Cross Reference: /freebsd-10.0-release/sys/security/mac_biba/mac

Deleted Added

sdiff udiff text old ( 172930 ) new ( 172955 )

full compact

mac_biba.c (172930)	mac_biba.c (172955)
1/- 2 Copyright (c) 1999-2002, 2007 Robert N. M. Watson 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * Copyright (c) 2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 *	1/- 2 Copyright (c) 1999-2002, 2007 Robert N. M. Watson 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * Copyright (c) 2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 *
38 * $FreeBSD: head/sys/security/mac_biba/mac_biba.c 172930 2007-10-24 19:04:04Z rwatson $	38 * $FreeBSD: head/sys/security/mac_biba/mac_biba.c 172955 2007-10-25 11:31:11Z rwatson $
39 / 40 41/ 42 * Developed by the TrustedBSD Project. 43 * 44 * Biba fixed label mandatory integrity policy. 45 / 46 --- 40 unchanged lines hidden* (view full) --- 87#include <security/mac/mac_policy.h> 88#include <security/mac_biba/mac_biba.h> 89 90SYSCTL_DECL(_security_mac); 91 92SYSCTL_NODE(_security_mac, OID_AUTO, biba, CTLFLAG_RW, 0, 93 "TrustedBSD mac_biba policy controls"); 94	39 / 40 41/ 42 * Developed by the TrustedBSD Project. 43 * 44 * Biba fixed label mandatory integrity policy. 45 / 46 --- 40 unchanged lines hidden* (view full) --- 87#include <security/mac/mac_policy.h> 88#include <security/mac_biba/mac_biba.h> 89 90SYSCTL_DECL(_security_mac); 91 92SYSCTL_NODE(_security_mac, OID_AUTO, biba, CTLFLAG_RW, 0, 93 "TrustedBSD mac_biba policy controls"); 94
95static int mac_biba_label_size = sizeof(struct mac_biba);	95static int biba_label_size = sizeof(struct mac_biba);
96SYSCTL_INT(_security_mac_biba, OID_AUTO, label_size, CTLFLAG_RD,	96SYSCTL_INT(_security_mac_biba, OID_AUTO, label_size, CTLFLAG_RD,
97 &mac_biba_label_size, 0, "Size of struct mac_biba");	97 &biba_label_size, 0, "Size of struct mac_biba");
98	98
99static int mac_biba_enabled = 1; 100SYSCTL_INT(_security_mac_biba, OID_AUTO, enabled, CTLFLAG_RW, 101 &mac_biba_enabled, 0, "Enforce MAC/Biba policy"); 102TUNABLE_INT("security.mac.biba.enabled", &mac_biba_enabled);	99static int biba_enabled = 1; 100SYSCTL_INT(_security_mac_biba, OID_AUTO, enabled, CTLFLAG_RW, &biba_enabled, 101 0, "Enforce MAC/Biba policy"); 102TUNABLE_INT("security.mac.biba.enabled", &biba_enabled);
103 104static int destroyed_not_inited; 105SYSCTL_INT(_security_mac_biba, OID_AUTO, destroyed_not_inited, CTLFLAG_RD, 106 &destroyed_not_inited, 0, "Count of labels destroyed but not inited"); 107 108static int trust_all_interfaces = 0; 109SYSCTL_INT(_security_mac_biba, OID_AUTO, trust_all_interfaces, CTLFLAG_RD, 110 &trust_all_interfaces, 0, "Consider all interfaces 'trusted' by MAC/Biba"); --- 19 unchanged lines hidden (view full) --- 130 &interfaces_equal, 0, "Label network interfaces as biba/equal on create"); 131TUNABLE_INT("security.mac.biba.interfaces_equal", &interfaces_equal); 132 133static int revocation_enabled = 0; 134SYSCTL_INT(_security_mac_biba, OID_AUTO, revocation_enabled, CTLFLAG_RW, 135 &revocation_enabled, 0, "Revoke access to objects on relabel"); 136TUNABLE_INT("security.mac.biba.revocation_enabled", &revocation_enabled); 137	103 104static int destroyed_not_inited; 105SYSCTL_INT(_security_mac_biba, OID_AUTO, destroyed_not_inited, CTLFLAG_RD, 106 &destroyed_not_inited, 0, "Count of labels destroyed but not inited"); 107 108static int trust_all_interfaces = 0; 109SYSCTL_INT(_security_mac_biba, OID_AUTO, trust_all_interfaces, CTLFLAG_RD, 110 &trust_all_interfaces, 0, "Consider all interfaces 'trusted' by MAC/Biba"); --- 19 unchanged lines hidden (view full) --- 130 &interfaces_equal, 0, "Label network interfaces as biba/equal on create"); 131TUNABLE_INT("security.mac.biba.interfaces_equal", &interfaces_equal); 132 133static int revocation_enabled = 0; 134SYSCTL_INT(_security_mac_biba, OID_AUTO, revocation_enabled, CTLFLAG_RW, 135 &revocation_enabled, 0, "Revoke access to objects on relabel"); 136TUNABLE_INT("security.mac.biba.revocation_enabled", &revocation_enabled); 137
138static int mac_biba_slot; 139#define SLOT(l) ((struct mac_biba )mac_label_get((l), mac_biba_slot)) 140*#define SLOT_SET(l, val) mac_label_set((l), mac_biba_slot, (uintptr_t)(val))	138static int biba_slot; 139#define SLOT(l) ((struct mac_biba )mac_label_get((l), biba_slot)) 140*#define SLOT_SET(l, val) mac_label_set((l), biba_slot, (uintptr_t)(val))
141 142static uma_zone_t zone_biba; 143 144static __inline int 145biba_bit_set_empty(u_char set) { 146* int i; 147 148 for (i = 0; i < MAC_BIBA_MAX_COMPARTMENTS >> 3; i++) --- 5 unchanged lines hidden (view full) --- 154static struct mac_biba * 155biba_alloc(int flag) 156{ 157 158 return (uma_zalloc(zone_biba, flag \| M_ZERO)); 159} 160 161static void	141 142static uma_zone_t zone_biba; 143 144static __inline int 145biba_bit_set_empty(u_char set) { 146* int i; 147 148 for (i = 0; i < MAC_BIBA_MAX_COMPARTMENTS >> 3; i++) --- 5 unchanged lines hidden (view full) --- 154static struct mac_biba * 155biba_alloc(int flag) 156{ 157 158 return (uma_zalloc(zone_biba, flag \| M_ZERO)); 159} 160 161static void
162biba_free(struct mac_biba *mac_biba)	162biba_free(struct mac_biba *mb)
163{ 164	163{ 164
165 if (mac_biba != NULL) 166 uma_zfree(zone_biba, mac_biba);	165 if (mb != NULL) 166 uma_zfree(zone_biba, mb);
167 else 168 atomic_add_int(&destroyed_not_inited, 1); 169} 170 171static int	167 else 168 atomic_add_int(&destroyed_not_inited, 1); 169} 170 171static int
172biba_atmostflags(struct mac_biba *mac_biba, int flags)	172biba_atmostflags(struct mac_biba *mb, int flags)
173{ 174	173{ 174
175 if ((mac_biba->mb_flags & flags) != mac_biba->mb_flags)	175 if ((mb->mb_flags & flags) != mb->mb_flags)
176 return (EINVAL); 177 return (0); 178} 179 180static int	176 return (EINVAL); 177 return (0); 178} 179 180static int
181mac_biba_dominate_element(struct mac_biba_element a, 182* struct mac_biba_element *b)	181biba_dominate_element(struct mac_biba_element a, struct mac_biba_element b)
183{ 184 int bit; 185 186 switch (a->mbe_type) { 187 case MAC_BIBA_TYPE_EQUAL: 188 case MAC_BIBA_TYPE_HIGH: 189 return (1); 190 191 case MAC_BIBA_TYPE_LOW: 192 switch (b->mbe_type) { 193 case MAC_BIBA_TYPE_GRADE: 194 case MAC_BIBA_TYPE_HIGH: 195 return (0); 196 197 case MAC_BIBA_TYPE_EQUAL: 198 case MAC_BIBA_TYPE_LOW: 199 return (1); 200 201 default:	182{ 183 int bit; 184 185 switch (a->mbe_type) { 186 case MAC_BIBA_TYPE_EQUAL: 187 case MAC_BIBA_TYPE_HIGH: 188 return (1); 189 190 case MAC_BIBA_TYPE_LOW: 191 switch (b->mbe_type) { 192 case MAC_BIBA_TYPE_GRADE: 193 case MAC_BIBA_TYPE_HIGH: 194 return (0); 195 196 case MAC_BIBA_TYPE_EQUAL: 197 case MAC_BIBA_TYPE_LOW: 198 return (1); 199 200 default:
202 panic("mac_biba_dominate_element: b->mbe_type invalid");	201 panic("biba_dominate_element: b->mbe_type invalid");
203 } 204 205 case MAC_BIBA_TYPE_GRADE: 206 switch (b->mbe_type) { 207 case MAC_BIBA_TYPE_EQUAL: 208 case MAC_BIBA_TYPE_LOW: 209 return (1); 210 --- 4 unchanged lines hidden (view full) --- 215 for (bit = 1; bit <= MAC_BIBA_MAX_COMPARTMENTS; bit++) 216 if (!MAC_BIBA_BIT_TEST(bit, 217 a->mbe_compartments) && 218 MAC_BIBA_BIT_TEST(bit, b->mbe_compartments)) 219 return (0); 220 return (a->mbe_grade >= b->mbe_grade); 221 222 default:	202 } 203 204 case MAC_BIBA_TYPE_GRADE: 205 switch (b->mbe_type) { 206 case MAC_BIBA_TYPE_EQUAL: 207 case MAC_BIBA_TYPE_LOW: 208 return (1); 209 --- 4 unchanged lines hidden (view full) --- 214 for (bit = 1; bit <= MAC_BIBA_MAX_COMPARTMENTS; bit++) 215 if (!MAC_BIBA_BIT_TEST(bit, 216 a->mbe_compartments) && 217 MAC_BIBA_BIT_TEST(bit, b->mbe_compartments)) 218 return (0); 219 return (a->mbe_grade >= b->mbe_grade); 220 221 default:
223 panic("mac_biba_dominate_element: b->mbe_type invalid");	222 panic("biba_dominate_element: b->mbe_type invalid");
224 } 225 226 default:	223 } 224 225 default:
227 panic("mac_biba_dominate_element: a->mbe_type invalid");	226 panic("biba_dominate_element: a->mbe_type invalid");
228 } 229 230 return (0); 231} 232 233static int	227 } 228 229 return (0); 230} 231 232static int
234mac_biba_subject_dominate_high(struct mac_biba *mac_biba)	233biba_subject_dominate_high(struct mac_biba *mb)
235{ 236 struct mac_biba_element element; 237*	234{ 235 struct mac_biba_element element; 236*
238 KASSERT((mac_biba->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0, 239 ("mac_biba_effective_in_range: mac_biba not effective")); 240 element = &mac_biba->mb_effective;	237 KASSERT((mb->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0, 238 ("biba_effective_in_range: mb not effective")); 239 element = &mb->mb_effective;
241 242 return (element->mbe_type == MAC_BIBA_TYPE_EQUAL \|\| 243 element->mbe_type == MAC_BIBA_TYPE_HIGH); 244} 245 246static int	240 241 return (element->mbe_type == MAC_BIBA_TYPE_EQUAL \|\| 242 element->mbe_type == MAC_BIBA_TYPE_HIGH); 243} 244 245static int
247mac_biba_range_in_range(struct mac_biba rangea, struct mac_biba rangeb)	246biba_range_in_range(struct mac_biba rangea, struct mac_biba rangeb)
248{ 249	247{ 248
250 return (mac_biba_dominate_element(&rangeb->mb_rangehigh,	249 return (biba_dominate_element(&rangeb->mb_rangehigh,
251 &rangea->mb_rangehigh) &&	250 &rangea->mb_rangehigh) &&
252 mac_biba_dominate_element(&rangea->mb_rangelow,	251 biba_dominate_element(&rangea->mb_rangelow,
253 &rangeb->mb_rangelow)); 254} 255 256static int	252 &rangeb->mb_rangelow)); 253} 254 255static int
257mac_biba_effective_in_range(struct mac_biba effective, 258* struct mac_biba *range)	256biba_effective_in_range(struct mac_biba effective, struct mac_biba range)
259{ 260 261 KASSERT((effective->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0,	257{ 258 259 KASSERT((effective->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0,
262 ("mac_biba_effective_in_range: a not effective"));	260 ("biba_effective_in_range: a not effective"));
263 KASSERT((range->mb_flags & MAC_BIBA_FLAG_RANGE) != 0,	261 KASSERT((range->mb_flags & MAC_BIBA_FLAG_RANGE) != 0,
264 ("mac_biba_effective_in_range: b not range"));	262 ("biba_effective_in_range: b not range"));
265	263
266 return (mac_biba_dominate_element(&range->mb_rangehigh,	264 return (biba_dominate_element(&range->mb_rangehigh,
267 &effective->mb_effective) &&	265 &effective->mb_effective) &&
268 mac_biba_dominate_element(&effective->mb_effective,	266 biba_dominate_element(&effective->mb_effective,
269 &range->mb_rangelow)); 270 271 return (1); 272} 273 274static int	267 &range->mb_rangelow)); 268 269 return (1); 270} 271 272static int
275mac_biba_dominate_effective(struct mac_biba a, struct mac_biba b)	273biba_dominate_effective(struct mac_biba a, struct mac_biba b)
276{ 277 KASSERT((a->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0,	274{ 275 KASSERT((a->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0,
278 ("mac_biba_dominate_effective: a not effective"));	276 ("biba_dominate_effective: a not effective"));
279 KASSERT((b->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0,	277 KASSERT((b->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0,
280 ("mac_biba_dominate_effective: b not effective"));	278 ("biba_dominate_effective: b not effective"));
281	279
282 return (mac_biba_dominate_element(&a->mb_effective, &b->mb_effective));	280 return (biba_dominate_element(&a->mb_effective, &b->mb_effective));
283} 284 285static int	281} 282 283static int
286mac_biba_equal_element(struct mac_biba_element a, struct mac_biba_element b)	284biba_equal_element(struct mac_biba_element a, struct mac_biba_element b)
287{ 288 289 if (a->mbe_type == MAC_BIBA_TYPE_EQUAL \|\| 290 b->mbe_type == MAC_BIBA_TYPE_EQUAL) 291 return (1); 292 293 return (a->mbe_type == b->mbe_type && a->mbe_grade == b->mbe_grade); 294} 295 296static int	285{ 286 287 if (a->mbe_type == MAC_BIBA_TYPE_EQUAL \|\| 288 b->mbe_type == MAC_BIBA_TYPE_EQUAL) 289 return (1); 290 291 return (a->mbe_type == b->mbe_type && a->mbe_grade == b->mbe_grade); 292} 293 294static int
297mac_biba_equal_effective(struct mac_biba a, struct mac_biba b)	295biba_equal_effective(struct mac_biba a, struct mac_biba b)
298{ 299 300 KASSERT((a->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0,	296{ 297 298 KASSERT((a->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0,
301 ("mac_biba_equal_effective: a not effective"));	299 ("biba_equal_effective: a not effective"));
302 KASSERT((b->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0,	300 KASSERT((b->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0,
303 ("mac_biba_equal_effective: b not effective"));	301 ("biba_equal_effective: b not effective"));
304	302
305 return (mac_biba_equal_element(&a->mb_effective, &b->mb_effective));	303 return (biba_equal_element(&a->mb_effective, &b->mb_effective));
306} 307 308static int	304} 305 306static int
309mac_biba_contains_equal(struct mac_biba *mac_biba)	307biba_contains_equal(struct mac_biba *mb)
310{ 311	308{ 309
312 if (mac_biba->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) 313 if (mac_biba->mb_effective.mbe_type == MAC_BIBA_TYPE_EQUAL)	310 if (mb->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { 311 if (mb->mb_effective.mbe_type == MAC_BIBA_TYPE_EQUAL)
314 return (1);	312 return (1);
	313 }
315	314
316 if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) { 317 if (mac_biba->mb_rangelow.mbe_type == MAC_BIBA_TYPE_EQUAL)	315 if (mb->mb_flags & MAC_BIBA_FLAG_RANGE) { 316 if (mb->mb_rangelow.mbe_type == MAC_BIBA_TYPE_EQUAL)
318 return (1);	317 return (1);
319 if (mac_biba->mb_rangehigh.mbe_type == MAC_BIBA_TYPE_EQUAL)	318 if (mb->mb_rangehigh.mbe_type == MAC_BIBA_TYPE_EQUAL)
320 return (1); 321 } 322 323 return (0); 324} 325 326static int	319 return (1); 320 } 321 322 return (0); 323} 324 325static int
327mac_biba_subject_privileged(struct mac_biba *mac_biba)	326biba_subject_privileged(struct mac_biba *mb)
328{ 329	327{ 328
330 KASSERT((mac_biba->mb_flags & MAC_BIBA_FLAGS_BOTH) == 331 MAC_BIBA_FLAGS_BOTH, 332 ("mac_biba_subject_privileged: subject doesn't have both labels"));	329 KASSERT((mb->mb_flags & MAC_BIBA_FLAGS_BOTH) == MAC_BIBA_FLAGS_BOTH, 330 ("biba_subject_privileged: subject doesn't have both labels"));
333 334 /* If the effective is EQUAL, it's ok. */	331 332 /* If the effective is EQUAL, it's ok. */
335 if (mac_biba->mb_effective.mbe_type == MAC_BIBA_TYPE_EQUAL)	333 if (mb->mb_effective.mbe_type == MAC_BIBA_TYPE_EQUAL)
336 return (0); 337 338 /* If either range endpoint is EQUAL, it's ok. */	334 return (0); 335 336 /* If either range endpoint is EQUAL, it's ok. */
339 if (mac_biba->mb_rangelow.mbe_type == MAC_BIBA_TYPE_EQUAL \|\| 340 mac_biba->mb_rangehigh.mbe_type == MAC_BIBA_TYPE_EQUAL)	337 if (mb->mb_rangelow.mbe_type == MAC_BIBA_TYPE_EQUAL \|\| 338 mb->mb_rangehigh.mbe_type == MAC_BIBA_TYPE_EQUAL)
341 return (0); 342 343 /* If the range is low-high, it's ok. */	339 return (0); 340 341 /* If the range is low-high, it's ok. */
344 if (mac_biba->mb_rangelow.mbe_type == MAC_BIBA_TYPE_LOW && 345 mac_biba->mb_rangehigh.mbe_type == MAC_BIBA_TYPE_HIGH)	342 if (mb->mb_rangelow.mbe_type == MAC_BIBA_TYPE_LOW && 343 mb->mb_rangehigh.mbe_type == MAC_BIBA_TYPE_HIGH)
346 return (0); 347 348 /* It's not ok. / 349* return (EPERM); 350} 351 352static int	344 return (0); 345 346 /* It's not ok. / 347* return (EPERM); 348} 349 350static int
353mac_biba_high_effective(struct mac_biba *mac_biba)	351biba_high_effective(struct mac_biba *mb)
354{ 355	352{ 353
356 KASSERT((mac_biba->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0, 357 ("mac_biba_equal_effective: mac_biba not effective"));	354 KASSERT((mb->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0, 355 ("biba_equal_effective: mb not effective"));
358	356
359 return (mac_biba->mb_effective.mbe_type == MAC_BIBA_TYPE_HIGH);	357 return (mb->mb_effective.mbe_type == MAC_BIBA_TYPE_HIGH);
360} 361 362static int	358} 359 360static int
363mac_biba_valid(struct mac_biba *mac_biba)	361biba_valid(struct mac_biba *mb)
364{ 365	362{ 363
366 if (mac_biba->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { 367 switch (mac_biba->mb_effective.mbe_type) {	364 if (mb->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { 365 switch (mb->mb_effective.mbe_type) {
368 case MAC_BIBA_TYPE_GRADE: 369 break; 370 371 case MAC_BIBA_TYPE_EQUAL: 372 case MAC_BIBA_TYPE_HIGH: 373 case MAC_BIBA_TYPE_LOW:	366 case MAC_BIBA_TYPE_GRADE: 367 break; 368 369 case MAC_BIBA_TYPE_EQUAL: 370 case MAC_BIBA_TYPE_HIGH: 371 case MAC_BIBA_TYPE_LOW:
374 if (mac_biba->mb_effective.mbe_grade != 0 \|\|	372 if (mb->mb_effective.mbe_grade != 0 \|\|
375 !MAC_BIBA_BIT_SET_EMPTY(	373 !MAC_BIBA_BIT_SET_EMPTY(
376 mac_biba->mb_effective.mbe_compartments))	374 mb->mb_effective.mbe_compartments))
377 return (EINVAL); 378 break; 379 380 default: 381 return (EINVAL); 382 } 383 } else {	375 return (EINVAL); 376 break; 377 378 default: 379 return (EINVAL); 380 } 381 } else {
