/linux-2.6.21.1-rsbac-1.3.4/rsbac/help/debug.c

Go to the documentation of this file.
00001 /************************************ */
00002 /* Rule Set Based Access Control      */
00003 /*                                    */
00004 /* Author and (c) 1999-2007:          */
00005 /*   Amon Ott <ao@rsbac.org>          */
00006 /*                                    */
00007 /* Debug and logging functions for all parts */
00008 /*                                    */
00009 /* Last modified: 13/Feb/2007         */
00010 /************************************ */
00011  
00012 #include <asm/uaccess.h>
00013 #include <rsbac/types.h>
00014 #include <rsbac/aci.h>
00015 #include <rsbac/aci_data_structures.h>
00016 #include <rsbac/debug.h>
00017 #include <rsbac/error.h>
00018 #include <rsbac/proc_fs.h>
00019 #include <rsbac/getname.h>
00020 #include <rsbac/net_getname.h>
00021 #include <rsbac/adf.h>
00022 #include <rsbac/rkmem.h>
00023 #if defined(CONFIG_RSBAC_DAZ)
00024 #include <rsbac/daz.h>
00025 #endif
00026 #include <linux/smp_lock.h>
00027 #include <linux/init.h>
00028 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
00029 #include <linux/config.h>
00030 #endif
00031 #include <linux/module.h>
00032 #include <linux/console.h>
00033 #include <linux/net.h>
00034 #include <linux/in.h>
00035 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
00036 #include <linux/moduleparam.h>
00037 #include <linux/syscalls.h>
00038 #include <linux/kthread.h>
00039 #endif
00040 
00041 unsigned long int rsbac_flags;
00042 
00043 /* Boolean debug switch for NO_WRITE (global) */
00044 int  rsbac_debug_no_write = 0;
00045 
00046 static rsbac_boolean_t debug_initialized = FALSE;
00047 
00048 #ifdef CONFIG_RSBAC_FD_CACHE
00049 rsbac_time_t rsbac_fd_cache_ttl = CONFIG_RSBAC_FD_CACHE_TTL;
00050 u_int rsbac_fd_cache_disable = 0;
00051 #endif
00052 
00053 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0)
00054 rsbac_time_t rsbac_list_check_interval = CONFIG_RSBAC_LIST_CHECK_INTERVAL;
00055 #endif
00056 
00057 #ifdef CONFIG_RSBAC_DEBUG
00058 /* Boolean debug switch for data structures */
00059 int  rsbac_debug_ds = 0;
00060 
00061 /* Boolean debug switch for writing of data structures */
00062 int  rsbac_debug_write = 0;
00063 
00064 /* Boolean debug switch for AEF */
00065 EXPORT_SYMBOL(rsbac_debug_aef);
00066 int  rsbac_debug_aef = 0;
00067 
00068 /* Boolean debug switch for stack debugging */
00069 int  rsbac_debug_stack = 0;
00070 
00071 /* Boolean debug switch for generic lists */
00072 int  rsbac_debug_lists = 0;
00073 
00074 #ifdef CONFIG_RSBAC_NET
00075 int rsbac_debug_ds_net = 0;
00076 int rsbac_debug_adf_net = 0;
00077 int rsbac_debug_aef_net = 0;
00078 #endif
00079 
00080 #if defined(CONFIG_RSBAC_MAC)
00081 /* Boolean debug switch for MAC data structures */
00082 int  rsbac_debug_ds_mac = 0;
00083 /* Boolean debug switch for MAC syscalls / AEF */
00084 int  rsbac_debug_aef_mac = 0;
00085 /* Boolean debug switch for MAC decisions / ADF */
00086 int  rsbac_debug_adf_mac = 0;
00087 #endif
00088 
00089 #if defined(CONFIG_RSBAC_PM) || defined(CONFIG_RSBAC_PM_MAINT)
00090 /* Boolean debug switch for PM data structures */
00091 int  rsbac_debug_ds_pm = 0;
00092 /* Boolean debug switch for PM syscalls / AEF */
00093 int  rsbac_debug_aef_pm = 0;
00094 /* Boolean debug switch for PM decisions / ADF */
00095 int  rsbac_debug_adf_pm = 0;
00096 #endif
00097 
00098 #if defined(CONFIG_RSBAC_DAZ)
00099 /* Boolean debug switch for DAZ decisions / ADF */
00100 int  rsbac_debug_adf_daz = 0;
00101 #endif
00102 
00103 #if defined(CONFIG_RSBAC_RC) || defined(CONFIG_RSBAC_RC_MAINT)
00104 /* Boolean debug switch for RC data structures */
00105 int  rsbac_debug_ds_rc = 0;
00106 /* Boolean debug switch for RC syscalls / AEF */
00107 int  rsbac_debug_aef_rc = 0;
00108 /* Boolean debug switch for RC decisions / ADF */
00109 int  rsbac_debug_adf_rc = 0;
00110 #endif
00111 
00112 #if defined(CONFIG_RSBAC_AUTH) || defined(CONFIG_RSBAC_AUTH_MAINT)
00113 /* Boolean debug switch for AUTH data structures */
00114 int  rsbac_debug_ds_auth = 0;
00115 /* Boolean debug switch for AUTH syscalls / AEF */
00116 int  rsbac_debug_aef_auth = 0;
00117 /* Boolean debug switch for AUTH decisions / ADF */
00118 int  rsbac_debug_adf_auth = 0;
00119 #endif
00120 
00121 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
00122 /* Boolean debug switch for REG */
00123 int  rsbac_debug_reg = 0;
00124 #endif
00125 
00126 #if defined(CONFIG_RSBAC_ACL) || defined(CONFIG_RSBAC_ACL_MAINT)
00127 /* Boolean debug switch for ACL data structures */
00128 int  rsbac_debug_ds_acl = 0;
00129 /* Boolean debug switch for ACL syscalls / AEF */
00130 int  rsbac_debug_aef_acl = 0;
00131 /* Boolean debug switch for ACL decisions / ADF */
00132 int  rsbac_debug_adf_acl = 0;
00133 #endif
00134 
00135 #if defined(CONFIG_RSBAC_JAIL)
00136 /* Boolean debug switch for JAIL syscalls / AEF */
00137 int  rsbac_debug_aef_jail = 0;
00138 /* Boolean debug switch for JAIL decisions / ADF */
00139 int  rsbac_debug_adf_jail = 0;
00140 #endif
00141 
00142 #if defined(CONFIG_RSBAC_PAX)
00143 /* Boolean debug switch for PAX decisions / ADF */
00144 int  rsbac_debug_adf_pax = 0;
00145 #endif
00146 
00147 #if defined(CONFIG_RSBAC_UM)
00148 /* Boolean debug switch for UM data structures */
00149 int  rsbac_debug_ds_um = 0;
00150 /* Boolean debug switch for UM syscalls / AEF */
00151 int  rsbac_debug_aef_um = 0;
00152 /* Boolean debug switch for UM decisions / ADF */
00153 int  rsbac_debug_adf_um = 0;
00154 #endif
00155 
00156 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0)
00157   int  rsbac_debug_auto = 0;
00158 #endif
00159 
00160 #endif /* DEBUG */
00161 
00162 #if defined(CONFIG_RSBAC_UM_EXCL)
00163 int  rsbac_um_no_excl = 0;
00164 #endif
00165 
00166 #if defined(CONFIG_RSBAC_AUTH) || defined(CONFIG_RSBAC_AUTH_MAINT)
00167 /* Boolean switch for AUTH init: set may_setuid for /bin/login */
00168 int  rsbac_auth_enable_login = 0;
00169 #if defined(CONFIG_RSBAC_AUTH_LEARN)
00170 int  rsbac_auth_learn = 0;
00171 #endif
00172 #endif
00173 
00174 #if defined(CONFIG_RSBAC_ACL_LEARN)
00175 int  rsbac_acl_learn_fd = 0;
00176 #endif
00177 
00178 /* Suppress default list creation for complete restore */
00179 int  rsbac_no_defaults = 0;
00180 
00181 static rsbac_list_handle_t log_levels_handle = NULL;
00182 
00183 #ifdef CONFIG_RSBAC_SOFTMODE
00184 /* Boolean switch for RSBAC soft mode */
00185 int  rsbac_softmode = 0;
00186 int  rsbac_softmode_prohibit = 0;
00187 #ifdef CONFIG_RSBAC_SOFTMODE_IND
00188 int  rsbac_ind_softmode[SW_NONE] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0};
00189 #endif
00190 #endif
00191 
00192 #ifdef CONFIG_RSBAC_FREEZE
00193 int rsbac_freeze = 0;
00194 #endif
00195 
00196 #if defined(CONFIG_RSBAC_CAP_PROC_HIDE)
00197 int rsbac_cap_process_hiding = 0;
00198 #endif
00199 #ifdef CONFIG_RSBAC_CAP_LOG_MISSING
00200 int rsbac_cap_log_missing = 0;
00201 #endif
00202 #ifdef CONFIG_RSBAC_JAIL_LOG_MISSING
00203 int rsbac_jail_log_missing = 0;
00204 #endif
00205 
00206 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE_FULL
00207 /* Boolean switch for disabling Linux DAC */
00208 int  rsbac_dac_disable = 0;
00209 
00210 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
00211 EXPORT_SYMBOL(rsbac_dac_is_disabled);
00212 #endif
00213 int rsbac_dac_is_disabled(void)
00214   {
00215     return rsbac_dac_disable;
00216   }
00217 #endif
00218 
00219 static u_int log_seq = 0;
00220 
00221 /* Boolean switch for no syslog option*/
00222 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG
00223 int  rsbac_nosyslog = 0;
00224 #endif
00225 
00226 #ifdef CONFIG_RSBAC_SYSLOG_RATE
00227 static u_int rsbac_syslog_rate = CONFIG_RSBAC_SYSLOG_RATE_DEF;
00228 static u_int syslog_count = 0;
00229 #endif
00230 
00231 /* Boolean switch for delayed init option*/
00232 #ifdef CONFIG_RSBAC_INIT_DELAY
00233 int  rsbac_no_delay_init = 0;
00234 kdev_t rsbac_delayed_root = RSBAC_MKDEV(0,0);
00235 #endif
00236 
00237 /* Array of Boolean debug switches for ADF */
00238 int  rsbac_debug_adf_default = 1;
00239 rsbac_log_entry_t  rsbac_log_levels[R_NONE+1];
00240 
00241 rsbac_boolean_t rsbac_debug_adf_dirty = FALSE;
00242 
00243 /* variables for rsbac_logging */
00244 #if defined(CONFIG_RSBAC_RMSG)
00245 #include <linux/poll.h>
00246 #include <linux/smp.h>
00247 DECLARE_WAIT_QUEUE_HEAD(rlog_wait);
00248 struct rsbac_log_list_head_t log_list_head = {NULL, NULL, 0, 0};
00249 static u_int rsbac_rmsg_maxentries = CONFIG_RSBAC_RMSG_MAXENTRIES;
00250 #if defined(CONFIG_RSBAC_LOG_REMOTE)
00251 struct rsbac_log_list_head_t remote_log_list_head = {NULL, NULL, 0, 0};
00252 static DECLARE_WAIT_QUEUE_HEAD(rsbaclogd_wait);
00253 static u_int rsbac_log_remote_maxentries = CONFIG_RSBAC_LOG_REMOTE_MAXENTRIES;
00254 #ifndef CONFIG_RSBAC_LOG_REMOTE_SYNC
00255 static struct timer_list rsbac_log_remote_timer;
00256 u_int rsbac_log_remote_interval = CONFIG_RSBAC_LOG_INTERVAL;
00257 #endif
00258 rsbac_pid_t rsbaclogd_pid=0;
00259 #define REMOTE_SEND_BUF_LEN 1024
00260 static __u16 rsbac_log_remote_port = 0;
00261 static __u32 rsbac_log_remote_addr = 0;
00262 static char rsbac_log_remote_addr_string[RSBAC_MAXNAMELEN] = CONFIG_RSBAC_LOG_REMOTE_ADDR;
00263 #endif
00264 
00265 #endif /* RMSG */
00266 
00267 #ifdef CONFIG_RSBAC_SYSLOG_RATE
00268 static struct timer_list rsbac_syslog_rate_timer;
00269 #endif
00270 
00271 void  rsbac_adf_log_switch(rsbac_adf_request_int_t request,
00272                            enum rsbac_target_t target,
00273                            rsbac_enum_t value)
00274   {
00275     if(   (request < R_NONE)
00276        && (target <= T_NONE)
00277        && (value <= LL_full)
00278       )
00279       {
00280         rsbac_log_levels[request][target] = value;
00281         if(log_levels_handle)
00282           rsbac_list_add(log_levels_handle, &request, rsbac_log_levels[request]);
00283       }
00284   };
00285 
00286 int rsbac_get_adf_log(rsbac_adf_request_int_t request,
00287                       enum rsbac_target_t target,
00288                       u_int * value_p)
00289   {
00290     if(   (request < R_NONE)
00291        && (target <= T_NONE)
00292       )
00293       {
00294         *value_p = rsbac_log_levels[request][target];
00295         return 0;
00296       }
00297     else
00298       return -RSBAC_EINVALIDVALUE;
00299   }
00300 
00301 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
00302 inline rsbac_boolean_t rsbac_parse_koptions(char * line)
00303   {
00304     /* RSBAC: suppress defaults? */
00305     if (!strcmp(line,"rsbac_no_defaults"))
00306       {
00307         rsbac_no_defaults = 1;
00308         return(TRUE);
00309       }
00310     #if defined(CONFIG_RSBAC_UM_EXCL)
00311     if (!strcmp(line,"rsbac_um_no_excl"))
00312       {
00313         rsbac_um_no_excl = 1;
00314         return(TRUE);
00315       }
00316     #endif
00317     #if defined(CONFIG_RSBAC_DAZ_CACHE)
00318     /* RSBAC: DAZ - set cache ttl */
00319     if (!strncmp(line,"rsbac_daz_ttl=",14))
00320       {
00321         char * p = line+14;
00322 
00323         if(*p)
00324           {
00325             rsbac_daz_set_ttl(simple_strtoul(p, NULL, 0));
00326           }
00327         return(TRUE);
00328       }
00329     #endif
00330     #if defined(CONFIG_RSBAC_AUTH) || defined(CONFIG_RSBAC_AUTH_MAINT)
00331     /* RSBAC: AUTH - set auth_may_setuid for /bin/login? */
00332     if (!strcmp(line,"rsbac_auth_enable_login"))
00333       {
00334         rsbac_auth_enable_login = 1;
00335         return(TRUE);
00336       }
00337     #if defined(CONFIG_RSBAC_AUTH_LEARN)
00338     if (!strcmp(line,"rsbac_auth_learn"))
00339       {
00340         rsbac_auth_learn = 1;
00341         return(TRUE);
00342       }
00343     #endif
00344     #endif
00345     #if defined(CONFIG_RSBAC_ACL_LEARN)
00346     /* Learn for all target types */
00347     if (!strcmp(line,"rsbac_acl_learn"))
00348       {
00349         rsbac_acl_learn_fd = 1;
00350         return(TRUE);
00351       }
00352     if (!strcmp(line,"rsbac_acl_learn_fd"))
00353       {
00354         rsbac_acl_learn_fd = 1;
00355         return(TRUE);
00356       }
00357     #endif
00358     #if defined(CONFIG_RSBAC_SOFTMODE)
00359     /* RSBAC: softmode on? */
00360     if (!strcmp(line,"rsbac_softmode_once"))
00361       {
00362         rsbac_softmode = 1;
00363         rsbac_softmode_prohibit = 1;
00364         return(TRUE);
00365       }
00366     if (!strcmp(line,"rsbac_softmode_never"))
00367       {
00368         rsbac_softmode_prohibit = 1;
00369         return(TRUE);
00370       }
00371     if (!strcmp(line,"rsbac_softmode"))
00372       {
00373         rsbac_softmode = 1;
00374         return(TRUE);
00375       }
00376     #if defined(CONFIG_RSBAC_SOFTMODE_IND)
00377     /* RSBAC: softmode on for a module? */
00378     if (!strcmp(line,"rsbac_softmode_mac"))
00379       {
00380         rsbac_ind_softmode[SW_MAC] = 1;
00381         return(TRUE);
00382       }
00383     if (!strcmp(line,"rsbac_softmode_pm"))
00384       {
00385         rsbac_ind_softmode[SW_PM] = 1;
00386         return(TRUE);
00387       }
00388     if (!strcmp(line,"rsbac_softmode_daz"))
00389       {
00390         rsbac_ind_softmode[SW_DAZ] = 1;
00391         return(TRUE);
00392       }
00393     if (!strcmp(line,"rsbac_softmode_ff"))
00394       {
00395         rsbac_ind_softmode[SW_FF] = 1;
00396         return(TRUE);
00397       }
00398     if (!strcmp(line,"rsbac_softmode_rc"))
00399       {
00400         rsbac_ind_softmode[SW_RC] = 1;
00401         return(TRUE);
00402       }
00403     if (!strcmp(line,"rsbac_softmode_auth"))
00404       {
00405         rsbac_ind_softmode[SW_AUTH] = 1;
00406         return(TRUE);
00407       }
00408     if (!strcmp(line,"rsbac_softmode_reg"))
00409       {
00410         rsbac_ind_softmode[SW_REG] = 1;
00411         return(TRUE);
00412       }
00413     if (!strcmp(line,"rsbac_softmode_acl"))
00414       {
00415         rsbac_ind_softmode[SW_ACL] = 1;
00416         return(TRUE);
00417       }
00418     if (!strcmp(line,"rsbac_softmode_cap"))
00419       {
00420         rsbac_ind_softmode[SW_CAP] = 1;
00421         return(TRUE);
00422       }
00423     if (!strcmp(line,"rsbac_softmode_jail"))
00424       {
00425         rsbac_ind_softmode[SW_JAIL] = 1;
00426         return(TRUE);
00427       }
00428     if (!strcmp(line,"rsbac_softmode_res"))
00429       {
00430         rsbac_ind_softmode[SW_RES] = 1;
00431         return(TRUE);
00432       }
00433     #endif
00434     #endif
00435     #if defined(CONFIG_RSBAC_CAP_PROC_HIDE)
00436     /* RSBAC: hide processes? */
00437     if (!strcmp(line,"rsbac_cap_process_hiding"))
00438       {
00439         rsbac_cap_process_hiding = 1;
00440         return(TRUE);
00441       }
00442     #endif
00443     #ifdef CONFIG_RSBAC_CAP_LOG_MISSING
00444     /* RSBAC: log missing caps? */
00445     if (!strcmp(line,"rsbac_cap_log_missing"))
00446       {
00447         rsbac_cap_log_missing = 1;
00448         return(TRUE);
00449       }
00450     #endif
00451     #ifdef CONFIG_RSBAC_JAIL_LOG_MISSING
00452     /* RSBAC: log missing jail caps? */
00453     if (!strcmp(line,"rsbac_jail_log_missing"))
00454       {
00455         rsbac_jail_log_missing = 1;
00456         return(TRUE);
00457       }
00458     #endif
00459     #if defined(CONFIG_RSBAC_FREEZE)
00460     /* RSBAC: freeze config? */
00461     if (!strcmp(line,"rsbac_freeze"))
00462       {
00463         rsbac_freeze = 1;
00464         return(TRUE);
00465       }
00466     #endif
00467     #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE_FULL
00468     /* RSBAC: disable Linux DAC? */
00469     if (!strcmp(line,"rsbac_dac_disable"))
00470       {
00471         rsbac_dac_disable = 1;
00472         return(TRUE);
00473       }
00474     #endif
00475     #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG
00476     if (   !strcmp(line,"rsbac_nosyslog")
00477         || !strcmp(line,"rsbac_no_syslog")
00478        )
00479       {
00480         rsbac_nosyslog = 1;
00481         return(TRUE);
00482       }
00483     #endif
00484     #if defined(CONFIG_RSBAC_RMSG)
00485     /* Set logging item storage limit */
00486     if (   !strncmp(line,"rsbac_rmsg_maxentries=",22)
00487        )
00488       {
00489         char * p = line+22;
00490 
00491         if(*p)
00492           {
00493             rsbac_rmsg_maxentries = simple_strtoul(p, NULL, 0);
00494           }
00495         return(TRUE);
00496       }
00497     #endif
00498     #if defined(CONFIG_RSBAC_LOG_REMOTE)
00499     /* Set remote address */
00500     if (   !strncmp(line,"rsbac_log_remote_addr=",22)
00501        )
00502       {
00503         char * p = line+22;
00504 
00505         if(*p)
00506           {
00507             strncpy(rsbac_log_remote_addr_string, p, RSBAC_MAXNAMELEN - 1);
00508             rsbac_log_remote_addr_string[RSBAC_MAXNAMELEN -1] = 0;
00509           }
00510         return(TRUE);
00511       }
00512     /* Set remote port */
00513     if (   !strncmp(line,"rsbac_log_remote_port=",22)
00514        )
00515       {
00516         char * p = line+22;
00517 
00518         if(*p)
00519           {
00520             rsbac_log_remote_port = htons(simple_strtoul(p, NULL, 0));
00521           }
00522         return(TRUE);
00523       }
00524     /* Set remote logging item storage limit */
00525     if (   !strncmp(line,"rsbac_log_remote_maxentries=",28)
00526        )
00527       {
00528         char * p = line+28;
00529 
00530         if(*p)
00531           {
00532             rsbac_log_remote_maxentries = simple_strtoul(p, NULL, 0);
00533           }
00534         return(TRUE);
00535       }
00536     #endif
00537     #ifdef CONFIG_RSBAC_INIT_DELAY
00538     if (   !strcmp(line,"rsbac_delay_init")
00539        )
00540       {
00541         rsbac_no_delay_init = 0;
00542         return(TRUE);
00543       }
00544     if (   !strcmp(line,"rsbac_no_delay_init")
00545         || !strcmp(line,"rsbac_no_init_delay")
00546        )
00547       {
00548         rsbac_no_delay_init = 1;
00549         return(TRUE);
00550       }
00551     if (   !strncmp(line,"rsbac_delayed_root=",19)
00552        )
00553       {
00554         char * p = line+19;
00555         u_int major = 0;
00556         u_int minor = 0;
00557 
00558         if(*p)
00559           {
00560             major = simple_strtoul(p, NULL, 0);
00561             while((*p != ':') && (*p != '\0'))
00562               p++;
00563             if(*p)
00564               {
00565                 p++;
00566                 minor = simple_strtoul(p, NULL, 0);
00567               }
00568             rsbac_delayed_root = RSBAC_MKDEV(major,minor);
00569           }
00570         return(TRUE);
00571       }
00572     #endif
00573 #ifdef CONFIG_RSBAC_SYSLOG_RATE
00574     /* Set syslog rate limit */
00575     if (   !strncmp(line,"rsbac_syslog_rate=",18)
00576        )
00577       {
00578         char * p = line+18;
00579 
00580         if(*p)
00581           {
00582             rsbac_syslog_rate = simple_strtoul(p, NULL, 0);
00583           }
00584         return(TRUE);
00585       }
00586 #endif
00587 #ifdef CONFIG_RSBAC_FD_CACHE
00588     /* Set fd cache ttl */
00589     if (   !strncmp(line,"rsbac_fd_cache_ttl=",19)
00590        )
00591       {
00592         char * p = line+19;
00593 
00594         if(*p)
00595           {
00596             rsbac_fd_cache_ttl = simple_strtoul(p, NULL, 0);
00597           }
00598         return(TRUE);
00599       }
00600     /* disable fd cache */
00601     if (   !strncmp(line,"rsbac_fd_cache_disable",22)
00602        )
00603       {
00604         rsbac_fd_cache_disable = 1;
00605         return(TRUE);
00606       }
00607 #endif
00608 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0)
00609     /* Set rsbac_list_check_interval */
00610     if (   !strncmp(line,"rsbac_list_check_interval=",26)
00611        )
00612       {
00613         char * p = line+26;
00614 
00615         if(*p)
00616           {
00617             rsbac_list_check_interval = simple_strtoul(p, NULL, 0);
00618           }
00619         return(TRUE);
00620       }
00621 #endif
00622 
00623 #ifdef CONFIG_RSBAC_DEBUG
00624     #ifdef CONFIG_RSBAC_NET
00625     /* RSBAC: debug for all of net? */
00626     if (!strcmp(line,"rsbac_debug_net"))
00627       {
00628         rsbac_debug_ds_net = 1;
00629         rsbac_debug_aef_net = 1;
00630         rsbac_debug_adf_net = 1;
00631         return(TRUE);
00632       }
00633     /* RSBAC: debug for net data structures? */
00634     if (!strcmp(line,"rsbac_debug_ds_net"))
00635       {
00636         rsbac_debug_ds_net = 1;
00637         return(TRUE);
00638       }
00639     /* RSBAC: debug for net syscalls/AEF? */
00640     if (!strcmp(line,"rsbac_debug_aef_net"))
00641       {
00642         rsbac_debug_aef_net = 1;
00643         return(TRUE);
00644       }
00645     /* RSBAC: debug for net decisions/ADF? */
00646     if (!strcmp(line,"rsbac_debug_adf_net"))
00647       {
00648         rsbac_debug_adf_net = 1;
00649         return(TRUE);
00650       }
00651     #endif
00652 
00653     #if defined(CONFIG_RSBAC_MAC)
00654     /* RSBAC: debug for all of mac? */
00655     if (!strcmp(line,"rsbac_debug_mac"))
00656       {
00657         rsbac_debug_ds_mac = 1;
00658         rsbac_debug_aef_mac = 1;
00659         rsbac_debug_adf_mac = 1;
00660         return(TRUE);
00661       }
00662     /* RSBAC: debug for mac data structures? */
