| mac_biba.c (131025) | mac_biba.c (132232) |
|---|---|
| 1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson | 1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson |
| 3 * Copyright (c) 2001-2003 Networks Associates Technology, Inc. | 3 * Copyright (c) 2001-2004 Networks Associates Technology, Inc. |
| 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by Network 9 * Associates Laboratories, the Security Research Division of Network 10 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 11 * as part of the DARPA CHATS research program. --- 14 unchanged lines hidden (view full) --- 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * | 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by Network 9 * Associates Laboratories, the Security Research Division of Network 10 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 11 * as part of the DARPA CHATS research program. --- 14 unchanged lines hidden (view full) --- 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * |
| 34 * $FreeBSD: head/sys/security/mac_biba/mac_biba.c 131025 2004-06-24 03:34:46Z rwatson $ | 34 * $FreeBSD: head/sys/security/mac_biba/mac_biba.c 132232 2004-07-16 02:03:50Z rwatson $ |
| 35 */ 36 37/* 38 * Developed by the TrustedBSD Project. 39 * Biba fixed label mandatory integrity policy. 40 */ 41 42#include <sys/types.h> --- 173 unchanged lines hidden (view full) --- 216 return (0); 217} 218 219static int 220mac_biba_subject_dominate_high(struct mac_biba *mac_biba) 221{ 222 struct mac_biba_element *element; 223 | 35 */ 36 37/* 38 * Developed by the TrustedBSD Project. 39 * Biba fixed label mandatory integrity policy. 40 */ 41 42#include <sys/types.h> --- 173 unchanged lines hidden (view full) --- 216 return (0); 217} 218 219static int 220mac_biba_subject_dominate_high(struct mac_biba *mac_biba) 221{ 222 struct mac_biba_element *element; 223 |
| 224 KASSERT((mac_biba->mb_flags & MAC_BIBA_FLAG_SINGLE) != 0, 225 ("mac_biba_single_in_range: mac_biba not single")); 226 element = &mac_biba->mb_single; | 224 KASSERT((mac_biba->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0, 225 ("mac_biba_effective_in_range: mac_biba not effective")); 226 element = &mac_biba->mb_effective; |
| 227 228 return (element->mbe_type == MAC_BIBA_TYPE_EQUAL || 229 element->mbe_type == MAC_BIBA_TYPE_HIGH); 230} 231 232static int 233mac_biba_range_in_range(struct mac_biba *rangea, struct mac_biba *rangeb) 234{ 235 236 return (mac_biba_dominate_element(&rangeb->mb_rangehigh, 237 &rangea->mb_rangehigh) && 238 mac_biba_dominate_element(&rangea->mb_rangelow, 239 &rangeb->mb_rangelow)); 240} 241 242static int | 227 228 return (element->mbe_type == MAC_BIBA_TYPE_EQUAL || 229 element->mbe_type == MAC_BIBA_TYPE_HIGH); 230} 231 232static int 233mac_biba_range_in_range(struct mac_biba *rangea, struct mac_biba *rangeb) 234{ 235 236 return (mac_biba_dominate_element(&rangeb->mb_rangehigh, 237 &rangea->mb_rangehigh) && 238 mac_biba_dominate_element(&rangea->mb_rangelow, 239 &rangeb->mb_rangelow)); 240} 241 242static int |
| 243mac_biba_single_in_range(struct mac_biba *single, struct mac_biba *range) | 243mac_biba_effective_in_range(struct mac_biba *effective, struct mac_biba *range) |
| 244{ 245 | 244{ 245 |
| 246 KASSERT((single->mb_flags & MAC_BIBA_FLAG_SINGLE) != 0, 247 ("mac_biba_single_in_range: a not single")); | 246 KASSERT((effective->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0, 247 ("mac_biba_effective_in_range: a not effective")); |
| 248 KASSERT((range->mb_flags & MAC_BIBA_FLAG_RANGE) != 0, | 248 KASSERT((range->mb_flags & MAC_BIBA_FLAG_RANGE) != 0, |
| 249 ("mac_biba_single_in_range: b not range")); | 249 ("mac_biba_effective_in_range: b not range")); |
| 250 251 return (mac_biba_dominate_element(&range->mb_rangehigh, | 250 251 return (mac_biba_dominate_element(&range->mb_rangehigh, |
| 252 &single->mb_single) && 253 mac_biba_dominate_element(&single->mb_single, | 252 &effective->mb_effective) && 253 mac_biba_dominate_element(&effective->mb_effective, |
| 254 &range->mb_rangelow)); 255 256 return (1); 257} 258 259static int | 254 &range->mb_rangelow)); 255 256 return (1); 257} 258 259static int |
| 260mac_biba_dominate_single(struct mac_biba *a, struct mac_biba *b) | 260mac_biba_dominate_effective(struct mac_biba *a, struct mac_biba *b) |
| 261{ | 261{ |
| 262 KASSERT((a->mb_flags & MAC_BIBA_FLAG_SINGLE) != 0, 263 ("mac_biba_dominate_single: a not single")); 264 KASSERT((b->mb_flags & MAC_BIBA_FLAG_SINGLE) != 0, 265 ("mac_biba_dominate_single: b not single")); | 262 KASSERT((a->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0, 263 ("mac_biba_dominate_effective: a not effective")); 264 KASSERT((b->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0, 265 ("mac_biba_dominate_effective: b not effective")); |
| 266 | 266 |
| 267 return (mac_biba_dominate_element(&a->mb_single, &b->mb_single)); | 267 return (mac_biba_dominate_element(&a->mb_effective, &b->mb_effective)); |
| 268} 269 270static int 271mac_biba_equal_element(struct mac_biba_element *a, struct mac_biba_element *b) 272{ 273 274 if (a->mbe_type == MAC_BIBA_TYPE_EQUAL || 275 b->mbe_type == MAC_BIBA_TYPE_EQUAL) 276 return (1); 277 278 return (a->mbe_type == b->mbe_type && a->mbe_grade == b->mbe_grade); 279} 280 281static int | 268} 269 270static int 271mac_biba_equal_element(struct mac_biba_element *a, struct mac_biba_element *b) 272{ 273 274 if (a->mbe_type == MAC_BIBA_TYPE_EQUAL || 275 b->mbe_type == MAC_BIBA_TYPE_EQUAL) 276 return (1); 277 278 return (a->mbe_type == b->mbe_type && a->mbe_grade == b->mbe_grade); 279} 280 281static int |
| 282mac_biba_equal_single(struct mac_biba *a, struct mac_biba *b) | 282mac_biba_equal_effective(struct mac_biba *a, struct mac_biba *b) |
| 283{ 284 | 283{ 284 |
| 285 KASSERT((a->mb_flags & MAC_BIBA_FLAG_SINGLE) != 0, 286 ("mac_biba_equal_single: a not single")); 287 KASSERT((b->mb_flags & MAC_BIBA_FLAG_SINGLE) != 0, 288 ("mac_biba_equal_single: b not single")); | 285 KASSERT((a->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0, 286 ("mac_biba_equal_effective: a not effective")); 287 KASSERT((b->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0, 288 ("mac_biba_equal_effective: b not effective")); |
| 289 | 289 |
| 290 return (mac_biba_equal_element(&a->mb_single, &b->mb_single)); | 290 return (mac_biba_equal_element(&a->mb_effective, &b->mb_effective)); |
| 291} 292 293static int 294mac_biba_contains_equal(struct mac_biba *mac_biba) 295{ 296 | 291} 292 293static int 294mac_biba_contains_equal(struct mac_biba *mac_biba) 295{ 296 |
| 297 if (mac_biba->mb_flags & MAC_BIBA_FLAG_SINGLE) 298 if (mac_biba->mb_single.mbe_type == MAC_BIBA_TYPE_EQUAL) | 297 if (mac_biba->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) 298 if (mac_biba->mb_effective.mbe_type == MAC_BIBA_TYPE_EQUAL) |
| 299 return (1); 300 301 if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) { 302 if (mac_biba->mb_rangelow.mbe_type == MAC_BIBA_TYPE_EQUAL) 303 return (1); 304 if (mac_biba->mb_rangehigh.mbe_type == MAC_BIBA_TYPE_EQUAL) 305 return (1); 306 } --- 4 unchanged lines hidden (view full) --- 311static int 312mac_biba_subject_privileged(struct mac_biba *mac_biba) 313{ 314 315 KASSERT((mac_biba->mb_flags & MAC_BIBA_FLAGS_BOTH) == 316 MAC_BIBA_FLAGS_BOTH, 317 ("mac_biba_subject_privileged: subject doesn't have both labels")); 318 | 299 return (1); 300 301 if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) { 302 if (mac_biba->mb_rangelow.mbe_type == MAC_BIBA_TYPE_EQUAL) 303 return (1); 304 if (mac_biba->mb_rangehigh.mbe_type == MAC_BIBA_TYPE_EQUAL) 305 return (1); 306 } --- 4 unchanged lines hidden (view full) --- 311static int 312mac_biba_subject_privileged(struct mac_biba *mac_biba) 313{ 314 315 KASSERT((mac_biba->mb_flags & MAC_BIBA_FLAGS_BOTH) == 316 MAC_BIBA_FLAGS_BOTH, 317 ("mac_biba_subject_privileged: subject doesn't have both labels")); 318 |
| 319 /* If the single is EQUAL, it's ok. */ 320 if (mac_biba->mb_single.mbe_type == MAC_BIBA_TYPE_EQUAL) | 319 /* If the effective is EQUAL, it's ok. */ 320 if (mac_biba->mb_effective.mbe_type == MAC_BIBA_TYPE_EQUAL) |
| 321 return (0); 322 323 /* If either range endpoint is EQUAL, it's ok. */ 324 if (mac_biba->mb_rangelow.mbe_type == MAC_BIBA_TYPE_EQUAL || 325 mac_biba->mb_rangehigh.mbe_type == MAC_BIBA_TYPE_EQUAL) 326 return (0); 327 328 /* If the range is low-high, it's ok. */ 329 if (mac_biba->mb_rangelow.mbe_type == MAC_BIBA_TYPE_LOW && 330 mac_biba->mb_rangehigh.mbe_type == MAC_BIBA_TYPE_HIGH) 331 return (0); 332 333 /* It's not ok. */ 334 return (EPERM); 335} 336 337static int | 321 return (0); 322 323 /* If either range endpoint is EQUAL, it's ok. */ 324 if (mac_biba->mb_rangelow.mbe_type == MAC_BIBA_TYPE_EQUAL || 325 mac_biba->mb_rangehigh.mbe_type == MAC_BIBA_TYPE_EQUAL) 326 return (0); 327 328 /* If the range is low-high, it's ok. */ 329 if (mac_biba->mb_rangelow.mbe_type == MAC_BIBA_TYPE_LOW && 330 mac_biba->mb_rangehigh.mbe_type == MAC_BIBA_TYPE_HIGH) 331 return (0); 332 333 /* It's not ok. */ 334 return (EPERM); 335} 336 337static int |
| 338mac_biba_high_single(struct mac_biba *mac_biba) | 338mac_biba_high_effective(struct mac_biba *mac_biba) |
| 339{ 340 | 339{ 340 |
| 341 KASSERT((mac_biba->mb_flags & MAC_BIBA_FLAG_SINGLE) != 0, 342 ("mac_biba_equal_single: mac_biba not single")); | 341 KASSERT((mac_biba->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0, 342 ("mac_biba_equal_effective: mac_biba not effective")); |
| 343 | 343 |
| 344 return (mac_biba->mb_single.mbe_type == MAC_BIBA_TYPE_HIGH); | 344 return (mac_biba->mb_effective.mbe_type == MAC_BIBA_TYPE_HIGH); |
| 345} 346 347static int 348mac_biba_valid(struct mac_biba *mac_biba) 349{ 350 | 345} 346 347static int 348mac_biba_valid(struct mac_biba *mac_biba) 349{ 350 |
| 351 if (mac_biba->mb_flags & MAC_BIBA_FLAG_SINGLE) { 352 switch (mac_biba->mb_single.mbe_type) { | 351 if (mac_biba->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { 352 switch (mac_biba->mb_effective.mbe_type) { |
| 353 case MAC_BIBA_TYPE_GRADE: 354 break; 355 356 case MAC_BIBA_TYPE_EQUAL: 357 case MAC_BIBA_TYPE_HIGH: 358 case MAC_BIBA_TYPE_LOW: | 353 case MAC_BIBA_TYPE_GRADE: 354 break; 355 356 case MAC_BIBA_TYPE_EQUAL: 357 case MAC_BIBA_TYPE_HIGH: 358 case MAC_BIBA_TYPE_LOW: |
| 359 if (mac_biba->mb_single.mbe_grade != 0 || | 359 if (mac_biba->mb_effective.mbe_grade != 0 || |
| 360 !MAC_BIBA_BIT_SET_EMPTY( | 360 !MAC_BIBA_BIT_SET_EMPTY( |
| 361 mac_biba->mb_single.mbe_compartments)) | 361 mac_biba->mb_effective.mbe_compartments)) |
| 362 return (EINVAL); 363 break; 364 365 default: 366 return (EINVAL); 367 } 368 } else { | 362 return (EINVAL); 363 break; 364 365 default: 366 return (EINVAL); 367 } 368 } else { |
| 369 if (mac_biba->mb_single.mbe_type != MAC_BIBA_TYPE_UNDEF) | 369 if (mac_biba->mb_effective.mbe_type != MAC_BIBA_TYPE_UNDEF) |
| 370 return (EINVAL); 371 } 372 373 if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) { 374 switch (mac_biba->mb_rangelow.mbe_type) { 375 case MAC_BIBA_TYPE_GRADE: 376 break; 377 --- 55 unchanged lines hidden (view full) --- 433 if (compartmentshigh != NULL) 434 memcpy(mac_biba->mb_rangehigh.mbe_compartments, 435 compartmentshigh, 436 sizeof(mac_biba->mb_rangehigh.mbe_compartments)); 437 mac_biba->mb_flags |= MAC_BIBA_FLAG_RANGE; 438} 439 440static void | 370 return (EINVAL); 371 } 372 373 if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) { 374 switch (mac_biba->mb_rangelow.mbe_type) { 375 case MAC_BIBA_TYPE_GRADE: 376 break; 377 --- 55 unchanged lines hidden (view full) --- 433 if (compartmentshigh != NULL) 434 memcpy(mac_biba->mb_rangehigh.mbe_compartments, 435 compartmentshigh, 436 sizeof(mac_biba->mb_rangehigh.mbe_compartments)); 437 mac_biba->mb_flags |= MAC_BIBA_FLAG_RANGE; 438} 439 440static void |
| 441mac_biba_set_single(struct mac_biba *mac_biba, u_short type, u_short grade, | 441mac_biba_set_effective(struct mac_biba *mac_biba, u_short type, u_short grade, |
