PERFORCE change 19914 for review
Brian Feldman
green at freebsd.org
Tue Oct 22 18:19:32 GMT 2002
http://perforce.freebsd.org/chv.cgi?CH=19914
Change 19914 by green at green_laptop_2 on 2002/10/22 11:19:17
* Hook up the mac_lomac module to the build. Keep it synched with
mac_biba! It's a derivative!
* Perform a compartmentectomy on mac_lomac. And God said, "Let
LOMAC have no compartments!!"
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/modules/Makefile#43 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#12 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.h#7 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/modules/Makefile#43 (text+ko) ====
@@ -67,6 +67,7 @@
mac_bsdextended \
mac_ifoff \
mac_mls \
+ mac_lomac \
mac_none \
mac_partition \
mac_seeotheruids \
==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#12 (text+ko) ====
@@ -103,10 +103,6 @@
TUNABLE_STR("security.mac.lomac.trusted_interfaces", trusted_interfaces,
sizeof(trusted_interfaces));
-static int max_compartments = MAC_LOMAC_MAX_COMPARTMENTS;
-SYSCTL_INT(_security_mac_lomac, OID_AUTO, max_compartments, CTLFLAG_RD,
- &max_compartments, 0, "Maximum supported compartments");
-
static int ptys_equal = 0;
SYSCTL_INT(_security_mac_lomac, OID_AUTO, ptys_equal, CTLFLAG_RW,
&ptys_equal, 0, "Label pty devices as lomac/equal on create");
@@ -122,16 +118,6 @@
MALLOC_DEFINE(M_MACLOMAC, "lomac label", "MAC/LOMAC labels");
-static __inline int
-lomac_bit_set_empty(u_char *set) {
- int i;
-
- for (i = 0; i < MAC_LOMAC_MAX_COMPARTMENTS >> 3; i++)
- if (set[i] != 0)
- return (0);
- return (1);
-}
-
static struct mac_lomac *
lomac_alloc(int flag)
{
@@ -165,7 +151,6 @@
mac_lomac_dominate_element(struct mac_lomac_element *a,
struct mac_lomac_element *b)
{
- int bit;
switch(a->mle_type) {
case MAC_LOMAC_TYPE_EQUAL:
@@ -196,11 +181,6 @@
return (0);
case MAC_LOMAC_TYPE_GRADE:
- for (bit = 1; bit <= MAC_LOMAC_MAX_COMPARTMENTS; bit++)
- if (!MAC_LOMAC_BIT_TEST(bit,
- a->mle_compartments) &&
- MAC_LOMAC_BIT_TEST(bit, b->mle_compartments))
- return (0);
return (a->mle_grade >= b->mle_grade);
default:
@@ -326,15 +306,9 @@
if (mac_lomac->ml_flags & MAC_LOMAC_FLAG_SINGLE) {
switch (mac_lomac->ml_single.mle_type) {
case MAC_LOMAC_TYPE_GRADE:
- break;
-
case MAC_LOMAC_TYPE_EQUAL:
case MAC_LOMAC_TYPE_HIGH:
case MAC_LOMAC_TYPE_LOW:
- if (mac_lomac->ml_single.mle_grade != 0 ||
- !MAC_LOMAC_BIT_SET_EMPTY(
- mac_lomac->ml_single.mle_compartments))
- return (EINVAL);
break;
default:
@@ -348,15 +322,9 @@
if (mac_lomac->ml_flags & MAC_LOMAC_FLAG_RANGE) {
switch (mac_lomac->ml_rangelow.mle_type) {
case MAC_LOMAC_TYPE_GRADE:
- break;
-
case MAC_LOMAC_TYPE_EQUAL:
case MAC_LOMAC_TYPE_HIGH:
case MAC_LOMAC_TYPE_LOW:
- if (mac_lomac->ml_rangelow.mle_grade != 0 ||
- !MAC_LOMAC_BIT_SET_EMPTY(
- mac_lomac->ml_rangelow.mle_compartments))
- return (EINVAL);
