PERFORCE change 19821 for review
Robert Watson
rwatson at freebsd.org
Mon Oct 21 19:38:23 GMT 2002
http://perforce.freebsd.org/chv.cgi?CH=19821
Change 19821 by rwatson at rwatson_paprika on 2002/10/21 12:38:00
Integ main FreeBSD tree into TrustedBSD base -- biba/mls loopback,
largely.
Affected files ...
.. //depot/projects/trustedbsd/base/sys/fs/msdosfs/bootsect.h#3 integrate
.. //depot/projects/trustedbsd/base/sys/kern/kern_mutex.c#18 integrate
.. //depot/projects/trustedbsd/base/sys/kern/subr_disk.c#11 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac_biba/mac_biba.c#12 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac_biba/mac_biba.h#2 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac_mls/mac_mls.c#11 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac_mls/mac_mls.h#2 integrate
.. //depot/projects/trustedbsd/base/sys/sys/mac.h#10 integrate
.. //depot/projects/trustedbsd/base/sys/sys/proc.h#25 integrate
Differences ...
==== //depot/projects/trustedbsd/base/sys/fs/msdosfs/bootsect.h#3 (text+ko) ====
@@ -1,4 +1,4 @@
-/* $FreeBSD: src/sys/fs/msdosfs/bootsect.h,v 1.9 2001/11/28 16:56:42 jhb Exp $ */
+/* $FreeBSD: src/sys/fs/msdosfs/bootsect.h,v 1.10 2002/10/21 19:00:50 jhb Exp $ */
/* $NetBSD: bootsect.h,v 1.9 1997/11/17 15:36:17 ws Exp $ */
/*
@@ -59,7 +59,7 @@
struct bootsector710 {
u_int8_t bsJump[3]; /* jump inst E9xxxx or EBxx90 */
int8_t bsOEMName[8]; /* OEM name and version */
- int8_t bsPBP[53]; /* BIOS parameter block */
+ int8_t bsBPB[53]; /* BIOS parameter block */
int8_t bsExt[26]; /* Bootsector Extension */
int8_t bsBootCode[418]; /* pad so structure is 512b */
u_int8_t bsBootSectSig2; /* 2 & 3 are only defined for FAT32? */
==== //depot/projects/trustedbsd/base/sys/kern/kern_mutex.c#18 (text+ko) ====
@@ -27,7 +27,7 @@
*
* from BSDI $Id: mutex_witness.c,v 1.1.2.20 2000/04/27 03:10:27 cp Exp $
* and BSDI $Id: synch_machdep.c,v 2.3.2.39 2000/04/27 03:10:25 cp Exp $
- * $FreeBSD: src/sys/kern/kern_mutex.c,v 1.112 2002/10/12 05:32:23 jeff Exp $
+ * $FreeBSD: src/sys/kern/kern_mutex.c,v 1.113 2002/10/21 18:48:28 des Exp $
*/
/*
@@ -215,14 +215,17 @@
&mutex_prof_enable, 0, "Enable tracing of mutex holdtime");
struct mutex_prof {
- const char *name;
- const char *file;
- int line;
+ const char *name;
+ const char *file;
+ int line;
+ /*
+ * XXX should use specialized struct members instead of an array
+ * and these silly #defines.
+ */
#define MPROF_MAX 0
#define MPROF_TOT 1
#define MPROF_CNT 2
-#define MPROF_AVG 3
- uintmax_t counter[4];
+ uintmax_t counter[3];
struct mutex_prof *next;
};
@@ -232,10 +235,10 @@
*
* Note: NUM_MPROF_BUFFERS must be smaller than MPROF_HASH_SIZE.
*/
-#define NUM_MPROF_BUFFERS 1000
+#define NUM_MPROF_BUFFERS 1000
static struct mutex_prof mprof_buf[NUM_MPROF_BUFFERS];
static int first_free_mprof_buf;
-#define MPROF_HASH_SIZE 1009
+#define MPROF_HASH_SIZE 1009
static struct mutex_prof *mprof_hash[MPROF_HASH_SIZE];
static int mutex_prof_acquisitions;
@@ -279,19 +282,27 @@
int error, i;
if (first_free_mprof_buf == 0)
- return SYSCTL_OUT(req, "No locking recorded",
- sizeof("No locking recorded"));
+ return (SYSCTL_OUT(req, "No locking recorded",
+ sizeof("No locking recorded")));
sb = sbuf_new(NULL, NULL, 1024, SBUF_AUTOEXTEND);
- sbuf_printf(sb, "%12s %12s %12s %12s %s\n",
- "max", "total", "count", "average", "name");
+ sbuf_printf(sb, "%6s %12s %11s %5s %s\n",
+ "max", "total", "count", "avg", "name");
+ /*
+ * XXX this spinlock seems to be by far the largest perpetrator
+ * of spinlock latency (1.6 msec on an Athlon1600 was recorded
+ * even before I pessimized it further by moving the average
+ * computation here).
