#include <linux/string.h>
#include <rsbac/types.h>
#include <rsbac/aci.h>
#include <rsbac/adf_main.h>
#include <rsbac/rc.h>
#include <rsbac/error.h>
#include <rsbac/debug.h>
#include <rsbac/helpers.h>
#include <rsbac/getname.h>
#include <rsbac/rc_getname.h>
#include <rsbac/rkmem.h>
#include <rsbac/network.h>
#include <rsbac/rc_types.h>
Go to the source code of this file.
static enum rsbac_adf_req_ret_t check_comp_rc | ( | enum rsbac_target_t | target, | |
union rsbac_target_id_t | tid, | |||
enum rsbac_adf_request_t | request, | |||
rsbac_pid_t | caller_pid | |||
) | [static] |
Definition at line 31 of file rc_main.c.
References A_local_rc_type, A_rc_role, A_rc_type, A_rc_type_fd, A_rc_type_nt, A_remote_rc_type, FALSE, get_rc_special_right_name(), get_target_name_only(), GRANTED, NOT_GRANTED, rsbac_target_id_t::process, rsbac_attribute_value_t::rc_role, rsbac_attribute_value_t::rc_type, RI_type_comp_dev, RI_type_comp_fd, RI_type_comp_group, RI_type_comp_ipc, RI_type_comp_netdev, RI_type_comp_netobj, RI_type_comp_nettemp, RI_type_comp_process, RI_type_comp_user, rsbac_get_attr, rsbac_kfree(), rsbac_kmalloc(), RSBAC_MAXNAMELEN, rsbac_net_remote_request(), rsbac_pr_debug, rsbac_pr_get_error, rsbac_printk(), rsbac_rc_check_comp(), SW_RC, T_DEV, T_DIR, T_FIFO, T_FILE, T_GROUP, T_IPC, T_NETDEV, T_NETOBJ, T_NETTEMP, T_PROCESS, T_SYMLINK, T_UNIXSOCK, T_USER, TRUE, and rsbac_rc_target_id_t::type.
Referenced by rsbac_adf_request_rc().
00034 { 00035 int err; 00036 union rsbac_target_id_t i_tid; 00037 enum rsbac_attribute_t i_attr; 00038 union rsbac_attribute_value_t i_attr_val1; 00039 union rsbac_attribute_value_t i_attr_val2; 00040 00041 union rsbac_rc_target_id_t i_rc_subtid; 00042 enum rsbac_rc_item_t i_rc_item; 00043 00044 /* get rc_role from process */ 00045 i_tid.process = caller_pid; 00046 if ((err = rsbac_get_attr(SW_RC, 00047 T_PROCESS, 00048 i_tid, 00049 A_rc_role, &i_attr_val1, FALSE))) { 00050 rsbac_pr_get_error(A_rc_role); 00051 return (NOT_GRANTED); 00052 } 00053 switch (target) { 00054 case T_FILE: 00055 case T_DIR: 00056 case T_FIFO: 00057 case T_SYMLINK: 00058 case T_UNIXSOCK: 00059 i_rc_item = RI_type_comp_fd; 00060 i_attr = A_rc_type_fd; 00061 break; 00062 case T_DEV: 00063 i_rc_item = RI_type_comp_dev; 00064 i_attr = A_rc_type; 00065 break; 00066 case T_USER: 00067 i_rc_item = RI_type_comp_user; 00068 i_attr = A_rc_type; 00069 break; 00070 case T_PROCESS: 00071 i_rc_item = RI_type_comp_process; 00072 i_attr = A_rc_type; 00073 break; 00074 case T_IPC: 00075 i_rc_item = RI_type_comp_ipc; 00076 i_attr = A_rc_type; 00077 break; 00078 #if defined(CONFIG_RSBAC_RC_UM_PROT) 00079 case T_GROUP: 00080 i_rc_item = RI_type_comp_group; 00081 i_attr = A_rc_type; 00082 break; 00083 #endif 00084 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT) 00085 case T_NETDEV: 00086 i_rc_item = RI_type_comp_netdev; 00087 i_attr = A_rc_type; 00088 break; 00089 #endif 00090 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 00091 case T_NETTEMP: 00092 i_rc_item = RI_type_comp_nettemp; 00093 i_attr = A_rc_type_nt; 00094 break; 00095 case T_NETOBJ: 00096 i_rc_item = RI_type_comp_netobj; 00097 if (rsbac_net_remote_request(request)) 00098 i_attr = A_remote_rc_type; 00099 else 00100 i_attr = A_local_rc_type; 00101 break; 00102 #endif 00103 default: 00104 rsbac_printk(KERN_WARNING "check_comp_rc(): invalid target %i!\n", 00105 target); 00106 return (NOT_GRANTED); 00107 } 00108 00109 /* get rc_type[_fd|_nt] from target */ 00110 if ((err = rsbac_get_attr(SW_RC, 00111 target, 00112 tid, i_attr, &i_attr_val2, TRUE))) { 00113 rsbac_pr_get_error(i_attr); 00114 return (NOT_GRANTED); 00115 } 00116 00117 /* get type_comp_xxx of role */ 00118 i_rc_subtid.type = i_attr_val2.rc_type; 00119 if (rsbac_rc_check_comp(i_attr_val1.rc_role, 00120 i_rc_subtid, i_rc_item, request)) 00121 return (GRANTED); 00122 else { 00123 #ifdef CONFIG_RSBAC_DEBUG 00124 if (rsbac_debug_adf_rc) { 00125 char *tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN); 00126 00127 if (tmp) { 00128 char *tmp2 = 00129 rsbac_kmalloc(RSBAC_MAXNAMELEN); 00130 if (tmp2) { 00131 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, %s rc_type %u, request %s -> NOT_GRANTED!\n", 00132 caller_pid, 00133 current->comm, 00134 current->uid, 00135 i_attr_val1.rc_role, 00136 get_target_name_only 00137 (tmp, target), 00138 i_attr_val2.rc_type, 00139 get_rc_special_right_name 00140 (tmp2, request)); 00141 rsbac_kfree(tmp2); 00142 } 00143 rsbac_kfree(tmp); 00144 } 00145 } 00146 #endif 00147 return (NOT_GRANTED); 00148 } 00149 }
static enum rsbac_adf_req_ret_t check_comp_rc_scd | ( | enum rsbac_rc_scd_type_t | scd_type, | |
enum rsbac_adf_request_t | request, | |||
rsbac_pid_t | caller_pid | |||
) | [static] |
Definition at line 152 of file rc_main.c.
References A_rc_role, FALSE, get_request_name(), GRANTED, NOT_GRANTED, rsbac_target_id_t::process, rsbac_attribute_value_t::rc_role, RI_type_comp_scd, rsbac_get_attr, RSBAC_MAXNAMELEN, rsbac_pr_debug, rsbac_pr_get_error, rsbac_rc_check_comp(), SW_RC, T_PROCESS, and rsbac_rc_target_id_t::type.
Referenced by rsbac_adf_request_rc().
00154 { 00155 int err; 00156 union rsbac_target_id_t i_tid; 00157 union rsbac_attribute_value_t i_attr_val1; 00158 00159 union rsbac_rc_target_id_t i_rc_subtid; 00160 00161 /* get rc_role from process */ 00162 i_tid.process = caller_pid; 00163 if ((err = rsbac_get_attr(SW_RC, 00164 T_PROCESS, 00165 i_tid, 00166 A_rc_role, &i_attr_val1, FALSE))) { 00167 rsbac_pr_get_error(A_rc_role); 00168 return (NOT_GRANTED); 00169 } 00170 /* get type_comp_scd of role */ 00171 i_rc_subtid.type = scd_type; 00172 if (rsbac_rc_check_comp(i_attr_val1.rc_role, 00173 i_rc_subtid, RI_type_comp_scd, request)) { 00174 return (GRANTED); 00175 } else { 00176 char tmp[RSBAC_MAXNAMELEN]; 00177 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %i, scd_type %i, request %s -> NOT_GRANTED!\n", 00178 caller_pid, current->comm, current->uid, 00179 i_attr_val1.rc_role, scd_type, 00180 get_request_name(tmp, request)); 00181 return (NOT_GRANTED); 00182 } 00183 }
enum rsbac_adf_req_ret_t rsbac_adf_request_rc | ( | enum rsbac_adf_request_t | request, | |
rsbac_pid_t | caller_pid, | |||
enum rsbac_target_t | target, | |||
union rsbac_target_id_t | tid, | |||
enum rsbac_attribute_t | attr, | |||
union rsbac_attribute_value_t | attr_val, | |||
rsbac_uid_t | owner | |||
) | [inline] |
Definition at line 403 of file rc_main.c.
References A_audit_uid, A_auid_exempt, A_auth_last_auth, A_auth_learn, A_auth_may_set_cap, A_auth_may_setuid, A_fake_root_uid, A_linux_dac_disable, A_local_rc_type, A_log_array_high, A_log_array_low, A_log_program_based, A_log_user_based, A_none, A_pseudo, A_rc_def_role, A_rc_force_role, A_rc_initial_role, A_rc_role, A_rc_select_type, A_rc_type, A_rc_type_fd, A_rc_type_nt, A_remote_ip, A_remote_rc_type, A_symlink_add_rc_role, A_symlink_add_remote_ip, A_symlink_add_uid, rsbac_attribute_value_t::auth_last_auth, check_comp_rc(), check_comp_rc_scd(), DO_NOT_CARE, FALSE, GRANTED, NOT_GRANTED, NULL, rsbac_target_id_t::process, R_ACCEPT, R_ADD_TO_KERNEL, R_ALTER, R_APPEND_OPEN, R_AUTHENTICATE, R_BIND, R_CHANGE_GROUP, R_CHANGE_OWNER, R_CHDIR, R_CLONE, R_CLOSE, R_CONNECT, R_CREATE, R_DELETE, R_EXECUTE, R_GET_PERMISSIONS_DATA, R_GET_STATUS_DATA, R_IOCTL, R_LINK_HARD, R_LISTEN, R_LOCK, R_MAP_EXEC, R_MODIFY_ACCESS_DATA, R_MODIFY_ATTRIBUTE, R_MODIFY_PERMISSIONS_DATA, R_MODIFY_SYSTEM_DATA, R_MOUNT, R_NET_SHUTDOWN, R_READ, R_READ_ATTRIBUTE, R_READ_OPEN, R_READ_WRITE_OPEN, R_RECEIVE, R_REMOVE_FROM_KERNEL, R_RENAME, R_SEARCH, R_SEND, R_SEND_SIGNAL, R_SHUTDOWN, R_SWITCH_LOG, R_SWITCH_MODULE, R_TERMINATE, R_TRACE, R_TRUNCATE, R_UMOUNT, R_WRITE, R_WRITE_OPEN, rsbac_attribute_value_t::rc_role, RC_role_inherit_user, rsbac_attribute_value_t::rc_select_type, rsbac_attribute_value_t::rc_type, RC_type_inherit_parent, RC_type_inherit_process, RC_type_no_chown, RC_type_no_create, RC_type_no_execute, RC_type_use_fd, RC_type_use_new_role_def_create, RCR_ASSIGN, RCR_CHANGE_AUTHED_OWNER, RCR_MODIFY_AUTH, RCR_SELECT, RI_def_fd_create_type, RI_def_fd_ind_create_type, RI_def_group_create_type, RI_def_ipc_create_type, RI_def_process_chown_type, RI_def_process_create_type, RI_def_process_execute_type, RI_def_user_create_type, RI_type_comp_fd, RI_type_comp_group, RI_type_comp_ipc, RI_type_comp_nettemp, RI_type_comp_process, RI_type_comp_user, rsbac_rc_target_id_t::role, rsbac_get_attr, rsbac_pr_debug, rsbac_pr_get_error, rsbac_printk(), rsbac_rc_check_comp(), rsbac_rc_check_type_comp(), RSBAC_RC_GENERAL_TYPE, rsbac_rc_get_item(), rsbac_rc_pr_get_error, rsbac_rc_test_assign_roles(), rsbac_rc_test_role_admin(), RST_auth_administration, RT_ROLE, rsbac_target_id_t::scd, ST_other, SW_AUTH, SW_FREEZE, SW_RC, SW_SOFTMODE, T_DEV, T_DIR, T_FIFO, T_FILE, T_GROUP, T_IPC, T_NETDEV, T_NETOBJ, T_NETTEMP, T_NONE, T_PROCESS, T_SCD, T_SYMLINK, T_UNIXSOCK, T_USER, TRUE, rsbac_rc_target_id_t::type, rsbac_rc_item_value_t::type_id, UNDEFINED, and rsbac_target_id_t::user.
Referenced by rsbac_adf_request_int().
