00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012 #include <linux/string.h>
00013 #include <rsbac/types.h>
00014 #include <rsbac/aci.h>
00015 #include <rsbac/adf_main.h>
00016 #include <rsbac/rc.h>
00017 #include <rsbac/error.h>
00018 #include <rsbac/debug.h>
00019 #include <rsbac/helpers.h>
00020 #include <rsbac/getname.h>
00021 #include <rsbac/rc_getname.h>
00022 #include <rsbac/rkmem.h>
00023 #include <rsbac/network.h>
00024 #include <rsbac/rc_types.h>
00025
00026
00027
00028
00029
00030 static enum rsbac_adf_req_ret_t
00031 check_comp_rc(enum rsbac_target_t target,
00032 union rsbac_target_id_t tid,
00033 enum rsbac_adf_request_t request, rsbac_pid_t caller_pid)
00034 {
00035 int err;
00036 union rsbac_target_id_t i_tid;
00037 enum rsbac_attribute_t i_attr;
00038 union rsbac_attribute_value_t i_attr_val1;
00039 union rsbac_attribute_value_t i_attr_val2;
00040
00041 union rsbac_rc_target_id_t i_rc_subtid;
00042 enum rsbac_rc_item_t i_rc_item;
00043
00044
00045 i_tid.process = caller_pid;
00046 if ((err = rsbac_get_attr(SW_RC,
00047 T_PROCESS,
00048 i_tid,
00049 A_rc_role, &i_attr_val1, FALSE))) {
00050 rsbac_pr_get_error(A_rc_role);
00051 return (NOT_GRANTED);
00052 }
00053 switch (target) {
00054 case T_FILE:
00055 case T_DIR:
00056 case T_FIFO:
00057 case T_SYMLINK:
00058 case T_UNIXSOCK:
00059 i_rc_item = RI_type_comp_fd;
00060 i_attr = A_rc_type_fd;
00061 break;
00062 case T_DEV:
00063 i_rc_item = RI_type_comp_dev;
00064 i_attr = A_rc_type;
00065 break;
00066 case T_USER:
00067 i_rc_item = RI_type_comp_user;
00068 i_attr = A_rc_type;
00069 break;
00070 case T_PROCESS:
00071 i_rc_item = RI_type_comp_process;
00072 i_attr = A_rc_type;
00073 break;
00074 case T_IPC:
00075 i_rc_item = RI_type_comp_ipc;
00076 i_attr = A_rc_type;
00077 break;
00078 #if defined(CONFIG_RSBAC_RC_UM_PROT)
00079 case T_GROUP:
00080 i_rc_item = RI_type_comp_group;
00081 i_attr = A_rc_type;
00082 break;
00083 #endif
00084 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT)
00085 case T_NETDEV:
00086 i_rc_item = RI_type_comp_netdev;
00087 i_attr = A_rc_type;
00088 break;
00089 #endif
00090 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
00091 case T_NETTEMP:
00092 i_rc_item = RI_type_comp_nettemp;
00093 i_attr = A_rc_type_nt;
00094 break;
00095 case T_NETOBJ:
00096 i_rc_item = RI_type_comp_netobj;
00097 if (rsbac_net_remote_request(request))
00098 i_attr = A_remote_rc_type;
00099 else
00100 i_attr = A_local_rc_type;
00101 break;
00102 #endif
00103 default:
00104 rsbac_printk(KERN_WARNING "check_comp_rc(): invalid target %i!\n",
00105 target);
00106 return (NOT_GRANTED);
00107 }
00108
00109
00110 if ((err = rsbac_get_attr(SW_RC,
00111 target,
00112 tid, i_attr, &i_attr_val2, TRUE))) {
00113 rsbac_pr_get_error(i_attr);
00114 return (NOT_GRANTED);
00115 }
00116
00117
00118 i_rc_subtid.type = i_attr_val2.rc_type;
00119 if (rsbac_rc_check_comp(i_attr_val1.rc_role,
00120 i_rc_subtid, i_rc_item, request))
00121 return (GRANTED);
00122 else {
00123 #ifdef CONFIG_RSBAC_DEBUG
00124 if (rsbac_debug_adf_rc) {
00125 char *tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00126
00127 if (tmp) {
00128 char *tmp2 =
00129 rsbac_kmalloc(RSBAC_MAXNAMELEN);
00130 if (tmp2) {
00131 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, %s rc_type %u, request %s -> NOT_GRANTED!\n",
00132 caller_pid,
00133 current->comm,
00134 current->uid,
00135 i_attr_val1.rc_role,
00136 get_target_name_only
00137 (tmp, target),
00138 i_attr_val2.rc_type,
00139 get_rc_special_right_name
00140 (tmp2, request));
00141 rsbac_kfree(tmp2);
00142 }
00143 rsbac_kfree(tmp);
00144 }
00145 }
00146 #endif
00147 return (NOT_GRANTED);
00148 }
00149 }
00150
00151 static enum rsbac_adf_req_ret_t
00152 check_comp_rc_scd(enum rsbac_rc_scd_type_t scd_type,
00153 enum rsbac_adf_request_t request, rsbac_pid_t caller_pid)
00154 {
00155 int err;
00156 union rsbac_target_id_t i_tid;
00157 union rsbac_attribute_value_t i_attr_val1;
00158
00159 union rsbac_rc_target_id_t i_rc_subtid;
00160
00161
00162 i_tid.process = caller_pid;
00163 if ((err = rsbac_get_attr(SW_RC,
00164 T_PROCESS,
00165 i_tid,
00166 A_rc_role, &i_attr_val1, FALSE))) {
00167 rsbac_pr_get_error(A_rc_role);
00168 return (NOT_GRANTED);
00169 }
00170
00171 i_rc_subtid.type = scd_type;
00172 if (rsbac_rc_check_comp(i_attr_val1.rc_role,
00173 i_rc_subtid, RI_type_comp_scd, request)) {
00174 return (GRANTED);
00175 } else {
00176 char tmp[RSBAC_MAXNAMELEN];
00177 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %i, scd_type %i, request %s -> NOT_GRANTED!\n",
00178 caller_pid, current->comm, current->uid,
00179 i_attr_val1.rc_role, scd_type,
00180 get_request_name(tmp, request));
00181 return (NOT_GRANTED);
00182 }
00183 }
00184
00185
00186 int rsbac_rc_test_admin_roles(rsbac_rc_role_id_t t_role,
00187 rsbac_boolean_t modify)
00188 {
00189 int err;
00190 union rsbac_target_id_t i_tid;
00191 union rsbac_attribute_value_t i_attr_val1;
00192 union rsbac_rc_target_id_t i_rc_subtid;
00193
00194 if (t_role > RC_role_max_value)
00195 return -RSBAC_EINVALIDVALUE;
00196
00197 i_tid.process = current->pid;
00198 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
00199 i_tid, A_rc_role, &i_attr_val1, TRUE))) {
00200 rsbac_pr_get_error(A_rc_role);
00201 return -RSBAC_EREADFAILED;
00202 }
00203
00204 i_rc_subtid.role = t_role;
00205
00206 if (!modify) {
00207 if (rsbac_rc_check_comp(i_attr_val1.rc_role,
00208 i_rc_subtid,
00209 RI_assign_roles, R_NONE))
00210 return 0;
00211
00212 }
00213
00214 if (rsbac_rc_check_comp(i_attr_val1.rc_role,
00215 i_rc_subtid, RI_admin_roles, R_NONE))
00216 return 0;
00217 else
00218 return -EPERM;
00219 }
00220
00221
00222 int rsbac_rc_test_assign_roles(enum rsbac_target_t target,
00223 union rsbac_target_id_t tid,
00224 enum rsbac_attribute_t attr,
00225 rsbac_rc_role_id_t t_role)
00226 {
00227 int err;
00228 union rsbac_target_id_t i_tid;
00229 union rsbac_attribute_value_t i_attr_val1;
00230 union rsbac_attribute_value_t i_attr_val2;
00231 union rsbac_rc_target_id_t i_rc_subtid;
00232
00233 if (((t_role > RC_role_max_value)
00234 && (t_role != RC_role_inherit_user)
00235 )
00236 || (target >= T_NONE)
00237 )
00238 return -RSBAC_EINVALIDVALUE;
00239
00240 i_tid.process = current->pid;
00241 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
00242 i_tid, A_rc_role, &i_attr_val1, TRUE))) {
00243 rsbac_pr_get_error(A_rc_role);
00244 return -RSBAC_EREADFAILED;
00245 }
00246
00247 if ((err = rsbac_get_attr(SW_RC,
00248 target,
00249 tid, attr, &i_attr_val2, TRUE))) {
00250 rsbac_pr_get_error(attr);
00251 return -RSBAC_EREADFAILED;
00252 }
00253
00254 i_rc_subtid.role = i_attr_val2.rc_role;
00255 if (!rsbac_rc_check_comp(i_attr_val1.rc_role,
00256 i_rc_subtid, RI_assign_roles, R_NONE))
00257 return -EPERM;
00258 if (t_role != RC_role_inherit_user) {
00259 i_rc_subtid.role = t_role;
00260 if (!rsbac_rc_check_comp(i_attr_val1.rc_role,
00261 i_rc_subtid,
00262 RI_assign_roles, R_NONE))
00263 return -EPERM;
00264 }
00265 return 0;
00266 }
00267
00268 enum rsbac_adf_req_ret_t
00269 rsbac_rc_check_type_comp(enum rsbac_target_t target,
00270 rsbac_rc_type_id_t type,
00271 enum rsbac_adf_request_t request,
00272 rsbac_pid_t caller_pid)
00273 {
00274 int err;
00275 union rsbac_target_id_t i_tid;
00276 union rsbac_attribute_value_t i_attr_val1;
00277
00278 union rsbac_rc_target_id_t i_rc_subtid;
00279 enum rsbac_rc_item_t i_rc_item;
00280
00281 if (!caller_pid)
00282 caller_pid = current->pid;
00283
00284
00285
00286
00287 if (type > RC_type_max_value) {
00288 if (request == RCR_ASSIGN)
00289 return GRANTED;
00290 else
00291 return NOT_GRANTED;
00292 }
00293
00294
00295 i_tid.process = caller_pid;
00296 if ((err = rsbac_get_attr(SW_RC,
00297 T_PROCESS,
00298 i_tid,
00299 A_rc_role, &i_attr_val1, FALSE))) {
00300 rsbac_pr_get_error(A_rc_role);
00301 return (NOT_GRANTED);
00302 }
00303 switch (target) {
00304 case T_FILE:
00305 case T_DIR:
00306 case T_FIFO:
00307 case T_SYMLINK:
00308 case T_UNIXSOCK:
00309 case T_FD:
00310 i_rc_item = RI_type_comp_fd;
00311 break;
00312 case T_DEV:
00313 i_rc_item = RI_type_comp_dev;
00314 break;
00315 case T_USER:
00316 i_rc_item = RI_type_comp_user;
00317 break;
00318 case T_PROCESS:
00319 i_rc_item = RI_type_comp_process;
00320 break;
00321 case T_IPC:
00322 i_rc_item = RI_type_comp_ipc;
00323 break;
00324 #if defined(CONFIG_RSBAC_RC_UM_PROT)
00325 case T_GROUP:
00326 i_rc_item = RI_type_comp_group;
00327 break;
00328 #endif
00329 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT)
00330 case T_NETDEV:
00331 i_rc_item = RI_type_comp_netdev;
00332 break;
00333 #endif
00334 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
00335 case T_NETTEMP:
00336 i_rc_item = RI_type_comp_nettemp;
00337 break;
00338 case T_NETOBJ:
00339 i_rc_item = RI_type_comp_netobj;
00340 break;
00341 #endif
00342
00343 default:
00344 rsbac_printk(KERN_WARNING "rsbac_rc_check_type_comp(): invalid target %i!\n",
00345 target);
00346 return (NOT_GRANTED);
00347 }
00348
00349 i_rc_subtid.type = type;
00350 if (rsbac_rc_check_comp(i_attr_val1.rc_role,
00351 i_rc_subtid, i_rc_item, request))
00352 return (GRANTED);
00353 else {
00354 char tmp[RSBAC_MAXNAMELEN];
00355 rsbac_pr_debug(adf_rc, "rc_role is %i, rc_type is %i, request is %s -> NOT_GRANTED!\n",
00356 i_attr_val1.rc_role, type,
00357 get_rc_special_right_name(tmp, request));
00358 return (NOT_GRANTED);
00359 }
00360 }
00361
00362
00363 int rsbac_rc_test_role_admin(rsbac_boolean_t modify)
00364 {
00365 int err;
00366 union rsbac_target_id_t i_tid;
00367 union rsbac_attribute_value_t i_attr_val1;
00368 union rsbac_rc_target_id_t i_rc_tid;
00369 union rsbac_rc_item_value_t i_rc_item_val1;
00370
00371
00372 i_tid.process = current->pid;
00373 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
00374 i_tid, A_rc_role, &i_attr_val1, TRUE))) {
00375 rsbac_pr_get_error(A_rc_role);
00376 return -RSBAC_EREADFAILED;
00377 }
00378
00379
00380 i_rc_tid.role = i_attr_val1.rc_role;
00381 if ((err = rsbac_rc_get_item(0, RT_ROLE, i_rc_tid, i_rc_tid,
00382 RI_admin_type,
00383 &i_rc_item_val1, NULL))) {
00384 rsbac_rc_pr_get_error(RI_admin_type);
00385 return -RSBAC_EREADFAILED;
00386 }
00387
00388
00389 if ((i_rc_item_val1.admin_type == RC_role_admin)
00390 || (!modify && (i_rc_item_val1.admin_type == RC_system_admin)
00391 )
00392 )
00393 return 0;
00394 else
00395 return -EPERM;
00396 }
00397
00398
00399
00400
00401
00402 inline enum rsbac_adf_req_ret_t
00403 rsbac_adf_request_rc(enum rsbac_adf_request_t request,
00404 rsbac_pid_t caller_pid,
00405 enum rsbac_target_t target,
00406 union rsbac_target_id_t tid,
00407 enum rsbac_attribute_t attr,
00408 union rsbac_attribute_value_t attr_val,
00409 rsbac_uid_t owner)
00410 {
00411 int err;
00412 enum rsbac_adf_req_ret_t result = DO_NOT_CARE;
00413 union rsbac_attribute_value_t i_attr_val1;
00414 union rsbac_rc_target_id_t i_rc_tid;
00415 union rsbac_rc_target_id_t i_rc_subtid;
00416 union rsbac_rc_item_value_t i_rc_item_val1;
00417 union rsbac_target_id_t i_tid;
00418 union rsbac_attribute_value_t i_attr_val2;
00419
00420 switch (request) {
00421 case R_SEARCH:
00422 switch (target) {
00423 case T_DIR:
00424 case T_FILE:
00425 case T_SYMLINK:
00426 case T_FIFO:
00427 case T_UNIXSOCK:
00428 case T_DEV:
00429 case T_NETOBJ:
00430 #if defined(CONFIG_RSBAC_RC_UM_PROT)
00431 case T_USER:
00432 case T_GROUP:
00433 #endif
00434 return (check_comp_rc
00435 (target, tid, request, caller_pid));
00436
00437
00438 default:
00439 return (DO_NOT_CARE);
00440 }
00441
00442 case R_CLOSE:
00443 return DO_NOT_CARE;
00444
00445 case R_GET_STATUS_DATA:
00446 switch (target) {
00447 case T_SCD:
00448 return (check_comp_rc_scd
00449 (tid.scd, request, caller_pid));
00450 case T_FILE:
00451 case T_DIR:
00452 case T_FIFO:
00453 case T_SYMLINK:
00454 case T_UNIXSOCK:
00455 case T_IPC:
00456 case T_PROCESS:
00457 case T_DEV:
00458 #if defined(CONFIG_RSBAC_RC_UM_PROT)
00459 case T_USER:
00460 case T_GROUP:
00461 #endif
00462 return (check_comp_rc
00463 (target, tid, request, caller_pid));
00464
00465 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT)
00466 case T_NETDEV:
00467 return (check_comp_rc
00468 (target, tid, request, caller_pid));
00469 #endif
00470 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
00471 case T_NETOBJ:
00472 return (check_comp_rc
00473 (target, tid, request, caller_pid));
00474 #endif
00475
00476 default:
00477 return (DO_NOT_CARE);
00478 }
00479
00480 case R_SEND:
00481 switch (target) {
00482 case T_DEV:
00483 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
00484 case T_NETOBJ:
00485 #endif
00486 return (check_comp_rc
00487 (target, tid, request, caller_pid));
00488
00489 case T_UNIXSOCK:
00490 case T_IPC:
00491 #if defined(CONFIG_RSBAC_RC_NET_OBJ_UNIX_PROCESS)
00492 if (attr == A_process) {
00493 enum rsbac_adf_req_ret_t tmp_result;
00494
00495 i_tid.process = attr_val.process;
00496 tmp_result = check_comp_rc(T_PROCESS, i_tid,
00497 R_SEND,
00498 caller_pid);
00499 if ((tmp_result == NOT_GRANTED)
00500 || (tmp_result == UNDEFINED)
00501 )
00502 return tmp_result;
00503 }
00504 #endif
00505 return (check_comp_rc
00506 (target, tid, request, caller_pid));
00507
00508
00509
00510 default:
00511 return (DO_NOT_CARE);
00512 }
00513
00514 case R_LISTEN:
00515 case R_NET_SHUTDOWN:
00516 switch (target) {
00517 case T_UNIXSOCK:
00518 case T_IPC:
00519 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
00520 case T_NETOBJ:
00521 #endif
00522 return (check_comp_rc
00523 (target, tid, request, caller_pid));
00524
00525
00526 default:
00527 return (DO_NOT_CARE);
00528 }
00529 case R_ACCEPT:
00530 case R_CONNECT:
00531 case R_RECEIVE:
00532 switch (target) {
00533 case T_UNIXSOCK:
00534 case T_IPC:
00535 #if defined(CONFIG_RSBAC_RC_NET_OBJ_UNIX_PROCESS)
00536 if (attr == A_process) {
00537 enum rsbac_adf_req_ret_t tmp_result;
00538
00539 i_tid.process = attr_val.process;
00540 tmp_result = check_comp_rc(T_PROCESS, i_tid,
00541 request,
00542 caller_pid);
00543 if ((tmp_result == NOT_GRANTED)
00544 || (tmp_result == UNDEFINED)
00545 )
00546 return tmp_result;
00547 }
00548 #endif
00549 return (check_comp_rc
00550 (target, tid, request, caller_pid));
00551
00552 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
00553 case T_NETOBJ:
00554 return (check_comp_rc
00555 (target, tid, request, caller_pid));
00556 #endif
00557
00558
00559 default:
00560 return (DO_NOT_CARE);
00561 }
00562
00563 case R_READ:
00564 case R_WRITE:
00565 switch (target) {
00566 case T_DIR:
00567 #ifdef CONFIG_RSBAC_RW
00568 case T_FILE:
00569 case T_FIFO:
00570 case T_DEV:
00571 #endif
00572 #if defined(CONFIG_RSBAC_RC_UM_PROT)
00573 case T_USER:
00574 case T_GROUP:
00575 #endif
00576 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
00577 #if defined(CONFIG_RSBAC_NET_OBJ_RW)
00578 case T_NETTEMP:
00579 #endif
00580 #endif
00581 return (check_comp_rc
00582 (target, tid, request, caller_pid));
00583
00584 #ifdef CONFIG_RSBAC_RW
00585 case T_IPC:
00586 case T_UNIXSOCK:
00587 #if defined(CONFIG_RSBAC_RC_NET_OBJ_UNIX_PROCESS)
00588 if (attr == A_process) {
00589 enum rsbac_adf_req_ret_t tmp_result;
00590
00591 i_tid.process = attr_val.process;
00592 if (request == R_READ)
00593 tmp_result =
00594 check_comp_rc(T_PROCESS, i_tid,
00595 R_RECEIVE,
00596 caller_pid);
00597 else
00598 tmp_result =
00599 check_comp_rc(T_PROCESS, i_tid,
00600 R_SEND,
00601 caller_pid);
00602 if ((tmp_result == NOT_GRANTED)
00603 || (tmp_result == UNDEFINED)
00604 )
00605 return tmp_result;
00606 }
00607 #endif
00608 return (check_comp_rc
00609 (target, tid, request, caller_pid));
00610 #endif
00611
00612 case T_SCD:
00613 return (check_comp_rc_scd
00614 (tid.scd, request, caller_pid));
00615
00616 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
00617 #if defined(CONFIG_RSBAC_NET_OBJ_RW)
00618 case T_NETOBJ:
00619 return (check_comp_rc
00620 (target, tid, request, caller_pid));
00621 #endif
00622 #endif
00623
00624
00625 default:
00626 return (DO_NOT_CARE);
00627 }
00628
00629 case R_APPEND_OPEN:
00630 case R_READ_WRITE_OPEN:
00631 switch (target) {
00632 case T_FILE:
00633 case T_DEV:
00634 case T_FIFO:
00635 case T_IPC:
00636 return (check_comp_rc
00637 (target, tid, request, caller_pid));
00638
00639
00640 default:
00641 return (DO_NOT_CARE);
00642 }
00643
00644 case R_MAP_EXEC:
00645 switch (target) {
00646 case T_FILE:
00647 return (check_comp_rc
00648 (target, tid, request, caller_pid));
00649
00650
00651 default:
00652 return (DO_NOT_CARE);
00653 }
00654
00655 case R_CHANGE_GROUP:
00656 switch (target) {
00657 case T_FILE:
