/linux-2.6.21.1-rsbac-1.3.4/rsbac/adf/reg/kproc_hide.c

Go to the documentation of this file.
00001 /*
00002  * RSBAC REG decision module kproc_hide. Hiding kernel processes.
00003  *
00004  * Author and (c) 2004 Michal Purzynski <albeiro@rsbac.org>
00005  */
00006 
00007 #include <linux/module.h>
00008 #include <linux/types.h>
00009 #include <linux/kernel.h>
00010 #include <linux/string.h>
00011 #include <linux/fs.h>
00012 #include <linux/sched.h>
00013 #include <linux/file.h>
00014 #include <rsbac/types.h>
00015 #include <rsbac/reg.h>
00016 #include <rsbac/adf.h>
00017 #include <rsbac/aci.h>
00018 #include <rsbac/getname.h>
00019 #include <rsbac/error.h>
00020 #include <rsbac/proc_fs.h>
00021 
00022 MODULE_AUTHOR("Michal Purzynski");
00023 MODULE_DESCRIPTION("RSBAC REG kproc_hide decision module");
00024 MODULE_LICENSE("GPL");
00025 
00026 static long handle = 9999992;
00027 
00028 /**** Helper Functions ****/
00029 
00030 /**********************************************************************
00031 Description:  Checks if process is a kernel process.
00032 Parameters:   Pid of checking process.
00033 Return value: 1 if is, 0 otherwise.
00034 **********************************************************************/
00035 
00036 int is_kproc(int pid)
00037 {
00038         struct task_struct *tid_task;
00039 
00040         tid_task = find_task_by_pid(pid);
00041 
00042         if (tid_task->mm == NULL)
00043                 return 1;
00044         else
00045                 return 0;
00046 }
00047 
00048 /**** Decision Functions ****/
00049 
00050 static int request_func(enum rsbac_adf_request_t        request,
00051                         rsbac_pid_t                     owner_pid,
00052                         enum rsbac_target_t             target,
00053                         union rsbac_target_id_t         tid,
00054                         enum rsbac_attribute_t          attr,
00055                         union rsbac_attribute_value_t   attr_val,
00056                         rsbac_uid_t                     owner)
00057 {  
00058 
00059         switch (request) {
00060                 case R_GET_STATUS_DATA:
00061                         switch (target) {
00062                                 case T_PROCESS:
00063                                         if (is_kproc(tid.process))
00064                                         return NOT_GRANTED;
00065                                 default:
00066                                         return DO_NOT_CARE;
00067                         }
00068                 default:
00069                         return DO_NOT_CARE;
00070         }
00071         
00072 /*
00073         if (request == R_GET_STATUS_DATA && target == T_PROCESS && is_kproc(tid.process))
00074                 return NOT_GRANTED;
00075         else
00076                 return GRANTED;
00077 */
00078 }
00079 
00080 /**** Init ****/
00081 
00082 int init_module(void)
00083 {
00084         struct rsbac_reg_entry_t entry;
00085 
00086         rsbac_printk(KERN_INFO "RSBAC REG decision module kproc_hide: Initializing.\n");
00087 
00088         /* clearing registration entries */
00089         memset(&entry, 0, sizeof(entry));
00090 
00091         strcpy(entry.name, "RSBAC REG kproc_hide ADF module");
00092         rsbac_printk(KERN_INFO "RSBAC REG decision module kproc_hide: REG Version: %u, Name: %s, Handle: %li\n",
00093                                                                 RSBAC_REG_VERSION, entry.name, handle);
00094 
00095         entry.handle = handle;
00096         entry.request_func = request_func;
00097         entry.switch_on = TRUE;
00098         rsbac_printk(KERN_INFO "RSBAC REG decision module kproc_hide: Registering to ADF.\n");
00099         
00100         if(rsbac_reg_register(RSBAC_REG_VERSION, entry) < 0) {
00101                 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 1: Registering failed. Unloading.\n");
00102                 return -ENOEXEC;
00103         }
00104 
00105         rsbac_printk(KERN_INFO "RSBAC REG decision module kproc_hide: Loaded.\n");
00106 
00107         return 0;
00108 }
00109 
00110 void cleanup_module(void)
00111 {
00112         rsbac_printk(KERN_INFO "RSBAC REG decision module kproc_hide: Unregistering.\n");
00113         
00114         if(rsbac_reg_unregister(handle))
00115         {
00116                 rsbac_printk(KERN_ERR "RSBAC REG decision module kproc_hide: Unregistering failed - beware of possible system failure!\n");
00117         }
00118         
00119         rsbac_printk(KERN_INFO "RSBAC REG decision module kproc_hide: Unloaded.\n");
00120 }
00121 

Generated on Wed May 16 11:53:34 2007 for RSBAC by  doxygen 1.5.1