From owner-p4-projects@FreeBSD.ORG  Mon Apr 18 16:47:28 2005
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id BFF8F16A4D0; Mon, 18 Apr 2005 16:47:27 +0000 (GMT)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6C26316A4CE
	for <perforce@freebsd.org>; Mon, 18 Apr 2005 16:47:27 +0000 (GMT)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 27F6043D1F
	for <perforce@freebsd.org>; Mon, 18 Apr 2005 16:47:27 +0000 (GMT)
	(envelope-from areisse@nailabs.com)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j3IGlRqn012256
	for <perforce@freebsd.org>; Mon, 18 Apr 2005 16:47:27 GMT
	(envelope-from areisse@nailabs.com)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j3IGlQgU012253
	for perforce@freebsd.org; Mon, 18 Apr 2005 16:47:26 GMT
	(envelope-from areisse@nailabs.com)
Date: Mon, 18 Apr 2005 16:47:26 GMT
Message-Id: <200504181647.j3IGlQgU012253@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	areisse@nailabs.com using -f
From: Andrew Reisse <areisse@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Subject: PERFORCE change 75499 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Apr 2005 16:47:28 -0000

http://perforce.freebsd.org/chv.cgi?CH=75499

Change 75499 by areisse@areisse_ibook on 2005/04/18 16:46:31

	Fix the include file path used by mkflask.
	Add support for check_ipc_methods, in a very simple manner. Four 
	extra classes are introduced, port_methods1..4. Any denied permissions
	in those classes are removed from the permitted set managed by
	check_ipc_methods.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/flask.h#2 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/flask/mkflask.sh#2 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/flask/security_classes#2 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#2 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/flask.h#2 (text+ko) ====

@@ -37,6 +37,11 @@
 #define SECCLASS_SHM                                     28
 #define SECCLASS_IPC                                     29
 #define SECCLASS_MACH_PORT                               30
+#define SECCLASS_PORT_METHODS1                           31
+#define SECCLASS_PORT_METHODS2                           32
+#define SECCLASS_PORT_METHODS3                           33
+#define SECCLASS_PORT_METHODS4                           34
+#define SECCLASS_MACH_TASK                               35
 
 /*
  * Security identifier indices for initial entities

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/flask/mkflask.sh#2 (text+ko) ====

@@ -25,7 +25,7 @@
 
 		printf("#ifndef _LINUX_FLASK_H_\n") > outfile;
 		printf("#define _LINUX_FLASK_H_\n") > outfile;
-		printf("\n#include <security/sebsd/flask_types.h>\n") > outfile;
+		printf("\n#include <sedarwin/flask_types.h>\n") > outfile;
 
 		printf("\n/*\n * Security object class definitions\n */\n") > outfile;
 		printf("/* This file is automatically generated.  Do not edit. */\n") > debugfile;

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/flask/security_classes#2 (text+ko) ====

@@ -42,6 +42,11 @@
 
 class mach_port
 
+class port_methods1
+class port_methods2
+class port_methods3
+class port_methods4
+
 #classes only used by name
 
 class mach_task

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#2 (text+ko) ====

@@ -1249,6 +1249,32 @@
 				 NULL, NULL);
 }
 
+extern int selinux_enforcing;
+
+static void
+sebsd_check_ipc_methods(struct label *subj, struct label *obj,
+    msg_access_vector_t *av)
+{
+	struct task_security_struct *tsec, *psec;
+	int i;
+
+	psec = SLOT(obj);
+	tsec = SLOT(subj);
+
+	if (!selinux_enforcing)
+		return;
+
+	for (i = 0; i < 4; i++)
+	{
+		struct av_decision avd;
+		security_class_t   tclass = SECCLASS_PORT_METHODS1 + i;
+
+		avc_has_perm_noaudit (tsec->sid, psec->sid, tclass, 0xffffffff, NULL, &avd);
+
+		av->av[i] &= avd.allowed;
+	}
+}
+
 static int
 sebsd_check_mount (struct ucred *cred, struct vnode *vp, struct label *vl,
     const char *vfc_name, struct label *mntlabel)
@@ -2673,6 +2699,8 @@
 //	.mpo_check_sysv_shmdt = sebsd_check_sysv_shmdt,
 	.mpo_check_sysv_shmget = sebsd_check_sysv_shmget,
 
+  .mpo_check_ipc_methods = sebsd_check_ipc_methods,
+
   .mpo_syscall = sebsd_syscall
 };