From owner-p4-projects  Tue Dec 17 15:13: 1 2002
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 890F537B404; Tue, 17 Dec 2002 15:12:56 -0800 (PST)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2396D37B401
	for <perforce@freebsd.org>; Tue, 17 Dec 2002 15:12:56 -0800 (PST)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B8CD743E4A
	for <perforce@freebsd.org>; Tue, 17 Dec 2002 15:12:55 -0800 (PST)
	(envelope-from green@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id gBHNCtmV043368
	for <perforce@freebsd.org>; Tue, 17 Dec 2002 15:12:55 -0800 (PST)
	(envelope-from green@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.12.6/8.12.6/Submit) id gBHNCstr043365
	for perforce@freebsd.org; Tue, 17 Dec 2002 15:12:54 -0800 (PST)
Date: Tue, 17 Dec 2002 15:12:54 -0800 (PST)
Message-Id: <200212172312.gBHNCstr043365@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to green@freebsd.org using -f
From: Brian Feldman <green@FreeBSD.org>
Subject: PERFORCE change 22433 for review
To: Perforce Change Reviews <perforce@freebsd.org>
Sender: owner-p4-projects@FreeBSD.ORG
Precedence: bulk
List-ID: <p4-projects.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20p4-projects>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20p4-projects>
X-Loop: FreeBSD.ORG

http://perforce.freebsd.org/chv.cgi?CH=22433

Change 22433 by green@green_laptop_2 on 2002/12/17 15:12:24

	Implement what's needed for SEBSD to determine the transitionable
	contexts in the userland processes (i.e. for login(1), newrole,
	etc.)  Also, modify the SID-listing sysctl to not allocate
	the entire memory it might possibly need at once, since it only
	needs space for one line of printing at a time.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd_sysctl.c#4 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd_sysctl.c#4 (text+ko) ====

@@ -42,6 +42,7 @@
 
 #include <security/sebsd/linux-compat.h>
 #include <security/sebsd/sebsd.h>
+#include <security/sebsd/ss/global.h>
 #include <security/sebsd/ss/services.h>
 #include <security/sebsd/ss/security.h>
 #include <security/sebsd/ss/sidtab.h>
@@ -57,53 +58,142 @@
 	int i, count, error, len;
 	u_int32_t scontext_len;
 	sidtab_node_t *cur;
-	char *buffer, *offset;
+	char *buffer;
 	security_context_t scontext;
 
 	count = sidtab.nel;
-	MALLOC(buffer, char *, count * linesize, M_TEMP, M_WAITOK);
+	MALLOC(buffer, char *, linesize, M_TEMP, M_WAITOK);
 	len = snprintf(buffer, linesize, "\n    SID   Context\n");
 	error = SYSCTL_OUT(req, buffer, len);
 	if (error)
 		goto out;
-	offset = buffer;
-
 	for (i = 0; i < SIDTAB_SIZE; i++) {
 		cur = sidtab.htable[i];
 		while (cur != NULL && count > 0) {
 			error = security_sid_to_context(cur->sid, &scontext, 
 							&scontext_len);
-			len = snprintf(offset, linesize, "%7d   %s\n",
+			len = snprintf(buffer, linesize, "%7d   %s\n",
 				       cur->sid, scontext);
 			security_free_context(scontext);
-			offset += len;
+			error = SYSCTL_OUT(req, buffer, len);
+			if (error)
+				goto out;
 			cur = cur->next;
 			count--;
 		}
 	}
-	*offset++ = '\0';
-	error = SYSCTL_OUT(req, buffer, offset - buffer);
+	error = SYSCTL_OUT(req, "", 1);
 out:
 	FREE(buffer, M_TEMP);
 	return (error);
 }
 