| 442 u_char *compartments) 443{ 444 | 442 u_char *compartments) 443{ 444 |
| 445 mac_biba->mb_single.mbe_type = type; 446 mac_biba->mb_single.mbe_grade = grade; | 445 mac_biba->mb_effective.mbe_type = type; 446 mac_biba->mb_effective.mbe_grade = grade; |
| 447 if (compartments != NULL) | 447 if (compartments != NULL) |
| 448 memcpy(mac_biba->mb_single.mbe_compartments, compartments, 449 sizeof(mac_biba->mb_single.mbe_compartments)); 450 mac_biba->mb_flags |= MAC_BIBA_FLAG_SINGLE; | 448 memcpy(mac_biba->mb_effective.mbe_compartments, compartments, 449 sizeof(mac_biba->mb_effective.mbe_compartments)); 450 mac_biba->mb_flags |= MAC_BIBA_FLAG_EFFECTIVE; |
| 451} 452 453static void 454mac_biba_copy_range(struct mac_biba *labelfrom, struct mac_biba *labelto) 455{ 456 457 KASSERT((labelfrom->mb_flags & MAC_BIBA_FLAG_RANGE) != 0, 458 ("mac_biba_copy_range: labelfrom not range")); 459 460 labelto->mb_rangelow = labelfrom->mb_rangelow; 461 labelto->mb_rangehigh = labelfrom->mb_rangehigh; 462 labelto->mb_flags |= MAC_BIBA_FLAG_RANGE; 463} 464 465static void | 451} 452 453static void 454mac_biba_copy_range(struct mac_biba *labelfrom, struct mac_biba *labelto) 455{ 456 457 KASSERT((labelfrom->mb_flags & MAC_BIBA_FLAG_RANGE) != 0, 458 ("mac_biba_copy_range: labelfrom not range")); 459 460 labelto->mb_rangelow = labelfrom->mb_rangelow; 461 labelto->mb_rangehigh = labelfrom->mb_rangehigh; 462 labelto->mb_flags |= MAC_BIBA_FLAG_RANGE; 463} 464 465static void |
| 466mac_biba_copy_single(struct mac_biba *labelfrom, struct mac_biba *labelto) | 466mac_biba_copy_effective(struct mac_biba *labelfrom, struct mac_biba *labelto) |
| 467{ 468 | 467{ 468 |
| 469 KASSERT((labelfrom->mb_flags & MAC_BIBA_FLAG_SINGLE) != 0, 470 ("mac_biba_copy_single: labelfrom not single")); | 469 KASSERT((labelfrom->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0, 470 ("mac_biba_copy_effective: labelfrom not effective")); |
| 471 | 471 |
| 472 labelto->mb_single = labelfrom->mb_single; 473 labelto->mb_flags |= MAC_BIBA_FLAG_SINGLE; | 472 labelto->mb_effective = labelfrom->mb_effective; 473 labelto->mb_flags |= MAC_BIBA_FLAG_EFFECTIVE; |
| 474} 475 476static void 477mac_biba_copy(struct mac_biba *source, struct mac_biba *dest) 478{ 479 | 474} 475 476static void 477mac_biba_copy(struct mac_biba *source, struct mac_biba *dest) 478{ 479 |
| 480 if (source->mb_flags & MAC_BIBA_FLAG_SINGLE) 481 mac_biba_copy_single(source, dest); | 480 if (source->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) 481 mac_biba_copy_effective(source, dest); |
| 482 if (source->mb_flags & MAC_BIBA_FLAG_RANGE) 483 mac_biba_copy_range(source, dest); 484} 485 486/* 487 * Policy module operations. 488 */ 489static void --- 86 unchanged lines hidden (view full) --- 576 * if there isn't room in the sbuf. Note: the sbuf will be modified 577 * even in a failure case, so the caller may need to revert the sbuf 578 * by restoring the offset if that's undesired. 579 */ 580static int 581mac_biba_to_string(struct sbuf *sb, struct mac_biba *mac_biba) 582{ 583 | 482 if (source->mb_flags & MAC_BIBA_FLAG_RANGE) 483 mac_biba_copy_range(source, dest); 484} 485 486/* 487 * Policy module operations. 488 */ 489static void --- 86 unchanged lines hidden (view full) --- 576 * if there isn't room in the sbuf. Note: the sbuf will be modified 577 * even in a failure case, so the caller may need to revert the sbuf 578 * by restoring the offset if that's undesired. 579 */ 580static int 581mac_biba_to_string(struct sbuf *sb, struct mac_biba *mac_biba) 582{ 583 |
| 584 if (mac_biba->mb_flags & MAC_BIBA_FLAG_SINGLE) { 585 if (mac_biba_element_to_string(sb, &mac_biba->mb_single) | 584 if (mac_biba->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { 585 if (mac_biba_element_to_string(sb, &mac_biba->mb_effective) |
| 586 == -1) 587 return (EINVAL); 588 } 589 590 if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) { 591 if (sbuf_putc(sb, '(') == -1) 592 return (EINVAL); 593 --- 87 unchanged lines hidden (view full) --- 681 682/* 683 * Note: destructively consumes the string, make a local copy before 684 * calling if that's a problem. 685 */ 686static int 687mac_biba_parse(struct mac_biba *mac_biba, char *string) 688{ | 586 == -1) 587 return (EINVAL); 588 } 589 590 if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) { 591 if (sbuf_putc(sb, '(') == -1) 592 return (EINVAL); 593 --- 87 unchanged lines hidden (view full) --- 681 682/* 683 * Note: destructively consumes the string, make a local copy before 684 * calling if that's a problem. 685 */ 686static int 687mac_biba_parse(struct mac_biba *mac_biba, char *string) 688{ |
| 689 char *rangehigh, *rangelow, *single; | 689 char *rangehigh, *rangelow, *effective; |
| 690 int error; 691 | 690 int error; 691 |
| 692 single = strsep(&string, "("); 693 if (*single == '\0') 694 single = NULL; | 692 effective = strsep(&string, "("); 693 if (*effective == '\0') 694 effective = NULL; |
| 695 696 if (string != NULL) { 697 rangelow = strsep(&string, "-"); 698 if (string == NULL) 699 return (EINVAL); 700 rangehigh = strsep(&string, ")"); 701 if (string == NULL) 702 return (EINVAL); --- 4 unchanged lines hidden (view full) --- 707 rangehigh = NULL; 708 } 709 710 KASSERT((rangelow != NULL && rangehigh != NULL) || 711 (rangelow == NULL && rangehigh == NULL), 712 ("mac_biba_parse: range mismatch")); 713 714 bzero(mac_biba, sizeof(*mac_biba)); | 695 696 if (string != NULL) { 697 rangelow = strsep(&string, "-"); 698 if (string == NULL) 699 return (EINVAL); 700 rangehigh = strsep(&string, ")"); 701 if (string == NULL) 702 return (EINVAL); --- 4 unchanged lines hidden (view full) --- 707 rangehigh = NULL; 708 } 709 710 KASSERT((rangelow != NULL && rangehigh != NULL) || 711 (rangelow == NULL && rangehigh == NULL), 712 ("mac_biba_parse: range mismatch")); 713 714 bzero(mac_biba, sizeof(*mac_biba)); |
| 715 if (single != NULL) { 716 error = mac_biba_parse_element(&mac_biba->mb_single, single); | 715 if (effective != NULL) { 716 error = mac_biba_parse_element(&mac_biba->mb_effective, effective); |
| 717 if (error) 718 return (error); | 717 if (error) 718 return (error); |
| 719 mac_biba->mb_flags |= MAC_BIBA_FLAG_SINGLE; | 719 mac_biba->mb_flags |= MAC_BIBA_FLAG_EFFECTIVE; |
| 720 } 721 722 if (rangelow != NULL) { 723 error = mac_biba_parse_element(&mac_biba->mb_rangelow, 724 rangelow); 725 if (error) 726 return (error); 727 error = mac_biba_parse_element(&mac_biba->mb_rangehigh, --- 57 unchanged lines hidden (view full) --- 785 strncmp(dev->si_name, "fd/", strlen("fd/")) == 0) 786 biba_type = MAC_BIBA_TYPE_EQUAL; 787 else if (ptys_equal && 788 (strncmp(dev->si_name, "ttyp", strlen("ttyp")) == 0 || 789 strncmp(dev->si_name, "ptyp", strlen("ptyp")) == 0)) 790 biba_type = MAC_BIBA_TYPE_EQUAL; 791 else 792 biba_type = MAC_BIBA_TYPE_HIGH; | 720 } 721 722 if (rangelow != NULL) { 723 error = mac_biba_parse_element(&mac_biba->mb_rangelow, 724 rangelow); 725 if (error) 726 return (error); 727 error = mac_biba_parse_element(&mac_biba->mb_rangehigh, --- 57 unchanged lines hidden (view full) --- 785 strncmp(dev->si_name, "fd/", strlen("fd/")) == 0) 786 biba_type = MAC_BIBA_TYPE_EQUAL; 787 else if (ptys_equal && 788 (strncmp(dev->si_name, "ttyp", strlen("ttyp")) == 0 || 789 strncmp(dev->si_name, "ptyp", strlen("ptyp")) == 0)) 790 biba_type = MAC_BIBA_TYPE_EQUAL; 791 else 792 biba_type = MAC_BIBA_TYPE_HIGH; |
| 793 mac_biba_set_single(mac_biba, biba_type, 0, NULL); | 793 mac_biba_set_effective(mac_biba, biba_type, 0, NULL); |
| 794} 795 796static void 797mac_biba_create_devfs_directory(struct mount *mp, char *dirname, 798 int dirnamelen, struct devfs_dirent *devfs_dirent, struct label *label) 799{ 800 struct mac_biba *mac_biba; 801 802 mac_biba = SLOT(label); | 794} 795 796static void 797mac_biba_create_devfs_directory(struct mount *mp, char *dirname, 798 int dirnamelen, struct devfs_dirent *devfs_dirent, struct label *label) 799{ 800 struct mac_biba *mac_biba; 801 802 mac_biba = SLOT(label); |
| 803 mac_biba_set_single(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL); | 803 mac_biba_set_effective(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL); |
| 804} 805 806static void 807mac_biba_create_devfs_symlink(struct ucred *cred, struct mount *mp, 808 struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de, 809 struct label *delabel) 810{ 811 struct mac_biba *source, *dest; 812 813 source = SLOT(cred->cr_label); 814 dest = SLOT(delabel); 815 | 804} 805 806static void 807mac_biba_create_devfs_symlink(struct ucred *cred, struct mount *mp, 808 struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de, 809 struct label *delabel) 810{ 811 struct mac_biba *source, *dest; 812 813 source = SLOT(cred->cr_label); 814 dest = SLOT(delabel); 815 |
| 816 mac_biba_copy_single(source, dest); | 816 mac_biba_copy_effective(source, dest); |
| 817} 818 819static void 820mac_biba_create_mount(struct ucred *cred, struct mount *mp, 821 struct label *mntlabel, struct label *fslabel) 822{ 823 struct mac_biba *source, *dest; 824 825 source = SLOT(cred->cr_label); 826 dest = SLOT(mntlabel); | 817} 818 819static void 820mac_biba_create_mount(struct ucred *cred, struct mount *mp, 821 struct label *mntlabel, struct label *fslabel) 822{ 823 struct mac_biba *source, *dest; 824 825 source = SLOT(cred->cr_label); 826 dest = SLOT(mntlabel); |
| 827 mac_biba_copy_single(source, dest); | 827 mac_biba_copy_effective(source, dest); |
| 828 dest = SLOT(fslabel); | 828 dest = SLOT(fslabel); |
| 829 mac_biba_copy_single(source, dest); | 829 mac_biba_copy_effective(source, dest); |
| 830} 831 832static void 833mac_biba_create_root_mount(struct ucred *cred, struct mount *mp, 834 struct label *mntlabel, struct label *fslabel) 835{ 836 struct mac_biba *mac_biba; 837 838 /* Always mount root as high integrity. */ 839 mac_biba = SLOT(fslabel); | 830} 831 832static void 833mac_biba_create_root_mount(struct ucred *cred, struct mount *mp, 834 struct label *mntlabel, struct label *fslabel) 835{ 836 struct mac_biba *mac_biba; 837 838 /* Always mount root as high integrity. */ 839 mac_biba = SLOT(fslabel); |
| 840 mac_biba_set_single(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL); | 840 mac_biba_set_effective(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL); |
| 841 mac_biba = SLOT(mntlabel); | 841 mac_biba = SLOT(mntlabel); |
| 842 mac_biba_set_single(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL); | 842 mac_biba_set_effective(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL); |
| 843} 844 845static void 846mac_biba_relabel_vnode(struct ucred *cred, struct vnode *vp, 847 struct label *vnodelabel, struct label *label) 848{ 849 struct mac_biba *source, *dest; 850 --- 21 unchanged lines hidden (view full) --- 872 struct devfs_dirent *de, struct label *delabel, struct vnode *vp, 873 struct label *vlabel) 874{ 875 struct mac_biba *source, *dest; 876 877 source = SLOT(delabel); 878 dest = SLOT(vlabel); 879 | 843} 844 845static void 846mac_biba_relabel_vnode(struct ucred *cred, struct vnode *vp, 847 struct label *vnodelabel, struct label *label) 848{ 849 struct mac_biba *source, *dest; 850 --- 21 unchanged lines hidden (view full) --- 872 struct devfs_dirent *de, struct label *delabel, struct vnode *vp, 873 struct label *vlabel) 874{ 875 struct mac_biba *source, *dest; 876 877 source = SLOT(delabel); 878 dest = SLOT(vlabel); 879 |
| 880 mac_biba_copy_single(source, dest); | 880 mac_biba_copy_effective(source, dest); |
