#include <linux/string.h>
#include <linux/types.h>
#include <linux/fs.h>
#include <linux/sched.h>
#include <linux/file.h>
#include <linux/mm.h>
#include <linux/init.h>
#include <asm/uaccess.h>
#include <rsbac/aci_data_structures.h>
#include <rsbac/rc_types.h>
#include <rsbac/rc_data_structures.h>
#include <rsbac/error.h>
#include <rsbac/helpers.h>
#include <rsbac/fs.h>
#include <rsbac/adf.h>
#include <rsbac/acl.h>
#include <rsbac/getname.h>
#include <rsbac/rc_getname.h>
#include <rsbac/proc_fs.h>
#include <rsbac/rkmem.h>
#include <rsbac/request_groups.h>
#include <linux/smp_lock.h>
Go to the source code of this file.
static void __init create_def_roles | ( | void | ) | [static] |
Definition at line 421 of file rc_data_structures.c.
References NULL, R_ADD_TO_KERNEL, R_AUTHENTICATE, R_CHANGE_OWNER, R_GET_STATUS_DATA, R_MAP_EXEC, R_MODIFY_PERMISSIONS_DATA, R_MODIFY_SYSTEM_DATA, R_MOUNT, R_REMOVE_FROM_KERNEL, R_SEARCH, R_SHUTDOWN, R_SWITCH_LOG, R_SWITCH_MODULE, R_UMOUNT, role_handle, role_tcdv_handle, role_tcfd_handle, role_tcgr_handle, role_tcip_handle, role_tcnd_handle, role_tcno_handle, role_tcnt_handle, role_tcpr_handle, role_tcsc_handle, role_tcus_handle, RSBAC_DEV_REQUEST_VECTOR, RSBAC_EXECUTE_REQUEST_VECTOR, RSBAC_FD_REQUEST_VECTOR, RSBAC_GROUP_REQUEST_VECTOR, RSBAC_IPC_REQUEST_VECTOR, rsbac_list_add(), rsbac_list_lol_add(), rsbac_list_lol_subadd(), RSBAC_NETDEV_REQUEST_VECTOR, RSBAC_NETOBJ_REQUEST_VECTOR, RSBAC_NETTEMP_REQUEST_VECTOR, rsbac_printk(), RSBAC_PROCESS_REQUEST_VECTOR, RSBAC_RC_GENERAL_ROLE, RSBAC_RC_GENERAL_ROLE_ENTRY, RSBAC_RC_GENERAL_TYPE, RSBAC_RC_RIGHTS_VECTOR, RSBAC_RC_ROLE_ADMIN_ROLE, RSBAC_RC_ROLE_ADMIN_ROLE_ENTRY, RSBAC_RC_SEC_TYPE, RSBAC_RC_SPECIAL_RIGHTS_VECTOR, RSBAC_RC_SYS_TYPE, RSBAC_RC_SYSTEM_ADMIN_ROLE, RSBAC_RC_SYSTEM_ADMIN_ROLE_ENTRY, RSBAC_READ_REQUEST_VECTOR, RSBAC_READ_WRITE_REQUEST_VECTOR, RSBAC_REQUEST_VECTOR, RSBAC_SCD_REQUEST_VECTOR, RSBAC_SECURITY_REQUEST_VECTOR, RSBAC_SYSTEM_REQUEST_VECTOR, RSBAC_USER_REQUEST_VECTOR, RST_auth_administration, ST_firewall, ST_ioports, ST_network, ST_none, ST_other, ST_rlimit, ST_rsbac, ST_rsbac_log, ST_sysfs, and ST_time_strucs.
Referenced by rsbac_init_rc().
00423 { 00424 rsbac_rc_role_id_t role; 00425 rsbac_rc_type_id_t type; 00426 rsbac_rc_rights_vector_t rights; 00427 struct rsbac_rc_role_entry_t gen_entry = 00428 RSBAC_RC_GENERAL_ROLE_ENTRY; 00429 struct rsbac_rc_role_entry_t ra_entry = 00430 RSBAC_RC_ROLE_ADMIN_ROLE_ENTRY; 00431 struct rsbac_rc_role_entry_t sa_entry = 00432 RSBAC_RC_SYSTEM_ADMIN_ROLE_ENTRY; 00433 00434 rsbac_printk(KERN_WARNING "rsbac_init_rc(): no RC roles read, generating default role entries!\n"); 00435 00436 role = RSBAC_RC_GENERAL_ROLE; 00437 if (!rsbac_list_add(role_handle, &role, &gen_entry)) { 00438 if (!rsbac_list_lol_add 00439 (role_tcfd_handle, &role, NULL)) { 00440 type = RSBAC_RC_GENERAL_TYPE; 00441 rights = 00442 (RSBAC_READ_WRITE_REQUEST_VECTOR | 00443 RSBAC_EXECUTE_REQUEST_VECTOR) 00444 & RSBAC_FD_REQUEST_VECTOR; 00445 rsbac_list_lol_subadd(role_tcfd_handle, 00446 &role, &type, 00447 &rights); 00448 } 00449 if (!rsbac_list_lol_add 00450 (role_tcdv_handle, &role, NULL)) { 00451 type = RSBAC_RC_GENERAL_TYPE; 00452 rights = 00453 RSBAC_READ_WRITE_REQUEST_VECTOR & 00454 RSBAC_DEV_REQUEST_VECTOR; 00455 rsbac_list_lol_subadd(role_tcdv_handle, 00456 &role, &type, 00457 &rights); 00458 } 00459 if (!rsbac_list_lol_add 00460 (role_tcus_handle, &role, NULL)) { 00461 type = RSBAC_RC_GENERAL_TYPE; 00462 rights = 00463 RSBAC_REQUEST_VECTOR(R_SEARCH) | 00464 RSBAC_REQUEST_VECTOR(R_CHANGE_OWNER) | 00465 RSBAC_REQUEST_VECTOR 00466 (R_GET_STATUS_DATA); 00467 rsbac_list_lol_subadd(role_tcus_handle, 00468 &role, &type, 00469 &rights); 00470 } 00471 if (!rsbac_list_lol_add 00472 (role_tcpr_handle, &role, NULL)) { 00473 type = RSBAC_RC_GENERAL_TYPE; 00474 rights = 00475 RSBAC_READ_WRITE_REQUEST_VECTOR & 00476 RSBAC_PROCESS_REQUEST_VECTOR; 00477 rsbac_list_lol_subadd(role_tcpr_handle, 00478 &role, &type, 00479 &rights); 00480 type = CONFIG_RSBAC_RC_KERNEL_PROCESS_TYPE; 00481 rights = 00482 RSBAC_READ_REQUEST_VECTOR & 00483 RSBAC_PROCESS_REQUEST_VECTOR; 00484 rsbac_list_lol_subadd(role_tcpr_handle, 00485 &role, &type, 00486 &rights); 00487 } 00488 if (!rsbac_list_lol_add 00489 (role_tcip_handle, &role, NULL)) { 00490 type = RSBAC_RC_GENERAL_TYPE; 00491 rights = 00492 RSBAC_READ_WRITE_REQUEST_VECTOR & 00493 RSBAC_IPC_REQUEST_VECTOR; 00494 rsbac_list_lol_subadd(role_tcip_handle, 00495 &role, &type, 00496 &rights); 00497 } 00498 if (!rsbac_list_lol_add 00499 (role_tcgr_handle, &role, NULL)) { 00500 type = RSBAC_RC_GENERAL_TYPE; 00501 rights = 00502 RSBAC_REQUEST_VECTOR(R_SEARCH) | 00503 RSBAC_REQUEST_VECTOR 00504 (R_GET_STATUS_DATA); 00505 rsbac_list_lol_subadd(role_tcgr_handle, 00506 &role, &type, 00507 &rights); 00508 } 00509 if (!rsbac_list_lol_add 00510 (role_tcnd_handle, &role, NULL)) { 00511 type = RSBAC_RC_GENERAL_TYPE; 00512 rights = 00513 RSBAC_READ_WRITE_REQUEST_VECTOR & 00514 RSBAC_NETDEV_REQUEST_VECTOR; 00515 rsbac_list_lol_subadd(role_tcnd_handle, 00516 &role, &type, 00517 &rights); 00518 } 00519 if (!rsbac_list_lol_add 00520 (role_tcno_handle, &role, NULL)) { 00521 type = RSBAC_RC_GENERAL_TYPE; 00522 rights = 00523 RSBAC_READ_WRITE_REQUEST_VECTOR & 00524 RSBAC_NETOBJ_REQUEST_VECTOR; 00525 rsbac_list_lol_subadd(role_tcno_handle, 00526 &role, &type, 00527 &rights); 00528 } 00529 if (!rsbac_list_lol_add 00530 (role_tcsc_handle, &role, NULL)) { 00531 #ifdef CONFIG_RSBAC_USER_MOD_IOPERM 00532 type = ST_ioports; 00533 rights = 00534 RSBAC_RC_RIGHTS_VECTOR 00535 (R_MODIFY_PERMISSIONS_DATA); 00536 rsbac_list_lol_subadd(role_tcsc_handle, 00537 &role, &type, 00538 &rights); 00539 #endif 00540 type = ST_rlimit; 00541 rights = 00542 RSBAC_RC_RIGHTS_VECTOR 00543 (R_GET_STATUS_DATA) 00544 | 00545 RSBAC_RC_RIGHTS_VECTOR 00546 (R_MODIFY_SYSTEM_DATA); 00547 rsbac_list_lol_subadd(role_tcsc_handle, 00548 &role, &type, 00549 &rights); 00550 type = ST_other; 00551 rights = 00552 RSBAC_RC_RIGHTS_VECTOR(R_MAP_EXEC); 00553 rsbac_list_lol_subadd(role_tcsc_handle, 00554 &role, &type, 00555 &rights); 00556 type = ST_network; 00557 rights = 00558 RSBAC_RC_RIGHTS_VECTOR 00559 (R_GET_STATUS_DATA); 00560 rsbac_list_lol_subadd(role_tcsc_handle, 00561 &role, &type, 00562 &rights); 00563 } 00564 } 00565 role = RSBAC_RC_ROLE_ADMIN_ROLE; 00566 if (!rsbac_list_add(role_handle, &role, &ra_entry)) { 00567 if (!rsbac_list_lol_add 00568 (role_tcfd_handle, &role, NULL)) { 00569 type = RSBAC_RC_GENERAL_TYPE; 00570 rights = ((RSBAC_READ_WRITE_REQUEST_VECTOR 00571 | RSBAC_EXECUTE_REQUEST_VECTOR 00572 | RSBAC_SECURITY_REQUEST_VECTOR) 00573 & RSBAC_FD_REQUEST_VECTOR) | 00574 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00575 rsbac_list_lol_subadd(role_tcfd_handle, 00576 &role, &type, 00577 &rights); 00578 type = RSBAC_RC_SEC_TYPE; 00579 rsbac_list_lol_subadd(role_tcfd_handle, 00580 &role, &type, 00581 &rights); 00582 type = RSBAC_RC_SYS_TYPE; 00583 rights = 00584 (RSBAC_READ_REQUEST_VECTOR & 00585 RSBAC_FD_REQUEST_VECTOR) 00586 | RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00587 rsbac_list_lol_subadd(role_tcfd_handle, 00588 &role, &type, 00589 &rights); 00590 } 00591 if (!rsbac_list_lol_add 00592 (role_tcdv_handle, &role, NULL)) { 00593 type = RSBAC_RC_GENERAL_TYPE; 00594 rights = 00595 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00596 RSBAC_SECURITY_REQUEST_VECTOR) 00597 & RSBAC_DEV_REQUEST_VECTOR) | 00598 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00599 rsbac_list_lol_subadd(role_tcdv_handle, 00600 &role, &type, 00601 &rights); 00602 type = RSBAC_RC_SEC_TYPE; 00603 rights = 00604 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00605 RSBAC_SECURITY_REQUEST_VECTOR) 00606 & RSBAC_DEV_REQUEST_VECTOR) | 00607 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00608 rsbac_list_lol_subadd(role_tcdv_handle, 00609 &role, &type, 00610 &rights); 00611 } 00612 if (!rsbac_list_lol_add 00613 (role_tcus_handle, &role, NULL)) { 00614 type = RSBAC_RC_GENERAL_TYPE; 00615 rights = 00616 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00617 RSBAC_SECURITY_REQUEST_VECTOR | 00618 RSBAC_REQUEST_VECTOR(R_AUTHENTICATE)) 00619 & RSBAC_USER_REQUEST_VECTOR) | 00620 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00621 rsbac_list_lol_subadd(role_tcus_handle, 00622 &role, &type, 00623 &rights); 00624 type = RSBAC_RC_SYS_TYPE; 00625 rights = 00626 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00627 RSBAC_SECURITY_REQUEST_VECTOR | 00628 RSBAC_REQUEST_VECTOR(R_AUTHENTICATE)) 00629 & RSBAC_USER_REQUEST_VECTOR) | 00630 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00631 rsbac_list_lol_subadd(role_tcus_handle, 00632 &role, &type, 00633 &rights); 00634 type = RSBAC_RC_SEC_TYPE; 00635 rights = 00636 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00637 RSBAC_SECURITY_REQUEST_VECTOR | 00638 RSBAC_REQUEST_VECTOR(R_AUTHENTICATE)) 00639 & RSBAC_USER_REQUEST_VECTOR) | 00640 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00641 rsbac_list_lol_subadd(role_tcus_handle, 00642 &role, &type, 00643 &rights); 00644 } 00645 if (!rsbac_list_lol_add 00646 (role_tcpr_handle, &role, NULL)) { 00647 type = RSBAC_RC_GENERAL_TYPE; 00648 rights = 00649 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00650 RSBAC_SECURITY_REQUEST_VECTOR) 00651 & RSBAC_PROCESS_REQUEST_VECTOR) | 00652 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00653 rsbac_list_lol_subadd(role_tcpr_handle, 00654 &role, &type, 00655 &rights); 00656 type = RSBAC_RC_SEC_TYPE; 00657 rights = 00658 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00659 RSBAC_SECURITY_REQUEST_VECTOR) 00660 & RSBAC_PROCESS_REQUEST_VECTOR) | 00661 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00662 rsbac_list_lol_subadd(role_tcpr_handle, 00663 &role, &type, 00664 &rights); 00665 type = CONFIG_RSBAC_RC_KERNEL_PROCESS_TYPE; 00666 rights = 00667 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00668 RSBAC_SECURITY_REQUEST_VECTOR) 00669 & RSBAC_PROCESS_REQUEST_VECTOR) | 00670 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00671 rsbac_list_lol_subadd(role_tcpr_handle, 00672 &role, &type, 00673 &rights); 00674 } 00675 if (!rsbac_list_lol_add 00676 (role_tcip_handle, &role, NULL)) { 00677 type = RSBAC_RC_GENERAL_TYPE; 00678 rights = 00679 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00680 RSBAC_SECURITY_REQUEST_VECTOR) 00681 & RSBAC_IPC_REQUEST_VECTOR) | 00682 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00683 rsbac_list_lol_subadd(role_tcip_handle, 00684 &role, &type, 00685 &rights); 00686 type = RSBAC_RC_SEC_TYPE; 00687 rights = 00688 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00689 RSBAC_SECURITY_REQUEST_VECTOR) 00690 & RSBAC_IPC_REQUEST_VECTOR) | 00691 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00692 rsbac_list_lol_subadd(role_tcip_handle, 00693 &role, &type, 00694 &rights); 00695 } 00696 if (!rsbac_list_lol_add 00697 (role_tcgr_handle, &role, NULL)) { 00698 type = RSBAC_RC_GENERAL_TYPE; 00699 rights = 00700 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00701 RSBAC_SECURITY_REQUEST_VECTOR) 00702 & RSBAC_GROUP_REQUEST_VECTOR) | 00703 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00704 rsbac_list_lol_subadd(role_tcgr_handle, 00705 &role, &type, 00706 &rights); 00707 } 00708 if (!rsbac_list_lol_add 00709 (role_tcnd_handle, &role, NULL)) { 00710 type = RSBAC_RC_GENERAL_TYPE; 00711 rights = 00712 ((RSBAC_REQUEST_VECTOR 00713 (R_GET_STATUS_DATA) | 00714 RSBAC_SECURITY_REQUEST_VECTOR) 00715 & RSBAC_NETDEV_REQUEST_VECTOR) | 00716 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00717 rsbac_list_lol_subadd(role_tcnd_handle, 00718 &role, &type, 00719 &rights); 00720 type = RSBAC_RC_SEC_TYPE; 00721 rsbac_list_lol_subadd(role_tcnd_handle, 00722 &role, &type, 00723 &rights); 00724 type = RSBAC_RC_SYS_TYPE; 00725 rsbac_list_lol_subadd(role_tcnd_handle, 00726 &role, &type, 00727 &rights); 00728 } 00729 if (!rsbac_list_lol_add 00730 (role_tcnt_handle, &role, NULL)) { 00731 type = RSBAC_RC_GENERAL_TYPE; 00732 rights = 00733 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00734 RSBAC_SECURITY_REQUEST_VECTOR) 00735 & RSBAC_NETTEMP_REQUEST_VECTOR) | 00736 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00737 rsbac_list_lol_subadd(role_tcnt_handle, 00738 &role, &type, 00739 &rights); 00740 type = RSBAC_RC_SEC_TYPE; 00741 rights = 00742 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00743 RSBAC_SECURITY_REQUEST_VECTOR) 00744 & RSBAC_NETTEMP_REQUEST_VECTOR) | 00745 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00746 rsbac_list_lol_subadd(role_tcnt_handle, 00747 &role, &type, 00748 &rights); 00749 } 00750 if (!rsbac_list_lol_add 00751 (role_tcno_handle, &role, NULL)) { 00752 type = RSBAC_RC_GENERAL_TYPE; 00753 rights = 00754 ((RSBAC_READ_WRITE_REQUEST_VECTOR | 00755 RSBAC_SECURITY_REQUEST_VECTOR) 00756 & RSBAC_NETOBJ_REQUEST_VECTOR) | 00757 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00758 rsbac_list_lol_subadd(role_tcno_handle, 00759 &role, &type, 00760 &rights); 00761 } 00762 if (!rsbac_list_lol_add 00763 (role_tcsc_handle, &role, NULL)) { 00764 #ifdef CONFIG_RSBAC_USER_MOD_IOPERM 00765 type = ST_ioports; 00766 rights = 00767 RSBAC_RC_RIGHTS_VECTOR 00768 (R_MODIFY_PERMISSIONS_DATA) 00769 | RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00770 rsbac_list_lol_subadd(role_tcsc_handle, 00771 &role, &type, 00772 &rights); 00773 #endif 00774 type = ST_rlimit; 00775 rights = 00776 RSBAC_SCD_REQUEST_VECTOR | 00777 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00778 rsbac_list_lol_subadd(role_tcsc_handle, 00779 &role, &type, 00780 &rights); 00781 type = ST_rsbac; 00782 rights = 00783 RSBAC_SCD_REQUEST_VECTOR | 00784 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00785 rsbac_list_lol_subadd(role_tcsc_handle, 00786 &role, &type, 00787 &rights); 00788 type = ST_rsbac_log; 00789 rights = 00790 RSBAC_SCD_REQUEST_VECTOR | 00791 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00792 rsbac_list_lol_subadd(role_tcsc_handle, 00793 &role, &type, 00794 &rights); 00795 type = ST_other; 00796 rights = RSBAC_RC_RIGHTS_VECTOR(R_MAP_EXEC) 00797 | 00798 RSBAC_RC_RIGHTS_VECTOR 00799 (R_MODIFY_PERMISSIONS_DATA) 00800 | RSBAC_RC_RIGHTS_VECTOR(R_SWITCH_LOG) 00801 | 00802 RSBAC_RC_RIGHTS_VECTOR(R_SWITCH_MODULE) 00803 | RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00804 rsbac_list_lol_subadd(role_tcsc_handle, 00805 &role, &type, 00806 &rights); 00807 type = ST_network; 00808 rights = 00809 RSBAC_RC_RIGHTS_VECTOR 00810 (R_GET_STATUS_DATA) 00811 | RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00812 rsbac_list_lol_subadd(role_tcsc_handle, 00813 &role, &type, 00814 &rights); 00815 type = ST_firewall; 00816 rights = 00817 RSBAC_RC_RIGHTS_VECTOR 00818 (R_GET_STATUS_DATA) 00819 | RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00820 rsbac_list_lol_subadd(role_tcsc_handle, 00821 &role, &type, 00822 &rights); 00823 type = RST_auth_administration; 00824 rights = 00825 RSBAC_SCD_REQUEST_VECTOR | 00826 RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00827 rsbac_list_lol_subadd(role_tcsc_handle, 00828 &role, &type, 00829 &rights); 00830 type = ST_sysfs; 00831 rights = 00832 RSBAC_RC_RIGHTS_VECTOR 00833 (R_GET_STATUS_DATA) 00834 | RSBAC_RC_SPECIAL_RIGHTS_VECTOR; 00835 rsbac_list_lol_subadd(role_tcsc_handle, 00836 &role, &type, 00837 &rights); 00838 } 00839 } 00840 role = RSBAC_RC_SYSTEM_ADMIN_ROLE; 00841 if (!rsbac_list_add(role_handle, &role, &sa_entry)) { 00842 if (!rsbac_list_lol_add 00843 (role_tcfd_handle, &role, NULL)) { 00844 type = RSBAC_RC_GENERAL_TYPE; 00845 rights = (RSBAC_READ_WRITE_REQUEST_VECTOR 00846 | RSBAC_EXECUTE_REQUEST_VECTOR 00847 | RSBAC_SYSTEM_REQUEST_VECTOR) 00848 & RSBAC_FD_REQUEST_VECTOR; 00849 rsbac_list_lol_subadd(role_tcfd_handle, 00850 &role, &type, 00851 &rights); 00852 type = RSBAC_RC_SYS_TYPE; 00853 rsbac_list_lol_subadd(role_tcfd_handle, 00854 &role, &type, 00855 &rights); 00856 } 00857 if (!rsbac_list_lol_add 00858 (role_tcdv_handle, &role, NULL)) { 00859 type = RSBAC_RC_GENERAL_TYPE; 00860 rights = 00861 (RSBAC_READ_WRITE_REQUEST_VECTOR | 00862 RSBAC_SYSTEM_REQUEST_VECTOR) & 00863 RSBAC_DEV_REQUEST_VECTOR; 00864 rsbac_list_lol_subadd(role_tcdv_handle, 00865 &role, &type, 00866 &rights); 00867 type = RSBAC_RC_SYS_TYPE; 00868 rights = 00869 (RSBAC_READ_WRITE_REQUEST_VECTOR | 00870 RSBAC_SYSTEM_REQUEST_VECTOR) & 00871 RSBAC_DEV_REQUEST_VECTOR; 00872 rsbac_list_lol_subadd(role_tcdv_handle, 00873 &role, &type, 00874 &rights); 00875 } 00876 if (!rsbac_list_lol_add 00877 (role_tcus_handle, &role, NULL)) { 00878 type = RSBAC_RC_GENERAL_TYPE; 00879 rights = 00880 RSBAC_REQUEST_VECTOR(R_CHANGE_OWNER) | 00881 RSBAC_REQUEST_VECTOR(R_SEARCH) | 00882 RSBAC_REQUEST_VECTOR(R_GET_STATUS_DATA) | 00883 RSBAC_REQUEST_VECTOR(R_AUTHENTICATE); 00884 rsbac_list_lol_subadd(role_tcus_handle, 00885 &role, &type, 00886 &rights); 00887 type = RSBAC_RC_SYS_TYPE; 00888 rights = 00889 RSBAC_REQUEST_VECTOR(R_SEARCH) | 00890 RSBAC_REQUEST_VECTOR(R_GET_STATUS_DATA) | 00891 RSBAC_REQUEST_VECTOR(R_AUTHENTICATE); 00892 rsbac_list_lol_subadd(role_tcus_handle, 00893 &role, &type, 00894 &rights); 00895 type = RSBAC_RC_SEC_TYPE; 00896 rights = 00897 RSBAC_REQUEST_VECTOR(R_SEARCH) | 00898 RSBAC_REQUEST_VECTOR(R_AUTHENTICATE); 00899 rsbac_list_lol_subadd(role_tcus_handle, 00900 &role, &type, 00901 &rights); 00902 } 00903 if (!rsbac_list_lol_add 00904 (role_tcpr_handle, &role, NULL)) { 00905 type = RSBAC_RC_GENERAL_TYPE; 00906 rights = 00907 (RSBAC_READ_WRITE_REQUEST_VECTOR | 00908 RSBAC_SYSTEM_REQUEST_VECTOR) & 00909 RSBAC_PROCESS_REQUEST_VECTOR; 00910 rsbac_list_lol_subadd(role_tcpr_handle, 00911 &role, &type, 00912 &rights); 00913 type = RSBAC_RC_SYS_TYPE; 00914 rights = 00915 (RSBAC_READ_WRITE_REQUEST_VECTOR | 00916 RSBAC_SYSTEM_REQUEST_VECTOR) & 00917 RSBAC_PROCESS_REQUEST_VECTOR; 00918 rsbac_list_lol_subadd(role_tcpr_handle, 00919 &role, &type, 00920 &rights); 00921 type = CONFIG_RSBAC_RC_KERNEL_PROCESS_TYPE; 00922 rights = 00923 (RSBAC_READ_WRITE_REQUEST_VECTOR | 00924 RSBAC_SYSTEM_REQUEST_VECTOR) & 00925 RSBAC_PROCESS_REQUEST_VECTOR; 00926 rsbac_list_lol_subadd(role_tcpr_handle, 00927 &role, &type, 00928 &rights); 00929 } 00930 if (!rsbac_list_lol_add 00931 (role_tcip_handle, &role, NULL)) { 00932 type = RSBAC_RC_GENERAL_TYPE; 00933 rights = 00934 (RSBAC_READ_WRITE_REQUEST_VECTOR | 00935 RSBAC_SYSTEM_REQUEST_VECTOR) & 00936 RSBAC_IPC_REQUEST_VECTOR; 00937 rsbac_list_lol_subadd(role_tcip_handle, 00938 &role, &type, 00939 &rights); 00940 type = RSBAC_RC_SYS_TYPE; 00941 rights = 00942 (RSBAC_READ_WRITE_REQUEST_VECTOR | 00943 RSBAC_SYSTEM_REQUEST_VECTOR) & 00944 RSBAC_IPC_REQUEST_VECTOR; 00945 rsbac_list_lol_subadd(role_tcip_handle, 00946 &role, &type, 00947 &rights); 00948 } 00949 if (!rsbac_list_lol_add 00950 (role_tcgr_handle, &role, NULL)) { 00951 type = RSBAC_RC_GENERAL_TYPE; 00952 rights = 00953 RSBAC_REQUEST_VECTOR(R_SEARCH) | 00954 RSBAC_REQUEST_VECTOR 00955 (R_GET_STATUS_DATA); 00956 rsbac_list_lol_subadd(role_tcgr_handle, 00957 &role, &type, 00958 &rights); 00959 } 00960 if (!rsbac_list_lol_add 00961 (role_tcnd_handle, &role, NULL)) { 00962 type = RSBAC_RC_GENERAL_TYPE; 00963 rights = 00964 (RSBAC_READ_WRITE_REQUEST_VECTOR | 00965 RSBAC_SYSTEM_REQUEST_VECTOR) & 00966 RSBAC_NETDEV_REQUEST_VECTOR; 00967 rsbac_list_lol_subadd(role_tcnd_handle, 00968 &role, &type, 00969 &rights); 00970 } 00971 if (!rsbac_list_lol_add 00972 (role_tcnt_handle, &role, NULL)) { 00973 type = RSBAC_RC_GENERAL_TYPE; 00974 rights = 00975 (RSBAC_READ_REQUEST_VECTOR) & 00976 RSBAC_NETTEMP_REQUEST_VECTOR; 00977 rsbac_list_lol_subadd(role_tcnt_handle, 00978 &role, &type, 00979 &rights); 00980 } 00981 if (!rsbac_list_lol_add 00982 (role_tcno_handle, &role, NULL)) { 00983 type = RSBAC_RC_GENERAL_TYPE; 00984 rights = 00985 (RSBAC_READ_WRITE_REQUEST_VECTOR | 00986 RSBAC_SYSTEM_REQUEST_VECTOR) & 00987 RSBAC_NETOBJ_REQUEST_VECTOR; 00988 rsbac_list_lol_subadd(role_tcno_handle, 00989 &role, &type, 00990 &rights); 00991 } 00992 if (!rsbac_list_lol_add 00993 (role_tcsc_handle, &role, NULL)) { 00994 rights = 00995 RSBAC_SCD_REQUEST_VECTOR & 00996 (RSBAC_SYSTEM_REQUEST_VECTOR | 00997 RSBAC_READ_WRITE_REQUEST_VECTOR); 00998 for (type = ST_time_strucs; 00999 type <= ST_rsbac; type++) { 01000 rsbac_list_lol_subadd 01001 (role_tcsc_handle, &role, 01002 &type, &rights); 01003 } 01004 for (type = ST_network; type < ST_none; 01005 type++) { 01006 rsbac_list_lol_subadd 01007 (role_tcsc_handle, &role, 01008 &type, &rights); 01009 } 01010 type = ST_other; 01011 rights = 01012 RSBAC_RC_RIGHTS_VECTOR(R_ADD_TO_KERNEL) 01013 | RSBAC_RC_RIGHTS_VECTOR(R_MAP_EXEC) 01014 | 01015 RSBAC_RC_RIGHTS_VECTOR 01016 (R_MODIFY_SYSTEM_DATA) 01017 | RSBAC_RC_RIGHTS_VECTOR(R_MOUNT) 01018 | 01019 RSBAC_RC_RIGHTS_VECTOR 01020 (R_REMOVE_FROM_KERNEL) 01021 | RSBAC_RC_RIGHTS_VECTOR(R_UMOUNT) 01022 | RSBAC_RC_RIGHTS_VECTOR(R_SHUTDOWN); 01023 rsbac_list_lol_subadd(role_tcsc_handle, 01024 &role, &type, 01025 &rights); 01026 } 01027 } 01028 }
static void __init create_def_roles2 | ( | void | ) | [static] |
Definition at line 1033 of file rc_data_structures.c.