00663     if (!strcmp(line,"rsbac_debug_ds_mac"))
00664       {
00665         rsbac_debug_ds_mac = 1;
00666         return(TRUE);
00667       }
00668     /* RSBAC: debug for MAC-syscalls/AEF? */
00669     if (!strcmp(line,"rsbac_debug_aef_mac"))
00670       {
00671         rsbac_debug_aef_mac = 1;
00672         return(TRUE);
00673       }
00674     /* RSBAC: debug for MAC-decisions/ADF? */
00675     if (!strcmp(line,"rsbac_debug_adf_mac"))
00676       {
00677         rsbac_debug_adf_mac = 1;
00678         return(TRUE);
00679       }
00680     #endif
00681     #if defined(CONFIG_RSBAC_PM) || defined(CONFIG_RSBAC_PM_MAINT)
00682     /* RSBAC: debug for all of pm? */
00683     if (!strcmp(line,"rsbac_debug_pm"))
00684       {
00685         rsbac_debug_ds_pm = 1;
00686         rsbac_debug_aef_pm = 1;
00687         rsbac_debug_adf_pm = 1;
00688         return(TRUE);
00689       }
00690     /* RSBAC: debug for pm data structures? */
00691     if (!strcmp(line,"rsbac_debug_ds_pm"))
00692       {
00693         rsbac_debug_ds_pm = 1;
00694         return(TRUE);
00695       }
00696     /* RSBAC: debug for PM-syscalls/AEF? */
00697     if (!strcmp(line,"rsbac_debug_aef_pm"))
00698       {
00699         rsbac_debug_aef_pm = 1;
00700         return(TRUE);
00701       }
00702     /* RSBAC: debug for PM-decisions/ADF? */
00703     if (!strcmp(line,"rsbac_debug_adf_pm"))
00704       {
00705         rsbac_debug_adf_pm = 1;
00706         return(TRUE);
00707       }
00708     #endif
00709     #if defined(CONFIG_RSBAC_DAZ)
00710     /* RSBAC: debug for DAZ decisions/ADF? */
00711     if (   !strcmp(line,"rsbac_debug_adf_daz")
00712         || !strcmp(line,"rsbac_debug_daz")
00713        )
00714       {
00715         rsbac_debug_adf_daz = 1;
00716         return(TRUE);
00717       }
00718     #endif
00719     #if defined(CONFIG_RSBAC_RC) || defined(CONFIG_RSBAC_RC_MAINT)
00720     /* RSBAC: debug for all of rc? */
00721     if (!strcmp(line,"rsbac_debug_rc"))
00722       {
00723         rsbac_debug_ds_rc = 1;
00724         rsbac_debug_aef_rc = 1;
00725         rsbac_debug_adf_rc = 1;
00726         return(TRUE);
00727       }
00728     /* RSBAC: debug for rc data structures? */
00729     if (!strcmp(line,"rsbac_debug_ds_rc"))
00730       {
00731         rsbac_debug_ds_rc = 1;
00732         return(TRUE);
00733       }
00734     /* RSBAC: debug for RC-syscalls/AEF? */
00735     if (!strcmp(line,"rsbac_debug_aef_rc"))
00736       {
00737         rsbac_debug_aef_rc = 1;
00738         return(TRUE);
00739       }
00740     /* RSBAC: debug for RC-decisions/ADF? */
00741     if (!strcmp(line,"rsbac_debug_adf_rc"))
00742       {
00743         rsbac_debug_adf_rc = 1;
00744         return(TRUE);
00745       }
00746     #endif
00747     #if defined(CONFIG_RSBAC_AUTH) || defined(CONFIG_RSBAC_AUTH_MAINT)
00748     /* RSBAC: debug for all of auth? */
00749     if (!strcmp(line,"rsbac_debug_auth"))
00750       {
00751         rsbac_debug_ds_auth = 1;
00752         rsbac_debug_aef_auth = 1;
00753         rsbac_debug_adf_auth = 1;
00754         return(TRUE);
00755       }
00756     /* RSBAC: debug for auth data structures? */
00757     if (!strcmp(line,"rsbac_debug_ds_auth"))
00758       {
00759         rsbac_debug_ds_auth = 1;
00760         return(TRUE);
00761       }
00762     /* RSBAC: debug for AUTH-syscalls/AEF? */
00763     if (!strcmp(line,"rsbac_debug_aef_auth"))
00764       {
00765         rsbac_debug_aef_auth = 1;
00766         return(TRUE);
00767       }
00768     /* RSBAC: debug for AUTH-decisions/ADF? */
00769     if (!strcmp(line,"rsbac_debug_adf_auth"))
00770       {
00771         rsbac_debug_adf_auth = 1;
00772         return(TRUE);
00773       }
00774     #endif
00775     #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
00776     /* RSBAC: debug for all of reg? */
00777     if (!strcmp(line,"rsbac_debug_reg"))
00778       {
00779         rsbac_debug_reg = 1;
00780         return(TRUE);
00781       }
00782     #endif
00783     #if defined(CONFIG_RSBAC_ACL) || defined(CONFIG_RSBAC_ACL_MAINT)
00784     /* RSBAC: debug for all of acl? */
00785     if (!strcmp(line,"rsbac_debug_acl"))
00786       {
00787         rsbac_debug_ds_acl = 1;
00788         rsbac_debug_aef_acl = 1;
00789         rsbac_debug_adf_acl = 1;
00790         return(TRUE);
00791       }
00792     /* RSBAC: debug for ACL data structures? */
00793     if (!strcmp(line,"rsbac_debug_ds_acl"))
00794       {
00795         rsbac_debug_ds_acl = 1;
00796         return(TRUE);
00797       }
00798     /* RSBAC: debug for ACL-syscalls/AEF? */
00799     if (!strcmp(line,"rsbac_debug_aef_acl"))
00800       {
00801         rsbac_debug_aef_acl = 1;
00802         return(TRUE);
00803       }
00804     /* RSBAC: debug for ACL-decisions/ADF? */
00805     if (!strcmp(line,"rsbac_debug_adf_acl"))
00806       {
00807         rsbac_debug_adf_acl = 1;
00808         return(TRUE);
00809       }
00810     #endif
00811     #if defined(CONFIG_RSBAC_JAIL)
00812     /* RSBAC: debug for all of jail? */
00813     if (!strcmp(line,"rsbac_debug_jail"))
00814       {
00815         rsbac_debug_aef_jail = 1;
00816         rsbac_debug_adf_jail = 1;
00817         return(TRUE);
00818       }
00819     /* RSBAC: debug for JAIL-syscalls/AEF? */
00820     if (!strcmp(line,"rsbac_debug_aef_jail"))
00821       {
00822         rsbac_debug_aef_jail = 1;
00823         return(TRUE);
00824       }
00825     /* RSBAC: debug for JAIL-decisions/ADF? */
00826     if (!strcmp(line,"rsbac_debug_adf_jail"))
00827       {
00828         rsbac_debug_adf_jail = 1;
00829         return(TRUE);
00830       }
00831     #endif
00832     #if defined(CONFIG_RSBAC_PAX)
00833     /* RSBAC: debug for all of pax? */
00834     if (!strcmp(line,"rsbac_debug_pax"))
00835       {
00836         rsbac_debug_adf_pax = 1;
00837         return(TRUE);
00838       }
00839     /* RSBAC: debug for PAX-decisions/ADF? */
00840     if (!strcmp(line,"rsbac_debug_adf_pax"))
00841       {
00842         rsbac_debug_adf_pax = 1;
00843         return(TRUE);
00844       }
00845     #endif
00846     #if defined(CONFIG_RSBAC_UM)
00847     /* RSBAC: debug for all of um? */
00848     if (!strcmp(line,"rsbac_debug_um"))
00849       {
00850         rsbac_debug_ds_um = 1;
00851         rsbac_debug_aef_um = 1;
00852         rsbac_debug_adf_um = 1;
00853         return(TRUE);
00854       }
00855     /* RSBAC: debug for um data structures? */
00856     if (!strcmp(line,"rsbac_debug_ds_um"))
00857       {
00858         rsbac_debug_ds_um = 1;
00859         return(TRUE);
00860       }
00861     /* RSBAC: debug for UM-syscalls/AEF? */
00862     if (!strcmp(line,"rsbac_debug_aef_um"))
00863       {
00864         rsbac_debug_aef_um = 1;
00865         return(TRUE);
00866       }
00867     /* RSBAC: debug for UM-decisions/ADF? */
00868     if (!strcmp(line,"rsbac_debug_adf_um"))
00869       {
00870         rsbac_debug_adf_um = 1;
00871         return(TRUE);
00872       }
00873     #endif
00874     #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0)
00875     /* RSBAC: debug for auto-write? */
00876     if (!strcmp(line,"rsbac_debug_auto"))
00877       {
00878         rsbac_debug_auto = 1;
00879         return(TRUE);
00880       }
00881     #endif
00882     /* RSBAC: debug for all? */
00883     if (!strcmp(line,"rsbac_debug_all"))
00884       {
00885         rsbac_debug_ds = 1;
00886         rsbac_debug_write = 1;
00887         rsbac_debug_aef = 1;
00888         rsbac_debug_adf_default = 2;
00889         #if defined(CONFIG_RSBAC_MAC)
00890         rsbac_debug_ds_mac = 1;
00891         rsbac_debug_aef_mac = 1;
00892         rsbac_debug_adf_mac = 1;
00893         #endif
00894         #if defined(CONFIG_RSBAC_PM)
00895         rsbac_debug_ds_pm = 1;
00896         rsbac_debug_aef_pm = 1;
00897         rsbac_debug_adf_pm = 1;
00898         #endif
00899         #if defined(CONFIG_RSBAC_DAZ)
00900         rsbac_debug_adf_daz = 1;
00901         #endif
00902         #if defined(CONFIG_RSBAC_RC)
00903         rsbac_debug_ds_rc = 1;
00904         rsbac_debug_aef_rc = 1;
00905         rsbac_debug_adf_rc = 1;
00906         #endif
00907         #if defined(CONFIG_RSBAC_AUTH)
00908         rsbac_debug_ds_auth = 1;
00909         rsbac_debug_aef_auth = 1;
00910         rsbac_debug_adf_auth = 1;
00911         #endif
00912         #if defined(CONFIG_RSBAC_ACL)
00913         rsbac_debug_ds_acl = 1;
00914         rsbac_debug_aef_acl = 1;
00915         rsbac_debug_adf_acl = 1;
00916         #endif
00917         #if defined(CONFIG_RSBAC_JAIL)
00918         rsbac_debug_aef_jail = 1;
00919         rsbac_debug_adf_jail = 1;
00920         #endif
00921         #if defined(CONFIG_RSBAC_PAX)
00922         rsbac_debug_adf_pax = 1;
00923         #endif
00924         #if defined(CONFIG_RSBAC_UM)
00925         rsbac_debug_ds_um = 1;
00926         rsbac_debug_aef_um = 1;
00927         rsbac_debug_adf_um = 1;
00928         #endif
00929         #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0)
00930         rsbac_debug_auto = 1;
00931         #endif
00932 
00933         return(TRUE);
00934       }
00935     /* RSBAC: debug_lists */
00936     if (!strcmp(line,"rsbac_debug_lists"))
00937       {
00938         rsbac_debug_lists = 1;
00939         return(TRUE);
00940       }
00941     /* RSBAC: debug_stack */
00942     if (!strcmp(line,"rsbac_debug_stack"))
00943       {
00944         rsbac_debug_stack = 1;
00945         return(TRUE);
00946       }
00947     /* RSBAC: debug for data structures? */
00948     if (!strcmp(line,"rsbac_debug_ds"))
00949       {
00950         rsbac_debug_ds = 1;
00951         return(TRUE);
00952       }
00953     /* RSBAC: debug for writing of data structures? */
00954     if (!strcmp(line,"rsbac_debug_write"))
00955       {
00956         rsbac_debug_write = 1;
00957         return(TRUE);
00958       }
00959     /* RSBAC: debug for AEF? */
00960     if (!strcmp(line,"rsbac_debug_aef"))
00961       {
00962         rsbac_debug_aef = 1;
00963         return(TRUE);
00964       }
00965     /* RSBAC: debug_no_write for ds */
00966     if (!strcmp(line,"rsbac_debug_no_write"))
00967       {
00968         rsbac_debug_no_write = 1;
00969         return(TRUE);
00970       }
00971     /* RSBAC: debug default 0 for ADF */
00972     if (!strcmp(line,"rsbac_debug_no_adf"))
00973       {
00974         rsbac_debug_adf_default = 0;
00975         return(TRUE);
00976       }
00977     /* RSBAC: debug default 1 for ADF, log denied requests? (default value) */
00978     if (!strcmp(line,"rsbac_debug_adf"))
00979       {
00980         rsbac_debug_adf_default = 1;
00981         return(TRUE);
00982       }
00983     /* RSBAC: debug: log all for ADF, even GRANTED and DO_NOT_CARE? */
00984     if (!strcmp(line,"rsbac_debug_adf_all"))
00985       {
00986         rsbac_debug_adf_default = 2;
00987         return(TRUE);
00988       }
00989 #endif /* DEBUG */
00990 
00991     /* nothing matched */
00992     return(FALSE);
00993   }
00994 
00995 #else /* KERNEL_VERSION >= 2.6.0 */
00996 
00997 static int R_INIT rsbac_flags_setup(char * line)
00998 {
00999         rsbac_flags = simple_strtoul(line, NULL, 0);
01000         rsbac_flags_set(rsbac_flags);
01001         return 1;
01002 }
01003 __setup("rsbac_flags=", rsbac_flags_setup);
01004 
01005 //  module_param(rsbac_no_defaults, bool, S_IRUGO);
01006   static int R_INIT no_defaults_setup(char *line)
01007     {
01008       rsbac_no_defaults = 1;
01009       return 1;
01010     }
01011 __setup("rsbac_no_defaults", no_defaults_setup);
01012 
01013   #if defined(CONFIG_RSBAC_UM_EXCL)
01014   static int R_INIT um_no_excl_setup(char *line)
01015     {
01016       rsbac_um_no_excl = 1;
01017       return 1;
01018     }
01019   __setup("rsbac_um_no_excl", um_no_excl_setup);
01020   #endif
01021   #if defined(CONFIG_RSBAC_DAZ_CACHE)
01022   /* RSBAC: DAZ - set cache ttl */
01023 //    module_param(rsbac_daz_ttl,
01024 //                 int,
01025 //                 S_IRUGO);
01026   static int R_INIT daz_ttl_setup(char *line)
01027     {
01028       rsbac_daz_set_ttl(simple_strtoul(line, NULL, 0));
01029       return 1;
01030     }
01031   __setup("rsbac_daz_ttl=", daz_ttl_setup);
01032   #endif
01033   #if defined(CONFIG_RSBAC_AUTH) || defined(CONFIG_RSBAC_AUTH_MAINT)
01034   /* RSBAC: AUTH - set auth_may_setuid for /bin/login? */
01035 //    module_param(rsbac_auth_enable_login, int, S_IRUGO);
01036   static int R_INIT auth_enable_login_setup(char *line)
01037     {
01038       rsbac_auth_enable_login = 1;
01039       return 1;
01040     }
01041   __setup("rsbac_auth_enable_login", auth_enable_login_setup);
01042     #if defined(CONFIG_RSBAC_AUTH_LEARN)
01043   static int R_INIT auth_learn_setup(char *line)
01044     {
01045       rsbac_auth_learn = 1;
01046       return 1;
01047     }
01048   __setup("rsbac_auth_learn", auth_learn_setup);
01049     #endif
01050   #endif
01051   #if defined(CONFIG_RSBAC_ACL_LEARN)
01052   /* learn all target types */
01053   static int R_INIT acl_learn_setup(char *line)
01054     {
01055       rsbac_acl_learn_fd = 1;
01056       return 1;
01057     }
01058   __setup("rsbac_acl_learn", acl_learn_setup);
01059   static int R_INIT acl_learn_fd_setup(char *line)
01060     {
01061       rsbac_acl_learn_fd = 1;
01062       return 1;
01063     }
01064   __setup("rsbac_acl_learn_fd", acl_learn_fd_setup);
01065   #endif
01066 
01067   #if defined(CONFIG_RSBAC_SOFTMODE)
01068   /* RSBAC: softmode on? */
01069 //    module_param(rsbac_softmode_once, bool, S_IRUGO);
01070   static int R_INIT softmode_once_setup(char *line)
01071     {
01072       rsbac_softmode = 1;
01073       rsbac_softmode_prohibit = 1;
01074       return 1;
01075     }
01076   __setup("rsbac_softmode_once", softmode_once_setup);
01077 //    module_param(rsbac_softmode_never, bool, S_IRUGO);
01078   static int R_INIT softmode_never_setup(char *line)
01079     {
01080       rsbac_softmode_prohibit = 1;
01081       return 1;
01082     }
01083   __setup("rsbac_softmode_never", softmode_never_setup);
01084 //    module_param(rsbac_softmode, bool, S_IRUGO);
01085   static int R_INIT softmode_setup(char *line)
01086     {
01087       rsbac_softmode = 1;
01088       return 1;
01089     }
01090   __setup("rsbac_softmode", softmode_setup);
01091 
01092     #if defined(CONFIG_RSBAC_SOFTMODE_IND)
01093     /* RSBAC: softmode on for a module? */
01094 //    module_param_named(rsbac_softmode_mac, rsbac_ind_softmode[MAC], bool, S_IRUGO);
01095   static int R_INIT softmode_mac_setup(char *line)
01096     {
01097       rsbac_ind_softmode[SW_MAC] = 1;
01098       return 1;
01099     }
01100   __setup("rsbac_softmode_mac", softmode_mac_setup);
01101 //    module_param_named(rsbac_softmode_pm, rsbac_ind_softmode[SW_PM], bool, S_IRUGO);
01102   static int R_INIT softmode_pm_setup(char *line)
01103     {
01104       rsbac_ind_softmode[SW_PM] = 1;
01105       return 1;
01106     }
01107   __setup("rsbac_softmode_pm", softmode_pm_setup);
01108 //    module_param_named(rsbac_softmode_daz, rsbac_ind_softmode[SW_DAZ], bool, S_IRUGO);
01109   static int R_INIT softmode_daz_setup(char *line)
01110     {
01111       rsbac_ind_softmode[SW_DAZ] = 1;
01112       return 1;
01113     }
01114   __setup("rsbac_softmode_daz", softmode_daz_setup);
01115 //    module_param_named(rsbac_softmode_ff, rsbac_ind_softmode[SW_FF], bool, S_IRUGO);
01116   static int R_INIT softmode_ff_setup(char *line)
01117     {
01118       rsbac_ind_softmode[SW_FF] = 1;
01119       return 1;
01120     }
01121   __setup("rsbac_softmode_ff", softmode_ff_setup);
01122 //    module_param_named(rsbac_softmode_rc, rsbac_ind_softmode[SW_RC], bool, S_IRUGO);
01123   static int R_INIT softmode_rc_setup(char *line)
01124     {
01125       rsbac_ind_softmode[SW_RC] = 1;
01126       return 1;
01127     }
01128   __setup("rsbac_softmode_rc", softmode_rc_setup);
01129 //    module_param_named(rsbac_softmode_auth, rsbac_ind_softmode[SW_AUTH], bool, S_IRUGO);
01130   static int R_INIT softmode_auth_setup(char *line)
01131     {
01132       rsbac_ind_softmode[SW_AUTH] = 1;
01133       return 1;
01134     }
01135   __setup("rsbac_softmode_auth", softmode_auth_setup);
01136 //    module_param_named(rsbac_softmode_reg, rsbac_ind_softmode[SW_REG], bool, S_IRUGO);
01137   static int R_INIT softmode_reg_setup(char *line)
01138     {
01139       rsbac_ind_softmode[SW_REG] = 1;
01140       return 1;
01141     }
01142   __setup("rsbac_softmode_reg", softmode_reg_setup);
01143 //    module_param_named(rsbac_softmode_acl, rsbac_ind_softmode[SW_ACL], bool, S_IRUGO);
01144   static int R_INIT softmode_acl_setup(char *line)
01145     {
01146       rsbac_ind_softmode[SW_ACL] = 1;
01147       return 1;
01148     }
01149   __setup("rsbac_softmode_acl", softmode_acl_setup);
01150 //    module_param_named(rsbac_softmode_cap, rsbac_ind_softmode[SW_CAP], bool, S_IRUGO);
01151   static int R_INIT softmode_cap_setup(char *line)
01152     {
01153       rsbac_ind_softmode[SW_CAP] = 1;
01154       return 1;
01155     }
01156   __setup("rsbac_softmode_cap", softmode_cap_setup);
01157 //    module_param_named(rsbac_softmode_jail, rsbac_ind_softmode[SW_JAIL], bool, S_IRUGO);
01158   static int R_INIT softmode_jail_setup(char *line)
01159     {
01160       rsbac_ind_softmode[SW_JAIL] = 1;
01161       return 1;
01162     }
01163   __setup("rsbac_softmode_jail", softmode_jail_setup);
01164 //    module_param_named(rsbac_softmode_res, rsbac_ind_softmode[SW_RES], bool, S_IRUGO);
01165   static int R_INIT softmode_res_setup(char *line)
01166     {
01167       rsbac_ind_softmode[SW_RES] = 1;
01168       return 1;
01169     }
01170   __setup("rsbac_softmode_res", softmode_res_setup);
01171     #endif
01172     #endif
01173 
01174     #if defined(CONFIG_RSBAC_CAP_PROC_HIDE)
01175     /* RSBAC: hide processes? */
01176 //    module_param(rsbac_cap_process_hiding, bool, S_IRUGO);
01177   static int R_INIT cap_process_hiding_setup(char *line)
01178     {
01179       rsbac_cap_process_hiding = 1;
01180       return 1;
01181     }
01182   __setup("rsbac_cap_process_hiding", cap_process_hiding_setup);
01183     #endif
01184     #ifdef CONFIG_RSBAC_CAP_LOG_MISSING
01185     /* RSBAC: log missing caps? */
01186 //    module_param(rsbac_cap_log_missing, bool, S_IRUGO);
01187   static int R_INIT cap_log_missing_setup(char *line)
01188     {
01189       rsbac_cap_log_missing = 1;
01190       return 1;
01191     }
01192   __setup("rsbac_cap_log_missing", cap_log_missing_setup);
01193     #endif
01194     #ifdef CONFIG_RSBAC_JAIL_LOG_MISSING
01195     /* RSBAC: log missing jail caps? */
01196 //    module_param(rsbac_jail_log_missing, bool, S_IRUGO);
01197   static int R_INIT jail_log_missing_setup(char *line)
01198     {
01199       rsbac_jail_log_missing = 1;
01200       return 1;
01201     }
01202   __setup("rsbac_jail_log_missing", jail_log_missing_setup);
01203     #endif
01204     #if defined(CONFIG_RSBAC_FREEZE)
01205     /* RSBAC: freeze config? */
01206 //    module_param(rsbac_freeze, bool, S_IRUGO);
01207   static int R_INIT freeze_setup(char *line)
01208     {
01209       rsbac_freeze = 1;
01210       return 1;
01211     }
01212   __setup("rsbac_freeze", freeze_setup);
01213     #endif
01214     #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE_FULL
01215     /* RSBAC: disable Linux DAC? */
01216 //    module_param(rsbac_dac_disable, bool, S_IRUGO);
01217   static int R_INIT dac_disable_setup(char *line)
01218     {
01219       rsbac_dac_disable = 1;
01220       return 1;
01221     }
01222   __setup("rsbac_dac_disable", dac_disable_setup);
01223     #endif
01224     #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG
01225 //    module_param(rsbac_nosyslog, bool, S_IRUGO);
01226   static int R_INIT nosyslog_setup(char *line)
01227     {
01228       rsbac_nosyslog = 1;
01229       return 1;
01230     }
01231   __setup("rsbac_nosyslog", nosyslog_setup);
01232 //    module_param_named(rsbac_no_syslog, rsbac_nosyslog, bool, S_IRUGO);
01233   static int R_INIT no_syslog_setup(char *line)
01234     {
01235       rsbac_nosyslog = 1;
01236       return 1;
01237     }
01238   __setup("rsbac_no_syslog", no_syslog_setup);
01239     #endif
01240     #if defined(CONFIG_RSBAC_RMSG)
01241   static int R_INIT rmsg_maxentries_setup(char *line)
01242     {
01243       rsbac_rmsg_maxentries = simple_strtoul(line, NULL, 0);
01244       return 1;
01245     }
01246   __setup("rsbac_rmsg_maxentries=", rmsg_maxentries_setup);
01247     #endif
01248     #if defined(CONFIG_RSBAC_LOG_REMOTE)
01249 //    module_param_string(rsbac_log_remote_addr,
01250 //                        rsbac_log_remote_addr_string,
01251 //                        sizeof(rsbac_log_remote_addr_string),
01252 //                        S_IRUGO);
01253   static int R_INIT log_remote_addr_setup(char *line)
01254     {
01255       strncpy(rsbac_log_remote_addr_string, line, RSBAC_MAXNAMELEN - 1);
01256       rsbac_log_remote_addr_string[RSBAC_MAXNAMELEN - 1]=0;
01257       return 1;
01258     }
01259   __setup("rsbac_log_remote_addr=", log_remote_addr_setup);
01260 //    module_param(rsbac_log_remote_port,
01261 //                 int,
01262 //                 S_IRUGO);
01263   static int R_INIT log_remote_port_setup(char *line)
01264     {
01265       __u16 tmp_port;
01266 
01267       tmp_port = simple_strtoul(line, NULL, 0);
01268       rsbac_log_remote_port = htons(tmp_port);
01269       return 1;
01270     }
01271   __setup("rsbac_log_remote_port=", log_remote_port_setup);