+ */
mtx_lock_spin(&mprof_mtx);
for (i = 0; i < first_free_mprof_buf; ++i)
- sbuf_printf(sb, "%12ju %12ju %12ju %12ju %s:%d (%s)\n",
+ sbuf_printf(sb, "%6ju %12ju %11ju %5ju %s:%d (%s)\n",
mprof_buf[i].counter[MPROF_MAX] / 1000,
mprof_buf[i].counter[MPROF_TOT] / 1000,
mprof_buf[i].counter[MPROF_CNT],
- mprof_buf[i].counter[MPROF_AVG] / 1000,
+ mprof_buf[i].counter[MPROF_CNT] == 0 ? (uintmax_t)0 :
+ mprof_buf[i].counter[MPROF_TOT] /
+ (mprof_buf[i].counter[MPROF_CNT] * 1000),
mprof_buf[i].file, mprof_buf[i].line, mprof_buf[i].name);
mtx_unlock_spin(&mprof_mtx);
sbuf_finish(sb);
@@ -299,7 +310,7 @@
sbuf_delete(sb);
return (error);
}
-SYSCTL_PROC(_debug_mutex_prof, OID_AUTO, stats, CTLTYPE_STRING|CTLFLAG_RD,
+SYSCTL_PROC(_debug_mutex_prof, OID_AUTO, stats, CTLTYPE_STRING | CTLFLAG_RD,
NULL, 0, dump_mutex_prof_stats, "A", "Mutex profiling statistics");
#endif
@@ -384,14 +395,12 @@
}
/*
* Record if the mutex has been held longer now than ever
- * before
+ * before.
*/
- if ((now - acqtime) > mpp->counter[MPROF_MAX])
+ if (now - acqtime > mpp->counter[MPROF_MAX])
mpp->counter[MPROF_MAX] = now - acqtime;
mpp->counter[MPROF_TOT] += now - acqtime;
- mpp->counter[MPROF_CNT] += 1;
- mpp->counter[MPROF_AVG] =
- mpp->counter[MPROF_TOT] / mpp->counter[MPROF_CNT];
+ mpp->counter[MPROF_CNT]++;
unlock:
mtx_unlock_spin(&mprof_mtx);
}
==== //depot/projects/trustedbsd/base/sys/kern/subr_disk.c#11 (text+ko) ====
@@ -6,7 +6,7 @@
* this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
* ----------------------------------------------------------------------------
*
- * $FreeBSD: src/sys/kern/subr_disk.c,v 1.63 2002/10/17 23:48:29 sobomax Exp $
+ * $FreeBSD: src/sys/kern/subr_disk.c,v 1.64 2002/10/21 18:40:40 cognet Exp $
*
*/
@@ -22,7 +22,6 @@
#include <sys/disklabel.h>
#ifdef NO_GEOM
#include <sys/kernel.h>
-#include <sys/sysctl.h>
#include <sys/malloc.h>
#include <sys/sysctl.h>
#include <machine/md_var.h>
==== //depot/projects/trustedbsd/base/sys/security/mac_biba/mac_biba.c#12 (text+ko) ====
@@ -34,7 +34,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/security/mac_biba/mac_biba.c,v 1.22 2002/10/21 17:05:48 rwatson Exp $
+ * $FreeBSD: src/sys/security/mac_biba/mac_biba.c,v 1.24 2002/10/21 18:42:00 rwatson Exp $
*/
/*
@@ -102,6 +102,10 @@
TUNABLE_STR("security.mac.biba.trusted_interfaces", trusted_interfaces,
sizeof(trusted_interfaces));
+static int max_compartments = MAC_BIBA_MAX_COMPARTMENTS;
+SYSCTL_INT(_security_mac_biba, OID_AUTO, max_compartments, CTLFLAG_RD,
+ &max_compartments, 0, "Maximum supported compartments");
+
static int ptys_equal = 0;
SYSCTL_INT(_security_mac_biba, OID_AUTO, ptys_equal, CTLFLAG_RW,
&ptys_equal, 0, "Label pty devices as biba/equal on create");
@@ -117,6 +121,16 @@
MALLOC_DEFINE(M_MACBIBA, "biba label", "MAC/Biba labels");
+static __inline int
+biba_bit_set_empty(u_char *set) {
+ int i;
+
+ for (i = 0; i < MAC_BIBA_MAX_COMPARTMENTS >> 3; i++)
+ if (set[i] != 0)
+ return (0);
+ return (1);
+}
+
static struct mac_biba *
