aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/linux/audit.h29
-rw-r--r--include/linux/security.h114
-rw-r--r--include/linux/selinux.h134
3 files changed, 142 insertions, 135 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 2af9ec025015..4ccb048cae1d 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -353,6 +353,33 @@ struct netlink_skb_parms;
353struct linux_binprm; 353struct linux_binprm;
354struct mq_attr; 354struct mq_attr;
355struct mqstat; 355struct mqstat;
356struct audit_watch;
357struct audit_tree;
358
359struct audit_krule {
360 int vers_ops;
361 u32 flags;
362 u32 listnr;
363 u32 action;
364 u32 mask[AUDIT_BITMASK_SIZE];
365 u32 buflen; /* for data alloc on list rules */
366 u32 field_count;
367 char *filterkey; /* ties events to rules */
368 struct audit_field *fields;
369 struct audit_field *arch_f; /* quick access to arch field */
370 struct audit_field *inode_f; /* quick access to an inode field */
371 struct audit_watch *watch; /* associated watch */
372 struct audit_tree *tree; /* associated watched tree */
373 struct list_head rlist; /* entry in audit_{watch,tree}.rules list */
374};
375
376struct audit_field {
377 u32 type;
378 u32 val;
379 u32 op;
380 char *lsm_str;
381 void *lsm_rule;
382};
356 383
357#define AUDITSC_INVALID 0 384#define AUDITSC_INVALID 0
358#define AUDITSC_SUCCESS 1 385#define AUDITSC_SUCCESS 1
@@ -536,6 +563,8 @@ extern void audit_log_d_path(struct audit_buffer *ab,
536 const char *prefix, 563 const char *prefix,
537 struct path *path); 564 struct path *path);
538extern void audit_log_lost(const char *message); 565extern void audit_log_lost(const char *message);
566extern int audit_update_lsm_rules(void);
567
539 /* Private API (for audit.c only) */ 568 /* Private API (for audit.c only) */
540extern int audit_filter_user(struct netlink_skb_parms *cb, int type); 569extern int audit_filter_user(struct netlink_skb_parms *cb, int type);
541extern int audit_filter_type(int type); 570extern int audit_filter_type(int type);
diff --git a/include/linux/security.h b/include/linux/security.h
index f5eb9ff47ac5..fea1f4aa4dd5 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -36,7 +36,11 @@
36 36
37extern unsigned securebits; 37extern unsigned securebits;
38 38
39/* Maximum number of letters for an LSM name string */
40#define SECURITY_NAME_MAX 10
41
39struct ctl_table; 42struct ctl_table;
43struct audit_krule;
40 44
41/* 45/*
42 * These functions are in security/capability.c and are used 46 * These functions are in security/capability.c and are used
@@ -136,6 +140,12 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
136/** 140/**
137 * struct security_operations - main security structure 141 * struct security_operations - main security structure
138 * 142 *
143 * Security module identifier.
144 *
145 * @name:
146 * A string that acts as a unique identifeir for the LSM with max number
147 * of characters = SECURITY_NAME_MAX.
148 *
139 * Security hooks for program execution operations. 149 * Security hooks for program execution operations.
140 * 150 *
141 * @bprm_alloc_security: 151 * @bprm_alloc_security:
@@ -468,6 +478,11 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
468 * @dentry is the dentry being changed. 478 * @dentry is the dentry being changed.
469 * Return 0 on success. If error is returned, then the operation 479 * Return 0 on success. If error is returned, then the operation
470 * causing setuid bit removal is failed. 480 * causing setuid bit removal is failed.
481 * @inode_getsecid:
482 * Get the secid associated with the node.
483 * @inode contains a pointer to the inode.
484 * @secid contains a pointer to the location where result will be saved.
485 * In case of failure, @secid will be set to zero.
471 * 486 *
472 * Security hooks for file operations 487 * Security hooks for file operations
473 * 488 *
@@ -636,6 +651,8 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
636 * @task_getsecid: 651 * @task_getsecid:
637 * Retrieve the security identifier of the process @p. 652 * Retrieve the security identifier of the process @p.
