Date: Thu, 16 Nov 2006 19:11:29 GMT From: Todd Miller <millert@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 110118 for review Message-ID: <200611161911.kAGJBTU6065377@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=110118 Change 110118 by millert@millert_macbook on 2006/11/16 19:10:59 Add mac_file_check_lock() Affected files ... .. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/bsd/kern/kern_descrip.c#6 edit .. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/bsd/vfs/vfs_syscalls.c#15 edit .. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_file.c#6 edit .. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_framework.h#18 edit .. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_policy.h#27 edit .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#43 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/bsd/kern/kern_descrip.c#6 (text+ko) ==== @@ -523,6 +523,14 @@ if (fl.l_whence == SEEK_CUR) fl.l_start += offset; +#ifdef MAC + error = mac_file_check_lock(proc_ucred(p), fp->f_fglob, + F_SETLK, &fl); + if (error) { + (void)vnode_put(vp); + goto outdrop; + } +#endif switch (fl.l_type) { case F_RDLCK: @@ -578,6 +586,11 @@ if (fl.l_whence == SEEK_CUR) fl.l_start += offset; +#ifdef MAC + error = mac_file_check_lock(proc_ucred(p), fp->f_fglob, + F_GETLK, &fl); + if (error == 0) +#endif error = VNOP_ADVLOCK(vp, (caddr_t)p, F_GETLK, &fl, F_POSIX, &context); (void)vnode_put(vp); @@ -2495,6 +2508,11 @@ if (error) goto out; #endif +#ifdef MAC + error = mac_file_check_lock(proc_ucred(p), fp->f_fglob, F_SETLK, &lf); + if (error) + goto out; +#endif fp->f_flag |= FHASLOCK; if (how & LOCK_NB) { error = VNOP_ADVLOCK(vp, (caddr_t)fp->f_fglob, F_SETLK, &lf, F_FLOCK, &context); ==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/bsd/vfs/vfs_syscalls.c#15 (text+ko) ==== @@ -1752,6 +1752,12 @@ if (error) goto bad; #endif +#ifdef MAC + error = mac_file_check_lock(vfs_context_ucred(ctx), fp->f_fglob, + F_SETLK, &lf); + if (error) + goto bad; +#endif if ((error = VNOP_ADVLOCK(vp, (caddr_t)fp->f_fglob, F_SETLK, &lf, type, ctx))) goto bad; fp->f_fglob->fg_flag |= FHASLOCK; ==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_file.c#6 (text+ko) ==== @@ -222,6 +222,16 @@ return (error); } +int +mac_file_check_lock(struct ucred *cred, struct fileglob *fg, int op, + struct flock *fl) +{ + int error; + + MAC_CHECK(file_check_lock, cred, fg, fg->fg_label, op, fl); + return (error); +} + /* * On some platforms, VM_PROT_READ implies VM_PROT_EXECUTE. If that is true, * both prot and maxprot will have VM_PROT_EXECUTE set after file_check_mmap ==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_framework.h#18 (text+ko) ==== @@ -141,6 +141,8 @@ int mac_file_check_inherit(struct ucred *cred, struct fileglob *fg); int mac_file_check_ioctl(struct ucred *cred, struct fileglob *fg, u_long com, void *data); +int mac_file_check_lock(struct ucred *cred, struct fileglob *fg, int op, + struct flock *fl); int mac_file_check_mmap(struct ucred *cred, struct fileglob *fg, int prot, int flags, int *maxprot); void mac_file_check_mmap_downgrade(struct ucred *cred, struct fileglob *fg, ==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_policy.h#27 (text+ko) ==== @@ -807,6 +807,28 @@ void *data ); /** + @brief Access control check for file locking + @param cred Subject credential + @param fg Fileglob structure + @param label Policy label for fg + @param op The lock operation (F_GETLK, F_SETLK, F_UNLK) + @param fl The flock structure + + Determine whether the subject identified by the credential can perform + the lock operation indicated by op and fl on the file represented by fg. + + @return Return 0 if access is granted, otherwise an appropriate value for + errno should be returned. + +*/ +typedef int mpo_file_check_lock_t( + struct ucred *cred, + struct fileglob *fg, + struct label *label, + int op, + struct flock *fl +); +/** @brief Access control check for mapping a file @param cred Subject credential @param fg fileglob representing file to map @@ -5113,6 +5135,7 @@ mpo_file_check_get_t *mpo_file_check_get; mpo_file_check_inherit_t *mpo_file_check_inherit; mpo_file_check_ioctl_t *mpo_file_check_ioctl; + mpo_file_check_lock_t *mpo_file_check_lock; mpo_file_check_mmap_downgrade_t *mpo_file_check_mmap_downgrade; mpo_file_check_mmap_t *mpo_file_check_mmap; mpo_file_check_receive_t *mpo_file_check_receive; ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#43 (text+ko) ==== @@ -3120,6 +3120,16 @@ } static int +sebsd_file_check_lock(struct ucred *cred, struct fileglob *fg, + struct label *fglabel, int op, struct flock *fl) +{ + + /* SELinux doesn't use the lock operation. */ + return (file_has_perm(cred, fg, fglabel, FILE__LOCK)); +} + + +static int sebsd_file_check_receive(struct ucred *cred, struct fileglob *fg, struct label *fglabel) { @@ -3551,6 +3561,7 @@ .mpo_file_check_get_ofileflags = sebsd_file_check_get_ofileflags, .mpo_file_check_inherit = sebsd_file_check_receive, .mpo_file_check_ioctl = sebsd_file_check_ioctl, + .mpo_file_check_lock = sebsd_file_check_lock, .mpo_file_check_mmap = sebsd_file_check_mmap, .mpo_file_check_receive = sebsd_file_check_receive, .mpo_file_label_associate = sebsd_file_label_associate,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611161911.kAGJBTU6065377>