10Sstevel@tonic-gate /* 20Sstevel@tonic-gate * CDDL HEADER START 30Sstevel@tonic-gate * 40Sstevel@tonic-gate * The contents of this file are subject to the terms of the 51544Seschrock * Common Development and Distribution License (the "License"). 61544Seschrock * You may not use this file except in compliance with the License. 70Sstevel@tonic-gate * 80Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 90Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 100Sstevel@tonic-gate * See the License for the specific language governing permissions 110Sstevel@tonic-gate * and limitations under the License. 120Sstevel@tonic-gate * 130Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 140Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 150Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 160Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 170Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 180Sstevel@tonic-gate * 190Sstevel@tonic-gate * CDDL HEADER END 200Sstevel@tonic-gate */ 210Sstevel@tonic-gate /* 2212273SCasper.Dik@Sun.COM * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. 230Sstevel@tonic-gate */ 240Sstevel@tonic-gate 250Sstevel@tonic-gate #ifndef _SYS_POLICY_H 260Sstevel@tonic-gate #define _SYS_POLICY_H 270Sstevel@tonic-gate 280Sstevel@tonic-gate #include <sys/types.h> 290Sstevel@tonic-gate #include <sys/cred.h> 300Sstevel@tonic-gate #include <sys/vnode.h> 310Sstevel@tonic-gate #include <sys/fs/snode.h> 320Sstevel@tonic-gate 330Sstevel@tonic-gate #ifdef __cplusplus 340Sstevel@tonic-gate extern "C" { 350Sstevel@tonic-gate #endif 360Sstevel@tonic-gate 370Sstevel@tonic-gate #ifdef _KERNEL 380Sstevel@tonic-gate 390Sstevel@tonic-gate #ifndef _IN_PORT_T 400Sstevel@tonic-gate #define _IN_PORT_T 410Sstevel@tonic-gate typedef uint16_t in_port_t; 420Sstevel@tonic-gate #endif 430Sstevel@tonic-gate 440Sstevel@tonic-gate /* 450Sstevel@tonic-gate * Policy routines; in case we check privileges in-line. 460Sstevel@tonic-gate * 470Sstevel@tonic-gate * priv_policy 480Sstevel@tonic-gate * privilege debugging 490Sstevel@tonic-gate * audits success & failure 500Sstevel@tonic-gate * returns 0 on success, error on failure 510Sstevel@tonic-gate * 520Sstevel@tonic-gate * priv_policy_choice 530Sstevel@tonic-gate * determines extend of operation 540Sstevel@tonic-gate * audit on success 550Sstevel@tonic-gate * returns a boolean_t indicating success (B_TRUE) or failure. 560Sstevel@tonic-gate * 570Sstevel@tonic-gate * priv_policy_only 580Sstevel@tonic-gate * when auditing is in appropriate (interrupt context) 590Sstevel@tonic-gate * to determine context of operation 600Sstevel@tonic-gate * returns a boolean_t indicating success (B_TRUE) or failure. 610Sstevel@tonic-gate * 620Sstevel@tonic-gate */ 630Sstevel@tonic-gate int priv_policy(const cred_t *, int, boolean_t, int, const char *); 640Sstevel@tonic-gate boolean_t priv_policy_only(const cred_t *, int, boolean_t); 650Sstevel@tonic-gate boolean_t priv_policy_choice(const cred_t *, int, boolean_t); 660Sstevel@tonic-gate 670Sstevel@tonic-gate struct kipc_perm; 680Sstevel@tonic-gate struct vfs; 690Sstevel@tonic-gate struct proc; 706134Scasper struct priv_set; 710Sstevel@tonic-gate 720Sstevel@tonic-gate int secpolicy_acct(const cred_t *); 736134Scasper int secpolicy_require_privs(const cred_t *, const struct priv_set *); 740Sstevel@tonic-gate int secpolicy_allow_setid(const cred_t *, uid_t, boolean_t); 750Sstevel@tonic-gate int