/linux-2.6.21.1-rsbac-1.3.4/rsbac/adf/reg/reg_sample1.c

Go to the documentation of this file.
00001 /*
00002  * RSBAC REG decision module sample 1
00003  *
00004  * Author and (c) 1999-2005 Amon Ott <ao@rsbac.org>
00005  */
00006 
00007 #include <linux/module.h>
00008 #include <linux/types.h>
00009 #include <linux/kernel.h>
00010 #include <linux/string.h>
00011 #include <linux/fs.h>
00012 #include <rsbac/types.h>
00013 #include <rsbac/reg.h>
00014 #include <rsbac/adf.h>
00015 #include <rsbac/aci.h>
00016 #include <rsbac/getname.h>
00017 #include <rsbac/error.h>
00018 #include <rsbac/proc_fs.h>
00019 
00020 static u_long nr_request_calls = 0;
00021 static u_long nr_set_attr_calls = 0;
00022 static u_long nr_need_overwrite_calls = 0;
00023 static u_long nr_system_calls = 0;
00024 static void * system_call_arg = NULL;
00025 
00026 MODULE_AUTHOR("Amon Ott");
00027 MODULE_DESCRIPTION("RSBAC REG sample decision module 1");
00028 MODULE_LICENSE("GPL");
00029 
00030 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
00031 static char * name = NULL;
00032 static char * syscall_name = NULL;
00033 static long handle = 123456;
00034 static long syscall_registration_handle = 654321;
00035 static long syscall_dispatcher_handle = 1;
00036 
00037 module_param(name, charp, 0000);
00038 MODULE_PARM_DESC(name, "Name");
00039 module_param(syscall_name, charp, 0000);
00040 MODULE_PARM_DESC(syscall_name, "Syscall name");
00041 module_param(handle, long, S_IRUSR);
00042 MODULE_PARM_DESC(handle, "Handle");
00043 module_param(syscall_registration_handle, long, S_IRUSR);
00044 MODULE_PARM_DESC(syscall_registration_handle, "Syscall registration handle");
00045 module_param(syscall_dispatcher_handle, long, S_IRUSR);
00046 MODULE_PARM_DESC(syscall_dispatcher_handle, "Syscall dispatcher");
00047 #else
00048 MODULE_PARM(name, "s");
00049 static char * name = NULL;
00050 static char dummy_buf[70]="To protect against wrong insmod params";
00051 MODULE_PARM(syscall_name, "s");
00052 static char * syscall_name = NULL;
00053 static char dummy_buf2[70]="To protect against wrong insmod params";
00054 MODULE_PARM(handle, "l");
00055 static long handle = 123456;
00056 MODULE_PARM(syscall_registration_handle, "l");
00057 static long syscall_registration_handle = 654321;
00058 MODULE_PARM(syscall_dispatcher_handle, "l");
00059 static long syscall_dispatcher_handle = 1;
00060 #endif
00061 
00062 
00063 /* PROC functions */
00064 
00065 #if defined(CONFIG_RSBAC_PROC)
00066 #define PROC_NAME "reg_sample1"
00067 static struct proc_dir_entry * proc_reg_sample_p;
00068 
00069 static int
00070 adf_sample_proc_info(char *buffer, char **start, off_t offset, int length)
00071 {
00072   int len = 0;
00073   off_t pos   = 0;
00074   off_t begin = 0;
00075 
00076   union rsbac_target_id_t       rsbac_target_id;
00077   union rsbac_attribute_value_t rsbac_attribute_value;
00078 
00079   if (!rsbac_is_initialized())
00080     return (-ENOSYS);
00081 
00082   rsbac_target_id.scd = ST_rsbac;
00083   rsbac_attribute_value.dummy = 0;
00084   if (!rsbac_adf_request(R_GET_STATUS_DATA,
00085                          current->pid,
00086                          T_SCD,
00087                          rsbac_target_id,
00088                          A_none,
00089                          rsbac_attribute_value))
00090     {
00091       return -EPERM;
00092     }
00093   len += sprintf(buffer, "RSBAC REG decision module sample 1\n----------------------------------\n");
00094   pos = begin + len;
00095   if (pos < offset)
00096     {
00097       len = 0;
00098       begin = pos;
00099     }
00100   if (pos > offset+length)
00101     goto out;
00102 
00103   len += sprintf(buffer + len, "%lu calls to request function.\n",
00104                  nr_request_calls);
00105   pos = begin + len;
00106   if (pos < offset)
00107     {
00108       len = 0;
00109       begin = pos;
00110     }
00111   if (pos > offset+length)
00112     goto out;
00113 
00114   len += sprintf(buffer + len, "%lu calls to set_attr function.\n",
