PERFORCE change 15878 for review

Brian Feldman green at freebsd.org
Mon Aug 12 20:52:03 GMT 2002 

http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15878

Change 15878 by green at green_laptop_2 on 2002/08/12 13:51:22

	Add a new entry point and system call,
	mac_get_pid()/MAC_EXTERNALIZE_PID, which allow for a process
	to retrieve an externalized representation of the label on a
	process.  Any combination of policies can be queried for the
	information via this interface; not all have to be.  This is
	halfway between a stopgap and a prototype for a slightly better
	externalization/internalization interface.

Affected files ...

.. //depot/projects/trustedbsd/mac/bin/ps/extern.h#6 edit
.. //depot/projects/trustedbsd/mac/bin/ps/keyword.c#8 edit
.. //depot/projects/trustedbsd/mac/bin/ps/print.c#8 edit
.. //depot/projects/trustedbsd/mac/bin/ps/ps.1#7 edit
.. //depot/projects/trustedbsd/mac/bin/ps/ps.c#10 edit
.. //depot/projects/trustedbsd/mac/sys/kern/init_sysent.c#26 edit
.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#234 edit
.. //depot/projects/trustedbsd/mac/sys/kern/syscalls.c#26 edit
.. //depot/projects/trustedbsd/mac/sys/kern/syscalls.master#23 edit
.. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#21 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#147 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#112 edit
.. //depot/projects/trustedbsd/mac/sys/sys/syscall.h#26 edit
.. //depot/projects/trustedbsd/mac/sys/sys/syscall.mk#26 edit
.. //depot/projects/trustedbsd/mac/sys/sys/sysproto.h#27 edit

Differences ...

==== //depot/projects/trustedbsd/mac/bin/ps/extern.h#6 (text+ko) ====

@@ -74,6 +74,7 @@
 int	 s_rgroupname(KINFO *);
 int	 s_runame(KINFO *);
 int	 s_uname(KINFO *);
+void	 sebsd(KINFO *, VARENT *);
 void	 showkey(void);
 void	 started(KINFO *, VARENT *);
 void	 state(KINFO *, VARENT *);

==== //depot/projects/trustedbsd/mac/bin/ps/keyword.c#8 (text+ko) ====

@@ -164,6 +164,7 @@
 		UINT, UIDFMT, 0},
 	{"ruser", "RUSER", NULL, LJUST|DSIZ, runame, s_runame, USERLEN,
 		0, CHAR, NULL, 0},
+	{"sebsd", "SEBSD", NULL, LJUST, sebsd, NULL, 0, 0, CHAR, NULL, 0},
 	{"sid", "SID", NULL, 0, kvar, NULL, PIDLEN, KOFF(ki_sid), UINT,
 		PIDFMT, 0},
 	{"sig", "PENDING", NULL, 0, kvar, NULL, 8, KOFF(ki_siglist), INT,

==== //depot/projects/trustedbsd/mac/bin/ps/print.c#8 (text+ko) ====

@@ -45,6 +45,7 @@
 #include <sys/proc.h>
 #include <sys/stat.h>
 
+#include <sys/mac.h>
 #include <sys/user.h>
 #include <sys/sysctl.h>
 
@@ -742,3 +743,21 @@
 	v = ve->var;
 	(void)printf("%-*d", v->width, get_lattr(k->ki_p->ki_pid));
 }
+
+void
+sebsd(KINFO *k, VARENT *ve)
+{
+	char buf[128];
+	struct mac_pid_data mpd;
+	size_t datalen;
+	VAR *v;
+
+	strcpy(buf, "<<whoknows>>");
+	strcpy(mpd.mpd_name, "trustedbsd_sebsd");
+	mpd.mpd_data = buf;
+	datalen = sizeof(buf);
+	mpd.mpd_datalen = &datalen;
+	(void)mac_get_pid(k->ki_p->ki_pid, &mpd, 1);
+	v = ve->var;
+	(void)printf("%*s", v->width, mpd.mpd_data);
+}

