1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. 23 * Copyright 2015, Joyent, Inc. All rights reserved. 24 * Copyright 2023 RackTop Systems, Inc. 25 */ 26 27 #ifndef _SYS_POLICY_H 28 #define _SYS_POLICY_H 29 30 #include <sys/types.h> 31 #include <sys/cred.h> 32 #include <sys/vnode.h> 33 #include <sys/fs/snode.h> 34 35 #ifdef __cplusplus 36 extern "C" { 37 #endif 38 39 #ifdef _KERNEL 40 41 #ifndef _IN_PORT_T 42 #define _IN_PORT_T 43 typedef uint16_t in_port_t; 44 #endif 45 46 /* 47 * Policy routines; in case we check privileges in-line. 48 * 49 * priv_policy 50 * privilege debugging 51 * audits success & failure 52 * returns 0 on success, error on failure 53 * 54 * priv_policy_choice 55 * determines extend of operation 56 * audit on success 57 * returns a boolean_t indicating success (B_TRUE) or failure. 58 * 59 * priv_policy_only 60 * when auditing is in appropriate (interrupt context) 61 * to determine context of operation 62 * returns a boolean_t indicating success (B_TRUE) or failure. 63 * 64 */ 65 int priv_policy(const cred_t *, int, boolean_t, int, const char *); 66 boolean_t priv_policy_only(const cred_t *, int, boolean_t); 67 boolean_t priv_policy_choice(const cred_t *, int, boolean_t); 68 69 struct kipc_perm; 70 struct vfs; 71 struct proc; 72 struct priv_set; 73 74 int secpolicy_acct(const cred_t *); 75 int secpolicy_require_privs(const cred_t *, const struct priv_set *); 76 int secpolicy_allow_setid(const cred_t *, uid_t, boolean_t); 77 int secpolicy_audit_config(const cred_t *); 78 int secpolicy_audit_getattr(const cred_t *, boolean_t); 79 int secpolicy_audit_modify(const cred_t *); 80 int secpolicy_blacklist(const cred_t *); 81 int secpolicy_chroot(const cred_t *); 82 int secpolicy_clock_highres(const cred_t *); 83 int secpolicy_console(const cred_t *); 84 int secpolicy_contract_identity(const cred_t *); 85 int secpolicy_contract_observer(const cred_t *, struct contract *); 86 boolean_t secpolicy_contract_observer_choice(const cred_t *); 87 int secpolicy_contract_event(const cred_t *); 88 boolean_t secpolicy_contract_event_choice(const cred_t *); 89 int secpolicy_coreadm(const cred_t *); 90 int secpolicy_cpc_cpu(const cred_t *); 91 int secpolicy_dispadm(const cred_t *); 92 int secpolicy_error_inject(const cred_t *); 93 int secpolicy_excl_open(const cred_t *); 94 int secpolicy_fs_allowed_mount(const char *); 95 int secpolicy_fs_config(const cred_t *, const struct vfs *); 96 int secpolicy_fs_linkdir(const cred_t *, const struct vfs *); 97 int secpolicy_fs_minfree(const cred_t *, const struct vfs *); 98 int secpolicy_fs_mount(cred_t *, vnode_t *, struct vfs *); 99 int secpolicy_fs_quota(const cred_t *, const struct vfs *); 100 int secpolicy_fs_unmount(cred_t *, struct vfs *); 101 int secpolicy_idmap(const cred_t *); 102 int secpolicy_ip(const cred_t *, int, boolean_t); 103 int secpolicy_ip_config(const cred_t *, boolean_t); 104 int secpolicy_dl_config(const cred_t *); 105 int secpolicy_iptun_config(const cred_t *); 106 int secpolicy_ipc_access(const cred_t *, const struct kipc_perm *, mode_t); 107 int secpolicy_ipc_config(const cred_t *); 108 int secpolicy_ipc_owner(const cred_t *, const struct kipc_perm *); 109 int secpolicy_kmdb(const cred_t *); 110 int secpolicy_lock_memory(const cred_t *); 111 int secpolicy_meminfo(const cred_t *); 112 int secpolicy_modctl(const cred_t *, int); 113 int secpolicy_net(const cred_t *, int, boolean_t); 114 int secpolicy_net_bindmlp(const cred_t *); 115 int secpolicy_net_config(const cred_t *, boolean_t); 116 int secpolicy_net_icmpaccess(const cred_t *); 117 int secpolicy_net_mac_aware(const cred_t *); 118 int secpolicy_net_mac_implicit(const cred_t *); 119 int secpolicy_net_observability(const cred_t *); 120 int secpolicy_net_privaddr(const cred_t *, in_port_t, int proto); 121 int secpolicy_net_rawaccess(const cred_t *); 122 boolean_t secpolicy_net_reply_equal(const cred_t *); 123 int secpolicy_newproc(const cred_t *); 124 int secpolicy_nfs(const cred_t *); 125 int secpolicy_pbind(const cred_t *); 126 int secpolicy_pcfs_modify_bootpartition(const cred_t *); 127 int secpolicy_pfexec_register(const cred_t *); 128 int secpolicy_ponline(const cred_t *); 129 int secpolicy_pool(const cred_t *); 130 int secpolicy_power_mgmt(const cred_t *); 131 int secpolicy_ppp_config(const cred_t *); 132 int secpolicy_proc_access(const cred_t *); 133 int secpolicy_proc_excl_open(const cred_t *); 134 int secpolicy_proc_owner(const cred_t *, const cred_t *, int); 135 int secpolicy_proc_zone(const cred_t *); 136 int secpolicy_psecflags(const