biba_alloc(int flag)
{
@@ -150,6 +164,7 @@
mac_biba_dominate_element(struct mac_biba_element *a,
struct mac_biba_element *b)
{
+ int bit;
switch(a->mbe_type) {
case MAC_BIBA_TYPE_EQUAL:
@@ -180,6 +195,11 @@
return (0);
case MAC_BIBA_TYPE_GRADE:
+ for (bit = 1; bit <= MAC_BIBA_MAX_COMPARTMENTS; bit++)
+ if (!MAC_BIBA_BIT_TEST(bit,
+ a->mbe_compartments) &&
+ MAC_BIBA_BIT_TEST(bit, b->mbe_compartments))
+ return (0);
return (a->mbe_grade >= b->mbe_grade);
default:
@@ -310,7 +330,9 @@
case MAC_BIBA_TYPE_EQUAL:
case MAC_BIBA_TYPE_HIGH:
case MAC_BIBA_TYPE_LOW:
- if (mac_biba->mb_single.mbe_grade != 0)
+ if (mac_biba->mb_single.mbe_grade != 0 ||
+ !MAC_BIBA_BIT_SET_EMPTY(
+ mac_biba->mb_single.mbe_compartments))
return (EINVAL);
break;
@@ -330,7 +352,9 @@
case MAC_BIBA_TYPE_EQUAL:
case MAC_BIBA_TYPE_HIGH:
case MAC_BIBA_TYPE_LOW:
- if (mac_biba->mb_rangelow.mbe_grade != 0)
+ if (mac_biba->mb_rangelow.mbe_grade != 0 ||
+ !MAC_BIBA_BIT_SET_EMPTY(
+ mac_biba->mb_rangelow.mbe_compartments))
return (EINVAL);
break;
@@ -345,7 +369,9 @@
case MAC_BIBA_TYPE_EQUAL:
case MAC_BIBA_TYPE_HIGH:
case MAC_BIBA_TYPE_LOW:
- if (mac_biba->mb_rangehigh.mbe_grade != 0)
+ if (mac_biba->mb_rangehigh.mbe_grade != 0 ||
+ !MAC_BIBA_BIT_SET_EMPTY(
+ mac_biba->mb_rangehigh.mbe_compartments))
return (EINVAL);
break;
@@ -366,28 +392,42 @@
static void
mac_biba_set_range(struct mac_biba *mac_biba, u_short typelow,
- u_short gradelow, u_short typehigh, u_short gradehigh)
+ u_short gradelow, u_char *compartmentslow, u_short typehigh,
+ u_short gradehigh, u_char *compartmentshigh)
{
mac_biba->mb_rangelow.mbe_type = typelow;
mac_biba->mb_rangelow.mbe_grade = gradelow;
+ if (compartmentslow != NULL)
+ memcpy(mac_biba->mb_rangelow.mbe_compartments,
+ compartmentslow,
+ sizeof(mac_biba->mb_rangelow.mbe_compartments));
mac_biba->mb_rangehigh.mbe_type = typehigh;
mac_biba->mb_rangehigh.mbe_grade = gradehigh;
+ if (compartmentshigh != NULL)
+ memcpy(mac_biba->mb_rangehigh.mbe_compartments,
+ compartmentshigh,
+ sizeof(mac_biba->mb_rangehigh.mbe_compartments));
mac_biba->mb_flags |= MAC_BIBA_FLAG_RANGE;
}
static void
-mac_biba_set_single(struct mac_biba *mac_biba, u_short type, u_short grade)
+mac_biba_set_single(struct mac_biba *mac_biba, u_short type, u_short grade,
+ u_char *compartments)
{
mac_biba->mb_single.mbe_type = type;
mac_biba->mb_single.mbe_grade = grade;
+ if (compartments != NULL)
+ memcpy(mac_biba->mb_single.mbe_compartments, compartments,
+ sizeof(mac_biba->mb_single.mbe_compartments));
mac_biba->mb_flags |= MAC_BIBA_FLAG_SINGLE;
}
static void
mac_biba_copy_range(struct mac_biba *labelfrom, struct mac_biba *labelto)
{
+
KASSERT((labelfrom->mb_flags & MAC_BIBA_FLAG_RANGE) != 0,
("mac_biba_copy_range: labelfrom not range"));
@@ -407,19 +447,6 @@
labelto->mb_flags |= MAC_BIBA_FLAG_SINGLE;
}
-static void
-mac_biba_copy_single_to_range(struct mac_biba *labelfrom,
- struct mac_biba *labelto)
-{
-
- KASSERT((labelfrom->mb_flags & MAC_BIBA_FLAG_SINGLE) != 0,