01272   static int R_INIT log_remote_maxentries_setup(char *line)
01273     {
01274       rsbac_log_remote_maxentries = simple_strtoul(line, NULL, 0);
01275       return 1;
01276     }
01277   __setup("rsbac_log_remote_maxentries=", log_remote_maxentries_setup);
01278     #endif
01279     #ifdef CONFIG_RSBAC_INIT_DELAY
01280 //    module_param(rsbac_no_delay_init, bool, S_IRUGO);
01281   static int R_INIT no_delay_init_setup(char *line)
01282     {
01283       rsbac_no_delay_init = 1;
01284       return 1;
01285     }
01286   __setup("rsbac_no_delay_init", no_delay_init_setup);
01287 //    module_param_named(rsbac_no_init_delay, rsbac_no_delay_init, bool, S_IRUGO);
01288   static int R_INIT no_init_delay_setup(char *line)
01289     {
01290       rsbac_no_delay_init = 1;
01291       return 1;
01292     }
01293   __setup("rsbac_no_init_delay", no_init_delay_setup);
01294     char rsbac_delayed_root_str[20] = "";
01295 //    module_param_string(rsbac_delayed_root,
01296 //                        rsbac_delayed_root_str,
01297 //                        sizeof(rsbac_delayed_root_str),
01298 //                        S_IRUGO);
01299   static int R_INIT delayed_root_setup(char *line)
01300     {
01301       strncpy(rsbac_delayed_root_str, line, 19);
01302       rsbac_delayed_root_str[19]=0;
01303       return 1;
01304     }
01305   __setup("rsbac_delayed_root=", delayed_root_setup);
01306     #endif
01307     #ifdef CONFIG_RSBAC_SYSLOG_RATE
01308 //    module_param(rsbac_syslog_rate,
01309 //                 int,
01310 //                 S_IRUGO);
01311   static int R_INIT syslog_rate_setup(char *line)
01312     {
01313       rsbac_syslog_rate = simple_strtoul(line, NULL, 0);
01314       return 1;
01315     }
01316   __setup("rsbac_syslog_rate=", syslog_rate_setup);
01317     #endif
01318 #ifdef CONFIG_RSBAC_FD_CACHE
01319 //    module_param(rsbac_fd_cache_ttl,
01320 //                 int,
01321 //                 S_IRUGO);
01322   static int R_INIT fd_cache_ttl_setup(char *line)
01323     {
01324       rsbac_fd_cache_ttl = simple_strtoul(line, NULL, 0);
01325       return 1;
01326     }
01327   __setup("rsbac_fd_cache_ttl=", fd_cache_ttl_setup);
01328 //    module_param(rsbac_fd_cache_disable, bool, S_IRUGO);
01329   static int R_INIT fd_cache_disable_setup(char *line)
01330     {
01331       rsbac_fd_cache_disable = 1;
01332       return 1;
01333     }
01334   __setup("rsbac_fd_cache_disable", fd_cache_disable_setup);
01335 #endif
01336 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0)
01337 //    module_param(rsbac_list_check_interval,
01338 //                 int,
01339 //                 S_IRUGO);
01340   static int R_INIT list_check_interval_setup(char *line)
01341     {
01342       rsbac_list_check_interval = simple_strtoul(line, NULL, 0);
01343       return 1;
01344     }
01345   __setup("rsbac_list_check_interval=", list_check_interval_setup);
01346 #endif
01347 
01348 #ifdef CONFIG_RSBAC_DEBUG
01349     #ifdef CONFIG_RSBAC_NET
01350     /* RSBAC: debug for net data structures? */
01351 //    module_param(rsbac_debug_ds_net, bool, S_IRUGO);
01352   static int R_INIT debug_ds_net_setup(char *line)
01353     {
01354       rsbac_debug_ds_net = 1;
01355       return 1;
01356     }
01357   __setup("rsbac_debug_ds_net", debug_ds_net_setup);
01358     /* RSBAC: debug for net syscalls/AEF? */
01359 //    module_param(rsbac_debug_aef_net, bool, S_IRUGO);
01360   static int R_INIT debug_aef_net_setup(char *line)
01361     {
01362       rsbac_debug_aef_net = 1;
01363       return 1;
01364     }
01365   __setup("rsbac_debug_aef_net", debug_aef_net_setup);
01366     /* RSBAC: debug for net decisions/ADF? */
01367 //    module_param(rsbac_debug_adf_net, bool, S_IRUGO);
01368   static int R_INIT debug_adf_net_setup(char *line)
01369     {
01370       rsbac_debug_adf_net = 1;
01371       return 1;
01372     }
01373   __setup("rsbac_debug_adf_net", debug_adf_net_setup);
01374     #endif
01375 
01376     #if defined(CONFIG_RSBAC_MAC)
01377 //    module_param(rsbac_debug_ds_mac, bool, S_IRUGO);
01378   static int R_INIT debug_ds_mac_setup(char *line)
01379     {
01380       rsbac_debug_ds_mac = 1;
01381       return 1;
01382     }
01383   __setup("rsbac_debug_ds_mac", debug_ds_mac_setup);
01384 //    module_param(rsbac_debug_aef_mac, bool, S_IRUGO);
01385   static int R_INIT debug_aef_mac_setup(char *line)
01386     {
01387       rsbac_debug_aef_mac = 1;
01388       return 1;
01389     }
01390   __setup("rsbac_debug_aef_mac", debug_aef_mac_setup);
01391 //    module_param(rsbac_debug_adf_mac, bool, S_IRUGO);
01392   static int R_INIT debug_adf_mac_setup(char *line)
01393     {
01394       rsbac_debug_adf_mac = 1;
01395       return 1;
01396     }
01397   __setup("rsbac_debug_adf_mac", debug_adf_mac_setup);
01398     #endif
01399     #if defined(CONFIG_RSBAC_PM) || defined(CONFIG_RSBAC_PM_MAINT)
01400 //    module_param(rsbac_debug_ds_pm, bool, S_IRUGO);
01401   static int R_INIT debug_ds_pm_setup(char *line)
01402     {
01403       rsbac_debug_ds_pm = 1;
01404       return 1;
01405     }
01406   __setup("rsbac_debug_ds_pm", debug_ds_pm_setup);
01407 //    module_param(rsbac_debug_aef_pm, bool, S_IRUGO);
01408   static int R_INIT debug_aef_pm_setup(char *line)
01409     {
01410       rsbac_debug_aef_pm = 1;
01411       return 1;
01412     }
01413   __setup("rsbac_debug_aef_pm", debug_aef_pm_setup);
01414 //    module_param(rsbac_debug_adf_pm, bool, S_IRUGO);
01415   static int R_INIT debug_adf_pm_setup(char *line)
01416     {
01417       rsbac_debug_adf_pm = 1;
01418       return 1;
01419     }
01420   __setup("rsbac_debug_adf_pm", debug_adf_pm_setup);
01421     #endif
01422     #if defined(CONFIG_RSBAC_DAZ)
01423 //    module_param(rsbac_debug_adf_daz, bool, S_IRUGO);
01424   static int R_INIT debug_adf_daz_setup(char *line)
01425     {
01426       rsbac_debug_adf_daz = 1;
01427       return 1;
01428     }
01429   __setup("rsbac_debug_adf_daz", debug_adf_daz_setup);
01430     #endif
01431     #if defined(CONFIG_RSBAC_RC) || defined(CONFIG_RSBAC_RC_MAINT)
01432 //    module_param(rsbac_debug_ds_rc, bool, S_IRUGO);
01433   static int R_INIT debug_ds_rc_setup(char *line)
01434     {
01435       rsbac_debug_ds_rc = 1;
01436       return 1;
01437     }
01438   __setup("rsbac_debug_ds_rc", debug_ds_rc_setup);
01439 //    module_param(rsbac_debug_aef_rc, bool, S_IRUGO);
01440   static int R_INIT debug_aef_rc_setup(char *line)
01441     {
01442       rsbac_debug_aef_rc = 1;
01443       return 1;
01444     }
01445   __setup("rsbac_debug_aef_rc", debug_aef_rc_setup);
01446 //    module_param(rsbac_debug_adf_rc, bool, S_IRUGO);
01447   static int R_INIT debug_adf_rc_setup(char *line)
01448     {
01449       rsbac_debug_adf_rc = 1;
01450       return 1;
01451     }
01452   __setup("rsbac_debug_adf_rc", debug_adf_rc_setup);
01453     #endif
01454     #if defined(CONFIG_RSBAC_AUTH) || defined(CONFIG_RSBAC_AUTH_MAINT)
01455 //    module_param(rsbac_debug_ds_auth, bool, S_IRUGO);
01456   static int R_INIT debug_ds_auth_setup(char *line)
01457     {
01458       rsbac_debug_ds_auth = 1;
01459       return 1;
01460     }
01461   __setup("rsbac_debug_ds_auth", debug_ds_auth_setup);
01462 //    module_param(rsbac_debug_aef_auth, bool, S_IRUGO);
01463   static int R_INIT debug_aef_auth_setup(char *line)
01464     {
01465       rsbac_debug_aef_auth = 1;
01466       return 1;
01467     }
01468   __setup("rsbac_debug_aef_auth", debug_aef_auth_setup);
01469 //    module_param(rsbac_debug_adf_auth, bool, S_IRUGO);
01470   static int R_INIT debug_adf_auth_setup(char *line)
01471     {
01472       rsbac_debug_adf_auth = 1;
01473       return 1;
01474     }
01475   __setup("rsbac_debug_adf_auth", debug_adf_auth_setup);
01476     #endif
01477     #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
01478 //    module_param(rsbac_debug_reg, bool, S_IRUGO);
01479   static int R_INIT debug_reg_setup(char *line)
01480     {
01481       rsbac_debug_reg = 1;
01482       return 1;
01483     }
01484   __setup("rsbac_debug_reg", debug_reg_setup);
01485     #endif
01486     #if defined(CONFIG_RSBAC_ACL) || defined(CONFIG_RSBAC_ACL_MAINT)
01487 //    module_param(rsbac_debug_ds_acl, bool, S_IRUGO);
01488   static int R_INIT debug_ds_acl_setup(char *line)
01489     {
01490       rsbac_debug_ds_acl = 1;
01491       return 1;
01492     }
01493   __setup("rsbac_debug_ds_acl", debug_ds_acl_setup);
01494 //    module_param(rsbac_debug_aef_acl, bool, S_IRUGO);
01495   static int R_INIT debug_aef_acl_setup(char *line)
01496     {
01497       rsbac_debug_aef_acl = 1;
01498       return 1;
01499     }
01500   __setup("rsbac_debug_aef_acl", debug_aef_acl_setup);
01501 //    module_param(rsbac_debug_adf_acl, bool, S_IRUGO);
01502   static int R_INIT debug_adf_acl_setup(char *line)
01503     {
01504       rsbac_debug_adf_acl = 1;
01505       return 1;
01506     }
01507   __setup("rsbac_debug_adf_acl", debug_adf_acl_setup);
01508     #endif
01509     #if defined(CONFIG_RSBAC_JAIL)
01510 //    module_param(rsbac_debug_aef_jail, bool, S_IRUGO);
01511   static int R_INIT debug_aef_jail_setup(char *line)
01512     {
01513       rsbac_debug_aef_jail = 1;
01514       return 1;
01515     }
01516   __setup("rsbac_debug_aef_jail", debug_aef_jail_setup);
01517 //    module_param(rsbac_debug_adf_jail, bool, S_IRUGO);
01518   static int R_INIT debug_adf_jail_setup(char *line)
01519     {
01520       rsbac_debug_adf_jail = 1;
01521       return 1;
01522     }
01523   __setup("rsbac_debug_adf_jail", debug_adf_jail_setup);
01524     #endif
01525     #if defined(CONFIG_RSBAC_PAX)
01526 //    module_param(rsbac_debug_adf_pax, bool, S_IRUGO);
01527   static int R_INIT debug_adf_pax_setup(char *line)
01528     {
01529       rsbac_debug_adf_pax = 1;
01530       return 1;
01531     }
01532   __setup("rsbac_debug_adf_pax", debug_adf_pax_setup);
01533     #endif
01534     #if defined(CONFIG_RSBAC_UM)
01535 //    module_param(rsbac_debug_ds_um, bool, S_IRUGO);
01536   static int R_INIT debug_ds_um_setup(char *line)
01537     {
01538       rsbac_debug_ds_um = 1;
01539       return 1;
01540     }
01541   __setup("rsbac_debug_ds_um", debug_ds_um_setup);
01542 //    module_param(rsbac_debug_aef_um, bool, S_IRUGO);
01543   static int R_INIT debug_aef_um_setup(char *line)
01544     {
01545       rsbac_debug_aef_um = 1;
01546       return 1;
01547     }
01548   __setup("rsbac_debug_aef_um", debug_aef_um_setup);
01549 //    module_param(rsbac_debug_adf_um, bool, S_IRUGO);
01550   static int R_INIT debug_adf_um_setup(char *line)
01551     {
01552       rsbac_debug_adf_um = 1;
01553       return 1;
01554     }
01555   __setup("rsbac_debug_adf_um", debug_adf_um_setup);
01556     #endif
01557     #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0)
01558 //    module_param(rsbac_debug_auto, bool, S_IRUGO);
01559   static int R_INIT debug_auto_setup(char *line)
01560     {
01561       rsbac_debug_auto = 1;
01562       return 1;
01563     }
01564   __setup("rsbac_debug_auto", debug_auto_setup);
01565     #endif
01566     /* RSBAC: debug_lists */
01567 //    module_param(rsbac_debug_lists, bool, S_IRUGO);
01568   static int R_INIT debug_lists_setup(char *line)
01569     {
01570       rsbac_debug_lists = 1;
01571       return 1;
01572     }
01573   __setup("rsbac_debug_lists", debug_lists_setup);
01574     /* RSBAC: debug_stack */
01575 //    module_param(rsbac_debug_stack, bool, S_IRUGO);
01576   static int R_INIT debug_stack_setup(char *line)
01577     {
01578       rsbac_debug_stack = 1;
01579       return 1;
01580     }
01581   __setup("rsbac_debug_stack", debug_stack_setup);
01582     /* RSBAC: debug for data structures? */
01583 //    module_param(rsbac_debug_ds, bool, S_IRUGO);
01584   static int R_INIT debug_ds_setup(char *line)
01585     {
01586       rsbac_debug_ds = 1;
01587       return 1;
01588     }
01589   __setup("rsbac_debug_ds", debug_ds_setup);
01590     /* RSBAC: debug for writing of data structures? */
01591 //    module_param(rsbac_debug_write, bool, S_IRUGO);
01592   static int R_INIT debug_write_setup(char *line)
01593     {
01594       rsbac_debug_write = 1;
01595       return 1;
01596     }
01597   __setup("rsbac_debug_write", debug_write_setup);
01598     /* RSBAC: debug for AEF? */
01599 //    module_param(rsbac_debug_aef, bool, S_IRUGO);
01600   static int R_INIT debug_aef_setup(char *line)
01601     {
01602       rsbac_debug_aef = 1;
01603       return 1;
01604     }
01605   __setup("rsbac_debug_aef", debug_aef_setup);
01606     /* RSBAC: debug_no_write for ds */
01607 //    module_param(rsbac_debug_no_write, bool, S_IRUGO);
01608   static int R_INIT debug_no_write_setup(char *line)
01609     {
01610       rsbac_debug_no_write = 1;
01611       return 1;
01612     }
01613   __setup("rsbac_debug_no_write", debug_no_write_setup);
01614     /* RSBAC: debug default for ADF */
01615 //    module_param(rsbac_debug_adf_default, int, S_IRUGO);
01616   static int R_INIT debug_adf_default_setup(char *line)
01617     {
01618       rsbac_debug_adf_default = 1;
01619       return 1;
01620     }
01621   __setup("rsbac_debug_adf_default", debug_adf_default_setup);
01622 #endif /* DEBUG */
01623 
01624 #endif /* KERNEL_VERSION < or >= 2.6.0 */
01625 
01626 #if defined(CONFIG_RSBAC_RMSG)
01627 static spinlock_t rsbac_log_lock = SPIN_LOCK_UNLOCKED;
01628 
01629 #if defined(CONFIG_RSBAC_LOG_REMOTE)
01630 static spinlock_t rsbac_log_remote_lock = SPIN_LOCK_UNLOCKED;
01631 #endif
01632 
01633 /*
01634  * Commands to do_syslog:
01635  *
01636  *      0 -- Close the log.  Currently a NOP.
01637  *      1 -- Open the log. Currently a NOP.
01638  *      2 -- Read from the log.
01639  *      3 -- Read all messages remaining in the ring buffer.
01640  *      4 -- Read and clear all messages remaining in the ring buffer
01641  *      5 -- Clear ring buffer.
01642  *      9 -- Return number of unread characters in the log buffer
01643  */
01644 int rsbac_log(int type, char * buf, int len)
01645 {
01646         unsigned long count;
01647         int do_clear = 0;
01648         int error = 0;
01649         char * k_buf;
01650 
01651         union rsbac_target_id_t       rsbac_target_id;
01652         union rsbac_attribute_value_t rsbac_attribute_value;
01653         struct rsbac_log_list_item_t * log_item;
01654 
01655         /* RSBAC */
01656         rsbac_target_id.scd = ST_rsbac_log;
01657         rsbac_attribute_value.dummy = 0;
01658         if ((type == 4) || (type == 5))
01659           {
01660 #ifdef CONFIG_RSBAC_DEBUG
01661             if (rsbac_debug_aef)
01662               {
01663                 rsbac_printk(KERN_DEBUG "rsbac_log(): function %u, calling ADF for MODIFY_SYSTEM_DATA\n", type);
01664               }
01665 #endif
01666             if (!rsbac_adf_request(R_MODIFY_SYSTEM_DATA,
01667                                    current->pid,
01668                                    T_SCD,
01669                                    rsbac_target_id,
01670                                    A_none,
01671                                    rsbac_attribute_value))
01672               {
01673                 error = -EPERM;
01674                 goto out;
01675               }
01676           }
01677         else
01678         if(type >= 1)
01679           {
01680 #ifdef CONFIG_RSBAC_DEBUG
01681             if (rsbac_debug_aef)
01682               {
01683                 rsbac_printk(KERN_DEBUG "rsbac_log(): function %u, calling ADF for GET_STATUS_DATA\n", type);
01684               }
01685 #endif
01686             if (!rsbac_adf_request(R_GET_STATUS_DATA,
01687                                    current->pid,
01688                                    T_SCD,
01689                                    rsbac_target_id,
01690                                    A_none,
01691                                    rsbac_attribute_value))
01692               {
01693                 error = -EPERM;
01694                 goto out;
01695               }
01696           }
01697 
01698         switch (type) {
01699         case 0:         /* Close log */
01700                 break;
01701         case 1:         /* Open log */
01702                 break;
01703         case 2:         /* Read from log */
01704                 error = -EINVAL;
01705                 if (!buf || len < 0)
01706                         goto out;
01707                 error = 0;
01708                 if (!len)
01709                         goto out;
01710                 error = access_ok(VERIFY_WRITE,buf,len);
01711                 if (!error)
01712                         goto out;
01713                 error = wait_event_interruptible(rlog_wait, log_list_head.count);
01714                 if (error)
01715                         goto out;
01716                 if (len > RSBAC_LOG_MAXREADBUF)
01717                         len = RSBAC_LOG_MAXREADBUF;
01718                 k_buf = rsbac_kmalloc(len);
01719                 count = 0;
01720                 spin_lock(&rsbac_log_lock);
01721                 log_item = log_list_head.head;
01722                 while (log_item && (count + log_item->size < len)) {
01723                         memcpy(k_buf + count, log_item->buffer, log_item->size);
01724                         count += log_item->size;
01725                         log_item = log_item->next;
01726                         kfree(log_list_head.head);
01727                         log_list_head.head = log_item;
01728                         if(!log_item)
01729                                 log_list_head.tail = NULL;
01730                         log_list_head.count--;
01731                 }
01732                 spin_unlock(&rsbac_log_lock);
01733                 error = copy_to_user(buf, k_buf, count);
01734                 if (!error)
01735                         error = count;
01736                 kfree(k_buf);
01737                 break;
01738         case 4:         /* Read/clear last kernel messages */
01739                 do_clear = 1; 
01740                 /* FALL THRU */
01741         case 3:         /* Read last kernel messages */
01742                 error = -EINVAL;
01743                 if (!buf || len < 0)
01744                         goto out;
01745                 error = 0;
01746                 if (!len)
01747                         goto out;
01748                 error = access_ok(VERIFY_WRITE,buf,len);
01749                 if (!error)
01750                         goto out;
01751                 if (len > RSBAC_LOG_MAXREADBUF)
01752                         len = RSBAC_LOG_MAXREADBUF;
01753                 k_buf = rsbac_kmalloc(len);
01754                 count = 0;
01755                 spin_lock(&rsbac_log_lock);
01756                 log_item = log_list_head.head;
01757                 while (log_item && (count + log_item->size < len)) {
01758                         memcpy(k_buf + count, log_item->buffer, log_item->size);
01759                         count += log_item->size;
01760                         log_item = log_item->next;
01761                         if(do_clear) {
01762                                 kfree(log_list_head.head);
01763                                 log_list_head.head = log_item;
01764                                 if(!log_item)
01765                                         log_list_head.tail = NULL;
01766                                 log_list_head.count--;
01767                         }
01768                 }
01769                 spin_unlock(&rsbac_log_lock);
01770                 error = copy_to_user(buf, k_buf, count);
01771                 if (!error)
01772                         error = count;
01773                 kfree(k_buf);
01774                 break;
01775         case 5:         /* Clear ring buffer */
01776                 spin_lock(&rsbac_log_lock);
01777                 log_item = log_list_head.head;
01778                 while (log_item) {
01779                         log_item = log_item->next;
01780                         kfree(log_list_head.head);
01781                         log_list_head.head = log_item;
01782                 }
01783                 log_list_head.tail = NULL;
01784                 log_list_head.count = 0;
01785                 spin_unlock(&rsbac_log_lock);
01786                 error = 0;
01787                 break;
01788         case 9:         /* Number of chars in the log buffer */
01789                 error = 0;
01790                 spin_lock(&rsbac_log_lock);
01791                 log_item = log_list_head.head;
01792                 while (log_item) {
01793                         error += log_item->size;
01794                         log_item = log_item->next;
01795                 }
01796                 spin_unlock(&rsbac_log_lock);
01797                 break;
01798         default:
01799                 error = -EINVAL;
01800                 break;
01801         }
01802 out:
01803         return error;
01804 }
01805 #endif /* RMSG */
01806 
01807 #ifdef CONFIG_RSBAC_SYSLOG_RATE
01808 static void syslog_rate_reset(u_long dummy)
01809   {
01810     if(syslog_count > rsbac_syslog_rate)
01811       printk(KERN_INFO "syslog_rate_reset: resetting syslog_count at %u, next message is %u\n",
01812              syslog_count, log_seq);
01813     syslog_count = 0;
01814     mod_timer(&rsbac_syslog_rate_timer, jiffies + HZ);
01815   }
01816 #endif
01817 
01818 EXPORT_SYMBOL(rsbac_printk);
01819 int rsbac_printk(const char *fmt, ...)
