PERFORCE change 24442 for review
Brian Feldman
green at freebsd.org
Thu Jan 30 16:40:17 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=24442
Change 24442 by green at green_laptop_2 on 2003/01/30 08:39:58
* Make libsebsd depend on libpam (it does, when shared).
* Implement security_compute_av() for SEBSD's "discretionary"
usage.
Affected files ...
.. //depot/projects/trustedbsd/sebsd/lib/libsebsd/Makefile#2 edit
.. //depot/projects/trustedbsd/sebsd/lib/libsebsd/sebsd.h#2 edit
.. //depot/projects/trustedbsd/sebsd/lib/libsebsd/security_compute_av.c#1 add
.. //depot/projects/trustedbsd/sebsd/lib/libsebsd/string_to_security_class.c#1 add
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_syscalls.h#2 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_sysctl.c#2 edit
Differences ...
==== //depot/projects/trustedbsd/sebsd/lib/libsebsd/Makefile#2 (text+ko) ====
@@ -8,10 +8,13 @@
LIB= sebsd
CFLAGS+= -I${.CURDIR}/../../sys/security/sebsd
CFLAGS+=-I${.CURDIR}/../../sys
+LDADD+= -L${.OBJDIR}/../libpam/libpam ${MINUSLPAM}
+DPADD+= ${LIBPAM}
NOMAN=
SRCS= system.c security_get_user_contexts.c get_ordered_context_list.c \
- getseccontext.c query_user_context.c security_change_context.c
+ getseccontext.c query_user_context.c security_change_context.c \
+ string_to_security_class.c security_compute_av.c
INCS= sebsd_context.h sebsd_ss.h sebsd_proc.h sebsd_fs.h sebsd.h \
sebsd_syscalls.h flask_types.h
==== //depot/projects/trustedbsd/sebsd/lib/libsebsd/sebsd.h#2 (text+ko) ====
@@ -56,6 +56,7 @@
char **default_context);
int query_user_context(pam_handle_t *pamh, char **ordered_context_list,
size_t length, char **retcontext);
+security_class_t string_to_security_class(const char *s);
int sebsd_avc_toggle(void);
int sebsd_enabled(void);
@@ -66,5 +67,7 @@
char ***retcontexts, size_t *ncontexts);
int security_change_context(const char *domain, const char *ocontext,
security_class_t oclass, char **newcontext);
+int security_compute_av(struct security_query *query,
+ struct security_response *response);
#endif /* _SEBSD_H */
==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_syscalls.h#2 (text+ko) ====
@@ -12,8 +12,8 @@
/* Structure definitions for compute_av call */
struct security_query {
- security_id_t ssid;
- security_id_t tsid;
+ char *scontext;
+ char *tcontext;
security_class_t tclass;
access_vector_t requested;
};
==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_sysctl.c#2 (text+ko) ====
@@ -47,6 +47,7 @@
#include <security/sebsd/ss/security.h>
#include <security/sebsd/ss/sidtab.h>
+#include <security/sebsd/sebsd_syscalls.h>
#include <security/sebsd/avc/avc.h>
/*
@@ -233,6 +234,60 @@
return (error);
}
+/*
+ * Sysctl handler for security.mac.sebsd.compute_av
+ * Compute access vectors given input "scontext\0tcontext\0",tclass,av
+ */
+static int
+sysctl_compute_av(SYSCTL_HANDLER_ARGS)
+{
+ struct security_response resp;
+ security_id_t sid, tsid;
+ security_class_t tclass;
+ access_vector_t av;
+ char *scontext, *tcontext;
+ int error;
+
+ if (req->newlen < 4 + sizeof(tclass) + sizeof(av))
+ return (EINVAL);
+ if (req->newlen > 512) /* arbitrary */
+ return (ENAMETOOLONG);
+ scontext = sebsd_malloc(req->newlen, M_SEBSD_SS, M_WAITOK);
+ error = SYSCTL_IN(req, scontext, req->newlen);
+ if (error)
+ goto out;
+ if (scontext[req->newlen - (1 + sizeof(tclass) + sizeof(av))] != '\0') {
+ error = EINVAL;
+ goto out;
+ }
+ tcontext = &scontext[strlen(scontext) + 1];
+ if (tcontext >= &scontext[req->newlen - (1 + sizeof(tclass) +
+ sizeof(av))]) {
+ error = EINVAL;
+ goto out;
+ }
+ bcopy(&tcontext[strlen(tcontext) + 1], &tclass, sizeof(tclass));
+ bcopy(&tcontext[strlen(tcontext) + 1 + sizeof(tclass)], &av,
+ sizeof(av));
+ /*
+ * XXX We need POLICY_RDLOCK here, but it's not exported!
+ */
+ error = security_context_to_sid(scontext, strlen(scontext) + 1, &sid);
+ if (error)
+ goto out;
+ error = security_context_to_sid(tcontext, strlen(tcontext) + 1, &tsid);
+ if (error)
+ goto out;
+ error = security_compute_av(sid, tsid, tclass, av, &resp.allowed,
+ &resp.decided, &resp.auditallow, &resp.auditdeny, &resp.seqno);
+ if (error)
+ goto out;
+ error = SYSCTL_OUT(req, &resp, sizeof(resp));
+out:
+ sebsd_free(scontext, M_SEBSD_SS);
+ return (error);
+}
+
SYSCTL_DECL(_security_mac);
SYSCTL_NODE(_security_mac, OID_AUTO, sebsd, CTLFLAG_RW, 0,
"Security Enhanced BSD policy controls");
@@ -249,5 +304,8 @@
SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, change_sid, CTLTYPE_STRING |
CTLFLAG_RW | CTLFLAG_ANYBODY, NULL, 0, sysctl_change_sid, "A",
"SEBSD (tty) SID relabel to perform along with transition");
+SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, compute_av, CTLTYPE_STRING |
+ CTLFLAG_RW | CTLFLAG_ANYBODY, NULL, 0, sysctl_compute_av, "A",
+ "SEBSD access vector decision query");
SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, enforcing, CTLTYPE_INT | CTLFLAG_RW,
NULL, 0, sysctl_sebsd_enforcing, "I", "SEBSD avc enforcement");
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list