From owner-p4-projects@FreeBSD.ORG Mon Feb 7 20:11:00 2005 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 29B5416A4D0; Mon, 7 Feb 2005 20:11:00 +0000 (GMT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E131016A4CE for ; Mon, 7 Feb 2005 20:10:59 +0000 (GMT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id A5E5C43D4C for ; Mon, 7 Feb 2005 20:10:59 +0000 (GMT) (envelope-from areisse@nailabs.com) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j17KAxQ1035591 for ; Mon, 7 Feb 2005 20:10:59 GMT (envelope-from areisse@nailabs.com) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j17KAxMt035588 for perforce@freebsd.org; Mon, 7 Feb 2005 20:10:59 GMT (envelope-from areisse@nailabs.com) Date: Mon, 7 Feb 2005 20:10:59 GMT Message-Id: <200502072010.j17KAxMt035588@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to areisse@nailabs.com using -f From: Andrew Reisse To: Perforce Change Reviews Subject: PERFORCE change 70542 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Feb 2005 20:11:00 -0000 http://perforce.freebsd.org/chv.cgi?CH=70542 Change 70542 by areisse@areisse_tislabs on 2005/02/07 20:10:50 Introduce a kernel interface for reading and setting TE policy booleans (which affect the conditional rules). Affected files ... .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_syscall.c#6 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_syscalls.h#6 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/conditional.c#4 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/policydb.h#7 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/security.h#8 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/services.c#9 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_syscall.c#6 (text+ko) ==== @@ -39,6 +39,7 @@ #include #include #include +#include #include #include @@ -72,11 +73,26 @@ return (rc); } +static int +sebsd_get_bools(struct thread *td, struct sebsd_get_bools *gb) +{ + char *out = NULL; + if (gb->out) + out = malloc(gb->len, M_SEBSD, M_WAITOK); + int err = security_get_bool_string(&gb->len, out); + if (out && err == 0) + err = copyout(out, gb->out, gb->len); + if (out) + free(out, M_SEBSD); + return (err); +} + int sebsd_syscall(struct thread *td, int call, void *args) { int err = EINVAL; struct lp_args p; + struct sebsd_get_bools gb; switch(call) { case SEBSDCALL_LOAD_POLICY: @@ -84,6 +100,58 @@ return (EFAULT); err = sys_load_policy (td, p.data, p.len); break; + + case SEBSDCALL_GET_BOOLS: + if (copyin(args, &gb, sizeof (struct sebsd_get_bools))) + return (EFAULT); + err = sebsd_get_bools(td, &gb); + if (copyout(&gb, args, sizeof (struct sebsd_get_bools))) + return (EFAULT); + break; + + case SEBSDCALL_GET_BOOL: + { + char str[128]; + int active, pending; + err = copyinstr(args,str, 128, NULL); + if (err) + return (err); + security_get_bool(str, &active, &pending); + *td->td_retval = active | (pending << 1); + return (0); + } + + case SEBSDCALL_SET_BOOL: + { + char *str; + + err = thread_has_security(td, SECURITY__SETBOOL); + if (err) + return (err); + + if (copyin(args, &p, sizeof (struct lp_args))) + return (EFAULT); + str = malloc(p.len, M_SEBSD, M_WAITOK); + if (!str) + return (ENOMEM); + if (copyin(p.data, str, p.len)) { + free(str, M_SEBSD); + return (EFAULT); + } + + str[p.len-1] = 0; + err = security_set_bool(str+1, str[0]-'0'); + free(str, M_SEBSD); + break; + } + + case SEBSDCALL_COMMIT_BOOLS: + err = thread_has_security(td, SECURITY__SETBOOL); + if (err) + return (err); + + return security_commit_pending_bools(); + default: err = EINVAL; break; ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_syscalls.h#6 (text+ko) ==== @@ -7,6 +7,10 @@ * TBD: Should we really try to line up with SELinux? */ #define SEBSDCALL_LOAD_POLICY 7 +#define SEBSDCALL_GET_BOOLS 8 +#define SEBSDCALL_GET_BOOL 9 +#define SEBSDCALL_SET_BOOL 10 +#define SEBSDCALL_COMMIT_BOOLS 11 #define SEBSDCALL_NUM 7 @@ -27,6 +31,10 @@ u32 seqno; }; +struct sebsd_get_bools { + int len; + char *out; +}; #endif /* _SEBSD_SYSCALLS_H_ */ ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/conditional.c#4 (text+ko) ==== @@ -233,6 +233,7 @@ booldatum->value = le32_to_cpu(buf[0]); booldatum->state = le32_to_cpu(buf[1]); + booldatum->pending = booldatum->state; if (!bool_isvalid(booldatum)) goto err; ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/policydb.h#7 (text+ko) ==== @@ -121,6 +121,7 @@ struct cond_bool_datum { u32 value; /* internal type value */ int state; + int pending; /* value to be used after next commit */ }; struct cond_node; ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/security.h#8 (text+ko) ==== @@ -93,5 +93,10 @@ #define security_free_context(ctx) ({ if (ctx) free(ctx, M_SEBSD); }) +int security_get_bool_string(int *len, char *out); +int security_commit_pending_bools(); +int security_set_bool(char *name, int value); +int security_get_bool(char *name, int *value, int *pending); + #endif /* _SELINUX_SECURITY_H_ */ ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/services.c#9 (text+ko) ==== @@ -1503,6 +1503,39 @@ return rc; } +int security_get_bool_string(int *len, char *out) +{ + int i; + int needed = 1; + int err = 0; + + POLICY_RDLOCK; + for (i = 0; i < policydb.p_bools.nprim; i++) { + needed += 3; + needed += strlen(policydb.p_bool_val_to_name[i]); + } + + if (*len >= needed && out) { + *len = needed; + char *p = out; + + for (i = 0; i < policydb.p_bools.nprim; i++) { + *p++ = '0' + policydb.bool_val_to_struct[i]->state; + *p++ = '0' + policydb.bool_val_to_struct[i]->pending; + strcpy(p, policydb.p_bool_val_to_name[i]); + p += strlen(policydb.p_bool_val_to_name[i]); + *p++ = ';'; + } + *p++ = 0; + } else { + *len = needed; + err = ENOMEM; + } + + POLICY_RDUNLOCK; + return err; +} + int security_get_bools(int *len, char ***names, int **values) { int i, rc = ENOMEM; @@ -1551,6 +1584,72 @@ goto out; } +int security_commit_pending_bools(void) +{ + int i, rc = 0, seqno; + struct cond_node *cur; + + POLICY_WRLOCK; + printk(KERN_INFO "security: committed booleans { "); + for (i = 0; i < policydb.p_bools.nprim; i++) { + policydb.bool_val_to_struct[i]->state = + policydb.bool_val_to_struct[i]->pending; + + if (i != 0) + printk(", "); + printk("%s:%d", policydb.p_bool_val_to_name[i], + policydb.bool_val_to_struct[i]->state); + } + + printk(" }\n"); + + for (cur = policydb.cond_list; cur != NULL; cur = cur->next) { + rc = evaluate_cond_node(&policydb, cur); + if (rc) + goto out; + } + + seqno = ++latest_granting; + +out: + POLICY_WRUNLOCK; + if (!rc) + avc_ss_reset(seqno); + return (rc); +} + +int security_set_bool(char *name, int value) +{ + int i; + POLICY_WRLOCK; + + for (i = 0; i < policydb.p_bools.nprim; i++) + if (!strcmp(name, policydb.p_bool_val_to_name[i])) { + policydb.bool_val_to_struct[i]->pending = value; + POLICY_WRUNLOCK; + return (0); + } + + POLICY_WRUNLOCK; + return (ENOENT); +} + +int security_get_bool(char *name, int *value, int *pending) +{ + int i; + POLICY_RDLOCK; + + for (i = 0; i < policydb.p_bools.nprim; i++) + if (!strcmp(name, policydb.p_bool_val_to_name[i])) { + *pending = policydb.bool_val_to_struct[i]->pending; + *value = policydb.bool_val_to_struct[i]->state; + POLICY_RDUNLOCK; + return (0); + } + + POLICY_RDUNLOCK; + return (ENOENT); +} int security_set_bools(int len, int *values) {