| 881} 882 883static int 884mac_biba_associate_vnode_extattr(struct mount *mp, struct label *fslabel, 885 struct vnode *vp, struct label *vlabel) 886{ 887 struct mac_biba temp, *source, *dest; 888 int buflen, error; 889 890 source = SLOT(fslabel); 891 dest = SLOT(vlabel); 892 893 buflen = sizeof(temp); 894 bzero(&temp, buflen); 895 896 error = vn_extattr_get(vp, IO_NODELOCKED, MAC_BIBA_EXTATTR_NAMESPACE, 897 MAC_BIBA_EXTATTR_NAME, &buflen, (char *) &temp, curthread); 898 if (error == ENOATTR || error == EOPNOTSUPP) { 899 /* Fall back to the fslabel. */ | 881} 882 883static int 884mac_biba_associate_vnode_extattr(struct mount *mp, struct label *fslabel, 885 struct vnode *vp, struct label *vlabel) 886{ 887 struct mac_biba temp, *source, *dest; 888 int buflen, error; 889 890 source = SLOT(fslabel); 891 dest = SLOT(vlabel); 892 893 buflen = sizeof(temp); 894 bzero(&temp, buflen); 895 896 error = vn_extattr_get(vp, IO_NODELOCKED, MAC_BIBA_EXTATTR_NAMESPACE, 897 MAC_BIBA_EXTATTR_NAME, &buflen, (char *) &temp, curthread); 898 if (error == ENOATTR || error == EOPNOTSUPP) { 899 /* Fall back to the fslabel. */ |
| 900 mac_biba_copy_single(source, dest); | 900 mac_biba_copy_effective(source, dest); |
| 901 return (0); 902 } else if (error) 903 return (error); 904 905 if (buflen != sizeof(temp)) { 906 printf("mac_biba_associate_vnode_extattr: bad size %d\n", 907 buflen); 908 return (EPERM); 909 } 910 if (mac_biba_valid(&temp) != 0) { 911 printf("mac_biba_associate_vnode_extattr: invalid\n"); 912 return (EPERM); 913 } | 901 return (0); 902 } else if (error) 903 return (error); 904 905 if (buflen != sizeof(temp)) { 906 printf("mac_biba_associate_vnode_extattr: bad size %d\n", 907 buflen); 908 return (EPERM); 909 } 910 if (mac_biba_valid(&temp) != 0) { 911 printf("mac_biba_associate_vnode_extattr: invalid\n"); 912 return (EPERM); 913 } |
| 914 if ((temp.mb_flags & MAC_BIBA_FLAGS_BOTH) != MAC_BIBA_FLAG_SINGLE) { 915 printf("mac_biba_associate_vnode_extattr: not single\n"); | 914 if ((temp.mb_flags & MAC_BIBA_FLAGS_BOTH) != MAC_BIBA_FLAG_EFFECTIVE) { 915 printf("mac_biba_associate_vnode_extattr: not effective\n"); |
| 916 return (EPERM); 917 } 918 | 916 return (EPERM); 917 } 918 |
| 919 mac_biba_copy_single(&temp, dest); | 919 mac_biba_copy_effective(&temp, dest); |
| 920 return (0); 921} 922 923static void 924mac_biba_associate_vnode_singlelabel(struct mount *mp, 925 struct label *fslabel, struct vnode *vp, struct label *vlabel) 926{ 927 struct mac_biba *source, *dest; 928 929 source = SLOT(fslabel); 930 dest = SLOT(vlabel); 931 | 920 return (0); 921} 922 923static void 924mac_biba_associate_vnode_singlelabel(struct mount *mp, 925 struct label *fslabel, struct vnode *vp, struct label *vlabel) 926{ 927 struct mac_biba *source, *dest; 928 929 source = SLOT(fslabel); 930 dest = SLOT(vlabel); 931 |
| 932 mac_biba_copy_single(source, dest); | 932 mac_biba_copy_effective(source, dest); |
| 933} 934 935static int 936mac_biba_create_vnode_extattr(struct ucred *cred, struct mount *mp, 937 struct label *fslabel, struct vnode *dvp, struct label *dlabel, 938 struct vnode *vp, struct label *vlabel, struct componentname *cnp) 939{ 940 struct mac_biba *source, *dest, temp; 941 size_t buflen; 942 int error; 943 944 buflen = sizeof(temp); 945 bzero(&temp, buflen); 946 947 source = SLOT(cred->cr_label); 948 dest = SLOT(vlabel); | 933} 934 935static int 936mac_biba_create_vnode_extattr(struct ucred *cred, struct mount *mp, 937 struct label *fslabel, struct vnode *dvp, struct label *dlabel, 938 struct vnode *vp, struct label *vlabel, struct componentname *cnp) 939{ 940 struct mac_biba *source, *dest, temp; 941 size_t buflen; 942 int error; 943 944 buflen = sizeof(temp); 945 bzero(&temp, buflen); 946 947 source = SLOT(cred->cr_label); 948 dest = SLOT(vlabel); |
| 949 mac_biba_copy_single(source, &temp); | 949 mac_biba_copy_effective(source, &temp); |
| 950 951 error = vn_extattr_set(vp, IO_NODELOCKED, MAC_BIBA_EXTATTR_NAMESPACE, 952 MAC_BIBA_EXTATTR_NAME, buflen, (char *) &temp, curthread); 953 if (error == 0) | 950 951 error = vn_extattr_set(vp, IO_NODELOCKED, MAC_BIBA_EXTATTR_NAMESPACE, 952 MAC_BIBA_EXTATTR_NAME, buflen, (char *) &temp, curthread); 953 if (error == 0) |
| 954 mac_biba_copy_single(source, dest); | 954 mac_biba_copy_effective(source, dest); |
| 955 return (error); 956} 957 958static int 959mac_biba_setlabel_vnode_extattr(struct ucred *cred, struct vnode *vp, 960 struct label *vlabel, struct label *intlabel) 961{ 962 struct mac_biba *source, temp; 963 size_t buflen; 964 int error; 965 966 buflen = sizeof(temp); 967 bzero(&temp, buflen); 968 969 source = SLOT(intlabel); | 955 return (error); 956} 957 958static int 959mac_biba_setlabel_vnode_extattr(struct ucred *cred, struct vnode *vp, 960 struct label *vlabel, struct label *intlabel) 961{ 962 struct mac_biba *source, temp; 963 size_t buflen; 964 int error; 965 966 buflen = sizeof(temp); 967 bzero(&temp, buflen); 968 969 source = SLOT(intlabel); |
| 970 if ((source->mb_flags & MAC_BIBA_FLAG_SINGLE) == 0) | 970 if ((source->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) == 0) |
| 971 return (0); 972 | 971 return (0); 972 |
| 973 mac_biba_copy_single(source, &temp); | 973 mac_biba_copy_effective(source, &temp); |
| 974 975 error = vn_extattr_set(vp, IO_NODELOCKED, MAC_BIBA_EXTATTR_NAMESPACE, 976 MAC_BIBA_EXTATTR_NAME, buflen, (char *) &temp, curthread); 977 return (error); 978} 979 980/* 981 * Labeling event operations: IPC object. 982 */ 983static void 984mac_biba_create_inpcb_from_socket(struct socket *so, struct label *solabel, 985 struct inpcb *inp, struct label *inplabel) 986{ 987 struct mac_biba *source, *dest; 988 989 source = SLOT(solabel); 990 dest = SLOT(inplabel); 991 | 974 975 error = vn_extattr_set(vp, IO_NODELOCKED, MAC_BIBA_EXTATTR_NAMESPACE, 976 MAC_BIBA_EXTATTR_NAME, buflen, (char *) &temp, curthread); 977 return (error); 978} 979 980/* 981 * Labeling event operations: IPC object. 982 */ 983static void 984mac_biba_create_inpcb_from_socket(struct socket *so, struct label *solabel, 985 struct inpcb *inp, struct label *inplabel) 986{ 987 struct mac_biba *source, *dest; 988 989 source = SLOT(solabel); 990 dest = SLOT(inplabel); 991 |
| 992 mac_biba_copy_single(source, dest); | 992 mac_biba_copy_effective(source, dest); |
| 993} 994 995static void 996mac_biba_create_mbuf_from_socket(struct socket *so, struct label *socketlabel, 997 struct mbuf *m, struct label *mbuflabel) 998{ 999 struct mac_biba *source, *dest; 1000 1001 source = SLOT(socketlabel); 1002 dest = SLOT(mbuflabel); 1003 | 993} 994 995static void 996mac_biba_create_mbuf_from_socket(struct socket *so, struct label *socketlabel, 997 struct mbuf *m, struct label *mbuflabel) 998{ 999 struct mac_biba *source, *dest; 1000 1001 source = SLOT(socketlabel); 1002 dest = SLOT(mbuflabel); 1003 |
| 1004 mac_biba_copy_single(source, dest); | 1004 mac_biba_copy_effective(source, dest); |
| 1005} 1006 1007static void 1008mac_biba_create_socket(struct ucred *cred, struct socket *socket, 1009 struct label *socketlabel) 1010{ 1011 struct mac_biba *source, *dest; 1012 1013 source = SLOT(cred->cr_label); 1014 dest = SLOT(socketlabel); 1015 | 1005} 1006 1007static void 1008mac_biba_create_socket(struct ucred *cred, struct socket *socket, 1009 struct label *socketlabel) 1010{ 1011 struct mac_biba *source, *dest; 1012 1013 source = SLOT(cred->cr_label); 1014 dest = SLOT(socketlabel); 1015 |
| 1016 mac_biba_copy_single(source, dest); | 1016 mac_biba_copy_effective(source, dest); |
| 1017} 1018 1019static void 1020mac_biba_create_pipe(struct ucred *cred, struct pipepair *pp, 1021 struct label *pipelabel) 1022{ 1023 struct mac_biba *source, *dest; 1024 1025 source = SLOT(cred->cr_label); 1026 dest = SLOT(pipelabel); 1027 | 1017} 1018 1019static void 1020mac_biba_create_pipe(struct ucred *cred, struct pipepair *pp, 1021 struct label *pipelabel) 1022{ 1023 struct mac_biba *source, *dest; 1024 1025 source = SLOT(cred->cr_label); 1026 dest = SLOT(pipelabel); 1027 |
| 1028 mac_biba_copy_single(source, dest); | 1028 mac_biba_copy_effective(source, dest); |
| 1029} 1030 1031static void 1032mac_biba_create_socket_from_socket(struct socket *oldsocket, 1033 struct label *oldsocketlabel, struct socket *newsocket, 1034 struct label *newsocketlabel) 1035{ 1036 struct mac_biba *source, *dest; 1037 1038 source = SLOT(oldsocketlabel); 1039 dest = SLOT(newsocketlabel); 1040 | 1029} 1030 1031static void 1032mac_biba_create_socket_from_socket(struct socket *oldsocket, 1033 struct label *oldsocketlabel, struct socket *newsocket, 1034 struct label *newsocketlabel) 1035{ 1036 struct mac_biba *source, *dest; 1037 1038 source = SLOT(oldsocketlabel); 1039 dest = SLOT(newsocketlabel); 1040 |
| 1041 mac_biba_copy_single(source, dest); | 1041 mac_biba_copy_effective(source, dest); |
| 1042} 1043 1044static void 1045mac_biba_relabel_socket(struct ucred *cred, struct socket *socket, 1046 struct label *socketlabel, struct label *newlabel) 1047{ 1048 struct mac_biba *source, *dest; 1049 --- 19 unchanged lines hidden (view full) --- 1069mac_biba_set_socket_peer_from_mbuf(struct mbuf *mbuf, struct label *mbuflabel, 1070 struct socket *socket, struct label *socketpeerlabel) 1071{ 1072 struct mac_biba *source, *dest; 1073 1074 source = SLOT(mbuflabel); 1075 dest = SLOT(socketpeerlabel); 1076 | 1042} 1043 1044static void 1045mac_biba_relabel_socket(struct ucred *cred, struct socket *socket, 1046 struct label *socketlabel, struct label *newlabel) 1047{ 1048 struct mac_biba *source, *dest; 1049 --- 19 unchanged lines hidden (view full) --- 1069mac_biba_set_socket_peer_from_mbuf(struct mbuf *mbuf, struct label *mbuflabel, 1070 struct socket *socket, struct label *socketpeerlabel) 1071{ 1072 struct mac_biba *source, *dest; 1073 1074 source = SLOT(mbuflabel); 1075 dest = SLOT(socketpeerlabel); 1076 |
| 1077 mac_biba_copy_single(source, dest); | 1077 mac_biba_copy_effective(source, dest); |
| 1078} 1079 1080/* 1081 * Labeling event operations: network objects. 1082 */ 1083static void 1084mac_biba_set_socket_peer_from_socket(struct socket *oldsocket, 1085 struct label *oldsocketlabel, struct socket *newsocket, 1086 struct label *newsocketpeerlabel) 1087{ 1088 struct mac_biba *source, *dest; 1089 1090 source = SLOT(oldsocketlabel); 1091 dest = SLOT(newsocketpeerlabel); 1092 | 1078} 1079 1080/* 1081 * Labeling event operations: network objects. 1082 */ 1083static void 1084mac_biba_set_socket_peer_from_socket(struct socket *oldsocket, 1085 struct label *oldsocketlabel, struct socket *newsocket, 1086 struct label *newsocketpeerlabel) 1087{ 1088 struct mac_biba *source, *dest; 1089 1090 source = SLOT(oldsocketlabel); 1091 dest = SLOT(newsocketpeerlabel); 1092 |
| 1093 mac_biba_copy_single(source, dest); | 1093 mac_biba_copy_effective(source, dest); |
| 1094} 1095 1096static void 1097mac_biba_create_bpfdesc(struct ucred *cred, struct bpf_d *bpf_d, 1098 struct label *bpflabel) 1099{ 1100 struct mac_biba *source, *dest; 1101 1102 source = SLOT(cred->cr_label); 1103 dest = SLOT(bpflabel); 1104 | 1094} 1095 1096static void 1097mac_biba_create_bpfdesc(struct ucred *cred, struct bpf_d *bpf_d, 1098 struct label *bpflabel) 1099{ 1100 struct mac_biba *source, *dest; 1101 1102 source = SLOT(cred->cr_label); 1103 dest = SLOT(bpflabel); 1104 |
| 1105 mac_biba_copy_single(source, dest); | 1105 mac_biba_copy_effective(source, dest); |
| 1106} 1107 1108static void 1109mac_biba_create_ifnet(struct ifnet *ifnet, struct label *ifnetlabel) 1110{ 1111 char tifname[IFNAMSIZ], *p, *q; 1112 char tiflist[sizeof(trusted_interfaces)]; 1113 struct mac_biba *dest; --- 39 unchanged lines hidden (view full) --- 1153 q, IFNAMSIZ); 1154 } 1155 if (*p == '\0') 1156 break; 1157 q = p + 1; 1158 } 1159 } 1160set: | 1106} 1107 1108static void 1109mac_biba_create_ifnet(struct ifnet *ifnet, struct label *ifnetlabel) 1110{ 1111 char tifname[IFNAMSIZ], *p, *q; 1112 char tiflist[sizeof(trusted_interfaces)]; 1113 struct mac_biba *dest; --- 39 unchanged lines hidden (view full) --- 1153 q, IFNAMSIZ); 1154 } 1155 if (*p == '\0') 1156 break; 1157 q = p + 1; 1158 } 1159 } 1160set: |
| 1161 mac_biba_set_single(dest, type, 0, NULL); | 1161 mac_biba_set_effective(dest, type, 0, NULL); |
