PERFORCE change 40040 for review
Hrishikesh Dandekar
hdandeka at FreeBSD.org
Mon Oct 20 23:32:16 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=40040
Change 40040 by hdandeka at hdandeka_yash on 2003/10/20 16:31:49
Reverse Integrate the Sys V IPC and Posix sem related changes to the
SEBSD module from the rishi_sebsd branch to the sebsd parent branch.
Affected files ...
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/test/test_ipc.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/test/test_task_create.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/test/test_task_setpgid.te#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/flask/access_vectors#3 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/flask/security_classes#2 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/global_macros.te#3 integrate
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/mls#2 integrate
.. //depot/projects/trustedbsd/sebsd/sys/i386/conf/MAC#5 integrate
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/av_perm_to_string.h#4 integrate
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/av_permissions.h#5 integrate
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/class_to_string.h#4 integrate
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/flask.h#3 integrate
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/flask/access_vectors#4 integrate
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/flask/security_classes#3 integrate
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#23 integrate
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_labels.h#6 integrate
Differences ...
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/test/test_ipc.te#2 (text+ko) ====
@@ -27,6 +27,7 @@
allow test_ipc_read_t test_ipc_base_t:msgq r_msgq_perms;
allow test_ipc_read_t test_ipc_base_t:shm r_shm_perms;
allow test_ipc_read_t test_ipc_base_t:msg {receive};
+allow test_ipc_read_t test_ipc_base_t:posix_sem r_posix_sem_perms;
# Ok, not strictly a read-only domain, it needs unix_write (course
# grain permission) in order to test some finer grained permissions
allow test_ipc_read_t test_ipc_base_t:msgq {unix_write};
@@ -38,6 +39,7 @@
allow test_ipc_base_t test_ipc_read_t:sem rw_sem_perms;
allow test_ipc_base_t test_ipc_read_t:msgq rw_msgq_perms;
allow test_ipc_base_t test_ipc_read_t:shm rw_shm_perms;
+allow test_ipc_base_t test_ipc_read_t:posix_sem rw_posix_sem_perms;
allow test_ipc_base_t kernel_t:system { ipc_info };
# allow the associate domain to only associate with
@@ -45,6 +47,7 @@
allow test_ipc_associate_t test_ipc_base_t:sem {unix_read unix_write associate};
allow test_ipc_associate_t test_ipc_base_t:shm {unix_read unix_write associate};
allow test_ipc_associate_t test_ipc_base_t:msgq {unix_read unix_write associate};
+allow test_ipc_associate_t test_ipc_base_t:posix_sem {associate};
# allow to lock down an IPC region created by self
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/test/test_task_create.te#2 (text+ko) ====
@@ -30,9 +30,10 @@
allow test_create_no_t self:unix_stream_socket connectto;
# Access System V IPC objects created by processes in the same domain.
allow test_create_no_t self:sem rw_sem_perms;
-allow test_create_no_t self:msg { send receive };
+allow test_create_no_t self:msg { send receive destroy };
allow test_create_no_t self:msgq rw_msgq_perms;
allow test_create_no_t self:shm rw_shm_perms;
+allow test_create_no_t self:posix_sem rw_posix_sem_perms;
# Send SIGCHLD to init.
allow test_create_no_t init_t:process sigchld;
# Use descriptors created by login, sshd, or newrole.
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/test/test_task_setpgid.te#2 (text+ko) ====
@@ -29,9 +29,10 @@
allow test_setpgid_no_t self:unix_stream_socket connectto;
# Access System V IPC objects created by processes in the same domain.
allow test_setpgid_no_t self:sem rw_sem_perms;
-allow test_setpgid_no_t self:msg { send receive };
+allow test_setpgid_no_t self:msg { send receive destroy };
allow test_setpgid_no_t self:msgq rw_msgq_perms;
allow test_setpgid_no_t self:shm rw_shm_perms;
+allow test_setpgid_no_t self:posix_sem rw_posix_sem_perms;
# Send SIGCHLD to init.
allow test_setpgid_no_t init_t:process sigchld;
