Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/sys/systrace.h
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /* $NetBSD: systrace.h,v 1.21 2006/10/06 16:17:11 christos Exp $ */ 2 3 /* 4 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by Niels Provos. 18 * 4. The name of the author may not be used to endorse or promote products 19 * derived from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 22 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 23 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 24 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 26 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 30 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 #ifndef _SYS_SYSTRACE_H_ 34 #define _SYS_SYSTRACE_H_ 35 36 #include <sys/select.h> 37 #include <sys/ioccom.h> 38 #include <sys/lock.h> 39 40 #define SYSTR_EMULEN 8 /* sync with sys proc */ 41 42 struct str_msg_emul { 43 char emul[SYSTR_EMULEN]; 44 }; 45 46 struct str_msg_ugid { 47 uid_t uid; 48 gid_t gid; 49 }; 50 51 struct str_msg_execve { 52 char path[MAXPATHLEN]; 53 }; 54 55 #define SYSTR_MAX_POLICIES 64 56 #define SYSTR_MAXARGS 64 57 #define SYSTR_MAXFNAME 8 58 #define SYSTR_MAXREPLEN 2048 59 60 struct str_msg_ask { 61 int32_t code; 62 int32_t argsize; 63 register_t args[SYSTR_MAXARGS]; 64 register_t rval[2]; 65 int32_t result; 66 }; 67 68 /* Queued on fork or exit of a process */ 69 70 struct str_msg_child { 71 pid_t new_pid; 72 }; 73 74 #define SYSTR_MSG_ASK 1 75 #define SYSTR_MSG_RES 2 76 #define SYSTR_MSG_EMUL 3 77 #define SYSTR_MSG_CHILD 4 78 #define SYSTR_MSG_UGID 5 79 #define SYSTR_MSG_POLICYFREE 6 80 #define SYSTR_MSG_EXECVE 7 81 #define SYSTR_MSG_SCRIPTNAME 8 82 83 #define SYSTR_MSG_NOPROCESS(x) \ 84 ((x)->msg.msg_type == SYSTR_MSG_CHILD || \ 85 (x)->msg.msg_type == SYSTR_MSG_POLICYFREE) 86 87 struct str_message { 88 int32_t msg_type; 89 pid_t msg_pid; 90 uint16_t msg_seqnr; /* answer has to match seqnr */ 91 int16_t msg_policy; 92 union { 93 struct str_msg_emul msg_emul; 94 struct str_msg_ugid msg_ugid; 95 struct str_msg_ask msg_ask; 96 struct str_msg_child msg_child; 97 struct str_msg_execve msg_execve; 98 } msg_data; 99 }; 100 101 struct str_process; 102 struct str_msgcontainer { 103 TAILQ_ENTRY(str_msgcontainer) next; 104 struct str_process *strp; 105 106 struct str_message msg; 107 }; 108 109 110 struct systrace_answer { 111 pid_t stra_pid; 112 uint16_t stra_seqnr; 113 int16_t reserved; 114 uid_t stra_seteuid; /* elevated privileges for system call */ 115 gid_t stra_setegid; 116 int32_t stra_policy; 117 int32_t stra_error; 118 int32_t stra_flags; 119 }; 120 121 struct systrace_scriptname { 122 pid_t sn_pid; 123 char sn_scriptname[MAXPATHLEN]; 124 }; 125 126 #define SYSTR_READ 1 127 #define SYSTR_WRITE 2 128 129 struct systrace_io { 130 pid_t strio_pid; 131 int32_t strio_op; 132 void *strio_offs; 133 void *strio_addr; 134 size_t strio_len; 135 }; 136 137 #define SYSTR_POLICY_NEW 1 138 #define SYSTR_POLICY_ASSIGN 2 139 #define SYSTR_POLICY_MODIFY 3 140 141 struct systrace_policy { 142 int32_t strp_op; 143 int32_t strp_num; 144 union { 145 struct { 146 int16_t code; 147 int16_t policy; 148 } assign; 149 pid_t pid; 150 int32_t maxents; 151 } strp_data; 152 }; 153 154 #define strp_pid strp_data.pid 155 #define strp_maxents strp_data.maxents 156 #define strp_code strp_data.assign.code 157 #define strp_policy strp_data.assign.policy 158 159 #define SYSTR_NOLINKS 1 160 161 struct systrace_replace { 162 pid_t strr_pid; 163 uint16_t strr_seqnr; 164 int16_t reserved; 165 int32_t strr_nrepl; 166 caddr_t strr_base; /* Base memory */ 167 size_t strr_len; /* Length of memory */ 168 int32_t strr_argind[SYSTR_MAXARGS]; 169 size_t strr_off[SYSTR_MAXARGS]; 170 size_t strr_offlen[SYSTR_MAXARGS]; 171 int32_t strr_flags[SYSTR_MAXARGS]; 172 }; 173 174 #define STRIOCATTACH _IOW('s', 101, pid_t) 175 #define STRIOCDETACH _IOW('s', 102, pid_t) 176 #define STRIOCANSWER _IOW('s', 103, struct systrace_answer) 177 #define STRIOCIO _IOWR('s', 104, struct systrace_io) 178 #define STRIOCPOLICY _IOWR('s', 105, struct systrace_policy) 179 #define STRIOCGETCWD _IOW('s', 106, pid_t) 180 #define STRIOCRESCWD _IO('s', 107) 181 #define STRIOCREPORT _IOW('s', 108, pid_t) 182 #define STRIOCREPLACE _IOW('s', 109, struct systrace_replace) 183 #define STRIOCSCRIPTNAME _IOW('s', 110, struct systrace_scriptname) 184 185 #define SYSTR_POLICY_ASK 0 186 #define SYSTR_POLICY_PERMIT 1 187 #define SYSTR_POLICY_NEVER 2 188 189 #define SYSTR_FLAGS_RESULT 0x001 190 #define SYSTR_FLAGS_SETEUID 0x002 191 #define SYSTR_FLAGS_SETEGID 0x004 192 193 #ifdef _KERNEL 194 #include <sys/namei.h> 195 196 struct fsystrace { 197 struct lock lock; 198 struct selinfo si; 199 200 TAILQ_HEAD(strprocessq, str_process) processes; 201 size_t nprocesses; 202 203 TAILQ_HEAD(strpolicyq, str_policy) policies; 204 205 TAILQ_HEAD(strmessageq, str_msgcontainer) messages; 206 207 size_t npolicynr; 208 size_t npolicies; 209 210 int issuser; 211 uid_t p_ruid; 212 gid_t p_rgid; 213 214 /* cwd magic */ 215 pid_t fd_pid; 216 struct vnode *fd_cdir; 217 struct vnode *fd_rdir; 218 }; 219 220 /* Internal prototypes */ 221 222 int systrace_enter(struct lwp *, register_t, void *); 223 void systrace_namei(struct nameidata *); 224 void systrace_exit(struct lwp *, register_t, void *, register_t [], int); 225 void systrace_sys_exit(struct proc *); 226 void systrace_sys_fork(struct proc *, struct proc *); 227 #ifndef __NetBSD__ 228 void systrace_init(void); 229 #endif /* ! __NetBSD__ */ 230 void systrace_execve0(struct proc *); 231 void systrace_execve1(char *, struct proc *); 232 int systrace_scriptname(struct proc *, char *); 233 234 #endif /* _KERNEL */ 235 #endif /* !_SYS_SYSTRACE_H_ */
Cache object: b3baf67b8949d7462dcad1bd8a0d2d3b
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]