SELinux安全操作系统---给API函数移植钩子函数

最新推荐文章于 2023-04-14 19:14:59 发布
最新推荐文章于 2023-04-14 19:14:59 发布
阅读量564 收藏 1
点赞数
文章标签: 操作系统
原文链接:https://my.oschina.net/u/1466132/blog/815926
版权

在此声明:给系统添加的钩子函数众多,移植困难重重,每个函数添加,都需要搞清楚里面的各种参数和权限的关系,在此只列举钩子函数的声明部分,具体的添加钩子函数,需要在系统的每个函数的实现中进行调用,关于钩子函数调用接口部分,代码众多,在此不做阐述!

/*
 * RTEMS security.h
 *
 */

#ifndef __RTEMS_SECURITY_H
#define __RTEMS_SECURITY_H

#include <rtems.h>
#include <rtems/fs.h>
#include <rtems/imfs.h>

/* Max size of security context. */
#define MAX_CONTEXT_SIZE	48

struct security_operations *security_ops;	/* Initialized to NULL */
 
int sertems_init(void);
int sertems_set_context(char *con, size_t count);
int sertems_get_context(Thread_Control * p, char * con, size_t len);

struct security_operations {
	int (*object_getobject) (Objects_Control *obj, Objects_APIs the_api, uint16_t the_class);
	int (*object_ident) (Objects_Control *obj, Objects_APIs the_api, uint16_t the_class);
	int (*object_setname) (Objects_Control *obj, Objects_APIs the_api, uint16_t the_class);

	int (*task_create)(int security_level);
	int (*task_alloc_security) (Thread_Control * p, int security_level);
	void (*task_free_security) (Thread_Control * p);
	int (*task_set_context) (Thread_Control * p, int security_level);
	int (*task_start) (Thread_Control * p);
	int (*task_restart) (Thread_Control * p);
	int (*task_delete) (Thread_Control * p);
	int (*task_suspend) (Thread_Control * p);
	int (*task_resume) (Thread_Control * p);
	int (*task_getstat) (Thread_Control * p);
	int (*task_setprio) (Thread_Control * p);
	int (*task_setmode) (void);
	int (*task_getapi) (Thread_Control * p);
	int (*task_setapi) (Thread_Control * p);
	int (*task_addvar) (Thread_Control * p);
	int (*task_getvar) (Thread_Control * p);
	int (*task_delvar) (Thread_Control * p);
	int (*task_wake) (void);
	int (*task_setsched) (Thread_Control * p);
	int (*task_getsched) (Thread_Control * p);
	int (*task_setaffinity) (Thread_Control * p);
	int (*task_getaffinity) (Thread_Control * p);
	int (*task_kill) (Thread_Control * p, int sig);

	int (*sem_alloc_security) (CORE_semaphore_Control * sma);
	void (*sem_free_security) (CORE_semaphore_Control * sma);
	int (*sem_associate) (CORE_semaphore_Control * sma);
	int (*sem_delete) (CORE_semaphore_Control * sma);
	int (*sem_obtain) (CORE_semaphore_Control * sma);
	int (*sem_release) (CORE_semaphore_Control * sma);
	int (*sem_flush) (CORE_semaphore_Control * sma);

	int (*mutex_alloc_security) (CORE_mutex_Control * mutex);
	void (*mutex_free_security) (CORE_mutex_Control * mutex);
	int (*mutex_delete) (CORE_mutex_Control * mutex);
	int (*mutex_obtain) (CORE_mutex_Control * mutex);
	int (*mutex_release) (CORE_mutex_Control * mutex);
	int (*mutex_flush) (CORE_mutex_Control * mutex);
	int (*mutex_setprio) (CORE_mutex_Control * mutex);
	int (*mutex_getprio) (CORE_mutex_Control * mutex);

#ifdef RTEMS_NETWORKING
	int (*socket_create) (int domain, int type, int protocol);
	int (*socket_post_create) (struct socket * sock, int domain,
				    int type, int protocol);
	void (*socket_free_security) (struct socket * sock);
	int (*socket_bind) (struct socket * sock,
			    struct sockaddr * address, int addrlen);
	int (*socket_connect) (struct socket * sock,
			       struct sockaddr * address, int addrlen);
	int (*socket_listen) (struct socket * sock, int backlog);
	int (*socket_accept) (struct socket * sock, struct socket * newsock);
	int (*socket_sendmsg) (struct socket * sock);
	int (*socket_recvmsg) (struct socket * sock);
	int (*socket_getpeersockname) (struct socket * sock);
	int (*socket_getsockopt) (struct socket * sock, int level, int optname);
	int (*socket_setsockopt) (struct socket * sock, int level, int optname);
	int (*socket_shutdown) (struct socket * sock, int how);
#endif

	int (*msg_alloc_security) (CORE_message_queue_Buffer_control *the_message);
	int (*msg_free_security) (CORE_message_queue_Buffer_control *the_message);
	int (*msgq_create_security) (CORE_message_queue_Control * the_message_queue);
	int (*msgq_delete) (CORE_message_queue_Control * the_message_queue);
	void(*msgq_free_security) (CORE_message_queue_Control * the_message_queue);
	int(*msgq_flush) (CORE_message_queue_Control * the_message_queue);
	int(*msgq_send) (CORE_message_queue_Control *the_message_queue,
				    CORE_message_queue_Buffer_control *the_message);
	int(*msgq_receive) (CORE_message_queue_Control *the_message_queue,
				    CORE_message_queue_Buffer_control *the_message);
	int(*msgq_broadcast) (CORE_message_queue_Control * the_message_queue);
	int(*msgq_associate) (CORE_message_queue_Control * the_message_queue);
	int(*msgq_setattr) (CORE_message_queue_Control * the_message_queue);
	int(*msgq_getattr) (CORE_message_queue_Control * the_message_queue);

	int (*mt_alloc_security) (rtems_filesystem_mount_table_entry_t *mt_entry);
	void (*mt_free_security) (rtems_filesystem_mount_table_entry_t *mt_entry);
	int (*mt_kern_mount) (rtems_filesystem_mount_table_entry_t *mt_entry);
	//int (*mt_mount) (char *dev_name, struct nameidata * nd,
			 //char *type, unsigned long flags, void *data);
	int (*mt_statvfs) (rtems_filesystem_mount_table_entry_t *mt_entry);	
	int (*mt_umount) (rtems_filesystem_mount_table_entry_t *mt_entry);	