# Use descriptors created by login, sshd, or newrole.
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/flask/access_vectors#3 (text+ko) ====
@@ -256,12 +256,19 @@
{
send
receive
+ destroy
}
class shm
inherits ipc
+
+class posix_sem
{
- lock
+ associate
+ disassociate
+ destroy
+ write
+ read
}
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/flask/security_classes#2 (text+ko) ====
@@ -40,4 +40,7 @@
class shm
class ipc
+#Posix.1b-related classes
+class posix_sem
+
# FLASK
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/macros/global_macros.te#3 (text+ko) ====
@@ -165,7 +165,9 @@
define(`r_msgq_perms', `{ associate getattr read unix_read }')
define(`rw_msgq_perms', `{ associate getattr setattr create destroy read write enqueue unix_read unix_write }')
define(`r_shm_perms', `{ associate getattr read unix_read }')
-define(`rw_shm_perms', `{ associate getattr setattr create destroy read write lock unix_read unix_write }')
+define(`rw_shm_perms', `{ associate getattr setattr create destroy read write unix_read unix_write }')
+define(`r_posix_sem_perms', `{ associate disassociate read }')
+define(`rw_posix_sem_perms', `{ associate disassociate destroy write read }')
#
# Mimic the dac_override capability from linux
@@ -598,9 +600,10 @@
# Access System V IPC objects created by processes in the same domain.
allow $1 self:sem rw_sem_perms;
-allow $1 self:msg { send receive };
+allow $1 self:msg { send receive destroy };
allow $1 self:msgq rw_msgq_perms;
allow $1 self:shm rw_shm_perms;
+allow $1 self:posix_sem rw_posix_sem_perms;
# Use descriptors created by login, sshd, or newrole.
allow $1 local_login_t:fd use;
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/mls#2 (text+ko) ====
@@ -212,11 +212,18 @@
{
send : write
receive : read
+ destroy : write
}
class shm
+
+class posix_sem
{
- lock : write
+ associate : none
+ disassociate : none
+ destroy : write
+ write : write
+ read : read
}
class security
==== //depot/projects/trustedbsd/sebsd/sys/i386/conf/MAC#5 (text+ko) ====
@@ -57,6 +57,7 @@
options SYSVMSG #SYSV-style message queues
options SYSVSEM #SYSV-style semaphores
options _KPOSIX_PRIORITY_SCHEDULING #Posix P1003_1B real-time extensions
+options P1003_1B_SEMAPHORES #POSIX P1003_1B semaphores
options KBD_INSTALL_CDEV # install a CDEV entry in /dev
options AHC_REG_PRETTY_PRINT # Print register bitfields in debug
# output. Adds ~128k to driver.
==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/av_perm_to_string.h#4 (text+ko) ====
@@ -67,7 +67,12 @@
{ SECCLASS_MSGQ, MSGQ__ENQUEUE, "enqueue" },
{ SECCLASS_MSG, MSG__SEND, "send" },
{ SECCLASS_MSG, MSG__RECEIVE, "receive" },
- { SECCLASS_SHM, SHM__LOCK, "lock" },
+ { SECCLASS_MSG, MSG__DESTROY, "destroy" },
+ { SECCLASS_POSIX_SEM, POSIX_SEM__ASSOCIATE, "associate" },
+ { SECCLASS_POSIX_SEM, POSIX_SEM__DISASSOCIATE, "disassociate" },
+ { SECCLASS_POSIX_SEM, POSIX_SEM__DESTROY, "destroy" },
+ { SECCLASS_POSIX_SEM, POSIX_SEM__WRITE, "write" },
+ { SECCLASS_POSIX_SEM, POSIX_SEM__READ, "read" },
{ SECCLASS_SECURITY, SECURITY__COMPUTE_AV, "compute_av" },
{ SECCLASS_SECURITY, SECURITY__NOTIFY_PERM, "notify_perm" },
{ SECCLASS_SECURITY, SECURITY__TRANSITION_SID, "transition_sid" },
