00001
00002
00003
00004
00005
00006
00007
00008
00009
00010 #ifndef __RSBAC_SYSCALLS_H
00011 #define __RSBAC_SYSCALLS_H
00012
00013 #include <linux/unistd.h>
00014 #include <rsbac/types.h>
00015 #include <rsbac/getname.h>
00016 #include <rsbac/helpers.h>
00017 #include <rsbac/error.h>
00018
00019 enum rsbac_syscall_t
00020 {
00021 RSYS_stats,
00022 RSYS_check,
00023 RSYS_get_attr,
00024 RSYS_get_attr_n,
00025 RSYS_set_attr,
00026 RSYS_set_attr_n,
00027 RSYS_remove_target,
00028 RSYS_remove_target_n,
00029 RSYS_net_list_all_netdev,
00030 RSYS_net_template,
00031 RSYS_net_list_all_template,
00032 RSYS_switch,
00033 RSYS_adf_log_switch,
00034 RSYS_get_adf_log,
00035 RSYS_write,
00036 RSYS_log,
00037 RSYS_mac_set_curr_level,
00038 RSYS_mac_get_curr_level,
00039 RSYS_mac_get_max_level,
00040 RSYS_mac_get_min_level,
00041 RSYS_mac_add_p_tru,
00042 RSYS_mac_remove_p_tru,
00043 RSYS_mac_add_f_tru,
00044 RSYS_mac_remove_f_tru,
00045 RSYS_mac_get_f_trulist,
00046 RSYS_mac_get_p_trulist,
00047 RSYS_stats_pm,
00048 RSYS_pm,
00049 RSYS_pm_change_current_task,
00050 RSYS_pm_create_file,
00051 RSYS_daz_flush_cache,
00052 RSYS_rc_copy_role,
00053 RSYS_rc_copy_type,
00054 RSYS_rc_get_item,
00055 RSYS_rc_set_item,
00056 RSYS_rc_change_role,
00057 RSYS_rc_get_eff_rights_n,
00058 RSYS_rc_get_list,
00059 RSYS_auth_add_p_cap,
00060 RSYS_auth_remove_p_cap,
00061 RSYS_auth_add_f_cap,
00062 RSYS_auth_remove_f_cap,
00063 RSYS_auth_get_f_caplist,
00064 RSYS_auth_get_p_caplist,
00065 RSYS_acl,
00066 RSYS_acl_n,
00067 RSYS_acl_get_rights,
00068 RSYS_acl_get_rights_n,
00069 RSYS_acl_get_tlist,
00070 RSYS_acl_get_tlist_n,
00071 RSYS_acl_get_mask,
00072 RSYS_acl_get_mask_n,
00073 RSYS_acl_group,
00074 RSYS_reg,
00075 RSYS_jail,
00076 RSYS_init,
00077 RSYS_rc_get_current_role,
00078 RSYS_um_auth_name,
00079 RSYS_um_auth_uid,
00080 RSYS_um_add_user,
00081 RSYS_um_add_group,
00082 RSYS_um_add_gm,
00083 RSYS_um_mod_user,
00084 RSYS_um_mod_group,
00085 RSYS_um_get_user_item,
00086 RSYS_um_get_group_item,
00087 RSYS_um_remove_user,
00088 RSYS_um_remove_group,
00089 RSYS_um_remove_gm,
00090 RSYS_um_user_exists,
00091 RSYS_um_group_exists,
00092 RSYS_um_get_next_user,
00093 RSYS_um_get_user_list,
00094 RSYS_um_get_gm_list,
00095 RSYS_um_get_gm_user_list,
00096 RSYS_um_get_group_list,
00097 RSYS_um_get_uid,
00098 RSYS_um_get_gid,
00099 RSYS_um_set_pass,
00100 RSYS_um_set_pass_name,
00101 RSYS_um_set_group_pass,
00102 RSYS_um_check_account,
00103 RSYS_um_check_account_name,
00104 RSYS_list_ta_begin,
00105 RSYS_list_ta_refresh,
00106 RSYS_list_ta_commit,
00107 RSYS_list_ta_forget,
00108 RSYS_none
00109 };
00110
00111
00112 struct rsys_check_t
00113 {
00114 int correct;
00115 int check_inode;
00116 };
00117
00118 struct rsys_get_attr_t
00119 {
00120 rsbac_list_ta_number_t ta_number;
00121 enum rsbac_switch_target_t module;
00122 enum rsbac_target_t target;
00123 union rsbac_target_id_t * tid;
00124 enum rsbac_attribute_t attr;
00125 union rsbac_attribute_value_t * value;
00126 int inherit;
00127 };
00128
00129 struct rsys_get_attr_n_t
00130 {
00131 rsbac_list_ta_number_t ta_number;
00132 enum rsbac_switch_target_t module;
00133 enum rsbac_target_t target;
00134 char * t_name;
00135 enum rsbac_attribute_t attr;
00136 union rsbac_attribute_value_t * value;
00137 int inherit;
00138 };
00139
00140 struct rsys_set_attr_t
00141 {
00142 rsbac_list_ta_number_t ta_number;
00143 enum rsbac_switch_target_t module;
00144 enum rsbac_target_t target;
00145 union rsbac_target_id_t * tid;
00146 enum rsbac_attribute_t attr;
00147 union rsbac_attribute_value_t * value;
00148 };
00149
00150 struct rsys_set_attr_n_t
00151 {
00152 rsbac_list_ta_number_t ta_number;
00153 enum rsbac_switch_target_t module;
00154 enum rsbac_target_t target;
00155 char * t_name;
00156 enum rsbac_attribute_t attr;
00157 union rsbac_attribute_value_t * value;
00158 };
00159
00160 struct rsys_remove_target_t
00161 {
00162 rsbac_list_ta_number_t ta_number;
00163 enum rsbac_target_t target;
00164 union rsbac_target_id_t * tid;
00165 };
00166
00167 struct rsys_remove_target_n_t
00168 {
00169 rsbac_list_ta_number_t ta_number;
00170 enum rsbac_target_t target;
00171 char * t_name;
00172 };
00173
00174 struct rsys_net_list_all_netdev_t
00175 {
00176 rsbac_list_ta_number_t ta_number;
00177 rsbac_netdev_id_t * id_p;