638 * @p contains the task_struct for the process and place is into @secid. 653 * @p contains the task_struct for the process and place is into @secid.
654 * In case of failure, @secid will be set to zero.
655 *
639 * @task_setgroups: 656 * @task_setgroups:
640 * Check permission before setting the supplementary group set of the 657 * Check permission before setting the supplementary group set of the
641 * current process. 658 * current process.
@@ -997,6 +1014,11 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
997 * @ipcp contains the kernel IPC permission structure 1014 * @ipcp contains the kernel IPC permission structure
998 * @flag contains the desired (requested) permission set 1015 * @flag contains the desired (requested) permission set
999 * Return 0 if permission is granted. 1016 * Return 0 if permission is granted.
1017 * @ipc_getsecid:
1018 * Get the secid associated with the ipc object.
1019 * @ipcp contains the kernel IPC permission structure.
1020 * @secid contains a pointer to the location where result will be saved.
1021 * In case of failure, @secid will be set to zero.
1000 * 1022 *
1001 * Security hooks for individual messages held in System V IPC message queues 1023 * Security hooks for individual messages held in System V IPC message queues
1002 * @msg_msg_alloc_security: 1024 * @msg_msg_alloc_security:
@@ -1223,9 +1245,42 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1223 * @secdata contains the security context. 1245 * @secdata contains the security context.
1224 * @seclen contains the length of the security context. 1246 * @seclen contains the length of the security context.
1225 * 1247 *
1248 * Security hooks for Audit
1249 *
1250 * @audit_rule_init:
1251 * Allocate and initialize an LSM audit rule structure.
1252 * @field contains the required Audit action. Fields flags are defined in include/linux/audit.h
1253 * @op contains the operator the rule uses.
1254 * @rulestr contains the context where the rule will be applied to.
1255 * @lsmrule contains a pointer to receive the result.
1256 * Return 0 if @lsmrule has been successfully set,
1257 * -EINVAL in case of an invalid rule.
1258 *
1259 * @audit_rule_known:
1260 * Specifies whether given @rule contains any fields related to current LSM.
1261 * @rule contains the audit rule of interest.
1262 * Return 1 in case of relation found, 0 otherwise.
1263 *
1264 * @audit_rule_match:
1265 * Determine if given @secid matches a rule previously approved
1266 * by @audit_rule_known.
1267 * @secid contains the security id in question.
1268 * @field contains the field which relates to current LSM.
1269 * @op contains the operator that will be used for matching.
1270 * @rule points to the audit rule that will be checked against.
1271 * @actx points to the audit context associated with the check.
1272 * Return 1 if secid matches the rule, 0 if it does not, -ERRNO on failure.
1273 *
1274 * @audit_rule_free:
1275 * Deallocate the LSM audit rule structure previously allocated by
1276 * audit_rule_init.
1277 * @rule contains the allocated rule
1278 *
1226 * This is the main security structure. 1279 * This is the main security structure.
1227 */ 1280 */
1228struct security_operations { 1281struct security_operations {
1282 char name[SECURITY_NAME_MAX + 1];
1283
1229 int (*ptrace) (struct task_struct * parent, struct task_struct * child); 1284 int (*ptrace) (struct task_struct * parent, struct task_struct * child);
1230 int (*capget) (struct task_struct * target, 1285 int (*capget) (struct task_struct * target,
1231 kernel_cap_t * effective, 1286 kernel_cap_t * effective,
@@ -1317,6 +1372,7 @@ struct security_operations {
1317 int (*inode_getsecurity)(const struct inode *inode, const char *name, void **buffer, bool alloc); 1372 int (*inode_getsecurity)(const struct inode *inode, const char *name, void **buffer, bool alloc);
1318 int (*inode_setsecurity)(struct inode *inode, const char *name, const void *value, size_t size, int flags); 1373 int (*inode_setsecurity)(struct inode *inode, const char *name, const void *value, size_t size, int flags);
