00001
00002
00003
00004
00005
00006
00007
00008
#include <linux/config.h>
00009
#include <linux/module.h>
00010
#include <linux/types.h>
00011
#include <linux/kernel.h>
00012
#include <linux/string.h>
00013
00014
#include <linux/sched.h>
00015
#include <linux/smp.h>
00016
#include <linux/smp_lock.h>
00017
00018
#include <linux/fs.h>
00019
#include <asm/uaccess.h>
00020
00021
#include <rsbac/types.h>
00022
#include <rsbac/reg.h>
00023
#include <rsbac/adf.h>
00024
#include <rsbac/aci.h>
00025
#include <rsbac/lists.h>
00026
#include <rsbac/getname.h>
00027
#include <rsbac/error.h>
00028
#include <rsbac/proc_fs.h>
00029
00030 static u_long
nr_request_calls = 0;
00031 #define ORD_request 1
00032 static u_long
nr_set_attr_calls = 0;
00033 #define ORD_set_attr 2
00034 static u_long
nr_need_overwrite_calls = 0;
00035 #define ORD_overwrite 3
00036 static u_long
nr_write_calls = 0;
00037 #define ORD_write 4
00038 static u_long
nr_system_calls = 0;
00039 #define ORD_syscall 5
00040 static void *
system_call_arg = 0;
00041
00042
MODULE_AUTHOR(
"Amon Ott");
00043
MODULE_DESCRIPTION(
"RSBAC REG sample decision module 3");
00044
MODULE_LICENSE(
"GPL");
00045
00046
MODULE_PARM(name,
"s");
00047 static char *
name =
NULL;
00048 static char dummy_buf[70]=
"To protect against wrong insmod params";
00049
00050
MODULE_PARM(syscall_name,
"s");
00051 static char *
syscall_name =
NULL;
00052 static char dummy_buf2[70]=
"To protect against wrong insmod params";
00053
00054
MODULE_PARM(listkey,
"l");
00055 static u_int
listkey = 133457;
00056
00057
MODULE_PARM(handle,
"l");
00058 static long handle = 133457;
00059
00060
MODULE_PARM(syscall_registration_handle,
"l");
00061 static long syscall_registration_handle = 754331;
00062
MODULE_PARM(syscall_dispatcher_handle,
"l");
00063 static long syscall_dispatcher_handle = 3;
00064
00065
00066 #define FILENAME "regsmp3"
00067
00068
00069 #define LIST_VERSION 1
00070
00071 static rsbac_list_handle_t list_handle;
00072
00073
00074
00075
#if defined(CONFIG_RSBAC_PROC)
00076
#define PROC_NAME "reg_sample3"
00077
static struct proc_dir_entry * proc_reg_sample_p;
00078
00079
static int
00080 adf_sample_proc_info(
char *buffer,
char **start, off_t offset,
int length)
00081 {
00082
int len = 0;
00083 off_t pos = 0;
00084 off_t begin = 0;
00085
00086
union rsbac_target_id_t rsbac_target_id;
00087
union rsbac_attribute_value_t rsbac_attribute_value;
00088
00089
if (!
rsbac_is_initialized())
00090
return (-ENOSYS);
00091
00092 rsbac_target_id.
scd =
ST_rsbac;
00093 rsbac_attribute_value.
dummy = 0;
00094
if (!
