daten / src / rsbac / linux-2.4.31-rsbac-v1.2.4 / include / rsbac

types.h File Reference

#include <linux/types.h>
#include <rsbac/pm_types.h>
#include <rsbac/rc_types.h>
#include <linux/capability.h>
#include <rsbac/network_types.h>
#include <rsbac/request_groups.h>
#include <rsbac/acl_types.h>
#include <rsbac/um_types.h>

Define Documentation

#define CAP_NONE 29

Definition at line 369 of file types.h.
Referenced by get_cap_name(), get_cap_nr(), strtou32cap(), and u32tostrcap().

#define DAZ_clean 2

Definition at line 307 of file types.h.
Referenced by rsbac_adf_request_daz(), and rsbac_adf_set_attr_daz().

#define DAZ_infected 1

Definition at line 306 of file types.h.
Referenced by rsbac_adf_request_daz().

#define DAZ_max 2

Definition at line 308 of file types.h.

#define DAZ_unscanned 0

Definition at line 305 of file types.h.

#define DEFAULT_DAZ_FD_SCANNED DAZ_unscanned

Definition at line 309 of file types.h.
Referenced by register_fd_lists().

#define FF_add_inherited 128

Definition at line 325 of file types.h.
Referenced by get_attr_fd().

#define FF_append_only 256

Definition at line 322 of file types.h.
Referenced by rsbac_adf_request_ff().

#define FF_execute_only 2

Definition at line 316 of file types.h.
Referenced by rsbac_adf_request_ff().

#define FF_no_delete_or_rename 64

Definition at line 321 of file types.h.
Referenced by get_attr_fd(), and rsbac_adf_request_ff().

#define FF_no_execute 32

Definition at line 320 of file types.h.
Referenced by rsbac_adf_request_ff().

#define FF_no_mount 512

Definition at line 323 of file types.h.
Referenced by rsbac_adf_request_ff().

#define FF_read_only 1

Definition at line 315 of file types.h.
Referenced by rsbac_adf_request_ff().

#define FF_search_only 4

Definition at line 317 of file types.h.
Referenced by rsbac_adf_request_ff().

#define FF_secure_delete 16

Definition at line 319 of file types.h.

#define FF_write_only 8

Definition at line 318 of file types.h.
Referenced by rsbac_adf_request_ff().

#define JAIL_allow_all_net_family 2

Definition at line 382 of file types.h.
Referenced by rsbac_adf_request_jail().

#define JAIL_allow_clock 64

Definition at line 387 of file types.h.
Referenced by rsbac_adf_request_jail().

#define JAIL_allow_external_ipc 1

Definition at line 381 of file types.h.
Referenced by rsbac_adf_request_jail().

#define JAIL_allow_inet_localhost 32

Definition at line 386 of file types.h.

#define JAIL_allow_inet_raw 8

Definition at line 384 of file types.h.
Referenced by rsbac_adf_request_jail().

#define JAIL_allow_rlimit 4

Definition at line 383 of file types.h.
Referenced by rsbac_adf_request_jail().

#define JAIL_auto_adjust_inet_any 16

Definition at line 385 of file types.h.
Referenced by rsbac_adf_set_attr_jail().

#define MAC_allow_auto 64

Definition at line 281 of file types.h.
Referenced by rsbac_adf_set_attr_mac().

#define MAC_auto 2

Definition at line 276 of file types.h.
Referenced by auto_read_attr(), auto_read_write_attr(), auto_write_attr(), get_attr_process(), rsbac_adf_set_attr_mac(), rsbac_mac_set_curr_level(), and set_attr_process().

#define MAC_override 1

Definition at line 275 of file types.h.
Referenced by auto_read_attr(), auto_read_write_attr(), auto_write_attr(), and rsbac_mac_set_curr_level().

#define MAC_program_auto 256

Definition at line 283 of file types.h.
Referenced by rsbac_adf_set_attr_mac().

#define MAC_prop_trusted 128

Definition at line 282 of file types.h.

#define MAC_read_up 16

Definition at line 279 of file types.h.
Referenced by auto_read_attr(), and auto_read_write_attr().

#define MAC_trusted 4

Definition at line 277 of file types.h.
Referenced by auto_read_attr(), auto_read_write_attr(), auto_write_attr(), rsbac_adf_set_attr_mac(), and rsbac_mac_set_curr_level().

#define MAC_write_down 32

Definition at line 280 of file types.h.
Referenced by auto_read_write_attr(), and auto_write_attr().

#define MAC_write_up 8

Definition at line 278 of file types.h.
Referenced by auto_read_write_attr(), and auto_write_attr().

#define NULL ((void *) 0)

Definition at line 88 of file types.h.

#define PF_PAX_EMUTRAMP 0x02000000

Definition at line 402 of file types.h.
Referenced by pax_print_flags(), pax_strtoflags(), and register_fd_lists().

#define PF_PAX_MPROTECT 0x04000000

Definition at line 403 of file types.h.
Referenced by pax_print_flags(), pax_strtoflags(), and register_fd_lists().

#define PF_PAX_PAGEEXEC 0x01000000

Definition at line 401 of file types.h.
Referenced by pax_print_flags(), pax_strtoflags(), and register_fd_lists().

#define PF_PAX_RANDEXEC 0x10000000

Definition at line 405 of file types.h.
Referenced by pax_print_flags(), pax_strtoflags(), and register_fd_lists().

#define PF_PAX_RANDMMAP 0x08000000

Definition at line 404 of file types.h.
Referenced by pax_print_flags(), pax_strtoflags(), and register_fd_lists().

#define PF_PAX_SEGMEXEC 0x20000000

Definition at line 406 of file types.h.
Referenced by pax_print_flags(), pax_strtoflags(), and register_fd_lists().

#define RSBAC_ADF_REQUEST_ARRAY_VERSION 2

Definition at line 450 of file types.h.

#define RSBAC_ALL_GROUPS ((rsbac_gid_t) -4)

Definition at line 99 of file types.h.

#define RSBAC_ALL_USERS ((rsbac_uid_t) -4)

Definition at line 97 of file types.h.
Referenced by get_attr_user(), rsbac_mac_p_truset_member(), set_attr_user(), sys_rsbac_um_get_group_list(), and sys_rsbac_um_get_user_list().

