/daten/src/linux-2.4.27-rsbac-v1.2.3/include/rsbac/syscalls.h

Go to the documentation of this file.
00001 /************************************* */ 00002 /* Rule Set Based Access Control */ 00003 /* Author and (c) 1999-2004: */ 00004 /* Amon Ott <ao@rsbac.org> */ 00005 /* Syscall wrapper functions for all */ 00006 /* parts */ 00007 /* Last modified: 24/Apr/2004 */ 00008 /************************************* */ 00009 00010 #ifndef __RSBAC_SYSCALLS_H 00011 #define __RSBAC_SYSCALLS_H 00012 00013 #include <linux/unistd.h> 00014 #include <rsbac/types.h> 00015 #include <rsbac/getname.h> 00016 #include <rsbac/helpers.h> 00017 #include <rsbac/error.h> 00018 00019 enum rsbac_syscall_t 00020 { 00021 RSYS_stats, 00022 RSYS_check, 00023 RSYS_get_attr, 00024 RSYS_get_attr_n, 00025 RSYS_set_attr, 00026 RSYS_set_attr_n, 00027 RSYS_remove_target, 00028 RSYS_remove_target_n, 00029 RSYS_net_list_all_netdev, 00030 RSYS_net_template, 00031 RSYS_net_list_all_template, 00032 RSYS_switch, 00033 RSYS_adf_log_switch, 00034 RSYS_get_adf_log, 00035 RSYS_write, 00036 RSYS_log, 00037 RSYS_mac_set_curr_level, 00038 RSYS_mac_get_curr_level, 00039 RSYS_mac_get_max_level, 00040 RSYS_mac_get_min_level, 00041 RSYS_mac_add_p_tru, 00042 RSYS_mac_remove_p_tru, 00043 RSYS_mac_add_f_tru, 00044 RSYS_mac_remove_f_tru, 00045 RSYS_mac_get_f_trulist, 00046 RSYS_mac_get_p_trulist, 00047 RSYS_stats_pm, 00048 RSYS_pm, 00049 RSYS_pm_change_current_task, 00050 RSYS_pm_create_file, 00051 RSYS_daz_flush_cache, 00052 RSYS_rc_copy_role, 00053 RSYS_rc_get_item, 00054 RSYS_rc_set_item, 00055 RSYS_rc_change_role, 00056 RSYS_rc_get_eff_rights_n, 00057 RSYS_rc_get_list, 00058 RSYS_auth_add_p_cap, 00059 RSYS_auth_remove_p_cap, 00060 RSYS_auth_add_f_cap, 00061 RSYS_auth_remove_f_cap, 00062 RSYS_auth_get_f_caplist, 00063 RSYS_auth_get_p_caplist, 00064 RSYS_acl, 00065 RSYS_acl_n, 00066 RSYS_acl_get_rights, 00067 RSYS_acl_get_rights_n, 00068 RSYS_acl_get_tlist, 00069 RSYS_acl_get_tlist_n, 00070 RSYS_acl_get_mask, 00071 RSYS_acl_get_mask_n, 00072 RSYS_acl_group, 00073 RSYS_reg, 00074 RSYS_jail, 00075 RSYS_init, 00076 RSYS_rc_get_current_role, 00077 RSYS_none 00078 }; 00079 00080 00081 struct rsys_check_t 00082 { 00083 int correct; 00084 int check_inode; 00085 }; 00086 00087 struct rsys_get_attr_t 00088 { 00089 enum rsbac_switch_target_t module; 00090 enum rsbac_target_t target; 00091 union rsbac_target_id_t * tid; 00092 enum rsbac_attribute_t attr; 00093 union rsbac_attribute_value_t * value; 00094 int inherit; 00095 }; 00096 00097 struct rsys_get_attr_n_t 00098 { 00099 enum rsbac_switch_target_t module; 00100 enum rsbac_target_t target; 00101 char * t_name; 00102 enum rsbac_attribute_t attr; 00103 union rsbac_attribute_value_t * value; 00104 int inherit; 00105 }; 00106 00107 struct rsys_set_attr_t 00108 { 00109 enum rsbac_switch_target_t module; 00110 enum rsbac_target_t target; 00111 union rsbac_target_id_t * tid; 00112 enum rsbac_attribute_t attr; 00113 union rsbac_attribute_value_t * value; 00114 }; 00115 00116 struct rsys_set_attr_n_t 00117 { 00118 enum rsbac_switch_target_t module; 00119 enum rsbac_target_t target; 00120 char * t_name; 