00658 case T_DIR:
00659 case T_FIFO:
00660 case T_SYMLINK:
00661 case T_IPC:
00662 #if defined(CONFIG_RSBAC_RC_UM_PROT)
00663 case T_USER:
00664 #endif
00665 return (check_comp_rc
00666 (target, tid, request, caller_pid));
00667
00668
00669 default:
00670 return (DO_NOT_CARE);
00671 }
00672
00673 case R_CHANGE_OWNER:
00674 switch (target) {
00675 case T_FILE:
00676 case T_DIR:
00677 case T_FIFO:
00678 case T_SYMLINK:
00679 case T_IPC:
00680 return (check_comp_rc
00681 (target, tid, request, caller_pid));
00682
00683 #ifdef CONFIG_RSBAC_USER_CHOWN
00684 case T_USER:
00685 #if defined(CONFIG_RSBAC_AUTH)
00686 result = check_comp_rc(target, tid, request, caller_pid);
00687 if((result == GRANTED) || (result == DO_NOT_CARE))
00688 return result;
00689 i_tid.process = caller_pid;
00690 if ((err = rsbac_get_attr(SW_AUTH, T_PROCESS,
00691 i_tid,
00692 A_auth_last_auth,
00693 &i_attr_val1, FALSE))) {
00694 rsbac_pr_get_error(A_auth_last_auth);
00695 return NOT_GRANTED;
00696 }
00697 if(i_attr_val1.auth_last_auth != tid.user)
00698 return NOT_GRANTED;
00699 else
00700 return check_comp_rc(target, tid, RCR_CHANGE_AUTHED_OWNER, caller_pid);
00701 #else
00702 return check_comp_rc(target, tid, request, caller_pid);
00703 #endif
00704 #endif
00705
00706 case T_PROCESS:
00707
00708 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
00709 tid,
00710 A_rc_role,
00711 &i_attr_val1, FALSE))) {
00712 rsbac_pr_get_error(A_rc_role);
00713 return NOT_GRANTED;
00714 }
00715
00716 i_rc_tid.role = i_attr_val1.rc_role;
00717 if ((err = rsbac_rc_get_item(0, RT_ROLE, i_rc_tid, i_rc_tid,
00718 RI_def_process_chown_type,
00719 &i_rc_item_val1,
00720 NULL))) {
00721 rsbac_rc_pr_get_error
00722 (RI_def_process_chown_type);
00723 return NOT_GRANTED;
00724 }
00725 if ((i_rc_item_val1.type_id == RC_type_no_chown)
00726 || (i_rc_item_val1.type_id ==
00727 RC_type_no_create)
00728 )
00729 return (NOT_GRANTED);
00730 else
00731 return (GRANTED);
00732
00733
00734 default:
00735 return (DO_NOT_CARE);
00736 }
00737
00738 case R_CHDIR:
00739 switch (target) {
00740 case T_DIR:
00741 return (check_comp_rc
00742 (target, tid, request, caller_pid));
00743
00744
00745 default:
00746 return (DO_NOT_CARE);
00747 }
00748
00749 case R_CLONE:
00750 if (target == T_PROCESS) {
00751
00752
00753 i_tid.process = caller_pid;
00754 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
00755 i_tid,
00756 A_rc_role,
00757 &i_attr_val1, FALSE))) {
00758 rsbac_pr_get_error(A_rc_role);
00759 return (NOT_GRANTED);
00760 }
00761
00762 i_rc_tid.role = i_attr_val1.rc_role;
00763 if ((err = rsbac_rc_get_item(0,
00764 RT_ROLE,
00765 i_rc_tid,
00766 i_rc_tid,
00767 RI_def_process_create_type,
00768 &i_rc_item_val1,
00769 NULL))) {
00770 rsbac_rc_pr_get_error
00771 (RI_def_process_create_type);
00772 return NOT_GRANTED;
00773 }
00774 switch (i_rc_item_val1.type_id) {
00775 case RC_type_no_create:
00776 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_process_create_type no_create, request CLONE -> NOT_GRANTED!\n",
00777 caller_pid, current->comm,
00778 current->uid,
00779 i_attr_val1.rc_role);
00780 return (NOT_GRANTED);
00781
00782 case RC_type_use_new_role_def_create:
00783 case RC_type_use_fd:
00784
00785 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_process_create_type of role %i!\n",
00786 i_attr_val1.rc_role);
00787 return (NOT_GRANTED);
00788
00789 case RC_type_inherit_parent:
00790 case RC_type_inherit_process:
00791 return GRANTED;
00792
00793 default:
00794
00795
00796 i_rc_subtid.type = i_rc_item_val1.type_id;
00797 if (rsbac_rc_check_comp
00798 (i_attr_val1.rc_role, i_rc_subtid,
00799 RI_type_comp_process, R_CREATE))
00800 return (GRANTED);
00801 else {
00802 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_process_create_type %i -> NOT_GRANTED!\n",
00803 i_attr_val1.rc_role,
00804 i_rc_item_val1.
00805 type_id);
00806 return (NOT_GRANTED);
00807 }
00808 }
00809 } else
00810 return (DO_NOT_CARE);
00811
00812
00813 case R_CREATE:
00814 switch (target) {
00815 case T_DIR:
00816
00817 result =
00818 check_comp_rc(target, tid, request,
00819 caller_pid);
00820 if ((result != GRANTED) && (result != DO_NOT_CARE))
00821 return result;
00822
00823
00824 i_tid.process = caller_pid;
00825 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
00826 i_tid,
00827 A_rc_role,
00828 &i_attr_val1, FALSE))) {
00829 rsbac_pr_get_error(A_rc_role);
00830 return (NOT_GRANTED);
00831 }
00832
00833 i_tid.process = caller_pid;
00834 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
00835 i_tid,
00836 A_rc_select_type,
00837 &i_attr_val2, FALSE))) {
00838 rsbac_pr_get_error(A_rc_select_type);
00839 return (NOT_GRANTED);
00840 }
00841 if (i_attr_val2.rc_select_type == RC_type_use_fd) {
00842
00843
00844 if ((err = rsbac_get_attr(SW_RC,
00845 target,
00846 tid,
00847 A_rc_type_fd,
00848 &i_attr_val2, TRUE))) {
00849 rsbac_pr_get_error(A_rc_type_fd);
00850 return NOT_GRANTED;
00851 }
00852 i_rc_tid.role = i_attr_val1.rc_role;
00853 i_rc_subtid.type = i_attr_val2.rc_type;
00854 if ((err = rsbac_rc_get_item(0, RT_ROLE, i_rc_tid, i_rc_subtid, RI_def_fd_ind_create_type, &i_rc_item_val1, NULL))) {
00855 if ((err = rsbac_rc_get_item(0,
00856 RT_ROLE,
00857 i_rc_tid,
00858 i_rc_subtid,
00859 RI_def_fd_create_type,
00860 &i_rc_item_val1,
00861 NULL))) {
00862 rsbac_rc_pr_get_error
00863 (RI_def_fd_create_type);
00864 return (NOT_GRANTED);
00865 }
00866 }
00867 } else
00868 i_rc_item_val1.type_id = i_attr_val2.rc_select_type;
00869
00870 switch (i_rc_item_val1.type_id) {
00871 case RC_type_inherit_parent:
00872 return GRANTED;
00873 case RC_type_no_create:
00874 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_fd_create_type no_create, request CREATE -> NOT_GRANTED!\n",
00875 caller_pid, current->comm,
00876 current->uid,
00877 i_attr_val1.rc_role);
00878 return (NOT_GRANTED);
00879 break;
00880
00881 case RC_type_use_new_role_def_create:
00882 case RC_type_inherit_process:
00883 case RC_type_use_fd:
00884
00885 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_fd_create_type of role %i!\n",
00886 i_attr_val1.rc_role);
00887 return (NOT_GRANTED);
00888
00889 default:
00890
00891
00892 i_rc_subtid.type = i_rc_item_val1.type_id;
00893 if (rsbac_rc_check_comp
00894 (i_attr_val1.rc_role, i_rc_subtid,
00895 RI_type_comp_fd, R_CREATE))
00896 return (GRANTED);
00897 else {
00898 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_fd_create_type %i -> NOT_GRANTED!\n",
00899 i_attr_val1.rc_role,
00900 i_rc_item_val1.
00901 type_id);
00902 return (NOT_GRANTED);
00903 }
00904 }
00905
00906 case T_IPC:
00907
00908
00909 i_tid.process = caller_pid;
00910 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
00911 i_tid,
00912 A_rc_role,
00913 &i_attr_val1, FALSE))) {
00914 rsbac_pr_get_error(A_rc_role);
00915 return NOT_GRANTED;
00916 }
00917
00918 i_rc_tid.role = i_attr_val1.rc_role;
00919 if ((err = rsbac_rc_get_item(0,
00920 RT_ROLE,
00921 i_rc_tid,
00922 i_rc_tid,
00923 RI_def_ipc_create_type,
00924 &i_rc_item_val1,
00925 NULL))) {
00926 rsbac_rc_pr_get_error
00927 (RI_def_ipc_create_type);
00928 return (NOT_GRANTED);
00929 }
00930 switch (i_rc_item_val1.type_id) {
00931 case RC_type_no_create:
00932 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_ipc_create_type no_create, request CREATE -> NOT_GRANTED!\n",
00933 caller_pid, current->comm,
00934 current->uid,
00935 i_attr_val1.rc_role);
00936 return (NOT_GRANTED);
00937
00938 case RC_type_use_new_role_def_create:
00939
00940 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_ipc_create_type of role %i!\n",
00941 i_attr_val1.rc_role);
00942 return (NOT_GRANTED);
00943
00944 case RC_type_inherit_parent:
00945 case RC_type_inherit_process:
00946 case RC_type_use_fd:
00947
00948 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type inherit_parent in def_ipc_create_type of role %i!\n",
00949 i_attr_val1.rc_role);
00950 return (NOT_GRANTED);
00951
00952 default:
00953
00954
00955 i_rc_subtid.type = i_rc_item_val1.type_id;
00956 if (rsbac_rc_check_comp
00957 (i_attr_val1.rc_role, i_rc_subtid,
00958 RI_type_comp_ipc, R_CREATE))
00959 return (GRANTED);
00960 else {
00961 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_ipc_create_type %i -> NOT_GRANTED!\n",
00962 i_attr_val1.rc_role,
00963 i_rc_item_val1.