01820 {
01821         va_list args;
01822         int printed_len;
01823         char * buf;
01824 #if defined(CONFIG_RSBAC_RMSG)
01825         struct rsbac_log_list_item_t * log_item;
01826 #endif
01827 
01828         if (rsbac_is_initialized())
01829                 buf = rsbac_kmalloc(RSBAC_LOG_MAXLINE);
01830         else
01831                 buf = kmalloc(RSBAC_LOG_MAXLINE, GFP_ATOMIC);
01832         if (!buf)
01833                 return -ENOMEM;
01834         /* Emit the output into the buffer */
01835         va_start(args, fmt);
01836         printed_len = vsnprintf(buf + 11, RSBAC_LOG_MAXLINE - 14, fmt, args);
01837         va_end(args);
01838         if(printed_len < 4) {
01839                 kfree(buf);
01840                 return printed_len;
01841         }
01842         buf[0] = '<';
01843         buf[1] = buf[12];
01844         buf[2] = '>';
01845         sprintf(buf + 3, "%010u", log_seq++);
01846         buf[13] = '|';
01847         /* Terminate string */
01848         buf[printed_len + 11] = 0;
01849 
01850         /* copy to printk */
01851 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG
01852         if (!rsbac_nosyslog)
01853 #endif
01854         {
01855 #ifdef CONFIG_RSBAC_SYSLOG_RATE
01856                 syslog_count++;
01857                 if(syslog_count < rsbac_syslog_rate)
01858 #endif
01859                         printk("%s", buf);
01860 #ifdef CONFIG_RSBAC_SYSLOG_RATE
01861                 else
01862                         if(syslog_count == rsbac_syslog_rate)
01863                                 printk(KERN_INFO "rsbac_printk: Applying syslog rate limit at count %u, message %u!\n",
01864                                         syslog_count, log_seq - 1);
01865 #endif
01866         }
01867         /* Buffer is ready, now link into log list */
01868 #if defined(CONFIG_RSBAC_RMSG)
01869         if (rsbac_is_initialized())
01870                 log_item = rsbac_kmalloc(sizeof(*log_item) + printed_len + 12);
01871         else
01872                 log_item = kmalloc(sizeof(*log_item) + printed_len + 12, GFP_ATOMIC);
01873         if(log_item) {
01874                 memcpy(log_item->buffer, buf, printed_len + 11);
01875                 log_item->size = printed_len + 11;
01876                 log_item->next = NULL;
01877                 spin_lock(&rsbac_log_lock);
01878                 if (log_list_head.tail) {
01879                         log_list_head.tail->next = log_item;
01880                 } else {
01881                         log_list_head.head = log_item;
01882                 }
01883                 log_list_head.tail = log_item;
01884                 log_list_head.count++;
01885                 while(log_list_head.count > rsbac_rmsg_maxentries) {
01886                         log_item = log_list_head.head;
01887                         log_list_head.head = log_item->next;
01888                         log_list_head.count--;
01889                         log_list_head.lost++;
01890                         kfree(log_item);
01891                 }
01892                 spin_unlock(&rsbac_log_lock);
01893                 wake_up_interruptible(&rlog_wait);
01894         }
01895 #endif
01896 
01897 #if defined(CONFIG_RSBAC_LOG_REMOTE)
01898         /* Link into remote log list */
01899         if (rsbac_is_initialized())
01900                 log_item = rsbac_kmalloc(sizeof(*log_item) + printed_len + 12);
01901         else
01902                 log_item = kmalloc(sizeof(*log_item) + printed_len + 12, GFP_ATOMIC);
01903         if(log_item) {
01904                 memcpy(log_item->buffer, buf, printed_len + 11);
01905                 log_item->size = printed_len + 11;
01906                 log_item->next = NULL;
01907                 spin_lock(&rsbac_log_remote_lock);
01908                 if (remote_log_list_head.tail) {
01909                         remote_log_list_head.tail->next = log_item;
01910                 } else {
01911                         remote_log_list_head.head = log_item;
01912                 }
01913                 remote_log_list_head.tail = log_item;
01914                 remote_log_list_head.count++;
01915                 while(remote_log_list_head.count > rsbac_log_remote_maxentries) {
01916                         log_item = remote_log_list_head.head;
01917                         remote_log_list_head.head = log_item->next;
01918                         remote_log_list_head.count--;
01919                         remote_log_list_head.lost++;
01920                         kfree(log_item);
01921                 }
01922                 spin_unlock(&rsbac_log_remote_lock);
01923 #ifdef CONFIG_RSBAC_LOG_REMOTE_SYNC
01924                 wake_up_interruptible(&rsbaclogd_wait);
01925 #endif
01926         }
01927 #endif
01928 
01929         kfree(buf);
01930         return printed_len;
01931 }
01932 
01933 #if defined(CONFIG_RSBAC_RMSG)
01934 #if defined(CONFIG_RSBAC_PROC)
01935 static int rmsg_open(struct inode * inode, struct file * file)
01936 {
01937         return rsbac_log(1,NULL,0);
01938 }
01939 
01940 static int rmsg_release(struct inode * inode, struct file * file)
01941 {
01942         (void) rsbac_log(0,NULL,0);
01943         return 0;
01944 }
01945 
01946 static ssize_t rmsg_read(struct file * file, char * buf,
01947                          size_t count, loff_t *ppos)
01948 {
01949         return rsbac_log(2,buf,count);
01950 }
01951 
01952 static unsigned int rmsg_poll(struct file *file, poll_table * wait)
01953 {
01954         poll_wait(file, &rlog_wait, wait);
01955         if (rsbac_log(9, 0, 0))
01956                 return POLLIN | POLLRDNORM;
01957         return 0;
01958 }
01959 
01960 static struct file_operations proc_rmsg_operations = {
01961         .read = rmsg_read,
01962         .poll = rmsg_poll,      /* rmsg_poll */
01963         .open = rmsg_open,
01964         .release = rmsg_release
01965 };
01966 
01967 #endif /* PROC */
01968 #endif /* RMSG */
01969 
01970 #if defined(CONFIG_RSBAC_PROC)
01971 #ifndef PROC_BLOCK_SIZE
01972 #define PROC_BLOCK_SIZE (3*1024)  /* 4K page size but our output routines use some slack for overruns */
01973 #endif
01974 
01975 static int
01976 log_levels_proc_info(char *buffer, char **start, off_t offset, int length)
01977 {
01978   int len = 0;
01979   int i,j;
01980   off_t pos   = 0;
01981   off_t begin = 0;
01982   char * name;
01983   char * name2;
01984 
01985   union rsbac_target_id_t       rsbac_target_id;
01986   union rsbac_attribute_value_t rsbac_attribute_value;
01987 
01988   if (!rsbac_is_initialized())
01989     return (-ENOSYS);
01990 
01991 #ifdef CONFIG_RSBAC_DEBUG
01992   if (rsbac_debug_aef)
01993     {
01994       rsbac_printk(KERN_DEBUG "log_levels_proc_info(): calling ADF\n");
01995     }
01996 #endif
01997   rsbac_target_id.scd = ST_rsbac;
01998   rsbac_attribute_value.dummy = 0;
01999   if (!rsbac_adf_request(R_GET_STATUS_DATA,
02000                          current->pid,
02001                          T_SCD,
02002                          rsbac_target_id,
02003                          A_none,
02004                          rsbac_attribute_value))
02005     {
02006       return -EPERM;
02007     }
02008 
02009   name = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02010   if(!name)
02011     return -ENOMEM;
02012   name2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02013   if(!name2)
02014     {
02015       rsbac_kfree(name);
02016       return -ENOMEM;
02017     }
02018     
02019   len += sprintf(buffer, "RSBAC Log Levels\n----------------\n");
02020   len += sprintf(buffer+len, "Name\t\t\tFILE\tDIR\tFIFO\tSYMLINK\tDEV\tIPC\tSCD\tUSER\tPROCESS\tNETDEV\tNETTEMP\tNETOBJ\tNETT_NT\tNONE\n");
02021 
02022   for (i = 0; i<R_NONE; i++)
02023     {
02024       len += sprintf(buffer + len, "%-23s",
02025                      get_request_name(name, i));
02026       for(j = 0; j<=T_NONE; j++)
02027         {
02028           if(j != T_FD)
02029             len += sprintf(buffer + len, "\t%u",
02030                            rsbac_log_levels[i][j]);
02031         }
02032       len += sprintf(buffer + len, "\n");
02033       pos = begin + len;
02034       if (pos < offset)
02035         {
02036           len = 0;
02037           begin = pos;
02038         }
02039       if (pos > offset+length)
02040         break;
02041     }
02042 
02043   *start = buffer + (offset - begin);
02044   len -= (offset - begin);
02045   
02046   if (len > length)
02047     len = length;
02048   rsbac_kfree(name);
02049   rsbac_kfree(name2);
02050 
02051   return len;
02052 }
02053 
02054 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
02055 static int log_levels_proc_write(struct file * file, const char * buf,
02056                                      u_long count, void *ppos)
02057 #else
02058 static int log_levels_proc_write(struct file * file, const char __user * buf,
02059                                      unsigned long count, void *ppos)
02060 #endif
02061 {
02062     ssize_t err;
02063     char * k_buf;
02064     char * p;
02065     unsigned int log_level;
02066     char rname[RSBAC_MAXNAMELEN];
02067     int i,j;
02068 
02069     union rsbac_target_id_t       rsbac_target_id;
02070     union rsbac_attribute_value_t rsbac_attribute_value;
02071 
02072     if(count > PROC_BLOCK_SIZE) {
02073         return(-EOVERFLOW);
02074     }
02075 
02076     if (!(k_buf = (char *) __get_free_page(GFP_KERNEL)))
02077       return(-ENOMEM);
02078     err = copy_from_user(k_buf, buf, count);
02079     if(err < 0)
02080       return err;
02081 
02082   err = count;
02083   if(count < 15 || strncmp("log_levels", k_buf, 10))
02084     {
02085       goto out;
02086     }
02087   if (!rsbac_is_initialized())
02088     {
02089       err = -ENOSYS;
02090       goto out;
02091     }
02092 
02093     /*
02094      * Usage: echo "log_levels request #N" > /proc/rsbac_info/log_levels
02095      *   to set log level for request to given value
02096      */
02097     for(i=0; i<R_NONE; i++)
02098       {
02099         get_request_name(rname,i);
02100         if(!strncmp(rname, k_buf + 11, strlen(rname))) 
02101           {
02102 #ifdef CONFIG_RSBAC_DEBUG
02103             if (rsbac_debug_aef)
02104               {
02105                 rsbac_printk(KERN_DEBUG "log_levels_proc_write(): calling ADF\n");
02106               }
02107 #endif
02108             rsbac_target_id.dummy = 0;
02109             rsbac_attribute_value.request = i;
02110             if (!rsbac_adf_request(R_SWITCH_LOG,
02111                                    current->pid,
02112                                    T_NONE,
02113                                    rsbac_target_id,
02114                                    A_request,
02115                                    rsbac_attribute_value))
02116               {
02117                 err = -EPERM;
02118                 goto out;
02119               }
02120             p = k_buf + 11 + strlen(rname)+1;
02121 
02122             if( *p == '\0' )
02123               goto out;
02124 
02125             log_level = simple_strtoul(p, NULL, 0);
02126             /* only accept 0 or 1 */
02127             if(   (log_level == LL_none)
02128                || (log_level == LL_denied)
02129                || (log_level == LL_full)
02130               )
02131               {
02132                 rsbac_printk(KERN_INFO
02133                        "log_levels_proc_write(): setting %s log level for all target types to %u\n",
02134                        rname, log_level);
02135                 for(j = 0; j<=T_NONE; j++)
02136                   {
02137                     rsbac_log_levels[i][j] = log_level;
02138                   }
02139                 err = count;
02140                 goto out;
02141               }
02142             else
02143               {
02144                 rsbac_printk(KERN_INFO
02145                        "log_levels_proc_write(): rejecting invalid log level (should be %u, %u or %u)\n",
02146                        LL_none, LL_denied, LL_full);
02147                 goto out;
02148               }
02149           }
02150       }
02151 
02152 out:
02153   free_page((ulong) k_buf);
02154   return(err);
02155   }
02156 
02157 
02158 static int
02159 debug_proc_info(char *buffer, char **start, off_t offset, int length)
02160 {
02161   int len = 0;
02162   off_t pos   = 0;
02163   off_t begin = 0;
02164 
02165   union rsbac_target_id_t       rsbac_target_id;
02166   union rsbac_attribute_value_t rsbac_attribute_value;
02167 
02168   if (!rsbac_is_initialized())
02169     return (-ENOSYS);
02170 
02171 #ifdef CONFIG_RSBAC_DEBUG
02172   if (rsbac_debug_aef)
02173     {
02174       rsbac_printk(KERN_DEBUG "debug_proc_info(): calling ADF\n");
02175     }
02176 #endif
02177   rsbac_target_id.scd = ST_rsbac;
02178   rsbac_attribute_value.dummy = 0;
02179   if (!rsbac_adf_request(R_GET_STATUS_DATA,
02180                          current->pid,
02181                          T_SCD,
02182                          rsbac_target_id,
02183                          A_none,
02184                          rsbac_attribute_value))
02185     {
02186       return -EPERM;
02187     }
02188   len += sprintf(buffer, "RSBAC Debug Settings\n--------------------\n");
02189 
02190 #ifdef CONFIG_RSBAC_SOFTMODE
02191   len += sprintf(buffer + len, "rsbac_softmode is %i\n",
02192                  rsbac_softmode);
02193   pos = begin + len;
02194   if (pos < offset)
02195     {
02196       len = 0;
02197       begin = pos;
02198     }
02199   if (pos > offset+length)
02200     goto out;
02201   len += sprintf(buffer + len, "rsbac_softmode_prohibit is %i\n",
02202                  rsbac_softmode_prohibit);
02203   pos = begin + len;
02204   if (pos < offset)
02205     {
02206       len = 0;
02207       begin = pos;
02208     }
02209   if (pos > offset+length)
02210     goto out;
02211 #ifdef CONFIG_RSBAC_SOFTMODE_IND
02212 #ifdef CONFIG_RSBAC_MAC
02213   len += sprintf(buffer + len, "rsbac_ind_softmode[MAC] is %i\n",
02214                  rsbac_ind_softmode[SW_MAC]);
02215 #endif
02216 #ifdef CONFIG_RSBAC_PM
02217   len += sprintf(buffer + len, "rsbac_ind_softmode[PM] is %i\n",
02218                  rsbac_ind_softmode[SW_PM]);
02219 #endif
02220 #ifdef CONFIG_RSBAC_DAZ
02221   len += sprintf(buffer + len, "rsbac_ind_softmode[DAZ] is %i\n",
02222                  rsbac_ind_softmode[SW_DAZ]);
02223 #endif
02224 #ifdef CONFIG_RSBAC_FF
02225   len += sprintf(buffer + len, "rsbac_ind_softmode[FF] is %i\n",
02226                  rsbac_ind_softmode[SW_FF]);
02227 #endif
02228 #ifdef CONFIG_RSBAC_RC
02229   len += sprintf(buffer + len, "rsbac_ind_softmode[RC] is %i\n",
02230                  rsbac_ind_softmode[SW_RC]);
02231 #endif
02232 #ifdef CONFIG_RSBAC_AUTH
02233   len += sprintf(buffer + len, "rsbac_ind_softmode[AUTH] is %i\n",
02234                  rsbac_ind_softmode[SW_AUTH]);
02235 #endif
02236 #ifdef CONFIG_RSBAC_REG
02237   len += sprintf(buffer + len, "rsbac_ind_softmode[REG] is %i\n",
02238                  rsbac_ind_softmode[SW_REG]);
02239 #endif
02240 #ifdef CONFIG_RSBAC_ACL
02241   len += sprintf(buffer + len, "rsbac_ind_softmode[ACL] is %i\n",
02242                  rsbac_ind_softmode[SW_ACL]);
02243 #endif
02244 #ifdef CONFIG_RSBAC_CAP
02245   len += sprintf(buffer + len, "rsbac_ind_softmode[CAP] is %i\n",
02246                  rsbac_ind_softmode[SW_CAP]);
02247 #endif
02248 #ifdef CONFIG_RSBAC_JAIL
02249   len += sprintf(buffer + len, "rsbac_ind_softmode[JAIL] is %i\n",
02250                  rsbac_ind_softmode[SW_JAIL]);
02251 #endif
02252 #ifdef CONFIG_RSBAC_RES
02253   len += sprintf(buffer + len, "rsbac_ind_softmode[RES] is %i\n",
02254                  rsbac_ind_softmode[SW_RES]);
02255 #endif
02256   pos = begin + len;
02257   if (pos < offset)
02258     {
02259       len = 0;
02260       begin = pos;
02261     }
02262   if (pos > offset+length)
02263     goto out;
02264 
02265 #endif
02266 #endif
02267 #ifdef CONFIG_RSBAC_FREEZE
02268   len += sprintf(buffer + len, "rsbac_freeze is %i\n",
02269                  rsbac_freeze);
02270   pos = begin + len;
02271   if (pos < offset)
02272     {
02273       len = 0;
02274       begin = pos;
02275     }
02276   if (pos > offset+length)
02277     goto out;
02278 #endif
02279 #if defined(CONFIG_RSBAC_DAZ_CACHE)
02280   /* RSBAC: DAZ - set cache ttl */
02281   len += sprintf(buffer + len, "rsbac_daz_ttl is %u\n",
02282                  rsbac_daz_get_ttl());
02283   pos = begin + len;
02284   if (pos < offset)
02285     {
02286       len = 0;
02287       begin = pos;
02288     }
02289   if (pos > offset+length)
02290     goto out;
02291 #endif
02292 #ifdef CONFIG_RSBAC_CAP_PROC_HIDE
02293   len += sprintf(buffer + len, "rsbac_cap_process_hiding is %i\n",
02294                  rsbac_cap_process_hiding);
02295   pos = begin + len;
02296   if (pos < offset)
02297     {
02298       len = 0;
02299       begin = pos;
02300     }
02301   if (pos > offset+length)
02302     goto out;
02303 #endif
02304 #ifdef CONFIG_RSBAC_CAP_LOG_MISSING
02305   len += sprintf(buffer + len, "rsbac_cap_log_missing is %i\n",
02306                  rsbac_cap_log_missing);
02307   pos = begin + len;
02308   if (pos < offset)
02309     {
02310       len = 0;
02311       begin = pos;
02312     }
02313   if (pos > offset+length)
02314     goto out;
02315 #endif
02316 #ifdef CONFIG_RSBAC_JAIL_LOG_MISSING
02317   len += sprintf(buffer + len, "rsbac_jail_log_missing is %i\n",
02318                  rsbac_jail_log_missing);
02319   pos = begin + len;
02320   if (pos < offset)
02321     {
02322       len = 0;
02323       begin = pos;
02324     }
02325   if (pos > offset+length)
02326     goto out;
02327 #endif
02328 
02329 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE_FULL
02330   len += sprintf(buffer + len, "rsbac_dac_disable is %i\n",
02331                  rsbac_dac_disable);
02332   pos = begin + len;
02333   if (pos < offset)
02334     {
02335       len = 0;
02336       begin = pos;
02337     }
02338   if (pos > offset+length)
02339     goto out;
02340 #endif
02341 
02342 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG
02343   len += sprintf(buffer + len, "rsbac_nosyslog is %i\n",
02344                  rsbac_nosyslog);
02345   pos = begin + len;
02346   if (pos < offset)
02347     {
02348       len = 0;
02349       begin = pos;
02350     }
02351   if (pos > offset+length)
02352     goto out;
02353 #endif
02354 
02355 #ifdef CONFIG_RSBAC_SYSLOG_RATE
02356   len += sprintf(buffer + len, "rsbac_syslog_rate is %u\n",
02357                  rsbac_syslog_rate);
02358   pos = begin + len;
02359   if (pos < offset)
02360     {
02361       len = 0;
02362       begin = pos;
02363     }
02364   if (pos > offset+length)
02365     goto out;
02366 #endif
02367 
02368 #ifdef CONFIG_RSBAC_FD_CACHE
02369   if (!rsbac_fd_cache_disable) {
02370     len += sprintf(buffer + len, "rsbac_fd_cache_ttl is %u\n",
02371                    rsbac_fd_cache_ttl);
02372     pos = begin + len;
02373     if (pos < offset)
02374       {
02375         len = 0;
02376         begin = pos;
02377       }
02378     if (pos > offset+length)
02379       goto out;
02380   }
02381 #endif
02382 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0)
02383   len += sprintf(buffer + len, "rsbac_list_check_interval is %u\n",
02384                  rsbac_list_check_interval);
02385   pos = begin + len;
02386   if (pos < offset)
02387     {
02388       len = 0;
02389       begin = pos;
02390     }
02391   if (pos > offset+length)
02392     goto out;
02393 #endif
02394 
02395 #if defined(CONFIG_RSBAC_LOG_REMOTE)
02396 #if defined(CONFIG_RSBAC_LOG_REMOTE_TCP)
02397   len += sprintf(buffer + len, "rsbac_log_remote_addr (TCP) is %u.%u.%u.%u\n",
02398                  NIPQUAD(rsbac_log_remote_addr));
02399 #else
02400   len += sprintf(buffer + len, "rsbac_log_remote_addr (UDP) is %u.%u.%u.%u\n",
02401                  NIPQUAD(rsbac_log_remote_addr));
02402 #endif
02403   pos = begin + len;
02404   if (pos < offset)
02405     {
02406       len = 0;
02407       begin = pos;
02408     }
02409   if (pos > offset+length)
02410     goto out;
02411   len += sprintf(buffer + len, "rsbac_log_remote_port is %u\n",
02412                  ntohs(rsbac_log_remote_port));
02413   pos = begin + len;
02414   if (pos < offset)
02415     {
02416       len = 0;
02417       begin = pos;
02418     }
02419   if (pos > offset+length)
02420     goto out;
02421 #endif
02422 
02423 #ifdef CONFIG_RSBAC_INIT_DELAY
02424   len += sprintf(buffer + len, "rsbac_no_delay_init is %i\n",
02425                  rsbac_no_delay_init);
02426   pos = begin + len;
02427   if (pos < offset)
02428     {
02429       len = 0;
02430       begin = pos;
02431     }
02432   if (pos > offset+length)
02433     goto out;
02434   len += sprintf(buffer + len, "rsbac_delayed_root is %02u:%02u\n",
02435                  RSBAC_MAJOR(rsbac_delayed_root), RSBAC_MINOR(rsbac_delayed_root));
02436   pos = begin + len;
02437   if (pos < offset)
02438     {
02439       len = 0;
02440       begin = pos;
02441     }
02442   if (pos > offset+length)
02443     goto out;
02444 #endif
02445 
02446 #if defined(CONFIG_RSBAC_UM_EXCL)
02447   len += sprintf(buffer + len, "rsbac_um_no_excl is %i\n",
02448                  rsbac_um_no_excl);
02449   pos = begin + len;
02450   if (pos < offset)
02451     {
02452       len = 0;
02453       begin = pos;
02454     }
02455   if (pos > offset+length)
02456     goto out;
02457 #endif
02458 
02459 #if defined(CONFIG_RSBAC_AUTH)
02460   len += sprintf(buffer + len, "rsbac_auth_enable_login is %i\n",
02461                  rsbac_auth_enable_login);
02462   pos = begin + len;
02463   if (pos < offset)
02464     {
02465       len = 0;
02466       begin = pos;
02467     }
02468   if (pos > offset+length)
02469     goto out;
02470 
02471 #if defined(CONFIG_RSBAC_AUTH_LEARN)
02472   len += sprintf(buffer + len, "rsbac_auth_learn is %i\n",
02473                  rsbac_auth_learn);
02474   pos = begin + len;
02475   if (pos < offset)
02476     {
02477       len = 0;
02478       begin = pos;
02479     }
02480   if (pos > offset+length)
02481     goto out;
02482 #endif
02483 #endif
02484 
02485 #if defined(CONFIG_RSBAC_ACL_LEARN)
02486   len += sprintf(buffer + len, "rsbac_acl_learn_fd is %i\n",
02487                  rsbac_acl_learn_fd);
02488   pos = begin + len;
02489   if (pos < offset)
02490     {
02491       len = 0;
02492       begin = pos;
02493     }
02494   if (pos > offset+length)
02495     goto out;
02496 #endif
02497 
02498   len += sprintf(buffer + len, "rsbac_no_defaults is %i\n",
02499                  rsbac_no_defaults);
02500   pos = begin + len;
02501   if (pos < offset)
02502     {
02503       len = 0;
02504       begin = pos;
02505     }
02506   if (pos > offset+length)
02507     goto out;
02508 
02509 #ifdef CONFIG_RSBAC_DEBUG
02510   len += sprintf(buffer + len, "rsbac_debug_write is %i\n",
02511                  rsbac_debug_write);
02512   pos = begin + len;
02513   if (pos < offset)
02514     {
02515       len = 0;
02516       begin = pos;
02517     }
02518   if (pos > offset+length)
02519     goto out;
02520 
02521   len += sprintf(buffer + len, "rsbac_debug_stack is %i\n",
02522                  rsbac_debug_stack);
02523   pos = begin + len;
02524   if (pos < offset)
02525     {
02526       len = 0;
02527       begin = pos;
02528     }
02529   if (pos > offset+length)
02530     goto out;
02531 
02532   len += sprintf(buffer + len, "rsbac_debug_lists is %i\n",
02533                  rsbac_debug_lists);
02534   pos = begin + len;
02535   if (pos < offset)
02536     {
02537       len = 0;
02538       begin = pos;
02539     }
02540   if (pos > offset+length)
02541     goto out;
02542 
02543   len += sprintf(buffer + len, "rsbac_debug_ds is %i\n",
02544                  rsbac_debug_ds);
02545   pos = begin + len;
02546   if (pos < offset)
02547     {
02548       len = 0;
02549       begin = pos;
02550     }
02551   if (pos > offset+length)
02552     goto out;
02553 
02554   len += sprintf(buffer + len, "rsbac_debug_aef is %i\n",
02555                  rsbac_debug_aef);
02556   pos = begin + len;
02557   if (pos < offset)
02558     {
02559       len = 0;
02560       begin = pos;
02561     }
02562   if (pos > offset+length)
02563     goto out;
02564 
02565   len += sprintf(buffer + len, "rsbac_debug_no_write is %i\n",
02566                  rsbac_debug_no_write);
02567   pos = begin + len;
02568   if (pos < offset)
02569     {
02570       len = 0;
02571       begin = pos;
02572     }
02573   if (pos > offset+length)
02574     goto out;
02575 
02576 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
02577 /* Boolean debug switch for REG */
02578   len += sprintf(buffer + len, "rsbac_debug_reg is %i\n",
02579                  rsbac_debug_reg);
02580   pos = begin + len;
02581   if (pos < offset)
02582     {
02583       len = 0;
02584       begin = pos;
02585     }
02586   if (pos > offset+length)
02587     goto out;
02588 #endif
02589 
02590 #if defined(CONFIG_RSBAC_NET)
02591 /* Boolean debug switch for NET data structures */
02592   len += sprintf(buffer + len, "rsbac_debug_ds_net is %i\n",
02593                  rsbac_debug_ds_net);
02594   pos = begin + len;
02595   if (pos < offset)
02596     {
02597       len = 0;
02598       begin = pos;
02599     }
02600   if (pos > offset+length)
02601     goto out;
02602 
02603 /* Boolean debug switch for NET syscalls / AEF */
02604   len += sprintf(buffer + len, "rsbac_debug_aef_net is %i\n",
02605                  rsbac_debug_aef_net);
02606   pos = begin + len;
02607   if (pos < offset)
02608     {
02609       len = 0;
02610       begin = pos;
02611     }
02612   if (pos > offset+length)
02613     goto out;
02614 
02615 /* Boolean debug switch for NET decisions / ADF */
