00001
00002
00003
00004
00005
00006
00007
00008 #include <linux/module.h>
00009 #include <linux/types.h>
00010 #include <linux/kernel.h>
00011 #include <linux/string.h>
00012
00013 #include <linux/sched.h>
00014 #include <linux/smp.h>
00015 #include <linux/smp_lock.h>
00016
00017 #include <linux/fs.h>
00018 #include <asm/uaccess.h>
00019
00020 #include <rsbac/types.h>
00021 #include <rsbac/reg.h>
00022 #include <rsbac/adf.h>
00023 #include <rsbac/aci.h>
00024 #include <rsbac/lists.h>
00025 #include <rsbac/getname.h>
00026 #include <rsbac/error.h>
00027 #include <rsbac/proc_fs.h>
00028
00029 static u_long nr_request_calls = 0;
00030 #define ORD_request 1
00031 static u_long nr_set_attr_calls = 0;
00032 #define ORD_set_attr 2
00033 static u_long nr_need_overwrite_calls = 0;
00034 #define ORD_overwrite 3
00035 static u_long nr_write_calls = 0;
00036 #define ORD_write 4
00037 static u_long nr_system_calls = 0;
00038 #define ORD_syscall 5
00039 static void * system_call_arg = 0;
00040
00041 MODULE_AUTHOR("Amon Ott");
00042 MODULE_DESCRIPTION("RSBAC REG sample decision module 3");
00043 MODULE_LICENSE("GPL");
00044
00045 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
00046 static char * name = NULL;
00047 static char * syscall_name = NULL;
00048 static u_int listkey = 133457;
00049 static long handle = 133457;
00050 static long syscall_registration_handle = 754331;
00051 static long syscall_dispatcher_handle = 3;
00052
00053 module_param(name, charp, 0000);
00054 MODULE_PARM_DESC(name, "Name");
00055 module_param(syscall_name, charp, 0000);
00056 MODULE_PARM_DESC(syscall_name, "Syscall name");
00057 module_param(listkey, int, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
00058 MODULE_PARM_DESC(listkey, "List key");
00059 module_param(handle, long, S_IRUSR);
00060 MODULE_PARM_DESC(handle, "Handle");
00061 module_param(syscall_registration_handle, long, S_IRUSR);
00062 MODULE_PARM_DESC(syscall_registration_handle, "Syscall registration handle");
00063 module_param(syscall_dispatcher_handle, long, S_IRUSR);
00064 MODULE_PARM_DESC(syscall_dispatcher_handle, "Syscall dispatcher handle");
00065 #else
00066 MODULE_PARM(name, "s");
00067 static char * name = NULL;
00068 static char dummy_buf[70]="To protect against wrong insmod params";
00069 MODULE_PARM(syscall_name, "s");
00070 static char * syscall_name = NULL;
00071 static char dummy_buf2[70]="To protect against wrong insmod params";
00072 MODULE_PARM(listkey, "l");
00073 static u_int listkey = 133457;
00074 MODULE_PARM(handle, "l");
00075 static long handle = 133457;
00076 MODULE_PARM(syscall_registration_handle, "l");
00077 static long syscall_registration_handle = 754331;
00078 MODULE_PARM(syscall_dispatcher_handle, "l");
00079 static long syscall_dispatcher_handle = 3;
00080 #endif
00081
00082
00083 #define FILENAME "regsmp3"
00084
00085
00086 #define LIST_VERSION 1
00087
00088 static rsbac_list_handle_t list_handle;
00089
00090
00091
00092 #if defined(CONFIG_RSBAC_PROC)
00093 #define PROC_NAME "reg_sample3"
00094 static struct proc_dir_entry * proc_reg_sample_p;
00095
00096 static int
00097 adf_sample_proc_info(char *buffer, char **start, off_t offset, int length)
00098 {
00099 int len = 0;
00100 off_t pos = 0;
00101 off_t begin = 0;
00102
00103 union rsbac_target_id_t rsbac_target_id;
00104 union rsbac_attribute_value_t rsbac_attribute_value;
00105
00106 if (!rsbac_is_initialized())
00107 return (-ENOSYS);
00108
00109 rsbac_target_id.scd = ST_rsbac;
00110 rsbac_attribute_value.dummy = 0;
00111 if (!rsbac_adf_request(R_GET_STATUS_DATA,
00112 current->pid,
