From owner-p4-projects@FreeBSD.ORG Thu Mar 9 14:41:59 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id EDF9816A423; Thu, 9 Mar 2006 14:41:58 +0000 (GMT) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE2EB16A420 for ; Thu, 9 Mar 2006 14:41:58 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5CC3D43D49 for ; Thu, 9 Mar 2006 14:41:58 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k29EfwuY099461 for ; Thu, 9 Mar 2006 14:41:58 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k29EfvTH099458 for perforce@freebsd.org; Thu, 9 Mar 2006 14:41:57 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Thu, 9 Mar 2006 14:41:57 GMT Message-Id: <200603091441.k29EfvTH099458@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Cc: Subject: PERFORCE change 93045 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2006 14:41:59 -0000 http://perforce.freebsd.org/chv.cgi?CH=93045 Change 93045 by rwatson@rwatson_peppercorn on 2006/03/09 14:41:48 Copyright update. Convert sebsd_destroy() call to printf() into panic(), as SEBSD is unable to unload. A moderate amount of style(9)ism. Affected files ... .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#40 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#40 (text+ko) ==== @@ -1,6 +1,6 @@ /*- * Copyright (c) 2002, 2003 Networks Associates Technology, Inc. - * Copyright (c) 2005 SPARTA, Inc. + * Copyright (c) 2005-2006 SPARTA, Inc. * All rights reserved. * * This software was developed for the FreeBSD Project by NAI Labs, the @@ -8,7 +8,7 @@ * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA * CHATS research program. * - * This software was enhanced by SPARTA ISSO under SPAWAR contract + * This software was enhanced by SPARTA ISSO under SPAWAR contract * N66001-04-C-6019 ("SEFOS"). * * Redistribution and use in source and binary forms, with or without @@ -73,7 +73,7 @@ #include #include -int sebsd_verbose = 0; +int sebsd_verbose = 0; static int slot; #define SLOT(l) ((void *)LABEL_TO_SLOT((l), slot).l_ptr) @@ -94,7 +94,7 @@ sebsd_destroy(struct mac_policy_conf *mpc) { - printf("sebsd:: destroy\n"); + panic("sebsd_destroy"); } /* @@ -180,55 +180,57 @@ static __inline security_class_t vnode_type_to_security_class(enum vtype vt) { + switch (vt) { case VREG: - return SECCLASS_FILE; + return (SECCLASS_FILE); case VDIR: - return SECCLASS_DIR; + return (SECCLASS_DIR); case VBLK: - return SECCLASS_BLK_FILE; + return (SECCLASS_BLK_FILE); case VCHR: - return SECCLASS_CHR_FILE; + return (SECCLASS_CHR_FILE); case VLNK: - return SECCLASS_LNK_FILE; + return (SECCLASS_LNK_FILE); case VSOCK: - return SECCLASS_SOCK_FILE; + return (SECCLASS_SOCK_FILE); case VFIFO: - return SECCLASS_FIFO_FILE; + return (SECCLASS_FIFO_FILE); case VNON: case VBAD: - return SECCLASS_FILE; + return (SECCLASS_FILE); case VMARKER: panic("vnode_type_to_security_class: VMARKER"); } - return SECCLASS_FILE; + return (SECCLASS_FILE); } static __inline security_class_t dirent_type_to_security_class(__uint8_t type) { + switch (type) { case DT_REG: - return SECCLASS_FILE; + return (SECCLASS_FILE); case DT_DIR: - return SECCLASS_DIR; + return (SECCLASS_DIR); case DT_BLK: - return SECCLASS_BLK_FILE; + return (SECCLASS_BLK_FILE); case DT_CHR: - return SECCLASS_CHR_FILE; + return (SECCLASS_CHR_FILE); case DT_LNK: - return SECCLASS_LNK_FILE; + return (SECCLASS_LNK_FILE); case DT_SOCK: - return SECCLASS_SOCK_FILE; + return (SECCLASS_SOCK_FILE); case DT_FIFO: - return SECCLASS_FIFO_FILE; + return (SECCLASS_FIFO_FILE); case DT_UNKNOWN: case DT_WHT: - return SECCLASS_FILE; + return (SECCLASS_FILE); } - return SECCLASS_FILE; + return (SECCLASS_FILE); } static __inline access_vector_t @@ -246,7 +248,6 @@ av |= FILE__APPEND; else if (mask & VWRITE) av |= FILE__WRITE; - } else { if (mask & VEXEC) av |= DIR__SEARCH; @@ -256,7 +257,7 @@ av |= DIR__READ; } - return av; + return (av); } static int @@ -282,11 +283,11 @@ file->sclass = vnode_type_to_security_class(vp->v_type); if (file->sclass == 0) { printf("vnode_has_perm:: Giving up\n"); - return 1; /* TBD: debugging */ + return (1); /* TBD: debugging */ } } - return avc_has_perm_ref_audit(task->sid, file->sid, file->sclass, - perm, aeref ? aeref : &file->avcr, &ad); + return (avc_has_perm_ref_audit(task->sid, file->sid, file->sclass, + perm, aeref ? aeref : &file->avcr, &ad)); } static int @@ -302,7 +303,7 @@ * TBD: No audit information yet */ - return(avc_has_perm_ref(task->sid, file->sid, file->sclass, + return (avc_has_perm_ref(task->sid, file->sid, file->sclass, perm, &file->avcr)); } @@ -456,19 +457,18 @@ context_len = sizeof(context); /* TBD: bad fixed length */ error = vn_extattr_get(vp, IO_NODELOCKED, - SEBSD_MAC_EXTATTR_NAMESPACE, - SEBSD_MAC_EXTATTR_NAME, - &context_len, context, curthread); + SEBSD_MAC_EXTATTR_NAMESPACE, SEBSD_MAC_EXTATTR_NAME, + &context_len, context, curthread); if (error == ENOATTR || error == EOPNOTSUPP) { vsec->sid = SECINITSID_UNLABELED; /* Use the default label */ - /* +#if 0 struct vattr va; (void)VOP_GETATTR(vp, &va, curthread->td_ucred, curthread); printf("sebsd_update_vnode_from_extattr: no label for " "inode=%ld, fsid=%d\n", va.va_fileid, va.va_fsid); - */ +#endif goto dosclass; } if (error) { @@ -489,22 +489,21 @@ if (error) { printf("sebsd_update_vnode_from_extattr: ERROR mapping " "context to sid: %.*s\n", context_len, context); - return (0); /* TBD bad, bad, bad */ + return (0); /* TBD bad, bad, bad */ } dosclass: /* TBD: */ vsec->sclass = vnode_type_to_security_class(vp->v_type); - if (vsec->sclass == 0) { + if (vsec->sclass == 0) printf("sebsd_update_vnode_from_extattr:: sclass is 0\n"); - } return (0); } static void sebsd_associate_vnode_singlelabel(struct mount *mp, struct label *fslabel, - struct vnode *vp, struct label *vlabel) + struct vnode *vp, struct label *vlabel) { struct mount_fs_security_struct *sbsec; struct vnode_security_struct *vsec; @@ -526,8 +525,6 @@ /* Default to using the attributes from the parent process */ task->osid = parent->osid; task->sid = parent->sid; - - return; } static void @@ -557,10 +554,11 @@ bzero(msgsec, sizeof(*msgsec)); msgsec->sclass = SECCLASS_MSG; - /* XXX should we return an error if security_transition_sid, - * Or, should we assign the msg object the thread sid? + /* + * XXX should we return an error if security_transition_sid, or, + * should we assign the msg object the thread sid? */ - if(security_transition_sid(tsec->sid, msqsec->sid, + if (security_transition_sid(tsec->sid, msqsec->sid, SECCLASS_MSG, &msgsec->sid) < 0) { printf("Warning: security_transition_sid failed on" "create_sysv_msgmsg\n"); @@ -623,7 +621,6 @@ ipcsec->sid = tsec->sid; ipcsec->sclass = SECCLASS_POSIX_SEM; - } static void @@ -661,10 +658,12 @@ if (cr != NULL) { struct task_security_struct *task = SLOT(cr->cr_label); - /* XXX: uses the type specified by genfs instead of the parent directory - like it should! */ - int error = security_transition_sid(task->sid, dirent->sid, dirent->sclass, - &newsid); + /* + * XXX: uses the type specified by genfs instead of the + * parent directory like it should! + */ + int error = security_transition_sid(task->sid, dirent->sid, + dirent->sclass, &newsid); if (error == 0) dirent->sid = newsid; } @@ -680,8 +679,8 @@ } static void -sebsd_create_devfs_directory(struct mount *mp, char *dirname, - int dirnamelen, struct devfs_dirent *devfs_dirent, struct label *label, +sebsd_create_devfs_directory(struct mount *mp, char *dirname, int dirnamelen, + struct devfs_dirent *devfs_dirent, struct label *label, const char *fullpath) { char *path; @@ -722,7 +721,6 @@ struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de, struct label *delabel, const char *fullpath) { - char *path; int rc; security_id_t newsid; @@ -760,8 +758,8 @@ } /* - * Use the allocating task SID to label pipes. On Linux, pipes reside - * in a pseudo filesystem. + * Use the allocating task SID to label pipes. On Linux, pipes reside in a + * pseudo filesystem. */ static void sebsd_create_pipe(struct ucred *cred, struct pipepair *pipe, @@ -785,7 +783,7 @@ task = SLOT(cred->cr_label); task->osid = task->sid = SECINITSID_KERNEL; printf("sebsd_create_proc0:: using SECINITSID_KERNEL = %d\n", - SECINITSID_KERNEL); + SECINITSID_KERNEL); } static void @@ -797,12 +795,13 @@ task->osid = SECINITSID_KERNEL; task->sid = SECINITSID_INIT; printf("sebsd_create_proc1:: using SICINITSID_INIT = %d\n", - SECINITSID_INIT); + SECINITSID_INIT); } static void sebsd_create_mount(struct ucred *cred, struct mount *mp, - struct label *mntlabel, struct label *fslabel, struct label *mount_arg_label) + struct label *mntlabel, struct label *fslabel, + struct label *mount_arg_label) { struct mount_security_struct *sbsec, *mntsec; struct mount_fs_security_struct *sbfssec; @@ -823,14 +822,17 @@ } else { sbfssec->sid = sbsec->sid; /* TBD: debugging only */ - printf("sebsd_create_mount: security_fs_use(%s) behavior %d, sid %d\n", - mp->mnt_vfc->vfc_name, behavior, sbsec->sid); + printf("sebsd_create_mount: security_fs_use(%s) behavior " + "%d, sid %d\n", mp->mnt_vfc->vfc_name, behavior, + sbsec->sid); } switch (behavior) { case SECURITY_FS_USE_XATTR: - /* PSIDs only work for persistent file systems with - unique and persistent inode numbers. */ + /* + * PSIDs only work for persistent file systems with unique + * and persistent inode numbers. + */ sbsec->uses_psids = 1; /* @@ -840,27 +842,35 @@ break; case SECURITY_FS_USE_TRANS: - /* Transition SIDs are used for pseudo filesystems like - devpts and tmpfs where you want the SID to be derived - from the SID of the creating process and the SID of - the filesystem. */ + /* + * Transition SIDs are used for pseudo filesystems like + * devpts and tmpfs where you want the SID to be derived + * from the SID of the creating process and the SID of the + * filesystem. + */ sbsec->uses_trans = 1; break; case SECURITY_FS_USE_TASK: - /* Task SIDs are used for pseudo filesystems like pipefs - and sockfs where you want the objects to be labeled - with the SID of the creating process. */ + /* + * Task SIDs are used for pseudo filesystems like pipefs and + * sockfs where you want the objects to be labeled with the + * SID of the creating process. + */ sbsec->uses_task = 1; break; case SECURITY_FS_USE_GENFS: - /* genfs_contexts handles everything else, like devfs, - usbdevfs, driverfs, and portions of proc. */ + /* + * genfs_contexts handles everything else, like