384 if (mac_biba->mb_effective.mbe_type != MAC_BIBA_TYPE_UNDEF)	382 if (mb->mb_effective.mbe_type != MAC_BIBA_TYPE_UNDEF)
385 return (EINVAL); 386 } 387	383 return (EINVAL); 384 } 385
388 if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) { 389 switch (mac_biba->mb_rangelow.mbe_type) {	386 if (mb->mb_flags & MAC_BIBA_FLAG_RANGE) { 387 switch (mb->mb_rangelow.mbe_type) {
390 case MAC_BIBA_TYPE_GRADE: 391 break; 392 393 case MAC_BIBA_TYPE_EQUAL: 394 case MAC_BIBA_TYPE_HIGH: 395 case MAC_BIBA_TYPE_LOW:	388 case MAC_BIBA_TYPE_GRADE: 389 break; 390 391 case MAC_BIBA_TYPE_EQUAL: 392 case MAC_BIBA_TYPE_HIGH: 393 case MAC_BIBA_TYPE_LOW:
396 if (mac_biba->mb_rangelow.mbe_grade != 0 \|\|	394 if (mb->mb_rangelow.mbe_grade != 0 \|\|
397 !MAC_BIBA_BIT_SET_EMPTY(	395 !MAC_BIBA_BIT_SET_EMPTY(
398 mac_biba->mb_rangelow.mbe_compartments))	396 mb->mb_rangelow.mbe_compartments))
399 return (EINVAL); 400 break; 401 402 default: 403 return (EINVAL); 404 } 405	397 return (EINVAL); 398 break; 399 400 default: 401 return (EINVAL); 402 } 403
406 switch (mac_biba->mb_rangehigh.mbe_type) {	404 switch (mb->mb_rangehigh.mbe_type) {
407 case MAC_BIBA_TYPE_GRADE: 408 break; 409 410 case MAC_BIBA_TYPE_EQUAL: 411 case MAC_BIBA_TYPE_HIGH: 412 case MAC_BIBA_TYPE_LOW:	405 case MAC_BIBA_TYPE_GRADE: 406 break; 407 408 case MAC_BIBA_TYPE_EQUAL: 409 case MAC_BIBA_TYPE_HIGH: 410 case MAC_BIBA_TYPE_LOW:
413 if (mac_biba->mb_rangehigh.mbe_grade != 0 \|\|	411 if (mb->mb_rangehigh.mbe_grade != 0 \|\|
414 !MAC_BIBA_BIT_SET_EMPTY(	412 !MAC_BIBA_BIT_SET_EMPTY(
415 mac_biba->mb_rangehigh.mbe_compartments))	413 mb->mb_rangehigh.mbe_compartments))
416 return (EINVAL); 417 break; 418 419 default: 420 return (EINVAL); 421 }	414 return (EINVAL); 415 break; 416 417 default: 418 return (EINVAL); 419 }
422 if (!mac_biba_dominate_element(&mac_biba->mb_rangehigh, 423 &mac_biba->mb_rangelow))	420 if (!biba_dominate_element(&mb->mb_rangehigh, 421 &mb->mb_rangelow))
424 return (EINVAL); 425 } else {	422 return (EINVAL); 423 } else {
426 if (mac_biba->mb_rangelow.mbe_type != MAC_BIBA_TYPE_UNDEF \|\| 427 mac_biba->mb_rangehigh.mbe_type != MAC_BIBA_TYPE_UNDEF)	424 if (mb->mb_rangelow.mbe_type != MAC_BIBA_TYPE_UNDEF \|\| 425 mb->mb_rangehigh.mbe_type != MAC_BIBA_TYPE_UNDEF)
428 return (EINVAL); 429 } 430 431 return (0); 432} 433 434static void	426 return (EINVAL); 427 } 428 429 return (0); 430} 431 432static void
435mac_biba_set_range(struct mac_biba mac_biba, u_short typelow, 436* u_short gradelow, u_char compartmentslow, u_short typehigh, 437* u_short gradehigh, u_char *compartmentshigh)	433biba_set_range(struct mac_biba mb, u_short typelow, u_short gradelow, 434* u_char compartmentslow, u_short typehigh, u_short gradehigh, 435* u_char *compartmentshigh)
438{ 439	436{ 437
440 mac_biba->mb_rangelow.mbe_type = typelow; 441 mac_biba->mb_rangelow.mbe_grade = gradelow;	438 mb->mb_rangelow.mbe_type = typelow; 439 mb->mb_rangelow.mbe_grade = gradelow;
442 if (compartmentslow != NULL)	440 if (compartmentslow != NULL)
443 memcpy(mac_biba->mb_rangelow.mbe_compartments, 444 compartmentslow, 445 sizeof(mac_biba->mb_rangelow.mbe_compartments)); 446 mac_biba->mb_rangehigh.mbe_type = typehigh; 447 mac_biba->mb_rangehigh.mbe_grade = gradehigh;	441 memcpy(mb->mb_rangelow.mbe_compartments, compartmentslow, 442 sizeof(mb->mb_rangelow.mbe_compartments)); 443 mb->mb_rangehigh.mbe_type = typehigh; 444 mb->mb_rangehigh.mbe_grade = gradehigh;
448 if (compartmentshigh != NULL)	445 if (compartmentshigh != NULL)
449 memcpy(mac_biba->mb_rangehigh.mbe_compartments, 450 compartmentshigh, 451 sizeof(mac_biba->mb_rangehigh.mbe_compartments)); 452 mac_biba->mb_flags \|= MAC_BIBA_FLAG_RANGE;	446 memcpy(mb->mb_rangehigh.mbe_compartments, compartmentshigh, 447 sizeof(mb->mb_rangehigh.mbe_compartments)); 448 mb->mb_flags \|= MAC_BIBA_FLAG_RANGE;
453} 454 455static void	449} 450 451static void
456mac_biba_set_effective(struct mac_biba *mac_biba, u_short type, u_short grade,	452biba_set_effective(struct mac_biba *mb, u_short type, u_short grade,
457 u_char compartments) 458{ 459*	453 u_char compartments) 454{ 455*
460 mac_biba->mb_effective.mbe_type = type; 461 mac_biba->mb_effective.mbe_grade = grade;	456 mb->mb_effective.mbe_type = type; 457 mb->mb_effective.mbe_grade = grade;
462 if (compartments != NULL)	458 if (compartments != NULL)
463 memcpy(mac_biba->mb_effective.mbe_compartments, compartments, 464 sizeof(mac_biba->mb_effective.mbe_compartments)); 465 mac_biba->mb_flags \|= MAC_BIBA_FLAG_EFFECTIVE;	459 memcpy(mb->mb_effective.mbe_compartments, compartments, 460 sizeof(mb->mb_effective.mbe_compartments)); 461 mb->mb_flags \|= MAC_BIBA_FLAG_EFFECTIVE;
466} 467 468static void	462} 463 464static void
469mac_biba_copy_range(struct mac_biba labelfrom, struct mac_biba labelto)	465biba_copy_range(struct mac_biba labelfrom, struct mac_biba labelto)
470{ 471 472 KASSERT((labelfrom->mb_flags & MAC_BIBA_FLAG_RANGE) != 0,	466{ 467 468 KASSERT((labelfrom->mb_flags & MAC_BIBA_FLAG_RANGE) != 0,
473 ("mac_biba_copy_range: labelfrom not range"));	469 ("biba_copy_range: labelfrom not range"));
474 475 labelto->mb_rangelow = labelfrom->mb_rangelow; 476 labelto->mb_rangehigh = labelfrom->mb_rangehigh; 477 labelto->mb_flags \|= MAC_BIBA_FLAG_RANGE; 478} 479 480static void	470 471 labelto->mb_rangelow = labelfrom->mb_rangelow; 472 labelto->mb_rangehigh = labelfrom->mb_rangehigh; 473 labelto->mb_flags \|= MAC_BIBA_FLAG_RANGE; 474} 475 476static void
481mac_biba_copy_effective(struct mac_biba labelfrom, struct mac_biba labelto)	477biba_copy_effective(struct mac_biba labelfrom, struct mac_biba labelto)
482{ 483 484 KASSERT((labelfrom->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0,	478{ 479 480 KASSERT((labelfrom->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) != 0,
485 ("mac_biba_copy_effective: labelfrom not effective"));	481 ("biba_copy_effective: labelfrom not effective"));
486 487 labelto->mb_effective = labelfrom->mb_effective; 488 labelto->mb_flags \|= MAC_BIBA_FLAG_EFFECTIVE; 489} 490 491static void	482 483 labelto->mb_effective = labelfrom->mb_effective; 484 labelto->mb_flags \|= MAC_BIBA_FLAG_EFFECTIVE; 485} 486 487static void
492mac_biba_copy(struct mac_biba source, struct mac_biba dest)	488biba_copy(struct mac_biba source, struct mac_biba dest)
493{ 494 495 if (source->mb_flags & MAC_BIBA_FLAG_EFFECTIVE)	489{ 490 491 if (source->mb_flags & MAC_BIBA_FLAG_EFFECTIVE)
496 mac_biba_copy_effective(source, dest);	492 biba_copy_effective(source, dest);
497 if (source->mb_flags & MAC_BIBA_FLAG_RANGE)	493 if (source->mb_flags & MAC_BIBA_FLAG_RANGE)
498 mac_biba_copy_range(source, dest);	494 biba_copy_range(source, dest);
499} 500 501/* 502 * Policy module operations. 503 / 504*static void	495} 496 497/* 498 * Policy module operations. 499 / 500*static void
505mac_biba_init(struct mac_policy_conf *conf)	501biba_init(struct mac_policy_conf *conf)
506{ 507 508 zone_biba = uma_zcreate("mac_biba", sizeof(struct mac_biba), NULL, 509 NULL, NULL, NULL, UMA_ALIGN_PTR, 0); 510} 511 512/* 513 * Label operations. 514 / 515*static void	502{ 503 504 zone_biba = uma_zcreate("mac_biba", sizeof(struct mac_biba), NULL, 505 NULL, NULL, NULL, UMA_ALIGN_PTR, 0); 506} 507 508/* 509 * Label operations. 510 / 511*static void
516mac_biba_init_label(struct label *label)	512biba_init_label(struct label *label)
517{ 518 519 SLOT_SET(label, biba_alloc(M_WAITOK)); 520} 521 522static int	513{ 514 515 SLOT_SET(label, biba_alloc(M_WAITOK)); 516} 517 518static int
523mac_biba_init_label_waitcheck(struct label *label, int flag)	519biba_init_label_waitcheck(struct label *label, int flag)
524{ 525 526 SLOT_SET(label, biba_alloc(flag)); 527 if (SLOT(label) == NULL) 528 return (ENOMEM); 529 530 return (0); 531} 532 533static void	520{ 521 522 SLOT_SET(label, biba_alloc(flag)); 523 if (SLOT(label) == NULL) 524 return (ENOMEM); 525 526 return (0); 527} 528 529static void
534mac_biba_destroy_label(struct label *label)	530biba_destroy_label(struct label *label)
535{ 536 537 biba_free(SLOT(label)); 538 SLOT_SET(label, NULL); 539} 540 541/*	531{ 532 533 biba_free(SLOT(label)); 534 SLOT_SET(label, NULL); 535} 536 537/*
542 * mac_biba_element_to_string() accepts an sbuf and Biba element. It 543 * converts the Biba element to a string and stores the result in the 544 * sbuf; if there isn't space in the sbuf, -1 is returned.	538 * biba_element_to_string() accepts an sbuf and Biba element. It converts 539 * the Biba element to a string and stores the result in the sbuf; if there 540 * isn't space in the sbuf, -1 is returned.
545 / 546*static int	541 / 542*static int
547mac_biba_element_to_string(struct sbuf sb, struct mac_biba_element element)	543biba_element_to_string(struct sbuf sb, struct mac_biba_element element)
548{ 549 int i, first; 550 551 switch (element->mbe_type) { 552 case MAC_BIBA_TYPE_HIGH: 553 return (sbuf_printf(sb, "high")); 554 555 case MAC_BIBA_TYPE_LOW: --- 19 unchanged lines hidden (view full) --- 575 if (sbuf_printf(sb, "+%d", i) == -1) 576 return (-1); 577 } 578 } 579 } 580 return (0); 581 582 default:	544{ 545 int i, first; 546 547 switch (element->mbe_type) { 548 case MAC_BIBA_TYPE_HIGH: 549 return (sbuf_printf(sb, "high")); 550 551 case MAC_BIBA_TYPE_LOW: --- 19 unchanged lines hidden (view full) --- 571 if (sbuf_printf(sb, "+%d", i) == -1) 572 return (-1); 573 } 574 } 575 } 576 return (0); 577 578 default:
583 panic("mac_biba_element_to_string: invalid type (%d)",	579 panic("biba_element_to_string: invalid type (%d)",
584 element->mbe_type); 585 } 586} 587 588/*	580 element->mbe_type); 581 } 582} 583 584/*
589 * mac_biba_to_string() converts a Biba label to a string, and places 590 * the results in the passed sbuf. It returns 0 on success, or EINVAL 591 * if there isn't room in the sbuf. Note: the sbuf will be modified 592 * even in a failure case, so the caller may need to revert the sbuf 593 * by restoring the offset if that's undesired.	585 * biba_to_string() converts a Biba label to a string, and places the results 586 * in the passed sbuf. It returns 0 on success, or EINVAL if there isn't 587 * room in the sbuf. Note: the sbuf will be modified even in a failure case, 588 * so the caller may need to revert the sbuf by restoring the offset if 589 * that's undesired.
594 / 595*static int	590 / 591*static int
596mac_biba_to_string(struct sbuf sb, struct mac_biba mac_biba)	592biba_to_string(struct sbuf sb, struct mac_biba mb)
597{ 598	593{ 594
599 if (mac_biba->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { 600 if (mac_biba_element_to_string(sb, &mac_biba->mb_effective) 601 == -1)	595 if (mb->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { 596 if (biba_element_to_string(sb, &mb->mb_effective) == -1)
602 return (EINVAL); 603 } 604	597 return (EINVAL); 598 } 599
605 if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) {	600 if (mb->mb_flags & MAC_BIBA_FLAG_RANGE) {
606 if (sbuf_putc(sb, '(') == -1) 607 return (EINVAL); 608	601 if (sbuf_putc(sb, '(') == -1) 602 return (EINVAL); 603
609 if (mac_biba_element_to_string(sb, &mac_biba->mb_rangelow) 610 == -1)	604 if (biba_element_to_string(sb, &mb->mb_rangelow) == -1)
611 return (EINVAL); 612 613 if (sbuf_putc(sb, '-') == -1) 614 return (EINVAL); 615	605 return (EINVAL); 606 607 if (sbuf_putc(sb, '-') == -1) 608 return (EINVAL); 609
616 if (mac_biba_element_to_string(sb, &mac_biba->mb_rangehigh) 617 == -1)	610 if (biba_element_to_string(sb, &mb->mb_rangehigh) == -1)
618 return (EINVAL); 619 620 if (sbuf_putc(sb, ')') == -1) 621 return (EINVAL); 622 } 623 624 return (0); 625} 626 627static int	611 return (EINVAL); 612 613 if (sbuf_putc(sb, ')') == -1) 614 return (EINVAL); 615 } 616 617 return (0); 618} 619 620static int
628mac_biba_externalize_label(struct label label, char element_name,	621biba_externalize_label(struct label label, char element_name,
629 struct sbuf sb, int claimed) 630{	622 struct sbuf sb, int claimed) 623{
631 struct mac_biba *mac_biba;	624 struct mac_biba *mb;
632 633 if (strcmp(MAC_BIBA_LABEL_NAME, element_name) != 0) 634 return (0); 635 636 (claimed)++; 637*	625 626 if (strcmp(MAC_BIBA_LABEL_NAME, element_name) != 0) 627 return (0); 628 629 (claimed)++; 630*
638 mac_biba = SLOT(label); 639 return (mac_biba_to_string(sb, mac_biba));	631 mb = SLOT(label); 632 return (biba_to_string(sb, mb));
640} 641 642static int	633} 634 635static int
643mac_biba_parse_element(struct mac_biba_element element, char string)	636biba_parse_element(struct mac_biba_element element, char string)
644{ 645 char compartment, end, grade; 646* int value; 647 648 if (strcmp(string, "high") == 0 \|\| 649 strcmp(string, "hi") == 0) { 650 element->mbe_type = MAC_BIBA_TYPE_HIGH; 651 element->mbe_grade = MAC_BIBA_TYPE_UNDEF; --- 42 unchanged lines hidden (view full) --- 694 return (0); 695} 696 697/* 698 * Note: destructively consumes the string, make a local copy before 699 * calling if that's a problem. 700 / 701*static int	637{ 638 char compartment, end, grade; 639* int value; 640 641 if (strcmp(string, "high") == 0 \|\| 642 strcmp(string, "hi") == 0) { 643 element->mbe_type = MAC_BIBA_TYPE_HIGH; 644 element->mbe_grade = MAC_BIBA_TYPE_UNDEF; --- 42 unchanged lines hidden (view full) --- 687 return (0); 688} 689 690/* 691 * Note: destructively consumes the string, make a local copy before 692 * calling if that's a problem. 693 / 694*static int
702mac_biba_parse(struct mac_biba mac_biba, char string)	695biba_parse(struct mac_biba mb, char string)
703{ 704 char rangehigh, rangelow, effective; 705* int error; 706 707 effective = strsep(&string, "("); 708 if (effective == '\0') 709* effective = NULL; 710 --- 8 unchanged lines hidden (view full) --- 719 return (EINVAL); 720 } else { 721 rangelow = NULL; 722 rangehigh = NULL; 723 } 724 725 KASSERT((rangelow != NULL && rangehigh != NULL) \|\| 726 (rangelow == NULL && rangehigh == NULL),	696{ 697 char rangehigh, rangelow, effective; 698* int error; 699 700 effective = strsep(&string, "("); 701 if (effective == '\0') 702* effective = NULL; 703 --- 8 unchanged lines hidden (view full) --- 712 return (EINVAL); 713 } else { 714 rangelow = NULL; 715 rangehigh = NULL; 716 } 717 718 KASSERT((rangelow != NULL && rangehigh != NULL) \|\| 719 (rangelow == NULL && rangehigh == NULL),
727 ("mac_biba_parse: range mismatch"));	720 ("biba_parse: range mismatch"));
728	721
729 bzero(mac_biba, sizeof(*mac_biba));	722 bzero(mb, sizeof(*mb));
730 if (effective != NULL) {	723 if (effective != NULL) {
731 error = mac_biba_parse_element(&mac_biba->mb_effective, effective);	724 error = biba_parse_element(&mb->mb_effective, effective);
732 if (error) 733 return (error);	725 if (error) 726 return (error);
734 mac_biba->mb_flags \|= MAC_BIBA_FLAG_EFFECTIVE;	727 mb->mb_flags \|= MAC_BIBA_FLAG_EFFECTIVE;
735 } 736 737 if (rangelow != NULL) {	728 } 729 730 if (rangelow != NULL) {
738 error = mac_biba_parse_element(&mac_biba->mb_rangelow, 739 rangelow);	731 error = biba_parse_element(&mb->mb_rangelow, rangelow);
740 if (error) 741 return (error);	732 if (error) 733 return (error);
742 error = mac_biba_parse_element(&mac_biba->mb_rangehigh, 743 rangehigh);	734 error = biba_parse_element(&mb->mb_rangehigh, rangehigh);
744 if (error) 745 return (error);	735 if (error) 736 return (error);
746 mac_biba->mb_flags \|= MAC_BIBA_FLAG_RANGE;	737 mb->mb_flags \|= MAC_BIBA_FLAG_RANGE;
747 } 748	738 } 739
749 error = mac_biba_valid(mac_biba);	740 error = biba_valid(mb);
750 if (error) 751 return (error); 752 753 return (0); 754} 755 756static int	741 if (error) 742 return (error); 743 744 return (0); 745} 746 747static int
757mac_biba_internalize_label(struct label label, char element_name,	748biba_internalize_label(struct label label, char element_name,
758 char element_data, int claimed) 759{	749 char element_data, int claimed) 750{
760 struct mac_biba *mac_biba, mac_biba_temp;	751 struct mac_biba *mb, mb_temp;
761 int error; 762 763 if (strcmp(MAC_BIBA_LABEL_NAME, element_name) != 0) 764 return (0); 765 766 (claimed)++; 767*	752 int error; 753 754 if (strcmp(MAC_BIBA_LABEL_NAME, element_name) != 0) 755 return (0); 756 757 (claimed)++; 758*
768 error = mac_biba_parse(&mac_biba_temp, element_data);	759 error = biba_parse(&mb_temp, element_data);
769 if (error) 770 return (error); 771	760 if (error) 761 return (error); 762
772 mac_biba = SLOT(label); 773 *mac_biba = mac_biba_temp;	763 mb = SLOT(label); 764 *mb = mb_temp;
774 775 return (0); 776} 777 778static void	765 766 return (0); 767} 768 769static void
779mac_biba_copy_label(struct label src, struct label dest)	770biba_copy_label(struct label src, struct label dest)
780{ 781 782 SLOT(dest) = SLOT(src); 783} 784 785/*	771{ 772 773 SLOT(dest) = SLOT(src); 774} 775 776/*
786 * Labeling event operations: file system objects, and things that look 787 * a lot like file system objects.	777 * Labeling event operations: file system objects, and things that look a lot 778 * like file system objects.
