Main Page | Alphabetical List | Data Structures | Directories | File List | Data Fields | Globals | Search for 
daten / src / rsbac / linux-2.4.31-rsbac-v1.2.4 / rsbac / adf / fc

fc_main.c

Go to the documentation of this file.
00001 /*************************************************** */
00002 /* Rule Set Based Access Control                     */
00003 /* Implementation of the Access Control Decision     */
00004 /* Facility (ADF) - Functional Control               */
00005 /* File: rsbac/adf/fc/main.c                         */
00006 /*                                                   */
00007 /* Author and (c) 1999-2004: Amon Ott <ao@rsbac.org> */
00008 /*                                                   */
00009 /* Last modified: 23/Nov/2004                        */
00010 /*************************************************** */
00011 
00012 #include <linux/string.h>
00013 #include <rsbac/aci.h>
00014 #include <rsbac/adf_main.h>
00015 #include <rsbac/error.h>
00016 #include <rsbac/helpers.h>
00017 #include <rsbac/getname.h>
00018 #include <rsbac/network.h>
00019 #include <rsbac/debug.h>
00020 
00021 /************************************************* */
00022 /*           Global Variables                      */
00023 /************************************************* */
00024 
00025 /************************************************* */
00026 /*          Internal Help functions                */
00027 /************************************************* */
00028 
00029 static enum rsbac_adf_req_ret_t
00030          check_role_fc(   enum  rsbac_target_t          target,
00031                           union rsbac_target_id_t       tid,
00032                                 rsbac_uid_t             owner)
00033   {
00034     int                           err;
00035     union rsbac_target_id_t       i_tid;
00036     union rsbac_attribute_value_t i_attr_val1;
00037     union rsbac_attribute_value_t i_attr_val2;
00038 
00039     /* test object's object_category */
00040     if ((err=rsbac_get_attr(FC,
00041                             target,
00042                             tid,
00043                             A_object_category,
00044                             &i_attr_val1,
00045                             TRUE)))
00046       {
00047         rsbac_ds_get_error("check_role_fc()", A_object_category);
00048         return(NOT_GRANTED);
00049       }
00050     /* Access to category general is always granted */
00051     if (i_attr_val1.object_category == OC_general)
00052       return(GRANTED);
00053 
00054     /* test owner's fc_role */
00055     i_tid.user = owner;
00056     if ((err=rsbac_get_attr(FC,
00057                             T_USER,
00058                        i_tid,
00059                        A_fc_role,
00060                        &i_attr_val2,
00061                        TRUE)))
00062       {
00063         rsbac_ds_get_error("check_role_fc()", A_fc_role);
00064         return(NOT_GRANTED);
00065       }
00066 
00067     /* Access is granted, if object_category and fc_role fit */
00068 
00069     if (    (   (i_attr_val1.object_category == OC_system)
00070              && (i_attr_val2.system_role == SR_administrator)
00071             )
00072          || (   (i_attr_val1.object_category == OC_security)
00073              && (i_attr_val2.system_role == SR_security_officer)
00074             )
00075        )
00076       return(GRANTED);
00077     else
00078       {
00079 /*        printk(KERN_DEBUG "check_role_fc(): role is %i, obj_cat is %i -> NOT_GRANTED!\n",
00080                i_attr_val2.system_role, i_attr_val1.object_category); */
00081         return(NOT_GRANTED);
00082       }
00083   }
00084 
00085 #ifdef CONFIG_RSBAC_FC_NET_OBJ_PROT
00086 static enum rsbac_adf_req_ret_t
00087          check_role_fc_netobj(enum  rsbac_adf_request_t     request,
00088                               union rsbac_target_id_t       tid,
00089                                     rsbac_uid_t             owner)
00090   {
00091     int                           err;
00092     union rsbac_target_id_t       i_tid;
00093     enum  rsbac_attribute_t       i_attr;
00094     union rsbac_attribute_value_t i_attr_val1;
00095     union rsbac_attribute_value_t i_attr_val2;
00096 
00097     if(rsbac_net_remote_request(request))
00098       i_attr = A_remote_object_category;
00099     else
00100       i_attr = A_local_object_category;
00101     /* test object's object_category */
00102     if ((err=rsbac_get_attr(FC,
00103                             T_NETOBJ,
00104                             tid,
00105                             i_attr,
00106                             &i_attr_val1,
00107                             TRUE)))
00108       {
00109         rsbac_ds_get_error("check_role_fc_netobj()", i_attr);
