/linux-2.6.21.1-rsbac-1.3.4/rsbac/adf/reg/reg_sample3.c

Go to the documentation of this file.
00001 /*
00002  * RSBAC REG decision module sample
00003  *
00004  * Author and (c) 1999-2005 Amon Ott <ao@rsbac.org>
00005  */
00006 
00007 /* general stuff */
00008 #include <linux/module.h>
00009 #include <linux/types.h>
00010 #include <linux/kernel.h>
00011 #include <linux/string.h>
00012 /* for (un)lock_kernel() */
00013 #include <linux/sched.h>
00014 #include <linux/smp.h>
00015 #include <linux/smp_lock.h>
00016 /* for file access */
00017 #include <linux/fs.h>
00018 #include <asm/uaccess.h>
00019 /* rsbac */
00020 #include <rsbac/types.h>
00021 #include <rsbac/reg.h>
00022 #include <rsbac/adf.h>
00023 #include <rsbac/aci.h>
00024 #include <rsbac/lists.h>
00025 #include <rsbac/getname.h>
00026 #include <rsbac/error.h>
00027 #include <rsbac/proc_fs.h>
00028 
00029 static u_long nr_request_calls = 0;
00030 #define ORD_request 1
00031 static u_long nr_set_attr_calls = 0;
00032 #define ORD_set_attr 2
00033 static u_long nr_need_overwrite_calls = 0;
00034 #define ORD_overwrite 3
00035 static u_long nr_write_calls = 0;
00036 #define ORD_write 4
00037 static u_long nr_system_calls = 0;
00038 #define ORD_syscall 5
00039 static void * system_call_arg = 0;
00040 
00041 MODULE_AUTHOR("Amon Ott");
00042 MODULE_DESCRIPTION("RSBAC REG sample decision module 3");
00043 MODULE_LICENSE("GPL");
00044 
00045 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
00046 static char * name = NULL;
00047 static char * syscall_name = NULL;
00048 static u_int listkey = 133457;
00049 static long handle = 133457;
00050 static long syscall_registration_handle = 754331;
00051 static long syscall_dispatcher_handle = 3;
00052 
00053 module_param(name, charp, 0000);
00054 MODULE_PARM_DESC(name, "Name");
00055 module_param(syscall_name, charp, 0000);
00056 MODULE_PARM_DESC(syscall_name, "Syscall name");
00057 module_param(listkey, int, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
00058 MODULE_PARM_DESC(listkey, "List key");
00059 module_param(handle, long, S_IRUSR);
00060 MODULE_PARM_DESC(handle, "Handle");
00061 module_param(syscall_registration_handle, long, S_IRUSR);
00062 MODULE_PARM_DESC(syscall_registration_handle, "Syscall registration handle");
00063 module_param(syscall_dispatcher_handle, long, S_IRUSR);
00064 MODULE_PARM_DESC(syscall_dispatcher_handle, "Syscall dispatcher handle");
00065 #else
00066 MODULE_PARM(name, "s");
00067 static char * name = NULL;
00068 static char dummy_buf[70]="To protect against wrong insmod params";
00069 MODULE_PARM(syscall_name, "s");
00070 static char * syscall_name = NULL;
00071 static char dummy_buf2[70]="To protect against wrong insmod params";
00072 MODULE_PARM(listkey, "l");
00073 static u_int listkey = 133457;
00074 MODULE_PARM(handle, "l");
00075 static long handle = 133457;
00076 MODULE_PARM(syscall_registration_handle, "l");
00077 static long syscall_registration_handle = 754331;
00078 MODULE_PARM(syscall_dispatcher_handle, "l");
00079 static long syscall_dispatcher_handle = 3;
00080 #endif
00081 
00082 /* Filename for persistent data in /rsbac dir of ROOT_DEV (max 7 chars) */
00083 #define FILENAME "regsmp3"
00084 
00085 /* Version number for on disk data structures */
00086 #define LIST_VERSION 1
00087 
00088 static rsbac_list_handle_t list_handle;
00089 
00090 /* PROC functions */
00091 
00092 #if defined(CONFIG_RSBAC_PROC)
00093 #define PROC_NAME "reg_sample3"
00094 static struct proc_dir_entry * proc_reg_sample_p;
00095 
00096 static int
00097 adf_sample_proc_info(char *buffer, char **start, off_t offset, int length)
00098 {
00099   int len = 0;
00100   off_t pos   = 0;
00101   off_t begin = 0;
00102 
00103   union rsbac_target_id_t       rsbac_target_id;
00104   union rsbac_attribute_value_t rsbac_attribute_value;
00105 
00106   if (!rsbac_is_initialized())
00107     return (-ENOSYS);
00108 
00109   rsbac_target_id.scd = ST_rsbac;
00110   rsbac_attribute_value.dummy = 0;
00111   if (!rsbac_adf_request(R_GET_STATUS_DATA,
00112                          current->pid,
00113                          T_SCD,
00114                          rsbac_target_id,
00115                          A_none,
00116                          rsbac_attribute_value))
00117     {
00118       return -EPERM;
00119     }
