usr/src/uts/common/sys/policy.h

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
  23  * Copyright 2015, Joyent, Inc. All rights reserved.
  24  * Copyright 2023 RackTop Systems, Inc.
  25  */
  26
  27 #ifndef _SYS_POLICY_H
  28 #define _SYS_POLICY_H
  29
  30 #include <sys/types.h>
  31 #include <sys/cred.h>
  32 #include <sys/vnode.h>
  33 #include <sys/fs/snode.h>
  34
  35 #ifdef  __cplusplus
  36 extern "C" {
  37 #endif
  38
  39 #ifdef _KERNEL
  40
  41 #ifndef _IN_PORT_T
  42 #define _IN_PORT_T
  43 typedef uint16_t in_port_t;
  44 #endif
  45
  46 /*
  47  * Policy routines; in case we check privileges in-line.
  48  *
  49  * priv_policy
  50  *              privilege debugging
  51  *              audits success & failure
  52  *              returns 0 on success, error on failure
  53  *
  54  * priv_policy_choice
  55  *              determines extend of operation
  56  *              audit on success
  57  *              returns a boolean_t indicating success (B_TRUE) or failure.
  58  *
  59  * priv_policy_only
  60  *              when auditing is in appropriate (interrupt context)
  61  *              to determine context of operation
  62  *              returns a boolean_t indicating success (B_TRUE) or failure.
  63  *
  64  */
  65 int priv_policy(const cred_t *, int, boolean_t, int, const char *);
  66 boolean_t priv_policy_only(const cred_t *, int, boolean_t);
  67 boolean_t priv_policy_choice(const cred_t *, int, boolean_t);
  68
  69 struct kipc_perm;
  70 struct vfs;
  71 struct proc;
  72 struct priv_set;
  73
  74 int secpolicy_acct(const cred_t *);
  75 int secpolicy_require_privs(const cred_t *, const struct priv_set *);
  76 int secpolicy_allow_setid(const cred_t *, uid_t, boolean_t);
  77 int secpolicy_audit_config(const cred_t *);
  78 int secpolicy_audit_getattr(const cred_t *, boolean_t);
  79 int secpolicy_audit_modify(const cred_t *);
  80 int secpolicy_blacklist(const cred_t *);
  81 int secpolicy_chroot(const cred_t *);
  82 int secpolicy_clock_highres(const cred_t *);
  83 int secpolicy_console(const cred_t *);
  84 int secpolicy_contract_identity(const cred_t *);
  85 int secpolicy_contract_observer(const cred_t *, struct contract *);
  86 boolean_t secpolicy_contract_observer_choice(const cred_t *);
  87 int secpolicy_contract_event(const cred_t *);
  88 boolean_t secpolicy_contract_event_choice(const cred_t *);
  89 int secpolicy_coreadm(const cred_t *);
  90 int secpolicy_cpc_cpu(const cred_t *);
  91 int secpolicy_dispadm(const cred_t *);
  92 int secpolicy_error_inject(const cred_t *);
  93 int secpolicy_excl_open(const cred_t *);
  94 int secpolicy_fs_allowed_mount(const char *);
  95 int secpolicy_fs_config(const cred_t *, const struct vfs *);
  96 int secpolicy_fs_linkdir(const cred_t *, const struct vfs *);
  97 int secpolicy_fs_minfree(const cred_t *, const struct vfs *);
  98 int secpolicy_fs_mount(cred_t *, vnode_t *, struct vfs *);
  99 int secpolicy_fs_quota(const cred_t *, const struct vfs *);
 100 int secpolicy_fs_unmount(cred_t *, struct vfs *);
 101 int secpolicy_idmap(const cred_t *);
 102 int secpolicy_ip(const cred_t *, int, boolean_t);
 103 int secpolicy_ip_config(const cred_t *, boolean_t);
 104 int secpolicy_dl_config(const cred_t *);
 105 int secpolicy_iptun_config(const cred_t *);
 106 int secpolicy_ipc_access(const cred_t *, const struct kipc_perm *, mode_t);