00178 u_long maxnum;
00179 };
00180
00181 struct rsys_net_template_t
00182 {
00183 rsbac_list_ta_number_t ta_number;
00184 enum rsbac_net_temp_syscall_t call;
00185 rsbac_net_temp_id_t id;
00186 union rsbac_net_temp_syscall_data_t * data_p;
00187 };
00188
00189 struct rsys_net_list_all_template_t
00190 {
00191 rsbac_list_ta_number_t ta_number;
00192 rsbac_net_temp_id_t * id_p;
00193 u_long maxnum;
00194 };
00195
00196 struct rsys_switch_t
00197 {
00198 enum rsbac_switch_target_t target;
00199 int value;
00200 };
00201
00202 struct rsys_adf_log_switch_t
00203 {
00204 enum rsbac_adf_request_t request;
00205 enum rsbac_target_t target;
00206 u_int value;
00207 };
00208
00209 struct rsys_get_adf_log_t
00210 {
00211 enum rsbac_adf_request_t request;
00212 enum rsbac_target_t target;
00213 u_int * value_p;
00214 };
00215
00216 struct rsys_log_t
00217 {
00218 int type;
00219 char * buf;
00220 int len;
00221 };
00222
00223 struct rsys_mac_set_curr_level_t
00224 {
00225 rsbac_security_level_t level;
00226 rsbac_mac_category_vector_t * categories_p;
00227 };
00228
00229 struct rsys_mac_get_curr_level_t
00230 {
00231 rsbac_security_level_t * level_p;
00232 rsbac_mac_category_vector_t * categories_p;
00233 };
00234
00235 struct rsys_mac_get_max_level_t
00236 {
00237 rsbac_security_level_t * level_p;
00238 rsbac_mac_category_vector_t * categories_p;
00239 };
00240
00241 struct rsys_mac_get_min_level_t
00242 {
00243 rsbac_security_level_t * level_p;
00244 rsbac_mac_category_vector_t * categories_p;
00245 };
00246
00247 struct rsys_mac_add_p_tru_t
00248 {
00249 rsbac_list_ta_number_t ta_number;
00250 rsbac_pid_t pid;
00251 rsbac_uid_t uid;
00252 rsbac_time_t ttl;
00253 };
00254
00255 struct rsys_mac_remove_p_tru_t
00256 {
00257 rsbac_list_ta_number_t ta_number;
00258 rsbac_pid_t pid;
00259 rsbac_uid_t uid;
00260 };
00261
00262 struct rsys_mac_add_f_tru_t
00263 {
00264 rsbac_list_ta_number_t ta_number;
00265 char * filename;
00266 rsbac_uid_t uid;
00267 rsbac_time_t ttl;
00268 };
00269
00270 struct rsys_mac_remove_f_tru_t
00271 {
00272 rsbac_list_ta_number_t ta_number;
00273 char * filename;
00274 rsbac_uid_t uid;
00275 };
00276
00277 struct rsys_mac_get_f_trulist_t
00278 {
00279 rsbac_list_ta_number_t ta_number;
00280 char * filename;
00281 rsbac_uid_t * trulist;
00282 rsbac_time_t * ttllist;
00283 u_int maxnum;
00284 };
00285
00286 struct rsys_mac_get_p_trulist_t
00287 {
00288 rsbac_list_ta_number_t ta_number;
00289 rsbac_pid_t pid;
00290 rsbac_uid_t * trulist;
00291 rsbac_time_t * ttllist;
00292 u_int maxnum;
00293 };
00294
00295 struct rsys_pm_t
00296 {
00297 rsbac_list_ta_number_t ta_number;
00298 enum rsbac_pm_function_type_t function;
00299 union rsbac_pm_function_param_t * param_p;
00300 rsbac_pm_tkt_id_t ticket;
00301 };
00302
00303 struct rsys_pm_change_current_task_t
00304 {
00305 rsbac_pm_task_id_t task;
00306 };
00307
00308 struct rsys_pm_create_file_t
00309 {
00310 const char * filename;
00311 int mode;
00312 rsbac_pm_object_class_id_t object_class;
00313 };
00314
00315 struct rsys_rc_copy_role_t
00316 {
00317 rsbac_list_ta_number_t ta_number;
00318 rsbac_rc_role_id_t from_role;
00319 rsbac_rc_role_id_t to_role;
00320 };
00321
00322 struct rsys_rc_copy_type_t
00323 {
00324 rsbac_list_ta_number_t ta_number;
00325 enum rsbac_target_t target;
00326 rsbac_rc_type_id_t from_type;
00327 rsbac_rc_type_id_t to_type;
00328 };
00329
00330 struct rsys_rc_get_item_t
00331 {
00332 rsbac_list_ta_number_t ta_number;
00333 enum rsbac_rc_target_t target;
00334 union rsbac_rc_target_id_t * tid_p;
00335 union rsbac_rc_target_id_t * subtid_p;
00336 enum rsbac_rc_item_t item;
00337 union rsbac_rc_item_value_t * value_p;
00338 rsbac_time_t * ttl_p;
00339 };
00340
00341 struct rsys_rc_set_item_t
00342 {
00343 rsbac_list_ta_number_t ta_number;
00344 enum rsbac_rc_target_t target;
00345 union rsbac_rc_target_id_t * tid_p;
00346 union rsbac_rc_target_id_t * subtid_p;
00347 enum rsbac_rc_item_t item;
00348 union rsbac_rc_item_value_t * value_p;
00349 rsbac_time_t ttl;
00350 };
00351
00352 struct rsys_rc_get_list_t
00353 {
00354 rsbac_list_ta_number_t ta_number;
00355 enum rsbac_rc_target_t target;
00356 union rsbac_rc_target_id_t * tid_p;
00357 enum rsbac_rc_item_t item;
00358 u_int maxnum;
00359 __u32 * array_p;
00360 rsbac_time_t * ttl_array_p;
00361 };
