xref: /netbsd-src/share/examples/secmodel/secmodel_example.c (revision 8b0f9554ff8762542c4defc4f70e1eb76fb508fa) 
1 /* $NetBSD: secmodel_example.c,v 1.16 2007/11/23 16:37:47 uebayasi Exp $ */
2 
3 /*
4  * This file is placed in the public domain.
5  */
6 
7 /*
8  * Skeleton file for building a NetBSD security model from scratch, containing
9  * every kauth(9) scope, action, and request, as well as some coding hints.
10  *
11  * This file will be kept in-sync with the official NetBSD kernel, so *always*
12  * use the latest revision.
13  */
14 
15 #include <sys/cdefs.h>
16 __KERNEL_RCSID(0, "$NetBSD: secmodel_example.c,v 1.16 2007/11/23 16:37:47 uebayasi Exp $");
17 
18 #include <sys/types.h>
19 #include <sys/param.h>
20 #include <sys/kauth.h>
21 
22 #include <sys/sysctl.h>
23 
24 #include <secmodel/secmodel.h>
25 
26 #include <secmodel/example/example.h>
27 
28 /*
29  * Initialize the security model.
30  */
31 void
32 secmodel_example_init(void)
33 {
34 	return;
35 }
36 
37 /*
38  * If the security model is to be used as an LKM, this routine should be
39  * changed, because otherwise creating permanent sysctl(9) nodes will fail.
40  *
41  * To make it work, the prototype should be changed to something like:
42  *
43  *	void secmodel_example_sysctl(void)
44  *
45  * and it should be called from secmodel_start().
46  *
47  * In addition, the CTLFLAG_PERMANENT flag must be removed from all the
48  * nodes.
49  */
50 SYSCTL_SETUP(sysctl_security_example_setup,
51     "sysctl security example setup")
52 {
53 	const struct sysctlnode *rnode;
54 
55 	sysctl_createv(clog, 0, NULL, &rnode,
56 		       CTLFLAG_PERMANENT,
57 		       CTLTYPE_NODE, "security", NULL,
58 		       NULL, 0, NULL, 0,
59 		       CTL_CREATE, CTL_EOL);
60 
61 	sysctl_createv(clog, 0, &rnode, &rnode,
62 		       CTLFLAG_PERMANENT,
63 		       CTLTYPE_NODE, "models", NULL,
64 		       NULL, 0, NULL, 0,
65 		       CTL_CREATE, CTL_EOL);
66 
67 	sysctl_createv(clog, 0, &rnode, &rnode,
68 		       CTLFLAG_PERMANENT,
69 		       CTLTYPE_NODE, "example",
70 		       SYSCTL_DESCR("example security model"),
71 		       NULL, 0, NULL, 0,
72 		       CTL_CREATE, CTL_EOL);
73 
74 	sysctl_createv(clog, 0, &rnode, NULL,
75 		       CTLFLAG_PERMANENT,
76 		       CTLTYPE_STRING, "name", NULL,
77 		       NULL, 0, __UNCONST("Example"), 0
78 		       CTL_CREATE, CTL_EOL);
79 
80 }
81 
82 /*
83  * Start the security model.
84  */
85 void
86 secmodel_start(void)
87 {
88 	secmodel_example_init();
89 
90 	kauth_listen_scope(KAUTH_SCOPE_GENERIC,
91 	   secmodel_example_generic_cb, NULL);
92 	kauth_listen_scope(KAUTH_SCOPE_SYSTEM,
93 	   secmodel_example_system_cb, NULL);
94 	kauth_listen_scope(KAUTH_SCOPE_PROCESS,
95 	   secmodel_example_process_cb, NULL);
96 	kauth_listen_scope(KAUTH_SCOPE_NETWORK,
97 	   secmodel_example_network_cb, NULL);
98 	kauth_listen_scope(KAUTH_SCOPE_MACHDEP,
99 	   secmodel_example_machdep_cb, NULL);
100 }
101 
102 /*
103  * Security model: example
104  * Scope: Generic
105  */
106 int
107 secmodel_example_generic_cb(kauth_cred_t, kauth_action_t action,
108     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
109 {
110 	int result;
111 
112 	result = KAUTH_RESULT_DENY;
113 
114 	switch(action) {
115 	case KAUTH_GENERIC_ISSUSER:
116 	case KAUTH_GENERIC_CANSEE:
117 	default:
118 		result = KAUTH_RESULT_DEFER;
119 		break;
120 	}
121 
122 	return (result);