00410 { 00411 int err; 00412 enum rsbac_adf_req_ret_t result = DO_NOT_CARE; 00413 union rsbac_attribute_value_t i_attr_val1; 00414 union rsbac_rc_target_id_t i_rc_tid; 00415 union rsbac_rc_target_id_t i_rc_subtid; 00416 union rsbac_rc_item_value_t i_rc_item_val1; 00417 union rsbac_target_id_t i_tid; 00418 union rsbac_attribute_value_t i_attr_val2; 00419 00420 switch (request) { 00421 case R_SEARCH: 00422 switch (target) { 00423 case T_DIR: 00424 case T_FILE: 00425 case T_SYMLINK: 00426 case T_FIFO: 00427 case T_UNIXSOCK: 00428 case T_DEV: 00429 case T_NETOBJ: 00430 #if defined(CONFIG_RSBAC_RC_UM_PROT) 00431 case T_USER: 00432 case T_GROUP: 00433 #endif 00434 return (check_comp_rc 00435 (target, tid, request, caller_pid)); 00436 00437 /* all other cases are unknown */ 00438 default: 00439 return (DO_NOT_CARE); 00440 } 00441 00442 case R_CLOSE: 00443 return DO_NOT_CARE; 00444 00445 case R_GET_STATUS_DATA: 00446 switch (target) { 00447 case T_SCD: 00448 return (check_comp_rc_scd 00449 (tid.scd, request, caller_pid)); 00450 case T_FILE: 00451 case T_DIR: 00452 case T_FIFO: 00453 case T_SYMLINK: 00454 case T_UNIXSOCK: 00455 case T_IPC: 00456 case T_PROCESS: 00457 case T_DEV: 00458 #if defined(CONFIG_RSBAC_RC_UM_PROT) 00459 case T_USER: 00460 case T_GROUP: 00461 #endif 00462 return (check_comp_rc 00463 (target, tid, request, caller_pid)); 00464 00465 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT) 00466 case T_NETDEV: 00467 return (check_comp_rc 00468 (target, tid, request, caller_pid)); 00469 #endif 00470 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 00471 case T_NETOBJ: 00472 return (check_comp_rc 00473 (target, tid, request, caller_pid)); 00474 #endif 00475 00476 default: 00477 return (DO_NOT_CARE); 00478 } 00479 00480 case R_SEND: 00481 switch (target) { 00482 case T_DEV: 00483 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 00484 case T_NETOBJ: 00485 #endif 00486 return (check_comp_rc 00487 (target, tid, request, caller_pid)); 00488 00489 case T_UNIXSOCK: 00490 case T_IPC: 00491 #if defined(CONFIG_RSBAC_RC_NET_OBJ_UNIX_PROCESS) 00492 if (attr == A_process) { 00493 enum rsbac_adf_req_ret_t tmp_result; 00494 00495 i_tid.process = attr_val.process; 00496 tmp_result = check_comp_rc(T_PROCESS, i_tid, 00497 R_SEND, 00498 caller_pid); 00499 if ((tmp_result == NOT_GRANTED) 00500 || (tmp_result == UNDEFINED) 00501 ) 00502 return tmp_result; 00503 } 00504 #endif /* UNIX_PROCESS */ 00505 return (check_comp_rc 00506 (target, tid, request, caller_pid)); 00507 00508 00509 /* all other cases are undefined */ 00510 default: 00511 return (DO_NOT_CARE); 00512 } 00513 00514 case R_LISTEN: 00515 case R_NET_SHUTDOWN: 00516 switch (target) { 00517 case T_UNIXSOCK: 00518 case T_IPC: 00519 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 00520 case T_NETOBJ: 00521 #endif 00522 return (check_comp_rc 00523 (target, tid, request, caller_pid)); 00524 00525 /* all other cases are undefined */ 00526 default: 00527 return (DO_NOT_CARE); 00528 } 00529 case R_ACCEPT: 00530 case R_CONNECT: 00531 case R_RECEIVE: 00532 switch (target) { 00533 case T_UNIXSOCK: 00534 case T_IPC: 00535 #if defined(CONFIG_RSBAC_RC_NET_OBJ_UNIX_PROCESS) 00536 if (attr == A_process) { 00537 enum rsbac_adf_req_ret_t tmp_result; 00538 00539 i_tid.process = attr_val.process; 00540 tmp_result = check_comp_rc(T_PROCESS, i_tid, 00541 request, 00542 caller_pid); 00543 if ((tmp_result == NOT_GRANTED) 00544 || (tmp_result == UNDEFINED) 00545 ) 00546 return tmp_result; 00547 } 00548 #endif /* UNIX_PROCESS */ 00549 return (check_comp_rc 00550 (target, tid, request, caller_pid)); 00551 00552 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 00553 case T_NETOBJ: 00554 return (check_comp_rc 00555 (target, tid, request, caller_pid)); 00556 #endif 00557 00558 /* all other cases are undefined */ 00559 default: 00560 return (DO_NOT_CARE); 00561 } 00562 00563 case R_READ: 00564 case R_WRITE: 00565 switch (target) { 00566 case T_DIR: 00567 #ifdef CONFIG_RSBAC_RW 00568 case T_FILE: 00569 case T_FIFO: 00570 case T_DEV: 00571 #endif 00572 #if defined(CONFIG_RSBAC_RC_UM_PROT) 00573 case T_USER: 00574 case T_GROUP: 00575 #endif 00576 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 00577 #if defined(CONFIG_RSBAC_NET_OBJ_RW) 00578 case T_NETTEMP: 00579 #endif 00580 #endif 00581 return (check_comp_rc 00582 (target, tid, request, caller_pid)); 00583 00584 #ifdef CONFIG_RSBAC_RW 00585 case T_IPC: 00586 case T_UNIXSOCK: 00587 #if defined(CONFIG_RSBAC_RC_NET_OBJ_UNIX_PROCESS) 00588 if (attr == A_process) { 00589 enum rsbac_adf_req_ret_t tmp_result; 00590 00591 i_tid.process = attr_val.process; 00592 if (request == R_READ) 00593 tmp_result = 00594 check_comp_rc(T_PROCESS, i_tid, 00595 R_RECEIVE, 00596 caller_pid); 00597 else 00598 tmp_result = 00599 check_comp_rc(T_PROCESS, i_tid, 00600 R_SEND, 00601 caller_pid); 00602 if ((tmp_result == NOT_GRANTED) 00603 || (tmp_result == UNDEFINED) 00604 ) 00605 return tmp_result; 00606 } 00607 #endif /* UNIX_PROCESS */ 00608 return (check_comp_rc 00609 (target, tid, request, caller_pid)); 00610 #endif /* RW */ 00611 00612 case T_SCD: 00613 return (check_comp_rc_scd 00614 (tid.scd, request, caller_pid)); 00615 00616 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 00617 #if defined(CONFIG_RSBAC_NET_OBJ_RW) 00618 case T_NETOBJ: 00619 return (check_comp_rc 00620 (target, tid, request, caller_pid)); 00621 #endif 00622 #endif 00623 00624 /* all other cases are unknown */ 00625 default: 00626 return (DO_NOT_CARE); 00627 } 00628 00629 case R_APPEND_OPEN: 00630 case R_READ_WRITE_OPEN: 00631 switch (target) { 00632 case T_FILE: 00633 case T_DEV: 00634 case T_FIFO: 00635 case T_IPC: 00636 return (check_comp_rc 00637 (target, tid, request, caller_pid)); 00638 00639 /* all other cases are unknown */ 00640 default: 00641 return (DO_NOT_CARE); 00642 } 00643 00644 case R_MAP_EXEC: 00645 switch (target) { 00646 case T_FILE: 00647 return (check_comp_rc 00648 (target, tid, request, caller_pid)); 00649 00650 /* all other cases are unknown */ 00651 default: 00652 return (DO_NOT_CARE); 00653 } 00654 00655 case R_CHANGE_GROUP: 00656 switch (target) { 00657 case T_FILE: 00658 case T_DIR: 00659 case T_FIFO: 00660 case T_SYMLINK: 00661 case T_IPC: 00662 #if defined(CONFIG_RSBAC_RC_UM_PROT) 00663 case T_USER: 00664 #endif 00665 return (check_comp_rc 00666 (target, tid, request, caller_pid)); 00667 00668 /* all other cases are unknown */ 00669 default: 00670 return (DO_NOT_CARE); 00671 } 00672 00673 case R_CHANGE_OWNER: 00674 switch (target) { 00675 case T_FILE: 00676 case T_DIR: 00677 case T_FIFO: 00678 case T_SYMLINK: 00679 case T_IPC: 00680 return (check_comp_rc 00681 (target, tid, request, caller_pid)); 00682 00683 #ifdef CONFIG_RSBAC_USER_CHOWN 00684 case T_USER: 00685 #if defined(CONFIG_RSBAC_AUTH) 00686 result = check_comp_rc(target, tid, request, caller_pid); 00687 if((result == GRANTED) || (result == DO_NOT_CARE)) 00688 return result; 00689 i_tid.process = caller_pid; 00690 if ((err = rsbac_get_attr(SW_AUTH, T_PROCESS, 00691 i_tid, 00692 A_auth_last_auth, 00693 &i_attr_val1, FALSE))) { 00694 rsbac_pr_get_error(A_auth_last_auth); 00695 return NOT_GRANTED; 00696 } 00697 if(i_attr_val1.auth_last_auth != tid.user) 00698 return NOT_GRANTED; 00699 else 00700 return check_comp_rc(target, tid, RCR_CHANGE_AUTHED_OWNER, caller_pid); 00701 #else 00702 return check_comp_rc(target, tid, request, caller_pid); 00703 #endif 00704 #endif 00705 00706 case T_PROCESS: 00707 /* get rc_role from process */ 00708 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 00709 tid, 00710 A_rc_role, 00711 &i_attr_val1, FALSE))) { 00712 rsbac_pr_get_error(A_rc_role); 00713 return NOT_GRANTED; 00714 } 00715 /* get def_process_chown_type of role */ 00716 i_rc_tid.role = i_attr_val1.rc_role; 00717 if ((err = rsbac_rc_get_item(0, RT_ROLE, i_rc_tid, i_rc_tid, /* dummy */ 00718 RI_def_process_chown_type, 00719 &i_rc_item_val1, 00720 NULL))) { 00721 rsbac_rc_pr_get_error 00722 (RI_def_process_chown_type); 00723 return NOT_GRANTED; 00724 } 00725 if ((i_rc_item_val1.type_id == RC_type_no_chown) 00726 || (i_rc_item_val1.type_id == 00727 RC_type_no_create) 00728 ) 00729 return (NOT_GRANTED); 00730 else 00731 return (GRANTED); 00732 00733 /* all other cases are unknown */ 00734 default: 00735 return (DO_NOT_CARE); 00736 } 00737 00738 case R_CHDIR: 00739 switch (target) { 00740 case T_DIR: 00741 return (check_comp_rc 00742 (target, tid, request, caller_pid)); 00743 00744 /* all other cases are unknown */ 00745 default: 00746 return (DO_NOT_CARE); 00747 } 00748 00749 case R_CLONE: 00750 if (target == T_PROCESS) { 00751 /* check, whether we may create process of def_process_create_type */ 00752 /* get rc_role from process */ 00753 i_tid.process = caller_pid; 00754 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 00755 i_tid, 00756 A_rc_role, 00757 &i_attr_val1, FALSE))) { 00758 rsbac_pr_get_error(A_rc_role); 00759 return (NOT_GRANTED); 00760 } 00761 /* get def_process_create_type of role */ 00762 i_rc_tid.role = i_attr_val1.rc_role; 00763 if ((err = rsbac_rc_get_item(0, 00764 RT_ROLE, 00765 i_rc_tid, 00766 i_rc_tid, 00767 RI_def_process_create_type, 00768 &i_rc_item_val1, 00769 NULL))) { 00770 rsbac_rc_pr_get_error 00771 (RI_def_process_create_type); 00772 return NOT_GRANTED; 00773 } 00774 switch (i_rc_item_val1.type_id) { 00775 case RC_type_no_create: 00776 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_process_create_type no_create, request CLONE -> NOT_GRANTED!\n", 00777 caller_pid, current->comm, 00778 current->uid, 00779 i_attr_val1.rc_role); 00780 return (NOT_GRANTED); 00781 00782 case RC_type_use_new_role_def_create: 00783 case RC_type_use_fd: 00784 /* error - complain and return error */ 00785 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_process_create_type of role %i!