+#if 0
+/*
+ * Sysctl handler for security.mac.sebsd.enforcing
+ * Get and/or set whether the avc is in enforcement mode.
+ */
+static int
+sysctl_sebsd_enforcing(SYSCTL_HANDLER_ARGS)
+{
+	int error, enforcing;
+
+	if (req->oldptr != NULL) {
+		/* XXX Always allow the users to find out? */
+		enforcing = !avc_debug_always_allow;
+		error = SYSCTL_OUT(req, &enforcing, sizeof(enforcing));
+		if (error)
+			return (error);
+	}
+	if (req->newptr != NULL) {
+		error = thread_has_system(curthread, SYSTEM__AVC_TOGGLE);
+		if (error)
+			return (error);
+		error = SYSCTL_IN(req, &enforcing, sizeof(enforcing));
+		if (error)
+			return (error);
+		if (enforcing && avc_debug_always_allow) {
+			avc_ss_reset(avc_cache.latest_notif);
+			if (!ss_initialized && security_init() != 0)
+				panic("SELinux:  Could not initialize\n");
+		}
+		avc_debug_always_allow = !enforcing;
+	}
+	return (0);
+}
+#endif
+
+/*
+ * Sysctl handler for security.mac.sebsd.user_sids
+ * Lists the SIDs currently available for transition to by a given
+ * "context\0username\0"
+ */
+static int
+sysctl_user_sids(SYSCTL_HANDLER_ARGS)
+{
+	u_int32_t n, nsids, scontext_len;
+	security_id_t *sids, sid;
+	security_context_t scontext;
+	char *context, *username;
+	int error, len;
+
+	if (req->newlen == 0)
+		return (EINVAL);
+	if (req->newlen > 512)	/* arbitrary */
+		return (ENAMETOOLONG);
+	context = sebsd_malloc(req->newlen, M_SEBSD_SS, M_WAITOK);
+	error = SYSCTL_IN(req, context, req->newlen); 
+	if (error)
+		goto out;
+	if (context[req->newlen - 1] != '\0') {
+		error = EINVAL;
+		goto out;
+	}
+	len = strlen(context);
+	if (len + 1 >= req->newlen) {
+		error = EINVAL;
+		goto out;
+	}
+	username = context + len + 1;
+	error = security_context_to_sid(context, len + 1, &sid);
+	if (error)
+		goto out;
+	error = security_get_user_sids(sid, username, &sids, &nsids);
+	if (error)
+		goto out;
+	for (n = 0; n < nsids; n++) {
+		error = security_sid_to_context(sids[n], &scontext,
+		    &scontext_len);
+		if (error)
+			goto out2;
+		error = SYSCTL_OUT(req, scontext, scontext_len);
+		security_free_context(scontext);
+		if (error)
+			goto out2;
+	}
+	error = SYSCTL_OUT(req, "", 1);
+out2:
+	sebsd_free(sids, M_SEBSD_SS);
+out:
+	sebsd_free(context, M_SEBSD_SS);
+	return (error);
+}
+
 SYSCTL_DECL(_security_mac);
 SYSCTL_NODE(_security_mac, OID_AUTO, sebsd, CTLFLAG_RW, 0,
 	    "Security Enhanced BSD policy controls");
 
-#ifdef now_a_syscall
-SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, debug, CTLTYPE_INT|CTLFLAG_RW,
-	    0, 0, sysctl_sebsd_debug, "I", 
-	    "Debug Security Enhanced BSD policy");
-TUNABLE_INT("security.mac.sebsd.debug", &avc_debug_always_allow);
-#endif
-
 SYSCTL_INT(_security_mac_sebsd, OID_AUTO, verbose, CTLFLAG_RW,
 	   &sebsd_verbose, 0, " SEBSD Verbose Debug Stuff");
 TUNABLE_INT("security.mac.sebsd.verbose", &sebsd_verbose);
 
-SYSCTL_OID(_security_mac_sebsd, OID_AUTO, sids, CTLTYPE_STRING|CTLFLAG_RD,
+SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, sids, CTLTYPE_STRING|CTLFLAG_RD,
 	   NULL, 0, sysctl_list_sids, "A", "SEBSD SIDs");
+SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, user_sids, CTLTYPE_STRING |
+ 	   CTLFLAG_RW | CTLFLAG_ANYBODY, NULL, 0, sysctl_user_sids, "A",
+	   "SEBSD transitionable user SIDs");
 
-
+#if 0
+SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, enforcing, CTLTYPE_INT | CTLFLAG_RW,
+	   0, 0, sysctl_sebsd_enforcing, "I", "SEBSD avc enforcement");
+#endif

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message