Date: Thu, 26 Oct 2006 19:23:32 GMT From: Todd Miller <millert@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 108512 for review Message-ID: <200610261923.k9QJNWTi078540@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=108512 Change 108512 by millert@millert_macbook on 2006/10/26 19:22:30 Resolve a problem in error handling. A vnode is not labeled if mac_vnode_label_associate_extattr() returns non-zero. Add comments regarding edge cases (label failure with waiting processes). Alter the MLS policy to handle policy errors in a useful manner. Some refinement may be required. Affected files ... .. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_vfs_subr.c#6 edit .. //depot/projects/trustedbsd/sedarwin8/policies/mls/mac_mls.c#16 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_vfs_subr.c#6 (text+ko) ==== @@ -49,7 +49,8 @@ error = mac_vnode_label_associate_extattr(mp, vp); vnode_lock(vp); - vp->v_lflag |= VL_LABELED; + if (error == 0) + vp->v_lflag |= VL_LABELED; vp->v_lflag &= ~VL_LABEL; if (vp->v_lflag & VL_LABELWAIT) { vp->v_lflag &= ~VL_LABELWAIT; @@ -68,6 +69,7 @@ "vnode_label", &ts); if (error == EWOULDBLOCK) vprint("vnode label timeout", vp); + /* XXX: what should be done if labeling failed (above)? */ vnode_put(vp); return (error); } @@ -98,7 +100,8 @@ error = mac_vnode_label_associate_extattr(vnode_mount(vp), vp); vnode_lock(vp); - vp->v_lflag |= VL_LABELED; + if (error == 0) + vp->v_lflag |= VL_LABELED; vp->v_lflag &= ~VL_LABEL; if (vp->v_lflag & VL_LABELWAIT) { vp->v_lflag &= ~VL_LABELWAIT; @@ -109,7 +112,7 @@ if (vp->v_lflag & VL_LABEL) { vp->v_lflag |= VL_LABELWAIT; (void)msleep(vp->v_label, &vp->v_lock, PVFS, "vnode_label", 0); - + /* XXX: what should be done if labeling failed (above)? */ } return (error); ==== //depot/projects/trustedbsd/sedarwin8/policies/mls/mac_mls.c#16 (text+ko) ==== @@ -1204,9 +1204,7 @@ error = mac_vnop_getxattr(vp, MAC_MLS_EXTATTR_NAME, (char *)&temp, sizeof(temp), &buflen); if (error == ENOATTR || error == ENOTSUP || error == EPERM) { - /* Fall back to the mntlabel. */ - mac_mls_copy_effective(source, dest); - return (0); + goto fallback; } else if (error) return (error); @@ -1214,20 +1212,28 @@ printf("mac_mls_vnode_label_associate_extattr: bad size %d\n", buflen); MLS_MESSAGE("mac_mls_vnode_label_associate_extattr : EPERM\n"); - return (EPERM); + goto badlabel; } if (mac_mls_valid(&temp) != 0) { printf("mac_mls_vnode_label_associate_extattr: invalid\n"); MLS_MESSAGE("mac_mls_vnode_label_associate_extattr : EPERM\n"); - return (EPERM); + goto badlabel; } if ((temp.mm_flags & MAC_MLS_FLAGS_BOTH) != MAC_MLS_FLAG_EFFECTIVE) { printf("mac_mls_associated_vnode_extattr: not effective\n"); - MLS_RETURN (EPERM); + goto badlabel; } mac_mls_copy_effective(&temp, dest); return (0); + +badlabel: + /* Clear the invalid/bad label. */ + mac_vnop_removexattr(vp, MAC_MLS_EXTATTR_NAME); +fallback: + /* Fall back to the mntlabel. */ + mac_mls_copy_effective(source, dest); + return (0); } static int
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200610261923.k9QJNWTi078540>