00115                  nr_set_attr_calls);
00116   pos = begin + len;
00117   if (pos < offset)
00118     {
00119       len = 0;
00120       begin = pos;
00121     }
00122   if (pos > offset+length)
00123     goto out;
00124 
00125   len += sprintf(buffer + len, "%lu calls to need_overwrite function.\n",
00126                  nr_need_overwrite_calls);
00127   pos = begin + len;
00128   if (pos < offset)
00129     {
00130       len = 0;
00131       begin = pos;
00132     }
00133   if (pos > offset+length)
00134     goto out;
00135 
00136   len += sprintf(buffer + len, "%lu calls to system_call function %lu, last arg was %p.\n",
00137                  nr_system_calls,
00138                  syscall_dispatcher_handle,
00139                  system_call_arg);
00140   pos = begin + len;
00141   if (pos < offset)
00142     {
00143       len = 0;
00144       begin = pos;
00145     }
00146   if (pos > offset+length)
00147     goto out;
00148 
00149 out:
00150   *start = buffer + (offset - begin);
00151   len -= (offset - begin);
00152   
00153   if (len > length)
00154     len = length;
00155   return len;
00156 }
00157 #endif /* CONFIG_RSBAC_PROC */
00158 
00159 /**** Decision Functions ****/
00160 
00161 static  int request_func  ( enum  rsbac_adf_request_t     request,
00162                                   rsbac_pid_t             owner_pid,
00163                             enum  rsbac_target_t          target,
00164                             union rsbac_target_id_t       tid,
00165                             enum  rsbac_attribute_t       attr,
00166                             union rsbac_attribute_value_t attr_val,
00167                             rsbac_uid_t                   owner)
00168   {
00169     /* count call, but not for SEARCH request */
00170     if(request != R_SEARCH)
00171       nr_request_calls++;
00172     return GRANTED;
00173   }
00174 
00175 static  int set_attr_func ( enum  rsbac_adf_request_t     request,
00176                                   rsbac_pid_t             owner_pid,
00177                             enum  rsbac_target_t          target,
00178                             union rsbac_target_id_t       tid,
00179                             enum  rsbac_target_t          new_target,
00180                             union rsbac_target_id_t       new_tid,
00181                             enum  rsbac_attribute_t       attr,
00182                             union rsbac_attribute_value_t attr_val,
00183                             rsbac_uid_t                   owner)
00184   {
00185     /* count call, but not for SEARCH request */
00186     if(request != R_SEARCH)
00187       nr_set_attr_calls++;
00188     return 0;
00189   }
00190 
00191 static rsbac_boolean_t need_overwrite_func (struct dentry * dentry_p)
00192   {
00193     nr_need_overwrite_calls++;
00194     return FALSE;
00195   }
00196 
00197 static int syscall_func (void * arg)
00198   {
00199     nr_system_calls++;
00200     system_call_arg = arg;
00201     return nr_system_calls;
00202   }
00203 
00204 /**** Init ****/
00205 
00206 int init_module(void)
00207 {
00208   struct rsbac_reg_entry_t entry;
00209   struct rsbac_reg_syscall_entry_t syscall_entry;
00210 
00211   if(!handle)
00212     handle = 123456;
00213   if(!syscall_registration_handle)
00214     syscall_registration_handle = 654321;
00215   if(!syscall_dispatcher_handle)
00216     syscall_dispatcher_handle = 1;
00217 
00218   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: Initializing.\n");
00219 
00220   /* clearing registration entries */
00221   memset(&entry, 0, sizeof(entry));
00222   memset(&syscall_entry, 0, sizeof(syscall_entry));
00223 
00224 #if LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0)
00225   if((dummy_buf[0] != 'T') || (dummy_buf2[0] != 'T'))
00226     {
00227       rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 1: Not loaded due to invalid param string.\n");
00228       return -ENOEXEC;
00229     }
00230 #endif
00231   if(name)
00232     {