 107 int secpolicy_ipc_config(const cred_t *);
 108 int secpolicy_ipc_owner(const cred_t *, const struct kipc_perm *);
 109 int secpolicy_kmdb(const cred_t *);
 110 int secpolicy_lock_memory(const cred_t *);
 111 int secpolicy_meminfo(const cred_t *);
 112 int secpolicy_modctl(const cred_t *, int);
 113 int secpolicy_net(const cred_t *, int, boolean_t);
 114 int secpolicy_net_bindmlp(const cred_t *);
 115 int secpolicy_net_config(const cred_t *, boolean_t);
 116 int secpolicy_net_icmpaccess(const cred_t *);
 117 int secpolicy_net_mac_aware(const cred_t *);
 118 int secpolicy_net_mac_implicit(const cred_t *);
 119 int secpolicy_net_observability(const cred_t *);
 120 int secpolicy_net_privaddr(const cred_t *, in_port_t, int proto);
 121 int secpolicy_net_rawaccess(const cred_t *);
 122 boolean_t secpolicy_net_reply_equal(const cred_t *);
 123 int secpolicy_newproc(const cred_t *);
 124 int secpolicy_nfs(const cred_t *);
 125 int secpolicy_pbind(const cred_t *);
 126 int secpolicy_pcfs_modify_bootpartition(const cred_t *);
 127 int secpolicy_pfexec_register(const cred_t *);
 128 int secpolicy_ponline(const cred_t *);
 129 int secpolicy_pool(const cred_t *);
 130 int secpolicy_power_mgmt(const cred_t *);
 131 int secpolicy_ppp_config(const cred_t *);
 132 int secpolicy_proc_access(const cred_t *);
 133 int secpolicy_proc_excl_open(const cred_t *);
 134 int secpolicy_proc_owner(const cred_t *, const cred_t *, int);
 135 int secpolicy_proc_zone(const cred_t *);
 136 int secpolicy_psecflags(const cred_t *, struct proc *, struct proc *);
 137 int secpolicy_pset(const cred_t *);
 138 int secpolicy_rctlsys(const cred_t *, boolean_t);
 139 int secpolicy_resource(const cred_t *);
 140 int secpolicy_resource_anon_mem(const cred_t *);
 141 int secpolicy_rpcmod_open(const cred_t *);
 142 int secpolicy_rsm_access(const cred_t *, uid_t, mode_t);
 143 int secpolicy_raisepriority(const cred_t *);
 144 int secpolicy_setpriority(const cred_t *);
 145 int secpolicy_settime(const cred_t *);
 146 int secpolicy_smb(const cred_t *);
 147 int secpolicy_smbfs_login(const cred_t *, uid_t);
 148 int secpolicy_spec_open(const cred_t *, struct vnode *, int);
 149 int secpolicy_sti(const cred_t *);
 150 int secpolicy_swapctl(const cred_t *);
 151 int secpolicy_sys_config(const cred_t *, boolean_t);
 152 int secpolicy_zone_admin(const cred_t *, boolean_t);
 153 int secpolicy_zone_config(const cred_t *);
 154 int secpolicy_sys_devices(const cred_t *);
 155 int secpolicy_systeminfo(const cred_t *);
 156 int secpolicy_tasksys(const cred_t *);
 157 int secpolicy_vnode_access(const cred_t *, vnode_t *, uid_t, mode_t);
 158 int secpolicy_vnode_access2(const cred_t *, vnode_t *, uid_t, mode_t, mode_t);
 159 int secpolicy_vnode_any_access(const cred_t *, vnode_t *, uid_t);
 160 int secpolicy_vnode_chown(const cred_t *, uid_t);
 161 int secpolicy_vnode_create_gid(const cred_t *);
 162 int secpolicy_vnode_owner(const cred_t *, uid_t);
 163 int secpolicy_vnode_remove(const cred_t *);
 164 int secpolicy_vnode_setdac(const cred_t *, uid_t);
 165 int secpolicy_vnode_setdac3(const cred_t *, uid_t, boolean_t);
 166 int secpolicy_vnode_setid_retain(const cred_t *, boolean_t);
 167 int secpolicy_vnode_setids_setgids(const cred_t *, gid_t);
 168 int secpolicy_vnode_stky_modify(const cred_t *);
 169 int secpolicy_vscan(const cred_t *);