788 / 789*static void	779 / 780*static void
790mac_biba_devfs_create_device(struct ucred cred, struct mount mp,	781biba_devfs_create_device(struct ucred cred, struct mount mp,
791 struct cdev dev, struct devfs_dirent de, struct label delabel) 792*{	782 struct cdev dev, struct devfs_dirent de, struct label delabel) 783*{
793 struct mac_biba *mac_biba;	784 struct mac_biba *mb;
794 int biba_type; 795	785 int biba_type; 786
796 mac_biba = SLOT(delabel);	787 mb = SLOT(delabel);
797 if (strcmp(dev->si_name, "null") == 0 \|\| 798 strcmp(dev->si_name, "zero") == 0 \|\| 799 strcmp(dev->si_name, "random") == 0 \|\| 800 strncmp(dev->si_name, "fd/", strlen("fd/")) == 0) 801 biba_type = MAC_BIBA_TYPE_EQUAL; 802 else if (ptys_equal && 803 (strncmp(dev->si_name, "ttyp", strlen("ttyp")) == 0 \|\| 804 strncmp(dev->si_name, "ptyp", strlen("ptyp")) == 0)) 805 biba_type = MAC_BIBA_TYPE_EQUAL; 806 else 807 biba_type = MAC_BIBA_TYPE_HIGH;	788 if (strcmp(dev->si_name, "null") == 0 \|\| 789 strcmp(dev->si_name, "zero") == 0 \|\| 790 strcmp(dev->si_name, "random") == 0 \|\| 791 strncmp(dev->si_name, "fd/", strlen("fd/")) == 0) 792 biba_type = MAC_BIBA_TYPE_EQUAL; 793 else if (ptys_equal && 794 (strncmp(dev->si_name, "ttyp", strlen("ttyp")) == 0 \|\| 795 strncmp(dev->si_name, "ptyp", strlen("ptyp")) == 0)) 796 biba_type = MAC_BIBA_TYPE_EQUAL; 797 else 798 biba_type = MAC_BIBA_TYPE_HIGH;
808 mac_biba_set_effective(mac_biba, biba_type, 0, NULL);	799 biba_set_effective(mb, biba_type, 0, NULL);
809} 810 811static void	800} 801 802static void
812mac_biba_devfs_create_directory(struct mount mp, char dirname, 813 int dirnamelen, struct devfs_dirent de, struct label delabel)	803biba_devfs_create_directory(struct mount mp, char dirname, int dirnamelen, 804 struct devfs_dirent de, struct label delabel)
814{	805{
815 struct mac_biba *mac_biba;	806 struct mac_biba *mb;
816	807
817 mac_biba = SLOT(delabel); 818 mac_biba_set_effective(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL);	808 mb = SLOT(delabel); 809 810 biba_set_effective(mb, MAC_BIBA_TYPE_HIGH, 0, NULL);
819} 820 821static void	811} 812 813static void
822mac_biba_devfs_create_symlink(struct ucred cred, struct mount mp,	814biba_devfs_create_symlink(struct ucred cred, struct mount mp,
823 struct devfs_dirent dd, struct label ddlabel, struct devfs_dirent de, 824* struct label delabel) 825{ 826* struct mac_biba source, dest; 827 828 source = SLOT(cred->cr_label); 829 dest = SLOT(delabel); 830	815 struct devfs_dirent dd, struct label ddlabel, struct devfs_dirent de, 816* struct label delabel) 817{ 818* struct mac_biba source, dest; 819 820 source = SLOT(cred->cr_label); 821 dest = SLOT(delabel); 822
831 mac_biba_copy_effective(source, dest);	823 biba_copy_effective(source, dest);
832} 833 834static void	824} 825 826static void
835mac_biba_mount_create(struct ucred cred, struct mount mp,	827biba_mount_create(struct ucred cred, struct mount mp,
836 struct label mplabel) 837{ 838* struct mac_biba source, dest; 839 840 source = SLOT(cred->cr_label); 841 dest = SLOT(mplabel);	828 struct label mplabel) 829{ 830* struct mac_biba source, dest; 831 832 source = SLOT(cred->cr_label); 833 dest = SLOT(mplabel);
842 mac_biba_copy_effective(source, dest);	834 835 biba_copy_effective(source, dest);
843} 844 845static void	836} 837 838static void
846mac_biba_vnode_relabel(struct ucred cred, struct vnode vp,	839biba_vnode_relabel(struct ucred cred, struct vnode vp,
847 struct label vplabel, struct label newlabel) 848{ 849 struct mac_biba source, dest; 850 851 source = SLOT(newlabel); 852 dest = SLOT(vplabel); 853	840 struct label vplabel, struct label newlabel) 841{ 842 struct mac_biba source, dest; 843 844 source = SLOT(newlabel); 845 dest = SLOT(vplabel); 846
854 mac_biba_copy(source, dest);	847 biba_copy(source, dest);
855} 856 857static void	848} 849 850static void
858mac_biba_devfs_update(struct mount mp, struct devfs_dirent de,	851biba_devfs_update(struct mount mp, struct devfs_dirent de,
859 struct label delabel, struct vnode vp, struct label vplabel) 860{ 861* struct mac_biba source, dest; 862 863 source = SLOT(vplabel); 864 dest = SLOT(delabel); 865	852 struct label delabel, struct vnode vp, struct label vplabel) 853{ 854* struct mac_biba source, dest; 855 856 source = SLOT(vplabel); 857 dest = SLOT(delabel); 858
866 mac_biba_copy(source, dest);	859 biba_copy(source, dest);
867} 868 869static void	860} 861 862static void
870mac_biba_devfs_vnode_associate(struct mount mp, struct label mntlabel,	863biba_devfs_vnode_associate(struct mount mp, struct label mntlabel,
871 struct devfs_dirent de, struct label delabel, struct vnode vp, 872* struct label vplabel) 873{ 874* struct mac_biba source, dest; 875 876 source = SLOT(delabel); 877 dest = SLOT(vplabel); 878	864 struct devfs_dirent de, struct label delabel, struct vnode vp, 865* struct label vplabel) 866{ 867* struct mac_biba source, dest; 868 869 source = SLOT(delabel); 870 dest = SLOT(vplabel); 871
879 mac_biba_copy_effective(source, dest);	872 biba_copy_effective(source, dest);
880} 881 882static int	873} 874 875static int
883mac_biba_vnode_associate_extattr(struct mount mp, struct label mplabel,	876biba_vnode_associate_extattr(struct mount mp, struct label mplabel,
884 struct vnode vp, struct label vplabel) 885{	877 struct vnode vp, struct label vplabel) 878{
886 struct mac_biba temp, source, dest;	879 struct mac_biba mb_temp, source, dest;
887 int buflen, error; 888 889 source = SLOT(mplabel); 890 dest = SLOT(vplabel); 891	880 int buflen, error; 881 882 source = SLOT(mplabel); 883 dest = SLOT(vplabel); 884
892 buflen = sizeof(temp); 893 bzero(&temp, buflen);	885 buflen = sizeof(mb_temp); 886 bzero(&mb_temp, buflen);
894 895 error = vn_extattr_get(vp, IO_NODELOCKED, MAC_BIBA_EXTATTR_NAMESPACE,	887 888 error = vn_extattr_get(vp, IO_NODELOCKED, MAC_BIBA_EXTATTR_NAMESPACE,
896 MAC_BIBA_EXTATTR_NAME, &buflen, (char *) &temp, curthread);	889 MAC_BIBA_EXTATTR_NAME, &buflen, (char *) &mb_temp, curthread);
897 if (error == ENOATTR \|\| error == EOPNOTSUPP) { 898 /* Fall back to the mntlabel. */	890 if (error == ENOATTR \|\| error == EOPNOTSUPP) { 891 /* Fall back to the mntlabel. */
899 mac_biba_copy_effective(source, dest);	892 biba_copy_effective(source, dest);
900 return (0); 901 } else if (error) 902 return (error); 903	893 return (0); 894 } else if (error) 895 return (error); 896
904 if (buflen != sizeof(temp)) { 905 printf("mac_biba_vnode_associate_extattr: bad size %d\n",	897 if (buflen != sizeof(mb_temp)) { 898 printf("biba_vnode_associate_extattr: bad size %d\n",
906 buflen); 907 return (EPERM); 908 }	899 buflen); 900 return (EPERM); 901 }
909 if (mac_biba_valid(&temp) != 0) { 910 printf("mac_biba_vnode_associate_extattr: invalid\n");	902 if (biba_valid(&mb_temp) != 0) { 903 printf("biba_vnode_associate_extattr: invalid\n");
911 return (EPERM); 912 }	904 return (EPERM); 905 }
913 if ((temp.mb_flags & MAC_BIBA_FLAGS_BOTH) != MAC_BIBA_FLAG_EFFECTIVE) { 914 printf("mac_biba_vnode_associate_extattr: not effective\n");	906 if ((mb_temp.mb_flags & MAC_BIBA_FLAGS_BOTH) != 907 MAC_BIBA_FLAG_EFFECTIVE) { 908 printf("biba_vnode_associate_extattr: not effective\n");
915 return (EPERM); 916 } 917	909 return (EPERM); 910 } 911
918 mac_biba_copy_effective(&temp, dest);	912 biba_copy_effective(&mb_temp, dest);
919 return (0); 920} 921 922static void	913 return (0); 914} 915 916static void
923mac_biba_vnode_associate_singlelabel(struct mount mp, 924* struct label mplabel, struct vnode vp, struct label *vplabel)	917biba_vnode_associate_singlelabel(struct mount mp, struct label mplabel, 918 struct vnode vp, struct label vplabel)
925{ 926 struct mac_biba source, dest; 927 928 source = SLOT(mplabel); 929 dest = SLOT(vplabel); 930	919{ 920 struct mac_biba source, dest; 921 922 source = SLOT(mplabel); 923 dest = SLOT(vplabel); 924
931 mac_biba_copy_effective(source, dest);	925 biba_copy_effective(source, dest);
932} 933 934static int	926} 927 928static int
935mac_biba_vnode_create_extattr(struct ucred cred, struct mount mp,	929biba_vnode_create_extattr(struct ucred cred, struct mount mp,
936 struct label mplabel, struct vnode dvp, struct label dvplabel, 937* struct vnode vp, struct label vplabel, struct componentname cnp) 938*{	930 struct label mplabel, struct vnode dvp, struct label dvplabel, 931* struct vnode vp, struct label vplabel, struct componentname cnp) 932*{
939 struct mac_biba source, dest, temp;	933 struct mac_biba source, dest, mb_temp;
940 size_t buflen; 941 int error; 942	934 size_t buflen; 935 int error; 936
943 buflen = sizeof(temp); 944 bzero(&temp, buflen);	937 buflen = sizeof(mb_temp); 938 bzero(&mb_temp, buflen);
945 946 source = SLOT(cred->cr_label); 947 dest = SLOT(vplabel);	939 940 source = SLOT(cred->cr_label); 941 dest = SLOT(vplabel);
948 mac_biba_copy_effective(source, &temp);	942 biba_copy_effective(source, &mb_temp);
949 950 error = vn_extattr_set(vp, IO_NODELOCKED, MAC_BIBA_EXTATTR_NAMESPACE,	943 944 error = vn_extattr_set(vp, IO_NODELOCKED, MAC_BIBA_EXTATTR_NAMESPACE,
951 MAC_BIBA_EXTATTR_NAME, buflen, (char *) &temp, curthread);	945 MAC_BIBA_EXTATTR_NAME, buflen, (char *) &mb_temp, curthread);
952 if (error == 0)	946 if (error == 0)
953 mac_biba_copy_effective(source, dest);	947 biba_copy_effective(source, dest);
954 return (error); 955} 956 957static int	948 return (error); 949} 950 951static int
958mac_biba_vnode_setlabel_extattr(struct ucred cred, struct vnode vp,	952biba_vnode_setlabel_extattr(struct ucred cred, struct vnode vp,
959 struct label vplabel, struct label intlabel) 960{	953 struct label vplabel, struct label intlabel) 954{
961 struct mac_biba *source, temp;	955 struct mac_biba *source, mb_temp;
962 size_t buflen; 963 int error; 964	956 size_t buflen; 957 int error; 958
965 buflen = sizeof(temp); 966 bzero(&temp, buflen);	959 buflen = sizeof(mb_temp); 960 bzero(&mb_temp, buflen);
967 968 source = SLOT(intlabel); 969 if ((source->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) == 0) 970 return (0); 971	961 962 source = SLOT(intlabel); 963 if ((source->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) == 0) 964 return (0); 965
972 mac_biba_copy_effective(source, &temp);	966 biba_copy_effective(source, &mb_temp);
973 974 error = vn_extattr_set(vp, IO_NODELOCKED, MAC_BIBA_EXTATTR_NAMESPACE,	967 968 error = vn_extattr_set(vp, IO_NODELOCKED, MAC_BIBA_EXTATTR_NAMESPACE,
975 MAC_BIBA_EXTATTR_NAME, buflen, (char *) &temp, curthread);	969 MAC_BIBA_EXTATTR_NAME, buflen, (char *) &mb_temp, curthread);
976 return (error); 977} 978 979/* 980 * Labeling event operations: IPC object. 981 / 982*static void	970 return (error); 971} 972 973/* 974 * Labeling event operations: IPC object. 975 / 976*static void
983mac_biba_inpcb_create(struct socket so, struct label solabel,	977biba_inpcb_create(struct socket so, struct label solabel,
984 struct inpcb inp, struct label inplabel) 985{ 986 struct mac_biba source, dest; 987 988 source = SLOT(solabel); 989 dest = SLOT(inplabel); 990	978 struct inpcb inp, struct label inplabel) 979{ 980 struct mac_biba source, dest; 981 982 source = SLOT(solabel); 983 dest = SLOT(inplabel); 984
991 mac_biba_copy_effective(source, dest);	985 biba_copy_effective(source, dest);
992} 993 994static void	986} 987 988static void
995mac_biba_socket_create_mbuf(struct socket so, struct label solabel,	989biba_socket_create_mbuf(struct socket so, struct label solabel,
996 struct mbuf m, struct label mlabel) 997{ 998 struct mac_biba source, dest; 999 1000 source = SLOT(solabel); 1001 dest = SLOT(mlabel); 1002	990 struct mbuf m, struct label mlabel) 991{ 992 struct mac_biba source, dest; 993 994 source = SLOT(solabel); 995 dest = SLOT(mlabel); 996
1003 mac_biba_copy_effective(source, dest);	997 biba_copy_effective(source, dest);
1004} 1005 1006static void	998} 999 1000static void
1007mac_biba_socket_create(struct ucred cred, struct socket so,	1001biba_socket_create(struct ucred cred, struct socket so,
1008 struct label solabel) 1009{ 1010* struct mac_biba source, dest; 1011 1012 source = SLOT(cred->cr_label); 1013 dest = SLOT(solabel); 1014	1002 struct label solabel) 1003{ 1004* struct mac_biba source, dest; 1005 1006 source = SLOT(cred->cr_label); 1007 dest = SLOT(solabel); 1008
1015 mac_biba_copy_effective(source, dest);	1009 biba_copy_effective(source, dest);
1016} 1017 1018static void	1010} 1011 1012static void
1019mac_biba_pipe_create(struct ucred cred, struct pipepair pp,	1013biba_pipe_create(struct ucred cred, struct pipepair pp,
1020 struct label pplabel) 1021{ 1022* struct mac_biba source, dest; 1023 1024 source = SLOT(cred->cr_label); 1025 dest = SLOT(pplabel); 1026	1014 struct label pplabel) 1015{ 1016* struct mac_biba source, dest; 1017 1018 source = SLOT(cred->cr_label); 1019 dest = SLOT(pplabel); 1020
1027 mac_biba_copy_effective(source, dest);	1021 biba_copy_effective(source, dest);
1028} 1029 1030static void	1022} 1023 1024static void
1031mac_biba_posixsem_create(struct ucred cred, struct ksem ks,	1025biba_posixsem_create(struct ucred cred, struct ksem ks,
1032 struct label kslabel) 1033{ 1034* struct mac_biba source, dest; 1035 1036 source = SLOT(cred->cr_label); 1037 dest = SLOT(kslabel); 1038	1026 struct label kslabel) 1027{ 1028* struct mac_biba source, dest; 1029 1030 source = SLOT(cred->cr_label); 1031 dest = SLOT(kslabel); 1032
1039 mac_biba_copy_effective(source, dest);	1033 biba_copy_effective(source, dest);
1040} 1041 1042static void	1034} 1035 1036static void
1043mac_biba_socket_newconn(struct socket oldso, struct label oldsolabel,	1037biba_socket_newconn(struct socket oldso, struct label oldsolabel,
1044 struct socket newso, struct label newsolabel) 1045{ 1046 struct mac_biba source, dest; 1047 1048 source = SLOT(oldsolabel); 1049 dest = SLOT(newsolabel); 1050	1038 struct socket newso, struct label newsolabel) 1039{ 1040 struct mac_biba source, dest; 1041 1042 source = SLOT(oldsolabel); 1043 dest = SLOT(newsolabel); 1044
1051 mac_biba_copy_effective(source, dest);	1045 biba_copy_effective(source, dest);
1052} 1053 1054static void	1046} 1047 1048static void
1055mac_biba_socket_relabel(struct ucred cred, struct socket so,	1049biba_socket_relabel(struct ucred cred, struct socket so,
1056 struct label solabel, struct label newlabel) 1057{ 1058 struct mac_biba source, dest; 1059 1060 source = SLOT(newlabel); 1061 dest = SLOT(solabel); 1062	1050 struct label solabel, struct label newlabel) 1051{ 1052 struct mac_biba source, dest; 1053 1054 source = SLOT(newlabel); 1055 dest = SLOT(solabel); 1056
1063 mac_biba_copy(source, dest);	1057 biba_copy(source, dest);
1064} 1065 1066static void	1058} 1059 1060static void
1067mac_biba_pipe_relabel(struct ucred cred, struct pipepair pp,	1061biba_pipe_relabel(struct ucred cred, struct pipepair pp,
1068 struct label pplabel, struct label newlabel) 1069{ 1070 struct mac_biba source, dest; 1071 1072 source = SLOT(newlabel); 1073 dest = SLOT(pplabel); 1074	1062 struct label pplabel, struct label newlabel) 1063{ 1064 struct mac_biba source, dest; 1065 1066 source = SLOT(newlabel); 1067 dest = SLOT(pplabel); 1068
1075 mac_biba_copy(source, dest);	1069 biba_copy(source, dest);
1076} 1077 1078static void	1070} 1071 1072static void
1079mac_biba_socketpeer_set_from_mbuf(struct mbuf m, struct label mlabel,	1073biba_socketpeer_set_from_mbuf(struct mbuf m, struct label mlabel,
1080 struct socket so, struct label sopeerlabel) 1081{ 1082 struct mac_biba source, dest; 1083 1084 source = SLOT(mlabel); 1085 dest = SLOT(sopeerlabel); 1086	1074 struct socket so, struct label sopeerlabel) 1075{ 1076 struct mac_biba source, dest; 1077 1078 source = SLOT(mlabel); 1079 dest = SLOT(sopeerlabel); 1080
1087 mac_biba_copy_effective(source, dest);	1081 biba_copy_effective(source, dest);
1088} 1089 1090/* 1091 * Labeling event operations: System V IPC objects. 1092 / 1093*static void	1082} 1083 1084/* 1085 * Labeling event operations: System V IPC objects. 1086 / 1087*static void
1094mac_biba_sysvmsg_create(struct ucred cred, struct msqid_kernel msqkptr,	1088biba_sysvmsg_create(struct ucred cred, struct msqid_kernel msqkptr,
1095 struct label msqlabel, struct msg msgptr, struct label msglabel) 1096{ 1097* struct mac_biba source, dest; 1098 1099 /* Ignore the msgq label / 1100* source = SLOT(cred->cr_label); 1101 dest = SLOT(msglabel); 1102	1089 struct label msqlabel, struct msg msgptr, struct label msglabel) 1090{ 1091* struct mac_biba source, dest; 1092 1093 /* Ignore the msgq label / 1094* source = SLOT(cred->cr_label); 1095 dest = SLOT(msglabel); 1096
1103 mac_biba_copy_effective(source, dest);	1097 biba_copy_effective(source, dest);
1104} 1105 1106static void	1098} 1099 1100static void
1107mac_biba_sysvmsq_create(struct ucred cred, 1108* struct msqid_kernel msqkptr, struct label msqlabel)	1101biba_sysvmsq_create(struct ucred cred, struct msqid_kernel msqkptr, 1102 struct label *msqlabel)
1109{ 1110 struct mac_biba source, dest; 1111 1112 source = SLOT(cred->cr_label); 1113 dest = SLOT(msqlabel); 1114	1103{ 1104 struct mac_biba source, dest; 1105 1106 source = SLOT(cred->cr_label); 1107 dest = SLOT(msqlabel); 1108
1115 mac_biba_copy_effective(source, dest);	1109 biba_copy_effective(source, dest);
1116} 1117 1118static void	1110} 1111 1112static void
1119mac_biba_sysvsem_create(struct ucred cred, struct semid_kernel semakptr,	1113biba_sysvsem_create(struct ucred cred, struct semid_kernel semakptr,
1120 struct label semalabel) 1121{ 1122* struct mac_biba source, dest; 1123 1124 source = SLOT(cred->cr_label); 1125 dest = SLOT(semalabel); 1126	1114 struct label semalabel) 1115{ 1116* struct mac_biba source, dest; 1117 1118 source = SLOT(cred->cr_label); 1119 dest = SLOT(semalabel); 1120
1127 mac_biba_copy_effective(source, dest);	1121 biba_copy_effective(source, dest);
1128} 1129 1130static void	1122} 1123 1124static void
1131mac_biba_sysvshm_create(struct ucred cred, struct shmid_kernel shmsegptr,	1125biba_sysvshm_create(struct ucred cred, struct shmid_kernel shmsegptr,
1132 struct label shmlabel) 1133{ 1134* struct mac_biba source, dest; 1135 1136 source = SLOT(cred->cr_label); 1137 dest = SLOT(shmlabel); 1138	1126 struct label shmlabel) 1127{ 1128* struct mac_biba source, dest; 1129 1130 source = SLOT(cred->cr_label); 1131 dest = SLOT(shmlabel); 1132
1139 mac_biba_copy_effective(source, dest);	1133 biba_copy_effective(source, dest);
1140} 1141 1142/* 1143 * Labeling event operations: network objects. 1144 / 1145*static void	1134} 1135 1136/* 1137 * Labeling event operations: network objects. 1138 / 1139*static void
1146mac_biba_socketpeer_set_from_socket(struct socket *oldso,	1140biba_socketpeer_set_from_socket(struct socket *oldso,
1147 struct label oldsolabel, struct socket newso, 1148 struct label newsopeerlabel) 1149{ 1150* struct mac_biba source, dest; 1151 1152 source = SLOT(oldsolabel); 1153 dest = SLOT(newsopeerlabel); 1154	1141 struct label oldsolabel, struct socket newso, 1142 struct label newsopeerlabel) 1143{ 1144* struct mac_biba source, dest; 1145 1146 source = SLOT(oldsolabel); 1147 dest = SLOT(newsopeerlabel); 1148
1155 mac_biba_copy_effective(source, dest);	1149 biba_copy_effective(source, dest);
1156} 1157 1158static void	1150} 1151 1152static void
1159mac_biba_bpfdesc_create(struct ucred cred, struct bpf_d d,	1153biba_bpfdesc_create(struct ucred cred, struct bpf_d d,
1160 struct label dlabel) 1161{ 1162* struct mac_biba source, dest; 1163 1164 source = SLOT(cred->cr_label); 1165 dest = SLOT(dlabel); 1166	1154 struct label dlabel) 1155{ 1156* struct mac_biba source, dest; 1157 1158 source = SLOT(cred->cr_label); 1159 dest = SLOT(dlabel); 1160
1167 mac_biba_copy_effective(source, dest);	1161 biba_copy_effective(source, dest);
1168} 1169 1170static void	1162} 1163 1164static void
1171mac_biba_ifnet_create(struct ifnet ifp, struct label ifplabel)	1165biba_ifnet_create(struct ifnet ifp, struct label ifplabel)
1172{ 1173 char tifname[IFNAMSIZ], p, q; 1174 char tiflist[sizeof(trusted_interfaces)]; 1175 struct mac_biba dest; 1176* int len, type; 1177 1178 dest = SLOT(ifplabel); 1179 --- 35 unchanged lines hidden (view full) --- 1215 q, IFNAMSIZ); 1216 } 1217 if (p == '\0') 1218* break; 1219 q = p + 1; 1220 } 1221 } 1222set:	1166{ 1167 char tifname[IFNAMSIZ], p, q; 1168 char tiflist[sizeof(trusted_interfaces)]; 1169 struct mac_biba dest; 1170* int len, type; 1171 1172 dest = SLOT(ifplabel); 1173 --- 35 unchanged lines hidden (view full) --- 1209 q, IFNAMSIZ); 1210 } 1211 if (p == '\0') 1212* break; 1213 q = p + 1; 1214 } 1215 } 1216set:
1223 mac_biba_set_effective(dest, type, 0, NULL); 1224 mac_biba_set_range(dest, type, 0, NULL, type, 0, NULL);	1217 biba_set_effective(dest, type, 0, NULL); 1218 biba_set_range(dest, type, 0, NULL, type, 0, NULL);
1225} 1226 1227static void	1219} 1220 1221static void
1228mac_biba_ipq_create(struct mbuf m, struct label mlabel, struct ipq *ipq,	1222biba_ipq_create(struct mbuf m, struct label mlabel, struct ipq *ipq,
1229 struct label ipqlabel) 1230{ 1231* struct mac_biba source, dest; 1232 1233 source = SLOT(mlabel); 1234 dest = SLOT(ipqlabel); 1235	1223 struct label ipqlabel) 1224{ 1225* struct mac_biba source, dest; 1226 1227 source = SLOT(mlabel); 1228 dest = SLOT(ipqlabel); 1229
1236 mac_biba_copy_effective(source, dest);	1230 biba_copy_effective(source, dest);
1237} 1238 1239static void	1231} 1232 1233static void
1240mac_biba_ipq_reassemble(struct ipq ipq, struct label ipqlabel, 1241 struct mbuf m, struct label mlabel)	1234biba_ipq_reassemble(struct ipq ipq, struct label ipqlabel, struct mbuf m, 1235* struct label *mlabel)
