Date: Fri, 7 Nov 2003 06:16:37 -0800 (PST) From: Andrew Reisse <areisse@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 41639 for review Message-ID: <200311071416.hA7EGb3e047403@repoman.freebsd.org>
index | next in thread | raw e-mail
http://perforce.freebsd.org/chv.cgi?CH=41639 Change 41639 by areisse@areisse_ibook on 2003/11/07 06:16:26 support for relabelling devfs entries (it might work when the vnodes are reclaimed) syscalls: mac_set_file, mac_set_link Affected files ... .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/init_sysent.c#4 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#25 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/miscfs/devfs/devfs_vnops.c#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/mac_policy.h#5 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/vnode.h#4 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/vnode_if.h#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vfs_support.c#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vfs_support.h#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vnode_if.c#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vnode_if.src#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#8 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/init_sysent.c#4 (text+ko) ==== @@ -734,6 +734,8 @@ /*syss(mac_execve,4), /* 342 */ syss(nosys,0), /* 342 */ syss(__mac_get_pid,2), /* 343 */ + syss(__mac_set_file,2), /* 344 */ + syss(__mac_set_link,2), /* 345 */ #else syss(nosys,0), /* 338 */ syss(nosys,0), /* 339 */ @@ -741,9 +743,9 @@ syss(nosys,0), /* 341 */ syss(nosys,0), /* 342 */ syss(nosys,0), /* 343 */ -#endif syss(nosys,0), /* 344 */ syss(nosys,0), /* 345 */ +#endif syss(nosys,0), /* 346 */ syss(nosys,0), /* 347 */ syss(nosys,0), /* 348 */ ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#25 (text+ko) ==== @@ -1445,16 +1445,14 @@ MAC_PERFORM(create_cred, parent_cred, child_cred); } -#if 0 void -mac_update_devfsdirent(struct mount *mp, struct devfs_dirent *de, +mac_update_devfsdirent(struct mount *mp, struct devnode *de, struct vnode *vp) { - MAC_PERFORM(update_devfsdirent, mp, de, &de->de_label, vp, + MAC_PERFORM(update_devfsdirent, mp, de, &de->dn_label, vp, &vp->v_label); } -#endif void mac_associate_vnode_devfs(struct mount *mp, struct devnode *de, @@ -3488,6 +3486,40 @@ return (error); } +static int +vn_setlabel(struct vnode *vp, struct label *intlabel, struct ucred *cred, + struct proc *p) +{ + int error; + + /* + * Multi-phase commit. First check the policies to confirm the + * change is OK. Then commit via the filesystem. Finally, + * update the actual vnode label. Question: maybe the filesystem + * should update the vnode at the end as part of VOP_SETLABEL()? + */ + error = mac_check_vnode_relabel(cred, vp, intlabel); + if (error) + return (error); + + /* + * VADMIN provides the opportunity for the filesystem to make + * decisions about who is and is not able to modify labels + * and protections on files. This might not be right. We can't + * assume VOP_SETLABEL() will do it, because we might implement + * that as part of vop_stdsetlabel_ea(). + */ + error = VOP_ACCESS(vp, VADMIN, cred, p); + if (error) + return (error); + + error = VOP_SETLABEL(vp, intlabel, cred, p); + if (error) + return (error); + + return (0); +} + /* * MPSAFE */ @@ -3957,6 +3989,8 @@ return (error); } +#endif + /* * MPSAFE */ @@ -3974,7 +4008,7 @@ struct mount *mp; struct mac mac; char *buffer; - int error; + int error, dummy; error = copyin(uap->mac_p, &mac, sizeof(mac)); if (error) @@ -3985,7 +4019,7 @@ return (error); MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); - error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); + error = copyinstr(mac.m_string, buffer, mac.m_buflen, &dummy); if (error) { FREE(buffer, M_MACTEMP); return (error); @@ -3999,27 +4033,20 @@ return (error); } -#if 0 - mutex_lock(&Giant); /* VFS */ /* XXX FUNNEL? */ -#endif - - NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW, UIO_USERSPACE, uap->path_p, + NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path_p, td); error = namei(&nd); - if (error == 0) { - error = vn_start_write(nd.ni_vp, &mp, V_WAIT | PCATCH); - if (error == 0) - error = vn_setlabel(nd.ni_vp, &intlabel, - td->p_ucred); - vn_finished_write(mp); + if (error == 0) + { + struct vnode *vp = nd.ni_vp; + + VOP_LEASE(vp, td, td->p_ucred, LEASE_WRITE); + vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); + error = vn_setlabel (vp, &intlabel, td->p_ucred, td); + + vput (nd.ni_vp); } - NDFREE(&nd, 0); -#if 0 - mutex_unlock(&Giant); /* VFS */ /* XXX FUNNEL? */ -#endif - mac_destroy_vnode_label(&intlabel); - return (error); } @@ -4027,14 +4054,14 @@ * MPSAFE */ int -__mac_set_link(struct thread *td, struct __mac_set_link_args *uap) +__mac_set_link(struct proc *td, struct __mac_set_file_args *uap) { struct label intlabel; struct nameidata nd; struct mount *mp; struct mac mac; char *buffer; - int error; + int error, dummy; error = copyin(uap->mac_p, &mac, sizeof(mac)); if (error) @@ -4045,7 +4072,7 @@ return (error); MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); - error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); + error = copyinstr(mac.m_string, buffer, mac.m_buflen, &dummy); if (error) { FREE(buffer, M_MACTEMP); return (error); @@ -4059,32 +4086,24 @@ return (error); } -#if 0 - mutex_lock(&Giant); /* VFS */ /* XXX FUNNEL? */ -#endif + NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path_p, + td); - NDINIT(&nd, LOOKUP, LOCKLEAF | NOFOLLOW, UIO_USERSPACE, uap->path_p, - td); error = namei(&nd); - if (error == 0) { - error = vn_start_write(nd.ni_vp, &mp, V_WAIT | PCATCH); - if (error == 0) - error = vn_setlabel(nd.ni_vp, &intlabel, - td->td_ucred); - vn_finished_write(mp); + if (error == 0) + { + struct vnode *vp = nd.ni_vp; + + VOP_LEASE(vp, td, td->p_ucred, LEASE_WRITE); + vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); + error = vn_setlabel (vp, &intlabel, td->p_ucred, td); + + vput (nd.ni_vp); } - NDFREE(&nd, 0); -#if 0 - mutex_unlock(&Giant); /* VFS */ /* XXX FUNNEL? */ -#endif - mac_destroy_vnode_label(&intlabel); - return (error); } -#endif - /* * MPSAFE */ ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/miscfs/devfs/devfs_vnops.c#2 (text+ko) ==== @@ -583,7 +583,26 @@ return error; } +#ifdef MAC static int +devfs_setlabel (struct vop_setlabel_args *ap) +{ + struct vnode *vp; + struct devnode *de; + + vp = ap->a_vp; + de = VTODN(vp); + + printf ("devfs_setlabel\n"); + + mac_relabel_vnode(ap->a_cred, vp, ap->a_vl); + mac_update_devfsdirent(vp->v_mount, de, vp); + + return (0); +} +#endif + +static int devfs_read(struct vop_read_args *ap) /*struct vop_read_args { struct vnode *a_vp; @@ -1540,6 +1559,9 @@ { &vop_blktooff_desc, (VOPFUNC)err_blktooff }, /* blktooff */ { &vop_offtoblk_desc, (VOPFUNC)err_offtoblk }, /* offtoblk */ { &vop_cmap_desc, (VOPFUNC)err_cmap }, /* cmap */ +#ifdef MAC + { &vop_setlabel_desc, (VOPFUNC)devfs_setlabel }, /* setlabel */ +#endif { (struct vnodeop_desc*)NULL, (int(*)())NULL } }; struct vnodeopv_desc devfs_vnodeop_opv_desc = @@ -1599,6 +1621,9 @@ { &vop_blktooff_desc, (VOPFUNC)spec_blktooff }, /* blktooff */ { &vop_blktooff_desc, (VOPFUNC)spec_offtoblk }, /* blkofftoblk */ { &vop_cmap_desc, (VOPFUNC)spec_cmap }, /* cmap */ +#ifdef MAC + { &vop_setlabel_desc, (VOPFUNC)devfs_setlabel }, /* setlabel */ +#endif { (struct vnodeop_desc*)NULL, (int(*)())NULL } }; struct vnodeopv_desc devfs_spec_vnodeop_opv_desc = ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/mac_policy.h#5 (text+ko) ==== @@ -189,12 +189,11 @@ int (*mpo_setlabel_vnode_extattr)(struct ucred *cred, struct vnode *vp, struct label *vlabel, struct label *intlabel); -#if 0 + void (*mpo_update_devfsdirent)(struct mount *mp, struct devnode *devfs_dirent, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel); -#endif /* * Labeling event operations: IPC objects. ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/vnode.h#4 (text+ko) ==== ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/vnode_if.h#2 (text+ko) ==== @@ -1309,6 +1309,26 @@ return (VCALL(vp, VOFFSET(vop_cmap), &a)); } +struct vop_setlabel_args { + struct vnodeop_desc *a_desc; + struct vnode *a_vp; + struct label *a_vl; + struct ucred *a_cred; + struct proc *a_p; +}; +extern struct vnodeop_desc vop_setlabel_desc; +#define VOP_SETLABEL(vp, vl, cred, p) _VOP_SETLABEL(vp, vl, cred, p) +static __inline int _VOP_SETLABEL(struct vnode *vp, struct label *vl, struct ucred *cred, struct proc *p) +{ + struct vop_setlabel_args a; + a.a_desc = VDESC(vop_setlabel); + a.a_vp = vp; + a.a_vl = vl; + a.a_cred = cred; + a.a_p = p; + return (VCALL(vp, VOFFSET(vop_setlabel), &a)); +} + /* Special cases: */ #include <sys/buf.h> #include <sys/vm.h> ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vfs_support.c#2 (text+ko) ==== @@ -245,6 +245,11 @@ return (EOPNOTSUPP); } +int +err_setlabel(struct vop_setlabel_args *ap) +{ + return (EOPNOTSUPP); +} struct vop_getattrlist_args /* { struct vnode *a_vp; ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vfs_support.h#2 (text+ko) ==== @@ -80,6 +80,8 @@ extern int nop_setattr(struct vop_setattr_args *ap); extern int err_setattr(struct vop_setattr_args *ap); +extern int err_setlabel(struct vop_setlabel_args *ap); + extern int nop_getattrlist(struct vop_getattrlist_args *ap); extern int err_getattrlist(struct vop_getattrlist_args *ap); ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vnode_if.c#2 (text+ko) ==== @@ -1035,6 +1035,22 @@ NULL, }; +int vop_setlabel_vp_offsets[] = { + VOPARG_OFFSETOF(struct vop_setlabel_args,a_vp), + VDESC_NO_OFFSET +}; +struct vnodeop_desc vop_setlabel_desc = { + 0, + "vop_setlabel", + 0, + vop_setlabel_vp_offsets, + VDESC_NO_OFFSET, + VOPARG_OFFSETOF(struct vop_setlabel_args, a_cred), + VOPARG_OFFSETOF(struct vop_setlabel_args, a_p), + VDESC_NO_OFFSET, + NULL, +}; + /* Special cases: */ int vop_strategy_vp_offsets[] = { @@ -1133,6 +1149,7 @@ &vop_blktooff_desc, &vop_offtoblk_desc, &vop_cmap_desc, + &vop_setlabel_desc, NULL }; ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/vfs/vnode_if.src#2 (text+ko) ==== @@ -177,6 +177,7 @@ IN struct proc *p; }; + # #% getattrlist vp = = = # @@ -715,3 +716,12 @@ OUT void *poff; }; +# +#% setlabel vp L L L +# +vop_setlabel { + IN struct vnode *vp; + IN struct label *vl; + IN struct ucred *cred; + IN struct proc *p; +}; ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#8 (text+ko) ==== @@ -2105,6 +2105,8 @@ .mpo_internalize_vnode_label = sebsd_internalize_vnode_label, .mpo_externalize_vnode_label = sebsd_externalize_vnode_label, + .mpo_relabel_vnode = sebsd_relabel_vnode, + /* Create Labels */ .mpo_create_cred = sebsd_create_cred,help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311071416.hA7EGb3e047403>