rsbac_adf_request(
R_GET_STATUS_DATA,
00095 current->pid,
00096
T_SCD,
00097 rsbac_target_id,
00098
A_none,
00099 rsbac_attribute_value))
00100 {
00101
return -EPERM;
00102 }
00103 len += sprintf(buffer,
"RSBAC REG decision module sample 3\n----------------------------------\n");
00104 pos = begin + len;
00105
if (pos < offset)
00106 {
00107 len = 0;
00108 begin = pos;
00109 }
00110
if (pos > offset+length)
00111
goto out;
00112
00113 len += sprintf(buffer + len,
"%lu calls to request function.\n",
00114
nr_request_calls);
00115 pos = begin + len;
00116
if (pos < offset)
00117 {
00118 len = 0;
00119 begin = pos;
00120 }
00121
if (pos > offset+length)
00122
goto out;
00123
00124 len += sprintf(buffer + len,
"%lu calls to set_attr function.\n",
00125
nr_set_attr_calls);
00126 pos = begin + len;
00127
if (pos < offset)
00128 {
00129 len = 0;
00130 begin = pos;
00131 }
00132
if (pos > offset+length)
00133
goto out;
00134
00135 len += sprintf(buffer + len,
"%lu calls to need_overwrite function.\n",
00136
nr_need_overwrite_calls);
00137 pos = begin + len;
00138
if (pos < offset)
00139 {
00140 len = 0;
00141 begin = pos;
00142 }
00143
if (pos > offset+length)
00144
goto out;
00145
00146 len += sprintf(buffer + len,
"%lu calls to write function.\n",
00147
nr_write_calls);
00148 pos = begin + len;
00149
if (pos < offset)
00150 {
00151 len = 0;
00152 begin = pos;
00153 }
00154
if (pos > offset+length)
00155
goto out;
00156
00157 len += sprintf(buffer + len,
"%lu calls to system_call function %lu, last arg was %p.\n",
00158
nr_system_calls,
00159
syscall_dispatcher_handle,
00160
system_call_arg);
00161 pos = begin + len;
00162
if (pos < offset)
00163 {
00164 len = 0;
00165 begin = pos;
00166 }
00167
if (pos > offset+length)
00168
goto out;
00169
00170 len += sprintf(buffer + len,
"%li list items.\n",
00171
rsbac_list_count(
list_handle));
00172 pos = begin + len;
00173
if (pos < offset)
00174 {
00175 len = 0;
00176 begin = pos;
00177 }
00178
if (pos > offset+length)
00179
goto out;
00180
00181 out:
00182 *start = buffer + (offset - begin);
00183 len -= (offset - begin);
00184
00185
if (len > length)
00186 len = length;
00187
return len;
00188 }
00189
#endif
00190
00191
00192
00193 static int compare(
void * desc1,
void * desc2)
00194 {
00195
return memcmp((u_int *) desc1, (u_int *) desc2,
sizeof(u_int) );
00196 }
00197
00198
00199
00200
00201
00202
00203
00204
00205
00206
00207 static int request_func (
enum rsbac_adf_request_t request,
00208
rsbac_pid_t owner_pid,
00209
enum rsbac_target_t target,
00210
union rsbac_target_id_t tid,
00211
enum rsbac_attribute_t attr,
00212
union rsbac_attribute_value_t attr_val,
00213
rsbac_uid_t owner)
00214 {
00215
00216
if(request !=
R_SEARCH)
00217 {
00218
nr_request_calls++;
00219
rsbac_list_add_u32(
list_handle,
ORD_request, &
nr_request_calls);
00220 }
00221
return GRANTED;
00222 }
00223
00224 static int set_attr_func (
enum rsbac_adf_request_t request,
00225
rsbac_pid_t owner_pid,
00226
enum rsbac_target_t target,
00227
union rsbac_target_id_t tid,
00228
enum rsbac_target_t new_target,
00229
union rsbac_target_id_t new_tid,
00230
enum rsbac_attribute_t attr,
00231
union rsbac_attribute_value_t attr_val,
00232
rsbac_uid_t owner)
00233 {
00234
00235
if(request !=
R_SEARCH)
00236 {
00237
nr_set_attr_calls++;
00238
rsbac_list_add_u32(
list_handle,
ORD_set_attr, &
nr_set_attr_calls);
00239 }
00240
return 0;
00241 }
00242
00243 static boolean need_overwrite_func (
struct dentry * dentry_p)
00244 {
00245
nr_need_overwrite_calls++;
00246
rsbac_list_add_u32(
list_handle,
ORD_overwrite, &
nr_need_overwrite_calls);
00247
return FALSE;
00248 }
00249
00250 static int write_func(
boolean need_lock)
00251 {
00252
nr_write_calls++;
00253
rsbac_list_add_u32(
list_handle,
ORD_write, &
nr_write_calls);
00254
return(0);
00255 }
00256
00257 static int syscall_func (
void * arg)
00258 {
00259
nr_system_calls++;
00260
system_call_arg = arg;
00261
rsbac_list_add_u32(
list_handle,
ORD_syscall, &
nr_system_calls);
00262
return nr_system_calls;
00263 }
00264
00265
00266
00267 int init_module(
void)
00268 {
00269
struct rsbac_reg_entry_t entry;
00270
struct rsbac_reg_syscall_entry_t syscall_entry;
00271
struct rsbac_list_info_t list_info;
00272
00273
if(!