#define RSBAC_AUDITOR_UID (RSBAC_SECOFF_UID+4)

Definition at line 142 of file types.h.
Referenced by register_user_lists().

#define RSBAC_AUTH_DAC_OWNER_F_CAP ((rsbac_uid_t) -4)

Definition at line 339 of file types.h.
Referenced by rsbac_adf_set_attr_auth().

#define RSBAC_AUTH_LOGIN_PATH "/bin/login"

Definition at line 119 of file types.h.
Referenced by rsbac_do_init().

#define RSBAC_AUTH_LOGIN_PATH_DIR "bin"

Definition at line 120 of file types.h.
Referenced by rsbac_do_init().

#define RSBAC_AUTH_LOGIN_PATH_FILE "login"

Definition at line 121 of file types.h.
Referenced by rsbac_do_init().

#define RSBAC_AUTH_MAX_MAXNUM 1000000

Definition at line 336 of file types.h.
Referenced by sys_rsbac_auth_get_f_caplist(), and sys_rsbac_auth_get_p_caplist().

#define RSBAC_AUTH_MAX_RANGE_UID ((rsbac_uid_t) -10)

Definition at line 340 of file types.h.
Referenced by rsbac_auth_p_capset_member().

#define RSBAC_AUTH_OLD_OWNER_F_CAP (rsbac_old_uid_t) -3

Definition at line 337 of file types.h.

#define RSBAC_AUTH_OWNER_F_CAP ((rsbac_uid_t) -3)

Definition at line 338 of file types.h.
Referenced by rsbac_adf_set_attr_auth(), and rsbac_auth_p_capset_member().

#define RSBAC_BIN_UID 1

Definition at line 134 of file types.h.
Referenced by register_user_lists().

#define RSBAC_CAP_DEFAULT_MAX ((rsbac_cap_vector_t) -1)

Definition at line 366 of file types.h.
Referenced by rsbac_adf_set_attr_cap().

#define RSBAC_CAP_DEFAULT_MIN ((rsbac_cap_vector_t) 0)

Definition at line 365 of file types.h.

#define RSBAC_CAP_MAX CAP_NONE

Definition at line 370 of file types.h.

#define RSBAC_DATAPROT_UID (RSBAC_SECOFF_UID+1)

Definition at line 140 of file types.h.
Referenced by register_user_lists().

#define RSBAC_FC_OC_DEF OC_inherit

Definition at line 184 of file types.h.
Referenced by get_attr_fd(), and register_fd_lists().

#define RSBAC_FC_OC_ROOT_DEF OC_general

Definition at line 185 of file types.h.
Referenced by get_attr_dev(), get_attr_fd(), get_attr_ipc(), register_dev_lists(), and register_ipc_lists().

#define RSBAC_FF_DEF FF_add_inherited

Definition at line 327 of file types.h.
Referenced by get_attr_fd(), and register_fd_lists().

#define RSBAC_FF_ROOT_DEF 0

Definition at line 328 of file types.h.

#define RSBAC_IFNAMSIZ 16

Definition at line 112 of file types.h.
Referenced by get_target_name().

#define RSBAC_JAIL_DEF_ID 0

Definition at line 377 of file types.h.
Referenced by get_attr_ipc(), and register_ipc_lists().

#define RSBAC_JAIL_LOCALHOST ((1 << 24) | 127)

Definition at line 389 of file types.h.

#define RSBAC_JAIL_VERSION 1

Definition at line 374 of file types.h.
Referenced by rsbac_jail_sys_jail().

#define RSBAC_LIST_TA_MAX_PASSLEN 36

Definition at line 265 of file types.h.

#define RSBAC_LIST_TTL_KEEP ((rsbac_time_t) -1)

Definition at line 129 of file types.h.
Referenced by rsbac_acl_sys_add_to_acl_entry(), rsbac_acl_sys_set_acl_entry(), rsbac_list_add(), rsbac_list_lol_add(), rsbac_list_lol_subadd(), rsbac_ta_list_add_ttl(), rsbac_ta_list_lol_add_ttl(), and rsbac_ta_list_lol_subadd_ttl().

#define RSBAC_MAC_CAT_VECTOR ( x ) ((rsbac_mac_category_vector_t) 1 << (x))

Definition at line 172 of file types.h.

#define RSBAC_MAC_DEF_CAT_VECTOR ((rsbac_mac_category_vector_t) 1)

Definition at line 161 of file types.h.

#define RSBAC_MAC_DEF_INIT_P_FLAGS MAC_auto

Definition at line 294 of file types.h.
Referenced by rsbac_init().

#define RSBAC_MAC_DEF_P_FLAGS 0

Definition at line 293 of file types.h.

#define RSBAC_MAC_DEF_SECOFF_U_FLAGS MAC_override

Definition at line 291 of file types.h.

#define RSBAC_MAC_DEF_SYSADM_U_FLAGS MAC_allow_auto

Definition at line 290 of file types.h.

#define RSBAC_MAC_DEF_U_FLAGS 0

Definition at line 289 of file types.h.

#define RSBAC_MAC_F_FLAGS (MAC_auto | MAC_trusted | MAC_write_up | MAC_read_up | MAC_write_down)

Definition at line 287 of file types.h.
Referenced by set_attr_fd().

#define RSBAC_MAC_GENERAL_CATEGORY 0

Definition at line 160 of file types.h.

#define RSBAC_MAC_INHERIT_CAT_VECTOR ((rsbac_mac_category_vector_t) 0)

Definition at line 167 of file types.h.
Referenced by get_attr_fd().

#define RSBAC_MAC_MAX_CAT 63

Definition at line 170 of file types.h.
Referenced by strtou64mac(), and u64tostrmac().

#define RSBAC_MAC_MAX_CAT_VECTOR ((rsbac_mac_category_vector_t) -1)

Definition at line 163 of file types.h.
Referenced by rsbac_adf_set_attr_mac().

#define RSBAC_MAC_MAX_MAXNUM 1000000

Definition at line 273 of file types.h.
Referenced by sys_rsbac_mac_get_f_trulist(), and sys_rsbac_mac_get_p_trulist().

#define RSBAC_MAC_MIN_CAT_VECTOR ((rsbac_mac_category_vector_t) 0)

Definition at line 165 of file types.h.
Referenced by rsbac_adf_set_attr_mac(), and rsbac_mac_set_curr_level().

