xref: /netbsd-src/share/examples/secmodel/secmodel_example.c (revision b5677b36047b601b9addaaa494a58ceae82c2a6c) 
1 /* $NetBSD: secmodel_example.c,v 1.25 2008/02/28 17:07:49 elad Exp $ */
2 
3 /*
4  * This file is placed in the public domain.
5  */
6 
7 /*
8  * Skeleton file for building a NetBSD security model from scratch, containing
9  * every kauth(9) scope, action, and request, as well as some coding hints.
10  *
11  * This file will be kept in-sync with the official NetBSD kernel, so *always*
12  * use the latest revision.
13  */
14 
15 #include <sys/cdefs.h>
16 __KERNEL_RCSID(0, "$NetBSD: secmodel_example.c,v 1.25 2008/02/28 17:07:49 elad Exp $");
17 
18 #include <sys/types.h>
19 #include <sys/param.h>
20 #include <sys/kauth.h>
21 
22 #include <sys/sysctl.h>
23 
24 #include <secmodel/secmodel.h>
25 
26 #include <secmodel/example/example.h>
27 
28 /*
29  * Initialize the security model.
30  */
31 void
32 secmodel_example_init(void)
33 {
34 	return;
35 }
36 
37 /*
38  * If the security model is to be used as an LKM, this routine should be
39  * changed, because otherwise creating permanent sysctl(9) nodes will fail.
40  *
41  * To make it work, the prototype should be changed to something like:
42  *
43  *	void secmodel_example_sysctl(void)
44  *
45  * and it should be called from secmodel_start().
46  *
47  * In addition, the CTLFLAG_PERMANENT flag must be removed from all the
48  * nodes.
49  */
50 SYSCTL_SETUP(sysctl_security_example_setup,
51     "sysctl security example setup")
52 {
53 	const struct sysctlnode *rnode;
54 
55 	sysctl_createv(clog, 0, NULL, &rnode,
56 		       CTLFLAG_PERMANENT,
57 		       CTLTYPE_NODE, "security", NULL,
58 		       NULL, 0, NULL, 0,
59 		       CTL_CREATE, CTL_EOL);
60 
61 	sysctl_createv(clog, 0, &rnode, &rnode,
62 		       CTLFLAG_PERMANENT,
63 		       CTLTYPE_NODE, "models", NULL,
64 		       NULL, 0, NULL, 0,
65 		       CTL_CREATE, CTL_EOL);
66 
67 	sysctl_createv(clog, 0, &rnode, &rnode,
68 		       CTLFLAG_PERMANENT,
69 		       CTLTYPE_NODE, "example",
70 		       SYSCTL_DESCR("example security model"),
71 		       NULL, 0, NULL, 0,
72 		       CTL_CREATE, CTL_EOL);
73 
74 	sysctl_createv(clog, 0, &rnode, NULL,
75 		       CTLFLAG_PERMANENT,
76 		       CTLTYPE_STRING, "name", NULL,
77 		       NULL, 0, __UNCONST("Example"), 0
78 		       CTL_CREATE, CTL_EOL);
79 
80 }
81 
82 /*
83  * Start the security model.
