From owner-p4-projects Thu Aug 8 20:12:16 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 1CB5D37B401; Thu, 8 Aug 2002 20:12:02 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C3B9837B400 for ; Thu, 8 Aug 2002 20:12:01 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 689ED43E5E for ; Thu, 8 Aug 2002 20:12:01 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from freefall.freebsd.org (perforce@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g793C1JU080934 for ; Thu, 8 Aug 2002 20:12:01 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g793C0bs080931 for perforce@freebsd.org; Thu, 8 Aug 2002 20:12:00 -0700 (PDT) Date: Thu, 8 Aug 2002 20:12:00 -0700 (PDT) Message-Id: <200208090312.g793C0bs080931@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 15709 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15709 Change 15709 by rwatson@rwatson_tislabs on 2002/08/08 20:11:51 Pass both active and saved credentials into the MAC vnode stat check. Update policies to recognize the change: for now, always use the active cred. Affected files ... .. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#231 edit .. //depot/projects/trustedbsd/mac/sys/kern/vfs_vnops.c#45 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#96 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#49 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#78 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#62 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#70 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#32 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac.h#145 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#110 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#231 (text+ko) ==== @@ -2015,7 +2015,8 @@ } int -mac_check_vnode_stat(struct ucred *cred, struct vnode *vp) +mac_check_vnode_stat(struct ucred *active_cred, struct ucred *saved_cred, + struct vnode *vp) { int error; @@ -2024,11 +2025,12 @@ if (!mac_enforce_fs) return (0); - error = vn_refreshlabel(vp, cred); + error = vn_refreshlabel(vp, active_cred); if (error) return (error); - MAC_CHECK(check_vnode_stat, cred, vp, &vp->v_label); + MAC_CHECK(check_vnode_stat, active_cred, saved_cred, vp, + &vp->v_label); return (error); } ==== //depot/projects/trustedbsd/mac/sys/kern/vfs_vnops.c#45 (text+ko) ==== @@ -619,7 +619,7 @@ #ifdef MAC /* XXXMAC: Should pass in saved_cred. */ - error = mac_check_vnode_stat(active_cred, vp); + error = mac_check_vnode_stat(active_cred, saved_cred, vp); if (error) return (error); #endif ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#96 (text+ko) ==== @@ -2142,15 +2142,15 @@ } static int -mac_biba_check_vnode_stat(struct ucred *cred, struct vnode *vp, - struct label *vnodelabel) +mac_biba_check_vnode_stat(struct ucred *active_cred, struct ucred *saved_cred, + struct vnode *vp, struct label *vnodelabel) { struct mac_biba *subj, *obj; if (!mac_biba_enabled) return (0); - subj = SLOT(&cred->cr_label); + subj = SLOT(&active_cred->cr_label); obj = SLOT(vnodelabel); if (!mac_biba_dominate_single(obj, subj)) ==== //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#49 (text+ko) ==== @@ -675,8 +675,8 @@ } static int -mac_bsdextended_check_vnode_stat(struct ucred *cred, struct vnode *vp, - struct label *label) +mac_bsdextended_check_vnode_stat(struct ucred *active_cred, + struct ucred *saved_cred, struct vnode *vp, struct label *label) { struct vattr vap; int error; @@ -684,10 +684,11 @@ if (!mac_bsdextended_enabled) return (0); - error = VOP_GETATTR(vp, &vap, cred, curthread); + error = VOP_GETATTR(vp, &vap, active_cred, curthread); if (error) return (error); - return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VSTAT)); + return (mac_bsdextended_check(active_cred, vap.va_uid, vap.va_gid, + VSTAT)); } static struct mac_policy_op_entry mac_bsdextended_ops[] = ==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#78 (text+ko) ==== @@ -2097,15 +2097,15 @@ } static int -mac_mls_check_vnode_stat(struct ucred *cred, struct vnode *vp, - struct label *vnodelabel) +mac_mls_check_vnode_stat(struct ucred *active_cred, struct ucred *saved_cred, + struct vnode *vp, struct label *vnodelabel) { struct mac_mls *subj, *obj; if (!mac_mls_enabled) return (0); - subj = SLOT(&cred->cr_label); + subj = SLOT(&active_cred->cr_label); obj = SLOT(vnodelabel); if (!mac_mls_dominate_single(subj, obj)) ==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#62 (text+ko) ==== @@ -889,8 +889,8 @@ } static int -mac_none_check_vnode_stat(struct ucred *cred, struct vnode *vp, - struct label *label) +mac_none_check_vnode_stat(struct ucred *active_cred, struct ucred *saved_cred, + struct vnode *vp, struct label *label) { return (0); ==== //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#70 (text+ko) ==== @@ -1551,19 +1551,19 @@ } static int -mac_te_check_vnode_stat(struct ucred *cred, struct vnode *vp, - struct label *label) +mac_te_check_vnode_stat(struct ucred *active_cred, struct ucred *saved_cred, + struct vnode *vp, struct label *label) { switch (vp->v_type) { case VDIR: - return (mac_te_check(&cred->cr_label, label, MAC_TE_CLASS_DIR, - MAC_TE_OPERATION_DIR_STAT)); + return (mac_te_check(&active_cred->cr_label, label, + MAC_TE_CLASS_DIR, MAC_TE_OPERATION_DIR_STAT)); case VLNK: - return (mac_te_check(&cred->cr_label, label, + return (mac_te_check(&active_cred->cr_label, label, MAC_TE_CLASS_SYMLINK, MAC_TE_OPERATION_SYMLINK_STAT)); default: - return (mac_te_check(&cred->cr_label, label, + return (mac_te_check(&active_cred->cr_label, label, MAC_TE_CLASS_FILE, MAC_TE_OPERATION_FILE_STAT)); } } ==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#32 (text+ko) ==== @@ -1097,8 +1097,8 @@ } static int -mac_test_check_vnode_stat(struct ucred *cred, struct vnode *vp, - struct label *label) +mac_test_check_vnode_stat(struct ucred *active_cred, struct ucred *saved_cred, + struct vnode *vp, struct label *label) { return (0); ==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#145 (text+ko) ==== @@ -382,7 +382,8 @@ uid_t uid, gid_t gid); int mac_check_vnode_setutimes(struct ucred *cred, struct vnode *vp, struct timespec atime, struct timespec mtime); -int mac_check_vnode_stat(struct ucred *cred, struct vnode *vp); +int mac_check_vnode_stat(struct ucred *active_cred, + struct ucred *saved_cred, struct vnode *vp); int mac_getsockopt_label_get(struct ucred *cred, struct socket *so, struct mac *extmac); int mac_getsockopt_peerlabel_get(struct ucred *cred, struct socket *so, ==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#110 (text+ko) ==== @@ -331,7 +331,8 @@ int (*mpo_check_vnode_setutimes)(struct ucred *cred, struct vnode *vp, struct label *label, struct timespec atime, struct timespec mtime); - int (*mpo_check_vnode_stat)(struct ucred *cred, struct vnode *vp, + int (*mpo_check_vnode_stat)(struct ucred *active_cred, + struct ucred *saved_cred, struct vnode *vp, struct label *label); int (*mpo_check_vnode_write)(struct ucred *active_cred, struct ucred *saved_cred, struct vnode *vp, To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message