From: Kentaro Takeda <takedakn@nttdata.co.jp>
To: akpm@linux-foundation.org
Cc: linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org,
Kentaro Takeda <takedakn@nttdata.co.jp>,
Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Subject: [TOMOYO #6 retry 06/21] Data structures and prototype defitions.
Date: Wed, 09 Jan 2008 09:53:26 +0900 [thread overview]
Message-ID: <20080109005420.552984035@nttdata.co.jp> (raw)
In-Reply-To: 20080109005320.323184643@nttdata.co.jp
Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
---
security/tomoyo/include/realpath.h | 45 ++
security/tomoyo/include/tomoyo.h | 695 +++++++++++++++++++++++++++++++++++++
2 files changed, 740 insertions(+)
--- /dev/null
+++ linux-2.6-mm/security/tomoyo/include/realpath.h
@@ -0,0 +1,45 @@
+/*
+ * security/tomoyo/include/realpath.h
+ *
+ * Get the canonicalized absolute pathnames.
+ * The basis for TOMOYO.
+ */
+
+#ifndef _TMY_REALPATH_H
+#define _TMY_REALPATH_H
+
+#include "tomoyo.h"
+
+struct path_info;
+
+/* Returns realpath(3) of the given pathname but ignores chroot'ed root. */
+int tmy_realpath_dentry2(struct dentry *dentry,
+ struct vfsmount *mnt,
+ char *newname,
+ int newname_len);
+
+/* Returns realpath(3) of the given pathname but ignores chroot'ed root. */
+/* These functions use tmy_alloc(), so caller must tmy_free() */
+/* if these functions didn't return NULL. */
+char *tmy_realpath(const char *pathname);
+char *tmy_realpath_nofollow(const char *pathname);
+char *tmy_realpath_dentry(struct dentry *dentry, struct vfsmount *mnt);
+
+/* Allocate memory for structures. */
+/* The RAM is chunked, so NEVER try to kfree() the returned pointer. */
+void *tmy_alloc_element(const unsigned int size);
+
+/* Get used RAM size for tmy_alloc_elements(). */
+unsigned int tmy_get_memory_used_for_elements(void);
+
+/* Keep the given name on the RAM. */
+/* The RAM is shared, so NEVER try to modify or kfree() the returned name. */
+const struct path_info *tmy_save_name(const char *name);
+
+/* Get used RAM size for tmy_save_name(). */
+unsigned int tmy_get_memory_used_for_save_name(void);
+
+unsigned int tmy_get_memory_used_for_dynamic(void);
+char *sysctlpath_from_table(struct ctl_table *table);
+
+#endif
--- /dev/null
+++ linux-2.6-mm/security/tomoyo/include/tomoyo.h
@@ -0,0 +1,695 @@
+/*
+ * security/tomoyo/include/tomoyo.h
+ *
+ * Header for TOMOYO Linux.
+ */
+
+#ifndef _TOMOYO_H
+#define _TOMOYO_H
+
+#define TOMOYO_VERSION_CODE "2.1.2-pre"
+
+#include <linux/kernel.h>
+#include <linux/sched.h>
+
+#include <asm/ioctls.h>
+#include <linux/audit.h>
+#include <linux/binfmts.h>
+#include <linux/delay.h>
+#include <linux/file.h>
+#include <linux/highmem.h>
+#include <linux/init.h>
+#include <linux/mm.h>
+#include <linux/module.h>
+#include <linux/mount.h>
+#include <linux/namei.h>
+#include <linux/net.h>
+#include <linux/poll.h>
+#include <linux/proc_fs.h>
+#include <linux/security.h>
+#include <linux/seq_file.h>
+#include <linux/slab.h>
+#include <linux/smp_lock.h>
+#include <linux/string.h>
+#include <linux/sysctl.h>
+#include <linux/utime.h>
+#include <linux/version.h>
+#include <linux/inet.h>
+#include <net/ip.h>
+#include <net/ipv6.h>
+#include <stdarg.h>
+#include <linux/uaccess.h>
+#include <linux/hardirq.h>
+#include <linux/mount.h>
+#include <linux/mnt_namespace.h>
+
+/**
+ * list_for_each_cookie - iterate over a list with cookie.
+ * @pos: the &struct list_head to use as a loop cursor.
+ * @cookie: the &struct list_head to use as a cookie.
+ * @head: the head for your list.