- ("mac_biba_copy_single_to_range: labelfrom not single"));
-
- labelto->mb_rangelow = labelfrom->mb_single;
- labelto->mb_rangehigh = labelfrom->mb_single;
- labelto->mb_flags |= MAC_BIBA_FLAG_RANGE;
-}
-
/*
* Policy module operations.
*/
@@ -521,7 +548,7 @@
biba_type = MAC_BIBA_TYPE_EQUAL;
else
biba_type = MAC_BIBA_TYPE_HIGH;
- mac_biba_set_single(mac_biba, biba_type, 0);
+ mac_biba_set_single(mac_biba, biba_type, 0, NULL);
}
static void
@@ -531,7 +558,7 @@
struct mac_biba *mac_biba;
mac_biba = SLOT(label);
- mac_biba_set_single(mac_biba, MAC_BIBA_TYPE_HIGH, 0);
+ mac_biba_set_single(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL);
}
static void
@@ -590,9 +617,9 @@
/* Always mount root as high integrity. */
mac_biba = SLOT(fslabel);
- mac_biba_set_single(mac_biba, MAC_BIBA_TYPE_HIGH, 0);
+ mac_biba_set_single(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL);
mac_biba = SLOT(mntlabel);
- mac_biba_set_single(mac_biba, MAC_BIBA_TYPE_HIGH, 0);
+ mac_biba_set_single(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL);
}
static void
@@ -694,7 +721,6 @@
dest = SLOT(socketlabel);
mac_biba_copy_single(source, dest);
- mac_biba_copy_single_to_range(source, dest);
}
static void
@@ -720,7 +746,6 @@
dest = SLOT(newsocketlabel);
mac_biba_copy_single(source, dest);
- mac_biba_copy_range(source, dest);
}
static void
@@ -733,7 +758,6 @@
dest = SLOT(socketlabel);
mac_biba_copy_single(source, dest);
- mac_biba_copy_range(source, dest);
}
static void
@@ -837,8 +861,8 @@
}
}
set:
- mac_biba_set_single(dest, grade, 0);
- mac_biba_set_range(dest, grade, 0, grade, 0);
+ mac_biba_set_single(dest, grade, 0, NULL);
+ mac_biba_set_range(dest, grade, 0, NULL, grade, 0, NULL);
}
static void
@@ -899,7 +923,7 @@
dest = SLOT(mbuflabel);
- mac_biba_set_single(dest, MAC_BIBA_TYPE_EQUAL, 0);
+ mac_biba_set_single(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL);
}
static void
@@ -1027,8 +1051,9 @@
dest = SLOT(&cred->cr_label);
- mac_biba_set_single(dest, MAC_BIBA_TYPE_EQUAL, 0);
- mac_biba_set_range(dest, MAC_BIBA_TYPE_LOW, 0, MAC_BIBA_TYPE_HIGH, 0);
+ mac_biba_set_single(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL);
+ mac_biba_set_range(dest, MAC_BIBA_TYPE_LOW, 0, NULL,
+ MAC_BIBA_TYPE_HIGH, 0, NULL);
}
static void
@@ -1038,8 +1063,9 @@
dest = SLOT(&cred->cr_label);
- mac_biba_set_single(dest, MAC_BIBA_TYPE_HIGH, 0);
- mac_biba_set_range(dest, MAC_BIBA_TYPE_LOW, 0, MAC_BIBA_TYPE_HIGH, 0);
+ mac_biba_set_single(dest, MAC_BIBA_TYPE_HIGH, 0, NULL);
+ mac_biba_set_range(dest, MAC_BIBA_TYPE_LOW, 0, NULL,
+ MAC_BIBA_TYPE_HIGH, 0, NULL);
}
static void
==== //depot/projects/trustedbsd/base/sys/security/mac_biba/mac_biba.h#2 (text+ko) ====
@@ -34,7 +34,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/security/mac_biba/mac_biba.h,v 1.1 2002/07/31 18:07:43 rwatson Exp $
+ * $FreeBSD: src/sys/security/mac_biba/mac_biba.h,v 1.2 2002/10/21 18:42:00 rwatson Exp $
*/
/*
* Definitions for the TrustedBSD Biba integrity policy module.
