 return(-RSBAC_EREADFAILED); /* execution denied */ 00884 } 00885 00886 if(attr_val.pm_role != PR_data_protection_officer) 00887 { 00888 /* illegal issuer -> remove target */ 00889 rsbac_pm_remove_target(PMT_TKT,pm_tid); 00890 return(-RSBAC_EPERM); 00891 } 00892 00893 /* OK, all checks done. Now change data. */ 00894 /* First remove ticket to prevent repeated calls. */ 00895 rsbac_pm_remove_target(PMT_TKT,pm_tid); 00896 00897 /* try to delete task */ 00898 pm_tid.task = param.delete_task.id; 00899 return(rsbac_pm_remove_target(PMT_TASK, 00900 pm_tid)); 00901 00902 case PF_add_object_class: 00903 /* class-id 0/NIL, IPC and DEV are used internally, reject */ 00904 if( !param.add_object_class.id 00905 || (param.add_object_class.id == RSBAC_PM_IPC_OBJECT_CLASS_ID) 00906 || (param.add_object_class.id == RSBAC_PM_DEV_OBJECT_CLASS_ID)) 00907 { 00908 printk(KERN_DEBUG 00909 "rsbac_pm(): add_object_class: reserved class-id 0, %u or %u requested!\n", 00910 RSBAC_PM_IPC_OBJECT_CLASS_ID, 00911 RSBAC_PM_DEV_OBJECT_CLASS_ID); 00912 return(-RSBAC_EINVALIDVALUE); 00913 } 00914 if(role != PR_security_officer) 00915 return(-RSBAC_EPERM); 00916 /* get ticket data, deny, if not found */ 00917 pm_tid.tkt = tkt; 00918 if((error = rsbac_pm_get_all_data(PMT_TKT, 00919 pm_tid, 00920 &all_data))) 00921 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 00922 if( (error != -RSBAC_EINVALIDTARGET) 00923 && (error != -RSBAC_ENOTFOUND) 00924 ) 00925 printk(KERN_WARNING 00926 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 00927 error); 00928 return(-RSBAC_EPERM); /* execution denied */ 00929 } 00930 /* check ticket entries */ 00931 if( (all_data.tkt.function_type != PTF_add_object_class) 00932 || (all_data.tkt.function_param.tkt_add_object_class.id 00933 != param.add_object_class.id) ) 00934 return(-RSBAC_EPERM); 00935 /* get ticket issuer role */ 00936 tid.user = all_data.tkt.issuer; 00937 if((error = rsbac_get_attr(PM,T_USER, 00938 tid, 00939 A_pm_role, 00940 &attr_val, 00941 TRUE))) 00942 { 00943 printk(KERN_WARNING 00944 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 00945 error); 00946 return(-RSBAC_EREADFAILED); /* execution denied */ 00947 } 00948 00949 if(attr_val.pm_role != PR_data_protection_officer) 00950 { 00951 /* illegal issuer -> remove target */ 00952 rsbac_pm_remove_target(PMT_TKT,pm_tid); 00953 return(-RSBAC_EPERM); 00954 } 00955 00956 /* check purposes in ticket against those provided */ 00957 if(param.add_object_class.pp_list_p) 00958 { 00959 if(!all_data.tkt.function_param.tkt_add_object_class.pp_set) 00960 { 00961 printk(KERN_DEBUG 00962 "rsbac_pm(): add_object_class: no purpose in tkt\n"); 00963 return(-RSBAC_EINVALIDVALUE); 00964 } 00965 pm_set_id.pp_set = all_data.tkt.function_param.tkt_add_object_class.pp_set; 00966 rsbac_get_user((u_char *) &pp_set, 00967 (u_char *) param.add_object_class.pp_list_p, 00968 sizeof(pp_set)); 00969 pm_set_member.pp = pp_set.id; 00970 if(!rsbac_pm_set_member(PS_PP,pm_set_id,pm_set_member)) 00971 { 00972 printk(KERN_DEBUG 00973 "rsbac_pm(): add_object_class: first purpose-id %i not in tkt-set\n", 00974 pp_set.id); 00975 return(-RSBAC_EINVALIDVALUE); 00976 } 00977 00978 while(pp_set.next) 00979 { 00980 rsbac_get_user((u_char *) &pp_set, 00981 (u_char *) pp_set.next, 00982 sizeof(pp_set)); 00983 pm_set_member.pp = pp_set.id; 00984 if(!rsbac_pm_set_member(PS_PP,pm_set_id,pm_set_member)) 00985 { 00986 printk(KERN_DEBUG 00987 "rsbac_pm(): add_object_class: purpose-id %i not in tkt-set\n", 00988 pp_set.id); 00989 return(-RSBAC_EINVALIDVALUE); 00990 } 00991 } 00992 } 00993 00994 /* OK, all checks done. Now change data. */ 00995 /* First remove ticket to prevent repeated */ 00996 /* calls and memory waste. */ 00997 rsbac_pm_remove_target(PMT_TKT,pm_tid); 00998 00999 /* check, whether class exists */ 01000 pm_tid.object_class = param.add_object_class.id; 01001 class_exists = rsbac_pm_exists(PMT_CLASS, pm_tid); 01002 if(!class_exists) 01003 { 01004 /* try to add class */ 01005 all_data.object_class.id = param.add_object_class.id; 01006 all_data.object_class.pp_set = 0; 01007 if((error = rsbac_pm_add_target(PMT_CLASS, 01008 all_data))) 01009 return(error); 01010 } 01011 01012 /* get purposes from user space and add them to set */ 01013 if(param.add_object_class.pp_list_p) 01014 { 01015 pm_set_id.pp_set = param.add_object_class.id; 01016 if(!class_exists) 01017 { 01018 if(rsbac_pm_create_set(PS_PP,pm_set_id)) 01019 return(-RSBAC_EWRITEFAILED); 01020 } 01021 else 01022 { 01023 if(rsbac_pm_clear_set(PS_PP,pm_set_id)) 01024 return(-RSBAC_EWRITEFAILED); 01025 } 01026 01027 rsbac_get_user((u_char *) &pp_set, 01028 (u_char *) param.add_object_class.pp_list_p, 01029 sizeof(pp_set)); 01030 pm_set_member.pp = pp_set.id; 01031 if(rsbac_pm_add_to_set(PS_PP,pm_set_id,pm_set_member)) 01032 { 01033 printk(KERN_DEBUG 01034 "rsbac_pm(): add_object_class: could not add first purpose-id %i to pp_set\n", 01035 pp_set.id); 01036 return(-RSBAC_EWRITEFAILED); 01037 } 01038 01039 while(pp_set.next) 01040 { 01041 rsbac_get_user((u_char *) &pp_set, 01042 (u_char *) pp_set.next, 01043 sizeof(pp_set)); 01044 pm_set_member.pp = pp_set.id; 01045 if(rsbac_pm_add_to_set(PS_PP,pm_set_id,pm_set_member)) 01046 { 01047 printk(KERN_DEBUG 01048 "rsbac_pm(): add_object_class: could not add purpose-id %i to pp_set\n", 01049 pp_set.id); 01050 return(-RSBAC_EWRITEFAILED); 01051 } 01052 } 01053 /* notify class item of its pp_set_id */ 01054 pm_tid.object_class = param.add_object_class.id; 01055 data_val.pp_set = param.add_object_class.id; 01056 if((error = rsbac_pm_set_data(PMT_CLASS, 01057 pm_tid, 01058 PD_pp_set, 01059 data_val))) 01060 { 01061 printk(KERN_DEBUG 01062 "rsbac_pm(): add_object_class: could not set pp_set_id for class\n"); 01063 return(-RSBAC_EWRITEFAILED); 01064 } 01065 } 01066 /* ready */ 01067 return(0); 01068 01069 case PF_delete_object_class: 01070 /* class-id 0/NIL, IPC and DEV are used internally, reject */ 01071 if( !param.delete_object_class.id 01072 || (param.delete_object_class.id == RSBAC_PM_IPC_OBJECT_CLASS_ID) 01073 || (param.delete_object_class.id == RSBAC_PM_DEV_OBJECT_CLASS_ID)) 01074 return(-RSBAC_EINVALIDVALUE); 01075 if(role != PR_security_officer) 01076 return(-RSBAC_EPERM); 01077 /* get ticket data, deny, if not found */ 01078 pm_tid.tkt = tkt; 01079 if((error = rsbac_pm_get_all_data(PMT_TKT, 01080 pm_tid, 01081 &all_data))) 01082 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 01083 if( (error != -RSBAC_EINVALIDTARGET) 01084 && (error != -RSBAC_ENOTFOUND) 01085 ) 01086 printk(KERN_WARNING 01087 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 01088 error); 01089 return(-RSBAC_EPERM); /* execution denied */ 01090 } 01091 /* check ticket entries */ 01092 if( (all_data.tkt.function_type != PTF_delete_object_class) 01093 || (all_data.tkt.function_param.delete_object_class.id 01094 != param.delete_object_class.id) ) 01095 return(-RSBAC_EPERM); 01096 /* get ticket issuer role */ 01097 tid.user = all_data.tkt.issuer; 01098 if((error = rsbac_get_attr(PM,T_USER, 01099 tid, 01100 A_pm_role, 01101 &attr_val, 01102 TRUE))) 01103 { 01104 printk(KERN_WARNING 01105 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 01106 error); 01107 return(-RSBAC_EREADFAILED); /* execution denied */ 01108 } 01109 01110 if(attr_val.pm_role != PR_data_protection_officer) 01111 { 01112 /* illegal issuer -> remove target */ 01113 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01114 return(-RSBAC_EPERM); 01115 } 01116 01117 /* OK, all checks done. Now change data. */ 01118 /* First remove ticket to prevent repeated calls. */ 01119 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01120 01121 /* try to delete class */ 01122 pm_tid.object_class = param.delete_object_class.id; 01123 return(rsbac_pm_remove_target(PMT_CLASS, 01124 pm_tid)); 01125 01126 case PF_add_authorized_tp: 01127 /* task-id 0 and tp-id 0 are used internally, reject */ 01128 if(!param.add_authorized_tp.task || !param.add_authorized_tp.tp) 01129 return(-RSBAC_EINVALIDVALUE); 01130 if(role != PR_security_officer) 01131 return(-RSBAC_EPERM); 01132 01133 /* get ticket data, deny, if not found */ 01134 pm_tid.tkt = tkt; 01135 if((error = rsbac_pm_get_all_data(PMT_TKT, 01136 pm_tid, 01137 &all_data))) 01138 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 01139 if( (error != -RSBAC_EINVALIDTARGET) 01140 && (error != -RSBAC_ENOTFOUND) 01141 ) 01142 printk(KERN_WARNING 01143 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 01144 error); 01145 return(-RSBAC_EPERM); /* execution denied */ 01146 } 01147 /* check ticket entries */ 01148 if( (all_data.tkt.function_type != PTF_add_authorized_tp) 01149 || (all_data.tkt.function_param.add_authorized_tp.task 01150 != param.add_authorized_tp.task) 01151 || (all_data.tkt.function_param.add_authorized_tp.tp 01152 != param.add_authorized_tp.tp) ) 01153 return(-RSBAC_EPERM); 01154 01155 /* check, whether task exists */ 01156 pm_tid2.task = param.add_authorized_tp.task; 01157 if(!rsbac_pm_exists(PMT_TASK, 01158 pm_tid2)) 01159 return(-RSBAC_EINVALIDVALUE); 01160 /* check, whether tp exists */ 01161 pm_tid2.tp = param.add_authorized_tp.tp; 01162 