From owner-p4-projects@FreeBSD.ORG  Thu Apr 20 15:47:07 2006
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 7031E16A409; Thu, 20 Apr 2006 15:47:07 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2939416A406
	for <perforce@freebsd.org>; Thu, 20 Apr 2006 15:47:07 +0000 (UTC)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A2FD043D66
	for <perforce@freebsd.org>; Thu, 20 Apr 2006 15:47:02 +0000 (GMT)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k3KFl2ZS096676
	for <perforce@freebsd.org>; Thu, 20 Apr 2006 15:47:02 GMT
	(envelope-from millert@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k3KFl2vx096673
	for perforce@freebsd.org; Thu, 20 Apr 2006 15:47:02 GMT
	(envelope-from millert@freebsd.org)
Date: Thu, 20 Apr 2006 15:47:02 GMT
Message-Id: <200604201547.k3KFl2vx096673@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	millert@freebsd.org using -f
From: Todd Miller <millert@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 95689 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Apr 2006 15:47:07 -0000

http://perforce.freebsd.org/chv.cgi?CH=95689

Change 95689 by millert@millert_g5tower on 2006/04/20 15:46:01

	Convert SEBSDCALL_GETUSERSIDS, SEBSDCALL_GETFILESIDS and
	SEBSDCALL_CHANGE_SID to sysctls.
	Move struct lp_args definition to sebsd_syscalls.h

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_syscall.c#14 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_syscalls.h#9 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_sysctl.c#9 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_syscall.c#14 (text+ko) ====

@@ -51,11 +51,6 @@
 
 #define MAX_UC 510
 
-struct lp_args {
-	void	*data;
-	size_t	 len;
-};
-
 static int
 sys_load_policy(struct proc *td, void *data, size_t len)
 {
@@ -98,137 +93,7 @@
 	return (rc);
 }
 
-/*
- * Lists the SIDs currently available for transition to by a given
- * "context\0username\0"
- *
- * or, lists the SIDs that a given context can relabel files to. (username is ignored)
- */
-static int
-sys_get_sids(int function, char *context, char *username, char *out, int *outlen)
-{
-	u_int32_t n, nsids, scontext_len;
-	u_int32_t *sids, sid;
-	char * scontext;
-	int error;
-	int olen = 1;
-	int ubufsz;
-
-	if (copyin(outlen, &ubufsz, sizeof(int))) {
-		error = EFAULT;
-		goto out;
-	}
-
-	/*
-	 * XXX We need POLICY_RDLOCK here, but it's not exported!
-	 */
-	error = security_context_to_sid(context, strlen (context), &sid);
-	if (error)
-		goto out;
-	switch (function) {
-	case SEBSDCALL_GETUSERSIDS:
-		error = security_get_user_sids(sid, username, &sids, &nsids);
-		break;
-
-	case SEBSDCALL_GETFILESIDS:
-		error = security_get_file_sids(sid, SECCLASS_FILE, &sids,
-		    &nsids);
-		break;
-
-	default:
-		error = ENOSYS;
-		break;
-	}
-	if (error)
-		goto out;
-	for (n = 0; n < nsids; n++) {
-		error = security_sid_to_context(sids[n], &scontext,
-		    &scontext_len);
-		if (error)
-			goto out2;
-		if (out && olen + scontext_len <= ubufsz) {
-			error = copyout(scontext, out, scontext_len);
-			out += scontext_len;
-		} else if (out)
-			error = ENOMEM;
-		olen += scontext_len;
-		security_free_context(scontext);
-		if (error)
-			goto out2;
-	}
-	error = copyout(&olen, outlen, sizeof(int));
-out2:
-	sebsd_free(sids, M_SEBSD);
-out:
-	return (error);
-}
-
 static int
-sys_change_sid(char *domains, char *sources, char *sclasss, char *out,
-    int *outlen)
-{
-	u_int32_t domain, source;
-	struct class_datum *cld;
-	char *outc;
-	int error;
-	int ubufsz, outclen;
-
-	if (copyin(outlen, &ubufsz, sizeof(int)))
-		return (EFAULT);
-
-	/*
-	 * XXX We need POLICY_RDLOCK here, but it's not exported!
-	 */
-	error = security_context_to_sid(sources, strlen (sources), &source);
-	if (error)
-		return (error);
-
-	error = security_context_to_sid(domains, strlen (domains), &domain);
-	if (error)
-		return (error);
-
-	cld = hashtab_search(policydb.p_classes.table, sclasss);
-	if (cld == NULL)
-		return (EINVAL);
-
-	error = security_change_sid(domain, source, cld->value, &source);
-	if (error)
-		return (error);
-	error = security_sid_to_context(source, &outc, &outclen);
-	if (error)
-		return (error);
-	if (out) {
-		if (outclen > ubufsz) {
-			error = ENOMEM;
-			goto out;
-		}
-		error = copyout(outc, out, outclen);
-		if (error)
-			goto out;
-	}
-	error = copyout(&outclen, outlen, sizeof(int));
-
-out:
-	security_free_context (outc);
-	return (error);
-}
-
-struct getsid_args {
-	char *ctx;
-	char *usr;
-	char *out;
-	int  *outlen;
-};
-
-struct changesid_args {
-	char *domain;
-	char *source;
-	char *sclass;
-	char *out;
-	int  *outlen;
-};
-
-static int
 sebsd_get_bools(struct proc *td, struct sebsd_get_bools *gb)
 {
 	char *out = NULL;
@@ -263,74 +128,6 @@
 		error = sys_load_migscs(td, p.data, p.len);
 		break;
 
