PERFORCE change 18381 for review
Chris Vance
cvance at freebsd.org
Mon Sep 30 14:38:35 GMT 2002
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=18381
Change 18381 by cvance at cvance_laptop on 2002/09/30 07:37:51
A collection of misc. updates:
- Update/reorganize vnode init/destroy
- Add debugging info on error case in vnode_has_perm,
check_vnode_relabel, and check_vnode_rename_to
- make vnode_mode_to_security_class more generic
- Add permission checks to check_vnode_create
- Add debugging info on error case in check_vnode_relabel
- Update vnode_mmap funcions, and implement correct NOP
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#27 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#27 (text+ko) ====
@@ -125,6 +125,14 @@
file = SLOT(&vp->v_label);
/* TBD: audit? */
+ if (file->sclass == 0) {
+ struct vattr va;
+ VOP_GETATTR(vp, &va, curthread->td_ucred, curthread);
+ printf("vnode_has_perm:: ERROR, sid=%d, sclass=0, v_type=%d"
+ " inode=%d, fsid=%d\n",
+ file->sid, vp->v_type, va.va_fileid, va.va_fsid);
+ return 0; /* TBD: debugging */
+ }
return avc_has_perm_ref(task->sid, file->sid, file->sclass,
perm, aeref ? aeref : &file->avcr);
}
@@ -283,33 +291,10 @@
return (newsid != task->sid);
}
-static void
-sebsd_init_vnode_label(struct label *label)
-{
- struct vnode_security_struct *vsec;
-
- vsec = malloc(sizeof(*vsec), M_SEBSD, M_ZERO | M_WAITOK);
- vsec->sid = SECINITSID_UNLABELED;
-
- /*
- * TBD: should actually set this from the task sid
- */
- vsec->task_sid = SECINITSID_UNLABELED;
-
- SLOT(label) = vsec;
-}
-
-static void
-sebsd_destroy_vnode_label(struct label *label)
-{
- free(SLOT(label), M_SEBSD);
- SLOT(label) = NULL;
-}
-
static __inline security_class_t
-vnode_mode_to_security_class(struct vnode *vp)
+vnode_type_to_security_class(enum vtype vt)
{
- switch (vp->v_type) {
+ switch (vt) {
case VREG:
return SECCLASS_FILE;
case VDIR:
@@ -333,6 +318,31 @@
}
static void
+sebsd_init_vnode_label(struct label *label)
+{
+ struct vnode_security_struct *vsec;
+
+ vsec = malloc(sizeof(*vsec), M_SEBSD, M_ZERO | M_WAITOK);
+ vsec->sid = SECINITSID_UNLABELED;
+ /* TBD: we want this initialized! */
+/* vsec->sclass = vnode_type_to_security_class(vp->v_type); */
+
+ /*
+ * TBD: should actually set this from the task sid
+ */
+ vsec->task_sid = SECINITSID_UNLABELED;
+
+ SLOT(label) = vsec;
+}
+
+static void
+sebsd_destroy_vnode_label(struct label *label)
+{
+ free(SLOT(label), M_SEBSD);
+ SLOT(label) = NULL;
+}
+
+static void
sebsd_create_vnode(struct ucred *cred, struct vnode *parent,
struct label *parentlabel, struct vnode *child,
struct label *childlabel)
@@ -352,7 +362,7 @@
&newsid);
vsec->sid = newsid;
vsec->task_sid = task->sid;
- vsec->sclass = vnode_mode_to_security_class(child);
+ vsec->sclass = vnode_type_to_security_class(child->v_type);
if ((child->v_mount->mnt_flag & MNT_MULTILABEL) == 0) {
return;
@@ -420,7 +430,11 @@
return (0); /* TBD bad, bad, bad */
}
- vsec->sclass = vnode_mode_to_security_class(vp);
+ /* TBD: */
+ vsec->sclass = vnode_type_to_security_class(vp->v_type);
+ if (vsec->sclass == 0) {
+ printf("sebsd_update_vnode_from_extattr:: sclass is 0\n");
+ }
return (0);
}
@@ -503,11 +517,40 @@
{
struct task_security_struct *task;
struct vnode_security_struct *dir;
+ security_class_t tclass;
+ security_id_t newsid;
+ int rc;
task = SLOT(&cred->cr_label);
dir = SLOT(dlabel);
- /* TBD: Not Implemented */
+
+ tclass = vnode_type_to_security_class(vap->va_type);
+
+ /* TBD: audit? */
+ rc = avc_has_perm_ref(task->sid, dir->sid, SECCLASS_DIR,
+ DIR__ADD_NAME | DIR__SEARCH, &dir->avcr);
+ if (rc)
+ return rc;
+
+ rc = security_transition_sid(task->sid, dir->sid, tclass, &newsid);
+ if (rc)
+ return rc;
+
+ rc = avc_has_perm(task->sid, newsid, tclass, FILE__CREATE);
+ if (rc)
+ return rc;
+#ifdef notdef
+ /*
+ * TBD:
+ * No support yet.
