Date: Wed, 18 Feb 2004 13:15:36 -0800 (PST) From: Andrew Reisse <areisse@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 47145 for review Message-ID: <200402182115.i1ILFad9014496@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=47145 Change 47145 by areisse@areisse_ibook on 2004/02/18 13:15:33 Uses label handle message trailer format for bootstrap security checks. Affected files ... .. //depot/projects/trustedbsd/sedarwin/apsl/system_cmds/mach_init.tproj/bootstrap.c#3 edit .. //depot/projects/trustedbsd/sedarwin/apsl/system_cmds/mach_init.tproj/rpc_services.c#3 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin/apsl/system_cmds/mach_init.tproj/bootstrap.c#3 (text+ko) ==== @@ -1015,6 +1015,7 @@ server_t *serverp; kern_return_t result; mig_reply_error_t *reply; + mach_msg_mac_trailer_t *trailer = (mach_msg_mac_trailer_t *) (((char*)Request)+Request->msgh_size); debug("received message on port %x\n", Request->msgh_local_port); @@ -1195,8 +1196,11 @@ else { /* must be a service request */ debug("Handled request."); - return bootstrap_server(Request, Reply); + boolean_t result = bootstrap_server(Request, Reply); + mach_port_destroy(mach_task_self(), trailer->msgh_labels.sender); + return result; } + mach_port_destroy(mach_task_self(), trailer->msgh_labels.sender); return TRUE; } ==== //depot/projects/trustedbsd/sedarwin/apsl/system_cmds/mach_init.tproj/rpc_services.c#3 (text+ko) ==== @@ -99,9 +99,9 @@ return BOOTSTRAP_NOT_PRIVILEGED; } - kern_return_t kr = mac_check_name_port_access + kern_return_t kr = mac_check_port_access (mach_task_self(), - labels.slabel, bootstrap_port, + labels.sender, bootstrap_port, "mach_names", "create_server"); if (kr) return BOOTSTRAP_NOT_PRIVILEGED; @@ -297,9 +297,9 @@ debug("Register attempt for service %s port %x", service_name, service_port); - result = mac_check_name_port_access (mach_task_self(), - labels.slabel, bootstrap_port, - "mach_names", "register"); + result = mac_check_port_access (mach_task_self(), + labels.sender, bootstrap_port, + "mach_names", "register"); if (result) return result; @@ -419,13 +419,13 @@ servicep = lookup_service_by_name(bootstrap, service_name); mach_port_t sp = servicep ? servicep->port : MACH_PORT_NULL; - kern_return_t kr = mac_check_name_port_access + kern_return_t kr = mac_check_port_access (mach_task_self(), - labels.slabel, sp == MACH_PORT_NULL ? bootstrap_port : sp, + labels.sender, sp == MACH_PORT_NULL ? bootstrap_port : sp, "mach_names", "look_up"); if (kr) { - log("bootstrap denied %s :%d", labels.slabel, kr); + log("bootstrap denied %d :%d", labels.sender, kr); return KERN_NO_ACCESS; } @@ -746,8 +746,8 @@ if (!bootstrap || !active_bootstrap(bootstrap)) return BOOTSTRAP_NOT_PRIVILEGED; - kern_return_t kr = mac_check_name_port_access - (mach_task_self(), labels.slabel, bootstrap_port, + kern_return_t kr = mac_check_port_access + (mach_task_self(), labels.sender, bootstrap_port, "mach_names", "makesubset"); if (kr) return BOOTSTRAP_NOT_PRIVILEGED; @@ -774,13 +774,22 @@ if (result != KERN_SUCCESS) kern_fatal(result, "port_set_add"); + char slabel[512]; char *nslabel; - result = security_change_context2 (labels.slabel+6, labels.slabel+6, "mach_names", + + result = mach_get_port_label (mach_task_self(), labels.sender, slabel); + if (result) + { + log ("error getting port label"); + } + else { + + result = security_change_context2 (slabel+6, slabel+6, "mach_names", &nslabel); if (result) { - log ("error changing context for %s", labels.slabel); - nslabel = labels.slabel; + log ("error changing context for %s", slabel); + nslabel = slabel; } else { @@ -795,6 +804,7 @@ nslabel); if (result != KERN_SUCCESS) kern_fatal(result, "mach_set_port_label"); + } subset = new_bootstrap(bootstrap, new_bootstrap_port, requestor_port);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200402182115.i1ILFad9014496>