1319 int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t buffer_size); 1374 int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t buffer_size);
1375 void (*inode_getsecid)(const struct inode *inode, u32 *secid);
1320 1376
1321 int (*file_permission) (struct file * file, int mask); 1377 int (*file_permission) (struct file * file, int mask);
1322 int (*file_alloc_security) (struct file * file); 1378 int (*file_alloc_security) (struct file * file);
@@ -1369,6 +1425,7 @@ struct security_operations {
1369 void (*task_to_inode)(struct task_struct *p, struct inode *inode); 1425 void (*task_to_inode)(struct task_struct *p, struct inode *inode);
1370 1426
1371 int (*ipc_permission) (struct kern_ipc_perm * ipcp, short flag); 1427 int (*ipc_permission) (struct kern_ipc_perm * ipcp, short flag);
1428 void (*ipc_getsecid) (struct kern_ipc_perm *ipcp, u32 *secid);
1372 1429
1373 int (*msg_msg_alloc_security) (struct msg_msg * msg); 1430 int (*msg_msg_alloc_security) (struct msg_msg * msg);
1374 void (*msg_msg_free_security) (struct msg_msg * msg); 1431 void (*msg_msg_free_security) (struct msg_msg * msg);
@@ -1480,10 +1537,18 @@ struct security_operations {
1480 1537
1481#endif /* CONFIG_KEYS */ 1538#endif /* CONFIG_KEYS */
1482 1539
1540#ifdef CONFIG_AUDIT
1541 int (*audit_rule_init)(u32 field, u32 op, char *rulestr, void **lsmrule);
1542 int (*audit_rule_known)(struct audit_krule *krule);
1543 int (*audit_rule_match)(u32 secid, u32 field, u32 op, void *lsmrule,
1544 struct audit_context *actx);
1545 void (*audit_rule_free)(void *lsmrule);
1546#endif /* CONFIG_AUDIT */
1483}; 1547};
1484 1548
1485/* prototypes */ 1549/* prototypes */
1486extern int security_init (void); 1550extern int security_init (void);
1551extern int security_module_enable(struct security_operations *ops);
1487extern int register_security (struct security_operations *ops); 1552extern int register_security (struct security_operations *ops);
1488extern int mod_reg_security (const char *name, struct security_operations *ops); 1553extern int mod_reg_security (const char *name, struct security_operations *ops);
1489extern struct dentry *securityfs_create_file(const char *name, mode_t mode, 1554extern struct dentry *securityfs_create_file(const char *name, mode_t mode,
@@ -1578,6 +1643,7 @@ int security_inode_killpriv(struct dentry *dentry);
1578int security_inode_getsecurity(const struct inode *inode, const char *name, void **buffer, bool alloc); 1643int security_inode_getsecurity(const struct inode *inode, const char *name, void **buffer, bool alloc);
1579int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags); 1644int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags);
1580int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size); 1645int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size);
1646void security_inode_getsecid(const struct inode *inode, u32 *secid);
1581int security_file_permission(struct file *file, int mask); 1647int security_file_permission(struct file *file, int mask);
1582int security_file_alloc(struct file *file); 1648int security_file_alloc(struct file *file);
1583void security_file_free(struct file *file); 1649void security_file_free(struct file *file);
@@ -1622,6 +1688,7 @@ int security_task_prctl(int option, unsigned long arg2, unsigned long arg3,
1622void security_task_reparent_to_init(struct task_struct *p); 1688void security_task_reparent_to_init(struct task_struct *p);
1623void security_task_to_inode(struct task_struct *p, struct inode *inode); 1689void security_task_to_inode(struct task_struct *p, struct inode *inode);
1624int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag); 1690int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag);
1691void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid);
1625int security_msg_msg_alloc(struct msg_msg *msg); 1692int security_msg_msg_alloc(struct msg_msg *msg);
1626void security_msg_msg_free(struct msg_msg *msg); 1693void security_msg_msg_free(struct msg_msg *msg);