References NULL, R_ADD_TO_KERNEL, R_AUTHENTICATE, R_CHANGE_OWNER, R_GET_STATUS_DATA, R_MAP_EXEC, R_MODIFY_PERMISSIONS_DATA, R_MODIFY_SYSTEM_DATA, R_MOUNT, R_REMOVE_FROM_KERNEL, R_SEARCH, R_SHUTDOWN, R_UMOUNT, role_handle, role_tcdv_handle, role_tcfd_handle, role_tcgr_handle, role_tcip_handle, role_tcnd_handle, role_tcno_handle, role_tcnt_handle, role_tcpr_handle, role_tcsc_handle, role_tcus_handle, RSBAC_DEV_REQUEST_VECTOR, RSBAC_EXECUTE_REQUEST_VECTOR, RSBAC_FD_REQUEST_VECTOR, RSBAC_IPC_REQUEST_VECTOR, rsbac_list_add(), rsbac_list_lol_add(), rsbac_list_lol_subadd(), RSBAC_NETDEV_REQUEST_VECTOR, RSBAC_NETOBJ_REQUEST_VECTOR, RSBAC_NETTEMP_REQUEST_VECTOR, rsbac_printk(), RSBAC_PROCESS_REQUEST_VECTOR, RSBAC_RC_AUDITOR_ROLE, RSBAC_RC_AUDITOR_ROLE_ENTRY, RSBAC_RC_BOOT_ROLE, RSBAC_RC_BOOT_ROLE_ENTRY, RSBAC_RC_GENERAL_TYPE, RSBAC_RC_RIGHTS_VECTOR, RSBAC_RC_SEC_TYPE, RSBAC_RC_SYS_TYPE, RSBAC_READ_REQUEST_VECTOR, RSBAC_READ_WRITE_REQUEST_VECTOR, RSBAC_REQUEST_VECTOR, RSBAC_SCD_REQUEST_VECTOR, RSBAC_SYSTEM_REQUEST_VECTOR, RSBAC_USER_REQUEST_VECTOR, ST_ioports, ST_network, ST_none, ST_other, ST_rlimit, ST_rsbac, ST_rsbac_log, and ST_time_strucs.
Referenced by rsbac_init_rc().
01035 { 01036 rsbac_rc_role_id_t role; 01037 rsbac_rc_type_id_t type; 01038 rsbac_rc_rights_vector_t rights; 01039 struct rsbac_rc_role_entry_t au_entry = 01040 RSBAC_RC_AUDITOR_ROLE_ENTRY; 01041 struct rsbac_rc_role_entry_t bo_entry = 01042 RSBAC_RC_BOOT_ROLE_ENTRY; 01043 01044 rsbac_printk(KERN_WARNING "rsbac_init_rc(): no RC roles read, generating default role entries!\n"); 01045 01046 role = RSBAC_RC_AUDITOR_ROLE; 01047 if (!rsbac_list_add(role_handle, &role, &au_entry)) { 01048 if (!rsbac_list_lol_add 01049 (role_tcfd_handle, &role, NULL)) { 01050 type = RSBAC_RC_GENERAL_TYPE; 01051 rights = 01052 (RSBAC_READ_WRITE_REQUEST_VECTOR | 01053 RSBAC_EXECUTE_REQUEST_VECTOR) 01054 & RSBAC_FD_REQUEST_VECTOR; 01055 rsbac_list_lol_subadd(role_tcfd_handle, 01056 &role, &type, 01057 &rights); 01058 } 01059 if (!rsbac_list_lol_add 01060 (role_tcdv_handle, &role, NULL)) { 01061 type = RSBAC_RC_GENERAL_TYPE; 01062 rights = 01063 RSBAC_READ_WRITE_REQUEST_VECTOR & 01064 RSBAC_DEV_REQUEST_VECTOR; 01065 rsbac_list_lol_subadd(role_tcdv_handle, 01066 &role, &type, 01067 &rights); 01068 } 01069 if (!rsbac_list_lol_add 01070 (role_tcus_handle, &role, NULL)) { 01071 type = RSBAC_RC_GENERAL_TYPE; 01072 rights = 01073 RSBAC_REQUEST_VECTOR(R_CHANGE_OWNER) | 01074 RSBAC_REQUEST_VECTOR(R_SEARCH) | 01075 RSBAC_REQUEST_VECTOR 01076 (R_GET_STATUS_DATA); 01077 rsbac_list_lol_subadd(role_tcus_handle, 01078 &role, &type, 01079 &rights); 01080 } 01081 if (!rsbac_list_lol_add 01082 (role_tcgr_handle, &role, NULL)) { 01083 type = RSBAC_RC_GENERAL_TYPE; 01084 rights = 01085 RSBAC_REQUEST_VECTOR(R_SEARCH) | 01086 RSBAC_REQUEST_VECTOR 01087 (R_GET_STATUS_DATA); 01088 rsbac_list_lol_subadd(role_tcgr_handle, 01089 &role, &type, 01090 &rights); 01091 } 01092 if (!rsbac_list_lol_add 01093 (role_tcpr_handle, &role, NULL)) { 01094 type = RSBAC_RC_GENERAL_TYPE; 01095 rights = 01096 RSBAC_READ_WRITE_REQUEST_VECTOR & 01097 RSBAC_PROCESS_REQUEST_VECTOR; 01098 rsbac_list_lol_subadd(role_tcpr_handle, 01099 &role, &type, 01100 &rights); 01101 } 01102 if (!rsbac_list_lol_add 01103 (role_tcip_handle, &role, NULL)) { 01104 type = RSBAC_RC_GENERAL_TYPE; 01105 rights = 01106 RSBAC_READ_WRITE_REQUEST_VECTOR & 01107 RSBAC_IPC_REQUEST_VECTOR; 01108 rsbac_list_lol_subadd(role_tcip_handle, 01109 &role, &type, 01110 &rights); 01111 } 01112 if (!rsbac_list_lol_add 01113 (role_tcnd_handle, &role, NULL)) { 01114 type = RSBAC_RC_GENERAL_TYPE; 01115 rights = 01116 RSBAC_READ_WRITE_REQUEST_VECTOR & 01117 RSBAC_NETDEV_REQUEST_VECTOR; 01118 rsbac_list_lol_subadd(role_tcnd_handle, 01119 &role, &type, 01120 &rights); 01121 } 01122 if (!rsbac_list_lol_add 01123 (role_tcno_handle, &role, NULL)) { 01124 type = RSBAC_RC_GENERAL_TYPE; 01125 rights = 01126 RSBAC_READ_WRITE_REQUEST_VECTOR & 01127 RSBAC_NETOBJ_REQUEST_VECTOR; 01128 rsbac_list_lol_subadd(role_tcno_handle, 01129 &role, &type, 01130 &rights); 01131 } 01132 if (!rsbac_list_lol_add 01133 (role_tcsc_handle, &role, NULL)) { 01134 #ifdef CONFIG_RSBAC_USER_MOD_IOPERM 01135 type = ST_ioports; 01136 rights = 01137 RSBAC_RC_RIGHTS_VECTOR 01138 (R_MODIFY_PERMISSIONS_DATA); 01139 rsbac_list_lol_subadd(role_tcsc_handle, 01140 &role, &type, 01141 &rights); 01142 #endif 01143 type = ST_rlimit; 01144 rights = 01145 RSBAC_RC_RIGHTS_VECTOR 01146 (R_GET_STATUS_DATA) 01147 | 01148 RSBAC_RC_RIGHTS_VECTOR 01149 (R_MODIFY_SYSTEM_DATA); 01150 rsbac_list_lol_subadd(role_tcsc_handle, 01151 &role, &type, 01152 &rights); 01153 type = ST_rsbac_log; 01154 rights = 01155 RSBAC_RC_RIGHTS_VECTOR 01156 (R_GET_STATUS_DATA) 01157 | 01158 RSBAC_RC_RIGHTS_VECTOR 01159 (R_MODIFY_SYSTEM_DATA); 01160 rsbac_list_lol_subadd(role_tcsc_handle, 01161 &role, &type, 01162 &rights); 01163 type = ST_other; 01164 rights = 01165 RSBAC_RC_RIGHTS_VECTOR(R_MAP_EXEC); 01166 rsbac_list_lol_subadd(role_tcsc_handle, 01167 &role, &type, 01168 &rights); 01169 type = ST_network; 01170 rights = 01171 RSBAC_RC_RIGHTS_VECTOR 01172 (R_GET_STATUS_DATA); 01173 rsbac_list_lol_subadd(role_tcsc_handle, 01174 &role, &type, 01175 &rights); 01176 } 01177 } 01178 role = RSBAC_RC_BOOT_ROLE; 01179 if (!rsbac_list_add(role_handle, &role, &bo_entry)) { 01180 if (!rsbac_list_lol_add 01181 (role_tcfd_handle, &role, NULL)) { 01182 type = RSBAC_RC_GENERAL_TYPE; 01183 rights = (RSBAC_READ_WRITE_REQUEST_VECTOR 01184 | RSBAC_EXECUTE_REQUEST_VECTOR 01185 | RSBAC_SYSTEM_REQUEST_VECTOR) 01186 & RSBAC_FD_REQUEST_VECTOR; 01187 rsbac_list_lol_subadd(role_tcfd_handle, 01188 &role, &type, 01189 &rights); 01190 type = RSBAC_RC_SYS_TYPE; 01191 rsbac_list_lol_subadd(role_tcfd_handle, 01192 &role, &type, 01193 &rights); 01194 } 01195 if (!rsbac_list_lol_add 01196 (role_tcdv_handle, &role, NULL)) { 01197 type = RSBAC_RC_GENERAL_TYPE; 01198 rights = 01199 (RSBAC_READ_WRITE_REQUEST_VECTOR | 01200 RSBAC_SYSTEM_REQUEST_VECTOR) & 01201 RSBAC_DEV_REQUEST_VECTOR; 01202 rsbac_list_lol_subadd(role_tcdv_handle, 01203 &role, &type, 01204 &rights); 01205 type = RSBAC_RC_SYS_TYPE; 01206 rights = 01207 (RSBAC_READ_WRITE_REQUEST_VECTOR | 01208 RSBAC_SYSTEM_REQUEST_VECTOR) & 01209 RSBAC_DEV_REQUEST_VECTOR; 01210 rsbac_list_lol_subadd(role_tcdv_handle, 01211 &role, &type, 01212 &rights); 01213 } 01214 if (!rsbac_list_lol_add 01215 (role_tcus_handle, &role, NULL)) { 01216 type = RSBAC_RC_GENERAL_TYPE; 01217 rights = 01218 (RSBAC_READ_REQUEST_VECTOR | 01219 RSBAC_REQUEST_VECTOR(R_CHANGE_OWNER) | 01220 RSBAC_SYSTEM_REQUEST_VECTOR | 01221 RSBAC_REQUEST_VECTOR(R_AUTHENTICATE)) & 01222 RSBAC_USER_REQUEST_VECTOR; 01223 rsbac_list_lol_subadd(role_tcus_handle, 01224 &role, &type, 01225 &rights); 01226 type = RSBAC_RC_SEC_TYPE; 01227 rights = 01228 RSBAC_REQUEST_VECTOR(R_SEARCH) | 01229 RSBAC_REQUEST_VECTOR(R_CHANGE_OWNER) | 01230 RSBAC_REQUEST_VECTOR(R_AUTHENTICATE); 01231 rsbac_list_lol_subadd(role_tcus_handle, 01232 &role, &type, 01233 &rights); 01234 type = RSBAC_RC_SYS_TYPE; 01235 rights = 01236 (RSBAC_READ_REQUEST_VECTOR | 01237 RSBAC_SYSTEM_REQUEST_VECTOR) & 01238 RSBAC_USER_REQUEST_VECTOR; 01239 rsbac_list_lol_subadd(role_tcus_handle, 01240 &role, &type, 01241 &rights); 01242 } 01243 if (!rsbac_list_lol_add 01244 (role_tcpr_handle, &role, NULL)) { 01245 type = RSBAC_RC_GENERAL_TYPE; 01246 rights = 01247 (RSBAC_READ_WRITE_REQUEST_VECTOR | 01248 RSBAC_SYSTEM_REQUEST_VECTOR) & 01249 RSBAC_PROCESS_REQUEST_VECTOR; 01250 rsbac_list_lol_subadd(role_tcpr_handle, 01251 &role, &type, 01252 &rights); 01253 type = RSBAC_RC_SYS_TYPE; 01254 rights = 01255 (RSBAC_READ_WRITE_REQUEST_VECTOR | 01256 RSBAC_SYSTEM_REQUEST_VECTOR) & 01257 RSBAC_PROCESS_REQUEST_VECTOR; 01258 rsbac_list_lol_subadd(role_tcpr_handle, 01259 &role, &type, 01260 &rights); 01261 type = CONFIG_RSBAC_RC_KERNEL_PROCESS_TYPE; 01262 rights = 01263 (RSBAC_READ_WRITE_REQUEST_VECTOR | 01264 RSBAC_SYSTEM_REQUEST_VECTOR) & 01265 RSBAC_PROCESS_REQUEST_VECTOR; 01266 rsbac_list_lol_subadd(role_tcpr_handle, 01267 &role, &type, 01268 &rights); 01269 } 01270 if (!rsbac_list_lol_add 01271 (role_tcip_handle, &role, NULL)) { 01272 type = RSBAC_RC_GENERAL_TYPE; 01273 rights = 01274 (RSBAC_READ_WRITE_REQUEST_VECTOR | 01275 RSBAC_SYSTEM_REQUEST_VECTOR) & 01276 RSBAC_IPC_REQUEST_VECTOR; 01277 rsbac_list_lol_subadd(role_tcip_handle, 01278 &role, &type, 01279 &rights); 01280 type = RSBAC_RC_SYS_TYPE; 01281 rights = 01282 (RSBAC_READ_WRITE_REQUEST_VECTOR | 01283 RSBAC_SYSTEM_REQUEST_VECTOR) & 01284 RSBAC_IPC_REQUEST_VECTOR; 01285 rsbac_list_lol_subadd(role_tcip_handle, 01286 &role, &type, 01287 &rights); 01288 } 01289 if (!rsbac_list_lol_add 01290 (role_tcnd_handle, &role, NULL)) { 01291 type = RSBAC_RC_GENERAL_TYPE; 01292 rights = 01293 (RSBAC_READ_WRITE_REQUEST_VECTOR | 01294 RSBAC_SYSTEM_REQUEST_VECTOR) & 01295 RSBAC_NETDEV_REQUEST_VECTOR; 01296 rsbac_list_lol_subadd(role_tcnd_handle, 01297 &role, &type, 01298 &rights); 01299 } 01300 if (!rsbac_list_lol_add 01301 (role_tcnt_handle, &role, NULL)) { 01302 type = RSBAC_RC_GENERAL_TYPE; 01303 rights = 01304 (RSBAC_READ_REQUEST_VECTOR) & 01305 RSBAC_NETTEMP_REQUEST_VECTOR; 01306 rsbac_list_lol_subadd(role_tcnt_handle, 01307 &role, &type, 01308 &rights); 01309 } 01310 if (!rsbac_list_lol_add 01311 (role_tcno_handle, &role, NULL)) { 01312 type = RSBAC_RC_GENERAL_TYPE; 01313 rights = 01314 (RSBAC_READ_WRITE_REQUEST_VECTOR | 01315 RSBAC_SYSTEM_REQUEST_VECTOR) & 01316 RSBAC_NETOBJ_REQUEST_VECTOR; 01317 rsbac_list_lol_subadd(role_tcno_handle, 01318 &role, &type, 01319 &rights); 01320 } 01321 if (!rsbac_list_lol_add 01322 (role_tcsc_handle, &role, NULL)) { 01323 rights = 01324 RSBAC_SCD_REQUEST_VECTOR & 01325 (RSBAC_SYSTEM_REQUEST_VECTOR | 01326 RSBAC_READ_WRITE_REQUEST_VECTOR); 01327 for (type = ST_time_strucs; 01328 type <= ST_rsbac; type++) { 01329 rsbac_list_lol_subadd 01330 (role_tcsc_handle, &role, 01331 &type, &rights); 01332 } 01333 for (type = ST_network; type < ST_none; 01334 type++) { 01335 rsbac_list_lol_subadd 01336 (role_tcsc_handle, &role, 01337 &type, &rights); 01338 } 01339 type = ST_other; 01340 rights = 01341 RSBAC_RC_RIGHTS_VECTOR(R_ADD_TO_KERNEL) 01342 | RSBAC_RC_RIGHTS_VECTOR(R_MAP_EXEC) 01343 | 01344 RSBAC_RC_RIGHTS_VECTOR 01345 (R_MODIFY_SYSTEM_DATA) 01346 | RSBAC_RC_RIGHTS_VECTOR(R_MOUNT) 01347 | 01348 RSBAC_RC_RIGHTS_VECTOR 01349 (R_REMOVE_FROM_KERNEL) 01350 | RSBAC_RC_RIGHTS_VECTOR(R_UMOUNT) 01351 | RSBAC_RC_RIGHTS_VECTOR(R_SHUTDOWN); 01352 rsbac_list_lol_subadd(role_tcsc_handle, 01353 &role, &type, 01354 &rights); 01355 } 01356 } 01357 }
static int __init old_old_old_role_conv | ( | void * | old_desc, | |
void * | old_data, | |||
void * | new_desc, | |||
void * | new_data | |||
) | [static] |
Definition at line 178 of file rc_data_structures.c.
