xref: /netbsd-src/share/examples/secmodel/secmodel_example.c (revision 267197ec1eebfcb9810ea27a89625b6ddf68e3e7) 
1 /* $NetBSD: secmodel_example.c,v 1.23 2008/02/16 16:39:34 elad Exp $ */
2 
3 /*
4  * This file is placed in the public domain.
5  */
6 
7 /*
8  * Skeleton file for building a NetBSD security model from scratch, containing
9  * every kauth(9) scope, action, and request, as well as some coding hints.
10  *
11  * This file will be kept in-sync with the official NetBSD kernel, so *always*
12  * use the latest revision.
13  */
14 
15 #include <sys/cdefs.h>
16 __KERNEL_RCSID(0, "$NetBSD: secmodel_example.c,v 1.23 2008/02/16 16:39:34 elad Exp $");
17 
18 #include <sys/types.h>
19 #include <sys/param.h>
20 #include <sys/kauth.h>
21 
22 #include <sys/sysctl.h>
23 
24 #include <secmodel/secmodel.h>
25 
26 #include <secmodel/example/example.h>
27 
28 /*
29  * Initialize the security model.
30  */
31 void
32 secmodel_example_init(void)
33 {
34 	return;
35 }
36 
37 /*
38  * If the security model is to be used as an LKM, this routine should be
39  * changed, because otherwise creating permanent sysctl(9) nodes will fail.
40  *
41  * To make it work, the prototype should be changed to something like:
42  *
43  *	void secmodel_example_sysctl(void)
44  *
45  * and it should be called from secmodel_start().
46  *
47  * In addition, the CTLFLAG_PERMANENT flag must be removed from all the
48  * nodes.
49  */
50 SYSCTL_SETUP(sysctl_security_example_setup,
51     "sysctl security example setup")
52 {
53 	const struct sysctlnode *rnode;
54 
55 	sysctl_createv(clog, 0, NULL, &rnode,
56 		       CTLFLAG_PERMANENT,
57 		       CTLTYPE_NODE, "security", NULL,
58 		       NULL, 0, NULL, 0,
59 		       CTL_CREATE, CTL_EOL);
60 
61 	sysctl_createv(clog, 0, &rnode, &rnode,
62 		       CTLFLAG_PERMANENT,
63 		       CTLTYPE_NODE, "models", NULL,
64 		       NULL, 0, NULL, 0,
65 		       CTL_CREATE, CTL_EOL);
66 
67 	sysctl_createv(clog, 0, &rnode, &rnode,
68 		       CTLFLAG_PERMANENT,
69 		       CTLTYPE_NODE, "example",
70 		       SYSCTL_DESCR("example security model"),
71 		       NULL, 0, NULL, 0,
72 		       CTL_CREATE, CTL_EOL);
73 
74 	sysctl_createv(clog, 0, &rnode, NULL,
75 		       CTLFLAG_PERMANENT,
76 		       CTLTYPE_STRING, "name", NULL,
77 		       NULL, 0, __UNCONST("Example"), 0
78 		       CTL_CREATE, CTL_EOL);
79 
80 }
81 
82 /*
83  * Start the security model.
