PERFORCE change 113319 for review

Todd Miller millert at FreeBSD.org
Mon Jan 22 15:11:41 UTC 2007 

http://perforce.freebsd.org/chv.cgi?CH=113319

Change 113319 by millert at millert_macbook on 2007/01/22 15:10:57

	- Add entry points for vnode_check_{list, delete}extattr
	- Add a comment to vnode_check_set, it doesn't look complete

Affected files ...

.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#58 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#58 (text+ko) ====

@@ -2086,6 +2086,34 @@
 	return (vnode_has_perm(cred, vp, NULL, FILE__GETATTR));
 }
 
+static int
+sebsd_vnode_check_listextattr(struct ucred *cred, struct vnode *vp,
+    struct label *label)
+{
+
+	return (vnode_has_perm(cred, vp, NULL, FILE__GETATTR));
+}
+
+static int
+sebsd_vnode_check_deleteextattr(struct ucred *cred, struct vnode *vp,
+    struct label *label, const char *name)
+{
+
+	/*
+	 * Our policy labels may not be removed.  
+	 * Labels may be changed, but all files must be labeled.
+	 */
+	if (bcmp(name, SEBSD_MAC_EXTATTR_NAME,
+	    sizeof(SEBSD_MAC_EXTATTR_NAME)) == 0)
+		return (EPERM);
+
+	/* 
+	 * Otherwise, it's not a recognized attribute and we do as
+	 * SELinux does and check ordinary setattr permissions.
+	 */
+	return (vnode_has_perm(cred, vp, NULL, FILE__SETATTR));
+}
+
 #if defined(FILE__POLL) && defined(FILE__GETATTR)
 static int
 sebsd_vnode_check_kqfilter(struct ucred *cred, struct ucred *file_cred,
@@ -2386,6 +2414,14 @@
     struct label *label, const char *name, struct uio *uio)
 {
 
+	/*
+	 * XXX - This doesn't look like we're checking enough 
+	 * update_extattr doesn't actually check any permissions,
+	 * it's called too late.
+	 *
+	 * If the 'name' belongs to our policy, we should make sure
+	 * the new value is valid and permitted.
+	 */
 	return (vnode_has_perm(cred, vp, NULL, FILE__SETATTR));
 }
 
@@ -3513,6 +3549,7 @@
 	.mpo_vnode_check_chdir = sebsd_vnode_check_chdir,
 	.mpo_vnode_check_chroot = sebsd_vnode_check_chroot,
 	.mpo_vnode_check_create = sebsd_vnode_check_create,
+	.mpo_vnode_check_deleteextattr = sebsd_vnode_check_deleteextattr,
 	.mpo_vnode_check_exchangedata = sebsd_vnode_check_exchangedata,
 	.mpo_vnode_check_exec = sebsd_vnode_check_exec,
 	.mpo_vnode_check_getattrlist = sebsd_vnode_check_getattrlist,
@@ -3520,6 +3557,7 @@
 	.mpo_vnode_check_ioctl = sebsd_vnode_check_ioctl,
 	.mpo_vnode_check_label_update = sebsd_vnode_check_label_update,
 	.mpo_vnode_check_link = sebsd_vnode_check_link,
+	.mpo_vnode_check_listextattr = sebsd_vnode_check_listextattr,
 	.mpo_vnode_check_lookup = sebsd_vnode_check_lookup,
 	.mpo_vnode_check_open = sebsd_vnode_check_open,
 	.mpo_vnode_check_read = sebsd_vnode_check_read,

More information about the trustedbsd-cvs mailing list