if(!rsbac_pm_exists(PMT_TP, 01163 pm_tid2)) 01164 return(-RSBAC_EINVALIDVALUE); 01165 01166 /* get ticket issuer role */ 01167 tid.user = all_data.tkt.issuer; 01168 if((error = rsbac_get_attr(PM,T_USER, 01169 tid, 01170 A_pm_role, 01171 &attr_val, 01172 TRUE))) 01173 { 01174 printk(KERN_WARNING 01175 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 01176 error); 01177 return(-RSBAC_EREADFAILED); /* execution denied */ 01178 } 01179 01180 if(attr_val.pm_role != PR_data_protection_officer) 01181 { 01182 /* illegal issuer -> remove target */ 01183 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01184 return(-RSBAC_EPERM); 01185 } 01186 01187 /* OK, all checks done. Now change data. */ 01188 /* First remove ticket to prevent repeated calls. */ 01189 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01190 01191 /* try to add tp to tp_set of task */ 01192 /* lookup tp_set_id for this task */ 01193 pm_tid.task = param.add_authorized_tp.task; 01194 if((error = rsbac_pm_get_data(PMT_TASK, 01195 pm_tid, 01196 PD_tp_set, 01197 &data_val))) 01198 return(-RSBAC_EREADFAILED); 01199 /* if tp_set is 0, it must be created and notified to task-data */ 01200 if(!data_val.tp_set) 01201 { 01202 pm_set_id.tp_set = param.add_authorized_tp.task; 01203 if((error = rsbac_pm_create_set(PS_TP, 01204 pm_set_id))) 01205 return(error); 01206 data_val.tp_set = param.add_authorized_tp.task; 01207 if((error = rsbac_pm_set_data(PMT_TASK, 01208 pm_tid, 01209 PD_tp_set, 01210 data_val))) 01211 return(-RSBAC_EWRITEFAILED); 01212 } 01213 01214 /* now that we know the set exists, try to add tp to it */ 01215 pm_set_id.tp_set = data_val.tp_set; 01216 pm_set_member.tp = param.add_authorized_tp.tp; 01217 if(rsbac_pm_add_to_set(PS_TP,pm_set_id,pm_set_member)) 01218 return(-RSBAC_EWRITEFAILED); 01219 else 01220 /* ready */ 01221 return(0); 01222 01223 case PF_delete_authorized_tp: 01224 /* task-id 0 and tp-id 0 are used internally, reject */ 01225 if(!param.delete_authorized_tp.task || !param.delete_authorized_tp.tp) 01226 return(-RSBAC_EINVALIDVALUE); 01227 if(role != PR_security_officer) 01228 return(-RSBAC_EPERM); 01229 01230 /* get ticket data, deny, if not found */ 01231 pm_tid.tkt = tkt; 01232 if((error = rsbac_pm_get_all_data(PMT_TKT, 01233 pm_tid, 01234 &all_data))) 01235 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 01236 if( (error != -RSBAC_EINVALIDTARGET) 01237 && (error != -RSBAC_ENOTFOUND) 01238 ) 01239 printk(KERN_WARNING 01240 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 01241 error); 01242 return(-RSBAC_EPERM); /* execution denied */ 01243 } 01244 /* check ticket entries */ 01245 if( (all_data.tkt.function_type != PTF_delete_authorized_tp) 01246 || (all_data.tkt.function_param.delete_authorized_tp.task 01247 != param.delete_authorized_tp.task) 01248 || (all_data.tkt.function_param.delete_authorized_tp.tp 01249 != param.delete_authorized_tp.tp) ) 01250 return(-RSBAC_EPERM); 01251 01252 /* get ticket issuer role */ 01253 tid.user = all_data.tkt.issuer; 01254 if((error = rsbac_get_attr(PM,T_USER, 01255 tid, 01256 A_pm_role, 01257 &attr_val, 01258 TRUE))) 01259 { 01260 printk(KERN_WARNING 01261 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 01262 error); 01263 return(-RSBAC_EREADFAILED); /* execution denied */ 01264 } 01265 01266 if(attr_val.pm_role != PR_data_protection_officer) 01267 { 01268 /* illegal issuer -> remove target */ 01269 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01270 return(-RSBAC_EPERM); 01271 } 01272 01273 /* OK, all checks done. Now change data. */ 01274 /* First remove ticket to prevent repeated calls. */ 01275 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01276 01277 /* try to remove tp from tp_set of task */ 01278 /* lookup tp_set_id for this task */ 01279 pm_tid.task = param.delete_authorized_tp.task; 01280 if((error = rsbac_pm_get_data(PMT_TASK, 01281 pm_tid, 01282 PD_tp_set, 01283 &data_val))) 01284 return(-RSBAC_EREADFAILED); 01285 /* if tp_set is 0, there are no tps to delete -> return */ 01286 if(!data_val.tp_set) 01287 return(-RSBAC_EINVALIDVALUE); 01288 01289 /* now that we know the set exists, try to remove tp from it */ 01290 pm_set_id.tp_set = data_val.tp_set; 01291 pm_set_member.tp = param.delete_authorized_tp.tp; 01292 if(rsbac_pm_remove_from_set(PS_TP,pm_set_id,pm_set_member)) 01293 return(-RSBAC_EWRITEFAILED); 01294 else 01295 /* ready */ 01296 return(0); 01297 01298 case PF_add_consent: 01299 /* purpose_id 0 is used internally, reject */ 01300 if(!param.add_consent.purpose) 01301 return(-RSBAC_EINVALIDVALUE); 01302 if(role != PR_security_officer) 01303 return(-RSBAC_EPERM); 01304 01305 /* get ticket data, deny, if not found */ 01306 pm_tid.tkt = tkt; 01307 if((error = rsbac_pm_get_all_data(PMT_TKT, 01308 pm_tid, 01309 &all_data))) 01310 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 01311 if( (error != -RSBAC_EINVALIDTARGET) 01312 && (error != -RSBAC_ENOTFOUND) 01313 ) 01314 printk(KERN_WARNING 01315 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 01316 error); 01317 return(-RSBAC_EPERM); /* execution denied */ 01318 } 01319 /* get file id */ 01320 if ((error = pm_get_file(param.add_consent.filename, &target, &tid)) < 0) 01321 { 01322 #ifdef CONFIG_RSBAC_DEBUG 01323 if (rsbac_debug_aef_pm) 01324 printk(KERN_DEBUG 01325 "rsbac_pm(): call to pm_get_file() returned error %i\n", 01326 error); 01327 #endif 01328 return(-RSBAC_EINVALIDTARGET); 01329 } 01330 /* target must be file */ 01331 if(target != T_FILE) 01332 return(-RSBAC_EINVALIDTARGET); 01333 /* check ticket entries */ 01334 if( (all_data.tkt.function_type != PTF_add_consent) 01335 || (RSBAC_MAJOR(all_data.tkt.function_param.tkt_add_consent.file.device) 01336 != RSBAC_MAJOR(tid.file.device)) 01337 || (RSBAC_MINOR(all_data.tkt.function_param.tkt_add_consent.file.device) 01338 != RSBAC_MINOR(tid.file.device)) 01339 || (all_data.tkt.function_param.tkt_add_consent.file.inode 01340 != tid.file.inode) 01341 || (all_data.tkt.function_param.tkt_add_consent.purpose 01342 != param.add_consent.purpose) ) 01343 return(-RSBAC_EPERM); 01344 file = tid.file; 01345 /* check, whether purpose exists */ 01346 pm_tid2.pp = param.add_consent.purpose; 01347 if(!rsbac_pm_exists(PMT_PP, 01348 pm_tid2)) 01349 return(-RSBAC_EINVALIDVALUE); 01350 01351 /* get ticket issuer role */ 01352 tid.user = all_data.tkt.issuer; 01353 if((error = rsbac_get_attr(PM,T_USER, 01354 tid, 01355 A_pm_role, 01356 &attr_val, 01357 TRUE))) 01358 { 01359 printk(KERN_WARNING 01360 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 01361 error); 01362 return(-RSBAC_EREADFAILED); /* execution denied */ 01363 } 01364 01365 if(attr_val.pm_role != PR_data_protection_officer) 01366 { 01367 /* illegal issuer -> remove target */ 01368 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01369 return(-RSBAC_EPERM); 01370 } 01371 01372 /* OK, all checks done. Now change data. */ 01373 /* First remove ticket to prevent repeated calls. */ 01374 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01375 01376 /* check, whether this consent exists */ 01377 pm_tid.cs.file = file; 01378 pm_tid.cs.purpose = param.add_consent.purpose; 01379 if(rsbac_pm_exists(PMT_CS, 01380 pm_tid)) 01381 return(-RSBAC_EEXISTS); 01382 /* consent does not exist, try to add it */ 01383 all_data.cs.file = file; 01384 all_data.cs.purpose = param.add_consent.purpose; 01385 return(rsbac_pm_add_target(PMT_CS,all_data)); 01386 01387 case PF_delete_consent: 01388 /* purpose_id 0 is used internally, reject */ 01389 if(!param.delete_consent.purpose) 01390 return(-RSBAC_EINVALIDVALUE); 01391 if(role != PR_security_officer) 01392 return(-RSBAC_EPERM); 01393 01394 /* get ticket data, deny, if not found */ 01395 pm_tid.tkt = tkt; 01396 if((error = rsbac_pm_get_all_data(PMT_TKT, 01397 pm_tid, 01398 &all_data))) 01399 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 01400 if( (error != -RSBAC_EINVALIDTARGET) 01401 && (error != -RSBAC_ENOTFOUND) 01402 ) 01403 printk(KERN_WARNING 01404 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 01405 error); 01406 return(-RSBAC_EPERM); /* execution denied */ 01407 } 01408 /* get file id */ 01409 if ((error = pm_get_file(param.add_consent.filename, &target, &tid)) < 0) 01410 { 01411 #ifdef CONFIG_RSBAC_DEBUG 01412 if (rsbac_debug_aef_pm) 01413 printk(KERN_DEBUG 01414 "rsbac_pm(): call to pm_get_file() returned error %i\n", 01415 error); 01416 #endif 01417 return(-RSBAC_EINVALIDTARGET); 01418 } 01419 /* target must be file */ 01420 if(target != T_FILE) 01421 return(-RSBAC_EINVALIDTARGET); 01422 file=tid.file; 01423 /* check ticket entries */ 01424 if( (all_data.tkt.function_type != PTF_delete_consent) 01425 || (RSBAC_MAJOR(all_data.tkt.function_param.tkt_delete_consent.file.device) 01426 != RSBAC_MAJOR(file.device)) 01427 || (RSBAC_MINOR(all_data.tkt.function_param.tkt_delete_consent.file.device) 01428 != RSBAC_MINOR(file.device)) 01429 || (all_data.tkt.function_param.tkt_delete_consent.file.inode 01430 != file.inode) 01431 || (all_data.tkt.function_param.tkt_delete_consent.purpose 01432 != param.delete_consent.purpose) ) 01433 return(-RSBAC_EPERM); 01434 01435 /* get ticket issuer role */ 01436 