\n", 00786 i_attr_val1.rc_role); 00787 return (NOT_GRANTED); 00788 00789 case RC_type_inherit_parent: 00790 case RC_type_inherit_process: 00791 return GRANTED; 00792 00793 default: 00794 /* check, whether role has CREATE right to new type */ 00795 /* check type_comp_process of role */ 00796 i_rc_subtid.type = i_rc_item_val1.type_id; 00797 if (rsbac_rc_check_comp 00798 (i_attr_val1.rc_role, i_rc_subtid, 00799 RI_type_comp_process, R_CREATE)) 00800 return (GRANTED); 00801 else { 00802 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_process_create_type %i -> NOT_GRANTED!\n", 00803 i_attr_val1.rc_role, 00804 i_rc_item_val1. 00805 type_id); 00806 return (NOT_GRANTED); 00807 } 00808 } 00809 } else 00810 return (DO_NOT_CARE); 00811 00812 /* Creating dir or (pseudo) file IN target dir! */ 00813 case R_CREATE: 00814 switch (target) { 00815 case T_DIR: 00816 /* check, whether we may create files/dirs in this dir */ 00817 result = 00818 check_comp_rc(target, tid, request, 00819 caller_pid); 00820 if ((result != GRANTED) && (result != DO_NOT_CARE)) 00821 return result; 00822 00823 /* get rc_role from process */ 00824 i_tid.process = caller_pid; 00825 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 00826 i_tid, 00827 A_rc_role, 00828 &i_attr_val1, FALSE))) { 00829 rsbac_pr_get_error(A_rc_role); 00830 return (NOT_GRANTED); 00831 } 00832 /* Check, whether this process has a preselected type */ 00833 i_tid.process = caller_pid; 00834 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 00835 i_tid, 00836 A_rc_select_type, 00837 &i_attr_val2, FALSE))) { 00838 rsbac_pr_get_error(A_rc_select_type); 00839 return (NOT_GRANTED); 00840 } 00841 if (i_attr_val2.rc_select_type == RC_type_use_fd) { 00842 /* get def_fd_create_type of role */ 00843 /* First get target dir's efftype */ 00844 if ((err = rsbac_get_attr(SW_RC, 00845 target, 00846 tid, 00847 A_rc_type_fd, 00848 &i_attr_val2, TRUE))) { 00849 rsbac_pr_get_error(A_rc_type_fd); 00850 return NOT_GRANTED; 00851 } 00852 i_rc_tid.role = i_attr_val1.rc_role; 00853 i_rc_subtid.type = i_attr_val2.rc_type; 00854 if ((err = rsbac_rc_get_item(0, RT_ROLE, i_rc_tid, i_rc_subtid, RI_def_fd_ind_create_type, &i_rc_item_val1, NULL))) { /* No individual create type -> try global */ 00855 if ((err = rsbac_rc_get_item(0, 00856 RT_ROLE, 00857 i_rc_tid, 00858 i_rc_subtid, 00859 RI_def_fd_create_type, 00860 &i_rc_item_val1, 00861 NULL))) { 00862 rsbac_rc_pr_get_error 00863 (RI_def_fd_create_type); 00864 return (NOT_GRANTED); 00865 } 00866 } 00867 } else 00868 i_rc_item_val1.type_id = i_attr_val2.rc_select_type; 00869 00870 switch (i_rc_item_val1.type_id) { 00871 case RC_type_inherit_parent: 00872 return GRANTED; 00873 case RC_type_no_create: 00874 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_fd_create_type no_create, request CREATE -> NOT_GRANTED!\n", 00875 caller_pid, current->comm, 00876 current->uid, 00877 i_attr_val1.rc_role); 00878 return (NOT_GRANTED); 00879 break; 00880 00881 case RC_type_use_new_role_def_create: 00882 case RC_type_inherit_process: 00883 case RC_type_use_fd: 00884 /* error - complain and return error */ 00885 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_fd_create_type of role %i!\n", 00886 i_attr_val1.rc_role); 00887 return (NOT_GRANTED); 00888 00889 default: 00890 /* check, whether role has CREATE right to new type */ 00891 /* get type_comp_fd of role */ 00892 i_rc_subtid.type = i_rc_item_val1.type_id; 00893 if (rsbac_rc_check_comp 00894 (i_attr_val1.rc_role, i_rc_subtid, 00895 RI_type_comp_fd, R_CREATE)) 00896 return (GRANTED); 00897 else { 00898 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_fd_create_type %i -> NOT_GRANTED!\n", 00899 i_attr_val1.rc_role, 00900 i_rc_item_val1. 00901 type_id); 00902 return (NOT_GRANTED); 00903 } 00904 } 00905 00906 case T_IPC: 00907 /* check, whether we may create IPC of def_ipc_create_type */ 00908 /* get rc_role from process */ 00909 i_tid.process = caller_pid; 00910 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 00911 i_tid, 00912 A_rc_role, 00913 &i_attr_val1, FALSE))) { 00914 rsbac_pr_get_error(A_rc_role); 00915 return NOT_GRANTED; 00916 } 00917 /* get def_ipc_create_type of role */ 00918 i_rc_tid.role = i_attr_val1.rc_role; 00919 if ((err = rsbac_rc_get_item(0, 00920 RT_ROLE, 00921 i_rc_tid, 00922 i_rc_tid, 00923 RI_def_ipc_create_type, 00924 &i_rc_item_val1, 00925 NULL))) { 00926 rsbac_rc_pr_get_error 00927 (RI_def_ipc_create_type); 00928 return (NOT_GRANTED); 00929 } 00930 switch (i_rc_item_val1.type_id) { 00931 case RC_type_no_create: 00932 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_ipc_create_type no_create, request CREATE -> NOT_GRANTED!\n", 00933 caller_pid, current->comm, 00934 current->uid, 00935 i_attr_val1.rc_role); 00936 return (NOT_GRANTED); 00937 00938 case RC_type_use_new_role_def_create: 00939 /* error - complain and return error */ 00940 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_ipc_create_type of role %i!\n", 00941 i_attr_val1.rc_role); 00942 return (NOT_GRANTED); 00943 00944 case RC_type_inherit_parent: 00945 case RC_type_inherit_process: 00946 case RC_type_use_fd: 00947 /* error - complain and return error */ 00948 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type inherit_parent in def_ipc_create_type of role %i!\n", 00949 i_attr_val1.rc_role); 00950 return (NOT_GRANTED); 00951 00952 default: 00953 /* check, whether role has CREATE right to new type */ 00954 /* get type_comp_ipc of role */ 00955 i_rc_subtid.type = i_rc_item_val1.type_id; 00956 if (rsbac_rc_check_comp 00957 (i_attr_val1.rc_role, i_rc_subtid, 00958 RI_type_comp_ipc, R_CREATE)) 00959 return (GRANTED); 00960 else { 00961 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_ipc_create_type %i -> NOT_GRANTED!\n", 00962 i_attr_val1.rc_role, 00963 i_rc_item_val1. 00964 type_id); 00965 return (NOT_GRANTED); 00966 } 00967 } 00968 00969 #if defined(CONFIG_RSBAC_RC_UM_PROT) 00970 case T_USER: 00971 /* check, whether we may create USER of def_user_create_type */ 00972 /* get rc_role from process */ 00973 i_tid.process = caller_pid; 00974 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 00975 i_tid, 00976 A_rc_role, 00977 &i_attr_val1, FALSE))) { 00978 rsbac_pr_get_error(A_rc_role); 00979 return (NOT_GRANTED); 00980 } 00981 /* get def_user_create_type of role */ 00982 i_rc_tid.role = i_attr_val1.rc_role; 00983 if ((err = rsbac_rc_get_item(0, 00984 RT_ROLE, 00985 i_rc_tid, 00986 i_rc_tid, 00987 RI_def_user_create_type, 00988 &i_rc_item_val1, 00989 NULL))) { 00990 rsbac_rc_pr_get_error 00991 (RI_def_user_create_type); 00992 return (NOT_GRANTED); 00993 } 00994 switch (i_rc_item_val1.type_id) { 00995 case RC_type_no_create: 00996 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_user_create_type no_create, request CREATE -> NOT_GRANTED!\n", 00997 caller_pid, current->comm, 00998 current->uid, 00999 i_attr_val1.rc_role); 01000 return (NOT_GRANTED); 01001 01002 case RC_type_use_new_role_def_create: 01003 /* error - complain and return error */ 01004 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_user_create_type of role %i!\n", 01005 i_attr_val1.rc_role); 01006 return (NOT_GRANTED); 01007 01008 case RC_type_inherit_parent: 01009 case RC_type_inherit_process: 01010 case RC_type_use_fd: 01011 /* error - complain and return error */ 01012 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type inherit_parent in def_user_create_type of role %i!\n", 01013 i_attr_val1.rc_role); 01014 return (NOT_GRANTED); 01015 01016 default: 01017 /* check, whether role has CREATE right to new type */ 01018 /* get type_comp_ipc of role */ 01019 i_rc_subtid.type = i_rc_item_val1.type_id; 01020 if (rsbac_rc_check_comp 01021 (i_attr_val1.rc_role, i_rc_subtid, 01022 RI_type_comp_user, R_CREATE)) 01023 return (GRANTED); 01024 else { 01025 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_user_create_type %i -> NOT_GRANTED!\n", 01026 i_attr_val1.rc_role, 01027 i_rc_item_val1. 01028 type_id); 01029 return (NOT_GRANTED); 01030 } 01031 } 01032 01033 case T_GROUP: 01034 /* check, whether we may create GROUP of def_group_create_type */ 01035 /* get rc_role from process */ 01036 i_tid.process = caller_pid; 01037 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 01038 i_tid, 01039 A_rc_role, 01040 &i_attr_val1, FALSE))) { 01041 rsbac_pr_get_error(A_rc_role); 01042 return (NOT_GRANTED); 01043 } 01044 /* get def_group_create_type of role */ 01045 i_rc_tid.role = i_attr_val1.rc_role; 01046 if ((err = rsbac_rc_get_item(0, 01047 RT_ROLE, 01048 i_rc_tid, 01049 i_rc_tid, 01050 RI_def_group_create_type, 01051 &i_rc_item_val1, 01052 NULL))) { 01053 rsbac_rc_pr_get_error 01054 (RI_def_group_create_type); 01055 return (NOT_GRANTED); 01056 } 01057 switch (i_rc_item_val1.type_id) { 01058 case RC_type_no_create: 01059 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_group_create_type no_create, request CREATE -> NOT_GRANTED!\n", 01060 caller_pid, current->comm, 01061 current->uid, 01062 i_attr_val1.rc_role); 01063 return (NOT_GRANTED); 01064 01065 case RC_type_use_new_role_def_create: 01066 /* error - complain and return error */ 01067 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_group_create_type of role %i!\n", 01068 i_attr_val1.rc_role); 01069 return (NOT_GRANTED); 01070 01071 case RC_type_inherit_parent: 01072 case RC_type_inherit_process: 01073 case RC_type_use_fd: 01074 /* error - complain and return error */ 01075 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): invalid type inherit_parent in def_group_create_type of role %i!\n", 01076 i_attr_val1.rc_role); 01077 return (NOT_GRANTED); 01078 01079 default: 01080 /* check, whether role has CREATE right to new type */ 01081 /* get type_comp_ipc of role */ 01082 i_rc_subtid.type = i_rc_item_val1.type_id; 01083 if (rsbac_rc_check_comp 01084 (i_attr_val1.rc_role, i_rc_subtid, 01085 RI_type_comp_group, R_CREATE)) 01086 return (GRANTED); 01087 else { 01088 rsbac_printk(KERN_WARNING "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_group_create_type %i -> NOT_GRANTED!\n", 01089 i_attr_val1.rc_role, 01090 i_rc_item_val1. 