00110         return(NOT_GRANTED);
00111       }
00112     /* Access to category general is always granted */
00113     if (i_attr_val1.object_category == OC_general)
00114       return(GRANTED);
00115 
00116     /* test owner's fc_role */
00117     i_tid.user = owner;
00118     if ((err=rsbac_get_attr(FC,
00119                             T_USER,
00120                        i_tid,
00121                        A_fc_role,
00122                        &i_attr_val2,
00123                        TRUE)))
00124       {
00125         rsbac_ds_get_error("check_role_fc_netobj()", A_fc_role);
00126         return(NOT_GRANTED);
00127       }
00128 
00129     /* Access is granted, if object_category and fc_role fit */
00130 
00131     if (    (   (i_attr_val1.object_category == OC_system)
00132              && (i_attr_val2.system_role == SR_administrator)
00133             )
00134          || (   (i_attr_val1.object_category == OC_security)
00135              && (i_attr_val2.system_role == SR_security_officer)
00136             )
00137        )
00138       return(GRANTED);
00139     else
00140       {
00141 /*        printk(KERN_DEBUG "check_role_fc_netobj(): role is %i, obj_cat is %i -> NOT_GRANTED!\n",
00142                i_attr_val2.system_role, i_attr_val1.object_category); */
00143         return(NOT_GRANTED);
00144       }
00145   }
00146 #endif
00147 
00148 static enum rsbac_adf_req_ret_t
00149   fc_check_sysrole(rsbac_uid_t owner, enum rsbac_system_role_t role)
00150   {
00151     union rsbac_target_id_t i_tid;
00152     union rsbac_attribute_value_t i_attr_val1;
00153 
00154     i_tid.user = owner;
00155     if (rsbac_get_attr(FC,
00156                        T_USER,
00157                        i_tid,
00158                        A_fc_role,
00159                        &i_attr_val1,
00160                        TRUE))
00161       {
00162         rsbac_ds_get_error("fc_check_sysrole()", A_fc_role);
00163         return(NOT_GRANTED);
00164       }
00165     /* if correct role, then grant */
00166     if (i_attr_val1.system_role == role)
00167       return(GRANTED);
00168     else
00169       return(NOT_GRANTED);
00170   }
00171 
00172 
00173 /************************************************* */
00174 /*          Externally visible functions           */
00175 /************************************************* */
00176 
00177 enum rsbac_adf_req_ret_t
00178    rsbac_adf_request_fc  (enum  rsbac_adf_request_t     request,
00179                                 rsbac_pid_t             caller_pid,
00180                           enum  rsbac_target_t          target,
00181                           union rsbac_target_id_t       tid,
00182                           enum  rsbac_attribute_t       attr,
00183                           union rsbac_attribute_value_t attr_val,
00184                                 rsbac_uid_t             owner)
00185   {
00186     int                           err;
00187     enum  rsbac_adf_req_ret_t result = DO_NOT_CARE;
00188     union rsbac_target_id_t       i_tid;
00189     union rsbac_attribute_value_t i_attr_val1;
00190 #ifdef CONFIG_RSBAC_FC_ROLE_PROT
00191     union rsbac_attribute_value_t i_attr_val2;
00192 #endif
00193 
00194     switch (request)
00195       {
00196         case R_ADD_TO_KERNEL:
00197             switch(target)
00198               {
00199                 case T_NONE:
00200                   /* test owner's fc_role */
00201                   return fc_check_sysrole(owner, SR_administrator);
00202 
00203                 /* all other cases are unknown */
00204                 default:
00205                   return(DO_NOT_CARE);
00206               }
00207 
00208         case R_ALTER:
00209             /* only for IPC */
00210             switch(target)
00211               {
00212                 case T_IPC:
00213                   return(check_role_fc(target,tid,owner));
00214 
00215                 /* all other cases are unknown */
00216                 default: return(DO_NOT_CARE);
00217              }
00218 
00219         case R_APPEND_OPEN:
00220         case R_READ_WRITE_OPEN:
00221             switch(target)
00222               {
00223                 case T_FILE:
00224                 case T_DEV:
00225                 case T_FIFO:
00226                 case T_IPC:
00227                   return(check_role_fc(target,tid,owner));
00228 
00229                 /* all other cases are unknown */
00230                 default: return(DO_NOT_CARE);
00231               }
00232 
00233         case R_CHANGE_GROUP:
00234             switch(target)
00235               {
00236                 case T_FILE:
00237                 case T_DIR:
00238                 case T_FIFO:
00239                 case T_SYMLINK:
00240                 case T_IPC:
00241                   return(check_role_fc(target,tid,owner));