84  */
85 void
86 secmodel_start(void)
87 {
88 	secmodel_example_init();
89 
90 	kauth_listen_scope(KAUTH_SCOPE_GENERIC,
91 	   secmodel_example_generic_cb, NULL);
92 	kauth_listen_scope(KAUTH_SCOPE_SYSTEM,
93 	   secmodel_example_system_cb, NULL);
94 	kauth_listen_scope(KAUTH_SCOPE_PROCESS,
95 	   secmodel_example_process_cb, NULL);
96 	kauth_listen_scope(KAUTH_SCOPE_NETWORK,
97 	   secmodel_example_network_cb, NULL);
98 	kauth_listen_scope(KAUTH_SCOPE_MACHDEP,
99 	   secmodel_example_machdep_cb, NULL);
100 }
101 
102 /*
103  * Security model: example
104  * Scope: Generic
105  */
106 int
107 secmodel_example_generic_cb(kauth_cred_t, kauth_action_t action,
108     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
109 {
110 	int result;
111 
112 	result = KAUTH_RESULT_DENY;
113 
114 	switch(action) {
115 	case KAUTH_GENERIC_ISSUSER:
116 	case KAUTH_GENERIC_CANSEE:
117 	default:
118 		result = KAUTH_RESULT_DEFER;
119 		break;
120 	}
121 
122 	return (result);
123 }
124 
125 /*
126  * Security model: example
127  * Scope: System
128  */
129 int
130 secmodel_example_system_cb(kauth_cred_t cred, kauth_action_t action,
131     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
132 {
133 	int result;
134 	enum kauth_system_req req;
135 
136 	result = KAUTH_RESULT_DENY;
137 
138 	req = (enum kauth_system_req)arg0;
139 
140 	switch (action) {
141 	case KAUTH_SYSTEM_MOUNT:
142 		switch (req) {
143 		case KAUTH_REQ_SYSTEM_MOUNT_GET:
144 		case KAUTH_REQ_SYSTEM_MOUNT_NEW:
145 		case KAUTH_REQ_SYSTEM_MOUNT_UNMOUNT:
146 		case KAUTH_REQ_SYSTEM_MOUNT_UPDATE:
147 		default:
148 			result = KAUTH_RESULT_DEFER;
149 			break;
150 		}
151 		break;
152 
153 	case KAUTH_SYSTEM_TIME:
154 		switch (req) {
155 		case KAUTH_REQ_SYSTEM_TIME_ADJTIME:
156 		case KAUTH_REQ_SYSTEM_TIME_BACKWARDS:
157 		case KAUTH_REQ_SYSTEM_TIME_NTPADJTIME:
158 		case KAUTH_REQ_SYSTEM_TIME_RTCOFFSET:
159 		case KAUTH_REQ_SYSTEM_TIME_SYSTEM:
160 		case KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS:
161 		default:
162 			result = KAUTH_RESULT_DEFER;
163 			break;
164 		}
165 		break;
166 
167 	case KAUTH_SYSTEM_SYSCTL:
168 		switch (req) {
169 		case KAUTH_REQ_SYSTEM_SYSCTL_ADD:
170 		case KAUTH_REQ_SYSTEM_SYSCTL_DELETE:
171 		case KAUTH_REQ_SYSTEM_SYSCTL_DESC:
172 		default:
173 			result = KAUTH_RESULT_DEFER;
174 			break;
175 		}
176 		break;
177 
178 	case KAUTH_SYSTEM_CHROOT:
179 		switch (req) {
180 		case KAUTH_REQ_SYSTEM_CHROOT_CHROOT:
181 		case KAUTH_REQ_SYSTEM_CHROOT_FCHROOT:
182 		default:
183 			result = KAUTH_RESULT_DEFER;
184 			break;
185 		}
186 		break;
187 
188 	case KAUTH_SYSTEM_CPU:
189 		switch (req) {
190 		case KAUTH_REQ_SYSTEM_CPU_SETSTATE:
191 		default:
192 			result = KAUTH_RESULT_DEFER;
193 			break;
194 		}
195 		break;
196 
197 	case KAUTH_SYSTEM_DEBUG:
198 		switch (req) {
199 		case KAUTH_REQ_SYSTEM_DEBUG_IPKDB:
200 		default:
201 			result = KAUTH_RESULT_DEFER;
202 			break;
203 		}
204 		break;
205 
206 	case KAUTH_SYSTEM_PSET:
