src/bus-proxyd/bus-xml-policy.h

   1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
   2
   3 #pragma once
   4
   5 /***
   6   This file is part of systemd.
   7
   8   Copyright 2013 Lennart Poettering
   9
  10   systemd is free software; you can redistribute it and/or modify it
  11   under the terms of the GNU Lesser General Public License as published by
  12   the Free Software Foundation; either version 2.1 of the License, or
  13   (at your option) any later version.
  14
  15   systemd is distributed in the hope that it will be useful, but
  16   WITHOUT ANY WARRANTY; without even the implied warranty of
  17   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  18   Lesser General Public License for more details.
  19
  20   You should have received a copy of the GNU Lesser General Public License
  21   along with systemd; If not, see <http://www.gnu.org/licenses/>.
  22 ***/
  23
  24 #include <inttypes.h>
  25 #include <pthread.h>
  26
  27 #include "list.h"
  28 #include "hashmap.h"
  29 #include "set.h"
  30
  31 typedef enum PolicyItemType {
  32         _POLICY_ITEM_TYPE_UNSET = 0,
  33         POLICY_ITEM_ALLOW,
  34         POLICY_ITEM_DENY,
  35         _POLICY_ITEM_TYPE_MAX,
  36         _POLICY_ITEM_TYPE_INVALID = -1,
  37 } PolicyItemType;
  38
  39 typedef enum PolicyItemClass {
  40         _POLICY_ITEM_CLASS_UNSET = 0,
  41         POLICY_ITEM_SEND,
  42         POLICY_ITEM_RECV,
  43         POLICY_ITEM_OWN,
  44         POLICY_ITEM_OWN_PREFIX,
  45         POLICY_ITEM_USER,
  46         POLICY_ITEM_GROUP,
  47         POLICY_ITEM_IGNORE,
  48         _POLICY_ITEM_CLASS_MAX,
  49         _POLICY_ITEM_CLASS_INVALID = -1,
  50 } PolicyItemClass;
  51
  52 typedef struct PolicyItem PolicyItem;
  53
  54 struct PolicyItem {
  55         PolicyItemType type;
  56         PolicyItemClass class;
  57         char *interface;
  58         char *member;
  59         char *error;
  60         char *path;
  61         char *name;
  62         uint8_t message_type;
  63         uid_t uid;
  64         gid_t gid;
  65
  66         bool uid_valid, gid_valid;
  67
  68         LIST_FIELDS(PolicyItem, items);
  69 };
  70
  71 typedef struct Policy {
  72         LIST_HEAD(PolicyItem, default_items);
  73         LIST_HEAD(PolicyItem, mandatory_items);
  74         LIST_HEAD(PolicyItem, on_console_items);
  75         LIST_HEAD(PolicyItem, no_console_items);
  76         Hashmap *user_items;
  77         Hashmap *group_items;
  78 } Policy;
  79
  80 typedef struct SharedPolicy {
  81         char **configuration;
  82         pthread_mutex_t lock;
  83         pthread_rwlock_t rwlock;
  84         Policy buffer;
  85         Policy *policy;
  86 } SharedPolicy;
  87
  88 /* policy */
  89
  90 int policy_load(Policy *p, char **files);
  91 void policy_free(Policy *p);
  92
  93 bool policy_check_own(Policy *p, uid_t uid, gid_t gid, const char *name);
  94 bool policy_check_hello(Policy *p, uid_t uid, gid_t gid);
  95 bool policy_check_one_recv(Policy *p,
  96                            uid_t uid,
  97                            gid_t gid,
  98                            int message_type,
  99                            const char *name,
 100                            const char *path,
 101                            const char *interface,
 102                            const char *member);
 103 bool policy_check_recv(Policy *p,
 104                        uid_t uid,
 105                        gid_t gid,
 106                        int message_type,
 107                        Set *names,
 108                        char **namesv,
 109                        const char *path,
 110                        const char *interface,
 111                        const char *member,
 112                        bool dbus_to_kernel);
 113 bool policy_check_one_send(Policy *p,
 114                            uid_t uid,
 115                            gid_t gid,
 116                            int message_type,
 117                            const char *name,
 118                            const char *path,
 119                            const char *interface,
 120                            const char *member);
 121 bool policy_check_send(Policy *p,
 122                        uid_t uid,
 123                        gid_t gid,
 124                        int message_type,
 125                        Set *names,
 126                        char **namesv,
 127                        const char *path,
 128                        const char *interface,
 129                        const char *member,
 130                        bool dbus_to_kernel,
 131                        char **out_used_name);
 132
 133 void policy_dump(Policy *p);
 134
 135 const char* policy_item_type_to_string(PolicyItemType t) _const_;
 136 PolicyItemType policy_item_type_from_string(const char *s) _pure_;
 137
 138 const char* policy_item_class_to_string(PolicyItemClass t) _const_;
 139 PolicyItemClass policy_item_class_from_string(const char *s) _pure_;
 140
 141 /* shared policy */
 142
 143 int shared_policy_new(SharedPolicy **out);
 144 SharedPolicy *shared_policy_free(SharedPolicy *sp);
 145
 146 int shared_policy_reload(SharedPolicy *sp);
 147 int shared_policy_preload(SharedPolicy *sp, char **configuration);
 148 Policy *shared_policy_acquire(SharedPolicy *sp);
 149 void shared_policy_release(SharedPolicy *sp, Policy *p);
 150
 151 DEFINE_TRIVIAL_CLEANUP_FUNC(SharedPolicy*, shared_policy_free);