==== //depot/projects/trustedbsd/mac/bin/ps/ps.1#7 (text+ko) ====

@@ -144,6 +144,10 @@
 .It Fl r
 Sort by current cpu usage, instead of by process
 .Tn ID .
+.It Fl s
+Add sebsd to the list of keywords for which
+.Nm
+will display information.
 .It Fl S
 Change the way the process time is calculated by summing all exited
 children to their parent process.
@@ -334,6 +338,8 @@
 .It X
 The process is being traced or debugged.
 .El
+.It sebsd
+The SEBSD security context of the process.
 .It tt
 An abbreviation for the pathname of the controlling terminal, if any.
 The abbreviation consists of the three letters following

==== //depot/projects/trustedbsd/mac/bin/ps/ps.c#10 (text+ko) ====

@@ -109,13 +109,14 @@
 static char ufmt[] = "user,pid,%cpu,%mem,vsz,rss,tt,state,start,time,command";
 static char vfmt[] = "pid,state,time,sl,re,pagein,vsz,rss,lim,tsiz,%cpu,%mem,command";
 static char Zfmt[] = "lvl";
+static char sfmt[] = "sebsd";
 
 static kvm_t *kd;
 
 #if defined(LAZY_PS)
-#define PS_ARGS	"aCcefghjLlM:mN:O:o:p:rSTt:U:uvwxZ"
+#define PS_ARGS	"aCcefghjLlM:mN:O:o:p:rsSTt:U:uvwxZ"
 #else
-#define PS_ARGS	"aCceghjLlM:mN:O:o:p:rSTt:U:uvwxZ"
+#define PS_ARGS	"aCceghjLlM:mN:O:o:p:rsSTt:U:uvwxZ"
 #endif
 
 int
@@ -241,6 +242,10 @@
 		case 'r':
 			sortby = SORTCPU;
 			break;
+		case 's':
+			parsefmt(sfmt);
+			sfmt[0] = '\0';
+			break;
 		case 'S':
 			sumrusage = 1;
 			break;
@@ -646,7 +651,7 @@
 {
 
 	(void)fprintf(stderr, "%s\n%s\n%s\n",
-	    "usage: ps [-aChjlmrSTuvwx] [-O|o fmt] [-p pid] [-t tty] [-U user]",
+	    "usage: ps [-aChjlmrsSTuvwx] [-O|o fmt] [-p pid] [-t tty] [-U user]",
 	    "          [-M core] [-N system]",
 	    "       ps [-L]");
 	exit(1);

==== //depot/projects/trustedbsd/mac/sys/kern/init_sysent.c#26 (text+ko) ====

@@ -423,4 +423,5 @@
 	{ AS(uuidgen_args), (sy_call_t *)uuidgen },	/* 392 = uuidgen */
 	{ SYF_MPSAFE | AS(sendfile_args), (sy_call_t *)sendfile },	/* 393 = sendfile */
 	{ SYF_MPSAFE | AS(mac_syscall_args), (sy_call_t *)mac_syscall },	/* 394 = mac_syscall */
+	{ SYF_MPSAFE | AS(mac_get_pid_args), (sy_call_t *)mac_get_pid },	/* 395 = mac_get_pid */
 };

==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#234 (text+ko) ====

@@ -198,7 +198,7 @@
 static int	mac_policy_unregister(struct mac_policy_conf *mpc);
 
 static int	mac_stdcreatevnode_ea(struct vnode *vp);
-static void	mac_cred_mmapped_drop_perms(struct thread *td,
+void	mac_cred_mmapped_drop_perms(struct thread *td,
 		    struct ucred *cred);
 static void	mac_cred_mmapped_drop_perms_recurse(struct thread *td,
 		    struct ucred *cred, struct vm_map *map);
@@ -474,6 +474,10 @@
 			mpc->mpc_ops->mpo_externalize =
 			    mpe->mpe_function;
 			break;
+		case MAC_EXTERNALIZE_PID:
+			mpc->mpc_ops->mpo_externalize_pid =
+			    mpe->mpe_function;
+			break;
 		case MAC_INTERNALIZE:
 			mpc->mpc_ops->mpo_internalize =
 			    mpe->mpe_function;
@@ -2062,7 +2066,7 @@
  * memory space, and revoke access (in the least surprising ways we
  * know) when necessary.  The process lock is not held here.
  */
-static void
+void
 mac_cred_mmapped_drop_perms(struct thread *td, struct ucred *cred)
 {
 