01091 type_id); 01092 return (NOT_GRANTED); 01093 } 01094 } 01095 #endif /* RSBAC_RC_UM_PROT */ 01096 01097 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 01098 case T_NETTEMP: 01099 /* get rc_role from process */ 01100 i_tid.process = caller_pid; 01101 if ((err = rsbac_get_attr(SW_RC, 01102 T_PROCESS, 01103 i_tid, 01104 A_rc_role, 01105 &i_attr_val1, FALSE))) { 01106 rsbac_pr_get_error(A_rc_role); 01107 return NOT_GRANTED; 01108 } 01109 /* get type_comp_xxx of role - we always use type GENERAL for CREATE */ 01110 i_rc_subtid.type = RSBAC_RC_GENERAL_TYPE; 01111 if (rsbac_rc_check_comp(i_attr_val1.rc_role, 01112 i_rc_subtid, 01113 RI_type_comp_nettemp, 01114 request)) 01115 return (GRANTED); 01116 else { 01117 rsbac_pr_debug(adf_rc, "rc_role is %i, rc_nettemp_type is %i, request is CREATE -> NOT_GRANTED!\n", 01118 i_attr_val1.rc_role, 01119 RSBAC_RC_GENERAL_TYPE); 01120 return (NOT_GRANTED); 01121 } 01122 01123 case T_NETOBJ: 01124 /* check, whether we may create NETOBJ of this type */ 01125 return(check_comp_rc(target, tid, request, caller_pid)); 01126 #endif 01127 01128 /* all other cases are unknown */ 01129 default: 01130 return (DO_NOT_CARE); 01131 } 01132 01133 case R_DELETE: 01134 switch (target) { 01135 case T_FILE: 01136 case T_DIR: 01137 case T_FIFO: 01138 case T_SYMLINK: 01139 case T_UNIXSOCK: 01140 case T_IPC: 01141 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 01142 case T_NETTEMP: 01143 case T_NETOBJ: 01144 #endif 01145 #if defined(CONFIG_RSBAC_RC_UM_PROT) 01146 case T_USER: 01147 case T_GROUP: 01148 #endif 01149 return (check_comp_rc 01150 (target, tid, request, caller_pid)); 01151 01152 /* all other cases are unknown */ 01153 default: 01154 return (DO_NOT_CARE); 01155 } 01156 01157 case R_EXECUTE: 01158 switch (target) { 01159 case T_FILE: 01160 /* get rc_role from process */ 01161 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 01162 tid, 01163 A_rc_role, 01164 &i_attr_val1, FALSE))) { 01165 rsbac_pr_get_error(A_rc_role); 01166 return NOT_GRANTED; 01167 } 01168 /* get def_process_execute_type of role */ 01169 i_rc_tid.role = i_attr_val1.rc_role; 01170 if ((err = rsbac_rc_get_item(0, 01171 RT_ROLE, 01172 i_rc_tid, 01173 i_rc_tid, 01174 RI_def_process_execute_type, 01175 &i_rc_item_val1, 01176 NULL))) { 01177 rsbac_rc_pr_get_error 01178 (RI_def_process_execute_type); 01179 return (NOT_GRANTED); 01180 } 01181 if (i_rc_item_val1.type_id == RC_type_no_execute) 01182 return (NOT_GRANTED); 01183 else 01184 return (check_comp_rc 01185 (target, tid, request, 01186 caller_pid)); 01187 01188 /* all other cases are unknown */ 01189 default: 01190 return (DO_NOT_CARE); 01191 } 01192 01193 case R_GET_PERMISSIONS_DATA: 01194 switch (target) { 01195 case T_SCD: 01196 return (check_comp_rc_scd 01197 (tid.scd, request, caller_pid)); 01198 case T_FILE: 01199 case T_DIR: 01200 case T_FIFO: 01201 case T_SYMLINK: 01202 case T_UNIXSOCK: 01203 case T_IPC: 01204 case T_DEV: 01205 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 01206 case T_NETOBJ: 01207 #endif 01208 #if defined(CONFIG_RSBAC_RC_UM_PROT) 01209 case T_USER: 01210 case T_GROUP: 01211 #endif 01212 return (check_comp_rc 01213 (target, tid, request, caller_pid)); 01214 01215 default: 01216 return (DO_NOT_CARE); 01217 }; 01218 01219 case R_LINK_HARD: 01220 switch (target) { 01221 case T_FILE: 01222 case T_FIFO: 01223 case T_SYMLINK: 01224 return (check_comp_rc 01225 (target, tid, request, caller_pid)); 01226 01227 /* all other cases are unknown */ 01228 default: 01229 return (DO_NOT_CARE); 01230 } 01231 01232 case R_MODIFY_ACCESS_DATA: 01233 switch (target) { 01234 case T_FILE: 01235 case T_DIR: 01236 case T_FIFO: 01237 case T_SYMLINK: 01238 case T_UNIXSOCK: 01239 return (check_comp_rc 01240 (target, tid, request, caller_pid)); 01241 01242 /* all other cases are unknown */ 01243 default: 01244 return (DO_NOT_CARE); 01245 } 01246 01247 case R_AUTHENTICATE: 01248 switch (target) { 01249 case T_USER: 01250 return (check_comp_rc 01251 (target, tid, request, caller_pid)); 01252 01253 /* all other cases are unknown */ 01254 default: 01255 return (DO_NOT_CARE); 01256 } 01257 01258 case R_MODIFY_ATTRIBUTE: 01259 switch (attr) { /* owner must be changed by other request to prevent inconsistency */ 01260 case A_owner: 01261 return (NOT_GRANTED); 01262 case A_rc_type: 01263 case A_local_rc_type: 01264 case A_remote_rc_type: 01265 case A_rc_type_fd: 01266 case A_rc_type_nt: 01267 case A_rc_select_type: 01268 /* Granted on target? */ 01269 result = 01270 check_comp_rc(target, tid, request, 01271 caller_pid); 01272 if ((result == GRANTED) 01273 || (result == DO_NOT_CARE) 01274 ) { 01275 /* Granted on type? */ 01276 result = 01277 rsbac_rc_check_type_comp(target, 01278 attr_val. 01279 rc_type, 01280 RCR_ASSIGN, 01281 caller_pid); 01282 if ((result == GRANTED) 01283 || (result == DO_NOT_CARE) 01284 ) 01285 return result; 01286 } 01287 /* Classical admin_type check */ 01288 if ((err = rsbac_rc_test_role_admin(TRUE))) 01289 return (NOT_GRANTED); 01290 else 01291 return (GRANTED); 01292 01293 case A_rc_force_role: 01294 case A_rc_initial_role: 01295 case A_rc_role: 01296 case A_rc_def_role: 01297 /* Granted on target? */ 01298 result = 01299 check_comp_rc(target, tid, request, 01300 caller_pid); 01301 if ((result == GRANTED) 01302 || (result == DO_NOT_CARE) 01303 ) { 01304 /* test assign_roles of process / modify */ 01305 if (! 01306 (err = 01307 rsbac_rc_test_assign_roles(target, 01308 tid, attr, 01309 attr_val. 01310 rc_role))) 01311 return (GRANTED); 01312 } 01313 /* Classical admin_type check */ 01314 if (rsbac_rc_test_role_admin(TRUE)) 01315 return (NOT_GRANTED); 01316 else 01317 return (GRANTED); 01318 01319 /* you may only change a user's pseudo, if you also may assign her role */ 01320 case A_pseudo: 01321 if (target != T_USER) 01322 return UNDEFINED; 01323 /* test assign_roles of process for user's role only */ 01324 if (rsbac_rc_test_assign_roles 01325 (target, tid, A_rc_def_role, 01326 RC_role_inherit_user)) 01327 return (NOT_GRANTED); 01328 else 01329 return (GRANTED); 01330 01331 #ifdef CONFIG_RSBAC_RC_GEN_PROT 01332 case A_log_array_low: 01333 case A_log_array_high: 01334 case A_log_program_based: 01335 case A_log_user_based: 01336 case A_symlink_add_remote_ip: 01337 case A_symlink_add_uid: 01338 case A_symlink_add_rc_role: 01339 case A_linux_dac_disable: 01340 case A_fake_root_uid: 01341 case A_audit_uid: 01342 case A_auid_exempt: 01343 case A_remote_ip: 01344 /* Explicitely granted? */ 01345 result = 01346 check_comp_rc(target, tid, request, 01347 caller_pid); 01348 if ((result == GRANTED) 01349 || (result == DO_NOT_CARE) 01350 ) 01351 return result; 01352 /* Failed -> Classical admin_type check / modify */ 01353 if (rsbac_rc_test_role_admin(TRUE)) 01354 return (NOT_GRANTED); 01355 else 01356 return (GRANTED); 01357 #endif 01358 01359 /* All attributes (remove target!) */ 01360 case A_none: 01361 switch (target) { 01362 case T_USER: 01363 /* test assign_roles of process for user's role */ 01364 if ((err = 01365 rsbac_rc_test_assign_roles(target, 01366 tid, 01367 A_rc_def_role, 01368 RC_role_inherit_user))) 01369 return (NOT_GRANTED); 01370 else 01371 return (GRANTED); 01372 01373 default: 01374 /* Explicitely granted? */ 01375 return (check_comp_rc 01376 (target, tid, request, 01377 caller_pid)); 01378 } 01379 01380 #ifdef CONFIG_RSBAC_RC_AUTH_PROT 01381 case A_auth_may_setuid: 01382 case A_auth_may_set_cap: 01383 case A_auth_start_uid: 01384 case A_auth_start_euid: 01385 case A_auth_start_gid: 01386 case A_auth_start_egid: 01387 case A_auth_program_file: 01388 case A_auth_learn: 01389 case A_auth_add_f_cap: 01390 case A_auth_remove_f_cap: 01391 case A_auth_last_auth: 01392 /* may manipulate auth capabilities, if allowed in general... */ 01393 result = 01394 check_comp_rc_scd(RST_auth_administration, 01395 request, caller_pid); 01396 if ((result == GRANTED) 01397 || (result == DO_NOT_CARE) 01398 ) { 01399 /* ...and for this target */ 01400 result = 01401 check_comp_rc(target, tid, 01402 RCR_MODIFY_AUTH, 01403 caller_pid); 01404 if ((result == GRANTED) 01405 || (result == DO_NOT_CARE) 01406 ) 01407 return result; 01408 } 01409 /* Last chance: classical admin_type check */ 01410 if ((err = rsbac_rc_test_role_admin(TRUE))) 01411 return (NOT_GRANTED); 01412 else 01413 return (GRANTED); 01414 #endif 01415 01416 default: 01417 return (DO_NOT_CARE); 01418 } 01419 01420 case R_MODIFY_PERMISSIONS_DATA: 01421 switch (target) { 01422 case T_FILE: 01423 case T_DIR: 01424 case T_FIFO: 01425 case T_SYMLINK: 01426 case T_UNIXSOCK: 01427 case T_IPC: 01428 case T_DEV: 01429 #if defined(CONFIG_RSBAC_RC_UM_PROT) 01430 case T_USER: 01431 case T_GROUP: 01432 #endif 01433 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 01434 case T_NETOBJ: 01435 #endif 01436 return (check_comp_rc 01437 (target, tid, request, caller_pid)); 01438 01439 case T_SCD: 01440 return (check_comp_rc_scd 01441 (tid.scd, request, caller_pid)); 01442 01443 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE 01444 case T_NONE: 01445 /* may turn off Linux DAC, if compatible */ 01446 return (check_comp_rc_scd 01447 (ST_other, request, caller_pid)); 01448 #endif 01449 01450 /* all other cases are unknown */ 01451 default: 01452 return (DO_NOT_CARE); 01453 } 01454 01455 case R_MODIFY_SYSTEM_DATA: 01456 switch (target) { 01457 case T_SCD: 01458 return (check_comp_rc_scd 01459 (tid.scd, request, caller_pid)); 01460 01461 case T_DEV: 01462 case T_PROCESS: 01463 case T_IPC: 01464 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT) 01465 case T_NETDEV: 01466 #endif 01467 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 01468 case T_NETOBJ: 01469 #endif 01470 return (check_comp_rc 01471 (target, tid, request, caller_pid)); 01472 01473 /* all other cases are unknown */ 01474 default: 01475 return (DO_NOT_CARE); 01476 } 01477 01478 case R_MOUNT: 01479 switch (target) { 01480 case T_FILE: 01481 case T_DIR: 01482 case