@@ -58,4 +58,14 @@
#define MAC_BIBA_TYPE_EQUAL 4 /* Equivilent to any
* MAC_BIBA_TYPE_LABEL. */
+/*
+ * Biba compartments bit test/set macros.
+ * The range is 1 to MAC_BIBA_MAX_COMPARTMENTS.
+ */
+#define MAC_BIBA_BIT_TEST(b, w) \
+ ((w)[(((b) - 1) >> 3)] & (1 << (((b) - 1) & 7)))
+#define MAC_BIBA_BIT_SET(b, w) \
+ ((w)[(((b) - 1) >> 3)] |= (1 << (((b) - 1) & 7)))
+#define MAC_BIBA_BIT_SET_EMPTY(set) biba_bit_set_empty(set)
+
#endif /* !_SYS_SECURITY_MAC_BIBA_H */
==== //depot/projects/trustedbsd/base/sys/security/mac_mls/mac_mls.c#11 (text+ko) ====
@@ -34,7 +34,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/security/mac_mls/mac_mls.c,v 1.19 2002/10/21 17:01:30 rwatson Exp $
+ * $FreeBSD: src/sys/security/mac_mls/mac_mls.c,v 1.22 2002/10/21 18:42:00 rwatson Exp $
*/
/*
@@ -96,17 +96,30 @@
&ptys_equal, 0, "Label pty devices as mls/equal on create");
TUNABLE_INT("security.mac.mls.ptys_equal", &ptys_equal);
-static int mac_mls_revocation_enabled = 0;
+static int revocation_enabled = 0;
SYSCTL_INT(_security_mac_mls, OID_AUTO, revocation_enabled, CTLFLAG_RW,
- &mac_mls_revocation_enabled, 0, "Revoke access to objects on relabel");
-TUNABLE_INT("security.mac.mls.revocation_enabled",
- &mac_mls_revocation_enabled);
+ &revocation_enabled, 0, "Revoke access to objects on relabel");
+TUNABLE_INT("security.mac.mls.revocation_enabled", &revocation_enabled);
+
+static int max_compartments = MAC_MLS_MAX_COMPARTMENTS;
+SYSCTL_INT(_security_mac_mls, OID_AUTO, max_compartments, CTLFLAG_RD,
+ &max_compartments, 0, "Maximum compartments the policy supports");
static int mac_mls_slot;
#define SLOT(l) ((struct mac_mls *)LABEL_TO_SLOT((l), mac_mls_slot).l_ptr)
MALLOC_DEFINE(M_MACMLS, "mls label", "MAC/MLS labels");
+static __inline int
+mls_bit_set_empty(u_char *set) {
+ int i;
+
+ for (i = 0; i < MAC_MLS_MAX_COMPARTMENTS >> 3; i++)
+ if (set[i] != 0)
+ return (0);
+ return (1);
+}
+
static struct mac_mls *
mls_alloc(int flag)
{
@@ -140,6 +153,7 @@
mac_mls_dominate_element(struct mac_mls_element *a,
struct mac_mls_element *b)
{
+ int bit;
switch(a->mme_type) {
case MAC_MLS_TYPE_EQUAL:
@@ -170,6 +184,11 @@
return (0);
case MAC_MLS_TYPE_LEVEL:
+ for (bit = 1; bit <= MAC_MLS_MAX_COMPARTMENTS; bit++)
+ if (!MAC_MLS_BIT_TEST(bit,
+ a->mme_compartments) &&
+ MAC_MLS_BIT_TEST(bit, b->mme_compartments))
+ return (0);
return (a->mme_level >= b->mme_level);
default:
@@ -299,7 +318,9 @@
case MAC_MLS_TYPE_EQUAL:
case MAC_MLS_TYPE_HIGH:
case MAC_MLS_TYPE_LOW:
- if (mac_mls->mm_single.mme_level != 0)