References rsbac_rc_old_role_entry_t::admin_type, rsbac_rc_old_role_entry_t::def_fd_create_type, rsbac_rc_old_role_entry_t::def_ipc_create_type, rsbac_rc_old_role_entry_t::def_process_chown_type, rsbac_rc_old_role_entry_t::def_process_create_type, rsbac_rc_old_role_entry_t::def_process_execute_type, FALSE, rsbac_rc_old_role_entry_t::name, RC_type_use_fd, RSBAC_RC_GENERAL_TYPE, and RSBAC_RC_NAME_LEN.
Referenced by role_get_conv().
00183 { 00184 struct rsbac_rc_role_entry_t *new = new_data; 00185 struct rsbac_rc_old_role_entry_t *old = old_data; 00186 00187 memcpy(new_desc, old_desc, sizeof(rsbac_rc_role_id_t)); 00188 new->admin_type = old->admin_type; 00189 memcpy(new->name, old->name, RSBAC_RC_NAME_LEN); 00190 new->def_fd_create_type = old->def_fd_create_type; 00191 new->def_user_create_type = RSBAC_RC_GENERAL_TYPE; 00192 new->def_process_create_type = old->def_process_create_type; 00193 new->def_process_chown_type = old->def_process_chown_type; 00194 new->def_process_execute_type = old->def_process_execute_type; 00195 new->def_ipc_create_type = old->def_ipc_create_type; 00196 new->def_group_create_type = RSBAC_RC_GENERAL_TYPE; 00197 new->def_unixsock_create_type = RC_type_use_fd; 00198 new->boot_role = FALSE; 00199 new->req_reauth = FALSE; 00200 return 0; 00201 }
static int __init old_old_role_conv | ( | void * | old_desc, | |
void * | old_data, | |||
void * | new_desc, | |||
void * | new_data | |||
) | [static] |
Definition at line 150 of file rc_data_structures.c.
References rsbac_rc_old_role_entry_t::admin_type, rsbac_rc_old_role_entry_t::boot_role, rsbac_rc_old_role_entry_t::def_fd_create_type, rsbac_rc_old_role_entry_t::def_ipc_create_type, rsbac_rc_old_role_entry_t::def_process_chown_type, rsbac_rc_old_role_entry_t::def_process_create_type, rsbac_rc_old_role_entry_t::def_process_execute_type, rsbac_rc_old_role_entry_t::def_user_create_type, FALSE, rsbac_rc_old_role_entry_t::name, RC_type_use_fd, RSBAC_RC_GENERAL_TYPE, and RSBAC_RC_NAME_LEN.
Referenced by role_get_conv().
00155 { 00156 struct rsbac_rc_role_entry_t *new = new_data; 00157 struct rsbac_rc_old_role_entry_t *old = old_data; 00158 00159 memcpy(new_desc, old_desc, sizeof(rsbac_rc_role_id_t)); 00160 new->admin_type = old->admin_type; 00161 memcpy(new->name, old->name, RSBAC_RC_NAME_LEN); 00162 new->def_fd_create_type = old->def_fd_create_type; 00163 new->def_user_create_type = old->def_user_create_type; 00164 new->def_process_create_type = old->def_process_create_type; 00165 new->def_process_chown_type = old->def_process_chown_type; 00166 new->def_process_execute_type = old->def_process_execute_type; 00167 new->def_ipc_create_type = old->def_ipc_create_type; 00168 new->def_group_create_type = RSBAC_RC_GENERAL_TYPE; 00169 new->def_unixsock_create_type = RC_type_use_fd; 00170 new->boot_role = old->boot_role; 00171 new->req_reauth = FALSE; 00172 return 0; 00173 }
static int __init old_role_conv | ( | void * | old_desc, | |
void * | old_data, | |||
void * | new_desc, | |||
void * | new_data | |||
) | [static] |
Definition at line 122 of file rc_data_structures.c.
References rsbac_rc_old_role_entry_t::admin_type, rsbac_rc_old_role_entry_t::boot_role, rsbac_rc_old_role_entry_t::def_fd_create_type, rsbac_rc_old_role_entry_t::def_ipc_create_type, rsbac_rc_old_role_entry_t::def_process_chown_type, rsbac_rc_old_role_entry_t::def_process_create_type, rsbac_rc_old_role_entry_t::def_process_execute_type, rsbac_rc_old_role_entry_t::def_user_create_type, FALSE, rsbac_rc_old_role_entry_t::name, RC_type_use_fd, RSBAC_RC_GENERAL_TYPE, and RSBAC_RC_NAME_LEN.
Referenced by role_get_conv().
00127 { 00128 struct rsbac_rc_role_entry_t *new = new_data; 00129 struct rsbac_rc_old_role_entry_t *old = old_data; 00130 00131 memcpy(new_desc, old_desc, sizeof(rsbac_rc_role_id_t)); 00132 new->admin_type = old->admin_type; 00133 memcpy(new->name, old->name, RSBAC_RC_NAME_LEN); 00134 new->def_fd_create_type = old->def_fd_create_type; 00135 new->def_user_create_type = old->def_user_create_type; 00136 new->def_process_create_type = old->def_process_create_type; 00137 new->def_process_chown_type = old->def_process_chown_type; 00138 new->def_process_execute_type = old->def_process_execute_type; 00139 new->def_ipc_create_type = old->def_ipc_create_type; 00140 new->def_group_create_type = RSBAC_RC_GENERAL_TYPE; 00141 new->def_unixsock_create_type = RC_type_use_fd; 00142 new->boot_role = old->boot_role; 00143 new->req_reauth = FALSE; 00144 return 0; 00145 }
static void __init registration_error | ( | int | err, | |
char * | listname | |||
) | [static] |
Definition at line 404 of file rc_data_structures.c.
References get_error_name(), rsbac_kfree(), rsbac_kmalloc(), RSBAC_MAXNAMELEN, and rsbac_printk().
00406 { 00407 if (err) { 00408 char *tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN); 00409 00410 if (tmp) { 00411 rsbac_printk(KERN_WARNING "rsbac_init_rc(): Registering RC %s list failed with error %s\n", 00412 listname, get_error_name(tmp, err)); 00413 rsbac_kfree(tmp); 00414 } 00415 } 00416 }
static int __init role_conv | ( | void * | old_desc, | |
void * | old_data, | |||
void * | new_desc, | |||
void * | new_data | |||
) | [static] |
Definition at line 94 of file rc_data_structures.c.
References rsbac_rc_old_role_entry_t::admin_type, rsbac_rc_old_role_entry_t::boot_role, rsbac_rc_old_role_entry_t::def_fd_create_type, rsbac_rc_old_role_entry_t::def_ipc_create_type, rsbac_rc_old_role_entry_t::def_process_chown_type, rsbac_rc_old_role_entry_t::def_process_create_type, rsbac_rc_old_role_entry_t::def_process_execute_type, rsbac_rc_old_role_entry_t::def_user_create_type, rsbac_rc_old_role_entry_t::name, RC_type_use_fd, rsbac_rc_old_role_entry_t::req_reauth, RSBAC_RC_GENERAL_TYPE, and RSBAC_RC_NAME_LEN.
Referenced by role_get_conv().
00099 { 00100 struct rsbac_rc_role_entry_t *new = new_data; 00101 struct rsbac_rc_old_role_entry_t *old = old_data; 00102 00103 memcpy(new_desc, old_desc, sizeof(rsbac_rc_role_id_t)); 00104 new->admin_type = old->admin_type; 00105 memcpy(new->name, old->name, RSBAC_RC_NAME_LEN); 00106 new->def_fd_create_type = old->def_fd_create_type; 00107 new->def_user_create_type = old->def_user_create_type; 00108 new->def_process_create_type = old->def_process_create_type; 00109 new->def_process_chown_type = old->def_process_chown_type; 00110 new->def_process_execute_type = old->def_process_execute_type; 00111 new->def_ipc_create_type = old->def_ipc_create_type; 00112 new->def_group_create_type = RSBAC_RC_GENERAL_TYPE; 00113 new->def_unixsock_create_type = RC_type_use_fd; 00114 new->boot_role = old->boot_role; 00115 new->req_reauth = old->req_reauth; 00116 return 0; 00117 }
static rsbac_list_conv_function_t* __init role_get_conv | ( | rsbac_version_t | old_version | ) | [static] |
Definition at line 207 of file rc_data_structures.c.
References NULL, old_old_old_role_conv(), old_old_role_conv(), old_role_conv(), and role_conv().
Referenced by rsbac_init_rc().
00210 { 00211 switch (old_version) { 00212 case RSBAC_RC_ROLE_OLD_LIST_VERSION: 00213 return role_conv; 00214 case RSBAC_RC_ROLE_OLD_OLD_LIST_VERSION: 00215 return old_role_conv; 00216 case RSBAC_RC_ROLE_OLD_OLD_OLD_LIST_VERSION: 00217 return old_old_role_conv; 00218 case RSBAC_RC_ROLE_OLD_OLD_OLD_OLD_LIST_VERSION: 00219 return old_old_old_role_conv; 00220 default: 00221 return NULL; 00222 } 00223 }
static u_int role_hash | ( | void * | desc, | |
__u32 | nr_hashes | |||
) | [static] |
Definition at line 80 of file rc_data_structures.c.
Referenced by rsbac_init_rc().
00081 { 00082 return (*((rsbac_rc_role_id_t *) desc) & (nr_hashes - 1)); 00083 }
int __init rsbac_init_rc | ( | void | ) |
Definition at line 1362 of file rc_data_structures.c.
References create_def_roles(), create_def_roles2(), rsbac_list_info_t::data_size, rsbac_list_lol_info_t::data_size, rsbac_list_info_t::desc_size, rsbac_list_lol_info_t::desc_size, rsbac_list_info_t::key, rsbac_list_lol_info_t::key, rsbac_list_info_t::max_age, rsbac_list_lol_info_t::max_age, rsbac_rc_type_fd_entry_t::name, name, rsbac_rc_type_fd_entry_t::need_secdel, nr_role_hashes, nr_type_hashes, NULL, proc_rsbac_root_p, registration_error(), role_adr_handle, role_asr_handle, role_dfdc_handle, role_get_conv(), role_handle, role_hash(), role_rc_handle, role_tcdv_handle, role_tcfd_handle, role_tcgr_handle, role_tcip_handle, role_tcnd_handle, role_tcno_handle, role_tcnt_handle, role_tcpr_handle, role_tcsc_handle, role_tcus_handle, RSBAC_EREINIT, rsbac_is_initialized(), rsbac_list_add(), RSBAC_LIST_AUTO_HASH_RESIZE, RSBAC_LIST_BACKUP, rsbac_list_count(), RSBAC_LIST_DEF_DATA, RSBAC_LIST_DEF_SUBDATA, rsbac_list_exist(), rsbac_list_lol_get_all_desc(), rsbac_list_lol_register_hashed(), rsbac_list_lol_subadd(), rsbac_list_lol_subexist(), RSBAC_LIST_PERSIST, rsbac_list_register_hashed(), RSBAC_LIST_REPLICATE, RSBAC_LIST_VERSION, rsbac_no_defaults, rsbac_pr_debug, rsbac_printk(), RSBAC_PROCESS_REQUEST_VECTOR, RSBAC_RC_DEFAULT_RIGHTS_VECTOR, RSBAC_RC_GENERAL_TYPE, RSBAC_RC_NAME_LEN, RSBAC_RC_SEC_TYPE, RSBAC_RC_SYS_TYPE, RSBAC_READ_WRITE_REQUEST_VECTOR, rsbac_vfree, rsbac_list_lol_info_t::subdata_size, rsbac_list_lol_info_t::subdesc_size, tcfd_get_conv(), tcfd_get_subconv(), type_dev_handle, type_fd_handle, type_group_handle, type_hash(), type_ipc_handle, type_netdev_handle, type_netobj_handle, type_nettemp_handle, type_process_handle, type_user_handle, rsbac_list_info_t::version, and rsbac_list_lol_info_t::version.
Referenced by rsbac_do_init().
01364 { 01365 int err = 0; 01366 struct proc_dir_entry *tmp_entry_p; 01367 struct rsbac_list_lol_info_t lol_info; 01368 struct rsbac_list_info_t list_info; 01369 rsbac_rc_rights_vector_t def_tc = RSBAC_RC_DEFAULT_RIGHTS_VECTOR; 01370 01371 if (rsbac_is_initialized()) { 01372 rsbac_printk(KERN_WARNING "rsbac_init_rc(): RSBAC already initialized\n"); 01373 return (-RSBAC_EREINIT); 01374 } 01375 01376 /* init data structures */ 01377 rsbac_printk(KERN_INFO "rsbac_init_rc(): Initializing RSBAC: RC subsystem\n"); 01378 rsbac_pr_debug(stack, "free stack: %lu\n", rsbac_stack_free_space()); 01379 01380 list_info.version = RSBAC_RC_ROLE_LIST_VERSION; 01381 list_info.key = RSBAC_RC_LIST_KEY; 01382 list_info.desc_size = sizeof(rsbac_rc_role_id_t); 01383 list_info.data_size = sizeof(struct rsbac_rc_role_entry_t); 01384 list_info.max_age = 0; 01385 err = rsbac_list_register_hashed(RSBAC_LIST_VERSION, 01386 &role_handle, &list_info, 01387 #if defined(CONFIG_RSBAC_RC_BACKUP) 01388 RSBAC_LIST_BACKUP | 01389 #endif 01390 RSBAC_LIST_PERSIST | 01391 RSBAC_LIST_REPLICATE | RSBAC_LIST_AUTO_HASH_RESIZE, 01392 NULL, role_get_conv, 01393 NULL, RSBAC_RC_ROLE_FILENAME, 01394 RSBAC_AUTO_DEV, 01395 nr_role_hashes, 01396 (nr_role_hashes > 1) ? role_hash : NULL, 01397 NULL); 01398 if (err) { 01399 registration_error(err, "role"); 01400 } 01401 01402 lol_info.version = RSBAC_RC_ROLE_RC_LIST_VERSION; 01403 lol_info.key = RSBAC_RC_LIST_KEY; 01404 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01405 lol_info.data_size = 0; 01406 lol_info.subdesc_size = sizeof(rsbac_rc_role_id_t); 01407 lol_info.subdata_size = 0; 01408 lol_info.max_age = 0; 01409 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01410 &role_rc_handle, &lol_info, 01411 #if defined(CONFIG_RSBAC_RC_BACKUP) 01412 RSBAC_LIST_BACKUP | 01413 #endif 01414 RSBAC_LIST_PERSIST | 01415 RSBAC_LIST_REPLICATE | 01416 RSBAC_LIST_DEF_DATA | 01417 RSBAC_LIST_AUTO_HASH_RESIZE, 01418 NULL, 01419 NULL, NULL, NULL, 01420 NULL, NULL, 01421 RSBAC_RC_ROLE_RC_FILENAME, 01422 RSBAC_AUTO_DEV, 01423 nr_role_hashes, 01424 (nr_role_hashes > 1) ? role_hash : NULL, 01425 NULL); 01426 if (err) { 01427 registration_error(err, "role compatibilities"); 01428 } 01429 lol_info.version = RSBAC_RC_ROLE_ADR_LIST_VERSION; 01430 lol_info.key = RSBAC_RC_LIST_KEY; 01431 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01432 lol_info.data_size = 0; 01433 lol_info.subdesc_size = sizeof(rsbac_rc_role_id_t); 01434 lol_info.subdata_size = 0; 01435 lol_info.max_age = 0; 01436 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01437 &role_adr_handle, &lol_info, 01438 #if defined(CONFIG_RSBAC_RC_BACKUP) 01439 RSBAC_LIST_BACKUP | 01440 #endif 01441 RSBAC_LIST_PERSIST | 01442 RSBAC_LIST_REPLICATE | 01443 RSBAC_LIST_DEF_DATA | 01444 RSBAC_LIST_AUTO_HASH_RESIZE, 01445 NULL, 01446 NULL, NULL, NULL, 01447 NULL, NULL, 01448 RSBAC_RC_ROLE_ADR_FILENAME, 01449 RSBAC_AUTO_DEV, 01450 nr_role_hashes, 01451 (nr_role_hashes > 1) ? role_hash : NULL, 01452 NULL); 01453 if (err) { 01454 registration_error(err, "admin roles"); 01455 } 01456 lol_info.version = RSBAC_RC_ROLE_ASR_LIST_VERSION; 01457 lol_info.key = RSBAC_RC_LIST_KEY; 01458 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01459 lol_info.data_size = 0; 01460 lol_info.subdesc_size = sizeof(rsbac_rc_role_id_t); 01461 lol_info.subdata_size = 0; 01462 lol_info.max_age = 0; 01463 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01464 &role_asr_handle, &lol_info, 01465 #if defined(CONFIG_RSBAC_RC_BACKUP) 01466 RSBAC_LIST_BACKUP | 01467 #endif 01468 RSBAC_LIST_PERSIST | 01469 RSBAC_LIST_REPLICATE | 01470 RSBAC_LIST_DEF_DATA | 01471 RSBAC_LIST_AUTO_HASH_RESIZE, 01472 NULL, 01473 NULL, NULL, NULL, 01474 NULL, NULL, 01475 RSBAC_RC_ROLE_ASR_FILENAME, 01476 RSBAC_AUTO_DEV, 01477 nr_role_hashes, 01478 (nr_role_hashes > 1) ? role_hash : NULL, 01479 NULL); 01480 if (err) { 01481 registration_error(err, "assign roles"); 01482 } 01483 lol_info.version = RSBAC_RC_ROLE_DFDC_LIST_VERSION; 01484 lol_info.key = RSBAC_RC_LIST_KEY; 01485 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01486 lol_info.data_size = 0; 01487 lol_info.subdesc_size = sizeof(rsbac_rc_type_id_t); 01488 lol_info.subdata_size = sizeof(rsbac_rc_type_id_t); 01489 lol_info.max_age = 0; 01490 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01491 &role_dfdc_handle, &lol_info, 01492 #if defined(CONFIG_RSBAC_RC_BACKUP) 01493 RSBAC_LIST_BACKUP | 01494 #endif 01495 RSBAC_LIST_PERSIST | 01496 RSBAC_LIST_REPLICATE | 01497 RSBAC_LIST_DEF_DATA | 01498 RSBAC_LIST_AUTO_HASH_RESIZE, 01499 NULL, 01500 NULL, NULL, NULL, 01501 NULL, NULL, 01502 RSBAC_RC_ROLE_DFDC_FILENAME, 01503 RSBAC_AUTO_DEV, 01504 nr_role_hashes, 01505 (nr_role_hashes > 1) ? role_hash : NULL, 01506 NULL); 01507 if (err) { 01508 registration_error(err, "Role default FD create types"); 01509 } 01510 lol_info.version = RSBAC_RC_ROLE_TCFD_LIST_VERSION; 01511 lol_info.key = RSBAC_RC_LIST_KEY; 01512 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01513 lol_info.data_size = 0; 01514 lol_info.subdesc_size = sizeof(rsbac_rc_type_id_t); 01515 lol_info.subdata_size = sizeof(rsbac_rc_rights_vector_t); 01516 lol_info.max_age = 0; 01517 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01518 &role_tcfd_handle, &lol_info, 01519 #if defined(CONFIG_RSBAC_RC_BACKUP) 01520 RSBAC_LIST_BACKUP | 01521 #endif 01522 RSBAC_LIST_PERSIST | 01523 RSBAC_LIST_REPLICATE | 01524 RSBAC_LIST_DEF_DATA | 01525 RSBAC_LIST_DEF_SUBDATA | 01526 RSBAC_LIST_AUTO_HASH_RESIZE, 01527 NULL, 01528 NULL, 01529 tcfd_get_conv, tcfd_get_subconv, 01530 NULL, &def_tc, 01531 RSBAC_RC_ROLE_TCFD_FILENAME, 01532 RSBAC_AUTO_DEV, 01533 nr_role_hashes, 01534 (nr_role_hashes > 1) ? role_hash : NULL, 01535 NULL); 01536 if (err) { 01537 registration_error(err, "Role FD type compatibilities"); 01538 } 01539 lol_info.version = RSBAC_RC_ROLE_TCDV_LIST_VERSION; 01540 lol_info.key = RSBAC_RC_LIST_KEY; 01541 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01542 lol_info.data_size = 0; 01543 lol_info.subdesc_size = sizeof(rsbac_rc_type_id_t); 01544 lol_info.subdata_size = sizeof(rsbac_rc_rights_vector_t); 01545 lol_info.max_age = 0; 01546 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01547 &role_tcdv_handle, &lol_info, 01548 #if defined(CONFIG_RSBAC_RC_BACKUP) 01549 RSBAC_LIST_BACKUP | 01550 #endif 01551 RSBAC_LIST_PERSIST | 01552 RSBAC_LIST_REPLICATE | 01553 RSBAC_LIST_DEF_DATA | 01554 RSBAC_LIST_DEF_SUBDATA | 01555 RSBAC_LIST_AUTO_HASH_RESIZE, 01556 NULL, 01557 NULL, 01558 tcfd_get_conv, tcfd_get_subconv, 01559 NULL, &def_tc, 01560 RSBAC_RC_ROLE_TCDV_FILENAME, 01561 RSBAC_AUTO_DEV, 01562 nr_role_hashes, 01563 (nr_role_hashes > 1) ? role_hash : NULL, 01564 NULL); 01565 if (err) { 01566 registration_error(err, "Role DEV type compatibilities"); 01567 } 01568 lol_info.version = RSBAC_RC_ROLE_TCUS_LIST_VERSION; 01569 lol_info.key = RSBAC_RC_LIST_KEY; 01570 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01571 lol_info.data_size = 0; 01572 lol_info.subdesc_size = sizeof(rsbac_rc_type_id_t); 01573 lol_info.subdata_size = sizeof(rsbac_rc_rights_vector_t); 01574 lol_info.max_age = 0; 01575 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01576 &role_tcus_handle, &lol_info, 01577 #if defined(CONFIG_RSBAC_RC_BACKUP) 01578 RSBAC_LIST_BACKUP | 01579 #endif 01580 RSBAC_LIST_PERSIST | 01581 RSBAC_LIST_REPLICATE | 01582 RSBAC_LIST_DEF_DATA | 01583 RSBAC_LIST_DEF_SUBDATA | 01584 RSBAC_LIST_AUTO_HASH_RESIZE, 01585 NULL, 01586 NULL, 01587 tcfd_get_conv, tcfd_get_subconv, 01588 NULL, &def_tc, 01589 RSBAC_RC_ROLE_TCUS_FILENAME, 01590 RSBAC_AUTO_DEV, 01591 nr_role_hashes, 01592 (nr_role_hashes > 1) ? role_hash : NULL, 01593 NULL); 01594 if (err) { 01595 registration_error(err, "Role User type compatibilities"); 01596 } 01597 lol_info.version = RSBAC_RC_ROLE_TCPR_LIST_VERSION; 01598 lol_info.key = RSBAC_RC_LIST_KEY; 01599 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01600 lol_info.data_size = 0; 01601 lol_info.subdesc_size = sizeof(rsbac_rc_type_id_t); 01602 lol_info.subdata_size = sizeof(rsbac_rc_rights_vector_t); 01603 lol_info.max_age = 0; 01604 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01605 &role_tcpr_handle, &lol_info, 01606 #if defined(CONFIG_RSBAC_RC_BACKUP) 01607 RSBAC_LIST_BACKUP | 01608 #endif 01609 RSBAC_LIST_PERSIST | 01610 RSBAC_LIST_REPLICATE | 01611 RSBAC_LIST_DEF_DATA | 01612 RSBAC_LIST_DEF_SUBDATA | 01613 RSBAC_LIST_AUTO_HASH_RESIZE, 01614 NULL, 01615 NULL, 01616 tcfd_get_conv, tcfd_get_subconv, 01617 NULL, &def_tc, 01618 RSBAC_RC_ROLE_TCPR_FILENAME, 01619 RSBAC_AUTO_DEV, 01620 nr_role_hashes, 01621 (nr_role_hashes > 1) ? role_hash : NULL, 01622 NULL); 01623 if (err) { 01624 registration_error(err, 01625 "Role Process type compatibilities"); 01626 } 01627 lol_info.version = RSBAC_RC_ROLE_TCIP_LIST_VERSION; 01628 lol_info.key = RSBAC_RC_LIST_KEY; 01629 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01630 lol_info.data_size = 0; 01631 lol_info.subdesc_size = sizeof(rsbac_rc_type_id_t); 01632 lol_info.subdata_size = sizeof(rsbac_rc_rights_vector_t); 01633 lol_info.max_age = 0; 01634 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01635 &role_tcip_handle, &lol_info, 01636 #if defined(CONFIG_RSBAC_RC_BACKUP) 01637 RSBAC_LIST_BACKUP | 01638 #endif 01639 RSBAC_LIST_PERSIST | 01640 RSBAC_LIST_REPLICATE | 01641 RSBAC_LIST_DEF_DATA | 01642 RSBAC_LIST_DEF_SUBDATA | 01643 RSBAC_LIST_AUTO_HASH_RESIZE, 01644 NULL, 01645 NULL, 01646 tcfd_get_conv, tcfd_get_subconv, 01647 NULL, &def_tc, 01648 RSBAC_RC_ROLE_TCIP_FILENAME, 01649 RSBAC_AUTO_DEV, 01650 nr_role_hashes, 01651 (nr_role_hashes > 1) ? role_hash : NULL, 01652 NULL); 01653 if (err) { 01654 registration_error(err, "Role IPC type compatibilities"); 01655 } 01656 lol_info.version = RSBAC_RC_ROLE_TCSC_LIST_VERSION; 01657 lol_info.key = RSBAC_RC_LIST_KEY; 01658 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01659 lol_info.data_size = 0; 01660 lol_info.subdesc_size = sizeof(rsbac_rc_type_id_t); 01661 lol_info.subdata_size = sizeof(rsbac_rc_rights_vector_t); 01662 lol_info.max_age = 0; 01663 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01664 &role_tcsc_handle, &lol_info, 01665 #if defined(CONFIG_RSBAC_RC_BACKUP) 01666 RSBAC_LIST_BACKUP | 01667 #endif 01668 RSBAC_LIST_PERSIST | 01669 RSBAC_LIST_REPLICATE | 01670 RSBAC_LIST_DEF_DATA | 01671 RSBAC_LIST_DEF_SUBDATA | 01672 RSBAC_LIST_AUTO_HASH_RESIZE, 01673 NULL, 01674 NULL, 01675 tcfd_get_conv, tcfd_get_subconv, 01676 NULL, &def_tc, 01677 RSBAC_RC_ROLE_TCSC_FILENAME, 01678 RSBAC_AUTO_DEV, 01679 nr_role_hashes, 01680 (nr_role_hashes > 1) ? role_hash : NULL, 01681 NULL); 01682 if (err) { 01683 registration_error(err, "Role SCD type compatibilities"); 01684 } 01685 lol_info.version = RSBAC_RC_ROLE_TCGR_LIST_VERSION; 01686 lol_info.key = RSBAC_RC_LIST_KEY; 01687 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01688 lol_info.data_size = 0; 01689 lol_info.subdesc_size = sizeof(rsbac_rc_type_id_t); 01690 lol_info.subdata_size = sizeof(rsbac_rc_rights_vector_t); 01691 lol_info.max_age = 0; 01692 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01693 &role_tcgr_handle, &lol_info, 01694 #if defined(CONFIG_RSBAC_RC_BACKUP) 01695 RSBAC_LIST_BACKUP | 01696 #endif 01697 RSBAC_LIST_PERSIST | 01698 RSBAC_LIST_REPLICATE | 01699 RSBAC_LIST_DEF_DATA | 01700 RSBAC_LIST_DEF_SUBDATA | 01701 RSBAC_LIST_AUTO_HASH_RESIZE, 01702 NULL, 01703 NULL, 01704 tcfd_get_conv, tcfd_get_subconv, 01705 NULL, &def_tc, 01706 RSBAC_RC_ROLE_TCGR_FILENAME, 01707 RSBAC_AUTO_DEV, 01708 nr_role_hashes, 01709 (nr_role_hashes > 1) ? role_hash : NULL, 01710 NULL); 01711 if (err) { 01712 registration_error(err, "Role Group type compatibilities"); 01713 } 01714 lol_info.version = RSBAC_RC_ROLE_TCND_LIST_VERSION; 01715 lol_info.key = RSBAC_RC_LIST_KEY; 01716 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01717 lol_info.data_size = 0; 01718 lol_info.subdesc_size = sizeof(rsbac_rc_type_id_t); 01719 lol_info.subdata_size = sizeof(rsbac_rc_rights_vector_t); 01720 lol_info.max_age = 0; 01721 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01722 &role_tcnd_handle, &lol_info, 01723 #if defined(CONFIG_RSBAC_RC_BACKUP) 01724 RSBAC_LIST_BACKUP | 01725 #endif 01726 RSBAC_LIST_PERSIST | 01727 RSBAC_LIST_REPLICATE | 01728 RSBAC_LIST_DEF_DATA | 01729 RSBAC_LIST_DEF_SUBDATA | 01730 RSBAC_LIST_AUTO_HASH_RESIZE, 01731 NULL, 01732 NULL, 01733 tcfd_get_conv, tcfd_get_subconv, 01734 NULL, &def_tc, 01735 RSBAC_RC_ROLE_TCND_FILENAME, 01736 RSBAC_AUTO_DEV, 01737 nr_role_hashes, 01738 (nr_role_hashes > 1) ? role_hash : NULL, 01739 NULL); 01740 if (err) { 01741 registration_error(err, 01742 "Role NETDEV type compatibilities"); 01743 } 01744 lol_info.version = RSBAC_RC_ROLE_TCNT_LIST_VERSION; 01745 lol_info.key = RSBAC_RC_LIST_KEY; 01746 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01747 lol_info.data_size = 0; 01748 lol_info.subdesc_size = sizeof(rsbac_rc_type_id_t); 01749 lol_info.subdata_size = sizeof(rsbac_rc_rights_vector_t); 01750 lol_info.max_age = 0; 01751 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01752 &role_tcnt_handle, &lol_info, 01753 #if defined(CONFIG_RSBAC_RC_BACKUP) 01754 RSBAC_LIST_BACKUP | 01755 #endif 01756 RSBAC_LIST_PERSIST | 01757 RSBAC_LIST_REPLICATE | 01758 RSBAC_LIST_DEF_DATA | 01759 RSBAC_LIST_DEF_SUBDATA | 01760 RSBAC_LIST_AUTO_HASH_RESIZE, 01761 NULL, 01762 NULL, 01763 tcfd_get_conv, tcfd_get_subconv, 01764 NULL, &def_tc, 01765 RSBAC_RC_ROLE_TCNT_FILENAME, 01766 RSBAC_AUTO_DEV, 01767 nr_role_hashes, 01768 (nr_role_hashes > 1) ? role_hash : NULL, 01769 NULL); 01770 if (err) { 01771 registration_error(err, 01772 "Role NETTEMP type compatibilities"); 01773 } 01774 lol_info.version = RSBAC_RC_ROLE_TCNO_LIST_VERSION; 01775 lol_info.key = RSBAC_RC_LIST_KEY; 01776 lol_info.desc_size = sizeof(rsbac_rc_role_id_t); 01777 lol_info.data_size = 0; 01778 lol_info.subdesc_size = sizeof(rsbac_rc_type_id_t); 01779 lol_info.subdata_size = sizeof(rsbac_rc_rights_vector_t); 01780 lol_info.max_age = 0; 01781 err = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 01782 &role_tcno_handle, &lol_info, 01783 #if defined(CONFIG_RSBAC_RC_BACKUP) 01784 RSBAC_LIST_BACKUP | 01785 #endif 01786 RSBAC_LIST_PERSIST | 01787 RSBAC_LIST_REPLICATE | 01788 RSBAC_LIST_DEF_DATA | 01789 RSBAC_LIST_DEF_SUBDATA | 01790 RSBAC_LIST_AUTO_HASH_RESIZE, 01791 NULL, 01792 NULL, 01793 tcfd_get_conv, tcfd_get_subconv, 01794 NULL, &def_tc, 01795 RSBAC_RC_ROLE_TCNO_FILENAME, 01796 RSBAC_AUTO_DEV, 01797 nr_role_hashes, 01798 (nr_role_hashes > 1) ? role_hash : NULL, 01799 NULL); 01800 if (err) { 01801 registration_error(err, 01802 "Role NETOBJ type compatibilities"); 01803 } 01804 01805 /* Create default role settings, if none there */ 01806 if (!rsbac_no_defaults && !rsbac_list_count(role_handle)) { 01807 create_def_roles(); 01808 create_def_roles2(); 01809 } 01810 01811 list_info.version = RSBAC_RC_TYPE_FD_LIST_VERSION; 01812 list_info.key = RSBAC_RC_LIST_KEY; 01813 list_info.desc_size = sizeof(rsbac_rc_type_id_t); 01814 list_info.data_size = sizeof(struct rsbac_rc_type_fd_entry_t); 01815 list_info.max_age = 0; 01816 err = rsbac_list_register_hashed(RSBAC_LIST_VERSION, 01817 &type_fd_handle, &list_info, 01818 #if defined(CONFIG_RSBAC_RC_BACKUP) 01819 RSBAC_LIST_BACKUP | 01820 #endif 01821 RSBAC_LIST_PERSIST | 01822 RSBAC_LIST_REPLICATE | 01823 RSBAC_LIST_AUTO_HASH_RESIZE, 01824 NULL, NULL, NULL, 01825 RSBAC_RC_TYPE_FD_FILENAME, 01826 RSBAC_AUTO_DEV, 01827 nr_type_hashes, 01828 (nr_type_hashes > 1) ? type_hash : NULL, 01829 NULL); 01830 if (err) { 01831 registration_error(err, "type FD"); 01832 } 01833 if (!rsbac_no_defaults && !rsbac_list_count(type_fd_handle)) { 01834 rsbac_rc_type_id_t type; 01835 struct rsbac_rc_type_fd_entry_t entry; 01836 01837 type = RSBAC_RC_GENERAL_TYPE; 01838 strcpy(entry.name, "General FD"); 01839 entry.need_secdel = 0; 01840 rsbac_list_add(type_fd_handle, &type, &entry); 01841 type = RSBAC_RC_SEC_TYPE; 01842 strcpy(entry.name, "Security FD"); 01843 entry.need_secdel = 0; 01844 rsbac_list_add(type_fd_handle, &type, &entry); 01845 type = RSBAC_RC_SYS_TYPE; 01846 strcpy(entry.name, "System FD"); 01847 entry.need_secdel = 0; 01848 rsbac_list_add(type_fd_handle, &type, &entry); 01849 } 01850 list_info.version = RSBAC_RC_TYPE_DEV_LIST_VERSION; 01851 list_info.key = RSBAC_RC_LIST_KEY; 01852 list_info.desc_size = sizeof(rsbac_rc_type_id_t); 01853 list_info.data_size = RSBAC_RC_NAME_LEN; 01854 list_info.max_age = 0; 01855 err = rsbac_list_register_hashed(RSBAC_LIST_VERSION, 01856 &type_dev_handle, &list_info, 01857 #if defined(CONFIG_RSBAC_RC_BACKUP) 01858 RSBAC_LIST_BACKUP | 01859 #endif 01860 RSBAC_LIST_PERSIST | 01861 RSBAC_LIST_REPLICATE | 01862 RSBAC_LIST_AUTO_HASH_RESIZE, 01863 NULL, NULL, NULL, 01864 RSBAC_RC_TYPE_DEV_FILENAME, 01865 RSBAC_AUTO_DEV, 01866 nr_type_hashes, 01867 (nr_type_hashes > 1) ? type_hash : NULL, 01868 NULL); 01869 if (err) { 01870 registration_error(err, "type DEV"); 01871 } 01872 if (!rsbac_no_defaults && !rsbac_list_count(type_dev_handle)) { 01873 rsbac_rc_type_id_t type; 01874 char name[RSBAC_RC_NAME_LEN]; 01875 01876 type = RSBAC_RC_GENERAL_TYPE; 01877 strcpy(name, "General Device"); 01878 rsbac_list_add(type_dev_handle, &type, name); 01879 type = RSBAC_RC_SEC_TYPE; 01880 strcpy(name, "Security Device"); 01881 rsbac_list_add(type_dev_handle, &type, name); 01882 type = RSBAC_RC_SYS_TYPE; 01883 strcpy(name, "System Device"); 01884 rsbac_list_add(type_dev_handle, &type, &name); 01885 } 01886 list_info.version = RSBAC_RC_TYPE_IPC_LIST_VERSION; 01887 list_info.key = RSBAC_RC_LIST_KEY; 01888 list_info.desc_size = sizeof(rsbac_rc_type_id_t); 01889 list_info.data_size = RSBAC_RC_NAME_LEN; 01890 list_info.max_age = 0; 01891 err = rsbac_list_register_hashed(RSBAC_LIST_VERSION, 01892 &type_ipc_handle, &list_info, 01893 #if defined(CONFIG_RSBAC_RC_BACKUP) 01894 RSBAC_LIST_BACKUP | 01895 #endif 01896 RSBAC_LIST_PERSIST | 01897 RSBAC_LIST_REPLICATE | 01898 RSBAC_LIST_AUTO_HASH_RESIZE, 01899 NULL, NULL, NULL, 01900 RSBAC_RC_TYPE_IPC_FILENAME, 01901 RSBAC_AUTO_DEV, 01902 nr_type_hashes, 01903 (nr_type_hashes > 1) ? type_hash : NULL, 01904 NULL); 01905 if (err) { 01906 registration_error(err, "type IPC"); 01907 } 01908 if (!rsbac_no_defaults && !rsbac_list_count(type_ipc_handle)) { 01909 rsbac_rc_type_id_t type; 01910 char name[RSBAC_RC_NAME_LEN]; 01911 01912 type = RSBAC_RC_GENERAL_TYPE; 01913 strcpy(name, "General IPC"); 01914 rsbac_list_add(type_ipc_handle, &type, name); 01915 type = RSBAC_RC_SEC_TYPE; 01916 strcpy(name, "Security IPC"); 01917 rsbac_list_add(type_ipc_handle, &type, name); 01918 type = RSBAC_RC_SYS_TYPE; 01919 strcpy(name, "System IPC"); 01920 rsbac_list_add(type_ipc_handle, &type, &name); 01921 } 01922 list_info.version = RSBAC_RC_TYPE_USER_LIST_VERSION; 01923 list_info.key = RSBAC_RC_LIST_KEY; 01924 list_info.desc_size = sizeof(rsbac_rc_type_id_t); 01925 list_info.data_size = RSBAC_RC_NAME_LEN; 01926 list_info.max_age = 0; 01927 err = rsbac_list_register_hashed(RSBAC_LIST_VERSION, 01928 &type_user_handle, &list_info, 01929 #if defined(CONFIG_RSBAC_RC_BACKUP) 01930 RSBAC_LIST_BACKUP | 01931 #endif 01932 RSBAC_LIST_PERSIST | 01933 RSBAC_LIST_REPLICATE | 01934 RSBAC_LIST_AUTO_HASH_RESIZE, 01935 NULL, NULL, NULL, 01936 RSBAC_RC_TYPE_USER_FILENAME, 01937 RSBAC_AUTO_DEV, 01938 nr_type_hashes, 01939 (nr_type_hashes > 1) ? type_hash : NULL, 01940 NULL); 01941 if (err) { 01942 registration_error(err, "type USER"); 01943 } 01944 if (!rsbac_no_defaults && !rsbac_list_count(type_user_handle)) { 01945 rsbac_rc_type_id_t type; 01946 char name[RSBAC_RC_NAME_LEN]; 01947 01948 type = RSBAC_RC_GENERAL_TYPE; 01949 strcpy(name, "General User"); 01950 rsbac_list_add(type_user_handle, &type, name); 01951 type = RSBAC_RC_SEC_TYPE; 01952 strcpy(name, "Security User"); 01953 rsbac_list_add(type_user_handle, &type, name); 01954 type = RSBAC_RC_SYS_TYPE; 01955 strcpy(name, "System User"); 01956 rsbac_list_add(type_user_handle, &type, &name); 01957 } 01958 list_info.version = RSBAC_RC_TYPE_PROCESS_LIST_VERSION; 01959 list_info.key = RSBAC_RC_LIST_KEY; 01960 list_info.desc_size = sizeof(rsbac_rc_type_id_t); 01961 list_info.data_size = RSBAC_RC_NAME_LEN; 01962 list_info.max_age = 0; 01963 err = rsbac_list_register_hashed(RSBAC_LIST_VERSION, 01964 &type_process_handle, &list_info, 01965 #if defined(CONFIG_RSBAC_RC_BACKUP) 01966 RSBAC_LIST_BACKUP | 01967 #endif 01968 RSBAC_LIST_PERSIST | 01969 RSBAC_LIST_REPLICATE | 01970 RSBAC_LIST_AUTO_HASH_RESIZE, 01971 NULL, NULL, NULL, 01972 RSBAC_RC_TYPE_PROCESS_FILENAME, 01973 RSBAC_AUTO_DEV, 01974 nr_type_hashes, 01975 (nr_type_hashes > 1) ? type_hash : NULL, 01976 NULL); 01977 if (err) { 01978 registration_error(err, "type PROCESS"); 01979 } 01980 if (!rsbac_no_defaults && !rsbac_list_count(type_process_handle)) { 01981 rsbac_rc_type_id_t type; 01982 char name[RSBAC_RC_NAME_LEN]; 01983 01984 type = RSBAC_RC_GENERAL_TYPE; 01985 strcpy(name, "General Process"); 01986 rsbac_list_add(type_process_handle, &type, name); 01987 type = RSBAC_RC_SEC_TYPE; 01988 strcpy(name, "Security Proc"); 01989 rsbac_list_add(type_process_handle, &type, name); 01990 type = RSBAC_RC_SYS_TYPE; 01991 strcpy(name, "System Process"); 01992 rsbac_list_add(type_process_handle, &type, &name); 01993 } 01994 if (!rsbac_no_defaults) { 01995 rsbac_rc_type_id_t type = 01996 CONFIG_RSBAC_RC_KERNEL_PROCESS_TYPE; 01997 01998 if (!rsbac_list_exist(type_process_handle, &type)) { 01999 char name[RSBAC_RC_NAME_LEN]; 02000 rsbac_rc_role_id_t *role_array; 02001 u_long count; 02002 rsbac_rc_rights_vector_t rights; 02003 02004 strcpy(name, "Kernel Process"); 02005 rsbac_list_add(type_process_handle, &type, &name); 02006 02007 /* Set type compatibilities for the new type for all roles */ 02008 rights = RSBAC_READ_WRITE_REQUEST_VECTOR 02009 & RSBAC_PROCESS_REQUEST_VECTOR; 02010 02011 count = 02012 rsbac_list_lol_get_all_desc(role_tcpr_handle, 02013 (void **) 02014 &role_array); 02015 if (count > 0) { 02016 u_int i; 02017 02018 for (i = 0; i < count; i++) { 02019 if (!rsbac_list_lol_subexist 02020 (role_tcpr_handle, 02021 &role_array[i], &type)) 02022 rsbac_list_lol_subadd 02023 (role_tcpr_handle, 02024 &role_array[i], &type, 02025 &rights); 02026 } 02027 rsbac_vfree(role_array); 02028 } 02029 } 02030 } 02031 list_info.version = RSBAC_RC_TYPE_GROUP_LIST_VERSION; 02032 list_info.key = RSBAC_RC_LIST_KEY; 02033 list_info.desc_size = sizeof(rsbac_rc_type_id_t); 02034 list_info.data_size = RSBAC_RC_NAME_LEN; 02035 list_info.max_age = 0; 02036 err = rsbac_list_register_hashed(RSBAC_LIST_VERSION, 02037 &type_group_handle, &list_info, 02038 #if defined(CONFIG_RSBAC_RC_BACKUP) 02039 RSBAC_LIST_BACKUP | 02040 #endif 02041 RSBAC_LIST_PERSIST | 02042 RSBAC_LIST_REPLICATE | 02043 RSBAC_LIST_AUTO_HASH_RESIZE, 02044 NULL, NULL, NULL, 02045 RSBAC_RC_TYPE_GROUP_FILENAME, 02046 RSBAC_AUTO_DEV, 02047 nr_type_hashes, 02048 (nr_type_hashes > 1) ? type_hash : NULL, 02049 NULL); 02050 if (err) { 02051 registration_error(err, "type GROUP"); 02052 } 02053 if (!rsbac_no_defaults && !rsbac_list_count(type_group_handle)) { 02054 rsbac_rc_type_id_t type; 02055 char name[RSBAC_RC_NAME_LEN]; 02056 02057 type = RSBAC_RC_GENERAL_TYPE; 02058 strcpy(name, "General Group"); 02059 rsbac_list_add(type_group_handle, &type, name); 02060 } 02061 list_info.version = RSBAC_RC_TYPE_NETDEV_LIST_VERSION; 02062 list_info.key = RSBAC_RC_LIST_KEY; 02063 list_info.desc_size = sizeof(rsbac_rc_type_id_t); 02064 list_info.data_size = RSBAC_RC_NAME_LEN; 02065 list_info.max_age = 0; 02066 err = rsbac_list_register_hashed(RSBAC_LIST_VERSION, 02067 &type_netdev_handle, &list_info, 02068 #if defined(CONFIG_RSBAC_RC_BACKUP) 02069 RSBAC_LIST_BACKUP | 02070 #endif 02071 RSBAC_LIST_PERSIST | 02072 RSBAC_LIST_REPLICATE | 02073 RSBAC_LIST_AUTO_HASH_RESIZE, 02074 NULL, NULL, NULL, 02075 RSBAC_RC_TYPE_NETDEV_FILENAME, 02076 RSBAC_AUTO_DEV, 02077 nr_type_hashes, 02078 (nr_type_hashes > 1) ? type_hash : NULL, 02079 NULL); 02080 if (err) { 02081 registration_error(err, "type NETDEV"); 02082 } 02083 if (!rsbac_no_defaults && !rsbac_list_count(type_netdev_handle)) { 02084 rsbac_rc_type_id_t type; 02085 char name[RSBAC_RC_NAME_LEN]; 02086 02087 type = RSBAC_RC_GENERAL_TYPE; 02088 strcpy(name, "General NETDEV"); 02089 rsbac_list_add(type_netdev_handle, &type, name); 02090 type = RSBAC_RC_SEC_TYPE; 02091 strcpy(name, "Security NETDEV"); 02092 rsbac_list_add(type_netdev_handle, &type, name); 02093 type = RSBAC_RC_SYS_TYPE; 02094 strcpy(name, "System NETDEV"); 02095 rsbac_list_add(type_netdev_handle, &type, &name); 02096 } 02097 list_info.version = RSBAC_RC_TYPE_NETTEMP_LIST_VERSION; 02098 list_info.key = RSBAC_RC_LIST_KEY; 02099 list_info.desc_size = sizeof(rsbac_rc_type_id_t); 02100 list_info.data_size = RSBAC_RC_NAME_LEN; 02101 list_info.max_age = 0; 02102 err = rsbac_list_register_hashed(RSBAC_LIST_VERSION, 02103 &type_nettemp_handle, &list_info, 02104 #if defined(CONFIG_RSBAC_RC_BACKUP) 02105 RSBAC_LIST_BACKUP | 02106 #endif 02107 RSBAC_LIST_PERSIST | 02108 RSBAC_LIST_REPLICATE | 02109 RSBAC_LIST_AUTO_HASH_RESIZE, 02110 NULL, NULL, NULL, 02111 RSBAC_RC_TYPE_NETTEMP_FILENAME, 02112 RSBAC_AUTO_DEV, 02113 nr_type_hashes, 02114 (nr_type_hashes > 1) ? type_hash : NULL, 02115 NULL); 02116 if (err) { 02117 registration_error(err, "type NETTEMP"); 02118 } 02119 if (!rsbac_no_defaults && !rsbac_list_count(type_nettemp_handle)) { 02120 rsbac_rc_type_id_t type; 02121 char name[RSBAC_RC_NAME_LEN]; 02122 02123 type = RSBAC_RC_GENERAL_TYPE; 02124 strcpy(name, "General NETTEMP"); 02125 rsbac_list_add(type_nettemp_handle, &type, name); 02126 type = RSBAC_RC_SEC_TYPE; 02127 strcpy(name, "Securit NETTEMP"); 02128 rsbac_list_add(type_nettemp_handle, &type, name); 02129 type = RSBAC_RC_SYS_TYPE; 02130 strcpy(name, "System NETTEMP"); 02131 rsbac_list_add(type_nettemp_handle, &type, &name); 02132 } 02133 list_info.version = RSBAC_RC_TYPE_NETOBJ_LIST_VERSION; 02134 list_info.key = RSBAC_RC_LIST_KEY; 02135 list_info.desc_size = sizeof(rsbac_rc_type_id_t); 02136 list_info.data_size = RSBAC_RC_NAME_LEN; 02137 list_info.max_age = 0; 02138 err = rsbac_list_register_hashed(RSBAC_LIST_VERSION, 02139 &type_netobj_handle, &list_info, 02140 #if defined(CONFIG_RSBAC_RC_BACKUP) 02141 RSBAC_LIST_BACKUP | 02142 #endif 02143 RSBAC_LIST_PERSIST | 02144 RSBAC_LIST_REPLICATE | 02145 RSBAC_LIST_AUTO_HASH_RESIZE, 02146 NULL, NULL, NULL, 02147 RSBAC_RC_TYPE_NETOBJ_FILENAME, 02148 RSBAC_AUTO_DEV, 02149 nr_type_hashes, 02150 (nr_type_hashes > 1) ? type_hash : NULL, 02151 NULL); 02152 if (err) { 02153 registration_error(err, "type NETOBJ"); 02154 } 02155 if (!rsbac_no_defaults && !rsbac_list_count(type_netobj_handle)) { 02156 rsbac_rc_type_id_t type; 02157 char name[RSBAC_RC_NAME_LEN]; 02158 02159 type = RSBAC_RC_GENERAL_TYPE; 02160 strcpy(name, "General NETOBJ"); 02161 rsbac_list_add(type_netobj_handle, &type, name); 02162 type = RSBAC_RC_SEC_TYPE; 02163 strcpy(name, "Security NETOBJ"); 02164 rsbac_list_add(type_netobj_handle, &type, name); 02165 type = RSBAC_RC_SYS_TYPE; 02166 strcpy(name, "System NETOBJ"); 02167 rsbac_list_add(type_netobj_handle, &type, &name); 02168 } 02169 rsbac_pr_debug(stack, "free stack before adding proc entry: %lu\n", 02170 rsbac_stack_free_space()); 02171 #if defined(CONFIG_RSBAC_PROC) 02172 tmp_entry_p = create_proc_entry("stats_rc", 02173 S_IFREG | S_IRUGO, 02174 proc_rsbac_root_p); 02175 if (tmp_entry_p) { 02176 tmp_entry_p->get_info = stats_rc_proc_info; 02177 } 02178 #endif 02179 rsbac_pr_debug(stack, "final free stack: %lu\n", 02180 rsbac_stack_free_space()); 02181 rsbac_pr_debug(ds_rc, "Ready.\n"); 02182 return (err); 02183 }
rsbac_boolean_t rsbac_rc_check_comp | ( | rsbac_rc_role_id_t | role, | |
union rsbac_rc_target_id_t | subtid, | |||
enum rsbac_rc_item_t | item, | |||
enum rsbac_rc_special_rights_t | right | |||
) |
Definition at line 3196 of file rc_data_structures.c.
