PERFORCE change 20222 for review
Robert Watson
rwatson at freebsd.org
Sun Oct 27 03:29:18 GMT 2002
http://perforce.freebsd.org/chv.cgi?CH=20222
Change 20222 by rwatson at rwatson_tislabs on 2002/10/26 20:29:17
Push reboot, sysctl, swapon checks into a new _system_ namespace,
since these operations fall into class of operations that
affect not just the subject and specific object, but system
configuration as a whole. The renames were:
mac_check_reboot() -> mac_check_system_reboot()
mac_check_vnode_swapon() -> mac_check_system_swapon()
mac_check_sysctl() -> mac_check_system_sysctl()
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#334 edit
.. //depot/projects/trustedbsd/mac/sys/kern/kern_shutdown.c#15 edit
.. //depot/projects/trustedbsd/mac/sys/kern/kern_sysctl.c#14 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#164 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#58 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#134 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#93 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#67 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#197 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#151 edit
.. //depot/projects/trustedbsd/mac/sys/vm/vm_swap.c#13 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#334 (text+ko) ====
@@ -888,10 +888,6 @@
mpc->mpc_ops->mpo_check_proc_signal =
mpe->mpe_function;
break;
- case MAC_CHECK_REBOOT:
- mpc->mpc_ops->mpo_check_reboot =
- mpe->mpe_function;
- break;
case MAC_CHECK_SOCKET_BIND:
mpc->mpc_ops->mpo_check_socket_bind =
mpe->mpe_function;
@@ -924,8 +920,16 @@
mpc->mpc_ops->mpo_check_socket_visible =
mpe->mpe_function;
break;
- case MAC_CHECK_SYSCTL:
- mpc->mpc_ops->mpo_check_sysctl =
+ case MAC_CHECK_SYSTEM_REBOOT:
+ mpc->mpc_ops->mpo_check_system_reboot =
+ mpe->mpe_function;
+ break;
+ case MAC_CHECK_SYSTEM_SWAPON:
+ mpc->mpc_ops->mpo_check_system_swapon =
+ mpe->mpe_function;
+ break;
+ case MAC_CHECK_SYSTEM_SYSCTL:
+ mpc->mpc_ops->mpo_check_system_sysctl =
mpe->mpe_function;
break;
case MAC_CHECK_VNODE_ACCESS:
@@ -1048,10 +1052,6 @@
mpc->mpc_ops->mpo_check_vnode_stat =
mpe->mpe_function;
break;
- case MAC_CHECK_VNODE_SWAPON:
- mpc->mpc_ops->mpo_check_vnode_swapon =
- mpe->mpe_function;
- break;
case MAC_CHECK_VNODE_WRITE:
mpc->mpc_ops->mpo_check_vnode_write =
mpe->mpe_function;
@@ -2366,20 +2366,6 @@
}
int
-mac_check_vnode_swapon(struct ucred *cred, struct vnode *vp)
-{
- int error;
-
- ASSERT_VOP_LOCKED(vp, "mac_check_vnode_swapon");
-
- if (!mac_enforce_fs)
- return (0);
-
- MAC_CHECK(check_vnode_swapon, cred, vp, &vp->v_label);
- return (error);
-}
-
-int
mac_check_vnode_write(struct ucred *active_cred, struct ucred *file_cred,
struct vnode *vp)
{
@@ -2966,19 +2952,6 @@
}
int
-mac_check_reboot(struct ucred *cred, int howto)
-{
- int error;
-
- if (!mac_enforce_reboot)
- return (0);
-
- MAC_CHECK(check_reboot, cred, howto);
-
- return (error);
-}
-
-int
mac_check_socket_bind(struct ucred *ucred, struct socket *socket,
struct sockaddr *sockaddr)
{
@@ -3086,8 +3059,35 @@
}
int
-mac_check_sysctl(struct ucred *cred, int *name, u_int namelen, void *old,
- size_t *oldlenp, int inkernel, void *new, size_t newlen)
+mac_check_system_reboot(struct ucred *cred, int howto)
+{
+ int error;
+
+ if (!mac_enforce_reboot)
