blob: f693e1f66b98521c3c6e0995a5c6182935b1b18a [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001/*
2 * Security plug functions
3 *
4 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com>
5 * Copyright (C) 2001-2002 Greg Kroah-Hartman <greg@kroah.com>
6 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com>
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 */
13
Randy.Dunlapc59ede72006-01-11 12:17:46 -080014#include <linux/capability.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070015#include <linux/config.h>
16#include <linux/module.h>
17#include <linux/init.h>
18#include <linux/kernel.h>
19#include <linux/sched.h>
20#include <linux/security.h>
21
22#define SECURITY_FRAMEWORK_VERSION "1.0.0"
23
24/* things that live in dummy.c */
25extern struct security_operations dummy_security_ops;
26extern void security_fixup_ops(struct security_operations *ops);
27
28struct security_operations *security_ops; /* Initialized to NULL */
29
30static inline int verify(struct security_operations *ops)
31{
32 /* verify the security_operations structure exists */
33 if (!ops)
34 return -EINVAL;
35 security_fixup_ops(ops);
36 return 0;
37}
38
39static void __init do_security_initcalls(void)
40{
41 initcall_t *call;
42 call = __security_initcall_start;
43 while (call < __security_initcall_end) {
44 (*call) ();
45 call++;
46 }
47}
48
49/**
50 * security_init - initializes the security framework
51 *
52 * This should be called early in the kernel initialization sequence.
53 */
54int __init security_init(void)
55{
56 printk(KERN_INFO "Security Framework v" SECURITY_FRAMEWORK_VERSION
57 " initialized\n");
58
59 if (verify(&dummy_security_ops)) {
60 printk(KERN_ERR "%s could not verify "
61 "dummy_security_ops structure.\n", __FUNCTION__);
62 return -EIO;
63 }
64
65 security_ops = &dummy_security_ops;
66 do_security_initcalls();
67
68 return 0;
69}
70
71/**
72 * register_security - registers a security framework with the kernel
73 * @ops: a pointer to the struct security_options that is to be registered
74 *
75 * This function is to allow a security module to register itself with the
76 * kernel security subsystem. Some rudimentary checking is done on the @ops
77 * value passed to this function. A call to unregister_security() should be
78 * done to remove this security_options structure from the kernel.
79 *
80 * If there is already a security module registered with the kernel,
81 * an error will be returned. Otherwise 0 is returned on success.
82 */
83int register_security(struct security_operations *ops)
84{
85 if (verify(ops)) {
86 printk(KERN_DEBUG "%s could not verify "
87 "security_operations structure.\n", __FUNCTION__);
88 return -EINVAL;
89 }
90
91 if (security_ops != &dummy_security_ops)
92 return -EAGAIN;
93
94 security_ops = ops;
95
96 return 0;
97}
98
99/**
100 * unregister_security - unregisters a security framework with the kernel
101 * @ops: a pointer to the struct security_options that is to be registered
102 *
103 * This function removes a struct security_operations variable that had
104 * previously been registered with a successful call to register_security().
105 *
106 * If @ops does not match the valued previously passed to register_security()
107 * an error is returned. Otherwise the default security options is set to the
108 * the dummy_security_ops structure, and 0 is returned.
109 */
110int unregister_security(struct security_operations *ops)
111{
112 if (ops != security_ops) {
113 printk(KERN_INFO "%s: trying to unregister "
114 "a security_opts structure that is not "
115 "registered, failing.\n", __FUNCTION__);
116 return -EINVAL;
117 }
118
119 security_ops = &dummy_security_ops;
120
121 return 0;
122}
123
124/**
125 * mod_reg_security - allows security modules to be "stacked"
126 * @name: a pointer to a string with the name of the security_options to be registered
127 * @ops: a pointer to the struct security_options that is to be registered
128 *
129 * This function allows security modules to be stacked if the currently loaded
130 * security module allows this to happen. It passes the @name and @ops to the
131 * register_security function of the currently loaded security module.
132 *
133 * The return value depends on the currently loaded security module, with 0 as
134 * success.
135 */
136int mod_reg_security(const char *name, struct security_operations *ops)
137{
138 if (verify(ops)) {
139 printk(KERN_INFO "%s could not verify "
140 "security operations.\n", __FUNCTION__);
141 return -EINVAL;
142 }
143
144 if (ops == security_ops) {
145 printk(KERN_INFO "%s security operations "
146 "already registered.\n", __FUNCTION__);
147 return -EINVAL;
148 }
149
150 return security_ops->register_security(name, ops);
151}
152
153/**
154 * mod_unreg_security - allows a security module registered with mod_reg_security() to be unloaded
155 * @name: a pointer to a string with the name of the security_options to be removed
156 * @ops: a pointer to the struct security_options that is to be removed
157 *
158 * This function allows security modules that have been successfully registered
159 * with a call to mod_reg_security() to be unloaded from the system.
160 * This calls the currently loaded security module's unregister_security() call
161 * with the @name and @ops variables.
162 *
163 * The return value depends on the currently loaded security module, with 0 as
164 * success.
165 */
166int mod_unreg_security(const char *name, struct security_operations *ops)
167{
168 if (ops == security_ops) {
169 printk(KERN_INFO "%s invalid attempt to unregister "
170 " primary security ops.\n", __FUNCTION__);
171 return -EINVAL;
172 }
173
174 return security_ops->unregister_security(name, ops);
175}
176
177/**
178 * capable - calls the currently loaded security module's capable() function with the specified capability
179 * @cap: the requested capability level.
180 *
181 * This function calls the currently loaded security module's capable()
182 * function with a pointer to the current task and the specified @cap value.
183 *
184 * This allows the security module to implement the capable function call
185 * however it chooses to.
186 */
187int capable(int cap)
188{
189 if (security_ops->capable(current, cap)) {
190 /* capability denied */
191 return 0;
192 }
193
194 /* capability granted */
195 current->flags |= PF_SUPERPRIV;
196 return 1;
197}
198
199EXPORT_SYMBOL_GPL(register_security);
200EXPORT_SYMBOL_GPL(unregister_security);
201EXPORT_SYMBOL_GPL(mod_reg_security);
202EXPORT_SYMBOL_GPL(mod_unreg_security);
203EXPORT_SYMBOL(capable);
204EXPORT_SYMBOL(security_ops);