| 1162 mac_biba_set_range(dest, type, 0, NULL, type, 0, NULL); 1163} 1164 1165static void 1166mac_biba_create_ipq(struct mbuf *fragment, struct label *fragmentlabel, 1167 struct ipq *ipq, struct label *ipqlabel) 1168{ 1169 struct mac_biba *source, *dest; 1170 1171 source = SLOT(fragmentlabel); 1172 dest = SLOT(ipqlabel); 1173 | 1162 mac_biba_set_range(dest, type, 0, NULL, type, 0, NULL); 1163} 1164 1165static void 1166mac_biba_create_ipq(struct mbuf *fragment, struct label *fragmentlabel, 1167 struct ipq *ipq, struct label *ipqlabel) 1168{ 1169 struct mac_biba *source, *dest; 1170 1171 source = SLOT(fragmentlabel); 1172 dest = SLOT(ipqlabel); 1173 |
| 1174 mac_biba_copy_single(source, dest); | 1174 mac_biba_copy_effective(source, dest); |
| 1175} 1176 1177static void 1178mac_biba_create_datagram_from_ipq(struct ipq *ipq, struct label *ipqlabel, 1179 struct mbuf *datagram, struct label *datagramlabel) 1180{ 1181 struct mac_biba *source, *dest; 1182 1183 source = SLOT(ipqlabel); 1184 dest = SLOT(datagramlabel); 1185 1186 /* Just use the head, since we require them all to match. */ | 1175} 1176 1177static void 1178mac_biba_create_datagram_from_ipq(struct ipq *ipq, struct label *ipqlabel, 1179 struct mbuf *datagram, struct label *datagramlabel) 1180{ 1181 struct mac_biba *source, *dest; 1182 1183 source = SLOT(ipqlabel); 1184 dest = SLOT(datagramlabel); 1185 1186 /* Just use the head, since we require them all to match. */ |
| 1187 mac_biba_copy_single(source, dest); | 1187 mac_biba_copy_effective(source, dest); |
| 1188} 1189 1190static void 1191mac_biba_create_fragment(struct mbuf *datagram, struct label *datagramlabel, 1192 struct mbuf *fragment, struct label *fragmentlabel) 1193{ 1194 struct mac_biba *source, *dest; 1195 1196 source = SLOT(datagramlabel); 1197 dest = SLOT(fragmentlabel); 1198 | 1188} 1189 1190static void 1191mac_biba_create_fragment(struct mbuf *datagram, struct label *datagramlabel, 1192 struct mbuf *fragment, struct label *fragmentlabel) 1193{ 1194 struct mac_biba *source, *dest; 1195 1196 source = SLOT(datagramlabel); 1197 dest = SLOT(fragmentlabel); 1198 |
| 1199 mac_biba_copy_single(source, dest); | 1199 mac_biba_copy_effective(source, dest); |
| 1200} 1201 1202static void 1203mac_biba_create_mbuf_from_inpcb(struct inpcb *inp, struct label *inplabel, 1204 struct mbuf *m, struct label *mlabel) 1205{ 1206 struct mac_biba *source, *dest; 1207 1208 source = SLOT(inplabel); 1209 dest = SLOT(mlabel); 1210 | 1200} 1201 1202static void 1203mac_biba_create_mbuf_from_inpcb(struct inpcb *inp, struct label *inplabel, 1204 struct mbuf *m, struct label *mlabel) 1205{ 1206 struct mac_biba *source, *dest; 1207 1208 source = SLOT(inplabel); 1209 dest = SLOT(mlabel); 1210 |
| 1211 mac_biba_copy_single(source, dest); | 1211 mac_biba_copy_effective(source, dest); |
| 1212} 1213 1214static void 1215mac_biba_create_mbuf_from_mbuf(struct mbuf *oldmbuf, 1216 struct label *oldmbuflabel, struct mbuf *newmbuf, 1217 struct label *newmbuflabel) 1218{ 1219 struct mac_biba *source, *dest; --- 15 unchanged lines hidden (view full) --- 1235static void 1236mac_biba_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel, 1237 struct mbuf *mbuf, struct label *mbuflabel) 1238{ 1239 struct mac_biba *dest; 1240 1241 dest = SLOT(mbuflabel); 1242 | 1212} 1213 1214static void 1215mac_biba_create_mbuf_from_mbuf(struct mbuf *oldmbuf, 1216 struct label *oldmbuflabel, struct mbuf *newmbuf, 1217 struct label *newmbuflabel) 1218{ 1219 struct mac_biba *source, *dest; --- 15 unchanged lines hidden (view full) --- 1235static void 1236mac_biba_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel, 1237 struct mbuf *mbuf, struct label *mbuflabel) 1238{ 1239 struct mac_biba *dest; 1240 1241 dest = SLOT(mbuflabel); 1242 |
| 1243 mac_biba_set_single(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL); | 1243 mac_biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL); |
| 1244} 1245 1246static void 1247mac_biba_create_mbuf_from_bpfdesc(struct bpf_d *bpf_d, struct label *bpflabel, 1248 struct mbuf *mbuf, struct label *mbuflabel) 1249{ 1250 struct mac_biba *source, *dest; 1251 1252 source = SLOT(bpflabel); 1253 dest = SLOT(mbuflabel); 1254 | 1244} 1245 1246static void 1247mac_biba_create_mbuf_from_bpfdesc(struct bpf_d *bpf_d, struct label *bpflabel, 1248 struct mbuf *mbuf, struct label *mbuflabel) 1249{ 1250 struct mac_biba *source, *dest; 1251 1252 source = SLOT(bpflabel); 1253 dest = SLOT(mbuflabel); 1254 |
| 1255 mac_biba_copy_single(source, dest); | 1255 mac_biba_copy_effective(source, dest); |
| 1256} 1257 1258static void 1259mac_biba_create_mbuf_from_ifnet(struct ifnet *ifnet, struct label *ifnetlabel, 1260 struct mbuf *m, struct label *mbuflabel) 1261{ 1262 struct mac_biba *source, *dest; 1263 1264 source = SLOT(ifnetlabel); 1265 dest = SLOT(mbuflabel); 1266 | 1256} 1257 1258static void 1259mac_biba_create_mbuf_from_ifnet(struct ifnet *ifnet, struct label *ifnetlabel, 1260 struct mbuf *m, struct label *mbuflabel) 1261{ 1262 struct mac_biba *source, *dest; 1263 1264 source = SLOT(ifnetlabel); 1265 dest = SLOT(mbuflabel); 1266 |
| 1267 mac_biba_copy_single(source, dest); | 1267 mac_biba_copy_effective(source, dest); |
| 1268} 1269 1270static void 1271mac_biba_create_mbuf_multicast_encap(struct mbuf *oldmbuf, 1272 struct label *oldmbuflabel, struct ifnet *ifnet, struct label *ifnetlabel, 1273 struct mbuf *newmbuf, struct label *newmbuflabel) 1274{ 1275 struct mac_biba *source, *dest; 1276 1277 source = SLOT(oldmbuflabel); 1278 dest = SLOT(newmbuflabel); 1279 | 1268} 1269 1270static void 1271mac_biba_create_mbuf_multicast_encap(struct mbuf *oldmbuf, 1272 struct label *oldmbuflabel, struct ifnet *ifnet, struct label *ifnetlabel, 1273 struct mbuf *newmbuf, struct label *newmbuflabel) 1274{ 1275 struct mac_biba *source, *dest; 1276 1277 source = SLOT(oldmbuflabel); 1278 dest = SLOT(newmbuflabel); 1279 |
| 1280 mac_biba_copy_single(source, dest); | 1280 mac_biba_copy_effective(source, dest); |
| 1281} 1282 1283static void 1284mac_biba_create_mbuf_netlayer(struct mbuf *oldmbuf, struct label *oldmbuflabel, 1285 struct mbuf *newmbuf, struct label *newmbuflabel) 1286{ 1287 struct mac_biba *source, *dest; 1288 1289 source = SLOT(oldmbuflabel); 1290 dest = SLOT(newmbuflabel); 1291 | 1281} 1282 1283static void 1284mac_biba_create_mbuf_netlayer(struct mbuf *oldmbuf, struct label *oldmbuflabel, 1285 struct mbuf *newmbuf, struct label *newmbuflabel) 1286{ 1287 struct mac_biba *source, *dest; 1288 1289 source = SLOT(oldmbuflabel); 1290 dest = SLOT(newmbuflabel); 1291 |
| 1292 mac_biba_copy_single(source, dest); | 1292 mac_biba_copy_effective(source, dest); |
| 1293} 1294 1295static int 1296mac_biba_fragment_match(struct mbuf *fragment, struct label *fragmentlabel, 1297 struct ipq *ipq, struct label *ipqlabel) 1298{ 1299 struct mac_biba *a, *b; 1300 1301 a = SLOT(ipqlabel); 1302 b = SLOT(fragmentlabel); 1303 | 1293} 1294 1295static int 1296mac_biba_fragment_match(struct mbuf *fragment, struct label *fragmentlabel, 1297 struct ipq *ipq, struct label *ipqlabel) 1298{ 1299 struct mac_biba *a, *b; 1300 1301 a = SLOT(ipqlabel); 1302 b = SLOT(fragmentlabel); 1303 |
| 1304 return (mac_biba_equal_single(a, b)); | 1304 return (mac_biba_equal_effective(a, b)); |
| 1305} 1306 1307static void 1308mac_biba_relabel_ifnet(struct ucred *cred, struct ifnet *ifnet, 1309 struct label *ifnetlabel, struct label *newlabel) 1310{ 1311 struct mac_biba *source, *dest; 1312 --- 28 unchanged lines hidden (view full) --- 1341 */ 1342static void 1343mac_biba_create_proc0(struct ucred *cred) 1344{ 1345 struct mac_biba *dest; 1346 1347 dest = SLOT(cred->cr_label); 1348 | 1305} 1306 1307static void 1308mac_biba_relabel_ifnet(struct ucred *cred, struct ifnet *ifnet, 1309 struct label *ifnetlabel, struct label *newlabel) 1310{ 1311 struct mac_biba *source, *dest; 1312 --- 28 unchanged lines hidden (view full) --- 1341 */ 1342static void 1343mac_biba_create_proc0(struct ucred *cred) 1344{ 1345 struct mac_biba *dest; 1346 1347 dest = SLOT(cred->cr_label); 1348 |
| 1349 mac_biba_set_single(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL); | 1349 mac_biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL); |
| 1350 mac_biba_set_range(dest, MAC_BIBA_TYPE_LOW, 0, NULL, 1351 MAC_BIBA_TYPE_HIGH, 0, NULL); 1352} 1353 1354static void 1355mac_biba_create_proc1(struct ucred *cred) 1356{ 1357 struct mac_biba *dest; 1358 1359 dest = SLOT(cred->cr_label); 1360 | 1350 mac_biba_set_range(dest, MAC_BIBA_TYPE_LOW, 0, NULL, 1351 MAC_BIBA_TYPE_HIGH, 0, NULL); 1352} 1353 1354static void 1355mac_biba_create_proc1(struct ucred *cred) 1356{ 1357 struct mac_biba *dest; 1358 1359 dest = SLOT(cred->cr_label); 1360 |
| 1361 mac_biba_set_single(dest, MAC_BIBA_TYPE_HIGH, 0, NULL); | 1361 mac_biba_set_effective(dest, MAC_BIBA_TYPE_HIGH, 0, NULL); |
| 1362 mac_biba_set_range(dest, MAC_BIBA_TYPE_LOW, 0, NULL, 1363 MAC_BIBA_TYPE_HIGH, 0, NULL); 1364} 1365 1366static void 1367mac_biba_relabel_cred(struct ucred *cred, struct label *newlabel) 1368{ 1369 struct mac_biba *source, *dest; --- 14 unchanged lines hidden (view full) --- 1384 struct mac_biba *a, *b; 1385 1386 if (!mac_biba_enabled) 1387 return (0); 1388 1389 a = SLOT(bpflabel); 1390 b = SLOT(ifnetlabel); 1391 | 1362 mac_biba_set_range(dest, MAC_BIBA_TYPE_LOW, 0, NULL, 1363 MAC_BIBA_TYPE_HIGH, 0, NULL); 1364} 1365 1366static void 1367mac_biba_relabel_cred(struct ucred *cred, struct label *newlabel) 1368{ 1369 struct mac_biba *source, *dest; --- 14 unchanged lines hidden (view full) --- 1384 struct mac_biba *a, *b; 1385 1386 if (!mac_biba_enabled) 1387 return (0); 1388 1389 a = SLOT(bpflabel); 1390 b = SLOT(ifnetlabel); 1391 |
| 1392 if (mac_biba_equal_single(a, b)) | 1392 if (mac_biba_equal_effective(a, b)) |
| 1393 return (0); 1394 return (EACCES); 1395} 1396 1397static int 1398mac_biba_check_cred_relabel(struct ucred *cred, struct label *newlabel) 1399{ 1400 struct mac_biba *subj, *new; 1401 int error; 1402 1403 subj = SLOT(cred->cr_label); 1404 new = SLOT(newlabel); 1405 1406 /* 1407 * If there is a Biba label update for the credential, it may | 1393 return (0); 1394 return (EACCES); 1395} 1396 1397static int 1398mac_biba_check_cred_relabel(struct ucred *cred, struct label *newlabel) 1399{ 1400 struct mac_biba *subj, *new; 1401 int error; 1402 1403 subj = SLOT(cred->cr_label); 1404 new = SLOT(newlabel); 1405 1406 /* 1407 * If there is a Biba label update for the credential, it may |
| 1408 * be an update of the single, range, or both. | 1408 * be an update of the effective, range, or both. |
| 1409 */ 1410 error = biba_atmostflags(new, MAC_BIBA_FLAGS_BOTH); 1411 if (error) 1412 return (error); 1413 1414 /* 1415 * If the Biba label is to be changed, authorize as appropriate. 1416 */ 1417 if (new->mb_flags & MAC_BIBA_FLAGS_BOTH) { 1418 /* 1419 * If the change request modifies both the Biba label | 1409 */ 1410 error = biba_atmostflags(new, MAC_BIBA_FLAGS_BOTH); 1411 if (error) 1412 return (error); 1413 1414 /* 1415 * If the Biba label is to be changed, authorize as appropriate. 1416 */ 1417 if (new->mb_flags & MAC_BIBA_FLAGS_BOTH) { 1418 /* 1419 * If the change request modifies both the Biba label |
| 1420 * single and range, check that the new single will be | 1420 * effective and range, check that the new effective will be |
| 1421 * in the new range. 1422 */ 1423 if ((new->mb_flags & MAC_BIBA_FLAGS_BOTH) == 1424 MAC_BIBA_FLAGS_BOTH && | 1421 * in the new range. 1422 */ 1423 if ((new->mb_flags & MAC_BIBA_FLAGS_BOTH) == 1424 MAC_BIBA_FLAGS_BOTH && |
| 1425 !mac_biba_single_in_range(new, new)) | 1425 !mac_biba_effective_in_range(new, new)) |
| 1426 return (EINVAL); 1427 1428 /* | 1426 return (EINVAL); 1427 1428 /* |
| 1429 * To change the Biba single label on a credential, the 1430 * new single label must be in the current range. | 1429 * To change the Biba effective label on a credential, the 1430 * new effective label must be in the current range. |
| 1431 */ | 1431 */ |
| 1432 if (new->mb_flags & MAC_BIBA_FLAG_SINGLE && 1433 !mac_biba_single_in_range(new, subj)) | 1432 if (new->mb_flags & MAC_BIBA_FLAG_EFFECTIVE && 1433 !mac_biba_effective_in_range(new, subj)) |