00242 
00243                 case T_PROCESS:
00244                 case T_USER:
00245                   return(DO_NOT_CARE);
00246                 /* all other cases are unknown */
00247                 default: return(DO_NOT_CARE);
00248               }
00249 
00250         case R_CHANGE_OWNER:
00251             switch(target)
00252               {
00253                 case T_FILE:
00254                 case T_DIR:
00255                 case T_FIFO:
00256                 case T_SYMLINK:
00257                 case T_IPC:
00258                   return(check_role_fc(target,tid,owner));
00259                   
00260                 case T_PROCESS:
00261                   #ifdef CONFIG_RSBAC_FC_ROLE_PROT
00262                   if(attr != A_owner)
00263                     return(UNDEFINED);
00264                   /* Administrator or secoff? */
00265                   i_tid.user = owner;
00266                   if (rsbac_get_attr(FC,
00267                                      T_USER,
00268                                      i_tid,
00269                                      A_fc_role,
00270                                      &i_attr_val1,
00271                                      TRUE))
00272                     {
00273                       rsbac_ds_get_error("rsbac_adf_request_fc()", A_fc_role);
00274                       return(NOT_GRANTED);
00275                     }
00276                   /* if general user, then grant */
00277                   if (i_attr_val1.system_role == SR_user)
00278                     return(GRANTED);
00279                   /* get target user's role */
00280                   i_tid.user = attr_val.owner;
00281                   if (rsbac_get_attr(FC,
00282                                      T_USER,
00283                                      i_tid,
00284                                      A_fc_role,
00285                                      &i_attr_val2,
00286                                      TRUE))
00287                     {
00288                       rsbac_ds_get_error("rsbac_adf_request_fc()", A_fc_role);
00289                       return(NOT_GRANTED);
00290                     }
00291                   /* target is no general user and has different role -> deny */
00292                   if (   (i_attr_val2.system_role != SR_user)
00293                       && (i_attr_val1.system_role != i_attr_val2.system_role)
00294                      )
00295                     return(NOT_GRANTED);
00296                   else
00297                     return(GRANTED);
00298                   #endif
00299 
00300                   /* fall through... */
00301                 case T_NONE:
00302                   return(DO_NOT_CARE);
00303                 /* all other cases are unknown */
00304                 default:
00305                   return(DO_NOT_CARE);
00306               }
00307 
00308         case R_CHDIR:
00309             switch(target)
00310               {
00311                 case T_DIR: 
00312                   return(check_role_fc(target,tid,owner));
00313 
00314                 /* all other cases are unknown */
00315                 default: return(DO_NOT_CARE);
00316               }
00317 
00318         /* Creating dir or (pseudo) file IN target dir! */
00319         case R_CREATE:
00320             switch(target)
00321               {
00322                 case T_DIR: 
00323                   return(check_role_fc(target,tid,owner));
00324                 /* IPC is always granted */
00325                 case T_IPC:
00326                   return(GRANTED);
00327 
00328 #ifdef CONFIG_RSBAC_FC_NET_OBJ_PROT
00329                 case T_NETTEMP:
00330                   return fc_check_sysrole(owner, SR_security_officer);
00331 
00332                 case T_NETOBJ:
00333                   return(check_role_fc_netobj(request,tid,owner));
00334 #endif
00335 
00336                 /* all other cases are unknown */
00337                 default: return(DO_NOT_CARE);
00338               }
00339 
00340         case R_DELETE:
00341             switch(target)
00342               {
00343                 case T_FILE:
00344                 case T_DIR:
00345                 case T_FIFO:
00346                 case T_SYMLINK:
00347                 case T_IPC:
00348                   return(check_role_fc(target,tid,owner));
00349 
00350 #ifdef CONFIG_RSBAC_FC_NET_OBJ_PROT
00351                 case T_NETTEMP:
00352                   return fc_check_sysrole(owner, SR_security_officer);
00353 #endif
00354                 /* all other cases are unknown */
00355                 default: return(DO_NOT_CARE);
00356               }
00357 
00358         case R_EXECUTE:
00359             switch(target)
00360               {
00361                 case T_FILE:
00362                   return(check_role_fc(target,tid,owner));
00363 
00364                 /* all other cases are unknown */
00365                 default:
00366                   return(DO_NOT_CARE);
00367               }
00368 
00369         case R_GET_STATUS_DATA:
00370             switch(target)
00371               {
00372                 case T_SCD:
00373                   /* target rsbaclog? only for secoff */
00374                   if (tid.scd != ST_rsbaclog)
00375                     return(GRANTED);
00376                   /* Secoff or auditor? */
00377                   if(fc_check_sysrole(owner, SR_security_officer) == NOT_GRANTED)
00378                     return fc_check_sysrole(owner, SR_auditor);
00379                   else
00380                     return GRANTED;
00381                 default:
00382                   return(DO_NOT_CARE);
00383                };
00384 
00385         case R_LINK_HARD:
00386             switch(target)
00387               {
00388                 case T_FILE:
00389                 case T_FIFO:
00390                 case T_SYMLINK:
00391                   return(check_role_fc(target,tid,owner));
00392 
00393                 /* all other cases are unknown */
00394                 default: return(DO_NOT_CARE);
00395               }
00396 
00397         case R_MODIFY_ACCESS_DATA:
00398         case R_RENAME:
00399             switch(target)
00400               {
00401                 case T_FILE:
00402                 case T_DIR:
00403                 case T_FIFO:
00404                 case T_SYMLINK:
00405                   return(check_role_fc(target,tid,owner));
00406 
00407                 /* all other cases are unknown */
00408                 default: return(DO_NOT_CARE);
00409               }
00410 
00411         case R_MODIFY_ATTRIBUTE:
00412             switch(attr)
00413               {
00414                 case A_system_role:
00415                 case A_fc_role:
00416                 case A_object_category:
00417                 case A_local_object_category:
00418                 case A_remote_object_category:
00419                 #ifdef CONFIG_RSBAC_FC_GEN_PROT
00420                 case A_log_array_low:
00421                 case A_log_array_high:
00422                 case A_log_program_based:
00423                 case A_log_user_based:
00424                 case A_symlink_add_uid:
00425                 case A_symlink_add_rc_role:
00426                 case A_linux_dac_disable:
00427                 case A_fake_root_uid:
00428                 case A_audit_uid:
00429                 case A_auid_exempt:
00430                 #endif
00431                 #ifdef CONFIG_RSBAC_FC_AUTH_PROT
00432                 case A_auth_may_setuid:
00433                 case A_auth_may_set_cap:
00434                 case A_auth_start_uid:
00435                 case A_auth_program_file:
00436                 case A_auth_learn:
00437                 case A_auth_add_f_cap:
00438                 case A_auth_remove_f_cap:
00439                 #endif
00440                 /* All attributes (remove target!) */
00441                 case A_none:
00442                   /* Security Officer? */
00443                   return fc_check_sysrole(owner, SR_security_officer);
00444 
00445                 default:
00446                   return(DO_NOT_CARE);
00447               }
00448 
00449         case R_MODIFY_PERMISSIONS_DATA:
00450             switch(target)
00451               {
00452                 case T_FILE:
00453                 case T_DIR:
00454                 case T_FIFO:
00455                 case T_SYMLINK:
00456                 case T_IPC:
00457                   return(check_role_fc(target,tid,owner));
00458                   
00459                 case T_SCD:
00460                   #ifdef CONFIG_RSBAC_USER_MOD_IOPERM
00461                   if(tid.scd == ST_ioports)
00462                     return GRANTED;
00463                   #endif
00464                   /* Security Officer? */
00465                   i_tid.user = owner;
00466                   if ((err=rsbac_get_attr(FC,
00467                                      T_USER,
00468                                      i_tid,
00469                                      A_fc_role,
00470                                      &i_attr_val1,
00471                                      TRUE)))
00472                     {
00473                       rsbac_ds_get_error("rsbac_adf_request_fc()", A_fc_role);
00474                       return(NOT_GRANTED);
00475                     }
00476                   /* if sec_officer, then grant */
00477                   if (i_attr_val1.system_role == SR_security_officer)
00478                     return(GRANTED);
00479                   /* For booting: if administrator and ioports, then grant */
