From owner-p4-projects@FreeBSD.ORG  Thu Feb 15 20:26:08 2007
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id B3C9A16A524; Thu, 15 Feb 2007 20:26:08 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 5E77D16A4F8
	for <perforce@freebsd.org>; Thu, 15 Feb 2007 20:26:07 +0000 (UTC)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41])
	by mx1.freebsd.org (Postfix) with ESMTP id E391413C49D
	for <perforce@freebsd.org>; Thu, 15 Feb 2007 20:26:07 +0000 (UTC)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id l1FKQ7NV073495
	for <perforce@freebsd.org>; Thu, 15 Feb 2007 20:26:07 GMT
	(envelope-from millert@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id l1FKQ7s5073488
	for perforce@freebsd.org; Thu, 15 Feb 2007 20:26:07 GMT
	(envelope-from millert@freebsd.org)
Date: Thu, 15 Feb 2007 20:26:07 GMT
Message-Id: <200702152026.l1FKQ7s5073488@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	millert@freebsd.org using -f
From: Todd Miller <millert@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 114582 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Feb 2007 20:26:09 -0000

http://perforce.freebsd.org/chv.cgi?CH=114582

Change 114582 by millert@millert_p4 on 2007/02/15 20:26:02

	Add sysctl_canon_context, sysctl_compute_create, and
	sysctl_compute_member for use by new libselinux.

Affected files ...

.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_sysctl.c#12 edit

Differences ...

==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_sysctl.c#12 (text+ko) ====