References FALSE, RC_role_max_value, RI_admin_roles, RI_assign_roles, RI_role_comp, RI_type_comp_dev, RI_type_comp_fd, RI_type_comp_group, RI_type_comp_ipc, RI_type_comp_netdev, RI_type_comp_netobj, RI_type_comp_nettemp, RI_type_comp_process, RI_type_comp_scd, RI_type_comp_user, rsbac_rc_target_id_t::role, role_adr_handle, role_asr_handle, role_rc_handle, role_tcdv_handle, role_tcfd_handle, role_tcgr_handle, role_tcip_handle, role_tcnd_handle, role_tcno_handle, role_tcnt_handle, role_tcpr_handle, role_tcsc_handle, role_tcus_handle, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_list_lol_get_subdata(), rsbac_list_lol_subexist(), rsbac_printk(), RSBAC_RC_RIGHTS_VECTOR, TRUE, and rsbac_rc_target_id_t::type.
Referenced by check_comp_rc(), check_comp_rc_scd(), rsbac_adf_request_rc(), rsbac_rc_check_type_comp(), rsbac_rc_sys_change_role(), rsbac_rc_sys_set_item(), rsbac_rc_test_admin_roles(), and rsbac_rc_test_assign_roles().
03200 { 03201 rsbac_rc_rights_vector_t rights_vector; 03202 03203 if (!rsbac_is_initialized()) { 03204 rsbac_printk(KERN_WARNING "rsbac_rc_check_comp(): RSBAC not initialized\n"); 03205 return (-RSBAC_ENOTINITIALIZED); 03206 } 03207 if (in_interrupt()) { 03208 rsbac_printk(KERN_WARNING "rsbac_rc_check_comp(): called from interrupt!\n"); 03209 } 03210 if (role > RC_role_max_value) 03211 return FALSE; 03212 /* 03213 rsbac_pr_debug(ds_rc, "checking role compatibility\n"); 03214 */ 03215 switch (item) { 03216 case RI_role_comp: 03217 return rsbac_list_lol_subexist(role_rc_handle, &role, 03218 &subtid.role); 03219 case RI_admin_roles: 03220 return rsbac_list_lol_subexist(role_adr_handle, &role, 03221 &subtid.role); 03222 case RI_assign_roles: 03223 return rsbac_list_lol_subexist(role_asr_handle, &role, 03224 &subtid.role); 03225 case RI_type_comp_fd: 03226 if (!rsbac_list_lol_get_subdata 03227 (role_tcfd_handle, &role, &subtid.type, &rights_vector) 03228 && (rights_vector & RSBAC_RC_RIGHTS_VECTOR(right)) 03229 ) 03230 return TRUE; 03231 else 03232 return FALSE; 03233 case RI_type_comp_dev: 03234 if (!rsbac_list_lol_get_subdata 03235 (role_tcdv_handle, &role, &subtid.type, &rights_vector) 03236 && (rights_vector & RSBAC_RC_RIGHTS_VECTOR(right)) 03237 ) 03238 return TRUE; 03239 else 03240 return FALSE; 03241 case RI_type_comp_user: 03242 if (!rsbac_list_lol_get_subdata 03243 (role_tcus_handle, &role, &subtid.type, &rights_vector) 03244 && (rights_vector & RSBAC_RC_RIGHTS_VECTOR(right)) 03245 ) 03246 return TRUE; 03247 else 03248 return FALSE; 03249 case RI_type_comp_process: 03250 if (!rsbac_list_lol_get_subdata 03251 (role_tcpr_handle, &role, &subtid.type, &rights_vector) 03252 && (rights_vector & RSBAC_RC_RIGHTS_VECTOR(right)) 03253 ) 03254 return TRUE; 03255 else 03256 return FALSE; 03257 case RI_type_comp_ipc: 03258 if (!rsbac_list_lol_get_subdata 03259 (role_tcip_handle, &role, &subtid.type, &rights_vector) 03260 && (rights_vector & RSBAC_RC_RIGHTS_VECTOR(right)) 03261 ) 03262 return TRUE; 03263 else 03264 return FALSE; 03265 case RI_type_comp_scd: 03266 if (!rsbac_list_lol_get_subdata 03267 (role_tcsc_handle, &role, &subtid.type, &rights_vector) 03268 && (rights_vector & RSBAC_RC_RIGHTS_VECTOR(right)) 03269 ) 03270 return TRUE; 03271 else 03272 return FALSE; 03273 case RI_type_comp_group: 03274 if (!rsbac_list_lol_get_subdata 03275 (role_tcgr_handle, &role, &subtid.type, &rights_vector) 03276 && (rights_vector & RSBAC_RC_RIGHTS_VECTOR(right)) 03277 ) 03278 return TRUE; 03279 else 03280 return FALSE; 03281 case RI_type_comp_netdev: 03282 if (!rsbac_list_lol_get_subdata 03283 (role_tcnd_handle, &role, &subtid.type, &rights_vector) 03284 && (rights_vector & RSBAC_RC_RIGHTS_VECTOR(right)) 03285 ) 03286 return TRUE; 03287 else 03288 return FALSE; 03289 case RI_type_comp_nettemp: 03290 if (!rsbac_list_lol_get_subdata 03291 (role_tcnt_handle, &role, &subtid.type, &rights_vector) 03292 && (rights_vector & RSBAC_RC_RIGHTS_VECTOR(right)) 03293 ) 03294 return TRUE; 03295 else 03296 return FALSE; 03297 case RI_type_comp_netobj: 03298 if (!rsbac_list_lol_get_subdata 03299 (role_tcno_handle, &role, &subtid.type, &rights_vector) 03300 && (rights_vector & RSBAC_RC_RIGHTS_VECTOR(right)) 03301 ) 03302 return TRUE; 03303 else 03304 return FALSE; 03305 03306 default: 03307 rsbac_printk(KERN_WARNING "rsbac_rc_check_comp(): called for invalid item %u\n", 03308 item); 03309 return FALSE; 03310 } 03311 } /* end of rsbac_rc_check_comp() */
int rsbac_rc_copy_role | ( | rsbac_list_ta_number_t | ta_number, | |
rsbac_rc_role_id_t | from_role, | |||
rsbac_rc_role_id_t | to_role | |||
) |
Definition at line 2284 of file rc_data_structures.c.
References NULL, RC_role_max_value, role_adr_handle, role_asr_handle, role_dfdc_handle, role_handle, role_rc_handle, role_tcdv_handle, role_tcfd_handle, role_tcgr_handle, role_tcip_handle, role_tcnd_handle, role_tcno_handle, role_tcnt_handle, role_tcpr_handle, role_tcsc_handle, role_tcus_handle, RSBAC_EINVALIDTARGET, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_list_lol_get_subitem_size(), rsbac_printk(), rsbac_ta_list_add_ttl(), rsbac_ta_list_get_data_ttl(), rsbac_ta_list_lol_get_all_subdesc_ttl(), rsbac_ta_list_lol_get_all_subitems_ttl(), rsbac_ta_list_lol_remove(), rsbac_ta_list_lol_subadd_ttl(), and rsbac_vfree.
Referenced by rsbac_rc_sys_copy_role().
02287 { 02288 struct rsbac_rc_role_entry_t entry; 02289 rsbac_rc_role_id_t *role_array; 02290 char *item_array; 02291 long count; 02292 u_long i; 02293 int err; 02294 02295 if (!rsbac_is_initialized()) { 02296 rsbac_printk(KERN_WARNING "rsbac_rc_copy_role(): RSBAC not initialized\n"); 02297 return (-RSBAC_ENOTINITIALIZED); 02298 } 02299 if ((from_role > RC_role_max_value) 02300 || (to_role > RC_role_max_value) 02301 || (to_role == from_role) 02302 ) 02303 return (-RSBAC_EINVALIDTARGET); 02304 02305 /* copy */ 02306 err = 02307 rsbac_ta_list_get_data_ttl(ta_number, role_handle, NULL, 02308 &from_role, &entry); 02309 if (err) 02310 return err; 02311 err = 02312 rsbac_ta_list_add_ttl(ta_number, role_handle, 0, &to_role, 02313 &entry); 02314 if (err) 02315 return err; 02316 02317 rsbac_ta_list_lol_remove(ta_number, role_rc_handle, &to_role); 02318 count = 02319 rsbac_ta_list_lol_get_all_subdesc_ttl(ta_number, 02320 role_rc_handle, 02321 &from_role, 02322 (void **) &role_array, 02323 NULL); 02324 if (count > 0) { 02325 for (i = 0; i < count; i++) 02326 rsbac_ta_list_lol_subadd_ttl(ta_number, 02327 role_rc_handle, 0, 02328 &to_role, 02329 &role_array[i], 0); 02330 rsbac_vfree(role_array); 02331 } 02332 rsbac_ta_list_lol_remove(ta_number, role_adr_handle, &to_role); 02333 count = 02334 rsbac_ta_list_lol_get_all_subdesc_ttl(ta_number, 02335 role_adr_handle, 02336 &from_role, 02337 (void **) &role_array, 02338 NULL); 02339 if (count > 0) { 02340 for (i = 0; i < count; i++) 02341 rsbac_ta_list_lol_subadd_ttl(ta_number, 02342 role_adr_handle, 0, 02343 &to_role, 02344 &role_array[i], 0); 02345 rsbac_vfree(role_array); 02346 } 02347 rsbac_ta_list_lol_remove(ta_number, role_asr_handle, &to_role); 02348 count = 02349 rsbac_ta_list_lol_get_all_subdesc_ttl(ta_number, 02350 role_asr_handle, 02351 &from_role, 02352 (void **) &role_array, 02353 NULL); 02354 if (count > 0) { 02355 for (i = 0; i < count; i++) 02356 rsbac_ta_list_lol_subadd_ttl(ta_number, 02357 role_asr_handle, 0, 02358 &to_role, 02359 &role_array[i], 0); 02360 rsbac_vfree(role_array); 02361 } 02362 rsbac_ta_list_lol_remove(ta_number, role_dfdc_handle, &to_role); 02363 count = 02364 rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, 02365 role_dfdc_handle, 02366 &from_role, 02367 (void **) &item_array, 02368 NULL); 02369 if (count > 0) { 02370 char *tmp = item_array; 02371 int size = 02372 rsbac_list_lol_get_subitem_size(role_dfdc_handle); 02373 02374 for (i = 0; i < count; i++) { 02375 rsbac_ta_list_lol_subadd_ttl(ta_number, 02376 role_dfdc_handle, 0, 02377 &to_role, tmp, 02378 tmp + 02379 sizeof 02380 (rsbac_rc_role_id_t)); 02381 tmp += size; 02382 } 02383 rsbac_vfree(item_array); 02384 } 02385 rsbac_ta_list_lol_remove(ta_number, role_tcfd_handle, &to_role); 02386 count = 02387 rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, 02388 role_tcfd_handle, 02389 &from_role, 02390 (void **) &item_array, 02391 NULL); 02392 if (count > 0) { 02393 char *tmp = item_array; 02394 int size = 02395 rsbac_list_lol_get_subitem_size(role_tcfd_handle); 02396 02397 for (i = 0; i < count; i++) { 02398 rsbac_ta_list_lol_subadd_ttl(ta_number, 02399 role_tcfd_handle, 0, 02400 &to_role, tmp, 02401 tmp + 02402 sizeof 02403 (rsbac_rc_role_id_t)); 02404 tmp += size; 02405 } 02406 rsbac_vfree(item_array); 02407 } 02408 rsbac_ta_list_lol_remove(ta_number, role_tcdv_handle, &to_role); 02409 count = 02410 rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, 02411 role_tcdv_handle, 02412 &from_role, 02413 (void **) &item_array, 02414 NULL); 02415 if (count > 0) { 02416 char *tmp = item_array; 02417 int size = 02418 rsbac_list_lol_get_subitem_size(role_tcdv_handle); 02419 02420 for (i = 0; i < count; i++) { 02421 rsbac_ta_list_lol_subadd_ttl(ta_number, 02422 role_tcdv_handle, 0, 02423 &to_role, tmp, 02424 tmp + 02425 sizeof 02426 (rsbac_rc_role_id_t)); 02427 tmp += size; 02428 } 02429 rsbac_vfree(item_array); 02430 } 02431 rsbac_ta_list_lol_remove(ta_number, role_tcus_handle, &to_role); 02432 count = 02433 rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, 02434 role_tcus_handle, 02435 &from_role, 02436 (void **) &item_array, 02437 NULL); 02438 if (count > 0) { 02439 char *tmp = item_array; 02440 int size = 02441 rsbac_list_lol_get_subitem_size(role_tcus_handle); 02442 02443 for (i = 0; i < count; i++) { 02444 rsbac_ta_list_lol_subadd_ttl(ta_number, 02445 role_tcus_handle, 0, 02446 &to_role, tmp, 02447 tmp + 02448 sizeof 02449 (rsbac_rc_role_id_t)); 02450 tmp += size; 02451 } 02452 rsbac_vfree(item_array); 02453 } 02454 rsbac_ta_list_lol_remove(ta_number, role_tcpr_handle, &to_role); 02455 count = 02456 rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, 02457 role_tcpr_handle, 02458 &from_role, 02459 (void **) &item_array, 02460 NULL); 02461 if (count > 0) { 02462 char *tmp = item_array; 02463 int size = 02464 rsbac_list_lol_get_subitem_size(role_tcpr_handle); 02465 02466 for (i = 0; i < count; i++) { 02467 rsbac_ta_list_lol_subadd_ttl(ta_number, 02468 role_tcpr_handle, 0, 02469 &to_role, tmp, 02470 tmp + 02471 sizeof 02472 (rsbac_rc_role_id_t)); 02473 tmp += size; 02474 } 02475 rsbac_vfree(item_array); 02476 } 02477 rsbac_ta_list_lol_remove(ta_number, role_tcip_handle, &to_role); 02478 count = 02479 rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, 02480 role_tcip_handle, 02481 &from_role, 02482 (void **) &item_array, 02483 NULL); 02484 if (count > 0) { 02485 char *tmp = item_array; 02486 int size = 02487 rsbac_list_lol_get_subitem_size(role_tcip_handle); 02488 02489 for (i = 0; i < count; i++) { 02490 rsbac_ta_list_lol_subadd_ttl(ta_number, 02491 role_tcip_handle, 0, 02492 &to_role, tmp, 02493 tmp + 02494 sizeof 02495 (rsbac_rc_role_id_t)); 02496 tmp += size; 02497 } 02498 rsbac_vfree(item_array); 02499 } 02500 rsbac_ta_list_lol_remove(ta_number, role_tcsc_handle, &to_role); 02501 count = 02502 rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, 02503 role_tcsc_handle, 02504 &from_role, 02505 (void **) &item_array, 02506 NULL); 02507 if (count > 0) { 02508 char *tmp = item_array; 02509 int size = 02510 rsbac_list_lol_get_subitem_size(role_tcsc_handle); 02511 02512 for (i = 0; i < count; i++) { 02513 rsbac_ta_list_lol_subadd_ttl(ta_number, 02514 role_tcsc_handle, 0, 02515 &to_role, tmp, 02516 tmp + 02517 sizeof 02518 (rsbac_rc_role_id_t)); 02519 tmp += size; 02520 } 02521 rsbac_vfree(item_array); 02522 } 02523 rsbac_ta_list_lol_remove(ta_number, role_tcgr_handle, &to_role); 02524 count = 02525 rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, 02526 role_tcgr_handle, 02527 &from_role, 02528 (void **) &item_array, 02529 NULL); 02530 if (count > 0) { 02531 char *tmp = item_array; 02532 int size = 02533 rsbac_list_lol_get_subitem_size(role_tcgr_handle); 02534 02535 for (i = 0; i < count; i++) { 02536 rsbac_ta_list_lol_subadd_ttl(ta_number, 02537 role_tcgr_handle, 0, 02538 &to_role, tmp, 02539 tmp + 02540 sizeof 02541 (rsbac_rc_role_id_t)); 02542 tmp += size; 02543 } 02544 rsbac_vfree(item_array); 02545 } 02546 rsbac_ta_list_lol_remove(ta_number, role_tcnd_handle, &to_role); 02547 count = 02548 rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, 02549 role_tcnd_handle, 02550 &from_role, 02551 (void **) &item_array, 02552 NULL); 02553 if (count > 0) { 02554 char *tmp = item_array; 02555 int size = 02556 rsbac_list_lol_get_subitem_size(role_tcnd_handle); 02557 02558 for (i = 0; i < count; i++) { 02559 rsbac_ta_list_lol_subadd_ttl(ta_number, 02560 role_tcnd_handle, 0, 02561 &to_role, tmp, 02562 tmp + 02563 sizeof 02564 (rsbac_rc_role_id_t)); 02565 tmp += size; 02566 } 02567 rsbac_vfree(item_array); 02568 } 02569 rsbac_ta_list_lol_remove(ta_number, role_tcnt_handle, &to_role); 02570 count = 02571 rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, 02572 role_tcnt_handle, 02573 &from_role, 02574 (void **) &item_array, 02575 NULL); 02576 if (count > 0) { 02577 char *tmp = item_array; 02578 int size = 02579 rsbac_list_lol_get_subitem_size(role_tcnt_handle); 02580 02581 for (i = 0; i < count; i++) { 02582 rsbac_ta_list_lol_subadd_ttl(ta_number, 02583 role_tcnt_handle, 0, 02584 &to_role, tmp, 02585 tmp + 02586 sizeof 02587 (rsbac_rc_role_id_t)); 02588 tmp += size; 02589 } 02590 rsbac_vfree(item_array); 02591 } 02592 rsbac_ta_list_lol_remove(ta_number, role_tcno_handle, &to_role); 02593 count = 02594 rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, 02595 role_tcno_handle, 02596 &from_role, 02597 (void **) &item_array, 02598 NULL); 02599 if (count > 0) { 02600 char *tmp = item_array; 02601 int size = 02602 rsbac_list_lol_get_subitem_size(role_tcno_handle); 02603 02604 for (i = 0; i < count; i++) { 02605 rsbac_ta_list_lol_subadd_ttl(ta_number, 02606 role_tcno_handle, 0, 02607 &to_role, tmp, 02608 tmp + 02609 sizeof 02610 (rsbac_rc_role_id_t)); 02611 tmp += size; 02612 } 02613 rsbac_vfree(item_array); 02614 } 02615 return 0; 02616 }
int rsbac_rc_copy_type | ( | rsbac_list_ta_number_t | ta_number, | |
enum rsbac_rc_target_t | target, | |||
rsbac_rc_type_id_t | from_type, | |||
rsbac_rc_type_id_t | to_type | |||
) |
Definition at line 2618 of file rc_data_structures.c.
Referenced by rsbac_rc_sys_copy_type().
