From owner-p4-projects@FreeBSD.ORG Thu Nov 20 11:56:41 2003 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id CEE9C16A4D0; Thu, 20 Nov 2003 11:56:40 -0800 (PST) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A9A1D16A4CE for ; Thu, 20 Nov 2003 11:56:40 -0800 (PST) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5292143FA3 for ; Thu, 20 Nov 2003 11:56:39 -0800 (PST) (envelope-from cvance@nailabs.com) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.9/8.12.9) with ESMTP id hAKJudXJ091765 for ; Thu, 20 Nov 2003 11:56:39 -0800 (PST) (envelope-from cvance@nailabs.com) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.9/8.12.9/Submit) id hAKJuaKw091761 for perforce@freebsd.org; Thu, 20 Nov 2003 11:56:36 -0800 (PST) (envelope-from cvance@nailabs.com) Date: Thu, 20 Nov 2003 11:56:36 -0800 (PST) Message-Id: <200311201956.hAKJuaKw091761@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to cvance@nailabs.com using -f From: Chris Vance To: Perforce Change Reviews Subject: PERFORCE change 42814 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Nov 2003 19:56:41 -0000 http://perforce.freebsd.org/chv.cgi?CH=42814 Change 42814 by cvance@cvance_osx_laptop on 2003/11/20 11:56:28 Fix a bunch of small but critical bugs: - make sure we free temporary labels in mac_set_{file,link} - make sure sebsd_ss_malloc stores the allocated size - turn on sebsd code for associate_vnode_extattr and setlabel_vnode_extattr Affected files ... .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#30 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#15 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#30 (text+ko) ==== @@ -4058,6 +4058,7 @@ vput (nd.ni_vp); } + mac_destroy_vnode_label(&intlabel); return (error); } @@ -4112,6 +4113,7 @@ vput (nd.ni_vp); } + mac_destroy_vnode_label(&intlabel); return (error); } ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#15 (text+ko) ==== @@ -99,7 +99,8 @@ void *sebsd_ss_malloc (size_t size, int flags) { - size_t *v = sebsd_malloc (size + sizeof (size_t), flags); + size += sizeof(size_t); + size_t *v = sebsd_malloc (size, flags); v[0] = size; return v+1; } @@ -500,28 +501,33 @@ struct vnode *vp, struct label *vlabel) { struct vnode_security_struct *vsec; - /* TBD: Need to limit size of contexts used in extattr labels */ - /*char context[128];*/ + /* + * TBD: static buffers aren't a good idea, and SELinux contexts + * aren't restricted in length. + * + * This doesn't matter too much, since HFS extattr support + * currently uses a backing file pre-allocated with fixed-size + * attributes. + */ + char context[256]; u_int32_t context_len; - const char *context = NULL; + struct proc *p = current_proc(); int error; vsec = SLOT(vlabel); -#ifdef HAS_EXTATTRS - context_len = sizeof(context); /* TBD: bad fixed length */ error = vn_extattr_get(vp, IO_NODELOCKED, SEBSD_MAC_EXTATTR_NAMESPACE, SEBSD_MAC_EXTATTR_NAME, - &context_len, context, curthread); + &context_len, context, p); if (error == ENOATTR || error == EOPNOTSUPP) { vsec->sid = SECINITSID_UNLABELED; /* Use the default label */ /* struct vattr va; - (void)VOP_GETATTR(vp, &va, curthread->td_ucred, curthread); + (void)VOP_GETATTR(vp, &va, p->p_ucred, p); printf("sebsd_update_vnode_from_extattr: no label for " "inode=%ld, fsid=%d\n", va.va_fileid, va.va_fsid); */ @@ -532,6 +538,8 @@ " by vn_extattr_get()\n", error); return (error); /* Fail closed */ } + +#if 0 if (sebsd_verbose > 1) { struct vattr va; @@ -541,8 +549,7 @@ context, va.va_fileid, va.va_fsid); } #endif - - struct proc *p = current_proc(); + if (p == NULL || vp == NULL || vp->v_op == NULL || vp->v_tag != VT_HFS || vp->v_data == NULL) goto dosclass; @@ -550,10 +557,6 @@ error = VOP_GETATTR (vp, &va, p->p_ucred, p); if (error) goto dosclass; - if (va.va_fileid == 28308) - context = "system_u:object_r:shell_exec_t"; - else - goto dosclass; error = security_context_to_sid(context, strlen(context), &vsec->sid); if (error) { @@ -1373,7 +1376,6 @@ dest->sid = source->sid; } -#ifdef HAS_EXTATTRS static int sebsd_setlabel_vnode_extattr(struct ucred *cred, struct vnode *vp, struct label *vlabel, struct label *intlabel) @@ -1393,11 +1395,10 @@ error = vn_extattr_set(vp, IO_NODELOCKED, SEBSD_MAC_EXTATTR_NAMESPACE, SEBSD_MAC_EXTATTR_NAME, - context_len, context, curthread); + context_len, context, current_proc()); security_free_context(context); return (error); } -#endif static int sebsd_check_vnode_access(struct ucred *cred, struct vnode *vp, @@ -2242,9 +2243,12 @@ .mpo_destroy_mount_label = sebsd_destroy_mount_label, .mpo_destroy_mount_fs_label = sebsd_destroy_mount_fs_label, + .mpo_setlabel_vnode_extattr = sebsd_setlabel_vnode_extattr, + .mpo_syscall = sebsd_syscall }; + #if 0 static struct mac_policy_ops sebsd_ops_o = { /* Init Labels */ @@ -2463,9 +2467,6 @@ #endif /* .mpo_relabel_socket = sebsd_relabel_socket, */ .mpo_relabel_vnode = sebsd_relabel_vnode, -#ifdef HAS_EXTATTRS - .mpo_setlabel_vnode_extattr = sebsd_setlabel_vnode_extattr, -#endif /*.mpo_set_socket_peer_from_mbuf = sebsd_set_socket_peer_from_mbuf,*/ /*.mpo_set_socket_peer_from_socket = sebsd_set_socket_peer_from_socket,*/