00113 T_SCD,
00114 rsbac_target_id,
00115 A_none,
00116 rsbac_attribute_value))
00117 {
00118 return -EPERM;
00119 }
00120 len += sprintf(buffer, "RSBAC REG decision module sample 3\n----------------------------------\n");
00121 pos = begin + len;
00122 if (pos < offset)
00123 {
00124 len = 0;
00125 begin = pos;
00126 }
00127 if (pos > offset+length)
00128 goto out;
00129
00130 len += sprintf(buffer + len, "%lu calls to request function.\n",
00131 nr_request_calls);
00132 pos = begin + len;
00133 if (pos < offset)
00134 {
00135 len = 0;
00136 begin = pos;
00137 }
00138 if (pos > offset+length)
00139 goto out;
00140
00141 len += sprintf(buffer + len, "%lu calls to set_attr function.\n",
00142 nr_set_attr_calls);
00143 pos = begin + len;
00144 if (pos < offset)
00145 {
00146 len = 0;
00147 begin = pos;
00148 }
00149 if (pos > offset+length)
00150 goto out;
00151
00152 len += sprintf(buffer + len, "%lu calls to need_overwrite function.\n",
00153 nr_need_overwrite_calls);
00154 pos = begin + len;
00155 if (pos < offset)
00156 {
00157 len = 0;
00158 begin = pos;
00159 }
00160 if (pos > offset+length)
00161 goto out;
00162
00163 len += sprintf(buffer + len, "%lu calls to write function.\n",
00164 nr_write_calls);
00165 pos = begin + len;
00166 if (pos < offset)
00167 {
00168 len = 0;
00169 begin = pos;
00170 }
00171 if (pos > offset+length)
00172 goto out;
00173
00174 len += sprintf(buffer + len, "%lu calls to system_call function %lu, last arg was %p.\n",
00175 nr_system_calls,
00176 syscall_dispatcher_handle,
00177 system_call_arg);
00178 pos = begin + len;
00179 if (pos < offset)
00180 {
00181 len = 0;
00182 begin = pos;
00183 }
00184 if (pos > offset+length)
00185 goto out;
00186
00187 len += sprintf(buffer + len, "%li list items.\n",
00188 rsbac_list_count(list_handle));
00189 pos = begin + len;
00190 if (pos < offset)
00191 {
00192 len = 0;
00193 begin = pos;
00194 }
00195 if (pos > offset+length)
00196 goto out;
00197
00198 out:
00199 *start = buffer + (offset - begin);
00200 len -= (offset - begin);
00201
00202 if (len > length)
00203 len = length;
00204 return len;
00205 }
00206 #endif
00207
00208
00209
00210 static int compare(void * desc1, void * desc2)
00211 {
00212 return memcmp((u_int *) desc1, (u_int *) desc2, sizeof(u_int) );
00213 }
00214
00215
00216
00217
00218
00219
00220
00221
00222
00223
00224 static int request_func ( enum rsbac_adf_request_t request,
00225 rsbac_pid_t owner_pid,
00226 enum rsbac_target_t target,
00227 union rsbac_target_id_t tid,
00228 enum rsbac_attribute_t attr,
00229 union rsbac_attribute_value_t attr_val,
00230 rsbac_uid_t owner)
00231 {
00232
00233 if(request != R_SEARCH)
00234 {
00235 __u32 ord = ORD_request;
00236
00237 nr_request_calls++;
00238 rsbac_list_add(list_handle, &ord, &nr_request_calls);
00239 }
00240 return GRANTED;
00241 }
00242
00243 static int set_attr_func ( enum rsbac_adf_request_t request,
00244 rsbac_pid_t owner_pid,
00245 enum rsbac_target_t target,
00246 union rsbac_target_id_t tid,
00247 enum rsbac_target_t new_target,
00248 union rsbac_target_id_t new_tid,
00249 enum rsbac_attribute_t attr,
00250 union rsbac_attribute_value_t attr_val,
00251 rsbac_uid_t owner)
00252 {
00253 __u32 ord = ORD_set_attr;
00254
00255
00256 if(request != R_SEARCH)
00257 {
00258 nr_set_attr_calls++;
00259 rsbac_list_add(list_handle, &ord, &nr_set_attr_calls);
00260 }
00261 return 0;
00262 }
00263
00264 static rsbac_boolean_t need_overwrite_func (struct dentry * dentry_p)
00265 {
00266 __u32 ord = ORD_overwrite;
00267
00268 nr_need_overwrite_calls++;