==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/av_permissions.h#5 (text+ko) ====
@@ -527,6 +527,7 @@
#define MSG__SEND 0x0000000000000001UL
#define MSG__RECEIVE 0x0000000000000002UL
+#define MSG__DESTROY 0x0000000000000004UL
#define SHM__WRITE 0x0000000000000020UL
#define SHM__UNIX_WRITE 0x0000000000000100UL
@@ -538,7 +539,11 @@
#define SHM__DESTROY 0x0000000000000002UL
#define SHM__GETATTR 0x0000000000000004UL
-#define SHM__LOCK 0x0000000000000200UL
+#define POSIX_SEM__ASSOCIATE 0x0000000000000001UL
+#define POSIX_SEM__DISASSOCIATE 0x0000000000000002UL
+#define POSIX_SEM__DESTROY 0x0000000000000004UL
+#define POSIX_SEM__WRITE 0x0000000000000008UL
+#define POSIX_SEM__READ 0x0000000000000010UL
#define SECURITY__COMPUTE_AV 0x0000000000000001UL
#define SECURITY__NOTIFY_PERM 0x0000000000000002UL
==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/class_to_string.h#4 (text+ko) ====
@@ -34,5 +34,6 @@
"msgq",
"shm",
"ipc",
+ "posix_sem",
};
==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/flask.h#3 (text+ko) ====
@@ -36,6 +36,7 @@
#define SECCLASS_MSGQ 27
#define SECCLASS_SHM 28
#define SECCLASS_IPC 29
+#define SECCLASS_POSIX_SEM 30
/*
* Security identifier indices for initial entities
==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/flask/access_vectors#4 (text+ko) ====
@@ -256,12 +256,19 @@
{
send
receive
+ destroy
}
class shm
inherits ipc
+
+class posix_sem
{
- lock
+ associate
+ disassociate
+ destroy
+ write
+ read
}
==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/flask/security_classes#3 (text+ko) ====
@@ -40,4 +40,7 @@
class shm
class ipc
+#Posix.1b-related classes
+class posix_sem
+
# FLASK
==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#23 (text+ko) ====
@@ -52,7 +52,13 @@
#include <sys/pipe.h>
#include <sys/dirent.h>
#include <sys/capability.h>
+#include <sys/msg.h>
+#include <sys/msg_msg.h>
+#include <sys/sem.h>
+#include <sys/shm.h>
+#include <posix4/ksem.h>
+
#include <fs/devfs/devfs.h>
#include <vm/vm.h>
@@ -378,6 +384,16 @@
}
static void
+sebsd_init_ipc_label(struct label *label)
+{
+ struct ipc_security_struct *new;
+
+ new = malloc(sizeof(*new), M_SEBSD, M_ZERO | M_WAITOK);
+ new->sid = SECINITSID_UNLABELED;
+ SLOT(label) = new;
+}
+
+static void
sebsd_destroy_label(struct label *label)
{
@@ -393,6 +409,16 @@
}
static void
+sebsd_cleanup_ipc_label(struct label *label)
+{
+ struct ipc_security_struct *ipcsec;
+
+ ipcsec = SLOT(label);
+ bzero(ipcsec, sizeof(struct ipc_security_struct));
+ ipcsec->sid = SECINITSID_UNLABELED;
+}
+
+static void
sebsd_associate_vnode_devfs(struct mount *mp, struct label *fslabel,
struct devfs_dirent *de, struct label *delabel, struct vnode *vp,
struct label *vlabel)
@@ -521,6 +547,90 @@
}
static void
+sebsd_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr,
+ struct label *msqlabel, struct msg *msgptr, struct label *msglabel)
+{
+ struct task_security_struct *tsec;
+ struct ipc_security_struct *msqsec;
+ struct ipc_security_struct *msgsec;
+
+ tsec = SLOT(&cred->cr_label);
+ msqsec = SLOT(msqlabel);
+ msgsec = SLOT(msglabel);
+
+ bzero(msgsec, sizeof(*msgsec));
+ msgsec->sclass = SECCLASS_MSG;
+
+ /* XXX should we return an error if security_transition_sid,
+ * Or, should we assign the msg object the thread sid?