1242{ 1243 struct mac_biba source, dest; 1244 1245 source = SLOT(ipqlabel); 1246 dest = SLOT(mlabel); 1247 1248 /* Just use the head, since we require them all to match. */	1236{ 1237 struct mac_biba source, dest; 1238 1239 source = SLOT(ipqlabel); 1240 dest = SLOT(mlabel); 1241 1242 /* Just use the head, since we require them all to match. */
1249 mac_biba_copy_effective(source, dest);	1243 biba_copy_effective(source, dest);
1250} 1251 1252static void	1244} 1245 1246static void
1253mac_biba_netinet_fragment(struct mbuf m, struct label mlabel,	1247biba_netinet_fragment(struct mbuf m, struct label mlabel,
1254 struct mbuf frag, struct label fraglabel) 1255{ 1256 struct mac_biba source, dest; 1257 1258 source = SLOT(mlabel); 1259 dest = SLOT(fraglabel); 1260	1248 struct mbuf frag, struct label fraglabel) 1249{ 1250 struct mac_biba source, dest; 1251 1252 source = SLOT(mlabel); 1253 dest = SLOT(fraglabel); 1254
1261 mac_biba_copy_effective(source, dest);	1255 biba_copy_effective(source, dest);
1262} 1263 1264static void	1256} 1257 1258static void
1265mac_biba_inpcb_create_mbuf(struct inpcb inp, struct label inplabel,	1259biba_inpcb_create_mbuf(struct inpcb inp, struct label inplabel,
1266 struct mbuf m, struct label mlabel) 1267{ 1268 struct mac_biba source, dest; 1269 1270 source = SLOT(inplabel); 1271 dest = SLOT(mlabel); 1272	1260 struct mbuf m, struct label mlabel) 1261{ 1262 struct mac_biba source, dest; 1263 1264 source = SLOT(inplabel); 1265 dest = SLOT(mlabel); 1266
1273 mac_biba_copy_effective(source, dest);	1267 biba_copy_effective(source, dest);
1274} 1275 1276static void	1268} 1269 1270static void
1277mac_biba_create_mbuf_linklayer(struct ifnet ifp, struct label ifplabel,	1271biba_create_mbuf_linklayer(struct ifnet ifp, struct label ifplabel,
1278 struct mbuf m, struct label mlabel) 1279{ 1280 struct mac_biba dest; 1281* 1282 dest = SLOT(mlabel); 1283	1272 struct mbuf m, struct label mlabel) 1273{ 1274 struct mac_biba dest; 1275* 1276 dest = SLOT(mlabel); 1277
1284 mac_biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL);	1278 biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL);
1285} 1286 1287static void	1279} 1280 1281static void
1288mac_biba_bpfdesc_create_mbuf(struct bpf_d d, struct label dlabel,	1282biba_bpfdesc_create_mbuf(struct bpf_d d, struct label dlabel,
1289 struct mbuf m, struct label mlabel) 1290{ 1291 struct mac_biba source, dest; 1292 1293 source = SLOT(dlabel); 1294 dest = SLOT(mlabel); 1295	1283 struct mbuf m, struct label mlabel) 1284{ 1285 struct mac_biba source, dest; 1286 1287 source = SLOT(dlabel); 1288 dest = SLOT(mlabel); 1289
1296 mac_biba_copy_effective(source, dest);	1290 biba_copy_effective(source, dest);
1297} 1298 1299static void	1291} 1292 1293static void
1300mac_biba_ifnet_create_mbuf(struct ifnet ifp, struct label ifplabel,	1294biba_ifnet_create_mbuf(struct ifnet ifp, struct label ifplabel,
1301 struct mbuf m, struct label mlabel) 1302{ 1303 struct mac_biba source, dest; 1304 1305 source = SLOT(ifplabel); 1306 dest = SLOT(mlabel); 1307	1295 struct mbuf m, struct label mlabel) 1296{ 1297 struct mac_biba source, dest; 1298 1299 source = SLOT(ifplabel); 1300 dest = SLOT(mlabel); 1301
1308 mac_biba_copy_effective(source, dest);	1302 biba_copy_effective(source, dest);
1309} 1310 1311static void	1303} 1304 1305static void
1312mac_biba_mbuf_create_multicast_encap(struct mbuf m, struct label mlabel,	1306biba_mbuf_create_multicast_encap(struct mbuf m, struct label mlabel,
1313 struct ifnet ifp, struct label ifplabel, struct mbuf mnew, 1314* struct label mnewlabel) 1315{ 1316* struct mac_biba source, dest; 1317 1318 source = SLOT(mlabel); 1319 dest = SLOT(mnewlabel); 1320	1307 struct ifnet ifp, struct label ifplabel, struct mbuf mnew, 1308* struct label mnewlabel) 1309{ 1310* struct mac_biba source, dest; 1311 1312 source = SLOT(mlabel); 1313 dest = SLOT(mnewlabel); 1314
1321 mac_biba_copy_effective(source, dest);	1315 biba_copy_effective(source, dest);
1322} 1323 1324static void	1316} 1317 1318static void
1325mac_biba_mbuf_create_netlayer(struct mbuf m, struct label mlabel,	1319biba_mbuf_create_netlayer(struct mbuf m, struct label mlabel,
1326 struct mbuf newm, struct label mnewlabel) 1327{ 1328 struct mac_biba source, dest; 1329 1330 source = SLOT(mlabel); 1331 dest = SLOT(mnewlabel); 1332	1320 struct mbuf newm, struct label mnewlabel) 1321{ 1322 struct mac_biba source, dest; 1323 1324 source = SLOT(mlabel); 1325 dest = SLOT(mnewlabel); 1326
1333 mac_biba_copy_effective(source, dest);	1327 biba_copy_effective(source, dest);
1334} 1335 1336static int	1328} 1329 1330static int
1337mac_biba_ipq_match(struct mbuf m, struct label mlabel, struct ipq *ipq,	1331biba_ipq_match(struct mbuf m, struct label mlabel, struct ipq *ipq,
1338 struct label ipqlabel) 1339{ 1340* struct mac_biba a, b; 1341 1342 a = SLOT(ipqlabel); 1343 b = SLOT(mlabel); 1344	1332 struct label ipqlabel) 1333{ 1334* struct mac_biba a, b; 1335 1336 a = SLOT(ipqlabel); 1337 b = SLOT(mlabel); 1338
1345 return (mac_biba_equal_effective(a, b));	1339 return (biba_equal_effective(a, b));
1346} 1347 1348static void	1340} 1341 1342static void
1349mac_biba_ifnet_relabel(struct ucred cred, struct ifnet ifp,	1343biba_ifnet_relabel(struct ucred cred, struct ifnet ifp,
1350 struct label ifplabel, struct label newlabel) 1351{ 1352 struct mac_biba source, dest; 1353 1354 source = SLOT(newlabel); 1355 dest = SLOT(ifplabel); 1356	1344 struct label ifplabel, struct label newlabel) 1345{ 1346 struct mac_biba source, dest; 1347 1348 source = SLOT(newlabel); 1349 dest = SLOT(ifplabel); 1350
1357 mac_biba_copy(source, dest);	1351 biba_copy(source, dest);
1358} 1359 1360static void	1352} 1353 1354static void
1361mac_biba_ipq_update(struct mbuf m, struct label mlabel, struct ipq *ipq,	1355biba_ipq_update(struct mbuf m, struct label mlabel, struct ipq *ipq,
1362 struct label ipqlabel) 1363{ 1364* 1365 /* NOOP: we only accept matching labels, so no need to update / 1366} 1367* 1368static void	1356 struct label ipqlabel) 1357{ 1358* 1359 /* NOOP: we only accept matching labels, so no need to update / 1360} 1361* 1362static void
1369mac_biba_inpcb_sosetlabel(struct socket so, struct label solabel,	1363biba_inpcb_sosetlabel(struct socket so, struct label solabel,
1370 struct inpcb inp, struct label inplabel) 1371{ 1372 struct mac_biba source, dest; 1373 1374 source = SLOT(solabel); 1375 dest = SLOT(inplabel); 1376	1364 struct inpcb inp, struct label inplabel) 1365{ 1366 struct mac_biba source, dest; 1367 1368 source = SLOT(solabel); 1369 dest = SLOT(inplabel); 1370
1377 mac_biba_copy(source, dest);	1371 biba_copy(source, dest);
1378} 1379 1380static void	1372} 1373 1374static void
1381mac_biba_mbuf_create_from_firewall(struct mbuf m, struct label label)	1375biba_mbuf_create_from_firewall(struct mbuf m, struct label label)
1382{ 1383 struct mac_biba dest; 1384* 1385 dest = SLOT(label); 1386 1387 /* XXX: where is the label for the firewall really comming from? */	1376{ 1377 struct mac_biba dest; 1378* 1379 dest = SLOT(label); 1380 1381 /* XXX: where is the label for the firewall really comming from? */
1388 mac_biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL);	1382 biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL);
1389} 1390 1391/* 1392 * Labeling event operations: processes. 1393 / 1394*static void	1383} 1384 1385/* 1386 * Labeling event operations: processes. 1387 / 1388*static void
1395mac_biba_proc_create_swapper(struct ucred *cred)	1389biba_proc_create_swapper(struct ucred *cred)
1396{ 1397 struct mac_biba dest; 1398* 1399 dest = SLOT(cred->cr_label); 1400	1390{ 1391 struct mac_biba dest; 1392* 1393 dest = SLOT(cred->cr_label); 1394
1401 mac_biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL); 1402 mac_biba_set_range(dest, MAC_BIBA_TYPE_LOW, 0, NULL, 1403 MAC_BIBA_TYPE_HIGH, 0, NULL);	1395 biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL); 1396 biba_set_range(dest, MAC_BIBA_TYPE_LOW, 0, NULL, MAC_BIBA_TYPE_HIGH, 1397 0, NULL);
1404} 1405 1406static void	1398} 1399 1400static void
1407mac_biba_proc_create_init(struct ucred *cred)	1401biba_proc_create_init(struct ucred *cred)
1408{ 1409 struct mac_biba dest; 1410* 1411 dest = SLOT(cred->cr_label); 1412	1402{ 1403 struct mac_biba dest; 1404* 1405 dest = SLOT(cred->cr_label); 1406
1413 mac_biba_set_effective(dest, MAC_BIBA_TYPE_HIGH, 0, NULL); 1414 mac_biba_set_range(dest, MAC_BIBA_TYPE_LOW, 0, NULL, 1415 MAC_BIBA_TYPE_HIGH, 0, NULL);	1407 biba_set_effective(dest, MAC_BIBA_TYPE_HIGH, 0, NULL); 1408 biba_set_range(dest, MAC_BIBA_TYPE_LOW, 0, NULL, MAC_BIBA_TYPE_HIGH, 1409 0, NULL);
1416} 1417 1418static void	1410} 1411 1412static void
1419mac_biba_cred_relabel(struct ucred cred, struct label newlabel)	1413biba_cred_relabel(struct ucred cred, struct label newlabel)
1420{ 1421 struct mac_biba source, dest; 1422 1423 source = SLOT(newlabel); 1424 dest = SLOT(cred->cr_label); 1425	1414{ 1415 struct mac_biba source, dest; 1416 1417 source = SLOT(newlabel); 1418 dest = SLOT(cred->cr_label); 1419
1426 mac_biba_copy(source, dest);	1420 biba_copy(source, dest);
1427} 1428 1429/* 1430 * Label cleanup/flush operations 1431 / 1432*static void	1421} 1422 1423/* 1424 * Label cleanup/flush operations 1425 / 1426*static void
1433mac_biba_sysvmsg_cleanup(struct label *msglabel)	1427biba_sysvmsg_cleanup(struct label *msglabel)
1434{ 1435 1436 bzero(SLOT(msglabel), sizeof(struct mac_biba)); 1437} 1438 1439static void	1428{ 1429 1430 bzero(SLOT(msglabel), sizeof(struct mac_biba)); 1431} 1432 1433static void
1440mac_biba_sysvmsq_cleanup(struct label *msqlabel)	1434biba_sysvmsq_cleanup(struct label *msqlabel)
1441{ 1442 1443 bzero(SLOT(msqlabel), sizeof(struct mac_biba)); 1444} 1445 1446static void	1435{ 1436 1437 bzero(SLOT(msqlabel), sizeof(struct mac_biba)); 1438} 1439 1440static void
1447mac_biba_sysvsem_cleanup(struct label *semalabel)	1441biba_sysvsem_cleanup(struct label *semalabel)
1448{ 1449 1450 bzero(SLOT(semalabel), sizeof(struct mac_biba)); 1451} 1452 1453static void	1442{ 1443 1444 bzero(SLOT(semalabel), sizeof(struct mac_biba)); 1445} 1446 1447static void
1454mac_biba_sysvshm_cleanup(struct label *shmlabel)	1448biba_sysvshm_cleanup(struct label *shmlabel)
1455{ 1456 bzero(SLOT(shmlabel), sizeof(struct mac_biba)); 1457} 1458 1459/* 1460 * Access control checks. 1461 / 1462*static int	1449{ 1450 bzero(SLOT(shmlabel), sizeof(struct mac_biba)); 1451} 1452 1453/* 1454 * Access control checks. 1455 / 1456*static int
1463mac_biba_bpfdesc_check_receive(struct bpf_d d, struct label dlabel,	1457biba_bpfdesc_check_receive(struct bpf_d d, struct label dlabel,
1464 struct ifnet ifp, struct label ifplabel) 1465{ 1466 struct mac_biba a, b; 1467	1458 struct ifnet ifp, struct label ifplabel) 1459{ 1460 struct mac_biba a, b; 1461
1468 if (!mac_biba_enabled)	1462 if (!biba_enabled)
1469 return (0); 1470 1471 a = SLOT(dlabel); 1472 b = SLOT(ifplabel); 1473	1463 return (0); 1464 1465 a = SLOT(dlabel); 1466 b = SLOT(ifplabel); 1467
1474 if (mac_biba_equal_effective(a, b))	1468 if (biba_equal_effective(a, b))
1475 return (0); 1476 return (EACCES); 1477} 1478 1479static int	1469 return (0); 1470 return (EACCES); 1471} 1472 1473static int
1480mac_biba_cred_check_relabel(struct ucred cred, struct label newlabel)	1474biba_cred_check_relabel(struct ucred cred, struct label newlabel)
1481{ 1482 struct mac_biba subj, new; 1483 int error; 1484 1485 subj = SLOT(cred->cr_label); 1486 new = SLOT(newlabel); 1487 1488 /* --- 10 unchanged lines hidden (view full) --- 1499 if (new->mb_flags & MAC_BIBA_FLAGS_BOTH) { 1500 /* 1501 * If the change request modifies both the Biba label 1502 * effective and range, check that the new effective will be 1503 * in the new range. 1504 / 1505* if ((new->mb_flags & MAC_BIBA_FLAGS_BOTH) == 1506 MAC_BIBA_FLAGS_BOTH &&	1475{ 1476 struct mac_biba subj, new; 1477 int error; 1478 1479 subj = SLOT(cred->cr_label); 1480 new = SLOT(newlabel); 1481 1482 /* --- 10 unchanged lines hidden (view full) --- 1493 if (new->mb_flags & MAC_BIBA_FLAGS_BOTH) { 1494 /* 1495 * If the change request modifies both the Biba label 1496 * effective and range, check that the new effective will be 1497 * in the new range. 1498 / 1499* if ((new->mb_flags & MAC_BIBA_FLAGS_BOTH) == 1500 MAC_BIBA_FLAGS_BOTH &&
1507 !mac_biba_effective_in_range(new, new))	1501 !biba_effective_in_range(new, new))
1508 return (EINVAL); 1509 1510 /* 1511 * To change the Biba effective label on a credential, the 1512 * new effective label must be in the current range. 1513 / 1514* if (new->mb_flags & MAC_BIBA_FLAG_EFFECTIVE &&	1502 return (EINVAL); 1503 1504 /* 1505 * To change the Biba effective label on a credential, the 1506 * new effective label must be in the current range. 1507 / 1508* if (new->mb_flags & MAC_BIBA_FLAG_EFFECTIVE &&
1515 !mac_biba_effective_in_range(new, subj))	1509 !biba_effective_in_range(new, subj))
1516 return (EPERM); 1517 1518 /*	1510 return (EPERM); 1511 1512 /*
1519 * To change the Biba range on a credential, the new 1520 * range label must be in the current range.	1513 * To change the Biba range on a credential, the new range 1514 * label must be in the current range.
1521 / 1522* if (new->mb_flags & MAC_BIBA_FLAG_RANGE &&	1515 / 1516* if (new->mb_flags & MAC_BIBA_FLAG_RANGE &&
1523 !mac_biba_range_in_range(new, subj))	1517 !biba_range_in_range(new, subj))
1524 return (EPERM); 1525 1526 /*	1518 return (EPERM); 1519 1520 /*
1527 * To have EQUAL in any component of the new credential 1528 * Biba label, the subject must already have EQUAL in 1529 * their label.	1521 * To have EQUAL in any component of the new credential Biba 1522 * label, the subject must already have EQUAL in their label.
1530 */	1523 */
1531 if (mac_biba_contains_equal(new)) { 1532 error = mac_biba_subject_privileged(subj);	1524 if (biba_contains_equal(new)) { 1525 error = biba_subject_privileged(subj);
1533 if (error) 1534 return (error); 1535 } 1536 } 1537 1538 return (0); 1539} 1540 1541static int	1526 if (error) 1527 return (error); 1528 } 1529 } 1530 1531 return (0); 1532} 1533 1534static int
1542mac_biba_cred_check_visible(struct ucred u1, struct ucred u2)	1535biba_cred_check_visible(struct ucred u1, struct ucred u2)
1543{ 1544 struct mac_biba subj, obj; 1545	1536{ 1537 struct mac_biba subj, obj; 1538
1546 if (!mac_biba_enabled)	1539 if (!biba_enabled)
1547 return (0); 1548 1549 subj = SLOT(u1->cr_label); 1550 obj = SLOT(u2->cr_label); 1551 1552 /* XXX: range */	1540 return (0); 1541 1542 subj = SLOT(u1->cr_label); 1543 obj = SLOT(u2->cr_label); 1544 1545 /* XXX: range */
1553 if (!mac_biba_dominate_effective(obj, subj))	1546 if (!biba_dominate_effective(obj, subj))
1554 return (ESRCH); 1555 1556 return (0); 1557} 1558 1559static int	1547 return (ESRCH); 1548 1549 return (0); 1550} 1551 1552static int
1560mac_biba_ifnet_check_relabel(struct ucred cred, struct ifnet ifp,	1553biba_ifnet_check_relabel(struct ucred cred, struct ifnet ifp,
1561 struct label ifplabel, struct label newlabel) 1562{ 1563 struct mac_biba subj, new; 1564 int error; 1565 1566 subj = SLOT(cred->cr_label); 1567 new = SLOT(newlabel); 1568 1569 /*	1554 struct label ifplabel, struct label newlabel) 1555{ 1556 struct mac_biba subj, new; 1557 int error; 1558 1559 subj = SLOT(cred->cr_label); 1560 new = SLOT(newlabel); 1561 1562 /*
1570 * If there is a Biba label update for the interface, it may 1571 * be an update of the effective, range, or both.	1563 * If there is a Biba label update for the interface, it may be an 1564 * update of the effective, range, or both.
1572 / 1573* error = biba_atmostflags(new, MAC_BIBA_FLAGS_BOTH); 1574 if (error) 1575 return (error); 1576 1577 /* 1578 * Relabling network interfaces requires Biba privilege. 1579 */	1565 / 1566* error = biba_atmostflags(new, MAC_BIBA_FLAGS_BOTH); 1567 if (error) 1568 return (error); 1569 1570 /* 1571 * Relabling network interfaces requires Biba privilege. 1572 */
1580 error = mac_biba_subject_privileged(subj);	1573 error = biba_subject_privileged(subj);
1581 if (error) 1582 return (error); 1583 1584 return (0); 1585} 1586 1587static int	1574 if (error) 1575 return (error); 1576 1577 return (0); 1578} 1579 1580static int
1588mac_biba_ifnet_check_transmit(struct ifnet ifp, struct label ifplabel,	1581biba_ifnet_check_transmit(struct ifnet ifp, struct label ifplabel,
1589 struct mbuf m, struct label mlabel) 1590{ 1591 struct mac_biba p, i; 1592	1582 struct mbuf m, struct label mlabel) 1583{ 1584 struct mac_biba p, i; 1585
1593 if (!mac_biba_enabled)	1586 if (!biba_enabled)
1594 return (0); 1595 1596 p = SLOT(mlabel); 1597 i = SLOT(ifplabel); 1598	1587 return (0); 1588 1589 p = SLOT(mlabel); 1590 i = SLOT(ifplabel); 1591
1599 return (mac_biba_effective_in_range(p, i) ? 0 : EACCES);	1592 return (biba_effective_in_range(p, i) ? 0 : EACCES);
1600} 1601 1602static int	1593} 1594 1595static int
1603mac_biba_inpcb_check_deliver(struct inpcb inp, struct label inplabel,	1596biba_inpcb_check_deliver(struct inpcb inp, struct label inplabel,
1604 struct mbuf m, struct label mlabel) 1605{ 1606 struct mac_biba p, i; 1607	1597 struct mbuf m, struct label mlabel) 1598{ 1599 struct mac_biba p, i; 1600
1608 if (!mac_biba_enabled)	1601 if (!biba_enabled)
1609 return (0); 1610 1611 p = SLOT(mlabel); 1612 i = SLOT(inplabel); 1613	1602 return (0); 1603 1604 p = SLOT(mlabel); 1605 i = SLOT(inplabel); 1606
1614 return (mac_biba_equal_effective(p, i) ? 0 : EACCES);	1607 return (biba_equal_effective(p, i) ? 0 : EACCES);
1615} 1616 1617static int	1608} 1609 1610static int
1618mac_biba_sysvmsq_check_msgrcv(struct ucred cred, struct msg msgptr,	1611biba_sysvmsq_check_msgrcv(struct ucred cred, struct msg msgptr,
1619 struct label msglabel) 1620{ 1621* struct mac_biba subj, obj; 1622	1612 struct label msglabel) 1613{ 1614* struct mac_biba subj, obj; 1615
1623 if (!mac_biba_enabled)	1616 if (!biba_enabled)
1624 return (0); 1625 1626 subj = SLOT(cred->cr_label); 1627 obj = SLOT(msglabel); 1628	1617 return (0); 1618 1619 subj = SLOT(cred->cr_label); 1620 obj = SLOT(msglabel); 1621
1629 if (!mac_biba_dominate_effective(obj, subj))	1622 if (!biba_dominate_effective(obj, subj))
1630 return (EACCES); 1631 1632 return (0); 1633} 1634 1635static int	1623 return (EACCES); 1624 1625 return (0); 1626} 1627 1628static int
1636mac_biba_sysvmsq_check_msgrmid(struct ucred cred, struct msg msgptr,	1629biba_sysvmsq_check_msgrmid(struct ucred cred, struct msg msgptr,
1637 struct label msglabel) 1638{ 1639* struct mac_biba subj, obj; 1640	1630 struct label msglabel) 1631{ 1632* struct mac_biba subj, obj; 1633
1641 if (!mac_biba_enabled)	1634 if (!biba_enabled)
1642 return (0); 1643 1644 subj = SLOT(cred->cr_label); 1645 obj = SLOT(msglabel); 1646	1635 return (0); 1636 1637 subj = SLOT(cred->cr_label); 1638 obj = SLOT(msglabel); 1639
1647 if (!mac_biba_dominate_effective(subj, obj))	1640 if (!biba_dominate_effective(subj, obj))
1648 return (EACCES); 1649 1650 return (0); 1651} 1652 1653static int	1641 return (EACCES); 1642 1643 return (0); 1644} 1645 1646static int
1654mac_biba_sysvmsq_check_msqget(struct ucred cred, 1655* struct msqid_kernel msqkptr, struct label msqklabel)	1647biba_sysvmsq_check_msqget(struct ucred cred, struct msqid_kernel msqkptr, 1648 struct label *msqklabel)
1656{ 1657 struct mac_biba subj, obj; 1658	1649{ 1650 struct mac_biba subj, obj; 1651
1659 if (!mac_biba_enabled)	1652 if (!biba_enabled)
1660 return (0); 1661 1662 subj = SLOT(cred->cr_label); 1663 obj = SLOT(msqklabel); 1664	1653 return (0); 1654 1655 subj = SLOT(cred->cr_label); 1656 obj = SLOT(msqklabel); 1657
1665 if (!mac_biba_dominate_effective(obj, subj))	1658 if (!biba_dominate_effective(obj, subj))
1666 return (EACCES); 1667 1668 return (0); 1669} 1670 1671static int	1659 return (EACCES); 1660 1661 return (0); 1662} 1663 1664static int
1672mac_biba_sysvmsq_check_msqsnd(struct ucred cred, 1673* struct msqid_kernel msqkptr, struct label msqklabel)	1665biba_sysvmsq_check_msqsnd(struct ucred cred, struct msqid_kernel msqkptr, 1666 struct label *msqklabel)
1674{ 1675 struct mac_biba subj, obj; 1676	1667{ 1668 struct mac_biba subj, obj; 1669
1677 if (!mac_biba_enabled)	1670 if (!biba_enabled)
1678 return (0); 1679 1680 subj = SLOT(cred->cr_label); 1681 obj = SLOT(msqklabel); 1682	1671 return (0); 1672 1673 subj = SLOT(cred->cr_label); 1674 obj = SLOT(msqklabel); 1675
1683 if (!mac_biba_dominate_effective(subj, obj))	1676 if (!biba_dominate_effective(subj, obj))
1684 return (EACCES); 1685 1686 return (0); 1687} 1688 1689static int	1677 return (EACCES); 1678 1679 return (0); 1680} 1681 1682static int
1690mac_biba_sysvmsq_check_msqrcv(struct ucred cred, 1691* struct msqid_kernel msqkptr, struct label msqklabel)	1683biba_sysvmsq_check_msqrcv(struct ucred cred, struct msqid_kernel msqkptr, 1684 struct label *msqklabel)
1692{ 1693 struct mac_biba subj, obj; 1694	1685{ 1686 struct mac_biba subj, obj; 1687
1695 if (!mac_biba_enabled)	1688 if (!biba_enabled)
1696 return (0); 1697 1698 subj = SLOT(cred->cr_label); 1699 obj = SLOT(msqklabel); 1700	1689 return (0); 1690 1691 subj = SLOT(cred->cr_label); 1692 obj = SLOT(msqklabel); 1693
1701 if (!mac_biba_dominate_effective(obj, subj))	1694 if (!biba_dominate_effective(obj, subj))
1702 return (EACCES); 1703 1704 return (0); 1705} 1706	1695 return (EACCES); 1696 1697 return (0); 1698} 1699
1707
1708static int	1700static int
1709mac_biba_sysvmsq_check_msqctl(struct ucred cred, 1710* struct msqid_kernel msqkptr, struct label msqklabel, int cmd)	1701biba_sysvmsq_check_msqctl(struct ucred cred, struct msqid_kernel msqkptr, 1702 struct label *msqklabel, int cmd)
