blob: ed5fb80769c3731003cec9ea07a41001a3c72bf2 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001/*
2 * Security plug functions
3 *
4 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com>
5 * Copyright (C) 2001-2002 Greg Kroah-Hartman <greg@kroah.com>
6 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com>
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 */
13
14#include <linux/config.h>
15#include <linux/module.h>
16#include <linux/init.h>
17#include <linux/kernel.h>
18#include <linux/sched.h>
19#include <linux/security.h>
20
21#define SECURITY_FRAMEWORK_VERSION "1.0.0"
22
23/* things that live in dummy.c */
24extern struct security_operations dummy_security_ops;
25extern void security_fixup_ops(struct security_operations *ops);
26
27struct security_operations *security_ops; /* Initialized to NULL */
28
29static inline int verify(struct security_operations *ops)
30{
31 /* verify the security_operations structure exists */
32 if (!ops)
33 return -EINVAL;
34 security_fixup_ops(ops);
35 return 0;
36}
37
38static void __init do_security_initcalls(void)
39{
40 initcall_t *call;
41 call = __security_initcall_start;
42 while (call < __security_initcall_end) {
43 (*call) ();
44 call++;
45 }
46}
47
48/**
49 * security_init - initializes the security framework
50 *
51 * This should be called early in the kernel initialization sequence.
52 */
53int __init security_init(void)
54{
55 printk(KERN_INFO "Security Framework v" SECURITY_FRAMEWORK_VERSION
56 " initialized\n");
57
58 if (verify(&dummy_security_ops)) {
59 printk(KERN_ERR "%s could not verify "
60 "dummy_security_ops structure.\n", __FUNCTION__);
61 return -EIO;
62 }
63
64 security_ops = &dummy_security_ops;
65 do_security_initcalls();
66
67 return 0;
68}
69
70/**
71 * register_security - registers a security framework with the kernel
72 * @ops: a pointer to the struct security_options that is to be registered
73 *
74 * This function is to allow a security module to register itself with the
75 * kernel security subsystem. Some rudimentary checking is done on the @ops
76 * value passed to this function. A call to unregister_security() should be
77 * done to remove this security_options structure from the kernel.
78 *
79 * If there is already a security module registered with the kernel,
80 * an error will be returned. Otherwise 0 is returned on success.
81 */
82int register_security(struct security_operations *ops)
83{
84 if (verify(ops)) {
85 printk(KERN_DEBUG "%s could not verify "
86 "security_operations structure.\n", __FUNCTION__);
87 return -EINVAL;
88 }
89
90 if (security_ops != &dummy_security_ops)
91 return -EAGAIN;
92
93 security_ops = ops;
94
95 return 0;
96}
97
98/**
99 * unregister_security - unregisters a security framework with the kernel
100 * @ops: a pointer to the struct security_options that is to be registered
101 *
102 * This function removes a struct security_operations variable that had
103 * previously been registered with a successful call to register_security().
104 *
105 * If @ops does not match the valued previously passed to register_security()
106 * an error is returned. Otherwise the default security options is set to the
107 * the dummy_security_ops structure, and 0 is returned.
108 */
109int unregister_security(struct security_operations *ops)
110{
111 if (ops != security_ops) {
112 printk(KERN_INFO "%s: trying to unregister "
113 "a security_opts structure that is not "
114 "registered, failing.\n", __FUNCTION__);
115 return -EINVAL;
116 }
117
118 security_ops = &dummy_security_ops;
119
120 return 0;
121}
122
123/**
124 * mod_reg_security - allows security modules to be "stacked"
125 * @name: a pointer to a string with the name of the security_options to be registered
126 * @ops: a pointer to the struct security_options that is to be registered
127 *
128 * This function allows security modules to be stacked if the currently loaded
129 * security module allows this to happen. It passes the @name and @ops to the
130 * register_security function of the currently loaded security module.
131 *
132 * The return value depends on the currently loaded security module, with 0 as
133 * success.
134 */
135int mod_reg_security(const char *name, struct security_operations *ops)
136{
137 if (verify(ops)) {
138 printk(KERN_INFO "%s could not verify "
139 "security operations.\n", __FUNCTION__);
140 return -EINVAL;
141 }
142
143 if (ops == security_ops) {
144 printk(KERN_INFO "%s security operations "
145 "already registered.\n", __FUNCTION__);
146 return -EINVAL;
147 }
148
149 return security_ops->register_security(name, ops);
150}
151
152/**
153 * mod_unreg_security - allows a security module registered with mod_reg_security() to be unloaded
154 * @name: a pointer to a string with the name of the security_options to be removed
155 * @ops: a pointer to the struct security_options that is to be removed
156 *
157 * This function allows security modules that have been successfully registered
158 * with a call to mod_reg_security() to be unloaded from the system.
159 * This calls the currently loaded security module's unregister_security() call
160 * with the @name and @ops variables.
161 *
162 * The return value depends on the currently loaded security module, with 0 as
163 * success.
164 */
165int mod_unreg_security(const char *name, struct security_operations *ops)
166{
167 if (ops == security_ops) {
168 printk(KERN_INFO "%s invalid attempt to unregister "
169 " primary security ops.\n", __FUNCTION__);
170 return -EINVAL;
171 }
172
173 return security_ops->unregister_security(name, ops);
174}
175
176/**
177 * capable - calls the currently loaded security module's capable() function with the specified capability
178 * @cap: the requested capability level.
179 *
180 * This function calls the currently loaded security module's capable()
181 * function with a pointer to the current task and the specified @cap value.
182 *
183 * This allows the security module to implement the capable function call
184 * however it chooses to.
185 */
186int capable(int cap)
187{
188 if (security_ops->capable(current, cap)) {
189 /* capability denied */
190 return 0;
191 }
192
193 /* capability granted */
194 current->flags |= PF_SUPERPRIV;
195 return 1;
196}
197
198EXPORT_SYMBOL_GPL(register_security);
199EXPORT_SYMBOL_GPL(unregister_security);
200EXPORT_SYMBOL_GPL(mod_reg_security);
201EXPORT_SYMBOL_GPL(mod_unreg_security);
202EXPORT_SYMBOL(capable);
203EXPORT_SYMBOL(security_ops);