+ if (mac_mls->mm_single.mme_level != 0 ||
+ !MAC_MLS_BIT_SET_EMPTY(
+ mac_mls->mm_single.mme_compartments))
return (EINVAL);
break;
@@ -319,7 +340,9 @@
case MAC_MLS_TYPE_EQUAL:
case MAC_MLS_TYPE_HIGH:
case MAC_MLS_TYPE_LOW:
- if (mac_mls->mm_rangelow.mme_level != 0)
+ if (mac_mls->mm_rangelow.mme_level != 0 ||
+ !MAC_MLS_BIT_SET_EMPTY(
+ mac_mls->mm_rangelow.mme_compartments))
return (EINVAL);
break;
@@ -334,7 +357,9 @@
case MAC_MLS_TYPE_EQUAL:
case MAC_MLS_TYPE_HIGH:
case MAC_MLS_TYPE_LOW:
- if (mac_mls->mm_rangehigh.mme_level != 0)
+ if (mac_mls->mm_rangehigh.mme_level != 0 ||
+ !MAC_MLS_BIT_SET_EMPTY(
+ mac_mls->mm_rangehigh.mme_compartments))
return (EINVAL);
break;
@@ -355,28 +380,42 @@
static void
mac_mls_set_range(struct mac_mls *mac_mls, u_short typelow,
- u_short levellow, u_short typehigh, u_short levelhigh)
+ u_short levellow, u_char *compartmentslow, u_short typehigh,
+ u_short levelhigh, u_char *compartmentshigh)
{
mac_mls->mm_rangelow.mme_type = typelow;
mac_mls->mm_rangelow.mme_level = levellow;
+ if (compartmentslow != NULL)
+ memcpy(mac_mls->mm_rangelow.mme_compartments,
+ compartmentslow,
+ sizeof(mac_mls->mm_rangelow.mme_compartments));
mac_mls->mm_rangehigh.mme_type = typehigh;
mac_mls->mm_rangehigh.mme_level = levelhigh;
+ if (compartmentshigh != NULL)
+ memcpy(mac_mls->mm_rangehigh.mme_compartments,
+ compartmentshigh,
+ sizeof(mac_mls->mm_rangehigh.mme_compartments));
mac_mls->mm_flags |= MAC_MLS_FLAG_RANGE;
}
static void
-mac_mls_set_single(struct mac_mls *mac_mls, u_short type, u_short level)
+mac_mls_set_single(struct mac_mls *mac_mls, u_short type, u_short level,
+ u_char *compartments)
{
mac_mls->mm_single.mme_type = type;
mac_mls->mm_single.mme_level = level;
+ if (compartments != NULL)
+ memcpy(mac_mls->mm_single.mme_compartments, compartments,
+ sizeof(mac_mls->mm_single.mme_compartments));
mac_mls->mm_flags |= MAC_MLS_FLAG_SINGLE;
}
static void
mac_mls_copy_range(struct mac_mls *labelfrom, struct mac_mls *labelto)
{
+
KASSERT((labelfrom->mm_flags & MAC_MLS_FLAG_RANGE) != 0,
("mac_mls_copy_range: labelfrom not range"));
@@ -396,19 +435,6 @@
labelto->mm_flags |= MAC_MLS_FLAG_SINGLE;
}
-static void
-mac_mls_copy_single_to_range(struct mac_mls *labelfrom,
- struct mac_mls *labelto)
-{
-
- KASSERT((labelfrom->mm_flags & MAC_MLS_FLAG_SINGLE) != 0,
- ("mac_mls_copy_single_to_range: labelfrom not single"));
-
- labelto->mm_rangelow = labelfrom->mm_single;
- labelto->mm_rangehigh = labelfrom->mm_single;
- labelto->mm_flags |= MAC_MLS_FLAG_RANGE;
-}
-
/*
* Policy module operations.
