Date: Wed, 15 May 2013 17:59:50 GMT From: Priit Järv <priit@cc.ttu.ee> To: freebsd-gnats-submit@FreeBSD.org Subject: kern/178667: [patch] mac_lomac policy ignores aux label when reading/writing file extattr Message-ID: <201305151759.r4FHxoWU076959@oldred.FreeBSD.org> Resent-Message-ID: <201305151800.r4FI00iN083362@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 178667 >Category: kern >Synopsis: [patch] mac_lomac policy ignores aux label when reading/writing file extattr >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed May 15 18:00:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Priit Järv >Release: 9.1-RELEASE >Organization: >Environment: FreeBSD test 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Sat May 11 16:22:59 EEST 2013 root@test:/usr/obj/usr/src/sys/MACTEST amd64 >Description: in sys/security/mac_lomac/mac_lomac.c: lomac_vnode_associate_extattr() and lomac_vnode_setlabel_extattr() only copy part of the LOMAC label, ignoring the value of the auxiliary grade. Note that lomac_vnode_create_extattr(), the third function to access the file extended attributes, does already copy the auxiliary grade if it is present. The problem has been reported for 9.1-RELEASE but it has been confirmed to be present in stable/9. The same problem is likely to be present in head (-CURRENT) as the relevant code has not been modified. >How-To-Repeat: 1. enable mac_lomac policy in kernel 2. create a multilabel filesystem (newfs -l -U /dev/somedev) 3. mount the filesystem and set lomac labels mount /dev/somedev /mnt mkdir /mnt/1 setfmac lomac/high\[low\] /mnt/1 # aux grade touch /mnt/1/2 # inherits grade from directory touch /mnt/1/3 setfmac lomac/high\[low\] /mnt/1/3 # set manually 4. use getextattr -x system mac_lomac /mnt/1 /mnt/1/2 /mnt/1/3 (only the file that inherited the grade has aux grade in extattr) 5. note the labels ls -lZa /mnt/1 6. umount /mnt; mount /dev/somedev /mnt 7. note the aux grades are missing with ls -lZa /mnt/1 >Fix: Apply the patch. Tested with GENERIC kernel on 9.1-RELEASE and stable/9. Patch attached with submission follows: --- sys/security/mac_lomac/mac_lomac.c.orig 2013-05-10 22:56:10.000000000 +0300 +++ sys/security/mac_lomac/mac_lomac.c 2013-05-11 21:30:47.000000000 +0300 @@ -2334,6 +2334,8 @@ } lomac_copy_single(&ml_temp, dest); + if (ml_temp.ml_flags & MAC_LOMAC_FLAG_AUX) + lomac_copy_auxsingle(&ml_temp, dest); return (0); } @@ -2908,6 +2910,9 @@ return (0); lomac_copy_single(source, &temp); + if (source->ml_flags & MAC_LOMAC_FLAG_AUX) + lomac_copy_auxsingle(source, &temp); + error = vn_extattr_set(vp, IO_NODELOCKED, MAC_LOMAC_EXTATTR_NAMESPACE, MAC_LOMAC_EXTATTR_NAME, buflen, (char *)&temp, curthread); return (error); >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201305151759.r4FHxoWU076959>