| 1434 return (EPERM); 1435 1436 /* 1437 * To change the Biba range on a credential, the new 1438 * range label must be in the current range. 1439 */ 1440 if (new->mb_flags & MAC_BIBA_FLAG_RANGE && 1441 !mac_biba_range_in_range(new, subj)) --- 21 unchanged lines hidden (view full) --- 1463 1464 if (!mac_biba_enabled) 1465 return (0); 1466 1467 subj = SLOT(u1->cr_label); 1468 obj = SLOT(u2->cr_label); 1469 1470 /* XXX: range */ | 1434 return (EPERM); 1435 1436 /* 1437 * To change the Biba range on a credential, the new 1438 * range label must be in the current range. 1439 */ 1440 if (new->mb_flags & MAC_BIBA_FLAG_RANGE && 1441 !mac_biba_range_in_range(new, subj)) --- 21 unchanged lines hidden (view full) --- 1463 1464 if (!mac_biba_enabled) 1465 return (0); 1466 1467 subj = SLOT(u1->cr_label); 1468 obj = SLOT(u2->cr_label); 1469 1470 /* XXX: range */ |
| 1471 if (!mac_biba_dominate_single(obj, subj)) | 1471 if (!mac_biba_dominate_effective(obj, subj)) |
| 1472 return (ESRCH); 1473 1474 return (0); 1475} 1476 1477static int 1478mac_biba_check_ifnet_relabel(struct ucred *cred, struct ifnet *ifnet, 1479 struct label *ifnetlabel, struct label *newlabel) 1480{ 1481 struct mac_biba *subj, *new; 1482 int error; 1483 1484 subj = SLOT(cred->cr_label); 1485 new = SLOT(newlabel); 1486 1487 /* 1488 * If there is a Biba label update for the interface, it may | 1472 return (ESRCH); 1473 1474 return (0); 1475} 1476 1477static int 1478mac_biba_check_ifnet_relabel(struct ucred *cred, struct ifnet *ifnet, 1479 struct label *ifnetlabel, struct label *newlabel) 1480{ 1481 struct mac_biba *subj, *new; 1482 int error; 1483 1484 subj = SLOT(cred->cr_label); 1485 new = SLOT(newlabel); 1486 1487 /* 1488 * If there is a Biba label update for the interface, it may |
| 1489 * be an update of the single, range, or both. | 1489 * be an update of the effective, range, or both. |
| 1490 */ 1491 error = biba_atmostflags(new, MAC_BIBA_FLAGS_BOTH); 1492 if (error) 1493 return (error); 1494 1495 /* 1496 * Relabling network interfaces requires Biba privilege. 1497 */ --- 11 unchanged lines hidden (view full) --- 1509 struct mac_biba *p, *i; 1510 1511 if (!mac_biba_enabled) 1512 return (0); 1513 1514 p = SLOT(mbuflabel); 1515 i = SLOT(ifnetlabel); 1516 | 1490 */ 1491 error = biba_atmostflags(new, MAC_BIBA_FLAGS_BOTH); 1492 if (error) 1493 return (error); 1494 1495 /* 1496 * Relabling network interfaces requires Biba privilege. 1497 */ --- 11 unchanged lines hidden (view full) --- 1509 struct mac_biba *p, *i; 1510 1511 if (!mac_biba_enabled) 1512 return (0); 1513 1514 p = SLOT(mbuflabel); 1515 i = SLOT(ifnetlabel); 1516 |
| 1517 return (mac_biba_single_in_range(p, i) ? 0 : EACCES); | 1517 return (mac_biba_effective_in_range(p, i) ? 0 : EACCES); |
| 1518} 1519 1520static int 1521mac_biba_check_inpcb_deliver(struct inpcb *inp, struct label *inplabel, 1522 struct mbuf *m, struct label *mlabel) 1523{ 1524 struct mac_biba *p, *i; 1525 1526 if (!mac_biba_enabled) 1527 return (0); 1528 1529 p = SLOT(mlabel); 1530 i = SLOT(inplabel); 1531 | 1518} 1519 1520static int 1521mac_biba_check_inpcb_deliver(struct inpcb *inp, struct label *inplabel, 1522 struct mbuf *m, struct label *mlabel) 1523{ 1524 struct mac_biba *p, *i; 1525 1526 if (!mac_biba_enabled) 1527 return (0); 1528 1529 p = SLOT(mlabel); 1530 i = SLOT(inplabel); 1531 |
| 1532 return (mac_biba_equal_single(p, i) ? 0 : EACCES); | 1532 return (mac_biba_equal_effective(p, i) ? 0 : EACCES); |
| 1533} 1534 1535static int 1536mac_biba_check_kld_load(struct ucred *cred, struct vnode *vp, 1537 struct label *label) 1538{ 1539 struct mac_biba *subj, *obj; 1540 int error; 1541 1542 if (!mac_biba_enabled) 1543 return (0); 1544 1545 subj = SLOT(cred->cr_label); 1546 1547 error = mac_biba_subject_privileged(subj); 1548 if (error) 1549 return (error); 1550 1551 obj = SLOT(label); | 1533} 1534 1535static int 1536mac_biba_check_kld_load(struct ucred *cred, struct vnode *vp, 1537 struct label *label) 1538{ 1539 struct mac_biba *subj, *obj; 1540 int error; 1541 1542 if (!mac_biba_enabled) 1543 return (0); 1544 1545 subj = SLOT(cred->cr_label); 1546 1547 error = mac_biba_subject_privileged(subj); 1548 if (error) 1549 return (error); 1550 1551 obj = SLOT(label); |
| 1552 if (!mac_biba_high_single(obj)) | 1552 if (!mac_biba_high_effective(obj)) |
| 1553 return (EACCES); 1554 1555 return (0); 1556} 1557 1558 1559static int 1560mac_biba_check_kld_unload(struct ucred *cred) --- 15 unchanged lines hidden (view full) --- 1576 struct mac_biba *subj, *obj; 1577 1578 if (!mac_biba_enabled) 1579 return (0); 1580 1581 subj = SLOT(cred->cr_label); 1582 obj = SLOT(mntlabel); 1583 | 1553 return (EACCES); 1554 1555 return (0); 1556} 1557 1558 1559static int 1560mac_biba_check_kld_unload(struct ucred *cred) --- 15 unchanged lines hidden (view full) --- 1576 struct mac_biba *subj, *obj; 1577 1578 if (!mac_biba_enabled) 1579 return (0); 1580 1581 subj = SLOT(cred->cr_label); 1582 obj = SLOT(mntlabel); 1583 |
| 1584 if (!mac_biba_dominate_single(obj, subj)) | 1584 if (!mac_biba_dominate_effective(obj, subj)) |
| 1585 return (EACCES); 1586 1587 return (0); 1588} 1589 1590static int 1591mac_biba_check_pipe_ioctl(struct ucred *cred, struct pipepair *pp, 1592 struct label *pipelabel, unsigned long cmd, void /* caddr_t */ *data) --- 14 unchanged lines hidden (view full) --- 1607 struct mac_biba *subj, *obj; 1608 1609 if (!mac_biba_enabled) 1610 return (0); 1611 1612 subj = SLOT(cred->cr_label); 1613 obj = SLOT((pipelabel)); 1614 | 1585 return (EACCES); 1586 1587 return (0); 1588} 1589 1590static int 1591mac_biba_check_pipe_ioctl(struct ucred *cred, struct pipepair *pp, 1592 struct label *pipelabel, unsigned long cmd, void /* caddr_t */ *data) --- 14 unchanged lines hidden (view full) --- 1607 struct mac_biba *subj, *obj; 1608 1609 if (!mac_biba_enabled) 1610 return (0); 1611 1612 subj = SLOT(cred->cr_label); 1613 obj = SLOT((pipelabel)); 1614 |
| 1615 if (!mac_biba_dominate_single(obj, subj)) | 1615 if (!mac_biba_dominate_effective(obj, subj)) |
| 1616 return (EACCES); 1617 1618 return (0); 1619} 1620 1621static int 1622mac_biba_check_pipe_read(struct ucred *cred, struct pipepair *pp, 1623 struct label *pipelabel) 1624{ 1625 struct mac_biba *subj, *obj; 1626 1627 if (!mac_biba_enabled) 1628 return (0); 1629 1630 subj = SLOT(cred->cr_label); 1631 obj = SLOT((pipelabel)); 1632 | 1616 return (EACCES); 1617 1618 return (0); 1619} 1620 1621static int 1622mac_biba_check_pipe_read(struct ucred *cred, struct pipepair *pp, 1623 struct label *pipelabel) 1624{ 1625 struct mac_biba *subj, *obj; 1626 1627 if (!mac_biba_enabled) 1628 return (0); 1629 1630 subj = SLOT(cred->cr_label); 1631 obj = SLOT((pipelabel)); 1632 |
| 1633 if (!mac_biba_dominate_single(obj, subj)) | 1633 if (!mac_biba_dominate_effective(obj, subj)) |
| 1634 return (EACCES); 1635 1636 return (0); 1637} 1638 1639static int 1640mac_biba_check_pipe_relabel(struct ucred *cred, struct pipepair *pp, 1641 struct label *pipelabel, struct label *newlabel) 1642{ 1643 struct mac_biba *subj, *obj, *new; 1644 int error; 1645 1646 new = SLOT(newlabel); 1647 subj = SLOT(cred->cr_label); 1648 obj = SLOT(pipelabel); 1649 1650 /* 1651 * If there is a Biba label update for a pipe, it must be a | 1634 return (EACCES); 1635 1636 return (0); 1637} 1638 1639static int 1640mac_biba_check_pipe_relabel(struct ucred *cred, struct pipepair *pp, 1641 struct label *pipelabel, struct label *newlabel) 1642{ 1643 struct mac_biba *subj, *obj, *new; 1644 int error; 1645 1646 new = SLOT(newlabel); 1647 subj = SLOT(cred->cr_label); 1648 obj = SLOT(pipelabel); 1649 1650 /* 1651 * If there is a Biba label update for a pipe, it must be a |
| 1652 * single update. | 1652 * effective update. |
| 1653 */ | 1653 */ |
| 1654 error = biba_atmostflags(new, MAC_BIBA_FLAG_SINGLE); | 1654 error = biba_atmostflags(new, MAC_BIBA_FLAG_EFFECTIVE); |
| 1655 if (error) 1656 return (error); 1657 1658 /* 1659 * To perform a relabel of a pipe (Biba label or not), Biba must 1660 * authorize the relabel. 1661 */ | 1655 if (error) 1656 return (error); 1657 1658 /* 1659 * To perform a relabel of a pipe (Biba label or not), Biba must 1660 * authorize the relabel. 1661 */ |
| 1662 if (!mac_biba_single_in_range(obj, subj)) | 1662 if (!mac_biba_effective_in_range(obj, subj)) |
| 1663 return (EPERM); 1664 1665 /* 1666 * If the Biba label is to be changed, authorize as appropriate. 1667 */ | 1663 return (EPERM); 1664 1665 /* 1666 * If the Biba label is to be changed, authorize as appropriate. 1667 */ |
| 1668 if (new->mb_flags & MAC_BIBA_FLAG_SINGLE) { | 1668 if (new->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { |
| 1669 /* 1670 * To change the Biba label on a pipe, the new pipe label 1671 * must be in the subject range. 1672 */ | 1669 /* 1670 * To change the Biba label on a pipe, the new pipe label 1671 * must be in the subject range. 1672 */ |
| 1673 if (!mac_biba_single_in_range(new, subj)) | 1673 if (!mac_biba_effective_in_range(new, subj)) |
| 1674 return (EPERM); 1675 1676 /* 1677 * To change the Biba label on a pipe to be EQUAL, the 1678 * subject must have appropriate privilege. 1679 */ 1680 if (mac_biba_contains_equal(new)) { 1681 error = mac_biba_subject_privileged(subj); --- 12 unchanged lines hidden (view full) --- 1694 struct mac_biba *subj, *obj; 1695 1696 if (!mac_biba_enabled) 1697 return (0); 1698 1699 subj = SLOT(cred->cr_label); 1700 obj = SLOT((pipelabel)); 1701 | 1674 return (EPERM); 1675 1676 /* 1677 * To change the Biba label on a pipe to be EQUAL, the 1678 * subject must have appropriate privilege. 1679 */ 1680 if (mac_biba_contains_equal(new)) { 1681 error = mac_biba_subject_privileged(subj); --- 12 unchanged lines hidden (view full) --- 1694 struct mac_biba *subj, *obj; 1695 1696 if (!mac_biba_enabled) 1697 return (0); 1698 1699 subj = SLOT(cred->cr_label); 1700 obj = SLOT((pipelabel)); 1701 |
| 1702 if (!mac_biba_dominate_single(obj, subj)) | 1702 if (!mac_biba_dominate_effective(obj, subj)) |
| 1703 return (EACCES); 1704 1705 return (0); 1706} 1707 1708static int 1709mac_biba_check_pipe_write(struct ucred *cred, struct pipepair *pp, 1710 struct label *pipelabel) 1711{ 1712 struct mac_biba *subj, *obj; 1713 1714 if (!mac_biba_enabled) 1715 return (0); 1716 1717 subj = SLOT(cred->cr_label); 1718 obj = SLOT((pipelabel)); 1719 | 1703 return (EACCES); 1704 1705 return (0); 1706} 1707 1708static int 1709mac_biba_check_pipe_write(struct ucred *cred, struct pipepair *pp, 1710 struct label *pipelabel) 1711{ 1712 struct mac_biba *subj, *obj; 1713 1714 if (!mac_biba_enabled) 1715 return (0); 1716 1717 subj = SLOT(cred->cr_label); 1718 obj = SLOT((pipelabel)); 1719 |
| 1720 if (!mac_biba_dominate_single(subj, obj)) | 1720 if (!mac_biba_dominate_effective(subj, obj)) |
| 1721 return (EACCES); 1722 1723 return (0); 1724} 1725 1726static int 1727mac_biba_check_proc_debug(struct ucred *cred, struct proc *proc) 1728{ 1729 struct mac_biba *subj, *obj; 1730 1731 if (!mac_biba_enabled) 1732 return (0); 1733 1734 subj = SLOT(cred->cr_label); 1735 obj = SLOT(proc->p_ucred->cr_label); 1736 1737 /* XXX: range checks */ | 1721 return (EACCES); 1722 1723 return (0); 1724} 1725 1726static int 1727mac_biba_check_proc_debug(struct ucred *cred, struct proc *proc) 1728{ 1729 struct mac_biba *subj, *obj; 1730 1731 if (!mac_biba_enabled) 1732 return (0); 1733 1734 subj = SLOT(cred->cr_label); 1735 obj = SLOT(proc->p_ucred->cr_label); 1736 1737 /* XXX: range checks */ |
| 1738 if (!mac_biba_dominate_single(obj, subj)) | 1738 if (!mac_biba_dominate_effective(obj, subj)) |
| 1739 return (ESRCH); | 1739 return (ESRCH); |
| 1740 if (!mac_biba_dominate_single(subj, obj)) | 1740 if (!mac_biba_dominate_effective(subj, obj)) |
