00001
00002
00003
00004
00005
00006
00007 #include <linux/module.h>
00008 #include <linux/types.h>
00009 #include <linux/kernel.h>
00010 #include <linux/string.h>
00011 #include <linux/fs.h>
00012 #include <rsbac/types.h>
00013 #include <rsbac/reg.h>
00014 #include <rsbac/adf.h>
00015 #include <rsbac/aci.h>
00016 #include <rsbac/getname.h>
00017 #include <rsbac/error.h>
00018 #include <rsbac/proc_fs.h>
00019
00020 static u_long nr_request_calls = 0;
00021 static u_long nr_set_attr_calls = 0;
00022 static u_long nr_need_overwrite_calls = 0;
00023 static u_long nr_system_calls = 0;
00024 static void * system_call_arg = NULL;
00025
00026 MODULE_AUTHOR("Amon Ott");
00027 MODULE_DESCRIPTION("RSBAC REG sample decision module 1");
00028 MODULE_LICENSE("GPL");
00029
00030 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
00031 static char * name = NULL;
00032 static char * syscall_name = NULL;
00033 static long handle = 123456;
00034 static long syscall_registration_handle = 654321;
00035 static long syscall_dispatcher_handle = 1;
00036
00037 module_param(name, charp, 0000);
00038 MODULE_PARM_DESC(name, "Name");
00039 module_param(syscall_name, charp, 0000);
00040 MODULE_PARM_DESC(syscall_name, "Syscall name");
00041 module_param(handle, long, S_IRUSR);
00042 MODULE_PARM_DESC(handle, "Handle");
00043 module_param(syscall_registration_handle, long, S_IRUSR);
00044 MODULE_PARM_DESC(syscall_registration_handle, "Syscall registration handle");
00045 module_param(syscall_dispatcher_handle, long, S_IRUSR);
00046 MODULE_PARM_DESC(syscall_dispatcher_handle, "Syscall dispatcher");
00047 #else
00048 MODULE_PARM(name, "s");
00049 static char * name = NULL;
00050 static char dummy_buf[70]="To protect against wrong insmod params";
00051 MODULE_PARM(syscall_name, "s");
00052 static char * syscall_name = NULL;
00053 static char dummy_buf2[70]="To protect against wrong insmod params";
00054 MODULE_PARM(handle, "l");
00055 static long handle = 123456;
00056 MODULE_PARM(syscall_registration_handle, "l");
00057 static long syscall_registration_handle = 654321;
00058 MODULE_PARM(syscall_dispatcher_handle, "l");
00059 static long syscall_dispatcher_handle = 1;
00060 #endif
00061
00062
00063
00064
00065 #if defined(CONFIG_RSBAC_PROC)
00066 #define PROC_NAME "reg_sample1"
00067 static struct proc_dir_entry * proc_reg_sample_p;
00068
00069 static int
00070 adf_sample_proc_info(char *buffer, char **start, off_t offset, int length)
00071 {
00072 int len = 0;
00073 off_t pos = 0;
00074 off_t begin = 0;
00075
00076 union rsbac_target_id_t rsbac_target_id;
00077 union rsbac_attribute_value_t rsbac_attribute_value;
00078
00079 if (!rsbac_is_initialized())
00080 return (-ENOSYS);
00081
00082 rsbac_target_id.scd = ST_rsbac;
00083 rsbac_attribute_value.dummy = 0;
00084 if (!rsbac_adf_request(R_GET_STATUS_DATA,
00085 current->pid,
00086 T_SCD,
00087 rsbac_target_id,
00088 A_none,
00089 rsbac_attribute_value))
00090 {
00091 return -EPERM;
00092 }
00093 len += sprintf(buffer, "RSBAC REG decision module sample 1\n----------------------------------\n");
00094 pos = begin + len;
00095 if (pos < offset)
00096 {
00097 len = 0;
00098 begin = pos;
00099 }
00100 if (pos > offset+length)
00101 goto out;
00102
00103 len += sprintf(buffer + len, "%lu calls to request function.\n",
00104 nr_request_calls);
00105 pos = begin + len;
00106 if (pos < offset)
00107 {
00108 len = 0;
00109 begin = pos;
00110 }
00111 if (pos > offset+length)
00112 goto out;
00113
00114 len += sprintf(buffer + len, "%lu calls to set_attr function.\n",
00115 nr_set_attr_calls);
00116 pos = begin + len;
00117 if (pos < offset)
00118 {
00119 len = 0;
00120 begin = pos;
00121 }
00122 if (pos > offset+length)
00123 goto out;
00124
00125 len += sprintf(buffer + len, "%lu calls to need_overwrite function.\n",
00126 nr_need_overwrite_calls);
00127 pos = begin + len;
00128 if (pos < offset)
00129 {
00130 len = 0;
00131 begin = pos;
00132 }
00133 if (pos > offset+length)
00134 goto out;
00135
00136 len += sprintf(buffer + len, "%lu calls to system_call function %lu, last arg was %p.\n",
00137 nr_system_calls,
00138 syscall_dispatcher_handle,
00139 system_call_arg);
00140 pos = begin + len;
00141 if (pos < offset)
00142 {
00143 len = 0;
00144 begin = pos;
00145 }
00146 if (pos > offset+length)
00147 goto out;
00148
00149 out:
00150 *start = buffer + (offset - begin);
00151 len -= (offset - begin);
00152
00153 if (len > length)
00154 len = length;
00155 return len;
00156 }
00157 #endif
00158
00159
00160
00161 static int request_func ( enum rsbac_adf_request_t request,
00162 rsbac_pid_t owner_pid,
00163 enum rsbac_target_t target,
00164 union rsbac_target_id_t tid,
00165 enum rsbac_attribute_t attr,
00166 union rsbac_attribute_value_t attr_val,
00167 rsbac_uid_t owner)
00168 {
00169
00170 if(request != R_SEARCH)
00171 nr_request_calls++;
00172 return GRANTED;
00173 }
00174
00175 static int set_attr_func ( enum rsbac_adf_request_t request,
00176 rsbac_pid_t owner_pid,
00177 enum rsbac_target_t target,
