PERFORCE change 19873 for review
Brian Feldman
green at freebsd.org
Tue Oct 22 14:51:08 GMT 2002
http://perforce.freebsd.org/chv.cgi?CH=19873
Change 19873 by green at green_laptop_2 on 2002/10/22 07:51:05
Add the mac_check_vnode_swapon() entry point to do what it does
best.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#322 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#149 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#57 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#129 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#87 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#89 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#61 edit
.. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#48 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#184 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#143 edit
.. //depot/projects/trustedbsd/mac/sys/vm/vm_swap.c#11 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#322 (text+ko) ====
@@ -1038,6 +1038,10 @@
mpc->mpc_ops->mpo_check_vnode_stat =
mpe->mpe_function;
break;
+ case MAC_CHECK_VNODE_SWAPON:
+ mpc->mpc_ops->mpo_check_vnode_swapon =
+ mpe->mpe_function;
+ break;
case MAC_CHECK_VNODE_WRITE:
mpc->mpc_ops->mpo_check_vnode_write =
mpe->mpe_function;
@@ -2648,6 +2652,24 @@
}
int
+mac_check_vnode_swapon(struct ucred *cred, struct vnode *vp)
+{
+ int error;
+
+ ASSERT_VOP_LOCKED(vp, "mac_check_vnode_swapon");
+
+ if (!mac_enforce_fs)
+ return (0);
+
+ error = vn_refreshlabel(vp, cred);
+ if (error)
+ return (error);
+
+ MAC_CHECK(check_vnode_swapon, cred, vp, &vp->v_label);
+ return (error);
+}
+
+int
mac_check_vnode_write(struct ucred *active_cred, struct ucred *file_cred,
struct vnode *vp)
{
==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#149 (text+ko) ====
@@ -2372,6 +2372,25 @@
}
static int
+mac_biba_check_vnode_swapon(struct ucred *cred, struct vnode *vp,
+ struct label *label)
+{
+ struct mac_biba *subj, *obj;
+
+ if (!mac_biba_enabled)
+ return (0);
+
+ subj = SLOT(&cred->cr_label);
+ obj = SLOT(label);
+
+ if (!mac_biba_dominate_single(subj, obj) ||
+ !mac_biba_dominate_single(obj, subj))
+ return (EACCES);
+
+ return (0);
+}
+
+static int
mac_biba_check_vnode_write(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp, struct label *label)
{
@@ -2645,6 +2664,8 @@
(macop_t)mac_biba_check_vnode_setutimes },
{ MAC_CHECK_VNODE_STAT,
(macop_t)mac_biba_check_vnode_stat },
+ { MAC_CHECK_VNODE_SWAPON,
+ (macop_t)mac_biba_check_vnode_swapon },
{ MAC_CHECK_VNODE_WRITE,
(macop_t)mac_biba_check_vnode_write },
{ MAC_OP_LAST, NULL }
==== //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#57 (text+ko) ====
@@ -718,6 +718,22 @@
VSTAT));
}
+static int
+mac_bsdextended_check_vnode_swapon(struct ucred *cred, struct vnode *vp,
+ struct label *label)
+{
+ struct vattr vap;
+ int error;
+
+ if (!mac_bsdextended_enabled)
+ return (0);
+
+ error = VOP_GETATTR(vp, &vap, cred, curthread);
+ if (error)
+ return (error);
+ return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE));
+}
+
static struct mac_policy_op_entry mac_bsdextended_ops[] =
{
{ MAC_DESTROY,
@@ -772,6 +788,8 @@
(macop_t)mac_bsdextended_check_vnode_setutimes },
{ MAC_CHECK_VNODE_STAT,
(macop_t)mac_bsdextended_check_vnode_stat },
+ { MAC_CHECK_VNODE_SWAPON,
+ (macop_t)mac_bsdextended_check_vnode_swapon },
{ MAC_OP_LAST, NULL }
};
==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#129 (text+ko) ====
