PERFORCE change 41639 for review
Andrew Reisse
areisse at FreeBSD.org
Fri Nov 7 14:16:37 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=41639
Change 41639 by areisse at areisse_ibook on 2003/11/07 06:16:26
support for relabelling devfs entries (it might work when the vnodes
are reclaimed)
syscalls: mac_set_file, mac_set_link
Affected files ...
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/init_sysent.c#4 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#25 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/miscfs/devfs/devfs_vnops.c#2 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/mac_policy.h#5 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/vnode.h#4 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/vnode_if.h#2 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vfs_support.c#2 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vfs_support.h#2 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vnode_if.c#2 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vnode_if.src#2 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#8 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/init_sysent.c#4 (text+ko) ====
@@ -734,6 +734,8 @@
/*syss(mac_execve,4), /* 342 */
syss(nosys,0), /* 342 */
syss(__mac_get_pid,2), /* 343 */
+ syss(__mac_set_file,2), /* 344 */
+ syss(__mac_set_link,2), /* 345 */
#else
syss(nosys,0), /* 338 */
syss(nosys,0), /* 339 */
@@ -741,9 +743,9 @@
syss(nosys,0), /* 341 */
syss(nosys,0), /* 342 */
syss(nosys,0), /* 343 */
-#endif
syss(nosys,0), /* 344 */
syss(nosys,0), /* 345 */
+#endif
syss(nosys,0), /* 346 */
syss(nosys,0), /* 347 */
syss(nosys,0), /* 348 */
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#25 (text+ko) ====
@@ -1445,16 +1445,14 @@
MAC_PERFORM(create_cred, parent_cred, child_cred);
}
-#if 0
void
-mac_update_devfsdirent(struct mount *mp, struct devfs_dirent *de,
+mac_update_devfsdirent(struct mount *mp, struct devnode *de,
struct vnode *vp)
{
- MAC_PERFORM(update_devfsdirent, mp, de, &de->de_label, vp,
+ MAC_PERFORM(update_devfsdirent, mp, de, &de->dn_label, vp,
&vp->v_label);
}
-#endif
void
mac_associate_vnode_devfs(struct mount *mp, struct devnode *de,
@@ -3488,6 +3486,40 @@
return (error);
}
+static int
+vn_setlabel(struct vnode *vp, struct label *intlabel, struct ucred *cred,
+ struct proc *p)
+{
+ int error;
+
+ /*
+ * Multi-phase commit. First check the policies to confirm the
+ * change is OK. Then commit via the filesystem. Finally,
+ * update the actual vnode label. Question: maybe the filesystem
+ * should update the vnode at the end as part of VOP_SETLABEL()?
+ */
+ error = mac_check_vnode_relabel(cred, vp, intlabel);
+ if (error)
+ return (error);
+
+ /*
+ * VADMIN provides the opportunity for the filesystem to make
+ * decisions about who is and is not able to modify labels
+ * and protections on files. This might not be right. We can't
+ * assume VOP_SETLABEL() will do it, because we might implement
+ * that as part of vop_stdsetlabel_ea().
+ */
+ error = VOP_ACCESS(vp, VADMIN, cred, p);
+ if (error)
+ return (error);
+
+ error = VOP_SETLABEL(vp, intlabel, cred, p);
+ if (error)
+ return (error);
+
+ return (0);
+}
+
/*
* MPSAFE
*/
@@ -3957,6 +3989,8 @@
return (error);
}
+#endif
+
/*
* MPSAFE
*/
@@ -3974,7 +4008,7 @@
struct mount *mp;
struct mac mac;
char *buffer;
- int error;
+ int error, dummy;
error = copyin(uap->mac_p, &mac, sizeof(mac));
if (error)
@@ -3985,7 +4019,7 @@
return (error);
MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK);
- error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL);
+ error = copyinstr(mac.m_string, buffer, mac.m_buflen, &dummy);
if (error) {
FREE(buffer, M_MACTEMP);
return (error);
@@ -3999,27 +4033,20 @@
return (error);
}
-#if 0
- mutex_lock(&Giant); /* VFS */ /* XXX FUNNEL? */
-#endif
-
- NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW, UIO_USERSPACE, uap->path_p,
+ NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path_p,
td);
error = namei(&nd);
- if (error == 0) {
- error = vn_start_write(nd.ni_vp, &mp, V_WAIT | PCATCH);
- if (error == 0)
- error = vn_setlabel(nd.ni_vp, &intlabel,
- td->p_ucred);
- vn_finished_write(mp);
+ if (error == 0)
+ {
+ struct vnode *vp = nd.ni_vp;
+
+ VOP_LEASE(vp, td, td->p_ucred, LEASE_WRITE);
+ vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
+ error = vn_setlabel (vp, &intlabel, td->p_ucred, td);
+
+ vput (nd.ni_vp);
}
- NDFREE(&nd, 0);
-#if 0
- mutex_unlock(&Giant); /* VFS */ /* XXX FUNNEL? */
-#endif
- mac_destroy_vnode_label(&intlabel);
-
return (error);
}
@@ -4027,14 +4054,14 @@
* MPSAFE
*/
int
-__mac_set_link(struct thread *td, struct __mac_set_link_args *uap)
+__mac_set_link(struct proc *td, struct __mac_set_file_args *uap)
{
struct label intlabel;
struct nameidata nd;
struct mount *mp;
struct mac mac;
char *buffer;
- int error;
+ int error, dummy;
error = copyin(uap->mac_p, &mac, sizeof(mac));
if (error)
@@ -4045,7 +4072,7 @@
return (error);
MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK);
- error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL);
+ error = copyinstr(mac.m_string, buffer, mac.m_buflen, &dummy);
if (error) {
FREE(buffer, M_MACTEMP);
return (error);
@@ -4059,32 +4086,24 @@
return (error);
}
-#if 0
- mutex_lock(&Giant); /* VFS */ /* XXX FUNNEL? */
-#endif
+ NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path_p,
+ td);
- NDINIT(&nd, LOOKUP, LOCKLEAF | NOFOLLOW, UIO_USERSPACE, uap->path_p,
- td);
error = namei(&nd);
- if (error == 0) {
- error = vn_start_write(nd.ni_vp, &mp, V_WAIT | PCATCH);
- if (error == 0)
- error = vn_setlabel(nd.ni_vp, &intlabel,
- td->td_ucred);
- vn_finished_write(mp);
+ if (error == 0)
+ {
+ struct vnode *vp = nd.ni_vp;
+
+ VOP_LEASE(vp, td, td->p_ucred, LEASE_WRITE);
+ vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
+ error = vn_setlabel (vp, &intlabel, td->p_ucred, td);
+
+ vput (nd.ni_vp);
}
- NDFREE(&nd, 0);
-#if 0
- mutex_unlock(&Giant); /* VFS */ /* XXX FUNNEL? */
-#endif
- mac_destroy_vnode_label(&intlabel);
-
return (error);
}
-#endif
-
/*
* MPSAFE
*/
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/miscfs/devfs/devfs_vnops.c#2 (text+ko) ====
@@ -583,7 +583,26 @@
return error;
}
+#ifdef MAC
static int
+devfs_setlabel (struct vop_setlabel_args *ap)
+{
+ struct vnode *vp;
+ struct devnode *de;
+
+ vp = ap->a_vp;
+ de = VTODN(vp);
+
+ printf ("devfs_setlabel\n");
+
+ mac_relabel_vnode(ap->a_cred, vp, ap->a_vl);
+ mac_update_devfsdirent(vp->v_mount, de, vp);
+
+ return (0);
+}
+#endif
+
+static int
devfs_read(struct vop_read_args *ap)
/*struct vop_read_args {
struct vnode *a_vp;
@@ -1540,6 +1559,9 @@
{ &vop_blktooff_desc, (VOPFUNC)err_blktooff }, /* blktooff */
{ &vop_offtoblk_desc, (VOPFUNC)err_offtoblk }, /* offtoblk */
{ &vop_cmap_desc, (VOPFUNC)err_cmap }, /* cmap */
+#ifdef MAC
+ { &vop_setlabel_desc, (VOPFUNC)devfs_setlabel }, /* setlabel */
+#endif
{ (struct vnodeop_desc*)NULL, (int(*)())NULL }
};
struct vnodeopv_desc devfs_vnodeop_opv_desc =
@@ -1599,6 +1621,9 @@
{ &vop_blktooff_desc, (VOPFUNC)spec_blktooff }, /* blktooff */
{ &vop_blktooff_desc, (VOPFUNC)spec_offtoblk }, /* blkofftoblk */
{ &vop_cmap_desc, (VOPFUNC)spec_cmap }, /* cmap */
+#ifdef MAC
+ { &vop_setlabel_desc, (VOPFUNC)devfs_setlabel }, /* setlabel */
+#endif
{ (struct vnodeop_desc*)NULL, (int(*)())NULL }
};
struct vnodeopv_desc devfs_spec_vnodeop_opv_desc =
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/mac_policy.h#5 (text+ko) ====
@@ -189,12 +189,11 @@
int (*mpo_setlabel_vnode_extattr)(struct ucred *cred,
struct vnode *vp, struct label *vlabel,
struct label *intlabel);
-#if 0
+
void (*mpo_update_devfsdirent)(struct mount *mp,
struct devnode *devfs_dirent,
struct label *direntlabel, struct vnode *vp,
struct label *vnodelabel);
-#endif
/*
* Labeling event operations: IPC objects.