	int (*inode_alloc_security) (IMFS_jnode_t *inode);	
	void (*inode_free_security) (IMFS_jnode_t *inode);
	int (*inode_create) (rtems_filesystem_mount_table_entry_t *mt_entry,
				IMFS_jnode_t *dir, int mode);
	int (*inode_post_create) (rtems_filesystem_mount_table_entry_t *mt_entry,
			  IMFS_jnode_t *dir,
			  IMFS_jnode_t *inode);
	int (*inode_link) (IMFS_jnode_t *dir, IMFS_jnode_t *old_inode);
	int (*inode_remove) (IMFS_jnode_t *dir, IMFS_jnode_t *inode);
	int (*inode_rename) (IMFS_jnode_t *inode, IMFS_jnode_t *old_dir,
                                IMFS_jnode_t *new_dir);
	int (*inode_readlink) (IMFS_jnode_t *inode);
	int (*inode_chmod) (IMFS_jnode_t *inode);
	int (*inode_chown) (IMFS_jnode_t *inode);
	int (*inode_read) (IMFS_jnode_t *inode);
	int (*inode_write) (rtems_libio_t *iop, IMFS_jnode_t *inode);

	int (*libio_alloc_security) (rtems_libio_t *iop);
	void (*libio_free_security) (rtems_libio_t *iop);
	int (*libio_use) (rtems_libio_t *iop);
};

extern inline int security_object_getobject(Objects_Control *obj, Objects_APIs the_api, uint16_t the_class);

extern inline int security_object_ident(Objects_Control *obj, Objects_APIs the_api, uint16_t the_class);

extern inline int security_object_setname(Objects_Control *obj, Objects_APIs the_api, uint16_t the_class);

extern inline int security_task_create(int security_level);

extern inline int security_task_alloc (Thread_Control *p, int security_level);

extern inline void security_task_free(Thread_Control *p);

extern inline int security_task_setcon (Thread_Control *p, int security_level);

extern inline int security_task_start(Thread_Control *p);

extern inline int security_task_restart(Thread_Control *p);

extern inline int security_task_delete(Thread_Control *p);

extern inline int security_task_suspend(Thread_Control *p);

extern inline int security_task_resume(Thread_Control *p);

extern inline int security_task_getstat(Thread_Control *p);

extern inline int security_task_setprio(Thread_Control *p);

extern int security_task_setmode();

extern inline int security_task_getapi(Thread_Control *p);

extern inline int security_task_setapi(Thread_Control *p);

extern inline int security_task_addvar(Thread_Control *p);

extern inline int security_task_getvar(Thread_Control *p);

extern inline int security_task_delvar(Thread_Control *p);

extern inline int security_task_wake();

extern inline int security_task_setsched(Thread_Control *p);

extern inline int security_task_getsched(Thread_Control *p);

extern inline int security_task_setaffinity(Thread_Control *p);

extern inline int security_task_getaffinity(Thread_Control *p);

extern inline int security_task_kill(Thread_Control *p, int sig);

extern inline int security_sem_alloc (CORE_semaphore_Control *sma);

extern inline void security_sem_free (CORE_semaphore_Control *sma);

extern inline int security_sem_associate (CORE_semaphore_Control *sma);

extern inline int security_sem_delete (CORE_semaphore_Control *sma);

extern inline int security_sem_obtain (CORE_semaphore_Control *sma);

extern inline int security_sem_release (CORE_semaphore_Control *sma);

extern inline int security_sem_flush (CORE_semaphore_Control *sma);


extern inline int security_mutex_alloc (CORE_mutex_Control *mutex);

extern inline void security_mutex_free (CORE_mutex_Control *mutex);

extern inline int security_mutex_delete (CORE_mutex_Control *mutex);

extern inline int security_mutex_obtain (CORE_mutex_Control *mutex);

extern inline int security_mutex_release (CORE_mutex_Control *mutex);

extern inline int security_mutex_flush (CORE_mutex_Control *mutex);

extern inline int security_mutex_setprio (CORE_mutex_Control *mutex);

extern inline int security_mutex_getprio (CORE_mutex_Control *mutex);

extern inline int security_socket_create (int domain, int type, int protocol);

extern inline int security_socket_post_create(struct socket * sock, 
					       int domain,
					       int type, 
					       int protocol);

extern inline void security_socket_free(struct socket * sock);

extern inline int security_socket_bind(struct socket * sock, 
				       struct sockaddr * address, 
				       int addrlen);

extern inline int security_socket_connect(struct socket * sock, 
					  struct sockaddr * address, 
					  int addrlen);

extern inline int security_socket_listen(struct socket * sock, int backlog);

extern inline int security_socket_accept(struct socket * sock, 
					 struct socket * newsock);

extern inline int security_socket_sendmsg(struct socket * sock);

extern inline int security_socket_recvmsg(struct socket * sock);

extern inline int security_socket_getpeersockname(struct socket * sock);

extern inline int security_socket_getsockopt(struct socket * sock, 
					     int level, int optname);

extern inline int security_socket_setsockopt(struct socket * sock, 
					     int level, int optname);

extern inline int security_socket_shutdown(struct socket * sock, int how);

extern inline int security_msg_alloc(CORE_message_queue_Buffer_control *the_message);
extern inline void security_msg_free(CORE_message_queue_Buffer_control *the_message);
extern inline int security_msgq_create(CORE_message_queue_Control *the_message_queue);
extern inline int security_msgq_delete(CORE_message_queue_Control *the_message_queue);
extern inline void security_msgq_free(CORE_message_queue_Control *the_message_queue);
extern inline int security_msgq_flush(CORE_message_queue_Control *the_message_queue);
extern inline int security_msgq_send(CORE_message_queue_Control *the_message_queue, 
				       CORE_message_queue_Buffer_control *the_message);
extern inline int security_msgq_receive(CORE_message_queue_Control *the_message_queue, 
				       CORE_message_queue_Buffer_control *the_message);
extern inline int security_msgq_broadcast(CORE_message_queue_Control *the_message_queue);
extern inline int security_msgq_associate(CORE_message_queue_Control *the_message_queue);
extern inline int security_msgq_setattr(CORE_message_queue_Control *the_message_queue);
extern inline int security_msgq_getattr(CORE_message_queue_Control *the_message_queue);

