PERFORCE change 76611 for review
Andrew Reisse
areisse at FreeBSD.org
Fri May 6 13:44:13 GMT 2005
http://perforce.freebsd.org/chv.cgi?CH=76611
Change 76611 by areisse at areisse_ibook on 2005/05/06 13:43:37
Bring over changes from selinux version 2004081908 (through sebsd).
This adds support for conditional rules (booleans).
This change is merging only, it does not work yet.
Affected files ...
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/avc/avc-selinux.c#1 branch
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/avc/avc.c#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/avc/avc.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/avc/avc_ss.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/flask_types.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/linux-compat.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#4 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_labels.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_syscall.c#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_syscalls.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_sysctl.c#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/avtab.c#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/avtab.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/conditional.c#1 branch
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/conditional.h#1 branch
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/constraint.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/context.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/ebitmap.c#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/ebitmap.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/fileutils.c#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/fileutils.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/global.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/hashtab.c#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/hashtab.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/init.c#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/policydb.c#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/policydb.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/queue.c#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/queue.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/security.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/services.c#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/services.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/services_private.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/sidtab.c#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/sidtab.h#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/symtab.c#2 integrate
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/symtab.h#2 integrate
Differences ...
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/avc/avc.c#2 (text+ko) ====
@@ -83,7 +83,76 @@
return (ssid ^ (tsid<<2) ^ (tclass<<4)) & (AVC_CACHE_SLOTS - 1);
}
+#ifdef AVC_CACHE_STATS
+static inline void avc_cache_stats_incr(int type)
+{
+ avc_cache_stats[type]++;
+}
+
+static inline void avc_cache_stats_add(int type, unsigned val)
+
+ avc_cache_stats[type] += val;
+}
+#else
+static inline void avc_cache_stats_incr(int type)
+{ }
+ if (rc)
+static inline void avc_cache_stats_add(int type, unsigned val)
+{ }
+#endif
+
/**
+ * avc_dump_av - Display an access vector in human-readable form.
+ * @tclass: target security class
+ * @av: access vector
+ */
+void avc_dump_av(security_class_t tclass, access_vector_t av)
+{
+ char **common_pts = 0;
+ access_vector_t common_base = 0, perm;
+ int i, i2;
+
+ if (av == 0) {
+ printk(" null");
+ return;
+ }
+
+ for (i = 0; i < ARRAY_SIZE(av_inherit); i++) {
+ if (av_inherit[i].tclass == tclass) {
+ common_pts = av_inherit[i].common_pts;
+ common_base = av_inherit[i].common_base;
+ break;
+ }
+ }
+
+ printk(" {");
+ i = 0;
+ perm = 1;
+ while (perm < common_base) {
+ if (perm & av)
+ printk(" %s", common_pts[i]);
+ i++;
+ perm <<= 1;
+ }
+
+ while (i < sizeof(av) * 8) {
+ if (perm & av) {
+ for (i2 = 0; i2 < ARRAY_SIZE(av_perm_to_string); i2++) {
+ if ((av_perm_to_string[i2].tclass == tclass) &&
+ (av_perm_to_string[i2].value == perm))
+ break;
+ }
+ if (i2 < ARRAY_SIZE(av_perm_to_string))
+ printk(" %s", av_perm_to_string[i2].name);
+ }
+ i++;
+ perm <<= 1;
+ }
+
+ printk(" }");
+}
+
+/**
* avc_dump_query - Display a SID pair and a class in human-readable form.