+ *
+ * Same with list_for_each except that this primitive uses cookie
+ * so that we can continue iteration.
+ */
+#define list_for_each_cookie(pos, cookie, head) \
+ for ((cookie) || ((cookie) = (head)), pos = (cookie)->next; \
+ prefetch(pos->next), pos != (head) || ((cookie) = NULL); \
+ (cookie) = pos, pos = pos->next)
+
+/**
+ * list_add_tail_mb - add a new entry with memory barrier.
+ * @new: new entry to be added.
+ * @head: list head to add it before.
+ *
+ * Same with list_add_tail_rcu() except that this primitive uses mb()
+ * so that we can traverse forwards using list_for_each() and
+ * list_for_each_cookie().
+ */
+static inline void list_add_tail_mb(struct list_head *new,
+ struct list_head *head)
+{
+ struct list_head *prev = head->prev;
+ struct list_head *next = head;
+ new->next = next;
+ new->prev = prev;
+ mb(); /* Avoid out-of-order execution. */
+ next->prev = new;
+ prev->next = new;
+}
+
+extern struct seq_operations mounts_op;
+extern struct mutex domain_acl_lock;
+extern bool sbin_init_started;
+
+struct tmy_security {
+ struct domain_info *domain;
+ struct domain_info *prev_domain;
+ u32 flags;
+};
+
+#define TMY_SECURITY ((struct tmy_security *) current->security)
+
+struct path_info {
+ const char *name;
+ u32 hash; /* = full_name_hash(name, strlen(name)) */
+ u16 total_len; /* = strlen(name) */
+ u16 const_len; /* = tmy_const_part_length(name) */
+ bool is_dir; /* = tmy_strendswith(name, "/") */
+ bool is_patterned; /* = PathContainsPattern(name) */
+ u16 depth; /* = tmy_path_depth(name) */
+};
+
+#define TMY_MAX_PATHNAME_LEN 4000
+
+struct path_group_member {
+ struct list_head list;
+ const struct path_info *member_name;
+ bool is_deleted;
+};
+
+struct path_group_entry {
+ struct list_head list;
+ const struct path_info *group_name;
+ struct list_head path_group_member_list;
+};
+
+
+struct mini_stat {
+ uid_t uid;
+ gid_t gid;
+ ino_t ino;
+};
+struct dentry;
+struct vfsmount;
+struct obj_info {
+ bool validate_done;
+ bool path1_valid;
+ bool path1_parent_valid;
+ bool path2_parent_valid;
+ struct dentry *path1_dentry;
+ struct vfsmount *path1_vfsmnt;
+ struct dentry *path2_dentry;
+ struct vfsmount *path2_vfsmnt;
+ struct mini_stat path1_stat;
+ /* I don't handle path2_stat for rename operation. */
+ struct mini_stat path1_parent_stat;
+ struct mini_stat path2_parent_stat;
+};
+struct condition_list;
+
+struct linux_binprm;
+struct pt_regs;
+
+/*
+ * TOMOYO uses the following structures.
+ * Memory allocated for these structures are never kfree()ed.
+ * Since no locks are used for reading,
+ * assignment must be performed atomically.
