PERFORCE change 23716 for review
Chris Costello
chris at freebsd.org
Tue Jan 14 04:33:51 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=23716
Change 23716 by chris at chris_holly on 2003/01/13 20:33:12
Document the remaining new vnode access checks.
Affected files ...
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/developers-handbook/mac/chapter.sgml#23 edit
Differences ...
==== //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/developers-handbook/mac/chapter.sgml#23 (text+ko) ====
@@ -595,7 +595,7 @@
</informaltable>
<para>Fill in the label (<parameter>delabel</parameter>) for
- a newly created &man.devfs.9; symbolic link entry.</para>
+ a newly created &man.devfs.5; symbolic link entry.</para>
</sect4>
<sect4 id="mac-mpo-create-devfs-directory">
@@ -3530,7 +3530,8 @@
<para>Determine whether the subject credential can relabel
itself to the passed label update.</para>
</sect3>
-
+
+
<sect3 id="mac-mpo-cred-check-vnode-relabel">
<title><function>&mac.mpo;_check_vnode_relabel</function></title>
@@ -3793,6 +3794,52 @@
or <errorcode>EPERM</errorcode> for lack of
privilege.</para>
</sect3>
+
+ <sect3 id="mac-mpo-check-vnode-chroot">
+ <title><function>&mac.mpo;_check_vnode_chroot</function></title>
+
+ <funcsynopsis>
+ <funcprototype>
+ <funcdef>int
+ <function>&mac.mpo;_check_vnode_chroot</function></funcdef>
+
+ <paramdef>struct ucred
+ *<parameter>cred</parameter></paramdef>
+ <paramdef>struct vnode
+ *<parameter>dvp</parameter></paramdef>
+ <paramdef>struct label
+ *<parameter>dlabel</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+
+ <informaltable>
+ <tgroup cols="3">
+ &mac.thead;
+
+ <tbody>
+ <row>
+ <entry><parameter>cred</parameter></entry>
+ <entry>Subject credential</entry>
+ </row>
+
+ <row>
+ <entry><parameter>dvp</parameter></entry>
+ <entry>Directory vnode</entry>
+ </row>
+
+ <row>
+ <entry><parameter>dlabel</parameter></entry>
+ <entry>Policy label associated with
+ <parameter>dvp</parameter></entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
+
+ <para>Determine whether the subject should be allowed to
+ &man.chroot.2; into the specified directory
+ (<parameter>dvp</parameter>).</para>
+ </sect3>
<sect3 id="mac-mpo-cred-check-vnode-create">
<title><function>&mac.mpo;_check_vnode_create</function></title>
@@ -4177,6 +4224,421 @@
or <errorcode>EPERM</errorcode> for lack of
privilege.</para>
</sect3>
+
+ <sect3 id="mac-mpo-check-vnode-link">
+ <title><function>&mac.mpo;_check_vnode_link</function></title>
+
+ <funcsynopsis>
+ <funcprototype>
+ <funcdef>int
+ <function>&mac.mpo;_check_vnode_link</function></funcdef>
+
+ <paramdef>struct ucred
+ *<parameter>cred</parameter></paramdef>
+ <paramdef>struct vnode
+ *<parameter>dvp</parameter></paramdef>
+ <paramdef>struct label
+ *<parameter>dlabel</parameter></paramdef>
+ <paramdef>struct vnode
+ *<parameter>vp</parameter></paramdef>
+ <paramdef>struct label
+ *<parameter>label</parameter></paramdef>
+ <paramdef>struct componentname
+ *<parameter>cnp</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+
+ <informaltable>
+ <tgroup cols="3">
+ &mac.thead;
+
+ <tbody>
+ <row>
+ <entry><parameter>cred</parameter></entry>
+ <entry>Subject credential</entry>
+ </row>
+
+ <row>
+ <entry><parameter>dvp</parameter></entry>
+ <entry>Directory vnode</entry>
+ </row>
+
+ <row>
+ <entry><parameter>dlabel</parameter></entry>
+ <entry>Policy label associated with
+ <parameter>dvp</parameter></entry>
+ </row>
+
+ <row>
+ <entry><parameter>vp</parameter></entry>
+ <entry>Link destination vnode</entry>
+ </row>
+
+ <row>
+ <entry><parameter>label</parameter></entry>
+ <entry>Policy label associated with
+ <parameter>vp</parameter></entry>
+ </row>
+
+ <row>
+ <entry><parameter>cnp</parameter></entry>
+ <entry>Component name for the link being created</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
+
+ <para>Determine whether the subject should be allowed to
+ create a link to the vnode <parameter>vp</parameter> with
+ the name specified by <parameter>cnp</parameter>.</para>
+ </sect3>
+
+ <sect3 id="mac-mpo-check-vnode-mmap">
+ <title><function>&mac.mpo;_check_vnode_mmap</function></title>
+
+ <funcsynopsis>
+ <funcprototype>