* @ssid: source security identifier
* @tsid: target security identifier
@@ -139,7 +208,7 @@
"%d entries\n", i);
break;
}
- bzero(new, sizeof(*new));
+ memset(new, 0, sizeof(*new));
new->next = avc_node_freelist;
avc_node_freelist = new;
}
@@ -931,13 +1000,13 @@
denied = requested & ~(ae->avd.allowed);
- if (/*!requested || */denied) {
+ if (!requested || denied) {
if (selinux_enforcing) {
spin_unlock_irqrestore(&avc_lock,flags);
rc = EACCES;
goto out;
} else {
- /*ae->avd.allowed |= requested;*/
+ ae->avd.allowed |= requested;
spin_unlock_irqrestore(&avc_lock,flags);
goto out;
}
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/avc/avc.h#2 (text+ko) ====
@@ -77,13 +77,9 @@
};
/* Initialize an AVC audit data structure. */
-#ifdef __APPLE__
-#define AVC_AUDIT_DATA_INIT(_d,_t) \
- { bzero((_d), sizeof(struct avc_audit_data)); (_d)->type = AVC_AUDIT_DATA_##_t; }
-#else
#define AVC_AUDIT_DATA_INIT(_d,_t) \
{ memset((_d), 0, sizeof(struct avc_audit_data)); (_d)->type = AVC_AUDIT_DATA_##_t; }
-#endif
+
/*
* AVC statistics
*/
@@ -96,26 +92,7 @@
#define AVC_CAV_PROBES 6
#define AVC_CAV_MISSES 7
#define AVC_NSTATS 8
-extern unsigned avc_cache_stats[AVC_NSTATS];
-
-#ifdef AVC_CACHE_STATS
-static inline void avc_cache_stats_incr(int type)
-{
- avc_cache_stats[type]++;
-}
-
-static inline void avc_cache_stats_add(int type, unsigned val)
-{
- avc_cache_stats[type] += val;
-}
-#else
-static inline void avc_cache_stats_incr(int type)
-{ }
-static inline void avc_cache_stats_add(int type, unsigned val)
-{ }
-#endif
-
/*
* AVC display support
*/
@@ -134,6 +111,7 @@
* AVC operations
*/
+/* Initialize the AVC */
void avc_init(void);
int avc_lookup(
@@ -185,5 +163,5 @@
u32 events, security_id_t ssid, security_id_t tsid,
security_class_t tclass, access_vector_t perms);
-#endif /* _SELINUX_AVC_H_ */
+#endif /* _LINUX_AVC_H_ */
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/avc/avc_ss.h#2 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/flask_types.h#2 (text+ko) ====
@@ -56,7 +56,7 @@
* for permissions are defined in the automatically generated
* header file av_permissions.h.
*/
-typedef u64 access_vector_t;
+typedef u32 access_vector_t;
/*
* Each object class is identified by a fixed-size value.
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/linux-compat.h#2 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#4 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.h#2 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_labels.h#2 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_syscall.c#2 (text+ko) ====
@@ -208,6 +208,20 @@
int *outlen;
};
+static int
+sebsd_get_bools(struct thread *td, struct sebsd_get_bools *gb)
+{
+ char *out = NULL;
+ if (gb->out)
+ out = malloc(gb->len, M_SEBSD, M_WAITOK);
+ int err = security_get_bool_string(&gb->len, out);
+ if (out && err == 0)
+ err = copyout(out, gb->out, gb->len);
+ if (out)
+ free(out, M_SEBSD);
+ return (err);
+}
+
int
sebsd_syscall(struct proc *td, int call, void *args)
{
@@ -286,6 +300,58 @@
}
break;
+
+ case SEBSDCALL_GET_BOOLS:
+ if (copyin(args, &gb, sizeof (struct sebsd_get_bools)))
+ return (EFAULT);
+ err = sebsd_get_bools(td, &gb);
+ if (copyout(&gb, args, sizeof (struct sebsd_get_bools)))
+ return (EFAULT);
+ break;
+
+ case SEBSDCALL_GET_BOOL:
+ {
+ char str[128];
+ int active, pending;
+ err = copyinstr(args,str, 128, NULL);
+ if (err)
+ return (err);
+ security_get_bool(str, &active, &pending);
+ *td->td_retval = active | (pending << 1);
+ return (0);
+ }
+
+ case SEBSDCALL_SET_BOOL:
+ {
+ char *str;
+
+ err = thread_has_security(td, SECURITY__SETBOOL);
+ if (err)
+ return (err);
+
+ if (copyin(args, &p, sizeof (struct lp_args)))
+ return (EFAULT);
+ str = malloc(p.len, M_SEBSD, M_WAITOK);
+ if (!str)
+ return (ENOMEM);
+ if (copyin(p.data, str, p.len)) {
+ free(str, M_SEBSD);
+ return (EFAULT);
+ }
+
+ str[p.len-1] = 0;
+ err = security_set_bool(str+1, str[0]-'0');
+ free(str, M_SEBSD);
+ break;
+ }
+
+ case SEBSDCALL_COMMIT_BOOLS:
+ err = thread_has_security(td, SECURITY__SETBOOL);
+ if (err)
+ return (err);
+
+ return security_commit_pending_bools();
+
default:
err = EINVAL;
break;
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_syscalls.h#2 (text+ko) ====
@@ -5,6 +5,10 @@
* TBD: Should we really try to line up with SELinux?
