PERFORCE change 16176 for review
Robert Watson
rwatson at freebsd.org
Sun Aug 18 01:07:21 GMT 2002
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=16176
Change 16176 by rwatson at rwatson_tislabs on 2002/08/17 18:06:27
Break out mac_check_pipe_op() into mac_check_pipe_xxx() and
remove the pipe operation enumeration. It seemed like a good
idea, but this approach is more consistent with other object
types, such as vnode. Implement these entry points for each
policy.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#249 edit
.. //depot/projects/trustedbsd/mac/sys/kern/sys_pipe.c#28 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#100 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#82 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#69 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#73 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#38 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#154 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#118 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#249 (text+ko) ====
@@ -675,14 +675,26 @@
mpc->mpc_ops->mpo_check_pipe_ioctl =
mpe->mpe_function;
break;
- case MAC_CHECK_PIPE_OP:
- mpc->mpc_ops->mpo_check_pipe_op =
+ case MAC_CHECK_PIPE_POLL:
+ mpc->mpc_ops->mpo_check_pipe_poll =
+ mpe->mpe_function;
+ break;
+ case MAC_CHECK_PIPE_READ:
+ mpc->mpc_ops->mpo_check_pipe_read =
mpe->mpe_function;
break;
case MAC_CHECK_PIPE_RELABEL:
mpc->mpc_ops->mpo_check_pipe_relabel =
mpe->mpe_function;
break;
+ case MAC_CHECK_PIPE_STAT:
+ mpc->mpc_ops->mpo_check_pipe_stat =
+ mpe->mpe_function;
+ break;
+ case MAC_CHECK_PIPE_WRITE:
+ mpc->mpc_ops->mpo_check_pipe_write =
+ mpe->mpe_function;
+ break;
case MAC_CHECK_PROC_DEBUG:
mpc->mpc_ops->mpo_check_proc_debug =
mpe->mpe_function;
@@ -2548,11 +2560,21 @@
}
int
-mac_check_pipe_op(struct ucred *cred, struct pipe *pipe, int op)
+mac_check_pipe_poll(struct ucred *cred, struct pipe *pipe)
+{
+ int error;
+
+ MAC_CHECK(check_pipe_poll, cred, pipe, pipe->pipe_label);
+
+ return (error);
+}
+
+int
+mac_check_pipe_read(struct ucred *cred, struct pipe *pipe)
{
int error;
- MAC_CHECK(check_pipe_op, cred, pipe, pipe->pipe_label, op);
+ MAC_CHECK(check_pipe_read, cred, pipe, pipe->pipe_label);
return (error);
}
@@ -2569,6 +2591,27 @@
}
int
+mac_check_pipe_stat(struct ucred *cred, struct pipe *pipe)
+{
+ int error;
+
+ MAC_CHECK(check_pipe_stat, cred, pipe, pipe->pipe_label);
+
+ return (error);
+}
+
+int
+mac_check_pipe_write(struct ucred *cred, struct pipe *pipe)
+{
+ int error;
+
+ MAC_CHECK(check_pipe_write, cred, pipe, pipe->pipe_label);
+
+ return (error);
+}
+
+
+int
mac_check_proc_debug(struct ucred *cred, struct proc *proc)
{
int error;
==== //depot/projects/trustedbsd/mac/sys/kern/sys_pipe.c#28 (text+ko) ====
@@ -469,7 +469,7 @@
goto unlocked_error;
#ifdef MAC
- error = mac_check_pipe_op(active_cred, rpipe, MAC_OP_PIPE_READ);
+ error = mac_check_pipe_read(active_cred, rpipe);
if (error)
goto locked_error;
#endif
@@ -885,7 +885,7 @@
return (EPIPE);
}
#ifdef MAC