00362
00363 struct rsys_rc_change_role_t
00364 {
00365 rsbac_rc_role_id_t role;
00366 };
00367
00368 struct rsys_rc_get_eff_rights_n_t
00369 {
00370 rsbac_list_ta_number_t ta_number;
00371 enum rsbac_target_t target;
00372 char * t_name;
00373 rsbac_rc_request_vector_t * request_vector_p;
00374 rsbac_time_t * ttl_p;
00375 };
00376
00377 struct rsys_rc_get_current_role_t
00378 {
00379 rsbac_rc_role_id_t * role_p;
00380 };
00381
00382 struct rsys_auth_add_p_cap_t
00383 {
00384 rsbac_list_ta_number_t ta_number;
00385 rsbac_pid_t pid;
00386 enum rsbac_auth_cap_type_t cap_type;
00387 struct rsbac_auth_cap_range_t cap_range;
00388 rsbac_time_t ttl;
00389 };
00390
00391 struct rsys_auth_remove_p_cap_t
00392 {
00393 rsbac_list_ta_number_t ta_number;
00394 rsbac_pid_t pid;
00395 enum rsbac_auth_cap_type_t cap_type;
00396 struct rsbac_auth_cap_range_t cap_range;
00397 };
00398
00399 struct rsys_auth_add_f_cap_t
00400 {
00401 rsbac_list_ta_number_t ta_number;
00402 char * filename;
00403 enum rsbac_auth_cap_type_t cap_type;
00404 struct rsbac_auth_cap_range_t cap_range;
00405 rsbac_time_t ttl;
00406 };
00407
00408 struct rsys_auth_remove_f_cap_t
00409 {
00410 rsbac_list_ta_number_t ta_number;
00411 char * filename;
00412 enum rsbac_auth_cap_type_t cap_type;
00413 struct rsbac_auth_cap_range_t cap_range;
00414 };
00415
00416 struct rsys_auth_get_f_caplist_t
00417 {
00418 rsbac_list_ta_number_t ta_number;
00419 char * filename;
00420 enum rsbac_auth_cap_type_t cap_type;
00421 struct rsbac_auth_cap_range_t * caplist;
00422 rsbac_time_t * ttllist;
00423 u_int maxnum;
00424 };
00425
00426 struct rsys_auth_get_p_caplist_t
00427 {
00428 rsbac_list_ta_number_t ta_number;
00429 rsbac_pid_t pid;
00430 enum rsbac_auth_cap_type_t cap_type;
00431 struct rsbac_auth_cap_range_t * caplist;
00432 rsbac_time_t * ttllist;
00433 u_int maxnum;
00434 };
00435
00436 struct rsys_acl_t
00437 {
00438 rsbac_list_ta_number_t ta_number;
00439 enum rsbac_acl_syscall_type_t call;
00440 struct rsbac_acl_syscall_arg_t * arg;
00441 };
00442
00443 struct rsys_acl_n_t
00444 {
00445 rsbac_list_ta_number_t ta_number;
00446 enum rsbac_acl_syscall_type_t call;
00447 struct rsbac_acl_syscall_n_arg_t * arg;
00448 };
00449
00450 struct rsys_acl_get_rights_t
00451 {
00452 rsbac_list_ta_number_t ta_number;
00453 struct rsbac_acl_syscall_arg_t * arg;
00454 rsbac_acl_rights_vector_t * rights_p;
00455 u_int effective;
00456 };
00457
00458 struct rsys_acl_get_rights_n_t
00459 {
00460 rsbac_list_ta_number_t ta_number;
00461 struct rsbac_acl_syscall_n_arg_t * arg;
00462 rsbac_acl_rights_vector_t * rights_p;
00463 u_int effective;
00464 };
00465
00466 struct rsys_acl_get_tlist_t
00467 {
00468 rsbac_list_ta_number_t ta_number;
00469 enum rsbac_target_t target;
00470 union rsbac_target_id_t * tid;
00471 struct rsbac_acl_entry_t * entry_array;
00472 rsbac_time_t * ttl_array;
00473 u_int maxnum;
00474 };
00475
00476 struct rsys_acl_get_tlist_n_t
00477 {
00478 rsbac_list_ta_number_t ta_number;
00479 enum rsbac_target_t target;
00480 char * t_name;
00481 struct rsbac_acl_entry_t * entry_array;
00482 rsbac_time_t * ttl_array;
00483 u_int maxnum;
00484 };
00485
00486 struct rsys_acl_get_mask_t
00487 {
00488 rsbac_list_ta_number_t ta_number;
00489 enum rsbac_target_t target;
00490 union rsbac_target_id_t * tid;
00491 rsbac_acl_rights_vector_t * mask_p;
00492 };
00493
00494 struct rsys_acl_get_mask_n_t
00495 {
00496 rsbac_list_ta_number_t ta_number;
00497 enum rsbac_target_t target;
00498 char * t_name;
00499 rsbac_acl_rights_vector_t * mask_p;
00500 };
00501
00502 struct rsys_acl_group_t
00503 {
00504 rsbac_list_ta_number_t ta_number;
00505 enum rsbac_acl_group_syscall_type_t call;
00506 union rsbac_acl_group_syscall_arg_t * arg_p;
00507 };
00508
00509 struct rsys_reg_t
00510 {
00511 long handle;
00512 void * arg;
00513 };
00514
00515 struct rsys_jail_t
00516 {
00517 rsbac_version_t version;
00518 char * path;
00519 rsbac_jail_ip_t ip;
00520 rsbac_jail_flags_t flags;
00521 rsbac_cap_vector_t max_caps;
00522 };
00523
00524 struct rsys_init_t
00525 {
00526 char * root_dev;
00527 };
00528
00529 struct rsys_um_auth_name_t
00530 {
00531 char * name;
00532 char * pass;
00533 };
00534
00535 struct rsys_um_auth_uid_t
00536 {
00537 rsbac_uid_t uid;
00538 char * pass;
00539 };
00540
00541 struct rsys_um_add_user_t
