src/bus-proxyd/bus-xml-policy.h

   1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
   2
   3 #pragma once
   4
   5 /***
   6   This file is part of systemd.
   7
   8   Copyright 2013 Lennart Poettering
   9
  10   systemd is free software; you can redistribute it and/or modify it
  11   under the terms of the GNU Lesser General Public License as published by
  12   the Free Software Foundation; either version 2.1 of the License, or
  13   (at your option) any later version.
  14
  15   systemd is distributed in the hope that it will be useful, but
  16   WITHOUT ANY WARRANTY; without even the implied warranty of
  17   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  18   Lesser General Public License for more details.
  19
  20   You should have received a copy of the GNU Lesser General Public License
  21   along with systemd; If not, see <http://www.gnu.org/licenses/>.
  22 ***/
  23
  24 #include <pthread.h>
  25
  26 #include "list.h"
  27 #include "hashmap.h"
  28
  29 typedef enum PolicyItemType {
  30         _POLICY_ITEM_TYPE_UNSET = 0,
  31         POLICY_ITEM_ALLOW,
  32         POLICY_ITEM_DENY,
  33         _POLICY_ITEM_TYPE_MAX,
  34         _POLICY_ITEM_TYPE_INVALID = -1,
  35 } PolicyItemType;
  36
  37 typedef enum PolicyItemClass {
  38         _POLICY_ITEM_CLASS_UNSET = 0,
  39         POLICY_ITEM_SEND,
  40         POLICY_ITEM_RECV,
  41         POLICY_ITEM_OWN,
  42         POLICY_ITEM_OWN_PREFIX,
  43         POLICY_ITEM_USER,
  44         POLICY_ITEM_GROUP,
  45         POLICY_ITEM_IGNORE,
  46         _POLICY_ITEM_CLASS_MAX,
  47         _POLICY_ITEM_CLASS_INVALID = -1,
  48 } PolicyItemClass;
  49
  50 typedef struct PolicyItem PolicyItem;
  51
  52 struct PolicyItem {
  53         PolicyItemType type;
  54         PolicyItemClass class;
  55         char *interface;
  56         char *member;
  57         char *error;
  58         char *path;
  59         char *name;
  60         uint8_t message_type;
  61         uid_t uid;
  62         gid_t gid;
  63
  64         bool uid_valid, gid_valid;
  65
  66         LIST_FIELDS(PolicyItem, items);
  67 };
  68
  69 typedef struct Policy {
  70         LIST_HEAD(PolicyItem, default_items);
  71         LIST_HEAD(PolicyItem, mandatory_items);
  72         LIST_HEAD(PolicyItem, on_console_items);
  73         LIST_HEAD(PolicyItem, no_console_items);
  74         Hashmap *user_items;
  75         Hashmap *group_items;
  76 } Policy;
  77
  78 typedef struct SharedPolicy {
  79         char **configuration;
  80         pthread_mutex_t lock;
  81         pthread_rwlock_t rwlock;
  82         Policy buffer;
  83         Policy *policy;
  84 } SharedPolicy;
  85
  86 /* policy */
  87
  88 int policy_load(Policy *p, char **files);
  89 void policy_free(Policy *p);
  90
  91 bool policy_check_own(Policy *p, uid_t uid, gid_t gid, const char *name);
  92 bool policy_check_hello(Policy *p, uid_t uid, gid_t gid);
  93 bool policy_check_one_recv(Policy *p,
  94                            uid_t uid,
  95                            gid_t gid,
  96                            int message_type,
  97                            const char *name,
  98                            const char *path,
  99                            const char *interface,
 100                            const char *member);
 101 bool policy_check_recv(Policy *p,
 102                        uid_t uid,
 103                        gid_t gid,
 104                        int message_type,
 105                        Set *names,
 106                        char **namesv,
 107                        const char *path,
 108                        const char *interface,
 109                        const char *member,
 110                        bool dbus_to_kernel);
 111 bool policy_check_one_send(Policy *p,
 112                            uid_t uid,
 113                            gid_t gid,
 114                            int message_type,
 115                            const char *name,
 116                            const char *path,
 117                            const char *interface,
 118                            const char *member);
 119 bool policy_check_send(Policy *p,
 120                        uid_t uid,
 121                        gid_t gid,
 122                        int message_type,
 123                        Set *names,
 124                        char **namesv,
 125                        const char *path,
 126                        const char *interface,
 127                        const char *member,
 128                        bool dbus_to_kernel,
 129                        char **out_used_name);
 130
 131 void policy_dump(Policy *p);
 132
 133 const char* policy_item_type_to_string(PolicyItemType t) _const_;
 134 PolicyItemType policy_item_type_from_string(const char *s) _pure_;
 135
 136 const char* policy_item_class_to_string(PolicyItemClass t) _const_;
 137 PolicyItemClass policy_item_class_from_string(const char *s) _pure_;
 138
 139 /* shared policy */
 140
 141 int shared_policy_new(SharedPolicy **out);
 142 SharedPolicy *shared_policy_free(SharedPolicy *sp);
 143
 144 int shared_policy_reload(SharedPolicy *sp);
 145 int shared_policy_preload(SharedPolicy *sp, char **configuration);
 146 Policy *shared_policy_acquire(SharedPolicy *sp);
 147 void shared_policy_release(SharedPolicy *sp, Policy *p);
 148
 149 DEFINE_TRIVIAL_CLEANUP_FUNC(SharedPolicy*, shared_policy_free);