00233       strncpy(entry.name, name, RSBAC_REG_NAME_LEN);
00234       entry.name[RSBAC_REG_NAME_LEN] = 0;
00235     }
00236   else
00237     strcpy(entry.name, "RSBAC REG sample 1 ADF module");
00238   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: REG Version: %u, Name: %s, Handle: %li\n",
00239          RSBAC_REG_VERSION, entry.name, handle);
00240 
00241   entry.handle = handle;
00242   entry.request_func = request_func;
00243   entry.set_attr_func = set_attr_func;
00244   entry.need_overwrite_func = need_overwrite_func;
00245   entry.switch_on = TRUE;
00246   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: Registering to ADF.\n");
00247   if(rsbac_reg_register(RSBAC_REG_VERSION, entry) < 0)
00248     {
00249       rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 1: Registering failed. Unloading.\n");
00250       return -ENOEXEC;
00251     }
00252 
00253   if(syscall_name)
00254     {
00255       strncpy(syscall_entry.name, syscall_name, RSBAC_REG_NAME_LEN);
00256       syscall_entry.name[RSBAC_REG_NAME_LEN] = 0;
00257     }
00258   else
00259     strcpy(syscall_entry.name, "RSBAC REG sample 1 syscall");
00260   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: REG Version: %u, Name: %s, Dispatcher Handle: %li\n",
00261          RSBAC_REG_VERSION, syscall_entry.name, syscall_dispatcher_handle);
00262 
00263   syscall_entry.registration_handle = syscall_registration_handle;
00264   syscall_entry.dispatcher_handle = syscall_dispatcher_handle;
00265   syscall_entry.syscall_func = syscall_func;
00266   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: Registering syscall.\n");
00267   syscall_registration_handle = rsbac_reg_register_syscall(RSBAC_REG_VERSION, syscall_entry);
00268   if(syscall_registration_handle < 0)
00269     {
00270       rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 1: Registering syscall failed. Unloading.\n");
00271       if(rsbac_reg_unregister(handle))
00272         {
00273           rsbac_printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering failed - beware of possible system failure!\n");
00274         }
00275       return -ENOEXEC;
00276     }
00277 
00278   #if defined(CONFIG_RSBAC_PROC)
00279   proc_reg_sample_p = create_proc_entry(PROC_NAME,
00280                                         S_IFREG | S_IRUGO,
00281                                         proc_rsbac_root_p);
00282   if(!proc_reg_sample_p)
00283     {
00284       rsbac_printk(KERN_WARNING "%s: Not loaded due to failed proc entry registering.\n", name);
00285       if(rsbac_reg_unregister(handle))
00286         {
00287           rsbac_printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering failed - beware of possible system failure!\n");
00288         }
00289       if(rsbac_reg_unregister_syscall(syscall_registration_handle))
00290         {
00291           rsbac_printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering syscall failed - beware of possible system failure!\n");
00292         }
00293       return -ENOEXEC;
00294     }
00295   proc_reg_sample_p->get_info = adf_sample_proc_info;
00296   #endif 
00297 
00298   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: Loaded.\n");
00299 
00300   return 0;
00301 }
00302 
00303 void cleanup_module(void)
00304 {
00305   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: Unregistering.\n");
00306   #if defined(CONFIG_RSBAC_PROC)
00307   remove_proc_entry(PROC_NAME, proc_rsbac_root_p);
00308   #endif 
00309   if(rsbac_reg_unregister_syscall(syscall_registration_handle))
00310     {
00311       rsbac_printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering syscall failed - beware of possible system failure!\n");
00312     }
00313   if(rsbac_reg_unregister(handle))
00314     {
00315       rsbac_printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering failed - beware of possible system failure!\n");
00316     }
00317   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: Unloaded.\n");
00318 }

Generated on Wed May 16 11:53:34 2007 for RSBAC by  doxygen 1.5.1