From owner-p4-projects@FreeBSD.ORG Fri Oct 24 11:17:04 2003 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 4E18B16A4C0; Fri, 24 Oct 2003 11:17:04 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 27CE816A4B3 for ; Fri, 24 Oct 2003 11:17:04 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id B05AF43FE0 for ; Fri, 24 Oct 2003 11:17:02 -0700 (PDT) (envelope-from areisse@nailabs.com) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.9/8.12.9) with ESMTP id h9OIH2XJ008406 for ; Fri, 24 Oct 2003 11:17:02 -0700 (PDT) (envelope-from areisse@nailabs.com) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.9/8.12.9/Submit) id h9OIH2ZY008403 for perforce@freebsd.org; Fri, 24 Oct 2003 11:17:02 -0700 (PDT) (envelope-from areisse@nailabs.com) Date: Fri, 24 Oct 2003 11:17:02 -0700 (PDT) Message-Id: <200310241817.h9OIH2ZY008403@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to areisse@nailabs.com using -f From: Andrew Reisse To: Perforce Change Reviews Subject: PERFORCE change 40416 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Oct 2003 18:17:04 -0000 http://perforce.freebsd.org/chv.cgi?CH=40416 Change 40416 by areisse@areisse_ibook on 2003/10/24 11:16:52 Some mac syscalls (mac_get_file, mac_get_pid, mac_get_proc) mpo_execve calls take execlabel and not image_params Porting for sebsd Most memory allocation changed to use kmem_alloc and sometimes kmem_free Affected files ... .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/init_sysent.c#3 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#21 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/mac.h#5 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/mac_policy.h#3 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/Makefile#3 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/avc/Makefile#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/linux-compat.h#3 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#6 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/Makefile#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/avtab.h#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/ebitmap.h#4 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/global.h#4 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/init.c#4 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/policydb.c#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/policydb.h#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/queue.c#4 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/services.c#2 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/init_sysent.c#3 (text+ko) ==== @@ -317,7 +317,9 @@ int __mac_get_link(); int __mac_set_link(); int __mac_get_proc(); +int __mac_get_pid(); int __mac_set_proc(); +int mac_execve(); #endif /* @@ -729,14 +731,17 @@ syss(__mac_get_link,2), /* 339 */ syss(__mac_get_proc,1), /* 340 */ syss(__mac_set_proc,1), /* 341 */ + /*syss(mac_execve,4), /* 342 */ + syss(nosys,0), /* 342 */ + syss(__mac_get_pid,2), /* 343 */ #else syss(nosys,0), /* 338 */ syss(nosys,0), /* 339 */ syss(nosys,0), /* 340 */ syss(nosys,0), /* 341 */ -#endif syss(nosys,0), /* 342 */ syss(nosys,0), /* 343 */ +#endif syss(nosys,0), /* 344 */ syss(nosys,0), /* 345 */ syss(nosys,0), /* 346 */ ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#21 (text+ko) ==== @@ -1558,10 +1558,10 @@ return (error); } +#endif int -mac_execve_enter(struct image_params *imgp, struct mac *mac_p, - struct label *execlabelstorage) +mac_execve_enter(struct mac *mac_p, struct label *execlabelstorage) { struct mac mac; char *buffer; @@ -1578,7 +1578,7 @@ if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = _MALLOC(mac.m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { FREE(buffer, M_MACTEMP); @@ -1592,20 +1592,12 @@ mac_destroy_cred_label(execlabelstorage); return (error); } - imgp->execlabel = execlabelstorage; return (0); } void -mac_execve_exit(struct image_params *imgp) -{ - if (imgp->execlabel != NULL) - mac_destroy_cred_label(imgp->execlabel); -} - -void mac_execve_transition(struct ucred *old, struct ucred *new, struct vnode *vp, - struct label *interpvnodelabel, struct image_params *imgp) + struct label *interpvnodelabel, struct label *execl) { ASSERT_VOP_LOCKED(vp, "mac_execve_transition"); @@ -1614,12 +1606,12 @@ return; MAC_PERFORM(execve_transition, old, new, vp, &vp->v_label, - interpvnodelabel, imgp, imgp->execlabel); + interpvnodelabel, execl); } int mac_execve_will_transition(struct ucred *old, struct vnode *vp, - struct label *interpvnodelabel, struct image_params *imgp) + struct label *interpvnodelabel, struct label *execlabel) { int result; @@ -1630,11 +1622,10 @@ result = 0; MAC_BOOLEAN(execve_will_transition, ||, old, vp, &vp->v_label, - interpvnodelabel, imgp, imgp->execlabel); + interpvnodelabel, execlabel); return (result); } -#endif int mac_check_vnode_access(struct ucred *cred, struct vnode *vp, int acc_mode) @@ -3455,7 +3446,7 @@ struct mac mac; struct proc *tproc; struct ucred *tcred; - int error; + int error, ulen; error = copyin(uap->mac_p, &mac, sizeof(mac)); if (error) @@ -3480,7 +3471,7 @@ return (error); MALLOC(elements, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); - error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); + error = copyinstr(mac.m_string, elements, mac.m_buflen, &ulen); if (error) { FREE(elements, M_MACTEMP); crfree(tcred); @@ -3787,7 +3778,7 @@ error = mac_externalize_vnode_label(&intlabel, elements, buffer, mac.m_buflen, M_WAITOK); - /*NDFREE(&nd, 0);*/ + vput (nd.ni_vp); FREE_ZONE(nd.ni_cnd.cn_pnbuf, nd.ni_cnd.cn_pnlen, M_NAMEI); mac_destroy_vnode_label(&intlabel); @@ -3853,7 +3844,8 @@ mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, mac.m_buflen, M_WAITOK); - /*NDFREE(&nd, 0);*/ + + vput (nd.ni_vp); FREE_ZONE(nd.ni_cnd.cn_pnbuf, nd.ni_cnd.cn_pnlen, M_NAMEI); mac_destroy_vnode_label(&intlabel); ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/mac.h#5 (text+ko) ==== @@ -222,14 +222,14 @@ * Labeling event operations: processes. */ void mac_create_cred(struct ucred *cred_parent, struct ucred *cred_child); -int mac_execve_enter(struct image_params *imgp, struct mac *mac_p, +int mac_execve_enter(struct mac *mac_p, struct label *execlabel); void mac_execve_exit(struct image_params *imgp); void mac_execve_transition(struct ucred *old, struct ucred *new, struct vnode *vp, struct label *interpvnodelabel, - struct image_params *imgp); + struct label *execlabel); int mac_execve_will_transition(struct ucred *old, struct vnode *vp, - struct label *interpvnodelabel, struct image_params *imgp); + struct label *interpvnodelabel, struct label *execlabel); void mac_create_proc0(struct ucred *cred); void mac_create_proc1(struct ucred *cred); #if 0 ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/mac_policy.h#3 (text+ko) ==== @@ -280,16 +280,18 @@ */ void (*mpo_create_cred)(struct ucred *parent_cred, struct ucred *child_cred); -#if 0 + void (*mpo_execve_transition)(struct ucred *old, struct ucred *new, - struct vnode *vp, struct label *vnodelabel, + struct vnode *vp, + struct label *vnodelabel, struct label *interpvnodelabel, - struct image_params *imgp, struct label *execlabel); + struct label *execlabel); int (*mpo_execve_will_transition)(struct ucred *old, - struct vnode *vp, struct label *vnodelabel, + struct vnode *vp, + struct label *vnodelabel, struct label *interpvnodelabel, - struct image_params *imgp, struct label *execlabel); -#endif + struct label *execlabel); + void (*mpo_create_proc0)(struct ucred *cred); void (*mpo_create_proc1)(struct ucred *cred); void (*mpo_relabel_cred)(struct ucred *cred, ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/Makefile#3 (text+ko) ==== @@ -11,6 +11,7 @@ sebsd.h \ flask.h \ flask_types.h \ + sebsd_syscalls.h \ linux-compat.h INSTINC_SUBDIRS = avc ss ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/avc/Makefile#2 (text+ko) ==== @@ -17,6 +17,11 @@ EXPORT_ONLY_FILES = \ avc.h \ + avc_ss.h \ + class_to_string.h \ + av_perm_to_string.h \ + common_perm_to_string.h \ + initial_sid_to_string.h \ av_permissions.h INSTALL_MI_LIST = ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/linux-compat.h#3 (text+ko) ==== @@ -47,6 +47,7 @@ #ifdef __APPLE__ #include +#include #else /* Probably FreeBSD */ #include #endif @@ -63,15 +64,25 @@ #define le32_to_cpu(x) ((__uint32_t)(x)) #define le64_to_cpu(x) ((__uint64_t)(x)) #else /* BYTE_ORDER != LITTLE_ENDIAN */ + +#ifdef __APPLE__ +#define le32_to_cpu(x) NXSwapLittleLongToHost(x) +#define le64_to_cpu(x) NXSwapLittleLongLongToHost(x) +#define cpu_to_le32(x) NXSwapHostLongToLittle(x) +#define cpu_to_le64(x) NXSwapHostLongLongToLittle(x) +#else + #define cpu_to_le32(x) bswap32((x)) #define cpu_to_le64(x) bswap64((x)) #define le32_to_cpu(x) bswap32((x)) #define le64_to_cpu(x) bswap64((x)) + +#endif #endif /* BYTE_ORDER */ /* sebsd uses same ss source files for userspace */ -#define kmalloc(size,flags) malloc(size,as) +#define kmalloc(size,flags) malloc(size) #define kfree(v) free(v) #define __get_free_page(flags) malloc (4096) /* XXX need page size */ #define GFP_ATOMIC 1 @@ -80,7 +91,6 @@ #else /* _KERNEL */ #ifdef __APPLE__ -#include #if BYTE_ORDER == LITTLE_ENDIAN #define le32_to_cpu(x) ((__uint32_t)(x)) #define le64_to_cpu(x) ((__uint64_t)(x)) @@ -108,8 +118,12 @@ #include #ifdef __APPLE__ -#define malloc(size,type,flags) _MALLOC(size,type,flags) -#define free(addr,type) FREE(addr,type) + +extern void *sebsd_malloc (size_t size, int flags); + +#define malloc(size,type,flags) sebsd_malloc (size,flags) +#define free(addr,type) + #define M_SEBSD M_MACTEMP #else #ifndef _M_SEBSD_DEF @@ -118,10 +132,10 @@ #endif #endif /* __APPLE__ */ -#define kmalloc(size,flags) malloc(size, M_SEBSD, flags) +#define kmalloc(size,flags) sebsd_malloc(size, flags) #define kfree(v) free(v, M_SEBSD) /* XXX need page size */ -#define __get_free_page(flags) malloc(4096, M_SEBSD, flags) +#define __get_free_page(flags) sebsd_malloc(4096, flags) #define GFP_ATOMIC M_NOWAIT #define GFP_KERNEL M_NOWAIT ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#6 (text+ko) ==== @@ -59,11 +59,15 @@ * HAS_EXTATTRS * HAS_DEVFS_DIRENT * HAS_VAPPEND - * HAS_IMAGE_PARAMS * HAS_STRINGS * HAS_ACLS */ + +#define HAS_STRING +#define HAS_STRINGS + #include +#include #endif #include @@ -77,7 +81,21 @@ #define SLOT(l) ((void *)LABEL_TO_SLOT((l), slot).l_ptr) #ifdef __APPLE__ -#define M_SEBSD M_MACTEMP + +void *sebsd_malloc (size_t size, int flags) +{ + void *v; + kmem_alloc (kernel_map, &v, size); + if (flags & M_ZERO) + bzero (v, size); + return v; +} + +static void sebsd_free (void *v, size_t size) +{ + kmem_free (kernel_map, v, size); +} + #else MALLOC_DEFINE(M_SEBSD, "sebsd", "Security Enhanced BSD"); #endif @@ -92,13 +110,12 @@ sebsd_init(struct mac_policy_conf *mpc) { printf("sebsd:: init\n"); + + avc_init(); sebsd_register_sysctls(); -#if 0 - avc_init(); if (security_init()) { panic("SEBSD: couldn't read policy file"); } -#endif } static void @@ -337,7 +354,7 @@ { struct task_security_struct *new_tsec; - new_tsec = malloc(sizeof(*new_tsec), M_SEBSD, M_ZERO | M_WAITOK); + new_tsec = sebsd_malloc(sizeof(*new_tsec), M_ZERO | M_WAITOK); new_tsec->osid = new_tsec->sid = SECINITSID_UNLABELED; SLOT(label) = new_tsec; } @@ -347,7 +364,7 @@ { struct file_security_struct *new_fsec; - new_fsec = malloc(sizeof(*new_fsec), M_SEBSD, M_ZERO | M_WAITOK); + new_fsec = sebsd_malloc (sizeof(*new_fsec), M_ZERO | M_WAITOK); new_fsec->sid = new_fsec->sid = SECINITSID_UNLABELED; SLOT(label) = new_fsec; } @@ -357,7 +374,7 @@ { struct mount_security_struct *sbsec; - sbsec = malloc(sizeof(*sbsec), M_SEBSD, M_ZERO | M_WAITOK); + sbsec = sebsd_malloc(sizeof(*sbsec), M_ZERO | M_WAITOK); sbsec->sid = SECINITSID_UNLABELED; SLOT(label) = sbsec; } @@ -367,7 +384,7 @@ { struct mount_fs_security_struct *sbsec; - sbsec = malloc(sizeof(*sbsec), M_SEBSD, M_ZERO | M_WAITOK); + sbsec = sebsd_malloc(sizeof(*sbsec), M_ZERO | M_WAITOK); sbsec->sid = SECINITSID_UNLABELED; SLOT(label) = sbsec; } @@ -377,7 +394,7 @@ { struct network_security_struct *new; - new = malloc(sizeof(*new), M_SEBSD, M_ZERO | M_WAITOK); + new = sebsd_malloc(sizeof(*new), M_ZERO | M_WAITOK); new->sid = new->task_sid = SECINITSID_UNLABELED; SLOT(label) = new; } @@ -387,7 +404,7 @@ { struct network_security_struct *new; - new = malloc(sizeof(*new), M_SEBSD, M_ZERO | flag); + new = sebsd_malloc(sizeof(*new), M_ZERO | flag); if (new == NULL) { SLOT(label) = NULL; return (ENOMEM); @@ -404,20 +421,25 @@ { struct vnode_security_struct *vsec; - vsec = malloc(sizeof(*vsec), M_SEBSD, M_ZERO | M_WAITOK); + vsec = sebsd_malloc(sizeof(*vsec), M_ZERO | M_WAITOK); vsec->sid = SECINITSID_UNLABELED; vsec->task_sid = SECINITSID_UNLABELED; SLOT(label) = vsec; } static void -sebsd_destroy_label(struct label *label) +sebsd_destroy_cred_label(struct label *label) { + sebsd_free (SLOT(label), sizeof (struct task_security_struct)); + SLOT(label) = NULL; +} - free(SLOT(label), M_SEBSD); - SLOT(label) = NULL; +static void +sebsd_destroy_vnode_label(struct label *label) +{ + sebsd_free (SLOT(label), sizeof (struct vnode_security_struct)); + SLOT(label) = NULL; } - static void sebsd_relabel_cred(struct ucred *cred, struct label *newlabel) { @@ -579,7 +601,7 @@ dirent_type_to_security_class(devfs_dirent->de_dirent->d_type); /* Obtain a SID based on the fstype, path, and class. */ - path = malloc(strlen(fullpath) + 2, M_SEBSD, M_ZERO | M_WAITOK); + path = sebsd_malloc(strlen(fullpath) + 2, M_ZERO | M_WAITOK); path[0] = '/'; strcpy(&path[1], fullpath); rc = security_genfs_sid(mp->mnt_vfc->vfc_name, path, dirent->sclass, @@ -608,7 +630,7 @@ "dirent=%d\n", path, sbsec->sid, mp->mnt_stat.f_mntonname, rc, dirent->sclass, newsid, dirent->sid); } - free(path, M_SEBSD); + sebsd_free (path, 2 + strlen(fullpath)); } static void @@ -631,7 +653,7 @@ dirent->sclass = SECCLASS_DIR; /* Obtain a SID based on the fstype, path, and class. */ - path = malloc(strlen(fullpath) + 2, M_SEBSD, M_ZERO | M_WAITOK); + path = sebsd_malloc(strlen(fullpath) + 2, M_ZERO | M_WAITOK); path[0] = '/'; strcpy(&path[1], fullpath); rc = security_genfs_sid(mp->mnt_vfc->vfc_name, path, dirent->sclass, @@ -646,7 +668,7 @@ __func__, path, sbsec->sid, mp->mnt_stat.f_mntonname, rc, dirent->sclass, newsid, dirent->sid); } - free(path, M_SEBSD); + sebsd_free(path, strlen (fullpath) + 2); } static void @@ -674,7 +696,7 @@ lnksec->sclass = SECCLASS_LNK_FILE; /* Obtain a SID based on the fstype, path, and class. */ - path = malloc(strlen(fullpath) + 2, M_SEBSD, M_ZERO | M_WAITOK); + path = sebsd_malloc(strlen(fullpath) + 2, M_ZERO | M_WAITOK); path[0] = '/'; strcpy(&path[1], fullpath); rc = security_genfs_sid(mp->mnt_vfc->vfc_name, path, lnksec->sclass, @@ -688,7 +710,7 @@ sbsec->sid, mp->mnt_stat.f_mntonname, rc, lnksec->sclass, newsid, lnksec->sid); } - free(path, M_SEBSD); + sebsd_free(path, strlen (fullpath) + 2); } #endif /* HAS_DEVFS_DIRENT */ @@ -1092,11 +1114,10 @@ return (cred_has_perm(cred, proc, perm)); } -#ifdef HAS_IMAGE_PARAMS static void sebsd_execve_transition(struct ucred *old, struct ucred *new, struct vnode *vp, struct label *vnodelabel, struct label *interpvnodelabel, - struct image_params *imgp, struct label *execlabel) + struct label *execlabel) { struct task_security_struct *otask, *ntask; struct vnode_security_struct *file; @@ -1136,7 +1157,7 @@ static int sebsd_execve_will_transition(struct ucred *old, struct vnode *vp, struct label *vnodelabel, struct label *interpvnodelabel, - struct image_params *imgp, struct label *execlabel) + struct label *execlabel) { struct task_security_struct *task; struct vnode_security_struct *file; @@ -1155,6 +1176,15 @@ if (execlabel == NULL) { (void)security_transition_sid(task->sid, file->sid, SECCLASS_PROCESS, &newsid); + int len; + char *ts, *ns, *fs; + security_sid_to_context (task->sid, &ts, &len); + security_sid_to_context (file->sid, &fs, &len); + security_sid_to_context (newsid, &ns, &len); + printf ("transition: %s %s -> %s\n", ts, fs, ns); + security_free_context (ts); + security_free_context (fs); + security_free_context (ns); } else { newsid = ((struct task_security_struct *) SLOT(execlabel))->sid; @@ -1162,7 +1192,6 @@ return (newsid != task->sid); } -#endif #ifdef HAS_STRING static int @@ -1893,7 +1922,7 @@ return (error); if (sbuf_cat(sb, context) == -1) - error = EINVAL; + error = ENOMEM; security_free_context(context); return (error); } @@ -2049,9 +2078,33 @@ } static struct mac_policy_ops sebsd_ops = { - .mpo_init = sebsd_init + .mpo_init = sebsd_init, + + .mpo_init_cred_label = sebsd_init_cred_label, + .mpo_init_vnode_label = sebsd_init_vnode_label, + + .mpo_destroy = sebsd_destroy, + .mpo_destroy_cred_label = sebsd_destroy_cred_label, + .mpo_destroy_vnode_label = sebsd_destroy_vnode_label, + + .mpo_internalize_cred_label = sebsd_internalize_cred_label, + .mpo_externalize_cred_label = sebsd_externalize_cred_label, + + .mpo_internalize_vnode_label = sebsd_internalize_vnode_label, + .mpo_externalize_vnode_label = sebsd_externalize_vnode_label, + + /* Create Labels */ + + .mpo_create_cred = sebsd_create_cred, + .mpo_create_proc0 = sebsd_create_proc0, + .mpo_create_proc1 = sebsd_create_proc1, + + /* Transition */ + .mpo_execve_will_transition = sebsd_execve_will_transition, + .mpo_execve_transition = sebsd_execve_transition }; +#if 0 static struct mac_policy_ops sebsd_ops_o = { /* Init Labels */ .mpo_init_bpfdesc_label = sebsd_init_network_label, @@ -2282,6 +2335,7 @@ .mpo_syscall = sebsd_syscall, #endif }; +#endif #if 0 MAC_POLICY_SET(&sebsd_ops, sebsd, "NSA/NAI