1711{ 1712 struct mac_biba subj, obj; 1713	1703{ 1704 struct mac_biba subj, obj; 1705
1714 if (!mac_biba_enabled)	1706 if (!biba_enabled)
1715 return (0); 1716 1717 subj = SLOT(cred->cr_label); 1718 obj = SLOT(msqklabel); 1719 1720 switch(cmd) { 1721 case IPC_RMID: 1722 case IPC_SET:	1707 return (0); 1708 1709 subj = SLOT(cred->cr_label); 1710 obj = SLOT(msqklabel); 1711 1712 switch(cmd) { 1713 case IPC_RMID: 1714 case IPC_SET:
1723 if (!mac_biba_dominate_effective(subj, obj))	1715 if (!biba_dominate_effective(subj, obj))
1724 return (EACCES); 1725 break; 1726 1727 case IPC_STAT:	1716 return (EACCES); 1717 break; 1718 1719 case IPC_STAT:
1728 if (!mac_biba_dominate_effective(obj, subj))	1720 if (!biba_dominate_effective(obj, subj))
1729 return (EACCES); 1730 break; 1731 1732 default: 1733 return (EACCES); 1734 } 1735 1736 return (0); 1737} 1738 1739static int	1721 return (EACCES); 1722 break; 1723 1724 default: 1725 return (EACCES); 1726 } 1727 1728 return (0); 1729} 1730 1731static int
1740mac_biba_sysvsem_check_semctl(struct ucred cred, 1741* struct semid_kernel semakptr, struct label semaklabel, int cmd)	1732biba_sysvsem_check_semctl(struct ucred cred, struct semid_kernel semakptr, 1733 struct label *semaklabel, int cmd)
1742{ 1743 struct mac_biba subj, obj; 1744	1734{ 1735 struct mac_biba subj, obj; 1736
1745 if (!mac_biba_enabled)	1737 if (!biba_enabled)
1746 return (0); 1747 1748 subj = SLOT(cred->cr_label); 1749 obj = SLOT(semaklabel); 1750 1751 switch(cmd) { 1752 case IPC_RMID: 1753 case IPC_SET: 1754 case SETVAL: 1755 case SETALL:	1738 return (0); 1739 1740 subj = SLOT(cred->cr_label); 1741 obj = SLOT(semaklabel); 1742 1743 switch(cmd) { 1744 case IPC_RMID: 1745 case IPC_SET: 1746 case SETVAL: 1747 case SETALL:
1756 if (!mac_biba_dominate_effective(subj, obj))	1748 if (!biba_dominate_effective(subj, obj))
1757 return (EACCES); 1758 break; 1759 1760 case IPC_STAT: 1761 case GETVAL: 1762 case GETPID: 1763 case GETNCNT: 1764 case GETZCNT: 1765 case GETALL:	1749 return (EACCES); 1750 break; 1751 1752 case IPC_STAT: 1753 case GETVAL: 1754 case GETPID: 1755 case GETNCNT: 1756 case GETZCNT: 1757 case GETALL:
1766 if (!mac_biba_dominate_effective(obj, subj))	1758 if (!biba_dominate_effective(obj, subj))
1767 return (EACCES); 1768 break; 1769 1770 default: 1771 return (EACCES); 1772 } 1773 1774 return (0); 1775} 1776 1777static int	1759 return (EACCES); 1760 break; 1761 1762 default: 1763 return (EACCES); 1764 } 1765 1766 return (0); 1767} 1768 1769static int
1778mac_biba_sysvsem_check_semget(struct ucred cred, 1779* struct semid_kernel semakptr, struct label semaklabel)	1770biba_sysvsem_check_semget(struct ucred cred, struct semid_kernel semakptr, 1771 struct label *semaklabel)
1780{ 1781 struct mac_biba subj, obj; 1782	1772{ 1773 struct mac_biba subj, obj; 1774
1783 if (!mac_biba_enabled)	1775 if (!biba_enabled)
1784 return (0); 1785 1786 subj = SLOT(cred->cr_label); 1787 obj = SLOT(semaklabel); 1788	1776 return (0); 1777 1778 subj = SLOT(cred->cr_label); 1779 obj = SLOT(semaklabel); 1780
1789 if (!mac_biba_dominate_effective(obj, subj))	1781 if (!biba_dominate_effective(obj, subj))
1790 return (EACCES); 1791 1792 return (0); 1793} 1794	1782 return (EACCES); 1783 1784 return (0); 1785} 1786
1795
1796static int	1787static int
1797mac_biba_sysvsem_check_semop(struct ucred cred, 1798* struct semid_kernel semakptr, struct label semaklabel, 1799 size_t accesstype)	1788biba_sysvsem_check_semop(struct ucred cred, struct semid_kernel semakptr, 1789 struct label *semaklabel, size_t accesstype)
1800{ 1801 struct mac_biba subj, obj; 1802	1790{ 1791 struct mac_biba subj, obj; 1792
1803 if (!mac_biba_enabled)	1793 if (!biba_enabled)
1804 return (0); 1805 1806 subj = SLOT(cred->cr_label); 1807 obj = SLOT(semaklabel); 1808 1809 if (accesstype & SEM_R)	1794 return (0); 1795 1796 subj = SLOT(cred->cr_label); 1797 obj = SLOT(semaklabel); 1798 1799 if (accesstype & SEM_R)
1810 if (!mac_biba_dominate_effective(obj, subj))	1800 if (!biba_dominate_effective(obj, subj))
1811 return (EACCES); 1812 1813 if (accesstype & SEM_A)	1801 return (EACCES); 1802 1803 if (accesstype & SEM_A)
1814 if (!mac_biba_dominate_effective(subj, obj))	1804 if (!biba_dominate_effective(subj, obj))
1815 return (EACCES); 1816 1817 return (0); 1818} 1819 1820static int	1805 return (EACCES); 1806 1807 return (0); 1808} 1809 1810static int
1821mac_biba_sysvshm_check_shmat(struct ucred cred, 1822* struct shmid_kernel shmsegptr, struct label shmseglabel, int shmflg)	1811biba_sysvshm_check_shmat(struct ucred cred, struct shmid_kernel shmsegptr, 1812 struct label *shmseglabel, int shmflg)
1823{ 1824 struct mac_biba subj, obj; 1825	1813{ 1814 struct mac_biba subj, obj; 1815
1826 if (!mac_biba_enabled)	1816 if (!biba_enabled)
1827 return (0); 1828 1829 subj = SLOT(cred->cr_label); 1830 obj = SLOT(shmseglabel); 1831	1817 return (0); 1818 1819 subj = SLOT(cred->cr_label); 1820 obj = SLOT(shmseglabel); 1821
1832 if (!mac_biba_dominate_effective(obj, subj))	1822 if (!biba_dominate_effective(obj, subj))
1833 return (EACCES); 1834 if ((shmflg & SHM_RDONLY) == 0) {	1823 return (EACCES); 1824 if ((shmflg & SHM_RDONLY) == 0) {
1835 if (!mac_biba_dominate_effective(subj, obj))	1825 if (!biba_dominate_effective(subj, obj))
1836 return (EACCES); 1837 } 1838 1839 return (0); 1840} 1841 1842static int	1826 return (EACCES); 1827 } 1828 1829 return (0); 1830} 1831 1832static int
1843mac_biba_sysvshm_check_shmctl(struct ucred cred, 1844* struct shmid_kernel shmsegptr, struct label shmseglabel, int cmd)	1833biba_sysvshm_check_shmctl(struct ucred cred, struct shmid_kernel shmsegptr, 1834 struct label *shmseglabel, int cmd)
1845{ 1846 struct mac_biba subj, obj; 1847	1835{ 1836 struct mac_biba subj, obj; 1837
1848 if (!mac_biba_enabled)	1838 if (!biba_enabled)
1849 return (0); 1850 1851 subj = SLOT(cred->cr_label); 1852 obj = SLOT(shmseglabel); 1853 1854 switch(cmd) { 1855 case IPC_RMID: 1856 case IPC_SET:	1839 return (0); 1840 1841 subj = SLOT(cred->cr_label); 1842 obj = SLOT(shmseglabel); 1843 1844 switch(cmd) { 1845 case IPC_RMID: 1846 case IPC_SET:
1857 if (!mac_biba_dominate_effective(subj, obj))	1847 if (!biba_dominate_effective(subj, obj))
1858 return (EACCES); 1859 break; 1860 1861 case IPC_STAT: 1862 case SHM_STAT:	1848 return (EACCES); 1849 break; 1850 1851 case IPC_STAT: 1852 case SHM_STAT:
1863 if (!mac_biba_dominate_effective(obj, subj))	1853 if (!biba_dominate_effective(obj, subj))
1864 return (EACCES); 1865 break; 1866 1867 default: 1868 return (EACCES); 1869 } 1870 1871 return (0); 1872} 1873 1874static int	1854 return (EACCES); 1855 break; 1856 1857 default: 1858 return (EACCES); 1859 } 1860 1861 return (0); 1862} 1863 1864static int
1875mac_biba_sysvshm_check_shmget(struct ucred cred, 1876* struct shmid_kernel shmsegptr, struct label shmseglabel, int shmflg)	1865biba_sysvshm_check_shmget(struct ucred cred, struct shmid_kernel shmsegptr, 1866 struct label *shmseglabel, int shmflg)
1877{ 1878 struct mac_biba subj, obj; 1879	1867{ 1868 struct mac_biba subj, obj; 1869
1880 if (!mac_biba_enabled)	1870 if (!biba_enabled)
1881 return (0); 1882 1883 subj = SLOT(cred->cr_label); 1884 obj = SLOT(shmseglabel); 1885	1871 return (0); 1872 1873 subj = SLOT(cred->cr_label); 1874 obj = SLOT(shmseglabel); 1875
1886 if (!mac_biba_dominate_effective(obj, subj))	1876 if (!biba_dominate_effective(obj, subj))
1887 return (EACCES); 1888 1889 return (0); 1890} 1891 1892static int	1877 return (EACCES); 1878 1879 return (0); 1880} 1881 1882static int
1893mac_biba_kld_check_load(struct ucred cred, struct vnode vp,	1883biba_kld_check_load(struct ucred cred, struct vnode vp,
1894 struct label vplabel) 1895{ 1896* struct mac_biba subj, obj; 1897 int error; 1898	1884 struct label vplabel) 1885{ 1886* struct mac_biba subj, obj; 1887 int error; 1888
1899 if (!mac_biba_enabled)	1889 if (!biba_enabled)
1900 return (0); 1901 1902 subj = SLOT(cred->cr_label); 1903	1890 return (0); 1891 1892 subj = SLOT(cred->cr_label); 1893
1904 error = mac_biba_subject_privileged(subj);	1894 error = biba_subject_privileged(subj);
1905 if (error) 1906 return (error); 1907 1908 obj = SLOT(vplabel);	1895 if (error) 1896 return (error); 1897 1898 obj = SLOT(vplabel);
1909 if (!mac_biba_high_effective(obj))	1899 if (!biba_high_effective(obj))
1910 return (EACCES); 1911 1912 return (0); 1913} 1914 1915static int	1900 return (EACCES); 1901 1902 return (0); 1903} 1904 1905static int
1916mac_biba_mount_check_stat(struct ucred cred, struct mount mp,	1906biba_mount_check_stat(struct ucred cred, struct mount mp,
1917 struct label mplabel) 1918{ 1919* struct mac_biba subj, obj; 1920	1907 struct label mplabel) 1908{ 1909* struct mac_biba subj, obj; 1910
1921 if (!mac_biba_enabled)	1911 if (!biba_enabled)
1922 return (0); 1923 1924 subj = SLOT(cred->cr_label); 1925 obj = SLOT(mplabel); 1926	1912 return (0); 1913 1914 subj = SLOT(cred->cr_label); 1915 obj = SLOT(mplabel); 1916
1927 if (!mac_biba_dominate_effective(obj, subj))	1917 if (!biba_dominate_effective(obj, subj))
1928 return (EACCES); 1929 1930 return (0); 1931} 1932 1933static int	1918 return (EACCES); 1919 1920 return (0); 1921} 1922 1923static int
1934mac_biba_pipe_check_ioctl(struct ucred cred, struct pipepair pp,	1924biba_pipe_check_ioctl(struct ucred cred, struct pipepair pp,
1935 struct label pplabel, unsigned long cmd, void / caddr_t / data) 1936{ 1937	1925 struct label pplabel, unsigned long cmd, void / caddr_t / data) 1926{ 1927
1938 if(!mac_biba_enabled)	1928 if(!biba_enabled)
1939 return (0); 1940 1941 /* XXX: This will be implemented soon... / 1942* 1943 return (0); 1944} 1945 1946static int	1929 return (0); 1930 1931 /* XXX: This will be implemented soon... / 1932* 1933 return (0); 1934} 1935 1936static int
1947mac_biba_pipe_check_poll(struct ucred cred, struct pipepair pp,	1937biba_pipe_check_poll(struct ucred cred, struct pipepair pp,
1948 struct label pplabel) 1949{ 1950* struct mac_biba subj, obj; 1951	1938 struct label pplabel) 1939{ 1940* struct mac_biba subj, obj; 1941
1952 if (!mac_biba_enabled)	1942 if (!biba_enabled)
1953 return (0); 1954 1955 subj = SLOT(cred->cr_label); 1956 obj = SLOT(pplabel); 1957	1943 return (0); 1944 1945 subj = SLOT(cred->cr_label); 1946 obj = SLOT(pplabel); 1947
1958 if (!mac_biba_dominate_effective(obj, subj))	1948 if (!biba_dominate_effective(obj, subj))
1959 return (EACCES); 1960 1961 return (0); 1962} 1963 1964static int	1949 return (EACCES); 1950 1951 return (0); 1952} 1953 1954static int
1965mac_biba_pipe_check_read(struct ucred cred, struct pipepair pp,	1955biba_pipe_check_read(struct ucred cred, struct pipepair pp,
1966 struct label pplabel) 1967{ 1968* struct mac_biba subj, obj; 1969	1956 struct label pplabel) 1957{ 1958* struct mac_biba subj, obj; 1959
1970 if (!mac_biba_enabled)	1960 if (!biba_enabled)
1971 return (0); 1972 1973 subj = SLOT(cred->cr_label); 1974 obj = SLOT(pplabel); 1975	1961 return (0); 1962 1963 subj = SLOT(cred->cr_label); 1964 obj = SLOT(pplabel); 1965
1976 if (!mac_biba_dominate_effective(obj, subj))	1966 if (!biba_dominate_effective(obj, subj))
1977 return (EACCES); 1978 1979 return (0); 1980} 1981 1982static int	1967 return (EACCES); 1968 1969 return (0); 1970} 1971 1972static int
1983mac_biba_pipe_check_relabel(struct ucred cred, struct pipepair pp,	1973biba_pipe_check_relabel(struct ucred cred, struct pipepair pp,
1984 struct label pplabel, struct label newlabel) 1985{ 1986 struct mac_biba subj, obj, new; 1987* int error; 1988 1989 new = SLOT(newlabel); 1990 subj = SLOT(cred->cr_label); 1991 obj = SLOT(pplabel); 1992 1993 /*	1974 struct label pplabel, struct label newlabel) 1975{ 1976 struct mac_biba subj, obj, new; 1977* int error; 1978 1979 new = SLOT(newlabel); 1980 subj = SLOT(cred->cr_label); 1981 obj = SLOT(pplabel); 1982 1983 /*
1994 * If there is a Biba label update for a pipe, it must be a 1995 * effective update.	1984 * If there is a Biba label update for a pipe, it must be a effective 1985 * update.
1996 / 1997* error = biba_atmostflags(new, MAC_BIBA_FLAG_EFFECTIVE); 1998 if (error) 1999 return (error); 2000 2001 /* 2002 * To perform a relabel of a pipe (Biba label or not), Biba must 2003 * authorize the relabel. 2004 */	1986 / 1987* error = biba_atmostflags(new, MAC_BIBA_FLAG_EFFECTIVE); 1988 if (error) 1989 return (error); 1990 1991 /* 1992 * To perform a relabel of a pipe (Biba label or not), Biba must 1993 * authorize the relabel. 1994 */
2005 if (!mac_biba_effective_in_range(obj, subj))	1995 if (!biba_effective_in_range(obj, subj))
2006 return (EPERM); 2007 2008 /* 2009 * If the Biba label is to be changed, authorize as appropriate. 2010 / 2011* if (new->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { 2012 /* 2013 * To change the Biba label on a pipe, the new pipe label 2014 * must be in the subject range. 2015 */	1996 return (EPERM); 1997 1998 /* 1999 * If the Biba label is to be changed, authorize as appropriate. 2000 / 2001* if (new->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { 2002 /* 2003 * To change the Biba label on a pipe, the new pipe label 2004 * must be in the subject range. 2005 */
2016 if (!mac_biba_effective_in_range(new, subj))	2006 if (!biba_effective_in_range(new, subj))
2017 return (EPERM); 2018 2019 /* 2020 * To change the Biba label on a pipe to be EQUAL, the 2021 * subject must have appropriate privilege. 2022 */	2007 return (EPERM); 2008 2009 /* 2010 * To change the Biba label on a pipe to be EQUAL, the 2011 * subject must have appropriate privilege. 2012 */
2023 if (mac_biba_contains_equal(new)) { 2024 error = mac_biba_subject_privileged(subj);	2013 if (biba_contains_equal(new)) { 2014 error = biba_subject_privileged(subj);
2025 if (error) 2026 return (error); 2027 } 2028 } 2029 2030 return (0); 2031} 2032 2033static int	2015 if (error) 2016 return (error); 2017 } 2018 } 2019 2020 return (0); 2021} 2022 2023static int
2034mac_biba_pipe_check_stat(struct ucred cred, struct pipepair pp,	2024biba_pipe_check_stat(struct ucred cred, struct pipepair pp,
2035 struct label pplabel) 2036{ 2037* struct mac_biba subj, obj; 2038	2025 struct label pplabel) 2026{ 2027* struct mac_biba subj, obj; 2028
2039 if (!mac_biba_enabled)	2029 if (!biba_enabled)
2040 return (0); 2041 2042 subj = SLOT(cred->cr_label); 2043 obj = SLOT(pplabel); 2044	2030 return (0); 2031 2032 subj = SLOT(cred->cr_label); 2033 obj = SLOT(pplabel); 2034
2045 if (!mac_biba_dominate_effective(obj, subj))	2035 if (!biba_dominate_effective(obj, subj))
2046 return (EACCES); 2047 2048 return (0); 2049} 2050 2051static int	2036 return (EACCES); 2037 2038 return (0); 2039} 2040 2041static int
2052mac_biba_pipe_check_write(struct ucred cred, struct pipepair pp,	2042biba_pipe_check_write(struct ucred cred, struct pipepair pp,
2053 struct label pplabel) 2054{ 2055* struct mac_biba subj, obj; 2056	2043 struct label pplabel) 2044{ 2045* struct mac_biba subj, obj; 2046
2057 if (!mac_biba_enabled)	2047 if (!biba_enabled)
2058 return (0); 2059 2060 subj = SLOT(cred->cr_label); 2061 obj = SLOT(pplabel); 2062	2048 return (0); 2049 2050 subj = SLOT(cred->cr_label); 2051 obj = SLOT(pplabel); 2052
2063 if (!mac_biba_dominate_effective(subj, obj))	2053 if (!biba_dominate_effective(subj, obj))
2064 return (EACCES); 2065 2066 return (0); 2067} 2068 2069static int	2054 return (EACCES); 2055 2056 return (0); 2057} 2058 2059static int
2070mac_biba_posixsem_check_write(struct ucred cred, struct ksem ks,	2060biba_posixsem_check_write(struct ucred cred, struct ksem ks,
2071 struct label kslabel) 2072{ 2073* struct mac_biba subj, obj; 2074	2061 struct label kslabel) 2062{ 2063* struct mac_biba subj, obj; 2064
2075 if (!mac_biba_enabled)	2065 if (!biba_enabled)
2076 return (0); 2077 2078 subj = SLOT(cred->cr_label); 2079 obj = SLOT(kslabel); 2080	2066 return (0); 2067 2068 subj = SLOT(cred->cr_label); 2069 obj = SLOT(kslabel); 2070
2081 if (!mac_biba_dominate_effective(subj, obj))	2071 if (!biba_dominate_effective(subj, obj))
2082 return (EACCES); 2083 2084 return (0); 2085} 2086 2087static int	2072 return (EACCES); 2073 2074 return (0); 2075} 2076 2077static int
2088mac_biba_posixsem_check_rdonly(struct ucred cred, struct ksem ks,	2078biba_posixsem_check_rdonly(struct ucred cred, struct ksem ks,
2089 struct label kslabel) 2090{ 2091* struct mac_biba subj, obj; 2092	2079 struct label kslabel) 2080{ 2081* struct mac_biba subj, obj; 2082
2093 if (!mac_biba_enabled)	2083 if (!biba_enabled)
2094 return (0); 2095 2096 subj = SLOT(cred->cr_label); 2097 obj = SLOT(kslabel); 2098	2084 return (0); 2085 2086 subj = SLOT(cred->cr_label); 2087 obj = SLOT(kslabel); 2088
2099 if (!mac_biba_dominate_effective(obj, subj))	2089 if (!biba_dominate_effective(obj, subj))
2100 return (EACCES); 2101 2102 return (0); 2103} 2104 2105static int	2090 return (EACCES); 2091 2092 return (0); 2093} 2094 2095static int
2106mac_biba_proc_check_debug(struct ucred cred, struct proc p)	2096biba_proc_check_debug(struct ucred cred, struct proc p)
2107{ 2108 struct mac_biba subj, obj; 2109	2097{ 2098 struct mac_biba subj, obj; 2099
2110 if (!mac_biba_enabled)	2100 if (!biba_enabled)
2111 return (0); 2112 2113 subj = SLOT(cred->cr_label); 2114 obj = SLOT(p->p_ucred->cr_label); 2115 2116 /* XXX: range checks */	2101 return (0); 2102 2103 subj = SLOT(cred->cr_label); 2104 obj = SLOT(p->p_ucred->cr_label); 2105 2106 /* XXX: range checks */
2117 if (!mac_biba_dominate_effective(obj, subj))	2107 if (!biba_dominate_effective(obj, subj))
2118 return (ESRCH);	2108 return (ESRCH);
2119 if (!mac_biba_dominate_effective(subj, obj))	2109 if (!biba_dominate_effective(subj, obj))
2120 return (EACCES); 2121 2122 return (0); 2123} 2124 2125static int	2110 return (EACCES); 2111 2112 return (0); 2113} 2114 2115static int
2126mac_biba_proc_check_sched(struct ucred cred, struct proc p)	2116biba_proc_check_sched(struct ucred cred, struct proc p)
2127{ 2128 struct mac_biba subj, obj; 2129	2117{ 2118 struct mac_biba subj, obj; 2119
2130 if (!mac_biba_enabled)	2120 if (!biba_enabled)
2131 return (0); 2132 2133 subj = SLOT(cred->cr_label); 2134 obj = SLOT(p->p_ucred->cr_label); 2135 2136 /* XXX: range checks */	2121 return (0); 2122 2123 subj = SLOT(cred->cr_label); 2124 obj = SLOT(p->p_ucred->cr_label); 2125 2126 /* XXX: range checks */
2137 if (!mac_biba_dominate_effective(obj, subj))	2127 if (!biba_dominate_effective(obj, subj))
2138 return (ESRCH);	2128 return (ESRCH);
2139 if (!mac_biba_dominate_effective(subj, obj))	2129 if (!biba_dominate_effective(subj, obj))
2140 return (EACCES); 2141 2142 return (0); 2143} 2144 2145static int	2130 return (EACCES); 2131 2132 return (0); 2133} 2134 2135static int
2146mac_biba_proc_check_signal(struct ucred cred, struct proc p, int signum)	2136biba_proc_check_signal(struct ucred cred, struct proc p, int signum)
2147{ 2148 struct mac_biba subj, obj; 2149	2137{ 2138 struct mac_biba subj, obj; 2139
2150 if (!mac_biba_enabled)	2140 if (!biba_enabled)
2151 return (0); 2152 2153 subj = SLOT(cred->cr_label); 2154 obj = SLOT(p->p_ucred->cr_label); 2155 2156 /* XXX: range checks */	2141 return (0); 2142 2143 subj = SLOT(cred->cr_label); 2144 obj = SLOT(p->p_ucred->cr_label); 2145 2146 /* XXX: range checks */
2157 if (!mac_biba_dominate_effective(obj, subj))	2147 if (!biba_dominate_effective(obj, subj))
2158 return (ESRCH);	2148 return (ESRCH);
2159 if (!mac_biba_dominate_effective(subj, obj))	2149 if (!biba_dominate_effective(subj, obj))
2160 return (EACCES); 2161 2162 return (0); 2163} 2164 2165static int	2150 return (EACCES); 2151 2152 return (0); 2153} 2154 2155static int
2166mac_biba_socket_check_deliver(struct socket so, struct label solabel,	2156biba_socket_check_deliver(struct socket so, struct label solabel,
2167 struct mbuf m, struct label mlabel) 2168{ 2169 struct mac_biba p, s; 2170	2157 struct mbuf m, struct label mlabel) 2158{ 2159 struct mac_biba p, s; 2160
2171 if (!mac_biba_enabled)	2161 if (!biba_enabled)
2172 return (0); 2173 2174 p = SLOT(mlabel); 2175 s = SLOT(solabel); 2176	2162 return (0); 2163 2164 p = SLOT(mlabel); 2165 s = SLOT(solabel); 2166
2177 return (mac_biba_equal_effective(p, s) ? 0 : EACCES);	2167 return (biba_equal_effective(p, s) ? 0 : EACCES);
2178} 2179 2180static int	2168} 2169 2170static int
2181mac_biba_socket_check_relabel(struct ucred cred, struct socket so,	2171biba_socket_check_relabel(struct ucred cred, struct socket so,
2182 struct label solabel, struct label newlabel) 2183{ 2184 struct mac_biba subj, obj, new; 2185* int error; 2186 2187 new = SLOT(newlabel); 2188 subj = SLOT(cred->cr_label); 2189 obj = SLOT(solabel); 2190 2191 /*	2172 struct label solabel, struct label newlabel) 2173{ 2174 struct mac_biba subj, obj, new; 2175* int error; 2176 2177 new = SLOT(newlabel); 2178 subj = SLOT(cred->cr_label); 2179 obj = SLOT(solabel); 2180 2181 /*
2192 * If there is a Biba label update for the socket, it may be 2193 * an update of effective.	2182 * If there is a Biba label update for the socket, it may be an 2183 * update of effective.
2194 / 2195* error = biba_atmostflags(new, MAC_BIBA_FLAG_EFFECTIVE); 2196 if (error) 2197 return (error); 2198 2199 /*	2184 / 2185* error = biba_atmostflags(new, MAC_BIBA_FLAG_EFFECTIVE); 2186 if (error) 2187 return (error); 2188 2189 /*
2200 * To relabel a socket, the old socket effective must be in the subject 2201 * range.	2190 * To relabel a socket, the old socket effective must be in the 2191 * subject range.