secpolicy_audit_config(const cred_t *); 7612273SCasper.Dik@Sun.COM int secpolicy_audit_getattr(const cred_t *, boolean_t); 770Sstevel@tonic-gate int secpolicy_audit_modify(const cred_t *); 780Sstevel@tonic-gate int secpolicy_blacklist(const cred_t *); 790Sstevel@tonic-gate int secpolicy_chroot(const cred_t *); 800Sstevel@tonic-gate int secpolicy_clock_highres(const cred_t *); 810Sstevel@tonic-gate int secpolicy_console(const cred_t *); 826073Sacruz int secpolicy_contract_identity(const cred_t *); 830Sstevel@tonic-gate int secpolicy_contract_observer(const cred_t *, struct contract *); 840Sstevel@tonic-gate boolean_t secpolicy_contract_observer_choice(const cred_t *); 850Sstevel@tonic-gate int secpolicy_contract_event(const cred_t *); 860Sstevel@tonic-gate boolean_t secpolicy_contract_event_choice(const cred_t *); 870Sstevel@tonic-gate int secpolicy_coreadm(const cred_t *); 880Sstevel@tonic-gate int secpolicy_cpc_cpu(const cred_t *); 890Sstevel@tonic-gate int secpolicy_dispadm(const cred_t *); 901414Scindi int secpolicy_error_inject(const cred_t *); 910Sstevel@tonic-gate int secpolicy_excl_open(const cred_t *); 92*12633Sjohn.levon@sun.com int secpolicy_fs_allowed_mount(const char *); 930Sstevel@tonic-gate int secpolicy_fs_config(const cred_t *, const struct vfs *); 940Sstevel@tonic-gate int secpolicy_fs_linkdir(const cred_t *, const struct vfs *); 950Sstevel@tonic-gate int secpolicy_fs_minfree(const cred_t *, const struct vfs *); 96*12633Sjohn.levon@sun.com int secpolicy_fs_mount(cred_t *, vnode_t *, struct vfs *); 970Sstevel@tonic-gate int secpolicy_fs_quota(const cred_t *, const struct vfs *); 98*12633Sjohn.levon@sun.com int secpolicy_fs_unmount(cred_t *, struct vfs *); 994321Scasper int secpolicy_idmap(const cred_t *); 1003448Sdh155122 int secpolicy_ip(const cred_t *, int, boolean_t); 1013448Sdh155122 int secpolicy_ip_config(const cred_t *, boolean_t); 1027408SSebastien.Roy@Sun.COM int secpolicy_dl_config(const cred_t *); 10310616SSebastien.Roy@Sun.COM int secpolicy_iptun_config(const cred_t *); 1040Sstevel@tonic-gate int secpolicy_ipc_access(const cred_t *, const struct kipc_perm *, mode_t); 1050Sstevel@tonic-gate int secpolicy_ipc_config(const cred_t *); 1060Sstevel@tonic-gate int secpolicy_ipc_owner(const cred_t *, const struct kipc_perm *); 1070Sstevel@tonic-gate int secpolicy_kmdb(const cred_t *); 1080Sstevel@tonic-gate int secpolicy_lock_memory(const cred_t *); 1090Sstevel@tonic-gate int secpolicy_modctl(const cred_t *, int); 1100Sstevel@tonic-gate int secpolicy_net(const cred_t *, int, boolean_t); 1111676Sjpk int secpolicy_net_bindmlp(const cred_t *); 1120Sstevel@tonic-gate int secpolicy_net_config(const cred_t *, boolean_t); 1130Sstevel@tonic-gate int secpolicy_net_icmpaccess(const cred_t *); 1141676Sjpk int secpolicy_net_mac_aware(const cred_t *); 11510934Ssommerfeld@sun.com int secpolicy_net_mac_implicit(const cred_t *); 11610639SDarren.Reed@Sun.COM int secpolicy_net_observability(const cred_t *); 1176134Scasper int secpolicy_net_privaddr(const cred_t *, in_port_t, int proto); 1180Sstevel@tonic-gate int secpolicy_net_rawaccess(const cred_t *); 1191676Sjpk boolean_t secpolicy_net_reply_equal(const cred_t *); 1200Sstevel@tonic-gate int secpolicy_newproc(const cred_t *); 1210Sstevel@tonic-gate int secpolicy_nfs(const cred_t *); 12212494Sgerald.jelinek@sun.com int secpolicy_pbind(const cred_t *); 1230Sstevel@tonic-gate int secpolicy_pcfs_modify_bootpartition(const cred_t *); 12412273SCasper.Dik@Sun.COM