+ */
+ if(security_transition_sid(tsec->sid, msqsec->sid,
+ SECCLASS_MSG, &msgsec->sid) < 0) {
+ printf("Warning: security_transition_sid failed on
+ create_ipc_msgmsg\n");
+ printf("Assigning the requesting thread's sid to the msg\n");
+ msgsec->sid = tsec->sid;
+ }
+}
+
+static void
+sebsd_create_ipc_msgqueue(struct ucred *cred, struct msqid_kernel *msqkptr,
+ struct label *msqlabel)
+{
+ struct task_security_struct *tsec;
+ struct ipc_security_struct *ipcsec;
+
+ tsec = SLOT(&cred->cr_label);
+ ipcsec = SLOT(msqlabel);
+
+ ipcsec->sid = tsec->sid;
+ ipcsec->sclass = SECCLASS_MSGQ;
+}
+
+static void
+sebsd_create_ipc_sema(struct ucred *cred, struct semid_kernel *semakptr,
+ struct label *semalabel)
+{
+ struct task_security_struct *tsec;
+ struct ipc_security_struct *ipcsec;
+
+ tsec = SLOT(&cred->cr_label);
+ ipcsec = SLOT(semalabel);
+
+ ipcsec->sid = tsec->sid;
+ ipcsec->sclass = SECCLASS_SEM;
+}
+
+static void
+sebsd_create_ipc_shm(struct ucred *cred, struct shmid_kernel *shmsegptr,
+ struct label *shmlabel)
+{
+ struct task_security_struct *tsec;
+ struct ipc_security_struct *ipcsec;
+
+ tsec = SLOT(&cred->cr_label);
+ ipcsec = SLOT(shmlabel);
+
+ ipcsec->sid = tsec->sid;
+ ipcsec->sclass = SECCLASS_SHM;
+}
+
+static void
+sebsd_create_posix_ksem(struct ucred *cred, struct ksem *ksemptr,
+ struct label *ks_label)
+{
+ struct task_security_struct *tsec;
+ struct ipc_security_struct *ipcsec;
+
+ tsec = SLOT(&cred->cr_label);
+ ipcsec = SLOT(ks_label);
+
+ ipcsec->sid = tsec->sid;
+ ipcsec->sclass = SECCLASS_POSIX_SEM;
+
+}
+
+static void
sebsd_create_devfs_device(struct ucred *cr, struct mount *mp, dev_t dev,
struct devfs_dirent *devfs_dirent, struct label *label,
const char *fullpath)
@@ -1976,6 +2086,270 @@
FD__USE, NULL));
}
+static int
+ipc_has_perm(struct ucred *cred, struct label *label, access_vector_t perm)
+{
+ struct task_security_struct *task;
+ struct ipc_security_struct *ipcsec;
+
+ task = SLOT(&cred->cr_label);
+ ipcsec = SLOT(label);
+
+ /*
+ * TBD: No audit information yet
+ */
+
+ return(avc_has_perm_ref(task->sid, ipcsec->sid, ipcsec->sclass,
+ perm, &ipcsec->avcr));
+}
+
+static int
+sebsd_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr)
+{
+
+ return(ipc_has_perm(cred, &msgptr->label, MSG__RECEIVE));
+}
+
+static int
+sebsd_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr)
+{
+
+ return(ipc_has_perm(cred, &msgptr->label, MSG__DESTROY));
+}
+
+static int
+sebsd_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr)
+{
+
+ return(ipc_has_perm(cred, &msqkptr->label, MSGQ__ASSOCIATE));
+}
+
+static int
+sebsd_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr)
+{
+
+ /* Can this process write to the queue? */
+ return(ipc_has_perm(cred, &msqkptr->label, MSGQ__WRITE));
+}
+
+static int
+sebsd_check_ipc_msgmsq(struct ucred *cred, struct msg *msgptr,
+ struct msqid_kernel *msqkptr)
+{
+ int rc;
+ struct task_security_struct *task;
+ struct ipc_security_struct *msgsec;
+ struct ipc_security_struct *msqsec;
+
+ task = SLOT(&cred->cr_label);
+ msgsec = SLOT(&msgptr->label);
