PERFORCE change 113351 for review

Todd Miller millert at FreeBSD.org
Mon Jan 22 16:10:23 UTC 2007 

http://perforce.freebsd.org/chv.cgi?CH=113351

Change 113351 by millert at millert_macbook on 2007/01/22 16:08:54

	Modify the mac_vnode_check_exec() API to take struct
	image_params instead of the label.  The Framework should
	pull the label out of the object itself.  Also add a struct
	componentname pointer to mpo_vnode_check_exec to avoid a
	call to vn_getpath().

Affected files ...

.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/bsd/kern/kern_exec.c#7 edit
.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/bsd/sys/Makefile#2 edit
.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_framework.h#35 edit
.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_policy.h#44 edit
.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_vfs.c#25 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#71 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/bsd/kern/kern_exec.c#7 (text+ko) ====


==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/bsd/sys/Makefile#2 (text+ko) ====

@@ -56,7 +56,7 @@
 	errno.h ev.h event.h fcntl.h file.h filedesc.h filio.h \
 	ioccom.h ioctl.h ipc.h \
 	ioctl_compat.h  kernel.h kernel_types.h kern_event.h lctx.h lock.h lockf.h \
-	kauth.h kdebug.h  md5.h kern_control.h malloc.h namei.h \
+	kauth.h kdebug.h  md5.h kern_control.h imgact.h malloc.h namei.h \
 	mman.h mbuf.h mount.h  mtio.h netport.h param.h paths.h \
 	proc.h  queue.h quota.h random.h resource.h resourcevar.h \
 	sbuf.h posix_sem.h posix_shm.h sem.h shm.h \

==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_framework.h#35 (text+ko) ====

@@ -61,6 +61,7 @@
 struct fileglob;
 struct ifnet;
 struct ifreq;
+struct image_params;
 struct inpcb;
 struct ipq;
 struct lctx;
@@ -373,7 +374,7 @@
 int	mac_vnode_check_exchangedata(struct ucred *cred, struct vnode *v1,
 	    struct vnode *v2);
 int	mac_vnode_check_exec(struct ucred *cred, struct vnode *vp,
-	    struct label *execlabel);
+	    struct image_params *imgp);
 int     mac_vnode_check_getattrlist(struct ucred *cred, struct vnode *vp,
 	    struct attrlist *alist);
 int	mac_vnode_check_getextattr(struct ucred *cred, struct vnode *vp,

==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_policy.h#44 (text+ko) ====

@@ -4487,6 +4487,7 @@
   @param vp Object vnode to execute
   @param label Policy label for vp
   @param execlabel Userspace provided execution label
+  @param cnp Component name for file being executed
 
   Determine whether the subject identified by the credential can execute
   the passed vnode. Determination of execute privilege is made separately
@@ -4505,7 +4506,8 @@
 	struct ucred *cred,
 	struct vnode *vp,
 	struct label *label,
-	struct label *execlabel		/* NULLOK */
+	struct label *execlabel,	/* NULLOK */
+	struct componentname *cnp
 );
 /**
   @brief Access control check for retrieving file attributes

==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_vfs.c#25 (text+ko) ====

@@ -42,6 +42,7 @@
 #include <sys/kauth.h>
 
 #include <sys/file_internal.h>
+#include <sys/imgact.h>
 #include <sys/namei.h>
 #include <sys/mount_internal.h>
 #include <sys/pipe.h>
@@ -462,11 +463,13 @@
 }
 
 int
-mac_vnode_check_exec(struct ucred *cred, struct vnode *vp, struct label *execl)
+mac_vnode_check_exec(struct ucred *cred, struct vnode *vp,
+    struct image_params *imgp)
 {
 	int error;
 
-	MAC_CHECK(vnode_check_exec, cred, vp, vp->v_label, execl);
+	MAC_CHECK(vnode_check_exec, cred, vp, vp->v_label,
+	    imgp->ip_execlabelp, &imgp->ip_ndp->ni_cnd);
 
 	return (error);
 }

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#71 (text+ko) ====

@@ -2046,7 +2046,7 @@
 
 static int
 sebsd_vnode_check_exec(struct ucred *cred, struct vnode *vp,
-    struct label *label, struct label *execlabel)
+    struct label *label, struct label *execlabel, struct componentname *cnp)
 {
 	struct task_security_struct *task;
 	struct vnode_security_struct *file;
@@ -2067,6 +2067,8 @@
 
 	AVC_AUDIT_DATA_INIT(&ad, FS);
 	ad.u.fs.vp = vp;
+	ad.u.fs.path = cnp->cn_pnbuf;
+	ad.u.fs.pathlen = cnp->cn_nameptr - cnp->cn_pnbuf + cnp->cn_namelen;
 
 	if (newsid == task->sid) {
 		rc = avc_has_perm(task->sid, file->sid, SECCLASS_FILE,

More information about the trustedbsd-cvs mailing list