00120   len += sprintf(buffer, "RSBAC REG decision module sample 3\n----------------------------------\n");
00121   pos = begin + len;
00122   if (pos < offset)
00123     {
00124       len = 0;
00125       begin = pos;
00126     }
00127   if (pos > offset+length)
00128     goto out;
00129 
00130   len += sprintf(buffer + len, "%lu calls to request function.\n",
00131                  nr_request_calls);
00132   pos = begin + len;
00133   if (pos < offset)
00134     {
00135       len = 0;
00136       begin = pos;
00137     }
00138   if (pos > offset+length)
00139     goto out;
00140 
00141   len += sprintf(buffer + len, "%lu calls to set_attr function.\n",
00142                  nr_set_attr_calls);
00143   pos = begin + len;
00144   if (pos < offset)
00145     {
00146       len = 0;
00147       begin = pos;
00148     }
00149   if (pos > offset+length)
00150     goto out;
00151 
00152   len += sprintf(buffer + len, "%lu calls to need_overwrite function.\n",
00153                  nr_need_overwrite_calls);
00154   pos = begin + len;
00155   if (pos < offset)
00156     {
00157       len = 0;
00158       begin = pos;
00159     }
00160   if (pos > offset+length)
00161     goto out;
00162 
00163   len += sprintf(buffer + len, "%lu calls to write function.\n",
00164                  nr_write_calls);
00165   pos = begin + len;
00166   if (pos < offset)
00167     {
00168       len = 0;
00169       begin = pos;
00170     }
00171   if (pos > offset+length)
00172     goto out;
00173 
00174   len += sprintf(buffer + len, "%lu calls to system_call function %lu, last arg was %p.\n",
00175                  nr_system_calls,
00176                  syscall_dispatcher_handle,
00177                  system_call_arg);
00178   pos = begin + len;
00179   if (pos < offset)
00180     {
00181       len = 0;
00182       begin = pos;
00183     }
00184   if (pos > offset+length)
00185     goto out;
00186 
00187   len += sprintf(buffer + len, "%li list items.\n",
00188                  rsbac_list_count(list_handle));
00189   pos = begin + len;
00190   if (pos < offset)
00191     {
00192       len = 0;
00193       begin = pos;
00194     }
00195   if (pos > offset+length)
00196     goto out;
00197 
00198 out:
00199   *start = buffer + (offset - begin);
00200   len -= (offset - begin);
00201   
00202   if (len > length)
00203     len = length;
00204   return len;
00205 }
00206 #endif /* CONFIG_RSBAC_PROC */
00207 
00208 /**** List helper functions ****/
00209 
00210 static int compare(void * desc1, void * desc2)
00211   {
00212     return memcmp((u_int *) desc1, (u_int *) desc2, sizeof(u_int) );
00213   }
00214 
00215 /*
00216 static rsbac_list_conv_function_t * get_conv(rsbac_version_t version)
00217   {
00218     return compare;
00219   }
00220 */
00221 
00222 /**** Decision Functions ****/
00223 
00224 static  int request_func  ( enum  rsbac_adf_request_t     request,
00225                                   rsbac_pid_t             owner_pid,
00226                             enum  rsbac_target_t          target,
00227                             union rsbac_target_id_t       tid,
00228                             enum  rsbac_attribute_t       attr,
00229                             union rsbac_attribute_value_t attr_val,
00230                             rsbac_uid_t                   owner)
00231   {
00232     /* count call, but not for SEARCH request */
00233     if(request != R_SEARCH)
00234       {
00235         __u32 ord = ORD_request;
00236 
00237         nr_request_calls++;
00238         rsbac_list_add(list_handle, &ord, &nr_request_calls);
00239       }
00240     return GRANTED;
00241   }
00242 
00243 static  int set_attr_func ( enum  rsbac_adf_request_t     request,
00244                                   rsbac_pid_t             owner_pid,
00245                             enum  rsbac_target_t          target,
00246                             union rsbac_target_id_t       tid,
00247                             enum  rsbac_target_t          new_target,
00248                             union rsbac_target_id_t       new_tid,
00249                             enum  rsbac_attribute_t       attr,
00250                             union rsbac_attribute_value_t attr_val,
00251                             rsbac_uid_t                   owner)
00252   {
00253     __u32 ord = ORD_set_attr;
00254 
