From owner-p4-projects@FreeBSD.ORG  Fri Nov 21 12:51:20 2003
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 4A8A216A4D1; Fri, 21 Nov 2003 12:51:20 -0800 (PST)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 248E716A4CE
	for <perforce@freebsd.org>; Fri, 21 Nov 2003 12:51:20 -0800 (PST)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 48FC543FAF
	for <perforce@freebsd.org>; Fri, 21 Nov 2003 12:51:17 -0800 (PST)
	(envelope-from areisse@nailabs.com)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.12.9/8.12.9) with ESMTP id hALKpGXJ014822
	for <perforce@freebsd.org>; Fri, 21 Nov 2003 12:51:17 -0800 (PST)
	(envelope-from areisse@nailabs.com)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.12.9/8.12.9/Submit) id hALKpG0O014819
	for perforce@freebsd.org; Fri, 21 Nov 2003 12:51:16 -0800 (PST)
	(envelope-from areisse@nailabs.com)
Date: Fri, 21 Nov 2003 12:51:16 -0800 (PST)
Message-Id: <200311212051.hALKpG0O014819@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	areisse@nailabs.com using -f
From: Andrew Reisse <areisse@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Subject: PERFORCE change 42908 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Nov 2003 20:51:20 -0000

http://perforce.freebsd.org/chv.cgi?CH=42908

Change 42908 by areisse@areisse_ibook on 2003/11/21 12:50:45

	sedarwin todo list
	enforcing mode enabled by default
	fixes to policy to enable enforcing mode
	wslogin dialog looks nicer

Affected files ...

.. //depot/projects/trustedbsd/sedarwin/TODO#1 add
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vfs_lookup.c#3 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/avc/avc.c#5 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#18 edit
.. //depot/projects/trustedbsd/sedarwin/policy/rules#2 edit
.. //depot/projects/trustedbsd/sedarwin/sebsd_system/wslogin/English.lproj/MainMenu.nib/classes.nib#2 edit
.. //depot/projects/trustedbsd/sedarwin/sebsd_system/wslogin/English.lproj/MainMenu.nib/info.nib#2 edit
.. //depot/projects/trustedbsd/sedarwin/sebsd_system/wslogin/English.lproj/MainMenu.nib/objects.nib#2 edit
.. //depot/projects/trustedbsd/sedarwin/sebsd_system/wslogin/wslogin.c#4 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vfs_lookup.c#3 (text+ko) ====

@@ -460,8 +460,8 @@
 		if (p) {
 			error = mac_check_vnode_lookup(p->p_ucred, dp, cnp);
 			if (error) {
-				printf("MAC_check_vnode_lookup: failed with error %d!\n", error);
-/* 				goto bad; */
+			  /*printf("MAC_check_vnode_lookup: failed with error %d!\n", error);*/
+			  goto bad;
 			}
 		} else {
 			printf("MAC_check_vnode_lookup: NULL process!\n");

==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/avc/avc.c#5 (text+ko) ====

@@ -35,7 +35,7 @@
 #include <security/sebsd/avc/av_inherit.h>
 #include <security/sebsd/avc/av_perm_to_string.h>
 
-int selinux_enforcing = 0;
+int selinux_enforcing = 1;
 
 #define AVC_CACHE_SLOTS		512
 #define AVC_CACHE_MAXNODES	410
@@ -982,13 +982,13 @@
 
 	denied = requested & ~(ae->avd.allowed);
 
-	if (!requested || denied) {
+	if (/*!requested || */denied) {
 		if (selinux_enforcing) {
 			spin_unlock_irqrestore(&avc_lock,flags);
 			rc = EACCES;
 			goto out;
 		} else {
-			ae->avd.allowed |= requested;
+		        ae->avd.allowed |= requested;
 			spin_unlock_irqrestore(&avc_lock,flags);
 			goto out;
 		}

==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#18 (text+ko) ====

@@ -333,6 +333,8 @@
 		}
 	}
 
+	file->sclass = vnode_type_to_security_class (vp->v_type);
+
 	return avc_has_perm_ref_audit(task->sid, file->sid, file->sclass,
 				      perm, aeref ? aeref : &file->avcr, &ad);
 }