00964 type_id);
00965 return (NOT_GRANTED);
00966 }
00967 }
00968
00969 #if defined(CONFIG_RSBAC_RC_UM_PROT)
00970 case T_USER:
00971
00972
00973 i_tid.process = caller_pid;
00974 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
00975 i_tid,
00976 A_rc_role,
00977 &i_attr_val1, FALSE))) {
00978 rsbac_pr_get_error(A_rc_role);
00979 return (NOT_GRANTED);
00980 }
00981
00982 i_rc_tid.role = i_attr_val1.rc_role;
00983 if ((err = rsbac_rc_get_item(0,
00984 RT_ROLE,
00985 i_rc_tid,
00986 i_rc_tid,
00987 RI_def_user_create_type,
00988 &i_rc_item_val1,
00989 NULL))) {
00990 rsbac_rc_pr_get_error
00991 (RI_def_user_create_type);
00992 return (NOT_GRANTED);
00993 }
00994 switch (i_rc_item_val1.type_id) {
00995 case RC_type_no_create:
00996 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_user_create_type no_create, request CREATE -> NOT_GRANTED!\n",
00997 caller_pid, current->comm,
00998 current->uid,
00999 i_attr_val1.rc_role);
01000 return (NOT_GRANTED);
01001
01002 case RC_type_use_new_role_def_create:
01003
01004 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_user_create_type of role %i!\n",
01005 i_attr_val1.rc_role);
01006 return (NOT_GRANTED);
01007
01008 case RC_type_inherit_parent:
01009 case RC_type_inherit_process:
01010 case RC_type_use_fd:
01011
01012 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type inherit_parent in def_user_create_type of role %i!\n",
01013 i_attr_val1.rc_role);
01014 return (NOT_GRANTED);
01015
01016 default:
01017
01018
01019 i_rc_subtid.type = i_rc_item_val1.type_id;
01020 if (rsbac_rc_check_comp
01021 (i_attr_val1.rc_role, i_rc_subtid,
01022 RI_type_comp_user, R_CREATE))
01023 return (GRANTED);
01024 else {
01025 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_user_create_type %i -> NOT_GRANTED!\n",
01026 i_attr_val1.rc_role,
01027 i_rc_item_val1.
01028 type_id);
01029 return (NOT_GRANTED);
01030 }
01031 }
01032
01033 case T_GROUP:
01034
01035
01036 i_tid.process = caller_pid;
01037 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
01038 i_tid,
01039 A_rc_role,
01040 &i_attr_val1, FALSE))) {
01041 rsbac_pr_get_error(A_rc_role);
01042 return (NOT_GRANTED);
01043 }
01044
01045 i_rc_tid.role = i_attr_val1.rc_role;
01046 if ((err = rsbac_rc_get_item(0,
01047 RT_ROLE,
01048 i_rc_tid,
01049 i_rc_tid,
01050 RI_def_group_create_type,
01051 &i_rc_item_val1,
01052 NULL))) {
01053 rsbac_rc_pr_get_error
01054 (RI_def_group_create_type);
01055 return (NOT_GRANTED);
01056 }
01057 switch (i_rc_item_val1.type_id) {
01058 case RC_type_no_create:
01059 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_group_create_type no_create, request CREATE -> NOT_GRANTED!\n",
01060 caller_pid, current->comm,
01061 current->uid,
01062 i_attr_val1.rc_role);
01063 return (NOT_GRANTED);
01064
01065 case RC_type_use_new_role_def_create:
01066
01067 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_group_create_type of role %i!\n",
01068 i_attr_val1.rc_role);
01069 return (NOT_GRANTED);
01070
01071 case RC_type_inherit_parent:
01072 case RC_type_inherit_process:
01073 case RC_type_use_fd:
01074
01075 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type inherit_parent in def_group_create_type of role %i!\n",
01076 i_attr_val1.rc_role);
01077 return (NOT_GRANTED);
01078
01079 default:
01080
01081
01082 i_rc_subtid.type = i_rc_item_val1.type_id;
01083 if (rsbac_rc_check_comp
01084 (i_attr_val1.rc_role, i_rc_subtid,
01085 RI_type_comp_group, R_CREATE))
01086 return (GRANTED);
01087 else {
01088 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_group_create_type %i -> NOT_GRANTED!\n",
01089 i_attr_val1.rc_role,
01090 i_rc_item_val1.
01091 type_id);
01092 return (NOT_GRANTED);
01093 }
01094 }
01095 #endif
01096
01097 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01098 case T_NETTEMP:
01099
01100 i_tid.process = caller_pid;
01101 if ((err = rsbac_get_attr(SW_RC,
01102 T_PROCESS,
01103 i_tid,
01104 A_rc_role,
01105 &i_attr_val1, FALSE))) {
01106 rsbac_pr_get_error(A_rc_role);
01107 return NOT_GRANTED;
01108 }
01109
01110 i_rc_subtid.type = RSBAC_RC_GENERAL_TYPE;
01111 if (rsbac_rc_check_comp(i_attr_val1.rc_role,
01112 i_rc_subtid,
01113 RI_type_comp_nettemp,
01114 request))
01115 return (GRANTED);
01116 else {
01117 rsbac_pr_debug(adf_rc, "rc_role is %i, rc_nettemp_type is %i, request is CREATE -> NOT_GRANTED!\n",
01118 i_attr_val1.rc_role,
01119 RSBAC_RC_GENERAL_TYPE);
01120 return (NOT_GRANTED);
01121 }
01122
01123 case T_NETOBJ:
01124
01125 return(check_comp_rc(target, tid, request, caller_pid));
01126 #endif
01127
01128
01129 default:
01130 return (DO_NOT_CARE);
01131 }
01132
01133 case R_DELETE:
01134 switch (target) {
01135 case T_FILE:
01136 case T_DIR:
01137 case T_FIFO:
01138 case T_SYMLINK:
01139 case T_UNIXSOCK:
01140 case T_IPC:
01141 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01142 case T_NETTEMP:
01143 case T_NETOBJ:
01144 #endif
01145 #if defined(CONFIG_RSBAC_RC_UM_PROT)
01146 case T_USER:
01147 case T_GROUP:
01148 #endif
01149 return (check_comp_rc
01150 (target, tid, request, caller_pid));
01151
01152
01153 default:
01154 return (DO_NOT_CARE);
01155 }
01156
01157 case R_EXECUTE:
01158 switch (target) {
01159 case T_FILE:
01160
01161 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
01162 tid,
01163 A_rc_role,
01164 &i_attr_val1, FALSE))) {
01165 rsbac_pr_get_error(A_rc_role);
01166 return NOT_GRANTED;
01167 }
01168
01169 i_rc_tid.role = i_attr_val1.rc_role;
01170 if ((err = rsbac_rc_get_item(0,
01171 RT_ROLE,
01172 i_rc_tid,
01173 i_rc_tid,
01174 RI_def_process_execute_type,
01175 &i_rc_item_val1,
01176 NULL))) {
01177 rsbac_rc_pr_get_error
01178 (RI_def_process_execute_type);
01179 return (NOT_GRANTED);
01180 }
01181 if (i_rc_item_val1.type_id == RC_type_no_execute)
01182 return (NOT_GRANTED);
01183 else
01184 return (check_comp_rc
01185 (target, tid, request,
01186 caller_pid));
01187
01188
01189 default:
01190 return (DO_NOT_CARE);
01191 }
01192
01193 case R_GET_PERMISSIONS_DATA:
01194 switch (target) {
01195 case T_SCD:
01196 return (check_comp_rc_scd
01197 (tid.scd, request, caller_pid));
01198 case T_FILE:
01199 case T_DIR:
01200 case T_FIFO:
01201 case T_SYMLINK:
01202 case T_UNIXSOCK:
01203 case T_IPC:
01204 case T_DEV:
01205 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01206 case T_NETOBJ:
01207 #endif
01208 #if defined(CONFIG_RSBAC_RC_UM_PROT)
01209 case T_USER:
01210 case T_GROUP:
01211 #endif
01212 return (check_comp_rc
01213 (target, tid, request, caller_pid));
01214
01215 default:
01216 return (DO_NOT_CARE);
01217 };
01218
01219 case R_LINK_HARD:
01220 switch (target) {
01221 case T_FILE:
01222 case T_FIFO:
01223 case T_SYMLINK:
01224 return (check_comp_rc
01225 (target, tid, request, caller_pid));
01226
01227
01228 default:
01229 return (DO_NOT_CARE);
01230 }
01231
01232 case R_MODIFY_ACCESS_DATA:
01233 switch (target) {
01234 case T_FILE:
01235 case T_DIR:
01236 case T_FIFO:
01237 case T_SYMLINK:
01238 case T_UNIXSOCK:
01239 return (check_comp_rc
01240 (target, tid, request, caller_pid));
01241
01242
01243 default:
01244 return (DO_NOT_CARE);
01245 }
01246
01247 case R_AUTHENTICATE:
01248 switch (target) {
01249 case T_USER:
01250 return (check_comp_rc
01251 (target, tid, request, caller_pid));
01252
01253
01254 default:
01255 return (DO_NOT_CARE);
01256 }
01257
01258 case R_MODIFY_ATTRIBUTE:
01259 switch (attr) {
01260 case A_owner:
01261 return (NOT_GRANTED);
01262 case A_rc_type:
01263 case A_local_rc_type:
01264 case A_remote_rc_type:
01265 case A_rc_type_fd:
01266 case A_rc_type_nt:
01267 case A_rc_select_type:
01268
01269 result =
01270 check_comp_rc(target, tid, request,
01271 caller_pid);
01272 if ((result == GRANTED)
01273 || (result == DO_NOT_CARE)
01274 ) {
01275
01276 result =
01277 rsbac_rc_check_type_comp(target,
01278 attr_val.
01279 rc_type,
01280 RCR_ASSIGN,
01281 caller_pid);
01282 if ((result == GRANTED)
01283 || (result == DO_NOT_CARE)
01284 )
01285 return result;
01286 }
01287
01288 if ((err = rsbac_rc_test_role_admin(TRUE)))
01289 return (NOT_GRANTED);
01290 else
01291 return (GRANTED);
01292
01293 case A_rc_force_role:
01294 case A_rc_initial_role:
01295 case A_rc_role:
01296 case A_rc_def_role:
01297
01298 result =
01299 check_comp_rc(target, tid, request,
01300 caller_pid);
01301 if ((result == GRANTED)
01302 || (result == DO_NOT_CARE)
01303 ) {
01304
01305 if (!
01306 (err =
01307 rsbac_rc_test_assign_roles(target,
01308 tid, attr,
01309 attr_val.