extern inline int security_mt_alloc (rtems_filesystem_mount_table_entry_t *mt_entry);

extern inline void security_mt_free (rtems_filesystem_mount_table_entry_t *mt_entry);

extern inline int security_mt_kern_mount (rtems_filesystem_mount_table_entry_t *mt_entry);

extern inline int security_mt_statvfs (rtems_filesystem_mount_table_entry_t *mt_entry);

extern inline int security_mt_umount (rtems_filesystem_mount_table_entry_t *mt_entry);

extern inline int security_inode_alloc (IMFS_jnode_t *inode);

extern inline void security_inode_free (IMFS_jnode_t *inode);

extern inline int security_inode_create (rtems_filesystem_mount_table_entry_t *mt_entry,
				IMFS_jnode_t *dir, int mode);

extern inline int security_inode_post_create (rtems_filesystem_mount_table_entry_t *mt_entry,
			  IMFS_jnode_t *dir,
			  IMFS_jnode_t *inode);

extern inline int security_inode_link (IMFS_jnode_t *dir,
		    IMFS_jnode_t *old_inode);

extern inline int security_inode_remove (IMFS_jnode_t *dir,
		    IMFS_jnode_t *inode);

extern inline int security_inode_rename (IMFS_jnode_t *inode, 
								IMFS_jnode_t *old_dir,
                                IMFS_jnode_t *new_dir);

extern inline int security_inode_readlink (IMFS_jnode_t *inode);

extern inline int security_inode_chmod (IMFS_jnode_t *inode);

extern inline int security_inode_chown (IMFS_jnode_t *inode);

extern inline int security_inode_read (IMFS_jnode_t *inode);

extern inline int security_inode_write (rtems_libio_t *iop, IMFS_jnode_t *inode);

extern inline int security_libio_alloc (rtems_libio_t *iop);

extern inline void security_libio_free (rtems_libio_t *iop);

extern inline int security_libio_use (rtems_libio_t *iop);

#endif

钩子函数定义调用部分:

/*
 * RTEMS srtems_config.h
 *
 */

#ifndef __SERTEMS_CONFIG_H
#define __SERTEMS_CONFIG_H

#include <rtems/sertems/rtems_security.h>

/*
 * SERTEMS CONFIGURE
 */
#ifdef RTEMS_SERTEMS

  #if defined(CONFIGURE_SERTEMS_ALL) || \
      defined(CONFIGURE_SERTEMS_BASE) || \
      defined(CONFIGURE_SERTEMS_SEM)
    sertems_mac_sem = 1;
  #else
    sertems_mac_sem = 0;
  #endif

  #if defined(CONFIGURE_SERTEMS_ALL) || \
      defined(CONFIGURE_SERTEMS_BASE) || \
      defined(CONFIGURE_SERTEMS_MUTEX)
    sertems_mac_mutex = 1;
  #else
    sertems_mac_mutex = 0;
  #endif

  #if defined(CONFIGURE_SERTEMS_ALL) || \
      defined(CONFIGURE_SERTEMS_BASE) || \
      defined(CONFIGURE_SERTEMS_MSGQ)
    sertems_mac_msgq = 1;
  #else
    sertems_mac_msgq = 0;
  #endif

  #if defined(CONFIGURE_SERTEMS_ALL) || \
      defined(CONFIGURE_SERTEMS_BASE) || \
      defined(CONFIGURE_SERTEMS_FILE)
    sertems_mac_file = 1;
  #else
    sertems_mac_file = 0;
  #endif

#endif /* RTEMS_SERTEMS */

#ifdef RTEMS_SERTEMS
inline int security_object_getobject(Objects_Control *obj, Objects_APIs the_api, uint16_t the_class)
{
	return security_ops->object_getobject (obj, the_api, the_class);
}

inline int security_object_ident(Objects_Control *obj, Objects_APIs the_api, uint16_t the_class)
{
	return security_ops->object_ident (obj, the_api, the_class);
}

inline int security_object_setname(Objects_Control *obj, Objects_APIs the_api, uint16_t the_class)
{
	return security_ops->object_setname (obj, the_api, the_class);
}

inline int security_task_create(int security_level)
{
	return security_ops->task_create (security_level);
}

inline int security_task_alloc (Thread_Control *p, int security_level)
{
	return security_ops->task_alloc_security (p, security_level);
}

inline void security_task_free(Thread_Control *p)
{
	security_ops->task_free_security (p);
}

inline int security_task_setcon (Thread_Control *p, int security_level)
{
	return security_ops->task_set_context (p, security_level);
}

inline int security_task_start(Thread_Control *p)
{
	return security_ops->task_start (p);
}

inline int security_task_restart(Thread_Control *p)
{
	return security_ops->task_restart (p);
}

inline int security_task_delete(Thread_Control *p)
{
	return security_ops->task_delete (p);
}

inline int security_task_suspend(Thread_Control *p)
{
	return security_ops->task_suspend (p);
}

inline int security_task_resume(Thread_Control *p)
{
	return security_ops->task_resume (p);
}

inline int security_task_getstat(Thread_Control *p)
{
	return security_ops->task_getstat (p);
}

inline int security_task_setprio(Thread_Control *p)
{
	return security_ops->task_setprio (p);
}

inline int security_task_setmode()
{
	return security_ops->task_setmode ();
}

inline int security_task_getapi(Thread_Control *p)
{
	return security_ops->task_getapi (p);
}

inline int security_task_setapi(Thread_Control *p)
{
	return security_ops->task_setapi (p);
}

inline int security_task_addvar(Thread_Control *p)
{
	return security_ops->task_addvar (p);
}

inline int security_task_getvar(Thread_Control *p)
{
	return security_ops->task_getvar (p);
}

inline int security_task_delvar(Thread_Control *p)
{
	return security_ops->task_delvar (p);
}

inline int security_task_wake()
{
	return security_ops->task_wake ();
}

inline int security_task_setsched(Thread_Control *p)
{
	return security_ops->task_setsched (p);
}

inline int security_task_getsched(Thread_Control *p)
{
	return security_ops->task_getsched (p);
}

inline int security_task_setaffinity(Thread_Control *p)
{
	return security_ops->task_setaffinity(p);
}

inline int security_task_getaffinity(Thread_Control *p)
{
	return security_ops->task_getaffinity (p);
}

inline int security_task_kill(Thread_Control *p, int sig)
{
	return security_ops->task_kill (p, sig);
}