02622 { 02623 rsbac_rc_role_id_t *role_array; 02624 rsbac_list_handle_t i_type_handle = NULL; 02625 rsbac_list_handle_t i_comp_handle = NULL; 02626 struct rsbac_rc_type_fd_entry_t type_fd_entry; 02627 char type_name[RSBAC_RC_NAME_LEN]; 02628 long count; 02629 rsbac_time_t ttl; 02630 u_long i; 02631 int err; 02632 02633 if (!rsbac_is_initialized()) { 02634 rsbac_printk(KERN_WARNING "rsbac_rc_copy_type(): RSBAC not initialized\n"); 02635 return (-RSBAC_ENOTINITIALIZED); 02636 } 02637 if ((from_type > RC_type_max_value) 02638 || (to_type > RC_type_max_value) 02639 || (to_type == from_type) 02640 ) 02641 return (-RSBAC_EINVALIDTARGET); 02642 02643 switch (target) { 02644 case T_FILE: 02645 case T_DIR: 02646 case T_FIFO: 02647 case T_SYMLINK: 02648 case T_FD: 02649 i_type_handle = type_fd_handle; 02650 i_comp_handle = role_tcfd_handle; 02651 break; 02652 case T_DEV: 02653 i_type_handle = type_dev_handle; 02654 i_comp_handle = role_tcdv_handle; 02655 break; 02656 case T_USER: 02657 i_type_handle = type_user_handle; 02658 i_comp_handle = role_tcus_handle; 02659 break; 02660 case T_PROCESS: 02661 i_type_handle = type_process_handle; 02662 i_comp_handle = role_tcpr_handle; 02663 break; 02664 case T_IPC: 02665 i_type_handle = type_ipc_handle; 02666 i_comp_handle = role_tcip_handle; 02667 break; 02668 case T_GROUP: 02669 i_type_handle = type_group_handle; 02670 i_comp_handle = role_tcgr_handle; 02671 break; 02672 case T_NETDEV: 02673 i_type_handle = type_netdev_handle; 02674 i_comp_handle = role_tcnd_handle; 02675 break; 02676 case T_NETTEMP: 02677 i_type_handle = type_nettemp_handle; 02678 i_comp_handle = role_tcnt_handle; 02679 break; 02680 case T_NETOBJ: 02681 i_type_handle = type_netobj_handle; 02682 i_comp_handle = role_tcno_handle; 02683 break; 02684 02685 default: 02686 return -RSBAC_EINVALIDTARGET; 02687 } 02688 02689 /* copy */ 02690 if (i_type_handle == type_fd_handle) { 02691 err = 02692 rsbac_ta_list_get_data_ttl(ta_number, i_type_handle, 02693 &ttl, &from_type, 02694 &type_fd_entry); 02695 if (err) 02696 return err; 02697 err = 02698 rsbac_ta_list_add_ttl(ta_number, i_type_handle, ttl, 02699 &to_type, &type_fd_entry); 02700 if (err) 02701 return err; 02702 } else { 02703 err = 02704 rsbac_ta_list_get_data_ttl(ta_number, i_type_handle, 02705 NULL, &from_type, 02706 &type_name); 02707 if (err) 02708 return err; 02709 err = 02710 rsbac_ta_list_add_ttl(ta_number, i_type_handle, 0, 02711 &to_type, &type_name); 02712 if (err) 02713 return err; 02714 } 02715 02716 err = 02717 rsbac_ta_list_lol_subremove_from_all(ta_number, i_comp_handle, 02718 &to_type); 02719 if (err) 02720 return err; 02721 02722 count = rsbac_ta_list_get_all_desc(ta_number, role_handle, 02723 (void **) &role_array); 02724 if (count > 0) { 02725 rsbac_rc_rights_vector_t rights; 02726 02727 for (i = 0; i < count; i++) { 02728 err = rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02729 i_comp_handle, 02730 &ttl, 02731 &role_array 02732 [i], 02733 &from_type, 02734 &rights); 02735 if (!err) 02736 err = 02737 rsbac_ta_list_lol_subadd_ttl(ta_number, 02738 i_comp_handle, 02739 ttl, 02740 &role_array 02741 [i], 02742 &to_type, 02743 &rights); 02744 } 02745 rsbac_vfree(role_array); 02746 } 02747 return 0; 02748 }
int __init rsbac_rc_get_boot_role | ( | rsbac_rc_role_id_t * | role_p | ) |
Definition at line 2220 of file rc_data_structures.c.
References role_handle, RSBAC_ENOTFOUND, rsbac_list_get_desc(), and rsbac_rc_role_compare_data().
Referenced by rsbac_init().
02222 { 02223 /* Try to find role marked as boot role */ 02224 if (rsbac_list_get_desc(role_handle, 02225 role_p, role_p, rsbac_rc_role_compare_data) 02226 ) { /* none found */ 02227 return -RSBAC_ENOTFOUND; 02228 } 02229 return 0; 02230 }
int rsbac_rc_get_item | ( | rsbac_list_ta_number_t | ta_number, | |
enum rsbac_rc_target_t | target, | |||
union rsbac_rc_target_id_t | tid, | |||
union rsbac_rc_target_id_t | subtid, | |||
enum rsbac_rc_item_t | item, | |||
union rsbac_rc_item_value_t * | value_p, | |||
rsbac_time_t * | ttl_p | |||
) |
Definition at line 2752 of file rc_data_structures.c.
Referenced by rsbac_adf_request_rc(), rsbac_adf_set_attr_rc(), rsbac_rc_sys_change_role(), rsbac_rc_sys_get_eff_rights(), rsbac_rc_sys_get_item(), rsbac_rc_sys_set_item(), and rsbac_rc_test_role_admin().
02759 { 02760 int err = 0; 02761 struct rsbac_rc_role_entry_t role_entry; 02762 struct rsbac_rc_type_fd_entry_t type_fd_entry; 02763 02764 if (!rsbac_is_initialized()) { 02765 rsbac_printk(KERN_WARNING "rsbac_rc_get_item(): RSBAC not initialized\n"); 02766 return (-RSBAC_ENOTINITIALIZED); 02767 } 02768 if (in_interrupt()) { 02769 rsbac_printk(KERN_WARNING "rsbac_rc_get_item(): called from interrupt!\n"); 02770 } 02771 if (ttl_p) 02772 *ttl_p = 0; 02773 switch (target) { 02774 case RT_ROLE: 02775 if (tid.role > RC_role_max_value) 02776 return (-RSBAC_EINVALIDTARGET); 02777 /* 02778 rsbac_pr_debug(ds_rc, "getting role item value\n"); 02779 */ 02780 switch (item) { 02781 case RI_role_comp: 02782 if (!rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02783 role_rc_handle, 02784 ttl_p, 02785 &tid.role, 02786 &subtid. 02787 role, NULL)) 02788 value_p->comp = TRUE; 02789 else 02790 value_p->comp = FALSE; 02791 return 0; 02792 case RI_admin_roles: 02793 if (!rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02794 role_adr_handle, 02795 ttl_p, 02796 &tid.role, 02797 &subtid. 02798 role, NULL)) 02799 value_p->comp = TRUE; 02800 else 02801 value_p->comp = FALSE; 02802 return 0; 02803 case RI_assign_roles: 02804 if (!rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02805 role_asr_handle, 02806 ttl_p, 02807 &tid.role, 02808 &subtid. 02809 role, NULL)) 02810 value_p->comp = TRUE; 02811 else 02812 value_p->comp = FALSE; 02813 return 0; 02814 case RI_type_comp_fd: 02815 if (rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02816 role_tcfd_handle, 02817 ttl_p, 02818 &tid.role, 02819 &subtid.type, 02820 &value_p-> 02821 rights)) { 02822 value_p->rights = 02823 RSBAC_RC_DEFAULT_RIGHTS_VECTOR; 02824 if (ttl_p) 02825 *ttl_p = 0; 02826 } 02827 return 0; 02828 case RI_type_comp_dev: 02829 if (rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02830 role_tcdv_handle, 02831 ttl_p, 02832 &tid.role, 02833 &subtid.type, 02834 &value_p-> 02835 rights)) { 02836 value_p->rights = 02837 RSBAC_RC_DEFAULT_RIGHTS_VECTOR; 02838 if (ttl_p) 02839 *ttl_p = 0; 02840 } 02841 return 0; 02842 case RI_type_comp_user: 02843 if (rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02844 role_tcus_handle, 02845 ttl_p, 02846 &tid.role, 02847 &subtid.type, 02848 &value_p-> 02849 rights)) { 02850 value_p->rights = 02851 RSBAC_RC_DEFAULT_RIGHTS_VECTOR; 02852 if (ttl_p) 02853 *ttl_p = 0; 02854 } 02855 return 0; 02856 case RI_type_comp_process: 02857 if (rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02858 role_tcpr_handle, 02859 ttl_p, 02860 &tid.role, 02861 &subtid.type, 02862 &value_p-> 02863 rights)) { 02864 value_p->rights = 02865 RSBAC_RC_DEFAULT_RIGHTS_VECTOR; 02866 if (ttl_p) 02867 *ttl_p = 0; 02868 } 02869 return 0; 02870 case RI_type_comp_ipc: 02871 if (rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02872 role_tcip_handle, 02873 ttl_p, 02874 &tid.role, 02875 &subtid.type, 02876 &value_p-> 02877 rights)) { 02878 value_p->rights = 02879 RSBAC_RC_DEFAULT_RIGHTS_VECTOR; 02880 if (ttl_p) 02881 *ttl_p = 0; 02882 } 02883 return 0; 02884 case RI_type_comp_scd: 02885 if (rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02886 role_tcsc_handle, 02887 ttl_p, 02888 &tid.role, 02889 &subtid.type, 02890 &value_p-> 02891 rights)) { 02892 value_p->rights = 02893 RSBAC_RC_DEFAULT_RIGHTS_VECTOR; 02894 if (ttl_p) 02895 *ttl_p = 0; 02896 } 02897 return 0; 02898 case RI_type_comp_group: 02899 if (rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02900 role_tcgr_handle, 02901 ttl_p, 02902 &tid.role, 02903 &subtid.type, 02904 &value_p-> 02905 rights)) { 02906 value_p->rights = 02907 RSBAC_RC_DEFAULT_RIGHTS_VECTOR; 02908 if (ttl_p) 02909 *ttl_p = 0; 02910 } 02911 return 0; 02912 case RI_type_comp_netdev: 02913 if (rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02914 role_tcnd_handle, 02915 ttl_p, 02916 &tid.role, 02917 &subtid.type, 02918 &value_p-> 02919 rights)) { 02920 value_p->rights = 02921 RSBAC_RC_DEFAULT_RIGHTS_VECTOR; 02922 if (ttl_p) 02923 *ttl_p = 0; 02924 } 02925 return 0; 02926 case RI_type_comp_nettemp: 02927 if (rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02928 role_tcnt_handle, 02929 ttl_p, 02930 &tid.role, 02931 &subtid.type, 02932 &value_p-> 02933 rights)) { 02934 value_p->rights = 02935 RSBAC_RC_DEFAULT_RIGHTS_VECTOR; 02936 if (ttl_p) 02937 *ttl_p = 0; 02938 } 02939 return 0; 02940 case RI_type_comp_netobj: 02941 if (rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02942 role_tcno_handle, 02943 ttl_p, 02944 &tid.role, 02945 &subtid.type, 02946 &value_p-> 02947 rights)) { 02948 value_p->rights = 02949 RSBAC_RC_DEFAULT_RIGHTS_VECTOR; 02950 if (ttl_p) 02951 *ttl_p = 0; 02952 } 02953 return 0; 02954 case RI_admin_type: 02955 if (! 02956 (err = 02957 rsbac_ta_list_get_data_ttl(ta_number, 02958 role_handle, NULL, 02959 &tid.role, 02960 &role_entry))) 02961 value_p->admin_type = 02962 role_entry.admin_type; 02963 return err; 02964 case RI_name: 02965 if (! 02966 (err = 02967 rsbac_ta_list_get_data_ttl(ta_number, 02968 role_handle, NULL, 02969 &tid.role, 02970 &role_entry))) { 02971 strncpy(value_p->name, role_entry.name, 02972 RSBAC_RC_NAME_LEN - 1); 02973 value_p->name[RSBAC_RC_NAME_LEN - 1] = 02974 (char) 0; 02975 } 02976 return err; 02977 case RI_def_fd_create_type: 02978 if (! 02979 (err = 02980 rsbac_ta_list_get_data_ttl(ta_number, 02981 role_handle, NULL, 02982 &tid.role, 02983 &role_entry))) 02984 value_p->type_id = 02985 role_entry.def_fd_create_type; 02986 return err; 02987 case RI_def_fd_ind_create_type: 02988 return rsbac_ta_list_lol_get_subdata_ttl(ta_number, 02989 role_dfdc_handle, 02990 ttl_p, 02991 &tid.role, 02992 &subtid. 02993 type, 02994 &value_p-> 02995 type_id); 02996 case RI_def_user_create_type: 02997 if (! 02998 (err = 02999 rsbac_ta_list_get_data_ttl(ta_number, 03000 role_handle, NULL, 03001 &tid.role, 03002 &role_entry))) 03003 value_p->type_id = 03004 role_entry.def_user_create_type; 03005 return err; 03006 case RI_def_process_create_type: 03007 if (! 03008 (err = 03009 rsbac_ta_list_get_data_ttl(ta_number, 03010 role_handle, NULL, 03011 &tid.role, 03012 &role_entry))) 03013 value_p->type_id = 03014 role_entry.def_process_create_type; 03015 return err; 03016 case RI_def_process_chown_type: 03017 if (! 03018 (err = 03019 rsbac_ta_list_get_data_ttl(ta_number, 03020 role_handle, NULL, 03021 &tid.role, 03022 &role_entry))) 03023 value_p->type_id = 03024 role_entry.def_process_chown_type; 03025 return err; 03026 case RI_def_process_execute_type: 03027 if (! 03028 (err = 03029 rsbac_ta_list_get_data_ttl(ta_number, 03030 role_handle, NULL, 03031 &tid.role, 03032 &role_entry))) 03033 value_p->type_id = 03034 role_entry.def_process_execute_type; 03035 return err; 03036 case RI_def_ipc_create_type: 03037 if (! 03038 (err = 03039 rsbac_ta_list_get_data_ttl(ta_number, 03040 role_handle, NULL, 03041 &tid.role, 03042 &role_entry))) 03043 value_p->type_id = 03044 role_entry.def_ipc_create_type; 03045 return err; 03046 case RI_def_group_create_type: 03047 if (! 03048 (err = 03049 rsbac_ta_list_get_data_ttl(ta_number, 03050 role_handle, NULL, 03051 &tid.role, 03052 &role_entry))) 03053 value_p->type_id = 03054 role_entry.def_group_create_type; 03055 return err; 03056 case RI_def_unixsock_create_type: 03057 if (! 03058 (err = 03059 rsbac_ta_list_get_data_ttl(ta_number, 03060 role_handle, NULL, 03061 &tid.role, 03062 &role_entry))) 03063 value_p->type_id = 03064 role_entry.def_unixsock_create_type; 03065 return err; 03066 case RI_boot_role: 03067 if (! 03068 (err = 03069 rsbac_ta_list_get_data_ttl(ta_number, 03070 role_handle, NULL, 03071 &tid.role, 03072 &role_entry))) 03073 value_p->boot_role = role_entry.boot_role; 03074 return err; 03075 case RI_req_reauth: 03076 if (! 03077 (err = 03078 rsbac_ta_list_get_data_ttl(ta_number, 03079 role_handle, NULL, 03080 &tid.role, 03081 &role_entry))) 03082 value_p->req_reauth = 03083 role_entry.req_reauth; 03084 return err; 03085 default: 03086 return -RSBAC_EINVALIDATTR; 03087 } 03088 /* return */ 03089 return (err); 03090 break; 03091 03092 case RT_TYPE: 03093 if (tid.type > RC_type_max_value) 03094 return (-RSBAC_EINVALIDTARGET); 03095 /* 03096 rsbac_pr_debug(ds_rc, "getting type item value\n"); 03097 */ 03098 switch (item) { 03099 case RI_type_fd_name: 03100 if (! 03101 (err = 03102 rsbac_ta_list_get_data_ttl(ta_number, 03103 type_fd_handle, 03104 NULL, &tid.type, 03105 &type_fd_entry))) { 03106 strncpy(value_p->name, type_fd_entry.name, 03107 RSBAC_RC_NAME_LEN - 1); 03108 value_p->name[RSBAC_RC_NAME_LEN - 1] = 03109 (char) 0; 03110 } 03111 return err; 03112 case RI_type_fd_need_secdel: 03113 if (! 03114 (err = 03115 rsbac_ta_list_get_data_ttl(ta_number, 03116 type_fd_handle, 03117 NULL, &tid.type, 03118 &type_fd_entry))) { 03119 value_p->need_secdel = 03120 type_fd_entry.need_secdel; 03121 } 03122 return err; 03123 case RI_type_dev_name: 03124 return rsbac_ta_list_get_data_ttl(ta_number, 03125 type_dev_handle, 03126 NULL, &tid.type, 03127 value_p->name); 03128 case RI_type_ipc_name: 03129 return rsbac_ta_list_get_data_ttl(ta_number, 03130 type_ipc_handle, 03131 NULL, &tid.type, 03132 value_p->name); 03133 case RI_type_user_name: 03134 return rsbac_ta_list_get_data_ttl(ta_number, 03135 type_user_handle, 03136 NULL, &tid.type, 03137 value_p->name); 03138 case RI_type_process_name: 03139 return rsbac_ta_list_get_data_ttl(ta_number, 03140 type_process_handle, 03141 NULL, &tid.type, 03142 value_p->name); 03143 case RI_type_group_name: 03144 return rsbac_ta_list_get_data_ttl(ta_number, 03145 type_group_handle, 03146 NULL, &tid.type, 03147 value_p->name); 03148 case RI_type_netdev_name: 03149 return rsbac_ta_list_get_data_ttl(ta_number, 03150 type_netdev_handle, 03151 NULL, &tid.type, 03152 value_p->name); 03153 case RI_type_nettemp_name: 03154 return rsbac_ta_list_get_data_ttl(ta_number, 03155 type_nettemp_handle, 03156 NULL, &tid.type, 03157 value_p->name); 03158 case RI_type_netobj_name: 03159 return rsbac_ta_list_get_data_ttl(ta_number, 03160 type_netobj_handle, 03161 NULL, &tid.type, 03162 value_p->name); 03163 case RI_type_scd_name: 03164 { 03165 char *tmp; 03166 03167 tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN); 03168 if (!tmp) 03169 err = -RSBAC_ENOMEM; 03170 else { 03171 get_rc_scd_type_name(tmp, 03172 tid.type); 03173 strncpy(value_p->name, tmp, 03174 RSBAC_RC_NAME_LEN - 1); 03175 value_p->name[RSBAC_RC_NAME_LEN - 03176 1] = (char) 0; 03177 rsbac_kfree(tmp); 03178 } 03179 break; 03180 } 03181 default: 03182 err = -RSBAC_EINVALIDATTR; 03183 } 03184 /* and return */ 03185 return (err); 03186 break; 03187 03188 /* switch target: no valid target */ 03189 default: 03190 err = -RSBAC_EINVALIDTARGET; 03191 } 03192 return err; 03193 } /* end of rsbac_rc_get_item() */
int rsbac_rc_get_list | ( | rsbac_list_ta_number_t | ta_number, | |
enum rsbac_rc_target_t | target, | |||
union rsbac_rc_target_id_t | tid, | |||
enum rsbac_rc_item_t | item, | |||
__u32 ** | array_pp, | |||
rsbac_time_t ** | ttl_array_pp | |||
) |
Definition at line 3315 of file rc_data_structures.c.
Referenced by sys_rsbac_rc_get_list().