- error = mac_check_pipe_op(active_cred, wpipe, MAC_OP_PIPE_WRITE);
+ error = mac_check_pipe_write(active_cred, wpipe);
if (error) {
PIPE_UNLOCK(rpipe);
return (error);
@@ -1233,7 +1233,7 @@
wpipe = rpipe->pipe_peer;
PIPE_LOCK(rpipe);
#ifdef MAC
- error = mac_check_pipe_op(active_cred, rpipe, MAC_OP_PIPE_POLL);
+ error = mac_check_pipe_poll(active_cred, rpipe);
if (error)
goto locked_error;
#endif
@@ -1289,7 +1289,7 @@
int error;
/* XXXMAC: Pipe should be locked for this check. */
- error = mac_check_pipe_op(active_cred, pipe, MAC_OP_PIPE_STAT);
+ error = mac_check_pipe_stat(active_cred, pipe);
if (error)
return (error);
#endif
==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#100 (text+ko) ====
@@ -1397,8 +1397,26 @@
}
static int
-mac_biba_check_pipe_op(struct ucred *cred, struct pipe *pipe,
- struct label *pipelabel, int op)
+mac_biba_check_pipe_poll(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+ struct mac_biba *subj, *obj;
+
+ if (!mac_biba_enabled)
+ return (0);
+
+ subj = SLOT(&cred->cr_label);
+ obj = SLOT((pipelabel));
+
+ if (!mac_biba_dominate_single(obj, subj))
+ return (EACCES);
+
+ return (0);
+}
+
+static int
+mac_biba_check_pipe_read(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
{
struct mac_biba *subj, *obj;
@@ -1408,20 +1426,8 @@
subj = SLOT(&cred->cr_label);
obj = SLOT((pipelabel));
- switch(op) {
- case MAC_OP_PIPE_READ:
- case MAC_OP_PIPE_STAT:
- case MAC_OP_PIPE_POLL:
- if (!mac_biba_dominate_single(obj, subj))
- return (EACCES);
- break;
- case MAC_OP_PIPE_WRITE:
- if (!mac_biba_dominate_single(subj, obj))
- return (EACCES);
- break;
- default:
- panic("mac_biba_check_pipe_op: invalid pipe operation");
- }
+ if (!mac_biba_dominate_single(obj, subj))
+ return (EACCES);
return (0);
}
@@ -1478,6 +1484,42 @@
}
static int
+mac_biba_check_pipe_stat(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+ struct mac_biba *subj, *obj;
+
+ if (!mac_biba_enabled)
+ return (0);
+
+ subj = SLOT(&cred->cr_label);
+ obj = SLOT((pipelabel));
+
+ if (!mac_biba_dominate_single(obj, subj))
+ return (EACCES);
+
+ return (0);
+}
+
+static int
+mac_biba_check_pipe_write(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+ struct mac_biba *subj, *obj;
+
+ if (!mac_biba_enabled)
+ return (0);
+
+ subj = SLOT(&cred->cr_label);
+ obj = SLOT((pipelabel));
+
+ if (!mac_biba_dominate_single(subj, obj))
+ return (EACCES);
+
+ return (0);
+}
+
+static int
mac_biba_check_proc_debug(struct ucred *cred, struct proc *proc)
{
struct mac_biba *subj, *obj;
@@ -2342,10 +2384,16 @@
(macop_t)mac_biba_check_mount_stat },
{ MAC_CHECK_PIPE_IOCTL,
(macop_t)mac_biba_check_pipe_ioctl },
- { MAC_CHECK_PIPE_OP,
- (macop_t)mac_biba_check_pipe_op },
+ { MAC_CHECK_PIPE_POLL,
+ (macop_t)mac_biba_check_pipe_poll },
+ { MAC_CHECK_PIPE_READ,
+ (macop_t)mac_biba_check_pipe_read },
{ MAC_CHECK_PIPE_RELABEL,
(macop_t)mac_biba_check_pipe_relabel },
+ { MAC_CHECK_PIPE_STAT,
+ (macop_t)mac_biba_check_pipe_stat },
+ { MAC_CHECK_PIPE_WRITE,
+ (macop_t)mac_biba_check_pipe_write },
{ MAC_CHECK_PROC_DEBUG,