01310 rc_role)))
01311 return (GRANTED);
01312 }
01313
01314 if (rsbac_rc_test_role_admin(TRUE))
01315 return (NOT_GRANTED);
01316 else
01317 return (GRANTED);
01318
01319
01320 case A_pseudo:
01321 if (target != T_USER)
01322 return UNDEFINED;
01323
01324 if (rsbac_rc_test_assign_roles
01325 (target, tid, A_rc_def_role,
01326 RC_role_inherit_user))
01327 return (NOT_GRANTED);
01328 else
01329 return (GRANTED);
01330
01331 #ifdef CONFIG_RSBAC_RC_GEN_PROT
01332 case A_log_array_low:
01333 case A_log_array_high:
01334 case A_log_program_based:
01335 case A_log_user_based:
01336 case A_symlink_add_remote_ip:
01337 case A_symlink_add_uid:
01338 case A_symlink_add_rc_role:
01339 case A_linux_dac_disable:
01340 case A_fake_root_uid:
01341 case A_audit_uid:
01342 case A_auid_exempt:
01343 case A_remote_ip:
01344
01345 result =
01346 check_comp_rc(target, tid, request,
01347 caller_pid);
01348 if ((result == GRANTED)
01349 || (result == DO_NOT_CARE)
01350 )
01351 return result;
01352
01353 if (rsbac_rc_test_role_admin(TRUE))
01354 return (NOT_GRANTED);
01355 else
01356 return (GRANTED);
01357 #endif
01358
01359
01360 case A_none:
01361 switch (target) {
01362 case T_USER:
01363
01364 if ((err =
01365 rsbac_rc_test_assign_roles(target,
01366 tid,
01367 A_rc_def_role,
01368 RC_role_inherit_user)))
01369 return (NOT_GRANTED);
01370 else
01371 return (GRANTED);
01372
01373 default:
01374
01375 return (check_comp_rc
01376 (target, tid, request,
01377 caller_pid));
01378 }
01379
01380 #ifdef CONFIG_RSBAC_RC_AUTH_PROT
01381 case A_auth_may_setuid:
01382 case A_auth_may_set_cap:
01383 case A_auth_start_uid:
01384 case A_auth_start_euid:
01385 case A_auth_start_gid:
01386 case A_auth_start_egid:
01387 case A_auth_program_file:
01388 case A_auth_learn:
01389 case A_auth_add_f_cap:
01390 case A_auth_remove_f_cap:
01391 case A_auth_last_auth:
01392
01393 result =
01394 check_comp_rc_scd(RST_auth_administration,
01395 request, caller_pid);
01396 if ((result == GRANTED)
01397 || (result == DO_NOT_CARE)
01398 ) {
01399
01400 result =
01401 check_comp_rc(target, tid,
01402 RCR_MODIFY_AUTH,
01403 caller_pid);
01404 if ((result == GRANTED)
01405 || (result == DO_NOT_CARE)
01406 )
01407 return result;
01408 }
01409
01410 if ((err = rsbac_rc_test_role_admin(TRUE)))
01411 return (NOT_GRANTED);
01412 else
01413 return (GRANTED);
01414 #endif
01415
01416 default:
01417 return (DO_NOT_CARE);
01418 }
01419
01420 case R_MODIFY_PERMISSIONS_DATA:
01421 switch (target) {
01422 case T_FILE:
01423 case T_DIR:
01424 case T_FIFO:
01425 case T_SYMLINK:
01426 case T_UNIXSOCK:
01427 case T_IPC:
01428 case T_DEV:
01429 #if defined(CONFIG_RSBAC_RC_UM_PROT)
01430 case T_USER:
01431 case T_GROUP:
01432 #endif
01433 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01434 case T_NETOBJ:
01435 #endif
01436 return (check_comp_rc
01437 (target, tid, request, caller_pid));
01438
01439 case T_SCD:
01440 return (check_comp_rc_scd
01441 (tid.scd, request, caller_pid));
01442
01443 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE
01444 case T_NONE:
01445
01446 return (check_comp_rc_scd
01447 (ST_other, request, caller_pid));
01448 #endif
01449
01450
01451 default:
01452 return (DO_NOT_CARE);
01453 }
01454
01455 case R_MODIFY_SYSTEM_DATA:
01456 switch (target) {
01457 case T_SCD:
01458 return (check_comp_rc_scd
01459 (tid.scd, request, caller_pid));
01460
01461 case T_DEV:
01462 case T_PROCESS:
01463 case T_IPC:
01464 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT)
01465 case T_NETDEV:
01466 #endif
01467 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01468 case T_NETOBJ:
01469 #endif
01470 return (check_comp_rc
01471 (target, tid, request, caller_pid));
01472
01473
01474 default:
01475 return (DO_NOT_CARE);
01476 }
01477
01478 case R_MOUNT:
01479 switch (target) {
01480 case T_FILE:
01481 case T_DIR:
01482 case T_DEV:
01483 return (check_comp_rc
01484 (target, tid, request, caller_pid));
01485
01486
01487 default:
01488 return (DO_NOT_CARE);
01489 }
01490
01491 case R_READ_ATTRIBUTE:
01492 switch (attr) {
01493 case A_rc_type:
01494 case A_rc_type_fd:
01495 case A_rc_type_nt:
01496 case A_rc_force_role:
01497 case A_rc_initial_role:
01498 case A_rc_role:
01499 case A_rc_def_role:
01500 case A_rc_select_type:
01501 case A_pseudo:
01502 #ifdef CONFIG_RSBAC_RC_GEN_PROT
01503 case A_owner:
01504 case A_log_array_low:
01505 case A_log_array_high:
01506 case A_log_program_based:
01507 case A_log_user_based:
01508 case A_symlink_add_remote_ip:
01509 case A_symlink_add_uid:
01510 case A_symlink_add_rc_role:
01511 case A_linux_dac_disable:
01512 case A_fake_root_uid:
01513 case A_audit_uid:
01514 case A_auid_exempt:
01515 case A_remote_ip:
01516 #endif
01517
01518 result =
01519 check_comp_rc(target, tid, request,
01520 caller_pid);
01521 if ((result == GRANTED)
01522 || (result == DO_NOT_CARE)
01523 )
01524 return result;
01525
01526 if (rsbac_rc_test_role_admin(FALSE))
01527 return (NOT_GRANTED);
01528 else
01529 return (GRANTED);
01530
01531 #ifdef CONFIG_RSBAC_RC_AUTH_PROT
01532 case A_auth_may_setuid:
01533 case A_auth_may_set_cap:
01534 case A_auth_start_uid:
01535 case A_auth_start_euid:
01536 case A_auth_start_gid:
01537 case A_auth_start_egid:
01538 case A_auth_program_file:
01539 case A_auth_learn:
01540 case A_auth_add_f_cap:
01541 case A_auth_remove_f_cap:
01542 case A_auth_last_auth:
01543
01544 result =
01545 check_comp_rc_scd(RST_auth_administration,
01546 request, caller_pid);
01547 if ((result == GRANTED)
01548 || (result == DO_NOT_CARE)
01549 )
01550 return result;
01551
01552 if (rsbac_rc_test_role_admin(FALSE))
01553 return (NOT_GRANTED);
01554 else
01555 return (GRANTED);
01556 #endif
01557
01558 default:
01559 return (DO_NOT_CARE);
01560 }
01561
01562 case R_READ_OPEN:
01563 switch (target) {
01564 case T_FILE:
01565 case T_FIFO:
01566 case T_UNIXSOCK:
01567 case T_DEV:
01568 case T_IPC:
01569 return (check_comp_rc
01570 (target, tid, request, caller_pid));
01571
01572
01573 default:
01574 return (DO_NOT_CARE);
01575 }
01576
01577 case R_ADD_TO_KERNEL:
01578 switch (target) {
01579 case T_NONE:
01580
01581 return (check_comp_rc_scd
01582 (ST_other, request, caller_pid));
01583
01584 case T_FILE:
01585 case T_DEV:
01586 return (check_comp_rc
01587 (target, tid, request, caller_pid));
01588
01589
01590 default:
01591 return (DO_NOT_CARE);
01592 }
01593
01594
01595 case R_ALTER:
01596
01597 switch (target) {
01598 case T_IPC:
01599 return (check_comp_rc
01600 (target, tid, request, caller_pid));
01601
01602
01603 default:
01604 return (DO_NOT_CARE);
01605 }
01606
01607 case R_REMOVE_FROM_KERNEL:
01608 switch (target) {
01609 case T_NONE:
01610 return (check_comp_rc_scd
01611 (ST_other, request, caller_pid));
01612
01613 case T_FILE:
01614 case T_DEV:
01615 return (check_comp_rc
01616 (target, tid, request, caller_pid));
01617
01618
01619 default:
01620 return (DO_NOT_CARE);
01621 }
01622
01623 case R_RENAME:
01624 switch (target) {
01625 case T_FILE:
01626 case T_DIR:
01627 case T_FIFO:
01628 case T_SYMLINK:
01629 case T_UNIXSOCK:
01630 #if defined(CONFIG_RSBAC_RC_UM_PROT)
01631 case T_USER:
01632 case T_GROUP:
01633 #endif
01634 return (check_comp_rc
01635 (target, tid, request, caller_pid));
01636
01637
01638 default:
01639 return (DO_NOT_CARE);
01640 }
01641
01642 case R_SEND_SIGNAL:
01643 case R_TRACE:
01644 if (target == T_PROCESS)
01645 return (check_comp_rc
01646 (target, tid, request, caller_pid));
01647 else
01648 return (DO_NOT_CARE);
01649
01650 case R_SHUTDOWN:
01651 switch (target) {
01652 case T_NONE:
01653 return (check_comp_rc_scd
01654 (ST_other, request, caller_pid));
01655
01656
01657 default:
01658 return (DO_NOT_CARE);
01659 }
01660
01661 case R_SWITCH_LOG:
01662 switch (target) {
01663 case T_NONE:
01664 return (check_comp_rc_scd
01665 (ST_other, request, caller_pid));
01666
01667
01668 default:
01669 return (DO_NOT_CARE);
01670 }
01671
01672 case R_SWITCH_MODULE:
01673 switch (target) {
01674 case T_NONE:
01675
01676 if (attr != A_switch_target)
01677 return (UNDEFINED);
01678
01679 if ((attr_val.switch_target != SW_RC)
01680 #ifdef CONFIG_RSBAC_SOFTMODE
01681 && (attr_val.switch_target != SW_SOFTMODE)
01682 #endif
01683 #ifdef CONFIG_RSBAC_FREEZE
01684 && (attr_val.switch_target != SW_FREEZE)
01685 #endif
01686 #ifdef CONFIG_RSBAC_RC_AUTH_PROT