int secpolicy_pfexec_register(const cred_t *); 1250Sstevel@tonic-gate int secpolicy_ponline(const cred_t *); 1260Sstevel@tonic-gate int secpolicy_pool(const cred_t *); 1270Sstevel@tonic-gate int secpolicy_power_mgmt(const cred_t *); 1289751Sjames.d.carlson@sun.com int secpolicy_ppp_config(const cred_t *); 1290Sstevel@tonic-gate int secpolicy_proc_access(const cred_t *); 1300Sstevel@tonic-gate int secpolicy_proc_excl_open(const cred_t *); 1310Sstevel@tonic-gate int secpolicy_proc_owner(const cred_t *, const cred_t *, int); 1320Sstevel@tonic-gate int secpolicy_proc_zone(const cred_t *); 1330Sstevel@tonic-gate int secpolicy_pset(const cred_t *); 1340Sstevel@tonic-gate int secpolicy_rctlsys(const cred_t *, boolean_t); 1350Sstevel@tonic-gate int secpolicy_resource(const cred_t *); 13610154SStan.Studzinski@Sun.COM int secpolicy_resource_anon_mem(const cred_t *); 1370Sstevel@tonic-gate int secpolicy_rpcmod_open(const cred_t *); 1380Sstevel@tonic-gate int secpolicy_rsm_access(const cred_t *, uid_t, mode_t); 1390Sstevel@tonic-gate int secpolicy_setpriority(const cred_t *); 1400Sstevel@tonic-gate int secpolicy_settime(const cred_t *); 1415331Samw int secpolicy_smb(const cred_t *); 1426007Sthurlow int secpolicy_smbfs_login(const cred_t *, uid_t); 1430Sstevel@tonic-gate int secpolicy_spec_open(const cred_t *, struct vnode *, int); 1440Sstevel@tonic-gate int secpolicy_sti(const cred_t *); 1450Sstevel@tonic-gate int secpolicy_swapctl(const cred_t *); 1460Sstevel@tonic-gate int secpolicy_sys_config(const cred_t *, boolean_t); 1470Sstevel@tonic-gate int secpolicy_zone_admin(const cred_t *, boolean_t); 1480Sstevel@tonic-gate int secpolicy_zone_config(const cred_t *); 1490Sstevel@tonic-gate int secpolicy_sys_devices(const cred_t *); 1500Sstevel@tonic-gate int secpolicy_systeminfo(const cred_t *); 1510Sstevel@tonic-gate int secpolicy_tasksys(const cred_t *); 1520Sstevel@tonic-gate int secpolicy_vnode_access(const cred_t *, vnode_t *, uid_t, mode_t); 15312273SCasper.Dik@Sun.COM int secpolicy_vnode_access2(const cred_t *, vnode_t *, uid_t, mode_t, mode_t); 15412273SCasper.Dik@Sun.COM int secpolicy_vnode_any_access(const cred_t *, vnode_t *, uid_t); 1559866SMark.Shellenbaum@Sun.COM int secpolicy_vnode_chown(const cred_t *, uid_t); 1560Sstevel@tonic-gate int secpolicy_vnode_create_gid(const cred_t *); 1570Sstevel@tonic-gate int secpolicy_vnode_owner(const cred_t *, uid_t); 1580Sstevel@tonic-gate int secpolicy_vnode_remove(const cred_t *); 1590Sstevel@tonic-gate int secpolicy_vnode_setdac(const cred_t *, uid_t); 1600Sstevel@tonic-gate int secpolicy_vnode_setid_retain(const cred_t *, boolean_t); 1610Sstevel@tonic-gate int secpolicy_vnode_setids_setgids(const cred_t *, gid_t); 1620Sstevel@tonic-gate int secpolicy_vnode_stky_modify(const cred_t *); 1635440Sjm199354 int secpolicy_vscan(const cred_t *); 1641544Seschrock int secpolicy_zinject(const cred_t *); 165789Sahrens int secpolicy_zfs(const cred_t *); 1664581Ssherrym int secpolicy_ucode_update(const cred_t *); 1674962Sdh155122 int secpolicy_sadopen(const cred_t *); 1681115Smarks void secpolicy_setid_clear(vattr_t *, cred_t *); 1694543Smarks void secpolicy_fs_mount_clearopts(cred_t *, struct vfs *); 1702796Smarks int secpolicy_setid_setsticky_clear(vnode_t *, vattr_t *, 1712796Smarks const vattr_t *, cred_t *); 1725331Samw int secpolicy_xvattr(xvattr_t *, uid_t, cred_t *, vtype_t); 1736784Sjohnlev int secpolicy_xvm_control(const cred_t *); 