00121 enum rsbac_attribute_t attr; 00122 union rsbac_attribute_value_t * value; 00123 }; 00124 00125 struct rsys_remove_target_t 00126 { 00127 enum rsbac_target_t target; 00128 union rsbac_target_id_t * tid; 00129 }; 00130 00131 struct rsys_remove_target_n_t 00132 { 00133 enum rsbac_target_t target; 00134 char * t_name; 00135 }; 00136 00137 struct rsys_net_list_all_netdev_t 00138 { 00139 rsbac_netdev_id_t * id_p; 00140 u_long maxnum; 00141 }; 00142 00143 struct rsys_net_template_t 00144 { 00145 enum rsbac_net_temp_syscall_t call; 00146 rsbac_net_temp_id_t id; 00147 union rsbac_net_temp_syscall_data_t * data_p; 00148 }; 00149 00150 struct rsys_net_list_all_template_t 00151 { 00152 rsbac_net_temp_id_t * id_p; 00153 u_long maxnum; 00154 }; 00155 00156 struct rsys_switch_t 00157 { 00158 enum rsbac_switch_target_t target; 00159 int value; 00160 }; 00161 00162 struct rsys_adf_log_switch_t 00163 { 00164 enum rsbac_adf_request_t request; 00165 enum rsbac_target_t target; 00166 u_int value; 00167 }; 00168 00169 struct rsys_get_adf_log_t 00170 { 00171 enum rsbac_adf_request_t request; 00172 enum rsbac_target_t target; 00173 u_int * value_p; 00174 }; 00175 00176 struct rsys_log_t 00177 { 00178 int type; 00179 char * buf; 00180 int len; 00181 }; 00182 00183 struct rsys_mac_set_curr_level_t 00184 { 00185 rsbac_security_level_t level; 00186 rsbac_mac_category_vector_t * categories_p; 00187 }; 00188 00189 struct rsys_mac_get_curr_level_t 00190 { 00191 rsbac_security_level_t * level_p; 00192 rsbac_mac_category_vector_t * categories_p; 00193 }; 00194 00195 struct rsys_mac_get_max_level_t 00196 { 00197 rsbac_security_level_t * level_p; 00198 rsbac_mac_category_vector_t * categories_p; 00199 }; 00200 00201 struct rsys_mac_get_min_level_t 00202 { 00203 rsbac_security_level_t * level_p; 00204 rsbac_mac_category_vector_t * categories_p; 00205 }; 00206 00207 struct rsys_mac_add_p_tru_t 00208 { 00209 rsbac_pid_t pid; 00210 rsbac_uid_t uid; 00211 rsbac_time_t ttl; 00212 }; 00213 00214 struct rsys_mac_remove_p_tru_t 00215 { 00216 rsbac_pid_t pid; 00217 rsbac_uid_t uid; 00218 }; 00219 00220 struct rsys_mac_add_f_tru_t 00221 { 00222 char * filename; 00223 rsbac_uid_t uid; 00224 rsbac_time_t ttl; 00225 }; 00226 00227 struct rsys_mac_remove_f_tru_t 00228 { 00229 char * filename; 00230 rsbac_uid_t uid; 00231 }; 00232 00233 struct rsys_mac_get_f_trulist_t 00234 { 00235 char * filename; 00236 rsbac_uid_t * trulist; 00237 rsbac_time_t * ttllist; 00238 u_int maxnum; 00239 }; 00240 00241 struct rsys_mac_get_p_trulist_t 00242 { 00243 rsbac_pid_t pid; 00244 rsbac_uid_t * trulist; 00245 rsbac_time_t * ttllist; 00246 u_int maxnum; 00247 }; 00248 00249 struct rsys_pm_t 00250 { 00251 enum rsbac_pm_function_type_t function; 00252 union rsbac_pm_function_param_t * param_p; 00253 rsbac_pm_tkt_id_t ticket; 00254 }; 00255 00256 struct rsys_pm_change_current_task_t 00257 { 00258 rsbac_pm_task_id_t task; 00259 }; 00260 00261 struct rsys_pm_create_file_t 00262 { 00263 const char * filename; 00264 int mode; 00265 rsbac_pm_object_class_id_t object_class; 00266 }; 00267 00268 struct rsys_rc_copy_role_t 00269 { 00270 rsbac_rc_role_id_t