PERFORCE change 23690 for review

Brian Feldman green at freebsd.org
Mon Jan 13 20:10:21 GMT 2003 

http://perforce.freebsd.org/chv.cgi?CH=23690

Change 23690 by green at green_laptop_2 on 2003/01/13 12:09:28

	Add basic SEBSD entry points to implement a basic "KLD capability".

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#66 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#66 (text+ko) ====

@@ -1488,6 +1488,54 @@
 	    *(struct vnode_security_struct *)SLOT(src);
 }
 
+/*
+ * Check for permission to load KLDs, given by the overly-broad
+ * capability:sys_module.
+ */
+static int
+sebsd_check_kld_load(struct ucred *cred, struct vnode *vp,
+    struct label *vlabel)
+{
+	struct task_security_struct *tsec;
+
+	tsec = SLOT(&cred->cr_label);
+	/*
+	 * The vnode doesn't need to be checked here, since the read
+	 * operations inside the kldload(2) implementation are
+	 * individually checked against the same thread credentials.
+	 */
+	return (avc_has_perm_audit(tsec->sid, tsec->sid, SECCLASS_CAPABILITY,
+	    CAPABILITY__SYS_MODULE, NULL));
+}
+
+/*
+ * Check for permission to query KLDs, given by the overly-broad
+ * capability:sys_module.
+ */
+static int
+sebsd_check_kld_stat(struct ucred *cred)
+{
+	struct task_security_struct *tsec;
+
+	tsec = SLOT(&cred->cr_label);
+	return (avc_has_perm_audit(tsec->sid, tsec->sid, SECCLASS_CAPABILITY,
+	    CAPABILITY__SYS_MODULE, NULL));
+}
+
+/*
+ * Check for permission to unload KLDs, given by the overly-broad
+ * capability:sys_module.
+ */
+static int
+sebsd_check_kld_unload(struct ucred *cred)
+{
+	struct task_security_struct *tsec;
+
+	tsec = SLOT(&cred->cr_label);
+	return (avc_has_perm_audit(tsec->sid, tsec->sid, SECCLASS_CAPABILITY,
+	    CAPABILITY__SYS_MODULE, NULL));
+}
+
 static struct mac_policy_ops sebsd_ops = {
 	/* Init Labels */
 	.mpo_init = sebsd_init,
@@ -1530,6 +1578,9 @@
 
 	/* Check Labels */
 	.mpo_check_cred_relabel = sebsd_check_cred_relabel,
+	.mpo_check_kld_stat = sebsd_check_kld_stat,
+	.mpo_check_kld_load = sebsd_check_kld_load,
+	.mpo_check_kld_unload = sebsd_check_kld_unload,
 	.mpo_check_mount_stat = sebsd_check_mount_stat,
 	.mpo_check_proc_signal = sebsd_check_proc_signal,
 	.mpo_check_system_swapon = sebsd_check_system_swapon,
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list