00269 rsbac_list_add(list_handle, &ord, &nr_need_overwrite_calls);
00270 return FALSE;
00271 }
00272
00273 static int write_func(rsbac_boolean_t need_lock)
00274 {
00275 __u32 ord = ORD_write;
00276
00277 nr_write_calls++;
00278 rsbac_list_add(list_handle, &ord, &nr_write_calls);
00279 return(0);
00280 }
00281
00282 static int syscall_func (void * arg)
00283 {
00284 __u32 ord = ORD_syscall;
00285
00286 nr_system_calls++;
00287 system_call_arg = arg;
00288 rsbac_list_add(list_handle, &ord, &nr_system_calls);
00289 return nr_system_calls;
00290 }
00291
00292
00293
00294 int init_module(void)
00295 {
00296 struct rsbac_reg_entry_t entry;
00297 struct rsbac_reg_syscall_entry_t syscall_entry;
00298 struct rsbac_list_info_t list_info;
00299 __u32 ord;
00300
00301 if(!listkey)
00302 listkey = 133457;
00303 if(!handle)
00304 handle = 133457;
00305 if(!syscall_registration_handle)
00306 syscall_registration_handle = 754331;
00307 if(!syscall_dispatcher_handle)
00308 syscall_dispatcher_handle = 3;
00309
00310 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: Initializing.\n");
00311
00312
00313 memset(&entry, 0, sizeof(entry));
00314 memset(&syscall_entry, 0, sizeof(syscall_entry));
00315 #if LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0)
00316 if((dummy_buf[0] != 'T') || (dummy_buf2[0] != 'T'))
00317 {
00318 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Not loaded due to invalid param string.\n");
00319 return -ENOEXEC;
00320 }
00321 #endif
00322
00323 list_info.version = LIST_VERSION;
00324 list_info.key = listkey;
00325 list_info.desc_size = sizeof(__u32);
00326 list_info.data_size = sizeof(nr_request_calls);
00327 list_info.max_age = 3600;
00328 if(rsbac_list_register(RSBAC_LIST_VERSION,
00329 &list_handle,
00330 &list_info,
00331 RSBAC_LIST_PERSIST | RSBAC_LIST_BACKUP,
00332 compare,
00333 NULL,
00334 NULL,
00335 FILENAME,
00336 0))
00337 {
00338 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Registering list failed. Unloading.\n");
00339 return -ENOEXEC;
00340 }
00341 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: List Version: %u, Name: %s, Handle: %p, Key: %u\n",
00342 RSBAC_LIST_VERSION, FILENAME, list_handle, listkey);
00343 ord = ORD_request;
00344 if(rsbac_list_exist(list_handle, &ord))
00345 rsbac_list_get_data(list_handle, &ord, &nr_request_calls);
00346 ord = ORD_set_attr;
00347 if(rsbac_list_exist(list_handle, &ord))
00348 rsbac_list_get_data(list_handle, &ord, &nr_set_attr_calls);
00349 ord = ORD_overwrite;
00350 if(rsbac_list_exist(list_handle, &ord))
00351 rsbac_list_get_data(list_handle, &ord, &nr_need_overwrite_calls);
00352 ord = ORD_write;
00353 if(rsbac_list_exist(list_handle, &ord))
00354 rsbac_list_get_data(list_handle, &ord, &nr_write_calls);
00355 ord = ORD_syscall;
00356 if(rsbac_list_exist(list_handle, &ord))
00357 rsbac_list_get_data(list_handle, &ord, &nr_system_calls);
00358
00359
00360 if(name)
00361 {
00362 strncpy(entry.name, name, RSBAC_REG_NAME_LEN);
00363 entry.name[RSBAC_REG_NAME_LEN] = 0;
00364 }
00365 else
00366 strcpy(entry.name, "RSBAC REG sample 3 ADF module");
00367 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: REG Version: %u, Name: %s, Handle: %li\n",
00368 RSBAC_REG_VERSION, entry.name, handle);
00369
00370 entry.handle = handle;
00371 entry.request_func = request_func;
00372 entry.set_attr_func = set_attr_func;
00373 entry.need_overwrite_func = need_overwrite_func;
00374 entry.write_func = write_func;
00375 entry.switch_on = TRUE;
00376
00377 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: Registering to ADF.\n");