00255     /* count call, but not for SEARCH request */
00256     if(request != R_SEARCH)
00257       {
00258         nr_set_attr_calls++;
00259         rsbac_list_add(list_handle, &ord, &nr_set_attr_calls);
00260       }
00261     return 0;
00262   }
00263 
00264 static rsbac_boolean_t need_overwrite_func (struct dentry * dentry_p)
00265   {
00266     __u32 ord = ORD_overwrite;
00267 
00268     nr_need_overwrite_calls++;
00269     rsbac_list_add(list_handle, &ord, &nr_need_overwrite_calls);
00270     return FALSE;
00271   }
00272 
00273 static int write_func(rsbac_boolean_t need_lock)
00274   {
00275     __u32 ord = ORD_write;
00276 
00277     nr_write_calls++;
00278     rsbac_list_add(list_handle, &ord, &nr_write_calls);
00279     return(0);
00280   }
00281 
00282 static int syscall_func (void * arg)
00283   {
00284     __u32 ord = ORD_syscall;
00285 
00286     nr_system_calls++;
00287     system_call_arg = arg;
00288     rsbac_list_add(list_handle, &ord, &nr_system_calls);
00289     return nr_system_calls;
00290    }
00291 
00292 /**** Init ****/
00293 
00294 int init_module(void)
00295 {
00296   struct rsbac_reg_entry_t entry;
00297   struct rsbac_reg_syscall_entry_t syscall_entry;
00298   struct rsbac_list_info_t list_info;
00299   __u32 ord;
00300 
00301   if(!listkey)
00302     listkey = 133457;
00303   if(!handle)
00304     handle = 133457;
00305   if(!syscall_registration_handle)
00306     syscall_registration_handle = 754331;
00307   if(!syscall_dispatcher_handle)
00308     syscall_dispatcher_handle = 3;
00309 
00310   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: Initializing.\n");
00311 
00312   /* clearing registration entries */
00313   memset(&entry, 0, sizeof(entry));
00314   memset(&syscall_entry, 0, sizeof(syscall_entry));
00315 #if LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0)
00316   if((dummy_buf[0] != 'T') || (dummy_buf2[0] != 'T'))
00317     {
00318       rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Not loaded due to invalid param string.\n");
00319       return -ENOEXEC;
00320     }
00321 #endif
00322   /* Register a generic list */
00323   list_info.version = LIST_VERSION;
00324   list_info.key = listkey;
00325   list_info.desc_size = sizeof(__u32);
00326   list_info.data_size = sizeof(nr_request_calls);
00327   list_info.max_age = 3600; /* 1h */
00328   if(rsbac_list_register(RSBAC_LIST_VERSION,
00329                          &list_handle,
00330                          &list_info,
00331                          RSBAC_LIST_PERSIST | RSBAC_LIST_BACKUP,
00332                          compare,
00333                          NULL,
00334                          NULL,
00335                          FILENAME,
00336                          0))
00337     {
00338       rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Registering list failed. Unloading.\n");
00339       return -ENOEXEC;
00340     }
00341   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: List Version: %u, Name: %s, Handle: %p, Key: %u\n",
00342          RSBAC_LIST_VERSION, FILENAME, list_handle, listkey);
00343   ord = ORD_request;
00344   if(rsbac_list_exist(list_handle, &ord))
00345     rsbac_list_get_data(list_handle, &ord, &nr_request_calls);
00346   ord = ORD_set_attr;
00347   if(rsbac_list_exist(list_handle, &ord))
00348     rsbac_list_get_data(list_handle, &ord, &nr_set_attr_calls);
00349   ord = ORD_overwrite;
00350   if(rsbac_list_exist(list_handle, &ord))
00351     rsbac_list_get_data(list_handle, &ord, &nr_need_overwrite_calls);
00352   ord = ORD_write;
00353   if(rsbac_list_exist(list_handle, &ord))
00354     rsbac_list_get_data(list_handle, &ord, &nr_write_calls);
00355   ord = ORD_syscall;
00356   if(rsbac_list_exist(list_handle, &ord))
00357     rsbac_list_get_data(list_handle, &ord, &nr_system_calls);
00358 
00359   /* Register to ADF */
00360   if(name)
00361     {
00362       strncpy(entry.name, name, RSBAC_REG_NAME_LEN);
00363       entry.name[RSBAC_REG_NAME_LEN] = 0;
00364     }
00365   else
00366     strcpy(entry.name, "RSBAC REG sample 3 ADF module");
00367   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: REG Version: %u, Name: %s, Handle: %li\n",
00368          RSBAC_REG_VERSION, entry.name, handle);
00369 
00370   entry.handle = handle;
00371   entry.request_func = request_func;
00372   entry.set_attr_func = set_attr_func;