84  */
85 void
86 secmodel_start(void)
87 {
88 	secmodel_example_init();
89 
90 	kauth_listen_scope(KAUTH_SCOPE_GENERIC,
91 	   secmodel_example_generic_cb, NULL);
92 	kauth_listen_scope(KAUTH_SCOPE_SYSTEM,
93 	   secmodel_example_system_cb, NULL);
94 	kauth_listen_scope(KAUTH_SCOPE_PROCESS,
95 	   secmodel_example_process_cb, NULL);
96 	kauth_listen_scope(KAUTH_SCOPE_NETWORK,
97 	   secmodel_example_network_cb, NULL);
98 	kauth_listen_scope(KAUTH_SCOPE_MACHDEP,
99 	   secmodel_example_machdep_cb, NULL);
100 }
101 
102 /*
103  * Security model: example
104  * Scope: Generic
105  */
106 int
107 secmodel_example_generic_cb(kauth_cred_t, kauth_action_t action,
108     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
109 {
110 	int result;
111 
112 	result = KAUTH_RESULT_DENY;
113 
114 	switch(action) {
115 	case KAUTH_GENERIC_ISSUSER:
116 	case KAUTH_GENERIC_CANSEE:
117 	default:
118 		result = KAUTH_RESULT_DEFER;
119 		break;
120 	}
121 
122 	return (result);
123 }
124 
125 /*
126  * Security model: example
127  * Scope: System
128  */
129 int
130 secmodel_example_system_cb(kauth_cred_t cred, kauth_action_t action,
131     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
132 {
133 	int result;
134 	enum kauth_system_req req;
135 
136 	result = KAUTH_RESULT_DENY;
137 
138 	req = (enum kauth_system_req)arg0;
139 
140 	switch (action) {
141 	case KAUTH_SYSTEM_MOUNT:
142 		switch (req) {
143 		case KAUTH_REQ_SYSTEM_MOUNT_GET:
144 		case KAUTH_REQ_SYSTEM_MOUNT_NEW:
145 		case KAUTH_REQ_SYSTEM_MOUNT_UNMOUNT:
146 		case KAUTH_REQ_SYSTEM_MOUNT_UPDATE:
147 		default:
148 			result = KAUTH_RESULT_DEFER;
149 			break;
150 		}
151 		break;
152 
153 	case KAUTH_SYSTEM_TIME:
154 		switch (req) {
155 		case KAUTH_REQ_SYSTEM_TIME_ADJTIME:
156 		case KAUTH_REQ_SYSTEM_TIME_BACKWARDS:
157 		case KAUTH_REQ_SYSTEM_TIME_NTPADJTIME:
158 		case KAUTH_REQ_SYSTEM_TIME_RTCOFFSET:
159 		case KAUTH_REQ_SYSTEM_TIME_SYSTEM:
160 		case KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS:
161 		default:
162 			result = KAUTH_RESULT_DEFER;
163 			break;
164 		}
165 		break;
166 
167 	case KAUTH_SYSTEM_SYSCTL:
168 		switch (req) {
169 		case KAUTH_REQ_SYSTEM_SYSCTL_ADD:
170 		case KAUTH_REQ_SYSTEM_SYSCTL_DELETE:
171 		case KAUTH_REQ_SYSTEM_SYSCTL_DESC:
172 		default:
173 			result = KAUTH_RESULT_DEFER;
174 			break;
175 		}
176 		break;
177 
178 	case KAUTH_SYSTEM_CHROOT:
179 		switch (req) {
180 		case KAUTH_REQ_SYSTEM_CHROOT_CHROOT:
181 		case KAUTH_REQ_SYSTEM_CHROOT_FCHROOT:
182 		default:
183 			result = KAUTH_RESULT_DEFER;
184 			break;
185 		}
186 		break;
187 
188 	case KAUTH_SYSTEM_CPU:
189 		switch (req) {
190 		case KAUTH_REQ_SYSTEM_CPU_SETSTATE:
191 		default:
192 			result = KAUTH_RESULT_DEFER;
193 			break;
194 		}
195 		break;
196 
197 	case KAUTH_SYSTEM_DEBUG:
198 		switch (req) {
199 		case KAUTH_REQ_SYSTEM_DEBUG_IPKDB:
200 		default:
201 			result = KAUTH_RESULT_DEFER;
202 			break;