@@ -2320,6 +2320,25 @@
}
static int
+mac_mls_check_vnode_swapon(struct ucred *cred, struct vnode *vp,
+ struct label *label)
+{
+ struct mac_mls *subj, *obj;
+
+ if (!mac_mls_enabled)
+ return (0);
+
+ subj = SLOT(&cred->cr_label);
+ obj = SLOT(label);
+
+ if (!mac_mls_dominate_single(obj, subj) ||
+ !mac_mls_dominate_single(subj, obj))
+ return (EACCES);
+
+ return (0);
+}
+
+static int
mac_mls_check_vnode_write(struct ucred *active_cred, struct ucred *file_cred,
struct vnode *vp, struct label *label)
{
@@ -2593,6 +2612,8 @@
(macop_t)mac_mls_check_vnode_setutimes },
{ MAC_CHECK_VNODE_STAT,
(macop_t)mac_mls_check_vnode_stat },
+ { MAC_CHECK_VNODE_SWAPON,
+ (macop_t)mac_mls_check_vnode_swapon },
{ MAC_CHECK_VNODE_WRITE,
(macop_t)mac_mls_check_vnode_write },
{ MAC_OP_LAST, NULL }
==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#87 (text+ko) ====
@@ -857,6 +857,14 @@
}
static int
+mac_none_check_vnode_swapon(struct ucred *cred, struct vnode *vp,
+ struct label *label)
+{
+
+ return (0);
+}
+
+static int
mac_none_check_vnode_write(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp, struct label *label)
{
@@ -1128,6 +1136,8 @@
(macop_t)mac_none_check_vnode_setutimes },
{ MAC_CHECK_VNODE_STAT,
(macop_t)mac_none_check_vnode_stat },
+ { MAC_CHECK_VNODE_SWAPON,
+ (macop_t)mac_none_check_vnode_swapon },
{ MAC_CHECK_VNODE_WRITE,
(macop_t)mac_none_check_vnode_write },
{ MAC_OP_LAST, NULL }
==== //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#89 (text+ko) ====
@@ -1509,6 +1509,21 @@
}
static int
+mac_te_check_vnode_swapon(struct ucred *cred, struct vnode *vp,
+ struct label *label)
+{
+ int error;
+
+ error = mac_te_check(&cred->cr_label, label, MAC_TE_CLASS_FILE,
+ MAC_TE_OPERATION_FILE_READ);
+ if (error)
+ return (error);
+ error = mac_te_check(&cred->cr_label, label, MAC_TE_CLASS_FILE,
+ MAC_TE_OPERATION_FILE_WRITE);
+ return (error);
+}
+
+static int
mac_te_check_vnode_write(struct ucred *active_cred, struct ucred *file_cred,
struct vnode *vp, struct label *label)
{
@@ -1838,6 +1853,8 @@
(macop_t)mac_te_check_vnode_setutimes },
{ MAC_CHECK_VNODE_STAT,
(macop_t)mac_te_check_vnode_stat },
+ { MAC_CHECK_VNODE_SWAPON,
+ (macop_t)mac_te_check_vnode_swapon },
{ MAC_CHECK_VNODE_WRITE,
(macop_t)mac_te_check_vnode_write },
{ MAC_COPY_PIPE_LABEL,
==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#61 (text+ko) ====
@@ -1254,6 +1254,14 @@
}
static int
+mac_test_check_vnode_swapon(struct ucred *cred, struct vnode *vp,
+ struct label *label)
+{
+
+ return (0);
+}
+
+static int
mac_test_check_vnode_write(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp, struct label *label)
{
@@ -1527,6 +1535,8 @@
(macop_t)mac_test_check_vnode_setutimes },
{ MAC_CHECK_VNODE_STAT,
(macop_t)mac_test_check_vnode_stat },
+ { MAC_CHECK_VNODE_SWAPON,
+ (macop_t)mac_test_check_vnode_swapon },
{ MAC_CHECK_VNODE_WRITE,
(macop_t)mac_test_check_vnode_write },
{ MAC_OP_LAST, NULL }
==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#48 (text+ko) ====
@@ -440,6 +440,20 @@
}
}
+static void
+sebsd_create_devfs_vnode(struct devfs_dirent *devfs_dirent,
+ struct label *direntlabel, struct vnode *vp, struct label *vnodelabel)
+{
+ /*
+ * This is a no-op for now, but when devfs_dirents do contain
+ * labels, they should be copied to the vp here as per how
+ * sebsd_update_vnode_from_extattr() functions. They will be
+ * kept synchronized from here on automatically with the vnode
+ * relabel calls.