 170 int secpolicy_hwmanip(const cred_t *);
 171 int secpolicy_zinject(const cred_t *);
 172 int secpolicy_zfs(const cred_t *);
 173 int secpolicy_ucode_update(const cred_t *);
 174 int secpolicy_sadopen(const cred_t *);
 175 void secpolicy_setid_clear(vattr_t *, cred_t *);
 176 void secpolicy_fs_mount_clearopts(cred_t *, struct vfs *);
 177 int secpolicy_setid_setsticky_clear(vnode_t *, vattr_t *,
 178     const vattr_t *, cred_t *);
 179 int secpolicy_xvattr(xvattr_t *, uid_t, cred_t *, vtype_t);
 180 int secpolicy_xvm_control(const cred_t *);
 181
 182 int secpolicy_basic_exec(const cred_t *, vnode_t *);
 183 int secpolicy_basic_fork(const cred_t *);
 184 int secpolicy_basic_link(const cred_t *);
 185 int secpolicy_basic_file_read(const cred_t *, vnode_t *, const char *);
 186 int secpolicy_basic_file_write(const cred_t *, vnode_t *, const char *);
 187 int secpolicy_basic_net_access(const cred_t *);
 188 int secpolicy_basic_proc(const cred_t *);
 189 int secpolicy_basic_procinfo(const cred_t *, struct proc *, struct proc *);
 190
 191 int secpolicy_gart_access(const cred_t *);
 192 int secpolicy_gart_map(const cred_t *);
 193 /*
 194  * This function to be called from xxfs_setattr().
 195  * Must be called with the node's attributes read-write locked.
 196  *
 197  *              cred_t *                - acting credentials
 198  *              struct vnode *          - vnode we're operating on
 199  *              struct vattr *va        - new attributes, va_mask may be
 200  *                                        changed on return from a call
 201  *              struct vattr *oldva     - old attributes, need include owner
 202  *                                        and mode only
 203  *              int flags               - setattr flags
 204  *              int iaccess(void *node, int mode, cred_t *cr)
 205  *                                      - non-locking internal access function
 206  *                                              mode be checked
 207  *                                              w/ VREAD|VWRITE|VEXEC, not fs
 208  *                                              internal mode encoding.
 209  *
 210  *              void *node              - internal node (inode, tmpnode) to
 211  *                                        pass as arg to iaccess
 212  */
 213 int secpolicy_vnode_setattr(cred_t *, struct vnode *, struct vattr *,
 214     const struct vattr *, int, int (void *, int, cred_t *), void *);
 215
 216 /*
 217  * Test privilege. Audit success or failure, allow privilege debugging.
 218  * Returns 0 for success, err for failure.
 219  */
 220 #define PRIV_POLICY(cred, priv, all, err, reason) \
 221                 priv_policy((cred), (priv), (all), (err), (reason))
 222
 223 /*
 224  * Test privilege. Audit success only, no privilege debugging.
 225  * Returns 1 for success, and 0 for failure.
 226  */
 227 #define PRIV_POLICY_CHOICE(cred, priv, all) \
 228                 priv_policy_choice((cred), (priv), (all))
 229
 230 /*
 231  * Test privilege. No priv_debugging, no auditing.
 232  * Returns 1 for success, and 0 for failure.
 233  */
 234
 235 #define PRIV_POLICY_ONLY(cred, priv, all) \
 236                 priv_policy_only((cred), (priv), (all))
 237
 238
 239 #endif
 240
 241 #ifdef  __cplusplus
 242 }
 243 #endif
 244
 245 #endif  /* _SYS_POLICY_H */