00480                   if (   (i_attr_val1.system_role == SR_administrator)
00481                       && (tid.scd == ST_ioports) )
00482                     return(GRANTED);
00483                   else
00484                     return(NOT_GRANTED);
00485                   
00486 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE
00487                 /* switching Linux DAC */
00488                 case T_NONE:
00489                   /* Security Officer? */
00490                   return fc_check_sysrole(owner, SR_security_officer);
00491 #endif
00492 
00493                 /* all other cases are unknown */
00494                 default: return(DO_NOT_CARE);
00495               }
00496 
00497         case R_MODIFY_SYSTEM_DATA:
00498             switch(target)
00499               {
00500                 case T_SCD:
00501                   /* target rlimit? no problem, but needed -> grant */
00502                   if (tid.scd == ST_rlimit)
00503                     return(GRANTED);
00504                   /* Administrator? */
00505                   i_tid.user = owner;
00506                   if ((err=rsbac_get_attr(FC,
00507                                      T_USER,
00508                                      i_tid,
00509                                      A_fc_role,
00510                                      &i_attr_val1,
00511                                      TRUE)))
00512                     {
00513                       rsbac_ds_get_error("rsbac_adf_request_fc()", A_fc_role);
00514                       return(NOT_GRANTED);
00515                     }
00516                   /* if rsbaclog: grant only for secoff and auditor */
00517                   if(tid.scd == ST_rsbaclog)
00518                     {
00519                       if (   (i_attr_val1.system_role == SR_security_officer)
00520                           || (i_attr_val1.system_role == SR_auditor)
00521                          )
00522                         return(GRANTED);
00523                       else
00524                         return(NOT_GRANTED);
00525                     }
00526                   /* if rsbac_log_remote: grant only for secoff */
00527                   if(tid.scd == ST_rsbac_remote_log)
00528                     {
00529                       if (   (i_attr_val1.system_role == SR_security_officer)
00530                          )
00531                         return(GRANTED);
00532                       else
00533                         return(NOT_GRANTED);
00534                     }
00535                   /* if rsbac: grant for secoff and admin */
00536                   if(tid.scd == ST_rsbac)
00537                     {
00538                       if (   (i_attr_val1.system_role == SR_security_officer)
00539                           || (i_attr_val1.system_role == SR_administrator)
00540                          )
00541                         return(GRANTED);
00542                       else
00543                         return(NOT_GRANTED);
00544                     }
00545                   /* if administrator, then grant all other types */
00546                   if (i_attr_val1.system_role == SR_administrator)
00547                     return(GRANTED);
00548                   else
00549                     return(NOT_GRANTED);
00550                   
00551 #ifdef CONFIG_RSBAC_FC_NET_DEV_PROT
00552                 case T_NETDEV:
00553                   return fc_check_sysrole(owner, SR_administrator);
00554 #endif
00555 
00556                 /* all other cases are unknown */
00557                 default: return(DO_NOT_CARE);
00558               }
00559 
00560         case R_MOUNT:
00561         case R_UMOUNT:
00562             switch(target)
00563               {
00564                 case T_FILE:
00565                 case T_DIR:
00566                 case T_DEV:
00567                   /* test owner's fc_role */
00568                   if(fc_check_sysrole(owner, SR_administrator) == NOT_GRANTED)
00569                     return NOT_GRANTED;
00570 
00571                   /* test access to dir */
00572                   return(check_role_fc(target,tid,owner));
00573 
00574                 /* all other cases are unknown */
00575                 default: return(DO_NOT_CARE);
00576               }
00577 
00578         case R_READ:
00579             switch(target)
00580               {
00581                 case T_DIR: 
00582 #ifdef CONFIG_RSBAC_RW
00583                 case T_FILE:
00584                 case T_FIFO:
00585                 case T_IPC:
00586 #endif
00587                   return(check_role_fc(target,tid,owner));
00588 
00589 #if defined(CONFIG_RSBAC_FC_NET_OBJ_PROT)
00590                 case T_NETTEMP:
00591                   if(fc_check_sysrole(owner, SR_security_officer) == GRANTED)