tid.user = all_data.tkt.issuer; 01437 if((error = rsbac_get_attr(PM,T_USER, 01438 tid, 01439 A_pm_role, 01440 &attr_val, 01441 TRUE))) 01442 { 01443 printk(KERN_WARNING 01444 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 01445 error); 01446 return(-RSBAC_EREADFAILED); /* execution denied */ 01447 } 01448 01449 if(attr_val.pm_role != PR_data_protection_officer) 01450 { 01451 /* illegal issuer -> remove target */ 01452 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01453 return(-RSBAC_EPERM); 01454 } 01455 01456 /* OK, all checks done. Now change data. */ 01457 /* First remove ticket to prevent repeated calls. */ 01458 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01459 01460 /* try to delete this consent */ 01461 pm_tid.cs.file = file; 01462 pm_tid.cs.purpose = param.delete_consent.purpose; 01463 return(rsbac_pm_remove_target(PMT_CS, 01464 pm_tid)); 01465 01466 case PF_add_purpose: 01467 /* purpose_id 0, classes 0, IPC and DEV are used internally, reject */ 01468 if( !param.add_purpose.id 01469 || !param.add_purpose.def_class 01470 || (param.add_purpose.def_class 01471 == RSBAC_PM_IPC_OBJECT_CLASS_ID) 01472 || (param.add_purpose.def_class 01473 == RSBAC_PM_DEV_OBJECT_CLASS_ID) ) 01474 return(-RSBAC_EINVALIDVALUE); 01475 if(role != PR_security_officer) 01476 return(-RSBAC_EPERM); 01477 01478 /* get ticket data, deny, if not found */ 01479 pm_tid.tkt = tkt; 01480 if((error = rsbac_pm_get_all_data(PMT_TKT, 01481 pm_tid, 01482 &all_data))) 01483 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 01484 if( (error != -RSBAC_EINVALIDTARGET) 01485 && (error != -RSBAC_ENOTFOUND) 01486 ) 01487 printk(KERN_WARNING 01488 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 01489 error); 01490 return(-RSBAC_EPERM); /* execution denied */ 01491 } 01492 /* check ticket entries */ 01493 if( (all_data.tkt.function_type != PTF_add_purpose) 01494 || (all_data.tkt.function_param.add_purpose.id 01495 != param.add_purpose.id) 01496 || (all_data.tkt.function_param.add_purpose.def_class 01497 != param.add_purpose.def_class) ) 01498 return(-RSBAC_EPERM); 01499 01500 /* get ticket issuer role */ 01501 tid.user = all_data.tkt.issuer; 01502 if((error = rsbac_get_attr(PM,T_USER, 01503 tid, 01504 A_pm_role, 01505 &attr_val, 01506 TRUE))) 01507 { 01508 printk(KERN_WARNING 01509 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 01510 error); 01511 return(-RSBAC_EREADFAILED); /* execution denied */ 01512 } 01513 01514 if(attr_val.pm_role != PR_data_protection_officer) 01515 { 01516 /* illegal issuer -> remove target */ 01517 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01518 return(-RSBAC_EPERM); 01519 } 01520 01521 /* OK, all checks done. Now change data. */ 01522 /* First remove ticket to prevent repeated calls. */ 01523 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01524 01525 /* if def_class does not exist, try to create it */ 01526 pm_tid.object_class = param.add_purpose.def_class; 01527 if(!rsbac_pm_exists(PMT_CLASS, 01528 pm_tid)) 01529 { 01530 /* try to add class */ 01531 all_data.object_class.id = param.add_purpose.def_class; 01532 all_data.object_class.pp_set = 0; 01533 if((error = rsbac_pm_add_target(PMT_CLASS, 01534 all_data))) 01535 return(error); 01536 } 01537 01538 /* try to add purpose */ 01539 all_data.pp.id = param.add_purpose.id; 01540 all_data.pp.def_class = param.add_purpose.def_class; 01541 if((error = rsbac_pm_add_target(PMT_PP, 01542 all_data))) 01543 return(error); 01544 01545 /* add purpose to purpose-set of class */ 01546 /* lookup pp_set_id for this class */ 01547 pm_tid.object_class = param.add_purpose.def_class; 01548 if((error = rsbac_pm_get_data(PMT_CLASS, 01549 pm_tid, 01550 PD_pp_set, 01551 &data_val))) 01552 return(-RSBAC_EREADFAILED); 01553 /* if no pp-set: create it and set it in class structure */ 01554 if(!data_val.pp_set) 01555 { 01556 pm_set_id.pp_set = param.add_purpose.def_class; 01557 if(rsbac_pm_create_set(PS_PP,pm_set_id)) 01558 return(-RSBAC_EWRITEFAILED); 01559 data_val.pp_set = param.add_purpose.def_class; 01560 if((error = rsbac_pm_set_data(PMT_CLASS, 01561 pm_tid, 01562 PD_pp_set, 01563 data_val))) 01564 return(-RSBAC_EWRITEFAILED); 01565 } 01566 /* now that we know the set exists, try to add purpose to it */ 01567 pm_set_id.pp_set = data_val.pp_set; 01568 pm_set_member.pp = param.add_purpose.id; 01569 if(rsbac_pm_add_to_set(PS_PP,pm_set_id,pm_set_member)) 01570 return(-RSBAC_EWRITEFAILED); 01571 else 01572 /* ready */ 01573 return(0); 01574 01575 case PF_delete_purpose: 01576 /* purpose_id 0 is used internally, reject */ 01577 if(!param.delete_purpose.id) 01578 return(-RSBAC_EINVALIDVALUE); 01579 if(role != PR_security_officer) 01580 return(-RSBAC_EPERM); 01581 01582 /* get ticket data, deny, if not found */ 01583 pm_tid.tkt = tkt; 01584 if((error = rsbac_pm_get_all_data(PMT_TKT, 01585 pm_tid, 01586 &all_data))) 01587 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 01588 if( (error != -RSBAC_EINVALIDTARGET) 01589 && (error != -RSBAC_ENOTFOUND) 01590 ) 01591 printk(KERN_WARNING 01592 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 01593 error); 01594 return(-RSBAC_EPERM); /* execution denied */ 01595 } 01596 /* check ticket entries */ 01597 if( (all_data.tkt.function_type != PTF_delete_purpose) 01598 || (all_data.tkt.function_param.delete_purpose.id 01599 != param.delete_purpose.id) ) 01600 return(-RSBAC_EPERM); 01601 01602 /* get ticket issuer role */ 01603 tid.user = all_data.tkt.issuer; 01604 if((error = rsbac_get_attr(PM,T_USER, 01605 tid, 01606 A_pm_role, 01607 &attr_val, 01608 TRUE))) 01609 { 01610 printk(KERN_WARNING 01611 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 01612 error); 01613 return(-RSBAC_EREADFAILED); /* execution denied */ 01614 } 01615 01616 if(attr_val.pm_role != PR_data_protection_officer) 01617 { 01618 /* illegal issuer -> delete ticket */ 01619 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01620 return(-RSBAC_EPERM); 01621 } 01622 01623 /* OK, all checks done. Now change data. */ 01624 /* First remove ticket to prevent repeated calls. */ 01625 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01626 01627 /* try to delete this purpose */ 01628 pm_tid.pp = param.delete_purpose.id; 01629 return(rsbac_pm_remove_target(PMT_PP, 01630 pm_tid)); 01631 01632 case PF_add_responsible_user: 01633 /* task_id 0 is used internally, reject */ 01634 if(!param.add_responsible_user.task) 01635 return(-RSBAC_EINVALIDVALUE); 01636 if(role != PR_security_officer) 01637 return(-RSBAC_EPERM); 01638 01639 /* get ticket data, deny, if not found */ 01640 pm_tid.tkt = tkt; 01641 if((error = rsbac_pm_get_all_data(PMT_TKT, 01642 pm_tid, 01643 &all_data))) 01644 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 01645 if( (error != -RSBAC_EINVALIDTARGET) 01646 && (error != -RSBAC_ENOTFOUND) 01647 ) 01648 printk(KERN_WARNING 01649 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 01650 error); 01651 return(-RSBAC_EPERM); /* execution denied */ 01652 } 01653 /* check ticket entries */ 01654 if( (all_data.tkt.function_type != PTF_add_responsible_user) 01655 || (all_data.tkt.function_param.add_responsible_user.user 01656 != param.add_responsible_user.user) 01657 || (all_data.tkt.function_param.add_responsible_user.task 01658 != param.add_responsible_user.task) ) 01659 return(-RSBAC_EPERM); 01660 01661 /* check, whether task exists */ 01662 pm_tid2.task = param.add_responsible_user.task; 01663 if(!rsbac_pm_exists(PMT_TASK, 01664 pm_tid2)) 01665 return(-RSBAC_EINVALIDVALUE); 01666 01667 /* get ticket issuer role */ 01668 tid.user = all_data.tkt.issuer; 01669 if((error = rsbac_get_attr(PM,T_USER, 01670 tid, 01671 A_pm_role, 01672 &attr_val, 01673 TRUE))) 01674 { 01675 printk(KERN_WARNING 01676 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 01677 error); 01678 return(-RSBAC_EREADFAILED); /* execution denied */ 01679 } 01680 01681 if(attr_val.pm_role != PR_data_protection_officer) 01682 { 01683 /* illegal issuer -> delete ticket */ 01684 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01685 return(-RSBAC_EPERM); 01686 } 01687 01688 /* OK, all checks done. Now change data. */ 01689 /* First remove ticket to prevent repeated calls. */ 01690 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01691 01692 /* try to add user to ru_set of task */ 01693 01694 /* lookup ru_set_id for this task */ 01695 pm_tid.task = param.add_responsible_user.task; 01696 if((error = rsbac_pm_get_data(PMT_TASK, 01697 pm_tid, 01698 PD_ru_set, 01699 &data_val))) 01700 return(-RSBAC_EREADFAILED); 01701 /* if ru_set is 0, it must be created and notified to task-data */ 01702 if(!data_val.ru_set) 01703 { 01704 pm_set_id.ru_set = param.add_responsible_user.task; 01705 if((error = rsbac_pm_create_set(PS_RU, 01706 pm_set_id))) 01707 return(error); 01708 data_val.ru_set = param.add_responsible_user.task; 01709 if((error = rsbac_pm_set_data(PMT_TASK, 01710 pm_tid, 01711 PD_ru_set, 01712 data_val))) 01713 return(-RSBAC_EWRITEFAILED); 01714 } 01715 01716 /* now that we know the set exists, try to add ru to it */ 01717 pm_set_id.ru_set = data_val.ru_set; 01718 pm_set_member.ru = param.add_responsible_user.user; 