| 1 |
/* |
| 2 |
* security/caitsith/caitsith.h |
| 3 |
* |
| 4 |
* Copyright (C) 2005-2012 NTT DATA CORPORATION |
| 5 |
*/ |
| 6 |
|
| 7 |
#ifndef _SECURITY_CAITSITH_INTERNAL_H |
| 8 |
#define _SECURITY_CAITSITH_INTERNAL_H |
| 9 |
|
| 10 |
#include <linux/security.h> |
| 11 |
#include <linux/binfmts.h> |
| 12 |
#include <linux/namei.h> |
| 13 |
#include <linux/kthread.h> |
| 14 |
#include <linux/uaccess.h> |
| 15 |
#include <linux/file.h> |
| 16 |
#include <linux/ctype.h> /* isdigit()/isxdigit() */ |
| 17 |
#include <linux/kmod.h> |
| 18 |
#include <uapi/linux/magic.h> /* PROC_SUPER_MAGIC */ |
| 19 |
|
| 20 |
/* Enumeration definition for internal use. */ |
| 21 |
|
| 22 |
/* Index numbers for "struct cs_condition". */ |
| 23 |
enum cs_conditions_index { |
| 24 |
CS_INVALID_CONDITION, |
| 25 |
CS_SELF_EXE, |
| 26 |
CS_COND_SARG0, |
| 27 |
CS_COND_SARG1, |
| 28 |
CS_IMM_NAME_ENTRY, |
| 29 |
} __packed; |
| 30 |
|
| 31 |
/* Index numbers for functionality. */ |
| 32 |
enum cs_mac_index { |
| 33 |
CS_MAC_EXECUTE, |
| 34 |
CS_MAC_MODIFY_POLICY, |
| 35 |
CS_MAX_MAC_INDEX, |
| 36 |
} __packed; |
| 37 |
|
| 38 |
/* Index numbers for statistic information. */ |
| 39 |
enum cs_memory_stat_type { |
| 40 |
CS_MEMORY_POLICY, |
| 41 |
CS_MAX_MEMORY_STAT |
| 42 |
} __packed; |
| 43 |
|
| 44 |
enum cs_matching_result { |
| 45 |
CS_MATCHING_UNMATCHED, |
| 46 |
CS_MATCHING_ALLOWED, |
| 47 |
CS_MATCHING_DENIED, |
| 48 |
CS_MAX_MATCHING |
| 49 |
} __packed; |
| 50 |
|
| 51 |
/* Index numbers for entry type. */ |
| 52 |
enum cs_policy_id { |
| 53 |
CS_ID_CONDITION, |
| 54 |
CS_ID_NAME, |
| 55 |
CS_ID_ACL, |
| 56 |
CS_MAX_POLICY |
| 57 |
} __packed; |
| 58 |
|
| 59 |
/* Index numbers for statistic information. */ |
| 60 |
enum cs_policy_stat_type { |
| 61 |
CS_STAT_POLICY_UPDATES, |
| 62 |
CS_STAT_REQUEST_DENIED, |
| 63 |
CS_MAX_POLICY_STAT |
| 64 |
} __packed; |
| 65 |
|
| 66 |
/* Index numbers for /sys/kernel/security/caitsith/ interfaces. */ |
| 67 |
enum cs_securityfs_interface_index { |
| 68 |
CS_POLICY, |
| 69 |
CS_VERSION, |
| 70 |
} __packed; |
| 71 |
|
| 72 |
/* Constants definition for internal use. */ |
| 73 |
|
| 74 |
/* |
| 75 |
* CaitSith uses this hash only when appending a string into the string table. |
| 76 |
* Frequency of appending strings is very low. So we don't need large (e.g. |
| 77 |
* 64k) hash size. 256 will be sufficient. |
| 78 |
*/ |
| 79 |
#define CS_HASH_BITS 8 |
| 80 |
#define CS_MAX_HASH (1u << CS_HASH_BITS) |
| 81 |
|
| 82 |
/* Size of temporary buffer for execve() operation. */ |
| 83 |
#define CS_EXEC_TMPSIZE 4096 |
| 84 |
|
| 85 |
/* Garbage collector is trying to kfree() this element. */ |
| 86 |
#define CS_GC_IN_PROGRESS -1 |
| 87 |
|
| 88 |
/* Size of read buffer for /sys/kernel/security/caitsith/ interface. */ |
| 89 |
#define CS_MAX_IO_READ_QUEUE 64 |
| 90 |
|
| 91 |