*/
@@ -513,7 +539,7 @@
mls_type = MAC_MLS_TYPE_EQUAL;
else
mls_type = MAC_MLS_TYPE_LOW;
- mac_mls_set_single(mac_mls, mls_type, 0);
+ mac_mls_set_single(mac_mls, mls_type, 0, NULL);
}
static void
@@ -523,7 +549,7 @@
struct mac_mls *mac_mls;
mac_mls = SLOT(label);
- mac_mls_set_single(mac_mls, MAC_MLS_TYPE_LOW, 0);
+ mac_mls_set_single(mac_mls, MAC_MLS_TYPE_LOW, 0, NULL);
}
static void
@@ -582,9 +608,9 @@
/* Always mount root as high integrity. */
mac_mls = SLOT(fslabel);
- mac_mls_set_single(mac_mls, MAC_MLS_TYPE_LOW, 0);
+ mac_mls_set_single(mac_mls, MAC_MLS_TYPE_LOW, 0, NULL);
mac_mls = SLOT(mntlabel);
- mac_mls_set_single(mac_mls, MAC_MLS_TYPE_LOW, 0);
+ mac_mls_set_single(mac_mls, MAC_MLS_TYPE_LOW, 0, NULL);
}
static void
@@ -686,7 +712,6 @@
dest = SLOT(socketlabel);
mac_mls_copy_single(source, dest);
- mac_mls_copy_single_to_range(source, dest);
}
static void
@@ -712,7 +737,6 @@
dest = SLOT(newsocketlabel);
mac_mls_copy_single(source, dest);
- mac_mls_copy_range(source, dest);
}
static void
@@ -725,7 +749,6 @@
dest = SLOT(socketlabel);
mac_mls_copy_single(source, dest);
- mac_mls_copy_range(source, dest);
}
static void
@@ -793,8 +816,8 @@
else
level = MAC_MLS_TYPE_LOW;
- mac_mls_set_single(dest, level, 0);
- mac_mls_set_range(dest, level, 0, level, 0);
+ mac_mls_set_single(dest, level, 0, NULL);
+ mac_mls_set_range(dest, level, 0, NULL, level, 0, NULL);
}
static void
@@ -855,7 +878,7 @@
dest = SLOT(mbuflabel);
- mac_mls_set_single(dest, MAC_MLS_TYPE_EQUAL, 0);
+ mac_mls_set_single(dest, MAC_MLS_TYPE_EQUAL, 0, NULL);
}
static void
@@ -983,8 +1006,9 @@
dest = SLOT(&cred->cr_label);
- mac_mls_set_single(dest, MAC_MLS_TYPE_EQUAL, 0);
- mac_mls_set_range(dest, MAC_MLS_TYPE_LOW, 0, MAC_MLS_TYPE_HIGH, 0);
+ mac_mls_set_single(dest, MAC_MLS_TYPE_EQUAL, 0, NULL);
+ mac_mls_set_range(dest, MAC_MLS_TYPE_LOW, 0, NULL, MAC_MLS_TYPE_HIGH,
+ 0, NULL);
}
static void
@@ -994,8 +1018,9 @@
dest = SLOT(&cred->cr_label);
- mac_mls_set_single(dest, MAC_MLS_TYPE_LOW, 0);
- mac_mls_set_range(dest, MAC_MLS_TYPE_LOW, 0, MAC_MLS_TYPE_HIGH, 0);
+ mac_mls_set_single(dest, MAC_MLS_TYPE_LOW, 0, NULL);
+ mac_mls_set_range(dest, MAC_MLS_TYPE_LOW, 0, NULL, MAC_MLS_TYPE_HIGH,
+ 0, NULL);
}
static void
@@ -1659,7 +1684,7 @@
* Rely on the use of open()-time protections to handle
* non-revocation cases.
