Date: Sat, 8 Nov 2003 21:52:35 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 41787 for review Message-ID: <200311090552.hA95qZV6053264@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=41787 Change 41787 by rwatson@rwatson_paprika on 2003/11/08 21:52:12 Add explicit label arguments to ksem policy entry points so that policy modules can avoid explicit knowledge of the ksem structure for label-only decisions. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac/mac_posix_sem.c#6 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#224 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#72 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#182 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_stub/mac_stub.c#9 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#116 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#200 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_posix_sem.c#6 (text+ko) ==== @@ -92,8 +92,7 @@ if (!mac_enforce_posix_sem) return (0); - //XXX: Should we also pass &ksemptr->ks_label ?? - MAC_CHECK(check_posix_sem_close, cred, ksemptr); + MAC_CHECK(check_posix_sem_close, cred, ksemptr, &ksemptr->ks_label); return(error); } @@ -106,8 +105,8 @@ if (!mac_enforce_posix_sem) return (0); - //XXX: Should we also pass &ksemptr->ks_label ?? - MAC_CHECK(check_posix_sem_destroy, cred, ksemptr); + MAC_CHECK(check_posix_sem_destroy, cred, ksemptr, + &ksemptr->ks_label); return(error); } @@ -120,8 +119,8 @@ if (!mac_enforce_posix_sem) return (0); - //XXX: Should we also pass &ksemptr->ks_label ?? - MAC_CHECK(check_posix_sem_openexisting, cred, ksemptr); + MAC_CHECK(check_posix_sem_openexisting, cred, ksemptr, + &ksemptr->ks_label); return(error); } @@ -134,8 +133,8 @@ if (!mac_enforce_posix_sem) return (0); - //XXX: Should we also pass &ksemptr->ks_label ?? - MAC_CHECK(check_posix_sem_getvalue, cred, ksemptr); + MAC_CHECK(check_posix_sem_getvalue, cred, ksemptr, + &ksemptr->ks_label); return(error); } @@ -148,8 +147,7 @@ if (!mac_enforce_posix_sem) return (0); - //XXX: Should we also pass &ksemptr->ks_label ?? - MAC_CHECK(check_posix_sem_post, cred, ksemptr); + MAC_CHECK(check_posix_sem_post, cred, ksemptr, &ksemptr->ks_label); return(error); } @@ -162,8 +160,7 @@ if (!mac_enforce_posix_sem) return (0); - //XXX: Should we also pass &ksemptr->ks_label ?? - MAC_CHECK(check_posix_sem_unlink, cred, ksemptr); + MAC_CHECK(check_posix_sem_unlink, cred, ksemptr, &ksemptr->ks_label); return(error); } @@ -176,8 +173,7 @@ if (!mac_enforce_posix_sem) return (0); - //XXX: Should we also pass &ksemptr->ks_label ?? - MAC_CHECK(check_posix_sem_wait, cred, ksemptr); + MAC_CHECK(check_posix_sem_wait, cred, ksemptr, &ksemptr->ks_label); return(error); } ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#224 (text+ko) ==== @@ -2155,7 +2155,8 @@ } static int -mac_biba_check_posix_sem_write(struct ucred *cred, struct ksem *ksemptr) +mac_biba_check_posix_sem_write(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { struct mac_biba *subj, *obj; @@ -2172,7 +2173,8 @@ } static int -mac_biba_check_posix_sem_rdonly(struct ucred *cred, struct ksem *ksemptr) +mac_biba_check_posix_sem_rdonly(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { struct mac_biba *subj, *obj; ==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#72 (text+ko) ==== @@ -2277,7 +2277,8 @@ } static int -mac_lomac_check_posix_sem_write(struct ucred *cred, struct ksem *ksemptr) +mac_lomac_check_posix_sem_write(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { struct mac_lomac *subj, *obj; @@ -2285,7 +2286,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT((&ksemptr->ks_label)); + obj = SLOT(ks_label); if (!mac_lomac_dominate_single(subj, obj)) return (EACCES); @@ -2294,7 +2295,8 @@ } static int -mac_lomac_check_posix_sem_rdonly(struct ucred *cred, struct ksem *ksemptr) +mac_lomac_check_posix_sem_rdonly(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { struct mac_lomac *subj, *obj; @@ -2302,7 +2304,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT((&ksemptr->ks_label)); + obj = SLOT(ks_label); if (!mac_lomac_dominate_single(obj, subj)) return (maybe_demote(subj, obj, "sem_getvalue", "posix_sem", NULL)); ==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#182 (text+ko) ==== @@ -2049,7 +2049,8 @@ } static int -mac_mls_check_posix_sem_write(struct ucred *cred, struct ksem *ksemptr) +mac_mls_check_posix_sem_write(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { struct mac_mls *subj, *obj; @@ -2057,7 +2058,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT((&ksemptr->ks_label)); + obj = SLOT(ks_label); if (!mac_mls_dominate_single(obj, subj)) return (EACCES); @@ -2066,7 +2067,8 @@ } static int -mac_mls_check_posix_sem_rdonly(struct ucred *cred, struct ksem *ksemptr) +mac_mls_check_posix_sem_rdonly(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { struct mac_mls *subj, *obj; @@ -2074,7 +2076,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT((&ksemptr->ks_label)); + obj = SLOT(ks_label); if (!mac_mls_dominate_single(subj, obj)) return (EACCES); ==== //depot/projects/trustedbsd/mac/sys/security/mac_stub/mac_stub.c#9 (text+ko) ==== @@ -271,7 +271,8 @@ } static void -stub_create_posix_ksem(struct ucred *cred, struct ksem *ksemptr) +stub_create_posix_ksem(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { } @@ -802,49 +803,56 @@ } static int -stub_check_posix_sem_close(struct ucred *cred, struct ksem *ksemptr) +stub_check_posix_sem_close(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { return (0); } static int -stub_check_posix_sem_destroy(struct ucred *cred, struct ksem *ksemptr) +stub_check_posix_sem_destroy(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { return (0); } static int -stub_check_posix_sem_getvalue(struct ucred *cred, struct ksem *ksemptr) +stub_check_posix_sem_getvalue(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { return (0); } static int -stub_check_posix_sem_openexisting(struct ucred *cred, struct ksem *ksemptr) +stub_check_posix_sem_openexisting(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { return (0); } static int -stub_check_posix_sem_post(struct ucred *cred, struct ksem *ksemptr) +stub_check_posix_sem_post(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { return (0); } static int -stub_check_posix_sem_unlink(struct ucred *cred, struct ksem *ksemptr) +stub_check_posix_sem_unlink(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { return (0); } static int -stub_check_posix_sem_wait(struct ucred *cred, struct ksem *ksemptr) +stub_check_posix_sem_wait(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { return (0); ==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#116 (text+ko) ==== @@ -1611,7 +1611,8 @@ } static int -mac_test_check_posix_ksem(struct ucred *cred, struct ksem *ksemptr) +mac_test_check_posix_ksem(struct ucred *cred, struct ksem *ksemptr, + struct label *ks_label) { ASSERT_CRED_LABEL(cred->cr_label); ==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#200 (text+ko) ==== @@ -386,19 +386,19 @@ int (*mpo_check_pipe_write)(struct ucred *cred, struct pipe *pipe, struct label *pipelabel); int (*mpo_check_posix_sem_close)(struct ucred *cred, - struct ksem *ksemptr); + struct ksem *ksemptr, struct label *ks_label); int (*mpo_check_posix_sem_destroy)(struct ucred *cred, - struct ksem *ksemptr); + struct ksem *ksemptr, struct label *ks_label); int (*mpo_check_posix_sem_getvalue)(struct ucred *cred, - struct ksem *ksemptr); + struct ksem *ksemptr, struct label *ks_label); int (*mpo_check_posix_sem_openexisting)(struct ucred *cred, - struct ksem *ksemptr); + struct ksem *ksemptr, struct label *ks_label); int (*mpo_check_posix_sem_post)(struct ucred *cred, - struct ksem *ksemptr); + struct ksem *ksemptr, struct label *ks_label); int (*mpo_check_posix_sem_unlink)(struct ucred *cred, - struct ksem *ksemptr); + struct ksem *ksemptr, struct label *ks_label); int (*mpo_check_posix_sem_wait)(struct ucred *cred, - struct ksem *ksemptr); + struct ksem *ksemptr, struct label *ks_label); int (*mpo_check_proc_debug)(struct ucred *cred, struct proc *proc); int (*mpo_check_proc_sched)(struct ucred *cred,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311090552.hA95qZV6053264>