Labs Security Enhanced BSD", ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/Makefile#2 (text+ko) ==== @@ -16,7 +16,8 @@ EXPINC_SUBDIRS_I386 = ${EXPINC_SUBDIRS} EXPORT_ONLY_FILES = \ - security.h + mls.h security.h services.h policydb.h global.h context.h queue.h \ + hashtab.h symtab.h avtab.h sidtab.h ebitmap.h mls_types.h constraint.h INSTALL_MI_LIST = ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/avtab.h#2 (text+ko) ==== @@ -11,7 +11,6 @@ #define _SS_AVTAB_H_ #include -#include struct avtab_key { u32 source_type; /* source type */ ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/ebitmap.h#4 (text+ko) ==== @@ -15,14 +15,23 @@ #define _SS_EBITMAP_H_ #ifdef __APPLE__ + +#ifdef KERNEL #include #else +#include +#include +#endif + +#else + #ifdef _KERNEL #include #else #include #include #endif + #endif #include ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/global.h#4 (text+ko) ==== @@ -24,13 +24,15 @@ #include #if defined(_KERNEL) || defined(KERNEL) -#define sebsd_malloc(a,b,c) malloc(a,b,c) -#define sebsd_free(a,b) free(a,b) +/*#define sebsd_malloc(a,b,c) sebsd_malloc(a,c) + #define sebsd_free(a,b) free(a,b)*/ #else /* _KERNEL */ #include #include +/* #define sebsd_malloc(a,b,c) (c&M_ZERO)?calloc(1,a):malloc(a) #define sebsd_free(a,b) free(a) +*/ #define mtx_lock(a) #define mtx_unlock(a) #endif /* _KERNEL */ ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/init.c#4 (text+ko) ==== @@ -16,6 +16,18 @@ #include #ifndef __APPLE__ #include +#else +#include +#include /* TMP */ + +struct lpargs +{ + int size; + void *data; +}; + +extern kmod_info_t *kmod; + #endif #include @@ -29,6 +41,17 @@ char policyfile[MAXPATHLEN]; +#if 1 + +#include + +int security_init(void) +{ + return security_load_policy (binpolicy_data, binpolicy_len); +} + +#else + int security_init(void) { int rc; @@ -39,9 +62,7 @@ printf("security: starting up (compiled " __DATE__ ")\n"); #ifndef __APPLE__ -/* - * TBD: No way to load policy on Darwin (yet) - */ + lh = preload_search_by_type ("sebsd_policy"); if (lh == NULL) goto loaderr; @@ -62,14 +83,40 @@ printf("security: error while reading policy, cannot initialize.\n"); return EINVAL; } +#else + + struct lpargs lp; + kmod_info_t *k; + lp.size = 0; + + for (k = kmod; k != NULL; k = k->next) + { + printf ("kmod %s\n", k->name); + if (k->address && 0 == strcmp ("sebsd.policy", k->name)) + { + rc = k->start (k, &lp); + if (rc) + return rc; + + break; + } + } + + char *lpdata = (char *) lp.data; + if (lp.size) + printf ("%d %c%c%c%c%c\n", lp.size, lpdata[0], lpdata[1], + lpdata[2], lpdata[3], lpdata[4]); + else + printf ("security: no policy module found\n"); + #endif - return 0; - loaderr: printf("security: policy not supplied by bootloader\n"); return EINVAL; } +#endif + /* FLASK */ ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/policydb.c#2 (text+ko) ==== @@ -546,7 +546,7 @@ */ static int context_read_and_validate(struct context *c, struct policydb *p, - void *fp) + struct policy_file *fp) { u32 *buf; int rc = 0; @@ -582,7 +582,7 @@ * binary representation file. */ -static int perm_read(struct policydb *p, struct hashtab *h, void *fp) +static int perm_read(struct policydb *p, struct hashtab *h, struct policy_file *fp) { char *key = 0; struct perm_datum *perdatum; @@ -631,7 +631,7 @@ goto out; } -static int common_read(struct policydb *p, struct hashtab *h, void *fp) +static int common_read(struct policydb *p, struct hashtab *h, struct policy_file *fp) { char *key = 0; struct