+ <funcdef>int
+ <function>&mac.mpo;_check_vnode_mmap</function></funcdef>
+
+ <paramdef>struct ucred
+ *<parameter>cred</parameter></paramdef>
+ <paramdef>struct vnode
+ *<parameter>vp</parameter></paramdef>
+ <paramdef>struct label
+ *<parameter>label</parameter></paramdef>
+ <paramdef>int <parameter>prot</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+
+ <informaltable>
+ <tgroup cols="3">
+ &mac.thead;
+
+ <tbody>
+ <row>
+ <entry><parameter>cred</parameter></entry>
+ <entry>Subject credential</entry>
+ </row>
+
+ <row>
+ <entry><parameter>vp</parameter></entry>
+ <entry>Vnode to map</entry>
+ </row>
+
+ <row>
+ <entry><parameter>label</parameter></entry>
+ <entry>Policy label associated with
+ <parameter>vp</parameter></entry>
+ </row>
+
+ <row>
+ <entry><parameter>prot</parameter></entry>
+ <entry>Mmap protections (see &man.mmap.2;)</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
+
+ <para>Determine whether the subject should be allowed to map
+ the vnode <parameter>vp</parameter> with the protections
+ specified in <parameter>prot</parameter>.</para>
+ </sect3>
+
+ <sect3 id="mac-mpo-check-vnode-mmap-downgrade">
+ <title><function>&mac.mpo;_check_mmap_downgrade</function></title>
+
+ <funcsynopsis>
+ <funcprototype>
+ <funcdef>void
+ <function>&mac.mpo;_check_mmap_downgrade</function></funcdef>
+
+ <paramdef>struct ucred
+ *<parameter>cred</parameter></paramdef>
+ <paramdef>struct vnode
+ *<parameter>vp</parameter></paramdef>
+ <paramdef>struct label
+ *<parameter>label</parameter></paramdef>
+ <paramdef>int *<parameter>prot</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+
+ <informaltable>
+ <tgroup cols="3">
+ &mac.thead;
+
+ <tbody>
+ <row>
+ <entry><parameter>cred</parameter></entry>
+ <entry morerows="2">See
+ <xref linkend="mac-mpo-check-vnode-mmap">.</entry>
+ </row>
+
+ <row>
+ <entry><parameter>vp</parameter></entry>
+ </row>
+
+ <row>
+ <entry><parameter>label</parameter></entry>
+ </row>
+
+ <row>
+ <entry><parameter>prot</parameter></entry>
+ <entry>Mmap protections to be downgraded</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
+
+ <para>Downgrade the mmap protections based on the subject and
+ object labels.</para>
+ </sect3>
+
+ <sect3 id="mac-mpo-check-vnode-mprotect">
+ <title><function>&mac.mpo;_check_vnode_mprotect</function></title>
+
+ <funcsynopsis>
+ <funcprototype>
+ <funcdef>int
+ <function>&mac.mpo;_check_vnode_mprotect</function></funcdef>
+
+ <paramdef>struct ucred
+ *<parameter>cred</parameter></paramdef>
+ <paramdef>struct vnode
+ *<parameter>vp</parameter></paramdef>
+ <paramdef>struct label
+ *<parameter>label</parameter></paramdef>
+ <paramdef>int <parameter>prot</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+
+ <informaltable>
+ <tgroup cols="3">
+ &mac.thead;
+
+ <tbody>
+ <row>
+ <entry><parameter>cred</parameter></entry>
+ <entry>Subject credential</entry>
+ </row>
+
+ <row>
+ <entry><parameter>vp</parameter></entry>
+ <entry>Mapped vnode</entry>
+ </row>
+
+ <row>
+ <entry><parameter>prot</parameter></entry>
+ <entry>Memory protections</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
+
+ <para>Determine whether the subject should be allowed to
+ set the specified memory protections on memory mapped from
+ the vnode <parameter>vp</parameter>.</para>
+ </sect3>
+
+ <sect3 id="mac-mpo-check-vnode-poll">
+ <title><function>&mac.mpo;_check_vnode_poll</function></title>
+
+ <funcsynopsis>
+ <funcprototype>
+ <funcdef>int
+ <function>&mac.mpo;_check_vnode_poll</function></funcdef>
+
+ <paramdef>struct ucred
+ *<parameter>active_cred</parameter></paramdef>
+ <paramdef>struct ucred
+ *<parameter>file_cred</parameter></paramdef>
+ <paramdef>struct vnode
+ *<parameter>vp</parameter></paramdef>
+ <paramdef>struct label
+ *<parameter>label</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+
+ <informaltable>
+ <tgroup cols="3">
+ &mac.thead;
+
+ <tbody>
+ <row>
+ <entry><parameter>active_cred</parameter></entry>
+ <entry>Subject credential</entry>
+ </row>
+
+ <row>
+ <entry><parameter>file_cred</parameter></entry>
+ <entry>Credential associated with the <type>struct
+ file</type></entry>
+ </row>
+
+ <row>
+ <entry><parameter>vp</parameter></entry>