02616   len += sprintf(buffer + len, "rsbac_debug_adf_net is %i\n",
02617                  rsbac_debug_adf_net);
02618   pos = begin + len;
02619   if (pos < offset)
02620     {
02621       len = 0;
02622       begin = pos;
02623     }
02624   if (pos > offset+length)
02625     goto out;
02626 #endif
02627 
02628 #if defined(CONFIG_RSBAC_MAC)
02629 /* Boolean debug switch for MAC data structures */
02630   len += sprintf(buffer + len, "rsbac_debug_ds_mac is %i\n",
02631                  rsbac_debug_ds_mac);
02632   pos = begin + len;
02633   if (pos < offset)
02634     {
02635       len = 0;
02636       begin = pos;
02637     }
02638   if (pos > offset+length)
02639     goto out;
02640 
02641 /* Boolean debug switch for MAC syscalls / AEF */
02642   len += sprintf(buffer + len, "rsbac_debug_aef_mac is %i\n",
02643                  rsbac_debug_aef_mac);
02644   pos = begin + len;
02645   if (pos < offset)
02646     {
02647       len = 0;
02648       begin = pos;
02649     }
02650   if (pos > offset+length)
02651     goto out;
02652 
02653 /* Boolean debug switch for MAC decisions / ADF */
02654   len += sprintf(buffer + len, "rsbac_debug_adf_mac is %i\n",
02655                  rsbac_debug_adf_mac);
02656   pos = begin + len;
02657   if (pos < offset)
02658     {
02659       len = 0;
02660       begin = pos;
02661     }
02662   if (pos > offset+length)
02663     goto out;
02664 #endif
02665 
02666 #if defined(CONFIG_RSBAC_PM) || defined(CONFIG_RSBAC_PM_MAINT)
02667 /* Boolean debug switch for PM data structures */
02668   len += sprintf(buffer + len, "rsbac_debug_ds_pm is %i\n",
02669                  rsbac_debug_ds_pm);
02670   pos = begin + len;
02671   if (pos < offset)
02672     {
02673       len = 0;
02674       begin = pos;
02675     }
02676   if (pos > offset+length)
02677     goto out;
02678 
02679 /* Boolean debug switch for PM syscalls / AEF */
02680   len += sprintf(buffer + len, "rsbac_debug_aef_pm is %i\n",
02681                  rsbac_debug_aef_pm);
02682   pos = begin + len;
02683   if (pos < offset)
02684     {
02685       len = 0;
02686       begin = pos;
02687     }
02688   if (pos > offset+length)
02689     goto out;
02690 
02691 /* Boolean debug switch for PM decisions / ADF */
02692   len += sprintf(buffer + len, "rsbac_debug_adf_pm is %i\n",
02693                  rsbac_debug_adf_pm);
02694   pos = begin + len;
02695   if (pos < offset)
02696     {
02697       len = 0;
02698       begin = pos;
02699     }
02700   if (pos > offset+length)
02701     goto out;
02702 #endif
02703 
02704 #if defined(CONFIG_RSBAC_DAZ)
02705 /* Boolean debug switch for DAZ decisions / ADF */
02706   len += sprintf(buffer + len, "rsbac_debug_adf_daz is %i\n",
02707                  rsbac_debug_adf_daz);
02708   pos = begin + len;
02709   if (pos < offset)
02710     {
02711       len = 0;
02712       begin = pos;
02713     }
02714   if (pos > offset+length)
02715     goto out;
02716 #endif
02717 
02718 #if defined(CONFIG_RSBAC_RC) || defined(CONFIG_RSBAC_RC_MAINT)
02719 /* Boolean debug switch for RC data structures */
02720   len += sprintf(buffer + len, "rsbac_debug_ds_rc is %i\n",
02721                  rsbac_debug_ds_rc);
02722   pos = begin + len;
02723   if (pos < offset)
02724     {
02725       len = 0;
02726       begin = pos;
02727     }
02728   if (pos > offset+length)
02729     goto out;
02730 
02731 /* Boolean debug switch for RC syscalls / AEF */
02732   len += sprintf(buffer + len, "rsbac_debug_aef_rc is %i\n",
02733                  rsbac_debug_aef_rc);
02734   pos = begin + len;
02735   if (pos < offset)
02736     {
02737       len = 0;
02738       begin = pos;
02739     }
02740   if (pos > offset+length)
02741     goto out;
02742 
02743 /* Boolean debug switch for RC decisions / ADF */
02744   len += sprintf(buffer + len, "rsbac_debug_adf_rc is %i\n",
02745                  rsbac_debug_adf_rc);
02746   pos = begin + len;
02747   if (pos < offset)
02748     {
02749       len = 0;
02750       begin = pos;
02751     }
02752   if (pos > offset+length)
02753     goto out;
02754 #endif
02755 
02756 #if defined(CONFIG_RSBAC_AUTH)
02757 /* Boolean debug switch for AUTH data structures */
02758   len += sprintf(buffer + len, "rsbac_debug_ds_auth is %i\n",
02759                  rsbac_debug_ds_auth);
02760   pos = begin + len;
02761   if (pos < offset)
02762     {
02763       len = 0;
02764       begin = pos;
02765     }
02766   if (pos > offset+length)
02767     goto out;
02768 
02769 /* Boolean debug switch for AUTH syscalls / AEF */
02770   len += sprintf(buffer + len, "rsbac_debug_aef_auth is %i\n",
02771                  rsbac_debug_aef_auth);
02772   pos = begin + len;
02773   if (pos < offset)
02774     {
02775       len = 0;
02776       begin = pos;
02777     }
02778   if (pos > offset+length)
02779     goto out;
02780 
02781 /* Boolean debug switch for AUTH decisions / ADF */
02782   len += sprintf(buffer + len, "rsbac_debug_adf_auth is %i\n",
02783                  rsbac_debug_adf_auth);
02784   pos = begin + len;
02785   if (pos < offset)
02786     {
02787       len = 0;
02788       begin = pos;
02789     }
02790   if (pos > offset+length)
02791     goto out;
02792 #endif
02793 
02794 #if defined(CONFIG_RSBAC_ACL)
02795 /* Boolean debug switch for ACL data structures */
02796   len += sprintf(buffer + len, "rsbac_debug_ds_acl is %i\n",
02797                  rsbac_debug_ds_acl);
02798   pos = begin + len;
02799   if (pos < offset)
02800     {
02801       len = 0;
02802       begin = pos;
02803     }
02804   if (pos > offset+length)
02805     goto out;
02806 
02807 /* Boolean debug switch for ACL syscalls / AEF */
02808   len += sprintf(buffer + len, "rsbac_debug_aef_acl is %i\n",
02809                  rsbac_debug_aef_acl);
02810   pos = begin + len;
02811   if (pos < offset)
02812     {
02813       len = 0;
02814       begin = pos;
02815     }
02816   if (pos > offset+length)
02817     goto out;
02818 
02819 /* Boolean debug switch for ACL decisions / ADF */
02820   len += sprintf(buffer + len, "rsbac_debug_adf_acl is %i\n",
02821                  rsbac_debug_adf_acl);
02822   pos = begin + len;
02823   if (pos < offset)
02824     {
02825       len = 0;
02826       begin = pos;
02827     }
02828   if (pos > offset+length)
02829     goto out;
02830 #endif
02831 
02832 #if defined(CONFIG_RSBAC_JAIL)
02833 /* Boolean debug switch for JAIL syscalls / AEF */
02834   len += sprintf(buffer + len, "rsbac_debug_aef_jail is %i\n",
02835                  rsbac_debug_aef_jail);
02836   pos = begin + len;
02837   if (pos < offset)
02838     {
02839       len = 0;
02840       begin = pos;
02841     }
02842   if (pos > offset+length)
02843     goto out;
02844 
02845 /* Boolean debug switch for JAIL decisions / ADF */
02846   len += sprintf(buffer + len, "rsbac_debug_adf_jail is %i\n",
02847                  rsbac_debug_adf_jail);
02848   pos = begin + len;
02849   if (pos < offset)
02850     {
02851       len = 0;
02852       begin = pos;
02853     }
02854   if (pos > offset+length)
02855     goto out;
02856 #endif
02857 
02858 #if defined(CONFIG_RSBAC_PAX)
02859 /* Boolean debug switch for PAX decisions / ADF */
02860   len += sprintf(buffer + len, "rsbac_debug_adf_pax is %i\n",
02861                  rsbac_debug_adf_pax);
02862   pos = begin + len;
02863   if (pos < offset)
02864     {
02865       len = 0;
02866       begin = pos;
02867     }
02868   if (pos > offset+length)
02869     goto out;
02870 #endif
02871 
02872 #if defined(CONFIG_RSBAC_UM)
02873 /* Boolean debug switch for UM data structures */
02874   len += sprintf(buffer + len, "rsbac_debug_ds_um is %i\n",
02875                  rsbac_debug_ds_um);
02876   pos = begin + len;
02877   if (pos < offset)
02878     {
02879       len = 0;
02880       begin = pos;
02881     }
02882   if (pos > offset+length)
02883     goto out;
02884 
02885 /* Boolean debug switch for UM syscalls / AEF */
02886   len += sprintf(buffer + len, "rsbac_debug_aef_um is %i\n",
02887                  rsbac_debug_aef_um);
02888   pos = begin + len;
02889   if (pos < offset)
02890     {
02891       len = 0;
02892       begin = pos;
02893     }
02894   if (pos > offset+length)
02895     goto out;
02896 
02897 /* Boolean debug switch for UM decisions / ADF */
02898   len += sprintf(buffer + len, "rsbac_debug_adf_um is %i\n",
02899                  rsbac_debug_adf_um);
02900   pos = begin + len;
02901   if (pos < offset)
02902     {
02903       len = 0;
02904       begin = pos;
02905     }
02906   if (pos > offset+length)
02907     goto out;
02908 #endif
02909 
02910 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0)
02911   len += sprintf(buffer + len, "rsbac_debug_auto is %i\n",
02912                  rsbac_debug_auto);
02913   pos = begin + len;
02914   if (pos < offset)
02915     {
02916       len = 0;
02917       begin = pos;
02918     }
02919   if (pos > offset+length)
02920     goto out;
02921 #endif /* CONFIG_RSBAC_AUTO_WRITE > 0 */
02922 #endif /* DEBUG */
02923 
02924 #if defined(CONFIG_RSBAC_RMSG)
02925   len += sprintf(buffer + len, "rsbac_rmsg_maxentries is %u\n",
02926                  rsbac_rmsg_maxentries);
02927   len += sprintf(buffer + len, "%u messages in log buffer, %lu messages lost, sequence is %u\n",
02928                  log_list_head.count, log_list_head.lost, log_seq);
02929   pos = begin + len;
02930   if (pos < offset)
02931     {
02932       len = 0;
02933       begin = pos;
02934     }
02935   if (pos > offset+length)
02936     goto out;
02937 #if defined(CONFIG_RSBAC_LOG_REMOTE)
02938   len += sprintf(buffer + len, "rsbac_log_remote_maxentries is %u\n",
02939                  rsbac_log_remote_maxentries);
02940   len += sprintf(buffer + len, "%u messages in remote log buffer, %lu messages lost\n",
02941                  remote_log_list_head.count, remote_log_list_head.lost);
02942   pos = begin + len;
02943   if (pos < offset)
02944     {
02945       len = 0;
02946       begin = pos;
02947     }
02948   if (pos > offset+length)
02949     goto out;
02950 #endif
02951 #endif
02952 
02953 out:
02954   *start = buffer + (offset - begin);
02955   len -= (offset - begin);
02956   
02957   if (len > length)
02958     len = length;
02959   return len;
02960 }
02961 
02962 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
02963 static int debug_proc_write(struct file * file, const char * buf,
02964                                 u_long count, void *ppos)
02965 #else
02966 static int debug_proc_write(struct file * file, const char __user * buf,
02967                                 unsigned long count, void *data)
02968 #endif
02969 {
02970     ssize_t err;
02971     char * k_buf;
02972     char * p;
02973     unsigned int debug_level;
02974 #ifdef CONFIG_RSBAC_SOFTMODE_IND
02975     enum rsbac_switch_target_t sw_target;
02976 #endif
02977 
02978     union rsbac_target_id_t       rsbac_target_id;
02979     union rsbac_attribute_value_t rsbac_attribute_value;
02980 
02981     if(count > PROC_BLOCK_SIZE) {
02982         return(-EOVERFLOW);
02983     }
02984     if(count < 10)
02985       return -EINVAL;
02986 
02987     if (!(k_buf = (char *) __get_free_page(GFP_KERNEL)))
02988       return(-ENOMEM);
02989     err = copy_from_user(k_buf, buf, count);
02990     if(err < 0)
02991       return err;
02992 
02993   err = count;
02994 
02995   if(!strncmp("debug", k_buf, 5) || !strncmp("rsbac", k_buf, 5))
02996     {
02997       p = k_buf + 6;
02998     }
02999   else
03000   if(!strncmp("rsbac_debug", k_buf, 11))
03001     {
03002       p = k_buf + 12;
03003     }
03004   else
03005     goto out;
03006 
03007   if (!rsbac_is_initialized())
03008     {
03009       err = -ENOSYS;
03010       goto out;
03011     }
03012     if(count < 10)
03013       return -EINVAL;
03014 
03015 
03016 #ifdef CONFIG_RSBAC_SOFTMODE
03017 #ifdef CONFIG_RSBAC_SOFTMODE_IND
03018 /* Boolean switch for RSBAC individual soft mode */
03019     /*
03020      * Usage: echo "debug ind_softmode modname #N" > /proc/rsbac_info/debug
03021      *   to set rsbac_ind_softmode[module] to given value
03022      */
03023     if(!strncmp("ind_softmode", k_buf + 6, 12)) 
03024       {
03025         char tmp[20];
03026 
03027         p += 13;
03028 
03029         if( *p == '\0' )
03030           goto out;
03031 
03032         sw_target = get_switch_target_nr(p);
03033         if(sw_target == SW_NONE)
03034           goto out;
03035         get_switch_target_name(tmp, sw_target);
03036         p += strlen(tmp)+1;
03037         if( *p == '\0' )
03038           goto out;
03039         debug_level = simple_strtoul(p, NULL, 0);
03040         /* only accept 0 or 1 */
03041         if(!debug_level || (debug_level == 1))
03042           {
03043             if(debug_level && rsbac_softmode_prohibit)
03044               {
03045                 rsbac_printk(KERN_WARNING
03046                              "debug_proc_write(): setting of softmode prohibited!\n");
03047                 err = -EPERM;
03048                 goto out;
03049               }
03050 #if defined(CONFIG_RSBAC_DEBUG)
03051             if (rsbac_debug_aef)
03052               {
03053                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for switching\n");
03054               }
03055 #endif
03056             rsbac_target_id.dummy = 0;
03057             rsbac_attribute_value.switch_target = sw_target;
03058             if (!rsbac_adf_request(R_SWITCH_MODULE,
03059                                    current->pid,
03060                                    T_NONE,
03061                                    rsbac_target_id,
03062                                    A_switch_target,
03063                                    rsbac_attribute_value))
03064               {
03065                 err = -EPERM;
03066                 goto out;
03067               }
03068             rsbac_printk(KERN_INFO
03069                    "debug_proc_write(): setting rsbac_ind_softmode[%s] to %u\n",
03070                    tmp,
03071                    debug_level);
03072             rsbac_ind_softmode[sw_target] = debug_level;
03073             err = count;
03074             goto out;
03075           }
03076         else
03077           {
03078             rsbac_printk(KERN_INFO
03079                    "debug_proc_write(): rejecting invalid ind_softmode value (should be 0 or 1)\n");
03080             err = -EINVAL;
03081             goto out;
03082           }
03083       }
03084 #endif
03085 
03086 /* Boolean switch for RSBAC soft mode prohibit */
03087     /*
03088      * Usage: echo "debug softmode_prohibit #N" > /proc/rsbac_info/debug
03089      *   to set rsbac_softmode to given value
03090      */
03091     if(!strncmp("softmode_prohibit", k_buf + 6, 17)) 
03092       {
03093         p += 18;
03094 
03095         if( *p == '\0' )
03096           goto out;
03097 
03098         debug_level = simple_strtoul(p, NULL, 0);
03099         /* only accept 0 or 1 */
03100         if(!debug_level || (debug_level == 1))
03101           {
03102             if(!debug_level && rsbac_softmode_prohibit)
03103               {
03104                 rsbac_printk(KERN_WARNING
03105                              "debug_proc_write(): setting of softmode prohibited!\n");
03106                 err = -EPERM;
03107                 goto out;
03108               }
03109 #if defined(CONFIG_RSBAC_DEBUG)
03110             if (rsbac_debug_aef)
03111               {
03112                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for softmode\n");
03113               }
03114 #endif
03115             rsbac_target_id.dummy = 0;
03116             rsbac_attribute_value.switch_target = SW_SOFTMODE;
03117             if (!rsbac_adf_request(R_SWITCH_MODULE,
03118                                    current->pid,
03119                                    T_NONE,
03120                                    rsbac_target_id,
03121                                    A_switch_target,
03122                                    rsbac_attribute_value))
03123               {
03124                 err = -EPERM;
03125                 goto out;
03126               }
03127             rsbac_printk(KERN_INFO
03128                    "debug_proc_write(): setting rsbac_softmode_prohibit to %u\n",
03129                    debug_level);
03130             rsbac_softmode_prohibit = debug_level;
03131             err = count;
03132             goto out;
03133           }
03134         else
03135           {
03136             rsbac_printk(KERN_INFO
03137                    "debug_proc_write(): rejecting invalid softmode_prohibit value (should be 0 or 1)\n");
03138             err = -EINVAL;
03139             goto out;
03140           }
03141       }
03142 /* Boolean switch for RSBAC soft mode */
03143     /*
03144      * Usage: echo "debug softmode #N" > /proc/rsbac_info/debug
03145      *   to set rsbac_softmode to given value
03146      */
03147     if(!strncmp("softmode", k_buf + 6, 8)) 
03148       {
03149         p += 9;
03150 
03151         if( *p == '\0' )
03152           goto out;
03153 
03154         debug_level = simple_strtoul(p, NULL, 0);
03155         /* only accept 0 or 1 */
03156         if(!debug_level || (debug_level == 1))
03157           {
03158             if(debug_level && rsbac_softmode_prohibit)
03159               {
03160                 rsbac_printk(KERN_WARNING
03161                              "debug_proc_write(): setting of softmode prohibited!\n");
03162                 err = -EPERM;
03163                 goto out;
03164               }
03165 #if defined(CONFIG_RSBAC_DEBUG)
03166             if (rsbac_debug_aef)
03167               {
03168                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for softmode\n");
03169               }
03170 #endif
03171             rsbac_target_id.dummy = 0;
03172             rsbac_attribute_value.switch_target = SW_SOFTMODE;
03173             if (!rsbac_adf_request(R_SWITCH_MODULE,
03174                                    current->pid,
03175                                    T_NONE,
03176                                    rsbac_target_id,
03177                                    A_switch_target,
03178                                    rsbac_attribute_value))
03179               {
03180                 err = -EPERM;
03181                 goto out;
03182               }
03183             rsbac_printk(KERN_INFO
03184                    "debug_proc_write(): setting rsbac_softmode to %u\n",
03185                    debug_level);
03186             rsbac_softmode = debug_level;
03187             err = count;
03188             goto out;
03189           }
03190         else
03191           {
03192             rsbac_printk(KERN_INFO
03193                    "debug_proc_write(): rejecting invalid softmode value (should be 0 or 1)\n");
03194             err = -EINVAL;
03195             goto out;
03196           }
03197       }
03198 #endif
03199 
03200 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE_FULL
03201 /* Boolean switch for disabling Linux DAC */
03202     /*
03203      * Usage: echo "debug dac_disable #N" > /proc/rsbac_info/debug
03204      *   to set dac_disable to given value
03205      */
03206     if(!strncmp("dac_disable", k_buf + 6, 11)) 
03207       {
03208         p += 12;
03209 
03210         if( *p == '\0' )
03211           goto out;
03212 
03213         debug_level = simple_strtoul(p, NULL, 0);
03214         /* only accept 0 or 1 */
03215         if(!debug_level || (debug_level == 1))
03216           {
03217 #if defined(CONFIG_RSBAC_DEBUG)
03218             if (rsbac_debug_aef)
03219               {
03220                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for dac_disable\n");
03221               }
03222 #endif
03223             rsbac_target_id.dummy = 0;
03224             rsbac_attribute_value.dummy = 0;
03225             if (!rsbac_adf_request(R_MODIFY_PERMISSIONS_DATA,
03226                                    current->pid,
03227                                    T_NONE,
03228                                    rsbac_target_id,
03229                                    A_none,
03230                                    rsbac_attribute_value))
03231               {
03232                 err = -EPERM;
03233                 goto out;
03234               }
03235             rsbac_printk(KERN_INFO
03236                    "debug_proc_write(): setting rsbac_dac_disable to %u\n",
03237                    debug_level);
03238             rsbac_dac_disable = debug_level;
03239             err = count;
03240             goto out;
03241           }
03242         else
03243           {
03244             rsbac_printk(KERN_INFO
03245                    "debug_proc_write(): rejecting invalid dac_disabled value (should be 0 or 1)\n");
03246             err = -EINVAL;
03247             goto out;
03248           }
03249       }
03250 #endif
03251 
03252 #ifdef CONFIG_RSBAC_FREEZE
03253 /* Boolean switch to enable freezing */
03254     /*
03255      * Usage: echo "debug freeze #N" > /proc/rsbac_info/debug
03256      *   to set freeze to given value
03257      */
03258     if(!strncmp("freeze", k_buf + 6, 6)) 
03259       {
03260         p += 7;
03261 
03262         if( *p == '\0' )
03263           goto out;
03264 
03265         debug_level = simple_strtoul(p, NULL, 0);
03266         /* only accept 0 or 1 */
03267         if(!debug_level || (debug_level == 1))
03268           {
03269             if(!debug_level && rsbac_freeze)
03270               {
03271                 rsbac_printk(KERN_WARNING
03272                              "debug_proc_write(): RSBAC configuration frozen, no administration allowed!\n");
03273                 err = -EPERM;
03274                 goto out;
03275               }
03276 
03277 #if defined(CONFIG_RSBAC_DEBUG)
03278             if (rsbac_debug_aef)
03279               {
03280                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for freeze\n");
03281               }
03282 #endif
03283             rsbac_target_id.dummy = 0;
03284             rsbac_attribute_value.switch_target = SW_FREEZE;
03285             if (!rsbac_adf_request(R_SWITCH_MODULE,
03286                                    current->pid,
03287                                    T_NONE,
03288                                    rsbac_target_id,
03289                                    A_switch_target,
03290                                    rsbac_attribute_value))
03291               {
03292                 err = -EPERM;
03293                 goto out;
03294               }
03295             rsbac_printk(KERN_INFO
03296                    "debug_proc_write(): setting rsbac_freeze to %u\n",
03297                    debug_level);
03298             rsbac_freeze = debug_level;
03299             err = count;
03300             goto out;
03301           }
03302         else
03303           {
03304             rsbac_printk(KERN_INFO
03305                    "debug_proc_write(): rejecting invalid freeze value (should be 0 or 1)\n");
03306             err = -EINVAL;
03307             goto out;
03308           }
03309       }
03310 #endif
03311 
03312 #ifdef CONFIG_RSBAC_DAZ_CACHE
03313 /* Set DAZ cache ttl */
03314     /*
03315      * Usage: echo "debug daz_ttl #n" > /proc/rsbac_info/debug
03316      *   to set daz cache ttl to given value
03317      */
03318     if(!strncmp("daz_ttl", k_buf + 6, 7)) 
03319       {
03320         rsbac_time_t tmp_ttl;
03321 #ifndef CONFIG_RSBAC_MAINT
03322         union rsbac_target_id_t       i_tid;
03323         union rsbac_attribute_value_t i_attr_val1;
03324 #endif
03325 
03326         p += 8;
03327         if( *p == '\0' )
03328           goto out;
03329 
03330         tmp_ttl = simple_strtoul(p, NULL, 0);
03331 #if defined(CONFIG_RSBAC_DEBUG)
03332             if (rsbac_debug_aef)
03333               {
03334                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for daz_ttl\n");
03335               }
03336 #endif
03337 #ifndef CONFIG_RSBAC_MAINT
03338         /* Security Officer? */
03339         i_tid.user = current->uid;
03340         if (rsbac_get_attr(SW_DAZ,
03341                            T_USER,
03342                            i_tid,
03343                            A_daz_role,
03344                            &i_attr_val1,
03345                            TRUE))
03346           {
03347             rsbac_printk(KERN_WARNING
03348                          "debug_proc_write(): rsbac_get_attr() returned error!\n");
03349             return -EPERM;
03350           }
03351         /* if not sec_officer or admin, deny */
03352         if (i_attr_val1.system_role != SR_security_officer)
03353           #ifdef CONFIG_RSBAC_SOFTMODE
03354           if(   !rsbac_softmode
03355           #ifdef CONFIG_RSBAC_SOFTMODE_IND
03356              && !rsbac_ind_softmode[SW_DAZ]
03357           #endif
03358             )
03359           #endif
03360           return -EPERM;
03361 #endif
03362             rsbac_printk(KERN_INFO
03363                    "debug_proc_write(): setting rsbac_daz_ttl to %u\n",
03364                    tmp_ttl);
03365             rsbac_daz_set_ttl(tmp_ttl);
03366             err = count;
03367             goto out;
03368       }
03369 #endif
03370 
03371 #if defined(CONFIG_RSBAC_LOG_REMOTE)
03372 /* Set remote address for remote logging */
03373     /*
03374      * Usage: echo "debug log_remote_addr a.b.c.d" > /proc/rsbac_info/debug
03375      *   to set log_remote_addr to given value
03376      */
03377     if(!strncmp("log_remote_addr", k_buf + 6, 15)) 
03378       {
03379         __u32 tmp_addr;
03380         char * tmp;
03381 
03382         p += 16;
03383         if( *p == '\0' )
03384           goto out;
03385 
03386         tmp=p;
03387         while(*tmp)
03388           {
03389             if(   (*tmp != '.')