#if defined(CONFIGURE_SERTEMS_ALL) || \
      defined(CONFIGURE_SERTEMS_BASE) || \
      defined(CONFIGURE_SERTEMS_SEM)
inline int security_sem_alloc (CORE_semaphore_Control *sma)
{
	return security_ops->sem_alloc_security (sma);
}

inline void security_sem_free (CORE_semaphore_Control *sma)
{
	security_ops->sem_free_security (sma);
}

inline int security_sem_associate (CORE_semaphore_Control *sma)
{
	return security_ops->sem_associate (sma);
}

inline int security_sem_delete (CORE_semaphore_Control *sma)
{
	return security_ops->sem_delete (sma);
}

inline int security_sem_obtain (CORE_semaphore_Control *sma)
{
	return security_ops->sem_obtain (sma);
}

inline int security_sem_release (CORE_semaphore_Control *sma)
{
	return security_ops->sem_release (sma);
}

inline int security_sem_flush (CORE_semaphore_Control *sma)
{
	return security_ops->sem_flush (sma);
}

#else /* SERTEMS_SEM */

inline int security_sem_alloc (CORE_semaphore_Control *sma)
{
	return 0;
}

inline void security_sem_free (CORE_semaphore_Control *sma)
{ }

inline int security_sem_associate (CORE_semaphore_Control *sma)
{
	return 0;
}

inline int security_sem_delete (CORE_semaphore_Control *sma)
{
	return 0;
}

inline int security_sem_obtain (CORE_semaphore_Control *sma)
{
	return 0;
}

inline int security_sem_release (CORE_semaphore_Control *sma)
{
	return 0;
}

inline int security_sem_flush (CORE_semaphore_Control *sma)
{
	return 0;
}

#endif  /* SERTEMS_SEM */

#if defined(CONFIGURE_SERTEMS_ALL) || \
      defined(CONFIGURE_SERTEMS_BASE) || \
      defined(CONFIGURE_SERTEMS_MUTEX)
inline int security_mutex_alloc (CORE_mutex_Control *mutex)
{
	return security_ops->mutex_alloc_security (mutex);
}

inline void security_mutex_free (CORE_mutex_Control *mutex)
{
	security_ops->mutex_free_security (mutex);
}

inline int security_mutex_delete (CORE_mutex_Control *mutex)
{
	return security_ops->mutex_delete (mutex);
}

inline int security_mutex_obtain (CORE_mutex_Control *mutex)
{
	return security_ops->mutex_obtain (mutex);
}

inline int security_mutex_release (CORE_mutex_Control *mutex)
{
	return security_ops->mutex_release (mutex);
}

inline int security_mutex_flush (CORE_mutex_Control *mutex)
{
	return security_ops->mutex_flush (mutex);
}

inline int security_mutex_setprio (CORE_mutex_Control *mutex)
{
	return security_ops->mutex_setprio (mutex);
}

inline int security_mutex_getprio (CORE_mutex_Control *mutex)
{
	return security_ops->mutex_getprio (mutex);
}
#else
inline int security_mutex_alloc (CORE_mutex_Control *mutex)
{
	return 0;
}

inline void security_mutex_free (CORE_mutex_Control *mutex)
{ }

inline int security_mutex_delete (CORE_mutex_Control *mutex)
{
	return 0;
}

inline int security_mutex_obtain (CORE_mutex_Control *mutex)
{
	return 0;
}

inline int security_mutex_release (CORE_mutex_Control *mutex)
{
	return 0;
}

inline int security_mutex_flush (CORE_mutex_Control *mutex)
{
	return 0;
}

inline int security_mutex_setprio (CORE_mutex_Control *mutex)
{
	return 0;
}

inline int security_mutex_getprio (CORE_mutex_Control *mutex)
{
	return 0;
}
#endif  /* SERTEMS_MUTEX */

#ifdef RTEMS_NETWORKING
#if defined(CONFIGURE_SERTEMS_ALL) || \
      defined(CONFIGURE_SERTEMS_BASE) || \
      defined(CONFIGURE_SERTEMS_SOCKET)
inline int security_socket_create (int domain, int type, int protocol)
{
	return security_ops->socket_create(domain, type, protocol);
}

inline int security_socket_post_create(struct socket * sock, 
					       int domain,
					       int type, 
					       int protocol)
{
	return security_ops->socket_post_create(sock, domain, type, protocol);
}

inline void security_socket_free(struct socket * sock)
{
	security_ops->socket_free_security (sock);
}

inline int security_socket_bind(struct socket * sock, 
				       struct sockaddr * address, 
				       int addrlen)
{
	return security_ops->socket_bind(sock, address, addrlen);
}

inline int security_socket_connect(struct socket * sock, 
					  struct sockaddr * address, 
					  int addrlen)
{
	return security_ops->socket_connect(sock, address, addrlen);
}

inline int security_socket_listen(struct socket * sock, int backlog)
{
	return security_ops->socket_listen(sock, backlog);
}

inline int security_socket_accept(struct socket * sock, 
					 struct socket * newsock)
{
	return security_ops->socket_accept(sock, newsock);
}

inline int security_socket_sendmsg(struct socket * sock)
{
	return security_ops->socket_sendmsg(sock);
}

inline int security_socket_recvmsg(struct socket * sock)
{
	return security_ops->socket_recvmsg(sock);
}

inline int security_socket_getpeersockname(struct socket * sock)
{
	return security_ops->socket_getpeersockname(sock);
}

inline int security_socket_getsockopt(struct socket * sock, 
					     int level, int optname)
{
	return security_ops->socket_getsockopt(sock, level, optname);
}

inline int security_socket_setsockopt(struct socket * sock, 
					     int level, int optname)
{
	return security_ops->socket_setsockopt(sock, level, optname);
}

inline int security_socket_shutdown(struct socket * sock, int how)
{
	return security_ops->socket_shutdown(sock, how);
}
#else
inline int security_socket_create (int domain, int type, int protocol)
{
	return 0;
}

inline int security_socket_post_create(struct socket * sock, 
					       int domain,
					       int type, 
					       int protocol)
{
	return 0;
}

