From owner-p4-projects@FreeBSD.ORG Sun Dec 14 17:41:05 2003 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 2957B16A4D0; Sun, 14 Dec 2003 17:41:05 -0800 (PST) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 03F9C16A4CE for ; Sun, 14 Dec 2003 17:41:05 -0800 (PST) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id C422843D2D for ; Sun, 14 Dec 2003 17:41:02 -0800 (PST) (envelope-from cvance@nailabs.com) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.9/8.12.9) with ESMTP id hBF1f2XJ001736 for ; Sun, 14 Dec 2003 17:41:02 -0800 (PST) (envelope-from cvance@nailabs.com) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.9/8.12.9/Submit) id hBF1f2mu001733 for perforce@freebsd.org; Sun, 14 Dec 2003 17:41:02 -0800 (PST) (envelope-from cvance@nailabs.com) Date: Sun, 14 Dec 2003 17:41:02 -0800 (PST) Message-Id: <200312150141.hBF1f2mu001733@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to cvance@nailabs.com using -f From: Chris Vance To: Perforce Change Reviews Subject: PERFORCE change 43936 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Dec 2003 01:41:05 -0000 http://perforce.freebsd.org/chv.cgi?CH=43936 Change 43936 by cvance@cvance_release on 2003/12/14 17:40:25 Add file ioctl entry point and SEBSD implementation... Affected files ... .. //depot/projects/trustedbsd/sebsd/sys/kern/sys_generic.c#8 edit .. //depot/projects/trustedbsd/sebsd/sys/security/mac/mac_file.c#4 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#29 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/sys/kern/sys_generic.c#8 (text+ko) ==== @@ -584,6 +584,14 @@ mtx_unlock(&Giant); return (EBADF); } +#ifdef MAC + error = mac_check_file_ioctl(td->td_ucred, fp, uap->com); + if (error) { + fdrop(fp, td); + mtx_unlock(&Giant); + return (error); + } +#endif fdp = td->td_proc->p_fd; switch (com = uap->com) { case FIONCLEX: ==== //depot/projects/trustedbsd/sebsd/sys/security/mac/mac_file.c#4 (text+ko) ==== ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#29 (text+ko) ==== @@ -49,6 +49,7 @@ #include #include #include +#include #include #include #include @@ -511,7 +512,6 @@ static void sebsd_create_cred(struct ucred *cred_parent, struct ucred *cred_child) { - int rc; struct task_security_struct *parent, *task; parent = SLOT(cred_parent->cr_label); @@ -1971,6 +1971,27 @@ FD__CREATE, NULL)); } +static int +sebsd_check_file_ioctl(struct ucred *cred, struct file *fp, + struct label *fplabel, u_long com) +{ + struct task_security_struct *tsec; + struct file_security_struct *fsec; + int error; + + tsec = SLOT(cred->cr_label); + fsec = SLOT(fplabel); + + error = avc_has_perm_audit(tsec->sid, fsec->sid, SECCLASS_FD, + FD__USE, NULL); + if (error) + return (error); + if (fp->f_type != DTYPE_VNODE) + return (0); + + return (vnode_has_perm(cred, fp->f_vnode, FILE__IOCTL, NULL)); +} + /* * Simplify all other fd permissions to just "use" for now. The ones we * implement in SEBSD roughly correlate to the SELinux FD__USE permissions, @@ -2442,10 +2463,11 @@ .mpo_check_cap = sebsd_check_cap, .mpo_check_cred_relabel = sebsd_check_cred_relabel, .mpo_check_file_create = sebsd_check_file_create, + .mpo_check_file_ioctl = sebsd_check_file_ioctl, + /* .mpo_check_file_dup .mpo_check_file_inherit - .mpo_check_file_ioctl .mpo_check_file_receive */ .mpo_check_file_get_flags = sebsd_check_file_get_flags,