PERFORCE change 76200 for review

Fri Apr 29 14:48:13 GMT 2005

http://perforce.freebsd.org/chv.cgi?CH=76200

Change 76200 by areisse at areisse_ibook on 2005/04/29 14:48:09

	Enable access checks on all bootstrap namespace methods.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/darwin/system_cmds/mach_init.tproj/Makefile#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/system_cmds/mach_init.tproj/bootstrap.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/system_cmds/mach_init.tproj/bootstrap.defs#2 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/system_cmds/mach_init.tproj/Makefile#3 (text+ko) ====

@@ -33,7 +33,6 @@
 DEBUG_LIBS = $(LIBS)
 PROF_LIBS = $(LIBS)
 
-
 NEXTSTEP_PB_CFLAGS = -DMACH_USER_API
 WINDOWS_PB_CFLAGS = -DMACH_USER_API
 PDO_UNIX_PB_CFLAGS = -DMACH_USER_API
@@ -57,3 +56,5 @@
 -include Makefile.postamble
 
 -include Makefile.dependencies
+
+include ../../build/Mig.mk

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/system_cmds/mach_init.tproj/bootstrap.c#3 (text+ko) ====

@@ -975,6 +975,7 @@
     service_t *servicep;
     server_t *serverp;
     kern_return_t result;
+    mach_msg_mac_trailer_t *trailer = (mach_msg_mac_trailer_t *) (((char*)Request)+Request->msgh_size);
 	mig_reply_error_t *reply;
         
 	debug("received message on port %x\n", Request->msgh_local_port);
@@ -1156,8 +1157,11 @@
      
 	else {	/* must be a service request */
 		debug("Handled request.");
-		return bootstrap_server(Request, Reply);
+		boolean_t result = bootstrap_server(Request, Reply);
+		//mach_port_destroy(mach_task_self(), trailer->msgh_labels.sender);
+		return result;
 	}
+	//mach_port_destroy(mach_task_self(), trailer->msgh_labels.sender);
 	return TRUE;
 }
 
@@ -1179,6 +1183,7 @@
 						bootstrapMaxRequestSize,
 						bootstrap_port_set,
                         MACH_RCV_TRAILER_ELEMENTS(MACH_RCV_TRAILER_SENDER)|
+                        MACH_RCV_TRAILER_ELEMENTS(MACH_RCV_TRAILER_AV)|
                         MACH_RCV_TRAILER_TYPE(MACH_MSG_TRAILER_FORMAT_0));
 		if (mresult != MACH_MSG_SUCCESS)
 				kern_error(mresult, "mach_msg_server");

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/system_cmds/mach_init.tproj/bootstrap.defs#2 (text+ko) ====

@@ -135,7 +135,7 @@
  * Errors:	Returns appropriate kernel errors on rpc failure.
  *		Returns BOOTSTRAP_NOT_PRIVILEGED, bootstrap or uid invalid.
  */
-routine bootstrap_create_server(
+routine bootstrap_create_server checkaccess(
 		bootstrap_port	: mach_port_t;
 		server_cmd	: cmd_t;
 		server_uid	: integer_t;
@@ -158,7 +158,7 @@
  * children (or any offspring that it does not want to count as part
  * of the "server" for mach_init registration and re-launch purposes).
  */
-routine bootstrap_unprivileged(
+routine bootstrap_unprivileged checkaccess (
 		bootstrap_port	: mach_port_t;
 	out	unpriv_port	: mach_port_t);
 
@@ -183,7 +183,7 @@
  *		Returns BOOTSTRAP_SERVICE_ACTIVE, if service has already been
  *			registered or checked-in.
  */
-routine bootstrap_check_in(
+routine bootstrap_check_in checkaccess(
 			bootstrap_port	: mach_port_t;
 			service_name	: name_t;
 		out	service_port	: mach_port_move_receive_t);
@@ -210,7 +210,7 @@
  *		Returns BOOTSTRAP_NAME_IN_USE, if service has already been
  *			register or checked-in.
  */
-routine bootstrap_register(
+routine bootstrap_register checkaccess(
 		bootstrap_port	: mach_port_t;
 		service_name	: name_t;
 		service_port	: mach_port_t);
@@ -228,7 +228,7 @@
  * Errors:	Returns appropriate kernel errors on rpc failure.
  *		Returns BOOTSTRAP_UNKNOWN_SERVICE, if service does not exist.
  */
-routine bootstrap_look_up(
+routine bootstrap_look_up checkaccess(
 		bootstrap_port	: mach_port_t;
 		service_name	: name_t;
 	out	service_port	: mach_port_t);
@@ -255,7 +255,7 @@
  *		If all services are known, all_services_known is true on
  *			return, if any service is unknown, it's false.
  */
-routine bootstrap_look_up_array(
+routine bootstrap_look_up_array checkaccess(
 		bootstrap_port	: mach_port_t;
 		service_names	: name_array_t;
 	out	service_ports	: mach_port_array_t;
@@ -275,7 +275,7 @@
  *	with an effective user id of root (as determined by the security
  *	token in the message trailer).
  */
-routine bootstrap_parent(
+routine bootstrap_parent checkaccess(
 		bootstrap_port	: mach_port_t;
  ServerSecToken	token		: security_token_t;
 	out	parent_port	: mach_port_make_send_t);
@@ -292,7 +292,7 @@
  * Errors:	Returns appropriate kernel errors on rpc failure.
  *		Returns BOOTSTRAP_UNKNOWN_SERVICE, if service does not exist.
  */
-routine bootstrap_status(
+routine bootstrap_status checkaccess(
 		bootstrap_port	:	mach_port_t;
 		service_name	:	name_t;
 	out	service_active	:	bootstrap_status_t);
@@ -309,7 +309,7 @@
  *			
  * Errors:	Returns appropriate kernel errors on rpc failure.
  */
-routine bootstrap_info(
+routine bootstrap_info checkaccess(
 		bootstrap_port	: mach_port_t;
 	out	service_names	: name_array_t, dealloc;
 	out server_names	: name_array_t, dealloc;
@@ -335,7 +335,7 @@
  *
  * Errors:	Returns appropriate kernel errors on rpc failure.
  */
-routine bootstrap_subset(
+routine bootstrap_subset checkaccess(
 		bootstrap_port	: mach_port_t;
 		requestor_port	: mach_port_t;
 	out	subset_port	: mach_port_t);
@@ -353,7 +353,7 @@
  * Errors:	Returns appropriate kernel errors on rpc failure.
  *		Returns BOOTSTRAP_SERVICE_ACTIVE, if service already exists.
  */
-routine bootstrap_create_service(
+routine bootstrap_create_service checkaccess(
 		bootstrap_port	: mach_port_t;
 		service_name	: name_t;
 	out	service_port	: mach_port_t);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