03320 { 03321 int res; 03322 03323 if (!rsbac_is_initialized()) { 03324 rsbac_printk(KERN_WARNING "rsbac_rc_get_list(): RSBAC not initialized\n"); 03325 return (-RSBAC_ENOTINITIALIZED); 03326 } 03327 if (in_interrupt()) { 03328 rsbac_printk(KERN_WARNING "rsbac_rc_get_list(): called from interrupt!\n"); 03329 } 03330 if (ttl_array_pp) 03331 *ttl_array_pp = NULL; 03332 switch (target) { 03333 case RT_ROLE: 03334 /* 03335 rsbac_pr_debug(ds_rc, "getting role list\n"); 03336 */ 03337 switch (item) { 03338 case RI_name: 03339 if (array_pp) 03340 return 03341 rsbac_ta_list_get_all_desc(ta_number, 03342 role_handle, 03343 (void **) 03344 array_pp); 03345 else 03346 return rsbac_ta_list_count(ta_number, 03347 role_handle); 03348 case RI_role_comp: 03349 if (array_pp) 03350 res = 03351 rsbac_ta_list_lol_get_all_subdesc_ttl 03352 (ta_number, role_rc_handle, &tid.role, 03353 (void **) array_pp, ttl_array_pp); 03354 else 03355 res = 03356 rsbac_ta_list_lol_subcount(ta_number, 03357 role_rc_handle, 03358 &tid.role); 03359 if (res == -RSBAC_ENOTFOUND) 03360 return 0; 03361 else 03362 return res; 03363 case RI_admin_roles: 03364 if (array_pp) 03365 res = 03366 rsbac_ta_list_lol_get_all_subdesc_ttl 03367 (ta_number, role_adr_handle, &tid.role, 03368 (void **) array_pp, ttl_array_pp); 03369 else 03370 res = 03371 rsbac_ta_list_lol_subcount(ta_number, 03372 role_adr_handle, 03373 &tid.role); 03374 if (res == -RSBAC_ENOTFOUND) 03375 return 0; 03376 else 03377 return res; 03378 case RI_assign_roles: 03379 if (array_pp) 03380 res = 03381 rsbac_ta_list_lol_get_all_subdesc_ttl 03382 (ta_number, role_asr_handle, &tid.role, 03383 (void **) array_pp, ttl_array_pp); 03384 else 03385 res = 03386 rsbac_ta_list_lol_subcount(ta_number, 03387 role_asr_handle, 03388 &tid.role); 03389 if (res == -RSBAC_ENOTFOUND) 03390 return 0; 03391 else 03392 return res; 03393 case RI_def_fd_ind_create_type: 03394 if (array_pp) 03395 return 03396 rsbac_ta_list_lol_get_all_subdesc_ttl 03397 (ta_number, role_dfdc_handle, 03398 &tid.role, (void **) array_pp, 03399 ttl_array_pp); 03400 else 03401 return 03402 rsbac_ta_list_lol_subcount(ta_number, 03403 role_dfdc_handle, 03404 &tid.role); 03405 case RI_type_comp_fd: 03406 if (array_pp) 03407 return 03408 rsbac_ta_list_lol_get_all_subdesc_ttl 03409 (ta_number, role_tcfd_handle, 03410 &tid.role, (void **) array_pp, 03411 ttl_array_pp); 03412 else 03413 return 03414 rsbac_ta_list_lol_subcount(ta_number, 03415 role_tcfd_handle, 03416 &tid.role); 03417 case RI_type_comp_dev: 03418 if (array_pp) 03419 return 03420 rsbac_ta_list_lol_get_all_subdesc_ttl 03421 (ta_number, role_tcdv_handle, 03422 &tid.role, (void **) array_pp, 03423 ttl_array_pp); 03424 else 03425 return 03426 rsbac_ta_list_lol_subcount(ta_number, 03427 role_tcdv_handle, 03428 &tid.role); 03429 case RI_type_comp_user: 03430 if (array_pp) 03431 return 03432 rsbac_ta_list_lol_get_all_subdesc_ttl 03433 (ta_number, role_tcus_handle, 03434 &tid.role, (void **) array_pp, 03435 ttl_array_pp); 03436 else 03437 return 03438 rsbac_ta_list_lol_subcount(ta_number, 03439 role_tcus_handle, 03440 &tid.role); 03441 case RI_type_comp_process: 03442 if (array_pp) 03443 return 03444 rsbac_ta_list_lol_get_all_subdesc_ttl 03445 (ta_number, role_tcpr_handle, 03446 &tid.role, (void **) array_pp, 03447 ttl_array_pp); 03448 else 03449 return 03450 rsbac_ta_list_lol_subcount(ta_number, 03451 role_tcpr_handle, 03452 &tid.role); 03453 case RI_type_comp_ipc: 03454 if (array_pp) 03455 return 03456 rsbac_ta_list_lol_get_all_subdesc_ttl 03457 (ta_number, role_tcip_handle, 03458 &tid.role, (void **) array_pp, 03459 ttl_array_pp); 03460 else 03461 return 03462 rsbac_ta_list_lol_subcount(ta_number, 03463 role_tcip_handle, 03464 &tid.role); 03465 case RI_type_comp_scd: 03466 if (array_pp) 03467 return 03468 rsbac_ta_list_lol_get_all_subdesc_ttl 03469 (ta_number, role_tcsc_handle, 03470 &tid.role, (void **) array_pp, 03471 ttl_array_pp); 03472 else 03473 return 03474 rsbac_ta_list_lol_subcount(ta_number, 03475 role_tcsc_handle, 03476 &tid.role); 03477 case RI_type_comp_group: 03478 if (array_pp) 03479 return 03480 rsbac_ta_list_lol_get_all_subdesc_ttl 03481 (ta_number, role_tcgr_handle, 03482 &tid.role, (void **) array_pp, 03483 ttl_array_pp); 03484 else 03485 return 03486 rsbac_ta_list_lol_subcount(ta_number, 03487 role_tcgr_handle, 03488 &tid.role); 03489 case RI_type_comp_netdev: 03490 if (array_pp) 03491 return 03492 rsbac_ta_list_lol_get_all_subdesc_ttl 03493 (ta_number, role_tcnd_handle, 03494 &tid.role, (void **) array_pp, 03495 ttl_array_pp); 03496 else 03497 return 03498 rsbac_ta_list_lol_subcount(ta_number, 03499 role_tcnd_handle, 03500 &tid.role); 03501 case RI_type_comp_nettemp: 03502 if (array_pp) 03503 return 03504 rsbac_ta_list_lol_get_all_subdesc_ttl 03505 (ta_number, role_tcnt_handle, 03506 &tid.role, (void **) array_pp, 03507 ttl_array_pp); 03508 else 03509 return 03510 rsbac_ta_list_lol_subcount(ta_number, 03511 role_tcnt_handle, 03512 &tid.role); 03513 case RI_type_comp_netobj: 03514 if (array_pp) 03515 return 03516 rsbac_ta_list_lol_get_all_subdesc_ttl 03517 (ta_number, role_tcno_handle, 03518 &tid.role, (void **) array_pp, 03519 ttl_array_pp); 03520 else 03521 return 03522 rsbac_ta_list_lol_subcount(ta_number, 03523 role_tcno_handle, 03524 &tid.role); 03525 03526 default: 03527 return -RSBAC_EINVALIDATTR; 03528 } 03529 03530 case RT_TYPE: 03531 /* 03532 rsbac_pr_debug(ds_rc, "getting type item value\n"); 03533 */ 03534 switch (item) { 03535 case RI_type_fd_name: 03536 case RI_type_fd_need_secdel: 03537 if (array_pp) 03538 return 03539 rsbac_ta_list_get_all_desc(ta_number, 03540 type_fd_handle, 03541 (void **) 03542 array_pp); 03543 else 03544 return rsbac_ta_list_count(ta_number, 03545 type_fd_handle); 03546 case RI_type_dev_name: 03547 if (array_pp) 03548 return 03549 rsbac_ta_list_get_all_desc(ta_number, 03550 type_dev_handle, 03551 (void **) 03552 array_pp); 03553 else 03554 return rsbac_ta_list_count(ta_number, 03555 type_dev_handle); 03556 case RI_type_ipc_name: 03557 if (array_pp) 03558 return 03559 rsbac_ta_list_get_all_desc(ta_number, 03560 type_ipc_handle, 03561 (void **) 03562 array_pp); 03563 else 03564 return rsbac_ta_list_count(ta_number, 03565 type_ipc_handle); 03566 case RI_type_user_name: 03567 if (array_pp) 03568 return 03569 rsbac_ta_list_get_all_desc(ta_number, 03570 type_user_handle, 03571 (void **) 03572 array_pp); 03573 else 03574 return rsbac_ta_list_count(ta_number, 03575 type_user_handle); 03576 case RI_type_process_name: 03577 if (array_pp) 03578 return 03579 rsbac_ta_list_get_all_desc(ta_number, 03580 type_process_handle, 03581 (void **) 03582 array_pp); 03583 else 03584 return rsbac_ta_list_count(ta_number, 03585 type_process_handle); 03586 case RI_type_group_name: 03587 if (array_pp) 03588 return 03589 rsbac_ta_list_get_all_desc(ta_number, 03590 type_group_handle, 03591 (void **) 03592 array_pp); 03593 else 03594 return rsbac_ta_list_count(ta_number, 03595 type_group_handle); 03596 case RI_type_netdev_name: 03597 if (array_pp) 03598 return 03599 rsbac_ta_list_get_all_desc(ta_number, 03600 type_netdev_handle, 03601 (void **) 03602 array_pp); 03603 else 03604 return rsbac_ta_list_count(ta_number, 03605 type_netdev_handle); 03606 case RI_type_nettemp_name: 03607 if (array_pp) 03608 return 03609 rsbac_ta_list_get_all_desc(ta_number, 03610 type_nettemp_handle, 03611 (void **) 03612 array_pp); 03613 else 03614 return rsbac_ta_list_count(ta_number, 03615 type_nettemp_handle); 03616 case RI_type_netobj_name: 03617 if (array_pp) 03618 return 03619 rsbac_ta_list_get_all_desc(ta_number, 03620 type_netobj_handle, 03621 (void **) 03622 array_pp); 03623 else 03624 return rsbac_ta_list_count(ta_number, 03625 type_netobj_handle); 03626 03627 default: 03628 return -RSBAC_EINVALIDATTR; 03629 } 03630 03631 default: 03632 return -RSBAC_EINVALIDTARGET; 03633 } 03634 } /* end of rsbac_rc_get_list() */
static int __init rsbac_rc_role_compare_data | ( | void * | data1, | |
void * | data2 | |||
) | [static] |
Definition at line 293 of file rc_data_structures.c.
References rsbac_rc_role_entry_t::boot_role.
Referenced by rsbac_rc_get_boot_role().
00295 { 00296 struct rsbac_rc_role_entry_t *role = data1; 00297 00298 if (!data1) 00299 return 1; 00300 if (role->boot_role) 00301 return 0; 00302 else 00303 return 1; 00304 }
rsbac_boolean_t rsbac_rc_role_exists | ( | rsbac_list_ta_number_t | ta_number, | |
rsbac_rc_role_id_t | role | |||
) |
Definition at line 2233 of file rc_data_structures.c.
References role_handle, and rsbac_ta_list_exist().
Referenced by rsbac_rc_sys_copy_role().
02235 { 02236 return rsbac_ta_list_exist(ta_number, role_handle, &role); 02237 }
int rsbac_rc_set_item | ( | rsbac_list_ta_number_t | ta_number, | |
enum rsbac_rc_target_t | target, | |||
union rsbac_rc_target_id_t | tid, | |||
union rsbac_rc_target_id_t | subtid, | |||
enum rsbac_rc_item_t | item, | |||
union rsbac_rc_item_value_t | value, | |||
rsbac_time_t | ttl | |||
) |
Definition at line 3638 of file rc_data_structures.c.
Referenced by rsbac_rc_sys_set_item().
03644 { 03645 int err = 0; 03646 03647 if (!rsbac_is_initialized()) { 03648 rsbac_printk(KERN_WARNING "rsbac_rc_set_item(): RSBAC not initialized\n"); 03649 return (-RSBAC_ENOTINITIALIZED); 03650 } 03651 if (in_interrupt()) { 03652 rsbac_printk(KERN_WARNING "rsbac_rc_set_item(): called from interrupt!\n"); 03653 } 03654 switch (target) { 03655 case RT_ROLE: 03656 if (tid.role > RC_role_max_value) 03657 return (-RSBAC_EINVALIDTARGET); 03658 if ((item != RI_name) 03659 && !rsbac_ta_list_exist(ta_number, role_handle, 03660 &tid.role) 03661 ) 03662 return (-RSBAC_EINVALIDTARGET); 03663 rsbac_pr_debug(ds_rc, "Setting role item value\n"); 03664 switch (item) { 03665 case RI_role_comp: 03666 if (value.comp) { 03667 return 03668 rsbac_ta_list_lol_subadd_ttl(ta_number, 03669 role_rc_handle, 03670 ttl, 03671 &tid.role, 03672 &subtid. 03673 role, 03674 NULL); 03675 } else { 03676 rsbac_ta_list_lol_subremove(ta_number, 03677 role_rc_handle, 03678 &tid.role, 03679 &subtid.role); 03680 return 0; 03681 } 03682 case RI_admin_roles: 03683 if (value.comp) { 03684 return 03685 rsbac_ta_list_lol_subadd_ttl(ta_number, 03686 role_adr_handle, 03687 ttl, 03688 &tid.role, 03689 &subtid. 03690 role, 03691 NULL); 03692 } else { 03693 rsbac_ta_list_lol_subremove(ta_number, 03694 role_adr_handle, 03695 &tid.role, 03696 &subtid.role); 03697 return 0; 03698 } 03699 case RI_assign_roles: 03700 if (value.comp) { 03701 return 03702 rsbac_ta_list_lol_subadd_ttl(ta_number, 03703 role_asr_handle, 03704 ttl, 03705 &tid.role, 03706 &subtid. 03707 role, 03708 NULL); 03709 } else { 03710 rsbac_ta_list_lol_subremove(ta_number, 03711 role_asr_handle, 03712 &tid.role, 03713 &subtid.role); 03714 return 0; 03715 } 03716 case RI_type_comp_fd: 03717 if (!rsbac_ta_list_exist 03718 (ta_number, type_fd_handle, &subtid.type)) 03719 return -RSBAC_EINVALIDVALUE; 03720 return rsbac_ta_list_lol_subadd_ttl(ta_number, 03721 role_tcfd_handle, 03722 ttl, 03723 &tid.role, 03724 &subtid.type, 03725 &value.rights); 03726 case RI_type_comp_dev: 03727 if (!rsbac_ta_list_exist 03728 (ta_number, type_dev_handle, &subtid.type)) 03729 return -RSBAC_EINVALIDVALUE; 03730 return rsbac_ta_list_lol_subadd_ttl(ta_number, 03731 role_tcdv_handle, 03732 ttl, 03733 &tid.role, 03734 &subtid.type, 03735 &value.rights); 03736 case RI_type_comp_user: 03737 if (!rsbac_ta_list_exist 03738 (ta_number, type_user_handle, &subtid.type)) 03739 return -RSBAC_EINVALIDVALUE; 03740 return rsbac_ta_list_lol_subadd_ttl(ta_number, 03741 role_tcus_handle, 03742 ttl, 03743 &tid.role, 03744 &subtid.type, 03745 &value.rights); 03746 case RI_type_comp_process: 03747 if (!rsbac_ta_list_exist 03748 (ta_number, type_process_handle, &subtid.type)) 03749 return -RSBAC_EINVALIDVALUE; 03750 return rsbac_ta_list_lol_subadd_ttl(ta_number, 03751 role_tcpr_handle, 03752 ttl, 03753 &tid.role, 03754 &subtid.type, 03755 &value.rights); 03756 case RI_type_comp_ipc: 03757 if (!rsbac_ta_list_exist 03758 (ta_number, type_ipc_handle, &subtid.type)) 03759 return -RSBAC_EINVALIDVALUE; 03760 return rsbac_ta_list_lol_subadd_ttl(ta_number, 03761 role_tcip_handle, 03762 ttl, 03763 &tid.role, 03764 &subtid.type, 03765 &value.rights); 03766 case RI_type_comp_scd: 03767 if ((subtid.type >= ST_none) 03768 && (subtid.type < RST_min) 03769 ) 03770 return -RSBAC_EINVALIDVALUE; 03771 if (subtid.type >= RST_none) 03772 return -RSBAC_EINVALIDVALUE; 03773 return rsbac_ta_list_lol_subadd_ttl(ta_number, 03774 role_tcsc_handle, 03775 ttl, 03776 &tid.role, 03777 &subtid.type, 03778 &value.rights); 03779 case RI_type_comp_group: 03780 if (!rsbac_ta_list_exist 03781 (ta_number, type_group_handle, &subtid.type)) 03782 return -RSBAC_EINVALIDVALUE; 03783 return rsbac_ta_list_lol_subadd_ttl(ta_number, 03784 role_tcgr_handle, 03785 ttl, 03786 &tid.role, 03787 &subtid.type, 03788 &value.rights); 03789 case RI_type_comp_netdev: 03790 if (!rsbac_ta_list_exist 03791 (ta_number, type_netdev_handle, &subtid.type)) 03792 return -RSBAC_EINVALIDVALUE; 03793 return rsbac_ta_list_lol_subadd_ttl(ta_number, 03794 role_tcnd_handle, 03795 ttl, 03796 &tid.role, 03797 &subtid.type, 03798 &value.rights); 03799 case RI_type_comp_nettemp: 03800 if (!rsbac_ta_list_exist 03801 (ta_number, type_nettemp_handle, &subtid.type)) 03802 return -RSBAC_EINVALIDVALUE; 03803 return rsbac_ta_list_lol_subadd_ttl(ta_number, 03804 role_tcnt_handle, 03805 ttl, 03806 &tid.role, 03807 &subtid.type, 03808 &value.rights); 03809 case RI_type_comp_netobj: 03810 if (!rsbac_ta_list_exist 03811 (ta_number, type_netobj_handle, &subtid.type)) 03812 return -RSBAC_EINVALIDVALUE; 03813 return rsbac_ta_list_lol_subadd_ttl(ta_number, 03814 role_tcno_handle, 03815 ttl, 03816 &tid.role, 03817 &subtid.type, 03818 &value.rights); 03819 case RI_admin_type: 03820 { 03821 struct rsbac_rc_role_entry_t entry; 03822 03823 err = 03824 rsbac_ta_list_get_data_ttl(ta_number, 03825 role_handle, 03826 NULL, 03827 &tid.role, 03828 &entry); 03829 if (err) 03830 return err; 03831 entry.admin_type = value.admin_type; 03832 return rsbac_ta_list_add_ttl(ta_number, 03833 role_handle, 03834 0, &tid.role, 03835 &entry); 03836 } 03837 case RI_name: 03838 { 03839 struct rsbac_rc_role_entry_t entry; 03840 03841 /* no empty names */ 03842 if (!value.name[0]) 03843 return -RSBAC_EINVALIDVALUE; 03844 /* create, if necessary, and set name */ 03845 memset(&entry, 0, 03846 sizeof(struct 03847 rsbac_rc_role_entry_t)); 03848 rsbac_ta_list_get_data_ttl(ta_number, 03849 role_handle, 03850 NULL, &tid.role, 03851 &entry); 03852 strncpy(entry.name, value.name, 03853 RSBAC_RC_NAME_LEN - 1); 03854 entry.name[RSBAC_RC_NAME_LEN - 1] = 0; 03855 return rsbac_ta_list_add_ttl(ta_number, 03856 role_handle, 03857 0, &tid.role, 03858 &entry); 03859 } 03860 case RI_remove_role: 03861 if (!tid.role) 03862 return -RSBAC_EINVALIDVALUE; 03863 /* remove role compat. */ 03864 rsbac_ta_list_lol_remove(ta_number, role_rc_handle, 03865 &tid.role); 03866 /* remove from other roles' role compat */ 03867 rsbac_ta_list_lol_subremove_from_all(ta_number, 03868 role_rc_handle, 03869 &tid.role); 03870 03871 /* remove admin roles */ 03872 rsbac_ta_list_lol_remove(ta_number, 03873 role_adr_handle, 03874 &tid.role); 03875 /* remove from other roles' admin roles */ 03876 rsbac_ta_list_lol_subremove_from_all(ta_number, 03877 role_adr_handle, 03878 &tid.role); 03879 03880 /* remove assign roles */ 03881 rsbac_ta_list_lol_remove(ta_number, 03882 role_asr_handle, 03883 &tid.role); 03884 /* remove from other roles' assign roles */ 03885 rsbac_ta_list_lol_subremove_from_all(ta_number, 03886 role_asr_handle, 03887 &tid.role); 03888 03889 /* remove def_fd_ind_create_type */ 03890 rsbac_ta_list_lol_remove(ta_number, 03891 role_dfdc_handle, 03892 &tid.role); 03893 03894 /* remove type compatibilities */ 03895 rsbac_ta_list_lol_remove(ta_number, 03896 role_tcfd_handle, 03897 &tid.role); 03898 rsbac_ta_list_lol_remove(ta_number, 03899 role_tcdv_handle, 03900 &tid.role); 03901 rsbac_ta_list_lol_remove(ta_number, 03902 role_tcus_handle, 03903 &tid.role); 03904 rsbac_ta_list_lol_remove(ta_number, 03905 role_tcpr_handle, 03906 &tid.role); 03907 rsbac_ta_list_lol_remove(ta_number, 03908 role_tcip_handle, 03909 &tid.role); 03910 rsbac_ta_list_lol_remove(ta_number, 03911 role_tcsc_handle, 03912 &tid.role); 03913 rsbac_ta_list_lol_remove(ta_number, 03914 role_tcgr_handle, 03915 &tid.role); 03916 rsbac_ta_list_lol_remove(ta_number, 03917 role_tcnd_handle, 03918 &tid.role); 03919 rsbac_ta_list_lol_remove(ta_number, 03920 role_tcnt_handle, 03921 &tid.role); 03922 rsbac_ta_list_lol_remove(ta_number, 03923 role_tcno_handle, 03924 &tid.role); 03925 03926 #ifdef CONFIG_RSBAC_ACL 03927 /* remove ACL entries */ 03928 { 03929 struct rsbac_acl_entry_desc_t desc; 03930 03931 desc.subj_type = ACLS_ROLE; 03932 desc.subj_id = tid.role; 03933 rsbac_acl_remove_subject(ta_number, desc); 03934 } 03935 #endif 03936 03937 return rsbac_ta_list_remove(ta_number, role_handle, 03938 &tid.role); 03939 03940 case RI_def_fd_create_type: 03941 { 03942 struct rsbac_rc_role_entry_t entry; 03943 03944 if ((value.type_id <= RC_type_max_value) 03945 && !rsbac_ta_list_exist(ta_number, 03946 type_fd_handle, 03947 &value.type_id) 03948 ) 03949 return -RSBAC_EINVALIDVALUE; 03950 if ((value.type_id > RC_type_max_value) 03951 && (value.type_id < 03952 RC_type_min_special) 03953 ) 03954 return -RSBAC_EINVALIDVALUE; 03955 err = 03956 rsbac_ta_list_get_data_ttl(ta_number, 03957 role_handle, 03958 NULL, 03959 &tid.role, 03960 &entry); 03961 if (err) 03962 return err; 03963 entry.def_fd_create_type = value.type_id; 03964 return rsbac_ta_list_add_ttl(ta_number, 03965 role_handle, 03966 0, &tid.role, 03967 &entry); 03968 } 03969 case RI_def_fd_ind_create_type: 03970 if ((value.type_id <= RC_type_max_value) 03971 && !rsbac_ta_list_exist(ta_number, 03972 type_fd_handle, 03973 &value.type_id) 03974 ) 03975 return -RSBAC_EINVALIDVALUE; 03976 if ((value.type_id > RC_type_max_value) 03977 && (value.type_id < RC_type_min_special) 03978 ) 03979 return -RSBAC_EINVALIDVALUE; 03980 return rsbac_ta_list_lol_subadd_ttl(ta_number, 03981 role_dfdc_handle, 03982 ttl, 03983 &tid.role, 03984 &subtid.type, 03985 &value. 