Date: Thu, 12 Dec 2002 08:35:25 -0800 (PST) From: Chris Vance <cvance@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 22205 for review Message-ID: <200212121635.gBCGZPUT011034@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=22205 Change 22205 by cvance@cvance_laptop on 2002/12/12 08:34:56 - Complete implementation of create_devfs_symlink - Add comment in create mount, we aren't currently don't label mountpoints correctly - Use label parameters in check_vnode_delete, rather than extracting them ourselves - Fix some style mistakes - Implement check_vnode_link, was ommitted by mistake - Use 'task' instead of 'tsec' for consistency Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#63 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#63 (text+ko) ==== @@ -482,42 +482,41 @@ struct label *delabel, const char *fullpath) { -#ifdef FULLY - /* TBD: path info not available (and the code below is broken) */ char *path; -#endif int rc; security_id_t newsid; struct vnode_security_struct *lnksec; struct vnode_security_struct *dirsec; + struct mount_security_struct *sbsec; + + /* TBD: Should probably be checking MAY_LINK/MAY_CREATE perms here */ dirsec = SLOT(ddlabel); lnksec = SLOT(delabel); + sbsec = SLOT(&mp->mnt_mntlabel); /* Default to the filesystem SID. */ lnksec->sid = dirsec->sid; lnksec->task_sid = SECINITSID_KERNEL; lnksec->sclass = SECCLASS_LNK_FILE; -#ifdef FLUFFY /* Obtain a SID based on the fstype, path, and class. */ - path = malloc(strlen(dd->si_name) + 2, M_SEBSD, M_ZERO | M_WAITOK); + path = malloc(strlen(fullpath) + 2, M_SEBSD, M_ZERO | M_WAITOK); path[0] = '/'; - strcpy(&path[1], dev->si_name); - rc = security_genfs_sid(mp->mnt_vfc->vfc_name, path, dirent->sclass, + strcpy(&path[1], fullpath); + rc = security_genfs_sid(mp->mnt_vfc->vfc_name, path, lnksec->sclass, &newsid); if (rc == 0) - dirent->sid = newsid; + lnksec->sid = newsid; /* TBD: debugging */ - if (sebsd_verbose > 1) { - printf("sebsd_create_devfs_device(%s): sbsid=%d, " - "mountpoint=%s, rc=%d, sclass=%d, computedsid=%d, " - "dirent=%d\n", path, sbsec->sid, mp->mnt_stat.f_mntonname, - rc, dirent->sclass, newsid, dirent->sid); + if (1 || sebsd_verbose > 1) { + printf("%s(%s): sbsid=%d, mountpoint=%s, rc=%d, sclass=%d, " + "computedsid=%d, dirent=%d\n", __func__, path, + sbsec->sid, mp->mnt_stat.f_mntonname, rc, + lnksec->sclass, newsid, lnksec->sid); } free(path, M_SEBSD); -#endif /* FLUFFY */ } static void @@ -568,6 +567,12 @@ /* PSIDs only work for persistent file systems with unique and persistent inode numbers. */ sbsec->uses_psids = 1; + + /* + * TBD: need to correctly label mountpoint with persistent + * label at this point (currently vnode is unavailable) + */ + break; case SECURITY_FS_USE_TRANS: /* Transition SIDs are used for pseudo filesystems like @@ -968,17 +973,17 @@ int rc; task = SLOT(&cred->cr_label); - file = SLOT(&vp->v_label); - dir = SLOT(&dvp->v_label); + file = SLOT(label); + dir = SLOT(dlabel); AVC_AUDIT_DATA_INIT(&ad, FS); ad.u.fs.vp = vp; - av = DIR__SEARCH | DIR__REMOVE_NAME; rc = avc_has_perm_ref_audit(task->sid, dir->sid, SECCLASS_DIR, - av, &dir->avcr, &ad); + DIR__SEARCH | DIR__REMOVE_NAME, &dir->avcr, &ad); + if (rc) - return rc; + return (rc); if (file->sclass == SECCLASS_DIR) av = DIR__RMDIR; @@ -986,15 +991,17 @@ av = FILE__UNLINK; rc = avc_has_perm_ref_audit(task->sid, file->sid, file->sclass, - av, &file->avcr, &ad); - return rc; + av, &file->avcr, &ad); + + return (rc); } static int sebsd_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, struct label *label, acl_type_t type) { - return vnode_has_perm(cred, vp, FILE__SETATTR, NULL); + + return (vnode_has_perm(cred, vp, FILE__SETATTR, NULL)); } static int @@ -1076,6 +1083,34 @@ } static int +sebsd_check_vnode_link(struct ucred *cred, struct vnode *dvp, + struct label *dlabel, struct vnode *vp, struct label *label, + struct componentname *cnp) +{ + struct task_security_struct *task; + struct vnode_security_struct *dir, *file; + avc_audit_data_t ad; + int rc; + + task = SLOT(&cred->cr_label); + file = SLOT(label); + dir = SLOT(dlabel); + + AVC_AUDIT_DATA_INIT(&ad, FS); + ad.u.fs.vp = vp; + + rc = avc_has_perm_ref_audit(task->sid, dir->sid, SECCLASS_DIR, + DIR__SEARCH | DIR__ADD_NAME, &dir->avcr, &ad); + if (rc) + return rc; + + rc = avc_has_perm_ref_audit(task->sid, file->sid, file->sclass, + FILE__LINK, &file->avcr, &ad); + + return (0); +} + +static int sebsd_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, struct label *dlabel, struct componentname *cnp) { @@ -1396,10 +1431,10 @@ sebsd_externalize_cred_label(struct label *label, char *element_name, char *element_data, size_t size, size_t *len, int *claimed) { - struct task_security_struct *tsec; + struct task_security_struct *task; - tsec = SLOT(label); - return (sebsd_externalize_sid(tsec->sid, element_name, element_data, + task = SLOT(label); + return (sebsd_externalize_sid(task->sid, element_name, element_data, size, len, claimed)); } @@ -1475,6 +1510,7 @@ .mpo_check_vnode_exec = sebsd_check_vnode_exec, .mpo_check_vnode_getacl = sebsd_check_vnode_getacl, .mpo_check_vnode_getextattr = sebsd_check_vnode_getextattr, + .mpo_check_vnode_link = sebsd_check_vnode_link, .mpo_check_vnode_lookup = sebsd_check_vnode_lookup, .mpo_check_vnode_mmap = sebsd_check_vnode_mmap, .mpo_check_vnode_mprotect = sebsd_check_vnode_mmap, To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200212121635.gBCGZPUT011034>