03390                && (   (*tmp < '0')
03391                    || (*tmp > '9')
03392                   )
03393               )
03394               {
03395                 *tmp = 0;
03396                 break;
03397               }
03398             tmp++;
03399           }
03400         err = rsbac_net_str_to_inet(p, &tmp_addr);
03401         if(!err)
03402           {
03403 #if defined(CONFIG_RSBAC_DEBUG)
03404             if (rsbac_debug_aef)
03405               {
03406                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for remote_log_addr\n");
03407               }
03408 #endif
03409             rsbac_target_id.scd = ST_rsbac_remote_log;
03410             rsbac_attribute_value.dummy = 0;
03411             if (!rsbac_adf_request(R_MODIFY_SYSTEM_DATA,
03412                                    current->pid,
03413                                    T_SCD,
03414                                    rsbac_target_id,
03415                                    A_none,
03416                                    rsbac_attribute_value))
03417               {
03418                 err = -EPERM;
03419                 goto out;
03420               }
03421             rsbac_printk(KERN_INFO
03422                    "debug_proc_write(): setting rsbac_log_remote_addr to %u.%u.%u.%u\n",
03423                    NIPQUAD(tmp_addr));
03424             rsbac_log_remote_addr = tmp_addr;
03425             err = count;
03426             goto out;
03427           }
03428         else
03429           {
03430             char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
03431 
03432             if(tmp)
03433               {
03434                 get_error_name(tmp, err);
03435                 rsbac_printk(KERN_INFO
03436                              "debug_proc_write(): converting remote socket address %s failed with error %s, exiting!\n",
03437                              p,
03438                              tmp);
03439                 rsbac_kfree(tmp);
03440               }
03441             err = -EINVAL;
03442             goto out;
03443           }
03444       }
03445 /* Set remote port for remote logging */
03446     /*
03447      * Usage: echo "debug log_remote_port #n" > /proc/rsbac_info/debug
03448      *   to set log_remote_port to given value
03449      */
03450     if(!strncmp("log_remote_port", k_buf + 6, 15)) 
03451       {
03452         __u16 tmp_port;
03453 
03454         p += 16;
03455         if( *p == '\0' )
03456           goto out;
03457 
03458         tmp_port = simple_strtoul(p, NULL, 0);
03459 #if defined(CONFIG_RSBAC_DEBUG)
03460             if (rsbac_debug_aef)
03461               {
03462                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for remote_log_port\n");
03463               }
03464 #endif
03465             rsbac_target_id.scd = ST_rsbac_remote_log;
03466             rsbac_attribute_value.dummy = 0;
03467             if (!rsbac_adf_request(R_MODIFY_SYSTEM_DATA,
03468                                    current->pid,
03469                                    T_SCD,
03470                                    rsbac_target_id,
03471                                    A_none,
03472                                    rsbac_attribute_value))
03473               {
03474                 err = -EPERM;
03475                 goto out;
03476               }
03477             rsbac_printk(KERN_INFO
03478                    "debug_proc_write(): setting rsbac_log_remote_port to %u\n",
03479                    tmp_port);
03480             rsbac_log_remote_port = htons(tmp_port);
03481             err = count;
03482             goto out;
03483       }
03484 #endif
03485 
03486 #ifdef CONFIG_RSBAC_SYSLOG_RATE
03487 /* Set syslog rate limit */
03488     /*
03489      * Usage: echo "debug syslog_rate #n" > /proc/rsbac_info/debug
03490      *   to set rate limit to given value
03491      */
03492     if(!strncmp("syslog_rate", k_buf + 6, 11)) 
03493       {
03494         u_int tmp_rate;
03495 
03496         p += 12;
03497         if( *p == '\0' )
03498           goto out;
03499 
03500         tmp_rate = simple_strtoul(p, NULL, 0);
03501 #if defined(CONFIG_RSBAC_DEBUG)
03502             if (rsbac_debug_aef)
03503               {
03504                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for syslog_rate\n");
03505               }
03506 #endif
03507             rsbac_target_id.scd = ST_rsbac;
03508             rsbac_attribute_value.dummy = 0;
03509             if (!rsbac_adf_request(R_MODIFY_SYSTEM_DATA,
03510                                    current->pid,
03511                                    T_SCD,
03512                                    rsbac_target_id,
03513                                    A_none,
03514                                    rsbac_attribute_value))
03515               {
03516                 err = -EPERM;
03517                 goto out;
03518               }
03519             rsbac_printk(KERN_INFO
03520                    "debug_proc_write(): setting rsbac_syslog_rate to %u\n",
03521                    tmp_rate);
03522             rsbac_syslog_rate = tmp_rate;
03523             err = count;
03524             goto out;
03525       }
03526 #endif
03527 
03528 #ifdef CONFIG_RSBAC_FD_CACHE
03529 /* Set fd_cache_ttl */
03530     /*
03531      * Usage: echo "debug fd_cache_ttl #n" > /proc/rsbac_info/debug
03532      *   to set ttl to given value
03533      */
03534     if(!strncmp("fd_cache_ttl", k_buf + 6, 12)) 
03535       {
03536         u_int tmp_ttl;
03537 
03538         p += 13;
03539         if( *p == '\0' )
03540           goto out;
03541 
03542         tmp_ttl = simple_strtoul(p, NULL, 0);
03543 #if defined(CONFIG_RSBAC_DEBUG)
03544             if (rsbac_debug_aef)
03545               {
03546                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for fd_cache_ttl\n");
03547               }
03548 #endif
03549             rsbac_target_id.scd = ST_rsbac;
03550             rsbac_attribute_value.dummy = 0;
03551             if (!rsbac_adf_request(R_MODIFY_SYSTEM_DATA,
03552                                    current->pid,
03553                                    T_SCD,
03554                                    rsbac_target_id,
03555                                    A_none,
03556                                    rsbac_attribute_value))
03557               {
03558                 err = -EPERM;
03559                 goto out;
03560               }
03561             rsbac_printk(KERN_INFO
03562                    "debug_proc_write(): setting rsbac_fd_cache_ttl to %u\n",
03563                    tmp_ttl);
03564             rsbac_fd_cache_ttl = tmp_ttl;
03565             err = count;
03566             goto out;
03567       }
03568 #endif
03569 
03570 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0)
03571 /* Set rsbac_list_check_interval */
03572     /*
03573      * Usage: echo "debug list_check_interval #n" > /proc/rsbac_info/debug
03574      *   to set ttl to given value
03575      */
03576     if(!strncmp("list_check_interval", k_buf + 6, 19)) 
03577       {
03578         u_int tmp_ttl;
03579 
03580         p += 20;
03581         if( *p == '\0' )
03582           goto out;
03583 
03584         tmp_ttl = simple_strtoul(p, NULL, 0);
03585 #if defined(CONFIG_RSBAC_DEBUG)
03586             if (rsbac_debug_aef)
03587               {
03588                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for list_check_interval\n");
03589               }
03590 #endif
03591             rsbac_target_id.scd = ST_rsbac;
03592             rsbac_attribute_value.dummy = 0;
03593             if (!rsbac_adf_request(R_MODIFY_SYSTEM_DATA,
03594                                    current->pid,
03595                                    T_SCD,
03596                                    rsbac_target_id,
03597                                    A_none,
03598                                    rsbac_attribute_value))
03599               {
03600                 err = -EPERM;
03601                 goto out;
03602               }
03603             rsbac_printk(KERN_INFO
03604                    "debug_proc_write(): setting rsbac_list_check_interval to %u\n",
03605                    tmp_ttl);
03606             rsbac_list_check_interval = tmp_ttl;
03607             err = count;
03608             goto out;
03609       }
03610 #endif
03611 
03612 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG
03613 /* Boolean switch for disabling logging to syslog */
03614     /*
03615      * Usage: echo "debug nosyslog #N" > /proc/rsbac_info/debug
03616      *   to set rsbac_nosyslog to given value
03617      */
03618     if(!strncmp("nosyslog", k_buf + 6, 8)) 
03619       {
03620         p += 9;
03621 
03622         if( *p == '\0' )
03623           goto out;
03624 
03625         debug_level = simple_strtoul(p, NULL, 0);
03626         /* only accept 0 or 1 */
03627         if(!debug_level || (debug_level == 1))
03628           {
03629 #if defined(CONFIG_RSBAC_DEBUG)
03630             if (rsbac_debug_aef)
03631               {
03632                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for nosyslog\n");
03633               }
03634 #endif
03635             rsbac_target_id.dummy = 0;
03636             rsbac_attribute_value.dummy = 0;
03637             if (!rsbac_adf_request(R_SWITCH_LOG,
03638                                    current->pid,
03639                                    T_NONE,
03640                                    rsbac_target_id,
03641                                    A_none,
03642                                    rsbac_attribute_value))
03643               {
03644                 err = -EPERM;
03645                 goto out;
03646               }
03647             rsbac_printk(KERN_INFO
03648                    "debug_proc_write(): setting rsbac_nosyslog to %u\n",
03649                    debug_level);
03650             rsbac_nosyslog = debug_level;
03651             err = count;
03652             goto out;
03653           }
03654         else
03655           {
03656             rsbac_printk(KERN_INFO
03657                    "debug_proc_write(): rejecting invalid nosyslog value (should be 0 or 1)\n");
03658             err = -EINVAL;
03659             goto out;
03660           }
03661       }
03662 #endif
03663 
03664 #ifdef CONFIG_RSBAC_RMSG
03665 /* Set rsbac log messages limit */
03666     /*
03667      * Usage: echo "debug rmsg_maxentries #n" > /proc/rsbac_info/debug
03668      *   to set limit to given value
03669      */
03670     if(!strncmp("rmsg_maxentries", k_buf + 6, 15)) 
03671       {
03672         u_int tmp_rate;
03673 
03674         p += 16;
03675         if( *p == '\0' )
03676           goto out;
03677 
03678         tmp_rate = simple_strtoul(p, NULL, 0);
03679 #if defined(CONFIG_RSBAC_DEBUG)
03680             if (rsbac_debug_aef)
03681               {
03682                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for rmsg_maxentries\n");
03683               }
03684 #endif
03685             rsbac_target_id.scd = ST_rsbac;
03686             rsbac_attribute_value.dummy = 0;
03687             if (!rsbac_adf_request(R_MODIFY_SYSTEM_DATA,
03688                                    current->pid,
03689                                    T_SCD,
03690                                    rsbac_target_id,
03691                                    A_none,
03692                                    rsbac_attribute_value))
03693               {
03694                 err = -EPERM;
03695                 goto out;
03696               }
03697             rsbac_printk(KERN_INFO
03698                    "debug_proc_write(): setting rmsg_maxentries to %u\n",
03699                    tmp_rate);
03700             rsbac_rmsg_maxentries = tmp_rate;
03701             err = count;
03702             goto out;
03703       }
03704 #endif
03705 
03706 #ifdef CONFIG_RSBAC_LOG_REMOTE
03707 /* Set rsbac remote log messages limit */
03708     /*
03709      * Usage: echo "debug log_remote_maxentries #n" > /proc/rsbac_info/debug
03710      *   to set limit to given value
03711      */
03712     if(!strncmp("log_remote_maxentries", k_buf + 6, 21)) 
03713       {
03714         u_int tmp_rate;
03715 
03716         p += 22;
03717         if( *p == '\0' )
03718           goto out;
03719 
03720         tmp_rate = simple_strtoul(p, NULL, 0);
03721 #if defined(CONFIG_RSBAC_DEBUG)
03722             if (rsbac_debug_aef)
03723               {
03724                 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for log_remote_maxentries\n");
03725               }
03726 #endif
03727             rsbac_target_id.scd = ST_rsbac;
03728             rsbac_attribute_value.dummy = 0;
03729             if (!rsbac_adf_request(R_MODIFY_SYSTEM_DATA,
03730                                    current->pid,
03731                                    T_SCD,
03732                                    rsbac_target_id,
03733                                    A_none,
03734                                    rsbac_attribute_value))
03735               {
03736                 err = -EPERM;
03737                 goto out;
03738               }
03739             rsbac_printk(KERN_INFO
03740                    "debug_proc_write(): setting log_remote_maxentries to %u\n",
03741                    tmp_rate);
03742             rsbac_log_remote_maxentries = tmp_rate;
03743             err = count;
03744             goto out;
03745       }
03746 #endif
03747 
03748 #if defined(CONFIG_RSBAC_AUTH_LEARN)
03749 /* Boolean switch for AUTH learning mode */
03750     /*
03751      * Usage: echo "debug auth_learn #N" > /proc/rsbac_info/debug
03752      *   to set rsbac_auth_learn to given value
03753      */
03754     if(!strncmp("auth_learn", k_buf + 6, 10)) 
03755       {
03756         p += 11;
03757 
03758         if( *p == '\0' )
03759             goto out;
03760 
03761         debug_level = simple_strtoul(p, NULL, 0);
03762         /* only accept 0 or 1 */
03763         if(!debug_level || (debug_level == 1))
03764           {
03765             rsbac_target_id.dummy = 0;
03766             rsbac_attribute_value.auth_learn = debug_level;
03767             if (!rsbac_adf_request(R_MODIFY_ATTRIBUTE,
03768                                    current->pid,
03769                                    T_NONE,
03770                                    rsbac_target_id,
03771                                    A_auth_learn,
03772                                    rsbac_attribute_value))
03773               {
03774                 err = -EPERM;
03775                 goto out;
03776               }
03777             rsbac_printk(KERN_INFO
03778                    "debug_proc_write(): setting rsbac_auth_learn to %u\n",
03779                    debug_level);
03780             rsbac_auth_learn = debug_level;
03781             err = count;
03782             goto out;
03783           }
03784         else
03785           {
03786             goto out_inv;
03787           }
03788       }
03789 #endif
03790 
03791 #ifdef CONFIG_RSBAC_CAP_LOG_MISSING
03792 /* Boolean switch for CAP logging of missing caps */
03793     /*
03794      * Usage: echo "debug cap_log_missing #N" > /proc/rsbac_info/debug
03795      *   to set rsbac_cap_log_missing to given value
03796      */
03797     if(!strncmp("cap_log_missing", k_buf + 6, 15)) 
03798       {
03799         p += 16;
03800 
03801         if( *p == '\0' )
03802             goto out;
03803 
03804         debug_level = simple_strtoul(p, NULL, 0);
03805         /* only accept 0 or 1 */
03806         if(!debug_level || (debug_level == 1))
03807           {
03808             rsbac_target_id.scd = ST_rsbac;
03809             rsbac_attribute_value.dummy = 0;
03810             if (!rsbac_adf_request(R_MODIFY_SYSTEM_DATA,
03811                                    current->pid,
03812                                    T_SCD,
03813                                    rsbac_target_id,
03814                                    A_none,
03815                                    rsbac_attribute_value))
03816               {
03817                 err = -EPERM;
03818                 goto out;
03819               }
03820             rsbac_printk(KERN_INFO
03821                    "debug_proc_write(): setting rsbac_cap_log_missing to %u\n",
03822                    debug_level);
03823             rsbac_cap_log_missing = debug_level;
03824             err = count;
03825             goto out;
03826           }
03827         else
03828           {
03829             goto out_inv;
03830           }
03831       }
03832 #endif
03833 
03834 #ifdef CONFIG_RSBAC_JAIL_LOG_MISSING
03835 /* Boolean switch for JAIL logging of missing caps */
03836     /*
03837      * Usage: echo "debug jail_log_missing #N" > /proc/rsbac_info/debug
03838      *   to set rsbac_jail_log_missing to given value
03839      */
03840     if(!strncmp("jail_log_missing", k_buf + 6, 16)) 
03841       {
03842         p += 17;
03843 
03844         if( *p == '\0' )
03845             goto out;
03846 
03847         debug_level = simple_strtoul(p, NULL, 0);
03848         /* only accept 0 or 1 */
03849         if(!debug_level || (debug_level == 1))
03850           {
03851             rsbac_target_id.scd = ST_rsbac;
03852             rsbac_attribute_value.dummy = 0;
03853             if (!rsbac_adf_request(R_MODIFY_SYSTEM_DATA,
03854                                    current->pid,
03855                                    T_SCD,
03856                                    rsbac_target_id,
03857                                    A_none,
03858                                    rsbac_attribute_value))
03859               {
03860                 err = -EPERM;
03861                 goto out;
03862               }
03863             rsbac_printk(KERN_INFO
03864                    "debug_proc_write(): setting rsbac_jail_log_missing to %u\n",
03865                    debug_level);
03866             rsbac_jail_log_missing = debug_level;
03867             err = count;
03868             goto out;
03869           }
03870         else
03871           {
03872             goto out_inv;
03873           }
03874       }
03875 #endif
03876 
03877 
03878 #if defined(CONFIG_RSBAC_ACL_LEARN)
03879 /* Boolean switch for ACL FD learning mode */
03880     /*
03881      * Usage: echo "debug acl_learn_fd #N" > /proc/rsbac_info/debug
03882      *   to set rsbac_acl_learn_fd to given value
03883      */
03884     if(!strncmp("acl_learn_fd", k_buf + 6, 12)) 
03885       {
03886         p += 13;
03887 
03888         if( *p == '\0' )
03889             goto out;
03890 
03891         debug_level = simple_strtoul(p, NULL, 0);
03892         /* only accept 0 or 1 */
03893         if(!debug_level || (debug_level == 1))
03894           {
03895             /* use default acls */
03896             rsbac_target_id.file.device = RSBAC_ZERO_DEV;
03897             rsbac_target_id.file.inode = 0;
03898             rsbac_target_id.file.dentry_p = NULL;
03899 
03900             if (!rsbac_adf_request(R_MODIFY_ATTRIBUTE,
03901                                    current->pid,
03902                                    T_FILE,
03903                                    rsbac_target_id,
03904                                    A_acl_learn,
03905                                    rsbac_attribute_value))
03906               {
03907                 err = -EPERM;
03908                 goto out;
03909               }
03910             rsbac_printk(KERN_INFO
03911                    "debug_proc_write(): setting rsbac_acl_learn_fd to %u\n",
03912                    debug_level);
03913             rsbac_acl_learn_fd = debug_level;
03914             err = count;
03915             goto out;
03916           }
03917         else
03918           {
03919             goto out_inv;
03920           }
03921       }
03922 #endif
03923 
03924 #if defined(CONFIG_RSBAC_DEBUG)
03925     if (rsbac_debug_aef)
03926       {
03927         rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF\n");
03928       }
03929     rsbac_target_id.scd = ST_rsbac;
03930     rsbac_attribute_value.dummy = 0;
03931     if (!rsbac_adf_request(R_MODIFY_SYSTEM_DATA,
03932                            current->pid,
03933                            T_SCD,
03934                            rsbac_target_id,
03935                            A_none,
03936                            rsbac_attribute_value))
03937       {
03938         err = -EPERM;
03939         goto out;
03940       }
03941 
03942 #if defined(CONFIG_RSBAC_NET)
03943 /* Boolean debug switch for NET data structures */
03944     /*
03945      * Usage: echo "debug ds_net #N" > /proc/rsbac_info/debug
03946      *   to set rsbac_debug_ds_net to given value
03947      */
03948     if(!strncmp("ds_net", k_buf + 6, 6)) 
03949       {
03950         p += 7;
03951 
03952         if( *p == '\0' )
03953           goto out;
03954 
03955         debug_level = simple_strtoul(p, NULL, 0);
03956         /* only accept 0 or 1 */
03957         if(!debug_level || (debug_level == 1))
03958           {
03959             rsbac_printk(KERN_INFO
03960                    "debug_proc_write(): setting rsbac_debug_ds_net to %u\n",
03961                    debug_level);
03962             rsbac_debug_ds_net = debug_level;
03963             err = count;
03964             goto out;
03965           }
03966         else
03967           {
03968             goto out_inv;
03969           }
03970       }
03971 /* Boolean debug switch for NET syscalls / AEF */
03972     /*
03973      * Usage: echo "debug aef_net #N" > /proc/rsbac_info/debug
03974      *   to set rsbac_debug_aef_net to given value
03975      */
03976     if(!strncmp("aef_net", k_buf + 6, 7)) 
03977       {
03978         p += 8;
03979 
03980         if( *p == '\0' )
03981             goto out;
03982 
03983         debug_level = simple_strtoul(p, NULL, 0);
03984         /* only accept 0 or 1 */
03985         if(!debug_level || (debug_level == 1))
03986           {
03987             rsbac_printk(KERN_INFO
03988                    "debug_proc_write(): setting rsbac_debug_aef_net to %u\n",
03989                    debug_level);
03990             rsbac_debug_aef_net = debug_level;
03991             err = count;
03992             goto out;
03993           }
03994         else
03995           {
03996             goto out_inv;
03997           }
03998       }
03999 
04000 /* Boolean debug switch for NET decisions / ADF */
04001     /*
04002      * Usage: echo "debug adf_net #N" > /proc/rsbac_info/debug
04003      *   to set rsbac_debug_adf_net to given value
04004      */
04005     if(!strncmp("adf_net", k_buf + 6, 7)) 
04006       {
04007         p += 8;
04008 
04009         if( *p == '\0' )
04010             goto out;
04011 
04012         debug_level = simple_strtoul(p, NULL, 0);
04013         /* only accept 0 or 1 */
04014         if(!debug_level || (debug_level == 1))
04015           {
04016             rsbac_printk(KERN_INFO
04017                    "debug_proc_write(): setting rsbac_debug_adf_net to %u\n",
04018                    debug_level);
04019             rsbac_debug_adf_net = debug_level;
04020             err = count;
04021             goto out;
04022           }
04023         else
04024           {
04025             goto out_inv;
04026           }
04027       }
04028 #endif
04029 
04030 #if defined(CONFIG_RSBAC_MAC)
04031 /* Boolean debug switch for MAC data structures */
04032     /*
04033      * Usage: echo "debug ds_mac #N" > /proc/rsbac_info/debug
04034      *   to set rsbac_debug_ds_mac to given value
04035      */
04036     if(!strncmp("ds_mac", k_buf + 6, 6)) 
04037       {
04038         p += 7;
04039 
04040         if( *p == '\0' )
04041           goto out;
04042 
04043         debug_level = simple_strtoul(p, NULL, 0);
04044         /* only accept 0 or 1 */
04045         if(!debug_level || (debug_level == 1))
04046           {
04047             rsbac_printk(KERN_INFO
04048                    "debug_proc_write(): setting rsbac_debug_ds_mac to %u\n",
04049                    debug_level);
04050             rsbac_debug_ds_mac = debug_level;
04051             err = count;
04052             goto out;
04053           }
04054         else
04055           {
04056             goto out_inv;
04057           }
04058       }
04059 /* Boolean debug switch for MAC syscalls / AEF */
04060     /*
04061      * Usage: echo "debug aef_mac #N" > /proc/rsbac_info/debug
04062      *   to set rsbac_debug_aef_mac to given value
04063      */
04064     if(!strncmp("aef_mac", k_buf + 6, 7)) 
04065       {
04066         p += 8;
04067 
04068         if( *p == '\0' )
04069             goto out;
04070 
04071         debug_level = simple_strtoul(p, NULL, 0);
04072         /* only accept 0 or 1 */
04073         if(!debug_level || (debug_level == 1))
04074           {
04075             rsbac_printk(KERN_INFO
04076                    "debug_proc_write(): setting rsbac_debug_aef_mac to %u\n",
04077                    debug_level);
04078             rsbac_debug_aef_mac = debug_level;
04079             err = count;
04080             goto out;
04081           }
04082         else
04083           {
04084             goto out_inv;
04085           }
04086       }
04087 
04088 /* Boolean debug switch for MAC decisions / ADF */
04089     /*
04090      * Usage: echo "debug adf_mac #N" > /proc/rsbac_info/debug
04091      *   to set rsbac_debug_adf_mac to given value
04092      */
04093     if(!strncmp("adf_mac", k_buf + 6, 7)) 
04094       {
04095         p += 8;
04096 
04097         if( *p == '\0' )
04098             goto out;
04099 
04100         debug_level = simple_strtoul(p, NULL, 0);
04101         /* only accept 0 or 1 */
04102         if(!debug_level || (debug_level == 1))
04103           {
04104             rsbac_printk(KERN_INFO
04105                    "debug_proc_write(): setting rsbac_debug_adf_mac to %u\n",
04106                    debug_level);
04107             rsbac_debug_adf_mac = debug_level;
04108             err = count;
04109             goto out;
04110           }
04111         else
04112           {
04113             goto out_inv;
04114           }
04115       }
04116 #endif
04117 
04118 #if defined(CONFIG_RSBAC_PM) || defined(CONFIG_RSBAC_PM_MAINT)
