1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0 */ 2*4882a593Smuzhiyun /* 3*4882a593Smuzhiyun * SafeSetID Linux Security Module 4*4882a593Smuzhiyun * 5*4882a593Smuzhiyun * Author: Micah Morton <mortonm@chromium.org> 6*4882a593Smuzhiyun * 7*4882a593Smuzhiyun * Copyright (C) 2018 The Chromium OS Authors. 8*4882a593Smuzhiyun * 9*4882a593Smuzhiyun * This program is free software; you can redistribute it and/or modify 10*4882a593Smuzhiyun * it under the terms of the GNU General Public License version 2, as 11*4882a593Smuzhiyun * published by the Free Software Foundation. 12*4882a593Smuzhiyun * 13*4882a593Smuzhiyun */ 14*4882a593Smuzhiyun #ifndef _SAFESETID_H 15*4882a593Smuzhiyun #define _SAFESETID_H 16*4882a593Smuzhiyun 17*4882a593Smuzhiyun #include <linux/types.h> 18*4882a593Smuzhiyun #include <linux/uidgid.h> 19*4882a593Smuzhiyun #include <linux/hashtable.h> 20*4882a593Smuzhiyun 21*4882a593Smuzhiyun /* Flag indicating whether initialization completed */ 22*4882a593Smuzhiyun extern int safesetid_initialized; 23*4882a593Smuzhiyun 24*4882a593Smuzhiyun enum sid_policy_type { 25*4882a593Smuzhiyun SIDPOL_DEFAULT, /* source ID is unaffected by policy */ 26*4882a593Smuzhiyun SIDPOL_CONSTRAINED, /* source ID is affected by policy */ 27*4882a593Smuzhiyun SIDPOL_ALLOWED /* target ID explicitly allowed */ 28*4882a593Smuzhiyun }; 29*4882a593Smuzhiyun 30*4882a593Smuzhiyun typedef union { 31*4882a593Smuzhiyun kuid_t uid; 32*4882a593Smuzhiyun kgid_t gid; 33*4882a593Smuzhiyun } kid_t; 34*4882a593Smuzhiyun 35*4882a593Smuzhiyun enum setid_type { 36*4882a593Smuzhiyun UID, 37*4882a593Smuzhiyun GID 38*4882a593Smuzhiyun }; 39*4882a593Smuzhiyun 40*4882a593Smuzhiyun /* 41*4882a593Smuzhiyun * Hash table entry to store safesetid policy signifying that 'src_id' 42*4882a593Smuzhiyun * can set*id to 'dst_id'. 43*4882a593Smuzhiyun */ 44*4882a593Smuzhiyun struct setid_rule { 45*4882a593Smuzhiyun struct hlist_node next; 46*4882a593Smuzhiyun kid_t src_id; 47*4882a593Smuzhiyun kid_t dst_id; 48*4882a593Smuzhiyun 49*4882a593Smuzhiyun /* Flag to signal if rule is for UID's or GID's */ 50*4882a593Smuzhiyun enum setid_type type; 51*4882a593Smuzhiyun }; 52*4882a593Smuzhiyun 53*4882a593Smuzhiyun #define SETID_HASH_BITS 8 /* 256 buckets in hash table */ 54*4882a593Smuzhiyun 55*4882a593Smuzhiyun /* Extension of INVALID_UID/INVALID_GID for kid_t type */ 56*4882a593Smuzhiyun #define INVALID_ID (kid_t){.uid = INVALID_UID} 57*4882a593Smuzhiyun 58*4882a593Smuzhiyun struct setid_ruleset { 59*4882a593Smuzhiyun DECLARE_HASHTABLE(rules, SETID_HASH_BITS); 60*4882a593Smuzhiyun char *policy_str; 61*4882a593Smuzhiyun struct rcu_head rcu; 62*4882a593Smuzhiyun 63*4882a593Smuzhiyun //Flag to signal if ruleset is for UID's or GID's 64*4882a593Smuzhiyun enum setid_type type; 65*4882a593Smuzhiyun }; 66*4882a593Smuzhiyun 67*4882a593Smuzhiyun enum sid_policy_type _setid_policy_lookup(struct setid_ruleset *policy, 68*4882a593Smuzhiyun kid_t src, kid_t dst); 69*4882a593Smuzhiyun 70*4882a593Smuzhiyun extern struct setid_ruleset __rcu *safesetid_setuid_rules; 71*4882a593Smuzhiyun extern struct setid_ruleset __rcu *safesetid_setgid_rules; 72*4882a593Smuzhiyun 73*4882a593Smuzhiyun #endif /* _SAFESETID_H */ 74