PERFORCE change 109934 for review
Todd Miller
millert at FreeBSD.org
Tue Nov 14 16:21:34 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=109934
Change 109934 by millert at millert_g5tower on 2006/11/14 16:10:13
Add a pathlen parameter to the filesystem audit info. This
lets us use the component path name in a more useful manner.
At the same time, be mindful of whether the path refers to
a directory or a file in the directory and adjust the length
accordingly.
Affected files ...
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/avc/avc.c#8 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/avc/avc.h#6 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#31 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/avc/avc.c#8 (text+ko) ====
@@ -708,6 +708,7 @@
if (a->u.fs.vp && tsk) {
char *pbuf = NULL;
char *path = a->u.fs.path;
+ int pathlen = a->u.fs.pathlen;
struct vnode *vp = a->u.fs.vp;
struct vnode_attr va;
struct vfs_context vfs_ctx =
@@ -719,22 +720,26 @@
"mountpoint=%s,", va.va_fileid,
vp->v_mount->mnt_vfsstat.f_mntonname);
if (path == NULL) {
- int len = MAXPATHLEN;
+ pathlen = MAXPATHLEN;
pbuf = sebsd_malloc(MAXPATHLEN,
M_SEBSD, M_NOWAIT);
if (pbuf != NULL &&
- !vn_getpath(vp, pbuf, &len))
+ !vn_getpath(vp, pbuf, &pathlen)) {
path = pbuf;
+ pathlen--; /* for NUL */
+ }
}
- if (path != NULL)
+ if (path != NULL) {
audit_log_format(ab,
- " path=%s,", path);
+ " path=%.*s,", pathlen,
+ path);
+ }
if (pbuf != NULL)
sebsd_free(pbuf, M_SEBSD);
- break;
+ } else {
+ audit_log_format(ab,
+ " fs/inode info not available");
}
- audit_log_format(ab,
- " fs/inode info not available");
}
break;
case AVC_AUDIT_DATA_NET:
==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/avc/avc.h#6 (text+ko) ====
@@ -50,6 +50,7 @@
struct {
struct vnode *vp;
char *path;
+ int pathlen;
} fs;
struct {
char *netif;
==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#31 (text+ko) ====
@@ -440,7 +440,8 @@
}
static int
-vnode_has_perm(struct ucred *cred, struct vnode *vp, char *path, u_int32_t perm)
+vnode_has_perm(struct ucred *cred, struct vnode *vp, struct componentname *cnp,
+ u_int32_t perm)
{
struct task_security_struct *task;
struct vnode_security_struct *file;
@@ -451,7 +452,12 @@
AVC_AUDIT_DATA_INIT(&ad, FS);
ad.u.fs.vp = vp;
- ad.u.fs.path = path;
+ if (cnp != NULL) {
+ ad.u.fs.path = cnp->cn_pnbuf;
+ ad.u.fs.pathlen = cnp->cn_nameptr - cnp->cn_pnbuf - 1;
+ if ((perm & DIR__SEARCH) == 0)
+ ad.u.fs.pathlen += 1 + cnp->cn_namelen;
+ }
/* Update security class if not set or vnode was recycled. */
if (file->sclass == 0 || vp->v_type == VBAD)
@@ -1997,6 +2003,7 @@
AVC_AUDIT_DATA_INIT(&ad, FS);
ad.u.fs.vp = dvp;
ad.u.fs.path = cnp->cn_pnbuf;
+ ad.u.fs.pathlen = cnp->cn_nameptr - cnp->cn_pnbuf - 1;
rc = avc_has_perm(task->sid, dir->sid, SECCLASS_DIR,
DIR__ADD_NAME | DIR__SEARCH, &ad);