T_DEV: 01483 return (check_comp_rc 01484 (target, tid, request, caller_pid)); 01485 01486 /* all other cases are unknown */ 01487 default: 01488 return (DO_NOT_CARE); 01489 } 01490 01491 case R_READ_ATTRIBUTE: 01492 switch (attr) { 01493 case A_rc_type: 01494 case A_rc_type_fd: 01495 case A_rc_type_nt: 01496 case A_rc_force_role: 01497 case A_rc_initial_role: 01498 case A_rc_role: 01499 case A_rc_def_role: 01500 case A_rc_select_type: 01501 case A_pseudo: 01502 #ifdef CONFIG_RSBAC_RC_GEN_PROT 01503 case A_owner: 01504 case A_log_array_low: 01505 case A_log_array_high: 01506 case A_log_program_based: 01507 case A_log_user_based: 01508 case A_symlink_add_remote_ip: 01509 case A_symlink_add_uid: 01510 case A_symlink_add_rc_role: 01511 case A_linux_dac_disable: 01512 case A_fake_root_uid: 01513 case A_audit_uid: 01514 case A_auid_exempt: 01515 case A_remote_ip: 01516 #endif 01517 /* Explicitely granted? */ 01518 result = 01519 check_comp_rc(target, tid, request, 01520 caller_pid); 01521 if ((result == GRANTED) 01522 || (result == DO_NOT_CARE) 01523 ) 01524 return result; 01525 /* Failed -> Classical admin_type check / modify */ 01526 if (rsbac_rc_test_role_admin(FALSE)) 01527 return (NOT_GRANTED); 01528 else 01529 return (GRANTED); 01530 01531 #ifdef CONFIG_RSBAC_RC_AUTH_PROT 01532 case A_auth_may_setuid: 01533 case A_auth_may_set_cap: 01534 case A_auth_start_uid: 01535 case A_auth_start_euid: 01536 case A_auth_start_gid: 01537 case A_auth_start_egid: 01538 case A_auth_program_file: 01539 case A_auth_learn: 01540 case A_auth_add_f_cap: 01541 case A_auth_remove_f_cap: 01542 case A_auth_last_auth: 01543 /* may read auth capabilities, if compatible */ 01544 result = 01545 check_comp_rc_scd(RST_auth_administration, 01546 request, caller_pid); 01547 if ((result == GRANTED) 01548 || (result == DO_NOT_CARE) 01549 ) 01550 return result; 01551 /* Failed -> Classical admin_type check / modify */ 01552 if (rsbac_rc_test_role_admin(FALSE)) 01553 return (NOT_GRANTED); 01554 else 01555 return (GRANTED); 01556 #endif 01557 01558 default: 01559 return (DO_NOT_CARE); 01560 } 01561 01562 case R_READ_OPEN: 01563 switch (target) { 01564 case T_FILE: 01565 case T_FIFO: 01566 case T_UNIXSOCK: 01567 case T_DEV: 01568 case T_IPC: 01569 return (check_comp_rc 01570 (target, tid, request, caller_pid)); 01571 01572 /* all other cases are unknown */ 01573 default: 01574 return (DO_NOT_CARE); 01575 } 01576 01577 case R_ADD_TO_KERNEL: 01578 switch (target) { 01579 case T_NONE: 01580 /* may add to kernel, if compatible */ 01581 return (check_comp_rc_scd 01582 (ST_other, request, caller_pid)); 01583 01584 case T_FILE: 01585 case T_DEV: 01586 return (check_comp_rc 01587 (target, tid, request, caller_pid)); 01588 01589 /* all other cases are unknown */ 01590 default: 01591 return (DO_NOT_CARE); 01592 } 01593 01594 01595 case R_ALTER: 01596 /* only for IPC */ 01597 switch (target) { 01598 case T_IPC: 01599 return (check_comp_rc 01600 (target, tid, request, caller_pid)); 01601 01602 /* all other cases are unknown */ 01603 default: 01604 return (DO_NOT_CARE); 01605 } 01606 01607 case R_REMOVE_FROM_KERNEL: 01608 switch (target) { 01609 case T_NONE: 01610 return (check_comp_rc_scd 01611 (ST_other, request, caller_pid)); 01612 01613 case T_FILE: 01614 case T_DEV: 01615 return (check_comp_rc 01616 (target, tid, request, caller_pid)); 01617 01618 /* all other cases are unknown */ 01619 default: 01620 return (DO_NOT_CARE); 01621 } 01622 01623 case R_RENAME: 01624 switch (target) { 01625 case T_FILE: 01626 case T_DIR: 01627 case T_FIFO: 01628 case T_SYMLINK: 01629 case T_UNIXSOCK: 01630 #if defined(CONFIG_RSBAC_RC_UM_PROT) 01631 case T_USER: 01632 case T_GROUP: 01633 #endif 01634 return (check_comp_rc 01635 (target, tid, request, caller_pid)); 01636 01637 /* all other cases are unknown */ 01638 default: 01639 return (DO_NOT_CARE); 01640 } 01641 01642 case R_SEND_SIGNAL: 01643 case R_TRACE: 01644 if (target == T_PROCESS) 01645 return (check_comp_rc 01646 (target, tid, request, caller_pid)); 01647 else 01648 return (DO_NOT_CARE); 01649 01650 case R_SHUTDOWN: 01651 switch (target) { 01652 case T_NONE: 01653 return (check_comp_rc_scd 01654 (ST_other, request, caller_pid)); 01655 01656 /* all other cases are unknown */ 01657 default: 01658 return (DO_NOT_CARE); 01659 } 01660 01661 case R_SWITCH_LOG: 01662 switch (target) { 01663 case T_NONE: 01664 return (check_comp_rc_scd 01665 (ST_other, request, caller_pid)); 01666 01667 /* all other cases are unknown */ 01668 default: 01669 return (DO_NOT_CARE); 01670 } 01671 01672 case R_SWITCH_MODULE: 01673 switch (target) { 01674 case T_NONE: 01675 /* we need the switch_target */ 01676 if (attr != A_switch_target) 01677 return (UNDEFINED); 01678 /* do not care for other modules */ 01679 if ((attr_val.switch_target != SW_RC) 01680 #ifdef CONFIG_RSBAC_SOFTMODE 01681 && (attr_val.switch_target != SW_SOFTMODE) 01682 #endif 01683 #ifdef CONFIG_RSBAC_FREEZE 01684 && (attr_val.switch_target != SW_FREEZE) 01685 #endif 01686 #ifdef CONFIG_RSBAC_RC_AUTH_PROT 01687 && (attr_val.switch_target != SW_AUTH) 01688 #endif 01689 ) 01690 return (DO_NOT_CARE); 01691 return (check_comp_rc_scd 01692 (ST_other, request, caller_pid)); 01693 01694 /* all other cases are unknown */ 01695 default: 01696 return (DO_NOT_CARE); 01697 } 01698 01699 case R_TERMINATE: 01700 if (target == T_PROCESS) 01701 return (DO_NOT_CARE); 01702 else 01703 return (DO_NOT_CARE); 01704 01705 case R_TRUNCATE: 01706 switch (target) { 01707 case T_FILE: 01708 return (check_comp_rc 01709 (target, tid, request, caller_pid)); 01710 01711 /* all other cases are unknown */ 01712 default: 01713 return (DO_NOT_CARE); 01714 } 01715 01716 case R_WRITE_OPEN: 01717 switch (target) { 01718 case T_FILE: 01719 case T_DEV: 01720 case T_FIFO: 01721 case T_UNIXSOCK: 01722 case T_IPC: 01723 return (check_comp_rc 01724 (target, tid, request, caller_pid)); 01725 01726 /* all other cases are unknown */ 01727 default: 01728 return (DO_NOT_CARE); 01729 } 01730 01731 case R_UMOUNT: 01732 switch (target) { 01733 case T_FILE: 01734 case T_DIR: 01735 case T_DEV: 01736 return (check_comp_rc 01737 (target, tid, request, caller_pid)); 01738 01739 /* all other cases are unknown */ 01740 default: 01741 return (DO_NOT_CARE); 01742 } 01743 01744 01745 #if defined(CONFIG_RSBAC_NET) 01746 case R_BIND: 01747 switch (target) { 01748 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT) 01749 case T_NETDEV: 01750 return (check_comp_rc 01751 (target, tid, request, caller_pid)); 01752 #endif 01753 01754 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 01755 case T_NETOBJ: 01756 return (check_comp_rc 01757 (target, tid, request, caller_pid)); 01758 #endif 01759 01760 /* all other cases are undefined */ 01761 default: 01762 return (DO_NOT_CARE); 01763 } 01764 #endif 01765 01766 case R_IOCTL: 01767 switch (target) { 01768 case T_DEV: 01769 case T_UNIXSOCK: 01770 case T_IPC: 01771 return (check_comp_rc 01772 (target, tid, request, caller_pid)); 01773 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 01774 case T_NETOBJ: 01775 #endif 01776 return (check_comp_rc 01777 (target, tid, request, caller_pid)); 01778 01779 default: 01780 return (DO_NOT_CARE); 01781 } 01782 01783 case R_LOCK: 01784 switch (target) { 01785 case T_FILE: 01786 case T_DIR: 01787 case T_FIFO: 01788 case T_SYMLINK: 01789 case T_UNIXSOCK: 01790 return (check_comp_rc 01791 (target, tid, request, caller_pid)); 01792 01793 default: 01794 return (DO_NOT_CARE); 01795 } 01796 case RCR_SELECT: 01797 switch (target) { 01798 case T_FILE: 01799 case T_DIR: 01800 case T_FIFO: 01801 case T_SYMLINK: 01802 case T_UNIXSOCK: 01803 return (check_comp_rc 01804 (target, tid, request, caller_pid)); 01805 default: 01806 return (DO_NOT_CARE); 01807 } 01808 default: 01809 return DO_NOT_CARE; 01810 } 01811 01812 return result; 01813 }
int rsbac_adf_set_attr_rc | ( | enum rsbac_adf_request_t | request, | |
rsbac_pid_t | caller_pid, | |||
enum rsbac_target_t | target, | |||
union rsbac_target_id_t | tid, | |||
enum rsbac_target_t | new_target, | |||
union rsbac_target_id_t | new_tid, | |||
enum rsbac_attribute_t | attr, | |||
union rsbac_attribute_value_t | attr_val, | |||
rsbac_uid_t | owner | |||
) | [inline] |
Definition at line 1826 of file rc_main.c.
References A_rc_def_role, A_rc_force_role, A_rc_initial_role, A_rc_role, A_rc_select_type, A_rc_type, A_rc_type_fd, FALSE, NULL, rsbac_attribute_value_t::owner, rsbac_target_id_t::process, R_ACCEPT, R_CHANGE_OWNER, R_CLONE, R_CLOSE, R_CREATE, R_EXECUTE, R_READ, rsbac_attribute_value_t::rc_def_role, RC_default_root_dir_force_role, RC_default_root_dir_initial_role, rsbac_attribute_value_t::rc_force_role, rsbac_attribute_value_t::rc_initial_role, rsbac_attribute_value_t::rc_role, RC_role_inherit_parent, RC_role_inherit_process, RC_role_inherit_up_mixed, RC_role_inherit_user, RC_role_max_value, RC_role_min_special, RC_role_use_force_role, rsbac_attribute_value_t::rc_select_type, rsbac_attribute_value_t::rc_type, rsbac_attribute_value_t::rc_type_fd, RC_type_inherit_parent, RC_type_inherit_process, RC_type_no_chown, RC_type_no_create, RC_type_no_execute, RC_type_use_fd, RC_type_use_new_role_def_create, RI_def_fd_create_type, RI_def_fd_ind_create_type, RI_def_group_create_type, RI_def_ipc_create_type, RI_def_process_chown_type, RI_def_process_create_type, RI_def_process_execute_type, RI_def_unixsock_create_type, RI_def_user_create_type, rsbac_rc_target_id_t::role, RSBAC_EDECISIONMISMATCH, RSBAC_EINVALIDATTR, RSBAC_EINVALIDVALUE, RSBAC_EREADFAILED, RSBAC_EWRITEFAILED, rsbac_get_attr, rsbac_pr_debug, rsbac_pr_get_error, rsbac_pr_set_error, rsbac_printk(), RSBAC_RC_GENERAL_ROLE, RSBAC_RC_GENERAL_TYPE, rsbac_rc_get_item(), rsbac_rc_pr_get_error, rsbac_set_attr, RT_ROLE, SW_RC, T_DIR, T_FILE, T_GROUP, T_IPC, T_PROCESS, T_UNIXSOCK, T_USER, TRUE, rsbac_rc_target_id_t::type, rsbac_rc_item_value_t::type_id, and rsbac_target_id_t::user.
Referenced by rsbac_adf_set_attr().