+ */
+
+/************************ The structure for domains. ************************/
+
+struct acl_info {
+ struct list_head list;
+ const struct condition_list *cond;
+ u8 type;
+ bool is_deleted;
+} __attribute__((__packed__));
+
+struct domain_info {
+ struct list_head list;
+ struct list_head acl_info_list;
+ const struct path_info *domainname; /* Never NULL. */
+ u8 profile;
+ u8 is_deleted; /* 0: active, 1:deleted, 255:deleted-permanently */
+ bool quota_warned;
+};
+
+#define TMY_MAX_PROFILES 256
+
+struct file_acl {
+ /* type = TMY_TYPE_FILE_ACL */
+ struct acl_info head;
+ u8 perm;
+ bool u_is_group;
+ union {
+ const struct path_info *filename;
+ const struct path_group_entry *group;
+ } u;
+};
+
+struct argv0_acl {
+ /* type = TMY_TYPE_ARGV0_ACL */
+ struct acl_info head;
+ const struct path_info *filename; /* Pointer to single pathname. */
+ const struct path_info *argv0; /* strrchr(argv[0], '/') + 1 */
+};
+
+struct env_acl {
+ /* type = TMY_TYPE_ENV_ACL */
+ struct acl_info head;
+ const struct path_info *env; /* Pointer to env variable's name. */
+};
+
+struct single_acl {
+ /* type = TMY_TYPE_* */
+ struct acl_info head;
+ bool u_is_group;
+ union {
+ const struct path_info *filename;
+ const struct path_group_entry *group;
+ } u;
+};
+
+struct double_acl {
+ /* type = TMY_TYPE_RENAME_ACL or TMY_TYPE_LINK_ACL, */
+ struct acl_info head;
+ bool u1_is_group;
+ bool u2_is_group;
+ union {
+ const struct path_info *filename1;
+ const struct path_group_entry *group1;
+ } u1;
+ union {
+ const struct path_info *filename2;
+ const struct path_group_entry *group2;
+ } u2;
+};
+
+struct in6_addr;
+struct address_group_member {
+ struct list_head list;
+ union {
+ u32 ipv4; /* Host byte order */
+ const struct in6_addr *ipv6; /* Network byte order */
+ } min, max;
+ bool is_deleted;
+ bool is_ipv6;
+};
+
+struct address_group_entry {
+ struct list_head list;
+ const struct path_info *group_name;
+ struct list_head address_group_member_list;
+};
+
+#define TMY_TYPE_ADDRESS_GROUP 0
+#define TMY_TYPE_IPv4 1
+#define TMY_TYPE_IPv6 2
+
+struct net_acl {
+ /* type = TYPE_IP_NETWORK_ACL */
+ struct acl_info head;
+ u8 operation_type;
+ u8 record_type;
+ union {
+ struct {
+ u32 min;
+ u32 max;
+ } ipv4;
+ struct {
+ const struct in6_addr *min;
+ const struct in6_addr *max;
+ } ipv6;
+ const struct address_group_entry *group;
+ } u;
+ u16 min_port; /* Start of port number range. */
+ u16 max_port; /* End of port number range. */
+};
+
+struct signal_acl {
+ /* type = TYPE_SIGNAL_ACL */
+ struct acl_info head;
+ u16 sig;
+ /* Pointer to destination pattern. */
+ const struct path_info *domainname;
+};
+
+struct capability_acl {
+ /* type = TYPE_CAPABILITY_ACL */
+ struct acl_info head;
+ u16 capability;
+};
+
+/************************* Keywords for ACLs. *************************/
+
+#define TMY_AGGREGATOR "aggregator "
+#define TMY_AGGREGATOR_LEN (sizeof(TMY_AGGREGATOR) - 1)
+#define TMY_ALIAS "alias "
+#define TMY_ALIAS_LEN (sizeof(TMY_ALIAS) - 1)
+#define TMY_ALLOW_READ "allow_read "
+#define TMY_ALLOW_READ_LEN (sizeof(TMY_ALLOW_READ) - 1)
+#define TMY_DELETE "delete "
+#define TMY_DELETE_LEN (sizeof(TMY_DELETE) - 1)
+#define TMY_DENY_REWRITE "deny_rewrite "
