Date: Tue, 14 Nov 2006 20:36:34 GMT From: Todd Miller <millert@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 109982 for review Message-ID: <200611142036.kAEKaYGK047297@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=109982 Change 109982 by millert@millert_g5tower on 2006/11/14 20:36:33 Add file_to_av() for converting fg_flags to an av perm. Make av perm optional in file_has_perm() so it can be used more. Use file_has_perm() in more places. In sebsd_file_check_change_flags use FILE__WRITE for the av if we are adding O_APPEND to the file flags. Affected files ... .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#42 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#42 (text+ko) ==== @@ -409,6 +409,23 @@ } static __inline u_int32_t +file_to_av(struct fileglob *fg) +{ + u_int32_t av = 0; + + if (fg->fg_flag & FREAD) + av |= FILE__READ; + if (fg->fg_flag & FWRITE) { + if (fg->fg_flag & O_APPEND) + av |= FILE__APPEND; + else + av |= FILE__WRITE; + } + + return (av); +} + +static __inline u_int32_t file_mask_to_av(enum vtype vt, int mask) { u_int32_t av = 0; @@ -485,8 +502,8 @@ return (rc); } - /* Check underlying vnode if there is one. */ - if (fg->fg_type == DTYPE_VNODE && fg->fg_data != NULL) { + /* Check underlying vnode if there is one and we were passed a perm. */ + if (perm && fg->fg_type == DTYPE_VNODE && fg->fg_data != NULL) { rc = vnode_has_perm(cred, (struct vnode *)fg->fg_data, NULL, perm); } @@ -3090,135 +3107,86 @@ sebsd_file_check_ioctl(struct ucred *cred, struct fileglob *fg, struct label *fglabel, u_long com, void *data) { - struct task_security_struct *tsec; - struct file_security_struct *fsec; - tsec = SLOT(cred->cr_label); - fsec = SLOT(fglabel); - - return (avc_has_perm(tsec->sid, fsec->sid, SECCLASS_FD, FD__USE, NULL)); + return (file_has_perm(cred, fg, fglabel, 0)); } static int sebsd_vnode_check_ioctl(struct ucred *cred, struct vnode *vp, struct label *label, int com, caddr_t data) { - struct task_security_struct *tsec; - struct vnode_security_struct *vsec; - tsec = SLOT(cred->cr_label); - vsec = SLOT(label); - return (vnode_has_perm(cred, vp, NULL, FILE__IOCTL)); } -/* - * Simplify all other fd permissions to just "use" for now. The ones we - * implement in SEBSD roughly correlate to the SELinux FD__USE permissions, - * and not the fine-grained FLASK permissions. - */ static int sebsd_file_check_receive(struct ucred *cred, struct fileglob *fg, struct label *fglabel) { - struct task_security_struct *tsec; - struct file_security_struct *fsec; - tsec = SLOT(cred->cr_label); - fsec = SLOT(fglabel); - return (avc_has_perm(tsec->sid, fsec->sid, SECCLASS_FD, - FD__USE, NULL)); + return (file_has_perm(cred, fg, fglabel, file_to_av(fg))); } static int sebsd_file_check_dup(struct ucred *cred, struct fileglob *fg, struct label *fglabel, int newfd) { - struct task_security_struct *tsec; - struct file_security_struct *fsec; - tsec = SLOT(cred->cr_label); - fsec = SLOT(fglabel); - return (avc_has_perm(tsec->sid, fsec->sid, SECCLASS_FD, - FD__USE, NULL)); + return (file_has_perm(cred, fg, fglabel, file_to_av(fg))); } static int sebsd_file_check_get_flags(struct ucred *cred, struct fileglob *fg, struct label *fglabel, u_int flags) { - struct task_security_struct *tsec; - struct file_security_struct *fsec; - tsec = SLOT(cred->cr_label); - fsec = SLOT(fglabel); - return (avc_has_perm(tsec->sid, fsec->sid, SECCLASS_FD, - FD__USE, NULL)); + return (file_has_perm(cred, fg, fglabel, 0)); } static int sebsd_file_check_get_ofileflags(struct ucred *cred, struct fileglob *fg, struct label *fglabel, char flags) { - struct task_security_struct *tsec; - struct file_security_struct *fsec; - tsec = SLOT(cred->cr_label); - fsec = SLOT(fglabel); - return (avc_has_perm(tsec->sid, fsec->sid, SECCLASS_FD, - FD__USE, NULL)); + return (file_has_perm(cred, fg, fglabel, 0)); } static int sebsd_file_check_change_flags(struct ucred *cred, struct fileglob *fg, struct label *fglabel, u_int oldflags, u_int newflags) { - struct task_security_struct *tsec; - struct file_security_struct *fsec; + u_int32_t av = 0; + + if ((newflags & O_APPEND) && !(oldflags & O_APPEND)) + av = FILE__WRITE; - tsec = SLOT(cred->cr_label); - fsec = SLOT(fglabel); - return (avc_has_perm(tsec->sid, fsec->sid, SECCLASS_FD, - FD__USE, NULL)); + return (file_has_perm(cred, fg, fglabel, av)); } static int sebsd_file_check_change_ofileflags(struct ucred *cred, struct fileglob *fg, struct label *fglabel, char oldflags, char newflags) { - struct task_security_struct *tsec; - struct file_security_struct *fsec; - tsec = SLOT(cred->cr_label); - fsec = SLOT(fglabel); - return (avc_has_perm(tsec->sid, fsec->sid, SECCLASS_FD, - FD__USE, NULL)); + /* XXX - should set av to something */ + return (file_has_perm(cred, fg, fglabel, 0)); } static int sebsd_file_check_get_offset(struct ucred *cred, struct fileglob *fg, struct label *fglabel) { - struct task_security_struct *tsec; - struct file_security_struct *fsec; - tsec = SLOT(cred->cr_label); - fsec = SLOT(fglabel); - return (avc_has_perm(tsec->sid, fsec->sid, SECCLASS_FD, - FD__USE, NULL)); + return (file_has_perm(cred, fg, fglabel, 0)); } static int sebsd_file_check_change_offset(struct ucred *cred, struct fileglob *fg, struct label *fglabel) { - struct task_security_struct *tsec; - struct file_security_struct *fsec; - tsec = SLOT(cred->cr_label); - fsec = SLOT(fglabel); - return (avc_has_perm(tsec->sid, fsec->sid, SECCLASS_FD, - FD__USE, NULL)); + /* XXX - should set av to something */ + return (file_has_perm(cred, fg, fglabel, 0)); } static int
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611142036.kAEKaYGK047297>