1740Sstevel@tonic-gate 1756134Scasper int secpolicy_basic_exec(const cred_t *, vnode_t *); 1760Sstevel@tonic-gate int secpolicy_basic_fork(const cred_t *); 1776134Scasper int secpolicy_basic_link(const cred_t *); 17812273SCasper.Dik@Sun.COM int secpolicy_basic_file_read(const cred_t *, vnode_t *, const char *); 17912273SCasper.Dik@Sun.COM int secpolicy_basic_file_write(const cred_t *, vnode_t *, const char *); 18011537SCasper.Dik@Sun.COM int secpolicy_basic_net_access(const cred_t *); 1810Sstevel@tonic-gate int secpolicy_basic_proc(const cred_t *); 1820Sstevel@tonic-gate int secpolicy_basic_procinfo(const cred_t *, struct proc *, struct proc *); 1830Sstevel@tonic-gate 1840Sstevel@tonic-gate int secpolicy_gart_access(const cred_t *); 1850Sstevel@tonic-gate int secpolicy_gart_map(const cred_t *); 1860Sstevel@tonic-gate /* 1870Sstevel@tonic-gate * This function to be called from xxfs_setattr(). 1880Sstevel@tonic-gate * Must be called with the node's attributes read-write locked. 1890Sstevel@tonic-gate * 1900Sstevel@tonic-gate * cred_t * - acting credentials 1910Sstevel@tonic-gate * struct vnode * - vnode we're operating on 1920Sstevel@tonic-gate * struct vattr *va - new attributes, va_mask may be 1930Sstevel@tonic-gate * changed on return from a call 1940Sstevel@tonic-gate * struct vattr *oldva - old attributes, need include owner 1950Sstevel@tonic-gate * and mode only 1960Sstevel@tonic-gate * int flags - setattr flags 1970Sstevel@tonic-gate * int iaccess(void *node, int mode, cred_t *cr) 1980Sstevel@tonic-gate * - non-locking internal access function 1990Sstevel@tonic-gate * mode be checked 2000Sstevel@tonic-gate * w/ VREAD|VWRITE|VEXEC, not fs 2010Sstevel@tonic-gate * internal mode encoding. 2020Sstevel@tonic-gate * 2030Sstevel@tonic-gate * void *node - internal node (inode, tmpnode) to 2040Sstevel@tonic-gate * pass as arg to iaccess 2050Sstevel@tonic-gate */ 2060Sstevel@tonic-gate int secpolicy_vnode_setattr(cred_t *, struct vnode *, struct vattr *, 2070Sstevel@tonic-gate const struct vattr *, int, int (void *, int, cred_t *), void *); 2080Sstevel@tonic-gate 2090Sstevel@tonic-gate /* 2100Sstevel@tonic-gate * Test privilege. Audit success or failure, allow privilege debugging. 2110Sstevel@tonic-gate * Returns 0 for success, err for failure. 2120Sstevel@tonic-gate */ 2130Sstevel@tonic-gate #define PRIV_POLICY(cred, priv, all, err, reason) \ 2140Sstevel@tonic-gate priv_policy((cred), (priv), (all), (err), (reason)) 2150Sstevel@tonic-gate 2160Sstevel@tonic-gate /* 2170Sstevel@tonic-gate * Test privilege. Audit success only, no privilege debugging. 2180Sstevel@tonic-gate * Returns 1 for success, and 0 for failure. 2190Sstevel@tonic-gate */ 2200Sstevel@tonic-gate #define PRIV_POLICY_CHOICE(cred, priv, all) \ 2210Sstevel@tonic-gate priv_policy_choice((cred), (priv), (all)) 2220Sstevel@tonic-gate 2230Sstevel@tonic-gate /* 2240Sstevel@tonic-gate * Test privilege. No priv_debugging, no auditing. 2250Sstevel@tonic-gate * Returns 1 for success, and 0 for failure. 2260Sstevel@tonic-gate */ 2270Sstevel@tonic-gate 2280Sstevel@tonic-gate #define PRIV_POLICY_ONLY(cred, priv, all) \ 2290Sstevel@tonic-gate priv_policy_only((cred), (priv), (all)) 2300Sstevel@tonic-gate 2310Sstevel@tonic-gate 2320Sstevel@tonic-gate #endif 2330Sstevel@tonic-gate 2340Sstevel@tonic-gate #ifdef __cplusplus 2350Sstevel@tonic-gate } 2360Sstevel@tonic-gate #endif 2370Sstevel@tonic-gate 2380Sstevel@tonic-gate #endif /* _SYS_POLICY_H */ 239