123 }
124 
125 /*
126  * Security model: example
127  * Scope: System
128  */
129 int
130 secmodel_example_system_cb(kauth_cred_t cred, kauth_action_t action,
131     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
132 {
133 	int result;
134 	enum kauth_system_req req;
135 
136 	result = KAUTH_RESULT_DENY;
137 
138 	req = (enum kauth_system_req)arg0;
139 
140 	switch (action) {
141 	case KAUTH_SYSTEM_MOUNT:
142 		switch (req) {
143 		case KAUTH_REQ_SYSTEM_MOUNT_GET:
144 		case KAUTH_REQ_SYSTEM_MOUNT_NEW:
145 		case KAUTH_REQ_SYSTEM_MOUNT_UNMOUNT:
146 		case KAUTH_REQ_SYSTEM_MOUNT_UPDATE:
147 		default:
148 			result = KAUTH_RESULT_DEFER;
149 			break;
150 		}
151 		break;
152 
153 	case KAUTH_SYSTEM_TIME:
154 		switch (req) {
155 		case KAUTH_REQ_SYSTEM_TIME_ADJTIME:
156 		case KAUTH_REQ_SYSTEM_TIME_BACKWARDS:
157 		case KAUTH_REQ_SYSTEM_TIME_NTPADJTIME:
158 		case KAUTH_REQ_SYSTEM_TIME_RTCOFFSET:
159 		case KAUTH_REQ_SYSTEM_TIME_SYSTEM:
160 		case KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS:
161 		default:
162 			result = KAUTH_RESULT_DEFER;
163 			break;
164 		}
165 		break;
166 
167 	case KAUTH_SYSTEM_SYSCTL:
168 		switch (req) {
169 		case KAUTH_REQ_SYSTEM_SYSCTL_ADD:
170 		case KAUTH_REQ_SYSTEM_SYSCTL_DELETE:
171 		case KAUTH_REQ_SYSTEM_SYSCTL_DESC:
172 		default:
173 			result = KAUTH_RESULT_DEFER;
174 			break;
175 		}
176 		break;
177 
178 	case KAUTH_SYSTEM_CHROOT:
179 		switch (req) {
180 		case KAUTH_REQ_SYSTEM_CHROOT_CHROOT:
181 		case KAUTH_REQ_SYSTEM_CHROOT_FCHROOT:
182 		default:
183 			result = KAUTH_RESULT_DEFER;
184 			break;
185 		}
186 		break;
187 
188 	case KAUTH_SYSTEM_DEBUG:
189 		switch (req) {
190 		case KAUTH_REQ_SYSTEM_DEBUG_IPKDB:
191 		default:
192 			result = KAUTH_RESULT_DEFER;
193 			break;
194 		}
195 		break;
196 
197 	case KAUTH_SYSTEM_LKM:
198 	case KAUTH_SYSTEM_FILEHANDLE:
199 	case KAUTH_SYSTEM_MKNOD:
200 	case KAUTH_SYSTEM_SETIDCORE:
201 	case KAUTH_SYSTEM_SWAPCTL:
202 	case KAUTH_SYSTEM_ACCOUNTING:
203 	case KAUTH_SYSTEM_REBOOT:
204 	default:
205 		result = KAUTH_RESULT_DEFER;
206 		break;
207 	}
208 
209 	return (result);
210 }
211 
212 /*
213  * kauth(9) listener
214  *
215  * Security model: example
216  * Scope: Process
217  */
218 int
219 secmodel_example_process_cb(kauth_cred_t cred, kauth_action_t action,
220     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
221 {
222 	int result;
223 
224 	result = KAUTH_RESULT_DENY;
225 
226 	switch (action) {
227 	case KAUTH_PROCESS_CANPROCFS:
228 	case KAUTH_PROCESS_CANSEE:
229 	case KAUTH_PROCESS_CANSIGNAL:
230 	case KAUTH_PROCESS_CANSYSTRACE:
231 	case KAUTH_PROCESS_CANPTRACE:
232 	case KAUTH_PROCESS_CORENAME:
233 	case KAUTH_PROCESS_NICE:
234 	case KAUTH_PROCESS_RLIMIT:
235 	case KAUTH_PROCESS_SETID:
236 	case KAUTH_PROCESS_STOPFLAG:
237 	default:
238 		result = KAUTH_RESULT_DEFER;
239 		break;
240 	}
241 
242 	return (result);
243 }
244 
245 /*
246  * kauth(9) listener
247  *
248  * Security model: example
249  * Scope: Network
250  */
251 int
252 secmodel_example_network_cb(kauth_cred_t cred, kauth_action_t action,
253     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
254 {
255 	int result;
256 
257 	result = KAUTH_RESULT_DENY;
258 
259 	switch (action) {
260 	case KAUTH_NETWORK_ALTQ:
261 		switch((u_long)arg0) {
262 		case KAUTH_REQ_NETWORK_ALTQ_AFMAP:
263 		case KAUTH_REQ_NETWORK_ALTQ_BLUE:
264 		case KAUTH_REQ_NETWORK_ALTQ_CBQ:
265 		case KAUTH_REQ_NETWORK_ALTQ_CDNR:
266 		case KAUTH_REQ_NETWORK_ALTQ_CONF:
267 		case KAUTH_REQ_NETWORK_ALTQ_FIFOQ:
268 		case KAUTH_REQ_NETWORK_ALTQ_HFSC:
269 		case KAUTH_REQ_NETWORK_ALTQ_JOBS:
270 		case KAUTH_REQ_NETWORK_ALTQ_PRIQ:
271 		case KAUTH_REQ_NETWORK_ALTQ_RED:
272 		case KAUTH_REQ_NETWORK_ALTQ_RIO:
273 		case KAUTH_REQ_NETWORK_ALTQ_WFQ:
274 		default:
275 			result = KAUTH_RESULT_DEFER;
276 			break;
277 		}
278 		break;
279 
280 	case KAUTH_NETWORK_BIND:
281 		switch((u_long)arg0) {
282 		case KAUTH_REQ_NETWORK_BIND_PORT:
283 		case KAUTH_REQ_NETWORK_BIND_PRIVPORT:
284 		default:
285 			result = KAUTH_RESULT_DEFER;
286 			break;
287 		}
288 		break;
289 
290 	case KAUTH_NETWORK_FIREWALL:
291 		switch ((u_long)arg0) {
292 		case KAUTH_REQ_NETWORK_FIREWALL_FW:
293 		case KAUTH_REQ_NETWORK_FIREWALL_NAT:
294 		default:
295 			result = KAUTH_RESULT_DEFER;
296 			break;
297 		}
298 		break;
299 
300 	case KAUTH_NETWORK_FORWSRCRT:
301 		break;
302 
303 	case KAUTH_NETWORK_INTERFACE:
304 		switch ((u_long)arg0) {
305 		case KAUTH_REQ_NETWORK_INTERFACE_GET:
306 		case KAUTH_REQ_NETWORK_INTERFACE_SET:
307 		case KAUTH_REQ_NETWORK_INTERFACE_GETPRIV:
308 		case KAUTH_REQ_NETWORK_INTERFACE_SETPRIV:
309 		default:
310 			result = KAUTH_RESULT_DEFER;
311 			break;
312 		}
313 		break;
314 
315 	case KAUTH_NETWORK_ROUTE:
316 		break;
317 
318 	case KAUTH_NETWORK_SOCKET:
319 		switch((u_long)arg0) {
320 		case KAUTH_REQ_NETWORK_SOCKET_OPEN:
321 		case KAUTH_REQ_NETWORK_SOCKET_RAWSOCK:
322 		case KAUTH_REQ_NETWORK_SOCKET_CANSEE:
323 		default:
324 			result = KAUTH_RESULT_DEFER;
325 			break;
326 		}
327 		break;
328 
329 	default:
330 		result = KAUTH_RESULT_DEFER;
331 		break;
332 	}
333 
334 	return (result);
335 }
336 
337 /*
338  * kauth(9) listener
339  *
340  * Security model: example
341  * Scope: Machdep
342  */
343 int
344 secmodel_example_machdep_cb(kauth_cred_t cred, kauth_action_t action,
345     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
346 {
347 	int result;
348 
349 	result = KAUTH_RESULT_DENY;
350 
351 	switch (action) {
352 	case KAUTH_MACHDEP_IOPERM_GET:
353 	case KAUTH_MACHDEP_IOPERM_SET:
354 	case KAUTH_MACHDEP_IOPL:
355 	case KAUTH_MACHDEP_LDT_GET:
356 	case KAUTH_MACHDEP_LDT_SET:
357 	case KAUTH_MACHDEP_MTRR_GET:
358 	case KAUTH_MACHDEP_MTRR_SET:
359 	case KAUTH_MACHDEP_UNMANAGEDMEM:
360 	default:
361 		result = KAUTH_RESULT_DEFER;
362 		break;
363 	}
364 
365 	return (result);
366 }
367 
368 /*
369  * kauth(9) listener
370  *
371  * Security model: example
372  * Scope: Device
373  */
374 int
375 secmodel_example_device_cb(kauth_cred_t cred, kauth_action_t action,
376     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
377 {
378 	int result;
379 
380 	result = KAUTH_RESULT_DENY;
381 
382 	switch (action) {
383 	case KAUTH_DEVICE_TTY_OPEN:
384 	case KAUTH_DEVICE_TTY_PRIVSET:
385 		break;
386 
387 	case KAUTH_DEVICE_RAWIO_SPEC:
388 		switch ((u_long)arg0) {
389 		case KAUTH_REQ_DEVICE_RAWIO_SPEC_READ:
390 		case KAUTH_REQ_DEVICE_RAWIO_SPEC_WRITE:
391 		case KAUTH_REQ_DEVICE_RAWIO_SPEC_RW:
392 			break;
393 
394 		default:
395 			result = KAUTH_RESULT_DEFER;
396 			break;
397 		}
398 
399 		break;
400 
401 	case KAUTH_DEVICE_RAWIO_PASSTHRU:
402 	default:
403 		result = KAUTH_RESULT_DEFER;
404 		break;
405 	}
406 
407 	return (result);
408 }
409