Date: Tue, 14 Nov 2006 16:10:38 GMT From: Todd Miller <millert@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 109934 for review Message-ID: <200611141610.kAEGAcWW072575@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=109934 Change 109934 by millert@millert_g5tower on 2006/11/14 16:10:13 Add a pathlen parameter to the filesystem audit info. This lets us use the component path name in a more useful manner. At the same time, be mindful of whether the path refers to a directory or a file in the directory and adjust the length accordingly. Affected files ... .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/avc/avc.c#8 edit .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/avc/avc.h#6 edit .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#31 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/avc/avc.c#8 (text+ko) ==== @@ -708,6 +708,7 @@ if (a->u.fs.vp && tsk) { char *pbuf = NULL; char *path = a->u.fs.path; + int pathlen = a->u.fs.pathlen; struct vnode *vp = a->u.fs.vp; struct vnode_attr va; struct vfs_context vfs_ctx = @@ -719,22 +720,26 @@ "mountpoint=%s,", va.va_fileid, vp->v_mount->mnt_vfsstat.f_mntonname); if (path == NULL) { - int len = MAXPATHLEN; + pathlen = MAXPATHLEN; pbuf = sebsd_malloc(MAXPATHLEN, M_SEBSD, M_NOWAIT); if (pbuf != NULL && - !vn_getpath(vp, pbuf, &len)) + !vn_getpath(vp, pbuf, &pathlen)) { path = pbuf; + pathlen--; /* for NUL */ + } } - if (path != NULL) + if (path != NULL) { audit_log_format(ab, - " path=%s,", path); + " path=%.*s,", pathlen, + path); + } if (pbuf != NULL) sebsd_free(pbuf, M_SEBSD); - break; + } else { + audit_log_format(ab, + " fs/inode info not available"); } - audit_log_format(ab, - " fs/inode info not available"); } break; case AVC_AUDIT_DATA_NET: ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/avc/avc.h#6 (text+ko) ==== @@ -50,6 +50,7 @@ struct { struct vnode *vp; char *path; + int pathlen; } fs; struct { char *netif; ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#31 (text+ko) ==== @@ -440,7 +440,8 @@ } static int -vnode_has_perm(struct ucred *cred, struct vnode *vp, char *path, u_int32_t perm) +vnode_has_perm(struct ucred *cred, struct vnode *vp, struct componentname *cnp, + u_int32_t perm) { struct task_security_struct *task; struct vnode_security_struct *file; @@ -451,7 +452,12 @@ AVC_AUDIT_DATA_INIT(&ad, FS); ad.u.fs.vp = vp; - ad.u.fs.path = path; + if (cnp != NULL) { + ad.u.fs.path = cnp->cn_pnbuf; + ad.u.fs.pathlen = cnp->cn_nameptr - cnp->cn_pnbuf - 1; + if ((perm & DIR__SEARCH) == 0) + ad.u.fs.pathlen += 1 + cnp->cn_namelen; + } /* Update security class if not set or vnode was recycled. */ if (file->sclass == 0 || vp->v_type == VBAD) @@ -1997,6 +2003,7 @@ AVC_AUDIT_DATA_INIT(&ad, FS); ad.u.fs.vp = dvp; ad.u.fs.path = cnp->cn_pnbuf; + ad.u.fs.pathlen = cnp->cn_nameptr - cnp->cn_pnbuf - 1; rc = avc_has_perm(task->sid, dir->sid, SECCLASS_DIR, DIR__ADD_NAME | DIR__SEARCH, &ad); @@ -2007,6 +2014,7 @@ if (rc) return (rc); + ad.u.fs.pathlen += 1 + cnp->cn_namelen; rc = avc_has_perm(task->sid, newsid, tclass, FILE__CREATE, &ad); if (rc) return (rc); @@ -2026,11 +2034,9 @@ #endif rc = avc_has_perm(newsid, sbsec->sid, SECCLASS_FILESYSTEM, FILESYSTEM__ASSOCIATE, &ad); - if (rc) - return (rc); } - return (0); + return (rc); } static int @@ -2054,6 +2060,7 @@ AVC_AUDIT_DATA_INIT(&ad, FS); ad.u.fs.vp = vp; ad.u.fs.path = cnp->cn_pnbuf; + ad.u.fs.pathlen = cnp->cn_nameptr - cnp->cn_pnbuf - 1; rc = avc_has_perm(task->sid, dir->sid, SECCLASS_DIR, DIR__SEARCH | DIR__REMOVE_NAME, &ad); @@ -2065,6 +2072,7 @@ else av = FILE__UNLINK; + ad.u.fs.pathlen += 1 + cnp->cn_namelen; rc = avc_has_perm(task->sid, file->sid, file->sclass, av, &ad); return (rc); @@ -2212,16 +2220,18 @@ AVC_AUDIT_DATA_INIT(&ad, FS); ad.u.fs.vp = vp; ad.u.fs.path = cnp->cn_pnbuf; + ad.u.fs.pathlen = cnp->cn_nameptr - cnp->cn_pnbuf - 1; rc = avc_has_perm(task->sid, dir->sid, SECCLASS_DIR, DIR__SEARCH | DIR__ADD_NAME, &ad); if (rc) return (rc); + ad.u.fs.pathlen += 1 + cnp->cn_namelen; rc = avc_has_perm(task->sid, file->sid, file->sclass, FILE__LINK, &ad); - return (0); + return (rc); } static int @@ -2232,7 +2242,7 @@ return (ENOTDIR); /* TBD: DIR__READ as well? */ - return (vnode_has_perm(cred, dvp, cnp->cn_pnbuf, DIR__SEARCH)); + return (vnode_has_perm(cred, dvp, cnp, DIR__SEARCH)); } static int @@ -2348,6 +2358,7 @@ AVC_AUDIT_DATA_INIT(&ad, FS); ad.u.fs.vp = vp; ad.u.fs.path = cnp->cn_pnbuf; + ad.u.fs.pathlen = cnp->cn_nameptr - cnp->cn_pnbuf - 1; rc = avc_has_perm(task->sid, old_dir->sid, SECCLASS_DIR, DIR__REMOVE_NAME | DIR__SEARCH, &ad); @@ -2359,8 +2370,9 @@ return (0); /* TBD: debugging */ } - rc = avc_has_perm(task->sid, old_file->sid, - old_file->sclass, FILE__RENAME, &ad); + ad.u.fs.pathlen += 1 + cnp->cn_namelen; + rc = avc_has_perm(task->sid, old_file->sid, old_file->sclass, + FILE__RENAME, &ad); if (rc) return (rc); @@ -2407,28 +2419,25 @@ AVC_AUDIT_DATA_INIT(&ad, FS); ad.u.fs.vp = vp; ad.u.fs.path = cnp->cn_pnbuf; + ad.u.fs.pathlen = cnp->cn_nameptr - cnp->cn_pnbuf - 1; - rc = avc_has_perm(task->sid, new_dir->sid, SECCLASS_DIR, av, NULL); - if (rc) - return (rc); - - if (vp) { + rc = avc_has_perm(task->sid, new_dir->sid, SECCLASS_DIR, av, &ad); + if (rc == 0 && vp != NULL) { if (new_file->sclass == 0) { printf("%s: ERROR, sid=%d, sclass=0, v_type=%d\n", __func__, new_file->sid, vp->v_type); return (0); /* TBD: debugging */ } + ad.u.fs.pathlen += 1 + cnp->cn_namelen; if (vp->v_type == VDIR) rc = avc_has_perm(task->sid, new_file->sid, new_file->sclass, DIR__RMDIR, NULL); else rc = avc_has_perm(task->sid, new_file->sid, new_file->sclass, FILE__UNLINK, NULL); - if (rc) - return (rc); } - return (0); + return (rc); } static int
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611141610.kAEGAcWW072575>