03986 type_id); 03987 case RI_def_fd_ind_create_type_remove: 03988 return rsbac_ta_list_lol_subremove(ta_number, 03989 role_dfdc_handle, 03990 &tid.role, 03991 &subtid.type); 03992 03993 case RI_def_user_create_type: 03994 { 03995 struct rsbac_rc_role_entry_t entry; 03996 03997 if ((value.type_id <= RC_type_max_value) 03998 && !rsbac_ta_list_exist(ta_number, 03999 type_user_handle, 04000 &value.type_id) 04001 ) 04002 return -RSBAC_EINVALIDVALUE; 04003 if ((value.type_id > RC_type_max_value) 04004 && (value.type_id < 04005 RC_type_min_special) 04006 ) 04007 return -RSBAC_EINVALIDVALUE; 04008 err = 04009 rsbac_ta_list_get_data_ttl(ta_number, 04010 role_handle, 04011 NULL, 04012 &tid.role, 04013 &entry); 04014 if (err) 04015 return err; 04016 entry.def_user_create_type = value.type_id; 04017 return rsbac_ta_list_add_ttl(ta_number, 04018 role_handle, 04019 0, &tid.role, 04020 &entry); 04021 } 04022 case RI_def_process_create_type: 04023 { 04024 struct rsbac_rc_role_entry_t entry; 04025 04026 if ((value.type_id <= RC_type_max_value) 04027 && !rsbac_ta_list_exist(ta_number, 04028 type_process_handle, 04029 &value.type_id) 04030 ) 04031 return -RSBAC_EINVALIDVALUE; 04032 if ((value.type_id > RC_type_max_value) 04033 && (value.type_id < 04034 RC_type_min_special) 04035 ) 04036 return -RSBAC_EINVALIDVALUE; 04037 err = 04038 rsbac_ta_list_get_data_ttl(ta_number, 04039 role_handle, 04040 NULL, 04041 &tid.role, 04042 &entry); 04043 if (err) 04044 return err; 04045 entry.def_process_create_type = 04046 value.type_id; 04047 return rsbac_ta_list_add_ttl(ta_number, 04048 role_handle, 04049 0, &tid.role, 04050 &entry); 04051 } 04052 case RI_def_process_chown_type: 04053 { 04054 struct rsbac_rc_role_entry_t entry; 04055 04056 if ((value.type_id <= RC_type_max_value) 04057 && !rsbac_ta_list_exist(ta_number, 04058 type_process_handle, 04059 &value.type_id) 04060 ) 04061 return -RSBAC_EINVALIDVALUE; 04062 if ((value.type_id > RC_type_max_value) 04063 && (value.type_id < 04064 RC_type_min_special) 04065 ) 04066 return -RSBAC_EINVALIDVALUE; 04067 err = 04068 rsbac_ta_list_get_data_ttl(ta_number, 04069 role_handle, 04070 NULL, 04071 &tid.role, 04072 &entry); 04073 if (err) 04074 return err; 04075 entry.def_process_chown_type = 04076 value.type_id; 04077 return rsbac_ta_list_add_ttl(ta_number, 04078 role_handle, 04079 0, &tid.role, 04080 &entry); 04081 } 04082 case RI_def_process_execute_type: 04083 { 04084 struct rsbac_rc_role_entry_t entry; 04085 04086 if ((value.type_id <= RC_type_max_value) 04087 && !rsbac_ta_list_exist(ta_number, 04088 type_process_handle, 04089 &value.type_id) 04090 ) 04091 return -RSBAC_EINVALIDVALUE; 04092 if ((value.type_id > RC_type_max_value) 04093 && (value.type_id < 04094 RC_type_min_special) 04095 ) 04096 return -RSBAC_EINVALIDVALUE; 04097 err = 04098 rsbac_ta_list_get_data_ttl(ta_number, 04099 role_handle, 04100 NULL, 04101 &tid.role, 04102 &entry); 04103 if (err) 04104 return err; 04105 entry.def_process_execute_type = 04106 value.type_id; 04107 return rsbac_ta_list_add_ttl(ta_number, 04108 role_handle, 04109 0, &tid.role, 04110 &entry); 04111 } 04112 case RI_def_ipc_create_type: 04113 { 04114 struct rsbac_rc_role_entry_t entry; 04115 04116 if ((value.type_id <= RC_type_max_value) 04117 && !rsbac_ta_list_exist(ta_number, 04118 type_ipc_handle, 04119 &value.type_id) 04120 ) 04121 return -RSBAC_EINVALIDVALUE; 04122 if ((value.type_id > RC_type_max_value) 04123 && (value.type_id < 04124 RC_type_min_special) 04125 ) 04126 return -RSBAC_EINVALIDVALUE; 04127 err = 04128 rsbac_ta_list_get_data_ttl(ta_number, 04129 role_handle, 04130 NULL, 04131 &tid.role, 04132 &entry); 04133 if (err) 04134 return err; 04135 entry.def_ipc_create_type = value.type_id; 04136 return rsbac_ta_list_add_ttl(ta_number, 04137 role_handle, 04138 0, &tid.role, 04139 &entry); 04140 } 04141 case RI_def_group_create_type: 04142 { 04143 struct rsbac_rc_role_entry_t entry; 04144 04145 if ((value.type_id <= RC_type_max_value) 04146 && !rsbac_ta_list_exist(ta_number, 04147 type_group_handle, 04148 &value.type_id) 04149 ) 04150 return -RSBAC_EINVALIDVALUE; 04151 if ((value.type_id > RC_type_max_value) 04152 && (value.type_id < 04153 RC_type_min_special) 04154 ) 04155 return -RSBAC_EINVALIDVALUE; 04156 err = 04157 rsbac_ta_list_get_data_ttl(ta_number, 04158 role_handle, 04159 NULL, 04160 &tid.role, 04161 &entry); 04162 if (err) 04163 return err; 04164 entry.def_group_create_type = 04165 value.type_id; 04166 return rsbac_ta_list_add_ttl(ta_number, 04167 role_handle, 04168 0, &tid.role, 04169 &entry); 04170 } 04171 case RI_def_unixsock_create_type: 04172 { 04173 struct rsbac_rc_role_entry_t entry; 04174 04175 if ((value.type_id <= RC_type_max_value) 04176 && !rsbac_ta_list_exist(ta_number, 04177 type_fd_handle, 04178 &value.type_id) 04179 ) 04180 return -RSBAC_EINVALIDVALUE; 04181 if ((value.type_id > RC_type_max_value) 04182 && (value.type_id < 04183 RC_type_min_special) 04184 ) 04185 return -RSBAC_EINVALIDVALUE; 04186 err = 04187 rsbac_ta_list_get_data_ttl(ta_number, 04188 role_handle, 04189 NULL, 04190 &tid.role, 04191 &entry); 04192 if (err) 04193 return err; 04194 entry.def_unixsock_create_type = 04195 value.type_id; 04196 return rsbac_ta_list_add_ttl(ta_number, 04197 role_handle, 04198 0, &tid.role, 04199 &entry); 04200 } 04201 case RI_boot_role: 04202 { 04203 struct rsbac_rc_role_entry_t entry; 04204 04205 err = 04206 rsbac_ta_list_get_data_ttl(ta_number, 04207 role_handle, 04208 NULL, 04209 &tid.role, 04210 &entry); 04211 if (err) 04212 return err; 04213 entry.boot_role = value.boot_role; 04214 return rsbac_ta_list_add_ttl(ta_number, 04215 role_handle, 04216 0, &tid.role, 04217 &entry); 04218 } 04219 case RI_req_reauth: 04220 { 04221 struct rsbac_rc_role_entry_t entry; 04222 04223 err = 04224 rsbac_ta_list_get_data_ttl(ta_number, 04225 role_handle, 04226 NULL, 04227 &tid.role, 04228 &entry); 04229 if (err) 04230 return err; 04231 entry.req_reauth = value.req_reauth; 04232 // printk(KERN_WARNING "entry %u value %u\n", 04233 // entry.req_reauth, value.req_reauth); 04234 return rsbac_ta_list_add_ttl(ta_number, 04235 role_handle, 04236 0, &tid.role, 04237 &entry); 04238 } 04239 04240 default: 04241 return -RSBAC_EINVALIDATTR; 04242 } 04243 04244 case RT_TYPE: 04245 if (tid.type > RC_type_max_value) 04246 return (-RSBAC_EINVALIDTARGET); 04247 rsbac_pr_debug(ds_rc, "Setting type item value\n"); 04248 switch (item) { 04249 case RI_type_fd_name: 04250 { 04251 struct rsbac_rc_type_fd_entry_t entry; 04252 04253 /* no empty names */ 04254 if (!value.name[0]) 04255 return -RSBAC_EINVALIDVALUE; 04256 /* create, if necessary, and set name */ 04257 memset(&entry, 0, 04258 sizeof(struct 04259 rsbac_rc_type_fd_entry_t)); 04260 rsbac_ta_list_get_data_ttl(ta_number, 04261 type_fd_handle, 04262 NULL, &tid.type, 04263 &entry); 04264 strncpy(entry.name, value.name, 04265 RSBAC_RC_NAME_LEN - 1); 04266 entry.name[RSBAC_RC_NAME_LEN - 1] = 0; 04267 return rsbac_ta_list_add_ttl(ta_number, 04268 type_fd_handle, 04269 0, &tid.type, 04270 &entry); 04271 } 04272 case RI_type_fd_need_secdel: 04273 { 04274 struct rsbac_rc_type_fd_entry_t entry; 04275 04276 err = 04277 rsbac_ta_list_get_data_ttl(ta_number, 04278 type_fd_handle, 04279 NULL, 04280 &tid.type, 04281 &entry); 04282 if (err) 04283 return err; 04284 entry.need_secdel = value.need_secdel; 04285 return rsbac_ta_list_add_ttl(ta_number, 04286 type_fd_handle, 04287 0, &tid.type, 04288 &entry); 04289 } 04290 case RI_type_dev_name: 04291 /* no empty names */ 04292 if (!value.name[0]) 04293 return -RSBAC_EINVALIDVALUE; 04294 /* create, if necessary, and set name */ 04295 value.name[RSBAC_RC_NAME_LEN - 1] = 0; 04296 return rsbac_ta_list_add_ttl(ta_number, 04297 type_dev_handle, 0, 04298 &tid.type, 04299 &value.name); 04300 case RI_type_ipc_name: 04301 /* no empty names */ 04302 if (!value.name[0]) 04303 return -RSBAC_EINVALIDVALUE; 04304 /* create, if necessary, and set name */ 04305 value.name[RSBAC_RC_NAME_LEN - 1] = 0; 04306 return rsbac_ta_list_add_ttl(ta_number, 04307 type_ipc_handle, 0, 04308 &tid.type, 04309 &value.name); 04310 case RI_type_user_name: 04311 /* no empty names */ 04312 if (!value.name[0]) 04313 return -RSBAC_EINVALIDVALUE; 04314 /* create, if necessary, and set name */ 04315 value.name[RSBAC_RC_NAME_LEN - 1] = 0; 04316 return rsbac_ta_list_add_ttl(ta_number, 04317 type_user_handle, 0, 04318 &tid.type, 04319 &value.name); 04320 case RI_type_process_name: 04321 /* no empty names */ 04322 if (!value.name[0]) 04323 return -RSBAC_EINVALIDVALUE; 04324 /* create, if necessary, and set name */ 04325 value.name[RSBAC_RC_NAME_LEN - 1] = 0; 04326 return rsbac_ta_list_add_ttl(ta_number, 04327 type_process_handle, 04328 0, &tid.type, 04329 &value.name); 04330 case RI_type_group_name: 04331 /* no empty names */ 04332 if (!value.name[0]) 04333 return -RSBAC_EINVALIDVALUE; 04334 /* create, if necessary, and set name */ 04335 value.name[RSBAC_RC_NAME_LEN - 1] = 0; 04336 return rsbac_ta_list_add_ttl(ta_number, 04337 type_group_handle, 0, 04338 &tid.type, 04339 &value.name); 04340 case RI_type_netdev_name: 04341 /* no empty names */ 04342 if (!value.name[0]) 04343 return -RSBAC_EINVALIDVALUE; 04344 /* create, if necessary, and set name */ 04345 value.name[RSBAC_RC_NAME_LEN - 1] = 0; 04346 return rsbac_ta_list_add_ttl(ta_number, 04347 type_netdev_handle, 0, 04348 &tid.type, 04349 &value.name); 04350 case RI_type_nettemp_name: 04351 /* no empty names */ 04352 if (!value.name[0]) 04353 return -RSBAC_EINVALIDVALUE; 04354 /* create, if necessary, and set name */ 04355 value.name[RSBAC_RC_NAME_LEN - 1] = 0; 04356 return rsbac_ta_list_add_ttl(ta_number, 04357 type_nettemp_handle, 04358 0, &tid.type, 04359 &value.name); 04360 case RI_type_netobj_name: 04361 /* no empty names */ 04362 if (!value.name[0]) 04363 return -RSBAC_EINVALIDVALUE; 04364 /* create, if necessary, and set name */ 04365 value.name[RSBAC_RC_NAME_LEN - 1] = 0; 04366 return rsbac_ta_list_add_ttl(ta_number, 04367 type_netobj_handle, 0, 04368 &tid.type, 04369 &value.name); 04370 04371 case RI_type_fd_remove: 04372 if (!tid.type) 04373 return -RSBAC_EINVALIDVALUE; 04374 rsbac_ta_list_lol_subremove_from_all(ta_number, 04375 role_tcfd_handle, 04376 &tid.type); 04377 rsbac_ta_list_lol_subremove_from_all(ta_number, 04378 role_dfdc_handle, 04379 &tid.type); 04380 return rsbac_ta_list_remove(ta_number, 04381 type_fd_handle, 04382 &tid.type); 04383 case RI_type_dev_remove: 04384 if (!tid.type) 04385 return -RSBAC_EINVALIDVALUE; 04386 rsbac_ta_list_lol_subremove_from_all(ta_number, 04387 role_tcdv_handle, 04388 &tid.type); 04389 return rsbac_ta_list_remove(ta_number, 04390 type_dev_handle, 04391 &tid.type); 04392 case RI_type_user_remove: 04393 if (!tid.type) 04394 return -RSBAC_EINVALIDVALUE; 04395 rsbac_ta_list_lol_subremove_from_all(ta_number, 04396 role_tcus_handle, 04397 &tid.type); 04398 return rsbac_ta_list_remove(ta_number, 04399 type_user_handle, 04400 &tid.type); 04401 case RI_type_process_remove: 04402 if (!tid.type) 04403 return -RSBAC_EINVALIDVALUE; 04404 rsbac_ta_list_lol_subremove_from_all(ta_number, 04405 role_tcpr_handle, 04406 &tid.type); 04407 return rsbac_ta_list_remove(ta_number, 04408 type_process_handle, 04409 &tid.type); 04410 case RI_type_ipc_remove: 04411 if (!tid.type) 04412 return -RSBAC_EINVALIDVALUE; 04413 rsbac_ta_list_lol_subremove_from_all(ta_number, 04414 role_tcip_handle, 04415 &tid.type); 04416 return rsbac_ta_list_remove(ta_number, 04417 type_ipc_handle, 04418 &tid.type); 04419 case RI_type_group_remove: 04420 if (!tid.type) 04421 return -RSBAC_EINVALIDVALUE; 04422 rsbac_ta_list_lol_subremove_from_all(ta_number, 04423 role_tcgr_handle, 04424 &tid.type); 04425 return rsbac_ta_list_remove(ta_number, 04426 type_group_handle, 04427 &tid.type); 04428 case RI_type_netdev_remove: 04429 if (!tid.type) 04430 return -RSBAC_EINVALIDVALUE; 04431 rsbac_ta_list_lol_subremove_from_all(ta_number, 04432 role_tcnd_handle, 04433 &tid.type); 04434 return rsbac_ta_list_remove(ta_number, 04435 type_netdev_handle, 04436 &tid.type); 04437 case RI_type_nettemp_remove: 04438 if (!tid.type) 04439 return -RSBAC_EINVALIDVALUE; 04440 rsbac_ta_list_lol_subremove_from_all(ta_number, 04441 role_tcnt_handle, 04442 &tid.type); 04443 return rsbac_ta_list_remove(ta_number, 04444 type_nettemp_handle, 04445 &tid.type); 04446 case RI_type_netobj_remove: 04447 if (!tid.type) 04448 return -RSBAC_EINVALIDVALUE; 04449 rsbac_ta_list_lol_subremove_from_all(ta_number, 04450 role_tcno_handle, 04451 &tid.type); 04452 return rsbac_ta_list_remove(ta_number, 04453 type_netobj_handle, 04454 &tid.type); 04455 04456 default: 04457 return -RSBAC_EINVALIDATTR; 04458 } 04459 04460 /* switch target: no valid target */ 04461 default: 04462 return -RSBAC_EINVALIDTARGET; 04463 } 04464 }
rsbac_boolean_t rsbac_rc_type_exists | ( | rsbac_list_ta_number_t | ta_number, | |
enum rsbac_target_t | target, | |||
rsbac_rc_type_id_t | type | |||
) |
Definition at line 2239 of file rc_data_structures.c.
References FALSE, rsbac_ta_list_exist(), ST_none, T_DEV, T_DIR, T_FD, T_FIFO, T_FILE, T_IPC, T_NETDEV, T_NETOBJ, T_NETTEMP, T_PROCESS, T_SCD, T_SYMLINK, T_USER, TRUE, type_dev_handle, type_fd_handle, type_ipc_handle, type_netdev_handle, type_netobj_handle, type_nettemp_handle, type_process_handle, and type_user_handle.
Referenced by rsbac_rc_select_fd_create_type(), and rsbac_rc_sys_copy_type().
02242 { 02243 switch (target) { 02244 case T_FILE: 02245 case T_DIR: 02246 case T_FIFO: 02247 case T_SYMLINK: 02248 case T_FD: 02249 return rsbac_ta_list_exist(ta_number, type_fd_handle, 02250 &type); 02251 case T_DEV: 02252 return rsbac_ta_list_exist(ta_number, type_dev_handle, 02253 &type); 02254 case T_IPC: 02255 return rsbac_ta_list_exist(ta_number, type_ipc_handle, 02256 &type); 02257 case T_USER: 02258 return rsbac_ta_list_exist(ta_number, type_user_handle, 02259 &type); 02260 case T_PROCESS: 02261 return rsbac_ta_list_exist(ta_number, type_process_handle, 02262 &type); 02263 case T_NETDEV: 02264 return rsbac_ta_list_exist(ta_number, type_netdev_handle, 02265 &type); 02266 case T_NETTEMP: 02267 return rsbac_ta_list_exist(ta_number, type_nettemp_handle, 02268 &type); 02269 case T_NETOBJ: 02270 return rsbac_ta_list_exist(ta_number, type_netobj_handle, 02271 &type); 02272 case T_SCD: 02273 if (type < ST_none) 02274 return TRUE; 02275 else 02276 return FALSE; 02277 default: 02278 return FALSE; 02279 } 02280 }
int rsbac_stats_rc | ( | void | ) |
Definition at line 2188 of file rc_data_structures.c.
References role_handle, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_list_count(), rsbac_printk(), type_dev_handle, type_fd_handle, type_group_handle, type_ipc_handle, type_netdev_handle, type_netobj_handle, type_nettemp_handle, type_process_handle, and type_user_handle.
Referenced by rsbac_stats().
02189 { 02190 if (!rsbac_is_initialized()) { 02191 rsbac_printk(KERN_WARNING "rsbac_stats_rc(): RSBAC not initialized\n"); 02192 return (-RSBAC_ENOTINITIALIZED); 02193 } 02194 02195 rsbac_printk(KERN_INFO "Role entry size is %u, %lu entries used\n", 02196 sizeof(struct rsbac_rc_role_entry_t), 02197 rsbac_list_count(role_handle)); 02198 02199 rsbac_printk(KERN_INFO "Used type entries: fd: %lu, dev: %lu, ipc: %lu, user: %lu, process: %lu, group: %lu, netdev: %lu, nettemp: %lu, netobj: %lu\n", 02200 rsbac_list_count(type_fd_handle), 02201 rsbac_list_count(type_dev_handle), 02202 rsbac_list_count(type_ipc_handle), 02203 rsbac_list_count(type_user_handle), 02204 rsbac_list_count(type_process_handle), 02205 rsbac_list_count(type_group_handle), 02206 rsbac_list_count(type_netdev_handle), 02207 rsbac_list_count(type_nettemp_handle), 02208 rsbac_list_count(type_netobj_handle)); 02209 return 0; 02210 }
static int __init tc_conv | ( | void * | old_desc, | |
void * | old_data, | |||
void * | new_desc, | |||
void * | new_data | |||
) | [static] |
Definition at line 264 of file rc_data_structures.c.
Referenced by tcfd_get_conv().
00269 { 00270 memcpy(new_desc, old_desc, sizeof(rsbac_rc_role_id_t)); 00271 return 0; 00272 }
static int __init tc_subconv | ( | void * | old_desc, | |
void * | old_data, | |||
void * | new_desc, | |||
void * | new_data | |||
) | [static] |
Definition at line 228 of file rc_data_structures.c.
References RSBAC_ALL_REQUEST_VECTOR, RSBAC_RC_OLD_SPECIAL_RIGHT_BASE, and RSBAC_RC_SPECIAL_RIGHT_BASE.
Referenced by tcfd_get_subconv().
00233 { 00234 rsbac_rc_rights_vector_t *new = new_data; 00235 rsbac_rc_rights_vector_t *old = old_data; 00236 00237 memcpy(new_desc, old_desc, sizeof(rsbac_rc_type_id_t)); 00238 *new = (*old & RSBAC_ALL_REQUEST_VECTOR) 00239 | ((*old & ~(RSBAC_ALL_REQUEST_VECTOR)) << 00240 (RSBAC_RC_SPECIAL_RIGHT_BASE - 00241 RSBAC_RC_OLD_SPECIAL_RIGHT_BASE)); 00242 return 0; 00243 }
static rsbac_list_conv_function_t* __init tcfd_get_conv | ( | rsbac_version_t | old_version | ) | [static] |
Definition at line 278 of file rc_data_structures.c.
References NULL, and tc_conv().
Referenced by rsbac_init_rc().
00281 { 00282 switch (old_version) { 00283 case RSBAC_RC_ROLE_TCFD_OLD_LIST_VERSION: 00284 return tc_conv; 00285 default: 00286 return NULL; 00287 } 00288 }
static rsbac_list_conv_function_t* __init tcfd_get_subconv | ( | rsbac_version_t | old_version | ) | [static] |
Definition at line 249 of file rc_data_structures.c.
References NULL, and tc_subconv().
Referenced by rsbac_init_rc().
00252 { 00253 switch (old_version) { 00254 case RSBAC_RC_ROLE_TCFD_OLD_LIST_VERSION: 00255 return tc_subconv; 00256 default: 00257 return NULL; 00258 } 00259 }
static u_int type_hash | ( | void * | desc, | |
__u32 | nr_hashes | |||
) | [static] |
Definition at line 86 of file rc_data_structures.c.
Referenced by rsbac_init_rc().
00087 { 00088 return (*((rsbac_rc_type_id_t *) desc) & (nr_hashes - 1)); 00089 }
u_int nr_role_hashes = RSBAC_RC_NR_ROLE_LISTS [static] |
u_int nr_type_hashes = RSBAC_RC_NR_TYPE_LISTS [static] |
rsbac_list_handle_t role_adr_handle = NULL [static] |
Definition at line 40 of file rc_data_structures.c.
Referenced by rsbac_init_rc(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t role_asr_handle = NULL [static] |
Definition at line 41 of file rc_data_structures.c.
Referenced by rsbac_init_rc(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t role_dfdc_handle = NULL [static] |
Definition at line 42 of file rc_data_structures.c.
Referenced by rsbac_init_rc(), rsbac_rc_copy_role(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t role_handle = NULL [static] |
Definition at line 38 of file rc_data_structures.c.
Referenced by create_def_roles(), create_def_roles2(), rsbac_init_rc(), rsbac_rc_copy_role(), rsbac_rc_copy_type(), rsbac_rc_get_boot_role(), rsbac_rc_get_item(), rsbac_rc_get_list(), rsbac_rc_role_exists(), rsbac_rc_set_item(), and rsbac_stats_rc().
rsbac_list_handle_t role_rc_handle = NULL [static] |
Definition at line 39 of file rc_data_structures.c.
Referenced by rsbac_init_rc(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t role_tcdv_handle = NULL [static] |
Definition at line 44 of file rc_data_structures.c.
Referenced by create_def_roles(), create_def_roles2(), rsbac_init_rc(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t role_tcfd_handle = NULL [static] |
Definition at line 43 of file rc_data_structures.c.
Referenced by create_def_roles(), create_def_roles2(), rsbac_init_rc(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t role_tcgr_handle = NULL [static] |
Definition at line 49 of file rc_data_structures.c.
Referenced by create_def_roles(), create_def_roles2(), rsbac_init_rc(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t role_tcip_handle = NULL [static] |
Definition at line 47 of file rc_data_structures.c.
Referenced by create_def_roles(), create_def_roles2(), rsbac_init_rc(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t role_tcnd_handle = NULL [static] |
Definition at line 50 of file rc_data_structures.c.
Referenced by create_def_roles(), create_def_roles2(), rsbac_init_rc(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t role_tcno_handle = NULL [static] |
Definition at line 52 of file rc_data_structures.c.
Referenced by create_def_roles(), create_def_roles2(), rsbac_init_rc(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t role_tcnt_handle = NULL [static] |
Definition at line 51 of file rc_data_structures.c.
Referenced by create_def_roles(), create_def_roles2(), rsbac_init_rc(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t role_tcpr_handle = NULL [static] |
Definition at line 46 of file rc_data_structures.c.
Referenced by create_def_roles(), create_def_roles2(), rsbac_init_rc(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t role_tcsc_handle = NULL [static] |
Definition at line 48 of file rc_data_structures.c.
Referenced by create_def_roles(), create_def_roles2(), rsbac_init_rc(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t role_tcus_handle = NULL [static] |
Definition at line 45 of file rc_data_structures.c.
Referenced by create_def_roles(), create_def_roles2(), rsbac_init_rc(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), and rsbac_rc_set_item().
rsbac_list_handle_t type_dev_handle = NULL [static] |
Definition at line 55 of file rc_data_structures.c.
Referenced by rsbac_init_rc(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), rsbac_rc_set_item(), rsbac_rc_type_exists(), and rsbac_stats_rc().
rsbac_list_handle_t type_fd_handle = NULL [static] |
Definition at line 54 of file rc_data_structures.c.
Referenced by rsbac_init_rc(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), rsbac_rc_set_item(), rsbac_rc_type_exists(), and rsbac_stats_rc().
rsbac_list_handle_t type_group_handle = NULL [static] |
Definition at line 59 of file rc_data_structures.c.
Referenced by rsbac_init_rc(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), rsbac_rc_set_item(), and rsbac_stats_rc().
rsbac_list_handle_t type_ipc_handle = NULL [static] |
Definition at line 56 of file rc_data_structures.c.
Referenced by rsbac_init_rc(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), rsbac_rc_set_item(), rsbac_rc_type_exists(), and rsbac_stats_rc().
rsbac_list_handle_t type_netdev_handle = NULL [static] |
Definition at line 60 of file rc_data_structures.c.
Referenced by rsbac_init_rc(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), rsbac_rc_set_item(), rsbac_rc_type_exists(), and rsbac_stats_rc().
rsbac_list_handle_t type_netobj_handle = NULL [static] |
Definition at line 62 of file rc_data_structures.c.
Referenced by rsbac_init_rc(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), rsbac_rc_set_item(), rsbac_rc_type_exists(), and rsbac_stats_rc().
rsbac_list_handle_t type_nettemp_handle = NULL [static] |
Definition at line 61 of file rc_data_structures.c.
Referenced by rsbac_init_rc(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), rsbac_rc_set_item(), rsbac_rc_type_exists(), and rsbac_stats_rc().
rsbac_list_handle_t type_process_handle = NULL [static] |
Definition at line 58 of file rc_data_structures.c.
Referenced by rsbac_init_rc(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), rsbac_rc_set_item(), rsbac_rc_type_exists(), and rsbac_stats_rc().
rsbac_list_handle_t type_user_handle = NULL [static] |
Definition at line 57 of file rc_data_structures.c.
Referenced by rsbac_init_rc(), rsbac_rc_copy_type(), rsbac_rc_get_item(), rsbac_rc_get_list(), rsbac_rc_set_item(), rsbac_rc_type_exists(), and rsbac_stats_rc().