00592                     return GRANTED;
00593                   return fc_check_sysrole(owner, SR_administrator);
00594 
00595                 case T_NETOBJ:
00596                   return(check_role_fc_netobj(request,tid,owner));
00597 #endif
00598 
00599                 /* all other cases */
00600                 default: return(DO_NOT_CARE);
00601               }
00602 
00603         case R_READ_ATTRIBUTE:
00604             switch(attr)
00605               {
00606                 case A_system_role:
00607                 case A_fc_role:
00608                 case A_object_category:
00609                 case A_local_object_category:
00610                 case A_remote_object_category:
00611                 #ifdef CONFIG_RSBAC_FC_GEN_PROT
00612                 case A_log_array_low:
00613                 case A_log_array_high:
00614                 case A_log_program_based:
00615                 case A_log_user_based:
00616                 case A_symlink_add_uid:
00617                 case A_symlink_add_rc_role:
00618                 case A_linux_dac_disable:
00619                 case A_fake_root_uid:
00620                 case A_audit_uid:
00621                 case A_auid_exempt:
00622                 #endif
00623                 #ifdef CONFIG_RSBAC_FC_AUTH_PROT
00624                 case A_auth_may_setuid:
00625                 case A_auth_may_set_cap:
00626                 case A_auth_start_uid:
00627                 case A_auth_program_file:
00628                 case A_auth_learn:
00629                 #endif
00630                   /* Security Officer? */
00631                   return fc_check_sysrole(owner, SR_security_officer);
00632 
00633                 default:
00634                   return(DO_NOT_CARE);
00635               }
00636 
00637         case R_READ_OPEN:
00638             switch(target)
00639               {
00640                 case T_FILE:
00641                 case T_DIR:
00642                 case T_FIFO:
00643                 case T_DEV:
00644                 case T_IPC:
00645                   return(check_role_fc(target,tid,owner));
00646 
00647                 /* all other cases are unknown */
00648                 default: return(DO_NOT_CARE);
00649               }
00650 
00651         case R_REMOVE_FROM_KERNEL:
00652         case R_SHUTDOWN:
00653             switch(target)
00654               {
00655                 case T_NONE:
00656                   /* test owner's fc_role */
00657                   return fc_check_sysrole(owner, SR_administrator);
00658 
00659                 /* all other cases are unknown */
00660                 default: return(DO_NOT_CARE);
00661               }
00662 
00663         case R_SEARCH:
00664             switch(target)
00665               {
00666                 case T_DIR: 
00667                 case T_SYMLINK:
00668                   return(check_role_fc(target,tid,owner));
00669 
00670                 /* all other cases are unknown */
00671                 default: return(DO_NOT_CARE);
00672               }
00673 
00674         case R_SWITCH_LOG:
00675             switch(target)
00676               {
00677                 case T_NONE:
00678                   /* test owner's fc_role */
00679                   return fc_check_sysrole(owner, SR_security_officer);
00680 
00681                 /* all other cases are unknown */
00682                 default: return(DO_NOT_CARE);
00683               }
00684 
00685         case R_SWITCH_MODULE:
00686             switch(target)
00687               {
00688                 case T_NONE:
00689                   /* we need the switch_target */
00690                   if(attr != A_switch_target)
00691                     return(UNDEFINED);
00692                   /* do not care for other modules */
00693                   if(   (attr_val.switch_target != FC)
00694                      #ifdef CONFIG_RSBAC_FC_AUTH_PROT
00695                      && (attr_val.switch_target != AUTH)
00696                      #endif
00697                      #ifdef CONFIG_RSBAC_SOFTMODE
00698                      && (attr_val.switch_target != SOFTMODE)
00699                      #endif
00700                      #ifdef CONFIG_RSBAC_FREEZE
00701                      && (attr_val.switch_target != FREEZE)
00702                      #endif
00703                     )
00704                     return(DO_NOT_CARE);
00705                   /* test owner's fc_role */
00706                   return fc_check_sysrole(owner, SR_security_officer);
00707 
00708                 /* all other cases are unknown */
00709                 default: return(DO_NOT_CARE);
00710               }
00711 
00712         case R_TRUNCATE:
00713             switch(target)
00714               {
00715                 case T_FILE:
00716                   return(check_role_fc(target,tid,owner));
00717 
00718                 /* all other cases are unknown */
00719                 default: return(DO_NOT_CARE);
00720               }
00721 
00722         case R_WRITE:
00723             switch(target)
00724               {
00725                 case T_DIR: 
00726 #ifdef CONFIG_RSBAC_RW
00727                 case T_FILE:
00728                 case T_FIFO:
00729                 case T_DEV:
00730                 case T_IPC:
00731 #endif
00732                   return(check_role_fc(target,tid,owner));
00733 
00734 #if defined(CONFIG_RSBAC_FC_NET_OBJ_PROT)
00735                 case T_NETTEMP:
00736                   return fc_check_sysrole(owner, SR_security_officer);
00737 
00738                 case T_NETOBJ:
00739                   return(check_role_fc_netobj(request,tid,owner));
00740 #endif
00741 
00742                 /* all other cases are unknown */
00743                 default: return(DO_NOT_CARE);
00744               }
00745 
00746         case R_WRITE_OPEN:
00747             switch(target)
00748               {
00749                 case T_FILE:
00750                 case T_FIFO:
00751                 case T_DEV:
00752                 case T_IPC:
00753                   return(check_role_fc(target,tid,owner));
00754 
00755                 /* all other cases are unknown */
00756                 default: return(DO_NOT_CARE);
00757               }
00758 
00759 #ifdef CONFIG_RSBAC_FC_NET_OBJ_PROT
00760         case R_BIND:
00761         case R_LISTEN:
00762         case R_ACCEPT:
00763         case R_CONNECT:
00764         case R_SEND:
00765         case R_RECEIVE:
00766             switch(target)
00767               {
00768                 case T_NETOBJ:
00769                   return(check_role_fc_netobj(request,tid,owner));
00770 
00771                 /* all other cases are unknown */
00772                 default: return(DO_NOT_CARE);
00773               }
00774 #endif
00775 
00776 /*********************/
00777         default: return DO_NOT_CARE;
00778       }
00779 
00780     return(result);
00781   }; /* end of rsbac_adf_request_fc() */
00782 
00783 
00784 /*****************************************************************************/
00785 /* If the request returned granted and the operation is performed,           */
00786 /* the following function can be called by the AEF to get all aci set        */
00787 /* correctly. For write accesses that are performed fully within the kernel, */
00788 /* this is usually not done to prevent extra calls, including R_CLOSE for    */
00789 /* cleaning up. Because of this, the write boundary is not adjusted - there  */
00790 /* is no user-level writing anyway...                                        */
00791 /* The second instance of target specification is the new target, if one has */
00792 /* been created, otherwise its values are ignored.                           */
00793 /* On success, 0 is returned, and an error from rsbac/error.h otherwise.     */
00794 
00795 int  rsbac_adf_set_attr_fc(
00796                       enum  rsbac_adf_request_t     request,
00797                             rsbac_pid_t             caller_pid,
00798                       enum  rsbac_target_t          target,
00799                       union rsbac_target_id_t       tid,
00800                       enum  rsbac_target_t          new_target,
00801                       union rsbac_target_id_t       new_tid,
00802                       enum  rsbac_attribute_t       attr,
00803                       union rsbac_attribute_value_t attr_val,
00804                             rsbac_uid_t             owner)
00805   {
00806     int                           err;
00807     union rsbac_target_id_t       i_tid;
00808     union rsbac_attribute_value_t i_attr_val1;
00809     union rsbac_attribute_value_t i_attr_val2;
00810 
00811     switch (request)
00812       {
00813         case R_CREATE:
00814             switch(target)
00815               {
00816                 case T_IPC: 
00817                   /* Get fc_role of process owner... */
00818                   i_tid.user = owner;
00819                   if ((err=rsbac_get_attr(FC,
00820                                      T_USER,
00821                                      i_tid,
00822                                      A_fc_role,
00823                                      &i_attr_val1,
00824                                      TRUE)))
00825                     {
00826                       rsbac_ds_get_error("rsbac_adf_request_fc()", A_fc_role);
00827                       return(-RSBAC_EREADFAILED);
00828                     }
00829                   /* Derive object_category for this ipc item from owner's */
00830                   /* fc_role */
00831                   switch (i_attr_val1.system_role)