listkey)
00274
listkey = 133457;
00275
if(!
handle)
00276
handle = 133457;
00277
if(!
syscall_registration_handle)
00278
syscall_registration_handle = 754331;
00279
if(!
syscall_dispatcher_handle)
00280
syscall_dispatcher_handle = 3;
00281
00282 printk(KERN_INFO
"RSBAC REG decision module sample 3: Initializing.\n");
00283
00284
00285 memset(&entry, 0,
sizeof(entry));
00286 memset(&syscall_entry, 0,
sizeof(syscall_entry));
00287
00288
if((
dummy_buf[0] !=
'T') || (
dummy_buf2[0] !=
'T'))
00289 {
00290 printk(KERN_WARNING
"RSBAC REG decision module sample 3: Not loaded due to invalid param string.\n");
00291
return -ENOEXEC;
00292 }
00293
00294
00295 list_info.
version =
LIST_VERSION;
00296 list_info.
key =
listkey;
00297 list_info.
desc_size =
sizeof(__u32);
00298 list_info.
data_size =
sizeof(
nr_request_calls);
00299 list_info.
max_age = 3600;
00300
if(
rsbac_list_register(
RSBAC_LIST_VERSION,
00301 &
list_handle,
00302 &list_info,
00303
RSBAC_LIST_PERSIST |
RSBAC_LIST_BACKUP,
00304
compare,
00305
NULL,
00306
NULL,
00307
FILENAME,
00308 0))
00309 {
00310 printk(KERN_WARNING
"RSBAC REG decision module sample 3: Registering list failed. Unloading.\n");
00311
return -ENOEXEC;
00312 }
00313 printk(KERN_INFO
"RSBAC REG decision module sample 3: List Version: %u, Name: %s, Handle: %p, Key: %u\n",
00314
RSBAC_LIST_VERSION,
FILENAME,
list_handle,
listkey);
00315
if(
rsbac_list_exist_u32(
list_handle,
ORD_request))
00316
rsbac_list_get_data_u32(
list_handle,
ORD_request, &
nr_request_calls);
00317
if(
rsbac_list_exist_u32(
list_handle,
ORD_set_attr))
00318
rsbac_list_get_data_u32(
list_handle,
ORD_set_attr, &
nr_set_attr_calls);
00319
if(
rsbac_list_exist_u32(
list_handle,
ORD_overwrite))
00320
rsbac_list_get_data_u32(
list_handle,
ORD_overwrite, &
nr_need_overwrite_calls);
00321
if(
rsbac_list_exist_u32(
list_handle,
ORD_write))
00322
rsbac_list_get_data_u32(
list_handle,
ORD_write, &
nr_write_calls);
00323
if(
rsbac_list_exist_u32(
list_handle,
ORD_syscall))
00324
rsbac_list_get_data_u32(
list_handle,
ORD_syscall, &
nr_system_calls);
00325
00326
00327
if(
name)
00328 {
00329 strncpy(entry.name,
name,
RSBAC_REG_NAME_LEN);
00330 entry.name[
RSBAC_REG_NAME_LEN] = 0;
00331 }
00332
else
00333 strcpy(entry.name,
"RSBAC REG sample 3 ADF module");
00334 printk(KERN_INFO
"RSBAC REG decision module sample 3: REG Version: %u, Name: %s, Handle: %li\n",
00335
RSBAC_REG_VERSION, entry.name,
handle);
00336
00337 entry.handle =
handle;
00338 entry.request_func =
request_func;
00339 entry.set_attr_func =
set_attr_func;
00340 entry.need_overwrite_func =
need_overwrite_func;
00341 entry.write_func =
write_func;
00342 entry.switch_on =
TRUE;
00343
00344 printk(KERN_INFO
"RSBAC REG decision module sample 3: Registering to ADF.\n");
00345
if(
rsbac_reg_register(
RSBAC_REG_VERSION, entry) < 0)
00346 {
00347 printk(KERN_WARNING
"RSBAC REG decision module sample 3: Registering failed. Unloading.\n");
00348
if(
rsbac_list_detach(&
list_handle,
listkey))
00349 printk(KERN_WARNING
"RSBAC REG decision module sample 3: Unregistering list failed - beware!\n");
00350
return -ENOEXEC;
00351 }
00352
00353
if(
syscall_name)
00354 {
00355 strncpy(syscall_entry.name,