01687 && (attr_val.switch_target != SW_AUTH)
01688 #endif
01689 )
01690 return (DO_NOT_CARE);
01691 return (check_comp_rc_scd
01692 (ST_other, request, caller_pid));
01693
01694
01695 default:
01696 return (DO_NOT_CARE);
01697 }
01698
01699 case R_TERMINATE:
01700 if (target == T_PROCESS)
01701 return (DO_NOT_CARE);
01702 else
01703 return (DO_NOT_CARE);
01704
01705 case R_TRUNCATE:
01706 switch (target) {
01707 case T_FILE:
01708 return (check_comp_rc
01709 (target, tid, request, caller_pid));
01710
01711
01712 default:
01713 return (DO_NOT_CARE);
01714 }
01715
01716 case R_WRITE_OPEN:
01717 switch (target) {
01718 case T_FILE:
01719 case T_DEV:
01720 case T_FIFO:
01721 case T_UNIXSOCK:
01722 case T_IPC:
01723 return (check_comp_rc
01724 (target, tid, request, caller_pid));
01725
01726
01727 default:
01728 return (DO_NOT_CARE);
01729 }
01730
01731 case R_UMOUNT:
01732 switch (target) {
01733 case T_FILE:
01734 case T_DIR:
01735 case T_DEV:
01736 return (check_comp_rc
01737 (target, tid, request, caller_pid));
01738
01739
01740 default:
01741 return (DO_NOT_CARE);
01742 }
01743
01744
01745 #if defined(CONFIG_RSBAC_NET)
01746 case R_BIND:
01747 switch (target) {
01748 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT)
01749 case T_NETDEV:
01750 return (check_comp_rc
01751 (target, tid, request, caller_pid));
01752 #endif
01753
01754 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01755 case T_NETOBJ:
01756 return (check_comp_rc
01757 (target, tid, request, caller_pid));
01758 #endif
01759
01760
01761 default:
01762 return (DO_NOT_CARE);
01763 }
01764 #endif
01765
01766 case R_IOCTL:
01767 switch (target) {
01768 case T_DEV:
01769 case T_UNIXSOCK:
01770 case T_IPC:
01771 return (check_comp_rc
01772 (target, tid, request, caller_pid));
01773 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01774 case T_NETOBJ:
01775 #endif
01776 return (check_comp_rc
01777 (target, tid, request, caller_pid));
01778
01779 default:
01780 return (DO_NOT_CARE);
01781 }
01782
01783 case R_LOCK:
01784 switch (target) {
01785 case T_FILE:
01786 case T_DIR:
01787 case T_FIFO:
01788 case T_SYMLINK:
01789 case T_UNIXSOCK:
01790 return (check_comp_rc
01791 (target, tid, request, caller_pid));
01792
01793 default:
01794 return (DO_NOT_CARE);
01795 }
01796 case RCR_SELECT:
01797 switch (target) {
01798 case T_FILE:
01799 case T_DIR:
01800 case T_FIFO:
01801 case T_SYMLINK:
01802 case T_UNIXSOCK:
01803 return (check_comp_rc
01804 (target, tid, request, caller_pid));
01805 default:
01806 return (DO_NOT_CARE);
01807 }
01808 default:
01809 return DO_NOT_CARE;
01810 }
01811
01812 return result;
01813 }
01814
01815
01816
01817
01818
01819
01820
01821
01822
01823
01824
01825
01826 inline int rsbac_adf_set_attr_rc(enum rsbac_adf_request_t request,
01827 rsbac_pid_t caller_pid,
01828 enum rsbac_target_t target,
01829 union rsbac_target_id_t tid,
01830 enum rsbac_target_t new_target,
01831 union rsbac_target_id_t new_tid,
01832 enum rsbac_attribute_t attr,
01833 union rsbac_attribute_value_t attr_val,
01834 rsbac_uid_t owner)
01835 {
01836 int err;
01837 union rsbac_target_id_t i_tid;
01838 union rsbac_attribute_value_t i_attr_val1;
01839 union rsbac_attribute_value_t i_attr_val2;
01840 union rsbac_rc_target_id_t i_rc_tid;
01841 union rsbac_rc_target_id_t i_rc_subtid;
01842 union rsbac_rc_item_value_t i_rc_item_val1;
01843
01844 switch (request) {
01845 case R_CLOSE:
01846 case R_ACCEPT:
01847 case R_READ:
01848 return 0;
01849 case R_CHANGE_OWNER:
01850 switch (target) {
01851 case T_PROCESS:
01852
01853
01854
01855 if (attr != A_owner)
01856 return (-RSBAC_EINVALIDATTR);
01857
01858
01859 i_tid.process = caller_pid;
01860 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
01861 i_tid,
01862 A_rc_role,
01863 &i_attr_val1, TRUE))) {
01864 rsbac_pr_get_error(A_rc_role);
01865 return -RSBAC_EREADFAILED;
01866 }
01867
01868 i_rc_tid.role = i_attr_val1.rc_role;
01869 if ((err = rsbac_rc_get_item(0,
01870 RT_ROLE,
01871 i_rc_tid,
01872 i_rc_tid,
01873 RI_def_process_chown_type,
01874 &i_rc_item_val1,
01875 NULL))) {
01876 rsbac_rc_pr_get_error
01877 (RI_def_process_chown_type);
01878 return -RSBAC_EREADFAILED;
01879 }
01880
01881
01882 i_tid.process = caller_pid;
01883 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
01884 i_tid,
01885 A_rc_force_role,
01886 &i_attr_val1, TRUE))) {
01887 rsbac_pr_get_error(A_rc_force_role);
01888 return -RSBAC_EREADFAILED;
01889 }
01890
01891 if ((i_attr_val1.rc_force_role ==
01892 RC_role_inherit_user)
01893 || (i_attr_val1.rc_force_role ==
01894 RC_role_inherit_up_mixed)
01895 ) {
01896
01897 i_tid.user = attr_val.owner;
01898 if ((err = rsbac_get_attr(SW_RC, T_USER,
01899 i_tid,
01900 A_rc_def_role,
01901 &i_attr_val1,
01902 TRUE))) {
01903 rsbac_pr_get_error(A_rc_def_role);
01904 return -RSBAC_EREADFAILED;
01905 }
01906
01907 if (i_attr_val1.rc_def_role >
01908 RC_role_max_value) {
01909 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): rc_def_role %u of user %u is higher than MAX_ROLE %u, setting role of process %u to GENERAL_ROLE %u!\n",
01910 i_attr_val1.
01911 rc_def_role,
01912 attr_val.owner,
01913 RC_role_max_value,
01914 caller_pid,
01915 RSBAC_RC_GENERAL_ROLE);
01916 i_attr_val1.rc_def_role =
01917 RSBAC_RC_GENERAL_ROLE;
01918 }
01919
01920 i_tid.process = caller_pid;
01921 if ((err = rsbac_set_attr(SW_RC, T_PROCESS,
01922 i_tid,
01923 A_rc_role,
01924 i_attr_val1))) {
01925 rsbac_pr_set_error(A_rc_role);
01926 return -RSBAC_EWRITEFAILED;
01927 }
01928 } else
01929
01930 if ((i_attr_val1.rc_force_role <= RC_role_max_value)
01931 ) {
01932
01933 i_tid.process = caller_pid;
01934 if ((err = rsbac_set_attr(SW_RC, T_PROCESS,
01935 i_tid,
01936 A_rc_role,
01937 i_attr_val1))) {
01938 rsbac_pr_set_error(A_rc_role);
01939 return -RSBAC_EWRITEFAILED;
01940 }
01941 }
01942
01943
01944 switch (i_rc_item_val1.type_id) {
01945 case RC_type_inherit_parent:
01946 case RC_type_inherit_process:
01947
01948 break;
01949 case RC_type_use_new_role_def_create:
01950
01951 i_tid.process = caller_pid;
01952 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
01953 i_tid,
01954 A_rc_role,
01955 &i_attr_val1, TRUE))) {
01956 rsbac_pr_get_error(A_rc_role);
01957 return -RSBAC_EREADFAILED;
01958 }
01959
01960 if (i_attr_val1.rc_role >
01961 RC_role_max_value)
01962 break;
01963
01964 i_rc_tid.role = i_attr_val1.rc_role;
01965 if ((err = rsbac_rc_get_item(0,
01966 RT_ROLE,
01967 i_rc_tid,
01968 i_rc_tid,
01969 RI_def_process_create_type,
01970 &i_rc_item_val1,
01971 NULL))) {
01972 rsbac_rc_pr_get_error
01973 (RI_def_process_create_type);
01974 return (-RSBAC_EREADFAILED);
01975 }
01976 switch (i_rc_item_val1.type_id) {
01977 case RC_type_inherit_parent:
01978 case RC_type_inherit_process:
01979
01980 break;
01981 case RC_type_use_new_role_def_create:
01982
01983 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_process_create_type of role %i!\n",
01984 i_attr_val1.rc_role);
01985 break;
01986 case RC_type_no_create:
01987
01988 i_rc_item_val1.type_id =
01989 RSBAC_RC_GENERAL_TYPE;
01990
01991 default:
01992
01993 i_attr_val1.rc_type =
01994 i_rc_item_val1.type_id;
01995 if ((err =
01996 rsbac_set_attr(SW_RC, T_PROCESS,
01997 i_tid,
01998 A_rc_type,
01999 i_attr_val1)))
02000 {
02001 rsbac_pr_set_error(A_rc_type);
02002 return -RSBAC_EWRITEFAILED;
02003 }
02004 }
02005 break;
02006 case RC_type_no_create:
02007 case RC_type_no_chown:
02008
02009 i_rc_item_val1.type_id =
02010 RSBAC_RC_GENERAL_TYPE;
02011
02012 default:
02013
02014 i_attr_val1.rc_type =
02015 i_rc_item_val1.type_id;
02016 if ((err =
02017 rsbac_set_attr(SW_RC, T_PROCESS, i_tid,
02018 A_rc_type,
02019 i_attr_val1))) {
02020 rsbac_pr_set_error(A_rc_type);
02021 return -RSBAC_EWRITEFAILED;
02022 }
02023 }
02024
02025 return 0;
02026
02027
02028 default:
02029 return 0;
02030 }
02031
02032 case R_CLONE:
02033 if (target == T_PROCESS) {
02034
02035 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
02036 tid,
02037 A_rc_role,
02038 &i_attr_val1, FALSE))) {
02039 rsbac_pr_get_error(A_rc_role);
02040 return (-RSBAC_EREADFAILED);
02041 }
02042
02043
02044 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
02045 tid,
02046 A_rc_force_role,
02047 &i_attr_val2, FALSE))) {
02048 rsbac_pr_get_error(A_rc_force_role);
02049 return (-RSBAC_EREADFAILED);
02050 }
02051
02052
02053 if ((err = rsbac_set_attr(SW_RC, T_PROCESS,