+#define TMY_DENY_REWRITE_LEN (sizeof(TMY_DENY_REWRITE) - 1)
+#define TMY_FILE_PATTERN "file_pattern "
+#define TMY_FILE_PATTERN_LEN (sizeof(TMY_FILE_PATTERN) - 1)
+#define TMY_INITIALIZE_DOMAIN "initialize_domain "
+#define TMY_INITIALIZE_DOMAIN_LEN (sizeof(TMY_INITIALIZE_DOMAIN) - 1)
+#define TMY_KEEP_DOMAIN "keep_domain "
+#define TMY_KEEP_DOMAIN_LEN (sizeof(TMY_KEEP_DOMAIN) - 1)
+#define TMY_NO_INITIALIZE_DOMAIN "no_initialize_domain "
+#define TMY_NO_INITIALIZE_DOMAIN_LEN (sizeof(TMY_NO_INITIALIZE_DOMAIN) - 1)
+#define TMY_NO_KEEP_DOMAIN "no_keep_domain "
+#define TMY_NO_KEEP_DOMAIN_LEN (sizeof(TMY_NO_KEEP_DOMAIN) - 1)
+#define TMY_PATH_GROUP "path_group "
+#define TMY_PATH_GROUP_LEN (sizeof(TMY_PATH_GROUP) - 1)
+#define TMY_SELECT "select "
+#define TMY_SELECT_LEN (sizeof(TMY_SELECT) - 1)
+#define TMY_UNDELETE "undelete "
+#define TMY_UNDELETE_LEN (sizeof(TMY_UNDELETE) - 1)
+
+#define TMY_ALLOW_MOUNT "allow_mount "
+#define TMY_ALLOW_MOUNT_LEN (sizeof(TMY_ALLOW_MOUNT) - 1)
+#define TMY_DENY_UNMOUNT "deny_unmount "
+#define TMY_DENY_UNMOUNT_LEN (sizeof(TMY_DENY_UNMOUNT) - 1)
+#define TMY_ALLOW_PIVOT_ROOT "allow_pivot_root "
+#define TMY_ALLOW_PIVOT_ROOT_LEN (sizeof(TMY_ALLOW_PIVOT_ROOT) - 1)
+
+#define TMY_USE_PROFILE "use_profile "
+
+#define TMY_ROOT_NAME "<kernel>"
+#define TMY_ROOT_NAME_LEN (sizeof(TMY_ROOT_NAME) - 1)
+
+#define TMY_ALLOW_ARGV0 "allow_argv0 "
+#define TMY_ALLOW_ARGV0_LEN (sizeof(TMY_ALLOW_ARGV0) - 1)
+
+#define TMY_ALLOW_ENV "allow_env "
+#define TMY_ALLOW_ENV_LEN (sizeof(TMY_ALLOW_ENV) - 1)
+
+#define TMY_ADDRESS_GROUP "address_group "
+#define TMY_ADDRESS_GROUP_LEN (sizeof(TMY_ADDRESS_GROUP) - 1)
+#define TMY_ALLOW_NETWORK "allow_network "
+#define TMY_ALLOW_NETWORK_LEN (sizeof(TMY_ALLOW_NETWORK) - 1)
+
+#define TMY_ALLOW_SIGNAL "allow_signal "
+#define TMY_ALLOW_SIGNAL_LEN (sizeof(TMY_ALLOW_SIGNAL) - 1)
+
+#define TMY_ALLOW_CAPABILITY "allow_capability "
+#define TMY_ALLOW_CAPABILITY_LEN (sizeof(TMY_ALLOW_CAPABILITY) - 1)
+#define TMY_MAC_FOR_CAPABILITY "MAC_FOR_CAPABILITY::"
+#define TMY_MAC_FOR_CAPABILITY_LEN (sizeof(TMY_MAC_FOR_CAPABILITY) - 1)
+
+/******************** Index numbers for Access Controls. ********************/
+
+#define TMY_COMMENT 0
+#define TMY_MAC_FOR_FILE 1
+#define TMY_MAC_FOR_ARGV0 2
+#define TMY_MAC_FOR_ENV 3
+#define TMY_MAC_FOR_NETWORK 4
+#define TMY_MAC_FOR_SIGNAL 5
+#define TMY_DENY_CONCEAL_MOUNT 6
+#define TMY_RESTRICT_MOUNT 7
+#define TMY_RESTRICT_UMOUNT 8
+#define TMY_RESTRICT_PIVOT_ROOT 9
+#define TMY_MAX_ACCEPT_ENTRY 10
+#define TMY_MAX_GRANT_LOG 11
+#define TMY_MAX_REJECT_LOG 12
+#define TMY_VERBOSE 13
+#define TMY_ALLOW_ENFORCE_GRACE 14
+#define TMY_MAX_CONTROL_INDEX 15
+
+#define TMY_NETWORK_ACL_UDP_BIND 0
+#define TMY_NETWORK_ACL_UDP_CONNECT 1
+#define TMY_NETWORK_ACL_TCP_BIND 2
+#define TMY_NETWORK_ACL_TCP_LISTEN 3
+#define TMY_NETWORK_ACL_TCP_CONNECT 4
+#define TMY_NETWORK_ACL_TCP_ACCEPT 5
+#define TMY_NETWORK_ACL_RAW_BIND 6
+#define TMY_NETWORK_ACL_RAW_CONNECT 7
+
+/************* Index numbers for Capability Controls. **********/
+
+/* socket(PF_INET or PF_INET6, SOCK_STREAM, *) */
+#define TMY_INET_STREAM_SOCKET_CREATE 0
+/* listen() for PF_INET or PF_INET6, SOCK_STREAM */