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/vnode.h#4 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/vnode_if.h#2 (text+ko) ====
@@ -1309,6 +1309,26 @@
return (VCALL(vp, VOFFSET(vop_cmap), &a));
}
+struct vop_setlabel_args {
+ struct vnodeop_desc *a_desc;
+ struct vnode *a_vp;
+ struct label *a_vl;
+ struct ucred *a_cred;
+ struct proc *a_p;
+};
+extern struct vnodeop_desc vop_setlabel_desc;
+#define VOP_SETLABEL(vp, vl, cred, p) _VOP_SETLABEL(vp, vl, cred, p)
+static __inline int _VOP_SETLABEL(struct vnode *vp, struct label *vl, struct ucred *cred, struct proc *p)
+{
+ struct vop_setlabel_args a;
+ a.a_desc = VDESC(vop_setlabel);
+ a.a_vp = vp;
+ a.a_vl = vl;
+ a.a_cred = cred;
+ a.a_p = p;
+ return (VCALL(vp, VOFFSET(vop_setlabel), &a));
+}
+
/* Special cases: */
#include <sys/buf.h>
#include <sys/vm.h>
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vfs_support.c#2 (text+ko) ====
@@ -245,6 +245,11 @@
return (EOPNOTSUPP);
}
+int
+err_setlabel(struct vop_setlabel_args *ap)
+{
+ return (EOPNOTSUPP);
+}
struct vop_getattrlist_args /* {
struct vnode *a_vp;
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vfs_support.h#2 (text+ko) ====
@@ -80,6 +80,8 @@
extern int nop_setattr(struct vop_setattr_args *ap);
extern int err_setattr(struct vop_setattr_args *ap);
+extern int err_setlabel(struct vop_setlabel_args *ap);
+
extern int nop_getattrlist(struct vop_getattrlist_args *ap);
extern int err_getattrlist(struct vop_getattrlist_args *ap);
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vnode_if.c#2 (text+ko) ====
@@ -1035,6 +1035,22 @@
NULL,
};
+int vop_setlabel_vp_offsets[] = {
+ VOPARG_OFFSETOF(struct vop_setlabel_args,a_vp),
+ VDESC_NO_OFFSET
+};
+struct vnodeop_desc vop_setlabel_desc = {
+ 0,
+ "vop_setlabel",
+ 0,
+ vop_setlabel_vp_offsets,
+ VDESC_NO_OFFSET,
+ VOPARG_OFFSETOF(struct vop_setlabel_args, a_cred),
+ VOPARG_OFFSETOF(struct vop_setlabel_args, a_p),
+ VDESC_NO_OFFSET,
+ NULL,
+};
+
/* Special cases: */
int vop_strategy_vp_offsets[] = {
@@ -1133,6 +1149,7 @@
&vop_blktooff_desc,
&vop_offtoblk_desc,
&vop_cmap_desc,
+ &vop_setlabel_desc,
NULL
};
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vnode_if.src#2 (text+ko) ====
@@ -177,6 +177,7 @@
IN struct proc *p;
};
+
#
#% getattrlist vp = = =
#
@@ -715,3 +716,12 @@
OUT void *poff;
};
+#
+#% setlabel vp L L L
+#
+vop_setlabel {
+ IN struct vnode *vp;
+ IN struct label *vl;
+ IN struct ucred *cred;
+ IN struct proc *p;
+};
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#8 (text+ko) ====
@@ -2105,6 +2105,8 @@
.mpo_internalize_vnode_label = sebsd_internalize_vnode_label,
.mpo_externalize_vnode_label = sebsd_externalize_vnode_label,
+ .mpo_relabel_vnode = sebsd_relabel_vnode,
+
/* Create Labels */
.mpo_create_cred = sebsd_create_cred,
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list