*/
#define SEBSDCALL_LOAD_POLICY 7
+#define SEBSDCALL_GET_BOOLS 8
+#define SEBSDCALL_GET_BOOL 9
+#define SEBSDCALL_SET_BOOL 10
+#define SEBSDCALL_COMMIT_BOOLS 11
#define SEBSDCALL_GETUSERSIDS 6
#define SEBSDCALL_GETFILESIDS 5
#define SEBSDCALL_CHANGE_SID 4
@@ -28,6 +32,10 @@
u32 seqno;
};
+struct sebsd_get_bools {
+ int len;
+ char *out;
+};
#endif /* _SEBSD_SYSCALLS_H_ */
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_sysctl.c#2 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/avtab.c#2 (text+ko) ====
@@ -4,6 +4,16 @@
* Author : Stephen Smalley, <sds at epoch.ncsc.mil>
*/
+/* Updated: Frank Mayer <mayerf at tresys.com> and Karl MacMillan <kmacmillan at tresys.com>
+ *
+ * Added conditional policy language extensions
+ *
+ * Copyright (C) 2003 Tresys Technology, LLC
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, version 2.
+ */
+
#ifdef _KERNEL
#include <sys/param.h>
#include <sys/conf.h>
@@ -22,6 +32,29 @@
(keyp->source_type << 9)) & \
AVTAB_HASH_MASK)
+static struct avtab_node*
+avtab_insert_node(struct avtab *h, int hvalue, struct avtab_node * prev, struct avtab_node * cur,
+ struct avtab_key *key, struct avtab_datum *datum)
+{
+ struct avtab_node * newnode;
+ newnode = kmalloc(sizeof(*newnode), GFP_KERNEL);
+ if (newnode == NULL)
+ return NULL;
+ memset(newnode, 0, sizeof(struct avtab_node));
+ newnode->key = *key;
+ newnode->datum = *datum;
+ if (prev) {
+ newnode->next = prev->next;
+ prev->next = newnode;
+ } else {
+ newnode->next = h->htable[hvalue];
+ h->htable[hvalue] = newnode;
+ }
+
+ h->nel++;
+ return newnode;
+}
+
int avtab_insert(struct avtab *h, struct avtab_key *key, struct avtab_datum *datum)
{
int hvalue;
@@ -50,25 +83,49 @@
break;
}
- newnode = kmalloc(sizeof(*newnode), GFP_KERNEL);
- if (newnode == NULL)
+ newnode = avtab_insert_node(h, hvalue, prev, cur, key, datum);
+ if(!newnode)
return ENOMEM;
- memset(newnode, 0, sizeof(*newnode));
- newnode->key = *key;
- newnode->datum = *datum;
- if (prev) {
- newnode->next = prev->next;
- prev->next = newnode;
- } else {
- newnode->next = h->htable[hvalue];
- h->htable[hvalue] = newnode;
- }
- h->nel++;
return 0;
}
+/* Unlike avtab_insert(), this function allow multiple insertions of the same
+ * key/specified mask into the table, as needed by the conditional avtab.
+ * It also returns a pointer to the node inserted.