00378 if(rsbac_reg_register(RSBAC_REG_VERSION, entry) < 0)
00379 {
00380 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Registering failed. Unloading.\n");
00381 if(rsbac_list_detach(&list_handle, listkey))
00382 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Unregistering list failed - beware!\n");
00383 return -ENOEXEC;
00384 }
00385
00386 if(syscall_name)
00387 {
00388 strncpy(syscall_entry.name, syscall_name, RSBAC_REG_NAME_LEN);
00389 syscall_entry.name[RSBAC_REG_NAME_LEN] = 0;
00390 }
00391 else
00392 strcpy(syscall_entry.name, "RSBAC REG sample 3 syscall");
00393 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: REG Version: %u, Name: %s, Dispatcher Handle: %li\n",
00394 RSBAC_REG_VERSION, syscall_entry.name, syscall_dispatcher_handle);
00395
00396 syscall_entry.registration_handle = syscall_registration_handle;
00397 syscall_entry.dispatcher_handle = syscall_dispatcher_handle;
00398 syscall_entry.syscall_func = syscall_func;
00399
00400 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: Registering syscall.\n");
00401 syscall_registration_handle = rsbac_reg_register_syscall(RSBAC_REG_VERSION, syscall_entry);
00402 if(syscall_registration_handle < 0)
00403 {
00404 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Registering syscall failed. Unloading.\n");
00405 if(rsbac_reg_unregister(handle))
00406 {
00407 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 3: Unregistering failed - beware of possible system failure!\n");
00408 }
00409 if(rsbac_list_detach(&list_handle, listkey))
00410 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Unregistering list failed - beware!\n");
00411 return -ENOEXEC;
00412 }
00413
00414 #if defined(CONFIG_RSBAC_PROC)
00415 proc_reg_sample_p = create_proc_entry(PROC_NAME,
00416 S_IFREG | S_IRUGO,
00417 proc_rsbac_root_p);
00418 if(!proc_reg_sample_p)
00419 {
00420 rsbac_printk(KERN_WARNING "%s: Not loaded due to failed proc entry registering.\n", name);
00421 if(rsbac_reg_unregister_syscall(syscall_registration_handle))
00422 {
00423 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 3: Unregistering syscall failed - beware of possible system failure!\n");
00424 }
00425 if(rsbac_reg_unregister(handle))
00426 {
00427 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 3: Unregistering from ADF failed - beware of possible system failure!\n");
00428 }
00429 if(rsbac_list_detach(&list_handle, listkey))
00430 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Unregistering list failed - beware!\n");
00431 return -ENOEXEC;
00432 }
00433 proc_reg_sample_p->get_info = adf_sample_proc_info;
00434 #endif
00435
00436 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: Loaded.\n");
00437
00438 return 0;
00439 }
00440
00441 void cleanup_module(void)
00442 {
00443 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: Unregistering.\n");
00444 #if defined(CONFIG_RSBAC_PROC)
00445 remove_proc_entry(PROC_NAME, proc_rsbac_root_p);
00446 #endif
00447 if(rsbac_reg_unregister_syscall(syscall_registration_handle))
00448 {
00449 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 3: Unregistering syscall failed - beware of possible system failure!\n");
00450 }
00451 if(rsbac_reg_unregister(handle))
00452 {
00453 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 3: Unregistering module failed - beware of possible system failure!\n");
00454 }
00455 if(rsbac_list_detach(&list_handle, listkey))
00456 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 3: Unregistering list failed - beware!\n");
00457 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 3: Unloaded.\n");
00458 }