#define RSBAC_MAC_NR_CATS 64

Definition at line 169 of file types.h.
Referenced by strtou64mac(), and u64tostrmac().

#define rsbac_max ( a,
b ) (((a)>(b))?(a):(b))

Definition at line 92 of file types.h.
Referenced by rsbac_um_hash().

#define RSBAC_MAX_MOD (SOFTMODE - 1)

Definition at line 520 of file types.h.

#define RSBAC_MAXNAMELEN 256

Definition at line 263 of file types.h.
Referenced by aci_detach_fd_lists(), acl_detach_fd_lists(), acl_register_fd_lists(), auth_detach_fd_lists(), auth_register_fd_lists(), auto_read_attr(), auto_read_write_attr(), auto_write_attr(), check_comp_rc(), check_comp_rc_scd(), get_attribute_value_name(), get_target_name(), mac_detach_fd_lists(), mac_register_fd_lists(), read_info(), register_fd_lists(), register_process_lists(), registration_error(), rsbac_acl_check_forward(), rsbac_acl_check_right(), rsbac_acl_check_super(), rsbac_acl_remove_acl_entry(), rsbac_acl_sys_add_to_acl_entry(), rsbac_acl_sys_get_mask(), rsbac_acl_sys_get_rights(), rsbac_acl_sys_get_tlist(), rsbac_acl_sys_group(), rsbac_acl_sys_remove_acl(), rsbac_acl_sys_remove_acl_entry(), rsbac_acl_sys_remove_from_acl_entry(), rsbac_acl_sys_remove_user(), rsbac_acl_sys_set_acl_entry(), rsbac_acl_sys_set_mask(), rsbac_adf_request_int(), rsbac_adf_request_rc(), rsbac_adf_set_attr(), rsbac_check(), rsbac_do_init(), rsbac_get_full_path(), rsbac_init_auth(), rsbac_init_debug(), rsbac_init_mac(), rsbac_init_rc(), rsbac_init_um(), rsbac_jail_sys_jail(), rsbac_list_init(), rsbac_list_lol_register(), rsbac_list_register(), rsbac_mac_set_curr_level(), rsbac_mount(), rsbac_mount_acl(), rsbac_mount_auth(), rsbac_mount_mac(), rsbac_rc_check_type_comp(), rsbac_rc_get_item(), rsbac_rc_sys_copy_type(), rsbac_read_open(), rsbac_write_open(), sys_rsbac_adf_log_switch(), sys_rsbac_get_adf_log(), sys_rsbac_switch(), sys_rsbac_um_add_group(), sys_rsbac_um_add_user(), sys_rsbac_um_auth_name(), sys_rsbac_um_auth_uid(), sys_rsbac_um_mod_group(), sys_rsbac_um_mod_user(), sys_rsbac_um_set_group_pass(), sys_rsbac_um_set_pass(), and write_info().

#define rsbac_min ( a,
b ) (((a)<(b))?(a):(b))

Definition at line 91 of file types.h.
Referenced by get_target_name(), rsbac_acl_sys_group(), rsbac_adf_request_int(), rsbac_adf_set_attr_res(), rsbac_list_write_buffers(), rsbac_list_write_lol_buffers(), rsbac_um_get_gm_user_list(), rsbac_um_get_group_list(), and rsbac_um_get_user_list().

#define RSBAC_NO_GROUP ((rsbac_gid_t) -3)

Definition at line 98 of file types.h.
Referenced by rsbac_acl_add_to_acl_entry(), rsbac_acl_get_mask(), rsbac_acl_get_rights(), rsbac_acl_get_single_right(), rsbac_acl_get_tlist(), rsbac_acl_remove_acl(), rsbac_acl_remove_acl_entry(), rsbac_acl_remove_from_acl_entry(), rsbac_acl_set_acl_entry(), and rsbac_acl_set_mask().

#define RSBAC_NO_USER ((rsbac_uid_t) -3)

Definition at line 96 of file types.h.
Referenced by gen_fd_conv(), gen_fd_old_conv(), gen_fd_old_old_conv(), gen_fd_old_old_old_conv(), gen_fd_old_old_old_old_conv(), rsbac_acl_add_to_acl_entry(), rsbac_acl_get_mask(), rsbac_acl_get_rights(), rsbac_acl_get_single_right(), rsbac_acl_get_tlist(), rsbac_acl_remove_acl(), rsbac_acl_remove_acl_entry(), rsbac_acl_remove_from_acl_entry(), rsbac_acl_set_acl_entry(), rsbac_acl_set_mask(), rsbac_acl_sys_get_rights(), rsbac_acl_sys_group(), rsbac_adf_request_auth(), rsbac_adf_request_int(), rsbac_adf_set_attr(), rsbac_adf_set_attr_auth(), rsbac_set_audit_uid(), rsbac_um_add_group(), rsbac_um_add_user(), and rsbac_um_get_next_user().

#define RSBAC_OLD_ALL_USERS 65532

Definition at line 95 of file types.h.

#define RSBAC_OLD_NO_USER 65533

Definition at line 94 of file types.h.

#define RSBAC_PAX_ALL_FLAGS ((rsbac_pax_flags_t) 255 << 24)

Definition at line 410 of file types.h.
Referenced by get_attr_process(), pax_strtoflags(), and set_attr_fd().

#define RSBAC_PAX_DEF_FLAGS (PF_PAX_SEGMEXEC | PF_PAX_PAGEEXEC | PF_PAX_MPROTECT | PF_PAX_RANDMMAP)

Definition at line 409 of file types.h.
Referenced by get_attr_fd(), and register_fd_lists().

#define RSBAC_REQUEST_VECTOR ( x ) ((rsbac_request_vector_t) 1 << (x))

Definition at line 260 of file types.h.
Referenced by rsbac_acl_check_right(), and rsbac_init_rc().

#define RSBAC_RES_MAX 10

Definition at line 420 of file types.h.
Referenced by get_res_name(), get_res_nr(), and rsbac_adf_set_attr_res().

#define RSBAC_RES_NONE 11

Definition at line 421 of file types.h.
Referenced by get_res_nr().

#define RSBAC_RES_UNSET 0

Definition at line 418 of file types.h.