cred_t *, struct proc *, struct proc *); 137 int secpolicy_pset(const cred_t *); 138 int secpolicy_rctlsys(const cred_t *, boolean_t); 139 int secpolicy_resource(const cred_t *); 140 int secpolicy_resource_anon_mem(const cred_t *); 141 int secpolicy_rpcmod_open(const cred_t *); 142 int secpolicy_rsm_access(const cred_t *, uid_t, mode_t); 143 int secpolicy_raisepriority(const cred_t *); 144 int secpolicy_setpriority(const cred_t *); 145 int secpolicy_settime(const cred_t *); 146 int secpolicy_smb(const cred_t *); 147 int secpolicy_smbfs_login(const cred_t *, uid_t); 148 int secpolicy_spec_open(const cred_t *, struct vnode *, int); 149 int secpolicy_sti(const cred_t *); 150 int secpolicy_swapctl(const cred_t *); 151 int secpolicy_sys_config(const cred_t *, boolean_t); 152 int secpolicy_zone_admin(const cred_t *, boolean_t); 153 int secpolicy_zone_config(const cred_t *); 154 int secpolicy_sys_devices(const cred_t *); 155 int secpolicy_systeminfo(const cred_t *); 156 int secpolicy_tasksys(const cred_t *); 157 int secpolicy_vnode_access(const cred_t *, vnode_t *, uid_t, mode_t); 158 int secpolicy_vnode_access2(const cred_t *, vnode_t *, uid_t, mode_t, mode_t); 159 int secpolicy_vnode_any_access(const cred_t *, vnode_t *, uid_t); 160 int secpolicy_vnode_chown(const cred_t *, uid_t); 161 int secpolicy_vnode_create_gid(const cred_t *); 162 int secpolicy_vnode_owner(const cred_t *, uid_t); 163 int secpolicy_vnode_remove(const cred_t *); 164 int secpolicy_vnode_setdac(const cred_t *, uid_t); 165 int secpolicy_vnode_setdac3(const cred_t *, uid_t, boolean_t); 166 int secpolicy_vnode_setid_retain(const cred_t *, boolean_t); 167 int secpolicy_vnode_setids_setgids(const cred_t *, gid_t); 168 int secpolicy_vnode_stky_modify(const cred_t *); 169 int secpolicy_vscan(const cred_t *); 170 int secpolicy_hwmanip(const cred_t *); 171 int secpolicy_zinject(const cred_t *); 172 int secpolicy_zfs(const cred_t *); 173 int secpolicy_ucode_update(const cred_t *); 174 int secpolicy_sadopen(const cred_t *); 175 void secpolicy_setid_clear(vattr_t *, cred_t *); 176 void secpolicy_fs_mount_clearopts(cred_t *, struct vfs *); 177 int secpolicy_setid_setsticky_clear(vnode_t *, vattr_t *, 178 const vattr_t *, cred_t *); 179 int secpolicy_xvattr(xvattr_t *, uid_t, cred_t *, vtype_t); 180 int secpolicy_xvm_control(const cred_t *); 181 182 int secpolicy_basic_exec(const cred_t *, vnode_t *); 183 int secpolicy_basic_fork(const cred_t *); 184 int secpolicy_basic_link(const cred_t *); 185 int secpolicy_basic_file_read(const cred_t *, vnode_t *, const char *); 186 int secpolicy_basic_file_write(const cred_t *, vnode_t *, const char *); 187 int secpolicy_basic_net_access(const cred_t *); 188 int secpolicy_basic_proc(const cred_t *); 189 int secpolicy_basic_procinfo(const cred_t *, struct proc *, struct proc *); 190 191 int secpolicy_gart_access(const cred_t *); 192 int secpolicy_gart_map(const cred_t *); 193 /* 194 * This function to be called from xxfs_setattr(). 195 * Must be called with the node's attributes read-write locked. 196 * 197 * cred_t * - acting credentials 198 * struct vnode * - vnode we're operating on 199 * struct vattr *va - new attributes, va_mask may be 200 * changed on return from a call 201 * struct vattr *oldva - old attributes, need include owner 202 * and mode only 203 * int flags - setattr flags 204 * int iaccess(void *node, int mode, cred_t *cr) 205 * - non-locking internal access function 206 * mode be checked 207 * w/ VREAD|VWRITE|VEXEC, not fs 208 * internal mode encoding. 209 * 210 * void *node - internal node (inode, tmpnode) to 211 * pass as arg to iaccess 212 */ 213 int secpolicy_vnode_setattr(cred_t *, struct vnode *, struct vattr *, 214 const struct vattr *, int, int (void *, int, cred_t *), void *); 215 216 /* 217 * Test privilege. Audit success or failure, allow privilege debugging. 218 * Returns 0 for success, err for failure. 219 */ 220 #define PRIV_POLICY(cred, priv, all, err, reason) \ 221 priv_policy((cred), (priv), (all), (err), (reason)) 222 223 /* 224 * Test privilege. Audit success only, no privilege debugging. 225 * Returns 1 for success, and 0 for failure. 226 */ 227 #define PRIV_POLICY_CHOICE(cred, priv, all) \ 228 priv_policy_choice((cred), (priv), (all)) 229 230 /* 231 * Test privilege. No priv_debugging, no auditing. 232 * Returns 1 for success, and 0 for failure. 233 */ 234 235 #define PRIV_POLICY_ONLY(cred, priv, all) \ 236 priv_policy_only((cred), (priv), (all)) 237 238 239 #endif 240 241 #ifdef __cplusplus 242 } 243 #endif 244 245 #endif /* _SYS_POLICY_H */ 246