01835 { 01836 int err; 01837 union rsbac_target_id_t i_tid; 01838 union rsbac_attribute_value_t i_attr_val1; 01839 union rsbac_attribute_value_t i_attr_val2; 01840 union rsbac_rc_target_id_t i_rc_tid; 01841 union rsbac_rc_target_id_t i_rc_subtid; 01842 union rsbac_rc_item_value_t i_rc_item_val1; 01843 01844 switch (request) { 01845 case R_CLOSE: 01846 case R_ACCEPT: 01847 case R_READ: 01848 return 0; 01849 case R_CHANGE_OWNER: 01850 switch (target) { 01851 case T_PROCESS: 01852 /* setting owner for process is done in main dispatcher */ 01853 /* Here we have to adjust the rc_type and set the rc_role */ 01854 /* to the new owner's rc_def_role */ 01855 if (attr != A_owner) 01856 return (-RSBAC_EINVALIDATTR); 01857 01858 /* get old rc_role from process */ 01859 i_tid.process = caller_pid; 01860 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 01861 i_tid, 01862 A_rc_role, 01863 &i_attr_val1, TRUE))) { 01864 rsbac_pr_get_error(A_rc_role); 01865 return -RSBAC_EREADFAILED; 01866 } 01867 /* get def_process_chown_type of old role */ 01868 i_rc_tid.role = i_attr_val1.rc_role; 01869 if ((err = rsbac_rc_get_item(0, 01870 RT_ROLE, 01871 i_rc_tid, 01872 i_rc_tid, 01873 RI_def_process_chown_type, 01874 &i_rc_item_val1, 01875 NULL))) { 01876 rsbac_rc_pr_get_error 01877 (RI_def_process_chown_type); 01878 return -RSBAC_EREADFAILED; 01879 } 01880 01881 /* get rc_force_role from process */ 01882 i_tid.process = caller_pid; 01883 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 01884 i_tid, 01885 A_rc_force_role, 01886 &i_attr_val1, TRUE))) { 01887 rsbac_pr_get_error(A_rc_force_role); 01888 return -RSBAC_EREADFAILED; 01889 } 01890 /* only set to user's rc_def_role, if indicated by force_role, otherwise keep */ 01891 if ((i_attr_val1.rc_force_role == 01892 RC_role_inherit_user) 01893 || (i_attr_val1.rc_force_role == 01894 RC_role_inherit_up_mixed) 01895 ) { 01896 /* get rc_def_role from new owner */ 01897 i_tid.user = attr_val.owner; 01898 if ((err = rsbac_get_attr(SW_RC, T_USER, 01899 i_tid, 01900 A_rc_def_role, 01901 &i_attr_val1, 01902 TRUE))) { 01903 rsbac_pr_get_error(A_rc_def_role); 01904 return -RSBAC_EREADFAILED; 01905 } 01906 /* check rc_def_role, warn, if unusable */ 01907 if (i_attr_val1.rc_def_role > 01908 RC_role_max_value) { 01909 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): rc_def_role %u of user %u is higher than MAX_ROLE %u, setting role of process %u to GENERAL_ROLE %u!\n", 01910 i_attr_val1. 01911 rc_def_role, 01912 attr_val.owner, 01913 RC_role_max_value, 01914 caller_pid, 01915 RSBAC_RC_GENERAL_ROLE); 01916 i_attr_val1.rc_def_role = 01917 RSBAC_RC_GENERAL_ROLE; 01918 } 01919 /* set new rc_role for process */ 01920 i_tid.process = caller_pid; 01921 if ((err = rsbac_set_attr(SW_RC, T_PROCESS, 01922 i_tid, 01923 A_rc_role, 01924 i_attr_val1))) { 01925 rsbac_pr_set_error(A_rc_role); 01926 return -RSBAC_EWRITEFAILED; 01927 } 01928 } else 01929 /* set it to the force_role, if real role) */ 01930 if ((i_attr_val1.rc_force_role <= RC_role_max_value) 01931 ) { 01932 /* set new rc_role for process */ 01933 i_tid.process = caller_pid; 01934 if ((err = rsbac_set_attr(SW_RC, T_PROCESS, 01935 i_tid, 01936 A_rc_role, 01937 i_attr_val1))) { 01938 rsbac_pr_set_error(A_rc_role); 01939 return -RSBAC_EWRITEFAILED; 01940 } 01941 } 01942 01943 /* adjust type: switch on def_process_chown_type of old role */ 01944 switch (i_rc_item_val1.type_id) { 01945 case RC_type_inherit_parent: 01946 case RC_type_inherit_process: 01947 /* keep old type */ 01948 break; 01949 case RC_type_use_new_role_def_create: 01950 /* get new rc_role from process */ 01951 i_tid.process = caller_pid; 01952 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 01953 i_tid, 01954 A_rc_role, 01955 &i_attr_val1, TRUE))) { 01956 rsbac_pr_get_error(A_rc_role); 01957 return -RSBAC_EREADFAILED; 01958 } 01959 /* Cannot adjust, if new role is no real role */ 01960 if (i_attr_val1.rc_role > 01961 RC_role_max_value) 01962 break; 01963 /* get def_process_create_type of new role */ 01964 i_rc_tid.role = i_attr_val1.rc_role; 01965 if ((err = rsbac_rc_get_item(0, 01966 RT_ROLE, 01967 i_rc_tid, 01968 i_rc_tid, 01969 RI_def_process_create_type, 01970 &i_rc_item_val1, 01971 NULL))) { 01972 rsbac_rc_pr_get_error 01973 (RI_def_process_create_type); 01974 return (-RSBAC_EREADFAILED); 01975 } 01976 switch (i_rc_item_val1.type_id) { 01977 case RC_type_inherit_parent: 01978 case RC_type_inherit_process: 01979 /* keep old type */ 01980 break; 01981 case RC_type_use_new_role_def_create: 01982 /* error - complain, but keep type (inherit) */ 01983 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_process_create_type of role %i!\n", 01984 i_attr_val1.rc_role); 01985 break; 01986 case RC_type_no_create: 01987 /* set rc_type for process to general */ 01988 i_rc_item_val1.type_id = 01989 RSBAC_RC_GENERAL_TYPE; 01990 /* fall through */ 01991 default: 01992 /* set rc_type for process */ 01993 i_attr_val1.rc_type = 01994 i_rc_item_val1.type_id; 01995 if ((err = 01996 rsbac_set_attr(SW_RC, T_PROCESS, 01997 i_tid, 01998 A_rc_type, 01999 i_attr_val1))) 02000 { 02001 rsbac_pr_set_error(A_rc_type); 02002 return -RSBAC_EWRITEFAILED; 02003 } 02004 } 02005 break; 02006 case RC_type_no_create: 02007 case RC_type_no_chown: 02008 /* set rc_type for process to general */ 02009 i_rc_item_val1.type_id = 02010 RSBAC_RC_GENERAL_TYPE; 02011 /* fall through */ 02012 default: 02013 /* set rc_type for process */ 02014 i_attr_val1.rc_type = 02015 i_rc_item_val1.type_id; 02016 if ((err = 02017 rsbac_set_attr(SW_RC, T_PROCESS, i_tid, 02018 A_rc_type, 02019 i_attr_val1))) { 02020 rsbac_pr_set_error(A_rc_type); 02021 return -RSBAC_EWRITEFAILED; 02022 } 02023 } 02024 02025 return 0; 02026 02027 /* all other cases */ 02028 default: 02029 return 0; 02030 } 02031 02032 case R_CLONE: 02033 if (target == T_PROCESS) { 02034 /* get rc_role from process */ 02035 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 02036 tid, 02037 A_rc_role, 02038 &i_attr_val1, FALSE))) { 02039 rsbac_pr_get_error(A_rc_role); 02040 return (-RSBAC_EREADFAILED); 02041 } 02042 02043 /* get rc_force_role from process */ 02044 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 02045 tid, 02046 A_rc_force_role, 02047 &i_attr_val2, FALSE))) { 02048 rsbac_pr_get_error(A_rc_force_role); 02049 return (-RSBAC_EREADFAILED); 02050 } 02051 02052 /* set rc_role for new process */ 02053 if ((err = rsbac_set_attr(SW_RC, T_PROCESS, 02054 new_tid, 02055 A_rc_role, 02056 i_attr_val1))) { 02057 rsbac_pr_set_error(A_rc_role); 02058 return -RSBAC_EWRITEFAILED; 02059 } 02060 02061 /* set rc_force_role for new process */ 02062 if ((err = rsbac_set_attr(SW_RC, T_PROCESS, 02063 new_tid, 02064 A_rc_force_role, 02065 i_attr_val2))) { 02066 rsbac_pr_set_error(A_rc_force_role); 02067 return -RSBAC_EWRITEFAILED; 02068 } 02069 02070 /* get def_process_create_type of role */ 02071 i_rc_tid.role = i_attr_val1.rc_role; 02072 if ((err = rsbac_rc_get_item(0, 02073 RT_ROLE, 02074 i_rc_tid, 02075 i_rc_tid, 02076 RI_def_process_create_type, 02077 &i_rc_item_val1, 02078 NULL))) { 02079 rsbac_rc_pr_get_error 02080 (RI_def_process_create_type); 02081 return (-RSBAC_EREADFAILED); 02082 } 02083 switch (i_rc_item_val1.type_id) { 02084 case RC_type_inherit_parent: 02085 case RC_type_inherit_process: 02086 /* copy old type */ 02087 /* get rc_type from old process */ 02088 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 02089 tid, 02090 A_rc_type, 02091 &i_attr_val1, 02092 FALSE))) { 02093 rsbac_pr_get_error(A_rc_type); 02094 return -RSBAC_EREADFAILED; 02095 } 02096 /* set rc_type for new process */ 02097 if ((err = rsbac_set_attr(SW_RC, T_PROCESS, 02098 new_tid, 02099 A_rc_type, 02100 i_attr_val1))) { 02101 rsbac_pr_set_error(A_rc_type); 02102 return -RSBAC_EWRITEFAILED; 02103 } 02104 break; 02105 case RC_type_no_create: 02106 return (-RSBAC_EDECISIONMISMATCH); 02107 case RC_type_use_new_role_def_create: 02108 /* error - complain, but keep type (inherit) */ 02109 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_process_create_type of role %i!\n", 02110 i_attr_val1.rc_role); 02111 return (-RSBAC_EINVALIDVALUE); 02112 default: 02113 /* set rc_type for new process */ 02114 i_attr_val1.rc_type = 02115 i_rc_item_val1.type_id; 02116 if ((err = 02117 rsbac_set_attr(SW_RC, T_PROCESS, new_tid, 02118 A_rc_type, 02119 i_attr_val1))) { 02120 rsbac_pr_set_error(A_rc_type); 02121 return -RSBAC_EWRITEFAILED; 02122 } 02123 } 02124 return 0; 02125 } else 02126 return 0; 02127 02128 case R_CREATE: 02129 switch (target) { 02130 /* Creating dir or (pseudo) file IN target dir! */ 02131 case T_DIR: 02132 /* Mode of created item is ignored! */ 02133 /* check for select_fd_type being set for calling 02134 * process and enforce it if set. */ 02135 i_tid.process = caller_pid; 02136 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 02137 i_tid, 02138 A_rc_select_type, 02139 &i_attr_val1, FALSE))) { 02140 rsbac_pr_get_error(A_rc_select_type); 02141 return -RSBAC_EREADFAILED; 02142 } 02143 if (i_attr_val1.rc_select_type != RC_type_use_fd) { 02144 i_attr_val2.rc_type_fd = i_attr_val1.rc_select_type; 02145 /* rc_select_type is one use only so we reset it 02146 * to default value first. 02147 * value to be set already backup'ed. */ 02148 i_attr_val1.rc_select_type = RC_type_use_fd; 02149 if ((err = rsbac_set_attr(SW_RC, T_PROCESS, 02150 i_tid, A_rc_select_type, 02151 i_attr_val1))) 02152 { 02153 rsbac_printk("rsbac_adf_set_attr_rc(): unable to reset rc_select_type to default value!\n"); 02154 } 02155 if ((err = rsbac_set_attr(SW_RC, new_target, 02156 new_tid, A_rc_type_fd, 02157 i_attr_val2))) 02158 { 02159 rsbac_pr_set_error(A_rc_type_fd); 02160 return -RSBAC_EWRITEFAILED; 02161 } 02162 return 0; 02163 02164 } 02165 /* get rc_role from process */ 02166 i_tid.process = caller_pid; 02167 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 02168 i_tid, 02169 A_rc_role, 02170 &i_attr_val1, FALSE))) { 02171 rsbac_pr_get_error(A_rc_role); 02172 return -RSBAC_EREADFAILED; 02173 } 02174 /* get def_fd_create_type of role */ 02175 /* First get target dir's efftype */ 02176 if ((err = rsbac_get_attr(SW_RC, 02177 target, 02178 tid, 02179 A_rc_type_fd, 02180 &i_attr_val2, TRUE))) { 02181 rsbac_pr_get_error(A_rc_type_fd); 02182 return (-RSBAC_EREADFAILED); 02183 } 02184 i_rc_tid.role = i_attr_val1.rc_role; 02185 switch(new_target) { 02186 case T_UNIXSOCK: 02187 if ((err = rsbac_rc_get_item(0, 02188 RT_ROLE, 02189 i_rc_tid, 02190 i_rc_subtid, 02191 RI_def_unixsock_create_type, 02192 &i_rc_item_val1, 02193 NULL))) { 02194 rsbac_rc_pr_get_error 02195 (RI_def_unixsock_create_type); 02196 return -RSBAC_EREADFAILED; 02197 } 02198 if(i_rc_item_val1.type_id != RC_type_use_fd) 02199 break; 02200 /* fall through */ 02201 default: 02202 i_rc_subtid.type = i_attr_val2.rc_type; 02203 if ((err = rsbac_rc_get_item(0, RT_ROLE, i_rc_tid, i_rc_subtid, RI_def_fd_ind_create_type, &i_rc_item_val1, NULL))) { /* No individual create type -> try global */ 02204 if ((err = rsbac_rc_get_item(0, 02205 RT_ROLE, 02206 i_rc_tid, 02207 i_rc_subtid, 02208 RI_def_fd_create_type, 02209 &i_rc_item_val1, 02210 NULL))) { 02211 rsbac_rc_pr_get_error 02212 (RI_def_fd_create_type); 02213 return -RSBAC_EREADFAILED; 02214 } 02215 } 02216 } 02217 switch (i_rc_item_val1.type_id) { 02218 case RC_type_no_create: 02219 return (-RSBAC_EDECISIONMISMATCH); 02220 break; 02221 02222 case RC_type_use_new_role_def_create: 02223 case RC_type_inherit_process: 02224 /* error - complain and return error */ 02225 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type inherit_process or use_new_role_def_create in def_fd_create_type or def_unixsock_create_type of role %i!