00001
00002
00003
00004
00005
00006
00007 #include <linux/config.h>
00008 #include <linux/module.h>
00009 #include <linux/types.h>
00010 #include <linux/kernel.h>
00011 #include <linux/string.h>
00012 #include <linux/fs.h>
00013 #include <rsbac/types.h>
00014 #include <rsbac/reg.h>
00015 #include <rsbac/adf.h>
00016 #include <rsbac/aci.h>
00017 #include <rsbac/getname.h>
00018 #include <rsbac/error.h>
00019 #include <rsbac/proc_fs.h>
00020
00021 static u_long nr_request_calls = 0;
00022 static u_long nr_set_attr_calls = 0;
00023 static u_long nr_need_overwrite_calls = 0;
00024 static u_long nr_system_calls = 0;
00025 static void * system_call_arg = NULL;
00026
00027 MODULE_AUTHOR("Amon Ott");
00028 MODULE_DESCRIPTION("RSBAC REG sample decision module 1");
00029 MODULE_LICENSE("GPL");
00030
00031 MODULE_PARM(name, "s");
00032 static char * name = NULL;
00033 static char dummy_buf[70]="To protect against wrong insmod params";
00034
00035 MODULE_PARM(syscall_name, "s");
00036 static char * syscall_name = NULL;
00037 static char dummy_buf2[70]="To protect against wrong insmod params";
00038
00039 MODULE_PARM(handle, "l");
00040 static long handle = 123456;
00041
00042 MODULE_PARM(syscall_registration_handle, "l");
00043 static long syscall_registration_handle = 654321;
00044 MODULE_PARM(syscall_dispatcher_handle, "l");
00045 static long syscall_dispatcher_handle = 1;
00046
00047
00048
00049 #if defined(CONFIG_RSBAC_PROC)
00050 #define PROC_NAME "reg_sample1"
00051 static struct proc_dir_entry * proc_reg_sample_p;
00052
00053 static int
00054 adf_sample_proc_info(char *buffer, char **start, off_t offset, int length)
00055 {
00056 int len = 0;
00057 off_t pos = 0;
00058 off_t begin = 0;
00059
00060 union rsbac_target_id_t rsbac_target_id;
00061 union rsbac_attribute_value_t rsbac_attribute_value;
00062
00063 if (!rsbac_is_initialized())
00064 return (-ENOSYS);
00065
00066 rsbac_target_id.scd = ST_rsbac;
00067 rsbac_attribute_value.dummy = 0;
00068 if (!rsbac_adf_request(R_GET_STATUS_DATA,
00069 current->pid,
00070 T_SCD,
00071 rsbac_target_id,
00072 A_none,
00073 rsbac_attribute_value))
00074 {
00075 return -EPERM;
00076 }
00077 len += sprintf(buffer, "RSBAC REG decision module sample 1\n----------------------------------\n");
00078 pos = begin + len;
00079 if (pos < offset)
00080 {
00081 len = 0;
00082 begin = pos;
00083 }
00084 if (pos > offset+length)
00085 goto out;
00086
00087 len += sprintf(buffer + len, "%lu calls to request function.\n",
00088 nr_request_calls);
00089 pos = begin + len;
00090 if (pos < offset)
00091 {
00092 len = 0;
00093 begin = pos;
00094 }
00095 if (pos > offset+length)
00096 goto out;
00097
00098 len += sprintf(buffer + len, "%lu calls to set_attr function.\n",
00099 nr_set_attr_calls);
00100 pos = begin + len;
00101 if (pos < offset)
00102 {
00103 len = 0;
00104 begin = pos;
00105 }
00106 if (pos > offset+length)
00107 goto out;
00108
00109 len += sprintf(buffer + len, "%lu calls to need_overwrite function.\n",
00110 nr_need_overwrite_calls);
00111 pos = begin + len;
00112 if (pos < offset)
00113 {
00114 len = 0;
00115 begin = pos;
00116 }
00117 if (pos > offset+length)
00118 goto out;
00119
00120 len += sprintf(buffer + len, "%lu calls to system_call function %lu, last arg was %p.\n",
00121 nr_system_calls,
00122 syscall_dispatcher_handle,
00123 system_call_arg);
00124 pos = begin + len;
00125 if (pos < offset)
00126 {
00127 len = 0;
00128 begin = pos;
00129 }
00130 if (pos > offset+length)
00131 goto out;
00132
00133 out:
00134 *start = buffer + (offset - begin);
00135 len -= (offset - begin);
00136
00137 if (len > length)
00138 len = length;
00139 return len;
00140 }
00141 #endif
00142
00143
00144
00145 static int request_func ( enum rsbac_adf_request_t request,
00146 rsbac_pid_t owner_pid,
00147 enum rsbac_target_t target,
00148 union rsbac_target_id_t tid,
00149 enum rsbac_attribute_t attr,
00150 union rsbac_attribute_value_t attr_val,
00151 rsbac_uid_t owner)
00152 {
00153
00154 if(request != R_SEARCH)
00155 nr_request_calls++;
00156 return GRANTED;
00157 }
00158
00159 static int set_attr_func ( enum rsbac_adf_request_t request,
00160 rsbac_pid_t owner_pid,
00161 enum rsbac_target_t target,
00162 union rsbac_target_id_t tid,
00163 enum rsbac_target_t new_target,
00164 union rsbac_target_id_t new_tid,
00165 enum rsbac_attribute_t attr,
00166 union rsbac_attribute_value_t attr_val,
00167 rsbac_uid_t owner)
00168 {
00169
00170 if(request != R_SEARCH)
00171 nr_set_attr_calls++;
00172 return 0;
00173 }
00174
00175 static rsbac_boolean_t need_overwrite_func (struct dentry * dentry_p)