from_role; 00271 rsbac_rc_role_id_t to_role; 00272 }; 00273 00274 struct rsys_rc_get_item_t 00275 { 00276 enum rsbac_rc_target_t target; 00277 union rsbac_rc_target_id_t * tid_p; 00278 union rsbac_rc_target_id_t * subtid_p; 00279 enum rsbac_rc_item_t item; 00280 union rsbac_rc_item_value_t * value_p; 00281 rsbac_time_t * ttl_p; 00282 }; 00283 00284 struct rsys_rc_set_item_t 00285 { 00286 enum rsbac_rc_target_t target; 00287 union rsbac_rc_target_id_t * tid_p; 00288 union rsbac_rc_target_id_t * subtid_p; 00289 enum rsbac_rc_item_t item; 00290 union rsbac_rc_item_value_t * value_p; 00291 rsbac_time_t ttl; 00292 }; 00293 00294 struct rsys_rc_get_list_t 00295 { 00296 enum rsbac_rc_target_t target; 00297 union rsbac_rc_target_id_t * tid_p; 00298 enum rsbac_rc_item_t item; 00299 u_int maxnum; 00300 __u32 * array_p; 00301 rsbac_time_t * ttl_array_p; 00302 }; 00303 00304 struct rsys_rc_change_role_t 00305 { 00306 rsbac_rc_role_id_t role; 00307 }; 00308 00309 struct rsys_rc_get_eff_rights_n_t 00310 { 00311 enum rsbac_target_t target; 00312 char * t_name; 00313 rsbac_rc_request_vector_t * request_vector_p; 00314 rsbac_time_t * ttl_p; 00315 }; 00316 00317 struct rsys_rc_get_current_role_t 00318 { 00319 rsbac_rc_role_id_t * role_p; 00320 }; 00321 00322 struct rsys_auth_add_p_cap_t 00323 { 00324 rsbac_pid_t pid; 00325 enum rsbac_auth_cap_type_t cap_type; 00326 struct rsbac_auth_cap_range_t cap_range; 00327 rsbac_time_t ttl; 00328 }; 00329 00330 struct rsys_auth_remove_p_cap_t 00331 { 00332 rsbac_pid_t pid; 00333 enum rsbac_auth_cap_type_t cap_type; 00334 struct rsbac_auth_cap_range_t cap_range; 00335 }; 00336 00337 struct rsys_auth_add_f_cap_t 00338 { 00339 char * filename; 00340 enum rsbac_auth_cap_type_t cap_type; 00341 struct rsbac_auth_cap_range_t cap_range; 00342 rsbac_time_t ttl; 00343 }; 00344 00345 struct rsys_auth_remove_f_cap_t 00346 { 00347 char * filename; 00348 enum rsbac_auth_cap_type_t cap_type; 00349 struct rsbac_auth_cap_range_t cap_range; 00350 }; 00351 00352 struct rsys_auth_get_f_caplist_t 00353 { 00354 char * filename; 00355 enum rsbac_auth_cap_type_t cap_type; 00356 struct rsbac_auth_cap_range_t * caplist; 00357 rsbac_time_t * ttllist; 00358 u_int maxnum; 00359 }; 00360 00361 struct rsys_auth_get_p_caplist_t 00362 { 00363 rsbac_pid_t pid; 00364 enum rsbac_auth_cap_type_t cap_type; 00365 struct rsbac_auth_cap_range_t * caplist; 00366 rsbac_time_t * ttllist; 00367 u_int maxnum; 00368 }; 00369 00370 struct rsys_acl_t 00371 { 00372 enum rsbac_acl_syscall_type_t call; 00373 struct rsbac_acl_syscall_arg_t * arg; 00374 }; 00375 00376 struct rsys_acl_n_t 00377 { 00378 enum rsbac_acl_syscall_type_t call; 00379 struct rsbac_acl_syscall_n_arg_t * arg; 00380 }; 00381 00382 struct rsys_acl_get_rights_t 00383 { 00384 struct rsbac_acl_syscall_arg_t * arg; 00385 rsbac_acl_rights_vector_t * rights_p; 00386 u_int effective; 00387 }; 00388 00389 struct rsys_acl_get_rights_n_t 00390 { 00391 struct rsbac_acl_syscall_n_arg_t * arg; 00392 rsbac_acl_rights_vector_t * rights_p; 00393 u_int effective; 00394 }; 00395 00396 struct rsys_acl_get_tlist_t 00397 { 00398 enum rsbac_target_t target; 