10Sstevel@tonic-gate /* 20Sstevel@tonic-gate * CDDL HEADER START 30Sstevel@tonic-gate * 40Sstevel@tonic-gate * The contents of this file are subject to the terms of the 51544Seschrock * Common Development and Distribution License (the "License"). 61544Seschrock * You may not use this file except in compliance with the License. 70Sstevel@tonic-gate * 80Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 90Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 100Sstevel@tonic-gate * See the License for the specific language governing permissions 110Sstevel@tonic-gate * and limitations under the License. 120Sstevel@tonic-gate * 130Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 140Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 150Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 160Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 170Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 180Sstevel@tonic-gate * 190Sstevel@tonic-gate * CDDL HEADER END 200Sstevel@tonic-gate */ 210Sstevel@tonic-gate /* 22*9751Sjames.d.carlson@sun.com * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 230Sstevel@tonic-gate * Use is subject to license terms. 240Sstevel@tonic-gate */ 250Sstevel@tonic-gate 260Sstevel@tonic-gate #ifndef _SYS_POLICY_H 270Sstevel@tonic-gate #define _SYS_POLICY_H 280Sstevel@tonic-gate 290Sstevel@tonic-gate #include <sys/types.h> 300Sstevel@tonic-gate #include <sys/cred.h> 310Sstevel@tonic-gate #include <sys/vnode.h> 320Sstevel@tonic-gate #include <sys/fs/snode.h> 330Sstevel@tonic-gate 340Sstevel@tonic-gate #ifdef __cplusplus 350Sstevel@tonic-gate extern "C" { 360Sstevel@tonic-gate #endif 370Sstevel@tonic-gate 380Sstevel@tonic-gate #ifdef _KERNEL 390Sstevel@tonic-gate 400Sstevel@tonic-gate #ifndef _IN_PORT_T 410Sstevel@tonic-gate #define _IN_PORT_T 420Sstevel@tonic-gate typedef uint16_t in_port_t; 430Sstevel@tonic-gate #endif 440Sstevel@tonic-gate 450Sstevel@tonic-gate /* 460Sstevel@tonic-gate * Policy routines; in case we check privileges in-line. 470Sstevel@tonic-gate * 480Sstevel@tonic-gate * priv_policy 490Sstevel@tonic-gate * privilege debugging 500Sstevel@tonic-gate * audits success & failure 510Sstevel@tonic-gate * returns 0 on success, error on failure 520Sstevel@tonic-gate * 530Sstevel@tonic-gate * priv_policy_choice 540Sstevel@tonic-gate * determines extend of operation 550Sstevel@tonic-gate * audit on success 560Sstevel@tonic-gate * returns a boolean_t indicating success (B_TRUE) or failure. 570Sstevel@tonic-gate * 580Sstevel@tonic-gate * priv_policy_only 590Sstevel@tonic-gate * when auditing is in appropriate (interrupt context) 600Sstevel@tonic-gate * to determine context of operation 610Sstevel@tonic-gate * returns a boolean_t indicating success (B_TRUE) or failure. 