| 1741 return (EACCES); 1742 1743 return (0); 1744} 1745 1746static int 1747mac_biba_check_proc_sched(struct ucred *cred, struct proc *proc) 1748{ 1749 struct mac_biba *subj, *obj; 1750 1751 if (!mac_biba_enabled) 1752 return (0); 1753 1754 subj = SLOT(cred->cr_label); 1755 obj = SLOT(proc->p_ucred->cr_label); 1756 1757 /* XXX: range checks */ | 1741 return (EACCES); 1742 1743 return (0); 1744} 1745 1746static int 1747mac_biba_check_proc_sched(struct ucred *cred, struct proc *proc) 1748{ 1749 struct mac_biba *subj, *obj; 1750 1751 if (!mac_biba_enabled) 1752 return (0); 1753 1754 subj = SLOT(cred->cr_label); 1755 obj = SLOT(proc->p_ucred->cr_label); 1756 1757 /* XXX: range checks */ |
| 1758 if (!mac_biba_dominate_single(obj, subj)) | 1758 if (!mac_biba_dominate_effective(obj, subj)) |
| 1759 return (ESRCH); | 1759 return (ESRCH); |
| 1760 if (!mac_biba_dominate_single(subj, obj)) | 1760 if (!mac_biba_dominate_effective(subj, obj)) |
| 1761 return (EACCES); 1762 1763 return (0); 1764} 1765 1766static int 1767mac_biba_check_proc_signal(struct ucred *cred, struct proc *proc, int signum) 1768{ 1769 struct mac_biba *subj, *obj; 1770 1771 if (!mac_biba_enabled) 1772 return (0); 1773 1774 subj = SLOT(cred->cr_label); 1775 obj = SLOT(proc->p_ucred->cr_label); 1776 1777 /* XXX: range checks */ | 1761 return (EACCES); 1762 1763 return (0); 1764} 1765 1766static int 1767mac_biba_check_proc_signal(struct ucred *cred, struct proc *proc, int signum) 1768{ 1769 struct mac_biba *subj, *obj; 1770 1771 if (!mac_biba_enabled) 1772 return (0); 1773 1774 subj = SLOT(cred->cr_label); 1775 obj = SLOT(proc->p_ucred->cr_label); 1776 1777 /* XXX: range checks */ |
| 1778 if (!mac_biba_dominate_single(obj, subj)) | 1778 if (!mac_biba_dominate_effective(obj, subj)) |
| 1779 return (ESRCH); | 1779 return (ESRCH); |
| 1780 if (!mac_biba_dominate_single(subj, obj)) | 1780 if (!mac_biba_dominate_effective(subj, obj)) |
| 1781 return (EACCES); 1782 1783 return (0); 1784} 1785 1786static int 1787mac_biba_check_socket_deliver(struct socket *so, struct label *socketlabel, 1788 struct mbuf *m, struct label *mbuflabel) 1789{ 1790 struct mac_biba *p, *s; 1791 1792 if (!mac_biba_enabled) 1793 return (0); 1794 1795 p = SLOT(mbuflabel); 1796 s = SLOT(socketlabel); 1797 | 1781 return (EACCES); 1782 1783 return (0); 1784} 1785 1786static int 1787mac_biba_check_socket_deliver(struct socket *so, struct label *socketlabel, 1788 struct mbuf *m, struct label *mbuflabel) 1789{ 1790 struct mac_biba *p, *s; 1791 1792 if (!mac_biba_enabled) 1793 return (0); 1794 1795 p = SLOT(mbuflabel); 1796 s = SLOT(socketlabel); 1797 |
| 1798 return (mac_biba_equal_single(p, s) ? 0 : EACCES); | 1798 return (mac_biba_equal_effective(p, s) ? 0 : EACCES); |
| 1799} 1800 1801static int 1802mac_biba_check_socket_relabel(struct ucred *cred, struct socket *so, 1803 struct label *socketlabel, struct label *newlabel) 1804{ 1805 struct mac_biba *subj, *obj, *new; 1806 int error; 1807 1808 new = SLOT(newlabel); 1809 subj = SLOT(cred->cr_label); 1810 obj = SLOT(socketlabel); 1811 1812 /* 1813 * If there is a Biba label update for the socket, it may be | 1799} 1800 1801static int 1802mac_biba_check_socket_relabel(struct ucred *cred, struct socket *so, 1803 struct label *socketlabel, struct label *newlabel) 1804{ 1805 struct mac_biba *subj, *obj, *new; 1806 int error; 1807 1808 new = SLOT(newlabel); 1809 subj = SLOT(cred->cr_label); 1810 obj = SLOT(socketlabel); 1811 1812 /* 1813 * If there is a Biba label update for the socket, it may be |
| 1814 * an update of single. | 1814 * an update of effective. |
| 1815 */ | 1815 */ |
| 1816 error = biba_atmostflags(new, MAC_BIBA_FLAG_SINGLE); | 1816 error = biba_atmostflags(new, MAC_BIBA_FLAG_EFFECTIVE); |
| 1817 if (error) 1818 return (error); 1819 1820 /* | 1817 if (error) 1818 return (error); 1819 1820 /* |
| 1821 * To relabel a socket, the old socket single must be in the subject | 1821 * To relabel a socket, the old socket effective must be in the subject |
| 1822 * range. 1823 */ | 1822 * range. 1823 */ |
| 1824 if (!mac_biba_single_in_range(obj, subj)) | 1824 if (!mac_biba_effective_in_range(obj, subj)) |
| 1825 return (EPERM); 1826 1827 /* 1828 * If the Biba label is to be changed, authorize as appropriate. 1829 */ | 1825 return (EPERM); 1826 1827 /* 1828 * If the Biba label is to be changed, authorize as appropriate. 1829 */ |
| 1830 if (new->mb_flags & MAC_BIBA_FLAG_SINGLE) { | 1830 if (new->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { |
| 1831 /* | 1831 /* |
| 1832 * To relabel a socket, the new socket single must be in | 1832 * To relabel a socket, the new socket effective must be in |
| 1833 * the subject range. 1834 */ | 1833 * the subject range. 1834 */ |
| 1835 if (!mac_biba_single_in_range(new, subj)) | 1835 if (!mac_biba_effective_in_range(new, subj)) |
| 1836 return (EPERM); 1837 1838 /* 1839 * To change the Biba label on the socket to contain EQUAL, 1840 * the subject must have appropriate privilege. 1841 */ 1842 if (mac_biba_contains_equal(new)) { 1843 error = mac_biba_subject_privileged(subj); --- 12 unchanged lines hidden (view full) --- 1856 struct mac_biba *subj, *obj; 1857 1858 if (!mac_biba_enabled) 1859 return (0); 1860 1861 subj = SLOT(cred->cr_label); 1862 obj = SLOT(socketlabel); 1863 | 1836 return (EPERM); 1837 1838 /* 1839 * To change the Biba label on the socket to contain EQUAL, 1840 * the subject must have appropriate privilege. 1841 */ 1842 if (mac_biba_contains_equal(new)) { 1843 error = mac_biba_subject_privileged(subj); --- 12 unchanged lines hidden (view full) --- 1856 struct mac_biba *subj, *obj; 1857 1858 if (!mac_biba_enabled) 1859 return (0); 1860 1861 subj = SLOT(cred->cr_label); 1862 obj = SLOT(socketlabel); 1863 |
| 1864 if (!mac_biba_dominate_single(obj, subj)) | 1864 if (!mac_biba_dominate_effective(obj, subj)) |
| 1865 return (ENOENT); 1866 1867 return (0); 1868} 1869 1870static int 1871mac_biba_check_sysarch_ioperm(struct ucred *cred) 1872{ --- 27 unchanged lines hidden (view full) --- 1900 error = mac_biba_subject_privileged(subj); 1901 if (error) 1902 return (error); 1903 1904 if (label == NULL) 1905 return (0); 1906 1907 obj = SLOT(label); | 1865 return (ENOENT); 1866 1867 return (0); 1868} 1869 1870static int 1871mac_biba_check_sysarch_ioperm(struct ucred *cred) 1872{ --- 27 unchanged lines hidden (view full) --- 1900 error = mac_biba_subject_privileged(subj); 1901 if (error) 1902 return (error); 1903 1904 if (label == NULL) 1905 return (0); 1906 1907 obj = SLOT(label); |
| 1908 if (!mac_biba_high_single(obj)) | 1908 if (!mac_biba_high_effective(obj)) |
| 1909 return (EACCES); 1910 1911 return (0); 1912} 1913 1914static int 1915mac_biba_check_system_settime(struct ucred *cred) 1916{ --- 24 unchanged lines hidden (view full) --- 1941 1942 subj = SLOT(cred->cr_label); 1943 obj = SLOT(label); 1944 1945 error = mac_biba_subject_privileged(subj); 1946 if (error) 1947 return (error); 1948 | 1909 return (EACCES); 1910 1911 return (0); 1912} 1913 1914static int 1915mac_biba_check_system_settime(struct ucred *cred) 1916{ --- 24 unchanged lines hidden (view full) --- 1941 1942 subj = SLOT(cred->cr_label); 1943 obj = SLOT(label); 1944 1945 error = mac_biba_subject_privileged(subj); 1946 if (error) 1947 return (error); 1948 |
| 1949 if (!mac_biba_high_single(obj)) | 1949 if (!mac_biba_high_effective(obj)) |
| 1950 return (EACCES); 1951 1952 return (0); 1953} 1954 1955static int 1956mac_biba_check_system_swapoff(struct ucred *cred, struct vnode *vp, 1957 struct label *label) --- 49 unchanged lines hidden (view full) --- 2007 struct mac_biba *subj, *obj; 2008 2009 if (!mac_biba_enabled) 2010 return (0); 2011 2012 subj = SLOT(cred->cr_label); 2013 obj = SLOT(dlabel); 2014 | 1950 return (EACCES); 1951 1952 return (0); 1953} 1954 1955static int 1956mac_biba_check_system_swapoff(struct ucred *cred, struct vnode *vp, 1957 struct label *label) --- 49 unchanged lines hidden (view full) --- 2007 struct mac_biba *subj, *obj; 2008 2009 if (!mac_biba_enabled) 2010 return (0); 2011 2012 subj = SLOT(cred->cr_label); 2013 obj = SLOT(dlabel); 2014 |
| 2015 if (!mac_biba_dominate_single(obj, subj)) | 2015 if (!mac_biba_dominate_effective(obj, subj)) |
| 2016 return (EACCES); 2017 2018 return (0); 2019} 2020 2021static int 2022mac_biba_check_vnode_chroot(struct ucred *cred, struct vnode *dvp, 2023 struct label *dlabel) 2024{ 2025 struct mac_biba *subj, *obj; 2026 2027 if (!mac_biba_enabled) 2028 return (0); 2029 2030 subj = SLOT(cred->cr_label); 2031 obj = SLOT(dlabel); 2032 | 2016 return (EACCES); 2017 2018 return (0); 2019} 2020 2021static int 2022mac_biba_check_vnode_chroot(struct ucred *cred, struct vnode *dvp, 2023 struct label *dlabel) 2024{ 2025 struct mac_biba *subj, *obj; 2026 2027 if (!mac_biba_enabled) 2028 return (0); 2029 2030 subj = SLOT(cred->cr_label); 2031 obj = SLOT(dlabel); 2032 |
| 2033 if (!mac_biba_dominate_single(obj, subj)) | 2033 if (!mac_biba_dominate_effective(obj, subj)) |
| 2034 return (EACCES); 2035 2036 return (0); 2037} 2038 2039static int 2040mac_biba_check_vnode_create(struct ucred *cred, struct vnode *dvp, 2041 struct label *dlabel, struct componentname *cnp, struct vattr *vap) 2042{ 2043 struct mac_biba *subj, *obj; 2044 2045 if (!mac_biba_enabled) 2046 return (0); 2047 2048 subj = SLOT(cred->cr_label); 2049 obj = SLOT(dlabel); 2050 | 2034 return (EACCES); 2035 2036 return (0); 2037} 2038 2039static int 2040mac_biba_check_vnode_create(struct ucred *cred, struct vnode *dvp, 2041 struct label *dlabel, struct componentname *cnp, struct vattr *vap) 2042{ 2043 struct mac_biba *subj, *obj; 2044 2045 if (!mac_biba_enabled) 2046 return (0); 2047 2048 subj = SLOT(cred->cr_label); 2049 obj = SLOT(dlabel); 2050 |
| 2051 if (!mac_biba_dominate_single(subj, obj)) | 2051 if (!mac_biba_dominate_effective(subj, obj)) |
| 2052 return (EACCES); 2053 2054 return (0); 2055} 2056 2057static int 2058mac_biba_check_vnode_delete(struct ucred *cred, struct vnode *dvp, 2059 struct label *dlabel, struct vnode *vp, struct label *label, 2060 struct componentname *cnp) 2061{ 2062 struct mac_biba *subj, *obj; 2063 2064 if (!mac_biba_enabled) 2065 return (0); 2066 2067 subj = SLOT(cred->cr_label); 2068 obj = SLOT(dlabel); 2069 | 2052 return (EACCES); 2053 2054 return (0); 2055} 2056 2057static int 2058mac_biba_check_vnode_delete(struct ucred *cred, struct vnode *dvp, 2059 struct label *dlabel, struct vnode *vp, struct label *label, 2060 struct componentname *cnp) 2061{ 2062 struct mac_biba *subj, *obj; 2063 2064 if (!mac_biba_enabled) 2065 return (0); 2066 2067 subj = SLOT(cred->cr_label); 2068 obj = SLOT(dlabel); 2069 |
| 2070 if (!mac_biba_dominate_single(subj, obj)) | 2070 if (!mac_biba_dominate_effective(subj, obj)) |
| 2071 return (EACCES); 2072 2073 obj = SLOT(label); 2074 | 2071 return (EACCES); 2072 2073 obj = SLOT(label); 2074 |
| 2075 if (!mac_biba_dominate_single(subj, obj)) | 2075 if (!mac_biba_dominate_effective(subj, obj)) |
| 2076 return (EACCES); 2077 2078 return (0); 2079} 2080 2081static int 2082mac_biba_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, 2083 struct label *label, acl_type_t type) 2084{ 2085 struct mac_biba *subj, *obj; 2086 2087 if (!mac_biba_enabled) 2088 return (0); 2089 2090 subj = SLOT(cred->cr_label); 2091 obj = SLOT(label); 2092 | 2076 return (EACCES); 2077 2078 return (0); 2079} 2080 2081static int 2082mac_biba_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, 2083 struct label *label, acl_type_t type) 2084{ 2085 struct mac_biba *subj, *obj; 2086 2087 if (!mac_biba_enabled) 2088 return (0); 2089 2090 subj = SLOT(cred->cr_label); 2091 obj = SLOT(label); 2092 |
| 2093 if (!mac_biba_dominate_single(subj, obj)) | 2093 if (!mac_biba_dominate_effective(subj, obj)) |
| 2094 return (EACCES); 2095 2096 return (0); 2097} 2098 2099static int 2100mac_biba_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp, 2101 struct label *label, int attrnamespace, const char *name) 2102{ 2103 struct mac_biba *subj, *obj; 2104 2105 if (!mac_biba_enabled) 2106 return (0); 2107 2108 subj = SLOT(cred->cr_label); 2109 obj = SLOT(label); 2110 | 2094 return (EACCES); 2095 2096 return (0); 2097} 2098 2099static int 2100mac_biba_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp, 2101 struct label *label, int attrnamespace, const char *name) 2102{ 2103 struct mac_biba *subj, *obj; 2104 2105 if (!mac_biba_enabled) 2106 return (0); 2107 2108 subj = SLOT(cred->cr_label); 2109 obj = SLOT(label); 2110 |