00399 union rsbac_target_id_t * tid; 00400 struct rsbac_acl_entry_t * entry_array; 00401 rsbac_time_t * ttl_array; 00402 u_int maxnum; 00403 }; 00404 00405 struct rsys_acl_get_tlist_n_t 00406 { 00407 enum rsbac_target_t target; 00408 char * t_name; 00409 struct rsbac_acl_entry_t * entry_array; 00410 rsbac_time_t * ttl_array; 00411 u_int maxnum; 00412 }; 00413 00414 struct rsys_acl_get_mask_t 00415 { 00416 enum rsbac_target_t target; 00417 union rsbac_target_id_t * tid; 00418 rsbac_acl_rights_vector_t * mask_p; 00419 }; 00420 00421 struct rsys_acl_get_mask_n_t 00422 { 00423 enum rsbac_target_t target; 00424 char * t_name; 00425 rsbac_acl_rights_vector_t * mask_p; 00426 }; 00427 00428 struct rsys_acl_group_t 00429 { 00430 enum rsbac_acl_group_syscall_type_t call; 00431 union rsbac_acl_group_syscall_arg_t * arg_p; 00432 }; 00433 00434 struct rsys_reg_t 00435 { 00436 long handle; 00437 void * arg; 00438 }; 00439 00440 struct rsys_jail_t 00441 { 00442 rsbac_version_t version; 00443 char * path; 00444 rsbac_jail_ip_t ip; 00445 rsbac_jail_flags_t flags; 00446 rsbac_cap_vector_t max_caps; 00447 }; 00448 00449 struct rsys_init_t 00450 { 00451 char * root_dev; 00452 }; 00453 00454 union rsbac_syscall_arg_t 00455 { 00456 struct rsys_check_t check; 00457 struct rsys_get_attr_t get_attr; 00458 struct rsys_get_attr_n_t get_attr_n; 00459 struct rsys_set_attr_t set_attr; 00460 struct rsys_set_attr_n_t set_attr_n; 00461 struct rsys_remove_target_t remove_target; 00462 struct rsys_remove_target_n_t remove_target_n; 00463 struct rsys_net_list_all_netdev_t net_list_all_netdev; 00464 struct rsys_net_template_t net_template; 00465 struct rsys_net_list_all_template_t net_list_all_template; 00466 struct rsys_switch_t switch_module; 00467 struct rsys_adf_log_switch_t adf_log_switch; 00468 struct rsys_get_adf_log_t get_adf_log; 00469 struct rsys_log_t log; 00470 struct rsys_mac_set_curr_level_t mac_set_curr_level; 00471 struct rsys_mac_get_curr_level_t mac_get_curr_level; 00472 struct rsys_mac_get_max_level_t mac_get_max_level; 00473 struct rsys_mac_get_min_level_t mac_get_min_level; 00474 struct rsys_mac_add_p_tru_t mac_add_p_tru; 00475 struct rsys_mac_remove_p_tru_t mac_remove_p_tru; 00476 struct rsys_mac_add_f_tru_t mac_add_f_tru; 00477 struct rsys_mac_remove_f_tru_t mac_remove_f_tru; 00478 struct rsys_mac_get_f_trulist_t mac_get_f_trulist; 00479 struct rsys_mac_get_p_trulist_t mac_get_p_trulist; 00480 struct rsys_pm_t pm; 00481 struct rsys_pm_change_current_task_t pm_change_current_task; 00482 struct rsys_pm_create_file_t pm_create_file; 00483 struct rsys_rc_copy_role_t rc_copy_role; 00484 struct rsys_rc_get_item_t rc_get_item; 00485 struct rsys_rc_set_item_t rc_set_item; 00486 struct rsys_rc_get_list_t rc_get_list; 00487 struct rsys_rc_change_role_t rc_change_role; 00488 struct rsys_rc_get_eff_rights_n_t rc_get_eff_rights_n; 00489 struct rsys_rc_get_current_role_t rc_get_current_role; 00490 struct rsys_auth_add_p_cap_t auth_add_p_cap; 00491 struct rsys_auth_remove_p_cap_t auth_remove_p_cap; 00492 struct rsys_auth_add_f_cap_t auth_add_f_cap; 00493 struct rsys_auth_remove_f_cap_t auth_remove_f_cap; 00494 