#define RSBAC_SEC_DEL_CHUNK_SIZE 65536

Definition at line 115 of file types.h.

#define RSBAC_SECOFF_UID 400

Definition at line 138 of file types.h.
Referenced by register_user_lists().

#define RSBAC_SIM_DT_DEF DT_inherit

Definition at line 191 of file types.h.
Referenced by get_attr_fd(), and register_fd_lists().

#define RSBAC_SIM_DT_ROOT_DEF DT_none

Definition at line 192 of file types.h.
Referenced by get_attr_dev(), get_attr_fd(), get_attr_ipc(), register_dev_lists(), and register_ipc_lists().

#define RSBAC_SYSADM_UID 0

Definition at line 133 of file types.h.
Referenced by register_user_lists(), and rsbac_init().

#define RSBAC_TPMAN_UID (RSBAC_SECOFF_UID+2)

Definition at line 141 of file types.h.
Referenced by register_user_lists().

#define RSBAC_VERSION "v1.2.4"

Definition at line 17 of file types.h.
Referenced by rsbac_do_init().

#define RSBAC_VERSION_MAJOR 1

Definition at line 18 of file types.h.

#define RSBAC_VERSION_MAKE_NR ( x,
y,
z ) ((x << 16) & (y << 8) & z)

Definition at line 23 of file types.h.

#define RSBAC_VERSION_MID 2

Definition at line 19 of file types.h.

#define RSBAC_VERSION_MINOR 4

Definition at line 20 of file types.h.

#define RSBAC_VERSION_NR ((RSBAC_VERSION_MAJOR << 16) | (RSBAC_VERSION_MID << 8) | RSBAC_VERSION_MINOR)

Definition at line 21 of file types.h.
Referenced by sys_rsbac().

#define SL_inherit 254

Definition at line 153 of file types.h.
Referenced by get_attr_fd().

#define SL_max 252

Definition at line 150 of file types.h.
Referenced by rsbac_adf_set_attr_mac(), and rsbac_mac_set_curr_level().

#define SL_min 0

Definition at line 151 of file types.h.
Referenced by rsbac_adf_set_attr_mac().

#define SL_none 255

Definition at line 154 of file types.h.
Referenced by rsbac_mac_set_curr_level().

Typedef Documentation

typedef rsbac_enum_t rsbac_adf_request_int_t

Definition at line 504 of file types.h.

typedef rsbac_enum_t rsbac_auth_cap_type_int_t

Definition at line 350 of file types.h.

typedef struct rsbac_fs_file_t rsbac_auth_file_t

Definition at line 341 of file types.h.

typedef rsbac_enum_t rsbac_auth_may_setuid_int_t

Definition at line 355 of file types.h.

typedef __u8 rsbac_boolean_int_t

Definition at line 110 of file types.h.

typedef u_int rsbac_boolean_t

Definition at line 108 of file types.h.

typedef rsbac_enum_t rsbac_cap_process_hiding_int_t

Definition at line 363 of file types.h.

typedef __u32 rsbac_cap_vector_t

Definition at line 34 of file types.h.

typedef u_int rsbac_cwi_relation_id_t

Definition at line 174 of file types.h.

typedef __u8 rsbac_daz_scanned_t

Definition at line 304 of file types.h.

typedef __u8 rsbac_daz_scanner_t

Definition at line 310 of file types.h.

typedef __u8 rsbac_enum_t

Definition at line 131 of file types.h.

typedef rsbac_enum_t rsbac_fake_root_uid_int_t

Definition at line 199 of file types.h.

typedef rsbac_enum_t rsbac_fc_oc_t

Definition at line 187 of file types.h.

typedef __u16 rsbac_ff_flags_t

Definition at line 314 of file types.h.

typedef __u32 rsbac_gid_t

Definition at line 30 of file types.h.

typedef __u32 rsbac_inode_nr_t

Definition at line 217 of file types.h.

typedef __u32 rsbac_jail_flags_t

Definition at line 380 of file types.h.

typedef __u32 rsbac_jail_id_t

Definition at line 376 of file types.h.

typedef __u32 rsbac_jail_ip_t

Definition at line 378 of file types.h.

typedef rsbac_enum_t rsbac_linux_dac_disable_int_t

Definition at line 220 of file types.h.

typedef __u32 rsbac_list_ta_number_t

Definition at line 36 of file types.h.

typedef __u64 rsbac_log_array_t

Definition at line 256 of file types.h.

typedef rsbac_enum_t rsbac_mac_auto_int_t

Definition at line 296 of file types.h.

typedef __u64 rsbac_mac_category_vector_t

Definition at line 159 of file types.h.

typedef __u8 rsbac_mac_file_flags_t

Definition at line 271 of file types.h.

typedef struct rsbac_fs_file_t rsbac_mac_file_t

Definition at line 272 of file types.h.

typedef __u16 rsbac_mac_process_flags_t

Definition at line 270 of file types.h.

typedef __u8 rsbac_mac_user_flags_t

Definition at line 269 of file types.h.

typedef void* rsbac_net_obj_id_t

Definition at line 438 of file types.h.

typedef u_char rsbac_netdev_id_t[RSBAC_IFNAMSIZ+1]

Definition at line 113 of file types.h.

typedef __u16 rsbac_old_gid_t

Definition at line 32 of file types.h.

typedef __u16 rsbac_old_uid_t

Definition at line 31 of file types.h.

typedef unsigned long rsbac_pax_flags_t

Definition at line 393 of file types.h.

typedef __u32 rsbac_pid_t

Definition at line 145 of file types.h.

typedef __u32 rsbac_pseudo_t

Definition at line 144 of file types.h.

typedef __s32 rsbac_reg_handle_t

Definition at line 426 of file types.h.

typedef __u64 rsbac_request_vector_t

Definition at line 259 of file types.h.

typedef rsbac_res_limit_t rsbac_res_array_t[RSBAC_RES_MAX+1]

Definition at line 423 of file types.h.

typedef __u32 rsbac_res_limit_t

Definition at line 417 of file types.h.

typedef __u8 rsbac_security_level_t

Definition at line 149 of file types.h.

typedef rsbac_enum_t rsbac_sim_dt_t

Definition at line 194 of file types.h.

typedef rsbac_enum_t rsbac_switch_target_int_t

Definition at line 521 of file types.h.

typedef rsbac_enum_t rsbac_system_role_int_t

Definition at line 179 of file types.h.

typedef __u32 rsbac_ta_number_t

Definition at line 147 of file types.h.

typedef __u32 rsbac_time_t

Definition at line 33 of file types.h.

typedef __u32 rsbac_uid_t

Definition at line 29 of file types.h.

typedef __u32 rsbac_version_t

Definition at line 28 of file types.h.