02054 new_tid,
02055 A_rc_role,
02056 i_attr_val1))) {
02057 rsbac_pr_set_error(A_rc_role);
02058 return -RSBAC_EWRITEFAILED;
02059 }
02060
02061
02062 if ((err = rsbac_set_attr(SW_RC, T_PROCESS,
02063 new_tid,
02064 A_rc_force_role,
02065 i_attr_val2))) {
02066 rsbac_pr_set_error(A_rc_force_role);
02067 return -RSBAC_EWRITEFAILED;
02068 }
02069
02070
02071 i_rc_tid.role = i_attr_val1.rc_role;
02072 if ((err = rsbac_rc_get_item(0,
02073 RT_ROLE,
02074 i_rc_tid,
02075 i_rc_tid,
02076 RI_def_process_create_type,
02077 &i_rc_item_val1,
02078 NULL))) {
02079 rsbac_rc_pr_get_error
02080 (RI_def_process_create_type);
02081 return (-RSBAC_EREADFAILED);
02082 }
02083 switch (i_rc_item_val1.type_id) {
02084 case RC_type_inherit_parent:
02085 case RC_type_inherit_process:
02086
02087
02088 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
02089 tid,
02090 A_rc_type,
02091 &i_attr_val1,
02092 FALSE))) {
02093 rsbac_pr_get_error(A_rc_type);
02094 return -RSBAC_EREADFAILED;
02095 }
02096
02097 if ((err = rsbac_set_attr(SW_RC, T_PROCESS,
02098 new_tid,
02099 A_rc_type,
02100 i_attr_val1))) {
02101 rsbac_pr_set_error(A_rc_type);
02102 return -RSBAC_EWRITEFAILED;
02103 }
02104 break;
02105 case RC_type_no_create:
02106 return (-RSBAC_EDECISIONMISMATCH);
02107 case RC_type_use_new_role_def_create:
02108
02109 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_process_create_type of role %i!\n",
02110 i_attr_val1.rc_role);
02111 return (-RSBAC_EINVALIDVALUE);
02112 default:
02113
02114 i_attr_val1.rc_type =
02115 i_rc_item_val1.type_id;
02116 if ((err =
02117 rsbac_set_attr(SW_RC, T_PROCESS, new_tid,
02118 A_rc_type,
02119 i_attr_val1))) {
02120 rsbac_pr_set_error(A_rc_type);
02121 return -RSBAC_EWRITEFAILED;
02122 }
02123 }
02124 return 0;
02125 } else
02126 return 0;
02127
02128 case R_CREATE:
02129 switch (target) {
02130
02131 case T_DIR:
02132
02133
02134
02135 i_tid.process = caller_pid;
02136 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
02137 i_tid,
02138 A_rc_select_type,
02139 &i_attr_val1, FALSE))) {
02140 rsbac_pr_get_error(A_rc_select_type);
02141 return -RSBAC_EREADFAILED;
02142 }
02143 if (i_attr_val1.rc_select_type != RC_type_use_fd) {
02144 i_attr_val2.rc_type_fd = i_attr_val1.rc_select_type;
02145
02146
02147
02148 i_attr_val1.rc_select_type = RC_type_use_fd;
02149 if ((err = rsbac_set_attr(SW_RC, T_PROCESS,
02150 i_tid, A_rc_select_type,
02151 i_attr_val1)))
02152 {
02153 rsbac_printk("rsbac_adf_set_attr_rc(): unable to reset rc_select_type to default value!\n");
02154 }
02155 if ((err = rsbac_set_attr(SW_RC, new_target,
02156 new_tid, A_rc_type_fd,
02157 i_attr_val2)))
02158 {
02159 rsbac_pr_set_error(A_rc_type_fd);
02160 return -RSBAC_EWRITEFAILED;
02161 }
02162 return 0;
02163
02164 }
02165
02166 i_tid.process = caller_pid;
02167 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
02168 i_tid,
02169 A_rc_role,
02170 &i_attr_val1, FALSE))) {
02171 rsbac_pr_get_error(A_rc_role);
02172 return -RSBAC_EREADFAILED;
02173 }
02174
02175
02176 if ((err = rsbac_get_attr(SW_RC,
02177 target,
02178 tid,
02179 A_rc_type_fd,
02180 &i_attr_val2, TRUE))) {
02181 rsbac_pr_get_error(A_rc_type_fd);
02182 return (-RSBAC_EREADFAILED);
02183 }
02184 i_rc_tid.role = i_attr_val1.rc_role;
02185 switch(new_target) {
02186 case T_UNIXSOCK:
02187 if ((err = rsbac_rc_get_item(0,
02188 RT_ROLE,
02189 i_rc_tid,
02190 i_rc_subtid,
02191 RI_def_unixsock_create_type,
02192 &i_rc_item_val1,
02193 NULL))) {
02194 rsbac_rc_pr_get_error
02195 (RI_def_unixsock_create_type);
02196 return -RSBAC_EREADFAILED;
02197 }
02198 if(i_rc_item_val1.type_id != RC_type_use_fd)
02199 break;
02200
02201 default:
02202 i_rc_subtid.type = i_attr_val2.rc_type;
02203 if ((err = rsbac_rc_get_item(0, RT_ROLE, i_rc_tid, i_rc_subtid, RI_def_fd_ind_create_type, &i_rc_item_val1, NULL))) {
02204 if ((err = rsbac_rc_get_item(0,
02205 RT_ROLE,
02206 i_rc_tid,
02207 i_rc_subtid,
02208 RI_def_fd_create_type,
02209 &i_rc_item_val1,
02210 NULL))) {
02211 rsbac_rc_pr_get_error
02212 (RI_def_fd_create_type);
02213 return -RSBAC_EREADFAILED;
02214 }
02215 }
02216 }
02217 switch (i_rc_item_val1.type_id) {
02218 case RC_type_no_create:
02219 return (-RSBAC_EDECISIONMISMATCH);
02220 break;
02221
02222 case RC_type_use_new_role_def_create:
02223 case RC_type_inherit_process:
02224
02225 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type inherit_process or use_new_role_def_create in def_fd_create_type or def_unixsock_create_type of role %i!\n",
02226 i_attr_val1.rc_role);
02227 return (-RSBAC_EINVALIDVALUE);
02228
02229 case RC_type_inherit_parent:
02230 default:
02231
02232 if ((err = rsbac_get_attr(SW_RC, new_target,
02233 new_tid,
02234 A_rc_type_fd,
02235 &i_attr_val1,
02236 FALSE))) {
02237 rsbac_pr_get_error(A_rc_type_fd);
02238 return (-RSBAC_EREADFAILED);
02239 }
02240
02241 if (i_attr_val1.rc_type_fd !=
02242 i_rc_item_val1.type_id) {
02243 i_attr_val1.rc_type_fd =
02244 i_rc_item_val1.type_id;
02245 if ((err =
02246 rsbac_set_attr(SW_RC, new_target,
02247 new_tid,
02248 A_rc_type_fd,
02249 i_attr_val1)))
02250 {
02251 rsbac_pr_set_error(A_rc_type_fd);
02252 return -RSBAC_EWRITEFAILED;
02253 }
02254 }
02255 }
02256 return 0;
02257
02258 case T_IPC:
02259
02260 i_tid.process = caller_pid;
02261 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
02262 i_tid,
02263 A_rc_role,
02264 &i_attr_val1, FALSE))) {
02265 rsbac_pr_get_error(A_rc_role);
02266 return -RSBAC_EREADFAILED;
02267 }
02268
02269 i_rc_tid.role = i_attr_val1.rc_role;
02270 if ((err = rsbac_rc_get_item(0,
02271 RT_ROLE,
02272 i_rc_tid,
02273 i_rc_tid,
02274 RI_def_ipc_create_type,
02275 &i_rc_item_val1,
02276 NULL))) {
02277 rsbac_rc_pr_get_error
02278 (RI_def_ipc_create_type);
02279 return -RSBAC_EREADFAILED;
02280 }
02281 switch (i_rc_item_val1.type_id) {
02282 case RC_type_no_create:
02283 return (-RSBAC_EDECISIONMISMATCH);
02284 break;
02285
02286 case RC_type_use_new_role_def_create:
02287
02288 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_ipc_create_type of role %i!\n",
02289 i_attr_val1.rc_role);
02290 return (-RSBAC_EINVALIDVALUE);
02291
02292 case RC_type_inherit_parent:
02293 case RC_type_inherit_process:
02294
02295 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type inherit_parent in def_ipc_create_type of role %i!\n",
02296 i_attr_val1.rc_role);
02297 return -RSBAC_EINVALIDVALUE;
02298
02299 default:
02300
02301 i_attr_val1.rc_type =
02302 i_rc_item_val1.type_id;
02303
02304 if ((err = rsbac_get_attr(SW_RC,
02305 target,
02306 tid,
02307 A_rc_type,
02308 &i_attr_val2,
02309 FALSE))) {
02310 rsbac_pr_get_error(A_rc_type);
02311 return -RSBAC_EREADFAILED;
02312 }
02313
02314 if (i_attr_val1.rc_type !=
02315 i_attr_val2.rc_type) {
02316 if ((err =
02317 rsbac_set_attr(SW_RC, target,
02318 tid, A_rc_type,
02319 i_attr_val1)))
02320 {
02321 rsbac_pr_set_error
02322 (A_rc_type);
02323 return -RSBAC_EWRITEFAILED;
02324 }
02325 }
02326 }
02327 return 0;
02328
02329 case T_USER:
02330
02331 i_tid.process = caller_pid;
02332 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
02333 i_tid,
02334 A_rc_role,
02335 &i_attr_val1, FALSE))) {
02336 rsbac_pr_get_error(A_rc_role);
02337 return -RSBAC_EREADFAILED;
02338 }
02339
02340 i_rc_tid.role = i_attr_val1.rc_role;
02341 if ((err = rsbac_rc_get_item(0,
02342 RT_ROLE,
02343 i_rc_tid,
02344 i_rc_tid,
02345 RI_def_user_create_type,
02346 &i_rc_item_val1,
02347 NULL))) {
02348 rsbac_rc_pr_get_error
02349 (RI_def_user_create_type);
02350 return -RSBAC_EREADFAILED;
02351 }
02352 switch (i_rc_item_val1.type_id) {
02353 case RC_type_no_create:
02354 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_user_create_type no_create, request CREATE -> NOT_GRANTED!\n",
02355 caller_pid, current->comm,
02356 current->uid,
02357 i_attr_val1.rc_role);
02358 return -RSBAC_EDECISIONMISMATCH;
02359
02360 case RC_type_use_new_role_def_create:
02361
02362 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_user_create_type of role %i!\n",
02363 i_attr_val1.rc_role);
02364 return -RSBAC_EINVALIDVALUE;
02365
02366 case RC_type_inherit_parent:
02367 case RC_type_inherit_process:
02368
02369 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type inherit_parent in def_user_create_type of role %i!\n",
02370 i_attr_val1.rc_role);
02371 return -RSBAC_EINVALIDVALUE;
02372
