PERFORCE change 108512 for review
Todd Miller
millert at FreeBSD.org
Thu Oct 26 19:23:45 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=108512
Change 108512 by millert at millert_macbook on 2006/10/26 19:22:30
Resolve a problem in error handling. A vnode is not labeled
if mac_vnode_label_associate_extattr() returns non-zero.
Add comments regarding edge cases (label failure with waiting
processes). Alter the MLS policy to handle policy errors
in a useful manner. Some refinement may be required.
Affected files ...
.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_vfs_subr.c#6 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/mls/mac_mls.c#16 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_vfs_subr.c#6 (text+ko) ====
@@ -49,7 +49,8 @@
error = mac_vnode_label_associate_extattr(mp, vp);
vnode_lock(vp);
- vp->v_lflag |= VL_LABELED;
+ if (error == 0)
+ vp->v_lflag |= VL_LABELED;
vp->v_lflag &= ~VL_LABEL;
if (vp->v_lflag & VL_LABELWAIT) {
vp->v_lflag &= ~VL_LABELWAIT;
@@ -68,6 +69,7 @@
"vnode_label", &ts);
if (error == EWOULDBLOCK)
vprint("vnode label timeout", vp);
+ /* XXX: what should be done if labeling failed (above)? */
vnode_put(vp);
return (error);
}
@@ -98,7 +100,8 @@
error = mac_vnode_label_associate_extattr(vnode_mount(vp), vp);
vnode_lock(vp);
- vp->v_lflag |= VL_LABELED;
+ if (error == 0)
+ vp->v_lflag |= VL_LABELED;
vp->v_lflag &= ~VL_LABEL;
if (vp->v_lflag & VL_LABELWAIT) {
vp->v_lflag &= ~VL_LABELWAIT;
@@ -109,7 +112,7 @@
if (vp->v_lflag & VL_LABEL) {
vp->v_lflag |= VL_LABELWAIT;
(void)msleep(vp->v_label, &vp->v_lock, PVFS, "vnode_label", 0);
-
+ /* XXX: what should be done if labeling failed (above)? */
}
return (error);
==== //depot/projects/trustedbsd/sedarwin8/policies/mls/mac_mls.c#16 (text+ko) ====
@@ -1204,9 +1204,7 @@
error = mac_vnop_getxattr(vp, MAC_MLS_EXTATTR_NAME,
(char *)&temp, sizeof(temp), &buflen);
if (error == ENOATTR || error == ENOTSUP || error == EPERM) {
- /* Fall back to the mntlabel. */
- mac_mls_copy_effective(source, dest);
- return (0);
+ goto fallback;
} else if (error)
return (error);
@@ -1214,20 +1212,28 @@
printf("mac_mls_vnode_label_associate_extattr: bad size %d\n",
buflen);
MLS_MESSAGE("mac_mls_vnode_label_associate_extattr : EPERM\n");
- return (EPERM);
+ goto badlabel;
}
if (mac_mls_valid(&temp) != 0) {
printf("mac_mls_vnode_label_associate_extattr: invalid\n");
MLS_MESSAGE("mac_mls_vnode_label_associate_extattr : EPERM\n");
- return (EPERM);
+ goto badlabel;
}
if ((temp.mm_flags & MAC_MLS_FLAGS_BOTH) != MAC_MLS_FLAG_EFFECTIVE) {
printf("mac_mls_associated_vnode_extattr: not effective\n");
- MLS_RETURN (EPERM);
+ goto badlabel;
}
mac_mls_copy_effective(&temp, dest);
return (0);
+
+badlabel:
+ /* Clear the invalid/bad label. */
+ mac_vnop_removexattr(vp, MAC_MLS_EXTATTR_NAME);
+fallback:
+ /* Fall back to the mntlabel. */
+ mac_mls_copy_effective(source, dest);
+ return (0);
}
static int
More information about the trustedbsd-cvs
mailing list