00542 {
00543 rsbac_list_ta_number_t ta_number;
00544 rsbac_uid_t uid;
00545 struct rsbac_um_user_entry_t * entry_p;
00546 char * pass;
00547 rsbac_time_t ttl;
00548 };
00549
00550 struct rsys_um_add_group_t
00551 {
00552 rsbac_list_ta_number_t ta_number;
00553 rsbac_gid_t gid;
00554 struct rsbac_um_group_entry_t * entry_p;
00555 char * pass;
00556 rsbac_time_t ttl;
00557 };
00558
00559 struct rsys_um_add_gm_t
00560 {
00561 rsbac_list_ta_number_t ta_number;
00562 rsbac_uid_t uid;
00563 rsbac_gid_t gid;
00564 rsbac_time_t ttl;
00565 };
00566
00567 struct rsys_um_mod_user_t
00568 {
00569 rsbac_list_ta_number_t ta_number;
00570 rsbac_uid_t uid;
00571 enum rsbac_um_mod_t mod;
00572 union rsbac_um_mod_data_t * data_p;
00573 };
00574
00575 struct rsys_um_mod_group_t
00576 {
00577 rsbac_list_ta_number_t ta_number;
00578 rsbac_gid_t gid;
00579 enum rsbac_um_mod_t mod;
00580 union rsbac_um_mod_data_t * data_p;
00581 };
00582
00583 struct rsys_um_get_user_item_t
00584 {
00585 rsbac_list_ta_number_t ta_number;
00586 rsbac_uid_t uid;
00587 enum rsbac_um_mod_t mod;
00588 union rsbac_um_mod_data_t * data_p;
00589 };
00590
00591 struct rsys_um_get_group_item_t
00592 {
00593 rsbac_list_ta_number_t ta_number;
00594 rsbac_gid_t gid;
00595 enum rsbac_um_mod_t mod;
00596 union rsbac_um_mod_data_t * data_p;
00597 };
00598
00599 struct rsys_um_remove_user_t
00600 {
00601 rsbac_list_ta_number_t ta_number;
00602 rsbac_uid_t uid;
00603 };
00604
00605 struct rsys_um_remove_group_t
00606 {
00607 rsbac_list_ta_number_t ta_number;
00608 rsbac_gid_t gid;
00609 };
00610
00611 struct rsys_um_remove_gm_t
00612 {
00613 rsbac_list_ta_number_t ta_number;
00614 rsbac_uid_t uid;
00615 rsbac_gid_t gid;
00616 };
00617
00618 struct rsys_um_user_exists_t
00619 {
00620 rsbac_list_ta_number_t ta_number;
00621 rsbac_uid_t uid;
00622 };
00623
00624 struct rsys_um_group_exists_t
00625 {
00626 rsbac_list_ta_number_t ta_number;
00627 rsbac_gid_t gid;
00628 };
00629
00630 struct rsys_um_get_next_user_t
00631 {
00632 rsbac_list_ta_number_t ta_number;
00633 rsbac_uid_t old_user;
00634 rsbac_uid_t * next_user_p;
00635 };
00636
00637 struct rsys_um_get_user_list_t
00638 {
00639 rsbac_list_ta_number_t ta_number;
00640 rsbac_uid_t * user_array;
00641 u_int maxnum;
00642 };
00643
00644 struct rsys_um_get_gm_list_t
00645 {
00646 rsbac_list_ta_number_t ta_number;
00647 rsbac_uid_t user;
00648 rsbac_gid_t * group_array;
00649 u_int maxnum;
00650 };
00651
00652 struct rsys_um_get_gm_user_list_t
00653 {
00654 rsbac_list_ta_number_t ta_number;
00655 rsbac_gid_t group;
00656 rsbac_uid_t * user_array;
00657 u_int maxnum;
00658 };
00659
00660 struct rsys_um_get_group_list_t
00661 {
00662 rsbac_list_ta_number_t ta_number;
00663 rsbac_gid_t * group_array;
00664 u_int maxnum;
00665 };
00666
00667 struct rsys_um_get_uid_t
00668 {
00669 rsbac_list_ta_number_t ta_number;
00670 char * name;
00671 rsbac_uid_t * uid_p;
00672 };
00673
00674 struct rsys_um_get_gid_t
00675 {
00676 rsbac_list_ta_number_t ta_number;
00677 char * name;
00678 rsbac_gid_t * gid_p;
00679 };
00680
00681 struct rsys_um_set_pass_t
00682 {
00683 rsbac_uid_t uid;
00684 char * old_pass;
00685 char * new_pass;
00686 };
00687
00688 struct rsys_um_set_pass_name_t
00689 {
00690 char * name;
00691 char * old_pass;
00692 char * new_pass;
00693 };
00694
00695 struct rsys_um_set_group_pass_t
00696 {
00697 rsbac_gid_t gid;
00698 char * new_pass;
00699 };
00700
00701 struct rsys_um_check_account_t
00702 {
00703 rsbac_uid_t uid;
00704 };
00705
00706 struct rsys_um_check_account_name_t
00707 {
00708 char * name;
00709 };
00710
00711 struct rsys_list_ta_begin_t
00712 {
00713 rsbac_time_t ttl;
00714 rsbac_list_ta_number_t * ta_number_p;
00715 rsbac_uid_t commit_uid;
00716 char * password;
00717 };
00718
00719 struct rsys_list_ta_refresh_t
00720 {
00721 rsbac_time_t ttl;
00722 rsbac_list_ta_number_t ta_number;
00723 char * password;
00724 };
00725
00726 struct rsys_list_ta_commit_t
00727 {
00728 rsbac_list_ta_number_t ta_number;
00729 char * password;
00730 };
00731
00732 struct rsys_list_ta_forget_t
00733 {
00734 rsbac_list_ta_number_t ta_number;
00735 char * password;
00736 };
00737
00738 union rsbac_syscall_arg_t
00739 {
00740 struct rsys_check_t check;
00741 struct rsys_get_attr_t get_attr;
00742 struct rsys_get_attr_n_t get_attr_n;