01719 if(rsbac_pm_add_to_set(PS_RU,pm_set_id,pm_set_member)) 01720 return(-RSBAC_EWRITEFAILED); 01721 else 01722 /* ready */ 01723 return(0); 01724 01725 case PF_delete_responsible_user: 01726 /* task_id 0 is used internally, reject */ 01727 if(!param.delete_responsible_user.task) 01728 return(-RSBAC_EINVALIDVALUE); 01729 if(role != PR_security_officer) 01730 return(-RSBAC_EPERM); 01731 01732 /* get ticket data, deny, if not found */ 01733 pm_tid.tkt = tkt; 01734 if((error = rsbac_pm_get_all_data(PMT_TKT, 01735 pm_tid, 01736 &all_data))) 01737 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 01738 if( (error != -RSBAC_EINVALIDTARGET) 01739 && (error != -RSBAC_ENOTFOUND) 01740 ) 01741 printk(KERN_WARNING 01742 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 01743 error); 01744 return(-RSBAC_EPERM); /* execution denied */ 01745 } 01746 /* check ticket entries */ 01747 if( (all_data.tkt.function_type != PTF_delete_responsible_user) 01748 || (all_data.tkt.function_param.delete_responsible_user.user 01749 != param.delete_responsible_user.user) 01750 || (all_data.tkt.function_param.delete_responsible_user.task 01751 != param.delete_responsible_user.task) ) 01752 return(-RSBAC_EPERM); 01753 01754 /* get ticket issuer role */ 01755 tid.user = all_data.tkt.issuer; 01756 if((error = rsbac_get_attr(PM,T_USER, 01757 tid, 01758 A_pm_role, 01759 &attr_val, 01760 TRUE))) 01761 { 01762 printk(KERN_WARNING 01763 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 01764 error); 01765 return(-RSBAC_EREADFAILED); /* execution denied */ 01766 } 01767 01768 if(attr_val.pm_role != PR_data_protection_officer) 01769 { 01770 /* illegal issuer -> delete ticket */ 01771 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01772 return(-RSBAC_EPERM); 01773 } 01774 01775 /* OK, all checks done. Now change data. */ 01776 /* First remove ticket to prevent repeated calls. */ 01777 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01778 /* try to add user to ru_set of task */ 01779 /* lookup ru_set_id for this task */ 01780 pm_tid.task = param.delete_responsible_user.task; 01781 if((error = rsbac_pm_get_data(PMT_TASK, 01782 pm_tid, 01783 PD_ru_set, 01784 &data_val))) 01785 return(-RSBAC_EREADFAILED); 01786 /* if ru_set is 0, there is nothing to delete */ 01787 if(!data_val.ru_set) 01788 return(-RSBAC_EINVALIDVALUE); 01789 01790 /* now that we know the set exists, try to remove ru from it */ 01791 pm_set_id.ru_set = data_val.ru_set; 01792 pm_set_member.ru = param.delete_responsible_user.user; 01793 if(rsbac_pm_remove_from_set(PS_RU,pm_set_id,pm_set_member)) 01794 return(-RSBAC_EWRITEFAILED); 01795 else 01796 /* ready */ 01797 return(0); 01798 01799 case PF_delete_user_aci: 01800 if(role != PR_security_officer) 01801 return(-RSBAC_EPERM); 01802 01803 /* get ticket data, deny, if not found */ 01804 pm_tid.tkt = tkt; 01805 if((error = rsbac_pm_get_all_data(PMT_TKT, 01806 pm_tid, 01807 &all_data))) 01808 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 01809 if( (error != -RSBAC_EINVALIDTARGET) 01810 && (error != -RSBAC_ENOTFOUND) 01811 ) 01812 printk(KERN_WARNING 01813 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 01814 error); 01815 return(-RSBAC_EPERM); /* execution denied */ 01816 } 01817 /* check ticket entries */ 01818 if( (all_data.tkt.function_type != PTF_delete_user_aci) 01819 || (all_data.tkt.function_param.delete_user_aci.id 01820 != param.delete_user_aci.id) ) 01821 return(-RSBAC_EPERM); 01822 01823 /* get ticket issuer role */ 01824 tid.user = all_data.tkt.issuer; 01825 if((error = rsbac_get_attr(PM,T_USER, 01826 tid, 01827 A_pm_role, 01828 &attr_val, 01829 TRUE))) 01830 { 01831 printk(KERN_WARNING 01832 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 01833 error); 01834 return(-RSBAC_EREADFAILED); /* execution denied */ 01835 } 01836 01837 if(attr_val.pm_role != PR_data_protection_officer) 01838 { 01839 /* illegal issuer -> delete ticket */ 01840 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01841 return(-RSBAC_EPERM); 01842 } 01843 01844 /* OK, all checks done. Now remove aci. */ 01845 /* First remove ticket to prevent repeated calls. */ 01846 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01847 tid.user = param.delete_user_aci.id; 01848 rsbac_remove_target(T_USER,tid); 01849 return(0); 01850 01851 case PF_set_role: 01852 if(role != PR_security_officer) 01853 return(-RSBAC_EPERM); 01854 01855 /* get ticket data, deny, if not found */ 01856 pm_tid.tkt = tkt; 01857 if((error = rsbac_pm_get_all_data(PMT_TKT, 01858 pm_tid, 01859 &all_data))) 01860 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 01861 if( (error != -RSBAC_EINVALIDTARGET) 01862 && (error != -RSBAC_ENOTFOUND) 01863 ) 01864 printk(KERN_WARNING 01865 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 01866 error); 01867 return(-RSBAC_EPERM); /* execution denied */ 01868 } 01869 /* check ticket entries */ 01870 if( (all_data.tkt.function_type != PTF_set_role) 01871 || (all_data.tkt.function_param.set_role.user 01872 != param.set_role.user) 01873 || (all_data.tkt.function_param.set_role.role 01874 != param.set_role.role) ) 01875 return(-RSBAC_EPERM); 01876 01877 /* get ticket issuer role */ 01878 tid.user = all_data.tkt.issuer; 01879 if((error = rsbac_get_attr(PM,T_USER, 01880 tid, 01881 A_pm_role, 01882 &attr_val, 01883 TRUE))) 01884 { 01885 printk(KERN_WARNING 01886 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 01887 error); 01888 return(-RSBAC_EREADFAILED); /* execution denied */ 01889 } 01890 01891 if(attr_val.pm_role != PR_data_protection_officer) 01892 { 01893 /* illegal issuer -> delete ticket */ 01894 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01895 return(-RSBAC_EPERM); 01896 } 01897 01898 /* OK, all checks done. Now change data. */ 01899 /* First remove ticket to prevent repeated calls. */ 01900 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01901 01902 /* try to set role */ 01903 tid.user = param.set_role.user; 01904 attr_val.pm_role = param.set_role.role; 01905 return(rsbac_set_attr(PM,T_USER, 01906 tid, 01907 A_pm_role, 01908 attr_val)); 01909 01910 case PF_set_object_class: 01911 if(role != PR_security_officer) 01912 return(-RSBAC_EPERM); 01913 01914 /* get ticket data, deny, if not found */ 01915 pm_tid.tkt = tkt; 01916 if((error = rsbac_pm_get_all_data(PMT_TKT, 01917 pm_tid, 01918 &all_data))) 01919 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 01920 if( (error != -RSBAC_EINVALIDTARGET) 01921 && (error != -RSBAC_ENOTFOUND) 01922 ) 01923 printk(KERN_WARNING 01924 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 01925 error); 01926 return(-RSBAC_EPERM); /* execution denied */ 01927 } 01928 /* get file id */ 01929 if ((error = pm_get_file(param.set_object_class.filename, &target, &tid)) < 0) 01930 { 01931 #ifdef CONFIG_RSBAC_DEBUG 01932 if (rsbac_debug_aef_pm) 01933 printk(KERN_DEBUG 01934 "rsbac_pm(): call to pm_get_file() returned error %i\n", 01935 error); 01936 #endif 01937 return(-RSBAC_EINVALIDTARGET); 01938 } 01939 /* target must be file */ 01940 if( (target != T_FILE) 01941 && (target != T_FIFO) 01942 ) 01943 return(-RSBAC_EINVALIDTARGET); 01944 file=tid.file; 01945 /* check ticket entries */ 01946 if( (all_data.tkt.function_type != PTF_set_object_class) 01947 || (RSBAC_MAJOR(all_data.tkt.function_param.tkt_set_object_class.file.device) 01948 != RSBAC_MAJOR(file.device)) 01949 || (RSBAC_MINOR(all_data.tkt.function_param.tkt_set_object_class.file.device) 01950 != RSBAC_MINOR(file.device)) 01951 || (all_data.tkt.function_param.tkt_set_object_class.file.inode 01952 != file.inode) 01953 || (all_data.tkt.function_param.tkt_set_object_class.object_class 01954 != param.set_object_class.object_class) ) 01955 return(-RSBAC_EPERM); 01956 01957 /* get ticket issuer role */ 01958 tid.user = all_data.tkt.issuer; 01959 if((error = rsbac_get_attr(PM,T_USER, 01960 tid, 01961 A_pm_role, 01962 &attr_val, 01963 TRUE))) 01964 { 01965 printk(KERN_WARNING 01966 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 01967 error); 01968 return(-RSBAC_EREADFAILED); /* execution denied */ 01969 } 01970 01971 if(attr_val.pm_role != PR_data_protection_officer) 01972 { 01973 /* illegal issuer -> delete ticket */ 01974 rsbac_pm_remove_target(PMT_TKT,pm_tid); 01975 return(-RSBAC_EPERM); 01976 } 01977 01978 /* get old pm_object_type */ 01979 tid.file = file; 01980 if((error = rsbac_get_attr(PM,target, 01981 tid, 01982 A_pm_object_type, 01983 &attr_val, 01984 FALSE))) 01985 { 01986 printk(KERN_WARNING 01987 "rsbac_pm(): rsbac_get_attr() for FILE/FIFO/pm_object_type returned error %i", 01988 error); 01989 return(-RSBAC_EREADFAILED); /* execution denied */ 01990 } 01991 01992 switch(attr_val.pm_object_type) 01993 { 01994 case PO_personal_data: 01995 case PO_none: 01996 case PO_non_personal_data: 01997 break; 01998 default: 01999 return(-RSBAC_EPERM); 02000 } 02001 02002 /* OK, all checks done. Now change data. */ 02003 /* First remove ticket to prevent repeated calls. */ 02004 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02005 02006 /* set new pm_object_type */ 02007 if(param.set_object_class.object_class) 02008 attr_val.pm_object_type = PO_personal_data; 