syscall_name,
RSBAC_REG_NAME_LEN);
00356 syscall_entry.name[
RSBAC_REG_NAME_LEN] = 0;
00357 }
00358
else
00359 strcpy(syscall_entry.name,
"RSBAC REG sample 3 syscall");
00360 printk(KERN_INFO
"RSBAC REG decision module sample 3: REG Version: %u, Name: %s, Dispatcher Handle: %li\n",
00361
RSBAC_REG_VERSION, syscall_entry.name,
syscall_dispatcher_handle);
00362
00363 syscall_entry.registration_handle =
syscall_registration_handle;
00364 syscall_entry.dispatcher_handle =
syscall_dispatcher_handle;
00365 syscall_entry.syscall_func =
syscall_func;
00366
00367 printk(KERN_INFO
"RSBAC REG decision module sample 3: Registering syscall.\n");
00368
syscall_registration_handle =
rsbac_reg_register_syscall(
RSBAC_REG_VERSION, syscall_entry);
00369
if(
syscall_registration_handle < 0)
00370 {
00371 printk(KERN_WARNING
"RSBAC REG decision module sample 3: Registering syscall failed. Unloading.\n");
00372
if(
rsbac_reg_unregister(
handle))
00373 {
00374 printk(KERN_ERR
"RSBAC REG decision module sample 3: Unregistering failed - beware of possible system failure!\n");
00375 }
00376
if(
rsbac_list_detach(&
list_handle,
listkey))
00377 printk(KERN_WARNING
"RSBAC REG decision module sample 3: Unregistering list failed - beware!\n");
00378
return -ENOEXEC;
00379 }
00380
00381
#if defined(CONFIG_RSBAC_PROC)
00382
proc_reg_sample_p = create_proc_entry(PROC_NAME,
00383 S_IFREG | S_IRUGO,
00384
proc_rsbac_root_p);
00385
if(!proc_reg_sample_p)
00386 {
00387 printk(KERN_WARNING
"%s: Not loaded due to failed proc entry registering.\n",
name);
00388
if(
rsbac_reg_unregister_syscall(
syscall_registration_handle))
00389 {
00390 printk(KERN_ERR
"RSBAC REG decision module sample 3: Unregistering syscall failed - beware of possible system failure!\n");
00391 }
00392
if(
rsbac_reg_unregister(
handle))
00393 {
00394 printk(KERN_ERR
"RSBAC REG decision module sample 3: Unregistering from ADF failed - beware of possible system failure!\n");
00395 }
00396
if(
rsbac_list_detach(&
list_handle,
listkey))
00397 printk(KERN_WARNING
"RSBAC REG decision module sample 3: Unregistering list failed - beware!\n");
00398
return -ENOEXEC;
00399 }
00400 proc_reg_sample_p->get_info = adf_sample_proc_info;
00401
#endif
00402
00403 printk(KERN_INFO
"RSBAC REG decision module sample 3: Loaded.\n");
00404
00405
return 0;
00406 }
00407
00408 void cleanup_module(
void)
00409 {
00410 printk(KERN_INFO
"RSBAC REG decision module sample 3: Unregistering.\n");
00411
#if defined(CONFIG_RSBAC_PROC)
00412
remove_proc_entry(PROC_NAME,
proc_rsbac_root_p);
00413
#endif
00414
if(
rsbac_reg_unregister_syscall(
syscall_registration_handle))
00415 {
00416 printk(KERN_ERR
"RSBAC REG decision module sample 3: Unregistering syscall failed - beware of possible system failure!\n");
00417 }
00418
if(
rsbac_reg_unregister(
handle))
00419 {
00420 printk(KERN_ERR
"RSBAC REG decision module sample 3: Unregistering module failed - beware of possible system failure!\n");
00421 }
00422
if(
rsbac_list_detach(&
list_handle,
listkey))
00423 printk(KERN_WARNING
"RSBAC REG decision module sample 3: Unregistering list failed - beware!\n");
00424 printk(KERN_INFO
"RSBAC REG decision module sample 3: Unloaded.\n");
00425 }