+ return (0);
+
+ MAC_CHECK(check_system_reboot, cred, howto);
+
+ return (error);
+}
+
+int
+mac_check_system_swapon(struct ucred *cred, struct vnode *vp)
+{
+ int error;
+
+ ASSERT_VOP_LOCKED(vp, "mac_check_system_swapon");
+
+ if (!mac_enforce_fs)
+ return (0);
+
+ MAC_CHECK(check_system_swapon, cred, vp, &vp->v_label);
+ return (error);
+}
+
+int
+mac_check_system_sysctl(struct ucred *cred, int *name, u_int namelen,
+ void *old, size_t *oldlenp, int inkernel, void *new, size_t newlen)
{
int error;
@@ -3098,8 +3098,8 @@
if (!mac_enforce_sysctl)
return (0);
- MAC_CHECK(check_sysctl, cred, name, namelen, old, oldlenp, inkernel,
- new, newlen);
+ MAC_CHECK(check_system_sysctl, cred, name, namelen, old, oldlenp,
+ inkernel, new, newlen);
return (error);
}
==== //depot/projects/trustedbsd/mac/sys/kern/kern_shutdown.c#15 (text+ko) ====
@@ -163,7 +163,7 @@
error = 0;
#ifdef MAC
- error = mac_check_reboot(td->td_ucred, uap->opt);
+ error = mac_check_system_reboot(td->td_ucred, uap->opt);
#endif
if (error == 0)
error = suser(td);
==== //depot/projects/trustedbsd/mac/sys/kern/kern_sysctl.c#14 (text+ko) ====
@@ -1241,8 +1241,8 @@
SYSCTL_LOCK();
#ifdef MAC
- error = mac_check_sysctl(td->td_ucred, name, namelen, old, oldlenp,
- inkernel, new, newlen);
+ error = mac_check_system_sysctl(td->td_ucred, name, namelen, old,
+ oldlenp, inkernel, new, newlen);
if (error) {
SYSCTL_UNLOCK();
return (error);
==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#164 (text+ko) ====
@@ -1874,7 +1874,28 @@
}
static int
-mac_biba_check_sysctl(struct ucred *cred, int *name, u_int namelen,
+mac_biba_check_system_swapon(struct ucred *cred, struct vnode *vp,
+ struct label *label)
+{
+ struct mac_biba *subj, *obj;
+
+ if (!mac_biba_enabled)
+ return (0);
+
+ subj = SLOT(&cred->cr_label);
+ obj = SLOT(label);
+
+ if (!mac_biba_subject_privileged(subj))
+ return (EPERM);
+
+ if (!mac_biba_high_single(obj))
+ return (EACCES);
+
+ return (0);
+}
+
+static int
+mac_biba_check_system_sysctl(struct ucred *cred, int *name, u_int namelen,
void *old, size_t *oldlenp, int inkernel, void *new, size_t newlen)
{
struct mac_biba *subj;
@@ -2473,27 +2494,6 @@
}
static int
-mac_biba_check_vnode_swapon(struct ucred *cred, struct vnode *vp,
- struct label *label)
-{
- struct mac_biba *subj, *obj;
-
- if (!mac_biba_enabled)
- return (0);
-
- subj = SLOT(&cred->cr_label);
- obj = SLOT(label);
-
- if (!mac_biba_subject_privileged(subj))
- return (EPERM);
-
- if (!mac_biba_high_single(obj))
- return (EACCES);
-
- return (0);
-}
-
-static int
mac_biba_check_vnode_write(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp, struct label *label)
{
@@ -2709,8 +2709,10 @@
(macop_t)mac_biba_check_socket_relabel },
{ MAC_CHECK_SOCKET_VISIBLE,
(macop_t)mac_biba_check_socket_visible },
- { MAC_CHECK_SYSCTL,
- (macop_t)mac_biba_check_sysctl },
+ { MAC_CHECK_SYSTEM_SWAPON,
+ (macop_t)mac_biba_check_system_swapon },
+ { MAC_CHECK_SYSTEM_SYSCTL,
+ (macop_t)mac_biba_check_system_sysctl },
{ MAC_CHECK_VNODE_ACCESS,
(macop_t)mac_biba_check_vnode_open },
{ MAC_CHECK_VNODE_CHDIR,
@@ -2769,8 +2771,6 @@
(macop_t)mac_biba_check_vnode_setutimes },
{ MAC_CHECK_VNODE_STAT,
(macop_t)mac_biba_check_vnode_stat },
- { MAC_CHECK_VNODE_SWAPON,
- (macop_t)mac_biba_check_vnode_swapon },