203 		}
204 		break;
205 
206 	case KAUTH_SYSTEM_PSET:
207 		switch (req) {
208 		case KAUTH_REQ_SYSTEM_PSET_ASSIGN:
209 		case KAUTH_REQ_SYSTEM_PSET_BIND:
210 		case KAUTH_REQ_SYSTEM_PSET_CREATE:
211 		case KAUTH_REQ_SYSTEM_PSET_DESTROY:
212 		default:
213 			result = KAUTH_RESULT_DEFER;
214 			break;
215 		}
216 		break;
217 
218 	case KAUTH_SYSTEM_LKM:
219 	case KAUTH_SYSTEM_FILEHANDLE:
220 	case KAUTH_SYSTEM_MKNOD:
221 	case KAUTH_SYSTEM_MODULE:
222 	case KAUTH_SYSTEM_SETIDCORE:
223 	case KAUTH_SYSTEM_SWAPCTL:
224 	case KAUTH_SYSTEM_ACCOUNTING:
225 	case KAUTH_SYSTEM_REBOOT:
226 	default:
227 		result = KAUTH_RESULT_DEFER;
228 		break;
229 	}
230 
231 	return (result);
232 }
233 
234 /*
235  * kauth(9) listener
236  *
237  * Security model: example
238  * Scope: Process
239  */
240 int
241 secmodel_example_process_cb(kauth_cred_t cred, kauth_action_t action,
242     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
243 {
244 	int result;
245 
246 	result = KAUTH_RESULT_DENY;
247 
248 	switch (action) {
249 	case KAUTH_PROCESS_KTRACE:
250 		switch ((u_long)arg1) {
251 		case KAUTH_REQ_PROCESS_KTRACE_PERSISTENT:
252 		default:
253 			result = KAUTH_RESULT_DEFER;
254 			break;
255 		}
256 		break;
257 
258 	case KAUTH_PROCESS_PROCFS:
259 	case KAUTH_PROCESS_CANSEE:
260 	case KAUTH_PROCESS_SIGNAL:
261 	case KAUTH_PROCESS_PTRACE:
262 	case KAUTH_PROCESS_CORENAME:
263 	case KAUTH_PROCESS_FORK:
264 	case KAUTH_PROCESS_KEVENT_FILTER:
265 	case KAUTH_PROCESS_NICE:
266 	case KAUTH_PROCESS_RLIMIT:
267 	case KAUTH_PROCESS_SCHEDULER_GET:
268 	case KAUTH_PROCESS_SCHEDULER_SET:
269 	case KAUTH_PROCESS_SCHEDULER_GETAFFINITY:
270 	case KAUTH_PROCESS_SCHEDULER_SETAFFINITY:
271 	case KAUTH_PROCESS_SCHEDULER_GETPARAM:
272 	case KAUTH_PROCESS_SCHEDULER_SETPARAM:
273 	case KAUTH_PROCESS_SETID:
274 	case KAUTH_PROCESS_STOPFLAG:
275 	default:
276 		result = KAUTH_RESULT_DEFER;
277 		break;
278 	}
279 
280 	return (result);
281 }
282 
283 /*
284  * kauth(9) listener
285  *
286  * Security model: example
287  * Scope: Network
288  */
289 int
290 secmodel_example_network_cb(kauth_cred_t cred, kauth_action_t action,
291     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
292 {
293 	int result;
294 
295 	result = KAUTH_RESULT_DENY;
296 
297 	switch (action) {
298 	case KAUTH_NETWORK_ALTQ:
299 		switch((u_long)arg0) {
300 		case KAUTH_REQ_NETWORK_ALTQ_AFMAP:
301 		case KAUTH_REQ_NETWORK_ALTQ_BLUE:
302 		case KAUTH_REQ_NETWORK_ALTQ_CBQ:
303 		case KAUTH_REQ_NETWORK_ALTQ_CDNR:
304 		case KAUTH_REQ_NETWORK_ALTQ_CONF:
305 		case KAUTH_REQ_NETWORK_ALTQ_FIFOQ:
306 		case KAUTH_REQ_NETWORK_ALTQ_HFSC:
307 		case KAUTH_REQ_NETWORK_ALTQ_JOBS:
308 		case KAUTH_REQ_NETWORK_ALTQ_PRIQ:
309 		case KAUTH_REQ_NETWORK_ALTQ_RED:
310 		case KAUTH_REQ_NETWORK_ALTQ_RIO:
311 		case KAUTH_REQ_NETWORK_ALTQ_WFQ:
312 		default:
313 			result = KAUTH_RESULT_DEFER;
314 			break;
315 		}
316 		break;
317 