-	case SEBSDCALL_GETUSERSIDS:
-	case SEBSDCALL_GETFILESIDS:
-	{
-		struct getsid_args uap;
-		size_t dummy;
-		char *ctx, *usr;
-
-		error = copyin(args, &uap, sizeof(struct getsid_args));
-		if (error)
-			return (error);
-		ctx = sebsd_malloc(MAX_UC, M_SEBSD, M_WAITOK);
-		error = copyinstr(uap.ctx, ctx, MAX_UC, &dummy);
-		if (error) {
-			sebsd_free(ctx, M_SEBSD);
-			return (error);
-		}
-		usr = sebsd_malloc(MAX_UC, M_SEBSD, M_WAITOK);
-		error = copyinstr(uap.usr, usr, MAX_UC, &dummy);
-		if (error) {
-			sebsd_free(ctx, M_SEBSD);
-			sebsd_free(usr, M_SEBSD);
-			return (error);
-		}
-		ctx[MAX_UC-1] = 0;
-		usr[MAX_UC-1] = 0;
-		error = sys_get_sids(call, ctx, usr, uap.out, uap.outlen);
-		sebsd_free(ctx, M_SEBSD);
-		sebsd_free(usr, M_SEBSD);
-		break;
-	}
-
-	case SEBSDCALL_CHANGE_SID:
-	{
-		struct changesid_args uap;
-		size_t dummy;
-		char *doms, *srcs, *scs;
-
-		error = copyin(args, &uap, sizeof(struct changesid_args));
-		if (error)
-			return (error);
-		doms = sebsd_malloc(MAX_UC, M_SEBSD, M_WAITOK);
-		error = copyinstr(uap.domain, doms, MAX_UC, &dummy);
-		if (error) {
-			sebsd_free(doms, M_SEBSD);
-			return (error);
-		}
-		srcs = sebsd_malloc(MAX_UC, M_SEBSD, M_WAITOK);
-		error = copyinstr(uap.source, srcs, MAX_UC, &dummy);
-		if (error) {
-			sebsd_free(doms, M_SEBSD);
-			sebsd_free(srcs, M_SEBSD);
-			return (error);
-		}
-		scs = sebsd_malloc(MAX_UC, M_SEBSD, M_WAITOK);
-		error = copyinstr(uap.sclass, scs, MAX_UC, &dummy);
-		if (error) {
-			sebsd_free(doms, M_SEBSD);
-			sebsd_free(srcs, M_SEBSD);
-			sebsd_free(scs, M_SEBSD);
-			return (error);
-		}
-		error = sys_change_sid(doms, srcs, scs, uap.out, uap.outlen);
-		sebsd_free(doms, M_SEBSD);
-		sebsd_free(srcs, M_SEBSD);
-		sebsd_free(scs, M_SEBSD);
-		return (error);
-	}
-
 	case SEBSDCALL_GET_BOOLS:
 	{
 		struct sebsd_get_bools gb;