+ */
+ if (dir->i_sb) {
+ sbsec = dir->i_sb->s_security;
+ rc = avc_has_perm_audit(newsid, sbsec->sid, SECCLASS_FILESYSTEM,
+ FILESYSTEM__ASSOCIATE, &ad);
+#endif
+
return 0;
}
@@ -653,6 +696,11 @@
new = SLOT(oldlabel);
/* TBD: audit? */
+ if (old->sclass == 0) {
+ printf("vnode_relabel:: ERROR, sid=%d, sclass=0, v_type=%d\n",
+ old->sid, vp->v_type);
+ return 0; /* TBD: debugging */
+ }
rc = avc_has_perm_ref(task->sid, old->sid, old->sclass,
FILE__RELABELFROM, &old->avcr);
if (rc)
@@ -678,18 +726,28 @@
{
struct task_security_struct *task;
struct vnode_security_struct *old_dir, *old_file;
+ avc_audit_data_t ad;
int rc;
task = SLOT(&cred->cr_label);
old_dir = SLOT(dlabel);
old_file = SLOT(label);
+ printf("check_vnode_rename:: entrypoint\n");
+ AVC_AUDIT_DATA_INIT(&ad, FS);
+ printf("check_vnode_rename:: done audit data init\n");
+
/* TBD: audit data? */
- rc = avc_has_perm_ref(task->sid, old_dir->sid, SECCLASS_DIR,
- DIR__REMOVE_NAME | DIR__SEARCH,
- &old_dir->avcr);
+ rc = avc_has_perm_ref_audit(task->sid, old_dir->sid, SECCLASS_DIR,
+ DIR__REMOVE_NAME | DIR__SEARCH,
+ &old_dir->avcr, &ad);
if (rc)
return (rc);
+ if (old_file->sclass == 0) {
+ printf("vnode_relabel_from:: ERROR, sid=%d, sclass=0, v_type=%d\n",
+ old_file->sid, vp->v_type);
+ return 0; /* TBD: debugging */
+ }
rc = avc_has_perm_ref(task->sid, old_file->sid, old_file->sclass,
FILE__RENAME, &old_file->avcr);
if (rc)
@@ -737,6 +795,11 @@
if (vp) {
new_file = SLOT(label);
+ if (new_file->sclass == 0) {
+ printf("vnode_relabel_to:: ERROR, sid=%d, sclass=0, v_type=%d\n",
+ new_file->sid, vp->v_type);
+ return 0; /* TBD: debugging */
+ }
if (vp->v_type == VDIR) {
rc = avc_has_perm_ref(task->sid, new_file->sid,
new_file->sclass,
@@ -839,7 +902,7 @@
struct label *label, int newmapping)
{
/* TBD: Not Implemented */
- return 0;
+ return (VM_PROT_ALL);
}
static int
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list