Date: Mon, 18 Apr 2005 16:45:23 GMT From: Andrew Reisse <areisse@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 75498 for review Message-ID: <200504181645.j3IGjNoE005310@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=75498 Change 75498 by areisse@areisse_ibook on 2005/04/18 16:45:05 Initial support for access vectors in a mach message trailer. A new entry point, mac_check_ipc_methods, returns an access vector mapping routine numbers to permitted/denied bits. This vector is then stored in the message trailer (if requested by the recipient). Currently, any access decisions are made using the sender's task label at the time of the sending, and the recipient port label at the time of receive. Affected files ... .. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/mac_policy.h#3 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/ipc/mach_msg.c#2 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/mach/mac.h#3 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/mach/message.h#2 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/security/mac_port.c#3 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/mac_policy.h#3 (text+ko) ==== @@ -67,6 +67,7 @@ struct vnode; struct devnode; struct task; +struct msg_access_vector; struct mac_policy_ops { /* @@ -478,6 +479,9 @@ int (*mpo_audit_postselect)(struct ucred *cred, unsigned short syscode, void *args, int error, int retval); + + void (*mpo_check_ipc_methods)(struct label *task, + struct label *port, struct msg_access_vector *av); }; struct mac_policy_conf { ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/ipc/mach_msg.c#2 (text+ko) ==== @@ -274,6 +274,18 @@ trailer->msgh_trailer_size = REQUESTED_TRAILER_SIZE(option); #if 1 + + if (option & MACH_RCV_TRAILER_ELEMENTS (MACH_RCV_TRAILER_AV)) { + if (kmsg->ikm_sender != IO_NULL && + IP_VALID(kmsg->ikm_header.msgh_remote_port)) { + mac_check_ipc_methods + (&kmsg->ikm_sender->lh_label, + &((ipc_port_t)kmsg->ikm_header.msgh_remote_port)->ip_label, &trailer->msgh_av); + } + else + memset(trailer->msgh_av.av, 0, sizeof(msg_access_vector_t)); + } + if (option & MACH_RCV_TRAILER_ELEMENTS (MACH_RCV_TRAILER_LABELS)) { if (kmsg->ikm_sender != IO_NULL) { ipc_object_t lh = &kmsg->ikm_sender->lh_object; ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/mach/mac.h#3 (text+ko) ==== @@ -25,6 +25,7 @@ * SUCH DAMAGE. */ +#include <mach/message.h> #include <kern/task.h> /* tasks */ @@ -58,3 +59,5 @@ int mac_check_port_hold_receive (struct label *task, struct label *port); int mac_check_task_service_access (task_t self, task_t obj, const char *perm); + +void mac_check_ipc_methods (struct label *task, struct label *port, msg_access_vector_t *av); ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/mach/message.h#2 (text+ko) ==== @@ -331,6 +331,11 @@ mach_port_name_t sender; } msg_labels_t; +typedef struct msg_access_vector +{ + unsigned int av[4]; +} msg_access_vector_t; + typedef struct { mach_msg_trailer_type_t msgh_trailer_type; @@ -339,6 +344,7 @@ security_token_t msgh_sender; audit_token_t msgh_audit; msg_labels_t msgh_labels; + msg_access_vector_t msgh_av; } mach_msg_mac_trailer_t; #define MACH_MSG_TRAILER_MINIMUM_SIZE sizeof(mach_msg_trailer_t) @@ -513,6 +519,7 @@ #define MACH_RCV_TRAILER_SENDER 2 #define MACH_RCV_TRAILER_AUDIT 3 #define MACH_RCV_TRAILER_LABELS 4 +#define MACH_RCV_TRAILER_AV 8 #define MACH_RCV_TRAILER_TYPE(x) (((x) & 0xf) << 28) #define MACH_RCV_TRAILER_ELEMENTS(x) (((x) & 0xf) << 24) ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/security/mac_port.c#3 (text+ko) ==== @@ -32,6 +32,7 @@ */ #include <security/mac_internal.h> +#include <mach/message.h> void mac_init_port_label (struct label *l) @@ -171,3 +172,27 @@ return (error); } + +void +mac_check_ipc_methods(struct label *task, struct label *port, + msg_access_vector_t *av) +{ + struct mac_policy_conf *mpc; + int entrycount; + + memset(av, 0xff, sizeof(msg_access_vector_t)); + + LIST_FOREACH(mpc, &mac_static_policy_list, mpc_list) { + if (mpc->mpc_ops->mpo_check_ipc_methods != NULL) + mpc->mpc_ops->mpo_check_ipc_methods( + task, port, av); + } + if ((entrycount = mac_policy_list_conditional_busy()) != 0) { + LIST_FOREACH(mpc, &mac_policy_list, mpc_list) { + if (mpc->mpc_ops->mpo_check_ipc_methods != NULL) + mpc->mpc_ops->mpo_check_ipc_methods( + task, port, av); + } + mac_policy_list_unbusy(); + } +}
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504181645.j3IGjNoE005310>