break;
default:
@@ -365,15 +333,9 @@
switch (mac_lomac->ml_rangehigh.mle_type) {
case MAC_LOMAC_TYPE_GRADE:
- break;
-
case MAC_LOMAC_TYPE_EQUAL:
case MAC_LOMAC_TYPE_HIGH:
case MAC_LOMAC_TYPE_LOW:
- if (mac_lomac->ml_rangehigh.mle_grade != 0 ||
- !MAC_LOMAC_BIT_SET_EMPTY(
- mac_lomac->ml_rangehigh.mle_compartments))
- return (EINVAL);
break;
default:
@@ -393,35 +355,22 @@
static void
mac_lomac_set_range(struct mac_lomac *mac_lomac, u_short typelow,
- u_short gradelow, u_char *compartmentslow, u_short typehigh,
- u_short gradehigh, u_char *compartmentshigh)
+ u_short gradelow, u_short typehigh, u_short gradehigh)
{
mac_lomac->ml_rangelow.mle_type = typelow;
mac_lomac->ml_rangelow.mle_grade = gradelow;
- if (compartmentslow != NULL)
- memcpy(mac_lomac->ml_rangelow.mle_compartments,
- compartmentslow,
- sizeof(mac_lomac->ml_rangelow.mle_compartments));
mac_lomac->ml_rangehigh.mle_type = typehigh;
mac_lomac->ml_rangehigh.mle_grade = gradehigh;
- if (compartmentshigh != NULL)
- memcpy(mac_lomac->ml_rangehigh.mle_compartments,
- compartmentshigh,
- sizeof(mac_lomac->ml_rangehigh.mle_compartments));
mac_lomac->ml_flags |= MAC_LOMAC_FLAG_RANGE;
}
static void
-mac_lomac_set_single(struct mac_lomac *mac_lomac, u_short type, u_short grade,
- u_char *compartments)
+mac_lomac_set_single(struct mac_lomac *mac_lomac, u_short type, u_short grade)
{
mac_lomac->ml_single.mle_type = type;
mac_lomac->ml_single.mle_grade = grade;
- if (compartments != NULL)
- memcpy(mac_lomac->ml_single.mle_compartments, compartments,
- sizeof(mac_lomac->ml_single.mle_compartments));
mac_lomac->ml_flags |= MAC_LOMAC_FLAG_SINGLE;
}
@@ -511,7 +460,6 @@
mac_lomac_element_to_string(char *string, size_t size,
struct mac_lomac_element *element)
{
- int pos, bit = 1;
switch (element->mle_type) {
case MAC_LOMAC_TYPE_HIGH:
@@ -524,15 +472,7 @@
return (snprintf(string, size, "equal"));
case MAC_LOMAC_TYPE_GRADE:
- pos = snprintf(string, size, "%d:", element->mle_grade);
- for (bit = 1; bit <= MAC_LOMAC_MAX_COMPARTMENTS; bit++) {
- if (MAC_LOMAC_BIT_TEST(bit, element->mle_compartments))
- pos += snprintf(string + pos, size - pos,
- "%d+", bit);
- }
- if (string[pos - 1] == '+' || string[pos - 1] == ':')
- string[--pos] = NULL;
- return (pos);
+ return (snprintf(string, size, "%d", element->mle_grade));
default:
panic("mac_lomac_element_to_string: invalid type (%d)",
@@ -647,28 +587,8 @@
element->mle_type = MAC_LOMAC_TYPE_GRADE;
element->mle_grade = d;
- if (*p1 != ':') {
- if (p1 == p0 || *p1 != '\0')
- return (EINVAL);
- else
- return (0);
- }
- else
- if (*(p1 + 1) == '\0')
- return (0);
-
- while ((p0 = ++p1)) {
- d = strtol(p0, &p1, 10);
- if (d < 1 || d > MAC_LOMAC_MAX_COMPARTMENTS)
- return (EINVAL);
-
- MAC_LOMAC_BIT_SET(d, element->mle_compartments);
-
- if (*p1 == '\0')
- break;
- if (p1 == p0 || *p1 != '+')