02009 else 02010 attr_val.pm_object_type = PO_non_personal_data; 02011 if((error = rsbac_set_attr(PM,target, 02012 tid, 02013 A_pm_object_type, 02014 attr_val))) 02015 { 02016 printk(KERN_WARNING 02017 "rsbac_pm(): rsbac_set_attr() for FILE/pm_object_type returned error %i", 02018 error); 02019 return(-RSBAC_EWRITEFAILED); 02020 } 02021 /* set new pm_object_class */ 02022 attr_val.pm_object_class = param.set_object_class.object_class; 02023 if((error = rsbac_set_attr(PM,target, 02024 tid, 02025 A_pm_object_class, 02026 attr_val))) 02027 { 02028 printk(KERN_WARNING 02029 "rsbac_pm(): rsbac_set_attr() for FILE/pm_object_type returned error %i", 02030 error); 02031 return(-RSBAC_EWRITEFAILED); 02032 } 02033 /* ready */ 02034 return(0); 02035 02036 #ifdef CONFIG_RSBAC_SWITCH 02037 case PF_switch_pm: 02038 /* only values 0 and 1 are allowed */ 02039 if(param.switch_pm.value && (param.switch_pm.value != 1)) 02040 return(-RSBAC_EINVALIDVALUE); 02041 if(role != PR_security_officer) 02042 return(-RSBAC_EPERM); 02043 02044 /* get ticket data, deny, if not found */ 02045 pm_tid.tkt = tkt; 02046 if((error = rsbac_pm_get_all_data(PMT_TKT, 02047 pm_tid, 02048 &all_data))) 02049 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 02050 if( (error != -RSBAC_EINVALIDTARGET) 02051 && (error != -RSBAC_ENOTFOUND) 02052 ) 02053 printk(KERN_WARNING 02054 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 02055 error); 02056 return(-RSBAC_EPERM); /* execution denied */ 02057 } 02058 /* check ticket entries */ 02059 if( (all_data.tkt.function_type != PTF_switch_pm) 02060 || (all_data.tkt.function_param.switch_pm.value 02061 != param.switch_pm.value)) 02062 return(-RSBAC_EPERM); 02063 02064 /* get ticket issuer role */ 02065 tid.user = all_data.tkt.issuer; 02066 if((error = rsbac_get_attr(PM,T_USER, 02067 tid, 02068 A_pm_role, 02069 &attr_val, 02070 TRUE))) 02071 { 02072 printk(KERN_WARNING 02073 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 02074 error); 02075 return(-RSBAC_EREADFAILED); /* execution denied */ 02076 } 02077 02078 if(attr_val.pm_role != PR_data_protection_officer) 02079 { 02080 /* illegal issuer -> delete ticket */ 02081 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02082 return(-RSBAC_EPERM); 02083 } 02084 02085 /* OK, all checks done. Now change data. */ 02086 /* First remove ticket to prevent repeated calls. */ 02087 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02088 02089 /* switch pm-module */ 02090 printk(KERN_WARNING "sys_rsbac_switch(): switching RSBAC module PM (No. %i) to %i!\n", 02091 PM, param.switch_pm.value); 02092 rsbac_switch_pm = param.switch_pm.value; 02093 return(0); 02094 02095 #ifdef CONFIG_RSBAC_AUTH 02096 case PF_switch_auth: 02097 /* only values 0 and 1 are allowed */ 02098 if(param.switch_auth.value && (param.switch_auth.value != 1)) 02099 return(-RSBAC_EINVALIDVALUE); 02100 if(role != PR_security_officer) 02101 return(-RSBAC_EPERM); 02102 02103 /* get ticket data, deny, if not found */ 02104 pm_tid.tkt = tkt; 02105 if((error = rsbac_pm_get_all_data(PMT_TKT, 02106 pm_tid, 02107 &all_data))) 02108 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 02109 if( (error != -RSBAC_EINVALIDTARGET) 02110 && (error != -RSBAC_ENOTFOUND) 02111 ) 02112 printk(KERN_WARNING 02113 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 02114 error); 02115 return(-RSBAC_EPERM); /* execution denied */ 02116 } 02117 /* check ticket entries */ 02118 if( (all_data.tkt.function_type != PTF_switch_auth) 02119 || (all_data.tkt.function_param.switch_auth.value 02120 != param.switch_auth.value)) 02121 return(-RSBAC_EPERM); 02122 02123 /* get ticket issuer role */ 02124 tid.user = all_data.tkt.issuer; 02125 if((error = rsbac_get_attr(PM,T_USER, 02126 tid, 02127 A_pm_role, 02128 &attr_val, 02129 TRUE))) 02130 { 02131 printk(KERN_WARNING 02132 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 02133 error); 02134 return(-RSBAC_EREADFAILED); /* execution denied */ 02135 } 02136 02137 if(attr_val.pm_role != PR_data_protection_officer) 02138 { 02139 /* illegal issuer -> delete ticket */ 02140 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02141 return(-RSBAC_EPERM); 02142 } 02143 02144 /* OK, all own checks done. Call ADF for other modules. */ 02145 #ifdef CONFIG_RSBAC_DEBUG 02146 if (rsbac_debug_aef_pm) 02147 printk(KERN_DEBUG "rsbac_pm(): calling ADF int\n"); 02148 #endif 02149 tid.dummy = 0; 02150 attr_val.switch_target = AUTH; 02151 if (!rsbac_adf_request_int(R_SWITCH_MODULE, 02152 current->pid, 02153 T_NONE, 02154 tid, 02155 A_switch_target, 02156 attr_val, 02157 PM)) 02158 { 02159 return -EPERM; 02160 } 02161 02162 /* First remove ticket to prevent repeated calls. */ 02163 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02164 02165 /* switch auth module */ 02166 printk(KERN_WARNING "sys_rsbac_pm/switch(): switching RSBAC module AUTH (No. %i) to %i!\n", 02167 AUTH, param.switch_auth.value); 02168 rsbac_switch_auth = param.switch_auth.value; 02169 return(0); 02170 #endif /* AUTH */ 02171 #endif /* SWITCH */ 02172 02173 case PF_set_device_object_type: 02174 if(role != PR_security_officer) 02175 return(-RSBAC_EPERM); 02176 02177 /* get ticket data, deny, if not found */ 02178 pm_tid.tkt = tkt; 02179 if((error = rsbac_pm_get_all_data(PMT_TKT, 02180 pm_tid, 02181 &all_data))) 02182 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 02183 if( (error != -RSBAC_EINVALIDTARGET) 02184 && (error != -RSBAC_ENOTFOUND) 02185 ) 02186 printk(KERN_WARNING 02187 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 02188 error); 02189 return(-RSBAC_EPERM); /* execution denied */ 02190 } 02191 /* get file id */ 02192 if ((error = pm_get_file(param.set_device_object_type.filename, &target, &tid)) < 0) 02193 { 02194 #ifdef CONFIG_RSBAC_DEBUG 02195 if (rsbac_debug_aef_pm) 02196 printk(KERN_DEBUG 02197 "rsbac_pm(): call to pm_get_file() returned error %i\n", 02198 error); 02199 #endif 02200 return(-RSBAC_EINVALIDTARGET); 02201 } 02202 /* target must be dev */ 02203 if(target != T_DEV) 02204 return(-RSBAC_EINVALIDTARGET); 02205 dev=tid.dev; 02206 /* check ticket entries */ 02207 if( (all_data.tkt.function_type != PTF_set_device_object_type) 02208 || (all_data.tkt.function_param.tkt_set_device_object_type.dev.type 02209 != dev.type) 02210 || (RSBAC_MAJOR(all_data.tkt.function_param.tkt_set_device_object_type.dev.id) 02211 != RSBAC_MAJOR(dev.id)) 02212 || (RSBAC_MINOR(all_data.tkt.function_param.tkt_set_device_object_type.dev.id) 02213 != RSBAC_MINOR(dev.id)) 02214 || (all_data.tkt.function_param.tkt_set_device_object_type.object_type 02215 != param.set_device_object_type.object_type) 02216 || (all_data.tkt.function_param.tkt_set_device_object_type.object_class 02217 != param.set_device_object_type.object_class) ) 02218 return(-RSBAC_EPERM); 02219 02220 /* get ticket issuer role */ 02221 tid.user = all_data.tkt.issuer; 02222 if((error = rsbac_get_attr(PM,T_USER, 02223 tid, 02224 A_pm_role, 02225 &attr_val, 02226 TRUE))) 02227 { 02228 printk(KERN_WARNING 02229 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 02230 error); 02231 return(-RSBAC_EREADFAILED); /* execution denied */ 02232 } 02233 02234 if(attr_val.pm_role != PR_data_protection_officer) 02235 { 02236 /* illegal issuer -> delete ticket */ 02237 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02238 return(-RSBAC_EPERM); 02239 } 02240 02241 switch(param.set_device_object_type.object_type) 02242 { 02243 case PO_personal_data: 02244 case PO_none: 02245 case PO_TP: 02246 case PO_non_personal_data: 02247 break; 02248 default: 02249 return(-RSBAC_EINVALIDVALUE); 02250 } 02251 02252 /* OK, all checks done. Now change data. */ 02253 /* First remove ticket to prevent repeated calls. */ 02254 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02255 02256 /* set new pm_object_type */ 02257 tid.dev = dev; 02258 attr_val.pm_object_type = param.set_device_object_type.object_type; 02259 if((error = rsbac_set_attr(PM,T_DEV, 02260 tid, 02261 A_pm_object_type, 02262 attr_val))) 02263 { 02264 printk(KERN_WARNING 02265 "rsbac_pm(): rsbac_set_attr() for DEV/pm_object_type returned error %i", 02266 error); 02267 return(-RSBAC_EWRITEFAILED); 02268 } 02269 /* set new pm_object_class */ 02270 attr_val.pm_object_class = param.set_device_object_type.object_class; 02271 if((error = rsbac_set_attr(PM,T_DEV, 02272 tid, 02273 A_pm_object_class, 02274 attr_val))) 02275 { 02276 printk(KERN_WARNING 02277 "rsbac_pm(): rsbac_set_attr() for DEV/pm_object_class returned error %i", 02278 error); 02279 return(-RSBAC_EWRITEFAILED); 02280 } 02281 /* ready */ 02282 return(0); 02283 02284 case PF_set_auth_may_setuid: 02285 if(role != PR_security_officer) 02286 return(-RSBAC_EPERM); 02287 02288 /* get ticket data, deny, if not found */ 02289 pm_tid.tkt = tkt; 02290 if((error = rsbac_pm_get_all_data(PMT_TKT, 02291 pm_tid, 02292 &all_data))) 02293 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 02294 if( (error != -RSBAC_EINVALIDTARGET) 02295 && (error != -RSBAC_ENOTFOUND) 02296 ) 02297 printk(KERN_WARNING 02298 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 02299 error); 02300 return(-RSBAC_EPERM); /* execution denied */ 02301 } 02302 /* get file id */ 02303 if ((error = pm_get_file(param.set_auth_may_setuid.filename, &target, &tid)) < 0) 02304 { 02305 #ifdef CONFIG_RSBAC_DEBUG 02306 if (rsbac_debug_aef_pm) 02307 printk(KERN_DEBUG 02308 "rsbac_pm(): call to pm_get_file() returned error %i\n", 02309 error); 02310 #endif 02311 return(-RSBAC_EINVALIDTARGET); 02312 } 02313 /* target must be file */ 02314 if( (target != T_FILE) 02315 && (target != T_FIFO) 02316 ) 02317 return(-RSBAC_EINVALIDTARGET); 02318 file=tid.file; 02319 /* check ticket entries */ 02320 if( (all_data.tkt.function_type != PTF_set_auth_may_setuid) 02321 || (RSBAC_MAJOR(all_data.tkt.function_param.tkt_set_auth_may_setuid.file.device) 02322 != RSBAC_MAJOR(file.device)) 02323 || (RSBAC_MINOR(all_data.tkt.function_param.tkt_set_auth_may_setuid.file.device) 02324 != RSBAC_MINOR(file.device)) 02325 || (all_data.tkt.function_param.tkt_set_auth_may_setuid.file.inode 02326 != file.inode) 02327 || (all_data.tkt.function_param.tkt_set_auth_may_setuid.value 02328 != param.set_auth_may_setuid.value) 02329 ) 02330 return(-RSBAC_EPERM); 02331 02332 /* get ticket issuer role */ 02333 tid.user = all_data.tkt.issuer; 02334 if((error = rsbac_get_attr(PM,T_USER, 02335 tid, 02336 A_pm_role, 02337 &attr_val, 02338 TRUE))) 02339 { 02340 printk(KERN_WARNING 02341 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 02342 error); 02343 return(-RSBAC_EREADFAILED); /* execution denied */ 02344 } 02345 02346 if(attr_val.pm_role != PR_data_protection_officer) 02347 { 02348 /* illegal issuer -> delete ticket */ 02349 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02350 return(-RSBAC_EPERM); 02351 } 02352 02353 switch(param.set_auth_may_setuid.value) 02354 { 02355 case FALSE: 02356 case TRUE: 02357 break; 02358 default: 02359 return(-RSBAC_EINVALIDVALUE); 02360 } 02361 /* OK, all own checks done. Call ADF for other modules. */ 02362 #ifdef CONFIG_RSBAC_DEBUG 02363 if (rsbac_debug_aef_pm) 02364 printk(KERN_DEBUG "rsbac_pm(): calling ADF int\n"); 02365 #endif 02366 tid.file = file; 02367 attr_val.auth_may_setuid = param.set_auth_may_setuid.value; 02368 if (!rsbac_adf_request_int(R_MODIFY_ATTRIBUTE, 02369 current->pid, 02370 T_FILE, 02371 tid, 02372 A_auth_may_setuid, 02373 attr_val, 02374 PM)) 02375 { 02376 return -EPERM; 02377 } 02378 02379 /* OK, all checks done. Now change data. */ 02380 /* First remove ticket to prevent repeated calls. */ 02381 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02382 02383 /* set new auth_may_setuid */ 02384 if((error = rsbac_set_attr(PM,T_FILE, 02385 tid, 02386 A_auth_may_setuid, 02387 attr_val))) 02388 { 02389 printk(KERN_WARNING 02390 "rsbac_pm(): rsbac_set_attr() for FILE/auth_may_setuid returned error %i", 02391 error); 02392 return(-RSBAC_EWRITEFAILED); 02393 } 02394 /* ready */ 02395 return(0); 02396 02397 case PF_set_auth_may_set_cap: 02398 if(role != PR_security_officer) 02399 return(-RSBAC_EPERM); 02400 02401 /* get ticket data, deny, if not found */ 02402 pm_tid.tkt = tkt; 02403 if((error = rsbac_pm_get_all_data(PMT_TKT, 02404 pm_tid, 02405 &all_data))) 02406 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 02407 if( (error != -RSBAC_EINVALIDTARGET) 02408 && (error != -RSBAC_ENOTFOUND) 02409 ) 02410 printk(KERN_WARNING 02411 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 02412 error); 02413 return(-RSBAC_EPERM); /* execution denied */ 02414 } 02415 /* get file id */ 02416 if ((error = pm_get_file(param.set_auth_may_set_cap.filename, &target, &tid)) < 0) 02417 { 02418 #ifdef CONFIG_RSBAC_DEBUG 02419 if (rsbac_debug_aef_pm) 02420 printk(KERN_DEBUG 02421 "rsbac_pm(): call to pm_get_file() returned error %i\n", 02422 error); 02423 #endif 02424 return(-RSBAC_EINVALIDTARGET); 02425 } 02426 /* target must be file */ 02427 if(target != T_FILE) 02428 return(-RSBAC_EINVALIDTARGET); 02429 file=tid.file; 02430 /* check ticket entries */ 02431 if( (all_data.tkt.function_type != PTF_set_auth_may_set_cap) 02432 || (RSBAC_MAJOR(all_data.tkt.function_param.tkt_set_auth_may_set_cap.file.device) 02433 != RSBAC_MAJOR(file.device)) 02434 || (RSBAC_MINOR(all_data.tkt.function_param.tkt_set_auth_may_set_cap.file.device) 02435 != RSBAC_MINOR(file.device)) 02436 || (all_data.tkt.function_param.tkt_set_auth_may_set_cap.file.inode 02437 != file.inode) 02438 || (all_data.tkt.function_param.tkt_set_auth_may_set_cap.value 02439 != param.set_auth_may_set_cap.value) 02440 ) 02441 return(-RSBAC_EPERM); 02442 02443 /* get ticket issuer role */ 02444 tid.user = all_data.tkt.issuer; 02445 if((error = rsbac_get_attr(PM,T_USER, 02446 tid, 02447 A_pm_role, 02448 &attr_val, 02449 TRUE))) 02450 { 02451 printk(KERN_WARNING 02452 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 02453 error); 02454 return(-RSBAC_EREADFAILED); /* execution denied */ 02455 } 02456 02457 if(attr_val.pm_role != PR_data_protection_officer) 02458 { 02459 /* illegal issuer -> delete ticket */ 02460 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02461 return(-RSBAC_EPERM); 02462 } 02463 02464 switch(param.set_auth_may_set_cap.value) 02465 { 02466 case FALSE: 02467 case TRUE: 02468 break; 02469 default: 02470 return(-RSBAC_EINVALIDVALUE); 02471 } 02472 /* OK, all own checks done. Call ADF for other modules. */ 02473 #ifdef CONFIG_RSBAC_DEBUG 02474 if (rsbac_debug_aef_pm) 02475 printk(KERN_DEBUG "rsbac_pm(): calling ADF int\n"); 02476 #endif 02477 tid.file = file; 02478 attr_val.auth_may_set_cap = param.set_auth_may_set_cap.value; 02479 if (!rsbac_adf_request_int(R_MODIFY_ATTRIBUTE, 02480 current->pid, 02481 T_FILE, 02482 tid, 02483 A_auth_may_set_cap, 02484 attr_val, 02485 PM)) 02486 { 02487 return -EPERM; 02488 } 02489 02490 /* OK, all checks done. Now change data. */ 02491 /* First remove ticket to prevent repeated calls. */ 02492 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02493 02494 /* set new auth_may_set_cap */ 02495 if((error = rsbac_set_attr(PM,T_FILE, 02496 tid, 02497 A_auth_may_set_cap, 02498 attr_val))) 02499 { 02500 printk(KERN_WARNING 02501 "rsbac_pm(): rsbac_set_attr() for FILE/auth_may_set_cap returned error %i", 02502 error); 02503 return(-RSBAC_EWRITEFAILED); 02504 } 02505 /* ready */ 02506 return(0); 02507 02508 02509 /************/ 02510 02511 case PF_add_authorized_task: 02512 /* task_id 0 is used internally, reject */ 02513 if(!param.add_authorized_task.task) 02514 return(-RSBAC_EINVALIDVALUE); 02515 if(role != PR_security_officer) 02516 { 02517 #ifdef CONFIG_RSBAC_DEBUG 02518 if(rsbac_debug_aef_pm) 02519 printk(KERN_DEBUG 02520 "rsbac_pm(): caller of add_authorized_task is not SO\n"); 02521 #endif 02522 return(-RSBAC_EPERM); 02523 } 02524 02525 /* get ticket data, deny, if not found */ 02526 pm_tid.tkt = tkt; 02527 if((error = rsbac_pm_get_all_data(PMT_TKT, 02528 pm_tid, 02529 &all_data))) 02530 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 02531 if( (error != -RSBAC_EINVALIDTARGET) 02532 && (error != -RSBAC_ENOTFOUND) 02533 ) 02534 printk(KERN_WARNING 02535 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i\n", 02536 error); 02537 return(-RSBAC_EPERM); /* execution denied */ 02538 } 02539 /* check ticket entries */ 02540 if( (all_data.tkt.function_type != PTF_add_authorized_task) 02541 || (all_data.tkt.function_param.add_authorized_task.user 02542 != param.add_authorized_task.user) 02543 || (all_data.tkt.function_param.add_authorized_task.task 02544 != param.add_authorized_task.task) ) 02545 { 02546 #ifdef CONFIG_RSBAC_DEBUG 02547 if(rsbac_debug_aef_pm) 02548 { 02549 printk(KERN_DEBUG 02550 "rsbac_pm(): calling add_authorized_task with invalid ticket\n"); 02551 printk(KERN_DEBUG 02552 "rsbac_pm(): tkt-task: %i, tkt-user: %i, call-task: %i, call-user: %i\n", 02553 all_data.tkt.function_param.add_authorized_task.user, 02554 all_data.tkt.function_param.add_authorized_task.task, 02555 param.add_authorized_task.task, 02556 param.add_authorized_task.user); 02557 } 02558 #endif 02559 return(-RSBAC_EPERM); 02560 } 02561 02562 /* check, whether task exists */ 02563 pm_tid2.task = param.add_authorized_task.task; 02564 if(!rsbac_pm_exists(PMT_TASK, 02565 pm_tid2)) 02566 { 02567 #ifdef CONFIG_RSBAC_DEBUG 02568 if(rsbac_debug_aef_pm) 02569 printk(KERN_DEBUG 02570 "rsbac_pm(): calling add_authorized_task with invalid task id\n"); 02571 #endif 02572 return(-RSBAC_EINVALIDVALUE); 02573 } 02574 02575 /* get ticket issuer role */ 02576 tid.user = all_data.tkt.issuer; 02577 if((error = rsbac_get_attr(PM,T_USER, 02578 tid, 02579 A_pm_role, 02580 &attr_val, 02581 TRUE))) 02582 { 02583 printk(KERN_WARNING 02584 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i\n", 02585 error); 02586 return(-RSBAC_EREADFAILED); /* execution denied */ 02587 } 02588 02589 if(attr_val.pm_role != PR_data_protection_officer) 02590 { /* no dpo? -> responsible user? */ 02591 /* get ru_set_id for this task */ 02592 pm_tid.task = param.add_authorized_task.task; 02593 if((error = rsbac_pm_get_data(PMT_TASK, 02594 pm_tid, 02595 PD_ru_set, 02596 &data_val))) 02597 return(-RSBAC_EREADFAILED); 02598 /* if ru_set is 0, there is no responsible user -> error */ 02599 if(!data_val.ru_set) 02600 { 02601 /* illegal issuer -> delete ticket */ 