+ */
+struct avtab_node *
+avtab_insert_nonunique(struct avtab * h, struct avtab_key * key, struct avtab_datum * datum)
+{
+ int hvalue;
+ struct avtab_node *prev, *cur, *newnode;
+ if (!h)
+ return NULL;
+ hvalue = AVTAB_HASH(key);
+ for (prev = NULL, cur = h->htable[hvalue];
+ cur;
+ prev = cur, cur = cur->next) {
+ if (key->source_type == cur->key.source_type &&
+ key->target_type == cur->key.target_type &&
+ key->target_class == cur->key.target_class &&
+ (datum->specified & cur->datum.specified))
+ break;
+ if (key->source_type < cur->key.source_type)
+ break;
+ if (key->source_type == cur->key.source_type &&
+ key->target_type < cur->key.target_type)
+ break;
+ if (key->source_type == cur->key.source_type &&
+ key->target_type == cur->key.target_type &&
+ key->target_class < cur->key.target_class)
+ break;
+ }
+ newnode = avtab_insert_node(h, hvalue, prev, cur, key, datum);
+
+ return newnode;
+}
+
struct avtab_datum *avtab_search(struct avtab *h, struct avtab_key *key, int specified)
{
int hvalue;
@@ -99,12 +156,73 @@
return NULL;
}
+/* This search function returns a node pointer, and can be used in
+ * conjunction with avtab_search_next_node()
+ */
+struct avtab_node*
+avtab_search_node(struct avtab *h, struct avtab_key *key, int specified)
+{
+ int hvalue;
+ struct avtab_node *cur;
+
+ if (!h)
+ return NULL;
+
+ hvalue = AVTAB_HASH(key);
+ for (cur = h->htable[hvalue]; cur; cur = cur->next) {
+ if (key->source_type == cur->key.source_type &&
+ key->target_type == cur->key.target_type &&
+ key->target_class == cur->key.target_class &&
+ (specified & cur->datum.specified))
+ return cur;
+
+ if (key->source_type < cur->key.source_type)
+ break;
+ if (key->source_type == cur->key.source_type &&
+ key->target_type < cur->key.target_type)
+ break;
+ if (key->source_type == cur->key.source_type &&
+ key->target_type == cur->key.target_type &&
+ key->target_class < cur->key.target_class)
+ break;
+ }
+ return NULL;
+}
+
+struct avtab_node*
+avtab_search_node_next(struct avtab_node *node, int specified)
+{
+ struct avtab_node *cur;
+
+ if (!node)
+ return NULL;
+
+ for (cur = node->next; cur; cur = cur->next) {
+ if (node->key.source_type == cur->key.source_type &&
+ node->key.target_type == cur->key.target_type &&
+ node->key.target_class == cur->key.target_class &&
+ (specified & cur->datum.specified))
+ return cur;
+
+ if (node->key.source_type < cur->key.source_type)
+ break;
+ if (node->key.source_type == cur->key.source_type &&
+ node->key.target_type < cur->key.target_type)
+ break;
+ if (node->key.source_type == cur->key.source_type &&
+ node->key.target_type == cur->key.target_type &&
+ node->key.target_class < cur->key.target_class)
+ break;
+ }
+ return NULL;
+}
+
void avtab_destroy(struct avtab *h)
{
int i;
struct avtab_node *cur, *temp;
- if (!h)
+ if (!h || !h->htable)
return;
for (i = 0; i < AVTAB_SIZE; i++) {
@@ -117,6 +235,7 @@
h->htable[i] = NULL;
}
kfree(h->htable);
+ h->htable = NULL;
}
@@ -184,6 +303,67 @@
max_chain_len);
}
+int avtab_read_item(void *fp, struct avtab_datum *avdatum, struct avtab_key *avkey)
+{
+ u32 *buf;
+ u32 items, items2;
+
+ memset(avkey, 0, sizeof(struct avtab_key));
+ memset(avdatum, 0, sizeof(struct avtab_datum));
+
+ buf = next_entry(fp, sizeof(u32));
+ if (!buf) {
+ printk(KERN_ERR "security: avtab: truncated entry\n");
+ goto bad;
+ }
+ items2 = le32_to_cpu(buf[0]);
+ buf = next_entry(fp, sizeof(u32)*items2);
+ if (!buf) {
+ printk(KERN_ERR "security: avtab: truncated entry\n");
+ goto bad;
+ }
+ items = 0;
+ avkey->source_type = le32_to_cpu(buf[items++]);
+ avkey->target_type = le32_to_cpu(buf[items++]);
+ avkey->target_class = le32_to_cpu(buf[items++]);
+ avdatum->specified = le32_to_cpu(buf[items++]);
