PERFORCE change 108512 for review

Todd Miller millert at FreeBSD.org
Thu Oct 26 19:23:45 UTC 2006


http://perforce.freebsd.org/chv.cgi?CH=108512

Change 108512 by millert at millert_macbook on 2006/10/26 19:22:30

	Resolve a problem in error handling.  A vnode is not labeled
	if mac_vnode_label_associate_extattr() returns non-zero.
	Add comments regarding edge cases (label failure with waiting
	processes).  Alter the MLS policy to handle policy errors
	in a useful manner.  Some refinement may be required.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_vfs_subr.c#6 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/mls/mac_mls.c#16 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_vfs_subr.c#6 (text+ko) ====

@@ -49,7 +49,8 @@
 			error = mac_vnode_label_associate_extattr(mp, vp);
 		vnode_lock(vp);
 
-		vp->v_lflag |= VL_LABELED;
+		if (error == 0)
+			vp->v_lflag |= VL_LABELED;
 		vp->v_lflag &= ~VL_LABEL;
 		if (vp->v_lflag & VL_LABELWAIT) {
 			vp->v_lflag &= ~VL_LABELWAIT;
@@ -68,6 +69,7 @@
 				"vnode_label", &ts);
 		if (error == EWOULDBLOCK)
 			vprint("vnode label timeout", vp);
+		/* XXX: what should be done if labeling failed (above)? */
 		vnode_put(vp);
 		return (error);
 	}
@@ -98,7 +100,8 @@
 		error = mac_vnode_label_associate_extattr(vnode_mount(vp), vp);
 		vnode_lock(vp);
 
-		vp->v_lflag |= VL_LABELED;
+		if (error == 0)
+			vp->v_lflag |= VL_LABELED;
 		vp->v_lflag &= ~VL_LABEL;
 		if (vp->v_lflag & VL_LABELWAIT) {
 			vp->v_lflag &= ~VL_LABELWAIT;
@@ -109,7 +112,7 @@
 	if (vp->v_lflag & VL_LABEL) {
 		vp->v_lflag |= VL_LABELWAIT;
 		(void)msleep(vp->v_label, &vp->v_lock, PVFS, "vnode_label", 0);
-
+		/* XXX: what should be done if labeling failed (above)? */
 	}
 
 	return (error);

==== //depot/projects/trustedbsd/sedarwin8/policies/mls/mac_mls.c#16 (text+ko) ====

@@ -1204,9 +1204,7 @@
 	error = mac_vnop_getxattr(vp, MAC_MLS_EXTATTR_NAME,
 				  (char *)&temp, sizeof(temp), &buflen);
 	if (error == ENOATTR || error == ENOTSUP || error == EPERM) {
-		/* Fall back to the mntlabel. */
-		mac_mls_copy_effective(source, dest);
-		return (0);
+		goto fallback;
 	} else if (error)
 		return (error);
 
@@ -1214,20 +1212,28 @@
 		printf("mac_mls_vnode_label_associate_extattr: bad size %d\n",
 		    buflen);
 		MLS_MESSAGE("mac_mls_vnode_label_associate_extattr : EPERM\n");
-		return (EPERM);
+		goto badlabel;
 	}
 	if (mac_mls_valid(&temp) != 0) {
 		printf("mac_mls_vnode_label_associate_extattr: invalid\n");
 		MLS_MESSAGE("mac_mls_vnode_label_associate_extattr : EPERM\n");
-		return (EPERM);
+		goto badlabel;
 	}
 	if ((temp.mm_flags & MAC_MLS_FLAGS_BOTH) != MAC_MLS_FLAG_EFFECTIVE) {
 		printf("mac_mls_associated_vnode_extattr: not effective\n");
-		MLS_RETURN (EPERM);
+		goto badlabel;
 	}
 
 	mac_mls_copy_effective(&temp, dest);
 	return (0);
+
+badlabel:
+	/* Clear the invalid/bad label. */
+	mac_vnop_removexattr(vp, MAC_MLS_EXTATTR_NAME);
+fallback:
+	/* Fall back to the mntlabel. */
+	mac_mls_copy_effective(source, dest);
+	return (0);
 }
 
 static int


More information about the trustedbsd-cvs mailing list