+#define TMY_INET_STREAM_SOCKET_LISTEN 1
+/* connect() for PF_INET or PF_INET6, SOCK_STREAM */
+#define TMY_INET_STREAM_SOCKET_CONNECT 2
+/* socket(PF_INET or PF_INET6, SOCK_DGRAM, *) */
+#define TMY_USE_INET_DGRAM_SOCKET 3
+/* socket(PF_INET or PF_INET6, SOCK_RAW, *) */
+#define TMY_USE_INET_RAW_SOCKET 4
+/* socket(PF_ROUTE, *, *) */
+#define TMY_USE_ROUTE_SOCKET 5
+/* socket(PF_PACKET, *, *) */
+#define TMY_USE_PACKET_SOCKET 6
+/* sys_mount() */
+#define TMY_SYS_MOUNT 7
+/* sys_umount() */
+#define TMY_SYS_UMOUNT 8
+/* sys_reboot() */
+#define TMY_SYS_REBOOT 9
+/* sys_chroot() */
+#define TMY_SYS_CHROOT 10
+/* sys_kill(), sys_tkill(), sys_tgkill() */
+#define TMY_SYS_KILL 11
+/* sys_vhangup() */
+#define TMY_SYS_VHANGUP 12
+/* do_settimeofday(), sys_adjtimex() */
+#define TMY_SYS_SETTIME 13
+/* sys_nice(), sys_setpriority() */
+#define TMY_SYS_NICE 14
+/* sys_sethostname(), sys_setdomainname() */
+#define TMY_SYS_SETHOSTNAME 15
+/* sys_create_module(), sys_init_module(), sys_delete_module() */
+#define TMY_USE_KERNEL_MODULE 16
+/* sys_mknod(S_IFIFO) */
+#define TMY_CREATE_FIFO 17
+/* sys_mknod(S_IFBLK) */
+#define TMY_CREATE_BLOCK_DEV 18
+/* sys_mknod(S_IFCHR) */
+#define TMY_CREATE_CHAR_DEV 19
+/* sys_mknod(S_IFSOCK) */
+#define TMY_CREATE_UNIX_SOCKET 20
+/* sys_link() */
+#define TMY_SYS_LINK 21
+/* sys_symlink() */
+#define TMY_SYS_SYMLINK 22
+/* sys_rename() */
+#define TMY_SYS_RENAME 23
+/* sys_unlink() */
+#define TMY_SYS_UNLINK 24
+/* sys_chmod(), sys_fchmod() */
+#define TMY_SYS_CHMOD 25
+/* sys_chown(), sys_fchown(), sys_lchown() */
+#define TMY_SYS_CHOWN 26
+/* sys_ioctl(), compat_sys_ioctl() */
+#define TMY_SYS_IOCTL 27
+/* sys_kexec_load() */
+#define TMY_SYS_KEXEC_LOAD 28
+/* sys_pivot_root() */
+#define TMY_SYS_PIVOT_ROOT 29
+#define TMY_MAX_CAPABILITY_INDEX 30
+
+/******************** Index numbers for updates counter. ********************/
+
+#define TMY_UPDATE_DOMAINPOLICY 0
+#define TMY_UPDATE_SYSTEMPOLICY 1
+#define TMY_UPDATE_EXCEPTIONPOLICY 2
+#define TMY_UPDATE_PROFILE 3
+#define TMY_UPDATE_QUERY 4
+#define TMY_UPDATE_MANAGER 5
+#define TMY_UPDATE_GRANT_LOG 6
+#define TMY_UPDATE_REJECT_LOG 7
+#define TMY_MAX_UPDATES_COUNTER 8
+
+/*************** Indexes for /sys/kernel/security interfaces. ***************/
+
+#define TMY_DOMAINPOLICY 0
+#define TMY_SYSTEMPOLICY 1
+#define TMY_EXCEPTIONPOLICY 2
+#define TMY_DOMAIN_STATUS 3
+#define TMY_PROCESS_STATUS 4
+#define TMY_MEMINFO 5
+#define TMY_SELFDOMAIN 6
+#define TMY_PROFILE 7
+#define TMY_QUERY 8
+#define TMY_MANAGER 9
+#define TMY_UPDATESCOUNTER 10
+#define TMY_GRANT_LOG 11
+#define TMY_REJECT_LOG 12
+#define TMY_VERSION 13
+
+/*************** The structure for /sys/kernel/security interfaces. *********/
+
+struct io_buffer {
+ int (*read) (struct io_buffer *);
+ struct mutex read_mutex; /* Lock for reading. */
+ int (*write) (struct io_buffer *);
+ struct mutex write_mutex; /* Lock for updating. */
+ int (*poll) (struct file *file, poll_table *wait);
+ struct list_head *read_var1; /* The position currently reading from. */
+ struct list_head *read_var2; /* Extra variables for reading. */
+ struct domain_info *write_var1; /* The position currently writing to. */
+ int read_step; /* The step for reading. */