inline void security_socket_free(struct socket * sock)
{ }

inline int security_socket_bind(struct socket * sock, 
				       struct sockaddr * address, 
				       int addrlen)
{
	return 0;
}

inline int security_socket_connect(struct socket * sock, 
					  struct sockaddr * address, 
					  int addrlen)
{
	return 0;
}

inline int security_socket_listen(struct socket * sock, int backlog)
{
	return 0;
}

inline int security_socket_accept(struct socket * sock, 
					 struct socket * newsock)
{
	return 0;
}

inline int security_socket_sendmsg(struct socket * sock)
{
	return 0;
}

inline int security_socket_recvmsg(struct socket * sock)
{
	return 0;
}

inline int security_socket_getsockopt(struct socket * sock, 
					     int level, int optname)
{
	return 0;
}

inline int security_socket_setsockopt(struct socket * sock, 
					     int level, int optname)
{
	return 0;
}

inline int security_socket_shutdown(struct socket * sock, int how)
{
	return 0;
}

inline int security_socket_getpeersockname(struct socket * sock)
{
	return 0;
}
#endif /* SERTEMS_SOCKET */
#endif /* RTEMS_NETWORKING */

#if defined(CONFIGURE_SERTEMS_ALL) || \
      defined(CONFIGURE_SERTEMS_BASE) || \
      defined(CONFIGURE_SERTEMS_MSGQ)
inline int security_msg_alloc(CORE_message_queue_Buffer_control *the_message)
{
	return security_ops->msg_alloc_security(the_message);
}
inline void security_msg_free(CORE_message_queue_Buffer_control *the_message)
{
	 security_ops->msg_free_security(the_message);
}
inline int security_msgq_create(CORE_message_queue_Control *the_message_queue)
{
	return security_ops->msgq_create_security(the_message_queue);
}
inline int security_msgq_delete(CORE_message_queue_Control *the_message_queue)
{
	return security_ops->msgq_delete(the_message_queue);
}
inline void security_msgq_free(CORE_message_queue_Control *the_message_queue)
{
	 security_ops->msgq_free_security(the_message_queue);
}
inline int security_msgq_flush(CORE_message_queue_Control *the_message_queue)
{
	return security_ops->msgq_flush(the_message_queue);
}
inline int security_msgq_send(CORE_message_queue_Control *the_message_queue, 
				       CORE_message_queue_Buffer_control *the_message)
{
	return security_ops->msgq_send(the_message_queue,the_message);
}
inline int security_msgq_receive(CORE_message_queue_Control *the_message_queue, 
				       CORE_message_queue_Buffer_control *the_message)
{
	return security_ops->msgq_receive(the_message_queue,the_message);
}
inline int security_msgq_broadcast(CORE_message_queue_Control *the_message_queue)
{
	return security_ops->msgq_broadcast(the_message_queue);
}
inline int security_msgq_associate(CORE_message_queue_Control *the_message_queue)
{
	return security_ops->msgq_associate(the_message_queue);
}
inline int security_msgq_setattr(CORE_message_queue_Control *the_message_queue)
{
	return security_ops->msgq_setattr(the_message_queue);
}
inline int security_msgq_getattr(CORE_message_queue_Control *the_message_queue)
{
	return security_ops->msgq_getattr(the_message_queue);
}
#else
inline int security_msg_alloc(CORE_message_queue_Buffer_control *the_message)
{
	return 0;
}
inline void security_msg_free(CORE_message_queue_Buffer_control *the_message)
{
}
inline int security_msgq_create(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}
inline int security_msgq_delete(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}
inline void security_msgq_free(CORE_message_queue_Control *the_message_queue)
{}
inline int security_msgq_flush(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}
inline int security_msgq_send(CORE_message_queue_Control *the_message_queue, 
				       CORE_message_queue_Buffer_control *the_message)
{
	return 0;
}
inline int security_msgq_receive(CORE_message_queue_Control *the_message_queue, 
				       CORE_message_queue_Buffer_control *the_message)
{
	return 0;
}
inline int security_msgq_broadcast(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}
inline int security_msgq_associate(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}
inline int security_msgq_setattr(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}
inline int security_msgq_getattr(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}
#endif /* SERTEMS_MSGQ */

#if defined(CONFIGURE_SERTEMS_ALL) || \
      defined(CONFIGURE_SERTEMS_BASE) || \
      defined(CONFIGURE_SERTEMS_FILE)
inline int security_mt_alloc (rtems_filesystem_mount_table_entry_t *mt_entry)
{
	return security_ops->mt_alloc_security (mt_entry);
}

inline void security_mt_free (rtems_filesystem_mount_table_entry_t *mt_entry)
{
	security_ops->mt_free_security (mt_entry);
}

inline int security_mt_kern_mount (rtems_filesystem_mount_table_entry_t *mt_entry)
{
	return security_ops->mt_kern_mount (mt_entry);
}

inline int security_mt_statvfs (rtems_filesystem_mount_table_entry_t *mt_entry)
{
	return security_ops->mt_statvfs (mt_entry);
}

inline int security_mt_umount (rtems_filesystem_mount_table_entry_t *mt_entry)
{
	return security_ops->mt_umount (mt_entry);
}

inline int security_inode_alloc (IMFS_jnode_t *inode)
{
	return security_ops->inode_alloc_security (inode);
}

inline void security_inode_free (IMFS_jnode_t *inode)
{
	security_ops->inode_free_security (inode);
}

inline int security_inode_create (rtems_filesystem_mount_table_entry_t *mt_entry,
				IMFS_jnode_t *dir, int mode)
{
	return security_ops->inode_create (mt_entry, dir, mode);
}

inline int security_inode_post_create (rtems_filesystem_mount_table_entry_t *mt_entry,
			  IMFS_jnode_t *dir,
			  IMFS_jnode_t *inode)
{
	return security_ops->inode_post_create (mt_entry, dir, inode);
}

inline int security_inode_link (IMFS_jnode_t *dir,
		    IMFS_jnode_t *old_inode)
{
	return security_ops->inode_link (dir, old_inode);
}

inline int security_inode_remove (IMFS_jnode_t *dir,
		    IMFS_jnode_t *inode)
{
	return security_ops->inode_remove (dir, inode);
}