@@ -2899,6 +2903,55 @@
 	return (error);
 }
 
+#if 0
+395     MSTD    BSD     { int __mac_get_pid(pid_t pid,
+                                struct mac_pid_data *mpd, size_t mpdcnt) };
+#endif
+
+int
+mac_get_pid(struct thread *td, struct mac_get_pid_args *uap)
+{
+	struct mac_pid_data mpd;
+	struct mac_policy_conf *mpc;
+	struct proc *tproc;
+	struct ucred *tcred;
+	int error;
+	int i;
+
+	tproc = pfind(uap->pid);
+	if (tproc == NULL)
+		return (ESRCH);
+	tcred = crhold(tproc->p_ucred);
+	PROC_UNLOCK(tproc);
+	MAC_POLICY_LIST_BUSY();
+	error = mac_check_cred_visible(td->td_ucred, tcred);
+	if (error)
+		goto out;
+	for (i = 0; i < uap->mpdcnt; i++) {
+		error = copyin(&uap->mpd[i], &mpd, sizeof(mpd));
+		if (error)
+			goto out;
+		LIST_FOREACH(mpc, &mac_policy_list, mpc_list) {
+			if (strcmp(mpc->mpc_name, mpd.mpd_name) == 0)
+				break;
+		}
+		if (mpc == NULL) {
+			error = ENOENT;
+			goto out;
+		}
+		if (mpc->mpc_ops->mpo_externalize_pid == NULL) {
+			error = ENOSYS;
+			goto out;
+		}
+		error = mpc->mpc_ops->mpo_externalize_pid(uap->pid,
+		    tcred, mpd.mpd_data, mpd.mpd_datalen);
+	}
+out:
+	MAC_POLICY_LIST_UNBUSY();
+	crfree(tcred);
+	return (error);
+}
+
 /*
  * MPSAFE
  *

==== //depot/projects/trustedbsd/mac/sys/kern/syscalls.c#26 (text+ko) ====

@@ -402,4 +402,5 @@
 	"uuidgen",			/* 392 = uuidgen */
 	"sendfile",			/* 393 = sendfile */
 	"mac_syscall",			/* 394 = mac_syscall */
+	"mac_get_pid",			/* 395 = mac_get_pid */
 };

==== //depot/projects/trustedbsd/mac/sys/kern/syscalls.master#23 (text+ko) ====

@@ -569,3 +569,5 @@
 				struct sf_hdtr *hdtr, off_t *sbytes, int flags); }
 394	MSTD	BSD	{ int mac_syscall(const char *policy, int call, \
 				void *arg); }
+395	MSTD	BSD	{ int mac_get_pid(pid_t pid, \
+				struct mac_pid_data *mpd, size_t mpdcnt); }

==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#21 (text+ko) ====

@@ -457,6 +457,36 @@
 	return 0;
 }
 
+static int
+sebsd_externalize_pid(pid_t pid, struct ucred *cred, char *data,
+    size_t *datalenp)
+{
+	size_t datalen;
+	security_context_t scontext;
+	u_int32_t context_len;
+	int error;
+
+	error = copyin(datalenp, &datalen, sizeof(datalen));
+	if (error)
+		return (error);
+	error = security_sid_to_context(((struct task_security_struct *)
+	    SLOT(&cred->cr_label))->sid, &scontext, &context_len);
+	if (error)
+		return (error);
+	if (context_len > datalen) {
+		error = ENOMEM;
+		goto out;
+	}
+	error = copyout(scontext, data, context_len);
+	if (error == 0) {
+		datalen = context_len;
+		error = copyout(&datalen, datalenp, sizeof(datalen));
+	}
+out:
+	security_free_context(scontext);
+	return (error);
+}
+
 /*
  * Initialize the SEBSD security server after the root partition has
  * been mounted; policy is located on root partition.
@@ -518,6 +548,8 @@
 
 	{ MAC_EXTERNALIZE,
 	    (macop_t)sebsd_externalize },
+	{ MAC_EXTERNALIZE_PID,
+	    (macop_t)sebsd_externalize_pid },
 