*/
- if (!mac_mls_enabled || !mac_mls_revocation_enabled)
+ if (!mac_mls_enabled || !revocation_enabled)
return (0);
subj = SLOT(&cred->cr_label);
@@ -1708,7 +1733,7 @@
{
struct mac_mls *subj, *obj;
- if (!mac_mls_enabled || !mac_mls_revocation_enabled)
+ if (!mac_mls_enabled || !revocation_enabled)
return (0);
subj = SLOT(&active_cred->cr_label);
@@ -1726,7 +1751,7 @@
{
struct mac_mls *subj, *obj;
- if (!mac_mls_enabled || !mac_mls_revocation_enabled)
+ if (!mac_mls_enabled || !revocation_enabled)
return (0);
subj = SLOT(&active_cred->cr_label);
@@ -2029,7 +2054,7 @@
{
struct mac_mls *subj, *obj;
- if (!mac_mls_enabled || !mac_mls_revocation_enabled)
+ if (!mac_mls_enabled || !revocation_enabled)
return (0);
subj = SLOT(&active_cred->cr_label);
==== //depot/projects/trustedbsd/base/sys/security/mac_mls/mac_mls.h#2 (text+ko) ====
@@ -34,7 +34,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/security/mac_mls/mac_mls.h,v 1.1 2002/07/31 18:07:44 rwatson Exp $
+ * $FreeBSD: src/sys/security/mac_mls/mac_mls.h,v 1.2 2002/10/21 18:42:01 rwatson Exp $
*/
/*
* Definitions for the TrustedBSD MLS confidentiality policy module.
@@ -58,4 +58,14 @@
#define MAC_MLS_TYPE_EQUAL 4 /* Equivilent to any
* MAC_MLS_TYPE_LABEL. */
+/*
+ * MLS compartments bit test/set macros.
+ * The range is 1 to MAC_MLS_MAX_COMPARTMENTS.
+ */
+#define MAC_MLS_BIT_TEST(b, w) \
+ ((w)[(((b) - 1) >> 3)] & (1 << (((b) - 1) & 7)))
+#define MAC_MLS_BIT_SET(b, w) \
+ ((w)[(((b) - 1) >> 3)] |= (1 << (((b) - 1) & 7)))
+#define MAC_MLS_BIT_SET_EMPTY(set) mls_bit_set_empty(set)
+
#endif /* !_SYS_SECURITY_MAC_MLS_H */
==== //depot/projects/trustedbsd/base/sys/sys/mac.h#10 (text+ko) ====
@@ -34,7 +34,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/sys/mac.h,v 1.14 2002/10/06 14:39:15 rwatson Exp $
+ * $FreeBSD: src/sys/sys/mac.h,v 1.15 2002/10/21 18:42:00 rwatson Exp $
*/
/*
* Userland/kernel interface for Mandatory Access Control.
@@ -76,9 +76,11 @@
* mb_type. These structures will move to mac_biba.h once we have dymamic
* labels exposed to userland.
*/
+#define MAC_BIBA_MAX_COMPARTMENTS 256
struct mac_biba_element {
u_short mbe_type;
u_short mbe_grade;
+ u_char mbe_compartments[MAC_BIBA_MAX_COMPARTMENTS >> 3];
};
/*
@@ -100,9 +102,11 @@
* current mm_type. These structures will move to mac_mls.h once we have
* dynamic labels exposed to userland.
*/
+#define MAC_MLS_MAX_COMPARTMENTS 256
struct mac_mls_element {
u_short mme_type;
u_short mme_level;
+ u_char mme_compartments[MAC_MLS_MAX_COMPARTMENTS >> 3];
};
/*
==== //depot/projects/trustedbsd/base/sys/sys/proc.h#25 (text+ko) ====
@@ -36,7 +36,7 @@
* SUCH DAMAGE.
*
* @(#)proc.h 8.15 (Berkeley) 5/19/95
- * $FreeBSD: src/sys/sys/proc.h,v 1.271 2002/10/15 00:14:32 jhb Exp $
+ * $FreeBSD: src/sys/sys/proc.h,v 1.272 2002/10/21 18:37:34 julian Exp $
*/
#ifndef _SYS_PROC_H_
@@ -447,8 +447,9 @@
#define KEF_USER 0x00200 /* Process is not officially in the kernel */
#define KEF_ASTPENDING 0x00400 /* KSE has a pending ast. */
#define KEF_NEEDRESCHED 0x00800 /* Process needs to yield. */
-#define KEF_ONLOANQ 0x01000 /* KSE is on loan queue */
+#define KEF_ONLOANQ 0x01000 /* KSE is on loan queue. */
#define KEF_DIDRUN 0x02000 /* KSE actually ran. */
+#define KEF_EXIT 0x04000 /* KSE is being killed. */
/*
* (*) A bound KSE with a bound thread in a KSE process may be lent to
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list