04119 /* Boolean debug switch for PM data structures */
04120     /*
04121      * Usage: echo "debug ds_pm #N" > /proc/rsbac_info/debug
04122      *   to set rsbac_debug_ds_pm to given value
04123      */
04124     if(!strncmp("ds_pm", k_buf + 6, 5)) 
04125       {
04126         p += 6;
04127 
04128         if( *p == '\0' )
04129           goto out;
04130 
04131         debug_level = simple_strtoul(p, NULL, 0);
04132         /* only accept 0 or 1 */
04133         if(!debug_level || (debug_level == 1))
04134           {
04135             rsbac_printk(KERN_INFO
04136                    "debug_proc_write(): setting rsbac_debug_ds_pm to %u\n",
04137                    debug_level);
04138             rsbac_debug_ds_pm = debug_level;
04139             err = count;
04140             goto out;
04141           }
04142         else
04143           {
04144             goto out_inv;
04145           }
04146       }
04147 /* Boolean debug switch for PM syscalls / AEF */
04148     /*
04149      * Usage: echo "debug aef_pm #N" > /proc/rsbac_info/debug
04150      *   to set rsbac_debug_aef_pm to given value
04151      */
04152     if(!strncmp("aef_pm", k_buf + 6, 6)) 
04153       {
04154         p += 7;
04155 
04156         if( *p == '\0' )
04157             goto out;
04158 
04159         debug_level = simple_strtoul(p, NULL, 0);
04160         /* only accept 0 or 1 */
04161         if(!debug_level || (debug_level == 1))
04162           {
04163             rsbac_printk(KERN_INFO
04164                    "debug_proc_write(): setting rsbac_debug_aef_pm to %u\n",
04165                    debug_level);
04166             rsbac_debug_aef_pm = debug_level;
04167             err = count;
04168             goto out;
04169           }
04170         else
04171           {
04172             goto out_inv;
04173           }
04174       }
04175 
04176 /* Boolean debug switch for PM decisions / ADF */
04177     /*
04178      * Usage: echo "debug adf_pm #N" > /proc/rsbac_info/debug
04179      *   to set rsbac_debug_adf_pm to given value
04180      */
04181     if(!strncmp("adf_pm", k_buf + 6, 6)) 
04182       {
04183         p += 7;
04184 
04185         if( *p == '\0' )
04186             goto out;
04187 
04188         debug_level = simple_strtoul(p, NULL, 0);
04189         /* only accept 0 or 1 */
04190         if(!debug_level || (debug_level == 1))
04191           {
04192             rsbac_printk(KERN_INFO
04193                    "debug_proc_write(): setting rsbac_debug_adf_pm to %u\n",
04194                    debug_level);
04195             rsbac_debug_adf_pm = debug_level;
04196             err = count;
04197             goto out;
04198           }
04199         else
04200           {
04201             goto out_inv;
04202           }
04203       }
04204 #endif
04205 
04206 #if defined(CONFIG_RSBAC_DAZ)
04207 /* Boolean debug switch for DAZ decisions / ADF */
04208     /*
04209      * Usage: echo "debug adf_daz #N" > /proc/rsbac_info/debug
04210      *   to set rsbac_debug_adf_daz to given value
04211      */
04212     if(!strncmp("adf_daz", k_buf + 6, 7)) 
04213       {
04214         p += 8;
04215 
04216         if( *p == '\0' )
04217             goto out;
04218 
04219         debug_level = simple_strtoul(p, NULL, 0);
04220         /* only accept 0 or 1 */
04221         if(!debug_level || (debug_level == 1))
04222           {
04223             rsbac_printk(KERN_INFO
04224                    "debug_proc_write(): setting rsbac_debug_adf_daz to %u\n",
04225                    debug_level);
04226             rsbac_debug_adf_daz = debug_level;
04227             err = count;
04228             goto out;
04229           }
04230         else
04231           {
04232             goto out_inv;
04233           }
04234       }
04235 #endif
04236 
04237 #if defined(CONFIG_RSBAC_RC) || defined(CONFIG_RSBAC_RC_MAINT)
04238 /* Boolean debug switch for RC data structures */
04239     /*
04240      * Usage: echo "debug ds_rc #N" > /proc/rsbac_info/debug
04241      *   to set rsbac_debug_ds_rc to given value
04242      */
04243     if(!strncmp("ds_rc", k_buf + 6, 5)) 
04244       {
04245         p += 6;
04246 
04247         if( *p == '\0' )
04248             goto out;
04249 
04250         debug_level = simple_strtoul(p, NULL, 0);
04251         /* only accept 0 or 1 */
04252         if(!debug_level || (debug_level == 1))
04253           {
04254             rsbac_printk(KERN_INFO
04255                    "debug_proc_write(): setting rsbac_debug_ds_rc to %u\n",
04256                    debug_level);
04257             rsbac_debug_ds_rc = debug_level;
04258             err = count;
04259             goto out;
04260           }
04261         else
04262           {
04263             goto out_inv;
04264           }
04265       }
04266 /* Boolean debug switch for RC syscalls / AEF */
04267     /*
04268      * Usage: echo "debug aef_rc #N" > /proc/rsbac_info/debug
04269      *   to set rsbac_debug_aef_rc to given value
04270      */
04271     if(!strncmp("aef_rc", k_buf + 6, 6)) 
04272       {
04273         p += 7;
04274 
04275         if( *p == '\0' )
04276             goto out;
04277 
04278         debug_level = simple_strtoul(p, NULL, 0);
04279         /* only accept 0 or 1 */
04280         if(!debug_level || (debug_level == 1))
04281           {
04282             rsbac_printk(KERN_INFO
04283                    "debug_proc_write(): setting rsbac_debug_aef_rc to %u\n",
04284                    debug_level);
04285             rsbac_debug_aef_rc = debug_level;
04286             err = count;
04287             goto out;
04288           }
04289         else
04290           {
04291             goto out_inv;
04292           }
04293       }
04294 
04295 /* Boolean debug switch for RC decisions / ADF */
04296     /*
04297      * Usage: echo "debug adf_rc #N" > /proc/rsbac_info/debug
04298      *   to set rsbac_debug_adf_rc to given value
04299      */
04300     if(!strncmp("adf_rc", k_buf + 6, 6)) 
04301       {
04302         p += 7;
04303 
04304         if( *p == '\0' )
04305             goto out;
04306 
04307         debug_level = simple_strtoul(p, NULL, 0);
04308         /* only accept 0 or 1 */
04309         if(!debug_level || (debug_level == 1))
04310           {
04311             rsbac_printk(KERN_INFO
04312                    "debug_proc_write(): setting rsbac_debug_adf_rc to %u\n",
04313                    debug_level);
04314             rsbac_debug_adf_rc = debug_level;
04315             err = count;
04316             goto out;
04317           }
04318         else
04319           {
04320             goto out_inv;
04321           }
04322       }
04323 #endif
04324 
04325 #if defined(CONFIG_RSBAC_AUTH)
04326 /* Boolean debug switch for AUTH data structures */
04327     /*
04328      * Usage: echo "debug ds_auth #N" > /proc/rsbac_info/debug
04329      *   to set rsbac_debug_ds_auth to given value
04330      */
04331     if(!strncmp("ds_auth", k_buf + 6, 7)) 
04332       {
04333         p += 8;
04334 
04335         if( *p == '\0' )
04336             goto out;
04337 
04338         debug_level = simple_strtoul(p, NULL, 0);
04339         /* only accept 0 or 1 */
04340         if(!debug_level || (debug_level == 1))
04341           {
04342             rsbac_printk(KERN_INFO
04343                    "debug_proc_write(): setting rsbac_debug_ds_auth to %u\n",
04344                    debug_level);
04345             rsbac_debug_ds_auth = debug_level;
04346             err = count;
04347             goto out;
04348           }
04349         else
04350           {
04351             goto out_inv;
04352           }
04353       }
04354 /* Boolean debug switch for AUTH syscalls / AEF */
04355     /*
04356      * Usage: echo "debug aef_auth #N" > /proc/rsbac_info/debug
04357      *   to set rsbac_debug_aef_auth to given value
04358      */
04359     if(!strncmp("aef_auth", k_buf + 6, 8)) 
04360       {
04361         p += 9;
04362 
04363         if( *p == '\0' )
04364             goto out;
04365 
04366         debug_level = simple_strtoul(p, NULL, 0);
04367         /* only accept 0 or 1 */
04368         if(!debug_level || (debug_level == 1))
04369           {
04370             rsbac_printk(KERN_INFO
04371                    "debug_proc_write(): setting rsbac_debug_aef_auth to %u\n",
04372                    debug_level);
04373             rsbac_debug_aef_auth = debug_level;
04374             err = count;
04375             goto out;
04376           }
04377         else
04378           {
04379             goto out_inv;
04380           }
04381       }
04382 
04383 /* Boolean debug switch for AUTH decisions / ADF */
04384     /*
04385      * Usage: echo "debug adf_auth #N" > /proc/rsbac_info/debug
04386      *   to set rsbac_debug_adf_auth to given value
04387      */
04388     if(!strncmp("adf_auth", k_buf + 6, 8)) 
04389       {
04390         p += 9;
04391 
04392         if( *p == '\0' )
04393             goto out;
04394 
04395         debug_level = simple_strtoul(p, NULL, 0);
04396         /* only accept 0 or 1 */
04397         if(!debug_level || (debug_level == 1))
04398           {
04399             rsbac_printk(KERN_INFO
04400                    "debug_proc_write(): setting rsbac_debug_adf_auth to %u\n",
04401                    debug_level);
04402             rsbac_debug_adf_auth = debug_level;
04403             err = count;
04404             goto out;
04405           }
04406         else
04407           {
04408             goto out_inv;
04409           }
04410       }
04411 
04412 #endif
04413 
04414 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
04415 /* Boolean debug switch for REG */
04416     /*
04417      * Usage: echo "debug reg #N" > /proc/rsbac_info/debug
04418      *   to set rsbac_debug_reg to given value
04419      */
04420     if(!strncmp("reg", k_buf + 6, 3)) 
04421       {
04422         p += 3;
04423 
04424         if( *p == '\0' )
04425             goto out;
04426 
04427         debug_level = simple_strtoul(p, NULL, 0);
04428         /* only accept 0 or 1 */
04429         if(!debug_level || (debug_level == 1))
04430           {
04431             rsbac_printk(KERN_INFO
04432                    "debug_proc_write(): setting rsbac_debug_reg to %u\n",
04433                    debug_level);
04434             rsbac_debug_reg = debug_level;
04435             err = count;
04436             goto out;
04437           }
04438         else
04439           {
04440             goto out_inv;
04441           }
04442       }
04443 #endif
04444 
04445 #if defined(CONFIG_RSBAC_ACL)
04446 /* Boolean debug switch for ACL data structures */
04447     /*
04448      * Usage: echo "debug ds_acl #N" > /proc/rsbac_info/debug
04449      *   to set rsbac_debug_ds_acl to given value
04450      */
04451     if(!strncmp("ds_acl", k_buf + 6, 6)) 
04452       {
04453         p += 7;
04454 
04455         if( *p == '\0' )
04456             goto out;
04457 
04458         debug_level = simple_strtoul(p, NULL, 0);
04459         /* only accept 0 or 1 */
04460         if(!debug_level || (debug_level == 1))
04461           {
04462             rsbac_printk(KERN_INFO
04463                    "debug_proc_write(): setting rsbac_debug_ds_acl to %u\n",
04464                    debug_level);
04465             rsbac_debug_ds_acl = debug_level;
04466             err = count;
04467             goto out;
04468           }
04469         else
04470           {
04471             goto out_inv;
04472           }
04473       }
04474 /* Boolean debug switch for ACL syscalls / AEF */
04475     /*
04476      * Usage: echo "debug aef_acl #N" > /proc/rsbac_info/debug
04477      *   to set rsbac_debug_aef_acl to given value
04478      */
04479     if(!strncmp("aef_acl", k_buf + 6, 7)) 
04480       {
04481         p += 8;
04482 
04483         if( *p == '\0' )
04484             goto out;
04485 
04486         debug_level = simple_strtoul(p, NULL, 0);
04487         /* only accept 0 or 1 */
04488         if(!debug_level || (debug_level == 1))
04489           {
04490             rsbac_printk(KERN_INFO
04491                    "debug_proc_write(): setting rsbac_debug_aef_acl to %u\n",
04492                    debug_level);
04493             rsbac_debug_aef_acl = debug_level;
04494             err = count;
04495             goto out;
04496           }
04497         else
04498           {
04499             goto out_inv;
04500           }
04501       }
04502 
04503 /* Boolean debug switch for ACL decisions / ADF */
04504     /*
04505      * Usage: echo "debug adf_acl #N" > /proc/rsbac_info/debug
04506      *   to set rsbac_debug_adf_acl to given value
04507      */
04508     if(!strncmp("adf_acl", k_buf + 6, 7)) 
04509       {
04510         p += 8;
04511 
04512         if( *p == '\0' )
04513             goto out;
04514 
04515         debug_level = simple_strtoul(p, NULL, 0);
04516         /* only accept 0 or 1 */
04517         if(!debug_level || (debug_level == 1))
04518           {
04519             rsbac_printk(KERN_INFO
04520                    "debug_proc_write(): setting rsbac_debug_adf_acl to %u\n",
04521                    debug_level);
04522             rsbac_debug_adf_acl = debug_level;
04523             err = count;
04524             goto out;
04525           }
04526         else
04527           {
04528             goto out_inv;
04529           }
04530       }
04531 #endif
04532 
04533 #if defined(CONFIG_RSBAC_JAIL)
04534 /* Boolean debug switch for JAIL syscalls / AEF */
04535     /*
04536      * Usage: echo "debug aef_jail #N" > /proc/rsbac_info/debug
04537      *   to set rsbac_debug_aef_jail to given value
04538      */
04539     if(!strncmp("aef_jail", k_buf + 6, 8)) 
04540       {
04541         p += 9;
04542 
04543         if( *p == '\0' )
04544             goto out;
04545 
04546         debug_level = simple_strtoul(p, NULL, 0);
04547         /* only accept 0 or 1 */
04548         if(!debug_level || (debug_level == 1))
04549           {
04550             rsbac_printk(KERN_INFO
04551                    "debug_proc_write(): setting rsbac_debug_aef_jail to %u\n",
04552                    debug_level);
04553             rsbac_debug_aef_jail = debug_level;
04554             err = count;
04555             goto out;
04556           }
04557         else
04558           {
04559             goto out_inv;
04560           }
04561       }
04562 
04563 /* Boolean debug switch for JAIL decisions / ADF */
04564     /*
04565      * Usage: echo "debug adf_jail #N" > /proc/rsbac_info/debug
04566      *   to set rsbac_debug_adf_jail to given value
04567      */
04568     if(!strncmp("adf_jail", k_buf + 6, 8)) 
04569       {
04570         p += 9;
04571 
04572         if( *p == '\0' )
04573             goto out;
04574 
04575         debug_level = simple_strtoul(p, NULL, 0);
04576         /* only accept 0 or 1 */
04577         if(!debug_level || (debug_level == 1))
04578           {
04579             rsbac_printk(KERN_INFO
04580                    "debug_proc_write(): setting rsbac_debug_adf_jail to %u\n",
04581                    debug_level);
04582             rsbac_debug_adf_jail = debug_level;
04583             err = count;
04584             goto out;
04585           }
04586         else
04587           {
04588             goto out_inv;
04589           }
04590       }
04591 #endif
04592 
04593 #if defined(CONFIG_RSBAC_PAX)
04594 /* Boolean debug switch for PAX decisions / ADF */
04595     /*
04596      * Usage: echo "debug adf_pax #N" > /proc/rsbac_info/debug
04597      *   to set rsbac_debug_adf_pax to given value
04598      */
04599     if(!strncmp("adf_pax", k_buf + 6, 7)) 
04600       {
04601         p += 8;
04602 
04603         if( *p == '\0' )
04604             goto out;
04605 
04606         debug_level = simple_strtoul(p, NULL, 0);
04607         /* only accept 0 or 1 */
04608         if(!debug_level || (debug_level == 1))
04609           {
04610             rsbac_printk(KERN_INFO
04611                    "debug_proc_write(): setting rsbac_debug_adf_pax to %u\n",
04612                    debug_level);
04613             rsbac_debug_adf_pax = debug_level;
04614             err = count;
04615             goto out;
04616           }
04617         else
04618           {
04619             goto out_inv;
04620           }
04621       }
04622 #endif
04623 
04624 #if defined(CONFIG_RSBAC_UM)
04625 /* Boolean debug switch for UM data structures */
04626     /*
04627      * Usage: echo "debug ds_um #N" > /proc/rsbac_info/debug
04628      *   to set rsbac_debug_ds_um to given value
04629      */
04630     if(!strncmp("ds_um", k_buf + 6, 5)) 
04631       {
04632         p += 6;
04633 
04634         if( *p == '\0' )
04635           goto out;
04636 
04637         debug_level = simple_strtoul(p, NULL, 0);
04638         /* only accept 0 or 1 */
04639         if(!debug_level || (debug_level == 1))
04640           {
04641             rsbac_printk(KERN_INFO
04642                    "debug_proc_write(): setting rsbac_debug_ds_um to %u\n",
04643                    debug_level);
04644             rsbac_debug_ds_um = debug_level;
04645             err = count;
04646             goto out;
04647           }
04648         else
04649           {
04650             goto out_inv;
04651           }
04652       }
04653 /* Boolean debug switch for UM syscalls / AEF */
04654     /*
04655      * Usage: echo "debug aef_um #N" > /proc/rsbac_info/debug
04656      *   to set rsbac_debug_aef_um to given value
04657      */
04658     if(!strncmp("aef_um", k_buf + 6, 6)) 
04659       {
04660         p += 7;
04661 
04662         if( *p == '\0' )
04663             goto out;
04664 
04665         debug_level = simple_strtoul(p, NULL, 0);
04666         /* only accept 0 or 1 */
04667         if(!debug_level || (debug_level == 1))
04668           {
04669             rsbac_printk(KERN_INFO
04670                    "debug_proc_write(): setting rsbac_debug_aef_um to %u\n",
04671                    debug_level);
04672             rsbac_debug_aef_um = debug_level;
04673             err = count;
04674             goto out;
04675           }
04676         else
04677           {
04678             goto out_inv;
04679           }
04680       }
04681 
04682 /* Boolean debug switch for UM decisions / ADF */
04683     /*
04684      * Usage: echo "debug adf_um #N" > /proc/rsbac_info/debug
04685      *   to set rsbac_debug_adf_um to given value
04686      */
04687     if(!strncmp("adf_um", k_buf + 6, 6)) 
04688       {
04689         p += 7;
04690 
04691         if( *p == '\0' )
04692             goto out;
04693 
04694         debug_level = simple_strtoul(p, NULL, 0);
04695         /* only accept 0 or 1 */
04696         if(!debug_level || (debug_level == 1))
04697           {
04698             rsbac_printk(KERN_INFO
04699                    "debug_proc_write(): setting rsbac_debug_adf_um to %u\n",
04700                    debug_level);
04701             rsbac_debug_adf_um = debug_level;
04702             err = count;
04703             goto out;
04704           }
04705         else
04706           {
04707             goto out_inv;
04708           }
04709       }
04710 #endif
04711 
04712     /*
04713      * Usage: echo "debug ds #N" > /proc/rsbac_info/debug
04714      *   to set rsbac_debug_ds to given value
04715      */
04716     if(!strncmp("ds", k_buf + 6, 2)) 
04717       {
04718         p += 3;
04719 
04720         if( *p == '\0' )
04721             goto out;
04722 
04723         debug_level = simple_strtoul(p, NULL, 0);
04724         /* only accept 0 or 1 */
04725         if(!debug_level || (debug_level == 1))
04726           {
04727             rsbac_printk(KERN_INFO
04728                    "debug_proc_write(): setting rsbac_debug_ds to %u\n",
04729                    debug_level);
04730             rsbac_debug_ds = debug_level;
04731             err = count;
04732             goto out;
04733           }
04734         else
04735           {
04736             goto out_inv;
04737           }
04738       }
04739 
04740     /*
04741      * Usage: echo "debug write #N" > /proc/rsbac_info/debug
04742      *   to set rsbac_debug_write to given value
04743      */
04744     if(!strncmp("write", k_buf + 6, 5)) 
04745       {
04746         p += 6;
04747 
04748         if( *p == '\0' )
04749             goto out;
04750 
04751         debug_level = simple_strtoul(p, NULL, 0);
04752         /* only accept 0 or 1 */
04753         if(!debug_level || (debug_level == 1))
04754           {
04755             rsbac_printk(KERN_INFO
04756                    "debug_proc_write(): setting rsbac_debug_write to %u\n",
04757                    debug_level);
04758             rsbac_debug_write = debug_level;
04759             err = count;
04760             goto out;
04761           }
04762         else
04763           {
04764             goto out_inv;
04765           }
04766       }
04767 
04768     /*
04769      * Usage: echo "debug stack #N" > /proc/rsbac_info/debug
04770      *   to set rsbac_debug_stack to given value
04771      */
04772     if(!strncmp("stack", k_buf + 6, 5)) 
04773       {
04774         p += 6;
04775 
04776         if( *p == '\0' )
04777             goto out;
04778 
04779         debug_level = simple_strtoul(p, NULL, 0);
04780         /* only accept 0 or 1 */
04781         if(!debug_level || (debug_level == 1))
04782           {
04783             rsbac_printk(KERN_INFO
04784                    "debug_proc_write(): setting rsbac_debug_stack to %u\n",
04785                    debug_level);
04786             rsbac_debug_stack = debug_level;
04787             err = count;
04788             goto out;
04789           }
04790         else
04791           {
04792             goto out_inv;
04793           }
04794       }
04795 
04796     /*
04797      * Usage: echo "debug lists #N" > /proc/rsbac_info/debug
04798      *   to set rsbac_debug_lists to given value
04799      */
04800     if(!strncmp("lists", k_buf + 6, 5)) 
04801       {
04802         p += 6;
04803 
04804         if( *p == '\0' )
04805             goto out;
04806 
04807         debug_level = simple_strtoul(p, NULL, 0);
04808         /* only accept 0 or 1 */
04809         if(!debug_level || (debug_level == 1))
04810           {
04811             rsbac_printk(KERN_INFO
04812                    "debug_proc_write(): setting rsbac_debug_lists to %u\n",
04813                    debug_level);
04814             rsbac_debug_lists = debug_level;
04815             err = count;
04816             goto out;
04817           }
04818         else
04819           {
04820             goto out_inv;
04821           }
04822       }
04823 
04824     /* Boolean debug switch for AEF */
04825     /*
04826      * Usage: echo "debug aef #N" > /proc/rsbac_info/debug
04827      *   to set rsbac_debug_aef to given value
04828      */
04829     if(!strncmp("aef", k_buf + 6, 3)) 
04830       {
04831         p += 4;
04832 
04833         if( *p == '\0' )
04834             goto out;
04835 
04836         debug_level = simple_strtoul(p, NULL, 0);
04837         /* only accept 0 or 1 */
04838         if(!debug_level || (debug_level == 1))
04839           {
04840             rsbac_printk(KERN_INFO
04841                    "debug_proc_write(): setting rsbac_debug_aef to %u\n",
04842                    debug_level);
04843             rsbac_debug_aef = debug_level;
04844             err = count;
04845             goto out;
04846           }
04847         else
04848           {
04849             goto out_inv;
04850           }
04851       }
04852 
04853 /* Boolean debug switch for NO_WRITE */
04854     /*
04855      * Usage: echo "debug no_write #N" > /proc/rsbac_info/debug
04856      *   to set rsbac_debug_no_write to given value
04857      */
04858     if(!strncmp("no_write", k_buf + 6, 8)) 
04859       {
04860         p += 9;
04861 
04862         if( *p == '\0' )
04863             goto out;
04864 
04865         debug_level = simple_strtoul(p, NULL, 0);
04866         /* only accept 0 or 1 */
04867         if(!debug_level || (debug_level == 1))
04868           {
04869             rsbac_printk(KERN_INFO
04870                    "debug_proc_write(): setting rsbac_debug_no_write to %u\n",
04871                    debug_level);
04872             rsbac_debug_no_write = debug_level;
04873             err = count;
04874             goto out;
04875           }
04876         else
04877           {
04878             goto out_inv;
04879           }
04880       }
04881 
04882 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0)
04883     /*
04884      * Usage: echo "debug auto #N" > /proc/rsbac_info/debug
04885      *   to set rsbac_debug_auto to given value
04886      */
04887     if(!strncmp("auto", k_buf + 6, 4)) 
04888       {
04889         p += 5;
04890 
04891         if( *p == '\0' )
04892             goto out;
04893 
04894         debug_level = simple_strtoul(p, NULL, 0);
04895         /* only accept 0 or 1 */
04896         if(!debug_level || (debug_level == 1))
04897           {
04898             rsbac_printk(KERN_INFO
04899                    "debug_proc_write(): setting rsbac_debug_auto to %u\n",
04900                    debug_level);
04901             rsbac_debug_auto = debug_level;
04902             err = count;
04903             goto out;
04904           }
04905         else
04906           {
04907             goto out_inv;
04908           }
04909       }
04910 #endif /* CONFIG_RSBAC_AUTO_WRITE > 0 */
04911 #endif /* DEBUG */
04912 
04913 out:
04914   free_page((ulong) k_buf);
04915   return(err);
04916 
04917 out_inv:
04918     rsbac_printk(KERN_INFO
04919                  "debug_proc_write(): rejecting invalid debug level (should be 0 or 1)\n");
04920     err = -EINVAL;
04921     goto out;
04922   }
04923 #endif /* defined(CONFIG_RSBAC_PROC) */
04924 
04925 #if defined(CONFIG_RSBAC_LOG_REMOTE)
04926 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
04927 /* declare net functions */
04928 long sys_socket(int family, int type, int protocol);
04929 long sys_bind(int fd, struct sockaddr *umyaddr, int addrlen);
04930 long sys_sendto(int fd, void * buff, size_t len, unsigned flags,
04931                 struct sockaddr *addr, int addr_len);
04932 long sys_connect(int fd, struct sockaddr *uservaddr, int addrlen);
04933 long sys_send(int fd, void * buff, size_t len, unsigned flags);