00176 {
00177 nr_need_overwrite_calls++;
00178 return FALSE;
00179 }
00180
00181 static int syscall_func (void * arg)
00182 {
00183 nr_system_calls++;
00184 system_call_arg = arg;
00185 return nr_system_calls;
00186 }
00187
00188
00189
00190 int init_module(void)
00191 {
00192 struct rsbac_reg_entry_t entry;
00193 struct rsbac_reg_syscall_entry_t syscall_entry;
00194
00195 if(!handle)
00196 handle = 123456;
00197 if(!syscall_registration_handle)
00198 syscall_registration_handle = 654321;
00199 if(!syscall_dispatcher_handle)
00200 syscall_dispatcher_handle = 1;
00201
00202 printk(KERN_INFO "RSBAC REG decision module sample 1: Initializing.\n");
00203
00204
00205 memset(&entry, 0, sizeof(entry));
00206 memset(&syscall_entry, 0, sizeof(syscall_entry));
00207
00208 if((dummy_buf[0] != 'T') || (dummy_buf2[0] != 'T'))
00209 {
00210 printk(KERN_WARNING "RSBAC REG decision module sample 1: Not loaded due to invalid param string.\n");
00211 return -ENOEXEC;
00212 }
00213 if(name)
00214 {
00215 strncpy(entry.name, name, RSBAC_REG_NAME_LEN);
00216 entry.name[RSBAC_REG_NAME_LEN] = 0;
00217 }
00218 else
00219 strcpy(entry.name, "RSBAC REG sample 1 ADF module");
00220 printk(KERN_INFO "RSBAC REG decision module sample 1: REG Version: %u, Name: %s, Handle: %li\n",
00221 RSBAC_REG_VERSION, entry.name, handle);
00222
00223 entry.handle = handle;
00224 entry.request_func = request_func;
00225 entry.set_attr_func = set_attr_func;
00226 entry.need_overwrite_func = need_overwrite_func;
00227 entry.switch_on = TRUE;
00228 printk(KERN_INFO "RSBAC REG decision module sample 1: Registering to ADF.\n");
00229 if(rsbac_reg_register(RSBAC_REG_VERSION, entry) < 0)
00230 {
00231 printk(KERN_WARNING "RSBAC REG decision module sample 1: Registering failed. Unloading.\n");
00232 return -ENOEXEC;
00233 }
00234
00235 if(syscall_name)
00236 {
00237 strncpy(syscall_entry.name, syscall_name, RSBAC_REG_NAME_LEN);
00238 syscall_entry.name[RSBAC_REG_NAME_LEN] = 0;
00239 }
00240 else
00241 strcpy(syscall_entry.name, "RSBAC REG sample 1 syscall");
00242 printk(KERN_INFO "RSBAC REG decision module sample 1: REG Version: %u, Name: %s, Dispatcher Handle: %li\n",
00243 RSBAC_REG_VERSION, syscall_entry.name, syscall_dispatcher_handle);
00244
00245 syscall_entry.registration_handle = syscall_registration_handle;
00246 syscall_entry.dispatcher_handle = syscall_dispatcher_handle;
00247 syscall_entry.syscall_func = syscall_func;
00248 printk(KERN_INFO "RSBAC REG decision module sample 1: Registering syscall.\n");
00249 syscall_registration_handle = rsbac_reg_register_syscall(RSBAC_REG_VERSION, syscall_entry);
00250 if(syscall_registration_handle < 0)
00251 {
00252 printk(KERN_WARNING "RSBAC REG decision module sample 1: Registering syscall failed. Unloading.\n");
00253 if(rsbac_reg_unregister(handle))
00254 {
00255 printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering failed - beware of possible system failure!\n");
00256 }
00257 return -ENOEXEC;
00258 }
00259
00260 #if defined(CONFIG_RSBAC_PROC)
00261 proc_reg_sample_p = create_proc_entry(PROC_NAME,
00262 S_IFREG | S_IRUGO,
00263 proc_rsbac_root_p);
00264 if(!proc_reg_sample_p)
00265 {
00266 printk(KERN_WARNING "%s: Not loaded due to failed proc entry registering.\n", name);
00267 if(rsbac_reg_unregister(handle))
00268 {
00269 printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering failed - beware of possible system failure!\n");
00270 }
00271 if(rsbac_reg_unregister_syscall(syscall_registration_handle))
00272 {
00273 printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering syscall failed - beware of possible system failure!\n");
00274 }
00275 return -ENOEXEC;
00276 }
00277 proc_reg_sample_p->get_info = adf_sample_proc_info;
00278 #endif
00279
00280 printk(KERN_INFO "RSBAC REG decision module sample 1: Loaded.\n");
00281
00282 return 0;
00283 }
00284
00285 void cleanup_module(void)
00286 {
00287 printk(KERN_INFO "RSBAC REG decision module sample 1: Unregistering.\n");
00288 #if defined(CONFIG_RSBAC_PROC)
00289 remove_proc_entry(PROC_NAME, proc_rsbac_root_p);
00290 #endif
00291 if(rsbac_reg_unregister_syscall(syscall_registration_handle))
00292 {
00293 printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering syscall failed - beware of possible system failure!\n");
00294 }
00295 if(rsbac_reg_unregister(handle))
00296 {
00297 printk(KERN_ERR "RSBAC REG decision module sample 1: Unregistering failed - beware of possible system failure!\n");
00298 }
00299 printk(KERN_INFO "RSBAC REG decision module sample 1: Unloaded.\n");
00300 }