00832                     {
00833                       case SR_user:
00834                         return 0;
00835                       case SR_security_officer:
00836                         i_attr_val2.object_category = OC_security;
00837                         break;
00838                       case SR_administrator:
00839                         i_attr_val2.object_category = OC_system;
00840                         break;
00841                       default:
00842 #ifdef CONFIG_RSBAC_RMSG
00843                         rsbac_printk(KERN_WARNING
00844                                "rsbac_adf_set_attr_fc(): invalid fc_role %i!\n",
00845                                i_attr_val1.system_role);
00846 #endif
00847 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG
00848                         if (!rsbac_nosyslog)
00849 #endif
00850                         printk(KERN_WARNING
00851                                "rsbac_adf_set_attr_fc(): invalid fc_role %i!\n",
00852                                i_attr_val1.system_role);
00853                         return 0;
00854                     }
00855                   /* set object_category for new IPC item */
00856                   if ((err=rsbac_set_attr(FC,
00857                                           target,
00858                                           tid,
00859                                           A_object_category,
00860                                           i_attr_val2)))
00861                     {
00862                       rsbac_ds_set_error("rsbac_adf_request_fc()", A_object_category);
00863                       return(-RSBAC_EWRITEFAILED);
00864                     }
00865                   return(0);
00866 
00867 #if defined(CONFIG_RSBAC_FC_NET_OBJ_PROT)
00868                 case T_NETOBJ:
00869                   /* Get fc_role of process owner... */
00870                   i_tid.user = owner;
00871                   if ((err=rsbac_get_attr(FC,
00872                                      T_USER,
00873                                      i_tid,
00874                                      A_fc_role,
00875                                      &i_attr_val1,
00876                                      TRUE)))
00877                     {
00878                       rsbac_ds_get_error("rsbac_adf_request_fc()", A_fc_role);
00879                       return(-RSBAC_EREADFAILED);
00880                     }
00881                   /* Derive local object_category for this ipc item from owner's */
00882                   /* fc_role */
00883                   switch (i_attr_val1.system_role)
00884                     {
00885                       case SR_user:
00886                         return 0;
00887                       case SR_security_officer:
00888                         i_attr_val2.object_category = OC_security;
00889                         break;
00890                       case SR_administrator:
00891                         i_attr_val2.object_category = OC_system;
00892                         break;
00893                       default:
00894 #ifdef CONFIG_RSBAC_RMSG
00895                         rsbac_printk(KERN_WARNING
00896                                "rsbac_adf_set_attr_fc(): invalid fc_role %i!\n",
00897                                i_attr_val1.system_role);
00898 #endif
00899 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG
00900                         if (!rsbac_nosyslog)
00901 #endif
00902                         printk(KERN_WARNING
00903                                "rsbac_adf_set_attr_fc(): invalid fc_role %i!\n",
00904                                i_attr_val1.system_role);
00905                         return 0;
00906                     }
00907                   /* set local object_category for new IPC item */
00908                   if ((err=rsbac_set_attr(FC,
00909                                           target,
00910                                           tid,
00911                                           A_local_object_category,
00912                                           i_attr_val2)))
00913                     {
00914                       rsbac_ds_set_error("rsbac_adf_request_fc()", A_local_object_category);
00915                       return(-RSBAC_EWRITEFAILED);
00916                     }
00917                   return(0);
00918 #endif
00919 
00920                 /* all other cases are unknown */
00921                 default:
00922                   return(0);
00923               }
00924 
00925 
00926 /*********************/
00927         default: return(0);
00928       }
00929 
00930     return(0);
00931   }; /* end of rsbac_adf_set_attr_fc() */
00932 
00933 /* end of rsbac/adf/fc/main.c */
Generated on Fri Jun 17 09:45:19 2005 for RSBAC by  doxygen 1.4.2