2202 */	2192 */
2203 if (!mac_biba_effective_in_range(obj, subj))	2193 if (!biba_effective_in_range(obj, subj))
2204 return (EPERM); 2205 2206 /* 2207 * If the Biba label is to be changed, authorize as appropriate. 2208 / 2209* if (new->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { 2210 /* 2211 * To relabel a socket, the new socket effective must be in 2212 * the subject range. 2213 */	2194 return (EPERM); 2195 2196 /* 2197 * If the Biba label is to be changed, authorize as appropriate. 2198 / 2199* if (new->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { 2200 /* 2201 * To relabel a socket, the new socket effective must be in 2202 * the subject range. 2203 */
2214 if (!mac_biba_effective_in_range(new, subj))	2204 if (!biba_effective_in_range(new, subj))
2215 return (EPERM); 2216 2217 /* 2218 * To change the Biba label on the socket to contain EQUAL, 2219 * the subject must have appropriate privilege. 2220 */	2205 return (EPERM); 2206 2207 /* 2208 * To change the Biba label on the socket to contain EQUAL, 2209 * the subject must have appropriate privilege. 2210 */
2221 if (mac_biba_contains_equal(new)) { 2222 error = mac_biba_subject_privileged(subj);	2211 if (biba_contains_equal(new)) { 2212 error = biba_subject_privileged(subj);
2223 if (error) 2224 return (error); 2225 } 2226 } 2227 2228 return (0); 2229} 2230 2231static int	2213 if (error) 2214 return (error); 2215 } 2216 } 2217 2218 return (0); 2219} 2220 2221static int
2232mac_biba_socket_check_visible(struct ucred cred, struct socket so,	2222biba_socket_check_visible(struct ucred cred, struct socket so,
2233 struct label solabel) 2234{ 2235* struct mac_biba subj, obj; 2236	2223 struct label solabel) 2224{ 2225* struct mac_biba subj, obj; 2226
2237 if (!mac_biba_enabled)	2227 if (!biba_enabled)
2238 return (0); 2239 2240 subj = SLOT(cred->cr_label); 2241 obj = SLOT(solabel); 2242	2228 return (0); 2229 2230 subj = SLOT(cred->cr_label); 2231 obj = SLOT(solabel); 2232
2243 if (!mac_biba_dominate_effective(obj, subj))	2233 if (!biba_dominate_effective(obj, subj))
2244 return (ENOENT); 2245 2246 return (0); 2247} 2248 2249/* 2250 * Some system privileges are allowed regardless of integrity grade; others 2251 * are allowed only when running with privilege with respect to the Biba 2252 * policy as they might otherwise allow bypassing of the integrity policy. 2253 / 2254*static int	2234 return (ENOENT); 2235 2236 return (0); 2237} 2238 2239/* 2240 * Some system privileges are allowed regardless of integrity grade; others 2241 * are allowed only when running with privilege with respect to the Biba 2242 * policy as they might otherwise allow bypassing of the integrity policy. 2243 / 2244*static int
2255mac_biba_priv_check(struct ucred *cred, int priv)	2245biba_priv_check(struct ucred *cred, int priv)
2256{ 2257 struct mac_biba subj; 2258* int error; 2259	2246{ 2247 struct mac_biba subj; 2248* int error; 2249
2260 if (!mac_biba_enabled)	2250 if (!biba_enabled)
2261 return (0); 2262 2263 /* 2264 * Exempt only specific privileges from the Biba integrity policy. 2265 / 2266* switch (priv) { 2267 case PRIV_KTRACE: 2268 case PRIV_MSGBUF: --- 154 unchanged lines hidden (view full) --- 2423 break; 2424 2425 /* 2426 * All remaining system privileges are allow only if the process 2427 * holds privilege with respect to the Biba policy. 2428 / 2429* default: 2430 subj = SLOT(cred->cr_label);	2251 return (0); 2252 2253 /* 2254 * Exempt only specific privileges from the Biba integrity policy. 2255 / 2256* switch (priv) { 2257 case PRIV_KTRACE: 2258 case PRIV_MSGBUF: --- 154 unchanged lines hidden (view full) --- 2413 break; 2414 2415 /* 2416 * All remaining system privileges are allow only if the process 2417 * holds privilege with respect to the Biba policy. 2418 / 2419* default: 2420 subj = SLOT(cred->cr_label);
2431 error = mac_biba_subject_privileged(subj);	2421 error = biba_subject_privileged(subj);
2432 if (error) 2433 return (error); 2434 } 2435 return (0); 2436} 2437 2438static int	2422 if (error) 2423 return (error); 2424 } 2425 return (0); 2426} 2427 2428static int
2439mac_biba_system_check_acct(struct ucred cred, struct vnode vp,	2429biba_system_check_acct(struct ucred cred, struct vnode vp,
2440 struct label vplabel) 2441{ 2442* struct mac_biba subj, obj; 2443 int error; 2444	2430 struct label vplabel) 2431{ 2432* struct mac_biba subj, obj; 2433 int error; 2434
2445 if (!mac_biba_enabled)	2435 if (!biba_enabled)
2446 return (0); 2447 2448 subj = SLOT(cred->cr_label); 2449	2436 return (0); 2437 2438 subj = SLOT(cred->cr_label); 2439
2450 error = mac_biba_subject_privileged(subj);	2440 error = biba_subject_privileged(subj);
2451 if (error) 2452 return (error); 2453 2454 if (vplabel == NULL) 2455 return (0); 2456 2457 obj = SLOT(vplabel);	2441 if (error) 2442 return (error); 2443 2444 if (vplabel == NULL) 2445 return (0); 2446 2447 obj = SLOT(vplabel);
2458 if (!mac_biba_high_effective(obj))	2448 if (!biba_high_effective(obj))
2459 return (EACCES); 2460 2461 return (0); 2462} 2463 2464static int	2449 return (EACCES); 2450 2451 return (0); 2452} 2453 2454static int
2465mac_biba_system_check_auditctl(struct ucred cred, struct vnode vp,	2455biba_system_check_auditctl(struct ucred cred, struct vnode vp,
2466 struct label vplabel) 2467{ 2468* struct mac_biba subj, obj; 2469 int error; 2470	2456 struct label vplabel) 2457{ 2458* struct mac_biba subj, obj; 2459 int error; 2460
2471 if (!mac_biba_enabled)	2461 if (!biba_enabled)
2472 return (0); 2473 2474 subj = SLOT(cred->cr_label); 2475	2462 return (0); 2463 2464 subj = SLOT(cred->cr_label); 2465
2476 error = mac_biba_subject_privileged(subj);	2466 error = biba_subject_privileged(subj);
2477 if (error) 2478 return (error); 2479 2480 if (vplabel == NULL) 2481 return (0); 2482 2483 obj = SLOT(vplabel);	2467 if (error) 2468 return (error); 2469 2470 if (vplabel == NULL) 2471 return (0); 2472 2473 obj = SLOT(vplabel);
2484 if (!mac_biba_high_effective(obj))	2474 if (!biba_high_effective(obj))
2485 return (EACCES); 2486 2487 return (0); 2488} 2489 2490static int	2475 return (EACCES); 2476 2477 return (0); 2478} 2479 2480static int
2491mac_biba_system_check_auditon(struct ucred *cred, int cmd)	2481biba_system_check_auditon(struct ucred *cred, int cmd)
2492{ 2493 struct mac_biba subj; 2494* int error; 2495	2482{ 2483 struct mac_biba subj; 2484* int error; 2485
2496 if (!mac_biba_enabled)	2486 if (!biba_enabled)
2497 return (0); 2498 2499 subj = SLOT(cred->cr_label); 2500	2487 return (0); 2488 2489 subj = SLOT(cred->cr_label); 2490
2501 error = mac_biba_subject_privileged(subj);	2491 error = biba_subject_privileged(subj);
2502 if (error) 2503 return (error); 2504 2505 return (0); 2506} 2507 2508static int	2492 if (error) 2493 return (error); 2494 2495 return (0); 2496} 2497 2498static int
2509mac_biba_system_check_swapon(struct ucred cred, struct vnode vp,	2499biba_system_check_swapon(struct ucred cred, struct vnode vp,
2510 struct label vplabel) 2511{ 2512* struct mac_biba subj, obj; 2513 int error; 2514	2500 struct label vplabel) 2501{ 2502* struct mac_biba subj, obj; 2503 int error; 2504
2515 if (!mac_biba_enabled)	2505 if (!biba_enabled)
2516 return (0); 2517 2518 subj = SLOT(cred->cr_label); 2519 obj = SLOT(vplabel); 2520	2506 return (0); 2507 2508 subj = SLOT(cred->cr_label); 2509 obj = SLOT(vplabel); 2510
2521 error = mac_biba_subject_privileged(subj);	2511 error = biba_subject_privileged(subj);
2522 if (error) 2523 return (error); 2524	2512 if (error) 2513 return (error); 2514
2525 if (!mac_biba_high_effective(obj))	2515 if (!biba_high_effective(obj))
2526 return (EACCES); 2527 2528 return (0); 2529} 2530 2531static int	2516 return (EACCES); 2517 2518 return (0); 2519} 2520 2521static int
2532mac_biba_system_check_swapoff(struct ucred cred, struct vnode vp,	2522biba_system_check_swapoff(struct ucred cred, struct vnode vp,
2533 struct label label) 2534{ 2535* struct mac_biba subj; 2536* int error; 2537	2523 struct label label) 2524{ 2525* struct mac_biba subj; 2526* int error; 2527
2538 if (!mac_biba_enabled)	2528 if (!biba_enabled)
2539 return (0); 2540 2541 subj = SLOT(cred->cr_label); 2542	2529 return (0); 2530 2531 subj = SLOT(cred->cr_label); 2532
2543 error = mac_biba_subject_privileged(subj);	2533 error = biba_subject_privileged(subj);
2544 if (error) 2545 return (error); 2546 2547 return (0); 2548} 2549 2550static int	2534 if (error) 2535 return (error); 2536 2537 return (0); 2538} 2539 2540static int
2551mac_biba_system_check_sysctl(struct ucred cred, struct sysctl_oid oidp,	2541biba_system_check_sysctl(struct ucred cred, struct sysctl_oid oidp,
2552 void arg1, int arg2, struct sysctl_req req) 2553{ 2554 struct mac_biba subj; 2555* int error; 2556	2542 void arg1, int arg2, struct sysctl_req req) 2543{ 2544 struct mac_biba subj; 2545* int error; 2546
2557 if (!mac_biba_enabled)	2547 if (!biba_enabled)
2558 return (0); 2559 2560 subj = SLOT(cred->cr_label); 2561 2562 /*	2548 return (0); 2549 2550 subj = SLOT(cred->cr_label); 2551 2552 /*
2563 * Treat sysctl variables without CTLFLAG_ANYBODY flag as 2564 * biba/high, but also require privilege to change them.	2553 * Treat sysctl variables without CTLFLAG_ANYBODY flag as biba/high, 2554 * but also require privilege to change them.
2565 / 2566* if (req->newptr != NULL && (oidp->oid_kind & CTLFLAG_ANYBODY) == 0) {	2555 / 2556* if (req->newptr != NULL && (oidp->oid_kind & CTLFLAG_ANYBODY) == 0) {
2567 if (!mac_biba_subject_dominate_high(subj))	2557 if (!biba_subject_dominate_high(subj))
2568 return (EACCES); 2569	2558 return (EACCES); 2559
2570 error = mac_biba_subject_privileged(subj);	2560 error = biba_subject_privileged(subj);
2571 if (error) 2572 return (error); 2573 } 2574 2575 return (0); 2576} 2577 2578static int	2561 if (error) 2562 return (error); 2563 } 2564 2565 return (0); 2566} 2567 2568static int
2579mac_biba_vnode_check_chdir(struct ucred cred, struct vnode dvp,	2569biba_vnode_check_chdir(struct ucred cred, struct vnode dvp,
2580 struct label dvplabel) 2581{ 2582* struct mac_biba subj, obj; 2583	2570 struct label dvplabel) 2571{ 2572* struct mac_biba subj, obj; 2573
2584 if (!mac_biba_enabled)	2574 if (!biba_enabled)
2585 return (0); 2586 2587 subj = SLOT(cred->cr_label); 2588 obj = SLOT(dvplabel); 2589	2575 return (0); 2576 2577 subj = SLOT(cred->cr_label); 2578 obj = SLOT(dvplabel); 2579
2590 if (!mac_biba_dominate_effective(obj, subj))	2580 if (!biba_dominate_effective(obj, subj))
2591 return (EACCES); 2592 2593 return (0); 2594} 2595 2596static int	2581 return (EACCES); 2582 2583 return (0); 2584} 2585 2586static int
2597mac_biba_vnode_check_chroot(struct ucred cred, struct vnode dvp,	2587biba_vnode_check_chroot(struct ucred cred, struct vnode dvp,
2598 struct label dvplabel) 2599{ 2600* struct mac_biba subj, obj; 2601	2588 struct label dvplabel) 2589{ 2590* struct mac_biba subj, obj; 2591
2602 if (!mac_biba_enabled)	2592 if (!biba_enabled)
2603 return (0); 2604 2605 subj = SLOT(cred->cr_label); 2606 obj = SLOT(dvplabel); 2607	2593 return (0); 2594 2595 subj = SLOT(cred->cr_label); 2596 obj = SLOT(dvplabel); 2597
2608 if (!mac_biba_dominate_effective(obj, subj))	2598 if (!biba_dominate_effective(obj, subj))
2609 return (EACCES); 2610 2611 return (0); 2612} 2613 2614static int	2599 return (EACCES); 2600 2601 return (0); 2602} 2603 2604static int
2615mac_biba_vnode_check_create(struct ucred cred, struct vnode dvp,	2605biba_vnode_check_create(struct ucred cred, struct vnode dvp,
2616 struct label dvplabel, struct componentname cnp, struct vattr vap) 2617{ 2618* struct mac_biba subj, obj; 2619	2606 struct label dvplabel, struct componentname cnp, struct vattr vap) 2607{ 2608* struct mac_biba subj, obj; 2609
2620 if (!mac_biba_enabled)	2610 if (!biba_enabled)
2621 return (0); 2622 2623 subj = SLOT(cred->cr_label); 2624 obj = SLOT(dvplabel); 2625	2611 return (0); 2612 2613 subj = SLOT(cred->cr_label); 2614 obj = SLOT(dvplabel); 2615
2626 if (!mac_biba_dominate_effective(subj, obj))	2616 if (!biba_dominate_effective(subj, obj))
2627 return (EACCES); 2628 2629 return (0); 2630} 2631 2632static int	2617 return (EACCES); 2618 2619 return (0); 2620} 2621 2622static int
2633mac_biba_vnode_check_deleteacl(struct ucred cred, struct vnode vp,	2623biba_vnode_check_deleteacl(struct ucred cred, struct vnode vp,
2634 struct label vplabel, acl_type_t type) 2635{ 2636* struct mac_biba subj, obj; 2637	2624 struct label vplabel, acl_type_t type) 2625{ 2626* struct mac_biba subj, obj; 2627
2638 if (!mac_biba_enabled)	2628 if (!biba_enabled)
2639 return (0); 2640 2641 subj = SLOT(cred->cr_label); 2642 obj = SLOT(vplabel); 2643	2629 return (0); 2630 2631 subj = SLOT(cred->cr_label); 2632 obj = SLOT(vplabel); 2633
2644 if (!mac_biba_dominate_effective(subj, obj))	2634 if (!biba_dominate_effective(subj, obj))
2645 return (EACCES); 2646 2647 return (0); 2648} 2649 2650static int	2635 return (EACCES); 2636 2637 return (0); 2638} 2639 2640static int
2651mac_biba_vnode_check_deleteextattr(struct ucred cred, struct vnode vp,	2641biba_vnode_check_deleteextattr(struct ucred cred, struct vnode vp,
2652 struct label vplabel, int attrnamespace, const char name) 2653{ 2654 struct mac_biba subj, obj; 2655	2642 struct label vplabel, int attrnamespace, const char name) 2643{ 2644 struct mac_biba subj, obj; 2645
2656 if (!mac_biba_enabled)	2646 if (!biba_enabled)
2657 return (0); 2658 2659 subj = SLOT(cred->cr_label); 2660 obj = SLOT(vplabel); 2661	2647 return (0); 2648 2649 subj = SLOT(cred->cr_label); 2650 obj = SLOT(vplabel); 2651
2662 if (!mac_biba_dominate_effective(subj, obj))	2652 if (!biba_dominate_effective(subj, obj))
2663 return (EACCES); 2664 2665 return (0); 2666} 2667 2668static int	2653 return (EACCES); 2654 2655 return (0); 2656} 2657 2658static int
2669mac_biba_vnode_check_exec(struct ucred cred, struct vnode vp,	2659biba_vnode_check_exec(struct ucred cred, struct vnode vp,
2670 struct label vplabel, struct image_params imgp, 2671 struct label execlabel) 2672{ 2673* struct mac_biba subj, obj, exec; 2674* int error; 2675 2676 if (execlabel != NULL) { 2677 /* 2678 * We currently don't permit labels to be changed at	2660 struct label vplabel, struct image_params imgp, 2661 struct label execlabel) 2662{ 2663* struct mac_biba subj, obj, exec; 2664* int error; 2665 2666 if (execlabel != NULL) { 2667 /* 2668 * We currently don't permit labels to be changed at
2679 * exec-time as part of Biba, so disallow non-NULL 2680 * Biba label elements in the execlabel.	2669 * exec-time as part of Biba, so disallow non-NULL Biba label 2670 * elements in the execlabel.
