2 * Copyright (c) 2012, 2013, Intel Corporation
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are
8 * * Redistributions of source code must retain the above copyright notice,
9 * this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * * Neither the name of Intel Corporation nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
18 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
19 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
20 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
21 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
22 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
23 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
27 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 #include <sys/smack.h>
32 #include <murphy/common/debug.h>
33 #include <murphy/core/context.h>
34 #include <murphy/core/auth.h>
37 static int smack_auth(const char *target, mrp_auth_mode_t mode, const char *id,
38 const char *token, void *auth_data)
44 MRP_UNUSED(auth_data);
46 if (target == NULL || id == NULL)
49 access[0] = (mode & MRP_AUTH_MODE_READ) ? 'r' : '-';
50 access[1] = (mode & MRP_AUTH_MODE_WRITE) ? 'w' : '-';
51 access[2] = (mode & MRP_AUTH_MODE_EXEC) ? 'x' : '-';
54 status = smack_have_access(target, id, access);
56 mrp_debug("SMACK '%s' access of %s to %s: %d", access, id, target, status);
60 return MRP_AUTH_RESULT_GRANT;
62 return MRP_AUTH_RESULT_DENY;
65 return MRP_AUTH_RESULT_ERROR;
70 MRP_REGISTER_AUTHENTICATOR("smack", NULL, smack_auth);