04934 #endif
04935 
04936 #ifndef CONFIG_RSBAC_LOG_REMOTE_SYNC
04937 /* rsbac kernel timer for auto-write */
04938 static void wakeup_rsbaclogd(u_long dummy)
04939   {
04940     wake_up(&rsbaclogd_wait);
04941   }
04942 #endif
04943 
04944 /* rsbac kernel daemon for remote logging */
04945 static int rsbaclogd(void * dummy)
04946   {
04947     struct task_struct *tsk = current;
04948     int err;
04949     int sock_fd;
04950     struct rsbac_log_list_item_t * log_item;
04951     struct sockaddr_in addr;
04952     char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
04953     mm_segment_t oldfs;
04954 
04955     rsbac_printk(KERN_INFO "rsbaclogd(): Initializing.\n");
04956 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
04957     daemonize();
04958     strcpy(tsk->comm, "rsbaclogd");
04959 #endif
04960 /*    lock_kernel(); */
04961 
04962 #ifdef CONFIG_RSBAC_DEBUG
04963     rsbac_printk(KERN_DEBUG "rsbaclogd(): Setting auto timer.\n");
04964 #endif
04965 #ifndef CONFIG_RSBAC_LOG_REMOTE_SYNC
04966     init_timer(&rsbac_log_remote_timer);
04967     rsbac_log_remote_timer.function = wakeup_rsbaclogd;
04968     rsbac_log_remote_timer.data = 0;
04969     rsbac_log_remote_timer.expires = jiffies + rsbac_log_remote_interval;
04970     add_timer(&rsbac_log_remote_timer);
04971 #endif
04972     interruptible_sleep_on(&rsbaclogd_wait);
04973 
04974     /* create a socket */
04975 #ifndef CONFIG_RSBAC_LOG_REMOTE_TCP
04976     sock_fd = sys_socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
04977     if(sock_fd < 0)
04978       {
04979         rsbac_printk(KERN_WARNING
04980                "rsbaclogd(): creating local log socket failed with error %s, exiting!\n",
04981                get_error_name(tmp, sock_fd));
04982         rsbaclogd_pid = 0;
04983         return -RSBAC_EWRITEFAILED;
04984       }
04985     /* bind local address */
04986     addr.sin_family = PF_INET;
04987     addr.sin_port = htons(CONFIG_RSBAC_LOG_LOCAL_PORT);
04988     err = rsbac_net_str_to_inet(CONFIG_RSBAC_LOG_LOCAL_ADDR,
04989                                 &addr.sin_addr.s_addr);
04990     if(err < 0)
04991       {
04992         rsbac_printk(KERN_WARNING
04993                "rsbaclogd(): converting local socket address %s failed with error %s, exiting!\n",
04994                CONFIG_RSBAC_LOG_LOCAL_ADDR,
04995                get_error_name(tmp, err));
04996         sys_close(sock_fd);
04997         rsbaclogd_pid = 0;
04998         return -RSBAC_EINVALIDVALUE;
04999       }
05000     /* change data segment - sys_bind reads address from user space */
05001     oldfs = get_fs();
05002     set_fs(KERNEL_DS);
05003     err = sys_bind(sock_fd, (struct sockaddr *)&addr, sizeof(addr));
05004     set_fs(oldfs);
05005     if(err < 0)
05006       {
05007         rsbac_printk(KERN_WARNING
05008                "rsbaclogd(): binding local socket address %u.%u.%u.%u:%u failed with error %s, exiting!\n",
05009                NIPQUAD(addr.sin_addr.s_addr),
05010                CONFIG_RSBAC_LOG_LOCAL_PORT,
05011                get_error_name(tmp, err));
05012         sys_close(sock_fd);
05013         rsbaclogd_pid = 0;
05014         return -RSBAC_EWRITEFAILED;
05015       }
05016 #endif /* ifndef CONFIG_RSBAC_LOG_REMOTE_TCP */
05017 #ifdef CONFIG_RSBAC_DEBUG
05018     if(rsbac_debug_stack)
05019       {
05020         unsigned long * n = (unsigned long *) (current+1);
05021 
05022         while (!*n)
05023           n++;
05024         rsbac_printk(KERN_DEBUG "rsbaclogd: free stack: %lu\n",
05025                (unsigned long) n - (unsigned long)(current+1));
05026       }
05027 #endif
05028     for(;;)
05029       {
05030         /* wait */
05031 #ifndef CONFIG_RSBAC_LOG_REMOTE_SYNC
05032         /* set new timer (only, if not woken up by rsbac_printk()) */
05033         mod_timer(&rsbac_log_remote_timer, jiffies + rsbac_log_remote_interval);
05034 #endif
05035         interruptible_sleep_on(&rsbaclogd_wait);
05036         /* sleep */
05037 
05038 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
05039         /* Unblock all signals. */
05040         flush_signals(tsk);
05041         spin_lock_irq(&tsk->sighand->siglock);
05042         flush_signal_handlers(tsk, 1);
05043         sigemptyset(&tsk->blocked);
05044         recalc_sigpending();
05045         spin_unlock_irq(&tsk->sighand->siglock);
05046 #else
05047         spin_lock_irq(&tsk->sigmask_lock);
05048         flush_signals(tsk);
05049         sigfillset(&tsk->blocked);
05050         recalc_sigpending(tsk);
05051         spin_unlock_irq(&tsk->sigmask_lock);
05052 #endif
05053 
05054         /* Do nothing without remote address */
05055         if(!rsbac_log_remote_addr || !rsbac_log_remote_port || !remote_log_list_head.head)
05056           continue;
05057 
05058 
05059 #ifdef CONFIG_RSBAC_LOG_REMOTE_TCP
05060         sock_fd = sys_socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
05061         if(sock_fd < 0)
05062           {
05063             rsbac_printk(KERN_WARNING
05064                    "rsbaclogd(): creating local log socket failed with error %s, exiting!\n",
05065                    get_error_name(tmp, sock_fd));
05066             continue;
05067           }
05068         /* bind local address */
05069         addr.sin_family = PF_INET;
05070         addr.sin_port = htons(CONFIG_RSBAC_LOG_LOCAL_PORT);
05071         err = rsbac_net_str_to_inet(CONFIG_RSBAC_LOG_LOCAL_ADDR,
05072                                     &addr.sin_addr.s_addr);
05073         if(err < 0)
05074           {
05075             rsbac_printk(KERN_WARNING
05076                    "rsbaclogd(): converting local socket address %s failed with error %s, exiting!\n",
05077                    CONFIG_RSBAC_LOG_LOCAL_ADDR,
05078                    get_error_name(tmp, err));
05079             sys_close(sock_fd);
05080             continue;
05081           }
05082         /* change data segment - sys_bind reads address from user space */
05083         oldfs = get_fs();
05084         set_fs(KERNEL_DS);
05085         err = sys_bind(sock_fd, (struct sockaddr *)&addr, sizeof(addr));
05086         set_fs(oldfs);
05087         if(err < 0)
05088           {
05089             rsbac_printk(KERN_WARNING
05090                    "rsbaclogd(): binding local socket address %u.%u.%u.%u:%u failed with error %s, exiting!\n",
05091                    NIPQUAD(addr.sin_addr.s_addr),
05092                    CONFIG_RSBAC_LOG_LOCAL_PORT,
05093                    get_error_name(tmp, err));
05094             sys_close(sock_fd);
05095             continue;
05096           }
05097         /* Target address might have changed */
05098         addr.sin_family = PF_INET;
05099         addr.sin_port = rsbac_log_remote_port;
05100         addr.sin_addr.s_addr = rsbac_log_remote_addr;
05101         /* connect to remote socket */
05102         oldfs = get_fs();
05103         set_fs(KERNEL_DS);
05104         err = sys_connect(sock_fd,
05105                          (struct sockaddr *)&addr,
05106                          sizeof(addr));
05107         set_fs(oldfs);
05108         if(err < 0)
05109           {
05110             printk(KERN_WARNING
05111                    "rsbaclogd(): connecting to remote TCP address %u.%u.%u.%u:%u failed with error %s, exiting!\n",
05112                    NIPQUAD(addr.sin_addr.s_addr),
05113                    ntohs(addr.sin_port),
05114                    get_error_name(tmp, err));
05115             sys_close(sock_fd);
05116             continue;
05117           }
05118 #else
05119         /* Target address might have changed */
05120         addr.sin_family = PF_INET;
05121         addr.sin_port = rsbac_log_remote_port;
05122         addr.sin_addr.s_addr = rsbac_log_remote_addr;
05123 #endif
05124         while(remote_log_list_head.head)
05125           {
05126             spin_lock(&rsbac_log_remote_lock);
05127             log_item = remote_log_list_head.head;
05128             remote_log_list_head.head = log_item->next;
05129             if(!remote_log_list_head.head)
05130                 remote_log_list_head.tail = NULL;
05131             remote_log_list_head.count--;
05132             spin_unlock(&rsbac_log_remote_lock);
05133 
05134 #ifdef CONFIG_RSBAC_LOG_REMOTE_TCP
05135             oldfs = get_fs();
05136             set_fs(KERNEL_DS);
05137             err = sys_send(sock_fd,
05138                            log_item->buffer,
05139                            log_item->size,
05140                            0);
05141             set_fs(oldfs);
05142 #else
05143             /* change data segment - sys_sendto reads data and address from user space */
05144             oldfs = get_fs();
05145             set_fs(KERNEL_DS);
05146             err = sys_sendto(sock_fd,
05147                              log_item->buffer,
05148                              log_item->size,
05149                              MSG_DONTWAIT,
05150                              (struct sockaddr *)&addr,
05151                              sizeof(addr));
05152             set_fs(oldfs);
05153 #endif
05154             if(   (err < log_item->size)
05155 //               && (err != -EPERM)
05156               )
05157               {
05158                 if((err < 0) && (err != -EAGAIN))
05159                   printk(KERN_WARNING
05160                        "rsbaclogd(): sending to remote socket address %u.%u.%u.%u:%u failed with error %i!\n",
05161                        NIPQUAD(addr.sin_addr.s_addr),
05162                        ntohs(addr.sin_port),
05163                        err);
05164                 /* Restore log item to beginning of the list */
05165                 spin_lock(&rsbac_log_remote_lock);
05166                 log_item->next = remote_log_list_head.head;
05167                 remote_log_list_head.head = log_item;
05168                 if(!remote_log_list_head.tail)
05169                   remote_log_list_head.tail = log_item;
05170                 remote_log_list_head.count++;
05171                 spin_unlock(&rsbac_log_remote_lock);
05172                 break;
05173               }
05174             else {
05175                 kfree(log_item);
05176             }
05177           }
05178 #ifdef CONFIG_RSBAC_LOG_REMOTE_TCP
05179         sys_close(sock_fd);
05180 #endif
05181       }
05182     return 0;
05183   }
05184 #endif
05185 
05186 static int ll_conv(
05187         void * old_desc,
05188         void * old_data,
05189         void * new_desc,
05190         void * new_data)
05191   {
05192     rsbac_log_entry_t     * new_aci = new_data;
05193     rsbac_old_log_entry_t * old_aci = old_data;
05194     int i;
05195 
05196     memcpy(new_desc, old_desc, sizeof(rsbac_adf_request_int_t));
05197     for(i=0; i < T_NONE - 1; i++)
05198       (*new_aci)[i] = (*old_aci)[i];
05199     (*new_aci)[T_NONE - 1] = LL_denied;
05200     (*new_aci)[T_NONE] = (*old_aci)[T_NONE - 1];
05201     return 0;
05202   }
05203 
05204 static int ll_old_conv(
05205         void * old_desc,
05206         void * old_data,
05207         void * new_desc,
05208         void * new_data)
05209   {
05210     rsbac_log_entry_t     * new_aci = new_data;
05211     rsbac_old_log_entry_t * old_aci = old_data;
05212     int i;
05213 
05214     memcpy(new_desc, old_desc, sizeof(rsbac_adf_request_int_t));
05215     for(i=0; i < T_NONE - 2; i++)
05216       (*new_aci)[i] = (*old_aci)[i];
05217     (*new_aci)[T_NONE - 1] = LL_denied;
05218     (*new_aci)[T_NONE - 2] = LL_denied;
05219     (*new_aci)[T_NONE] = (*old_aci)[T_NONE - 1];
05220     return 0;
05221   }
05222 
05223 rsbac_list_conv_function_t * ll_get_conv(rsbac_version_t old_version)
05224   {
05225     switch(old_version)
05226       {
05227         case RSBAC_LOG_LEVEL_OLD_VERSION:
05228           return ll_conv;
05229         case RSBAC_LOG_LEVEL_OLD_OLD_VERSION:
05230           return ll_old_conv;
05231         default:
05232           return NULL;
05233       }
05234   }
05235 
05236 
05237 /********************************/
05238 /*             Init             */
05239 /********************************/
05240 
05241 #ifdef CONFIG_RSBAC_INIT_DELAY
05242 inline void rsbac_init_debug(void)
05243 #else
05244 inline void __init rsbac_init_debug(void)
05245 #endif
05246   {
05247     int i;
05248     #if defined(CONFIG_RSBAC_PROC)
05249     struct proc_dir_entry * tmp_entry_p;
05250     #endif
05251 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
05252 #if defined(CONFIG_RSBAC_LOG_REMOTE)
05253     struct task_struct * rsbaclogd_thread;
05254 #endif
05255 #endif
05256 
05257     if (!debug_initialized)
05258       {
05259         struct rsbac_list_info_t * info_p;
05260         int tmperr;
05261         rsbac_enum_t * def_data_p;
05262 
05263         rsbac_printk(KERN_INFO "rsbac_init_debug(): Initializing\n");
05264         info_p = rsbac_kmalloc(sizeof(*info_p));
05265         if(!info_p)
05266           {
05267             memset(rsbac_log_levels, LL_denied, sizeof(rsbac_log_levels));
05268             return;
05269           }
05270         def_data_p = rsbac_kmalloc(sizeof(rsbac_log_entry_t));
05271         if(!def_data_p)
05272           {
05273             memset(rsbac_log_levels, LL_denied, sizeof(rsbac_log_levels));
05274             rsbac_kfree(info_p);
05275             return;
05276           }
05277         /* register log_levels list */
05278         for(i=0; i<=T_NONE; i++)
05279           def_data_p[i] = LL_denied;
05280         info_p->version = RSBAC_LOG_LEVEL_VERSION;
05281         info_p->key = RSBAC_LOG_LEVEL_KEY;
05282         info_p->desc_size = sizeof(rsbac_adf_request_int_t);
05283         info_p->data_size = sizeof(rsbac_log_entry_t);
05284         info_p->max_age = 0;
05285         tmperr = rsbac_list_register(RSBAC_LIST_VERSION,
05286                                      &log_levels_handle,
05287                                      info_p,
05288                                      RSBAC_LIST_PERSIST | RSBAC_LIST_DEF_DATA,
05289                                      NULL,
05290                                      ll_get_conv,
05291                                      def_data_p,
05292                                      RSBAC_LOG_LEVEL_LIST_NAME,
05293                                      RSBAC_AUTO_DEV);
05294         if(tmperr)
05295           {
05296             char * tmp;
05297 
05298             tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
05299             if(tmp)
05300               {
05301                 rsbac_printk(KERN_WARNING
05302                        "rsbac_init_debug(): registering log levels list ll failed with error %s!\n",
05303                        get_error_name(tmp, tmperr));
05304                 rsbac_kfree(tmp);
05305               }
05306             memset(rsbac_log_levels, LL_denied, sizeof(rsbac_log_levels));
05307           }
05308         else
05309           {
05310             rsbac_adf_request_int_t req;
05311 
05312             for(req = 0; req < R_NONE; req++)
05313               rsbac_list_get_data(log_levels_handle, &req, rsbac_log_levels[req]);
05314           }
05315 
05316         #if defined(CONFIG_RSBAC_PROC)
05317         tmp_entry_p = create_proc_entry("log_levels",
05318                                         S_IFREG | S_IRUGO | S_IWUGO,
05319                                         proc_rsbac_root_p);
05320         if(tmp_entry_p)
05321           {
05322             tmp_entry_p->get_info = log_levels_proc_info;
05323             tmp_entry_p->write_proc = log_levels_proc_write;
05324           }
05325 
05326         tmp_entry_p = create_proc_entry("debug",
05327                                         S_IFREG | S_IRUGO | S_IWUGO,
05328                                         proc_rsbac_root_p);
05329         if(tmp_entry_p)
05330           {
05331             tmp_entry_p->get_info = debug_proc_info;
05332             tmp_entry_p->write_proc = debug_proc_write;
05333           }
05334 
05335         #if defined(CONFIG_RSBAC_RMSG)
05336         tmp_entry_p = create_proc_entry("rmsg",
05337                                         S_IFREG | S_IRUGO,
05338                                         proc_rsbac_root_p);
05339         if(tmp_entry_p)
05340           {
05341             tmp_entry_p->proc_fops = &proc_rmsg_operations;
05342           }
05343         #endif
05344         #endif
05345 
05346         #if defined(CONFIG_RSBAC_LOG_REMOTE)
05347         /* Start rsbac logging thread for auto write */
05348         if(!rsbac_log_remote_port)
05349           rsbac_log_remote_port = htons(CONFIG_RSBAC_LOG_REMOTE_PORT);
05350         tmperr = rsbac_net_str_to_inet(rsbac_log_remote_addr_string,
05351                                     &rsbac_log_remote_addr);
05352         if(tmperr < 0)
05353           {
05354             char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
05355 
05356             if(tmp)
05357               {
05358                 get_error_name(tmp, tmperr);
05359                 rsbac_printk(KERN_WARNING
05360                              "rsbac_init_debug(): converting remote socket address %s failed with error %s, exiting!\n",
05361                              rsbac_log_remote_addr_string,
05362                              tmp);
05363                 rsbac_log_remote_addr = 0;
05364                 rsbac_kfree(tmp);
05365               }
05366           }
05367 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
05368         rsbaclogd_thread = kthread_create(rsbaclogd, NULL, "rsbaclogd");
05369         wake_up_process(rsbaclogd_thread);
05370 #else
05371         rsbaclogd_pid = kernel_thread(rsbaclogd, NULL, 0);
05372 #endif
05373         rsbac_printk(KERN_INFO "rsbac_init_debug(): Started rsbaclogd thread with pid %u\n",
05374                rsbaclogd_pid);
05375         #endif
05376 
05377         #ifdef CONFIG_RSBAC_SYSLOG_RATE
05378         init_timer(&rsbac_syslog_rate_timer);
05379         rsbac_syslog_rate_timer.function = syslog_rate_reset;
05380         rsbac_syslog_rate_timer.data = 0;
05381         rsbac_syslog_rate_timer.expires = jiffies + HZ;
05382         add_timer(&rsbac_syslog_rate_timer);
05383         #endif
05384 
05385         debug_initialized = TRUE;
05386       }
05387 
05388     #ifdef CONFIG_RSBAC_SOFTMODE
05389     if(rsbac_softmode)
05390       rsbac_printk(KERN_DEBUG "rsbac_softmode is set\n");
05391     if(rsbac_softmode_prohibit)
05392       rsbac_printk(KERN_DEBUG "rsbac_softmode_prohibit is set\n");
05393     #endif
05394     #ifdef CONFIG_RSBAC_FREEZE
05395     if(rsbac_freeze)
05396       rsbac_printk(KERN_DEBUG "rsbac_freeze is set\n");
05397     #endif
05398     #if defined(CONFIG_RSBAC_UM_EXCL)
05399     if(rsbac_um_no_excl)
05400       rsbac_printk(KERN_DEBUG "rsbac_um_no_excl is set\n");
05401     #endif
05402     #if defined(CONFIG_RSBAC_DAZ_CACHE)
05403     rsbac_printk(KERN_DEBUG "rsbac_daz_ttl is %u\n",
05404                  rsbac_daz_get_ttl());
05405     #endif
05406     #if defined(CONFIG_RSBAC_AUTH_LEARN)
05407     if(rsbac_auth_learn)
05408       rsbac_printk(KERN_DEBUG "rsbac_auth_learn is set\n");
05409     #endif
05410     #if defined(CONFIG_RSBAC_ACL_LEARN)
05411     if(rsbac_acl_learn_fd)
05412       rsbac_printk(KERN_DEBUG "rsbac_acl_learn_fd is set\n");
05413     #endif
05414     #ifdef CONFIG_RSBAC_CAP_PROC_HIDE
05415     if(rsbac_cap_process_hiding)
05416       rsbac_printk(KERN_DEBUG "rsbac_cap_process_hiding is set\n");
05417     #endif
05418     #ifdef CONFIG_RSBAC_CAP_LOG_MISSING
05419     if(rsbac_cap_log_missing)
05420       rsbac_printk(KERN_DEBUG "rsbac_cap_log_missing is set\n");
05421     #endif
05422     #ifdef CONFIG_RSBAC_JAIL_LOG_MISSING
05423     if(rsbac_jail_log_missing)
05424       rsbac_printk(KERN_DEBUG "rsbac_jail_log_missing is set\n");
05425     #endif
05426     #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE_FULL
05427     if(rsbac_dac_disable)
05428       rsbac_printk(KERN_DEBUG "rsbac_dac_disable is set\n");
05429     #endif
05430     #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG
05431     if(rsbac_nosyslog)
05432       rsbac_printk(KERN_DEBUG "rsbac_nosyslog is set\n");
05433     #endif
05434     #ifdef CONFIG_RSBAC_SYSLOG_RATE
05435     if(rsbac_syslog_rate != CONFIG_RSBAC_SYSLOG_RATE_DEF)
05436       rsbac_printk(KERN_DEBUG "rsbac_syslog_rate is %u\n",
05437                    rsbac_syslog_rate);
05438     #endif
05439 #ifdef CONFIG_RSBAC_FD_CACHE
05440     if(rsbac_fd_cache_disable) {
05441       rsbac_printk(KERN_DEBUG "rsbac_fd_cache_disable is %u\n",
05442                    rsbac_fd_cache_disable);
05443     } else {
05444       if(rsbac_fd_cache_ttl != CONFIG_RSBAC_FD_CACHE_TTL)
05445         rsbac_printk(KERN_DEBUG "rsbac_fd_cache_ttl is %u\n",
05446                      rsbac_fd_cache_ttl);
05447     }
05448 #endif
05449 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0)
05450     if(rsbac_list_check_interval != CONFIG_RSBAC_LIST_CHECK_INTERVAL)
05451       rsbac_printk(KERN_DEBUG "rsbac_list_check_interval is %u\n",
05452                    rsbac_list_check_interval);
05453 #endif
05454     #ifdef CONFIG_RSBAC_INIT_DELAY
05455     if(rsbac_no_delay_init)
05456       rsbac_printk(KERN_DEBUG "rsbac_no_delay_init is set\n");
05457 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
05458     if(rsbac_delayed_root_str[0])
05459       rsbac_printk(KERN_DEBUG "rsbac_delayed_root is %s\n",
05460              rsbac_delayed_root_str);
05461 #else
05462     if(rsbac_delayed_root)
05463       rsbac_printk(KERN_DEBUG "rsbac_delayed_root is %02u:%02u\n",
05464              MAJOR(rsbac_delayed_root), MINOR(rsbac_delayed_root));
05465 #endif
05466     #endif
05467     if(rsbac_no_defaults)
05468       rsbac_printk(KERN_DEBUG "rsbac_no_defaults is set\n");
05469 
05470 #if defined(CONFIG_RSBAC_DEBUG)
05471     if(rsbac_debug_ds)
05472       rsbac_printk(KERN_DEBUG "rsbac_debug_ds is set\n");
05473     if(rsbac_debug_write)
05474       rsbac_printk(KERN_DEBUG "rsbac_debug_write is set\n");
05475     if(rsbac_debug_no_write)
05476       rsbac_printk(KERN_DEBUG "rsbac_debug_no_write is set\n");
05477     if(rsbac_debug_stack)
05478       rsbac_printk(KERN_DEBUG "rsbac_debug_stack is set\n");
05479     if(rsbac_debug_lists)
05480       rsbac_printk(KERN_DEBUG "rsbac_debug_lists is set\n");
05481     if(rsbac_debug_aef)
05482       rsbac_printk(KERN_DEBUG "rsbac_debug_aef is set\n");
05483     if(rsbac_debug_adf_default != 1)
05484       rsbac_printk(KERN_DEBUG "rsbac_debug_adf_default is set to %i\n",
05485              rsbac_debug_adf_default);
05486 
05487     #if defined(CONFIG_RSBAC_REG)
05488     if(rsbac_debug_reg)
05489       rsbac_printk(KERN_DEBUG "rsbac_debug_reg is set\n");
05490     #endif
05491 
05492     #if defined(CONFIG_RSBAC_NET)
05493     if(rsbac_debug_ds_net)
05494       rsbac_printk(KERN_DEBUG "rsbac_debug_ds_net is set\n");
05495     if(rsbac_debug_aef_net)
05496       rsbac_printk(KERN_DEBUG "rsbac_debug_aef_net is set\n");
05497     if(rsbac_debug_adf_net)
05498       rsbac_printk(KERN_DEBUG "rsbac_debug_adf_net is set\n");
05499     #endif
05500 
05501     #if defined(CONFIG_RSBAC_MAC)
05502     if(rsbac_debug_ds_mac)
05503       rsbac_printk(KERN_DEBUG "rsbac_debug_ds_mac is set\n");
05504     if(rsbac_debug_aef_mac)
05505       rsbac_printk(KERN_DEBUG "rsbac_debug_aef_mac is set\n");
05506     if(rsbac_debug_adf_mac)
05507       rsbac_printk(KERN_DEBUG "rsbac_debug_adf_mac is set\n");
05508     #endif
05509 
05510     #if defined(CONFIG_RSBAC_PM)
05511     if(rsbac_debug_ds_pm)
05512       rsbac_printk(KERN_DEBUG "rsbac_debug_ds_pm is set\n");
05513     if(rsbac_debug_aef_pm)
05514       rsbac_printk(KERN_DEBUG "rsbac_debug_aef_pm is set\n");
05515     if(rsbac_debug_adf_pm)
05516       rsbac_printk(KERN_DEBUG "rsbac_debug_adf_pm is set\n");
05517     #endif
05518 
05519     #if defined(CONFIG_RSBAC_DAZ)
05520     if(rsbac_debug_adf_daz)
05521       rsbac_printk(KERN_DEBUG "rsbac_debug_adf_daz is set\n");
05522     #endif
05523 
05524     #if defined(CONFIG_RSBAC_RC)
05525     if(rsbac_debug_ds_rc)
05526       rsbac_printk(KERN_DEBUG "rsbac_debug_ds_rc is set\n");
05527     if(rsbac_debug_aef_rc)
05528       rsbac_printk(KERN_DEBUG "rsbac_debug_aef_rc is set\n");
05529     if(rsbac_debug_adf_rc)
05530       rsbac_printk(KERN_DEBUG "rsbac_debug_adf_rc is set\n");
05531     #endif
05532 
05533     #if defined(CONFIG_RSBAC_AUTH)
05534     if(rsbac_debug_ds_auth)
05535       rsbac_printk(KERN_DEBUG "rsbac_debug_ds_auth is set\n");
05536     if(rsbac_debug_aef_auth)
05537       rsbac_printk(KERN_DEBUG "rsbac_debug_aef_auth is set\n");
05538     if(rsbac_debug_adf_auth)
05539       rsbac_printk(KERN_DEBUG "rsbac_debug_adf_auth is set\n");
05540     #endif
05541 
05542     #if defined(CONFIG_RSBAC_ACL)
05543     if(rsbac_debug_ds_acl)
05544       rsbac_printk(KERN_DEBUG "rsbac_debug_ds_acl is set\n");
05545     if(rsbac_debug_aef_acl)
05546       rsbac_printk(KERN_DEBUG "rsbac_debug_aef_acl is set\n");
05547     if(rsbac_debug_adf_acl)
05548       rsbac_printk(KERN_DEBUG "rsbac_debug_adf_acl is set\n");
05549     #endif
05550 
05551     #if defined(CONFIG_RSBAC_JAIL)
05552     if(rsbac_debug_aef_jail)
05553       rsbac_printk(KERN_DEBUG "rsbac_debug_aef_jail is set\n");
05554     if(rsbac_debug_adf_jail)
05555       rsbac_printk(KERN_DEBUG "rsbac_debug_adf_jail is set\n");
05556     #endif
05557 
05558     #if defined(CONFIG_RSBAC_PAX)
05559     if(rsbac_debug_adf_pax)
05560       rsbac_printk(KERN_DEBUG "rsbac_debug_adf_pax is set\n");
05561     #endif
05562 
05563     #if defined(CONFIG_RSBAC_UM)
05564     if(rsbac_debug_ds_um)
05565       rsbac_printk(KERN_DEBUG "rsbac_debug_ds_um is set\n");
05566     if(rsbac_debug_aef_um)
05567       rsbac_printk(KERN_DEBUG "rsbac_debug_aef_um is set\n");
05568     if(rsbac_debug_adf_um)
05569       rsbac_printk(KERN_DEBUG "rsbac_debug_adf_um is set\n");
05570     #endif
05571 
05572     #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0)
05573     if(rsbac_debug_auto)
05574       rsbac_printk(KERN_DEBUG "rsbac_debug_auto is set\n");
05575     #endif
05576 #endif /* DEBUG */
05577 
05578   }
05579 

Generated on Wed May 16 11:53:48 2007 for RSBAC by  doxygen 1.5.1