{ MAC_CHECK_VNODE_WRITE,
(macop_t)mac_biba_check_vnode_write },
{ MAC_OP_LAST, NULL }
==== //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#58 (text+ko) ====
@@ -292,6 +292,22 @@
}
static int
+mac_bsdextended_check_system_swapon(struct ucred *cred, struct vnode *vp,
+ struct label *label)
+{
+ struct vattr vap;
+ int error;
+
+ if (!mac_bsdextended_enabled)
+ return (0);
+
+ error = VOP_GETATTR(vp, &vap, cred, curthread);
+ if (error)
+ return (error);
+ return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE));
+}
+
+static int
mac_bsdextended_check_vnode_access(struct ucred *cred, struct vnode *vp,
struct label *label, mode_t flags)
{
@@ -718,28 +734,14 @@
VSTAT));
}
-static int
-mac_bsdextended_check_vnode_swapon(struct ucred *cred, struct vnode *vp,
- struct label *label)
-{
- struct vattr vap;
- int error;
-
- if (!mac_bsdextended_enabled)
- return (0);
-
- error = VOP_GETATTR(vp, &vap, cred, curthread);
- if (error)
- return (error);
- return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE));
-}
-
static struct mac_policy_op_entry mac_bsdextended_ops[] =
{
{ MAC_DESTROY,
(macop_t)mac_bsdextended_destroy },
{ MAC_INIT,
(macop_t)mac_bsdextended_init },
+ { MAC_CHECK_SYSTEM_SWAPON,
+ (macop_t)mac_bsdextended_check_system_swapon },
{ MAC_CHECK_VNODE_ACCESS,
(macop_t)mac_bsdextended_check_vnode_access },
{ MAC_CHECK_VNODE_CHDIR,
@@ -788,8 +790,6 @@
(macop_t)mac_bsdextended_check_vnode_setutimes },
{ MAC_CHECK_VNODE_STAT,
(macop_t)mac_bsdextended_check_vnode_stat },
- { MAC_CHECK_VNODE_SWAPON,
- (macop_t)mac_bsdextended_check_vnode_swapon },
{ MAC_OP_LAST, NULL }
};
==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#134 (text+ko) ====
@@ -1792,6 +1792,25 @@
}
static int
+mac_mls_check_vnode_swapon(struct ucred *cred, struct vnode *vp,
+ struct label *label)
+{
+ struct mac_mls *subj, *obj;
+
+ if (!mac_mls_enabled)
+ return (0);
+
+ subj = SLOT(&cred->cr_label);
+ obj = SLOT(label);
+
+ if (!mac_mls_dominate_single(obj, subj) ||
+ !mac_mls_dominate_single(subj, obj))
+ return (EACCES);
+
+ return (0);
+}
+
+static int
mac_mls_check_vnode_chdir(struct ucred *cred, struct vnode *dvp,
struct label *dlabel)
{
@@ -2357,25 +2376,6 @@
}
static int
-mac_mls_check_vnode_swapon(struct ucred *cred, struct vnode *vp,
- struct label *label)
-{
- struct mac_mls *subj, *obj;
-
- if (!mac_mls_enabled)
- return (0);
-
- subj = SLOT(&cred->cr_label);
- obj = SLOT(label);
-
- if (!mac_mls_dominate_single(obj, subj) ||
- !mac_mls_dominate_single(subj, obj))
- return (EACCES);
-
- return (0);
-}
-
-static int
mac_mls_check_vnode_write(struct ucred *active_cred, struct ucred *file_cred,
struct vnode *vp, struct label *label)
{
@@ -2591,6 +2591,8 @@
(macop_t)mac_mls_check_socket_relabel },
{ MAC_CHECK_SOCKET_VISIBLE,
(macop_t)mac_mls_check_socket_visible },
+ { MAC_CHECK_SYSTEM_SWAPON,
+ (macop_t)mac_mls_check_vnode_swapon },
{ MAC_CHECK_VNODE_ACCESS,
(macop_t)mac_mls_check_vnode_open },
{ MAC_CHECK_VNODE_CHDIR,
@@ -2649,8 +2651,6 @@
(macop_t)mac_mls_check_vnode_setutimes },
{ MAC_CHECK_VNODE_STAT,
(macop_t)mac_mls_check_vnode_stat },
- { MAC_CHECK_VNODE_SWAPON,
- (macop_t)mac_mls_check_vnode_swapon },
{ MAC_CHECK_VNODE_WRITE,
(macop_t)mac_mls_check_vnode_write },
{ MAC_OP_LAST, NULL }