00743 struct rsys_set_attr_t set_attr;
00744 struct rsys_set_attr_n_t set_attr_n;
00745 struct rsys_remove_target_t remove_target;
00746 struct rsys_remove_target_n_t remove_target_n;
00747 struct rsys_net_list_all_netdev_t net_list_all_netdev;
00748 struct rsys_net_template_t net_template;
00749 struct rsys_net_list_all_template_t net_list_all_template;
00750 struct rsys_switch_t switch_module;
00751 struct rsys_adf_log_switch_t adf_log_switch;
00752 struct rsys_get_adf_log_t get_adf_log;
00753 struct rsys_log_t log;
00754 struct rsys_mac_set_curr_level_t mac_set_curr_level;
00755 struct rsys_mac_get_curr_level_t mac_get_curr_level;
00756 struct rsys_mac_get_max_level_t mac_get_max_level;
00757 struct rsys_mac_get_min_level_t mac_get_min_level;
00758 struct rsys_mac_add_p_tru_t mac_add_p_tru;
00759 struct rsys_mac_remove_p_tru_t mac_remove_p_tru;
00760 struct rsys_mac_add_f_tru_t mac_add_f_tru;
00761 struct rsys_mac_remove_f_tru_t mac_remove_f_tru;
00762 struct rsys_mac_get_f_trulist_t mac_get_f_trulist;
00763 struct rsys_mac_get_p_trulist_t mac_get_p_trulist;
00764 struct rsys_pm_t pm;
00765 struct rsys_pm_change_current_task_t pm_change_current_task;
00766 struct rsys_pm_create_file_t pm_create_file;
00767 struct rsys_rc_copy_role_t rc_copy_role;
00768 struct rsys_rc_copy_type_t rc_copy_type;
00769 struct rsys_rc_get_item_t rc_get_item;
00770 struct rsys_rc_set_item_t rc_set_item;
00771 struct rsys_rc_get_list_t rc_get_list;
00772 struct rsys_rc_change_role_t rc_change_role;
00773 struct rsys_rc_get_eff_rights_n_t rc_get_eff_rights_n;
00774 struct rsys_rc_get_current_role_t rc_get_current_role;
00775 struct rsys_auth_add_p_cap_t auth_add_p_cap;
00776 struct rsys_auth_remove_p_cap_t auth_remove_p_cap;
00777 struct rsys_auth_add_f_cap_t auth_add_f_cap;
00778 struct rsys_auth_remove_f_cap_t auth_remove_f_cap;
00779 struct rsys_auth_get_f_caplist_t auth_get_f_caplist;
00780 struct rsys_auth_get_p_caplist_t auth_get_p_caplist;
00781 struct rsys_acl_t acl;
00782 struct rsys_acl_n_t acl_n;
00783 struct rsys_acl_get_rights_t acl_get_rights;
00784 struct rsys_acl_get_rights_n_t acl_get_rights_n;
00785 struct rsys_acl_get_tlist_t acl_get_tlist;
00786 struct rsys_acl_get_tlist_n_t acl_get_tlist_n;
00787 struct rsys_acl_get_mask_t acl_get_mask;
00788 struct rsys_acl_get_mask_n_t acl_get_mask_n;
00789 struct rsys_acl_group_t acl_group;
00790 struct rsys_reg_t reg;
00791 struct rsys_jail_t jail;
00792 struct rsys_init_t init;
00793 struct rsys_um_auth_name_t um_auth_name;
00794 struct rsys_um_auth_uid_t um_auth_uid;
00795 struct rsys_um_add_user_t um_add_user;
00796 struct rsys_um_add_group_t um_add_group;
00797 struct rsys_um_add_gm_t um_add_gm;
00798 struct rsys_um_mod_user_t um_mod_user;
00799 struct rsys_um_mod_group_t um_mod_group;
00800 struct rsys_um_get_user_item_t um_get_user_item;
00801 struct rsys_um_get_group_item_t um_get_group_item;
00802 struct rsys_um_remove_user_t um_remove_user;
00803 struct rsys_um_remove_group_t um_remove_group;
00804 struct rsys_um_remove_gm_t um_remove_gm;
00805 struct rsys_um_user_exists_t um_user_exists;
00806 struct rsys_um_group_exists_t um_group_exists;
00807 struct rsys_um_get_next_user_t um_get_next_user;
00808 struct rsys_um_get_user_list_t um_get_user_list;
00809 struct rsys_um_get_gm_list_t um_get_gm_list;
00810 struct rsys_um_get_gm_user_list_t um_get_gm_user_list;
00811 struct rsys_um_get_group_list_t um_get_group_list;
00812 struct rsys_um_get_uid_t um_get_uid;
00813 struct rsys_um_get_gid_t um_get_gid;
00814 struct rsys_um_set_pass_t um_set_pass;
00815 struct rsys_um_set_pass_name_t um_set_pass_name;
00816 struct rsys_um_set_group_pass_t um_set_group_pass;
00817 struct rsys_um_check_account_t um_check_account;
00818 struct rsys_um_check_account_name_t um_check_account_name;
00819 struct rsys_list_ta_begin_t list_ta_begin;
00820 struct rsys_list_ta_refresh_t list_ta_refresh;
00821 struct rsys_list_ta_commit_t list_ta_commit;
00822 struct rsys_list_ta_forget_t list_ta_forget;
00823 int dummy;
00824 };
00825
00826 #ifndef __KERNEL__
00827
00828 int rsbac_stats(void);
00829
00830 int rsbac_check(int correct, int check_inode);
00831
00832 int rsbac_write(void);
00833
00834 int rsbac_get_attr(
00835 rsbac_list_ta_number_t ta_number,
00836 enum rsbac_switch_target_t module,
