2 * Security plug functions
4 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com>
5 * Copyright (C) 2001 Greg Kroah-Hartman <greg@kroah.com>
6 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
14 #include <linux/config.h>
15 #include <linux/module.h>
16 #include <linux/init.h>
17 #include <linux/kernel.h>
18 #include <linux/sched.h>
19 #include <linux/security.h>
21 #define SECURITY_SCAFFOLD_VERSION "1.0.0"
23 extern struct security_operations dummy_security_ops
; /* lives in dummy.c */
25 struct security_operations
*security_ops
; /* Initialized to NULL */
27 /* This macro checks that all pointers in a struct are non-NULL. It
28 * can be fooled by struct padding for object tile alignment and when
29 * pointers to data and pointers to functions aren't the same size.
30 * Yes it's ugly, we'll replace it if it becomes a problem.
32 #define VERIFY_STRUCT(struct_type, s, e) \
34 unsigned long * __start = (unsigned long *)(s); \
35 unsigned long * __end = __start + \
36 sizeof(struct_type)/sizeof(unsigned long *); \
37 while (__start != __end) { \
39 printk(KERN_INFO "%s is missing something\n",\
48 static int inline verify (struct security_operations
*ops
)
52 /* verify the security_operations structure exists */
54 printk (KERN_INFO
"Passed a NULL security_operations "
55 "pointer, %s failed.\n", __FUNCTION__
);
59 /* Perform a little sanity checking on our inputs */
62 /* This first check scans the whole security_ops struct for
63 * missing structs or functions.
65 * (There is no further check now, but will leave as is until
66 * the lazy registration stuff is done -- JM).
68 VERIFY_STRUCT(struct security_operations
, ops
, err
);
71 printk (KERN_INFO
"Not enough functions specified in the "
72 "security_operation structure, %s failed.\n",
80 * security_scaffolding_startup - initialzes the security scaffolding framework
82 * This should be called early in the kernel initialization sequence.
84 int security_scaffolding_startup (void)
86 printk (KERN_INFO
"Security Scaffold v" SECURITY_SCAFFOLD_VERSION
89 security_ops
= &dummy_security_ops
;
95 * register_security - registers a security framework with the kernel
96 * @ops: a pointer to the struct security_options that is to be registered
98 * This function is to allow a security module to register itself with the
99 * kernel security subsystem. Some rudimentary checking is done on the @ops
100 * value passed to this function. A call to unregister_security() should be
101 * done to remove this security_options structure from the kernel.
103 * If the @ops structure does not contain function pointers for all hooks in
104 * the structure, or there is already a security module registered with the
105 * kernel, an error will be returned. Otherwise 0 is returned on success.
107 int register_security (struct security_operations
*ops
)
111 printk (KERN_INFO
"%s could not verify "
112 "security_operations structure.\n", __FUNCTION__
);
115 if (security_ops
!= &dummy_security_ops
) {
116 printk (KERN_INFO
"There is already a security "
117 "framework initialized, %s failed.\n", __FUNCTION__
);
127 * unregister_security - unregisters a security framework with the kernel
128 * @ops: a pointer to the struct security_options that is to be registered
130 * This function removes a struct security_operations variable that had
131 * previously been registered with a successful call to register_security().
133 * If @ops does not match the valued previously passed to register_security()
134 * an error is returned. Otherwise the default security options is set to the
135 * the dummy_security_ops structure, and 0 is returned.
137 int unregister_security (struct security_operations
*ops
)
139 if (ops
!= security_ops
) {
140 printk (KERN_INFO
"%s: trying to unregister "
141 "a security_opts structure that is not "
142 "registered, failing.\n", __FUNCTION__
);
146 security_ops
= &dummy_security_ops
;
152 * mod_reg_security - allows security modules to be "stacked"
153 * @name: a pointer to a string with the name of the security_options to be registered
154 * @ops: a pointer to the struct security_options that is to be registered
156 * This function allows security modules to be stacked if the currently loaded
157 * security module allows this to happen. It passes the @name and @ops to the
158 * register_security function of the currently loaded security module.
160 * The return value depends on the currently loaded security module, with 0 as
163 int mod_reg_security (const char *name
, struct security_operations
*ops
)
166 printk (KERN_INFO
"%s could not verify "
167 "security operations.\n", __FUNCTION__
);
171 if (ops
== security_ops
) {
172 printk (KERN_INFO
"%s security operations "
173 "already registered.\n", __FUNCTION__
);
177 return security_ops
->register_security (name
, ops
);
181 * mod_unreg_security - allows a security module registered with mod_reg_security() to be unloaded
182 * @name: a pointer to a string with the name of the security_options to be removed
183 * @ops: a pointer to the struct security_options that is to be removed
185 * This function allows security modules that have been successfully registered
186 * with a call to mod_reg_security() to be unloaded from the system.
187 * This calls the currently loaded security module's unregister_security() call
188 * with the @name and @ops variables.
190 * The return value depends on the currently loaded security module, with 0 as
193 int mod_unreg_security (const char *name
, struct security_operations
*ops
)
195 if (ops
== security_ops
) {
196 printk (KERN_INFO
"%s invalid attempt to unregister "
197 " primary security ops.\n", __FUNCTION__
);
201 return security_ops
->unregister_security (name
, ops
);
205 * capable - calls the currently loaded security module's capable() function with the specified capability
206 * @cap: the requested capability level.
208 * This function calls the currently loaded security module's cabable()
209 * function with a pointer to the current task and the specified @cap value.
211 * This allows the security module to implement the capable function call
212 * however it chooses to.
214 int capable (int cap
)
216 if (security_ops
->capable (current
, cap
)) {
217 /* capability denied */
221 /* capability granted */
222 current
->flags
|= PF_SUPERPRIV
;
227 * sys_security - security syscall multiplexor.
229 * @call: call identifier
230 * @args: arg list for call
232 * Similar to sys_socketcall. Can use id to help identify which module user
233 * app is talking to. The recommended convention for creating the
234 * hexadecimal id value is:
235 * 'echo "Name_of_module" | md5sum | cut -c -8'.
236 * By following this convention, there's no need for a central registry.
238 asmlinkage
long sys_security (unsigned int id
, unsigned int call
,
241 return security_ops
->sys_security (id
, call
, args
);
244 EXPORT_SYMBOL (register_security
);
245 EXPORT_SYMBOL (unregister_security
);
246 EXPORT_SYMBOL (mod_reg_security
);
247 EXPORT_SYMBOL (mod_unreg_security
);
248 EXPORT_SYMBOL (capable
);
249 EXPORT_SYMBOL (security_ops
);