==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#93 (text+ko) ====
@@ -625,6 +625,29 @@
}
static int
+mac_none_check_system_reboot(struct ucred *cred, int how)
+{
+
+ return (0);
+}
+
+static int
+mac_none_check_system_swapon(struct ucred *cred, struct vnode *vp,
+ struct label *label)
+{
+
+ return (0);
+}
+
+static int
+mac_none_check_system_sysctl(struct ucred *cred, int *name, u_int namelen,
+ void *old, size_t *oldlenp, int inkernel, void *new, size_t newlen)
+{
+
+ return (0);
+}
+
+static int
mac_none_check_vnode_access(struct ucred *cred, struct vnode *vp,
struct label *label, mode_t flags)
{
@@ -861,14 +884,6 @@
}
static int
-mac_none_check_vnode_swapon(struct ucred *cred, struct vnode *vp,
- struct label *label)
-{
-
- return (0);
-}
-
-static int
mac_none_check_vnode_write(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp, struct label *label)
{
@@ -1082,6 +1097,12 @@
(macop_t)mac_none_check_socket_relabel },
{ MAC_CHECK_SOCKET_VISIBLE,
(macop_t)mac_none_check_socket_visible },
+ { MAC_CHECK_SYSTEM_REBOOT,
+ (macop_t)mac_none_check_system_reboot },
+ { MAC_CHECK_SYSTEM_SWAPON,
+ (macop_t)mac_none_check_system_swapon },
+ { MAC_CHECK_SYSTEM_SYSCTL,
+ (macop_t)mac_none_check_system_sysctl },
{ MAC_CHECK_VNODE_ACCESS,
(macop_t)mac_none_check_vnode_access },
{ MAC_CHECK_VNODE_CHDIR,
@@ -1140,8 +1161,6 @@
(macop_t)mac_none_check_vnode_setutimes },
{ MAC_CHECK_VNODE_STAT,
(macop_t)mac_none_check_vnode_stat },
- { MAC_CHECK_VNODE_SWAPON,
- (macop_t)mac_none_check_vnode_swapon },
{ MAC_CHECK_VNODE_WRITE,
(macop_t)mac_none_check_vnode_write },
{ MAC_OP_LAST, NULL }
==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#67 (text+ko) ====
@@ -1021,6 +1021,14 @@
}
static int
+mac_test_check_system_swapon(struct ucred *cred, struct vnode *vp,
+ struct label *label)
+{
+
+ return (0);
+}
+
+static int
mac_test_check_vnode_access(struct ucred *cred, struct vnode *vp,
struct label *label, mode_t flags)
{
@@ -1257,14 +1265,6 @@
}
static int
-mac_test_check_vnode_swapon(struct ucred *cred, struct vnode *vp,
- struct label *label)
-{
-
- return (0);
-}
-
-static int
mac_test_check_vnode_write(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp, struct label *label)
{
@@ -1480,6 +1480,8 @@
(macop_t)mac_test_check_socket_relabel },
{ MAC_CHECK_SOCKET_VISIBLE,
(macop_t)mac_test_check_socket_visible },
+ { MAC_CHECK_SYSTEM_SWAPON,
+ (macop_t)mac_test_check_system_swapon },
{ MAC_CHECK_VNODE_ACCESS,
(macop_t)mac_test_check_vnode_access },
{ MAC_CHECK_VNODE_CHDIR,
@@ -1538,8 +1540,6 @@
(macop_t)mac_test_check_vnode_setutimes },
{ MAC_CHECK_VNODE_STAT,
(macop_t)mac_test_check_vnode_stat },
- { MAC_CHECK_VNODE_SWAPON,
- (macop_t)mac_test_check_vnode_swapon },
{ MAC_CHECK_VNODE_WRITE,
(macop_t)mac_test_check_vnode_write },
{ MAC_OP_LAST, NULL }
==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#197 (text+ko) ====
@@ -298,7 +298,6 @@
int mac_check_proc_sched(struct ucred *cred, struct proc *proc);
int mac_check_proc_signal(struct ucred *cred, struct proc *proc,
int signum);
-int mac_check_reboot(struct ucred *cred, int howto);
int mac_check_socket_bind(struct ucred *cred, struct socket *so,
struct sockaddr *sockaddr);
int mac_check_socket_connect(struct ucred *cred, struct socket *so,
@@ -308,9 +307,11 @@
int mac_check_socket_receive(struct ucred *cred, struct socket *so);