1627int security_msg_queue_alloc(struct msg_queue *msq); 1694int security_msg_queue_alloc(struct msg_queue *msq);
@@ -2022,6 +2089,11 @@ static inline int security_inode_listsecurity(struct inode *inode, char *buffer,
2022 return 0; 2089 return 0;
2023} 2090}
2024 2091
2092static inline void security_inode_getsecid(const struct inode *inode, u32 *secid)
2093{
2094 *secid = 0;
2095}
2096
2025static inline int security_file_permission (struct file *file, int mask) 2097static inline int security_file_permission (struct file *file, int mask)
2026{ 2098{
2027 return 0; 2099 return 0;
@@ -2137,7 +2209,9 @@ static inline int security_task_getsid (struct task_struct *p)
2137} 2209}
2138 2210
2139static inline void security_task_getsecid (struct task_struct *p, u32 *secid) 2211static inline void security_task_getsecid (struct task_struct *p, u32 *secid)
2140{ } 2212{
2213 *secid = 0;
2214}
2141 2215
2142static inline int security_task_setgroups (struct group_info *group_info) 2216static inline int security_task_setgroups (struct group_info *group_info)
2143{ 2217{
@@ -2216,6 +2290,11 @@ static inline int security_ipc_permission (struct kern_ipc_perm *ipcp,
2216 return 0; 2290 return 0;
2217} 2291}
2218 2292
2293static inline void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid)
2294{
2295 *secid = 0;
2296}
2297
2219static inline int security_msg_msg_alloc (struct msg_msg * msg) 2298static inline int security_msg_msg_alloc (struct msg_msg * msg)
2220{ 2299{
2221 return 0; 2300 return 0;
@@ -2672,5 +2751,38 @@ static inline int security_key_permission(key_ref_t key_ref,
2672#endif 2751#endif
2673#endif /* CONFIG_KEYS */ 2752#endif /* CONFIG_KEYS */
2674 2753
2754#ifdef CONFIG_AUDIT
2755#ifdef CONFIG_SECURITY
2756int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule);
2757int security_audit_rule_known(struct audit_krule *krule);
2758int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule,
2759 struct audit_context *actx);
2760void security_audit_rule_free(void *lsmrule);
2761
2762#else
2763
2764static inline int security_audit_rule_init(u32 field, u32 op, char *rulestr,
2765 void **lsmrule)
2766{
2767 return 0;
2768}
2769
2770static inline int security_audit_rule_known(struct audit_krule *krule)
2771{
2772 return 0;
2773}
2774
2775static inline int security_audit_rule_match(u32 secid, u32 field, u32 op,
2776 void *lsmrule, struct audit_context *actx)
2777{
2778 return 0;
2779}
2780
2781static inline void security_audit_rule_free(void *lsmrule)
2782{ }
2783
2784#endif /* CONFIG_SECURITY */
2785#endif /* CONFIG_AUDIT */
2786
2675#endif /* ! __LINUX_SECURITY_H */ 2787#endif /* ! __LINUX_SECURITY_H */
2676 2788
diff --git a/include/linux/selinux.h b/include/linux/selinux.h
index 8c2cc4c02526..20f965d4b041 100644
--- a/include/linux/selinux.h
+++ b/include/linux/selinux.h
@@ -16,99 +16,11 @@
16 16
17struct selinux_audit_rule; 17struct selinux_audit_rule;
18struct audit_context; 18struct audit_context;
19struct inode;
20struct kern_ipc_perm; 19struct kern_ipc_perm;
21 20
22#ifdef CONFIG_SECURITY_SELINUX 21#ifdef CONFIG_SECURITY_SELINUX
23 22
24/** 23/**
25 * selinux_audit_rule_init - alloc/init an selinux audit rule structure.
26 * @field: the field this rule refers to
27 * @op: the operater the rule uses
28 * @rulestr: the text "target" of the rule
29 * @rule: pointer to the new rule structure returned via this
30 *
31 * Returns 0 if successful, -errno if not. On success, the rule structure
32 * will be allocated internally. The caller must free this structure with
33 * selinux_audit_rule_free() after use.
34 */
35int selinux_audit_rule_init(u32 field, u32 op, char *rulestr,
36 struct selinux_audit_rule **rule);
37
38/**
39 * selinux_audit_rule_free - free an selinux audit rule structure.
40 * @rule: pointer to the audit rule to be freed
41 *
42 * This will free all memory associated with the given rule.
43 * If @rule is NULL, no operation is performed.
44 */
45void selinux_audit_rule_free(struct selinux_audit_rule *rule);
46
47/**
48 * selinux_audit_rule_match - determine if a context ID matches a rule.