inline int security_inode_rename (IMFS_jnode_t *inode, 
								IMFS_jnode_t *old_dir,
                                IMFS_jnode_t *new_dir)
{
	return security_ops->inode_rename (inode, old_dir, new_dir);
}

inline int security_inode_readlink (IMFS_jnode_t *inode)
{
	return security_ops->inode_readlink (inode);
}

inline int security_inode_chmod (IMFS_jnode_t *inode)
{
	return security_ops->inode_chmod (inode);
}

inline int security_inode_chown (IMFS_jnode_t *inode)
{
	return security_ops->inode_chown (inode);
}

inline int security_inode_read (IMFS_jnode_t *inode)
{
	return security_ops->inode_read (inode);
}

inline int security_inode_write (rtems_libio_t *iop, IMFS_jnode_t *inode)
{
	return security_ops->inode_write (iop, inode);
}

inline int security_libio_alloc (rtems_libio_t *iop)
{
	return security_ops->libio_alloc_security (iop);
}

inline void security_libio_free (rtems_libio_t *iop)
{
	security_ops->libio_free_security (iop);
}

inline int security_libio_use (rtems_libio_t *iop)
{
	return security_ops->libio_use (iop);
}
#else

inline int security_mt_alloc (rtems_filesystem_mount_table_entry_t *mt_entry)
{
	return 0;
}

inline void security_mt_free (rtems_filesystem_mount_table_entry_t *mt_entry)
{ }

inline int security_mt_kern_mount (rtems_filesystem_mount_table_entry_t *mt_entry)
{
	return 0;
}

inline int security_mt_statvfs (rtems_filesystem_mount_table_entry_t *mt_entry)
{
	return 0;
}

inline int security_mt_umount (rtems_filesystem_mount_table_entry_t *mt_entry)
{
	return 0;
}

inline int security_inode_alloc (IMFS_jnode_t *inode)
{
	return 0;
}

inline void security_inode_free (IMFS_jnode_t *inode)
{ }

inline int security_inode_create (rtems_filesystem_mount_table_entry_t *mt_entry,
				IMFS_jnode_t *dir, int mode)
{
	return 0;
}

inline int security_inode_post_create (rtems_filesystem_mount_table_entry_t *mt_entry,
			  IMFS_jnode_t *dir,
			  IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_inode_link (IMFS_jnode_t *dir,
		    IMFS_jnode_t *old_inode)
{
	return 0;
}

inline int security_inode_remove (IMFS_jnode_t *dir,
		    IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_inode_rename (IMFS_jnode_t *inode, 
								IMFS_jnode_t *old_dir,
                                IMFS_jnode_t *new_dir)
{
	return 0;
}

inline int security_inode_readlink (IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_inode_chmod (IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_inode_chown (IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_inode_read (IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_inode_write (rtems_libio_t *iop, IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_libio_alloc (rtems_libio_t *iop)
{
	return 0;
}

inline void security_libio_free (rtems_libio_t *iop)
{ }

inline int security_libio_use (rtems_libio_t *iop)
{
	return 0;
}
#endif /* SERTEMS_FILE */

#else /* RTEMS_SERTEMS */

inline int security_object_getobject(Objects_Control *obj, Objects_APIs the_api, uint16_t the_class)
{
	return 0;
}

inline int security_object_ident(Objects_Control *obj, Objects_APIs the_api, uint16_t the_class)
{
	return 0;
}

inline int security_object_setname(Objects_Control *obj, Objects_APIs the_api, uint16_t the_class)
{
	return 0;
}

inline int security_task_create(int security_level)
{
	return 0;
}

inline int security_task_alloc (Thread_Control *p, int security_level)
{
	return 0;
}

inline void security_task_free(Thread_Control *p)
{ }

inline int security_task_setcon (Thread_Control *p, int security_level)
{
	return 0;
}

inline int security_task_start(Thread_Control *p)
{
	return 0;
}

inline int security_task_restart(Thread_Control *p)
{
	return 0;
}

inline int security_task_delete(Thread_Control *p)
{
	return 0;
}

inline int security_task_suspend(Thread_Control *p)
{
	return 0;
}

inline int security_task_resume(Thread_Control *p)
{
	return 0;
}

inline int security_task_getstat(Thread_Control *p)
{
	return 0;
}

inline int security_task_setprio(Thread_Control *p)
{
	return 0;
}

inline int security_task_setmode()
{
	return 0;
}

inline int security_task_getapi(Thread_Control *p)
{
	return 0;
}

inline int security_task_setapi(Thread_Control *p)
{
	return 0;
}

inline int security_task_addvar(Thread_Control *p)
{
	return 0;
}

inline int security_task_getvar(Thread_Control *p)
{
	return 0;
}

inline int security_task_delvar(Thread_Control *p)
{
	return 0;
}

inline int security_task_wake()
{
	return 0;
}

inline int security_task_setsched(Thread_Control *p)
{
	return 0;
}

inline int security_task_getsched(Thread_Control *p)
{
	return 0;
}

inline int security_task_setaffinity(Thread_Control *p)
{
	return 0;
}

inline int security_task_getaffinity(Thread_Control *p)
{
	return 0;
}

inline int security_task_kill(Thread_Control *p, int sig)
{
	return 0;
}

inline int security_sem_alloc (CORE_semaphore_Control *sma)
{
	return 0;
}

inline void security_sem_free (CORE_semaphore_Control *sma)
{ }

inline int security_sem_associate (CORE_semaphore_Control *sma)
{
	return 0;
}

inline int security_sem_delete (CORE_semaphore_Control *sma)
{
	return 0;
}

inline int security_sem_obtain (CORE_semaphore_Control *sma)
{
	return 0;
}

inline int security_sem_release (CORE_semaphore_Control *sma)
{
	return 0;
}

inline int security_sem_flush (CORE_semaphore_Control *sma)
{
	return 0;
}

inline int security_mutex_alloc (CORE_mutex_Control *mutex)
{
	return 0;
}

inline void security_mutex_free (CORE_mutex_Control *mutex)
{ }

inline int security_mutex_delete (CORE_mutex_Control *mutex)
{
	return 0;
}

inline int security_mutex_obtain (CORE_mutex_Control *mutex)
{
	return 0;
}

inline int security_mutex_release (CORE_mutex_Control *mutex)
{
	return 0;
}

inline int security_mutex_flush (CORE_mutex_Control *mutex)
{
	return 0;
}

inline int security_mutex_setprio (CORE_mutex_Control *mutex)
{
	return 0;
}

inline int security_mutex_getprio (CORE_mutex_Control *mutex)
{
	return 0;
}

inline int security_socket_create (int domain, int type, int protocol)
{
	return 0;
}