devfs, + * usbdevfs, driverfs, and portions of proc. + */ sbsec->uses_genfs = 1; break; case SECURITY_FS_USE_NONE: - /* No labeling support configured for this filesystem type. - Don't appear to require labeling for binfmt_misc, bdev, - or rootfs. */ + /* + * No labeling support configured for this filesystem type. + * Don't appear to require labeling for binfmt_misc, bdev, + * or rootfs. + */ break; default: printf("%s: security_fs_use(%s) returned unrecognized " @@ -919,14 +929,14 @@ } static int -sebsd_check_cap (struct ucred *cred, cap_value_t capv) +sebsd_check_cap(struct ucred *cred, cap_value_t capv) { - return cred_has_capability (cred, capv); + + return (cred_has_capability (cred, capv)); } /* - * SEBSD does not support the relabeling of processes without - * transitioning. + * SEBSD does not support the relabeling of processes without transitioning. */ static int sebsd_check_cred_relabel(struct ucred *cred, struct label *newlabel) @@ -936,8 +946,8 @@ nsec = SLOT(newlabel); tsec = SLOT(cred->cr_label); if (nsec != NULL && nsec->sid != tsec->sid) - return EPERM; - return 0; + return (EPERM); + return (0); } static int @@ -956,7 +966,7 @@ rc = vnode_has_perm (cred, vp, FILE__MOUNTON, NULL); if (rc) - return rc; + return (rc); if (mntlabel) { sbsec = SLOT(mntlabel); @@ -965,18 +975,17 @@ rc = avc_has_perm_ref_audit (task->sid, sid, SECCLASS_FILE, COMMON_FILE__RELABELTO, NULL, NULL); if (rc) - return rc; - } - else { + return (rc); + } else { rc = security_fs_use (vfc_name, &behavior, &sid); if (rc) - return rc; + return (rc); } rc = avc_has_perm_ref_audit (task->sid, sid, SECCLASS_FILESYSTEM, FILESYSTEM__MOUNT, NULL, NULL); - return rc; + return (rc); } static int @@ -988,11 +997,11 @@ } static int -sebsd_check_remount(struct ucred *cred, struct mount *mp, struct label *mntlabel, - struct label *mount_arg_label) +sebsd_check_remount(struct ucred *cred, struct mount *mp, + struct label *mntlabel, struct label *mount_arg_label) { - /* cannot change labels on filesystems */ + /* Cannot change labels on filesystems. */ if (mount_arg_label) { struct mount_security_struct *mla = SLOT(mntlabel); struct mount_security_struct *mlb = SLOT(mount_arg_label); @@ -1003,7 +1012,8 @@ } static int -sebsd_check_umount(struct ucred *cred, struct mount *mp, struct label *mntlabel) +sebsd_check_umount(struct ucred *cred, struct mount *mp, + struct label *mntlabel) { return (mount_has_perm(cred, mp, FILESYSTEM__UNMOUNT, NULL)); @@ -1063,7 +1073,7 @@ FILESYSTEM__ASSOCIATE, &ad); */ - return(rc); + return (rc); } static int @@ -1140,13 +1150,12 @@ * So just make the transition. */ ntask->osid = otask->sid; - if (execlabel == NULL) { + if (execlabel == NULL) (void)security_transition_sid(otask->sid, file->sid, - SECCLASS_PROCESS, &ntask->sid); - } else { + SECCLASS_PROCESS, &ntask->sid); + else ntask->sid = ((struct task_security_struct *) SLOT(execlabel))->sid; - } if (otask->sid != ntask->sid) { /* @@ -1155,8 +1164,6 @@ * permission check if the parent was waiting. */ } - - return; } static int @@ -1178,13 +1185,12 @@ * Should have already checked all the permissions, so just see if * the SIDS are going to match. */ - if (execlabel == NULL) { + if (execlabel == NULL) (void)security_transition_sid(task->sid, file->sid, - SECCLASS_PROCESS, &newsid); - } else { + SECCLASS_PROCESS, &newsid); + else newsid = ((struct task_security_struct *) SLOT(execlabel))->sid; - } return (newsid != task->sid); } @@ -1261,6 +1267,7 @@ source = SLOT(newlabel); dest = SLOT(pipelabel); + /* XXXRW: Should be KASSERT's? */ if (!source) { printf("sebsd_relabel_pipe:: source is NULL!