00837 enum rsbac_target_t target,
00838 union rsbac_target_id_t * tid,
00839 enum rsbac_attribute_t attr,
00840 union rsbac_attribute_value_t * value,
00841 int inherit);
00842
00843 int rsbac_get_attr_n(
00844 rsbac_list_ta_number_t ta_number,
00845 enum rsbac_switch_target_t module,
00846 enum rsbac_target_t target,
00847 char * t_name,
00848 enum rsbac_attribute_t attr,
00849 union rsbac_attribute_value_t * value,
00850 int inherit);
00851
00852 int rsbac_set_attr(
00853 rsbac_list_ta_number_t ta_number,
00854 enum rsbac_switch_target_t module,
00855 enum rsbac_target_t target,
00856 union rsbac_target_id_t * tid,
00857 enum rsbac_attribute_t attr,
00858 union rsbac_attribute_value_t * value);
00859
00860
00861 int rsbac_set_attr_n(
00862 rsbac_list_ta_number_t ta_number,
00863 enum rsbac_switch_target_t module,
00864 enum rsbac_target_t target,
00865 char * t_name,
00866 enum rsbac_attribute_t attr,
00867 union rsbac_attribute_value_t * value);
00868
00869 int rsbac_remove_target(
00870 rsbac_list_ta_number_t ta_number,
00871 enum rsbac_target_t target,
00872 union rsbac_target_id_t * tid);
00873
00874 int rsbac_remove_target_n(
00875 rsbac_list_ta_number_t ta_number,
00876 enum rsbac_target_t target,
00877 char * t_name);
00878
00879 int rsbac_net_list_all_netdev(
00880 rsbac_list_ta_number_t ta_number,
00881 rsbac_netdev_id_t * id_p,
00882 u_long maxnum);
00883
00884 int rsbac_net_template(
00885 rsbac_list_ta_number_t ta_number,
00886 enum rsbac_net_temp_syscall_t call,
00887 rsbac_net_temp_id_t id,
00888 union rsbac_net_temp_syscall_data_t * data_p);
00889
00890 int rsbac_net_list_all_template(
00891 rsbac_list_ta_number_t ta_number,
00892 rsbac_net_temp_id_t * id_p,
00893 u_long maxnum);
00894
00895 int rsbac_switch(enum rsbac_switch_target_t target, int value);
00896
00897
00898
00899 int rsbac_mac_set_curr_level(rsbac_security_level_t level,
00900 rsbac_mac_category_vector_t * categories_p);
00901
00902 int rsbac_mac_get_curr_level(rsbac_security_level_t * level_p,
00903 rsbac_mac_category_vector_t * categories_p);
00904
00905 int rsbac_mac_get_max_level(rsbac_security_level_t * level_p,
00906 rsbac_mac_category_vector_t * categories_p);
00907
00908 int rsbac_mac_get_min_level(rsbac_security_level_t * level_p,
00909 rsbac_mac_category_vector_t * categories_p);
00910
00911 int rsbac_mac_add_p_tru(
00912 rsbac_list_ta_number_t ta_number,
00913 rsbac_pid_t pid,
00914 rsbac_uid_t uid,
00915 rsbac_time_t ttl);
00916
00917 int rsbac_mac_remove_p_tru(
00918 rsbac_list_ta_number_t ta_number,
00919 rsbac_pid_t pid,
00920 rsbac_uid_t uid);
00921
00922 int rsbac_mac_add_f_tru(
00923 rsbac_list_ta_number_t ta_number,
00924 char * filename,
00925 rsbac_uid_t uid,
00926 rsbac_time_t ttl);
00927
00928 int rsbac_mac_remove_f_tru(
00929 rsbac_list_ta_number_t ta_number,
00930 char * filename,
00931 rsbac_uid_t uid);
00932
00933
00934 int rsbac_mac_get_f_trulist(
00935 rsbac_list_ta_number_t ta_number,
00936 char * filename,
00937 rsbac_uid_t trulist[],
00938 rsbac_time_t ttllist[],
00939 u_int maxnum);
00940
00941 int rsbac_mac_get_p_trulist(
00942 rsbac_list_ta_number_t ta_number,
00943 rsbac_pid_t pid,
00944 rsbac_uid_t trulist[],
00945 rsbac_time_t ttllist[],
00946 u_int maxnum);
00947
00948
00949
00950 int rsbac_stats_pm(void);
00951
00952 int rsbac_pm(
00953 rsbac_list_ta_number_t ta_number,
00954 enum rsbac_pm_function_type_t function,
00955 union rsbac_pm_function_param_t * param_p,
00956 rsbac_pm_tkt_id_t ticket);
00957
00958 int rsbac_pm_change_current_task(rsbac_pm_task_id_t task);
00959
00960 int rsbac_pm_create_file(const char * filename,
00961 int mode,
00962 rsbac_pm_object_class_id_t object_class);
00963
00964
00965
00966 int rsbac_daz_flush_cache(void);
00967
00968
00969
00970 int rsbac_rc_copy_role(
00971 rsbac_list_ta_number_t ta_number,
00972 rsbac_rc_role_id_t from_role,
00973 rsbac_rc_role_id_t to_role);
00974
00975 int rsbac_rc_copy_type(
00976 rsbac_list_ta_number_t ta_number,
00977 enum rsbac_target_t target,
00978 rsbac_rc_type_id_t from_type,
00979 rsbac_rc_type_id_t to_type);
00980
00981 int rsbac_rc_get_item(
00982 rsbac_list_ta_number_t ta_number,
00983 enum rsbac_rc_target_t target,
00984 union rsbac_rc_target_id_t * tid_p,
00985 union rsbac_rc_target_id_t * subtid_p,
00986 enum rsbac_rc_item_t item,