620Sstevel@tonic-gate * 630Sstevel@tonic-gate */ 640Sstevel@tonic-gate int priv_policy(const cred_t *, int, boolean_t, int, const char *); 650Sstevel@tonic-gate boolean_t priv_policy_only(const cred_t *, int, boolean_t); 660Sstevel@tonic-gate boolean_t priv_policy_choice(const cred_t *, int, boolean_t); 670Sstevel@tonic-gate 680Sstevel@tonic-gate struct kipc_perm; 690Sstevel@tonic-gate struct vfs; 700Sstevel@tonic-gate struct proc; 716134Scasper struct priv_set; 720Sstevel@tonic-gate 730Sstevel@tonic-gate int secpolicy_acct(const cred_t *); 746134Scasper int secpolicy_require_privs(const cred_t *, const struct priv_set *); 750Sstevel@tonic-gate int secpolicy_allow_setid(const cred_t *, uid_t, boolean_t); 760Sstevel@tonic-gate int secpolicy_audit_config(const cred_t *); 770Sstevel@tonic-gate int secpolicy_audit_getattr(const cred_t *); 780Sstevel@tonic-gate int secpolicy_audit_modify(const cred_t *); 790Sstevel@tonic-gate int secpolicy_blacklist(const cred_t *); 800Sstevel@tonic-gate int secpolicy_chroot(const cred_t *); 810Sstevel@tonic-gate int secpolicy_clock_highres(const cred_t *); 820Sstevel@tonic-gate int secpolicy_console(const cred_t *); 836073Sacruz int secpolicy_contract_identity(const cred_t *); 840Sstevel@tonic-gate int secpolicy_contract_observer(const cred_t *, struct contract *); 850Sstevel@tonic-gate boolean_t secpolicy_contract_observer_choice(const cred_t *); 860Sstevel@tonic-gate int secpolicy_contract_event(const cred_t *); 870Sstevel@tonic-gate boolean_t secpolicy_contract_event_choice(const cred_t *); 880Sstevel@tonic-gate int secpolicy_coreadm(const cred_t *); 890Sstevel@tonic-gate int secpolicy_cpc_cpu(const cred_t *); 900Sstevel@tonic-gate int secpolicy_dispadm(const cred_t *); 911414Scindi int secpolicy_error_inject(const cred_t *); 920Sstevel@tonic-gate int secpolicy_excl_open(const cred_t *); 930Sstevel@tonic-gate int secpolicy_fs_mount(cred_t *, vnode_t *, struct vfs *); 940Sstevel@tonic-gate int secpolicy_fs_unmount(cred_t *, struct vfs *); 950Sstevel@tonic-gate int secpolicy_fs_config(const cred_t *, const struct vfs *); 960Sstevel@tonic-gate int secpolicy_fs_linkdir(const cred_t *, const struct vfs *); 970Sstevel@tonic-gate int secpolicy_fs_minfree(const cred_t *, const struct vfs *); 980Sstevel@tonic-gate int secpolicy_fs_quota(const cred_t *, const struct vfs *); 994321Scasper int secpolicy_idmap(const cred_t *); 1003448Sdh155122 int secpolicy_ip(const cred_t *, int, boolean_t); 1013448Sdh155122 int secpolicy_ip_config(const cred_t *, boolean_t); 1027408SSebastien.Roy@Sun.COM int secpolicy_dl_config(const cred_t *); 1030Sstevel@tonic-gate int secpolicy_ipc_access(const cred_t *, const struct kipc_perm *, mode_t); 1040Sstevel@tonic-gate int secpolicy_ipc_config(const cred_t *); 1050Sstevel@tonic-gate int secpolicy_ipc_owner(const cred_t *, const struct kipc_perm *); 1060Sstevel@tonic-gate int secpolicy_kmdb(const cred_t *); 1070Sstevel@tonic-gate int secpolicy_lock_memory(const cred_t *); 1080Sstevel@tonic-gate int secpolicy_modctl(const cred_t *, int); 1090Sstevel@tonic-gate int secpolicy_net(const cred_t *, int, boolean_t); 1101676Sjpk int secpolicy_net_bindmlp(const cred_t *); 1110Sstevel@tonic-gate int secpolicy_net_config(const cred_t *, boolean_t); 1120Sstevel@tonic-gate int secpolicy_net_icmpaccess(const cred_t *); 1131676Sjpk int secpolicy_net_mac_aware(const cred_t *); 1146134Scasper int secpolicy_net_privaddr(const cred_t *, in_port_t, int proto); 1150Sstevel@tonic-gate int secpolicy_net_rawaccess(const cred_t *); 1161676Sjpk boolean_t secpolicy_net_reply_equal(const cred_t *); 1170Sstevel@tonic-gate int secpolicy_newproc(const cred_t *); 1180Sstevel@tonic-gate int secpolicy_nfs(const cred_t *); 1190Sstevel@tonic-gate int secpolicy_pcfs_modify_bootpartition(const cred_t *); 1200Sstevel@tonic-gate int secpolicy_ponline(const cred_t *); 1210Sstevel@tonic-gate int secpolicy_pool(const cred_t *); 1220Sstevel@tonic-gate int secpolicy_power_mgmt(const cred_t *); 123*9751Sjames.d.carlson@sun.com int secpolicy_ppp_config(const cred_t *); 1240Sstevel@tonic-gate int secpolicy_proc_access(const cred_t *); 1250Sstevel@tonic-gate int secpolicy_proc_excl_open(const cred_t *); 1260Sstevel@tonic-gate int secpolicy_proc_owner(const cred_t *, const cred_t *, int); 1270Sstevel@tonic-gate int secpolicy_proc_zone(const cred_t *); 1280Sstevel@tonic-gate int secpolicy_pset(const cred_t *); 1290Sstevel@tonic-gate int secpolicy_rctlsys(const cred_t *, boolean_t); 1300Sstevel@tonic-gate int secpolicy_resource(const cred_t *); 1310Sstevel@tonic-gate int secpolicy_rpcmod_open(const cred_t *); 1320Sstevel@tonic-gate int secpolicy_rsm_access(const cred_t *, uid_t, mode_t); 1330Sstevel@tonic-gate int secpolicy_setpriority(const cred_t *); 1340Sstevel@tonic-gate int secpolicy_settime(const cred_t *); 1355331Samw int secpolicy_smb(const cred_t *); 1366007Sthurlow int secpolicy_smbfs_login(const cred_t *, uid_t); 1370Sstevel@tonic-gate int secpolicy_spec_open(const cred_t *, struct vnode *, int); 1380Sstevel@tonic-gate int secpolicy_sti(const cred_t *); 1390Sstevel@tonic-gate int secpolicy_swapctl(const cred_t *); 1400Sstevel@tonic-gate int secpolicy_sys_config(const cred_t *, boolean_t); 1410Sstevel@tonic-gate int secpolicy_zone_admin(const cred_t *, boolean_t); 1420Sstevel@tonic-gate int secpolicy_zone_config(const cred_t *); 1430Sstevel@tonic-gate int secpolicy_sys_devices(const cred_t *); 1440Sstevel@tonic-gate int secpolicy_systeminfo(const cred_t *); 1450Sstevel@tonic-gate int secpolicy_tasksys(const cred_t *); 1460Sstevel@tonic-gate int secpolicy_vnode_access(const cred_t *, vnode_t *, uid_t, mode_t); 1477624SMark.Shellenbaum@Sun.COM int secpolicy_vnode_chown(const cred_t *, boolean_t); 1480Sstevel@tonic-gate int secpolicy_vnode_create_gid(const cred_t *); 1490Sstevel@tonic-gate int secpolicy_vnode_owner(const cred_t *, uid_t); 1500Sstevel@tonic-gate int secpolicy_vnode_remove(const cred_t *); 1510Sstevel@tonic-gate int secpolicy_vnode_setdac(const cred_t *, uid_t); 1520Sstevel@tonic-gate int secpolicy_vnode_setid_retain(const cred_t *, boolean_t); 1530Sstevel@tonic-gate int secpolicy_vnode_setids_setgids(const cred_t *, gid_t); 1540Sstevel@tonic-gate int secpolicy_vnode_stky_modify(const cred_t *); 1555440Sjm199354 int secpolicy_vscan(const cred_t *); 1561544Seschrock int secpolicy_zinject(const cred_t *); 157789Sahrens int secpolicy_zfs(const cred_t *); 1584581Ssherrym int secpolicy_ucode_update(const cred_t *); 1594962Sdh155122 int secpolicy_sadopen(const cred_t *); 1601115Smarks void secpolicy_setid_clear(vattr_t *, cred_t *); 1614543Smarks void secpolicy_fs_mount_clearopts(cred_t *, struct vfs *); 1622796Smarks int secpolicy_setid_setsticky_clear(vnode_t *, vattr_t *, 1632796Smarks const vattr_t *, cred_t *); 1645331Samw int secpolicy_xvattr(xvattr_t *, uid_t, cred_t *, vtype_t); 1658275SEric Cheng int secpolicy_dld_ioctl(const cred_t *, const char *, const char *); 1666784Sjohnlev