+ msqsec = SLOT(&msqkptr->label);
+
+ /*
+ * TBD: No audit information yet
+ */
+
+ /* Can this process send the message */
+ rc = avc_has_perm_ref(task->sid, msgsec->sid, msgsec->sclass,
+ MSG__SEND, &msgsec->avcr);
+ if (rc)
+ return (rc);
+
+ /* Can the message be put in the message queue? */
+ return(avc_has_perm_ref(msgsec->sid, msqsec->sid, msqsec->sclass,
+ MSGQ__ENQUEUE, &msqsec->avcr));
+}
+
+static int
+sebsd_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr)
+{
+
+ return(ipc_has_perm(cred, &msqkptr->label, MSGQ__READ));
+}
+
+static int
+sebsd_check_ipc_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr,
+ int cmd)
+{
+ access_vector_t perm;
+
+ switch(cmd) {
+ case IPC_RMID:
+ perm = MSGQ__DESTROY;
+ break;
+ case IPC_SET:
+ perm = MSGQ__SETATTR;
+ break;
+ case IPC_STAT:
+ perm = MSGQ__GETATTR | MSGQ__ASSOCIATE;
+ break;
+ default:
+ return (EACCES);
+ }
+
+ /*
+ * TBD: No audit information yet
+ */
+ return(ipc_has_perm(cred, &msqkptr->label, perm));
+}
+
+static int
+sebsd_check_ipc_semctl(struct ucred *cred, struct semid_kernel *semakptr,
+ int cmd)
+{
+ access_vector_t perm;
+
+ switch(cmd) {
+ case GETPID:
+ case GETNCNT:
+ case GETZCNT:
+ perm = SEM__GETATTR;
+ break;
+ case GETVAL:
+ case GETALL:
+ perm = SEM__READ;
+ break;
+ case SETVAL:
+ case SETALL:
+ perm = SEM__WRITE;
+ break;
+ case IPC_RMID:
+ perm = SEM__DESTROY;
+ break;
+ case IPC_SET:
+ perm = SEM__SETATTR;
+ break;
+ case IPC_STAT:
+ perm = SEM__GETATTR | SEM__ASSOCIATE;
+ break;
+ default:
+ return (EACCES);
+ }
+
+ /*
+ * TBD: No audit information yet
+ */
+ return(ipc_has_perm(cred, &semakptr->label, perm));
+}
+
+static int
+sebsd_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr)
+{
+
+ return(ipc_has_perm(cred, &semakptr->label, SEM__ASSOCIATE));
+}
+
+static int
+sebsd_check_ipc_semop(struct ucred *cred, struct semid_kernel *semakptr,
+ size_t accesstype)
+{
+ access_vector_t perm;
+ perm = 0UL;
+
+ if( accesstype & SEM_R )
+ perm = SEM__READ;
+ if( accesstype & SEM_A )
+ perm = SEM__READ | SEM__WRITE;
+
+ return(ipc_has_perm(cred, &semakptr->label, perm));
+}
+
+static int
+sebsd_check_ipc_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr,
+ int shmflg)
+{
+ access_vector_t perm;
+
+ if (shmflg & SHM_RDONLY)
+ perm = SHM__READ;
+ else
+ perm = SHM__READ | SHM__WRITE;
+
+ return(ipc_has_perm(cred, &shmsegptr->label, perm));
+}
+
+static int
+sebsd_check_ipc_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr,
+ int cmd)
+{
+ access_vector_t perm;
+
+ switch(cmd) {
+ case IPC_RMID:
+ perm = SHM__DESTROY;
+ break;
+ case IPC_SET:
+ perm = SHM__SETATTR;
+ break;
+ case IPC_STAT:
+ case SHM_STAT:
+ perm = SHM__GETATTR | SHM__ASSOCIATE;
+ break;
+ default:
+ return (EACCES);
+ }
+
+ return(ipc_has_perm(cred, &shmsegptr->label, perm));
+
+}
+
+static int
+sebsd_check_ipc_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr,
+ int shmflg)
+{
+
+ return(ipc_has_perm(cred, &shmsegptr->label, SHM__ASSOCIATE));
+}
+
+static int
+sebsd_check_posix_sem_close(struct ucred *cred, struct ksem *ksemptr)
+{
+