+ if (!(avdatum->specified & (AVTAB_AV | AVTAB_TYPE))) {
+ printk(KERN_ERR "security: avtab: null entry\n");
+ goto bad;
+ }
+ if ((avdatum->specified & AVTAB_AV) &&
+ (avdatum->specified & AVTAB_TYPE)) {
+ printk(KERN_ERR "security: avtab: entry has both access vectors and types\n");
+ goto bad;
+ }
+
+
+ if (avdatum->specified & AVTAB_AV) {
+ if (avdatum->specified & AVTAB_ALLOWED)
+ avtab_allowed(avdatum) = le32_to_cpu(buf[items++]);
+ if (avdatum->specified & AVTAB_AUDITDENY)
+ avtab_auditdeny(avdatum) = le32_to_cpu(buf[items++]);
+ if (avdatum->specified & AVTAB_AUDITALLOW)
+ avtab_auditallow(avdatum) = le32_to_cpu(buf[items++]);
+ } else {
+ if (avdatum->specified & AVTAB_TRANSITION)
+ avtab_transition(avdatum) = le32_to_cpu(buf[items++]);
+ if (avdatum->specified & AVTAB_CHANGE)
+ avtab_change(avdatum) = le32_to_cpu(buf[items++]);
+ if (avdatum->specified & AVTAB_MEMBER)
+ avtab_member(avdatum) = le32_to_cpu(buf[items++]);
+ }
+ if (items != items2) {
+ printk(KERN_ERR "security: avtab: entry only had %d items, expected %d\n",
+ items2, items);
+ goto bad;
+ }
+
+ return 0;
+bad:
+ return -1;
+}
+
int avtab_read(struct avtab *a, void *fp, u32 config)
{
int i, rc = EINVAL;
@@ -204,67 +384,8 @@
goto bad;
}
for (i = 0; i < nel; i++) {
- memset(&avkey, 0, sizeof(avkey));
- memset(&avdatum, 0, sizeof(avdatum));
-
- buf = next_entry(fp, sizeof(u32));
- if (!buf) {
- printk(KERN_ERR "security: avtab: truncated entry\n");
- goto bad;
- }
- items2 = le32_to_cpu(buf[0]);
- buf = next_entry(fp, sizeof(u32)*items2);
- if (!buf) {
- printk(KERN_ERR "security: avtab: truncated entry\n");
- goto bad;
- }
- items = 0;
- avkey.source_type = le32_to_cpu(buf[items++]);
- avkey.target_type = le32_to_cpu(buf[items++]);
- avkey.target_class = le32_to_cpu(buf[items++]);
- avdatum.specified = le32_to_cpu(buf[items++]);
- if (!(avdatum.specified & (AVTAB_AV | AVTAB_TYPE))) {
- printk(KERN_ERR "security: avtab: null entry\n");
- goto bad;
- }
- if ((avdatum.specified & AVTAB_AV) &&
- (avdatum.specified & AVTAB_TYPE)) {
- printk(KERN_ERR "security: avtab: entry has both "
- "access vectors and types\n");
+ if (avtab_read_item(fp, &avdatum, &avkey))
goto bad;
- }
- if (avdatum.specified & AVTAB_AV) {
- if (avdatum.specified & AVTAB_ALLOWED)
- {
- u32 b1 = le32_to_cpu (buf[items++]);
- u32 b2 = le32_to_cpu (buf[items++]);
- avtab_allowed(&avdatum) = (((u64) b1) << 32) | b2;
- }
- if (avdatum.specified & AVTAB_AUDITDENY)
- {
- u32 b1 = le32_to_cpu (buf[items++]);
- u32 b2 = le32_to_cpu (buf[items++]);
- avtab_auditdeny(&avdatum) = (((u64) b1) << 32) | b2;
- }
- if (avdatum.specified & AVTAB_AUDITALLOW)
- {
- u32 b1 = le32_to_cpu (buf[items++]);
- u32 b2 = le32_to_cpu (buf[items++]);
- avtab_auditallow(&avdatum) = (((u64) b1) << 32) | b2;
- }
- } else {
- if (avdatum.specified & AVTAB_TRANSITION)
- avtab_transition(&avdatum) = le32_to_cpu(buf[items++]);
- if (avdatum.specified & AVTAB_CHANGE)
- avtab_change(&avdatum) = le32_to_cpu(buf[items++]);
- if (avdatum.specified & AVTAB_MEMBER)
- avtab_member(&avdatum) = le32_to_cpu(buf[items++]);
- }
- if (items != items2) {
- printk(KERN_ERR "security: avtab: entry only had %d "
- "items, expected %d\n", items2, items);
- goto bad;
- }
rc = avtab_insert(a, &avkey, &avdatum);
if (rc) {
if (rc == ENOMEM)
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/avtab.h#2 (text+ko) ====
@@ -7,6 +7,16 @@
*
* Author : Stephen Smalley, <sds at epoch.ncsc.mil>
*/
+
+/* Updated: Frank Mayer <mayerf at tresys.com> and Karl MacMillan <kmacmillan at tresys.com>
+ *
+ * Added conditional policy language extensions
+ *
+ * Copyright (C) 2003 Tresys Technology, LLC
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, version 2.