struct rsys_auth_get_f_caplist_t auth_get_f_caplist; 00495 struct rsys_auth_get_p_caplist_t auth_get_p_caplist; 00496 struct rsys_acl_t acl; 00497 struct rsys_acl_n_t acl_n; 00498 struct rsys_acl_get_rights_t acl_get_rights; 00499 struct rsys_acl_get_rights_n_t acl_get_rights_n; 00500 struct rsys_acl_get_tlist_t acl_get_tlist; 00501 struct rsys_acl_get_tlist_n_t acl_get_tlist_n; 00502 struct rsys_acl_get_mask_t acl_get_mask; 00503 struct rsys_acl_get_mask_n_t acl_get_mask_n; 00504 struct rsys_acl_group_t acl_group; 00505 struct rsys_reg_t reg; 00506 struct rsys_jail_t jail; 00507 struct rsys_init_t init; 00508 int dummy; 00509 }; 00510 00511 #ifndef __KERNEL__ 00512 00513 int rsbac_stats(void); 00514 00515 int rsbac_check(int correct, int check_inode); 00516 00517 int rsbac_write(void); 00518 00519 int rsbac_get_attr( 00520 enum rsbac_switch_target_t module, 00521 enum rsbac_target_t target, 00522 union rsbac_target_id_t * tid, 00523 enum rsbac_attribute_t attr, 00524 union rsbac_attribute_value_t * value, 00525 int inherit); 00526 00527 int rsbac_get_attr_n( 00528 enum rsbac_switch_target_t module, 00529 enum rsbac_target_t target, 00530 char * t_name, 00531 enum rsbac_attribute_t attr, 00532 union rsbac_attribute_value_t * value, 00533 int inherit); 00534 00535 int rsbac_set_attr( 00536 enum rsbac_switch_target_t module, 00537 enum rsbac_target_t target, 00538 union rsbac_target_id_t * tid, 00539 enum rsbac_attribute_t attr, 00540 union rsbac_attribute_value_t * value); 00541 00542 00543 int rsbac_set_attr_n( 00544 enum rsbac_switch_target_t module, 00545 enum rsbac_target_t target, 00546 char * t_name, 00547 enum rsbac_attribute_t attr, 00548 union rsbac_attribute_value_t * value); 00549 00550 int rsbac_remove_target( 00551 enum rsbac_target_t target, 00552 union rsbac_target_id_t * tid); 00553 00554 int rsbac_remove_target_n(enum rsbac_target_t target, 00555 char * t_name); 00556 00557 int rsbac_net_list_all_netdev(rsbac_netdev_id_t * id_p, u_long maxnum); 00558 00559 int rsbac_net_template(enum rsbac_net_temp_syscall_t call, 00560 rsbac_net_temp_id_t id, 00561 union rsbac_net_temp_syscall_data_t * data_p); 00562 00563 int rsbac_net_list_all_template(rsbac_net_temp_id_t * id_p, u_long maxnum); 00564 00565 int rsbac_switch(enum rsbac_switch_target_t target, int value); 00566 00567 /************** MAC ***************/ 00568 00569 int rsbac_mac_set_curr_level(rsbac_security_level_t level, 00570 rsbac_mac_category_vector_t * categories_p); 00571 00572 int rsbac_mac_get_curr_level(rsbac_security_level_t * level_p, 00573 rsbac_mac_category_vector_t * categories_p); 00574 00575 int rsbac_mac_get_max_level(rsbac_security_level_t * level_p, 00576 rsbac_mac_category_vector_t * categories_p); 00577 00578 int rsbac_mac_get_min_level(rsbac_security_level_t * level_p, 00579 rsbac_mac_category_vector_t * categories_p); 00580 00581 int rsbac_mac_add_p_tru(rsbac_pid_t pid, 00582 rsbac_uid_t uid, 00583 rsbac_time_t ttl); 00584 00585 int rsbac_mac_remove_p_tru(rsbac_pid_t pid, 00586 rsbac_uid_t uid); 00587 00588 int rsbac_mac_add_f_cap(char * filename, 00589 rsbac_uid_t uid, 00590 rsbac_time_t