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_syscalls.h#9 (text+ko) ====

@@ -12,9 +12,6 @@
 #define	SEBSDCALL_GET_BOOL		9
 #define	SEBSDCALL_SET_BOOL		10
 #define	SEBSDCALL_COMMIT_BOOLS		11
-#define	SEBSDCALL_GETUSERSIDS		6
-#define	SEBSDCALL_GETFILESIDS           5
-#define	SEBSDCALL_CHANGE_SID            4
 
 #define	SEBSDCALL_NUM			7
 
@@ -40,4 +37,9 @@
 	char	*out;
 };
 
+struct lp_args {
+        void    *data;
+        size_t   len;
+};
+
 #endif /* _SEBSD_SYSCALLS_H_ */

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd_sysctl.c#9 (text+ko) ====

@@ -1,6 +1,6 @@
 /*-
  * Copyright (c) 2002 Networks Associates Technology, Inc.
- * Copyright (c) 2005, 2006 SPARTA, Inc.
+ * Copyright (c) 2005-2006 SPARTA, Inc.
  * All rights reserved.
  *
  * This software was developed for the FreeBSD Project by NAI Labs, the
@@ -55,13 +55,12 @@
 
 extern unsigned int policydb_loaded_version;
 
-#if 0
 /*
  * Sysctl handler for security.mac.sebsd.sids
  * Lists the SIDs currently active in the security server
  */
 static int
-sysctl_list_sids(SYSCTL_HANDLER_ARGS)
+sysctl_list_sids SYSCTL_HANDLER_ARGS
 {
 	const int linesize = 128;	/* conservative */
 	int i, count, error, len;
@@ -71,7 +70,7 @@
 	char *scontext;
 
 	count = sidtab.nel;
-	MALLOC(buffer, char *, linesize, M_TEMP, M_WAITOK);
+	buffer = sebsd_malloc(linesize, M_TEMP, M_WAITOK);
 	len = snprintf(buffer, linesize, "\n    SID   Context\n");
 	error = SYSCTL_OUT(req, buffer, len);
 	if (error)
@@ -98,10 +97,9 @@
 	}
 	error = SYSCTL_OUT(req, "", 1);
 out:
-	FREE(buffer, M_TEMP);
+	sebsd_free(buffer, M_TEMP);
 	return (error);
 }
-#endif
 
 /*
  * Sysctl handler for security.mac.sebsd.auditing.  Get or set whether the
@@ -167,13 +165,11 @@
 	return (0);
 }
 
-#if 0
-/*
- * Sysctl handler for security.mac.sebsd.user_sids.  Lists the SIDs currently
- * available for transition to by a given "context\0username\0".
- */
+#define SEBSD_GETUSERSIDS	1
+#define SEBSD_GETFILESIDS	2
+
 static int
-sysctl_user_sids(SYSCTL_HANDLER_ARGS)
+sebsd_get_sids(int function, struct sysctl_req *req)
 {
 	u_int32_t n, nsids, scontext_len;
 	u_int32_t *sids, sid;
@@ -193,19 +189,29 @@
 		error = EINVAL;
 		goto out;
 	}
-	len = strlen(context);
-	if (len + 1 >= req->newlen) {
-		error = EINVAL;
-		goto out;
-	}
-	username = context + len + 1;
 	/*
 	 * XXX We need POLICY_RDLOCK here, but it's not exported!
 	 */
+	len = strlen(context);
 	error = security_context_to_sid(context, len + 1, &sid);
 	if (error)
 		goto out;
-	error = security_get_user_sids(sid, username, &sids, &nsids);
+	switch (function) {
+	case SEBSD_GETUSERSIDS:
+		if (len + 1 >= req->newlen) {
+			error = EINVAL;
+			goto out2;
+		}
+		username = context + len + 1;
+		error = security_get_user_sids(sid, username, &sids, &nsids);
+		break;
+	case SEBSD_GETFILESIDS:
+		error = security_get_file_sids(sid, SECCLASS_FILE, &sids,
+		    &nsids);
+		break;
+	default:
+		error = EINVAL;
+	}
 	if (error)
 		goto out;
 	for (n = 0; n < nsids; n++) {
@@ -227,11 +233,33 @@
 }
 