| 2111 if (!mac_biba_dominate_single(subj, obj)) | 2111 if (!mac_biba_dominate_effective(subj, obj)) |
| 2112 return (EACCES); 2113 2114 return (0); 2115} 2116 2117static int 2118mac_biba_check_vnode_exec(struct ucred *cred, struct vnode *vp, 2119 struct label *label, struct image_params *imgp, --- 15 unchanged lines hidden (view full) --- 2135 } 2136 2137 if (!mac_biba_enabled) 2138 return (0); 2139 2140 subj = SLOT(cred->cr_label); 2141 obj = SLOT(label); 2142 | 2112 return (EACCES); 2113 2114 return (0); 2115} 2116 2117static int 2118mac_biba_check_vnode_exec(struct ucred *cred, struct vnode *vp, 2119 struct label *label, struct image_params *imgp, --- 15 unchanged lines hidden (view full) --- 2135 } 2136 2137 if (!mac_biba_enabled) 2138 return (0); 2139 2140 subj = SLOT(cred->cr_label); 2141 obj = SLOT(label); 2142 |
| 2143 if (!mac_biba_dominate_single(obj, subj)) | 2143 if (!mac_biba_dominate_effective(obj, subj)) |
| 2144 return (EACCES); 2145 2146 return (0); 2147} 2148 2149static int 2150mac_biba_check_vnode_getacl(struct ucred *cred, struct vnode *vp, 2151 struct label *label, acl_type_t type) 2152{ 2153 struct mac_biba *subj, *obj; 2154 2155 if (!mac_biba_enabled) 2156 return (0); 2157 2158 subj = SLOT(cred->cr_label); 2159 obj = SLOT(label); 2160 | 2144 return (EACCES); 2145 2146 return (0); 2147} 2148 2149static int 2150mac_biba_check_vnode_getacl(struct ucred *cred, struct vnode *vp, 2151 struct label *label, acl_type_t type) 2152{ 2153 struct mac_biba *subj, *obj; 2154 2155 if (!mac_biba_enabled) 2156 return (0); 2157 2158 subj = SLOT(cred->cr_label); 2159 obj = SLOT(label); 2160 |
| 2161 if (!mac_biba_dominate_single(obj, subj)) | 2161 if (!mac_biba_dominate_effective(obj, subj)) |
| 2162 return (EACCES); 2163 2164 return (0); 2165} 2166 2167static int 2168mac_biba_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, 2169 struct label *label, int attrnamespace, const char *name, struct uio *uio) 2170{ 2171 struct mac_biba *subj, *obj; 2172 2173 if (!mac_biba_enabled) 2174 return (0); 2175 2176 subj = SLOT(cred->cr_label); 2177 obj = SLOT(label); 2178 | 2162 return (EACCES); 2163 2164 return (0); 2165} 2166 2167static int 2168mac_biba_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, 2169 struct label *label, int attrnamespace, const char *name, struct uio *uio) 2170{ 2171 struct mac_biba *subj, *obj; 2172 2173 if (!mac_biba_enabled) 2174 return (0); 2175 2176 subj = SLOT(cred->cr_label); 2177 obj = SLOT(label); 2178 |
| 2179 if (!mac_biba_dominate_single(obj, subj)) | 2179 if (!mac_biba_dominate_effective(obj, subj)) |
| 2180 return (EACCES); 2181 2182 return (0); 2183} 2184 2185static int 2186mac_biba_check_vnode_link(struct ucred *cred, struct vnode *dvp, 2187 struct label *dlabel, struct vnode *vp, struct label *label, 2188 struct componentname *cnp) 2189{ 2190 struct mac_biba *subj, *obj; 2191 2192 if (!mac_biba_enabled) 2193 return (0); 2194 2195 subj = SLOT(cred->cr_label); 2196 obj = SLOT(dlabel); 2197 | 2180 return (EACCES); 2181 2182 return (0); 2183} 2184 2185static int 2186mac_biba_check_vnode_link(struct ucred *cred, struct vnode *dvp, 2187 struct label *dlabel, struct vnode *vp, struct label *label, 2188 struct componentname *cnp) 2189{ 2190 struct mac_biba *subj, *obj; 2191 2192 if (!mac_biba_enabled) 2193 return (0); 2194 2195 subj = SLOT(cred->cr_label); 2196 obj = SLOT(dlabel); 2197 |
| 2198 if (!mac_biba_dominate_single(subj, obj)) | 2198 if (!mac_biba_dominate_effective(subj, obj)) |
| 2199 return (EACCES); 2200 2201 obj = SLOT(label); 2202 | 2199 return (EACCES); 2200 2201 obj = SLOT(label); 2202 |
| 2203 if (!mac_biba_dominate_single(subj, obj)) | 2203 if (!mac_biba_dominate_effective(subj, obj)) |
| 2204 return (EACCES); 2205 2206 return (0); 2207} 2208 2209static int 2210mac_biba_check_vnode_listextattr(struct ucred *cred, struct vnode *vp, 2211 struct label *label, int attrnamespace) 2212{ 2213 struct mac_biba *subj, *obj; 2214 2215 if (!mac_biba_enabled) 2216 return (0); 2217 2218 subj = SLOT(cred->cr_label); 2219 obj = SLOT(label); 2220 | 2204 return (EACCES); 2205 2206 return (0); 2207} 2208 2209static int 2210mac_biba_check_vnode_listextattr(struct ucred *cred, struct vnode *vp, 2211 struct label *label, int attrnamespace) 2212{ 2213 struct mac_biba *subj, *obj; 2214 2215 if (!mac_biba_enabled) 2216 return (0); 2217 2218 subj = SLOT(cred->cr_label); 2219 obj = SLOT(label); 2220 |
| 2221 if (!mac_biba_dominate_single(obj, subj)) | 2221 if (!mac_biba_dominate_effective(obj, subj)) |
| 2222 return (EACCES); 2223 2224 return (0); 2225} 2226 2227static int 2228mac_biba_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, 2229 struct label *dlabel, struct componentname *cnp) 2230{ 2231 struct mac_biba *subj, *obj; 2232 2233 if (!mac_biba_enabled) 2234 return (0); 2235 2236 subj = SLOT(cred->cr_label); 2237 obj = SLOT(dlabel); 2238 | 2222 return (EACCES); 2223 2224 return (0); 2225} 2226 2227static int 2228mac_biba_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, 2229 struct label *dlabel, struct componentname *cnp) 2230{ 2231 struct mac_biba *subj, *obj; 2232 2233 if (!mac_biba_enabled) 2234 return (0); 2235 2236 subj = SLOT(cred->cr_label); 2237 obj = SLOT(dlabel); 2238 |
| 2239 if (!mac_biba_dominate_single(obj, subj)) | 2239 if (!mac_biba_dominate_effective(obj, subj)) |
| 2240 return (EACCES); 2241 2242 return (0); 2243} 2244 2245static int 2246mac_biba_check_vnode_mmap(struct ucred *cred, struct vnode *vp, 2247 struct label *label, int prot) --- 6 unchanged lines hidden (view full) --- 2254 */ 2255 if (!mac_biba_enabled || !revocation_enabled) 2256 return (0); 2257 2258 subj = SLOT(cred->cr_label); 2259 obj = SLOT(label); 2260 2261 if (prot & (VM_PROT_READ | VM_PROT_EXECUTE)) { | 2240 return (EACCES); 2241 2242 return (0); 2243} 2244 2245static int 2246mac_biba_check_vnode_mmap(struct ucred *cred, struct vnode *vp, 2247 struct label *label, int prot) --- 6 unchanged lines hidden (view full) --- 2254 */ 2255 if (!mac_biba_enabled || !revocation_enabled) 2256 return (0); 2257 2258 subj = SLOT(cred->cr_label); 2259 obj = SLOT(label); 2260 2261 if (prot & (VM_PROT_READ | VM_PROT_EXECUTE)) { |
| 2262 if (!mac_biba_dominate_single(obj, subj)) | 2262 if (!mac_biba_dominate_effective(obj, subj)) |
| 2263 return (EACCES); 2264 } 2265 if (prot & VM_PROT_WRITE) { | 2263 return (EACCES); 2264 } 2265 if (prot & VM_PROT_WRITE) { |
| 2266 if (!mac_biba_dominate_single(subj, obj)) | 2266 if (!mac_biba_dominate_effective(subj, obj)) |
| 2267 return (EACCES); 2268 } 2269 2270 return (0); 2271} 2272 2273static int 2274mac_biba_check_vnode_open(struct ucred *cred, struct vnode *vp, --- 4 unchanged lines hidden (view full) --- 2279 if (!mac_biba_enabled) 2280 return (0); 2281 2282 subj = SLOT(cred->cr_label); 2283 obj = SLOT(vnodelabel); 2284 2285 /* XXX privilege override for admin? */ 2286 if (acc_mode & (VREAD | VEXEC | VSTAT)) { | 2267 return (EACCES); 2268 } 2269 2270 return (0); 2271} 2272 2273static int 2274mac_biba_check_vnode_open(struct ucred *cred, struct vnode *vp, --- 4 unchanged lines hidden (view full) --- 2279 if (!mac_biba_enabled) 2280 return (0); 2281 2282 subj = SLOT(cred->cr_label); 2283 obj = SLOT(vnodelabel); 2284 2285 /* XXX privilege override for admin? */ 2286 if (acc_mode & (VREAD | VEXEC | VSTAT)) { |
| 2287 if (!mac_biba_dominate_single(obj, subj)) | 2287 if (!mac_biba_dominate_effective(obj, subj)) |
| 2288 return (EACCES); 2289 } 2290 if (acc_mode & (VWRITE | VAPPEND | VADMIN)) { | 2288 return (EACCES); 2289 } 2290 if (acc_mode & (VWRITE | VAPPEND | VADMIN)) { |
| 2291 if (!mac_biba_dominate_single(subj, obj)) | 2291 if (!mac_biba_dominate_effective(subj, obj)) |
| 2292 return (EACCES); 2293 } 2294 2295 return (0); 2296} 2297 2298static int 2299mac_biba_check_vnode_poll(struct ucred *active_cred, struct ucred *file_cred, 2300 struct vnode *vp, struct label *label) 2301{ 2302 struct mac_biba *subj, *obj; 2303 2304 if (!mac_biba_enabled || !revocation_enabled) 2305 return (0); 2306 2307 subj = SLOT(active_cred->cr_label); 2308 obj = SLOT(label); 2309 | 2292 return (EACCES); 2293 } 2294 2295 return (0); 2296} 2297 2298static int 2299mac_biba_check_vnode_poll(struct ucred *active_cred, struct ucred *file_cred, 2300 struct vnode *vp, struct label *label) 2301{ 2302 struct mac_biba *subj, *obj; 2303 2304 if (!mac_biba_enabled || !revocation_enabled) 2305 return (0); 2306 2307 subj = SLOT(active_cred->cr_label); 2308 obj = SLOT(label); 2309 |
| 2310 if (!mac_biba_dominate_single(obj, subj)) | 2310 if (!mac_biba_dominate_effective(obj, subj)) |
| 2311 return (EACCES); 2312 2313 return (0); 2314} 2315 2316static int 2317mac_biba_check_vnode_read(struct ucred *active_cred, struct ucred *file_cred, 2318 struct vnode *vp, struct label *label) 2319{ 2320 struct mac_biba *subj, *obj; 2321 2322 if (!mac_biba_enabled || !revocation_enabled) 2323 return (0); 2324 2325 subj = SLOT(active_cred->cr_label); 2326 obj = SLOT(label); 2327 | 2311 return (EACCES); 2312 2313 return (0); 2314} 2315 2316static int 2317mac_biba_check_vnode_read(struct ucred *active_cred, struct ucred *file_cred, 2318 struct vnode *vp, struct label *label) 2319{ 2320 struct mac_biba *subj, *obj; 2321 2322 if (!mac_biba_enabled || !revocation_enabled) 2323 return (0); 2324 2325 subj = SLOT(active_cred->cr_label); 2326 obj = SLOT(label); 2327 |
| 2328 if (!mac_biba_dominate_single(obj, subj)) | 2328 if (!mac_biba_dominate_effective(obj, subj)) |
| 2329 return (EACCES); 2330 2331 return (0); 2332} 2333 2334static int 2335mac_biba_check_vnode_readdir(struct ucred *cred, struct vnode *dvp, 2336 struct label *dlabel) 2337{ 2338 struct mac_biba *subj, *obj; 2339 2340 if (!mac_biba_enabled) 2341 return (0); 2342 2343 subj = SLOT(cred->cr_label); 2344 obj = SLOT(dlabel); 2345 | 2329 return (EACCES); 2330 2331 return (0); 2332} 2333 2334static int 2335mac_biba_check_vnode_readdir(struct ucred *cred, struct vnode *dvp, 2336 struct label *dlabel) 2337{ 2338 struct mac_biba *subj, *obj; 2339 2340 if (!mac_biba_enabled) 2341 return (0); 2342 2343 subj = SLOT(cred->cr_label); 2344 obj = SLOT(dlabel); 2345 |
| 2346 if (!mac_biba_dominate_single(obj, subj)) | 2346 if (!mac_biba_dominate_effective(obj, subj)) |
| 2347 return (EACCES); 2348 2349 return (0); 2350} 2351 2352static int 2353mac_biba_check_vnode_readlink(struct ucred *cred, struct vnode *vp, 2354 struct label *label) 2355{ 2356 struct mac_biba *subj, *obj; 2357 2358 if (!mac_biba_enabled) 2359 return (0); 2360 2361 subj = SLOT(cred->cr_label); 2362 obj = SLOT(label); 2363 | 2347 return (EACCES); 2348 2349 return (0); 2350} 2351 2352static int 2353mac_biba_check_vnode_readlink(struct ucred *cred, struct vnode *vp, 2354 struct label *label) 2355{ 2356 struct mac_biba *subj, *obj; 2357 2358 if (!mac_biba_enabled) 2359 return (0); 2360 2361 subj = SLOT(cred->cr_label); 2362 obj = SLOT(label); 2363 |
| 2364 if (!mac_biba_dominate_single(obj, subj)) | 2364 if (!mac_biba_dominate_effective(obj, subj)) |
| 2365 return (EACCES); 2366 2367 return (0); 2368} 2369 2370static int 2371mac_biba_check_vnode_relabel(struct ucred *cred, struct vnode *vp, 2372 struct label *vnodelabel, struct label *newlabel) 2373{ 2374 struct mac_biba *old, *new, *subj; 2375 int error; 2376 2377 old = SLOT(vnodelabel); 2378 new = SLOT(newlabel); 2379 subj = SLOT(cred->cr_label); 2380 2381 /* 2382 * If there is a Biba label update for the vnode, it must be a | 2365 return (EACCES); 2366 2367 return (0); 2368} 2369 2370static int 2371mac_biba_check_vnode_relabel(struct ucred *cred, struct vnode *vp, 2372 struct label *vnodelabel, struct label *newlabel) 2373{ 2374 struct mac_biba *old, *new, *subj; 2375 int error; 2376 2377 old = SLOT(vnodelabel); 2378 new = SLOT(newlabel); 2379 subj = SLOT(cred->cr_label); 2380 2381 /* 2382 * If there is a Biba label update for the vnode, it must be a |