00373   entry.need_overwrite_func = need_overwrite_func;
00374   entry.write_func = write_func;
00375   entry.switch_on = TRUE;
00376 
00377   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: Registering to ADF.\n");
00378   if(rsbac_reg_register(RSBAC_REG_VERSION, entry) < 0)
00379     {
00380       rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Registering failed. Unloading.\n");
00381       if(rsbac_list_detach(&list_handle, listkey))
00382         rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Unregistering list failed - beware!\n");
00383       return -ENOEXEC;
00384     }
00385 
00386   if(syscall_name)
00387     {
00388       strncpy(syscall_entry.name, syscall_name, RSBAC_REG_NAME_LEN);
00389       syscall_entry.name[RSBAC_REG_NAME_LEN] = 0;
00390     }
00391   else
00392     strcpy(syscall_entry.name, "RSBAC REG sample 3 syscall");
00393   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: REG Version: %u, Name: %s, Dispatcher Handle: %li\n",
00394          RSBAC_REG_VERSION, syscall_entry.name, syscall_dispatcher_handle);
00395 
00396   syscall_entry.registration_handle = syscall_registration_handle;
00397   syscall_entry.dispatcher_handle = syscall_dispatcher_handle;
00398   syscall_entry.syscall_func = syscall_func;
00399 
00400   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: Registering syscall.\n");
00401   syscall_registration_handle = rsbac_reg_register_syscall(RSBAC_REG_VERSION, syscall_entry);
00402   if(syscall_registration_handle < 0)
00403     {
00404       rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Registering syscall failed. Unloading.\n");
00405       if(rsbac_reg_unregister(handle))
00406         {
00407           rsbac_printk(KERN_ERR "RSBAC REG decision module sample 3: Unregistering failed - beware of possible system failure!\n");
00408         }
00409       if(rsbac_list_detach(&list_handle, listkey))
00410         rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Unregistering list failed - beware!\n");
00411       return -ENOEXEC;
00412     }
00413 
00414   #if defined(CONFIG_RSBAC_PROC)
00415   proc_reg_sample_p = create_proc_entry(PROC_NAME,
00416                                         S_IFREG | S_IRUGO,
00417                                         proc_rsbac_root_p);
00418   if(!proc_reg_sample_p)
00419     {
00420       rsbac_printk(KERN_WARNING "%s: Not loaded due to failed proc entry registering.\n", name);
00421       if(rsbac_reg_unregister_syscall(syscall_registration_handle))
00422         {
00423           rsbac_printk(KERN_ERR "RSBAC REG decision module sample 3: Unregistering syscall failed - beware of possible system failure!\n");
00424         }
00425       if(rsbac_reg_unregister(handle))
00426         {
00427           rsbac_printk(KERN_ERR "RSBAC REG decision module sample 3: Unregistering from ADF failed - beware of possible system failure!\n");
00428         }
00429       if(rsbac_list_detach(&list_handle, listkey))
00430         rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Unregistering list failed - beware!\n");
00431       return -ENOEXEC;
00432     }
00433   proc_reg_sample_p->get_info = adf_sample_proc_info;
00434   #endif 
00435 
00436   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: Loaded.\n");
00437 
00438   return 0;
00439 }
00440 
00441 void cleanup_module(void)
00442 {
00443   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: Unregistering.\n");
00444   #if defined(CONFIG_RSBAC_PROC)
00445   remove_proc_entry(PROC_NAME, proc_rsbac_root_p);
00446   #endif 
00447   if(rsbac_reg_unregister_syscall(syscall_registration_handle))
00448     {
00449       rsbac_printk(KERN_ERR "RSBAC REG decision module sample 3: Unregistering syscall failed - beware of possible system failure!\n");
00450     }
00451   if(rsbac_reg_unregister(handle))
00452     {
00453       rsbac_printk(KERN_ERR "RSBAC REG decision module sample 3: Unregistering module failed - beware of possible system failure!\n");
00454     }
00455   if(rsbac_list_detach(&list_handle, listkey))
00456     rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Unregistering list failed - beware!\n");
00457   rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: Unloaded.\n");
00458 }

Generated on Wed May 16 11:53:35 2007 for RSBAC by  doxygen 1.5.1