+ return(ipc_has_perm(cred, &ksemptr->ks_label, POSIX_SEM__DISASSOCIATE));
+}
+
+static int
+sebsd_check_posix_sem_destroy(struct ucred *cred, struct ksem *ksemptr)
+{
+
+ return(ipc_has_perm(cred, &ksemptr->ks_label, POSIX_SEM__DESTROY));
+}
+
+static int
+sebsd_check_posix_sem_getvalue(struct ucred *cred, struct ksem *ksemptr)
+{
+
+ return(ipc_has_perm(cred, &ksemptr->ks_label, POSIX_SEM__READ));
+}
+
+static int
+sebsd_check_posix_sem_openexisting(struct ucred *cred, struct ksem *ksemptr)
+{
+
+ return(ipc_has_perm(cred, &ksemptr->ks_label, POSIX_SEM__ASSOCIATE));
+}
+
+static int
+sebsd_check_posix_sem_post(struct ucred *cred, struct ksem *ksemptr)
+{
+
+ return(ipc_has_perm(cred, &ksemptr->ks_label, POSIX_SEM__WRITE));
+}
+
+static int
+sebsd_check_posix_sem_unlink(struct ucred *cred, struct ksem *ksemptr)
+{
+
+ return(ipc_has_perm(cred, &ksemptr->ks_label, POSIX_SEM__DESTROY));
+}
+
+static int
+sebsd_check_posix_sem_wait(struct ucred *cred, struct ksem *ksemptr)
+{
+
+ return(ipc_has_perm(cred, &ksemptr->ks_label, POSIX_SEM__WRITE));
+}
+
static struct mac_policy_ops sebsd_ops = {
/* Init Labels */
.mpo_init = sebsd_init,
@@ -1984,11 +2358,16 @@
.mpo_init_devfsdirent_label = sebsd_init_vnode_label,
.mpo_init_file_label = sebsd_init_file_label,
.mpo_init_ifnet_label = sebsd_init_network_label,
+ .mpo_init_ipc_msgmsg_label = sebsd_init_ipc_label,
+ .mpo_init_ipc_msgqueue_label = sebsd_init_ipc_label,
+ .mpo_init_ipc_sema_label = sebsd_init_ipc_label,
+ .mpo_init_ipc_shm_label = sebsd_init_ipc_label,
.mpo_init_ipq_label = sebsd_init_network_label_waitcheck,
.mpo_init_mbuf_label = sebsd_init_network_label_waitcheck,
.mpo_init_mount_label = sebsd_init_mount_label,
.mpo_init_mount_fs_label = sebsd_init_mount_fs_label,
.mpo_init_pipe_label = sebsd_init_vnode_label,
+ .mpo_init_posix_ksem_label = sebsd_init_ipc_label,
.mpo_init_socket_label = sebsd_init_network_label_waitcheck,
.mpo_init_socket_peer_label = sebsd_init_network_label_waitcheck,
.mpo_init_vnode_label = sebsd_init_vnode_label,
@@ -1999,12 +2378,17 @@
.mpo_destroy_cred_label = sebsd_destroy_label,
.mpo_destroy_devfsdirent_label = sebsd_destroy_label,
.mpo_destroy_ifnet_label = sebsd_destroy_label,
+ .mpo_destroy_ipc_msgmsg_label = sebsd_destroy_label,
+ .mpo_destroy_ipc_msgqueue_label = sebsd_destroy_label,
+ .mpo_destroy_ipc_sema_label = sebsd_destroy_label,
+ .mpo_destroy_ipc_shm_label = sebsd_destroy_label,
.mpo_destroy_ipq_label = sebsd_destroy_label,
.mpo_destroy_mbuf_label = sebsd_destroy_label,
.mpo_destroy_file_label = sebsd_destroy_label,
.mpo_destroy_mount_label = sebsd_destroy_label,
.mpo_destroy_mount_fs_label = sebsd_destroy_label,
.mpo_destroy_pipe_label = sebsd_destroy_label,
+ .mpo_destroy_posix_ksem_label = sebsd_destroy_label,
.mpo_destroy_socket_label = sebsd_destroy_label,
.mpo_destroy_socket_peer_label = sebsd_destroy_label,
.mpo_destroy_vnode_label = sebsd_destroy_label,
@@ -2054,9 +2438,14 @@
.mpo_create_devfs_directory = sebsd_create_devfs_directory,
.mpo_create_devfs_symlink = sebsd_create_devfs_symlink,
.mpo_create_file = sebsd_create_file,