@@ -2007,6 +2014,7 @@
if (rc)
return (rc);
+ ad.u.fs.pathlen += 1 + cnp->cn_namelen;
rc = avc_has_perm(task->sid, newsid, tclass, FILE__CREATE, &ad);
if (rc)
return (rc);
@@ -2026,11 +2034,9 @@
#endif
rc = avc_has_perm(newsid, sbsec->sid,
SECCLASS_FILESYSTEM, FILESYSTEM__ASSOCIATE, &ad);
- if (rc)
- return (rc);
}
- return (0);
+ return (rc);
}
static int
@@ -2054,6 +2060,7 @@
AVC_AUDIT_DATA_INIT(&ad, FS);
ad.u.fs.vp = vp;
ad.u.fs.path = cnp->cn_pnbuf;
+ ad.u.fs.pathlen = cnp->cn_nameptr - cnp->cn_pnbuf - 1;
rc = avc_has_perm(task->sid, dir->sid, SECCLASS_DIR,
DIR__SEARCH | DIR__REMOVE_NAME, &ad);
@@ -2065,6 +2072,7 @@
else
av = FILE__UNLINK;
+ ad.u.fs.pathlen += 1 + cnp->cn_namelen;
rc = avc_has_perm(task->sid, file->sid, file->sclass, av, &ad);
return (rc);
@@ -2212,16 +2220,18 @@
AVC_AUDIT_DATA_INIT(&ad, FS);
ad.u.fs.vp = vp;
ad.u.fs.path = cnp->cn_pnbuf;
+ ad.u.fs.pathlen = cnp->cn_nameptr - cnp->cn_pnbuf - 1;
rc = avc_has_perm(task->sid, dir->sid, SECCLASS_DIR,
DIR__SEARCH | DIR__ADD_NAME, &ad);
if (rc)
return (rc);
+ ad.u.fs.pathlen += 1 + cnp->cn_namelen;
rc = avc_has_perm(task->sid, file->sid, file->sclass,
FILE__LINK, &ad);
- return (0);
+ return (rc);
}
static int
@@ -2232,7 +2242,7 @@
return (ENOTDIR);
/* TBD: DIR__READ as well? */
- return (vnode_has_perm(cred, dvp, cnp->cn_pnbuf, DIR__SEARCH));
+ return (vnode_has_perm(cred, dvp, cnp, DIR__SEARCH));
}
static int
@@ -2348,6 +2358,7 @@
AVC_AUDIT_DATA_INIT(&ad, FS);
ad.u.fs.vp = vp;
ad.u.fs.path = cnp->cn_pnbuf;
+ ad.u.fs.pathlen = cnp->cn_nameptr - cnp->cn_pnbuf - 1;
rc = avc_has_perm(task->sid, old_dir->sid, SECCLASS_DIR,
DIR__REMOVE_NAME | DIR__SEARCH, &ad);
@@ -2359,8 +2370,9 @@
return (0); /* TBD: debugging */
}
- rc = avc_has_perm(task->sid, old_file->sid,
- old_file->sclass, FILE__RENAME, &ad);
+ ad.u.fs.pathlen += 1 + cnp->cn_namelen;
+ rc = avc_has_perm(task->sid, old_file->sid, old_file->sclass,
+ FILE__RENAME, &ad);
if (rc)
return (rc);
@@ -2407,28 +2419,25 @@
AVC_AUDIT_DATA_INIT(&ad, FS);
ad.u.fs.vp = vp;
ad.u.fs.path = cnp->cn_pnbuf;
+ ad.u.fs.pathlen = cnp->cn_nameptr - cnp->cn_pnbuf - 1;
- rc = avc_has_perm(task->sid, new_dir->sid, SECCLASS_DIR, av, NULL);
- if (rc)
- return (rc);
-
- if (vp) {
+ rc = avc_has_perm(task->sid, new_dir->sid, SECCLASS_DIR, av, &ad);
+ if (rc == 0 && vp != NULL) {
if (new_file->sclass == 0) {
printf("%s: ERROR, sid=%d, sclass=0, v_type=%d\n",
__func__, new_file->sid, vp->v_type);
return (0); /* TBD: debugging */
}
+ ad.u.fs.pathlen += 1 + cnp->cn_namelen;
if (vp->v_type == VDIR)
rc = avc_has_perm(task->sid, new_file->sid,
new_file->sclass, DIR__RMDIR, NULL);
else
rc = avc_has_perm(task->sid, new_file->sid,
new_file->sclass, FILE__UNLINK, NULL);
- if (rc)
- return (rc);
}
- return (0);
+ return (rc);
}
static int
More information about the trustedbsd-cvs
mailing list