Date: Sun, 22 Jun 2003 18:26:34 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/sys mac_policy.h src/sys/kern kern_mac.c src/sys/security/mac_biba mac_biba.c src/sys/security/mac_lomac mac_lomac.c src/sys/security/mac_mls mac_mls.c src/sys/security/mac_partition ... Message-ID: <200306230126.h5N1QY5F052871@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
rwatson 2003/06/22 18:26:34 PDT FreeBSD src repository Modified files: sys/sys mac_policy.h sys/kern kern_mac.c sys/security/mac_biba mac_biba.c sys/security/mac_lomac mac_lomac.c sys/security/mac_mls mac_mls.c sys/security/mac_none mac_none.c sys/security/mac_partition mac_partition.c sys/security/mac_test mac_test.c Log: Redesign the externalization APIs from the MAC Framework to the MAC policy modules to improve robustness against C string bugs and vulnerabilities. Following these revisions, all string construction of labels for export to userspace (or elsewhere) is performed using the sbuf API, which prevents the consumer from having to perform laborious and intricate pointer and buffer checks. This substantially simplifies the externalization logic, both at the MAC Framework level, and in individual policies; this becomes especially useful when policies export more complex label data, such as with compartments in Biba and MLS. Bundled in here are some other minor fixes associated with externalization: including avoiding malloc while holding the process mutex in mac_lomac, and hence avoid a failure mode when printing labels during a downgrade operation due to the removal of the M_NOWAIT case. This has been running in the MAC development tree for about three weeks without problems. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories Revision Changes Path 1.93 +20 -40 src/sys/kern/kern_mac.c 1.62 +14 -26 src/sys/security/mac_biba/mac_biba.c 1.15 +66 -105 src/sys/security/mac_lomac/mac_lomac.c 1.50 +14 -26 src/sys/security/mac_mls/mac_mls.c 1.29 +1 -1 src/sys/security/mac_none/mac_none.c 1.7 +7 -3 src/sys/security/mac_partition/mac_partition.c 1.28 +1 -1 src/sys/security/mac_test/mac_test.c 1.41 +7 -12 src/sys/sys/mac_policy.h
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200306230126.h5N1QY5F052871>