Enumeration Type Documentation

enum rsbac_adf_req_ret_t

Enumeration values:

NOT_GRANTED

GRANTED

DO_NOT_CARE

UNDEFINED

Definition at line 511 of file types.h.

enum rsbac_adf_request_t

Enumeration values:

R_ADD_TO_KERNEL

R_ALTER

R_APPEND_OPEN

R_CHANGE_GROUP

R_CHANGE_OWNER

R_CHDIR

R_CLONE

R_CLOSE

R_CREATE

R_DELETE

R_EXECUTE

R_GET_PERMISSIONS_DATA

R_GET_STATUS_DATA

R_LINK_HARD

R_MODIFY_ACCESS_DATA

R_MODIFY_ATTRIBUTE

R_MODIFY_PERMISSIONS_DATA

R_MODIFY_SYSTEM_DATA

R_MOUNT

R_READ

R_READ_ATTRIBUTE

R_READ_WRITE_OPEN

R_READ_OPEN

R_REMOVE_FROM_KERNEL

R_RENAME

R_SEARCH

R_SEND_SIGNAL

R_SHUTDOWN

R_SWITCH_LOG

R_SWITCH_MODULE

R_TERMINATE

R_TRACE

R_TRUNCATE

R_UMOUNT

R_WRITE

R_WRITE_OPEN

R_MAP_EXEC

R_BIND

R_LISTEN

R_ACCEPT

R_CONNECT

R_SEND

R_RECEIVE

R_NET_SHUTDOWN

R_CHANGE_DAC_EFF_OWNER

R_CHANGE_DAC_FS_OWNER

R_CHANGE_DAC_EFF_GROUP

R_CHANGE_DAC_FS_GROUP

R_NONE

Definition at line 452 of file types.h.

enum rsbac_attribute_t

Enumeration values:

A_pseudo

A_security_level

A_initial_security_level

A_local_sec_level

A_remote_sec_level

A_min_security_level

A_mac_categories

A_mac_initial_categories

A_local_mac_categories

A_remote_mac_categories

A_mac_min_categories

A_mac_user_flags

A_mac_process_flags

A_mac_file_flags

A_object_category

A_local_object_category

A_remote_object_category

A_data_type

A_local_data_type

A_remote_data_type

A_system_role

A_mac_role

A_fc_role

A_sim_role

A_daz_role

A_ff_role

A_auth_role

A_cap_role

A_jail_role

A_pax_role

A_current_sec_level

A_mac_curr_categories

A_min_write_open

A_min_write_categories

A_max_read_open

A_max_read_categories

A_mac_auto

A_mac_check

A_mac_prop_trusted

A_pm_role

A_pm_process_type

A_pm_current_task

A_pm_object_class

A_local_pm_object_class

A_remote_pm_object_class

A_pm_ipc_purpose

A_local_pm_ipc_purpose

A_remote_pm_ipc_purpose

A_pm_object_type

A_local_pm_object_type

A_remote_pm_object_type

A_pm_program_type

A_pm_tp

A_pm_task_set

A_daz_scanned

A_daz_scanner

A_ff_flags

A_rc_type

A_local_rc_type

A_remote_rc_type

A_rc_type_fd

A_rc_type_nt

A_rc_force_role

A_rc_initial_role

A_rc_role

A_rc_def_role

A_auth_may_setuid

A_auth_may_set_cap

A_auth_learn

A_min_caps

A_max_caps

A_max_caps_user

A_max_caps_program

A_jail_id

A_jail_ip

A_jail_flags

A_jail_max_caps

A_pax_flags

A_res_role

A_res_min

A_res_max

A_log_array_low

A_local_log_array_low

A_remote_log_array_low

A_log_array_high

A_local_log_array_high

A_remote_log_array_high

A_log_program_based

A_log_user_based

A_symlink_add_uid

A_symlink_add_mac_level

A_symlink_add_rc_role

A_linux_dac_disable

A_cap_process_hiding

A_fake_root_uid

A_audit_uid

A_auid_exempt

A_auth_last_auth

A_none

Definition at line 567 of file types.h.

enum rsbac_auth_cap_type_t

Enumeration values:

ACT_real

ACT_eff

ACT_fs

ACT_group_real

ACT_group_eff

ACT_group_fs

ACT_none

Definition at line 347 of file types.h.

enum rsbac_auth_may_setuid_t

Enumeration values:

AMS_off

AMS_full

AMS_last_auth_only

AMS_last_auth_and_gid

AMS_none

Definition at line 352 of file types.h.

enum rsbac_cap_process_hiding_t

Enumeration values:

PH_off

PH_from_other_users

PH_full

PH_none

Definition at line 361 of file types.h.

enum rsbac_data_type_t

Enumeration values:

DT_none

DT_SI

DT_inherit

Definition at line 190 of file types.h.

enum rsbac_dev_type_t

Enumeration values:

D_block

D_char

D_none

Definition at line 208 of file types.h.

enum rsbac_fake_root_uid_t

Enumeration values:

FR_off

FR_uid_only

FR_euid_only

FR_both

FR_none

Definition at line 197 of file types.h.

enum rsbac_ipc_type_t

Enumeration values:

I_sem

I_msg

I_shm

I_none

Definition at line 211 of file types.h.

enum rsbac_linux_dac_disable_t

Enumeration values:

LDD_false

LDD_true

LDD_inherit

LDD_none

Definition at line 219 of file types.h.

enum rsbac_log_level_t

Enumeration values:

LL_none

LL_denied

LL_full

LL_request

LL_invalid

Definition at line 255 of file types.h.

enum rsbac_mac_auto_t

Enumeration values:

MA_no

MA_yes

MA_inherit

Definition at line 297 of file types.h.

enum rsbac_object_category_t

Enumeration values:

OC_general

OC_security

OC_system

OC_inherit

OC_none

Definition at line 182 of file types.h.

enum rsbac_old_security_level_t

Enumeration values:

SL_unclassified

SL_confidential

SL_secret

SL_top_secret

SL_old_rsbac_internal

SL_old_inherit

SL_old_none

Definition at line 155 of file types.h.

enum rsbac_scd_type_t

Enumeration values:

ST_time_strucs

ST_clock

ST_host_id

ST_net_id

ST_ioports

ST_rlimit

ST_swap

ST_syslog

ST_rsbac

ST_rsbaclog

ST_other

ST_kmem

ST_network

ST_firewall

ST_priority

ST_sysfs

ST_rsbac_remote_log

ST_none

Definition at line 201 of file types.h.

enum rsbac_switch_target_t

Enumeration values:

GEN

MAC

FC

SIM

PM

DAZ

FF

RC

AUTH

REG

ACL

CAP

JAIL

RES

PAX

SOFTMODE

DAC_DISABLE

UM

FREEZE

SW_NONE

Definition at line 518 of file types.h.

enum rsbac_system_role_t

Enumeration values:

SR_user

SR_security_officer

SR_administrator

SR_auditor

SR_none

Definition at line 177 of file types.h.

enum rsbac_target_t

Enumeration values:

T_FILE

T_DIR

T_FIFO

T_SYMLINK

T_DEV

T_IPC

T_SCD

T_USER

T_PROCESS

T_NETDEV

T_NETTEMP

T_NETOBJ

T_NETTEMP_NT

T_GROUP

T_FD

T_NONE

Definition at line 529 of file types.h.