02602 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02603 #ifdef CONFIG_RSBAC_DEBUG 02604 if(rsbac_debug_aef_pm) 02605 printk(KERN_DEBUG 02606 "rsbac_pm(): calling add_authorized_task with invalid ticket issuer (no set)\n"); 02607 #endif 02608 return(-RSBAC_EPERM); 02609 } 02610 /* check, whether issuer is responsible user for this task */ 02611 pm_set_id.ru_set = data_val.ru_set; 02612 pm_set_member.ru = all_data.tkt.issuer; 02613 if(!rsbac_pm_set_member(PS_RU,pm_set_id,pm_set_member)) 02614 { 02615 /* illegal issuer -> delete ticket */ 02616 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02617 #ifdef CONFIG_RSBAC_DEBUG 02618 if(rsbac_debug_aef_pm) 02619 printk(KERN_DEBUG 02620 "rsbac_pm(): calling add_authorized_task with invalid ticket issuer\n"); 02621 #endif 02622 return(-RSBAC_EPERM); 02623 } 02624 } 02625 02626 /* OK, all checks done. Now change data. */ 02627 /* First remove ticket to prevent repeated calls. */ 02628 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02629 /* try to add task to task_set of user */ 02630 /* lookup task_set_id for this user */ 02631 tid.user = param.add_authorized_task.user; 02632 if((error = rsbac_get_attr(PM,T_USER, 02633 tid, 02634 A_pm_task_set, 02635 &attr_val, 02636 FALSE))) 02637 return(-RSBAC_EREADFAILED); 02638 /* if pm_task_set is 0, it must be created and notified to task-data */ 02639 if(!attr_val.pm_task_set) 02640 { /* set task_set_id to user-id */ 02641 pm_set_id.task_set = param.add_authorized_task.user; 02642 /* 0 is reserved -> take another one for root */ 02643 if(!pm_set_id.task_set) 02644 pm_set_id.task_set = RSBAC_PM_ROOT_TASK_SET_ID; 02645 if((error = rsbac_pm_create_set(PS_TASK, 02646 pm_set_id))) 02647 return(error); 02648 attr_val.pm_task_set = pm_set_id.task_set; 02649 if((error = rsbac_set_attr(PM,T_USER, 02650 tid, 02651 A_pm_task_set, 02652 attr_val))) 02653 return(-RSBAC_EWRITEFAILED); 02654 } 02655 02656 /* now that we know the set exists, try to add task to it */ 02657 pm_set_id.task_set = attr_val.pm_task_set; 02658 pm_set_member.task = param.add_authorized_task.task; 02659 if(rsbac_pm_add_to_set(PS_TASK,pm_set_id,pm_set_member)) 02660 return(-RSBAC_EWRITEFAILED); 02661 else 02662 /* ready */ 02663 return(0); 02664 02665 case PF_delete_authorized_task: 02666 /* task_id 0 is used internally, reject */ 02667 if(!param.delete_authorized_task.task) 02668 return(-RSBAC_EINVALIDVALUE); 02669 if(role != PR_security_officer) 02670 return(-RSBAC_EPERM); 02671 02672 /* get ticket data, deny, if not found */ 02673 pm_tid.tkt = tkt; 02674 if((error = rsbac_pm_get_all_data(PMT_TKT, 02675 pm_tid, 02676 &all_data))) 02677 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */ 02678 if( (error != -RSBAC_EINVALIDTARGET) 02679 && (error != -RSBAC_ENOTFOUND) 02680 ) 02681 printk(KERN_WARNING 02682 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i", 02683 error); 02684 return(-RSBAC_EPERM); /* execution denied */ 02685 } 02686 /* check ticket entries */ 02687 if( (all_data.tkt.function_type != PTF_delete_authorized_task) 02688 || (all_data.tkt.function_param.delete_authorized_task.user 02689 != param.delete_authorized_task.user) 02690 || (all_data.tkt.function_param.delete_authorized_task.task 02691 != param.delete_authorized_task.task) ) 02692 return(-RSBAC_EPERM); 02693 02694 /* get ticket issuer role */ 02695 tid.user = all_data.tkt.issuer; 02696 if((error = rsbac_get_attr(PM,T_USER, 02697 tid, 02698 A_pm_role, 02699 &attr_val, 02700 TRUE))) 02701 { 02702 printk(KERN_WARNING 02703 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i", 02704 error); 02705 return(-RSBAC_EREADFAILED); /* execution denied */ 02706 } 02707 02708 if(attr_val.pm_role != PR_data_protection_officer) 02709 { 02710 /* illegal issuer -> delete ticket */ 02711 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02712 return(-RSBAC_EPERM); 02713 } 02714 02715 /* OK, all checks done. Now change data. */ 02716 /* First remove ticket to prevent repeated calls. */ 02717 rsbac_pm_remove_target(PMT_TKT,pm_tid); 02718 /* try to remove task from task_set of user */ 02719 /* lookup task_set_id for this user */ 02720 tid.user = param.delete_authorized_task.user; 02721 if((error = rsbac_get_attr(PM,T_USER, 02722 tid, 02723 A_pm_task_set, 02724 &attr_val, 02725 FALSE))) 02726 return(-RSBAC_EREADFAILED); 02727 /* if pm_task_set is 0, there is no task to be deleted -> error */ 02728 if(!attr_val.pm_task_set) 02729 return(-RSBAC_EINVALIDVALUE); 02730 02731 /* now that we know the set exists, try to remove task from it */ 02732 pm_set_id.task_set = attr_val.pm_task_set; 02733 pm_set_member.task = param.delete_authorized_tp.task; 02734 if(rsbac_pm_remove_from_set(PS_TASK,pm_set_id,pm_set_member)) 02735 return(-RSBAC_EWRITEFAILED); 02736 else 02737 /* ready */ 02738 return(0); 02739 02740 02741 /************/ 02742 02743 case PF_create_tp: 02744 /* tp_id 0 is used internally, reject */ 02745 if(!param.create_tp.id) 02746 return(-RSBAC_EINVALIDVALUE); 02747 if(role != PR_tp_manager) 02748 return(-RSBAC_EPERM); 02749 02750 /* OK, all checks done. Now change data. */ 02751 /* try to add tp */ 02752 all_data.tp.id = param.create_tp.id; 02753 return(rsbac_pm_add_target(PMT_TP,all_data)); 02754 02755 case PF_delete_tp: 02756 /* tp_id 0 is used internally, reject */ 02757 if(!param.delete_tp.id) 02758 return(-RSBAC_EINVALIDVALUE); 02759 if(role != PR_tp_manager) 02760 return(-RSBAC_EPERM); 02761 02762 /* OK, all checks done. Now change data. */ 02763 02764 /* try to delete tp */ 02765 pm_tid.tp = param.delete_tp.id; 02766 return(rsbac_pm_remove_target(PMT_TP,pm_tid)); 02767 02768 case PF_set_tp: 02769 /* tp_id 0 means set to non-tp, do NOT reject here */ 02770 if(role != PR_tp_manager) 02771 return(-RSBAC_EPERM); 02772 02773 /* if tp != 0, check, whether it is valid */ 02774 if(param.set_tp.tp) 02775 { 02776 pm_tid.tp = param.set_tp.tp; 02777 if(!rsbac_pm_exists(PMT_TP,pm_tid)) 02778 return(-RSBAC_EINVALIDVALUE); 02779 } 02780 02781 /* get file id */ 02782 if ((error = pm_get_file(param.set_tp.filename, 02783 &target, 02784 &tid))) 02785 { 02786 #ifdef CONFIG_RSBAC_DEBUG 02787 if (rsbac_debug_aef_pm) 02788 printk(KERN_DEBUG 02789 "rsbac_pm(): call to pm_get_file() returned error %i\n", 02790 error); 02791 #endif 02792 return(-RSBAC_EINVALIDTARGET); 02793 } 02794 /* target must be file */ 02795 if(target != T_FILE) 02796 return(-RSBAC_EINVALIDTARGET); 02797 file=tid.file; 02798 /* get old object_type */ 02799 if (rsbac_get_attr(PM,T_FILE, 02800 tid, 02801 A_pm_object_type, 02802 &attr_val, 02803 FALSE)) 02804 { 02805 printk(KERN_WARNING "rsbac_pm(): rsbac_get_attr() returned error!\n"); 02806 return(-RSBAC_EREADFAILED); 02807 } 02808 /* if old OT is not to be changed here -> do not allow */ 02809 if( (attr_val.pm_object_type != PO_TP) 02810 && (attr_val.pm_object_type != PO_none) 02811 && (attr_val.pm_object_type != PO_non_personal_data)) 02812 return(-RSBAC_EINVALIDTARGET); 02813 02814 /* OK, all checks done. Now change data. */ 02815 /* try to set OT*/ 02816 if(param.set_tp.tp) 02817 attr_val.pm_object_type = PO_TP; 02818 else 02819 attr_val.pm_object_type = PO_none; 02820 if (rsbac_set_attr(PM,T_FILE, 02821 tid, 02822 A_pm_object_type, 02823 attr_val)) 02824 { 02825 printk(KERN_WARNING "rsbac_pm(): rsbac_set_attr() returned error!\n"); 02826 return(-RSBAC_EWRITEFAILED); 02827 } 02828 /* try to set tp-id*/ 02829 attr_val.pm_tp = param.set_tp.tp; 02830 if (rsbac_set_attr(PM,T_FILE, 02831 tid, 02832 A_pm_tp, 02833 attr_val)) 02834 { 02835 printk(KERN_WARNING "rsbac_pm(): rsbac_set_attr() returned error!\n"); 02836 return(-RSBAC_EWRITEFAILED); 02837 } 02838 return(0); 02839 02840 /************/ 02841 02842 default: 02843 return(-RSBAC_EINVALIDREQUEST); 02844 } 02845 } /* end of rsbac_pm() */ 02846 02847 /***************************************************************************/ 02848 02849 int rsbac_pm_change_current_task(rsbac_pm_task_id_t task) 02850 { 02851 union rsbac_target_id_t tid; 02852 union rsbac_attribute_value_t attr_val; 02853 int error = 0; 02854 rsbac_uid_t owner; 02855 union rsbac_pm_set_id_t pm_set_id; 02856 union rsbac_pm_set_member_t pm_set_member; 02857 02858 /* No processing possible before init (called at boot time) */ 02859 if (!rsbac_is_initialized()) 02860 return(-RSBAC_ENOTINITIALIZED); 02861 02862 if(!task) 02863 return(-RSBAC_EINVALIDVALUE); 02864 #ifdef CONFIG_RSBAC_DEBUG 02865 if (rsbac_debug_aef_pm) 02866 printk(KERN_DEBUG 02867 "rsbac_pm_change_current_task(): called for task %i!