207 		switch (req) {
208 		case KAUTH_REQ_SYSTEM_PSET_ASSIGN:
209 		case KAUTH_REQ_SYSTEM_PSET_BIND:
210 		case KAUTH_REQ_SYSTEM_PSET_CREATE:
211 		case KAUTH_REQ_SYSTEM_PSET_DESTROY:
212 		default:
213 			result = KAUTH_RESULT_DEFER;
214 			break;
215 		}
216 		break;
217 
218 	case KAUTH_SYSTEM_LKM:
219 	case KAUTH_SYSTEM_FILEHANDLE:
220 	case KAUTH_SYSTEM_MKNOD:
221 	case KAUTH_SYSTEM_MODULE:
222 	case KAUTH_SYSTEM_SETIDCORE:
223 	case KAUTH_SYSTEM_SWAPCTL:
224 	case KAUTH_SYSTEM_ACCOUNTING:
225 	case KAUTH_SYSTEM_REBOOT:
226 	default:
227 		result = KAUTH_RESULT_DEFER;
228 		break;
229 	}
230 
231 	return (result);
232 }
233 
234 /*
235  * kauth(9) listener
236  *
237  * Security model: example
238  * Scope: Process
239  */
240 int
241 secmodel_example_process_cb(kauth_cred_t cred, kauth_action_t action,
242     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
243 {
244 	int result;
245 
246 	result = KAUTH_RESULT_DENY;
247 
248 	switch (action) {
249 	case KAUTH_PROCESS_KTRACE:
250 		switch ((u_long)arg1) {
251 		case KAUTH_REQ_PROCESS_KTRACE_PERSISTENT:
252 		default:
253 			result = KAUTH_RESULT_DEFER;
254 			break;
255 		}
256 		break;
257 
258 	case KAUTH_PROCESS_PROCFS:
259 	case KAUTH_PROCESS_CANSEE:
260 	case KAUTH_PROCESS_SIGNAL:
261 	case KAUTH_PROCESS_PTRACE:
262 	case KAUTH_PROCESS_CORENAME:
263 	case KAUTH_PROCESS_FORK:
264 	case KAUTH_PROCESS_KEVENT_FILTER:
265 	case KAUTH_PROCESS_NICE:
266 	case KAUTH_PROCESS_RLIMIT:
267 	case KAUTH_PROCESS_SCHEDULER_GETAFFINITY:
268 	case KAUTH_PROCESS_SCHEDULER_SETAFFINITY:
269 	case KAUTH_PROCESS_SCHEDULER_GETPARAM:
270 	case KAUTH_PROCESS_SCHEDULER_SETPARAM:
271 	case KAUTH_PROCESS_SETID:
272 	case KAUTH_PROCESS_STOPFLAG:
273 	default:
274 		result = KAUTH_RESULT_DEFER;
275 		break;
276 	}
277 
278 	return (result);
279 }
280 
281 /*
282  * kauth(9) listener
283  *
284  * Security model: example
285  * Scope: Network
286  */
287 int
288 secmodel_example_network_cb(kauth_cred_t cred, kauth_action_t action,
289     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
290 {
291 	int result;
292 
293 	result = KAUTH_RESULT_DENY;
294 
295 	switch (action) {
296 	case KAUTH_NETWORK_ALTQ:
297 		switch((u_long)arg0) {
298 		case KAUTH_REQ_NETWORK_ALTQ_AFMAP:
299 		case KAUTH_REQ_NETWORK_ALTQ_BLUE:
300 		case KAUTH_REQ_NETWORK_ALTQ_CBQ:
301 		case KAUTH_REQ_NETWORK_ALTQ_CDNR:
302 		case KAUTH_REQ_NETWORK_ALTQ_CONF:
303 		case KAUTH_REQ_NETWORK_ALTQ_FIFOQ:
304 		case KAUTH_REQ_NETWORK_ALTQ_HFSC:
305 		case KAUTH_REQ_NETWORK_ALTQ_JOBS:
306 		case KAUTH_REQ_NETWORK_ALTQ_PRIQ:
307 		case KAUTH_REQ_NETWORK_ALTQ_RED:
308 		case KAUTH_REQ_NETWORK_ALTQ_RIO:
309 		case KAUTH_REQ_NETWORK_ALTQ_WFQ:
310 		default:
311 			result = KAUTH_RESULT_DEFER;
312 			break;
313 		}
314 		break;
315 
316 	case KAUTH_NETWORK_BIND:
317 		switch((u_long)arg0) {
318 		case KAUTH_REQ_NETWORK_BIND_PORT:
319 		case KAUTH_REQ_NETWORK_BIND_PRIVPORT:
320 		default:
321 			result = KAUTH_RESULT_DEFER;