2681 / 2682* exec = SLOT(execlabel); 2683 error = biba_atmostflags(exec, 0); 2684 if (error) 2685 return (error); 2686 } 2687	2671 / 2672* exec = SLOT(execlabel); 2673 error = biba_atmostflags(exec, 0); 2674 if (error) 2675 return (error); 2676 } 2677
2688 if (!mac_biba_enabled)	2678 if (!biba_enabled)
2689 return (0); 2690 2691 subj = SLOT(cred->cr_label); 2692 obj = SLOT(vplabel); 2693	2679 return (0); 2680 2681 subj = SLOT(cred->cr_label); 2682 obj = SLOT(vplabel); 2683
2694 if (!mac_biba_dominate_effective(obj, subj))	2684 if (!biba_dominate_effective(obj, subj))
2695 return (EACCES); 2696 2697 return (0); 2698} 2699 2700static int	2685 return (EACCES); 2686 2687 return (0); 2688} 2689 2690static int
2701mac_biba_vnode_check_getacl(struct ucred cred, struct vnode vp,	2691biba_vnode_check_getacl(struct ucred cred, struct vnode vp,
2702 struct label vplabel, acl_type_t type) 2703{ 2704* struct mac_biba subj, obj; 2705	2692 struct label vplabel, acl_type_t type) 2693{ 2694* struct mac_biba subj, obj; 2695
2706 if (!mac_biba_enabled)	2696 if (!biba_enabled)
2707 return (0); 2708 2709 subj = SLOT(cred->cr_label); 2710 obj = SLOT(vplabel); 2711	2697 return (0); 2698 2699 subj = SLOT(cred->cr_label); 2700 obj = SLOT(vplabel); 2701
2712 if (!mac_biba_dominate_effective(obj, subj))	2702 if (!biba_dominate_effective(obj, subj))
2713 return (EACCES); 2714 2715 return (0); 2716} 2717 2718static int	2703 return (EACCES); 2704 2705 return (0); 2706} 2707 2708static int
2719mac_biba_vnode_check_getextattr(struct ucred cred, struct vnode vp,	2709biba_vnode_check_getextattr(struct ucred cred, struct vnode vp,
2720 struct label vplabel, int attrnamespace, const char name, 2721 struct uio uio) 2722{ 2723* struct mac_biba subj, obj; 2724	2710 struct label vplabel, int attrnamespace, const char name, 2711 struct uio uio) 2712{ 2713* struct mac_biba subj, obj; 2714
2725 if (!mac_biba_enabled)	2715 if (!biba_enabled)
2726 return (0); 2727 2728 subj = SLOT(cred->cr_label); 2729 obj = SLOT(vplabel); 2730	2716 return (0); 2717 2718 subj = SLOT(cred->cr_label); 2719 obj = SLOT(vplabel); 2720
2731 if (!mac_biba_dominate_effective(obj, subj))	2721 if (!biba_dominate_effective(obj, subj))
2732 return (EACCES); 2733 2734 return (0); 2735} 2736 2737static int	2722 return (EACCES); 2723 2724 return (0); 2725} 2726 2727static int
2738mac_biba_vnode_check_link(struct ucred cred, struct vnode dvp,	2728biba_vnode_check_link(struct ucred cred, struct vnode dvp,
2739 struct label dvplabel, struct vnode vp, struct label vplabel, 2740* struct componentname cnp) 2741{ 2742* struct mac_biba subj, obj; 2743	2729 struct label dvplabel, struct vnode vp, struct label vplabel, 2730* struct componentname cnp) 2731{ 2732* struct mac_biba subj, obj; 2733
2744 if (!mac_biba_enabled)	2734 if (!biba_enabled)
2745 return (0); 2746 2747 subj = SLOT(cred->cr_label); 2748 obj = SLOT(dvplabel); 2749	2735 return (0); 2736 2737 subj = SLOT(cred->cr_label); 2738 obj = SLOT(dvplabel); 2739
2750 if (!mac_biba_dominate_effective(subj, obj))	2740 if (!biba_dominate_effective(subj, obj))
2751 return (EACCES); 2752 2753 obj = SLOT(vplabel); 2754	2741 return (EACCES); 2742 2743 obj = SLOT(vplabel); 2744
2755 if (!mac_biba_dominate_effective(subj, obj))	2745 if (!biba_dominate_effective(subj, obj))
2756 return (EACCES); 2757 2758 return (0); 2759} 2760 2761static int	2746 return (EACCES); 2747 2748 return (0); 2749} 2750 2751static int
2762mac_biba_vnode_check_listextattr(struct ucred cred, struct vnode vp,	2752biba_vnode_check_listextattr(struct ucred cred, struct vnode vp,
2763 struct label vplabel, int attrnamespace) 2764{ 2765* struct mac_biba subj, obj; 2766	2753 struct label vplabel, int attrnamespace) 2754{ 2755* struct mac_biba subj, obj; 2756
2767 if (!mac_biba_enabled)	2757 if (!biba_enabled)
2768 return (0); 2769 2770 subj = SLOT(cred->cr_label); 2771 obj = SLOT(vplabel); 2772	2758 return (0); 2759 2760 subj = SLOT(cred->cr_label); 2761 obj = SLOT(vplabel); 2762
2773 if (!mac_biba_dominate_effective(obj, subj))	2763 if (!biba_dominate_effective(obj, subj))
2774 return (EACCES); 2775 2776 return (0); 2777} 2778 2779static int	2764 return (EACCES); 2765 2766 return (0); 2767} 2768 2769static int
2780mac_biba_vnode_check_lookup(struct ucred cred, struct vnode dvp,	2770biba_vnode_check_lookup(struct ucred cred, struct vnode dvp,
2781 struct label dvplabel, struct componentname cnp) 2782{ 2783 struct mac_biba subj, obj; 2784	2771 struct label dvplabel, struct componentname cnp) 2772{ 2773 struct mac_biba subj, obj; 2774
2785 if (!mac_biba_enabled)	2775 if (!biba_enabled)
2786 return (0); 2787 2788 subj = SLOT(cred->cr_label); 2789 obj = SLOT(dvplabel); 2790	2776 return (0); 2777 2778 subj = SLOT(cred->cr_label); 2779 obj = SLOT(dvplabel); 2780
2791 if (!mac_biba_dominate_effective(obj, subj))	2781 if (!biba_dominate_effective(obj, subj))
2792 return (EACCES); 2793 2794 return (0); 2795} 2796 2797static int	2782 return (EACCES); 2783 2784 return (0); 2785} 2786 2787static int
2798mac_biba_vnode_check_mmap(struct ucred cred, struct vnode vp,	2788biba_vnode_check_mmap(struct ucred cred, struct vnode vp,
2799 struct label vplabel, int prot, int flags) 2800{ 2801* struct mac_biba subj, obj; 2802 2803 /* 2804 * Rely on the use of open()-time protections to handle 2805 * non-revocation cases. 2806 */	2789 struct label vplabel, int prot, int flags) 2790{ 2791* struct mac_biba subj, obj; 2792 2793 /* 2794 * Rely on the use of open()-time protections to handle 2795 * non-revocation cases. 2796 */
2807 if (!mac_biba_enabled \|\| !revocation_enabled)	2797 if (!biba_enabled \|\| !revocation_enabled)
2808 return (0); 2809 2810 subj = SLOT(cred->cr_label); 2811 obj = SLOT(vplabel); 2812 2813 if (prot & (VM_PROT_READ \| VM_PROT_EXECUTE)) {	2798 return (0); 2799 2800 subj = SLOT(cred->cr_label); 2801 obj = SLOT(vplabel); 2802 2803 if (prot & (VM_PROT_READ \| VM_PROT_EXECUTE)) {
2814 if (!mac_biba_dominate_effective(obj, subj))	2804 if (!biba_dominate_effective(obj, subj))
2815 return (EACCES); 2816 } 2817 if (((prot & VM_PROT_WRITE) != 0) && ((flags & MAP_SHARED) != 0)) {	2805 return (EACCES); 2806 } 2807 if (((prot & VM_PROT_WRITE) != 0) && ((flags & MAP_SHARED) != 0)) {
2818 if (!mac_biba_dominate_effective(subj, obj))	2808 if (!biba_dominate_effective(subj, obj))
2819 return (EACCES); 2820 } 2821 2822 return (0); 2823} 2824 2825static int	2809 return (EACCES); 2810 } 2811 2812 return (0); 2813} 2814 2815static int
2826mac_biba_vnode_check_open(struct ucred cred, struct vnode vp,	2816biba_vnode_check_open(struct ucred cred, struct vnode vp,
2827 struct label vplabel, int acc_mode) 2828{ 2829* struct mac_biba subj, obj; 2830	2817 struct label vplabel, int acc_mode) 2818{ 2819* struct mac_biba subj, obj; 2820
2831 if (!mac_biba_enabled)	2821 if (!biba_enabled)
2832 return (0); 2833 2834 subj = SLOT(cred->cr_label); 2835 obj = SLOT(vplabel); 2836 2837 /* XXX privilege override for admin? / 2838* if (acc_mode & (VREAD \| VEXEC \| VSTAT)) {	2822 return (0); 2823 2824 subj = SLOT(cred->cr_label); 2825 obj = SLOT(vplabel); 2826 2827 /* XXX privilege override for admin? / 2828* if (acc_mode & (VREAD \| VEXEC \| VSTAT)) {
2839 if (!mac_biba_dominate_effective(obj, subj))	2829 if (!biba_dominate_effective(obj, subj))
2840 return (EACCES); 2841 } 2842 if (acc_mode & (VWRITE \| VAPPEND \| VADMIN)) {	2830 return (EACCES); 2831 } 2832 if (acc_mode & (VWRITE \| VAPPEND \| VADMIN)) {
2843 if (!mac_biba_dominate_effective(subj, obj))	2833 if (!biba_dominate_effective(subj, obj))
2844 return (EACCES); 2845 } 2846 2847 return (0); 2848} 2849 2850static int	2834 return (EACCES); 2835 } 2836 2837 return (0); 2838} 2839 2840static int
2851mac_biba_vnode_check_poll(struct ucred active_cred, struct ucred file_cred,	2841biba_vnode_check_poll(struct ucred active_cred, struct ucred file_cred,
2852 struct vnode vp, struct label vplabel) 2853{ 2854 struct mac_biba subj, obj; 2855	2842 struct vnode vp, struct label vplabel) 2843{ 2844 struct mac_biba subj, obj; 2845
2856 if (!mac_biba_enabled \|\| !revocation_enabled)	2846 if (!biba_enabled \|\| !revocation_enabled)
2857 return (0); 2858 2859 subj = SLOT(active_cred->cr_label); 2860 obj = SLOT(vplabel); 2861	2847 return (0); 2848 2849 subj = SLOT(active_cred->cr_label); 2850 obj = SLOT(vplabel); 2851
2862 if (!mac_biba_dominate_effective(obj, subj))	2852 if (!biba_dominate_effective(obj, subj))
2863 return (EACCES); 2864 2865 return (0); 2866} 2867 2868static int	2853 return (EACCES); 2854 2855 return (0); 2856} 2857 2858static int
2869mac_biba_vnode_check_read(struct ucred active_cred, struct ucred file_cred,	2859biba_vnode_check_read(struct ucred active_cred, struct ucred file_cred,
2870 struct vnode vp, struct label vplabel) 2871{ 2872 struct mac_biba subj, obj; 2873	2860 struct vnode vp, struct label vplabel) 2861{ 2862 struct mac_biba subj, obj; 2863
2874 if (!mac_biba_enabled \|\| !revocation_enabled)	2864 if (!biba_enabled \|\| !revocation_enabled)
2875 return (0); 2876 2877 subj = SLOT(active_cred->cr_label); 2878 obj = SLOT(vplabel); 2879	2865 return (0); 2866 2867 subj = SLOT(active_cred->cr_label); 2868 obj = SLOT(vplabel); 2869
2880 if (!mac_biba_dominate_effective(obj, subj))	2870 if (!biba_dominate_effective(obj, subj))
2881 return (EACCES); 2882 2883 return (0); 2884} 2885 2886static int	2871 return (EACCES); 2872 2873 return (0); 2874} 2875 2876static int
2887mac_biba_vnode_check_readdir(struct ucred cred, struct vnode dvp,	2877biba_vnode_check_readdir(struct ucred cred, struct vnode dvp,
2888 struct label dvplabel) 2889{ 2890* struct mac_biba subj, obj; 2891	2878 struct label dvplabel) 2879{ 2880* struct mac_biba subj, obj; 2881
2892 if (!mac_biba_enabled)	2882 if (!biba_enabled)
2893 return (0); 2894 2895 subj = SLOT(cred->cr_label); 2896 obj = SLOT(dvplabel); 2897	2883 return (0); 2884 2885 subj = SLOT(cred->cr_label); 2886 obj = SLOT(dvplabel); 2887
2898 if (!mac_biba_dominate_effective(obj, subj))	2888 if (!biba_dominate_effective(obj, subj))
2899 return (EACCES); 2900 2901 return (0); 2902} 2903 2904static int	2889 return (EACCES); 2890 2891 return (0); 2892} 2893 2894static int
2905mac_biba_vnode_check_readlink(struct ucred cred, struct vnode vp,	2895biba_vnode_check_readlink(struct ucred cred, struct vnode vp,
2906 struct label vplabel) 2907{ 2908* struct mac_biba subj, obj; 2909	2896 struct label vplabel) 2897{ 2898* struct mac_biba subj, obj; 2899
2910 if (!mac_biba_enabled)	2900 if (!biba_enabled)
2911 return (0); 2912 2913 subj = SLOT(cred->cr_label); 2914 obj = SLOT(vplabel); 2915	2901 return (0); 2902 2903 subj = SLOT(cred->cr_label); 2904 obj = SLOT(vplabel); 2905
2916 if (!mac_biba_dominate_effective(obj, subj))	2906 if (!biba_dominate_effective(obj, subj))
2917 return (EACCES); 2918 2919 return (0); 2920} 2921 2922static int	2907 return (EACCES); 2908 2909 return (0); 2910} 2911 2912static int
2923mac_biba_vnode_check_relabel(struct ucred cred, struct vnode vp,	2913biba_vnode_check_relabel(struct ucred cred, struct vnode vp,
2924 struct label vplabel, struct label newlabel) 2925{ 2926 struct mac_biba old, new, subj; 2927* int error; 2928 2929 old = SLOT(vplabel); 2930 new = SLOT(newlabel); 2931 subj = SLOT(cred->cr_label); --- 5 unchanged lines hidden (view full) --- 2937 error = biba_atmostflags(new, MAC_BIBA_FLAG_EFFECTIVE); 2938 if (error) 2939 return (error); 2940 2941 /* 2942 * To perform a relabel of the vnode (Biba label or not), Biba must 2943 * authorize the relabel. 2944 */	2914 struct label vplabel, struct label newlabel) 2915{ 2916 struct mac_biba old, new, subj; 2917* int error; 2918 2919 old = SLOT(vplabel); 2920 new = SLOT(newlabel); 2921 subj = SLOT(cred->cr_label); --- 5 unchanged lines hidden (view full) --- 2927 error = biba_atmostflags(new, MAC_BIBA_FLAG_EFFECTIVE); 2928 if (error) 2929 return (error); 2930 2931 /* 2932 * To perform a relabel of the vnode (Biba label or not), Biba must 2933 * authorize the relabel. 2934 */
2945 if (!mac_biba_effective_in_range(old, subj))	2935 if (!biba_effective_in_range(old, subj))
2946 return (EPERM); 2947 2948 /* 2949 * If the Biba label is to be changed, authorize as appropriate. 2950 / 2951* if (new->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { 2952 /* 2953 * To change the Biba label on a vnode, the new vnode label 2954 * must be in the subject range. 2955 */	2936 return (EPERM); 2937 2938 /* 2939 * If the Biba label is to be changed, authorize as appropriate. 2940 / 2941* if (new->mb_flags & MAC_BIBA_FLAG_EFFECTIVE) { 2942 /* 2943 * To change the Biba label on a vnode, the new vnode label 2944 * must be in the subject range. 2945 */
2956 if (!mac_biba_effective_in_range(new, subj))	2946 if (!biba_effective_in_range(new, subj))
2957 return (EPERM); 2958 2959 /*	2947 return (EPERM); 2948 2949 /*
2960 * To change the Biba label on the vnode to be EQUAL, 2961 * the subject must have appropriate privilege.	2950 * To change the Biba label on the vnode to be EQUAL, the 2951 * subject must have appropriate privilege.
2962 */	2952 */
2963 if (mac_biba_contains_equal(new)) { 2964 error = mac_biba_subject_privileged(subj);	2953 if (biba_contains_equal(new)) { 2954 error = biba_subject_privileged(subj);
2965 if (error) 2966 return (error); 2967 } 2968 } 2969 2970 return (0); 2971} 2972 2973static int	2955 if (error) 2956 return (error); 2957 } 2958 } 2959 2960 return (0); 2961} 2962 2963static int
2974mac_biba_vnode_check_rename_from(struct ucred cred, struct vnode dvp,	2964biba_vnode_check_rename_from(struct ucred cred, struct vnode dvp,
2975 struct label dvplabel, struct vnode vp, struct label vplabel, 2976* struct componentname cnp) 2977{ 2978* struct mac_biba subj, obj; 2979	2965 struct label dvplabel, struct vnode vp, struct label vplabel, 2966* struct componentname cnp) 2967{ 2968* struct mac_biba subj, obj; 2969
2980 if (!mac_biba_enabled)	2970 if (!biba_enabled)
2981 return (0); 2982 2983 subj = SLOT(cred->cr_label); 2984 obj = SLOT(dvplabel); 2985	2971 return (0); 2972 2973 subj = SLOT(cred->cr_label); 2974 obj = SLOT(dvplabel); 2975
2986 if (!mac_biba_dominate_effective(subj, obj))	2976 if (!biba_dominate_effective(subj, obj))
2987 return (EACCES); 2988 2989 obj = SLOT(vplabel); 2990	2977 return (EACCES); 2978 2979 obj = SLOT(vplabel); 2980
2991 if (!mac_biba_dominate_effective(subj, obj))	2981 if (!biba_dominate_effective(subj, obj))
2992 return (EACCES); 2993 2994 return (0); 2995} 2996 2997static int	2982 return (EACCES); 2983 2984 return (0); 2985} 2986 2987static int
2998mac_biba_vnode_check_rename_to(struct ucred cred, struct vnode dvp,	2988biba_vnode_check_rename_to(struct ucred cred, struct vnode dvp,
2999 struct label dvplabel, struct vnode vp, struct label vplabel, 3000* int samedir, struct componentname cnp) 3001{ 3002* struct mac_biba subj, obj; 3003	2989 struct label dvplabel, struct vnode vp, struct label vplabel, 2990* int samedir, struct componentname cnp) 2991{ 2992* struct mac_biba subj, obj; 2993
3004 if (!mac_biba_enabled)	2994 if (!biba_enabled)
3005 return (0); 3006 3007 subj = SLOT(cred->cr_label); 3008 obj = SLOT(dvplabel); 3009	2995 return (0); 2996 2997 subj = SLOT(cred->cr_label); 2998 obj = SLOT(dvplabel); 2999
3010 if (!mac_biba_dominate_effective(subj, obj))	3000 if (!biba_dominate_effective(subj, obj))
3011 return (EACCES); 3012 3013 if (vp != NULL) { 3014 obj = SLOT(vplabel); 3015	3001 return (EACCES); 3002 3003 if (vp != NULL) { 3004 obj = SLOT(vplabel); 3005
3016 if (!mac_biba_dominate_effective(subj, obj))	3006 if (!biba_dominate_effective(subj, obj))
3017 return (EACCES); 3018 } 3019 3020 return (0); 3021} 3022 3023static int	3007 return (EACCES); 3008 } 3009 3010 return (0); 3011} 3012 3013static int
3024mac_biba_vnode_check_revoke(struct ucred cred, struct vnode vp,	3014biba_vnode_check_revoke(struct ucred cred, struct vnode vp,
3025 struct label vplabel) 3026{ 3027* struct mac_biba subj, obj; 3028	3015 struct label vplabel) 3016{ 3017* struct mac_biba subj, obj; 3018
3029 if (!mac_biba_enabled)	3019 if (!biba_enabled)
3030 return (0); 3031 3032 subj = SLOT(cred->cr_label); 3033 obj = SLOT(vplabel); 3034	3020 return (0); 3021 3022 subj = SLOT(cred->cr_label); 3023 obj = SLOT(vplabel); 3024
3035 if (!mac_biba_dominate_effective(subj, obj))	3025 if (!biba_dominate_effective(subj, obj))
3036 return (EACCES); 3037 3038 return (0); 3039} 3040 3041static int	3026 return (EACCES); 3027 3028 return (0); 3029} 3030 3031static int
3042mac_biba_vnode_check_setacl(struct ucred cred, struct vnode vp,	3032biba_vnode_check_setacl(struct ucred cred, struct vnode vp,
3043 struct label vplabel, acl_type_t type, struct acl acl) 3044{ 3045 struct mac_biba subj, obj; 3046	3033 struct label vplabel, acl_type_t type, struct acl acl) 3034{ 3035 struct mac_biba subj, obj; 3036
3047 if (!mac_biba_enabled)	3037 if (!biba_enabled)
3048 return (0); 3049 3050 subj = SLOT(cred->cr_label); 3051 obj = SLOT(vplabel); 3052	3038 return (0); 3039 3040 subj = SLOT(cred->cr_label); 3041 obj = SLOT(vplabel); 3042
3053 if (!mac_biba_dominate_effective(subj, obj))	3043 if (!biba_dominate_effective(subj, obj))
3054 return (EACCES); 3055 3056 return (0); 3057} 3058 3059static int	3044 return (EACCES); 3045 3046 return (0); 3047} 3048 3049static int
3060mac_biba_vnode_check_setextattr(struct ucred cred, struct vnode vp,	3050biba_vnode_check_setextattr(struct ucred cred, struct vnode vp,
3061 struct label vplabel, int attrnamespace, const char name, 3062 struct uio uio) 3063{ 3064* struct mac_biba subj, obj; 3065	3051 struct label vplabel, int attrnamespace, const char name, 3052 struct uio uio) 3053{ 3054* struct mac_biba subj, obj; 3055
3066 if (!mac_biba_enabled)	3056 if (!biba_enabled)
3067 return (0); 3068 3069 subj = SLOT(cred->cr_label); 3070 obj = SLOT(vplabel); 3071	3057 return (0); 3058 3059 subj = SLOT(cred->cr_label); 3060 obj = SLOT(vplabel); 3061
3072 if (!mac_biba_dominate_effective(subj, obj))	3062 if (!biba_dominate_effective(subj, obj))
3073 return (EACCES); 3074 3075 /* XXX: protect the MAC EA in a special way? / 3076* 3077 return (0); 3078} 3079 3080static int	3063 return (EACCES); 3064 3065 /* XXX: protect the MAC EA in a special way? / 3066* 3067 return (0); 3068} 3069 3070static int
3081mac_biba_vnode_check_setflags(struct ucred cred, struct vnode vp,	3071biba_vnode_check_setflags(struct ucred cred, struct vnode vp,
3082 struct label vplabel, u_long flags) 3083{ 3084* struct mac_biba subj, obj; 3085	3072 struct label vplabel, u_long flags) 3073{ 3074* struct mac_biba subj, obj; 3075
3086 if (!mac_biba_enabled)	3076 if (!biba_enabled)
3087 return (0); 3088 3089 subj = SLOT(cred->cr_label); 3090 obj = SLOT(vplabel); 3091	3077 return (0); 3078 3079 subj = SLOT(cred->cr_label); 3080 obj = SLOT(vplabel); 3081
3092 if (!mac_biba_dominate_effective(subj, obj))	3082 if (!biba_dominate_effective(subj, obj))
3093 return (EACCES); 3094 3095 return (0); 3096} 3097 3098static int	3083 return (EACCES); 3084 3085 return (0); 3086} 3087 3088static int
3099mac_biba_vnode_check_setmode(struct ucred cred, struct vnode vp,	3089biba_vnode_check_setmode(struct ucred cred, struct vnode vp,
3100 struct label vplabel, mode_t mode) 3101{ 3102* struct mac_biba subj, obj; 3103	3090 struct label vplabel, mode_t mode) 3091{ 3092* struct mac_biba subj, obj; 3093
3104 if (!mac_biba_enabled)	3094 if (!biba_enabled)
3105 return (0); 3106 3107 subj = SLOT(cred->cr_label); 3108 obj = SLOT(vplabel); 3109	3095 return (0); 3096 3097 subj = SLOT(cred->cr_label); 3098 obj = SLOT(vplabel); 3099
3110 if (!mac_biba_dominate_effective(subj, obj))	3100 if (!biba_dominate_effective(subj, obj))
3111 return (EACCES); 3112 3113 return (0); 3114} 3115 3116static int	3101 return (EACCES); 3102 3103 return (0); 3104} 3105 3106static int
3117mac_biba_vnode_check_setowner(struct ucred cred, struct vnode vp,	3107biba_vnode_check_setowner(struct ucred cred, struct vnode vp,
3118 struct label vplabel, uid_t uid, gid_t gid) 3119{ 3120* struct mac_biba subj, obj; 3121	3108 struct label vplabel, uid_t uid, gid_t gid) 3109{ 3110* struct mac_biba subj, obj; 3111
3122 if (!mac_biba_enabled)	3112 if (!biba_enabled)
3123 return (0); 3124 3125 subj = SLOT(cred->cr_label); 3126 obj = SLOT(vplabel); 3127	3113 return (0); 3114 3115 subj = SLOT(cred->cr_label); 3116 obj = SLOT(vplabel); 3117
3128 if (!mac_biba_dominate_effective(subj, obj))	3118 if (!biba_dominate_effective(subj, obj))
3129 return (EACCES); 3130 3131 return (0); 3132} 3133 3134static int	3119 return (EACCES); 3120 3121 return (0); 3122} 3123 3124static int
3135mac_biba_vnode_check_setutimes(struct ucred cred, struct vnode vp,	3125biba_vnode_check_setutimes(struct ucred cred, struct vnode vp,
3136 struct label vplabel, struct timespec atime, struct timespec mtime) 3137{ 3138* struct mac_biba subj, obj; 3139	3126 struct label vplabel, struct timespec atime, struct timespec mtime) 3127{ 3128* struct mac_biba subj, obj; 3129
3140 if (!mac_biba_enabled)	3130 if (!biba_enabled)
3141 return (0); 3142 3143 subj = SLOT(cred->cr_label); 3144 obj = SLOT(vplabel); 3145	3131 return (0); 3132 3133 subj = SLOT(cred->cr_label); 3134 obj = SLOT(vplabel); 3135
3146 if (!mac_biba_dominate_effective(subj, obj))	3136 if (!biba_dominate_effective(subj, obj))
3147 return (EACCES); 3148 3149 return (0); 3150} 3151 3152static int	3137 return (EACCES); 3138 3139 return (0); 3140} 3141 3142static int
3153mac_biba_vnode_check_stat(struct ucred active_cred, struct ucred file_cred,	3143biba_vnode_check_stat(struct ucred active_cred, struct ucred file_cred,