- return (EINVAL);
- }
+ if (p1 == p0 || *p1 != '\0')
+ return (EINVAL);
}
return (0);
@@ -793,7 +713,7 @@
lomac_type = MAC_LOMAC_TYPE_EQUAL;
else
lomac_type = MAC_LOMAC_TYPE_HIGH;
- mac_lomac_set_single(mac_lomac, lomac_type, 0, NULL);
+ mac_lomac_set_single(mac_lomac, lomac_type, 0);
}
static void
@@ -803,7 +723,7 @@
struct mac_lomac *mac_lomac;
mac_lomac = SLOT(label);
- mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0, NULL);
+ mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0);
}
static void
@@ -862,9 +782,9 @@
/* Always mount root as high integrity. */
mac_lomac = SLOT(fslabel);
- mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0, NULL);
+ mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0);
mac_lomac = SLOT(mntlabel);
- mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0, NULL);
+ mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0);
}
static void
@@ -1115,8 +1035,8 @@
}
}
set:
- mac_lomac_set_single(dest, grade, 0, NULL);
- mac_lomac_set_range(dest, grade, 0, NULL, grade, 0, NULL);
+ mac_lomac_set_single(dest, grade, 0);
+ mac_lomac_set_range(dest, grade, 0, grade, 0);
}
static void
@@ -1185,7 +1105,7 @@
dest = SLOT(mbuflabel);
- mac_lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0, NULL);
+ mac_lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0);
}
static void
@@ -1314,9 +1234,9 @@
dest = SLOT(&cred->cr_label);
- mac_lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0, NULL);
- mac_lomac_set_range(dest, MAC_LOMAC_TYPE_LOW, 0, NULL,
- MAC_LOMAC_TYPE_HIGH, 0, NULL);
+ mac_lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0);
+ mac_lomac_set_range(dest, MAC_LOMAC_TYPE_LOW, 0, MAC_LOMAC_TYPE_HIGH,
+ 0);
}
static void
@@ -1326,9 +1246,9 @@
dest = SLOT(&cred->cr_label);
- mac_lomac_set_single(dest, MAC_LOMAC_TYPE_HIGH, 0, NULL);
- mac_lomac_set_range(dest, MAC_LOMAC_TYPE_LOW, 0, NULL,
- MAC_LOMAC_TYPE_HIGH, 0, NULL);
+ mac_lomac_set_single(dest, MAC_LOMAC_TYPE_HIGH, 0);
+ mac_lomac_set_range(dest, MAC_LOMAC_TYPE_LOW, 0, MAC_LOMAC_TYPE_HIGH,
+ 0);
}
static void
==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.h#7 (text+ko) ====
@@ -68,12 +68,9 @@
* mb_type.
*/
-#define MAC_LOMAC_MAX_COMPARTMENTS 256
-
struct mac_lomac_element {
u_short mle_type;
u_short mle_grade;
- u_char mle_compartments[MAC_LOMAC_MAX_COMPARTMENTS >> 3];
};
/*
@@ -88,14 +85,4 @@
struct mac_lomac_element ml_rangelow, ml_rangehigh;
};
-/*
- * LOMAC compartments bit test/set macros.
- * The range is 1 to MAC_LOMAC_MAX_COMPARTMENTS.
- */
-#define MAC_LOMAC_BIT_TEST(b, w) \
- ((w)[(((b) - 1) >> 3)] & (1 << (((b) - 1) & 7)))
-#define MAC_LOMAC_BIT_SET(b, w) \
- ((w)[(((b) - 1) >> 3)] |= (1 << (((b) - 1) & 7)))
-#define MAC_LOMAC_BIT_SET_EMPTY(set) lomac_bit_set_empty(set)
-
#endif /* !_SYS_SECURITY_MAC_LOMAC_H */
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list