00987 union rsbac_rc_item_value_t * value_p,
00988 rsbac_time_t * ttl_p);
00989
00990
00991 int rsbac_rc_set_item(
00992 rsbac_list_ta_number_t ta_number,
00993 enum rsbac_rc_target_t target,
00994 union rsbac_rc_target_id_t * tid_p,
00995 union rsbac_rc_target_id_t * subtid_p,
00996 enum rsbac_rc_item_t item,
00997 union rsbac_rc_item_value_t * value_p,
00998 rsbac_time_t ttl);
00999
01000 int rsbac_rc_get_list(
01001 rsbac_list_ta_number_t ta_number,
01002 enum rsbac_rc_target_t target,
01003 union rsbac_rc_target_id_t * tid_p,
01004 enum rsbac_rc_item_t item,
01005 u_int maxnum,
01006 __u32 * array_p,
01007 rsbac_time_t * ttl_array_p);
01008
01009 int rsbac_rc_change_role (rsbac_rc_role_id_t role);
01010
01011 int rsbac_rc_get_eff_rights_n(
01012 rsbac_list_ta_number_t ta_number,
01013 enum rsbac_target_t target,
01014 char * t_name,
01015 rsbac_rc_request_vector_t * request_vector_p,
01016 rsbac_time_t * ttl_p);
01017
01018 int rsbac_rc_get_current_role (rsbac_rc_role_id_t * role_p);
01019
01020
01021
01022
01023
01024 int rsbac_auth_add_p_cap(
01025 rsbac_list_ta_number_t ta_number,
01026 rsbac_pid_t pid,
01027 enum rsbac_auth_cap_type_t cap_type,
01028 struct rsbac_auth_cap_range_t cap_range,
01029 rsbac_time_t ttl);
01030
01031 int rsbac_auth_remove_p_cap(
01032 rsbac_list_ta_number_t ta_number,
01033 rsbac_pid_t pid,
01034 enum rsbac_auth_cap_type_t cap_type,
01035 struct rsbac_auth_cap_range_t cap_range);
01036
01037 int rsbac_auth_add_f_cap(
01038 rsbac_list_ta_number_t ta_number,
01039 char * filename,
01040 enum rsbac_auth_cap_type_t cap_type,
01041 struct rsbac_auth_cap_range_t cap_range,
01042 rsbac_time_t ttl);
01043
01044 int rsbac_auth_remove_f_cap(
01045 rsbac_list_ta_number_t ta_number,
01046 char * filename,
01047 enum rsbac_auth_cap_type_t cap_type,
01048 struct rsbac_auth_cap_range_t cap_range);
01049
01050
01051 int rsbac_auth_get_f_caplist(
01052 rsbac_list_ta_number_t ta_number,
01053 char * filename,
01054 enum rsbac_auth_cap_type_t cap_type,
01055 struct rsbac_auth_cap_range_t caplist[],
01056 rsbac_time_t ttllist[],
01057 u_int maxnum);
01058
01059 int rsbac_auth_get_p_caplist(
01060 rsbac_list_ta_number_t ta_number,
01061 rsbac_pid_t pid,
01062 enum rsbac_auth_cap_type_t cap_type,
01063 struct rsbac_auth_cap_range_t caplist[],
01064 rsbac_time_t ttllist[],
01065 u_int maxnum);
01066
01067
01068
01069
01070 int rsbac_reg(rsbac_reg_handle_t handle,
01071 void * arg);
01072
01073
01074
01075
01076
01077 int rsbac_acl(
01078 rsbac_list_ta_number_t ta_number,
01079 enum rsbac_acl_syscall_type_t call,
01080 struct rsbac_acl_syscall_arg_t * arg);
01081
01082 int rsbac_acl_n(
01083 rsbac_list_ta_number_t ta_number,
01084 enum rsbac_acl_syscall_type_t call,
01085 struct rsbac_acl_syscall_n_arg_t * arg);
01086
01087 int rsbac_acl_get_rights(
01088 rsbac_list_ta_number_t ta_number,
01089 struct rsbac_acl_syscall_arg_t * arg,
01090 rsbac_acl_rights_vector_t * rights_p,
01091 u_int effective);
01092
01093
01094 int rsbac_acl_get_rights_n(
01095 rsbac_list_ta_number_t ta_number,
01096 struct rsbac_acl_syscall_n_arg_t * arg,
01097 rsbac_acl_rights_vector_t * rights_p,
01098 u_int effective);
01099
01100 int rsbac_acl_get_tlist (
01101 rsbac_list_ta_number_t ta_number,
01102 enum rsbac_target_t target,
01103 union rsbac_target_id_t * tid,
01104 struct rsbac_acl_entry_t entry_array[],
01105 rsbac_time_t ttl_array[],
01106 u_int maxnum);
01107
01108 int rsbac_acl_get_tlist_n(
01109 rsbac_list_ta_number_t ta_number,
01110 enum rsbac_target_t target,
01111 char * t_name,
01112 struct rsbac_acl_entry_t entry_array[],
01113 rsbac_time_t ttl_array[],
01114 u_int maxnum);
01115
01116 int rsbac_acl_get_mask (
01117 rsbac_list_ta_number_t ta_number,
01118 enum rsbac_target_t target,
01119 union rsbac_target_id_t * tid,
01120 rsbac_acl_rights_vector_t * mask_p);
01121
01122 int rsbac_acl_get_mask_n(
01123 rsbac_list_ta_number_t ta_number,
01124 enum rsbac_target_t target,
01125 char * t_name,
01126 rsbac_acl_rights_vector_t * mask_p);
01127
01128
01129
01130 int rsbac_acl_group(
01131 rsbac_list_ta_number_t ta_number,
01132 enum rsbac_acl_group_syscall_type_t call,
01133 union rsbac_acl_group_syscall_arg_t * arg_p);
01134
01135
01136
01137
01138
01139 int rsbac_jail(rsbac_version_t version,
01140 char * path,
01141 rsbac_jail_ip_t ip,