(macop_t)mac_biba_check_proc_debug },
{ MAC_CHECK_PROC_SCHED,
==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#82 (text+ko) ====
@@ -1349,8 +1349,26 @@
}
static int
-mac_mls_check_pipe_op(struct ucred *cred, struct pipe *pipe,
- struct label *pipelabel, int op)
+mac_mls_check_pipe_poll(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+ struct mac_mls *subj, *obj;
+
+ if (!mac_mls_enabled)
+ return (0);
+
+ subj = SLOT(&cred->cr_label);
+ obj = SLOT((pipelabel));
+
+ if (!mac_mls_dominate_single(subj, obj))
+ return (EACCES);
+
+ return (0);
+}
+
+static int
+mac_mls_check_pipe_read(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
{
struct mac_mls *subj, *obj;
@@ -1360,20 +1378,8 @@
subj = SLOT(&cred->cr_label);
obj = SLOT((pipelabel));
- switch(op) {
- case MAC_OP_PIPE_READ:
- case MAC_OP_PIPE_STAT:
- case MAC_OP_PIPE_POLL:
- if (!mac_mls_dominate_single(subj, obj))
- return (EACCES);
- break;
- case MAC_OP_PIPE_WRITE:
- if (!mac_mls_dominate_single(obj, subj))
- return (EACCES);
- break;
- default:
- panic("mac_mls_check_pipe_op: invalid pipe operation");
- }
+ if (!mac_mls_dominate_single(subj, obj))
+ return (EACCES);
return (0);
}
@@ -1430,6 +1436,42 @@
}
static int
+mac_mls_check_pipe_stat(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+ struct mac_mls *subj, *obj;
+
+ if (!mac_mls_enabled)
+ return (0);
+
+ subj = SLOT(&cred->cr_label);
+ obj = SLOT((pipelabel));
+
+ if (!mac_mls_dominate_single(subj, obj))
+ return (EACCES);
+
+ return (0);
+}
+
+static int
+mac_mls_check_pipe_write(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+ struct mac_mls *subj, *obj;
+
+ if (!mac_mls_enabled)
+ return (0);
+
+ subj = SLOT(&cred->cr_label);
+ obj = SLOT((pipelabel));
+
+ if (!mac_mls_dominate_single(obj, subj))
+ return (EACCES);
+
+ return (0);
+}
+
+static int
mac_mls_check_proc_debug(struct ucred *cred, struct proc *proc)
{
struct mac_mls *subj, *obj;
@@ -2297,10 +2339,16 @@
(macop_t)mac_mls_check_mount_stat },
{ MAC_CHECK_PIPE_IOCTL,
(macop_t)mac_mls_check_pipe_ioctl },
- { MAC_CHECK_PIPE_OP,
- (macop_t)mac_mls_check_pipe_op },
+ { MAC_CHECK_PIPE_POLL,
+ (macop_t)mac_mls_check_pipe_poll },
+ { MAC_CHECK_PIPE_READ,
+ (macop_t)mac_mls_check_pipe_read },
{ MAC_CHECK_PIPE_RELABEL,
(macop_t)mac_mls_check_pipe_relabel },
+ { MAC_CHECK_PIPE_STAT,
+ (macop_t)mac_mls_check_pipe_stat },
+ { MAC_CHECK_PIPE_WRITE,
+ (macop_t)mac_mls_check_pipe_write },
{ MAC_CHECK_PROC_DEBUG,
(macop_t)mac_mls_check_proc_debug },
{ MAC_CHECK_PROC_SCHED,
==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#69 (text+ko) ====
@@ -608,8 +608,16 @@
}
static int
-mac_none_check_pipe_op(struct ucred *cred, struct pipe *pipe,
- struct label *pipelabel, int op)
+mac_none_check_pipe_poll(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+
+ return (0);
+}
+
+static int
+mac_none_check_pipe_read(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
{
return (0);
@@ -624,6 +632,22 @@
}
static int
+mac_none_check_pipe_stat(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+
+ return (0);