Generated on Fri Jun 17 09:45:29 2005 for RSBAC by

1.4.2


Defines
#define	RSBAC_VERSION "v1.2.4"
#define	RSBAC_VERSION_MAJOR 1
#define	RSBAC_VERSION_MID 2
#define	RSBAC_VERSION_MINOR 4
#define	RSBAC_VERSION_NR ((RSBAC_VERSION_MAJOR << 16) \| (RSBAC_VERSION_MID << 8) \| RSBAC_VERSION_MINOR)
#define	RSBAC_VERSION_MAKE_NR(x, y, z) ((x << 16) & (y << 8) & z)
#define	NULL ((void *) 0)
#define	rsbac_min(a, b) (((a)<(b))?(a):(b))
#define	rsbac_max(a, b) (((a)>(b))?(a):(b))
#define	RSBAC_OLD_NO_USER 65533
#define	RSBAC_OLD_ALL_USERS 65532
#define	RSBAC_NO_USER ((rsbac_uid_t) -3)
#define	RSBAC_ALL_USERS ((rsbac_uid_t) -4)
#define	RSBAC_NO_GROUP ((rsbac_gid_t) -3)
#define	RSBAC_ALL_GROUPS ((rsbac_gid_t) -4)
#define	FALSE 0
#define	TRUE 1
#define	RSBAC_IFNAMSIZ 16
#define	RSBAC_SEC_DEL_CHUNK_SIZE 65536
#define	RSBAC_AUTH_LOGIN_PATH "/bin/login"
#define	RSBAC_AUTH_LOGIN_PATH_DIR "bin"
#define	RSBAC_AUTH_LOGIN_PATH_FILE "login"
#define	RSBAC_LIST_TTL_KEEP ((rsbac_time_t) -1)
#define	RSBAC_SYSADM_UID 0
#define	RSBAC_BIN_UID 1
#define	RSBAC_SECOFF_UID 400
#define	RSBAC_DATAPROT_UID (RSBAC_SECOFF_UID+1)
#define	RSBAC_TPMAN_UID (RSBAC_SECOFF_UID+2)
#define	RSBAC_AUDITOR_UID (RSBAC_SECOFF_UID+4)
#define	SL_max 252
#define	SL_min 0
#define	SL_inherit 254
#define	SL_none 255
#define	RSBAC_MAC_GENERAL_CATEGORY 0
#define	RSBAC_MAC_DEF_CAT_VECTOR ((rsbac_mac_category_vector_t) 1)
#define	RSBAC_MAC_MAX_CAT_VECTOR ((rsbac_mac_category_vector_t) -1)
#define	RSBAC_MAC_MIN_CAT_VECTOR ((rsbac_mac_category_vector_t) 0)
#define	RSBAC_MAC_INHERIT_CAT_VECTOR ((rsbac_mac_category_vector_t) 0)
#define	RSBAC_MAC_NR_CATS 64
#define	RSBAC_MAC_MAX_CAT 63
#define	RSBAC_MAC_CAT_VECTOR(x) ((rsbac_mac_category_vector_t) 1 << (x))
#define	RSBAC_FC_OC_DEF OC_inherit
#define	RSBAC_FC_OC_ROOT_DEF OC_general
#define	RSBAC_SIM_DT_DEF DT_inherit
#define	RSBAC_SIM_DT_ROOT_DEF DT_none
#define	RSBAC_REQUEST_VECTOR(x) ((rsbac_request_vector_t) 1 << (x))
#define	RSBAC_MAXNAMELEN 256
#define	RSBAC_LIST_TA_MAX_PASSLEN 36
#define	RSBAC_MAC_MAX_MAXNUM 1000000
#define	MAC_override 1
#define	MAC_auto 2
#define	MAC_trusted 4
#define	MAC_write_up 8
#define	MAC_read_up 16
#define	MAC_write_down 32
#define	MAC_allow_auto 64
#define	MAC_prop_trusted 128
#define	MAC_program_auto 256
#define	RSBAC_MAC_U_FLAGS (MAC_override \| MAC_trusted \| MAC_write_up \| MAC_read_up \| MAC_write_down \| MAC_allow_auto)
#define	RSBAC_MAC_P_FLAGS (MAC_override \| MAC_auto \| MAC_trusted \| MAC_write_up \| MAC_read_up \| MAC_write_down \| MAC_prop_trusted \| MAC_program_auto)
#define	RSBAC_MAC_F_FLAGS (MAC_auto \| MAC_trusted \| MAC_write_up \| MAC_read_up \| MAC_write_down)
#define	RSBAC_MAC_DEF_U_FLAGS 0
#define	RSBAC_MAC_DEF_SYSADM_U_FLAGS MAC_allow_auto
#define	RSBAC_MAC_DEF_SECOFF_U_FLAGS MAC_override
#define	RSBAC_MAC_DEF_P_FLAGS 0
#define	RSBAC_MAC_DEF_INIT_P_FLAGS MAC_auto
#define	DAZ_unscanned 0
#define	DAZ_infected 1
#define	DAZ_clean 2
#define	DAZ_max 2
#define	DEFAULT_DAZ_FD_SCANNED DAZ_unscanned
#define	FF_read_only 1
#define	FF_execute_only 2
#define	FF_search_only 4
#define	FF_write_only 8
#define	FF_secure_delete 16
#define	FF_no_execute 32
#define	FF_no_delete_or_rename 64
#define	FF_append_only 256
#define	FF_no_mount 512
#define	FF_add_inherited 128
#define	RSBAC_FF_DEF FF_add_inherited
#define	RSBAC_FF_ROOT_DEF 0
#define	RSBAC_AUTH_MAX_MAXNUM 1000000
#define	RSBAC_AUTH_OLD_OWNER_F_CAP (rsbac_old_uid_t) -3
#define	RSBAC_AUTH_OWNER_F_CAP ((rsbac_uid_t) -3)
#define	RSBAC_AUTH_DAC_OWNER_F_CAP ((rsbac_uid_t) -4)
#define	RSBAC_AUTH_MAX_RANGE_UID ((rsbac_uid_t) -10)
#define	RSBAC_CAP_DEFAULT_MIN ((rsbac_cap_vector_t) 0)
#define	RSBAC_CAP_DEFAULT_MAX ((rsbac_cap_vector_t) -1)
#define	CAP_NONE 29
#define	RSBAC_CAP_MAX CAP_NONE
#define	RSBAC_JAIL_VERSION 1
#define	RSBAC_JAIL_DEF_ID 0
#define	JAIL_allow_external_ipc 1
#define	JAIL_allow_all_net_family 2
#define	JAIL_allow_rlimit 4
#define	JAIL_allow_inet_raw 8
#define	JAIL_auto_adjust_inet_any 16
#define	JAIL_allow_inet_localhost 32
#define	JAIL_allow_clock 64
#define	RSBAC_JAIL_LOCALHOST ((1 << 24) \| 127)
#define	PF_PAX_PAGEEXEC 0x01000000
#define	PF_PAX_EMUTRAMP 0x02000000
#define	PF_PAX_MPROTECT 0x04000000
#define	PF_PAX_RANDMMAP 0x08000000
#define	PF_PAX_RANDEXEC 0x10000000
#define	PF_PAX_SEGMEXEC 0x20000000
#define	RSBAC_PAX_DEF_FLAGS (PF_PAX_SEGMEXEC \| PF_PAX_PAGEEXEC \| PF_PAX_MPROTECT \| PF_PAX_RANDMMAP)
#define	RSBAC_PAX_ALL_FLAGS ((rsbac_pax_flags_t) 255 << 24)
#define	RSBAC_RES_UNSET 0
#define	RSBAC_RES_MAX 10
#define	RSBAC_RES_NONE 11
#define	RSBAC_ADF_REQUEST_ARRAY_VERSION 2
#define	RSBAC_MAX_MOD (SOFTMODE - 1)
Typedefs
typedef __u32	rsbac_version_t
typedef __u32	rsbac_uid_t
typedef __u32	rsbac_gid_t
typedef __u16	rsbac_old_uid_t
typedef __u16	rsbac_old_gid_t
typedef __u32	rsbac_time_t
typedef __u32	rsbac_cap_vector_t
typedef __u32	rsbac_list_ta_number_t
typedef u_int	rsbac_boolean_t
typedef __u8	rsbac_boolean_int_t
typedef u_char	rsbac_netdev_id_t [RSBAC_IFNAMSIZ+1]
typedef __u8	rsbac_enum_t
typedef __u32	rsbac_pseudo_t
typedef __u32	rsbac_pid_t
typedef __u32	rsbac_ta_number_t
typedef __u8	rsbac_security_level_t
typedef __u64	rsbac_mac_category_vector_t
typedef u_int	rsbac_cwi_relation_id_t
typedef rsbac_enum_t	rsbac_system_role_int_t
typedef rsbac_enum_t	rsbac_fc_oc_t
typedef rsbac_enum_t	rsbac_sim_dt_t
typedef rsbac_enum_t	rsbac_fake_root_uid_int_t