318 	case KAUTH_NETWORK_BIND:
319 		switch((u_long)arg0) {
320 		case KAUTH_REQ_NETWORK_BIND_PORT:
321 		case KAUTH_REQ_NETWORK_BIND_PRIVPORT:
322 		default:
323 			result = KAUTH_RESULT_DEFER;
324 			break;
325 		}
326 		break;
327 
328 	case KAUTH_NETWORK_FIREWALL:
329 		switch ((u_long)arg0) {
330 		case KAUTH_REQ_NETWORK_FIREWALL_FW:
331 		case KAUTH_REQ_NETWORK_FIREWALL_NAT:
332 		default:
333 			result = KAUTH_RESULT_DEFER;
334 			break;
335 		}
336 		break;
337 
338 	case KAUTH_NETWORK_FORWSRCRT:
339 		break;
340 
341 	case KAUTH_NETWORK_INTERFACE:
342 		switch ((u_long)arg0) {
343 		case KAUTH_REQ_NETWORK_INTERFACE_GET:
344 		case KAUTH_REQ_NETWORK_INTERFACE_SET:
345 		case KAUTH_REQ_NETWORK_INTERFACE_GETPRIV:
346 		case KAUTH_REQ_NETWORK_INTERFACE_SETPRIV:
347 		default:
348 			result = KAUTH_RESULT_DEFER;
349 			break;
350 		}
351 		break;
352 
353 	case KAUTH_NETWORK_ROUTE:
354 		break;
355 
356 	case KAUTH_NETWORK_SOCKET:
357 		switch((u_long)arg0) {
358 		case KAUTH_REQ_NETWORK_SOCKET_OPEN:
359 		case KAUTH_REQ_NETWORK_SOCKET_RAWSOCK:
360 		case KAUTH_REQ_NETWORK_SOCKET_CANSEE:
361 		default:
362 			result = KAUTH_RESULT_DEFER;
363 			break;
364 		}
365 		break;
366 
367 	default:
368 		result = KAUTH_RESULT_DEFER;
369 		break;
370 	}
371 
372 	return (result);
373 }
374 
375 /*
376  * kauth(9) listener
377  *
378  * Security model: example
379  * Scope: Machdep
380  */
381 int
382 secmodel_example_machdep_cb(kauth_cred_t cred, kauth_action_t action,
383     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
384 {
385 	int result;
386 
387 	result = KAUTH_RESULT_DENY;
388 
389 	switch (action) {
390 	case KAUTH_MACHDEP_IOPERM_GET:
391 	case KAUTH_MACHDEP_IOPERM_SET:
392 	case KAUTH_MACHDEP_IOPL:
393 	case KAUTH_MACHDEP_LDT_GET:
394 	case KAUTH_MACHDEP_LDT_SET:
395 	case KAUTH_MACHDEP_MTRR_GET:
396 	case KAUTH_MACHDEP_MTRR_SET:
397 	case KAUTH_MACHDEP_UNMANAGEDMEM:
398 	default:
399 		result = KAUTH_RESULT_DEFER;
400 		break;
401 	}
402 
403 	return (result);
404 }
405 
406 /*
407  * kauth(9) listener
408  *
409  * Security model: example
410  * Scope: Device
411  */
412 int
413 secmodel_example_device_cb(kauth_cred_t cred, kauth_action_t action,
414     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
415 {
416 	int result;
417 
418 	result = KAUTH_RESULT_DENY;
419 
420 	switch (action) {
421 	case KAUTH_DEVICE_TTY_OPEN:
422 	case KAUTH_DEVICE_TTY_PRIVSET:
423 	case KAUTH_DEVICE_TTY_STI:
424 		break;
425 
426 	case KAUTH_DEVICE_RAWIO_SPEC:
427 		switch ((u_long)arg0) {
428 		case KAUTH_REQ_DEVICE_RAWIO_SPEC_READ:
429 		case KAUTH_REQ_DEVICE_RAWIO_SPEC_WRITE:
430 		case KAUTH_REQ_DEVICE_RAWIO_SPEC_RW:
431 			break;
432 
433 		default:
434 			result = KAUTH_RESULT_DEFER;
435 			break;
436 		}
437 
438 		break;
439 
440 	case KAUTH_DEVICE_RAWIO_PASSTHRU:
441 	default:
442 		result = KAUTH_RESULT_DEFER;
443 		break;
444 	}
445 
446 	return (result);
447 }
448