| 2383 * single label. | 2383 * effective label. |
| 2384 */ | 2384 */ |
| 2385 error = biba_atmostflags(new, MAC_BIBA_FLAG_SINGLE); | 2385 error = biba_atmostflags(new, MAC_BIBA_FLAG_EFFECTIVE); |
| 2386 if (error) 2387 return (error); 2388 2389 /* 2390 * To perform a relabel of the vnode (Biba label or not), Biba must 2391 * authorize the relabel. 2392 */ | 2386 if (error) 2387 return (error); 2388 2389 /* 2390 * To perform a relabel of the vnode (Biba label or not), Biba must 2391 * authorize the relabel. 2392 */ |
| 2393 if (!mac_biba_single_in_range(old, subj)) | 2393 if (!mac_biba_effective_in_range(old, subj)) |
| 2394 return (EPERM); 2395 2396 /* 2397 * If the Biba label is to be changed, authorize as appropriate. 2398 */ | 2394 return (EPERM); 2395 2396 /* 2397 * If the Biba label is to be changed, authorize as appropriate. 2398 */ |
| 2399 if (new->mb_flags & MAC_BIBA_FLAG_SINGLE) { | 2399 if (new->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { |
| 2400 /* 2401 * To change the Biba label on a vnode, the new vnode label 2402 * must be in the subject range. 2403 */ | 2400 /* 2401 * To change the Biba label on a vnode, the new vnode label 2402 * must be in the subject range. 2403 */ |
| 2404 if (!mac_biba_single_in_range(new, subj)) | 2404 if (!mac_biba_effective_in_range(new, subj)) |
| 2405 return (EPERM); 2406 2407 /* 2408 * To change the Biba label on the vnode to be EQUAL, 2409 * the subject must have appropriate privilege. 2410 */ 2411 if (mac_biba_contains_equal(new)) { 2412 error = mac_biba_subject_privileged(subj); --- 13 unchanged lines hidden (view full) --- 2426 struct mac_biba *subj, *obj; 2427 2428 if (!mac_biba_enabled) 2429 return (0); 2430 2431 subj = SLOT(cred->cr_label); 2432 obj = SLOT(dlabel); 2433 | 2405 return (EPERM); 2406 2407 /* 2408 * To change the Biba label on the vnode to be EQUAL, 2409 * the subject must have appropriate privilege. 2410 */ 2411 if (mac_biba_contains_equal(new)) { 2412 error = mac_biba_subject_privileged(subj); --- 13 unchanged lines hidden (view full) --- 2426 struct mac_biba *subj, *obj; 2427 2428 if (!mac_biba_enabled) 2429 return (0); 2430 2431 subj = SLOT(cred->cr_label); 2432 obj = SLOT(dlabel); 2433 |
| 2434 if (!mac_biba_dominate_single(subj, obj)) | 2434 if (!mac_biba_dominate_effective(subj, obj)) |
| 2435 return (EACCES); 2436 2437 obj = SLOT(label); 2438 | 2435 return (EACCES); 2436 2437 obj = SLOT(label); 2438 |
| 2439 if (!mac_biba_dominate_single(subj, obj)) | 2439 if (!mac_biba_dominate_effective(subj, obj)) |
| 2440 return (EACCES); 2441 2442 return (0); 2443} 2444 2445static int 2446mac_biba_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp, 2447 struct label *dlabel, struct vnode *vp, struct label *label, int samedir, 2448 struct componentname *cnp) 2449{ 2450 struct mac_biba *subj, *obj; 2451 2452 if (!mac_biba_enabled) 2453 return (0); 2454 2455 subj = SLOT(cred->cr_label); 2456 obj = SLOT(dlabel); 2457 | 2440 return (EACCES); 2441 2442 return (0); 2443} 2444 2445static int 2446mac_biba_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp, 2447 struct label *dlabel, struct vnode *vp, struct label *label, int samedir, 2448 struct componentname *cnp) 2449{ 2450 struct mac_biba *subj, *obj; 2451 2452 if (!mac_biba_enabled) 2453 return (0); 2454 2455 subj = SLOT(cred->cr_label); 2456 obj = SLOT(dlabel); 2457 |
| 2458 if (!mac_biba_dominate_single(subj, obj)) | 2458 if (!mac_biba_dominate_effective(subj, obj)) |
| 2459 return (EACCES); 2460 2461 if (vp != NULL) { 2462 obj = SLOT(label); 2463 | 2459 return (EACCES); 2460 2461 if (vp != NULL) { 2462 obj = SLOT(label); 2463 |
| 2464 if (!mac_biba_dominate_single(subj, obj)) | 2464 if (!mac_biba_dominate_effective(subj, obj)) |
| 2465 return (EACCES); 2466 } 2467 2468 return (0); 2469} 2470 2471static int 2472mac_biba_check_vnode_revoke(struct ucred *cred, struct vnode *vp, 2473 struct label *label) 2474{ 2475 struct mac_biba *subj, *obj; 2476 2477 if (!mac_biba_enabled) 2478 return (0); 2479 2480 subj = SLOT(cred->cr_label); 2481 obj = SLOT(label); 2482 | 2465 return (EACCES); 2466 } 2467 2468 return (0); 2469} 2470 2471static int 2472mac_biba_check_vnode_revoke(struct ucred *cred, struct vnode *vp, 2473 struct label *label) 2474{ 2475 struct mac_biba *subj, *obj; 2476 2477 if (!mac_biba_enabled) 2478 return (0); 2479 2480 subj = SLOT(cred->cr_label); 2481 obj = SLOT(label); 2482 |
| 2483 if (!mac_biba_dominate_single(subj, obj)) | 2483 if (!mac_biba_dominate_effective(subj, obj)) |
| 2484 return (EACCES); 2485 2486 return (0); 2487} 2488 2489static int 2490mac_biba_check_vnode_setacl(struct ucred *cred, struct vnode *vp, 2491 struct label *label, acl_type_t type, struct acl *acl) 2492{ 2493 struct mac_biba *subj, *obj; 2494 2495 if (!mac_biba_enabled) 2496 return (0); 2497 2498 subj = SLOT(cred->cr_label); 2499 obj = SLOT(label); 2500 | 2484 return (EACCES); 2485 2486 return (0); 2487} 2488 2489static int 2490mac_biba_check_vnode_setacl(struct ucred *cred, struct vnode *vp, 2491 struct label *label, acl_type_t type, struct acl *acl) 2492{ 2493 struct mac_biba *subj, *obj; 2494 2495 if (!mac_biba_enabled) 2496 return (0); 2497 2498 subj = SLOT(cred->cr_label); 2499 obj = SLOT(label); 2500 |
| 2501 if (!mac_biba_dominate_single(subj, obj)) | 2501 if (!mac_biba_dominate_effective(subj, obj)) |
| 2502 return (EACCES); 2503 2504 return (0); 2505} 2506 2507static int 2508mac_biba_check_vnode_setextattr(struct ucred *cred, struct vnode *vp, 2509 struct label *vnodelabel, int attrnamespace, const char *name, 2510 struct uio *uio) 2511{ 2512 struct mac_biba *subj, *obj; 2513 2514 if (!mac_biba_enabled) 2515 return (0); 2516 2517 subj = SLOT(cred->cr_label); 2518 obj = SLOT(vnodelabel); 2519 | 2502 return (EACCES); 2503 2504 return (0); 2505} 2506 2507static int 2508mac_biba_check_vnode_setextattr(struct ucred *cred, struct vnode *vp, 2509 struct label *vnodelabel, int attrnamespace, const char *name, 2510 struct uio *uio) 2511{ 2512 struct mac_biba *subj, *obj; 2513 2514 if (!mac_biba_enabled) 2515 return (0); 2516 2517 subj = SLOT(cred->cr_label); 2518 obj = SLOT(vnodelabel); 2519 |
| 2520 if (!mac_biba_dominate_single(subj, obj)) | 2520 if (!mac_biba_dominate_effective(subj, obj)) |
| 2521 return (EACCES); 2522 2523 /* XXX: protect the MAC EA in a special way? */ 2524 2525 return (0); 2526} 2527 2528static int 2529mac_biba_check_vnode_setflags(struct ucred *cred, struct vnode *vp, 2530 struct label *vnodelabel, u_long flags) 2531{ 2532 struct mac_biba *subj, *obj; 2533 2534 if (!mac_biba_enabled) 2535 return (0); 2536 2537 subj = SLOT(cred->cr_label); 2538 obj = SLOT(vnodelabel); 2539 | 2521 return (EACCES); 2522 2523 /* XXX: protect the MAC EA in a special way? */ 2524 2525 return (0); 2526} 2527 2528static int 2529mac_biba_check_vnode_setflags(struct ucred *cred, struct vnode *vp, 2530 struct label *vnodelabel, u_long flags) 2531{ 2532 struct mac_biba *subj, *obj; 2533 2534 if (!mac_biba_enabled) 2535 return (0); 2536 2537 subj = SLOT(cred->cr_label); 2538 obj = SLOT(vnodelabel); 2539 |
| 2540 if (!mac_biba_dominate_single(subj, obj)) | 2540 if (!mac_biba_dominate_effective(subj, obj)) |
| 2541 return (EACCES); 2542 2543 return (0); 2544} 2545 2546static int 2547mac_biba_check_vnode_setmode(struct ucred *cred, struct vnode *vp, 2548 struct label *vnodelabel, mode_t mode) 2549{ 2550 struct mac_biba *subj, *obj; 2551 2552 if (!mac_biba_enabled) 2553 return (0); 2554 2555 subj = SLOT(cred->cr_label); 2556 obj = SLOT(vnodelabel); 2557 | 2541 return (EACCES); 2542 2543 return (0); 2544} 2545 2546static int 2547mac_biba_check_vnode_setmode(struct ucred *cred, struct vnode *vp, 2548 struct label *vnodelabel, mode_t mode) 2549{ 2550 struct mac_biba *subj, *obj; 2551 2552 if (!mac_biba_enabled) 2553 return (0); 2554 2555 subj = SLOT(cred->cr_label); 2556 obj = SLOT(vnodelabel); 2557 |
| 2558 if (!mac_biba_dominate_single(subj, obj)) | 2558 if (!mac_biba_dominate_effective(subj, obj)) |
| 2559 return (EACCES); 2560 2561 return (0); 2562} 2563 2564static int 2565mac_biba_check_vnode_setowner(struct ucred *cred, struct vnode *vp, 2566 struct label *vnodelabel, uid_t uid, gid_t gid) 2567{ 2568 struct mac_biba *subj, *obj; 2569 2570 if (!mac_biba_enabled) 2571 return (0); 2572 2573 subj = SLOT(cred->cr_label); 2574 obj = SLOT(vnodelabel); 2575 | 2559 return (EACCES); 2560 2561 return (0); 2562} 2563 2564static int 2565mac_biba_check_vnode_setowner(struct ucred *cred, struct vnode *vp, 2566 struct label *vnodelabel, uid_t uid, gid_t gid) 2567{ 2568 struct mac_biba *subj, *obj; 2569 2570 if (!mac_biba_enabled) 2571 return (0); 2572 2573 subj = SLOT(cred->cr_label); 2574 obj = SLOT(vnodelabel); 2575 |
| 2576 if (!mac_biba_dominate_single(subj, obj)) | 2576 if (!mac_biba_dominate_effective(subj, obj)) |
| 2577 return (EACCES); 2578 2579 return (0); 2580} 2581 2582static int 2583mac_biba_check_vnode_setutimes(struct ucred *cred, struct vnode *vp, 2584 struct label *vnodelabel, struct timespec atime, struct timespec mtime) 2585{ 2586 struct mac_biba *subj, *obj; 2587 2588 if (!mac_biba_enabled) 2589 return (0); 2590 2591 subj = SLOT(cred->cr_label); 2592 obj = SLOT(vnodelabel); 2593 | 2577 return (EACCES); 2578 2579 return (0); 2580} 2581 2582static int 2583mac_biba_check_vnode_setutimes(struct ucred *cred, struct vnode *vp, 2584 struct label *vnodelabel, struct timespec atime, struct timespec mtime) 2585{ 2586 struct mac_biba *subj, *obj; 2587 2588 if (!mac_biba_enabled) 2589 return (0); 2590 2591 subj = SLOT(cred->cr_label); 2592 obj = SLOT(vnodelabel); 2593 |
| 2594 if (!mac_biba_dominate_single(subj, obj)) | 2594 if (!mac_biba_dominate_effective(subj, obj)) |
| 2595 return (EACCES); 2596 2597 return (0); 2598} 2599 2600static int 2601mac_biba_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred, 2602 struct vnode *vp, struct label *vnodelabel) 2603{ 2604 struct mac_biba *subj, *obj; 2605 2606 if (!mac_biba_enabled) 2607 return (0); 2608 2609 subj = SLOT(active_cred->cr_label); 2610 obj = SLOT(vnodelabel); 2611 | 2595 return (EACCES); 2596 2597 return (0); 2598} 2599 2600static int 2601mac_biba_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred, 2602 struct vnode *vp, struct label *vnodelabel) 2603{ 2604 struct mac_biba *subj, *obj; 2605 2606 if (!mac_biba_enabled) 2607 return (0); 2608 2609 subj = SLOT(active_cred->cr_label); 2610 obj = SLOT(vnodelabel); 2611 |
| 2612 if (!mac_biba_dominate_single(obj, subj)) | 2612 if (!mac_biba_dominate_effective(obj, subj)) |
| 2613 return (EACCES); 2614 2615 return (0); 2616} 2617 2618static int 2619mac_biba_check_vnode_write(struct ucred *active_cred, 2620 struct ucred *file_cred, struct vnode *vp, struct label *label) 2621{ 2622 struct mac_biba *subj, *obj; 2623 2624 if (!mac_biba_enabled || !revocation_enabled) 2625 return (0); 2626 2627 subj = SLOT(active_cred->cr_label); 2628 obj = SLOT(label); 2629 | 2613 return (EACCES); 2614 2615 return (0); 2616} 2617 2618static int 2619mac_biba_check_vnode_write(struct ucred *active_cred, 2620 struct ucred *file_cred, struct vnode *vp, struct label *label) 2621{ 2622 struct mac_biba *subj, *obj; 2623 2624 if (!mac_biba_enabled || !revocation_enabled) 2625 return (0); 2626 2627 subj = SLOT(active_cred->cr_label); 2628 obj = SLOT(label); 2629 |
| 2630 if (!mac_biba_dominate_single(subj, obj)) | 2630 if (!mac_biba_dominate_effective(subj, obj)) |
| 2631 return (EACCES); 2632 2633 return (0); 2634} 2635 2636static struct mac_policy_ops mac_biba_ops = 2637{ 2638 .mpo_init = mac_biba_init, --- 146 unchanged lines hidden --- | 2631 return (EACCES); 2632 2633 return (0); 2634} 2635 2636static struct mac_policy_ops mac_biba_ops = 2637{ 2638 .mpo_init = mac_biba_init, --- 146 unchanged lines hidden --- |