+ */
+}
+
+
static int
sebsd_update_vnode_from_extattr(struct vnode *vp, struct label *vnodelabel,
struct mount *mp, struct label *fslabel)
@@ -1021,6 +1035,13 @@
}
static int
+sebsd_check_vnode_swapon(struct ucred *cred, struct vnode *vp,
+ struct label *vnodelabel)
+{
+ return vnode_has_perm(cred, vp, FILE__SWAPON, NULL);
+}
+
+static int
sebsd_check_vnode_write(struct ucred *cred, struct ucred *file_cred,
struct vnode *vp, struct label *label)
{
@@ -1242,6 +1263,8 @@
(macop_t)sebsd_check_vnode_setutimes },
{ MAC_CHECK_VNODE_STAT,
(macop_t)sebsd_check_vnode_stat },
+ { MAC_CHECK_VNODE_SWAPON,
+ (macop_t)sebsd_check_vnode_swapon },
{ MAC_CHECK_VNODE_WRITE,
(macop_t)sebsd_check_vnode_write },
@@ -1256,6 +1279,8 @@
(macop_t)sebsd_relabel_vnode },
{ MAC_UPDATE_VNODE_FROM_EXTATTR,
(macop_t)sebsd_update_vnode_from_extattr },
+ { MAC_CREATE_DEVFS_VNODE,
+ (macop_t)sebsd_create_devfs_vnode },
{ MAC_SYSCALL,
(macop_t)sebsd_syscall },
==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#184 (text+ko) ====
@@ -358,6 +358,7 @@
struct timespec atime, struct timespec mtime);
int mac_check_vnode_stat(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp);
+int mac_check_vnode_swapon(struct ucred *cred, struct vnode *vp);
int mac_check_vnode_write(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp);
int mac_getsockopt_label_get(struct ucred *cred, struct socket *so,
==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#143 (text+ko) ====
@@ -391,6 +391,8 @@
int (*mpo_check_vnode_stat)(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp,
struct label *label);
+ int (*mpo_check_vnode_swapon)(struct ucred *cred,
+ struct vnode *vp, struct label *label);
int (*mpo_check_vnode_write)(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp,
struct label *label);
@@ -539,6 +541,7 @@
MAC_CHECK_VNODE_SETOWNER,
MAC_CHECK_VNODE_SETUTIMES,
MAC_CHECK_VNODE_STAT,
+ MAC_CHECK_VNODE_SWAPON,
MAC_CHECK_VNODE_WRITE,
};
==== //depot/projects/trustedbsd/mac/sys/vm/vm_swap.c#11 (text+ko) ====
@@ -34,6 +34,7 @@
* $FreeBSD: src/sys/vm/vm_swap.c,v 1.122 2002/09/25 01:24:17 jeff Exp $
*/
+#include "opt_mac.h"
#include "opt_swap.h"
#include <sys/param.h>
@@ -52,6 +53,7 @@
#include <sys/conf.h>
#include <sys/stat.h>
#include <sys/sysctl.h>
+#include <sys/mac.h>
#include <sys/mount.h>
#include <vm/vm.h>
#include <vm/vm_extern.h>
@@ -287,7 +289,11 @@
return EINVAL;
found:
(void) vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
- error = VOP_OPEN(vp, FREAD | FWRITE, td->td_ucred, td);
+#ifdef MAC
+ error = mac_check_vnode_swapon(td->td_ucred, vp);
+ if (error == 0)
+#endif
+ error = VOP_OPEN(vp, FREAD | FWRITE, td->td_ucred, td);
(void) VOP_UNLOCK(vp, 0, td);
if (error)
return (error);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list