From owner-trustedbsd-cvs@FreeBSD.ORG  Wed Oct 25 19:11:06 2006
Return-Path: <owner-trustedbsd-cvs@FreeBSD.ORG>
X-Original-To: trustedbsd-cvs@freebsd.org
Delivered-To: trustedbsd-cvs@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A634F16A492
	for <trustedbsd-cvs@freebsd.org>; Wed, 25 Oct 2006 19:11:06 +0000 (UTC)
	(envelope-from owner-perforce@freebsd.org)
Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 298FF43D45
	for <trustedbsd-cvs@freebsd.org>; Wed, 25 Oct 2006 19:11:06 +0000 (GMT)
	(envelope-from owner-perforce@freebsd.org)
Received: from mx2.freebsd.org (mx2.freebsd.org [216.136.204.119])
	by cyrus.watson.org (Postfix) with ESMTP id 7478646E69
	for <trustedbsd-cvs@trustedbsd.org>;
	Wed, 25 Oct 2006 15:11:05 -0400 (EDT)
Received: from hub.freebsd.org (hub.freebsd.org [216.136.204.18])
	by mx2.freebsd.org (Postfix) with ESMTP id DEB9C58CC1;
	Wed, 25 Oct 2006 19:10:51 +0000 (GMT)
	(envelope-from owner-perforce@freebsd.org)
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 551C416A4E5; Wed, 25 Oct 2006 19:10:51 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 237A216A4DE
	for <perforce@freebsd.org>; Wed, 25 Oct 2006 19:10:51 +0000 (UTC)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E494B43D49
	for <perforce@freebsd.org>; Wed, 25 Oct 2006 19:10:50 +0000 (GMT)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k9PJAogi055052
	for <perforce@freebsd.org>; Wed, 25 Oct 2006 19:10:50 GMT
	(envelope-from millert@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k9PJAoPr055049
	for perforce@freebsd.org; Wed, 25 Oct 2006 19:10:50 GMT
	(envelope-from millert@freebsd.org)
Date: Wed, 25 Oct 2006 19:10:50 GMT
Message-Id: <200610251910.k9PJAoPr055049@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	millert@freebsd.org using -f
From: Todd Miller <millert@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 108410 for review
X-BeenThere: trustedbsd-cvs@FreeBSD.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TrustedBSD CVS and Perforce commit message list
	<trustedbsd-cvs.FreeBSD.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/trustedbsd-cvs>, 
	<mailto:trustedbsd-cvs-request@FreeBSD.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/trustedbsd-cvs>
List-Post: <mailto:trustedbsd-cvs@FreeBSD.org>
List-Help: <mailto:trustedbsd-cvs-request@FreeBSD.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/trustedbsd-cvs>,
	<mailto:trustedbsd-cvs-request@FreeBSD.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Oct 2006 19:11:06 -0000

http://perforce.freebsd.org/chv.cgi?CH=108410

Change 108410 by millert@millert_macbook on 2006/10/25 19:10:13

	Call mac_proc_check_debug() for ptrace() and task_for_pid().

Affected files ...

.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/bsd/kern/mach_process.c#2 edit
.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/bsd/vm/vm_unix.c#3 edit
.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_policy.h#15 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/bsd/kern/mach_process.c#2 (text+ko) ====

@@ -417,5 +417,13 @@
 		*errp = EBUSY;
 		return (0);
 	}
+
+#ifdef MAC
+	my_err = mac_proc_check_debug(creds, traced_procp);
+	if (my_err) {
+		*errp = my_err;
+		return (0);
+	}
+#endif
 	return(1);
 }

==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/bsd/vm/vm_unix.c#3 (text+ko) ====

@@ -405,6 +405,11 @@
 		  )
 		&& (p->p_stat != SZOMB)
 		) {
+#ifdef MAC
+			error = mac_proc_check_debug(kauth_cred_get(), p);
+			if (error)
+				goto noperm;
+#endif
 			if (p->task != TASK_NULL) {
 				task_reference(p->task);
 				sright = (void *)convert_task_to_port(p->task);
@@ -419,6 +424,7 @@
 			error = KERN_SUCCESS;
 			goto tfpout;
 	}
+noperm:
     task_deallocate(t1);
 	tret = MACH_PORT_NULL;
 	(void) copyout((char *) &tret, task_addr, sizeof(mach_port_name_t));

==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_policy.h#15 (text+ko) ====

@@ -3513,8 +3513,7 @@
 
   Determine whether the subject identified by the credential can debug
   the passed process. This call may be made in a number of situations,
-  including use of the ptrace(2) and ktrace(2) APIs, as well as for some
-  types of procfs operations.
+  including use of the ptrace(2), ktrace(2) and task_for_pid(2) APIs.
 
   @return Return 0 if access is granted, otherwise an appropriate value for
   errno should be returned. Suggested failure: EACCES for label mismatch,