\n", 02226 i_attr_val1.rc_role); 02227 return (-RSBAC_EINVALIDVALUE); 02228 02229 case RC_type_inherit_parent: 02230 default: 02231 /* get type from new target */ 02232 if ((err = rsbac_get_attr(SW_RC, new_target, 02233 new_tid, 02234 A_rc_type_fd, 02235 &i_attr_val1, 02236 FALSE))) { 02237 rsbac_pr_get_error(A_rc_type_fd); 02238 return (-RSBAC_EREADFAILED); 02239 } 02240 /* set it for new target, if different */ 02241 if (i_attr_val1.rc_type_fd != 02242 i_rc_item_val1.type_id) { 02243 i_attr_val1.rc_type_fd = 02244 i_rc_item_val1.type_id; 02245 if ((err = 02246 rsbac_set_attr(SW_RC, new_target, 02247 new_tid, 02248 A_rc_type_fd, 02249 i_attr_val1))) 02250 { 02251 rsbac_pr_set_error(A_rc_type_fd); 02252 return -RSBAC_EWRITEFAILED; 02253 } 02254 } 02255 } 02256 return 0; 02257 02258 case T_IPC: 02259 /* get rc_role from process */ 02260 i_tid.process = caller_pid; 02261 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 02262 i_tid, 02263 A_rc_role, 02264 &i_attr_val1, FALSE))) { 02265 rsbac_pr_get_error(A_rc_role); 02266 return -RSBAC_EREADFAILED; 02267 } 02268 /* get def_ipc_create_type of role */ 02269 i_rc_tid.role = i_attr_val1.rc_role; 02270 if ((err = rsbac_rc_get_item(0, 02271 RT_ROLE, 02272 i_rc_tid, 02273 i_rc_tid, 02274 RI_def_ipc_create_type, 02275 &i_rc_item_val1, 02276 NULL))) { 02277 rsbac_rc_pr_get_error 02278 (RI_def_ipc_create_type); 02279 return -RSBAC_EREADFAILED; 02280 } 02281 switch (i_rc_item_val1.type_id) { 02282 case RC_type_no_create: 02283 return (-RSBAC_EDECISIONMISMATCH); 02284 break; 02285 02286 case RC_type_use_new_role_def_create: 02287 /* error - complain and return error */ 02288 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_ipc_create_type of role %i!\n", 02289 i_attr_val1.rc_role); 02290 return (-RSBAC_EINVALIDVALUE); 02291 02292 case RC_type_inherit_parent: 02293 case RC_type_inherit_process: 02294 /* error - complain and return error */ 02295 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type inherit_parent in def_ipc_create_type of role %i!\n", 02296 i_attr_val1.rc_role); 02297 return -RSBAC_EINVALIDVALUE; 02298 02299 default: 02300 /* set rc_type for ipc target */ 02301 i_attr_val1.rc_type = 02302 i_rc_item_val1.type_id; 02303 /* get type from target */ 02304 if ((err = rsbac_get_attr(SW_RC, 02305 target, 02306 tid, 02307 A_rc_type, 02308 &i_attr_val2, 02309 FALSE))) { 02310 rsbac_pr_get_error(A_rc_type); 02311 return -RSBAC_EREADFAILED; 02312 } 02313 /* set it for new target, if different */ 02314 if (i_attr_val1.rc_type != 02315 i_attr_val2.rc_type) { 02316 if ((err = 02317 rsbac_set_attr(SW_RC, target, 02318 tid, A_rc_type, 02319 i_attr_val1))) 02320 { 02321 rsbac_pr_set_error 02322 (A_rc_type); 02323 return -RSBAC_EWRITEFAILED; 02324 } 02325 } 02326 } 02327 return 0; 02328 02329 case T_USER: 02330 /* get rc_role from process */ 02331 i_tid.process = caller_pid; 02332 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 02333 i_tid, 02334 A_rc_role, 02335 &i_attr_val1, FALSE))) { 02336 rsbac_pr_get_error(A_rc_role); 02337 return -RSBAC_EREADFAILED; 02338 } 02339 /* get def_user_create_type of role */ 02340 i_rc_tid.role = i_attr_val1.rc_role; 02341 if ((err = rsbac_rc_get_item(0, 02342 RT_ROLE, 02343 i_rc_tid, 02344 i_rc_tid, 02345 RI_def_user_create_type, 02346 &i_rc_item_val1, 02347 NULL))) { 02348 rsbac_rc_pr_get_error 02349 (RI_def_user_create_type); 02350 return -RSBAC_EREADFAILED; 02351 } 02352 switch (i_rc_item_val1.type_id) { 02353 case RC_type_no_create: 02354 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_user_create_type no_create, request CREATE -> NOT_GRANTED!\n", 02355 caller_pid, current->comm, 02356 current->uid, 02357 i_attr_val1.rc_role); 02358 return -RSBAC_EDECISIONMISMATCH; 02359 02360 case RC_type_use_new_role_def_create: 02361 /* error - complain and return error */ 02362 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_user_create_type of role %i!\n", 02363 i_attr_val1.rc_role); 02364 return -RSBAC_EINVALIDVALUE; 02365 02366 case RC_type_inherit_parent: 02367 case RC_type_inherit_process: 02368 /* error - complain and return error */ 02369 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type inherit_parent in def_user_create_type of role %i!\n", 02370 i_attr_val1.rc_role); 02371 return -RSBAC_EINVALIDVALUE; 02372 02373 default: 02374 /* set rc_type for user target */ 02375 i_attr_val1.rc_type = 02376 i_rc_item_val1.type_id; 02377 /* get type from target */ 02378 if ((err = rsbac_get_attr(SW_RC, 02379 target, 02380 tid, 02381 A_rc_type, 02382 &i_attr_val2, 02383 FALSE))) { 02384 rsbac_pr_get_error(A_rc_type); 02385 return -RSBAC_EREADFAILED; 02386 } 02387 /* set it for new target, if different */ 02388 if (i_attr_val1.rc_type != 02389 i_attr_val2.rc_type) { 02390 if ((err = 02391 rsbac_set_attr(SW_RC, target, 02392 tid, A_rc_type, 02393 i_attr_val1))) 02394 { 02395 rsbac_pr_set_error 02396 (A_rc_type); 02397 return -RSBAC_EWRITEFAILED; 02398 } 02399 } 02400 } 02401 return 0; 02402 02403 case T_GROUP: 02404 /* get rc_role from process */ 02405 i_tid.process = caller_pid; 02406 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 02407 i_tid, 02408 A_rc_role, 02409 &i_attr_val1, FALSE))) { 02410 rsbac_pr_get_error(A_rc_role); 02411 return -RSBAC_EREADFAILED; 02412 } 02413 /* get def_group_create_type of role */ 02414 i_rc_tid.role = i_attr_val1.rc_role; 02415 if ((err = rsbac_rc_get_item(0, 02416 RT_ROLE, 02417 i_rc_tid, 02418 i_rc_tid, 02419 RI_def_group_create_type, 02420 &i_rc_item_val1, 02421 NULL))) { 02422 rsbac_rc_pr_get_error 02423 (RI_def_group_create_type); 02424 return -RSBAC_EREADFAILED; 02425 } 02426 switch (i_rc_item_val1.type_id) { 02427 case RC_type_no_create: 02428 rsbac_pr_debug(adf_rc, "pid %u (%.15s), owner %u, rc_role %u, def_group_create_type no_create, request CREATE -> NOT_GRANTED!\n", 02429 caller_pid, current->comm, 02430 current->uid, 02431 i_attr_val1.rc_role); 02432 return -RSBAC_EDECISIONMISMATCH; 02433 02434 case RC_type_use_new_role_def_create: 02435 /* error - complain and return error */ 02436 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_group_create_type of role %i!\n", 02437 i_attr_val1.rc_role); 02438 return -RSBAC_EINVALIDVALUE; 02439 02440 case RC_type_inherit_parent: 02441 case RC_type_inherit_process: 02442 /* error - complain and return error */ 02443 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type inherit_parent in def_group_create_type of role %i!\n", 02444 i_attr_val1.rc_role); 02445 return -RSBAC_EINVALIDVALUE; 02446 02447 default: 02448 /* set rc_type for group target */ 02449 i_attr_val1.rc_type = 02450 i_rc_item_val1.type_id; 02451 /* get type from target */ 02452 if ((err = rsbac_get_attr(SW_RC, 02453 target, 02454 tid, 02455 A_rc_type, 02456 &i_attr_val2, 02457 FALSE))) { 02458 rsbac_pr_get_error(A_rc_type); 02459 return -RSBAC_EREADFAILED; 02460 } 02461 /* set it for new target, if different */ 02462 if (i_attr_val1.rc_type != 02463 i_attr_val2.rc_type) { 02464 if ((err = 02465 rsbac_set_attr(SW_RC, target, 02466 tid, A_rc_type, 02467 i_attr_val1))) 02468 { 02469 rsbac_pr_set_error 02470 (A_rc_type); 02471 return -RSBAC_EWRITEFAILED; 02472 } 02473 } 02474 } 02475 return 0; 02476 02477 /* all other cases are unknown */ 02478 default: 02479 return 0; 02480 } 02481 02482 case R_EXECUTE: 02483 switch (target) { 02484 case T_FILE: 02485 /* get rc_force_role from target file */ 02486 if ((err = rsbac_get_attr(SW_RC, T_FILE, 02487 tid, 02488 A_rc_force_role, 02489 &i_attr_val1, TRUE))) { 02490 rsbac_pr_get_error(A_rc_force_role); 02491 return -RSBAC_EREADFAILED; 02492 } 02493 /* check rc_force_role, warn, if unusable */ 02494 if ((i_attr_val1.rc_force_role > RC_role_max_value) 02495 && (i_attr_val1.rc_force_role < 02496 RC_role_min_special) 02497 ) { 02498 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): rc_force_role %u of file %u on device %02u:%02u is higher than MAX_ROLE %u, setting forced role of process %u to default value %u!\n", 02499 i_attr_val1.rc_force_role, 02500 tid.file.inode, 02501 MAJOR(tid.file.device), 02502 MINOR(tid.file.device), 02503 RC_role_max_value, caller_pid, 02504 RC_default_root_dir_force_role); 02505 i_attr_val1.rc_force_role = 02506 RC_default_root_dir_force_role; 02507 } 02508 /* set rc_force_role for this process to keep track of it later */ 02509 i_tid.process = caller_pid; 02510 if ((err = rsbac_set_attr(SW_RC, T_PROCESS, 02511 i_tid, 02512 A_rc_force_role, 02513 i_attr_val1))) { 02514 rsbac_pr_set_error(A_rc_force_role); 02515 return -RSBAC_EWRITEFAILED; 02516 } 02517 /* get rc_initial_role from target file */ 02518 if ((err = rsbac_get_attr(SW_RC, T_FILE, 02519 tid, 02520 A_rc_initial_role, 02521 &i_attr_val2, TRUE))) { 02522 rsbac_pr_get_error(A_rc_initial_role); 02523 return -RSBAC_EREADFAILED; 02524 } 02525 /* check rc_initial_role, warn, if unusable */ 02526 if ((i_attr_val2.rc_initial_role > 02527 RC_role_max_value) 02528 && (i_attr_val2.rc_initial_role != 02529 RC_role_use_force_role) 02530 ) { 02531 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): rc_initial_role %u of file %u on device %02u:%02u is higher than MAX_ROLE %u, setting initial role of process %u to default value %u!\n", 02532 i_attr_val2.rc_initial_role, 02533 tid.file.inode, 02534 MAJOR(tid.file.device), 02535 MINOR(tid.file.device), 02536 RC_role_max_value, caller_pid, 02537 RC_default_root_dir_initial_role); 02538 i_attr_val2.rc_initial_role = 02539 RC_default_root_dir_initial_role; 02540 } 02541 if (i_attr_val2.rc_initial_role == 02542 RC_role_use_force_role) { 02543 switch (i_attr_val1.rc_force_role) { 02544 case RC_role_inherit_user: 02545 /* get rc_def_role from process owner */ 02546 i_tid.user = owner; 02547 if ((err = 02548 rsbac_get_attr(SW_RC, T_USER, 02549 i_tid, 02550 A_rc_def_role, 02551 &i_attr_val1, 02552 TRUE))) { 02553 rsbac_pr_get_error 02554 (A_rc_def_role); 02555 return -RSBAC_EREADFAILED; 02556 } 02557 /* set it for this process */ 02558 i_tid.process = caller_pid; 02559 if ((err = 02560 rsbac_set_attr(SW_RC, T_PROCESS, 02561 i_tid, 02562 A_rc_role, 02563 i_attr_val1))) 02564 { 02565 rsbac_pr_set_error 02566 (A_rc_role); 02567 return -RSBAC_EWRITEFAILED; 02568 } 02569 break; 02570 02571 case RC_role_inherit_parent: 02572 case RC_role_inherit_process: 02573 case RC_role_inherit_up_mixed: 02574 /* keep current role */ 02575 break; 02576 02577 default: 02578 /* set forced role for this process */ 02579 i_tid.process = caller_pid; 02580 if ((err = 02581 rsbac_set_attr(SW_RC, T_PROCESS, 02582 i_tid, 02583 A_rc_role, 02584 i_attr_val1))) 02585 { 02586 rsbac_pr_set_error 02587 (A_rc_role); 02588 return -RSBAC_EWRITEFAILED; 02589 } 02590 } 02591 } else { /* use initial_role */ 02592 02593 /* set initial role for this process */ 02594 i_tid.process = caller_pid; 02595 if ((err = rsbac_set_attr(SW_RC, T_PROCESS, 02596 i_tid, 02597 A_rc_role, 02598 i_attr_val2))) { 02599 rsbac_pr_set_error 02600 (A_rc_role); 02601 return -RSBAC_EWRITEFAILED; 02602 } 02603 } 02604 /* Get role of process. */ 02605 i_tid.process = caller_pid; 02606 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 02607 i_tid, 02608 A_rc_role, 02609 &i_attr_val1, FALSE))) { 02610 rsbac_pr_get_error(A_rc_role); 02611 return -RSBAC_EREADFAILED; 02612 } 02613 /* get def_process_execute_type of role */ 02614 i_rc_tid.role = i_attr_val1.rc_role; 02615 if ((err = rsbac_rc_get_item(0, 02616 RT_ROLE, 02617 i_rc_tid, 02618 i_rc_tid, 02619 RI_def_process_execute_type, 02620 &i_rc_item_val1, 02621 NULL))) { 02622 rsbac_rc_pr_get_error 02623 (RI_def_process_execute_type); 02624 return (-RSBAC_EREADFAILED); 02625 } 02626 switch (i_rc_item_val1.type_id) { 02627 case RC_type_no_create: 02628 case RC_type_use_new_role_def_create: 02629 /* Cannot reset, because of unusable default -> warn and keep */ 02630 rsbac_printk(KERN_WARNING "rsbac_adf_set_attr_rc(): invalid type in def_process_execute_type of role %i!\n", 02631 i_attr_val1.rc_role); 02632 return (-RSBAC_EINVALIDVALUE); 02633 case RC_type_inherit_parent: 02634 case RC_type_inherit_process: 02635 break; 02636 case RC_type_no_execute: 02637 return (-RSBAC_EDECISIONMISMATCH); 02638 default: 02639 /* set rc_type for process */ 02640 i_attr_val1.rc_type = 02641 i_rc_item_val1.type_id; 02642 i_tid.process = caller_pid; 02643 if ((err = 02644 rsbac_set_attr(SW_RC, T_PROCESS, i_tid, 02645 A_rc_type, 02646 i_attr_val1))) { 02647 rsbac_pr_set_error(A_rc_type); 02648 return -RSBAC_EWRITEFAILED; 02649 } 02650 } 02651 /* type and role are set - ready. */ 02652 return 0; 02653 02654 /* all other cases are unknown */ 02655 default: 02656 return 0; 02657 } 02658 default: 02659 return 0; 02660 } 02661 02662 return 0; 02663 }
enum rsbac_adf_req_ret_t rsbac_rc_check_type_comp | ( | enum rsbac_target_t | target, | |
rsbac_rc_type_id_t | type, | |||
enum rsbac_adf_request_t | request, | |||
rsbac_pid_t | caller_pid | |||
) |
Definition at line 269 of file rc_main.c.