\n"); return; @@ -1282,6 +1289,7 @@ source = SLOT(label); dest = SLOT(vnodelabel); + /* XXXRW: Should be KASSERT's? */ if (!source) { printf("sebsd_relabel_vnode:: source is NULL!\n"); return; @@ -1306,14 +1314,13 @@ newlabel = SLOT(intlabel); error = security_sid_to_context(newlabel->sid, &context, - &context_len); + &context_len); if (error) return (error); error = vn_extattr_set(vp, IO_NODELOCKED, - SEBSD_MAC_EXTATTR_NAMESPACE, - SEBSD_MAC_EXTATTR_NAME, - context_len, context, curthread); + SEBSD_MAC_EXTATTR_NAMESPACE, SEBSD_MAC_EXTATTR_NAME, + context_len, context, curthread); security_free_context(context); return (error); } @@ -1324,10 +1331,10 @@ { if (!acc_mode) - return 0; + return (0); - return (vnode_has_perm(cred, vp, file_mask_to_av(vp->v_type, acc_mode), - NULL)); + return (vnode_has_perm(cred, vp, + file_mask_to_av(vp->v_type, acc_mode), NULL)); } static int @@ -1346,7 +1353,7 @@ /* TBD: Incomplete, SELinux also check capability(CAP_SYS_CHROOT)) */ /* MAY_EXEC ~= DIR__SEARCH */ - return vnode_has_perm(cred, dvp, DIR__SEARCH, NULL); + return (vnode_has_perm(cred, dvp, DIR__SEARCH, NULL)); } static int @@ -1370,29 +1377,31 @@ ad.u.fs.vp = dvp; rc = avc_has_perm_ref_audit(task->sid, dir->sid, SECCLASS_DIR, - DIR__ADD_NAME | DIR__SEARCH, - &dir->avcr, &ad); + DIR__ADD_NAME | DIR__SEARCH, &dir->avcr, &ad); if (rc) - return rc; + return (rc); rc = security_transition_sid(task->sid, dir->sid, tclass, &newsid); if (rc) - return rc; + return (rc); rc = avc_has_perm_audit(task->sid, newsid, tclass, FILE__CREATE, &ad); if (rc) - return rc; + return (rc); if (dvp->v_mount) { - /* XXX: mpo_check_vnode_create should probably pass the mntlabel */ + /* + * XXX: mpo_check_vnode_create should probably pass the + * mntlabel. + */ sbsec = SLOT (dvp->v_mount->mnt_mntlabel); - rc = avc_has_perm_audit(newsid, sbsec->sid, SECCLASS_FILESYSTEM, - FILESYSTEM__ASSOCIATE, &ad); + rc = avc_has_perm_audit(newsid, sbsec->sid, + SECCLASS_FILESYSTEM, FILESYSTEM__ASSOCIATE, &ad); if (rc) - return rc; + return (rc); } - return 0; + return (0); } static int @@ -1415,7 +1424,6 @@ rc = avc_has_perm_ref_audit(task->sid, dir->sid, SECCLASS_DIR, DIR__SEARCH | DIR__REMOVE_NAME, &dir->avcr, &ad); - if (rc) return (rc); @@ -1454,11 +1462,10 @@ rc = security_transition_sid(task->sid, file->sid, SECCLASS_PROCESS, &newsid); if (rc) - return EACCES; - } else { + return (EACCES); + } else newsid = ((struct task_security_struct *) SLOT(execlabel))->sid; - } AVC_AUDIT_DATA_INIT(&ad, FS); ad.u.fs.vp = vp; @@ -1466,23 +1473,18 @@ if (newsid == task->sid) { rc = avc_has_perm_audit(task->sid, file->sid, SECCLASS_FILE, FILE__EXECUTE_NO_TRANS, &ad); - if (rc) - return EACCES; - + return (EACCES); } else { /* Check permissions for the transition. */ rc = avc_has_perm_audit(task->sid, newsid, SECCLASS_PROCESS, PROCESS__TRANSITION, &ad); - if (rc) - return EACCES; - + return (EACCES); rc = avc_has_perm_audit(newsid, file->sid, SECCLASS_FILE, FILE__ENTRYPOINT, &ad); - if (rc) - return EACCES; + return (EACCES); /* * TBD: Check ptrace permission between the parent and @@ -1536,7 +1538,7 @@ rc = avc_has_perm_ref_audit(task->sid, dir->sid, SECCLASS_DIR, DIR__SEARCH | DIR__ADD_NAME, &dir->avcr, &ad); if (rc) - return rc; + return (rc); rc = avc_has_perm_ref_audit(task->sid, file->sid, file->sclass, FILE__LINK, &file->avcr, &ad); @@ -1559,10 +1561,10 @@ { if (!acc_mode) - return 0; + return (0); - return (vnode_has_perm(cred, vp, file_mask_to_av(vp->v_type, acc_mode), - NULL)); + return (vnode_has_perm(cred, vp, file_mask_to_av(vp->v_type, + acc_mode), NULL)); } static int @@ -1570,7 +1572,7 @@ struct vnode *vp, struct label *label) { - return vnode_has_perm(cred, vp, FILE__POLL, NULL); + return (vnode_has_perm(cred, vp, FILE__POLL, NULL)); } static int @@ -1578,7 +1580,7 @@ struct vnode *vp, struct label *label) { - return vnode_has_perm(cred, vp, FILE__READ, NULL); + return (vnode_has_perm(cred, vp, FILE__READ, NULL)); } static int @@ -1586,7 +1588,7 @@ struct label *dlabel) { - return vnode_has_perm(cred, dvp, DIR__READ, NULL); + return (vnode_has_perm(cred, dvp, DIR__READ, NULL)); } static int @@ -1594,7 +1596,7 @@ struct label *label) { - return vnode_has_perm(cred, vp, FILE__READ, NULL); + return (vnode_has_perm(cred, vp, FILE__READ, NULL)); } static int @@ -1617,29 +1619,31 @@ if (old->sclass == 0) { printf("vnode_relabel:: ERROR, sid=%d, sclass=0, v_type=%d\n", old->sid, vp->v_type); - return 0; /* TBD: debugging */ + return (0); /* TBD: debugging */ } rc = avc_has_perm_ref_audit(task->sid, old->sid, old->sclass, - FILE__RELABELFROM, &old->avcr, &ad); + FILE__RELABELFROM, &old->avcr, &ad); if (rc) return (rc); rc = avc_has_perm_audit(task->sid, new->sid, old->sclass, - FILE__RELABELTO, &ad); - + FILE__RELABELTO, &ad); if (rc) return (rc); if (vp->v_mount) { - /* XXX: mpo_check_vnode_relabel should probably pass the mntlabel */ + /* + * XXX: mpo_check_vnode_relabel should probably pass the + * mntlabel. + */ sbsec = SLOT (vp->v_mount->mnt_mntlabel); - rc = avc_has_perm_audit (new->sid, sbsec->sid, SECCLASS_FILESYSTEM, - FILESYSTEM__ASSOCIATE, &ad); + rc = avc_has_perm_audit (new->sid, sbsec->sid, + SECCLASS_FILESYSTEM, FILESYSTEM__ASSOCIATE, &ad); if (rc) - return rc; + return (rc); } - return 0; + return (0); } static int @@ -1659,19 +1663,17 @@ AVC_AUDIT_DATA_INIT(&ad, FS); rc = avc_has_perm_ref_audit(task->sid, old_dir->sid, SECCLASS_DIR, - DIR__REMOVE_NAME | DIR__SEARCH, - &old_dir->avcr, &ad); + DIR__REMOVE_NAME | DIR__SEARCH, &old_dir->avcr, &ad); if (rc) return (rc); if (old_file->sclass == 0) { printf("vnode_rename_from:: ERROR, sid=%d, sclass=0, " - "v_type=%d\n", old_file->sid, vp->v_type); - return 0; /* TBD: debugging */ + "v_type=%d\n", old_file->sid, vp->v_type); + return (0); /* TBD: debugging */ } rc = avc_has_perm_ref_audit(task->sid, old_file->sid, - old_file->sclass, FILE__RENAME, - &old_file->avcr, &ad); + old_file->sclass, FILE__RENAME, &old_file->avcr, &ad); if (rc) return (rc); @@ -1699,8 +1701,7 @@ */ if (vp->v_type == VDIR && !samedir) { rc = avc_has_perm_ref(task->sid, old_file->sid, - old_file->sclass, DIR__REPARENT, - &old_file->avcr); + old_file->sclass, DIR__REPARENT, &old_file->avcr); if (rc) return (rc); } @@ -1714,7 +1715,7 @@ ad.u.fs.vp = vp; rc = avc_has_perm_ref(task->sid, new_dir->sid, SECCLASS_DIR, - av, &new_dir->avcr); + av, &new_dir->avcr); if (rc) return (rc); @@ -1723,17 +1724,14 @@ if (new_file->sclass == 0) { printf("vnode_relabel_to:: ERROR, sid=%d, sclass=0, " "v_type=%d\n", new_file->sid, vp->v_type); - return 0; /* TBD: debugging */ + return (0); /* TBD: debugging */ } - if (vp->v_type == VDIR) { + if (vp->v_type == VDIR) rc = avc_has_perm_ref(task->sid, new_file->sid, - new_file->sclass, - DIR__RMDIR, &new_file->avcr); - } else { + new_file->sclass, DIR__RMDIR, &new_file->avcr); + else rc = avc_has_perm_ref(task->sid, new_file->sid, - new_file->sclass, - FILE__UNLINK, &new_file->avcr); - } + new_file->sclass, FILE__UNLINK, &new_file->avcr); if (rc) return (rc); } @@ -1747,7 +1745,7 @@ { /* TBD: Not Implemented */ - return 0; + return (0); } static int @@ -1755,7 +1753,7 @@ struct label *label, acl_type_t type, struct acl *acl) { - return vnode_has_perm(cred, vp, FILE__SETATTR, NULL); + return (vnode_has_perm(cred, vp, FILE__SETATTR, NULL)); } static int @@ -1763,7 +1761,7 @@ struct label *label, int attrnamespace, const char *name, struct uio *uio) { - return vnode_has_perm(cred, vp, FILE__SETATTR, NULL); + return (vnode_has_perm(cred, vp, FILE__SETATTR, NULL)); } static int @@ -1771,7 +1769,7 @@ struct label *label, u_long flags) { - return vnode_has_perm(cred, vp, FILE__SETATTR, NULL); + return (vnode_has_perm(cred, vp, FILE__SETATTR, NULL)); } static int @@ -1779,7 +1777,7 @@ struct label *label, mode_t mode) { - return vnode_has_perm(cred, vp, FILE__SETATTR, NULL); + return (vnode_has_perm(cred, vp, FILE__SETATTR, NULL)); } static int @@ -1787,7 +1785,7 @@ struct label *label, uid_t uid, gid_t gid) { - return vnode_has_perm(cred, vp, FILE__SETATTR, NULL); + return (vnode_has_perm(cred, vp, FILE__SETATTR, NULL)); } static int @@ -1795,7 +1793,7 @@ struct label *label, struct timespec atime, struct timespec mtime) { - return vnode_has_perm(cred, vp, FILE__SETATTR, NULL); + return (vnode_has_perm(cred, vp, FILE__SETATTR, NULL)); } static int @@ -1803,7 +1801,7 @@ struct vnode *vp, struct label *vnodelabel) { - return vnode_has_perm(cred, vp, FILE__GETATTR, NULL); + return (vnode_has_perm(cred, vp, FILE__GETATTR, NULL)); } @@ -1823,7 +1821,7 @@ struct label *vnodelabel) { - return vnode_has_perm(cred, vp, FILE__SWAPON, NULL); + return (vnode_has_perm(cred, vp, FILE__SWAPON, NULL)); } static int @@ -1831,7 +1829,7 @@ struct label *vnodelabel) { - return vnode_has_perm(cred, vp, FILE__SWAPON, NULL); + return (vnode_has_perm(cred, vp, FILE__SWAPON, NULL)); } /* @@ -1842,7 +1840,7 @@ void *arg1, int arg2, struct sysctl_req *req) { - return (0); + return (0); } static int @@ -1850,11 +1848,11 @@ struct vnode *vp, struct label *label) { - return vnode_has_perm(cred, vp, FILE__WRITE, NULL); + return (vnode_has_perm(cred, vp, FILE__WRITE, NULL)); } /* - * Also registered for MAC_CHECK_VNODE_MPROTECT + * Also registered for MAC_CHECK_VNODE_MPROTECT. */ static int sebsd_check_vnode_mmap(struct ucred *cred, struct vnode *vp, @@ -2086,7 +2084,7 @@ * TBD: No audit information yet */ - return(avc_has_perm_ref(task->sid, ipcsec->sid, ipcsec->sclass, + return (avc_has_perm_ref(task->sid, ipcsec->sid, ipcsec->sclass, perm, &ipcsec->avcr)); } @@ -2095,7 +2093,7 @@ struct label *msglabel) { - return(ipc_has_perm(cred, msglabel, MSG__RECEIVE)); + return (ipc_has_perm(cred, msglabel, MSG__RECEIVE)); } static int @@ -2103,7 +2101,7 @@ struct label *msglabel) { - return(ipc_has_perm(cred, msglabel, MSG__DESTROY)); + return (ipc_has_perm(cred, msglabel, MSG__DESTROY)); } static int @@ -2111,7 +2109,7 @@ struct label *msqklabel) { - return(ipc_has_perm(cred, msqklabel, MSGQ__ASSOCIATE)); + return (ipc_has_perm(cred, msqklabel, MSGQ__ASSOCIATE)); } static int @@ -2120,7 +2118,7 @@ { /* Can this process write to the queue? */ - return(ipc_has_perm(cred, msqklabel, MSGQ__WRITE)); >>> TRUNCATED FOR MAIL (1000 lines) <<<