00178 union rsbac_target_id_t tid,
00179 enum rsbac_target_t new_target,
00180 union rsbac_target_id_t new_tid,
00181 enum rsbac_attribute_t attr,
00182 union rsbac_attribute_value_t attr_val,
00183 rsbac_uid_t owner)
00184 {
00185
00186 if(request != R_SEARCH)
00187 nr_set_attr_calls++;
00188 return 0;
00189 }
00190
00191 static rsbac_boolean_t need_overwrite_func (struct dentry * dentry_p)
00192 {
00193 nr_need_overwrite_calls++;
00194 return FALSE;
00195 }
00196
00197 static int syscall_func (void * arg)
00198 {
00199 nr_system_calls++;
00200 system_call_arg = arg;
00201 return nr_system_calls;
00202 }
00203
00204
00205
00206 int init_module(void)
00207 {
00208 struct rsbac_reg_entry_t entry;
00209 struct rsbac_reg_syscall_entry_t syscall_entry;
00210
00211 if(!handle)
00212 handle = 123456;
00213 if(!syscall_registration_handle)
00214 syscall_registration_handle = 654321;
00215 if(!syscall_dispatcher_handle)
00216 syscall_dispatcher_handle = 1;
00217
00218 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: Initializing.\n");
00219
00220
00221 memset(&entry, 0, sizeof(entry));
00222 memset(&syscall_entry, 0, sizeof(syscall_entry));
00223
00224 #if LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0)
00225 if((dummy_buf[0] != 'T') || (dummy_buf2[0] != 'T'))
00226 {
00227 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 1: Not loaded due to invalid param string.\n");
00228 return -ENOEXEC;
00229 }
00230 #endif
00231 if(name)
00232 {
00233 strncpy(entry.name, name, RSBAC_REG_NAME_LEN);
00234 entry.name[RSBAC_REG_NAME_LEN] = 0;
00235 }
00236 else
00237 strcpy(entry.name, "RSBAC REG sample 1 ADF module");
00238 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: REG Version: %u, Name: %s, Handle: %li\n",
00239 RSBAC_REG_VERSION, entry.name, handle);
00240
00241 entry.handle = handle;
00242 entry.request_func = request_func;
00243 entry.set_attr_func = set_attr_func;
00244 entry.need_overwrite_func = need_overwrite_func;
00245 entry.switch_on = TRUE;
00246 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: Registering to ADF.\n");
00247 if(rsbac_reg_register(RSBAC_REG_VERSION, entry) < 0)
00248 {
00249 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 1: Registering failed. Unloading.\n");
00250 return -ENOEXEC;
00251 }
00252
00253 if(syscall_name)
00254 {
00255 strncpy(syscall_entry.name, syscall_name, RSBAC_REG_NAME_LEN);
00256 syscall_entry.name[RSBAC_REG_NAME_LEN] = 0;
00257 }
00258 else
00259 strcpy(syscall_entry.name, "RSBAC REG sample 1 syscall");
00260 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: REG Version: %u, Name: %s, Dispatcher Handle: %li\n",
00261 RSBAC_REG_VERSION, syscall_entry.name, syscall_dispatcher_handle);
00262
00263 syscall_entry.registration_handle = syscall_registration_handle;
00264 syscall_entry.dispatcher_handle = syscall_dispatcher_handle;
00265 syscall_entry.syscall_func = syscall_func;
00266 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: Registering syscall.\n");
00267 syscall_registration_handle = rsbac_reg_register_syscall(RSBAC_REG_VERSION, syscall_entry);
00268 if(syscall_registration_handle < 0)
00269 {
00270 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 1: Registering syscall failed. Unloading.\n");
00271 if(rsbac_reg_unregister(handle))
00272 {
00273 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering failed - beware of possible system failure!\n");
00274 }
00275 return -ENOEXEC;
00276 }
00277
00278 #if defined(CONFIG_RSBAC_PROC)
00279 proc_reg_sample_p = create_proc_entry(PROC_NAME,
00280 S_IFREG | S_IRUGO,
00281 proc_rsbac_root_p);
00282 if(!proc_reg_sample_p)
00283 {
00284 rsbac_printk(KERN_WARNING "%s: Not loaded due to failed proc entry registering.\n", name);
00285 if(rsbac_reg_unregister(handle))
00286 {
00287 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering failed - beware of possible system failure!\n");
00288 }
00289 if(rsbac_reg_unregister_syscall(syscall_registration_handle))
00290 {
00291 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering syscall failed - beware of possible system failure!\n");
00292 }
00293 return -ENOEXEC;
00294 }
00295 proc_reg_sample_p->get_info = adf_sample_proc_info;
00296 #endif
00297
00298 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: Loaded.\n");
00299
00300 return 0;
00301 }
00302
00303 void cleanup_module(void)
00304 {
00305 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: Unregistering.\n");
00306 #if defined(CONFIG_RSBAC_PROC)
00307 remove_proc_entry(PROC_NAME, proc_rsbac_root_p);
00308 #endif
00309 if(rsbac_reg_unregister_syscall(syscall_registration_handle))
00310 {
00311 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering syscall failed - beware of possible system failure!\n");
00312 }
00313 if(rsbac_reg_unregister(handle))
00314 {
00315 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering failed - beware of possible system failure!\n");
00316 }
00317 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 1: Unloaded.\n");
00318 }