/* Structure definition for internal use. */ |
| 92 |
|
| 93 |
/* Common header for shared entries. */ |
| 94 |
struct cs_shared_acl_head { |
| 95 |
struct list_head list; |
| 96 |
atomic_t users; |
| 97 |
} __packed; |
| 98 |
|
| 99 |
/* Common header for individual entries. */ |
| 100 |
struct cs_acl_info { |
| 101 |
struct list_head list; |
| 102 |
struct list_head acl_info_list; |
| 103 |
struct cs_condition *cond; /* Maybe NULL. */ |
| 104 |
bool is_deleted; |
| 105 |
bool is_deny; |
| 106 |
u16 priority; |
| 107 |
}; |
| 108 |
|
| 109 |
/* Structure for entries which follows "struct cs_condition". */ |
| 110 |
union cs_condition_element { |
| 111 |
struct { |
| 112 |
enum cs_conditions_index left; |
| 113 |
enum cs_conditions_index right; |
| 114 |
bool is_not; |
| 115 |
}; |
| 116 |
const struct cs_path_info *path; |
| 117 |
}; |
| 118 |
|
| 119 |
/* Structure for optional arguments. */ |
| 120 |
struct cs_condition { |
| 121 |
struct cs_shared_acl_head head; |
| 122 |
u32 size; /* Memory size allocated for this entry. */ |
| 123 |
/* union cs_condition_element condition[]; */ |
| 124 |
}; |
| 125 |
|
| 126 |
/* Structure for holding a token. */ |
| 127 |
struct cs_path_info { |
| 128 |
const char *name; |
| 129 |
u32 hash; /* = full_name_hash(name, strlen(name)) */ |
| 130 |
u32 total_len; /* = strlen(name) */ |
| 131 |
u32 const_len; /* = cs_const_part_length(name) */ |
| 132 |
}; |
| 133 |
|
| 134 |
/* Structure for request info. */ |
| 135 |
struct cs_request_info { |
| 136 |
/* For holding parameters. */ |
| 137 |
struct cs_request_param { |
| 138 |
const struct cs_path_info *s[2]; |
| 139 |
} param; |
| 140 |
/* For holding pathnames and attributes. */ |
| 141 |
struct { |
| 142 |
/* Pointer to file objects. */ |
| 143 |
struct path path[2]; |
| 144 |
/* |
| 145 |
* Name of @path[0] and @path[1]. |
| 146 |
* Cleared by cs_clear_request_info(). |
| 147 |
*/ |
| 148 |
struct cs_path_info pathname[2]; |
| 149 |
} obj; |
| 150 |
struct { |
| 151 |
struct linux_binprm *bprm; |
| 152 |
/* For temporary use. Size is CS_EXEC_TMPSIZE bytes. */ |
| 153 |
char *tmp; |
| 154 |
}; |
| 155 |
/* |
| 156 |
* Name of current thread's executable. |
| 157 |
* Cleared by cs_clear_request_info(). |
| 158 |
*/ |
| 159 |
struct cs_path_info exename; |
| 160 |
/* |
| 161 |
* Matching "struct cs_acl_info" is copied. Used for caitsith-queryd. |
| 162 |
* Valid until cs_read_unlock(). |
| 163 |
*/ |
| 164 |
struct cs_acl_info *matched_acl; |
| 165 |
/* |
| 166 |
* For holding operation index used for this request. |
| 167 |
* One of values in "enum cs_mac_index". |
| 168 |
*/ |
| 169 |
enum cs_mac_index type; |
| 170 |
/* For holding matching result. */ |
| 171 |
enum cs_matching_result result; |
| 172 |
/* |
| 173 |
* Set to true if condition could not be checked due to out of memory. |
| 174 |
* This flag is used for returning out of memory flag back to |
