PERFORCE change 18927 for review

Chris Vance cvance at tislabs.com
Tue Oct 8 12:00:47 GMT 2002 

Ooops, I hadn't intended to submit sebsd.c.  The comment pertains to
setfiles.c  For the rest (how do I go back and fix the p4 log message?):

Add permission checks for vnode_open/vnode_access and vnode_poll
Also began to work on mmap permissions (though ifdef'd out)

chris.

On Tue, 8 Oct 2002, Chris Vance wrote:

> http://people.freebsd.org/~peter/p4db/chv.cgi?CH=18927
>
> Change 18927 by cvance at cvance_laptop on 2002/10/08 04:58:50
>
> 	Remove debugging statement that somehow survived until now
>
> Affected files ...
>
> .. //depot/projects/trustedbsd/mac/sbin/sebsd_setfiles/setfiles.c#7 edit
> .. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#32 edit
>
> Differences ...
>
> ==== //depot/projects/trustedbsd/mac/sbin/sebsd_setfiles/setfiles.c#7 (text+ko) ====
>
> @@ -220,7 +220,6 @@
>  	}
>  	argc -= optind;
>  	argv += optind;
> -	printf("optind = %d, argc now %d\n", optind, argc);
>
>  	if (argc < 2) {
>  		printUsage();
>
> ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#32 (text+ko) ====
>
> @@ -114,6 +114,60 @@
>  	return (cred_has_system(td->td_proc->p_ucred, perm));
>  }
>
> +static __inline security_class_t
> +vnode_type_to_security_class(enum vtype vt)
> +{
> +	switch (vt) {
> +	case VREG:
> +		return SECCLASS_FILE;
> +	case VDIR:
> +		return SECCLASS_DIR;
> +	case VBLK:
> +		return SECCLASS_BLK_FILE;
> +	case VCHR:
> +		return SECCLASS_CHR_FILE;
> +	case VLNK:
> +		return SECCLASS_LNK_FILE;
> +	case VSOCK:
> +		return SECCLASS_SOCK_FILE;
> +	case VFIFO:
> +		return SECCLASS_FIFO_FILE;
> +	case VNON:
> +	case VBAD:
> +		return SECCLASS_FILE;
> +	}
> +
> +	return SECCLASS_FILE;
> +}
> +
> +static __inline access_vector_t
> +file_mask_to_av(enum vtype vt, int mask)
> +{
> +	access_vector_t av = 0;
> +
> +	if (vt != VDIR) {
> +		if (mask & VEXEC)
> +			av |= FILE__EXECUTE;
> +		if (mask & VREAD)
> +			av |= FILE__READ;
> +
> +		if (mask & VAPPEND)
> +			av |= FILE__APPEND;
> +		else if (mask & VWRITE)
> +			av |= FILE__WRITE;
> +
> +	} else {
> +		if (mask & VEXEC)
> +			av |= DIR__SEARCH;
> +		if (mask & VWRITE)
> +			av |= DIR__WRITE;
> +		if (mask & VREAD)
> +			av |= DIR__READ;
> +	}
> +
> +	return av;
> +}
> +
>  static int
>  vnode_has_perm(struct ucred *cred, struct vnode *vp, access_vector_t perm,
>  	       avc_entry_ref_t *aeref)
> @@ -298,32 +352,6 @@
>  	return (newsid != task->sid);
>  }
>
> -static __inline security_class_t
> -vnode_type_to_security_class(enum vtype vt)
> -{
> -	switch (vt) {
> -	case VREG:
> -		return SECCLASS_FILE;
> -	case VDIR:
> -		return SECCLASS_DIR;
> -	case VBLK:
> -		return SECCLASS_BLK_FILE;
> -	case VCHR:
> -		return SECCLASS_CHR_FILE;
> -	case VLNK:
> -		return SECCLASS_LNK_FILE;
> -	case VSOCK:
> -		return SECCLASS_SOCK_FILE;
> -	case VFIFO:
> -		return SECCLASS_FIFO_FILE;
> -	case VNON:
> -	case VBAD:
> -		return SECCLASS_FILE;
> -	}
> -
> -	return SECCLASS_FILE;
> -}
> -
>  static void
>  sebsd_init_vnode_label(struct label *label)
>  {
> @@ -500,9 +528,11 @@
>  sebsd_check_vnode_access(struct ucred *cred, struct vnode *vp,
>  			 struct label *label, mode_t flags)
>  {
> +	if (!flags)
> +		return 0;
>
> -	/* TBD: Not Implemented */
> -	return (0);
> +	return vnode_has_perm(cred, vp, file_mask_to_av(vp->v_type, flags),
> +			      NULL);
>  }
>
>  static int
> @@ -686,16 +716,18 @@
>  sebsd_check_vnode_open(struct ucred *cred, struct vnode *vp,
>  		       struct label *filelabel, mode_t acc_mode)
>  {
> -	/* TBD: Not Implemented */
> -	return 0;
> +	if (!acc_mode)
> +		return 0;
> +
> +	return vnode_has_perm(cred, vp, file_mask_to_av(vp->v_type, acc_mode),
> +			      NULL);
>  }
>
>  static int
>  sebsd_check_vnode_poll(struct ucred *cred, struct ucred *file_cred,
>  		       struct vnode *vp, struct label *label)
>  {
> -	/* TBD: Not Implemented */
> -	return 0;
> +	return vnode_has_perm(cred, vp, FILE__POLL, NULL);
>  }
>
>  static int
> @@ -928,8 +960,26 @@
>  sebsd_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
>  		       struct label *label, int newmapping)
>  {
> -	/* TBD: Not Implemented */
> -	return 0;
> +#ifdef TBD
> +	access_vector_t av;
> +
> +	/* TBD: Incomplete */
> +	if (vp) {
> +		/* read access is always possible with a mapping */
> +		av = FILE__READ;
> +
> +		/* write access only matters if the mapping is shared */
> +		if ((flags & MAP_TYPE) == MAP_SHARED && (prot & PROT_WRITE))
> +			av |= FILE__WRITE;
> +
> +		if (prot & PROT_EXEC)
> +			av |= FILE__EXECUTE;
> +
> +		return vnode_has_perm(cred, vp, av, NULL);
> +	}
> +#endif
> +
> +	return (0);
>  }
>
>  static int
>

To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list