 	{ MAC_CREATE_ROOT_MOUNT, (macop_t)sebsd_create_root_mount },
 	{ MAC_OP_LAST, NULL }

==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#147 (text+ko) ====

@@ -150,6 +150,7 @@
 mac_t	mac_from_text(const char *_text_p);
 mac_t	mac_get_fd(int _fildes);
 mac_t	mac_get_file(const char *_path_p);
+int	mac_get_pid(pid_t, struct mac_pid_data *, size_t);
 mac_t	mac_get_proc(void);
 mac_t	mac_glb(const mac_t _labela, const mac_t _labelb);
 mac_t	mac_lub(const mac_t _labela, const mac_t _labelb);
@@ -194,6 +195,12 @@
 	}	l_perpolicy[MAC_MAX_POLICIES];
 };
 
+struct mac_pid_data {
+	char mpd_name[128];	/* arbitrarily-sized */
+	char *mpd_data;		/* label data to export */
+	size_t *mpd_datalen;	/* passed both in and out */
+};
+
 #ifdef _KERNEL
 
 /*

==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#112 (text+ko) ====

@@ -99,6 +99,8 @@
 	void	(*mpo_destroy_temp)(struct label *label);
 	void	(*mpo_destroy_vnode)(struct vnode *, struct label *label);
 	int	(*mpo_externalize)(struct label *label, struct mac *extmac);
+	int	(*mpo_externalize_pid)(pid_t pid, struct ucred *cred,
+		    char *data, size_t *datalen);
 	int	(*mpo_internalize)(struct label *label, struct mac *extmac);
 
 	/*
@@ -369,6 +371,7 @@
 	MAC_DESTROY_TEMP,
 	MAC_DESTROY_VNODE,
 	MAC_EXTERNALIZE,
+	MAC_EXTERNALIZE_PID,
 	MAC_INTERNALIZE,
 	MAC_CREATE_DEVFS_DEVICE,
 	MAC_CREATE_DEVFS_DIRECTORY,

==== //depot/projects/trustedbsd/mac/sys/sys/syscall.h#26 (text+ko) ====

@@ -308,4 +308,5 @@
 #define	SYS_uuidgen	392
 #define	SYS_sendfile	393
 #define	SYS_mac_syscall	394
-#define	SYS_MAXSYSCALL	395
+#define	SYS_mac_get_pid	395
+#define	SYS_MAXSYSCALL	396

==== //depot/projects/trustedbsd/mac/sys/sys/syscall.mk#26 (text+ko) ====

@@ -256,4 +256,5 @@
 	lchflags.o \
 	uuidgen.o \
 	sendfile.o \
-	mac_syscall.o
+	mac_syscall.o \
+	mac_get_pid.o

==== //depot/projects/trustedbsd/mac/sys/sys/sysproto.h#27 (text+ko) ====

@@ -1125,6 +1125,11 @@
 	char call_l_[PADL_(int)]; int call; char call_r_[PADR_(int)];
 	char arg_l_[PADL_(void *)]; void * arg; char arg_r_[PADR_(void *)];
 };
+struct mac_get_pid_args {
+	char pid_l_[PADL_(pid_t)]; pid_t pid; char pid_r_[PADR_(pid_t)];
+	char mpd_l_[PADL_(struct mac_pid_data *)]; struct mac_pid_data * mpd; char mpd_r_[PADR_(struct mac_pid_data *)];
+	char mpdcnt_l_[PADL_(size_t)]; size_t mpdcnt; char mpdcnt_r_[PADR_(size_t)];
+};
 int	nosys(struct thread *, struct nosys_args *);
 void	sys_exit(struct thread *, struct sys_exit_args *);
 int	fork(struct thread *, struct fork_args *);
@@ -1378,6 +1383,7 @@
 int	uuidgen(struct thread *, struct uuidgen_args *);
 int	sendfile(struct thread *, struct sendfile_args *);
 int	mac_syscall(struct thread *, struct mac_syscall_args *);
+int	mac_get_pid(struct thread *, struct mac_get_pid_args *);
 
 #ifdef COMPAT_43
 
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list