ttl); 00591 00592 int rsbac_mac_remove_f_tru(char * filename, 00593 rsbac_uid_t uid); 00594 00595 /* trulist must have space for maxnum rsbac_uid_t entries! */ 00596 int rsbac_mac_get_f_trulist(char * filename, 00597 rsbac_uid_t trulist[], 00598 rsbac_time_t ttllist[], 00599 u_int maxnum); 00600 00601 int rsbac_mac_get_p_trulist(rsbac_pid_t pid, 00602 rsbac_uid_t trulist[], 00603 rsbac_time_t ttllist[], 00604 u_int maxnum); 00605 00606 /************** PM ***************/ 00607 00608 int rsbac_stats_pm(void); 00609 00610 int rsbac_pm(enum rsbac_pm_function_type_t function, 00611 union rsbac_pm_function_param_t * param_p, 00612 rsbac_pm_tkt_id_t ticket); 00613 00614 int rsbac_pm_change_current_task(rsbac_pm_task_id_t task); 00615 00616 int rsbac_pm_create_file(const char * filename, 00617 int mode, 00618 rsbac_pm_object_class_id_t object_class); 00619 00620 /************** DAZ **************/ 00621 00622 int rsbac_daz_flush_cache(void); 00623 00624 /************** RC ***************/ 00625 00626 int rsbac_rc_copy_role (rsbac_rc_role_id_t from_role, 00627 rsbac_rc_role_id_t to_role); 00628 00629 int rsbac_rc_get_item (enum rsbac_rc_target_t target, 00630 union rsbac_rc_target_id_t * tid_p, 00631 union rsbac_rc_target_id_t * subtid_p, 00632 enum rsbac_rc_item_t item, 00633 union rsbac_rc_item_value_t * value_p, 00634 rsbac_time_t * ttl_p); 00635 00636 /* Setting values */ 00637 int rsbac_rc_set_item (enum rsbac_rc_target_t target, 00638 union rsbac_rc_target_id_t * tid_p, 00639 union rsbac_rc_target_id_t * subtid_p, 00640 enum rsbac_rc_item_t item, 00641 union rsbac_rc_item_value_t * value_p, 00642 rsbac_time_t ttl); 00643 00644 int rsbac_rc_get_list(enum rsbac_rc_target_t target, 00645 union rsbac_rc_target_id_t * tid_p, 00646 enum rsbac_rc_item_t item, 00647 u_int maxnum, 00648 __u32 * array_p, 00649 rsbac_time_t * ttl_array_p); 00650 00651 int rsbac_rc_change_role (rsbac_rc_role_id_t role); 00652 00653 int rsbac_rc_get_eff_rights_n(enum rsbac_target_t target, 00654 char * t_name, 00655 rsbac_rc_request_vector_t * request_vector_p, 00656 rsbac_time_t * ttl_p); 00657 00658 int rsbac_rc_get_current_role (rsbac_rc_role_id_t * role_p); 00659 00660 00661 /************** AUTH ***************/ 00662 00663 /* Provide means for adding and removing of capabilities */ 00664 int rsbac_auth_add_p_cap(rsbac_pid_t pid, 00665 enum rsbac_auth_cap_type_t cap_type, 00666 struct rsbac_auth_cap_range_t cap_range, 00667 rsbac_time_t ttl); 00668 00669 int rsbac_auth_remove_p_cap(rsbac_pid_t pid, 00670 enum rsbac_auth_cap_type_t cap_type, 00671 struct rsbac_auth_cap_range_t cap_range); 00672 00673 int rsbac_auth_add_f_cap(char * filename, 00674 enum rsbac_auth_cap_type_t cap_type, 00675 struct rsbac_auth_cap_range_t cap_range, 00676 rsbac_time_t ttl); 00677 00678 int rsbac_auth_remove_f_cap(char * filename, 00679 enum rsbac_auth_cap_type_t cap_type, 00680 struct rsbac_auth_cap_range_t cap_range); 00681 00682 /* caplist must have space for maxnum cap_range entries - first and last each! */ 00683 int rsbac_auth_get_f_caplist(char * filename, 00684 enum rsbac_auth_cap_type_t cap_type, 00685 struct rsbac_auth_cap_range_t