+ <entry>Polled vnode</entry>
+ </row>
+
+ <row>
+ <entry><parameter>label</parameter></entry>
+ <entry>Policy label associated with
+ <parameter>vp</parameter></entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
+
+ <para>Determine whether the subject should be allowed to poll
+ the vnode <parameter>vp</parameter>.</para>
+ </sect3>
+
+ <sect3 id="mac-mpo-check-vnode-rename-from">
+ <title><function>&mac.mpo;_check_vnode_rename_from</function></title>
+
+ <funcsynopsis>
+ <funcprototype>
+ <funcdef>int
+ <function>&mac.mpo;_vnode_rename_from</function></funcdef>
+
+ <paramdef>struct ucred
+ *<parameter>cred</parameter></paramdef>
+ <paramdef>struct vnode
+ *<parameter>dvp</parameter></paramdef>
+ <paramdef>struct label
+ *<parameter>dlabel</parameter></paramdef>
+ <paramdef>struct vnode
+ *<parameter>vp</parameter></paramdef>
+ <paramdef>struct label
+ *<parameter>label</parameter></paramdef>
+ <paramdef>struct componentname
+ *<parameter>cnp</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+
+ <informaltable>
+ <tgroup cols="3">
+ &mac.thead;
+
+ <tbody>
+ <row>
+ <entry><parameter>cred</parameter></entry>
+ <entry>Subject credential</entry>
+ </row>
+
+ <row>
+ <entry><parameter>dvp</parameter></entry>
+ <entry>Directory vnode</entry>
+ </row>
+
+ <row>
+ <entry><parameter>dlabel</parameter></entry>
+ <entry>Policy label associated with
+ <parameter>dvp</parameter></entry>
+ </row>
+
+ <row>
+ <entry><parameter>vp</parameter></entry>
+ <entry>Vnode to be renamed</entry>
+ </row>
+
+ <row>
+ <entry><parameter>label</parameter></entry>
+ <entry>Policy label asociated with
+ <parameter>vp</parameter></entry>
+ </row>
+
+ <row>
+ <entry><parameter>cnp</parameter></entry>
+ <entry>Component name for
+ <parameter>vp</parameter></entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
+
+ <para>Determine whether the subject should be allowed to
+ rename the vnode <parameter>vp</parameter> to something
+ else.</para>
+ </sect3>
+
+ <sect3 id="mac-mpo-check-vnode-rename-to">
+ <title><function>&mac.mpo;_check_vnode_rename_to</function></title>
+
+ <funcsynopsis>
+ <funcprototype>
+ <funcdef>int
+ <function>&mac.mpo;_check_vnode_rename_to</function></funcdef>
+
+ <paramdef>struct ucred
+ *<parameter>cred</parameter></paramdef>
+ <paramdef>struct vnode
+ *<parameter>dvp</parameter></paramdef>
+ <paramdef>struct label
+ *<parameter>dlabel</parameter></paramdef>
+ <paramdef>struct vnode
+ *<parameter>vp</parameter></paramdef>
+ <paramdef>struct label
+ *<parameter>label</parameter></paramdef>
+ <paramdef>int <parameter>samedir</parameter></paramdef>
+ <paramdef>struct componentname
+ *<parameter>cnp</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+
+ <informaltable>
+ <tgroup cols="3">
+ &mac.thead;
+
+ <tbody>
+ <row>
+ <entry><parameter>cred</parameter></entry>
+ <entry>Subject credential</entry>
+ </row>
+
+ <row>
+ <entry><parameter>dvp</parameter></entry>
+ <entry>Directory vnode</entry>
+ </row>
+
+ <row>
+ <entry><parameter>dlabel</parameter></entry>
+ <entry>Policy label associated with
+ <parameter>dvp</parameter></entry>
+ </row>
+
+ <row>
+ <entry><parameter>vp</parameter></entry>
+ <entry>Overwritten vnode</entry>
+ </row>
+
+ <row>
+ <entry><parameter>label</parameter></entry>
+ <entry>Policy label associated with
+ <parameter>vp</parameter></entry>
+ </row>
+
+ <row>
+ <entry><parameter>samedir</parameter></entry>
+ <entry>Boolean; <literal>1</literal> if the source and
+ destination directories are the same</entry>
+ </row>
+
+ <row>
+ <entry><parameter>cnp</parameter></entry>
+ <entry>Destination component name</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
+
+ <para>Determine whether the subject should be allowed to
+ rename to the vnode <parameter>vp</parameter>, into the
+ directory <parameter>dvp</parameter>, or to the name
+ represented by <parameter>cnp</parameter>. If there is no
+ existing file to overwrite, <parameter>vp</parameter> and
+ <parameter>label</parameter> will be NULL.</para>
+ </sect3>
<sect3 id="mac-mpo-cred-check-socket-listen">
<title><function>&mac.mpo;_check_socket_listen</function></title>
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list