\n", 02868 task); 02869 #endif 02870 /* getting current_tp of calling process from rsbac system */ 02871 tid.process = current->pid; 02872 if((error = rsbac_get_attr(PM,T_PROCESS, 02873 tid, 02874 A_pm_tp, 02875 &attr_val, 02876 FALSE))) 02877 { 02878 printk(KERN_WARNING 02879 "rsbac_pm_change_current_task(): rsbac_get_attr() for pm_tp returned error %i", 02880 error); 02881 return(-RSBAC_EREADFAILED); /* something weird happened */ 02882 } 02883 /* changing current_task for a tp is forbidden -> error */ 02884 if(attr_val.pm_tp) 02885 { 02886 #ifdef CONFIG_RSBAC_DEBUG 02887 if(rsbac_debug_adf_pm) 02888 printk(KERN_DEBUG 02889 "rsbac_pm_change_current_task(): tried to change current_task for tp-process\n"); 02890 #endif 02891 return(-RSBAC_EPERM); 02892 } 02893 02894 /* Getting basic information about caller */ 02895 /* only useful for real process, not idle or init */ 02896 if (current->pid > 1) 02897 owner = current->uid; 02898 else /* caller_pid <= 1 -> kernel or init are always owned by root */ 02899 owner = 0; 02900 02901 /* getting owner's task_set_id (authorized tasks) from rsbac system */ 02902 tid.user = owner; 02903 if((error = rsbac_get_attr(PM,T_USER, 02904 tid, 02905 A_pm_task_set, 02906 &attr_val, 02907 FALSE))) 02908 { 02909 printk(KERN_WARNING 02910 "rsbac_pm_change_current_task(): rsbac_get_attr() for pm_task_set returned error %i", 02911 error); 02912 return(-RSBAC_EREADFAILED); /* something weird happened */ 02913 } 02914 02915 /* if there is no set of authorized tasks for owner: deny */ 02916 if(!attr_val.pm_task_set) 02917 { 02918 #ifdef CONFIG_RSBAC_DEBUG 02919 if(rsbac_debug_adf_pm) 02920 printk(KERN_DEBUG 02921 "rsbac_pm_change_current_task(): process owner has no authorized task\n"); 02922 #endif 02923 return(-RSBAC_EPERM); 02924 } 02925 02926 /* check, whether owner is authorized for this task */ 02927 pm_set_id.task_set = attr_val.pm_task_set; 02928 pm_set_member.task = task; 02929 if(!rsbac_pm_set_member(PS_TASK,pm_set_id,pm_set_member)) 02930 { 02931 #ifdef CONFIG_RSBAC_DEBUG 02932 if(rsbac_debug_adf_pm) 02933 printk(KERN_DEBUG 02934 "rsbac_pm_change_current_task(): process owner is not authorized for task\n"); 02935 #endif 02936 return(-RSBAC_EPERM); 02937 } 02938 02939 /* OK, checks are passed. Change current_task for process. */ 02940 tid.process = current->pid; 02941 attr_val.pm_current_task = task; 02942 if((error = rsbac_set_attr(PM,T_PROCESS, 02943 tid, 02944 A_pm_current_task, 02945 attr_val))) 02946 { 02947 printk(KERN_WARNING 02948 "rsbac_pm_change_current_task(): rsbac_set_attr() for pm_current_task returned error %i", 02949 error); 02950 return(-RSBAC_EWRITEFAILED); /* something weird happened */ 02951 } 02952 return(0); 02953 } 02954 02955 int rsbac_pm_create_file(const char * filename, 02956 int mode, 02957 rsbac_pm_object_class_id_t object_class) 02958 { 02959 union rsbac_target_id_t tid; 02960 union rsbac_attribute_value_t attr_val; 02961 union rsbac_attribute_value_t attr_val2; 02962 union rsbac_pm_target_id_t pm_tid; 02963 union rsbac_pm_data_value_t data_val; 02964 union rsbac_pm_data_value_t data_val2; 02965 int error = 0; 02966 union rsbac_pm_set_id_t pm_set_id; 02967 union rsbac_pm_set_member_t pm_set_member; 02968 02969 #ifdef CONFIG_RSBAC_DEBUG 02970 if (rsbac_debug_aef_pm) 02971 printk(KERN_DEBUG 02972 "sys_rsbac_pm_create_file(): called with class %i, mode %o!\n", 02973 object_class, mode); 02974 #endif 02975 /* do not allow IPC or DEV class */ 02976 if( (object_class == RSBAC_PM_IPC_OBJECT_CLASS_ID) 02977 || (object_class == RSBAC_PM_DEV_OBJECT_CLASS_ID)) 02978 { 02979 #ifdef CONFIG_RSBAC_DEBUG 02980 if(rsbac_debug_adf_pm) 02981 printk(KERN_DEBUG 02982 "rsbac_pm_create_file(): Class-ID is IPC or DEV\n"); 02983 #endif 02984 return(-RSBAC_EINVALIDVALUE); 02985 } 02986 02987 /* is mode for regular file? */ 02988 if(mode & ~S_IRWXUGO) 02989 { 02990 #ifdef CONFIG_RSBAC_DEBUG 02991 if(rsbac_debug_adf_pm) 02992 printk(KERN_DEBUG 02993 "rsbac_pm_create_file(): illegal creation mode\n"); 02994 #endif 02995 return(-RSBAC_EINVALIDVALUE); 02996 } 02997 02998 /* does class exist (NIL always exists)? */ 02999 if(object_class) 03000 { 03001 pm_tid.object_class = object_class; 03002 if(!rsbac_pm_exists(PMT_CLASS, 03003 pm_tid)) 03004 { 03005 #ifdef CONFIG_RSBAC_DEBUG 03006 if(rsbac_debug_adf_pm) 03007 printk(KERN_DEBUG 03008 "rsbac_pm_create_file(): non-existent class\n"); 03009 #endif 03010 return(-RSBAC_EINVALIDVALUE); 03011 } 03012 } 03013 03014 /* getting current_task of calling process from rsbac system */ 03015 tid.process = current->pid; 03016 if((error = rsbac_get_attr(PM,T_PROCESS, 03017 tid, 03018 A_pm_current_task, 03019 &attr_val, 03020 FALSE))) 03021 { 03022 printk(KERN_WARNING 03023 "rsbac_pm_create_file(): rsbac_get_attr() for pm_current_task returned error %i", 03024 error); 03025 return(-RSBAC_EREADFAILED); /* something weird happened */ 03026 } 03027 03028 /* getting current_tp of calling process from rsbac system */ 03029 if((error = rsbac_get_attr(PM,T_PROCESS, 03030 tid, 03031 A_pm_tp, 03032 &attr_val2, 03033 FALSE))) 03034 { 03035 printk(KERN_WARNING 03036 "rsbac_pm_create_file(): rsbac_get_attr() for pm_tp returned error %i", 03037 error); 03038 return(-RSBAC_EREADFAILED); /* something weird happened */ 03039 } 03040 03041 /* getting neccessary accesses for task, class, tp from PM-data */ 03042 pm_tid.na.task = attr_val.pm_current_task; 03043 pm_tid.na.object_class = object_class; 03044 pm_tid.na.tp = attr_val2.pm_tp; 03045 if((error = rsbac_pm_get_data(PMT_NA, 03046 pm_tid, 03047 PD_accesses, 03048 &data_val))) 03049 { 03050 if( (error != -RSBAC_EINVALIDTARGET) 03051 && (error != -RSBAC_ENOTFOUND) 03052 ) 03053 printk(KERN_WARNING 03054 "rsbac_pm_create_file(): rsbac_pm_get_data() for NA/accesses returned error %i", 03055 error); 03056 #ifdef CONFIG_RSBAC_DEBUG 03057 else if(rsbac_debug_adf_pm) 03058 printk(KERN_DEBUG 03059 "rsbac_pm_create_file(): NA/accesses (%i,%i,%i) not found\n", 03060 pm_tid.na.task, object_class, pm_tid.na.tp); 03061 #endif 03062 return(-RSBAC_EPERM); /* deny */ 03063 } 03064 03065 /* is create necessary? if not -> error */ 03066 if(!(data_val.accesses & RSBAC_PM_A_CREATE)) 03067 { 03068 #ifdef CONFIG_RSBAC_DEBUG 03069 if(rsbac_debug_adf_pm) 03070 printk(KERN_DEBUG 03071 "rsbac_pm_create_file(): create is not necessary\n"); 03072 #endif 03073 return(-RSBAC_EPERM); 03074 } 03075 03076 /* get purpose for current_task */ 03077 pm_tid.task = attr_val.pm_current_task; 03078 if((error = rsbac_pm_get_data(PMT_TASK, 03079 pm_tid, 03080 PD_purpose, 03081 &data_val))) 03082 { 03083 if( (error != -RSBAC_EINVALIDTARGET) 03084 && (error != -RSBAC_ENOTFOUND) 03085 ) 03086 printk(KERN_WARNING 03087 "rsbac_pm_create_file(): rsbac_get_data() for TASK/purpose returned error %i", 03088 error); 03089 return(-RSBAC_EPERM); /* deny */ 03090 } 03091 03092 /* further checks only, if there is a purpose defined */ 03093 if(data_val.purpose) 03094 { 03095 /* get purpose_set_id for class */ 03096 pm_tid.object_class = object_class; 03097 if((error = rsbac_pm_get_data(PMT_CLASS, 03098 pm_tid, 03099 PD_pp_set, 03100 &data_val2))) 03101 { 03102 if( (error == -RSBAC_EINVALIDTARGET) 03103 || (error == -RSBAC_ENOTFOUND) 03104 ) 03105 { 03106 #ifdef CONFIG_RSBAC_DEBUG 03107 if(rsbac_debug_adf_pm) 03108 printk(KERN_DEBUG 03109 "rsbac_pm_create_file(): non-existent class\n"); 03110 #endif 03111 return(-RSBAC_EINVALIDVALUE); 03112 } 03113 printk(KERN_WARNING 03114 "rsbac_pm_create_file(): rsbac_get_data() for TASK/purpose returned error %i", 03115 error); 03116 return(-RSBAC_EREADFAILED); /* deny */ 03117 } 03118 /* if there is no purpose set for this class, deny */ 03119 if(!data_val2.pp_set) 03120 { 03121 #ifdef CONFIG_RSBAC_DEBUG 03122 if(rsbac_debug_adf_pm) 03123 printk(KERN_DEBUG 03124 "rsbac_pm_create_file(): current_task has purpose, class not\n"); 03125 #endif 03126 return(-RSBAC_EPERM); 03127 } 03128 03129 /* last check: is our task's purpose in the set of purposes for our class? */ 03130 pm_set_id.pp_set = data_val2.pp_set; 03131 pm_set_member.pp = data_val.purpose; 03132 if(!rsbac_pm_set_member(PS_PP,pm_set_id,pm_set_member)) 03133 /* our task's purpose does not match with class purposes -> deny */ 03134 { 03135 #ifdef CONFIG_RSBAC_DEBUG 03136 if(rsbac_debug_adf_pm) 03137 printk(KERN_DEBUG 03138 "rsbac_pm_create_file(): purpose of current_task is not in purpose set of class\n"); 03139 #endif 03140 return(-RSBAC_EPERM); 03141 } 03142 } 03143 03144 /* try to create object using standard syscalls, leading to general rsbac */ 03145 /* checks via ADF-Request */ 03146 /* we are not using sys_creat(), because alpha kernels don't know it */ 03147 lock_kernel(); 03148 error = sys_open(filename, O_CREAT | O_WRONLY | O_TRUNC, mode); 03149 unlock_kernel(); 03150 if (error < 0) 03151 return(error); 03152 03153 /* setting class for new object */ 03154 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) 03155 tid.file.device = current->files->fd[error]->f_vfsmnt->mnt_sb->s_dev; 03156 tid.file.inode = current->files->fd[error]->f_dentry->d_inode->i_ino; 03157 tid.file.dentry_p = current->files->fd[error]->f_dentry; 03158 #else 03159 tid.file.device = current->files->fd[error]->f_dentry->d_inode->i_dev; 03160 tid.file.inode = current->files->fd[error]->f_dentry->d_inode->i_ino; 03161 tid.file.dentry_p = current->files->fd[error]->f_dentry; 03162 #endif 03163 attr_val.pm_object_class = object_class; 03164 if(rsbac_set_attr(PM,T_FILE, 03165 tid, 03166 A_pm_object_class, 03167 attr_val)) 03168 { 03169 printk(KERN_WARNING 03170 "rsbac_pm_create_file(): rsbac_set_attr() for pm_object_class returned error"); 03171 } 03172 return(error); 03173 } 03174 03175 03176 /* end of rsbac/adf/pm/syscalls.c */

Generated on Tue Aug 31 10:05:24 2004 for RSBAC by doxygen 1.3.8