+ */
#ifndef _SS_AVTAB_H_
#define _SS_AVTAB_H_
@@ -27,6 +37,7 @@
#define AVTAB_MEMBER 32
#define AVTAB_CHANGE 64
#define AVTAB_TYPE (AVTAB_TRANSITION | AVTAB_MEMBER | AVTAB_CHANGE)
+#define AVTAB_ENABLED 0x80000000 /* reserved for used in cond_avtab */
u32 specified; /* what fields are specified */
access_vector_t data[3]; /* access vectors or types */
#define avtab_allowed(x) (x)->data[0]
@@ -58,8 +69,19 @@
void *args),
void *args);
void avtab_hash_eval(struct avtab *h, char *tag);
+
+int avtab_read_item(void *fp, struct avtab_datum *avdatum, struct avtab_key *avkey);
int avtab_read(struct avtab *a, void *fp, u32 config);
+struct avtab_node *avtab_insert_nonunique(struct avtab *h, struct avtab_key *key,
+ struct avtab_datum *datum);
+
+struct avtab_node *avtab_search_node(struct avtab *h, struct avtab_key *key, int specified);
+
+struct avtab_node *avtab_search_node_next(struct avtab_node *node, int specified);
+
+void avtab_cache_init(void);
+
#define AVTAB_HASH_BITS 15
#define AVTAB_HASH_BUCKETS (1 << AVTAB_HASH_BITS)
#define AVTAB_HASH_MASK (AVTAB_HASH_BUCKETS-1)
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/constraint.h#2 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/context.h#2 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/ebitmap.c#2 (text+ko) ====
@@ -21,7 +21,7 @@
n1 = e1->node;
n2 = e2->node;
- prev = 0;
+ prev = NULL;
while (n1 || n2) {
new = kmalloc(sizeof(*new), GFP_ATOMIC);
if (!new) {
@@ -44,7 +44,7 @@
n2 = n2->next;
}
- new->next = 0;
+ new->next = NULL;
if (prev)
prev->next = new;
else
@@ -94,7 +94,7 @@
memset(new, 0, sizeof(*new));
new->startbit = n->startbit;
new->map = n->map;
- new->next = 0;
+ new->next = NULL;
if (prev)
prev->next = new;
else
@@ -159,7 +159,7 @@
{
struct ebitmap_node *n, *prev, *new;
- prev = 0;
+ prev = NULL;
n = e->node;
while (n && n->startbit <= bit) {
if ((n->startbit + MAPSIZE) > bit) {
@@ -235,7 +235,7 @@
}
e->highbit = 0;
- e->node = 0;
+ e->node = NULL;
return;
}
@@ -257,8 +257,8 @@
count = le32_to_cpu(buf[2]);
if (mapsize != MAPSIZE) {
- printk(KERN_ERR "security: ebitmap: map size %d does not "
- "match my size %d (high bit was %d)\n", mapsize,
+ printk(KERN_ERR "security: ebitmap: map size %u does not "
+ "match my size %Zd (high bit was %d)\n", mapsize,
MAPSIZE, e->highbit);
goto out;
}
@@ -268,7 +268,7 @@
}
if (e->highbit & (MAPSIZE - 1)) {
printk(KERN_ERR "security: ebitmap: high bit (%d) is not a "
- "multiple of the map size (%d)\n", e->highbit, MAPSIZE);
+ "multiple of the map size (%Zd)\n", e->highbit, MAPSIZE);
goto bad;
}
l = NULL;
@@ -290,13 +290,13 @@
if (n->startbit & (MAPSIZE - 1)) {
printk(KERN_ERR "security: ebitmap start bit (%d) is "
- "not a multiple of the map size (%d)\n",
+ "not a multiple of the map size (%Zd)\n",
n->startbit, MAPSIZE);
goto bad_free;
}
if (n->startbit > (e->highbit - MAPSIZE)) {
printk(KERN_ERR "security: ebitmap start bit (%d) is "
- "beyond the end of the bitmap (%d)\n",
+ "beyond the end of the bitmap (%Zd)\n",
n->startbit, (e->highbit - MAPSIZE));
goto bad_free;
}
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/ebitmap.h#2 (text+ko) ====
@@ -56,7 +56,7 @@
static inline void ebitmap_init(struct ebitmap *e)
{
- bzero(e, sizeof(*e));
+ memset(e, 0, sizeof(*e));
}
int ebitmap_cmp(struct ebitmap *e1, struct ebitmap *e2);
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/fileutils.c#2 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/fileutils.h#2 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/global.h#2 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/hashtab.c#2 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/hashtab.h#2 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/init.c#2 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/policydb.c#2 (text+ko) ====
@@ -4,6 +4,16 @@
* Author : Stephen Smalley, <sds at epoch.ncsc.mil>
*/
+/* Updated: Frank Mayer <mayerf at tresys.com> and Karl MacMillan <kmacmillan at tresys.com>
+ *
+ * Added conditional policy language extensions
+ *
+ * Copyright (C) 2003 - 2004 Tresys Technology, LLC
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, version 2.