==== //depot/projects/trustedbsd/sedarwin/policy/rules#2 (text+ko) ====

@@ -1,20 +1,22 @@
 attribute domain;
+attribute file;
+attribute fs;
 
 include(global_macros.te)
 
-type unlabeled_t;
-type file_t;
-#type bin_t;
-type shell_exec_t;
+type unlabeled_t, file, fs;
+type file_t, file;
+type bin_t, file;
+type shell_exec_t, file;
+type login_exec_t, file;
 type init_d, domain;
-type login_exec_t;
 type login_d, domain;
 type user_d, domain;
 type user_secret_d, domain;
 type sysadm_d, domain;
 type kernel_d, domain;
 type security_t;
-type fs_t;
+type fs_t, fs;
 type devpts_t;
 type user_devpts_t;
 type sysadm_devpts_t;
@@ -50,6 +52,8 @@
 allow system_r user_secret_r;
 allow system_r sysadm_r;
 
+allow file fs:filesystem associate;
+
 #allow init_d { bin_t shell_exec_t file_t }:dir_file_class_set rw_file_perms;
 #allow init_d bin_t:file execute_no_trans;
 domain_auto_trans(init_d,login_exec_t,login_d);
@@ -59,13 +63,16 @@
 domain_trans(login_d,shell_exec_t,sysadm_d);
 type_change user_d devpts_t:chr_file user_devpts_t;
 
-allow domain {shell_exec_t unlabeled_t}:{file lnk_file sock_file} {create_file_perms execute };
-allow domain unlabeled_t:dir { create_dir_perms };
+allow domain file:{file lnk_file sock_file} {create_file_perms execute };
+allow domain file:dir { create_dir_perms };
 allow domain {null_device_t console_device_t memory_device_t random_device_t device_t}:{file chr_file} create_file_perms;
 allow domain device_t:blk_file create_file_perms;
 allow domain {devpts_t user_devpts_t sysadm_devpts_t}:chr_file create_file_perms;
-allow domain domain:process { signal };
+allow domain domain:process { signal sigkill setsched getsession };
+allow domain file:{dir file lnk_file sock_file} { relabelfrom relabelto };
 
 allow user_secret_d secret_t:{file lnk_file} create_file_perms;
 allow user_secret_d secret_t:dir { create_file_perms rw_dir_perms };
-allow user_secret_d { secret_t unlabeled_t }:{file dir} { relabelfrom relabelto };+allow user_secret_d { secret_t unlabeled_t file_t }:{file dir} { relabelfrom relabelto };
+allow secret_t fs:filesystem associate;
+

==== //depot/projects/trustedbsd/sedarwin/sebsd_system/wslogin/English.lproj/MainMenu.nib/classes.nib#2 (text+ko) ====


==== //depot/projects/trustedbsd/sedarwin/sebsd_system/wslogin/English.lproj/MainMenu.nib/info.nib#2 (text+ko) ====

@@ -8,7 +8,6 @@
 	<string>291.0</string>
 	<key>IBLockedObjects</key>
 	<array>
-		<integer>199</integer>
 		<integer>200</integer>
 	</array>
 	<key>IBOpenObjects</key>

==== //depot/projects/trustedbsd/sedarwin/sebsd_system/wslogin/English.lproj/MainMenu.nib/objects.nib#2 (binary) ====


==== //depot/projects/trustedbsd/sedarwin/sebsd_system/wslogin/wslogin.c#4 (text+ko) ====

@@ -12,7 +12,7 @@
 #define errexit(args...)			\
 {						\
   syslog (LOG_ERR, ##args);			\
-  return 1;					\
+  kill (getppid(), 15); return 1;		\
 }
 
 const char *username = "root";
@@ -68,7 +68,9 @@
       if (mac_from_text(&execlabel, shm+1))
 	errexit("%s is not a valid domain", shm[1]);
 
-      return mac_set_proc (execlabel);
+      if (mac_set_proc (execlabel))
+	kill (getppid(), 15);
+      return 0;
     }
 
   if (sebsd_enabled())
@@ -133,9 +135,8 @@
       free(labeltext);
     }
 
-  if (execlabel)
-    return mac_set_proc (execlabel);
-  else
-    return 0;
+  if (mac_set_proc (execlabel))
+    kill (getppid (), 15);
+  return 0;
 }