Date: Sat, 21 Sep 2002 21:34:09 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 17906 for review Message-ID: <200209220434.g8M4Y9a0099972@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=17906 Change 17906 by rwatson@rwatson_tislabs on 2002/09/21 21:33:48 Introduce a new MAC Framework and MAC Policy entry point, mac_create_devfs_symlink(), which is invoked to initialize the label on a newly created symlink in devfs in the scenario where symlink() is called by a user process (the case where it's associated with a device during make_dev_alias is handled by the mac_create_devfs_device() case, since it has a dev_t). The current method of copying the label from the vnode didn't work as it broke assertions in the handling of the vnode due to a duplicate vnode creation event. This should fix problems in Biba, MLS, TE, and SEBSD relating to correct labeling of user generated symlinks (such as /dev/log). In Biba, MLS, and TE, we derive the symlink label from the subject credential creating the symlink. It could also come from the parent directory of the symlink, which is available in the entry point arguments. Affected files ... .. //depot/projects/trustedbsd/mac/sys/fs/devfs/devfs_vnops.c#24 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#110 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#91 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#75 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#77 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#46 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac.h#162 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#126 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/fs/devfs/devfs_vnops.c#24 (text+ko) ==== @@ -878,12 +878,11 @@ MALLOC(de->de_symlink, char *, i, M_DEVFS, M_WAITOK); bcopy(ap->a_target, de->de_symlink, i); lockmgr(&dmp->dm_lock, LK_EXCLUSIVE, 0, curthread); +#ifdef MAC + mac_create_devfs_symlink(ap->a_cnp->cn_cred, dd, de); +#endif TAILQ_INSERT_TAIL(&dd->de_dlist, de, de_list); devfs_allocv(de, ap->a_dvp->v_mount, ap->a_vpp, 0); -#ifdef MAC - mac_create_vnode(ap->a_cnp->cn_cred, ap->a_dvp, *ap->a_vpp); - mac_update_devfsdirent(de, *ap->a_vpp); -#endif /* MAC */ lockmgr(&dmp->dm_lock, LK_RELEASE, 0, curthread); return (0); } ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#110 (text+ko) ==== @@ -584,6 +584,18 @@ } static void +mac_biba_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd, + struct label *ddlabel, struct devfs_dirent *de, struct label *delabel) +{ + struct mac_biba *source, *dest; + + source = SLOT(&cred->cr_label); + dest = SLOT(delabel); + + mac_biba_copy_single(source, dest); +} + +static void mac_biba_create_devfs_vnode(struct devfs_dirent *devfs_dirent, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel) { @@ -2231,6 +2243,8 @@ (macop_t)mac_biba_create_devfs_device }, { MAC_CREATE_DEVFS_DIRECTORY, (macop_t)mac_biba_create_devfs_directory }, + { MAC_CREATE_DEVFS_SYMLINK, + (macop_t)mac_biba_create_devfs_symlink }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_biba_create_devfs_vnode }, { MAC_CREATE_VNODE, ==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#91 (text+ko) ==== @@ -575,6 +575,18 @@ } static void +mac_mls_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd, + struct label *ddlabel, struct devfs_dirent *de, struct label *delabel) +{ + struct mac_mls *source, *dest; + + source = SLOT(&cred->cr_label); + dest = SLOT(delabel); + + mac_mls_copy_single(source, dest); +} + +static void mac_mls_create_devfs_vnode(struct devfs_dirent *devfs_dirent, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel) { @@ -2166,6 +2178,8 @@ (macop_t)mac_mls_create_devfs_device }, { MAC_CREATE_DEVFS_DIRECTORY, (macop_t)mac_mls_create_devfs_directory }, + { MAC_CREATE_DEVFS_SYMLINK, + (macop_t)mac_mls_create_devfs_symlink }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_mls_create_devfs_vnode }, { MAC_CREATE_VNODE, ==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#75 (text+ko) ==== @@ -169,6 +169,13 @@ } static void +mac_none_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd, + struct label *ddlabel, struct devfs_dirent *de, struct label *delabel) +{ + +} + +static void mac_none_create_devfs_vnode(struct devfs_dirent *devfs_dirent, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel) { @@ -923,6 +930,8 @@ (macop_t)mac_none_create_devfs_device }, { MAC_CREATE_DEVFS_DIRECTORY, (macop_t)mac_none_create_devfs_directory }, + { MAC_CREATE_DEVFS_SYMLINK, + (macop_t)mac_none_create_devfs_symlink }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_none_create_devfs_vnode }, { MAC_CREATE_VNODE, ==== //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#77 (text+ko) ==== @@ -1005,6 +1005,14 @@ } static void +mac_te_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd, + struct label *ddlabel, struct devfs_dirent *de, struct label *delabel) +{ + + mac_te_copy_label(&cred->cr_label, delabel); +} + +static void mac_te_create_devfs_vnode(struct devfs_dirent *de, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel) { @@ -1679,6 +1687,8 @@ (macop_t)mac_te_create_devfs_device }, { MAC_CREATE_DEVFS_DIRECTORY, (macop_t)mac_te_create_devfs_directory }, + { MAC_CREATE_DEVFS_SYMLINK, + (macop_t)mac_te_create_devfs_symlink }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_te_create_devfs_vnode }, { MAC_CREATE_VNODE, ==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#46 (text+ko) ==== @@ -543,6 +543,13 @@ } static void +mac_test_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd, + struct label *ddlabel, struct devfs_dirent *de, struct label *delabel) +{ + +} + +static void mac_test_create_devfs_vnode(struct devfs_dirent *devfs_dirent, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel) { @@ -1301,6 +1308,8 @@ (macop_t)mac_test_create_devfs_device }, { MAC_CREATE_DEVFS_DIRECTORY, (macop_t)mac_test_create_devfs_directory }, + { MAC_CREATE_DEVFS_SYMLINK, + (macop_t)mac_test_create_devfs_symlink }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_test_create_devfs_vnode }, { MAC_CREATE_VNODE, ==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#162 (text+ko) ==== @@ -267,6 +267,8 @@ void mac_create_devfs_device(dev_t dev, struct devfs_dirent *de); void mac_create_devfs_directory(char *dirname, int dirnamelen, struct devfs_dirent *de); +void mac_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd, + struct devfs_dirent *de); void mac_create_devfs_vnode(struct devfs_dirent *de, struct vnode *vp); void mac_create_vnode(struct ucred *cred, struct vnode *parent, struct vnode *child); ==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#126 (text+ko) ==== @@ -146,6 +146,9 @@ struct label *label); void (*mpo_create_devfs_directory)(char *dirname, int dirnamelen, struct devfs_dirent *de, struct label *label); + void (*mpo_create_devfs_symlink)(struct ucred *cred, + struct devfs_dirent *dd, struct label *ddlabel, + struct devfs_dirent *de, struct label *delabel); void (*mpo_create_devfs_vnode)(struct devfs_dirent *de, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel); @@ -435,6 +438,7 @@ MAC_INTERNALIZE_VNODE_LABEL, MAC_CREATE_DEVFS_DEVICE, MAC_CREATE_DEVFS_DIRECTORY, + MAC_CREATE_DEVFS_SYMLINK, MAC_CREATE_DEVFS_VNODE, MAC_CREATE_VNODE, MAC_CREATE_MOUNT, To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200209220434.g8M4Y9a0099972>