+ */
+
#if defined(__FreeBSD__) && defined(_KERNEL)
#include <sys/param.h>
#include <sys/conf.h>
@@ -26,26 +36,74 @@
"classes",
"roles",
"types",
- "users"
+ "users",
mls_symtab_names
+ "bools"
};
#endif
+int policydb_loaded_version;
+
static unsigned int symtab_sizes[SYM_NUM] = {
2,
32,
16,
512,
- 128
+ 128,
mls_symtab_sizes
+ 16
+};
+
+struct policydb_compat_info {
+ int version;
+ int sym_num;
+ int ocon_num;
+};
+
+/* These need to be updated if SYM_NUM or OCON_NUM changes */
+static struct policydb_compat_info policydb_compat[] = {
+ {
+ .version = POLICYDB_VERSION_BASE,
+ .sym_num = SYM_NUM - 1,
+ .ocon_num = OCON_NUM - 1,
+ },
+ {
+ .version = POLICYDB_VERSION_BOOL,
+ .sym_num = SYM_NUM,
+ .ocon_num = OCON_NUM - 1,
+ },
+ {
+ .version = POLICYDB_VERSION_IPV6,
+ .sym_num = SYM_NUM,
+ .ocon_num = OCON_NUM,
+ },
+ {
+ .version = POLICYDB_VERSION_NLCLASS,
+ .sym_num = SYM_NUM,
+ .ocon_num = OCON_NUM,
+ },
};
+static struct policydb_compat_info *policydb_lookup_compat(int version)
+{
+ int i;
+ struct policydb_compat_info *info = NULL;
+
+ for (i = 0; i < sizeof(policydb_compat)/sizeof(*info); i++) {
+ if (policydb_compat[i].version == version) {
+ info = &policydb_compat[i];
+ break;
+ }
+ }
+ return info;
+}
+
/*
* Initialize the role table.
*/
int roles_init(struct policydb *p)
{
- char *key = 0;
+ char *key = NULL;
int rc;
struct role_datum *role;
@@ -102,6 +160,10 @@
if (rc)
goto out_free_avtab;
+ rc = cond_policydb_init(p);
+ if (rc)
+ goto out_free_avtab;
+
out:
return rc;
@@ -131,6 +193,8 @@
comdatum = datum;
p = datap;
+ if (!comdatum->value || comdatum->value > p->p_commons.nprim)
+ return EINVAL;
p->p_common_val_to_name[comdatum->value - 1] = key;
return 0;
}
@@ -142,6 +206,8 @@
cladatum = datum;
p = datap;
+ if (!cladatum->value || cladatum->value > p->p_classes.nprim)
+ return EINVAL;
p->p_class_val_to_name[cladatum->value - 1] = key;
p->class_val_to_struct[cladatum->value - 1] = cladatum;
return 0;
@@ -154,6 +220,8 @@
role = datum;
p = datap;
+ if (!role->value || role->value > p->p_roles.nprim)
+ return EINVAL;
p->p_role_val_to_name[role->value - 1] = key;
p->role_val_to_struct[role->value - 1] = role;
return 0;
@@ -167,8 +235,11 @@
typdatum = datum;
p = datap;
- if (typdatum->primary)
+ if (typdatum->primary) {
+ if (!typdatum->value || typdatum->value > p->p_types.nprim)
+ return EINVAL;
p->p_type_val_to_name[typdatum->value - 1] = key;
+ }
return 0;
>>> TRUNCATED FOR MAIL (1000 lines) <<<
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list