Date: Sun, 9 Nov 2003 08:58:17 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 41808 for review Message-ID: <200311091658.hA9GwHSF012552@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=41808 Change 41808 by rwatson@rwatson_paprika on 2003/11/09 08:57:37 Do pass labels into policies explicitly for System V IPC. This permits policies basing decisions solely on labels rather than other object properties to be unaware of the structures representing those objects, abstracting the label storager specifics so we can change them. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_msg.c#4 edit .. //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_sem.c#4 edit .. //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_shm.c#4 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#226 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#73 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#183 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_stub/mac_stub.c#10 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#118 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#201 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_msg.c#4 (text+ko) ==== @@ -142,8 +142,8 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msgmsq, cred, msgptr, msqkptr); + MAC_CHECK(check_ipc_msgmsq, cred, msgptr, &msgptr->label, msqkptr, + &msqkptr->label); return(error); } @@ -156,8 +156,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msgrcv, cred, msgptr); + MAC_CHECK(check_ipc_msgrcv, cred, msgptr, &msgptr->label); return(error); } @@ -170,8 +169,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msgrmid, cred, msgptr); + MAC_CHECK(check_ipc_msgrmid, cred, msgptr, &msgptr->label); return(error); } @@ -184,8 +182,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msqget, cred, msqkptr); + MAC_CHECK(check_ipc_msqget, cred, msqkptr, &msqkptr->label); return(error); } @@ -198,8 +195,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msqsnd, cred, msqkptr); + MAC_CHECK(check_ipc_msqsnd, cred, msqkptr, &msqkptr->label); return(error); } @@ -212,8 +208,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msqrcv, cred, msqkptr); + MAC_CHECK(check_ipc_msqrcv, cred, msqkptr, &msqkptr->label); return(error); } @@ -227,8 +222,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msqctl, cred, msqkptr, cmd); + MAC_CHECK(check_ipc_msqctl, cred, msqkptr, &msqkptr->label, cmd); return(error); } ==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_sem.c#4 (text+ko) ==== @@ -100,8 +100,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &semakptr->label ?? - MAC_CHECK(check_ipc_semctl, cred, semakptr, cmd); + MAC_CHECK(check_ipc_semctl, cred, semakptr, &semakptr->label, cmd); return(error); } @@ -114,8 +113,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &semakptr->label ?? - MAC_CHECK(check_ipc_semget, cred, semakptr); + MAC_CHECK(check_ipc_semget, cred, semakptr, &semakptr->label); return(error); } @@ -129,8 +127,8 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &semakptr->label ?? - MAC_CHECK(check_ipc_semop, cred, semakptr, accesstype); + MAC_CHECK(check_ipc_semop, cred, semakptr, &semakptr->label, + accesstype); return(error); } ==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_shm.c#4 (text+ko) ==== @@ -100,8 +100,8 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &shmsegptr->label ?? - MAC_CHECK(check_ipc_shmat, cred, shmsegptr, shmflg); + MAC_CHECK(check_ipc_shmat, cred, shmsegptr, &shmsegptr->label, + shmflg); return(error); } @@ -115,8 +115,8 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &shmsegptr->label ?? - MAC_CHECK(check_ipc_shmctl, cred, shmsegptr, cmd); + MAC_CHECK(check_ipc_shmctl, cred, shmsegptr, &shmsegptr->label, + cmd); return(error); } @@ -129,8 +129,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &shmsegptr->label ?? - MAC_CHECK(check_ipc_shmdt, cred, shmsegptr); + MAC_CHECK(check_ipc_shmdt, cred, shmsegptr, &shmsegptr->label); return(error); } @@ -144,8 +143,8 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &shmsegptr->label ?? - MAC_CHECK(check_ipc_shmget, cred, shmsegptr, shmflg); + MAC_CHECK(check_ipc_shmget, cred, shmsegptr, &shmsegptr->label, + shmflg); return(error); } ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#226 (text+ko) ==== @@ -1670,7 +1670,8 @@ } static int -mac_biba_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr) +mac_biba_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { struct mac_biba *subj, *obj; @@ -1678,7 +1679,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msgptr->label); + obj = SLOT(msglabel); if (!mac_biba_dominate_single(obj, subj)) return (EACCES); @@ -1687,7 +1688,8 @@ } static int -mac_biba_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr) +mac_biba_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { struct mac_biba *subj, *obj; @@ -1695,7 +1697,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msgptr->label); + obj = SLOT(msglabel); if (!mac_biba_dominate_single(subj, obj)) return (EACCES); @@ -1704,7 +1706,8 @@ } static int -mac_biba_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_biba_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_biba *subj, *obj; @@ -1712,7 +1715,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_biba_dominate_single(obj, subj)) return (EACCES); @@ -1721,7 +1724,8 @@ } static int -mac_biba_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_biba_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_biba *subj, *obj; @@ -1729,7 +1733,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_biba_dominate_single(subj, obj)) return (EACCES); @@ -1738,7 +1742,8 @@ } static int -mac_biba_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_biba_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_biba *subj, *obj; @@ -1746,7 +1751,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_biba_dominate_single(obj, subj)) return (EACCES); @@ -1757,7 +1762,7 @@ static int mac_biba_check_ipc_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, - int cmd) + struct label *msqklabel, int cmd) { struct mac_biba *subj, *obj; @@ -1765,7 +1770,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); switch(cmd) { case IPC_RMID: @@ -1788,7 +1793,7 @@ static int mac_biba_check_ipc_semctl(struct ucred *cred, struct semid_kernel *semakptr, - int cmd) + struct label *semaklabel, int cmd) { struct mac_biba *subj, *obj; @@ -1796,7 +1801,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); switch(cmd) { case IPC_RMID: @@ -1826,7 +1831,8 @@ static int -mac_biba_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr) +mac_biba_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr, + struct label *semaklabel) { struct mac_biba *subj, *obj; @@ -1834,7 +1840,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); if (!mac_biba_dominate_single(obj, subj)) return (EACCES); @@ -1845,7 +1851,7 @@ static int mac_biba_check_ipc_semop(struct ucred *cred, struct semid_kernel *semakptr, - size_t accesstype) + struct label *semaklabel, size_t accesstype) { struct mac_biba *subj, *obj; @@ -1853,7 +1859,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); if (accesstype & SEM_R) if (!mac_biba_dominate_single(obj, subj)) @@ -1868,7 +1874,7 @@ static int mac_biba_check_ipc_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr, - int shmflg) + struct label *shmseglabel, int shmflg) { struct mac_biba *subj, *obj; @@ -1876,7 +1882,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_biba_dominate_single(obj, subj)) return (EACCES); @@ -1890,7 +1896,7 @@ static int mac_biba_check_ipc_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr, - int cmd) + struct label *shmseglabel, int cmd) { struct mac_biba *subj, *obj; @@ -1898,7 +1904,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); switch(cmd) { case IPC_RMID: @@ -1928,7 +1934,8 @@ * modify/delete the shmseg meta-data and/or the shared segment itself? */ static int -mac_biba_check_ipc_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr) +mac_biba_check_ipc_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr, + struct label *shmseglabel) { struct mac_biba *subj, *obj; @@ -1936,7 +1943,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_biba_dominate_single(subj, obj)) return (EACCES); @@ -1947,7 +1954,7 @@ static int mac_biba_check_ipc_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr, - int shmflg) + struct label *shmseglabel, int shmflg) { struct mac_biba *subj, *obj; @@ -1955,7 +1962,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_biba_dominate_single(obj, subj)) return (EACCES); ==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#73 (text+ko) ==== @@ -1843,7 +1843,8 @@ } static int -mac_lomac_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr) +mac_lomac_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { struct mac_lomac *subj, *obj; @@ -1851,7 +1852,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msgptr->label); + obj = SLOT(msglabel); if (!mac_lomac_dominate_single(obj, subj)) return (maybe_demote(subj, obj, "msgrcv", "msg", NULL)); @@ -1860,7 +1861,8 @@ } static int -mac_lomac_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr) +mac_lomac_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { struct mac_lomac *subj, *obj; @@ -1868,7 +1870,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msgptr->label); + obj = SLOT(msglabel); if (!mac_lomac_dominate_single(subj, obj)) return (EACCES); @@ -1877,7 +1879,8 @@ } static int -mac_lomac_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_lomac_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_lomac *subj, *obj; @@ -1885,7 +1888,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_lomac_dominate_single(obj, subj)) return (maybe_demote(subj, obj, "msqget", "msg", NULL)); @@ -1894,7 +1897,8 @@ } static int -mac_lomac_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_lomac_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_lomac *subj, *obj; @@ -1902,7 +1906,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_lomac_dominate_single(subj, obj)) return (EACCES); @@ -1911,7 +1915,8 @@ } static int -mac_lomac_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_lomac_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_lomac *subj, *obj; @@ -1919,7 +1924,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_lomac_dominate_single(obj, subj)) return (maybe_demote(subj, obj, "msqrcv", "msg", NULL)); @@ -1929,7 +1934,7 @@ static int mac_lomac_check_ipc_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, - int cmd) + struct label *msqklabel, int cmd) { struct mac_lomac *subj, *obj; @@ -1937,7 +1942,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); switch(cmd) { case IPC_RMID: @@ -1961,7 +1966,7 @@ static int mac_lomac_check_ipc_semctl(struct ucred *cred, struct semid_kernel *semakptr, - int cmd) + struct label *semaklabel, int cmd) { struct mac_lomac *subj, *obj; @@ -1969,7 +1974,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); switch(cmd) { case IPC_RMID: @@ -1999,7 +2004,8 @@ } static int -mac_lomac_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr) +mac_lomac_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr, + struct label *semaklabel) { struct mac_lomac *subj, *obj; @@ -2007,7 +2013,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); if (!mac_lomac_dominate_single(obj, subj)) return (maybe_demote(subj, obj, "semget", "sem", NULL)); @@ -2017,7 +2023,7 @@ static int mac_lomac_check_ipc_semop(struct ucred *cred, struct semid_kernel *semakptr, - size_t accesstype) + struct label *semaklabel, size_t accesstype) { struct mac_lomac *subj, *obj; @@ -2025,7 +2031,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); if (accesstype & SEM_R) { if (!mac_lomac_dominate_single(obj, subj)) @@ -2043,7 +2049,7 @@ static int mac_lomac_check_ipc_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr, - int shmflg) + struct label *shmseglabel, int shmflg) { struct mac_lomac *subj, *obj; @@ -2051,7 +2057,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_lomac_dominate_single(obj, subj)) return (maybe_demote(subj, obj, "shmat", "shm", @@ -2065,8 +2071,8 @@ } static int -mac_lomac_check_ipc_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr, - int cmd) +mac_lomac_check_ipc_shmctl(struct ucred *cred, + struct shmid_kernel *shmsegptr, struct label *shmseglabel, int cmd) { struct mac_lomac *subj, *obj; @@ -2074,7 +2080,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); switch(cmd) { case IPC_RMID: @@ -2104,7 +2110,8 @@ * modify/delete the shmseg meta-data and/or the shared segment itself? */ static int -mac_lomac_check_ipc_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr) +mac_lomac_check_ipc_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr, + struct label *shmseglabel) { struct mac_lomac *subj, *obj; @@ -2112,7 +2119,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_lomac_dominate_single(subj, obj)) return (EACCES); @@ -2123,7 +2130,7 @@ static int mac_lomac_check_ipc_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr, - int shmflg) + struct label *shmseglabel, int shmflg) { struct mac_lomac *subj, *obj; @@ -2131,7 +2138,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_lomac_dominate_single(obj, subj)) return (maybe_demote(subj, obj, "shmget", "shm", NULL)); ==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#183 (text+ko) ==== @@ -1606,7 +1606,8 @@ } static int -mac_mls_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr) +mac_mls_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { struct mac_mls *subj, *obj; @@ -1614,7 +1615,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msgptr->label); + obj = SLOT(msglabel); if (!mac_mls_dominate_single(subj, obj)) return (EACCES); @@ -1623,7 +1624,8 @@ } static int -mac_mls_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr) +mac_mls_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { struct mac_mls *subj, *obj; @@ -1631,7 +1633,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msgptr->label); + obj = SLOT(msglabel); if (!mac_mls_dominate_single(obj, subj)) return (EACCES); @@ -1640,7 +1642,8 @@ } static int -mac_mls_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_mls_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_mls *subj, *obj; @@ -1648,7 +1651,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_mls_dominate_single(subj, obj)) return (EACCES); @@ -1657,7 +1660,8 @@ } static int -mac_mls_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_mls_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_mls *subj, *obj; @@ -1665,7 +1669,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_mls_dominate_single(obj, subj)) return (EACCES); @@ -1674,7 +1678,8 @@ } static int -mac_mls_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_mls_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_mls *subj, *obj; @@ -1682,7 +1687,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_mls_dominate_single(subj, obj)) return (EACCES); @@ -1692,7 +1697,7 @@ static int mac_mls_check_ipc_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, - int cmd) + struct label *msqklabel, int cmd) { struct mac_mls *subj, *obj; @@ -1700,7 +1705,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); switch(cmd) { case IPC_RMID: @@ -1723,7 +1728,7 @@ static int mac_mls_check_ipc_semctl(struct ucred *cred, struct semid_kernel *semakptr, - int cmd) + struct label *semaklabel, int cmd) { struct mac_mls *subj, *obj; @@ -1731,7 +1736,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); switch(cmd) { case IPC_RMID: @@ -1760,7 +1765,8 @@ } static int -mac_mls_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr) +mac_mls_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr, + struct label *semaklabel) { struct mac_mls *subj, *obj; @@ -1768,7 +1774,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); if (!mac_mls_dominate_single(subj, obj)) return (EACCES); @@ -1778,7 +1784,7 @@ static int mac_mls_check_ipc_semop(struct ucred *cred, struct semid_kernel *semakptr, - size_t accesstype) + struct label *semaklabel, size_t accesstype) { struct mac_mls *subj, *obj; @@ -1786,7 +1792,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); if( accesstype & SEM_R ) if (!mac_mls_dominate_single(subj, obj)) @@ -1801,7 +1807,7 @@ static int mac_mls_check_ipc_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr, - int shmflg) + struct label *shmseglabel, int shmflg) { struct mac_mls *subj, *obj; @@ -1809,7 +1815,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_mls_dominate_single(subj, obj)) return (EACCES); @@ -1822,7 +1828,7 @@ static int mac_mls_check_ipc_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr, - int cmd) + struct label *shmseglabel, int cmd) { struct mac_mls *subj, *obj; @@ -1830,7 +1836,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); switch(cmd) { case IPC_RMID: @@ -1859,7 +1865,8 @@ * modify/delete the shmseg meta-data and/or the shared segment itself? */ static int -mac_mls_check_ipc_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr) +mac_mls_check_ipc_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr, + struct label *shmseglabel) { struct mac_mls *subj, *obj; @@ -1867,7 +1874,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_mls_dominate_single(obj, subj)) return (EACCES); @@ -1878,7 +1885,7 @@ static int mac_mls_check_ipc_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr, - int shmflg) + struct label *shmseglabel, int shmflg) { struct mac_mls *subj, *obj; @@ -1886,7 +1893,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_mls_dominate_single(obj, subj)) return (EACCES); ==== //depot/projects/trustedbsd/mac/sys/security/mac_stub/mac_stub.c#10 (text+ko) ==== @@ -586,14 +586,16 @@ static int stub_check_ipc_msgmsq(struct ucred *cred, struct msg *msgptr, - struct msqid_kernel *msqkptr) + struct label *msglabel, struct msqid_kernel *msqkptr, + struct label *msqklabel) { return (0); } static int -stub_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr) +stub_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { return (0); @@ -601,7 +603,8 @@ static int -stub_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr) +stub_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { return (0); @@ -609,7 +612,8 @@ static int -stub_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr) +stub_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { return (0); @@ -617,14 +621,16 @@ static int -stub_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr) +stub_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { return (0); } static int -stub_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr) +stub_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { return (0); @@ -633,7 +639,7 @@ static int stub_check_ipc_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, - int cmd) + struct label *msqklabel, int cmd) { return (0); @@ -642,14 +648,15 @@ static int stub_check_ipc_semctl(struct ucred *cred, struct semid_kernel *semakptr, - int cmd) + struct label *semaklabel, int cmd) { return (0); } static int -stub_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr) +stub_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr, + struct label *semaklabel) { return (0); @@ -658,7 +665,7 @@ static int >>> TRUNCATED FOR MAIL (1000 lines) <<<
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311091658.hA9GwHSF012552>