Date: Fri, 3 Oct 2003 10:18:33 -0700 (PDT) From: Andrew Reisse <areisse@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 39097 for review Message-ID: <200310031718.h93HIXw8091926@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=39097 Change 39097 by areisse@areisse_tislabs on 2003/10/03 10:18:28 SEBSD gets the policy from the bootloader or user memory instead of reading files in the kernel. Affected files ... .. //depot/projects/trustedbsd/sebsd/lib/libsebsd/system.c#3 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#21 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_syscall.c#4 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/init.c#4 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/security.h#5 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/services.c#6 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/lib/libsebsd/system.c#3 (text+ko) ==== @@ -34,7 +34,9 @@ * $FreeBSD$ */ #include <errno.h> - +#include <stdio.h> +#include <sys/fcntl.h> +#include <stdlib.h> #include "sebsd.h" @@ -57,8 +59,28 @@ return i; } +struct lp_args +{ + void *data; + size_t len; +}; + int sebsd_load_policy(const char *path) { - return mac_syscall(SEBSD_ID_STRING, SEBSDCALL_LOAD_POLICY, path); + FILE *fp; + struct lp_args la; + + fp = fopen (path, "rb"); + if (fp == NULL) + return errno; + + fseek (fp, 0, SEEK_END); + la.len = ftell (fp); + fseek (fp, 0, SEEK_SET); + la.data = malloc (la.len); + if (1 != fread (la.data, la.len, 1, fp)) + return EIO; + + return mac_syscall(SEBSD_ID_STRING, SEBSDCALL_LOAD_POLICY, &la); } ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#21 (text+ko) ==== @@ -78,8 +78,11 @@ static void sebsd_init(struct mac_policy_conf *mpc) { - printf("sebsd:: init\n"); + avc_init(); + if (security_init()) { + panic("SEBSD: couldn't read policy file"); + } } static void @@ -772,10 +775,6 @@ { struct vnode *vp, *nvp; - avc_init(); - if (security_init()) { - panic("SEBSD: couldn't read policy file"); - } /* * Go through all open vnodes and reload their labels. */ ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_syscall.c#4 (text+ko) ==== @@ -44,27 +44,30 @@ #include <security/sebsd/sebsd_syscalls.h> #include <security/sebsd/linux-compat.h> #include <security/sebsd/avc/avc.h> -#include <security/sebsd/ss/fileutils.h> #include <security/sebsd/ss/services.h> +struct lp_args +{ + void *data; + size_t len; +}; + static int -sys_load_policy(struct thread *td, char *path) +sys_load_policy(struct thread *td, void *data, size_t len) { - FILE *fp; int rc; rc = thread_has_security(td, SECURITY__LOAD_POLICY); if (rc) return (rc); - fp = sebsd_fopen(path, "r", UIO_USERSPACE); - if (!fp) { - printf("ss: unable to open policy file\n"); - return (EINVAL); - } + void *kdata = malloc (len, M_SEBSD, M_WAITOK); + rc = copyin (data, kdata, len); + if (rc) + return (rc); - rc = security_load_policy(fp); - (void)fclose(fp); + rc = security_load_policy (kdata, len); + free (kdata, M_SEBSD); return (rc); } @@ -73,10 +76,13 @@ sebsd_syscall(struct thread *td, int call, void *args) { int err = EINVAL; + struct lp_args p; switch(call) { case SEBSDCALL_LOAD_POLICY: - err = sys_load_policy(td, (char *)args); + if (copyin (args, &p, sizeof (struct lp_args))) + return (EFAULT); + err = sys_load_policy (td, p.data, p.len); break; default: err = EINVAL; ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/init.c#4 (text+ko) ==== @@ -13,10 +13,11 @@ #include <sys/conf.h> #include <sys/kernel.h> #include <sys/malloc.h> +#include <sys/systm.h> +#include <sys/linker.h> #include <security/sebsd/linux-compat.h> #include <security/sebsd/sebsd.h> -#include <security/sebsd/ss/fileutils.h> #include <security/sebsd/ss/global.h> #include <security/sebsd/ss/policydb.h> #include <security/sebsd/ss/services.h> @@ -28,31 +29,39 @@ int security_init(void) { - FILE *fp; int rc; + caddr_t lh, tmp; + void *policy_data; + size_t policy_len; + + printf("security: starting up (compiled " __DATE__ ")\n"); + + lh = preload_search_by_type ("sebsd_policy"); + if (lh == NULL) + goto loaderr; - snprintf(policyfile, MAXPATHLEN, "%s.%d", POLICYDB_PATHPREFIX, - POLICYDB_VERSION); + tmp = preload_search_info (lh, MODINFO_ADDR); + if (tmp == NULL) + goto loaderr; + policy_data = *(void **) tmp; + tmp = preload_search_info (lh, MODINFO_SIZE); + if (tmp == NULL) + goto loaderr; + policy_len = *(size_t *) tmp; - printf("security: starting up (compiled " __DATE__ ")\n"); - printf("security: loading policy configuration from %s\n", policyfile); + printf("security: reading policy configuration\n"); - fp = fopen(policyfile, "r"); - if (!fp) { - printf("security: unable to open %s, cannot initialize.\n", policyfile); - return EINVAL; - } - - rc = security_load_policy(fp); + rc = security_load_policy (policy_data, policy_len); if (rc) { - printf("security: error while loading %s, cannot initialize.\n", policyfile); - fclose(fp); + printf("security: error while reading policy, cannot initialize.\n"); return EINVAL; } - fclose(fp); + return 0; - return 0; +loaderr: + printf("security: policy not supplied by bootloader\n"); + return EINVAL; } /* FLASK */ ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/security.h#5 (text+ko) ==== @@ -8,7 +8,6 @@ #include <security/sebsd/flask_types.h> #include <security/sebsd/flask.h> -#include <security/sebsd/ss/fileutils.h> #define SECSID_NULL 0x00000000 /* unspecified SID */ #define SECSID_WILD 0xffffffff /* wildcard SID */ @@ -16,7 +15,7 @@ #define SELINUX_MAGIC 0xf97cff8c -int security_load_policy(FILE * data); +int security_load_policy(void *kdata, size_t len); struct av_decision { access_vector_t allowed; ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/services.c#6 (text+ko) ==== @@ -17,7 +17,6 @@ #include <security/sebsd/ss/services.h> #include <security/sebsd/ss/security.h> #include <security/sebsd/ss/mls.h> -#include <security/sebsd/ss/fileutils.h> #include <security/sebsd/avc/avc.h> #include <security/sebsd/avc/avc_ss.h> #include <sys/socket.h> @@ -984,10 +983,8 @@ * This function will flush the access vector cache after * loading the new policy. */ -int security_load_policy(FILE *infile) +int security_load_policy(void *data, size_t len) { - void *data; - size_t len; struct policydb oldpolicydb, newpolicydb; struct sidtab oldsidtab, newsidtab; struct convert_context_args args; @@ -995,28 +992,6 @@ int rc = 0; struct policy_file file, *fp = &file; -#ifdef _KERNEL - struct vattr vat; - - vn_lock (infile->FILE_vp, LK_SHARED | LK_RETRY | LK_NOPAUSE, curthread); - rc = VOP_GETATTR (infile->FILE_vp, &vat, curthread->td_ucred, curthread); - VOP_UNLOCK(infile->FILE_vp, 0, curthread); - if (rc) - return rc; - - len = vat.va_size; - data = malloc (len, M_SEBSD, M_WAITOK); - -#else - fseek (infile, 0, SEEK_END); - len = ftell (infile); - fseek (infile, 0, SEEK_SET); - data = malloc (len); -#endif - - if (1 != fread (data, len, 1, infile)) - return EIO; - file.data = data; file.len = len;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200310031718.h93HIXw8091926>