From owner-p4-projects@FreeBSD.ORG Sun Nov 9 08:58:19 2003 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 6A51816A4D0; Sun, 9 Nov 2003 08:58:19 -0800 (PST) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2B96B16A4CE for ; Sun, 9 Nov 2003 08:58:19 -0800 (PST) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id D839943FB1 for ; Sun, 9 Nov 2003 08:58:17 -0800 (PST) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.9/8.12.9) with ESMTP id hA9GwHXJ012555 for ; Sun, 9 Nov 2003 08:58:17 -0800 (PST) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.9/8.12.9/Submit) id hA9GwHSF012552 for perforce@freebsd.org; Sun, 9 Nov 2003 08:58:17 -0800 (PST) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Sun, 9 Nov 2003 08:58:17 -0800 (PST) Message-Id: <200311091658.hA9GwHSF012552@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Subject: PERFORCE change 41808 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Nov 2003 16:58:19 -0000 http://perforce.freebsd.org/chv.cgi?CH=41808 Change 41808 by rwatson@rwatson_paprika on 2003/11/09 08:57:37 Do pass labels into policies explicitly for System V IPC. This permits policies basing decisions solely on labels rather than other object properties to be unaware of the structures representing those objects, abstracting the label storager specifics so we can change them. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_msg.c#4 edit .. //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_sem.c#4 edit .. //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_shm.c#4 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#226 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#73 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#183 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_stub/mac_stub.c#10 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#118 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#201 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_msg.c#4 (text+ko) ==== @@ -142,8 +142,8 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msgmsq, cred, msgptr, msqkptr); + MAC_CHECK(check_ipc_msgmsq, cred, msgptr, &msgptr->label, msqkptr, + &msqkptr->label); return(error); } @@ -156,8 +156,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msgrcv, cred, msgptr); + MAC_CHECK(check_ipc_msgrcv, cred, msgptr, &msgptr->label); return(error); } @@ -170,8 +169,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msgrmid, cred, msgptr); + MAC_CHECK(check_ipc_msgrmid, cred, msgptr, &msgptr->label); return(error); } @@ -184,8 +182,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msqget, cred, msqkptr); + MAC_CHECK(check_ipc_msqget, cred, msqkptr, &msqkptr->label); return(error); } @@ -198,8 +195,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msqsnd, cred, msqkptr); + MAC_CHECK(check_ipc_msqsnd, cred, msqkptr, &msqkptr->label); return(error); } @@ -212,8 +208,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msqrcv, cred, msqkptr); + MAC_CHECK(check_ipc_msqrcv, cred, msqkptr, &msqkptr->label); return(error); } @@ -227,8 +222,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &msqkptr->label ?? - MAC_CHECK(check_ipc_msqctl, cred, msqkptr, cmd); + MAC_CHECK(check_ipc_msqctl, cred, msqkptr, &msqkptr->label, cmd); return(error); } ==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_sem.c#4 (text+ko) ==== @@ -100,8 +100,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &semakptr->label ?? - MAC_CHECK(check_ipc_semctl, cred, semakptr, cmd); + MAC_CHECK(check_ipc_semctl, cred, semakptr, &semakptr->label, cmd); return(error); } @@ -114,8 +113,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &semakptr->label ?? - MAC_CHECK(check_ipc_semget, cred, semakptr); + MAC_CHECK(check_ipc_semget, cred, semakptr, &semakptr->label); return(error); } @@ -129,8 +127,8 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &semakptr->label ?? - MAC_CHECK(check_ipc_semop, cred, semakptr, accesstype); + MAC_CHECK(check_ipc_semop, cred, semakptr, &semakptr->label, + accesstype); return(error); } ==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_shm.c#4 (text+ko) ==== @@ -100,8 +100,8 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &shmsegptr->label ?? - MAC_CHECK(check_ipc_shmat, cred, shmsegptr, shmflg); + MAC_CHECK(check_ipc_shmat, cred, shmsegptr, &shmsegptr->label, + shmflg); return(error); } @@ -115,8 +115,8 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &shmsegptr->label ?? - MAC_CHECK(check_ipc_shmctl, cred, shmsegptr, cmd); + MAC_CHECK(check_ipc_shmctl, cred, shmsegptr, &shmsegptr->label, + cmd); return(error); } @@ -129,8 +129,7 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &shmsegptr->label ?? - MAC_CHECK(check_ipc_shmdt, cred, shmsegptr); + MAC_CHECK(check_ipc_shmdt, cred, shmsegptr, &shmsegptr->label); return(error); } @@ -144,8 +143,8 @@ if (!mac_enforce_sysv) return (0); - //XXX: Should we also pass &shmsegptr->label ?? - MAC_CHECK(check_ipc_shmget, cred, shmsegptr, shmflg); + MAC_CHECK(check_ipc_shmget, cred, shmsegptr, &shmsegptr->label, + shmflg); return(error); } ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#226 (text+ko) ==== @@ -1670,7 +1670,8 @@ } static int -mac_biba_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr) +mac_biba_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { struct mac_biba *subj, *obj; @@ -1678,7 +1679,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msgptr->label); + obj = SLOT(msglabel); if (!mac_biba_dominate_single(obj, subj)) return (EACCES); @@ -1687,7 +1688,8 @@ } static int -mac_biba_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr) +mac_biba_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { struct mac_biba *subj, *obj; @@ -1695,7 +1697,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msgptr->label); + obj = SLOT(msglabel); if (!mac_biba_dominate_single(subj, obj)) return (EACCES); @@ -1704,7 +1706,8 @@ } static int -mac_biba_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_biba_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_biba *subj, *obj; @@ -1712,7 +1715,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_biba_dominate_single(obj, subj)) return (EACCES); @@ -1721,7 +1724,8 @@ } static int -mac_biba_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_biba_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_biba *subj, *obj; @@ -1729,7 +1733,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_biba_dominate_single(subj, obj)) return (EACCES); @@ -1738,7 +1742,8 @@ } static int -mac_biba_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_biba_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_biba *subj, *obj; @@ -1746,7 +1751,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_biba_dominate_single(obj, subj)) return (EACCES); @@ -1757,7 +1762,7 @@ static int mac_biba_check_ipc_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, - int cmd) + struct label *msqklabel, int cmd) { struct mac_biba *subj, *obj; @@ -1765,7 +1770,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); switch(cmd) { case IPC_RMID: @@ -1788,7 +1793,7 @@ static int mac_biba_check_ipc_semctl(struct ucred *cred, struct semid_kernel *semakptr, - int cmd) + struct label *semaklabel, int cmd) { struct mac_biba *subj, *obj; @@ -1796,7 +1801,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); switch(cmd) { case IPC_RMID: @@ -1826,7 +1831,8 @@ static int -mac_biba_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr) +mac_biba_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr, + struct label *semaklabel) { struct mac_biba *subj, *obj; @@ -1834,7 +1840,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); if (!mac_biba_dominate_single(obj, subj)) return (EACCES); @@ -1845,7 +1851,7 @@ static int mac_biba_check_ipc_semop(struct ucred *cred, struct semid_kernel *semakptr, - size_t accesstype) + struct label *semaklabel, size_t accesstype) { struct mac_biba *subj, *obj; @@ -1853,7 +1859,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); if (accesstype & SEM_R) if (!mac_biba_dominate_single(obj, subj)) @@ -1868,7 +1874,7 @@ static int mac_biba_check_ipc_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr, - int shmflg) + struct label *shmseglabel, int shmflg) { struct mac_biba *subj, *obj; @@ -1876,7 +1882,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_biba_dominate_single(obj, subj)) return (EACCES); @@ -1890,7 +1896,7 @@ static int mac_biba_check_ipc_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr, - int cmd) + struct label *shmseglabel, int cmd) { struct mac_biba *subj, *obj; @@ -1898,7 +1904,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); switch(cmd) { case IPC_RMID: @@ -1928,7 +1934,8 @@ * modify/delete the shmseg meta-data and/or the shared segment itself? */ static int -mac_biba_check_ipc_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr) +mac_biba_check_ipc_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr, + struct label *shmseglabel) { struct mac_biba *subj, *obj; @@ -1936,7 +1943,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_biba_dominate_single(subj, obj)) return (EACCES); @@ -1947,7 +1954,7 @@ static int mac_biba_check_ipc_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr, - int shmflg) + struct label *shmseglabel, int shmflg) { struct mac_biba *subj, *obj; @@ -1955,7 +1962,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_biba_dominate_single(obj, subj)) return (EACCES); ==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#73 (text+ko) ==== @@ -1843,7 +1843,8 @@ } static int -mac_lomac_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr) +mac_lomac_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { struct mac_lomac *subj, *obj; @@ -1851,7 +1852,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msgptr->label); + obj = SLOT(msglabel); if (!mac_lomac_dominate_single(obj, subj)) return (maybe_demote(subj, obj, "msgrcv", "msg", NULL)); @@ -1860,7 +1861,8 @@ } static int -mac_lomac_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr) +mac_lomac_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { struct mac_lomac *subj, *obj; @@ -1868,7 +1870,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msgptr->label); + obj = SLOT(msglabel); if (!mac_lomac_dominate_single(subj, obj)) return (EACCES); @@ -1877,7 +1879,8 @@ } static int -mac_lomac_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_lomac_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_lomac *subj, *obj; @@ -1885,7 +1888,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_lomac_dominate_single(obj, subj)) return (maybe_demote(subj, obj, "msqget", "msg", NULL)); @@ -1894,7 +1897,8 @@ } static int -mac_lomac_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_lomac_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_lomac *subj, *obj; @@ -1902,7 +1906,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_lomac_dominate_single(subj, obj)) return (EACCES); @@ -1911,7 +1915,8 @@ } static int -mac_lomac_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_lomac_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_lomac *subj, *obj; @@ -1919,7 +1924,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_lomac_dominate_single(obj, subj)) return (maybe_demote(subj, obj, "msqrcv", "msg", NULL)); @@ -1929,7 +1934,7 @@ static int mac_lomac_check_ipc_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, - int cmd) + struct label *msqklabel, int cmd) { struct mac_lomac *subj, *obj; @@ -1937,7 +1942,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); switch(cmd) { case IPC_RMID: @@ -1961,7 +1966,7 @@ static int mac_lomac_check_ipc_semctl(struct ucred *cred, struct semid_kernel *semakptr, - int cmd) + struct label *semaklabel, int cmd) { struct mac_lomac *subj, *obj; @@ -1969,7 +1974,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); switch(cmd) { case IPC_RMID: @@ -1999,7 +2004,8 @@ } static int -mac_lomac_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr) +mac_lomac_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr, + struct label *semaklabel) { struct mac_lomac *subj, *obj; @@ -2007,7 +2013,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); if (!mac_lomac_dominate_single(obj, subj)) return (maybe_demote(subj, obj, "semget", "sem", NULL)); @@ -2017,7 +2023,7 @@ static int mac_lomac_check_ipc_semop(struct ucred *cred, struct semid_kernel *semakptr, - size_t accesstype) + struct label *semaklabel, size_t accesstype) { struct mac_lomac *subj, *obj; @@ -2025,7 +2031,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); if (accesstype & SEM_R) { if (!mac_lomac_dominate_single(obj, subj)) @@ -2043,7 +2049,7 @@ static int mac_lomac_check_ipc_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr, - int shmflg) + struct label *shmseglabel, int shmflg) { struct mac_lomac *subj, *obj; @@ -2051,7 +2057,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_lomac_dominate_single(obj, subj)) return (maybe_demote(subj, obj, "shmat", "shm", @@ -2065,8 +2071,8 @@ } static int -mac_lomac_check_ipc_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr, - int cmd) +mac_lomac_check_ipc_shmctl(struct ucred *cred, + struct shmid_kernel *shmsegptr, struct label *shmseglabel, int cmd) { struct mac_lomac *subj, *obj; @@ -2074,7 +2080,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); switch(cmd) { case IPC_RMID: @@ -2104,7 +2110,8 @@ * modify/delete the shmseg meta-data and/or the shared segment itself? */ static int -mac_lomac_check_ipc_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr) +mac_lomac_check_ipc_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr, + struct label *shmseglabel) { struct mac_lomac *subj, *obj; @@ -2112,7 +2119,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_lomac_dominate_single(subj, obj)) return (EACCES); @@ -2123,7 +2130,7 @@ static int mac_lomac_check_ipc_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr, - int shmflg) + struct label *shmseglabel, int shmflg) { struct mac_lomac *subj, *obj; @@ -2131,7 +2138,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_lomac_dominate_single(obj, subj)) return (maybe_demote(subj, obj, "shmget", "shm", NULL)); ==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#183 (text+ko) ==== @@ -1606,7 +1606,8 @@ } static int -mac_mls_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr) +mac_mls_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { struct mac_mls *subj, *obj; @@ -1614,7 +1615,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msgptr->label); + obj = SLOT(msglabel); if (!mac_mls_dominate_single(subj, obj)) return (EACCES); @@ -1623,7 +1624,8 @@ } static int -mac_mls_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr) +mac_mls_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { struct mac_mls *subj, *obj; @@ -1631,7 +1633,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msgptr->label); + obj = SLOT(msglabel); if (!mac_mls_dominate_single(obj, subj)) return (EACCES); @@ -1640,7 +1642,8 @@ } static int -mac_mls_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_mls_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_mls *subj, *obj; @@ -1648,7 +1651,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_mls_dominate_single(subj, obj)) return (EACCES); @@ -1657,7 +1660,8 @@ } static int -mac_mls_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_mls_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_mls *subj, *obj; @@ -1665,7 +1669,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_mls_dominate_single(obj, subj)) return (EACCES); @@ -1674,7 +1678,8 @@ } static int -mac_mls_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr) +mac_mls_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { struct mac_mls *subj, *obj; @@ -1682,7 +1687,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); if (!mac_mls_dominate_single(subj, obj)) return (EACCES); @@ -1692,7 +1697,7 @@ static int mac_mls_check_ipc_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, - int cmd) + struct label *msqklabel, int cmd) { struct mac_mls *subj, *obj; @@ -1700,7 +1705,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&msqkptr->label); + obj = SLOT(msqklabel); switch(cmd) { case IPC_RMID: @@ -1723,7 +1728,7 @@ static int mac_mls_check_ipc_semctl(struct ucred *cred, struct semid_kernel *semakptr, - int cmd) + struct label *semaklabel, int cmd) { struct mac_mls *subj, *obj; @@ -1731,7 +1736,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); switch(cmd) { case IPC_RMID: @@ -1760,7 +1765,8 @@ } static int -mac_mls_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr) +mac_mls_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr, + struct label *semaklabel) { struct mac_mls *subj, *obj; @@ -1768,7 +1774,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); if (!mac_mls_dominate_single(subj, obj)) return (EACCES); @@ -1778,7 +1784,7 @@ static int mac_mls_check_ipc_semop(struct ucred *cred, struct semid_kernel *semakptr, - size_t accesstype) + struct label *semaklabel, size_t accesstype) { struct mac_mls *subj, *obj; @@ -1786,7 +1792,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&semakptr->label); + obj = SLOT(semaklabel); if( accesstype & SEM_R ) if (!mac_mls_dominate_single(subj, obj)) @@ -1801,7 +1807,7 @@ static int mac_mls_check_ipc_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr, - int shmflg) + struct label *shmseglabel, int shmflg) { struct mac_mls *subj, *obj; @@ -1809,7 +1815,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_mls_dominate_single(subj, obj)) return (EACCES); @@ -1822,7 +1828,7 @@ static int mac_mls_check_ipc_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr, - int cmd) + struct label *shmseglabel, int cmd) { struct mac_mls *subj, *obj; @@ -1830,7 +1836,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); switch(cmd) { case IPC_RMID: @@ -1859,7 +1865,8 @@ * modify/delete the shmseg meta-data and/or the shared segment itself? */ static int -mac_mls_check_ipc_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr) +mac_mls_check_ipc_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr, + struct label *shmseglabel) { struct mac_mls *subj, *obj; @@ -1867,7 +1874,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_mls_dominate_single(obj, subj)) return (EACCES); @@ -1878,7 +1885,7 @@ static int mac_mls_check_ipc_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr, - int shmflg) + struct label *shmseglabel, int shmflg) { struct mac_mls *subj, *obj; @@ -1886,7 +1893,7 @@ return (0); subj = SLOT(cred->cr_label); - obj = SLOT(&shmsegptr->label); + obj = SLOT(shmseglabel); if (!mac_mls_dominate_single(obj, subj)) return (EACCES); ==== //depot/projects/trustedbsd/mac/sys/security/mac_stub/mac_stub.c#10 (text+ko) ==== @@ -586,14 +586,16 @@ static int stub_check_ipc_msgmsq(struct ucred *cred, struct msg *msgptr, - struct msqid_kernel *msqkptr) + struct label *msglabel, struct msqid_kernel *msqkptr, + struct label *msqklabel) { return (0); } static int -stub_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr) +stub_check_ipc_msgrcv(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { return (0); @@ -601,7 +603,8 @@ static int -stub_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr) +stub_check_ipc_msgrmid(struct ucred *cred, struct msg *msgptr, + struct label *msglabel) { return (0); @@ -609,7 +612,8 @@ static int -stub_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr) +stub_check_ipc_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { return (0); @@ -617,14 +621,16 @@ static int -stub_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr) +stub_check_ipc_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { return (0); } static int -stub_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr) +stub_check_ipc_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqklabel) { return (0); @@ -633,7 +639,7 @@ static int stub_check_ipc_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, - int cmd) + struct label *msqklabel, int cmd) { return (0); @@ -642,14 +648,15 @@ static int stub_check_ipc_semctl(struct ucred *cred, struct semid_kernel *semakptr, - int cmd) + struct label *semaklabel, int cmd) { return (0); } static int -stub_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr) +stub_check_ipc_semget(struct ucred *cred, struct semid_kernel *semakptr, + struct label *semaklabel) { return (0); @@ -658,7 +665,7 @@ static int >>> TRUNCATED FOR MAIL (1000 lines) <<<