+ .mpo_create_ipc_msgmsg = sebsd_create_ipc_msgmsg,
+ .mpo_create_ipc_msgqueue = sebsd_create_ipc_msgqueue,
+ .mpo_create_ipc_sema = sebsd_create_ipc_sema,
+ .mpo_create_ipc_shm = sebsd_create_ipc_shm,
/* .mpo_create_mbuf_from_socket = sebsd_create_mbuf_from_socket, */
.mpo_create_mount = sebsd_create_mount,
.mpo_create_pipe = sebsd_create_pipe,
+ .mpo_create_posix_ksem = sebsd_create_posix_ksem,
.mpo_create_proc0 = sebsd_create_proc0,
.mpo_create_proc1 = sebsd_create_proc1,
.mpo_create_root_mount = sebsd_create_root_mount,
@@ -2086,6 +2475,20 @@
.mpo_check_mount = sebsd_check_mount,
.mpo_check_umount = sebsd_check_umount,
.mpo_check_remount = sebsd_check_remount,
+ .mpo_check_ipc_msgrcv = sebsd_check_ipc_msgrcv,
+ .mpo_check_ipc_msgrmid = sebsd_check_ipc_msgrmid,
+ .mpo_check_ipc_msqget = sebsd_check_ipc_msqget,
+ .mpo_check_ipc_msqsnd = sebsd_check_ipc_msqsnd,
+ .mpo_check_ipc_msgmsq = sebsd_check_ipc_msgmsq,
+ .mpo_check_ipc_msqrcv = sebsd_check_ipc_msqrcv,
+ .mpo_check_ipc_msqctl = sebsd_check_ipc_msqctl,
+ .mpo_check_ipc_semctl = sebsd_check_ipc_semctl,
+ .mpo_check_ipc_semget = sebsd_check_ipc_semget,
+ .mpo_check_ipc_semop = sebsd_check_ipc_semop,
+ .mpo_check_ipc_shmat = sebsd_check_ipc_shmat,
+ .mpo_check_ipc_shmctl = sebsd_check_ipc_shmctl,
+ /* .mpo_check_ipc_shmdt = sebsd_check_ipc_shmdt, */
+ .mpo_check_ipc_shmget = sebsd_check_ipc_shmget,
.mpo_check_mount_stat = sebsd_check_mount_stat,
.mpo_check_pipe_ioctl = sebsd_check_pipe_ioctl,
@@ -2095,6 +2498,14 @@
.mpo_check_pipe_stat = sebsd_check_pipe_stat,
.mpo_check_pipe_write = sebsd_check_pipe_write,
+ .mpo_check_posix_sem_close = sebsd_check_posix_sem_close,
+ .mpo_check_posix_sem_destroy = sebsd_check_posix_sem_destroy,
+ .mpo_check_posix_sem_getvalue = sebsd_check_posix_sem_getvalue,
+ .mpo_check_posix_sem_openexisting = sebsd_check_posix_sem_openexisting,
+ .mpo_check_posix_sem_post = sebsd_check_posix_sem_post,
+ .mpo_check_posix_sem_unlink = sebsd_check_posix_sem_unlink,
+ .mpo_check_posix_sem_wait = sebsd_check_posix_sem_wait,
+
.mpo_check_proc_debug = sebsd_check_proc_debug,
.mpo_check_proc_sched = sebsd_check_proc_sched,
.mpo_check_proc_signal = sebsd_check_proc_signal,
@@ -2143,7 +2554,10 @@
.mpo_setlabel_vnode_extattr = sebsd_setlabel_vnode_extattr,
/*.mpo_set_socket_peer_from_mbuf = sebsd_set_socket_peer_from_mbuf,*/
/*.mpo_set_socket_peer_from_socket = sebsd_set_socket_peer_from_socket,*/
-
+ .mpo_cleanup_ipc_msgmsg = sebsd_cleanup_ipc_label,
+ .mpo_cleanup_ipc_msgqueue = sebsd_cleanup_ipc_label,
+ .mpo_cleanup_ipc_sema = sebsd_cleanup_ipc_label,
+ .mpo_cleanup_ipc_shm = sebsd_cleanup_ipc_label,
.mpo_syscall = sebsd_syscall,
};
==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_labels.h#6 (text+ko) ====
@@ -65,6 +65,12 @@
struct avc_entry_ref avcr;
};
+struct ipc_security_struct {
+ security_id_t sid;
+ security_class_t sclass;
+ struct avc_entry_ref avcr;
+};
+
struct mount_security_struct {
security_id_t sid; /* SID of file system */
#ifndef __FreeBSD__
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list