322 			break;
323 		}
324 		break;
325 
326 	case KAUTH_NETWORK_FIREWALL:
327 		switch ((u_long)arg0) {
328 		case KAUTH_REQ_NETWORK_FIREWALL_FW:
329 		case KAUTH_REQ_NETWORK_FIREWALL_NAT:
330 		default:
331 			result = KAUTH_RESULT_DEFER;
332 			break;
333 		}
334 		break;
335 
336 	case KAUTH_NETWORK_FORWSRCRT:
337 		break;
338 
339 	case KAUTH_NETWORK_INTERFACE:
340 		switch ((u_long)arg0) {
341 		case KAUTH_REQ_NETWORK_INTERFACE_GET:
342 		case KAUTH_REQ_NETWORK_INTERFACE_SET:
343 		case KAUTH_REQ_NETWORK_INTERFACE_GETPRIV:
344 		case KAUTH_REQ_NETWORK_INTERFACE_SETPRIV:
345 		default:
346 			result = KAUTH_RESULT_DEFER;
347 			break;
348 		}
349 		break;
350 
351 	case KAUTH_NETWORK_NFS:
352 		switch ((u_long)arg0) {
353 		case KAUTH_REQ_NETWORK_NFS_EXPORT:
354 		case KAUTH_REQ_NETWORK_NFS_SVC:
355 		default:
356 			result = KAUTH_RESULT_DEFER;
357 			break;
358 		}
359 		break;
360 
361 	case KAUTH_NETWORK_ROUTE:
362 		break;
363 
364 	case KAUTH_NETWORK_SOCKET:
365 		switch((u_long)arg0) {
366 		case KAUTH_REQ_NETWORK_SOCKET_OPEN:
367 		case KAUTH_REQ_NETWORK_SOCKET_RAWSOCK:
368 		case KAUTH_REQ_NETWORK_SOCKET_CANSEE:
369 		default:
370 			result = KAUTH_RESULT_DEFER;
371 			break;
372 		}
373 		break;
374 
375 	default:
376 		result = KAUTH_RESULT_DEFER;
377 		break;
378 	}
379 
380 	return (result);
381 }
382 
383 /*
384  * kauth(9) listener
385  *
386  * Security model: example
387  * Scope: Machdep
388  */
389 int
390 secmodel_example_machdep_cb(kauth_cred_t cred, kauth_action_t action,
391     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
392 {
393 	int result;
394 
395 	result = KAUTH_RESULT_DENY;
396 
397 	switch (action) {
398 	case KAUTH_MACHDEP_IOPERM_GET:
399 	case KAUTH_MACHDEP_IOPERM_SET:
400 	case KAUTH_MACHDEP_IOPL:
401 	case KAUTH_MACHDEP_LDT_GET:
402 	case KAUTH_MACHDEP_LDT_SET:
403 	case KAUTH_MACHDEP_MTRR_GET:
404 	case KAUTH_MACHDEP_MTRR_SET:
405 	case KAUTH_MACHDEP_UNMANAGEDMEM:
406 	default:
407 		result = KAUTH_RESULT_DEFER;
408 		break;
409 	}
410 
411 	return (result);
412 }
413 
414 /*
415  * kauth(9) listener
416  *
417  * Security model: example
418  * Scope: Device
419  */
420 int
421 secmodel_example_device_cb(kauth_cred_t cred, kauth_action_t action,
422     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
423 {
424 	int result;
425 
426 	result = KAUTH_RESULT_DENY;
427 
428 	switch (action) {
429 	case KAUTH_DEVICE_TTY_OPEN:
430 	case KAUTH_DEVICE_TTY_PRIVSET:
431 	case KAUTH_DEVICE_TTY_STI:
432 		break;
433 
434 	case KAUTH_DEVICE_RAWIO_SPEC:
435 		switch ((u_long)arg0) {
436 		case KAUTH_REQ_DEVICE_RAWIO_SPEC_READ:
437 		case KAUTH_REQ_DEVICE_RAWIO_SPEC_WRITE:
438 		case KAUTH_REQ_DEVICE_RAWIO_SPEC_RW:
439 			break;
440 
441 		default:
442 			result = KAUTH_RESULT_DEFER;
443 			break;
444 		}
445 
446 		break;
447 
448 	case KAUTH_DEVICE_RAWIO_PASSTHRU:
449 	default:
450 		result = KAUTH_RESULT_DEFER;
451 		break;
452 	}
453 
454 	return (result);
455 }
456