49 * @sid: the context ID to check
50 * @field: the field this rule refers to
51 * @op: the operater the rule uses
52 * @rule: pointer to the audit rule to check against
53 * @actx: the audit context (can be NULL) associated with the check
54 *
55 * Returns 1 if the context id matches the rule, 0 if it does not, and
56 * -errno on failure.
57 */
58int selinux_audit_rule_match(u32 sid, u32 field, u32 op,
59 struct selinux_audit_rule *rule,
60 struct audit_context *actx);
61
62/**
63 * selinux_audit_set_callback - set the callback for policy reloads.
64 * @callback: the function to call when the policy is reloaded
65 *
66 * This sets the function callback function that will update the rules
67 * upon policy reloads. This callback should rebuild all existing rules
68 * using selinux_audit_rule_init().
69 */
70void selinux_audit_set_callback(int (*callback)(void));
71
72/**
73 * selinux_sid_to_string - map a security context ID to a string
74 * @sid: security context ID to be converted.
75 * @ctx: address of context string to be returned
76 * @ctxlen: length of returned context string.
77 *
78 * Returns 0 if successful, -errno if not. On success, the context
79 * string will be allocated internally, and the caller must call
80 * kfree() on it after use.
81 */
82int selinux_sid_to_string(u32 sid, char **ctx, u32 *ctxlen);
83
84/**
85 * selinux_get_inode_sid - get the inode's security context ID
86 * @inode: inode structure to get the sid from.
87 * @sid: pointer to security context ID to be filled in.
88 *
89 * Returns nothing
90 */
91void selinux_get_inode_sid(const struct inode *inode, u32 *sid);
92
93/**
94 * selinux_get_ipc_sid - get the ipc security context ID
95 * @ipcp: ipc structure to get the sid from.
96 * @sid: pointer to security context ID to be filled in.
97 *
98 * Returns nothing
99 */
100void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid);
101
102/**
103 * selinux_get_task_sid - return the SID of task
104 * @tsk: the task whose SID will be returned
105 * @sid: pointer to security context ID to be filled in.
106 *
107 * Returns nothing
108 */
109void selinux_get_task_sid(struct task_struct *tsk, u32 *sid);
110
111/**
112 * selinux_string_to_sid - map a security context string to a security ID 24 * selinux_string_to_sid - map a security context string to a security ID
113 * @str: the security context string to be mapped 25 * @str: the security context string to be mapped
114 * @sid: ID value returned via this. 26 * @sid: ID value returned via this.
@@ -151,52 +63,6 @@ void selinux_secmark_refcount_inc(void);
151void selinux_secmark_refcount_dec(void); 63void selinux_secmark_refcount_dec(void);
152#else 64#else
153 65
154static inline int selinux_audit_rule_init(u32 field, u32 op,
155 char *rulestr,
156 struct selinux_audit_rule **rule)
157{
158 return -EOPNOTSUPP;
159}
160
161static inline void selinux_audit_rule_free(struct selinux_audit_rule *rule)
162{
163 return;
164}
165
166static inline int selinux_audit_rule_match(u32 sid, u32 field, u32 op,
167 struct selinux_audit_rule *rule,
168 struct audit_context *actx)
169{
170 return 0;
171}
172
173static inline void selinux_audit_set_callback(int (*callback)(void))
174{
175 return;
176}
177
178static inline int selinux_sid_to_string(u32 sid, char **ctx, u32 *ctxlen)
179{
180 *ctx = NULL;
181 *ctxlen = 0;
182 return 0;
183}
184
185static inline void selinux_get_inode_sid(const struct inode *inode, u32 *sid)
186{
187 *sid = 0;
188}
189
190static inline void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid)
191{
192 *sid = 0;
193}
194
195static inline void selinux_get_task_sid(struct task_struct *tsk, u32 *sid)
196{
197 *sid = 0;
198}
199
200static inline int selinux_string_to_sid(const char *str, u32 *sid) 66static inline int selinux_string_to_sid(const char *str, u32 *sid)
201{ 67{
202 *sid = 0; 68 *sid = 0;