01142 rsbac_jail_flags_t flags,
01143 rsbac_cap_vector_t max_caps);
01144
01145
01146
01147
01148 int rsbac_um_auth_name(char * name,
01149 char * pass);
01150
01151 int rsbac_um_auth_uid(rsbac_uid_t uid,
01152 char * pass);
01153
01154 int rsbac_um_add_user(
01155 rsbac_list_ta_number_t ta_number,
01156 rsbac_uid_t uid,
01157 struct rsbac_um_user_entry_t * entry_p,
01158 char * pass,
01159 rsbac_time_t ttl);
01160
01161 int rsbac_um_add_group(
01162 rsbac_list_ta_number_t ta_number,
01163 rsbac_gid_t gid,
01164 struct rsbac_um_group_entry_t * entry_p,
01165 char * pass,
01166 rsbac_time_t ttl);
01167
01168 int rsbac_um_add_gm(
01169 rsbac_list_ta_number_t ta_number,
01170 rsbac_uid_t uid,
01171 rsbac_gid_t gid,
01172 rsbac_time_t ttl);
01173
01174 int rsbac_um_mod_user(
01175 rsbac_list_ta_number_t ta_number,
01176 rsbac_uid_t uid,
01177 enum rsbac_um_mod_t mod,
01178 union rsbac_um_mod_data_t * data_p);
01179
01180 int rsbac_um_mod_group(
01181 rsbac_list_ta_number_t ta_number,
01182 rsbac_gid_t gid,
01183 enum rsbac_um_mod_t mod,
01184 union rsbac_um_mod_data_t * data_p);
01185
01186 int rsbac_um_get_user_item(
01187 rsbac_list_ta_number_t ta_number,
01188 rsbac_uid_t uid,
01189 enum rsbac_um_mod_t mod,
01190 union rsbac_um_mod_data_t * data_p);
01191
01192 int rsbac_um_get_group_item(
01193 rsbac_list_ta_number_t ta_number,
01194 rsbac_gid_t gid,
01195 enum rsbac_um_mod_t mod,
01196 union rsbac_um_mod_data_t * data_p);
01197
01198 int rsbac_um_remove_user(
01199 rsbac_list_ta_number_t ta_number,
01200 rsbac_uid_t uid);
01201
01202 int rsbac_um_remove_group(
01203 rsbac_list_ta_number_t ta_number,
01204 rsbac_gid_t gid);
01205
01206 int rsbac_um_remove_gm(
01207 rsbac_list_ta_number_t ta_number,
01208 rsbac_uid_t uid,
01209 rsbac_gid_t gid);
01210
01211 int rsbac_um_user_exists(
01212 rsbac_list_ta_number_t ta_number,
01213 rsbac_uid_t uid);
01214
01215 int rsbac_um_group_exists(
01216 rsbac_list_ta_number_t ta_number,
01217 rsbac_gid_t gid);
01218
01219 int rsbac_um_get_next_user(
01220 rsbac_list_ta_number_t ta_number,
01221 rsbac_uid_t old_user,
01222 rsbac_uid_t * next_user_p);
01223
01224 int rsbac_um_get_user_list(
01225 rsbac_list_ta_number_t ta_number,
01226 rsbac_uid_t user_array[],
01227 u_int maxnum);
01228
01229 int rsbac_um_get_gm_list(
01230 rsbac_list_ta_number_t ta_number,
01231 rsbac_uid_t user,
01232 rsbac_gid_t group_array[],
01233 u_int maxnum);
01234
01235 int rsbac_um_get_gm_user_list(
01236 rsbac_list_ta_number_t ta_number,
01237 rsbac_gid_t group,
01238 rsbac_uid_t user_array[],
01239 u_int maxnum);
01240
01241 int rsbac_um_get_group_list(
01242 rsbac_list_ta_number_t ta_number,
01243 rsbac_gid_t group_array[],
01244 u_int maxnum);
01245
01246 int rsbac_um_get_uid(
01247 rsbac_list_ta_number_t ta_number,
01248 char * name,
01249 rsbac_uid_t * uid_p);
01250
01251 int rsbac_um_get_gid(
01252 rsbac_list_ta_number_t ta_number,
01253 char * name,
01254 rsbac_gid_t * gid_p);
01255
01256 int rsbac_um_set_pass(rsbac_uid_t uid,
01257 char * old_pass,
01258 char * new_pass);
01259
01260 int rsbac_um_set_pass_name(char * name,
01261 char * old_pass,
01262 char * new_pass);
01263
01264 int rsbac_um_set_group_pass(rsbac_gid_t gid,
01265 char * new_pass);
01266
01267 int rsbac_um_check_account(rsbac_uid_t uid);
01268
01269 int rsbac_um_check_account_name(char * name);
01270
01271 int rsbac_list_ta_begin(rsbac_time_t ttl,
01272 rsbac_list_ta_number_t * ta_number_p,
01273 rsbac_uid_t commit_uid,
01274 char * password);
01275
01276 int rsbac_list_ta_refresh(rsbac_time_t ttl,
01277 rsbac_list_ta_number_t ta_number,
01278 char * password);
01279
01280 int rsbac_list_ta_commit(rsbac_list_ta_number_t ta_number,
01281 char * password);
01282
01283 int rsbac_list_ta_forget(rsbac_list_ta_number_t ta_number,
01284 char * password);
01285
01286
01287
01288
01289
01290 int rsbac_adf_log_switch(enum rsbac_adf_request_t request,
01291 enum rsbac_target_t target,
01292 u_int value);
01293
01294 int rsbac_get_adf_log(enum rsbac_adf_request_t request,
01295 enum rsbac_target_t target,
01296 u_int * value_p);
01297
01298
01299
01300
01301
01302
01303
01304
01305
01306
01307
01308 int rsbac_log(int type,
01309 char * buf,
01310 int len);
01311
01312 int rsbac_init(char * root_dev);
01313
01314 #endif
01315
01316 #endif
