PERFORCE change 42373 for review

Andrew Reisse areisse at FreeBSD.org
Fri Nov 14 20:20:29 GMT 2003 

http://perforce.freebsd.org/chv.cgi?CH=42373

Change 42373 by areisse at areisse_ibook on 2003/11/14 12:19:49

	enabled some permission checks

Affected files ...

.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/avc/avc.c#4 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#12 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/avc/avc.c#4 (text+ko) ====

@@ -577,7 +577,7 @@
 				struct vattr va;
 #ifdef __APPLE__
 				struct proc *curproc = current_proc();
-				if (VOP_ISLOCKED(vp) &&
+				if (/*VOP_ISLOCKED(vp) &&*/
 				    !VOP_GETATTR(vp, &va,
 						 curproc->p_ucred,
 						 curproc)) {

==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#12 (text+ko) ====

@@ -318,20 +318,20 @@
 	AVC_AUDIT_DATA_INIT(&ad, FS);
 	ad.u.fs.vp = vp;
 
-#if 0
 	if (file->sclass == 0) {
 		struct vattr va;
-		VOP_GETATTR(vp, &va, curthread->td_ucred, curthread);
+		struct proc *p = current_proc();
+		VOP_GETATTR (vp, &va, p->p_ucred, p);
 		printf("vnode_has_perm:: ERROR, sid=%d, sclass=0, v_type=%d,"
-		       " inode=%ld, fsid=%d\n",
-		       file->sid, vp->v_type, va.va_fileid, va.va_fsid);
+		       " inode=%ld, fsid=%d, fstype=%s, mnt=%s\n",
+		       file->sid, vp->v_type, va.va_fileid, va.va_fsid, vp->v_mount->mnt_vfc->vfc_name, vp->v_mount->mnt_stat.f_mntonname);
 		file->sclass = vnode_type_to_security_class(vp->v_type);
 		if (file->sclass == 0) {
 			printf("vnode_has_perm:: Giving up\n");
 			return 1; /* TBD: debugging */
 		}
 	}
-#endif
+
 	return avc_has_perm_ref_audit(task->sid, file->sid, file->sclass,
 				      perm, aeref ? aeref : &file->avcr, &ad);
 }
@@ -565,8 +565,16 @@
 
 	sbsec = SLOT(fslabel);
 	vsec = SLOT(vlabel);
-	vsec->sid = sbsec->sid;
+
  	vsec->sclass = vnode_type_to_security_class(vp->v_type);
+	if (sbsec == NULL)
+	  {
+	    if (vp->v_mount != NULL)
+	      printf ("create_vnode: no mount label for mnt=%s\n",
+		      vp->v_mount->mnt_stat.f_mntonname);
+	  }
+	else
+	  vsec->sid = sbsec->sid;
 }
 
 static void
@@ -1421,6 +1429,12 @@
 	if (dvp->v_mount) {
 		/* XXX: mpo_check_vnode_create should probably pass the mntlabel */
 		sbsec = SLOT (&dvp->v_mount->mnt_mntlabel);
+		if (sbsec == NULL)
+		  {
+		    printf ("create_vnode: no mount label for mnt=%s\n",
+			    dvp->v_mount->mnt_stat.f_mntonname);
+		    return 0;
+		  }
 		rc = avc_has_perm_audit(newsid, sbsec->sid, SECCLASS_FILESYSTEM,
 		    FILESYSTEM__ASSOCIATE, &ad);
 		if (rc)
@@ -2135,6 +2149,7 @@
 
   .mpo_create_devfs_device = sebsd_create_devfs_device,
 
+  .mpo_associate_vnode_singlelabel = sebsd_associate_vnode_singlelabel,
   .mpo_associate_vnode_extattr = sebsd_associate_vnode_extattr,
   .mpo_associate_vnode_devfs = sebsd_associate_vnode_devfs,
 
@@ -2142,6 +2157,44 @@
   .mpo_execve_will_transition = sebsd_execve_will_transition,
   .mpo_execve_transition = sebsd_execve_transition,
 
+  /* Checks */
+  .mpo_check_proc_signal = sebsd_check_proc_signal,
+  .mpo_check_vnode_access = sebsd_check_vnode_access,
+  .mpo_check_vnode_chdir = sebsd_check_vnode_chdir,
+  .mpo_check_vnode_chroot = sebsd_check_vnode_chroot,
+  //.mpo_check_vnode_create = sebsd_check_vnode_create,
+  .mpo_check_vnode_delete = sebsd_check_vnode_delete,
+
+#ifdef EXTATTR
+  .mpo_check_vnode_exec = sebsd_check_vnode_exec,
+
+	.mpo_check_vnode_getextattr = sebsd_check_vnode_getextattr,
+	.mpo_check_vnode_listextattr = NOT_IMPLEMENTED,
+	.mpo_check_vnode_deleteextattr = NOT_IMPLEMENTED,
+#endif
+  .mpo_check_vnode_link = sebsd_check_vnode_link,
+  .mpo_check_vnode_lookup = sebsd_check_vnode_lookup,
+  .mpo_check_vnode_mmap = sebsd_check_vnode_mmap,
+  .mpo_check_vnode_mprotect = sebsd_check_vnode_mmap,
+  .mpo_check_vnode_open = sebsd_check_vnode_open,
+  .mpo_check_vnode_poll = sebsd_check_vnode_poll,
+  .mpo_check_vnode_read = sebsd_check_vnode_read,
+  .mpo_check_vnode_readdir = sebsd_check_vnode_readdir,
+  .mpo_check_vnode_readlink = sebsd_check_vnode_readlink,
+  .mpo_check_vnode_relabel = sebsd_check_vnode_relabel,
+  .mpo_check_vnode_rename_from = sebsd_check_vnode_rename_from,
+  .mpo_check_vnode_rename_to = sebsd_check_vnode_rename_to,
+  .mpo_check_vnode_revoke = sebsd_check_vnode_revoke,
+#ifdef HAS_EXTATTRS
+	.mpo_check_vnode_setextattr = sebsd_check_vnode_setextattr,
+#endif
+  .mpo_check_vnode_setflags = sebsd_check_vnode_setflags,
+  .mpo_check_vnode_setmode = sebsd_check_vnode_setmode,
+  .mpo_check_vnode_setowner = sebsd_check_vnode_setowner,
+  .mpo_check_vnode_setutimes = sebsd_check_vnode_setutimes,
+  .mpo_check_vnode_stat = sebsd_check_vnode_stat,
+  .mpo_check_vnode_write = sebsd_check_vnode_write,
+
   .mpo_syscall = sebsd_syscall
 };
 
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list