PERFORCE change 20373 for review

Tue Oct 29 21:17:58 GMT 2002

http://perforce.freebsd.org/chv.cgi?CH=20373

Change 20373 by rwatson at rwatson_tislabs on 2002/10/29 13:17:19

	Permit the MAC Framework to mediate access to kernel
	environment interfaces kenv_{dump,get,set,unset}.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/kern/kern_environment.c#6 edit
.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#338 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#203 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#155 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/kern_environment.c#6 (text+ko) ====

@@ -36,11 +36,14 @@
  * the kernel.
  */
 
+#include "opt_mac.h"
+
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/proc.h>
 #include <sys/queue.h>
 #include <sys/lock.h>
+#include <sys/mac.h>
 #include <sys/malloc.h>
 #include <sys/mutex.h>
 #include <sys/kernel.h>
@@ -90,6 +93,11 @@
 
 	error = 0;
 	if (SCARG(uap, what) == KENV_DUMP) {
+#ifdef MAC
+		error = mac_check_kenv_dump(td->td_ucred);
+		if (error)
+			return (error);
+#endif
 		len = 0;
 		/* Return the size if called with a NULL buffer */
 		if (SCARG(uap, value) == NULL) {
@@ -131,6 +139,11 @@
 
 	switch (SCARG(uap, what)) {
 	case KENV_GET:
+#ifdef MAC
+		error = mac_check_kenv_get(td->td_ucred, name);
+		if (error)
+			goto done;
+#endif
 		value = getenv(name);
 		if (value == NULL) {
 			error = ENOENT;
@@ -159,10 +172,19 @@
 			free(value, M_TEMP);
 			goto done;
 		}
-		setenv(name, value);
+#ifdef MAC
+		error = mac_check_kenv_set(td->td_ucred, name, value);
+		if (error == 0)
+#endif
+			setenv(name, value);
 		free(value, M_TEMP);
 		break;
 	case KENV_UNSET:
+#ifdef MAC
+		error = mac_check_kenv_unset(td->td_ucred, name);
+		if (error)
+			goto done;
+#endif
 		error = unsetenv(name);
 		if (error)
 			error = ENOENT;

==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#338 (text+ko) ====

@@ -843,6 +843,22 @@
 			mpc->mpc_ops->mpo_check_ifnet_transmit =
 			    mpe->mpe_function;
 			break;
+		case MAC_CHECK_KENV_DUMP:
+			mpc->mpc_ops->mpo_check_kenv_dump =
+			    mpe->mpe_function;
+			break;
+		case MAC_CHECK_KENV_GET:
+			mpc->mpc_ops->mpo_check_kenv_get =
+			    mpe->mpe_function;
+			break;
+		case MAC_CHECK_KENV_SET:
+			mpc->mpc_ops->mpo_check_kenv_set =
+			    mpe->mpe_function;
+			break;
+		case MAC_CHECK_KENV_UNSET:
+			mpc->mpc_ops->mpo_check_kenv_unset =
+			    mpe->mpe_function;
+			break;
 		case MAC_CHECK_MOUNT_STAT:
 			mpc->mpc_ops->mpo_check_mount_stat =
 			    mpe->mpe_function;
@@ -2801,6 +2817,58 @@
 }
 
 int
+mac_check_kenv_dump(struct ucred *cred)
+{
+	int error;
+
+	if (!mac_enforce_system)
+		return (0);
+
+	MAC_CHECK(check_kenv_dump, cred);
+
+	return (error);
+}
+
+int
+mac_check_kenv_get(struct ucred *cred, char *name)
+{
+	int error;
+
+	if (!mac_enforce_system)
+		return (0);
+
+	MAC_CHECK(check_kenv_get, cred, name);
+
+	return (error);
+}
+
+int
+mac_check_kenv_set(struct ucred *cred, char *name, char *value)
+{
+	int error;
+
+	if (!mac_enforce_system)
+		return (0);
+
+	MAC_CHECK(check_kenv_set, cred, name, value);
+
+	return (error);
+}
+
+int
+mac_check_kenv_unset(struct ucred *cred, char *name)
+{
+	int error;
+
+	if (!mac_enforce_system)
+		return (0);
+
+	MAC_CHECK(check_kenv_unset, cred, name);
+
+	return (error);
+}
+
+int
 mac_check_mount_stat(struct ucred *cred, struct mount *mount)
 {
 	int error;

==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#203 (text+ko) ====

@@ -240,6 +240,10 @@
 int	mac_check_bpfdesc_receive(struct bpf_d *bpf_d, struct ifnet *ifnet);
 int	mac_check_cred_visible(struct ucred *u1, struct ucred *u2);
 int	mac_check_ifnet_transmit(struct ifnet *ifnet, struct mbuf *m);
+int	mac_check_kenv_dump(struct ucred *cred);
+int	mac_check_kenv_get(struct ucred *cred, char *name);
+int	mac_check_kenv_set(struct ucred *cred, char *name, char *value);
+int	mac_check_kenv_unset(struct ucred *cred, char *name);
 int	mac_check_mount_stat(struct ucred *cred, struct mount *mp);
 int	mac_check_pipe_ioctl(struct ucred *cred, struct pipe *pipe,
 	    unsigned long cmd, void *data);

==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#155 (text+ko) ====

@@ -275,6 +275,11 @@
 	int	(*mpo_check_ifnet_transmit)(struct ifnet *ifnet,
 		    struct label *ifnetlabel, struct mbuf *m,
 		    struct label *mbuflabel);
+	int	(*mpo_check_kenv_dump)(struct ucred *cred);
+	int	(*mpo_check_kenv_get)(struct ucred *cred, char *name);
+	int	(*mpo_check_kenv_set)(struct ucred *cred, char *name,
+		    char *value);
+	int	(*mpo_check_kenv_unset)(struct ucred *cred, char *name);
 	int	(*mpo_check_mount_stat)(struct ucred *cred, struct mount *mp,
 		    struct label *mntlabel);
 	int	(*mpo_check_pipe_ioctl)(struct ucred *cred, struct pipe *pipe,
@@ -498,6 +503,10 @@
 	MAC_CHECK_CRED_VISIBLE,
 	MAC_CHECK_IFNET_RELABEL,
 	MAC_CHECK_IFNET_TRANSMIT,
+	MAC_CHECK_KENV_DUMP,
+	MAC_CHECK_KENV_GET,
+	MAC_CHECK_KENV_SET,
+	MAC_CHECK_KENV_UNSET,
 	MAC_CHECK_MOUNT_STAT,
 	MAC_CHECK_PIPE_IOCTL,
 	MAC_CHECK_PIPE_POLL,
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