+ char *read_buf; /* Buffer for reading. */
+ bool read_eof; /* EOF flag for reading. */
+ int read_avail; /* Bytes available for reading. */
+ int readbuf_size; /* Size of read buffer. */
+ char *write_buf; /* Buffer for writing. */
+ int write_avail; /* Bytes available for writing. */
+ int writebuf_size; /* Size of write buffer. */
+};
+
+/************************* PROTOTYPES *************************/
+
+char *tmy_find_condition_part(char *data);
+const struct condition_list *tmy_assign_condition(const char *condition);
+int tmy_check_condition(const struct condition_list *ptr,
+ struct obj_info *obj);
+int tmy_dump_condition(struct io_buffer *head,
+ const struct condition_list *ptr);
+const char *tmy_get_exe(void);
+const char *tmy_getmsg(bool is_enforce);
+const char *tmy_lastname(const struct domain_info *domain);
+const char *tmy_acltype2keyword(const unsigned int acl_type);
+
+int tmy_mount_perm(char *dev_name,
+ char *dir_name,
+ char *type,
+ unsigned long flags);
+int tmy_conceal_mount(struct nameidata *nd);
+int tmy_umount_perm(struct vfsmount *mnt);
+int tmy_add_mount_policy(char *data, const bool is_delete);
+int tmy_read_mount_policy(struct io_buffer *head);
+int tmy_add_no_umount_policy(char *data, const bool is_delete);
+int tmy_read_no_umount_policy(struct io_buffer *head);
+int tmy_pivot_root_perm(struct nameidata *old_nd,
+ struct nameidata *new_nd);
+int tmy_add_pivot_root_policy(char *data, const bool is_delete);
+int tmy_read_pivot_root_policy(struct io_buffer *head);
+
+int tmy_add_aggregator_policy(char *data, const bool is_delete);
+int tmy_add_address_group_policy(char *data, const bool is_delete);
+int tmy_add_alias_policy(char *data, const bool is_delete);
+int tmy_add_argv0_policy(char *data,
+ struct domain_info *domain,
+ const struct condition_list *cond,
+ const bool is_delete);
+int tmy_add_acl(struct domain_info *domain, struct acl_info *acl);
+int tmy_add_capability_policy(char *data,
+ struct domain_info *domain,
+ const struct condition_list *cond,
+ const bool is_delete);
+int tmy_add_domain_initializer_policy(char *data,
+ const bool is_not,
+ const bool is_delete);
+int tmy_add_domain_keeper_policy(char *data,
+ const bool is_not,
+ const bool is_delete);
+int tmy_add_env_policy(char *data,
+ struct domain_info *domain,
+ const struct condition_list *cond,
+ const bool is_delete);
+int tmy_file_perm(const char *filename0, const u8 perm, const char *operation);
+int tmy_add_file_policy(char *data,
+ struct domain_info *domain,
+ const struct condition_list *cond,
+ const bool is_delete);
+int tmy_add_globally_readable_policy(char *data, const bool is_delete);
+int tmy_add_globally_usable_env_policy(char *env, const bool is_delete);
+int tmy_add_group_policy(char *data, const bool is_delete);
+int tmy_add_network_policy(char *data,
+ struct domain_info *domain,
+ const struct condition_list *cond,
+ const bool is_delete);
+int tmy_add_no_rewrite_policy(char *pattern, const bool is_delete);
+int tmy_add_pattern_policy(char *data, const bool is_delete);
+int tmy_supervisor(const char *fmt, ...)
+ __attribute__((format(printf, 1, 2)));
+#ifdef CONFIG_SECURITY_TOMOYO_USE_AUDITD
+int tmy_audit(const char *fmt, ...)