inline int security_socket_post_create(struct socket * sock, 
					       int domain,
					       int type, 
					       int protocol)
{
	return 0;
}

inline void security_socket_free(struct socket * sock)
{ }

inline int security_socket_bind(struct socket * sock, 
				       struct sockaddr * address, 
				       int addrlen)
{
	return 0;
}

inline int security_socket_connect(struct socket * sock, 
					  struct sockaddr * address, 
					  int addrlen)
{
	return 0;
}

inline int security_socket_listen(struct socket * sock, int backlog)
{
	return 0;
}

inline int security_socket_accept(struct socket * sock, 
					 struct socket * newsock)
{
	return 0;
}

inline int security_socket_sendmsg(struct socket * sock)
{
	return 0;
}

inline int security_socket_recvmsg(struct socket * sock)
{
	return 0;
}

inline int security_socket_getsockopt(struct socket * sock, 
					     int level, int optname)
{
	return 0;
}

inline int security_socket_setsockopt(struct socket * sock, 
					     int level, int optname)
{
	return 0;
}

inline int security_socket_shutdown(struct socket * sock, int how)
{
	return 0;
}

inline int security_socket_getpeersockname(struct socket * sock)
{
	return 0;
}
inline int security_msg_alloc(CORE_message_queue_Buffer_control *the_message)
{
	return 0;
}
inline void security_msg_free(CORE_message_queue_Buffer_control *the_message)
{
}
inline int security_msgq_create(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}
inline int security_msgq_delete(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}
inline void security_msgq_free(CORE_message_queue_Control *the_message_queue)
{}
inline int security_msgq_flush(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}
inline int security_msgq_send(CORE_message_queue_Control *the_message_queue, 
				       CORE_message_queue_Buffer_control *the_message)
{
	return 0;
}
inline int security_msgq_receive(CORE_message_queue_Control *the_message_queue, 
				       CORE_message_queue_Buffer_control *the_message)
{
	return 0;
}
inline int security_msgq_broadcast(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}
inline int security_msgq_associate(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}
inline int security_msgq_setattr(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}
inline int security_msgq_getattr(CORE_message_queue_Control *the_message_queue)
{
	return 0;
}

inline int security_mt_alloc (rtems_filesystem_mount_table_entry_t *mt_entry)
{
	return 0;
}

inline void security_mt_free (rtems_filesystem_mount_table_entry_t *mt_entry)
{ }

inline int security_mt_kern_mount (rtems_filesystem_mount_table_entry_t *mt_entry)
{
	return 0;
}

inline int security_mt_statvfs (rtems_filesystem_mount_table_entry_t *mt_entry)
{
	return 0;
}

inline int security_mt_umount (rtems_filesystem_mount_table_entry_t *mt_entry)
{
	return 0;
}

inline int security_inode_alloc (IMFS_jnode_t *inode)
{
	return 0;
}

inline void security_inode_free (IMFS_jnode_t *inode)
{ }

inline int security_inode_create (rtems_filesystem_mount_table_entry_t *mt_entry,
				IMFS_jnode_t *dir, int mode)
{
	return 0;
}

inline int security_inode_post_create (rtems_filesystem_mount_table_entry_t *mt_entry,
			  IMFS_jnode_t *dir,
			  IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_inode_link (IMFS_jnode_t *dir,
		    IMFS_jnode_t *old_inode)
{
	return 0;
}

inline int security_inode_remove (IMFS_jnode_t *dir,
		    IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_inode_rename (IMFS_jnode_t *inode, 
								IMFS_jnode_t *old_dir,
                                IMFS_jnode_t *new_dir)
{
	return 0;
}

inline int security_inode_readlink (IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_inode_chmod (IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_inode_chown (IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_inode_read (IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_inode_write (rtems_libio_t *iop, IMFS_jnode_t *inode)
{
	return 0;
}

inline int security_libio_alloc (rtems_libio_t *iop)
{
	return 0;
}

inline void security_libio_free (rtems_libio_t *iop)
{ }

inline int security_libio_use (rtems_libio_t *iop)
{
	return 0;
}
#endif /* RTEMS_SERTEMS */

#endif /* __SERTEMS_CONFIG_H */

 