typedef __u32	rsbac_inode_nr_t
typedef rsbac_enum_t	rsbac_linux_dac_disable_int_t
typedef __u64	rsbac_log_array_t
typedef __u64	rsbac_request_vector_t
typedef __u8	rsbac_mac_user_flags_t
typedef __u16	rsbac_mac_process_flags_t
typedef __u8	rsbac_mac_file_flags_t
typedef rsbac_fs_file_t	rsbac_mac_file_t
typedef rsbac_enum_t	rsbac_mac_auto_int_t
typedef __u8	rsbac_daz_scanned_t
typedef __u8	rsbac_daz_scanner_t
typedef __u16	rsbac_ff_flags_t
typedef rsbac_fs_file_t	rsbac_auth_file_t
typedef rsbac_enum_t	rsbac_auth_cap_type_int_t
typedef rsbac_enum_t	rsbac_auth_may_setuid_int_t
typedef rsbac_enum_t	rsbac_cap_process_hiding_int_t
typedef __u32	rsbac_jail_id_t
typedef __u32	rsbac_jail_ip_t
typedef __u32	rsbac_jail_flags_t
typedef unsigned long	rsbac_pax_flags_t
typedef __u32	rsbac_res_limit_t
typedef rsbac_res_limit_t	rsbac_res_array_t [RSBAC_RES_MAX+1]
typedef __s32	rsbac_reg_handle_t
typedef void *	rsbac_net_obj_id_t
typedef rsbac_enum_t	rsbac_adf_request_int_t
typedef rsbac_enum_t	rsbac_switch_target_int_t
Enumerations
enum	rsbac_old_security_level_t { SL_unclassified, SL_confidential, SL_secret, SL_top_secret, SL_old_rsbac_internal, SL_old_inherit, SL_old_none }
enum	rsbac_system_role_t { SR_user, SR_security_officer, SR_administrator, SR_auditor, SR_none }
enum	rsbac_object_category_t { OC_general, OC_security, OC_system, OC_inherit, OC_none }
enum	rsbac_data_type_t { DT_none, DT_SI, DT_inherit }
enum	rsbac_fake_root_uid_t { FR_off, FR_uid_only, FR_euid_only, FR_both, FR_none }
enum	rsbac_scd_type_t { ST_time_strucs, ST_clock, ST_host_id, ST_net_id, ST_ioports, ST_rlimit, ST_swap, ST_syslog, ST_rsbac, ST_rsbaclog, ST_other, ST_kmem, ST_network, ST_firewall, ST_priority, ST_sysfs, ST_rsbac_remote_log, ST_none }
enum	rsbac_dev_type_t { D_block, D_char, D_none }
enum	rsbac_ipc_type_t { I_sem, I_msg, I_shm, I_none }
enum	rsbac_linux_dac_disable_t { LDD_false, LDD_true, LDD_inherit, LDD_none }
enum	rsbac_log_level_t { LL_none, LL_denied, LL_full, LL_request, LL_invalid }
enum	rsbac_mac_auto_t { MA_no, MA_yes, MA_inherit }
enum	rsbac_auth_cap_type_t { ACT_real, ACT_eff, ACT_fs, ACT_group_real, ACT_group_eff, ACT_group_fs, ACT_none }
enum	rsbac_auth_may_setuid_t { AMS_off, AMS_full, AMS_last_auth_only, AMS_last_auth_and_gid, AMS_none }
enum	rsbac_cap_process_hiding_t { PH_off, PH_from_other_users, PH_full, PH_none }
enum	rsbac_adf_request_t { R_ADD_TO_KERNEL, R_ALTER, R_APPEND_OPEN, R_CHANGE_GROUP, R_CHANGE_OWNER, R_CHDIR, R_CLONE, R_CLOSE, R_CREATE, R_DELETE, R_EXECUTE, R_GET_PERMISSIONS_DATA, R_GET_STATUS_DATA, R_LINK_HARD, R_MODIFY_ACCESS_DATA, R_MODIFY_ATTRIBUTE, R_MODIFY_PERMISSIONS_DATA, R_MODIFY_SYSTEM_DATA, R_MOUNT, R_READ, R_READ_ATTRIBUTE, R_READ_WRITE_OPEN, R_READ_OPEN, R_REMOVE_FROM_KERNEL, R_RENAME, R_SEARCH, R_SEND_SIGNAL, R_SHUTDOWN, R_SWITCH_LOG, R_SWITCH_MODULE, R_TERMINATE, R_TRACE, R_TRUNCATE, R_UMOUNT, R_WRITE, R_WRITE_OPEN, R_MAP_EXEC, R_BIND, R_LISTEN, R_ACCEPT, R_CONNECT, R_SEND, R_RECEIVE, R_NET_SHUTDOWN, R_CHANGE_DAC_EFF_OWNER, R_CHANGE_DAC_FS_OWNER, R_CHANGE_DAC_EFF_GROUP, R_CHANGE_DAC_FS_GROUP, R_NONE }
enum	rsbac_adf_req_ret_t { NOT_GRANTED, GRANTED, DO_NOT_CARE, UNDEFINED }
enum	rsbac_switch_target_t { GEN, MAC, FC, SIM, PM, DAZ, FF, RC, AUTH, REG, ACL, CAP, JAIL, RES, PAX, SOFTMODE, DAC_DISABLE, UM, FREEZE, SW_NONE }
enum	rsbac_target_t { T_FILE, T_DIR, T_FIFO, T_SYMLINK, T_DEV, T_IPC, T_SCD, T_USER, T_PROCESS, T_NETDEV, T_NETTEMP, T_NETOBJ, T_NETTEMP_NT, T_GROUP, T_FD, T_NONE }
enum	rsbac_attribute_t { A_pseudo, A_security_level, A_initial_security_level, A_local_sec_level, A_remote_sec_level, A_min_security_level, A_mac_categories, A_mac_initial_categories, A_local_mac_categories, A_remote_mac_categories, A_mac_min_categories, A_mac_user_flags, A_mac_process_flags, A_mac_file_flags, A_object_category, A_local_object_category, A_remote_object_category, A_data_type, A_local_data_type, A_remote_data_type, A_system_role, A_mac_role, A_fc_role, A_sim_role, A_daz_role, A_ff_role, A_auth_role, A_cap_role, A_jail_role, A_pax_role, A_current_sec_level, A_mac_curr_categories, A_min_write_open, A_min_write_categories, A_max_read_open, A_max_read_categories, A_mac_auto, A_mac_check, A_mac_prop_trusted, A_pm_role, A_pm_process_type, A_pm_current_task, A_pm_object_class, A_local_pm_object_class, A_remote_pm_object_class, A_pm_ipc_purpose, A_local_pm_ipc_purpose, A_remote_pm_ipc_purpose, A_pm_object_type, A_local_pm_object_type, A_remote_pm_object_type, A_pm_program_type, A_pm_tp, A_pm_task_set, A_daz_scanned, A_daz_scanner, A_ff_flags, A_rc_type, A_local_rc_type, A_remote_rc_type, A_rc_type_fd, A_rc_type_nt, A_rc_force_role, A_rc_initial_role, A_rc_role, A_rc_def_role, A_auth_may_setuid, A_auth_may_set_cap, A_auth_learn, A_min_caps, A_max_caps, A_max_caps_user, A_max_caps_program, A_jail_id, A_jail_ip, A_jail_flags, A_jail_max_caps, A_pax_flags, A_res_role, A_res_min, A_res_max, A_log_array_low, A_local_log_array_low, A_remote_log_array_low, A_log_array_high, A_local_log_array_high, A_remote_log_array_high, A_log_program_based, A_log_user_based, A_symlink_add_uid, A_symlink_add_mac_level, A_symlink_add_rc_role, A_linux_dac_disable, A_cap_process_hiding, A_fake_root_uid, A_audit_uid, A_auid_exempt, A_auth_last_auth, A_none }

types.h File Reference

Defines

Typedefs

Enumerations

Define Documentation

Typedef Documentation

Enumeration Type Documentation