caplist[], 00686 rsbac_time_t ttllist[], 00687 u_int maxnum); 00688 00689 int rsbac_auth_get_p_caplist(rsbac_pid_t pid, 00690 enum rsbac_auth_cap_type_t cap_type, 00691 struct rsbac_auth_cap_range_t caplist[], 00692 rsbac_time_t ttllist[], 00693 u_int maxnum); 00694 00695 /**********************************/ 00696 /************** REG ***************/ 00697 00698 int rsbac_reg(rsbac_reg_handle_t handle, 00699 void * arg); 00700 00701 00702 /**********************************/ 00703 /************** ACL ***************/ 00704 00705 int rsbac_acl(enum rsbac_acl_syscall_type_t call, 00706 struct rsbac_acl_syscall_arg_t * arg); 00707 00708 int rsbac_acl_n(enum rsbac_acl_syscall_type_t call, 00709 struct rsbac_acl_syscall_n_arg_t * arg); 00710 00711 int rsbac_acl_get_rights (struct rsbac_acl_syscall_arg_t * arg, 00712 rsbac_acl_rights_vector_t * rights_p, 00713 u_int effective); 00714 00715 00716 int rsbac_acl_get_rights_n(struct rsbac_acl_syscall_n_arg_t * arg, 00717 rsbac_acl_rights_vector_t * rights_p, 00718 u_int effective); 00719 00720 int rsbac_acl_get_tlist (enum rsbac_target_t target, 00721 union rsbac_target_id_t * tid, 00722 struct rsbac_acl_entry_t entry_array[], 00723 rsbac_time_t ttl_array[], 00724 u_int maxnum); 00725 00726 int rsbac_acl_get_tlist_n(enum rsbac_target_t target, 00727 char * t_name, 00728 struct rsbac_acl_entry_t entry_array[], 00729 rsbac_time_t ttl_array[], 00730 u_int maxnum); 00731 00732 int rsbac_acl_get_mask (enum rsbac_target_t target, 00733 union rsbac_target_id_t * tid, 00734 rsbac_acl_rights_vector_t * mask_p); 00735 00736 int rsbac_acl_get_mask_n(enum rsbac_target_t target, 00737 char * t_name, 00738 rsbac_acl_rights_vector_t * mask_p); 00739 00740 /******** ACL groups *********/ 00741 00742 int rsbac_acl_group(enum rsbac_acl_group_syscall_type_t call, 00743 union rsbac_acl_group_syscall_arg_t * arg_p); 00744 00745 00746 /**********************************/ 00747 /************** JAIL **************/ 00748 00749 int rsbac_jail(rsbac_version_t version, 00750 char * path, 00751 rsbac_jail_ip_t ip, 00752 rsbac_jail_flags_t flags, 00753 rsbac_cap_vector_t max_caps); 00754 00755 /************************************************* */ 00756 /* DEBUG/LOG functions */ 00757 /************************************************* */ 00758 00759 int rsbac_adf_log_switch(enum rsbac_adf_request_t request, 00760 enum rsbac_target_t target, 00761 u_int value); 00762 00763 int rsbac_get_adf_log(enum rsbac_adf_request_t request, 00764 enum rsbac_target_t target, 00765 u_int * value_p); 00766 00767 /* 00768 * Commands to rsbac_log: 00769 * 00770 * 0 -- Close the log. Currently a NOP. 00771 * 1 -- Open the log. Currently a NOP. 00772 * 2 -- Read from the log. 00773 * 3 -- Read up to the last 4k of messages in the ring buffer. 00774 * 4 -- Read and clear last 4k of messages in the ring buffer 00775 * 5 -- Clear ring buffer. 00776 */ 00777 int rsbac_log(int type, 00778 char * buf, 00779 int len); 00780 00781 int rsbac_init(char * root_dev); 00782 00783 #endif /* ifndef __KERNEL__ */ 00784 00785 #endif

Generated on Tue Aug 31 10:05:22 2004 for RSBAC by doxygen 1.3.8