转载于:https://my.oschina.net/u/1466132/blog/815926

chuoceng6947
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
ao-selinux:用于管理安全性增强LinuxSELinux)的Java API
03-05
用于管理安全性增强LinuxSELinux)的Java API。 项目链接 特征 清洁程序化访问。 semanage port命令的实现: 轻松地重新配置给定SELinux类型的所有端口。 自动合并相邻的端口范围。 提供所有端口的统一视图,隐藏默认策略和本地策略之间交互的细微差别和复杂性。 支持无缝覆盖默认策略。 检测不同SELinux类型之间的本地策略冲突。 占地面积小,依赖性最小-不在大型整体包装中。 动机 在将我们的服务器迁移到CentOS 7时,我们正在以强制模式与SELinux一起运行。 我们的服务器配置过程是用Java编程语言编写的。 我们希望有一个干净的SELinux界面,而不必直接使用semanage和其他命令。 评估替代品 我们无法通过 , 或找到任何现有的实现。
linux的netlink机制
lailaiquququ11的博客
08-19 733
linux下从内核空间到用户空间的异步通信可以使用到netLink,像设备的路由等信息都是通过该机制实现。 以下是一个netlink实例的链接: https://blog.csdn.net/qq_29214249/article/details/74909160
SELinux概念
Muggle的博客
12-03 1462
SELinux 已作为 Linux 安全模块 (LSM) 框架的一部分实现,该框架可识别各种内核对象以及对这些对象执行的敏感操作。其中每项操作要执行时,系统都会调用 LSM 钩子函数,以便根据不透明安全对象中存储的关于相应操作的信息来确定是否应允许执行相应操作。SELinux 针对这些钩子以及这些安全对象的管理提供了相应的实现,该实现可结合自己的政策来决定是否允许相应访问。 通过结合使用其他 Android 安全措施,Android 的访问控制政策能够大大降低遭到入侵的计算机和帐号可能蒙受的损失。Andr
selinux移植调试记录
UUUUUltraman的博客
02-10 851
由于近期在做的一个linux项目要上selinux功能,驱动上倒是问题不多,但是在配置权限时真的是各种难搞的问题,现在经过公司cybersecurity专家的不懈努力,总算是有所进展,做个记录。
linux内核中socket的创建过程源码分析(详细分析)
weixin_30378311的博客
01-29 344
1三个相关数据结构. 关于socket的创建,首先需要分析socket这个结构体,这是整个的核心。 104structsocket{ 105socket_statestate; 106 107kmemcheck_bitfield_begin(type); 108short...
container-selinux2.9-4.rar
06-20
centos系统安装docker时常缺此安装包, 下载rpm安装包后执行命令: rpm -i container-selinux-2.9-4.el7.noarch.rpm 即可完成安装,再继续docker其他安装。
SELinux详解-中文版.pdf
10-18
SELinux详解》是一本深度解析安全增强的LinuxSELinux操作系统的书籍,旨在帮助读者理解、编写、修改和管理SELinux策略,提升Linux系统的安全性。书中详细介绍了SELinux的作用、生效机制以及策略模块的编写,...
container-selinux-2.74-1.el7.noarch.rar
03-03
在IT行业中,容器技术已经成为应用部署和...在CentOS 7.4上安装Docker时,`container-selinux-2.74-1.el7.noarch.rpm`是不可或缺的一部分,特别是当线上资源有限时,这个离线安装包能确保顺利安装并提升系统的安全性。
container-selinux-2.74-1.el7.noarch.rpm
12-02
解决container-selinux >= 2:2.74,它被软件包 3:docker-ce-19.03.5-3.el7.x86_64 需要问题.container-selinux-2.74-1.el7.noarch.rpm
container-selinux-2.9-4.el7.noarch.rpm.zip
02-27
`container-selinux-2.9-4.el7.noarch.rpm.zip`这个压缩包文件是与Docker相关的,它包含了一个名为`container-selinux-2.9-4.el7.noarch.rpm`的软件包,这是Docker在Red Hat Enterprise Linux 7 (RHEL 7)或其兼容...
[源码解析]socket系统调用上
Erice_s的博客
04-14 815
透视socket系统调用
openwrt19.07移植selinux
心上枫叶红的博客
03-02 1428
基于openwrt19.07移植selinux与semange、sepolicy等工具
Ext2文件系统—文件打开关闭
DenzilXu的专栏
01-04 2482
1、文件打开 1.1 定义      用户进程在能够读写一个文件之前必须要先打开这个文件。对文件的读写从概念上应该是一种进程与文件系统之间的一种“有连接”通信,所谓“打开文件”实质上就是在进程与文件之间建立起链接,而“打开文件号”就唯一的标识着这样一个连接,也称为文件描述符(file descriptors,简称fd)。不过,严格意义上的“连接”意味着一个独立的“上下文”,如果一个进程与某个目
rename代码阅读(linux 3.10.104)
geshifei的博客
08-07 2783
前言 本文通过分析rename的代码,让读者对rename流程有清晰的认识。对于文中涉及的dentry、inode、ext3 disk layout、rcu锁、dcache等基础知识,请参考其他博文。 为避免用大篇篇幅介绍dentry lookup过程,我们假设路径名中各级分量的dentry存在dcache中,这样dentry lookup流程能够以无锁RCU方式快速地从dcache中找到对应...
linux 创建本地socket 返回-1,Linux内核Socket实现之------Socket创建(1)
weixin_36331580的博客
05-15 743
前言:对于Linux内核的Socket系列文章都是依据于:Linux-3.14.5的版本内核分析,对于文中的注释和问题的说明也参考了网络上经典分析文章,对他们奉献表示感谢!转载请标明:http://blog.chinaunix.net/uid-20788636-id-4408261.html1. Socket内核调用数SYSCALL_DEFINE3Socket的创建是在用户空间调用socket系统...
7.2 Shutdown系统调用
Remy的学习记录
04-05 1358
当应用进程不想再接收数据时,就可以关闭TCP连接。关闭的方式有两种:如果进程既不想发送数据,也不想接收数据,则可以选择完全关闭;如果进程不想发送数据,但仍可以接收数据,可以执行“半关闭”。         关闭TCP连接可以使用shutdown系统调用: int shutdown(int sockfd, int how);        sockfd是要关闭的TCP socket的文件描述符,
浅析proc文件系统的创建和create_proc_read_entry函数的具体实现
crond123的专栏
07-20 4543
<br />浅析kern_mount加载sysfs的流程<br /><br />    因为sysfs是一个内存文件系统, 所以文件的物理存储关系就需要使用sd来维护, 因此sysfs_dirent即sd就类似于硬盘中的磁道.<br />    sysfs文件系统是一个排它式的文件系统,不论被mount多少次都只产生一个sb超级块,<br /> 如果尝试再次mount,即尝试再次调用sysfs_get_sb获取另一个sb超级块,那么将执行atomic_inc(old->s_active);增加
字符设备管理机制分析(二)
zgolee的专栏
07-24 4799
2.2 添加字符设备实例              添加设备实例和其他的设备添加一样,都是调用函数device_add()来实现。              以input子系统中添加event设备为例:@ kernel/driver/input/evdev.c  -- evdev
基于Linux Security Module的基于角色的权限管理模块
jmhIcoding
03-31 1664
RBOS 为linux内核添加简易的基于角色的访问控制功能,系统基于LSM(Linux Security Module)模块; 为了能够支持insmod和rmmod ,我们对内核做了一定的修改,将security.c里面的security_hook_heads结构 EXPORT_SYMBOLS了。 系统要求 本驱动在ubuntu 14.04 amd64 可以很好的运行; 功能 定义好4类角色以及...
selinux-policy-3.13.1-268.el7_9.2.noarch
最新发布
09-01
SELinux是一种安全增强的Linux内核模块,通过强制访问控制机制来提高操作系统安全性能。 selinux-policy-3.13.1-268.el7_9.2.noarch 版本中的"3.13.1"代表策略版本号,该版本是一个较新的SELinux策略版本。数字...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值