| 175 |
* cs_check_acl_list(). Thus, this flag will not be set if out of |
| 176 |
* memory occurred before cs_check_acl_list() is called. |
| 177 |
*/ |
| 178 |
bool failed_by_oom; |
| 179 |
}; |
| 180 |
|
| 181 |
/* Structure for holding string data. */ |
| 182 |
struct cs_name { |
| 183 |
struct cs_shared_acl_head head; |
| 184 |
int size; /* Memory size allocated for this entry. */ |
| 185 |
struct cs_path_info entry; |
| 186 |
}; |
| 187 |
|
| 188 |
/* |
| 189 |
* Structure for reading/writing policy via /sys/kernel/security/caitsith/ |
| 190 |
* interfaces. |
| 191 |
*/ |
| 192 |
struct cs_io_buffer { |
| 193 |
/* Exclusive lock for this structure. */ |
| 194 |
struct mutex io_sem; |
| 195 |
char __user *read_user_buf; |
| 196 |
size_t read_user_buf_avail; |
| 197 |
struct { |
| 198 |
struct list_head *acl; |
| 199 |
struct list_head *subacl; |
| 200 |
const union cs_condition_element *cond; |
| 201 |
size_t avail; |
| 202 |
unsigned int step; |
| 203 |
u16 index; |
| 204 |
u8 cond_step; |
| 205 |
u8 w_pos; |
| 206 |
enum cs_mac_index acl_index; |
| 207 |
bool eof; |
| 208 |
bool version_done; |
| 209 |
bool stat_done; |
| 210 |
const char *w[CS_MAX_IO_READ_QUEUE]; |
| 211 |
} r; |
| 212 |
struct { |
| 213 |
char *data; |
| 214 |
struct cs_acl_info *acl; |
| 215 |
size_t avail; |
| 216 |
enum cs_mac_index acl_index; |
| 217 |
bool is_delete; |
| 218 |
bool is_deny; |
| 219 |
u16 priority; |
| 220 |
} w; |
| 221 |
/* Buffer for reading. */ |
| 222 |
char *read_buf; |
| 223 |
/* Size of read buffer. */ |
| 224 |
size_t readbuf_size; |
| 225 |
/* Buffer for writing. */ |
| 226 |
char *write_buf; |
| 227 |
/* Size of write buffer. */ |
| 228 |
size_t writebuf_size; |
| 229 |
/* Type of interface. */ |
| 230 |
enum cs_securityfs_interface_index type; |
| 231 |
/* Users counter protected by cs_io_buffer_list_lock. */ |
| 232 |
u8 users; |
| 233 |
/* List for telling GC not to kfree() elements. */ |
| 234 |
struct list_head list; |
| 235 |
}; |
| 236 |
|
| 237 |
/* Structure for representing YYYY/MM/DD hh/mm/ss. */ |
| 238 |
struct cs_time { |
| 239 |
u16 year; |
| 240 |
u8 month; |
| 241 |
u8 day; |
| 242 |
u8 hour; |
| 243 |
u8 min; |
| 244 |
u8 sec; |
| 245 |
}; |
| 246 |
|
| 247 |
/* Prototype definition for internal use. */ |
| 248 |
|
| 249 |
void __init cs_init_module(void); |
| 250 |
void cs_load_policy(const char *filename); |
| 251 |
void cs_check_profile(void); |
| 252 |
bool cs_get_exename(struct cs_path_info *buf); |
| 253 |
bool cs_manager(void); |
| 254 |
char *cs_encode(const char *str); |
| 255 |
char *cs_realpath(const struct path *path); |
| 256 |
char *cs_get_exe(void); |
| 257 |
int cs_audit_log(struct cs_request_info *r); |
| 258 |
int cs_check_acl(struct cs_request_info *r, const bool clear); |
| 259 |
void cs_del_condition(struct list_head *element); |