common_datum *comdatum; @@ -689,7 +689,7 @@ goto out; } -static int class_read(struct policydb *p, struct hashtab *h, void *fp) +static int class_read(struct policydb *p, struct hashtab *h, struct policy_file *fp) { char *key = 0; struct class_datum *cladatum; @@ -866,7 +866,7 @@ goto out; } -static int role_read(struct policydb *p, struct hashtab *h, void *fp) +static int role_read(struct policydb *p, struct hashtab *h, struct policy_file *fp) { char *key = 0; struct role_datum *role; @@ -931,7 +931,7 @@ goto out; } -static int type_read(struct policydb *p, struct hashtab *h, void *fp) +static int type_read(struct policydb *p, struct hashtab *h, struct policy_file *fp) { char *key = 0; struct type_datum *typdatum; @@ -978,7 +978,7 @@ goto out; } -static int user_read(struct policydb *p, struct hashtab *h, void *fp) +static int user_read(struct policydb *p, struct hashtab *h, struct policy_file *fp) { char *key = 0; struct user_datum *usrdatum; @@ -1033,7 +1033,7 @@ goto out; } -static int (*read_f[SYM_NUM]) (struct policydb *p, struct hashtab *h, void *fp) = +static int (*read_f[SYM_NUM]) (struct policydb *p, struct hashtab *h, struct policy_file *fp) = { common_read, class_read, @@ -1064,8 +1064,10 @@ mls_set_config(config); rc = policydb_init(p); - if (rc) - goto out; + if (rc) { + printf ("policydb_init failed\n"); + goto out; + } rc = EINVAL; /* Read the magic number and string length. */ ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/policydb.h#2 (text+ko) ==== ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/queue.c#4 (text+ko) ==== @@ -22,7 +22,7 @@ { queue_t q; - q = (queue_t) sebsd_malloc(sizeof(struct queue_info), + q = (queue_t) malloc(sizeof(struct queue_info), M_SEBSD, M_WAITOK); if (q == NULL) return NULL; @@ -40,7 +40,7 @@ if (!q) return -1; - newnode = (queue_node_ptr_t) sebsd_malloc(sizeof(struct queue_node), + newnode = (queue_node_ptr_t) malloc(sizeof(struct queue_node), M_SEBSD, M_WAITOK); if (newnode == NULL) return -1; @@ -66,7 +66,7 @@ if (!q) return -1; - newnode = (queue_node_ptr_t) sebsd_malloc(sizeof(struct queue_node), + newnode = (queue_node_ptr_t) malloc(sizeof(struct queue_node), M_SEBSD, M_WAITOK); if (newnode == NULL) return -1; @@ -103,7 +103,7 @@ q->tail = NULL; e = node->element; - sebsd_free(node, M_SEBSD); + free(node, M_SEBSD); return e; } @@ -132,10 +132,10 @@ while (p != NULL) { temp = p; p = p->next; - sebsd_free(temp, M_SEBSD); + free(temp, M_SEBSD); } - sebsd_free(q, M_SEBSD); + free(q, M_SEBSD); } int queue_map(queue_t q, int (*f) (queue_element_t, void *), void *vp) @@ -188,7 +188,7 @@ temp = p; p = p->next; g(temp->element, vp); - sebsd_free(temp, M_SEBSD); + free(temp, M_SEBSD); } else { last = p; p = p->next; ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/services.c#2 (text+ko) ==== @@ -402,7 +402,7 @@ } printk(KERN_ERR "security_sid_to_context: called before initial " "load_policy on unknown SID %d\n", sid); - rc = EINVAL; + rc = ENOENT; goto out; } POLICY_RDLOCK; @@ -410,7 +410,7 @@ if (!context) { printk(KERN_ERR "security_sid_to_context: unrecognized SID " "%d\n", sid); - rc = EINVAL; + rc = EMFILE; goto out_unlock; } rc = context_struct_to_string(context, scontext, scontext_len); @@ -997,11 +997,14 @@ LOAD_LOCK; + printf ("policy %x %d\n", data, len); + if (!ss_initialized) { if (policydb_read(&policydb, fp)) { LOAD_UNLOCK; return EINVAL; } + printf ("finished reading policy"); if (policydb_load_isids(&policydb, &sidtab)) { LOAD_UNLOCK; policydb_destroy(&policydb);