 /*
+ * Sysctl handler for security.mac.sebsd.user_sids.  Lists the SIDs currently
+ * available for transition to by a given "context\0username\0".
+ */
+static int
+sysctl_user_sids SYSCTL_HANDLER_ARGS
+{
+
+	return (sebsd_get_sids(SEBSD_GETUSERSIDS, req));
+}
+
+/*
+ * Sysctl handler for security.mac.sebsd.file_sids.  Lists the file
+ * SIDs available for a given "context\0".
+ */
+static int
+sysctl_file_sids SYSCTL_HANDLER_ARGS
+{
+
+	return (sebsd_get_sids(SEBSD_GETFILESIDS, req));
+}
+
+/*
  * Sysctl handler for security.mac.sebsd.change_sid
  * Report the SID to relabel to given input "scontext\0tcontext\0",tclass
  */
 static int
-sysctl_change_sid(SYSCTL_HANDLER_ARGS)
+sysctl_change_sid SYSCTL_HANDLER_ARGS
 {
 	u_int32_t newcontext_len;
 	u_int32_t sid, tsid, newsid;
@@ -284,7 +312,7 @@
  * given input "scontext\0tcontext\0", tclass, av.
  */
 static int
-sysctl_compute_av(SYSCTL_HANDLER_ARGS)
+sysctl_compute_av SYSCTL_HANDLER_ARGS
 {
 	u_int32_t sid, tsid;
 	u_int16_t tclass;
@@ -333,7 +361,6 @@
 	sebsd_free(scontext, M_SEBSD);
 	return (error);
 }
-#endif
 
 SYSCTL_DECL(_security_mac);
 SYSCTL_NODE(_security_mac, OID_AUTO, sebsd, CTLFLAG_RW, 0,
@@ -341,19 +368,20 @@
 
 SYSCTL_INT(_security_mac_sebsd, OID_AUTO, verbose, CTLFLAG_RW,
     &sebsd_verbose, 0, " SEBSD Verbose Debug Stuff");
-#if 0
 SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, sids, CTLTYPE_STRING|CTLFLAG_RD,
     NULL, 0, sysctl_list_sids, "A", "SEBSD SIDs");
 SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, user_sids, CTLTYPE_STRING |
     CTLFLAG_RW | CTLFLAG_ANYBODY, NULL, 0, sysctl_user_sids, "A",
     "SEBSD transitionable user SIDs");
+SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, file_sids, CTLTYPE_STRING |
+    CTLFLAG_RW | CTLFLAG_ANYBODY, NULL, 0, sysctl_file_sids, "A",
+    "SEBSD transitionable file SIDs");
 SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, change_sid, CTLTYPE_STRING |
     CTLFLAG_RW | CTLFLAG_ANYBODY, NULL, 0, sysctl_change_sid, "A",
     "SEBSD (tty) SID relabel to perform along with transition");
 SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, compute_av, CTLTYPE_STRING |
     CTLFLAG_RW | CTLFLAG_ANYBODY, NULL, 0, sysctl_compute_av, "A",
     "SEBSD access vector decision query");
-#endif
 SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, auditing, CTLTYPE_INT |
     CTLFLAG_RW, NULL, 0, sysctl_sebsd_auditing, "I", "SEBSD avc auditing");
 SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, enforcing, CTLTYPE_INT |
@@ -367,6 +395,11 @@
 {
 	sysctl_register_oid(&sysctl__security_mac_sebsd);
 	sysctl_register_oid(&sysctl__security_mac_sebsd_verbose);
+	sysctl_register_oid(&sysctl__security_mac_sebsd_sids);
+	sysctl_register_oid(&sysctl__security_mac_sebsd_user_sids);
+	sysctl_register_oid(&sysctl__security_mac_sebsd_file_sids);
+	sysctl_register_oid(&sysctl__security_mac_sebsd_change_sid);
+	sysctl_register_oid(&sysctl__security_mac_sebsd_compute_av);
 	sysctl_register_oid(&sysctl__security_mac_sebsd_auditing);
 	sysctl_register_oid(&sysctl__security_mac_sebsd_enforcing);
 	sysctl_register_oid(&sysctl__security_mac_sebsd_policyvers);