+ __attribute__((format(printf, 1, 2)));
+#else
+#define tmy_audit printk
+#endif
+
+int tmy_del_acl(struct acl_info *ptr);
+int tmy_delete_domain(char *data);
+bool tmy_is_correct_domain(const unsigned char *domainname,
+ const char *function);
+bool tmy_correct_path(const char *filename,
+ const int start_type,
+ const int pattern_type,
+ const int end_type,
+ const char *function);
+bool tmy_is_domain_def(const unsigned char *buffer);
+bool tmy_path_match(const struct path_info *pathname0,
+ const struct path_info *pattern0);
+int tmy_read_aggregator_policy(struct io_buffer *head);
+int tmy_read_alias_policy(struct io_buffer *head);
+int tmy_read_domain_initializer_policy(struct io_buffer *head);
+int tmy_read_domain_keeper_policy(struct io_buffer *head);
+int tmy_read_globally_readable_policy(struct io_buffer *head);
+int tmy_read_globally_usable_env_policy(struct io_buffer *head);
+int tmy_read_path_group_policy(struct io_buffer *head);
+int tmy_read_no_rewrite_policy(struct io_buffer *head);
+int tmy_read_pattern_policy(struct io_buffer *head);
+int tmy_read_address_group_policy(struct io_buffer *head);
+int tmy_argv0_perm(const struct path_info *filename, const char *argv0);
+int tmy_env_perm(const char *env, const u8 profile, const unsigned int mode);
+int tmy_capable(const unsigned int capability);
+int tmy_network_listen_acl(const bool is_ipv6,
+ const u8 *address,
+ const u16 port);
+int tmy_network_connect_acl(const bool is_ipv6,
+ const int sock_type,
+ const u8 *address,
+ const u16 port);
+int tmy_network_bind_acl(const bool is_ipv6,
+ const int sock_type,
+ const u8 *address,
+ const u16 port);
+int tmy_network_sendmsg_acl(const bool is_ipv6,
+ const int sock_type,
+ const u8 *address,
+ const u16 port);
+int tmy_network_accept_acl(const bool is_ipv6,
+ const u8 *address,
+ const u16 port);
+int tmy_network_recvmsg_acl(const bool is_ipv6,
+ const int sock_type,
+ const u8 *address,
+ const u16 port);
+
+int tmy_signal_acl(int sig, int pid);
+int tmy_add_signal_policy(char *data,
+ struct domain_info *domain,
+ const struct condition_list *cond,
+ const bool is_delete);
+
+char *tmy_init_audit_log(int *len, const u8 profile, const unsigned int mode);
+int tmy_write_audit_log(char *log, const bool is_granted);
+int tmy_acltype2paths(const unsigned int acl_type);
+int tmy_io_printf(struct io_buffer *head, const char *fmt, ...)
+ __attribute__((format(printf, 2, 3)));
+int tmy_sncatprintf(char *buf, int len, const char *fmt, ...)
+ __attribute__((format(printf, 3, 4)));
+struct domain_info *tmy_find_domain(const char *domainname);
+struct domain_info *tmy_new_domain(const char *domainname, const u8 profile);
+struct domain_info *tmy_undelete_domain(const char *domainname0);
+bool tmy_quota(void);
+unsigned int tmy_flags(const unsigned int index);
+bool tmy_audit_grant(void);
+bool tmy_audit_reject(void);
+void tmy_update_counter(const unsigned char index);
+void *tmy_alloc(const size_t size);
+void tmy_free(const void *p);
+void tmy_fill_path_info(struct path_info *ptr);
+const char *tmy_capability2keyword(const unsigned int capability);
+int tmy_read_capability_profile(struct io_buffer *head);
+int tmy_set_capability_profile(const char *data, unsigned int value,
+ const unsigned int profile);
+
+int tmy_read_grant_log(struct io_buffer *head);
+int tmy_poll_grant_log(struct file *file, poll_table *wait);
+int tmy_read_reject_log(struct io_buffer *head);
+int tmy_poll_reject_log(struct file *file, poll_table *wait);
+
+static inline bool tmy_pathcmp(const struct path_info *a,
+ const struct path_info *b)
+{
+ return a->hash != b->hash || strcmp(a->name, b->name);
+}
+
+extern struct domain_info KERNEL_DOMAIN;
+extern struct list_head domain_list;
+void tmy_load_policy(const char *filename);
+int tmy_find_next_domain(struct linux_binprm *,
+ struct domain_info **);
+int tmy_check_environ(struct linux_binprm *bprm);
+
+struct path_info;
+
+int tmy_exec_perm(const struct path_info *filename, struct file *filp);
+/* Check whether the given dentry is allowed to read/write/execute. */
+int tmy_open_perm(struct dentry *dentry, struct vfsmount *mnt, const int flag);
+/* Check whether the given dentry is allowed to write. */
