PERFORCE change 47145 for review
Andrew Reisse
areisse at FreeBSD.org
Wed Feb 18 21:15:36 GMT 2004
http://perforce.freebsd.org/chv.cgi?CH=47145
Change 47145 by areisse at areisse_ibook on 2004/02/18 13:15:33
Uses label handle message trailer format for
bootstrap security checks.
Affected files ...
.. //depot/projects/trustedbsd/sedarwin/apsl/system_cmds/mach_init.tproj/bootstrap.c#3 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/system_cmds/mach_init.tproj/rpc_services.c#3 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin/apsl/system_cmds/mach_init.tproj/bootstrap.c#3 (text+ko) ====
@@ -1015,6 +1015,7 @@
server_t *serverp;
kern_return_t result;
mig_reply_error_t *reply;
+ mach_msg_mac_trailer_t *trailer = (mach_msg_mac_trailer_t *) (((char*)Request)+Request->msgh_size);
debug("received message on port %x\n", Request->msgh_local_port);
@@ -1195,8 +1196,11 @@
else { /* must be a service request */
debug("Handled request.");
- return bootstrap_server(Request, Reply);
+ boolean_t result = bootstrap_server(Request, Reply);
+ mach_port_destroy(mach_task_self(), trailer->msgh_labels.sender);
+ return result;
}
+ mach_port_destroy(mach_task_self(), trailer->msgh_labels.sender);
return TRUE;
}
==== //depot/projects/trustedbsd/sedarwin/apsl/system_cmds/mach_init.tproj/rpc_services.c#3 (text+ko) ====
@@ -99,9 +99,9 @@
return BOOTSTRAP_NOT_PRIVILEGED;
}
- kern_return_t kr = mac_check_name_port_access
+ kern_return_t kr = mac_check_port_access
(mach_task_self(),
- labels.slabel, bootstrap_port,
+ labels.sender, bootstrap_port,
"mach_names", "create_server");
if (kr)
return BOOTSTRAP_NOT_PRIVILEGED;
@@ -297,9 +297,9 @@
debug("Register attempt for service %s port %x",
service_name, service_port);
- result = mac_check_name_port_access (mach_task_self(),
- labels.slabel, bootstrap_port,
- "mach_names", "register");
+ result = mac_check_port_access (mach_task_self(),
+ labels.sender, bootstrap_port,
+ "mach_names", "register");
if (result)
return result;
@@ -419,13 +419,13 @@
servicep = lookup_service_by_name(bootstrap, service_name);
mach_port_t sp = servicep ? servicep->port : MACH_PORT_NULL;
- kern_return_t kr = mac_check_name_port_access
+ kern_return_t kr = mac_check_port_access
(mach_task_self(),
- labels.slabel, sp == MACH_PORT_NULL ? bootstrap_port : sp,
+ labels.sender, sp == MACH_PORT_NULL ? bootstrap_port : sp,
"mach_names", "look_up");
if (kr)
{
- log("bootstrap denied %s :%d", labels.slabel, kr);
+ log("bootstrap denied %d :%d", labels.sender, kr);
return KERN_NO_ACCESS;
}
@@ -746,8 +746,8 @@
if (!bootstrap || !active_bootstrap(bootstrap))
return BOOTSTRAP_NOT_PRIVILEGED;
- kern_return_t kr = mac_check_name_port_access
- (mach_task_self(), labels.slabel, bootstrap_port,
+ kern_return_t kr = mac_check_port_access
+ (mach_task_self(), labels.sender, bootstrap_port,
"mach_names", "makesubset");
if (kr)
return BOOTSTRAP_NOT_PRIVILEGED;
@@ -774,13 +774,22 @@
if (result != KERN_SUCCESS)
kern_fatal(result, "port_set_add");
+ char slabel[512];
char *nslabel;
- result = security_change_context2 (labels.slabel+6, labels.slabel+6, "mach_names",
+
+ result = mach_get_port_label (mach_task_self(), labels.sender, slabel);
+ if (result)
+ {
+ log ("error getting port label");
+ }
+ else {
+
+ result = security_change_context2 (slabel+6, slabel+6, "mach_names",
&nslabel);
if (result)
{
- log ("error changing context for %s", labels.slabel);
- nslabel = labels.slabel;
+ log ("error changing context for %s", slabel);
+ nslabel = slabel;
}
else
{
@@ -795,6 +804,7 @@
nslabel);
if (result != KERN_SUCCESS)
kern_fatal(result, "mach_set_port_label");
+ }
subset = new_bootstrap(bootstrap, new_bootstrap_port, requestor_port);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list