| 260 |
void cs_fill_path_info(struct cs_path_info *ptr); |
| 261 |
void cs_notify_gc(struct cs_io_buffer *head, const bool is_register); |
| 262 |
void cs_populate_patharg(struct cs_request_info *r, const bool first); |
| 263 |
void cs_warn_oom(const char *function); |
| 264 |
int cs_start_execve(struct linux_binprm *bprm); |
| 265 |
|
| 266 |
/* Variable definition for internal use. */ |
| 267 |
|
| 268 |
extern bool cs_policy_loaded; |
| 269 |
extern struct cs_path_info cs_null_name; |
| 270 |
extern struct list_head cs_acl_list[CS_MAX_MAC_INDEX]; |
| 271 |
extern struct list_head cs_condition_list; |
| 272 |
extern struct list_head cs_name_list[CS_MAX_HASH]; |
| 273 |
extern struct mutex cs_policy_lock; |
| 274 |
extern struct srcu_struct cs_ss; |
| 275 |
extern unsigned int cs_memory_used[CS_MAX_MEMORY_STAT]; |
| 276 |
|
| 277 |
/* Inlined functions for internal use. */ |
| 278 |
|
| 279 |
/** |
| 280 |
* cs_pathcmp - strcmp() for "struct cs_path_info" structure. |
| 281 |
* |
| 282 |
* @a: Pointer to "struct cs_path_info". |
| 283 |
* @b: Pointer to "struct cs_path_info". |
| 284 |
* |
| 285 |
* Returns true if @a != @b, false otherwise. |
| 286 |
*/ |
| 287 |
static inline bool cs_pathcmp(const struct cs_path_info *a, |
| 288 |
const struct cs_path_info *b) |
| 289 |
{ |
| 290 |
return a->hash != b->hash || strcmp(a->name, b->name); |
| 291 |
} |
| 292 |
|
| 293 |
/** |
| 294 |
* cs_read_lock - Take lock for protecting policy. |
| 295 |
* |
| 296 |
* Returns index number for cs_read_unlock(). |
| 297 |
*/ |
| 298 |
static inline int cs_read_lock(void) |
| 299 |
{ |
| 300 |
return srcu_read_lock(&cs_ss); |
| 301 |
} |
| 302 |
|
| 303 |
/** |
| 304 |
* cs_read_unlock - Release lock for protecting policy. |
| 305 |
* |
| 306 |
* @idx: Index number returned by cs_read_lock(). |
| 307 |
* |
| 308 |
* Returns nothing. |
| 309 |
*/ |
| 310 |
static inline void cs_read_unlock(const int idx) |
| 311 |
{ |
| 312 |
srcu_read_unlock(&cs_ss, idx); |
| 313 |
} |
| 314 |
|
| 315 |
/** |
| 316 |
* cs_put_condition - Drop reference on "struct cs_condition". |
| 317 |
* |
| 318 |
* @cond: Pointer to "struct cs_condition". Maybe NULL. |
| 319 |
* |
| 320 |
* Returns nothing. |
| 321 |
*/ |
| 322 |
static inline void cs_put_condition(struct cs_condition *cond) |
| 323 |
{ |
| 324 |
if (cond) |
| 325 |
atomic_dec(&cond->head.users); |
| 326 |
} |
| 327 |
|
| 328 |
/** |
| 329 |
* cs_put_name - Drop reference on "struct cs_name". |
| 330 |
* |
| 331 |
* @name: Pointer to "struct cs_path_info". Maybe NULL. |
| 332 |
* |
| 333 |
* Returns nothing. |
| 334 |
*/ |
| 335 |
static inline void cs_put_name(const struct cs_path_info *name) |
| 336 |
{ |
| 337 |
if (name) |
| 338 |
atomic_dec(&container_of(name, struct cs_name, entry)-> |
| 339 |
head.users); |
| 340 |
} |
| 341 |
|
| 342 |
#endif |
Parent Directory
Revision Log