From owner-p4-projects Sat Jun 1 20: 9:16 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 9F17437B408; Sat, 1 Jun 2002 20:09:08 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id C0A6D37B408 for ; Sat, 1 Jun 2002 20:09:06 -0700 (PDT) Received: (from perforce@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g52396J78851 for perforce@freebsd.org; Sat, 1 Jun 2002 20:09:06 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Sat, 1 Jun 2002 20:09:06 -0700 (PDT) Message-Id: <200206020309.g52396J78851@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 12285 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=12285 Change 12285 by rwatson@rwatson_curry on 2002/06/01 20:08:16 Implement socket receiving mbuf security check. Affected files ... ... //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#45 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#45 (text+ko) ==== @@ -1621,8 +1621,15 @@ mac_biba_socket_check_receive_mbuf(struct socket *so, struct label *socketlabel, struct mbuf *m, struct label *mbuflabel) { + struct mac_biba *p, *s; - return (0); + if (!mac_biba_enabled) + return (0); + + p = SLOT(mbuflabel); + s = SLOT(socketlabel); + + return (mac_biba_equal_single(p, s) ? 0 : EACCES); } static struct mac_policy_op_entry mac_biba_ops[] = To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message