+}
+
+static int
+mac_none_check_pipe_write(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+
+ return (0);
+}
+
+static int
mac_none_check_proc_debug(struct ucred *cred, struct proc *proc)
{
@@ -1061,10 +1085,16 @@
(macop_t)mac_none_check_mount_stat },
{ MAC_CHECK_PIPE_IOCTL,
(macop_t)mac_none_check_pipe_ioctl },
- { MAC_CHECK_PIPE_OP,
- (macop_t)mac_none_check_pipe_op },
+ { MAC_CHECK_PIPE_POLL,
+ (macop_t)mac_none_check_pipe_poll },
+ { MAC_CHECK_PIPE_READ,
+ (macop_t)mac_none_check_pipe_read },
{ MAC_CHECK_PIPE_RELABEL,
(macop_t)mac_none_check_pipe_relabel },
+ { MAC_CHECK_PIPE_STAT,
+ (macop_t)mac_none_check_pipe_stat },
+ { MAC_CHECK_PIPE_WRITE,
+ (macop_t)mac_none_check_pipe_write },
{ MAC_CHECK_PROC_DEBUG,
(macop_t)mac_none_check_proc_debug },
{ MAC_CHECK_PROC_SCHED,
==== //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#73 (text+ko) ====
@@ -707,8 +707,18 @@
}
static int
-mac_te_check_pipe_op(struct ucred *cred, struct pipe *pipe,
- struct label *pipelabel, int op)
+mac_te_check_pipe_poll(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+
+ /* XXX: This will be implemented soon... */
+
+ return (0);
+}
+
+static int
+mac_te_check_pipe_read(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
{
/* XXX: This will be implemented soon... */
@@ -732,6 +742,26 @@
}
static int
+mac_te_check_pipe_stat(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+
+ /* XXX: This will be implemented soon... */
+
+ return (0);
+}
+
+static int
+mac_te_check_pipe_write(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+
+ /* XXX: This will be implemented soon... */
+
+ return (0);
+}
+
+static int
mac_te_check_proc_debug(struct ucred *cred, struct proc *proc)
{
@@ -1767,10 +1797,16 @@
(macop_t)mac_te_check_mount_stat },
{ MAC_CHECK_PIPE_IOCTL,
(macop_t)mac_te_check_pipe_ioctl },
- { MAC_CHECK_PIPE_OP,
- (macop_t)mac_te_check_pipe_op },
+ { MAC_CHECK_PIPE_POLL,
+ (macop_t)mac_te_check_pipe_poll },
+ { MAC_CHECK_PIPE_READ,
+ (macop_t)mac_te_check_pipe_read },
{ MAC_CHECK_PIPE_RELABEL,
(macop_t)mac_te_check_pipe_relabel },
+ { MAC_CHECK_PIPE_STAT,
+ (macop_t)mac_te_check_pipe_stat },
+ { MAC_CHECK_PIPE_WRITE,
+ (macop_t)mac_te_check_pipe_write },
{ MAC_CHECK_PROC_DEBUG,
(macop_t)mac_te_check_proc_debug },
{ MAC_CHECK_PROC_SCHED,
==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#38 (text+ko) ====
@@ -816,8 +816,16 @@
}
static int
-mac_test_check_pipe_op(struct ucred *cred, struct pipe *pipe,
- struct label *pipelabel, int op)
+mac_test_check_pipe_poll(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+
+ return (0);
+}
+
+static int
+mac_test_check_pipe_read(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
{
return (0);
@@ -832,6 +840,22 @@
}
static int
+mac_test_check_pipe_stat(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+
+ return (0);
+}
+
+static int
+mac_test_check_pipe_write(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel)
+{
+
+ return (0);
+}
+
+static int
mac_test_check_proc_debug(struct ucred *cred, struct proc *proc)
{
