/* $OpenBSD: systrace.h,v 1.20 2006/10/06 05:47:27 djm Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by Niels Provos. * 4. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef _SYSTRACE_H_ #define _SYSTRACE_H_ #include <sys/ioccom.h> #include <sys/rwlock.h> #define SYSTR_EMULEN 8 /* sync with sys proc */ struct str_msg_emul { char emul[SYSTR_EMULEN]; }; struct str_msg_ugid { uid_t uid; gid_t gid; }; struct str_msg_execve { char path[MAXPATHLEN]; }; #define SYSTR_MAX_POLICIES 64 #define SYSTR_MAXARGS 64 #define SYSTR_MAXFNAME 8 #define SYSTR_MAXINJECTS 8 #define SYSTR_MAXREPLEN 2048 struct str_msg_ask { int code; int argsize; register_t args[SYSTR_MAXARGS]; register_t rval[2]; int result; }; /* Queued on fork or exit of a process */ struct str_msg_child { pid_t new_pid; }; #define SYSTR_MSG_ASK 1 #define SYSTR_MSG_RES 2 #define SYSTR_MSG_EMUL 3 #define SYSTR_MSG_CHILD 4 #define SYSTR_MSG_UGID 5 #define SYSTR_MSG_POLICYFREE 6 #define SYSTR_MSG_EXECVE 7 #define SYSTR_MSG_NOPROCESS(x) \ ((x)->msg.msg_type == SYSTR_MSG_CHILD || \ (x)->msg.msg_type == SYSTR_MSG_POLICYFREE) struct str_message { int msg_type; pid_t msg_pid; u_int16_t msg_seqnr; /* answer has to match seqnr */ short msg_policy; union { struct str_msg_emul msg_emul; struct str_msg_ugid msg_ugid; struct str_msg_ask msg_ask; struct str_msg_child msg_child; struct str_msg_execve msg_execve; } msg_data; }; struct systrace_answer { pid_t stra_pid; u_int16_t stra_seqnr; short reserved; uid_t stra_seteuid; /* elevated privileges for system call */ uid_t stra_setegid; int stra_policy; int stra_error; int stra_flags; }; struct systrace_scriptname { pid_t sn_pid; char sn_scriptname[MAXPATHLEN]; }; #define SYSTR_READ 1 #define SYSTR_WRITE 2 struct systrace_io { pid_t strio_pid; int strio_op; void *strio_offs; void *strio_addr; size_t strio_len; }; #define SYSTR_POLICY_NEW 1 #define SYSTR_POLICY_ASSIGN 2 #define SYSTR_POLICY_MODIFY 3 struct systrace_policy { int strp_op; int strp_num; union { struct { short code; short policy; } assign; pid_t pid; int maxents; } strp_data; }; #define strp_pid strp_data.pid #define strp_maxents strp_data.maxents #define strp_code strp_data.assign.code #define strp_policy strp_data.assign.policy #define SYSTR_NOLINKS 1 struct systrace_replace { pid_t strr_pid; u_int16_t strr_seqnr; int16_t reserved; int strr_nrepl; caddr_t strr_base; /* Base memory */ size_t strr_len; /* Length of memory */ int strr_argind[SYSTR_MAXARGS]; size_t strr_off[SYSTR_MAXARGS]; size_t strr_offlen[SYSTR_MAXARGS]; int32_t strr_flags[SYSTR_MAXARGS]; }; struct systrace_inject { /* On return, this contains the stackgap address. */ caddr_t stri_addr; size_t stri_len; pid_t stri_pid; }; #define STRIOCCLONE _IOR('s', 100, int) #define SYSTR_CLONE STRIOCCLONE #define STRIOCATTACH _IOW('s', 101, pid_t) #define STRIOCDETACH _IOW('s', 102, pid_t) #define STRIOCANSWER _IOW('s', 103, struct systrace_answer) #define STRIOCIO _IOWR('s', 104, struct systrace_io) #define STRIOCPOLICY _IOWR('s', 105, struct systrace_policy) #define STRIOCGETCWD _IOW('s', 106, pid_t) #define STRIOCRESCWD _IO('s', 107) #define STRIOCREPORT _IOW('s', 108, pid_t) #define STRIOCREPLACE _IOW('s', 109, struct systrace_replace) #define STRIOCSCRIPTNAME _IOW('s', 110, struct systrace_scriptname) #define STRIOCINJECT _IOWR('s', 111, struct systrace_inject) #define SYSTR_POLICY_ASK 0 #define SYSTR_POLICY_PERMIT 1 #define SYSTR_POLICY_NEVER 2 #define SYSTR_FLAGS_RESULT 0x001 #define SYSTR_FLAGS_SETEUID 0x002 #define SYSTR_FLAGS_SETEGID 0x004 #ifdef _KERNEL #include <sys/namei.h> struct str_process; struct fsystrace { struct rwlock lock; struct selinfo si; TAILQ_HEAD(strprocessq, str_process) processes; int nprocesses; TAILQ_HEAD(strpolicyq, str_policy) policies; struct strprocessq messages; int npolicynr; int npolicies; int issuser; uid_t p_ruid; gid_t p_rgid; /* cwd magic */ pid_t fd_pid; struct vnode *fd_cdir; struct vnode *fd_rdir; }; /* Internal prototypes */ void systrace_namei(struct nameidata *); int systrace_redirect(int, struct proc *, void *, register_t *); void systrace_exit(struct proc *); void systrace_fork(struct proc *, struct proc *); void systrace_execve0(struct proc *); void systrace_execve1(char *, struct proc *); int systrace_scriptname(struct proc *, char *); #endif /* _KERNEL */ #endif /* _SYSTRACE_H_ */