+int tmy_single_write_perm(const unsigned int operation,
+ struct dentry *dentry,
+ struct vfsmount *mnt);
+int tmy_double_write_perm(const unsigned int operation,
+ struct dentry *dentry1,
+ struct vfsmount *mnt1,
+ struct dentry *dentry2,
+ struct vfsmount *mnt2);
+int tmy_rewrite_perm(struct file *filp);
+
+struct inode;
+
+/******************** Index numbers for Access Controls. ********************/
+
+#define TMY_TYPE_CREATE_ACL 0
+#define TMY_TYPE_UNLINK_ACL 1
+#define TMY_TYPE_MKDIR_ACL 2
+#define TMY_TYPE_RMDIR_ACL 3
+#define TMY_TYPE_MKFIFO_ACL 4
+#define TMY_TYPE_MKSOCK_ACL 5
+#define TMY_TYPE_MKBLOCK_ACL 6
+#define TMY_TYPE_MKCHAR_ACL 7
+#define TMY_TYPE_TRUNCATE_ACL 8
+#define TMY_TYPE_SYMLINK_ACL 9
+#define TMY_TYPE_LINK_ACL 10
+#define TMY_TYPE_RENAME_ACL 11
+#define TMY_TYPE_REWRITE_ACL 12
+
+#define TMY_TYPE_FILE_ACL 100
+#define TMY_TYPE_ARGV0_ACL 101
+#define TMY_TYPE_ENV_ACL 102
+#define TMY_TYPE_IP_NETWORK_ACL 103
+#define TMY_TYPE_SIGNAL_ACL 104
+#define TMY_TYPE_CAPABILITY_ACL 105
+
+#define TMY_CHECK_READ_FOR_OPEN_EXEC 1
+
+char *tmy_print_ipv6(char *buffer, const int buffer_len,
+ const struct in6_addr *ip);
+const char *tmy_network2keyword(const unsigned int operation);
+
+/* to check "if task.parent.pid" condition. */
+extern asmlinkage long sys_getppid(void);
+
+#endif
--
next prev parent reply other threads:[~2008-01-09 0:57 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-09 0:53 [TOMOYO #6 retry 00/21] TOMOYO Linux - MAC based on process invocation history Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 01/21] TOMOYO Linux documentation Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 02/21] Add struct vfsmount to struct task_struct Kentaro Takeda
2008-01-15 21:16 ` Serge E. Hallyn
2008-01-16 0:22 ` Kentaro Takeda
2008-01-16 14:39 ` Serge E. Hallyn
2008-01-17 4:55 ` Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 03/21] Add wrapper functions for VFS helper functions Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 04/21] Replace VFS with wrapper functions Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 05/21] Add packet filtering based on processs security context Kentaro Takeda
2008-01-09 0:53 ` Kentaro Takeda [this message]
2008-01-09 0:53 ` [TOMOYO #6 retry 07/21] Memory and pathname management functions Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 08/21] Utility functions and policy manipulation interface Kentaro Takeda
2008-01-09 4:25 ` James Morris
2008-01-09 4:29 ` James Morris
2008-01-12 2:06 ` [TOMOYO #6 retry 08/21] Utility functions and policy manipulationinterface Tetsuo Handa
2008-01-12 3:06 ` James Morris
2008-01-12 4:45 ` Greg KH
2008-01-12 7:34 ` [TOMOYO #6 retry 08/21] Utility functions and policymanipulationinterface Tetsuo Handa
2008-01-09 4:31 ` [TOMOYO #6 retry 08/21] Utility functions and policy manipulation interface Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 09/21] Domain transition functions Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 10/21] Auditing interface Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 11/21] File access control functions Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 12/21] argv0 check functions Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 13/21] environment variable name " Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 14/21] Network access control functions Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 15/21] Namespace manipulation " Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 16/21] Signal " Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 17/21] Capability access " Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 18/21] LSM adapter functions Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 19/21] Conditional permission support Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 20/21] Kconfig and Makefile Kentaro Takeda
2008-01-09 0:53 ` [TOMOYO #6 retry 21/21] Add signal hooks at sleepable location Kentaro Takeda
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080109005420.552984035@nttdata.co.jp \
--to=takedakn@nttdata.co.jp \
--cc=akpm@linux-foundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=penguin-kernel@I-love.SAKURA.ne.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.