References A_rc_role, FALSE, get_rc_special_right_name(), GRANTED, NOT_GRANTED, rsbac_target_id_t::process, rsbac_attribute_value_t::rc_role, RC_type_max_value, RCR_ASSIGN, RI_type_comp_dev, RI_type_comp_fd, RI_type_comp_group, RI_type_comp_ipc, RI_type_comp_netdev, RI_type_comp_netobj, RI_type_comp_nettemp, RI_type_comp_process, RI_type_comp_user, rsbac_get_attr, RSBAC_MAXNAMELEN, rsbac_pr_debug, rsbac_pr_get_error, rsbac_printk(), rsbac_rc_check_comp(), SW_RC, T_DEV, T_DIR, T_FD, T_FIFO, T_FILE, T_GROUP, T_IPC, T_NETDEV, T_NETOBJ, T_NETTEMP, T_PROCESS, T_SYMLINK, T_UNIXSOCK, T_USER, and rsbac_rc_target_id_t::type.
Referenced by rsbac_adf_request_rc(), rsbac_rc_select_fd_create_type(), rsbac_rc_sys_copy_type(), rsbac_rc_sys_get_item(), and rsbac_rc_sys_set_item().
00273 { 00274 int err; 00275 union rsbac_target_id_t i_tid; 00276 union rsbac_attribute_value_t i_attr_val1; 00277 00278 union rsbac_rc_target_id_t i_rc_subtid; 00279 enum rsbac_rc_item_t i_rc_item; 00280 00281 if (!caller_pid) 00282 caller_pid = current->pid; 00283 /* 00284 * we don't care about tried assignments of special type values, 00285 * but deny other accesses to those 00286 */ 00287 if (type > RC_type_max_value) { 00288 if (request == RCR_ASSIGN) 00289 return GRANTED; 00290 else 00291 return NOT_GRANTED; 00292 } 00293 00294 /* get rc_role from process */ 00295 i_tid.process = caller_pid; 00296 if ((err = rsbac_get_attr(SW_RC, 00297 T_PROCESS, 00298 i_tid, 00299 A_rc_role, &i_attr_val1, FALSE))) { 00300 rsbac_pr_get_error(A_rc_role); 00301 return (NOT_GRANTED); 00302 } 00303 switch (target) { 00304 case T_FILE: 00305 case T_DIR: 00306 case T_FIFO: 00307 case T_SYMLINK: 00308 case T_UNIXSOCK: 00309 case T_FD: 00310 i_rc_item = RI_type_comp_fd; 00311 break; 00312 case T_DEV: 00313 i_rc_item = RI_type_comp_dev; 00314 break; 00315 case T_USER: 00316 i_rc_item = RI_type_comp_user; 00317 break; 00318 case T_PROCESS: 00319 i_rc_item = RI_type_comp_process; 00320 break; 00321 case T_IPC: 00322 i_rc_item = RI_type_comp_ipc; 00323 break; 00324 #if defined(CONFIG_RSBAC_RC_UM_PROT) 00325 case T_GROUP: 00326 i_rc_item = RI_type_comp_group; 00327 break; 00328 #endif 00329 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT) 00330 case T_NETDEV: 00331 i_rc_item = RI_type_comp_netdev; 00332 break; 00333 #endif 00334 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 00335 case T_NETTEMP: 00336 i_rc_item = RI_type_comp_nettemp; 00337 break; 00338 case T_NETOBJ: 00339 i_rc_item = RI_type_comp_netobj; 00340 break; 00341 #endif 00342 00343 default: 00344 rsbac_printk(KERN_WARNING "rsbac_rc_check_type_comp(): invalid target %i!\n", 00345 target); 00346 return (NOT_GRANTED); 00347 } 00348 /* check type_comp_xxx of role */ 00349 i_rc_subtid.type = type; 00350 if (rsbac_rc_check_comp(i_attr_val1.rc_role, 00351 i_rc_subtid, i_rc_item, request)) 00352 return (GRANTED); 00353 else { 00354 char tmp[RSBAC_MAXNAMELEN]; 00355 rsbac_pr_debug(adf_rc, "rc_role is %i, rc_type is %i, request is %s -> NOT_GRANTED!\n", 00356 i_attr_val1.rc_role, type, 00357 get_rc_special_right_name(tmp, request)); 00358 return (NOT_GRANTED); 00359 } 00360 }
int rsbac_rc_test_admin_roles | ( | rsbac_rc_role_id_t | t_role, | |
rsbac_boolean_t | modify | |||
) |
Definition at line 186 of file rc_main.c.
References A_rc_role, rsbac_target_id_t::process, R_NONE, rsbac_attribute_value_t::rc_role, RC_role_max_value, RI_admin_roles, RI_assign_roles, rsbac_rc_target_id_t::role, RSBAC_EINVALIDVALUE, RSBAC_EREADFAILED, rsbac_get_attr, rsbac_pr_get_error, rsbac_rc_check_comp(), SW_RC, T_PROCESS, and TRUE.
Referenced by rsbac_rc_sys_copy_role(), rsbac_rc_sys_get_item(), and rsbac_rc_sys_set_item().
00188 { 00189 int err; 00190 union rsbac_target_id_t i_tid; 00191 union rsbac_attribute_value_t i_attr_val1; 00192 union rsbac_rc_target_id_t i_rc_subtid; 00193 00194 if (t_role > RC_role_max_value) 00195 return -RSBAC_EINVALIDVALUE; 00196 /* get rc_role of process */ 00197 i_tid.process = current->pid; 00198 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 00199 i_tid, A_rc_role, &i_attr_val1, TRUE))) { 00200 rsbac_pr_get_error(A_rc_role); 00201 return -RSBAC_EREADFAILED; 00202 } 00203 00204 i_rc_subtid.role = t_role; 00205 /* read_only? -> assign_roles membership is enough */ 00206 if (!modify) { 00207 if (rsbac_rc_check_comp(i_attr_val1.rc_role, 00208 i_rc_subtid, 00209 RI_assign_roles, R_NONE)) 00210 return 0; 00211 /* fall through */ 00212 } 00213 /* check admin_roles of role */ 00214 if (rsbac_rc_check_comp(i_attr_val1.rc_role, 00215 i_rc_subtid, RI_admin_roles, R_NONE)) 00216 return 0; 00217 else 00218 return -EPERM; 00219 }
int rsbac_rc_test_assign_roles | ( | enum rsbac_target_t | target, | |
union rsbac_target_id_t | tid, | |||
enum rsbac_attribute_t | attr, | |||
rsbac_rc_role_id_t | t_role | |||
) |
Definition at line 222 of file rc_main.c.
References A_rc_role, rsbac_target_id_t::process, R_NONE, rsbac_attribute_value_t::rc_role, RC_role_inherit_user, RC_role_max_value, RI_assign_roles, rsbac_rc_target_id_t::role, RSBAC_EINVALIDVALUE, RSBAC_EREADFAILED, rsbac_get_attr, rsbac_pr_get_error, rsbac_rc_check_comp(), SW_RC, T_NONE, T_PROCESS, and TRUE.
Referenced by rsbac_adf_request_rc().
00226 { 00227 int err; 00228 union rsbac_target_id_t i_tid; 00229 union rsbac_attribute_value_t i_attr_val1; 00230 union rsbac_attribute_value_t i_attr_val2; 00231 union rsbac_rc_target_id_t i_rc_subtid; 00232 00233 if (((t_role > RC_role_max_value) 00234 && (t_role != RC_role_inherit_user) 00235 ) 00236 || (target >= T_NONE) 00237 ) 00238 return -RSBAC_EINVALIDVALUE; 00239 /* get rc_role of process */ 00240 i_tid.process = current->pid; 00241 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 00242 i_tid, A_rc_role, &i_attr_val1, TRUE))) { 00243 rsbac_pr_get_error(A_rc_role); 00244 return -RSBAC_EREADFAILED; 00245 } 00246 /* get old role of target */ 00247 if ((err = rsbac_get_attr(SW_RC, 00248 target, 00249 tid, attr, &i_attr_val2, TRUE))) { 00250 rsbac_pr_get_error(attr); 00251 return -RSBAC_EREADFAILED; 00252 } 00253 00254 i_rc_subtid.role = i_attr_val2.rc_role; 00255 if (!rsbac_rc_check_comp(i_attr_val1.rc_role, 00256 i_rc_subtid, RI_assign_roles, R_NONE)) 00257 return -EPERM; 00258 if (t_role != RC_role_inherit_user) { 00259 i_rc_subtid.role = t_role; 00260 if (!rsbac_rc_check_comp(i_attr_val1.rc_role, 00261 i_rc_subtid, 00262 RI_assign_roles, R_NONE)) 00263 return -EPERM; 00264 } 00265 return 0; 00266 }
int rsbac_rc_test_role_admin | ( | rsbac_boolean_t | modify | ) |
Definition at line 363 of file rc_main.c.
References A_rc_role, rsbac_rc_item_value_t::admin_type, NULL, rsbac_target_id_t::process, rsbac_attribute_value_t::rc_role, RC_role_admin, RC_system_admin, RI_admin_type, rsbac_rc_target_id_t::role, RSBAC_EREADFAILED, rsbac_get_attr, rsbac_pr_get_error, rsbac_rc_get_item(), rsbac_rc_pr_get_error, RT_ROLE, SW_RC, T_PROCESS, and TRUE.
Referenced by rsbac_adf_request_rc(), rsbac_rc_sys_copy_role(), rsbac_rc_sys_copy_type(), rsbac_rc_sys_get_item(), and rsbac_rc_sys_set_item().
00364 { 00365 int err; 00366 union rsbac_target_id_t i_tid; 00367 union rsbac_attribute_value_t i_attr_val1; 00368 union rsbac_rc_target_id_t i_rc_tid; 00369 union rsbac_rc_item_value_t i_rc_item_val1; 00370 00371 /* get rc_role of process */ 00372 i_tid.process = current->pid; 00373 if ((err = rsbac_get_attr(SW_RC, T_PROCESS, 00374 i_tid, A_rc_role, &i_attr_val1, TRUE))) { 00375 rsbac_pr_get_error(A_rc_role); 00376 return -RSBAC_EREADFAILED; 00377 } 00378 00379 /* get admin_type of role */ 00380 i_rc_tid.role = i_attr_val1.rc_role; 00381 if ((err = rsbac_rc_get_item(0, RT_ROLE, i_rc_tid, i_rc_tid, /* dummy */ 00382 RI_admin_type, 00383 &i_rc_item_val1, NULL))) { 00384 rsbac_rc_pr_get_error(RI_admin_type); 00385 return -RSBAC_EREADFAILED; 00386 } 00387 00388 /* allow, if RC_role_admin or (read_only and RC_system_admin) */ 00389 if ((i_rc_item_val1.admin_type == RC_role_admin) 00390 || (!modify && (i_rc_item_val1.admin_type == RC_system_admin) 00391 ) 00392 ) 00393 return 0; 00394 else 00395 return -EPERM; 00396 }