02373 default:
02374
02375 i_attr_val1.rc_type =
02376 i_rc_item_val1.type_id;
02377
02378 if ((err = rsbac_get_attr(SW_RC,
02379 target,
02380 tid,
02381 A_rc_type,
02382 &i_attr_val2,
02383 FALSE))) {
02384 rsbac_pr_get_error(A_rc_type);
02385 return -RSBAC_EREADFAILED;
02386 }
02387
02388 if (i_attr_val1.rc_type !=
02389 i_attr_val2.rc_type) {
02390 if ((err =
02391 rsbac_set_attr(SW_RC, target,
02392 tid, A_rc_type,
02393 i_attr_val1)))
02394 {
02395 rsbac_pr_set_error
02396 (A_rc_type);
02397 return -RSBAC_EWRITEFAILED;
02398 }
02399 }
02400 }
02401 return 0;
02402
02403 case T_GROUP:
02404
02405 i_tid.process = caller_pid;
02406 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
02407 i_tid,
02408 A_rc_role,
02409 &i_attr_val1, FALSE))) {
02410 rsbac_pr_get_error(A_rc_role);
02411 return -RSBAC_EREADFAILED;
02412 }
02413
02414 i_rc_tid.role = i_attr_val1.rc_role;
02415 if ((err = rsbac_rc_get_item(0,
02416 RT_ROLE,
02417 i_rc_tid,
02418 i_rc_tid,
02419 RI_def_group_create_type,
02420 &i_rc_item_val1,
02421 NULL))) {
02422 rsbac_rc_pr_get_error
02423 (RI_def_group_create_type);
02424 return -RSBAC_EREADFAILED;
02425 }
02426 switch (i_rc_item_val1.type_id) {
02427 case RC_type_no_create:
02428 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_group_create_type no_create, request CREATE -> NOT_GRANTED!\n",
02429 caller_pid, current->comm,
02430 current->uid,
02431 i_attr_val1.rc_role);
02432 return -RSBAC_EDECISIONMISMATCH;
02433
02434 case RC_type_use_new_role_def_create:
02435
02436 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_group_create_type of role %i!\n",
02437 i_attr_val1.rc_role);
02438 return -RSBAC_EINVALIDVALUE;
02439
02440 case RC_type_inherit_parent:
02441 case RC_type_inherit_process:
02442
02443 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type inherit_parent in def_group_create_type of role %i!\n",
02444 i_attr_val1.rc_role);
02445 return -RSBAC_EINVALIDVALUE;
02446
02447 default:
02448
02449 i_attr_val1.rc_type =
02450 i_rc_item_val1.type_id;
02451
02452 if ((err = rsbac_get_attr(SW_RC,
02453 target,
02454 tid,
02455 A_rc_type,
02456 &i_attr_val2,
02457 FALSE))) {
02458 rsbac_pr_get_error(A_rc_type);
02459 return -RSBAC_EREADFAILED;
02460 }
02461
02462 if (i_attr_val1.rc_type !=
02463 i_attr_val2.rc_type) {
02464 if ((err =
02465 rsbac_set_attr(SW_RC, target,
02466 tid, A_rc_type,
02467 i_attr_val1)))
02468 {
02469 rsbac_pr_set_error
02470 (A_rc_type);
02471 return -RSBAC_EWRITEFAILED;
02472 }
02473 }
02474 }
02475 return 0;
02476
02477
02478 default:
02479 return 0;
02480 }
02481
02482 case R_EXECUTE:
02483 switch (target) {
02484 case T_FILE:
02485
02486 if ((err = rsbac_get_attr(SW_RC, T_FILE,
02487 tid,
02488 A_rc_force_role,
02489 &i_attr_val1, TRUE))) {
02490 rsbac_pr_get_error(A_rc_force_role);
02491 return -RSBAC_EREADFAILED;
02492 }
02493
02494 if ((i_attr_val1.rc_force_role > RC_role_max_value)
02495 && (i_attr_val1.rc_force_role <
02496 RC_role_min_special)
02497 ) {
02498 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): rc_force_role %u of file %u on device %02u:%02u is higher than MAX_ROLE %u, setting forced role of process %u to default value %u!\n",
02499 i_attr_val1.rc_force_role,
02500 tid.file.inode,
02501 MAJOR(tid.file.device),
02502 MINOR(tid.file.device),
02503 RC_role_max_value, caller_pid,
02504 RC_default_root_dir_force_role);
02505 i_attr_val1.rc_force_role =
02506 RC_default_root_dir_force_role;
02507 }
02508
02509 i_tid.process = caller_pid;
02510 if ((err = rsbac_set_attr(SW_RC, T_PROCESS,
02511 i_tid,
02512 A_rc_force_role,
02513 i_attr_val1))) {
02514 rsbac_pr_set_error(A_rc_force_role);
02515 return -RSBAC_EWRITEFAILED;
02516 }
02517
02518 if ((err = rsbac_get_attr(SW_RC, T_FILE,
02519 tid,
02520 A_rc_initial_role,
02521 &i_attr_val2, TRUE))) {
02522 rsbac_pr_get_error(A_rc_initial_role);
02523 return -RSBAC_EREADFAILED;
02524 }
02525
02526 if ((i_attr_val2.rc_initial_role >
02527 RC_role_max_value)
02528 && (i_attr_val2.rc_initial_role !=
02529 RC_role_use_force_role)
02530 ) {
02531 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): rc_initial_role %u of file %u on device %02u:%02u is higher than MAX_ROLE %u, setting initial role of process %u to default value %u!\n",
02532 i_attr_val2.rc_initial_role,
02533 tid.file.inode,
02534 MAJOR(tid.file.device),
02535 MINOR(tid.file.device),
02536 RC_role_max_value, caller_pid,
02537 RC_default_root_dir_initial_role);
02538 i_attr_val2.rc_initial_role =
02539 RC_default_root_dir_initial_role;
02540 }
02541 if (i_attr_val2.rc_initial_role ==
02542 RC_role_use_force_role) {
02543 switch (i_attr_val1.rc_force_role) {
02544 case RC_role_inherit_user:
02545
02546 i_tid.user = owner;
02547 if ((err =
02548 rsbac_get_attr(SW_RC, T_USER,
02549 i_tid,
02550 A_rc_def_role,
02551 &i_attr_val1,
02552 TRUE))) {
02553 rsbac_pr_get_error
02554 (A_rc_def_role);
02555 return -RSBAC_EREADFAILED;
02556 }
02557
02558 i_tid.process = caller_pid;
02559 if ((err =
02560 rsbac_set_attr(SW_RC, T_PROCESS,
02561 i_tid,
02562 A_rc_role,
02563 i_attr_val1)))
02564 {
02565 rsbac_pr_set_error
02566 (A_rc_role);
02567 return -RSBAC_EWRITEFAILED;
02568 }
02569 break;
02570
02571 case RC_role_inherit_parent:
02572 case RC_role_inherit_process:
02573 case RC_role_inherit_up_mixed:
02574
02575 break;
02576
02577 default:
02578
02579 i_tid.process = caller_pid;
02580 if ((err =
02581 rsbac_set_attr(SW_RC, T_PROCESS,
02582 i_tid,
02583 A_rc_role,
02584 i_attr_val1)))
02585 {
02586 rsbac_pr_set_error
02587 (A_rc_role);
02588 return -RSBAC_EWRITEFAILED;
02589 }
02590 }
02591 } else {
02592
02593
02594 i_tid.process = caller_pid;
02595 if ((err = rsbac_set_attr(SW_RC, T_PROCESS,
02596 i_tid,
02597 A_rc_role,
02598 i_attr_val2))) {
02599 rsbac_pr_set_error
02600 (A_rc_role);
02601 return -RSBAC_EWRITEFAILED;
02602 }
02603 }
02604
02605 i_tid.process = caller_pid;
02606 if ((err = rsbac_get_attr(SW_RC, T_PROCESS,
02607 i_tid,
02608 A_rc_role,
02609 &i_attr_val1, FALSE))) {
02610 rsbac_pr_get_error(A_rc_role);
02611 return -RSBAC_EREADFAILED;
02612 }
02613
02614 i_rc_tid.role = i_attr_val1.rc_role;
02615 if ((err = rsbac_rc_get_item(0,
02616 RT_ROLE,
02617 i_rc_tid,
02618 i_rc_tid,
02619 RI_def_process_execute_type,
02620 &i_rc_item_val1,
02621 NULL))) {
02622 rsbac_rc_pr_get_error
02623 (RI_def_process_execute_type);
02624 return (-RSBAC_EREADFAILED);
02625 }
02626 switch (i_rc_item_val1.type_id) {
02627 case RC_type_no_create:
02628 case RC_type_use_new_role_def_create:
02629
02630 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type in def_process_execute_type of role %i!\n",
02631 i_attr_val1.rc_role);
02632 return (-RSBAC_EINVALIDVALUE);
02633 case RC_type_inherit_parent:
02634 case RC_type_inherit_process:
02635 break;
02636 case RC_type_no_execute:
02637 return (-RSBAC_EDECISIONMISMATCH);
02638 default:
02639
02640 i_attr_val1.rc_type =
02641 i_rc_item_val1.type_id;
02642 i_tid.process = caller_pid;
02643 if ((err =
02644 rsbac_set_attr(SW_RC, T_PROCESS, i_tid,
02645 A_rc_type,
02646 i_attr_val1))) {
02647 rsbac_pr_set_error(A_rc_type);
02648 return -RSBAC_EWRITEFAILED;
02649 }
02650 }
02651
02652 return 0;
02653
02654
02655 default:
02656 return 0;
02657 }
02658 default:
02659 return 0;
02660 }
02661
02662 return 0;
02663 }
02664
02665 #ifdef CONFIG_RSBAC_SECDEL
02666 inline rsbac_boolean_t rsbac_need_overwrite_rc(struct dentry * dentry_p)
02667 {
02668 int err = 0;
02669 union rsbac_target_id_t i_tid;
02670 union rsbac_attribute_value_t i_attr_val1;
02671 union rsbac_rc_target_id_t i_rc_tid;
02672 union rsbac_rc_item_value_t i_rc_item_val1;
02673
02674 if (!dentry_p || !dentry_p->d_inode)
02675 return FALSE;
02676
02677 i_tid.file.device = dentry_p->d_sb->s_dev;
02678 i_tid.file.inode = dentry_p->d_inode->i_ino;
02679 i_tid.file.dentry_p = dentry_p;
02680
02681 if (rsbac_get_attr(SW_RC, T_FILE,
02682 i_tid, A_rc_type_fd, &i_attr_val1, TRUE)) {
02683 rsbac_pr_get_error(A_rc_type_fd);
02684 return FALSE;
02685 }
02686
02687 i_rc_tid.role = i_attr_val1.rc_role;
02688 if ((err = rsbac_rc_get_item(0,
02689 RT_TYPE,
02690 i_rc_tid,
02691 i_rc_tid,
02692 RI_type_fd_need_secdel,
02693 &i_rc_item_val1, NULL))) {
02694 rsbac_rc_pr_get_error(RI_type_fd_need_secdel);
02695 return FALSE;
02696 }
02697
02698
02699 return (i_rc_item_val1.need_secdel);
02700 }
02701 #endif