@@ -1267,10 +1291,16 @@
(macop_t)mac_test_check_mount_stat },
{ MAC_CHECK_PIPE_IOCTL,
(macop_t)mac_test_check_pipe_ioctl },
- { MAC_CHECK_PIPE_OP,
- (macop_t)mac_test_check_pipe_op },
+ { MAC_CHECK_PIPE_POLL,
+ (macop_t)mac_test_check_pipe_poll },
+ { MAC_CHECK_PIPE_READ,
+ (macop_t)mac_test_check_pipe_read },
{ MAC_CHECK_PIPE_RELABEL,
(macop_t)mac_test_check_pipe_relabel },
+ { MAC_CHECK_PIPE_STAT,
+ (macop_t)mac_test_check_pipe_stat },
+ { MAC_CHECK_PIPE_WRITE,
+ (macop_t)mac_test_check_pipe_write },
{ MAC_CHECK_PROC_DEBUG,
(macop_t)mac_test_check_proc_debug },
{ MAC_CHECK_PROC_SCHED,
==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#154 (text+ko) ====
@@ -189,16 +189,6 @@
};
/*
- * MAC entry point operations
- */
-enum mac_ep_ops {
- MAC_OP_PIPE_READ,
- MAC_OP_PIPE_WRITE,
- MAC_OP_PIPE_STAT,
- MAC_OP_PIPE_POLL
-};
-
-/*
* Kernel functions to manage and evaluate labels.
*/
struct bpf_d;
@@ -312,9 +302,12 @@
int mac_check_cred_visible(struct ucred *u1, struct ucred *u2);
int mac_check_ifnet_transmit(struct ifnet *ifnet, struct mbuf *m);
int mac_check_mount_stat(struct ucred *cred, struct mount *mp);
-int mac_check_pipe_op(struct ucred *cred, struct pipe *pipe, int op);
int mac_check_pipe_ioctl(struct ucred *cred, struct pipe *pipe,
unsigned long cmd, void *data);
+int mac_check_pipe_poll(struct ucred *cred, struct pipe *pipe);
+int mac_check_pipe_read(struct ucred *cred, struct pipe *pipe);
+int mac_check_pipe_stat(struct ucred *cred, struct pipe *pipe);
+int mac_check_pipe_write(struct ucred *cred, struct pipe *pipe);
int mac_check_proc_debug(struct ucred *cred, struct proc *proc);
int mac_check_proc_sched(struct ucred *cred, struct proc *proc);
int mac_check_proc_signal(struct ucred *cred, struct proc *proc,
==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#118 (text+ko) ====
@@ -240,11 +240,17 @@
struct label *mntlabel);
int (*mpo_check_pipe_ioctl)(struct ucred *cred, struct pipe *pipe,
struct label *pipelabel, unsigned long cmd, void *data);
- int (*mpo_check_pipe_op)(struct ucred *cred, struct pipe *pipe,
- struct label *pipelabel, int op);
+ int (*mpo_check_pipe_poll)(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel);
+ int (*mpo_check_pipe_read)(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel);
int (*mpo_check_pipe_relabel)(struct ucred *cred,
struct pipe *pipe, struct label *pipelabel,
struct label *newlabel);
+ int (*mpo_check_pipe_stat)(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel);
+ int (*mpo_check_pipe_write)(struct ucred *cred, struct pipe *pipe,
+ struct label *pipelabel);
int (*mpo_check_proc_debug)(struct ucred *cred,
struct proc *proc);
int (*mpo_check_proc_sched)(struct ucred *cred,
@@ -421,8 +427,11 @@
MAC_CHECK_IFNET_TRANSMIT,
MAC_CHECK_MOUNT_STAT,
MAC_CHECK_PIPE_IOCTL,
- MAC_CHECK_PIPE_OP,
+ MAC_CHECK_PIPE_POLL,
+ MAC_CHECK_PIPE_READ,
MAC_CHECK_PIPE_RELABEL,
+ MAC_CHECK_PIPE_STAT,
+ MAC_CHECK_PIPE_WRITE,
MAC_CHECK_PROC_DEBUG,
MAC_CHECK_PROC_SCHED,
MAC_CHECK_PROC_SIGNAL,
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list