int mac_check_socket_send(struct ucred *cred, struct socket *so);
int mac_check_socket_visible(struct ucred *cred, struct socket *so);
-int mac_check_sysctl(struct ucred *cred, int *name, u_int namelen,
- void *old, size_t *oldlenp, int inkernel, void *new,
- size_t newlen);
+int mac_check_system_reboot(struct ucred *cred, int howto);
+int mac_check_system_swapon(struct ucred *cred, struct vnode *vp);
+int mac_check_system_sysctl(struct ucred *cred, int *name,
+ u_int namelen, void *old, size_t *oldlenp, int inkernel,
+ void *new, size_t newlen);
int mac_check_vnode_access(struct ucred *cred, struct vnode *vp,
int flags);
int mac_check_vnode_chdir(struct ucred *cred, struct vnode *dvp);
@@ -362,7 +363,6 @@
struct timespec atime, struct timespec mtime);
int mac_check_vnode_stat(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp);
-int mac_check_vnode_swapon(struct ucred *cred, struct vnode *vp);
int mac_check_vnode_write(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp);
int mac_getsockopt_label_get(struct ucred *cred, struct socket *so,
==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#151 (text+ko) ====
@@ -296,7 +296,6 @@
struct proc *proc);
int (*mpo_check_proc_signal)(struct ucred *cred,
struct proc *proc, int signum);
- int (*mpo_check_reboot)(struct ucred *cred, int howto);
int (*mpo_check_socket_bind)(struct ucred *cred,
struct socket *so, struct label *socketlabel,
struct sockaddr *sockaddr);
@@ -317,6 +316,9 @@
struct socket *so, struct label *socketlabel);
int (*mpo_check_socket_visible)(struct ucred *cred,
struct socket *so, struct label *socketlabel);
+ int (*mpo_check_system_reboot)(struct ucred *cred, int howto);
+ int (*mpo_check_system_swapon)(struct ucred *cred,
+ struct vnode *vp, struct label *label);
int (*mpo_check_sysctl)(struct ucred *cred, int *name,
u_int namelen, void *old, size_t *oldlenp, int inkernel,
void *new, size_t newlen);
@@ -396,8 +398,6 @@
int (*mpo_check_vnode_stat)(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp,
struct label *label);
- int (*mpo_check_vnode_swapon)(struct ucred *cred,
- struct vnode *vp, struct label *label);
int (*mpo_check_vnode_write)(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp,
struct label *label);
@@ -506,7 +506,6 @@
MAC_CHECK_PROC_DEBUG,
MAC_CHECK_PROC_SCHED,
MAC_CHECK_PROC_SIGNAL,
- MAC_CHECK_REBOOT,
MAC_CHECK_SOCKET_BIND,
MAC_CHECK_SOCKET_CONNECT,
MAC_CHECK_SOCKET_DELIVER,
@@ -515,7 +514,9 @@
MAC_CHECK_SOCKET_RELABEL,
MAC_CHECK_SOCKET_SEND,
MAC_CHECK_SOCKET_VISIBLE,
- MAC_CHECK_SYSCTL,
+ MAC_CHECK_SYSTEM_REBOOT,
+ MAC_CHECK_SYSTEM_SWAPON,
+ MAC_CHECK_SYSTEM_SYSCTL,
MAC_CHECK_VNODE_ACCESS,
MAC_CHECK_VNODE_CHDIR,
MAC_CHECK_VNODE_CHROOT,
@@ -546,7 +547,6 @@
MAC_CHECK_VNODE_SETOWNER,
MAC_CHECK_VNODE_SETUTIMES,
MAC_CHECK_VNODE_STAT,
- MAC_CHECK_VNODE_SWAPON,
MAC_CHECK_VNODE_WRITE,
};
==== //depot/projects/trustedbsd/mac/sys/vm/vm_swap.c#13 (text+ko) ====
@@ -290,7 +290,7 @@
found:
(void) vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
#ifdef MAC
- error = mac_check_vnode_swapon(td->td_ucred, vp);
+ error = mac_check_system_swapon(td->td_ucred, vp);
if (error == 0)
#endif
error = VOP_OPEN(vp, FREAD | FWRITE, td->td_ucred, td);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list