int secpolicy_xvm_control(const cred_t *); 1670Sstevel@tonic-gate 1686134Scasper int secpolicy_basic_exec(const cred_t *, vnode_t *); 1690Sstevel@tonic-gate int secpolicy_basic_fork(const cred_t *); 1706134Scasper int secpolicy_basic_link(const cred_t *); 1710Sstevel@tonic-gate int secpolicy_basic_proc(const cred_t *); 1720Sstevel@tonic-gate int secpolicy_basic_procinfo(const cred_t *, struct proc *, struct proc *); 1730Sstevel@tonic-gate 1740Sstevel@tonic-gate int secpolicy_gart_access(const cred_t *); 1750Sstevel@tonic-gate int secpolicy_gart_map(const cred_t *); 1760Sstevel@tonic-gate /* 1770Sstevel@tonic-gate * This function to be called from xxfs_setattr(). 1780Sstevel@tonic-gate * Must be called with the node's attributes read-write locked. 1790Sstevel@tonic-gate * 1800Sstevel@tonic-gate * cred_t * - acting credentials 1810Sstevel@tonic-gate * struct vnode * - vnode we're operating on 1820Sstevel@tonic-gate * struct vattr *va - new attributes, va_mask may be 1830Sstevel@tonic-gate * changed on return from a call 1840Sstevel@tonic-gate * struct vattr *oldva - old attributes, need include owner 1850Sstevel@tonic-gate * and mode only 1860Sstevel@tonic-gate * int flags - setattr flags 1870Sstevel@tonic-gate * int iaccess(void *node, int mode, cred_t *cr) 1880Sstevel@tonic-gate * - non-locking internal access function 1890Sstevel@tonic-gate * mode be checked 1900Sstevel@tonic-gate * w/ VREAD|VWRITE|VEXEC, not fs 1910Sstevel@tonic-gate * internal mode encoding. 1920Sstevel@tonic-gate * 1930Sstevel@tonic-gate * void *node - internal node (inode, tmpnode) to 1940Sstevel@tonic-gate * pass as arg to iaccess 1950Sstevel@tonic-gate */ 1960Sstevel@tonic-gate int secpolicy_vnode_setattr(cred_t *, struct vnode *, struct vattr *, 1970Sstevel@tonic-gate const struct vattr *, int, int (void *, int, cred_t *), void *); 1980Sstevel@tonic-gate 1990Sstevel@tonic-gate /* 2000Sstevel@tonic-gate * Test privilege. Audit success or failure, allow privilege debugging. 2010Sstevel@tonic-gate * Returns 0 for success, err for failure. 2020Sstevel@tonic-gate */ 2030Sstevel@tonic-gate #define PRIV_POLICY(cred, priv, all, err, reason) \ 2040Sstevel@tonic-gate priv_policy((cred), (priv), (all), (err), (reason)) 2050Sstevel@tonic-gate 2060Sstevel@tonic-gate /* 2070Sstevel@tonic-gate * Test privilege. Audit success only, no privilege debugging. 2080Sstevel@tonic-gate * Returns 1 for success, and 0 for failure. 2090Sstevel@tonic-gate */ 2100Sstevel@tonic-gate #define PRIV_POLICY_CHOICE(cred, priv, all) \ 2110Sstevel@tonic-gate priv_policy_choice((cred), (priv), (all)) 2120Sstevel@tonic-gate 2130Sstevel@tonic-gate /* 2140Sstevel@tonic-gate * Test privilege. No priv_debugging, no auditing. 2150Sstevel@tonic-gate * Returns 1 for success, and 0 for failure. 2160Sstevel@tonic-gate */ 2170Sstevel@tonic-gate 2180Sstevel@tonic-gate #define PRIV_POLICY_ONLY(cred, priv, all) \ 2190Sstevel@tonic-gate priv_policy_only((cred), (priv), (all)) 2200Sstevel@tonic-gate 2210Sstevel@tonic-gate 2220Sstevel@tonic-gate #endif 2230Sstevel@tonic-gate 2240Sstevel@tonic-gate #ifdef __cplusplus 2250Sstevel@tonic-gate } 2260Sstevel@tonic-gate #endif 2270Sstevel@tonic-gate 2280Sstevel@tonic-gate #endif /* _SYS_POLICY_H */ 229