13 |
#include "internal.h" |
#include "internal.h" |
14 |
|
|
15 |
struct ccs_preference ccs_preference = { |
struct ccs_preference ccs_preference = { |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
|
16 |
.audit_max_grant_log = CONFIG_CCSECURITY_MAX_GRANT_LOG, |
.audit_max_grant_log = CONFIG_CCSECURITY_MAX_GRANT_LOG, |
17 |
.audit_max_reject_log = CONFIG_CCSECURITY_MAX_REJECT_LOG, |
.audit_max_reject_log = CONFIG_CCSECURITY_MAX_REJECT_LOG, |
|
#endif |
|
18 |
.audit_task_info = true, |
.audit_task_info = true, |
19 |
.audit_path_info = true, |
.audit_path_info = true, |
20 |
.enforcing_penalty = 0, |
.enforcing_penalty = 0, |
415 |
static int ccs_set_pref(char *data) |
static int ccs_set_pref(char *data) |
416 |
{ |
{ |
417 |
if (ccs_str_starts(&data, "audit")) { |
if (ccs_str_starts(&data, "audit")) { |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
|
418 |
ccs_set_uint(&ccs_preference.audit_max_grant_log, data, |
ccs_set_uint(&ccs_preference.audit_max_grant_log, data, |
419 |
"max_grant_log"); |
"max_grant_log"); |
420 |
ccs_set_uint(&ccs_preference.audit_max_reject_log, data, |
ccs_set_uint(&ccs_preference.audit_max_reject_log, data, |
421 |
"max_reject_log"); |
"max_reject_log"); |
|
#endif |
|
422 |
ccs_set_bool(&ccs_preference.audit_task_info, data, |
ccs_set_bool(&ccs_preference.audit_task_info, data, |
423 |
"task_info"); |
"task_info"); |
424 |
ccs_set_bool(&ccs_preference.audit_path_info, data, |
ccs_set_bool(&ccs_preference.audit_path_info, data, |
476 |
* 'config' from 'CCS_CONFIG_USE_DEAFULT'. |
* 'config' from 'CCS_CONFIG_USE_DEAFULT'. |
477 |
*/ |
*/ |
478 |
config = (config & ~7) | mode; |
config = (config & ~7) | mode; |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
|
479 |
if (config != CCS_CONFIG_USE_DEFAULT) { |
if (config != CCS_CONFIG_USE_DEFAULT) { |
480 |
switch (ccs_find_yesno(value, "grant_log")) { |
switch (ccs_find_yesno(value, "grant_log")) { |
481 |
case 1: |
case 1: |
494 |
break; |
break; |
495 |
} |
} |
496 |
} |
} |
|
#endif |
|
497 |
} |
} |
498 |
if (i < CCS_MAX_MAC_INDEX + CCS_MAX_MAC_CATEGORY_INDEX) |
if (i < CCS_MAX_MAC_INDEX + CCS_MAX_MAC_CATEGORY_INDEX) |
499 |
profile->config[i] = config; |
profile->config[i] = config; |
542 |
static void ccs_print_preference(struct ccs_io_buffer *head) |
static void ccs_print_preference(struct ccs_io_buffer *head) |
543 |
{ |
{ |
544 |
ccs_io_printf(head, "PREFERENCE::%s={ " |
ccs_io_printf(head, "PREFERENCE::%s={ " |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
|
545 |
"max_grant_log=%u max_reject_log=%u " |
"max_grant_log=%u max_reject_log=%u " |
|
#endif |
|
546 |
"task_info=%s path_info=%s }\n", "audit", |
"task_info=%s path_info=%s }\n", "audit", |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
|
547 |
ccs_preference.audit_max_grant_log, |
ccs_preference.audit_max_grant_log, |
548 |
ccs_preference.audit_max_reject_log, |
ccs_preference.audit_max_reject_log, |
|
#endif |
|
549 |
ccs_yesno(ccs_preference.audit_task_info), |
ccs_yesno(ccs_preference.audit_task_info), |
550 |
ccs_yesno(ccs_preference.audit_path_info)); |
ccs_yesno(ccs_preference.audit_path_info)); |
551 |
ccs_io_printf(head, "PREFERENCE::%s={ max_entry=%u }\n", |
ccs_io_printf(head, "PREFERENCE::%s={ max_entry=%u }\n", |
556 |
|
|
557 |
static void ccs_print_config(struct ccs_io_buffer *head, const u8 config) |
static void ccs_print_config(struct ccs_io_buffer *head, const u8 config) |
558 |
{ |
{ |
559 |
ccs_io_printf(head, "={ mode=%s", ccs_mode[config & 3]); |
ccs_io_printf(head, "={ mode=%s grant_log=%s reject_log=%s }\n", |
560 |
#ifdef CONFIG_CCSECURITY_AUDIT |
ccs_mode[config & 3], |
|
ccs_io_printf(head, " grant_log=%s reject_log=%s", |
|
561 |
ccs_yesno(config & CCS_CONFIG_WANT_GRANT_LOG), |
ccs_yesno(config & CCS_CONFIG_WANT_GRANT_LOG), |
562 |
ccs_yesno(config & CCS_CONFIG_WANT_REJECT_LOG)); |
ccs_yesno(config & CCS_CONFIG_WANT_REJECT_LOG)); |
|
#endif |
|
|
ccs_set_string(head, " }\n"); |
|
563 |
} |
} |
564 |
|
|
565 |
/** |
/** |
2214 |
head->write = ccs_write_exception; |
head->write = ccs_write_exception; |
2215 |
head->read = ccs_read_exception; |
head->read = ccs_read_exception; |
2216 |
break; |
break; |
|
#ifdef CONFIG_CCSECURITY_AUDIT |
|
2217 |
case CCS_GRANTLOG: /* /proc/ccs/grant_log */ |
case CCS_GRANTLOG: /* /proc/ccs/grant_log */ |
2218 |
case CCS_REJECTLOG: /* /proc/ccs/reject_log */ |
case CCS_REJECTLOG: /* /proc/ccs/reject_log */ |
2219 |
head->poll = ccs_poll_log; |
head->poll = ccs_poll_log; |
2220 |
head->read = ccs_read_log; |
head->read = ccs_read_log; |
2221 |
break; |
break; |
|
#endif |
|
2222 |
case CCS_SELFDOMAIN: /* /proc/ccs/self_domain */ |
case CCS_SELFDOMAIN: /* /proc/ccs/self_domain */ |
2223 |
head->read = ccs_read_self_domain; |
head->read = ccs_read_self_domain; |
2224 |
break; |
break; |