@@ -333,7 +333,169 @@
 	return (error);
 }
 
+/*
+ * Sysctl handler for security.mac.sebsd.canon_context.
+ * Check sid validity, returns canonical name of context.
+ */
+static int
+sysctl_canon_context(SYSCTL_HANDLER_ARGS)
+{
+	u_int32_t sid, len;
+	char *context, *canon;
+	int error;
+
+#ifdef SECURITY__COMPUTE_CHECK
+	error = thread_has_security(curthread, SECURITY__COMPUTE_CHECK);
+        if (error)
+		return (error);
+#endif
+
+	if (req->newlen < 2)
+		return (EINVAL);
+	if (req->newlen > 512)	/* arbitrary */
+		return (ENAMETOOLONG);
+	MALLOC(context, char *, req->newlen, M_SEBSD, M_WAITOK);
+	error = SYSCTL_IN(req, context, req->newlen);
+	if (error)
+		goto out;
+	if (context[req->newlen - 1] != '\0') {
+		error = EINVAL;
+		goto out;
+	}
+	/*
+	 * XXX We need POLICY_RDLOCK here, but it's not exported!
+	 */
+	error = security_context_to_sid(context, strlen(context) + 1, &sid);
+	if (error)
+		goto out;
+
+	error = security_sid_to_context(sid, &canon, &len);
+	if (error == 0) {
+		error = SYSCTL_OUT(req, canon, len);
+		FREE(canon, M_SEBSD);
+	}
+out:
+	FREE(context, M_SEBSD);
+	return (error);
+}
+
+/*
+ * Sysctl handler for security.mac.sebsd.compute_create.  Create new sid
+ * given input "scontext\0tcontext\0", tclass.
+ */
 static int
+sysctl_compute_create(SYSCTL_HANDLER_ARGS)
+{
+	u_int32_t sid, tsid, newsid, len;
+	u_int16_t tclass;
+	char *scontext, *tcontext, *newcontext;
+	int error;
+
+	error = thread_has_security(curthread, SECURITY__COMPUTE_CREATE);
+        if (error)
+		return (error);
+
+	if (req->newlen < 4 + sizeof(tclass))
+		return (EINVAL);
+	if (req->newlen > 512)	/* arbitrary */
+		return (ENAMETOOLONG);
+	MALLOC(scontext, char *, req->newlen, M_SEBSD, M_WAITOK);
+	error = SYSCTL_IN(req, scontext, req->newlen);
+	if (error)
+		goto out;
+	if (scontext[req->newlen - (1 + sizeof(tclass))] != '\0') {
+		error = EINVAL;
+		goto out;
+	}
+	tcontext = &scontext[strlen(scontext) + 1];
+	if (tcontext >= &scontext[req->newlen - (1 + sizeof(tclass))]) {
+		error = EINVAL;
+		goto out;
+	}
+	bcopy(&tcontext[strlen(tcontext) + 1], &tclass, sizeof(tclass));
+	/*
+	 * XXX We need POLICY_RDLOCK here, but it's not exported!
+	 */
+	error = security_context_to_sid(scontext, strlen(scontext) + 1, &sid);
+	if (error)
+		goto out;
+	error = security_context_to_sid(tcontext, strlen(tcontext) + 1, &tsid);
+	if (error)
+		goto out;
+
+	error = security_transition_sid(sid, tsid, tclass, &newsid);
+	if (error)
+		goto out;
+
+	error = security_sid_to_context(newsid, &newcontext, &len);
+	if (error == 0) {
+		error = SYSCTL_OUT(req, newcontext, len);
+		FREE(newcontext, M_SEBSD);
+	}
+out:
+	FREE(scontext, M_SEBSD);
+	return (error);
+}
+
+/*
+ * Sysctl handler for security.mac.sebsd.compute_member.  Compute member sid
+ * given input "scontext\0tcontext\0", tclass.
+ */
+static int
+sysctl_compute_member(SYSCTL_HANDLER_ARGS)
+{
+	u_int32_t sid, tsid, newsid, len;
+	u_int16_t tclass;
+	char *scontext, *tcontext, *newcontext;
+	int error;
+
+	error = thread_has_security(curthread, SECURITY__COMPUTE_MEMBER);
+        if (error)
+		return (error);
+
+	if (req->newlen < 4 + sizeof(tclass))
+		return (EINVAL);
+	if (req->newlen > 512)	/* arbitrary */
+		return (ENAMETOOLONG);
+	MALLOC(scontext, char *, req->newlen, M_SEBSD, M_WAITOK);
+	error = SYSCTL_IN(req, scontext, req->newlen);
+	if (error)
+		goto out;
+	if (scontext[req->newlen - (1 + sizeof(tclass))] != '\0') {
+		error = EINVAL;
+		goto out;
+	}
+	tcontext = &scontext[strlen(scontext) + 1];
+	if (tcontext >= &scontext[req->newlen - (1 + sizeof(tclass))]) {
+		error = EINVAL;
+		goto out;
+	}
+	bcopy(&tcontext[strlen(tcontext) + 1], &tclass, sizeof(tclass));
+	/*
+	 * XXX We need POLICY_RDLOCK here, but it's not exported!
+	 */
+	error = security_context_to_sid(scontext, strlen(scontext) + 1, &sid);
+	if (error)
+		goto out;
+	error = security_context_to_sid(tcontext, strlen(tcontext) + 1, &tsid);
+	if (error)
+		goto out;
+
+	error = security_member_sid(sid, tsid, tclass, &newsid);
+	if (error)
+		goto out;
+
+	error = security_sid_to_context(newsid, &newcontext, &len);
+	if (error == 0) {
+		error = SYSCTL_OUT(req, newcontext, len);
+		FREE(newcontext, M_SEBSD);
+	}
+out:
+	FREE(scontext, M_SEBSD);
+	return (error);
+}
+
+static int
 sysctl_sebsd_policypath(SYSCTL_HANDLER_ARGS)
 {
 
@@ -360,6 +522,15 @@
 SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, compute_av, CTLTYPE_STRING |
     CTLFLAG_RW | CTLFLAG_ANYBODY, NULL, 0, sysctl_compute_av, "A",
     "SEBSD access vector decision query");
+SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, canon_context, CTLTYPE_STRING |
+    CTLFLAG_RW | CTLFLAG_ANYBODY, NULL, 0, sysctl_canon_context, "A",
+    "SEBSD context verification query");
+SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, compute_create, CTLTYPE_STRING |
+    CTLFLAG_RW | CTLFLAG_ANYBODY, NULL, 0, sysctl_compute_create, "A",
+    "SEBSD context computation query");
+SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, compute_member, CTLTYPE_STRING |
+    CTLFLAG_RW | CTLFLAG_ANYBODY, NULL, 0, sysctl_compute_member, "A",
+    "SEBSD context member query");
 SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, auditing, CTLTYPE_INT |
     CTLFLAG_RW, NULL, 0, sysctl_sebsd_auditing, "I", "SEBSD avc auditing");
 TUNABLE_INT("security.mac.sebsd.auditing", &selinux_auditing);