3154 struct vnode vp, struct label vplabel) 3155{ 3156 struct mac_biba subj, obj; 3157	3144 struct vnode vp, struct label vplabel) 3145{ 3146 struct mac_biba subj, obj; 3147
3158 if (!mac_biba_enabled)	3148 if (!biba_enabled)
3159 return (0); 3160 3161 subj = SLOT(active_cred->cr_label); 3162 obj = SLOT(vplabel); 3163	3149 return (0); 3150 3151 subj = SLOT(active_cred->cr_label); 3152 obj = SLOT(vplabel); 3153
3164 if (!mac_biba_dominate_effective(obj, subj))	3154 if (!biba_dominate_effective(obj, subj))
3165 return (EACCES); 3166 3167 return (0); 3168} 3169 3170static int	3155 return (EACCES); 3156 3157 return (0); 3158} 3159 3160static int
3171mac_biba_vnode_check_unlink(struct ucred cred, struct vnode dvp,	3161biba_vnode_check_unlink(struct ucred cred, struct vnode dvp,
3172 struct label dvplabel, struct vnode vp, struct label vplabel, 3173* struct componentname cnp) 3174{ 3175* struct mac_biba subj, obj; 3176	3162 struct label dvplabel, struct vnode vp, struct label vplabel, 3163* struct componentname cnp) 3164{ 3165* struct mac_biba subj, obj; 3166
3177 if (!mac_biba_enabled)	3167 if (!biba_enabled)
3178 return (0); 3179 3180 subj = SLOT(cred->cr_label); 3181 obj = SLOT(dvplabel); 3182	3168 return (0); 3169 3170 subj = SLOT(cred->cr_label); 3171 obj = SLOT(dvplabel); 3172
3183 if (!mac_biba_dominate_effective(subj, obj))	3173 if (!biba_dominate_effective(subj, obj))
3184 return (EACCES); 3185 3186 obj = SLOT(vplabel); 3187	3174 return (EACCES); 3175 3176 obj = SLOT(vplabel); 3177
3188 if (!mac_biba_dominate_effective(subj, obj))	3178 if (!biba_dominate_effective(subj, obj))
3189 return (EACCES); 3190 3191 return (0); 3192} 3193 3194static int	3179 return (EACCES); 3180 3181 return (0); 3182} 3183 3184static int
3195mac_biba_vnode_check_write(struct ucred *active_cred,	3185biba_vnode_check_write(struct ucred *active_cred,
3196 struct ucred file_cred, struct vnode vp, struct label vplabel) 3197{ 3198* struct mac_biba subj, obj; 3199	3186 struct ucred file_cred, struct vnode vp, struct label vplabel) 3187{ 3188* struct mac_biba subj, obj; 3189
3200 if (!mac_biba_enabled \|\| !revocation_enabled)	3190 if (!biba_enabled \|\| !revocation_enabled)
3201 return (0); 3202 3203 subj = SLOT(active_cred->cr_label); 3204 obj = SLOT(vplabel); 3205	3191 return (0); 3192 3193 subj = SLOT(active_cred->cr_label); 3194 obj = SLOT(vplabel); 3195
3206 if (!mac_biba_dominate_effective(subj, obj))	3196 if (!biba_dominate_effective(subj, obj))
3207 return (EACCES); 3208 3209 return (0); 3210} 3211 3212static void	3197 return (EACCES); 3198 3199 return (0); 3200} 3201 3202static void
3213mac_biba_associate_nfsd_label(struct ucred *cred)	3203biba_associate_nfsd_label(struct ucred *cred)
3214{ 3215 struct mac_biba label; 3216* 3217 label = SLOT(cred->cr_label);	3204{ 3205 struct mac_biba label; 3206* 3207 label = SLOT(cred->cr_label);
3218 mac_biba_set_effective(label, MAC_BIBA_TYPE_LOW, 0, NULL); 3219 mac_biba_set_range(label, MAC_BIBA_TYPE_LOW, 0, NULL, 3220 MAC_BIBA_TYPE_HIGH, 0, NULL);	3208 biba_set_effective(label, MAC_BIBA_TYPE_LOW, 0, NULL); 3209 biba_set_range(label, MAC_BIBA_TYPE_LOW, 0, NULL, MAC_BIBA_TYPE_HIGH, 3210 0, NULL);
3221} 3222 3223static void	3211} 3212 3213static void
3224mac_biba_init_syncache_from_inpcb(struct label label, struct inpcb inp)	3214biba_init_syncache_from_inpcb(struct label label, struct inpcb inp)
3225{ 3226 struct mac_biba source, dest; 3227 3228 source = SLOT(inp->inp_label); 3229 dest = SLOT(label);	3215{ 3216 struct mac_biba source, dest; 3217 3218 source = SLOT(inp->inp_label); 3219 dest = SLOT(label);
3230 mac_biba_copy_effective(source, dest);	3220 biba_copy_effective(source, dest);
3231} 3232 3233static void	3221} 3222 3223static void
3234mac_biba_create_mbuf_from_syncache(struct label sc_label, struct mbuf m,	3224biba_create_mbuf_from_syncache(struct label sc_label, struct mbuf m,
3235 struct label mlabel) 3236{ 3237* struct mac_biba source, dest; 3238 3239 source = SLOT(sc_label); 3240 dest = SLOT(mlabel);	3225 struct label mlabel) 3226{ 3227* struct mac_biba source, dest; 3228 3229 source = SLOT(sc_label); 3230 dest = SLOT(mlabel);
3241 mac_biba_copy_effective(source, dest);	3231 biba_copy_effective(source, dest);
3242} 3243 3244static struct mac_policy_ops mac_biba_ops = 3245{	3232} 3233 3234static struct mac_policy_ops mac_biba_ops = 3235{
3246 .mpo_init = mac_biba_init, 3247 .mpo_bpfdesc_init_label = mac_biba_init_label, 3248 .mpo_cred_init_label = mac_biba_init_label, 3249 .mpo_devfs_init_label = mac_biba_init_label, 3250 .mpo_ifnet_init_label = mac_biba_init_label, 3251 .mpo_inpcb_init_label = mac_biba_init_label_waitcheck, 3252 .mpo_init_syncache_label = mac_biba_init_label_waitcheck, 3253 .mpo_sysvmsg_init_label = mac_biba_init_label, 3254 .mpo_sysvmsq_init_label = mac_biba_init_label, 3255 .mpo_sysvsem_init_label = mac_biba_init_label, 3256 .mpo_sysvshm_init_label = mac_biba_init_label, 3257 .mpo_ipq_init_label = mac_biba_init_label_waitcheck, 3258 .mpo_mbuf_init_label = mac_biba_init_label_waitcheck, 3259 .mpo_mount_init_label = mac_biba_init_label, 3260 .mpo_pipe_init_label = mac_biba_init_label, 3261 .mpo_posixsem_init_label = mac_biba_init_label, 3262 .mpo_socket_init_label = mac_biba_init_label_waitcheck, 3263 .mpo_socketpeer_init_label = mac_biba_init_label_waitcheck, 3264 .mpo_init_syncache_from_inpcb = mac_biba_init_syncache_from_inpcb, 3265 .mpo_vnode_init_label = mac_biba_init_label, 3266 .mpo_bpfdesc_destroy_label = mac_biba_destroy_label, 3267 .mpo_cred_destroy_label = mac_biba_destroy_label, 3268 .mpo_devfs_destroy_label = mac_biba_destroy_label, 3269 .mpo_ifnet_destroy_label = mac_biba_destroy_label, 3270 .mpo_inpcb_destroy_label = mac_biba_destroy_label, 3271 .mpo_destroy_syncache_label = mac_biba_destroy_label, 3272 .mpo_sysvmsg_destroy_label = mac_biba_destroy_label, 3273 .mpo_sysvmsq_destroy_label = mac_biba_destroy_label, 3274 .mpo_sysvsem_destroy_label = mac_biba_destroy_label, 3275 .mpo_sysvshm_destroy_label = mac_biba_destroy_label, 3276 .mpo_ipq_destroy_label = mac_biba_destroy_label, 3277 .mpo_mbuf_destroy_label = mac_biba_destroy_label, 3278 .mpo_mount_destroy_label = mac_biba_destroy_label, 3279 .mpo_pipe_destroy_label = mac_biba_destroy_label, 3280 .mpo_posixsem_destroy_label = mac_biba_destroy_label, 3281 .mpo_socket_destroy_label = mac_biba_destroy_label, 3282 .mpo_socketpeer_destroy_label = mac_biba_destroy_label, 3283 .mpo_vnode_destroy_label = mac_biba_destroy_label, 3284 .mpo_cred_copy_label = mac_biba_copy_label, 3285 .mpo_ifnet_copy_label = mac_biba_copy_label, 3286 .mpo_mbuf_copy_label = mac_biba_copy_label, 3287 .mpo_pipe_copy_label = mac_biba_copy_label, 3288 .mpo_socket_copy_label = mac_biba_copy_label, 3289 .mpo_vnode_copy_label = mac_biba_copy_label, 3290 .mpo_cred_externalize_label = mac_biba_externalize_label, 3291 .mpo_ifnet_externalize_label = mac_biba_externalize_label, 3292 .mpo_pipe_externalize_label = mac_biba_externalize_label, 3293 .mpo_socket_externalize_label = mac_biba_externalize_label, 3294 .mpo_socketpeer_externalize_label = mac_biba_externalize_label, 3295 .mpo_vnode_externalize_label = mac_biba_externalize_label, 3296 .mpo_cred_internalize_label = mac_biba_internalize_label, 3297 .mpo_ifnet_internalize_label = mac_biba_internalize_label, 3298 .mpo_pipe_internalize_label = mac_biba_internalize_label, 3299 .mpo_socket_internalize_label = mac_biba_internalize_label, 3300 .mpo_vnode_internalize_label = mac_biba_internalize_label, 3301 .mpo_devfs_create_device = mac_biba_devfs_create_device, 3302 .mpo_devfs_create_directory = mac_biba_devfs_create_directory, 3303 .mpo_devfs_create_symlink = mac_biba_devfs_create_symlink, 3304 .mpo_mount_create = mac_biba_mount_create, 3305 .mpo_vnode_relabel = mac_biba_vnode_relabel, 3306 .mpo_devfs_update = mac_biba_devfs_update, 3307 .mpo_devfs_vnode_associate = mac_biba_devfs_vnode_associate, 3308 .mpo_vnode_associate_extattr = mac_biba_vnode_associate_extattr, 3309 .mpo_vnode_associate_singlelabel = mac_biba_vnode_associate_singlelabel, 3310 .mpo_vnode_create_extattr = mac_biba_vnode_create_extattr, 3311 .mpo_vnode_setlabel_extattr = mac_biba_vnode_setlabel_extattr, 3312 .mpo_socket_create_mbuf = mac_biba_socket_create_mbuf, 3313 .mpo_create_mbuf_from_syncache = mac_biba_create_mbuf_from_syncache, 3314 .mpo_pipe_create = mac_biba_pipe_create, 3315 .mpo_posixsem_create = mac_biba_posixsem_create, 3316 .mpo_socket_create = mac_biba_socket_create, 3317 .mpo_socket_newconn = mac_biba_socket_newconn, 3318 .mpo_pipe_relabel = mac_biba_pipe_relabel, 3319 .mpo_socket_relabel = mac_biba_socket_relabel, 3320 .mpo_socketpeer_set_from_mbuf = mac_biba_socketpeer_set_from_mbuf, 3321 .mpo_socketpeer_set_from_socket = mac_biba_socketpeer_set_from_socket, 3322 .mpo_bpfdesc_create = mac_biba_bpfdesc_create, 3323 .mpo_ipq_reassemble = mac_biba_ipq_reassemble, 3324 .mpo_netinet_fragment = mac_biba_netinet_fragment, 3325 .mpo_ifnet_create = mac_biba_ifnet_create, 3326 .mpo_inpcb_create = mac_biba_inpcb_create, 3327 .mpo_sysvmsg_create = mac_biba_sysvmsg_create, 3328 .mpo_sysvmsq_create = mac_biba_sysvmsq_create, 3329 .mpo_sysvsem_create = mac_biba_sysvsem_create, 3330 .mpo_sysvshm_create = mac_biba_sysvshm_create, 3331 .mpo_ipq_create = mac_biba_ipq_create, 3332 .mpo_inpcb_create_mbuf = mac_biba_inpcb_create_mbuf, 3333 .mpo_create_mbuf_linklayer = mac_biba_create_mbuf_linklayer, 3334 .mpo_bpfdesc_create_mbuf = mac_biba_bpfdesc_create_mbuf, 3335 .mpo_ifnet_create_mbuf = mac_biba_ifnet_create_mbuf, 3336 .mpo_mbuf_create_multicast_encap = mac_biba_mbuf_create_multicast_encap, 3337 .mpo_mbuf_create_netlayer = mac_biba_mbuf_create_netlayer, 3338 .mpo_ipq_match = mac_biba_ipq_match, 3339 .mpo_ifnet_relabel = mac_biba_ifnet_relabel, 3340 .mpo_ipq_update = mac_biba_ipq_update, 3341 .mpo_inpcb_sosetlabel = mac_biba_inpcb_sosetlabel, 3342 .mpo_proc_create_swapper = mac_biba_proc_create_swapper, 3343 .mpo_proc_create_init = mac_biba_proc_create_init, 3344 .mpo_cred_relabel = mac_biba_cred_relabel, 3345 .mpo_sysvmsg_cleanup = mac_biba_sysvmsg_cleanup, 3346 .mpo_sysvmsq_cleanup = mac_biba_sysvmsq_cleanup, 3347 .mpo_sysvsem_cleanup = mac_biba_sysvsem_cleanup, 3348 .mpo_sysvshm_cleanup = mac_biba_sysvshm_cleanup, 3349 .mpo_bpfdesc_check_receive = mac_biba_bpfdesc_check_receive, 3350 .mpo_cred_check_relabel = mac_biba_cred_check_relabel, 3351 .mpo_cred_check_visible = mac_biba_cred_check_visible, 3352 .mpo_ifnet_check_relabel = mac_biba_ifnet_check_relabel, 3353 .mpo_ifnet_check_transmit = mac_biba_ifnet_check_transmit, 3354 .mpo_inpcb_check_deliver = mac_biba_inpcb_check_deliver, 3355 .mpo_sysvmsq_check_msgrcv = mac_biba_sysvmsq_check_msgrcv, 3356 .mpo_sysvmsq_check_msgrmid = mac_biba_sysvmsq_check_msgrmid, 3357 .mpo_sysvmsq_check_msqget = mac_biba_sysvmsq_check_msqget, 3358 .mpo_sysvmsq_check_msqsnd = mac_biba_sysvmsq_check_msqsnd, 3359 .mpo_sysvmsq_check_msqrcv = mac_biba_sysvmsq_check_msqrcv, 3360 .mpo_sysvmsq_check_msqctl = mac_biba_sysvmsq_check_msqctl, 3361 .mpo_sysvsem_check_semctl = mac_biba_sysvsem_check_semctl, 3362 .mpo_sysvsem_check_semget = mac_biba_sysvsem_check_semget, 3363 .mpo_sysvsem_check_semop = mac_biba_sysvsem_check_semop, 3364 .mpo_sysvshm_check_shmat = mac_biba_sysvshm_check_shmat, 3365 .mpo_sysvshm_check_shmctl = mac_biba_sysvshm_check_shmctl, 3366 .mpo_sysvshm_check_shmget = mac_biba_sysvshm_check_shmget, 3367 .mpo_kld_check_load = mac_biba_kld_check_load, 3368 .mpo_mount_check_stat = mac_biba_mount_check_stat, 3369 .mpo_pipe_check_ioctl = mac_biba_pipe_check_ioctl, 3370 .mpo_pipe_check_poll = mac_biba_pipe_check_poll, 3371 .mpo_pipe_check_read = mac_biba_pipe_check_read, 3372 .mpo_pipe_check_relabel = mac_biba_pipe_check_relabel, 3373 .mpo_pipe_check_stat = mac_biba_pipe_check_stat, 3374 .mpo_pipe_check_write = mac_biba_pipe_check_write, 3375 .mpo_posixsem_check_destroy = mac_biba_posixsem_check_write, 3376 .mpo_posixsem_check_getvalue = mac_biba_posixsem_check_rdonly, 3377 .mpo_posixsem_check_open = mac_biba_posixsem_check_write, 3378 .mpo_posixsem_check_post = mac_biba_posixsem_check_write, 3379 .mpo_posixsem_check_unlink = mac_biba_posixsem_check_write, 3380 .mpo_posixsem_check_wait = mac_biba_posixsem_check_write, 3381 .mpo_proc_check_debug = mac_biba_proc_check_debug, 3382 .mpo_proc_check_sched = mac_biba_proc_check_sched, 3383 .mpo_proc_check_signal = mac_biba_proc_check_signal, 3384 .mpo_socket_check_deliver = mac_biba_socket_check_deliver, 3385 .mpo_socket_check_relabel = mac_biba_socket_check_relabel, 3386 .mpo_socket_check_visible = mac_biba_socket_check_visible, 3387 .mpo_system_check_acct = mac_biba_system_check_acct, 3388 .mpo_system_check_auditctl = mac_biba_system_check_auditctl, 3389 .mpo_system_check_auditon = mac_biba_system_check_auditon, 3390 .mpo_system_check_swapon = mac_biba_system_check_swapon, 3391 .mpo_system_check_swapoff = mac_biba_system_check_swapoff, 3392 .mpo_system_check_sysctl = mac_biba_system_check_sysctl, 3393 .mpo_vnode_check_access = mac_biba_vnode_check_open, 3394 .mpo_vnode_check_chdir = mac_biba_vnode_check_chdir, 3395 .mpo_vnode_check_chroot = mac_biba_vnode_check_chroot, 3396 .mpo_vnode_check_create = mac_biba_vnode_check_create, 3397 .mpo_vnode_check_deleteacl = mac_biba_vnode_check_deleteacl, 3398 .mpo_vnode_check_deleteextattr = mac_biba_vnode_check_deleteextattr, 3399 .mpo_vnode_check_exec = mac_biba_vnode_check_exec, 3400 .mpo_vnode_check_getacl = mac_biba_vnode_check_getacl, 3401 .mpo_vnode_check_getextattr = mac_biba_vnode_check_getextattr, 3402 .mpo_vnode_check_link = mac_biba_vnode_check_link, 3403 .mpo_vnode_check_listextattr = mac_biba_vnode_check_listextattr, 3404 .mpo_vnode_check_lookup = mac_biba_vnode_check_lookup, 3405 .mpo_vnode_check_mmap = mac_biba_vnode_check_mmap, 3406 .mpo_vnode_check_open = mac_biba_vnode_check_open, 3407 .mpo_vnode_check_poll = mac_biba_vnode_check_poll, 3408 .mpo_vnode_check_read = mac_biba_vnode_check_read, 3409 .mpo_vnode_check_readdir = mac_biba_vnode_check_readdir, 3410 .mpo_vnode_check_readlink = mac_biba_vnode_check_readlink, 3411 .mpo_vnode_check_relabel = mac_biba_vnode_check_relabel, 3412 .mpo_vnode_check_rename_from = mac_biba_vnode_check_rename_from, 3413 .mpo_vnode_check_rename_to = mac_biba_vnode_check_rename_to, 3414 .mpo_vnode_check_revoke = mac_biba_vnode_check_revoke, 3415 .mpo_vnode_check_setacl = mac_biba_vnode_check_setacl, 3416 .mpo_vnode_check_setextattr = mac_biba_vnode_check_setextattr, 3417 .mpo_vnode_check_setflags = mac_biba_vnode_check_setflags, 3418 .mpo_vnode_check_setmode = mac_biba_vnode_check_setmode, 3419 .mpo_vnode_check_setowner = mac_biba_vnode_check_setowner, 3420 .mpo_vnode_check_setutimes = mac_biba_vnode_check_setutimes, 3421 .mpo_vnode_check_stat = mac_biba_vnode_check_stat, 3422 .mpo_vnode_check_unlink = mac_biba_vnode_check_unlink, 3423 .mpo_vnode_check_write = mac_biba_vnode_check_write, 3424 .mpo_associate_nfsd_label = mac_biba_associate_nfsd_label, 3425 .mpo_mbuf_create_from_firewall = mac_biba_mbuf_create_from_firewall, 3426 .mpo_priv_check = mac_biba_priv_check,	3236 .mpo_init = biba_init, 3237 .mpo_bpfdesc_init_label = biba_init_label, 3238 .mpo_cred_init_label = biba_init_label, 3239 .mpo_devfs_init_label = biba_init_label, 3240 .mpo_ifnet_init_label = biba_init_label, 3241 .mpo_inpcb_init_label = biba_init_label_waitcheck, 3242 .mpo_init_syncache_label = biba_init_label_waitcheck, 3243 .mpo_sysvmsg_init_label = biba_init_label, 3244 .mpo_sysvmsq_init_label = biba_init_label, 3245 .mpo_sysvsem_init_label = biba_init_label, 3246 .mpo_sysvshm_init_label = biba_init_label, 3247 .mpo_ipq_init_label = biba_init_label_waitcheck, 3248 .mpo_mbuf_init_label = biba_init_label_waitcheck, 3249 .mpo_mount_init_label = biba_init_label, 3250 .mpo_pipe_init_label = biba_init_label, 3251 .mpo_posixsem_init_label = biba_init_label, 3252 .mpo_socket_init_label = biba_init_label_waitcheck, 3253 .mpo_socketpeer_init_label = biba_init_label_waitcheck, 3254 .mpo_init_syncache_from_inpcb = biba_init_syncache_from_inpcb, 3255 .mpo_vnode_init_label = biba_init_label, 3256 .mpo_bpfdesc_destroy_label = biba_destroy_label, 3257 .mpo_cred_destroy_label = biba_destroy_label, 3258 .mpo_devfs_destroy_label = biba_destroy_label, 3259 .mpo_ifnet_destroy_label = biba_destroy_label, 3260 .mpo_inpcb_destroy_label = biba_destroy_label, 3261 .mpo_destroy_syncache_label = biba_destroy_label, 3262 .mpo_sysvmsg_destroy_label = biba_destroy_label, 3263 .mpo_sysvmsq_destroy_label = biba_destroy_label, 3264 .mpo_sysvsem_destroy_label = biba_destroy_label, 3265 .mpo_sysvshm_destroy_label = biba_destroy_label, 3266 .mpo_ipq_destroy_label = biba_destroy_label, 3267 .mpo_mbuf_destroy_label = biba_destroy_label, 3268 .mpo_mount_destroy_label = biba_destroy_label, 3269 .mpo_pipe_destroy_label = biba_destroy_label, 3270 .mpo_posixsem_destroy_label = biba_destroy_label, 3271 .mpo_socket_destroy_label = biba_destroy_label, 3272 .mpo_socketpeer_destroy_label = biba_destroy_label, 3273 .mpo_vnode_destroy_label = biba_destroy_label, 3274 .mpo_cred_copy_label = biba_copy_label, 3275 .mpo_ifnet_copy_label = biba_copy_label, 3276 .mpo_mbuf_copy_label = biba_copy_label, 3277 .mpo_pipe_copy_label = biba_copy_label, 3278 .mpo_socket_copy_label = biba_copy_label, 3279 .mpo_vnode_copy_label = biba_copy_label, 3280 .mpo_cred_externalize_label = biba_externalize_label, 3281 .mpo_ifnet_externalize_label = biba_externalize_label, 3282 .mpo_pipe_externalize_label = biba_externalize_label, 3283 .mpo_socket_externalize_label = biba_externalize_label, 3284 .mpo_socketpeer_externalize_label = biba_externalize_label, 3285 .mpo_vnode_externalize_label = biba_externalize_label, 3286 .mpo_cred_internalize_label = biba_internalize_label, 3287 .mpo_ifnet_internalize_label = biba_internalize_label, 3288 .mpo_pipe_internalize_label = biba_internalize_label, 3289 .mpo_socket_internalize_label = biba_internalize_label, 3290 .mpo_vnode_internalize_label = biba_internalize_label, 3291 .mpo_devfs_create_device = biba_devfs_create_device, 3292 .mpo_devfs_create_directory = biba_devfs_create_directory, 3293 .mpo_devfs_create_symlink = biba_devfs_create_symlink, 3294 .mpo_mount_create = biba_mount_create, 3295 .mpo_vnode_relabel = biba_vnode_relabel, 3296 .mpo_devfs_update = biba_devfs_update, 3297 .mpo_devfs_vnode_associate = biba_devfs_vnode_associate, 3298 .mpo_vnode_associate_extattr = biba_vnode_associate_extattr, 3299 .mpo_vnode_associate_singlelabel = biba_vnode_associate_singlelabel, 3300 .mpo_vnode_create_extattr = biba_vnode_create_extattr, 3301 .mpo_vnode_setlabel_extattr = biba_vnode_setlabel_extattr, 3302 .mpo_socket_create_mbuf = biba_socket_create_mbuf, 3303 .mpo_create_mbuf_from_syncache = biba_create_mbuf_from_syncache, 3304 .mpo_pipe_create = biba_pipe_create, 3305 .mpo_posixsem_create = biba_posixsem_create, 3306 .mpo_socket_create = biba_socket_create, 3307 .mpo_socket_newconn = biba_socket_newconn, 3308 .mpo_pipe_relabel = biba_pipe_relabel, 3309 .mpo_socket_relabel = biba_socket_relabel, 3310 .mpo_socketpeer_set_from_mbuf = biba_socketpeer_set_from_mbuf, 3311 .mpo_socketpeer_set_from_socket = biba_socketpeer_set_from_socket, 3312 .mpo_bpfdesc_create = biba_bpfdesc_create, 3313 .mpo_ipq_reassemble = biba_ipq_reassemble, 3314 .mpo_netinet_fragment = biba_netinet_fragment, 3315 .mpo_ifnet_create = biba_ifnet_create, 3316 .mpo_inpcb_create = biba_inpcb_create, 3317 .mpo_sysvmsg_create = biba_sysvmsg_create, 3318 .mpo_sysvmsq_create = biba_sysvmsq_create, 3319 .mpo_sysvsem_create = biba_sysvsem_create, 3320 .mpo_sysvshm_create = biba_sysvshm_create, 3321 .mpo_ipq_create = biba_ipq_create, 3322 .mpo_inpcb_create_mbuf = biba_inpcb_create_mbuf, 3323 .mpo_create_mbuf_linklayer = biba_create_mbuf_linklayer, 3324 .mpo_bpfdesc_create_mbuf = biba_bpfdesc_create_mbuf, 3325 .mpo_ifnet_create_mbuf = biba_ifnet_create_mbuf, 3326 .mpo_mbuf_create_multicast_encap = biba_mbuf_create_multicast_encap, 3327 .mpo_mbuf_create_netlayer = biba_mbuf_create_netlayer, 3328 .mpo_ipq_match = biba_ipq_match, 3329 .mpo_ifnet_relabel = biba_ifnet_relabel, 3330 .mpo_ipq_update = biba_ipq_update, 3331 .mpo_inpcb_sosetlabel = biba_inpcb_sosetlabel, 3332 .mpo_proc_create_swapper = biba_proc_create_swapper, 3333 .mpo_proc_create_init = biba_proc_create_init, 3334 .mpo_cred_relabel = biba_cred_relabel, 3335 .mpo_sysvmsg_cleanup = biba_sysvmsg_cleanup, 3336 .mpo_sysvmsq_cleanup = biba_sysvmsq_cleanup, 3337 .mpo_sysvsem_cleanup = biba_sysvsem_cleanup, 3338 .mpo_sysvshm_cleanup = biba_sysvshm_cleanup, 3339 .mpo_bpfdesc_check_receive = biba_bpfdesc_check_receive, 3340 .mpo_cred_check_relabel = biba_cred_check_relabel, 3341 .mpo_cred_check_visible = biba_cred_check_visible, 3342 .mpo_ifnet_check_relabel = biba_ifnet_check_relabel, 3343 .mpo_ifnet_check_transmit = biba_ifnet_check_transmit, 3344 .mpo_inpcb_check_deliver = biba_inpcb_check_deliver, 3345 .mpo_sysvmsq_check_msgrcv = biba_sysvmsq_check_msgrcv, 3346 .mpo_sysvmsq_check_msgrmid = biba_sysvmsq_check_msgrmid, 3347 .mpo_sysvmsq_check_msqget = biba_sysvmsq_check_msqget, 3348 .mpo_sysvmsq_check_msqsnd = biba_sysvmsq_check_msqsnd, 3349 .mpo_sysvmsq_check_msqrcv = biba_sysvmsq_check_msqrcv, 3350 .mpo_sysvmsq_check_msqctl = biba_sysvmsq_check_msqctl, 3351 .mpo_sysvsem_check_semctl = biba_sysvsem_check_semctl, 3352 .mpo_sysvsem_check_semget = biba_sysvsem_check_semget, 3353 .mpo_sysvsem_check_semop = biba_sysvsem_check_semop, 3354 .mpo_sysvshm_check_shmat = biba_sysvshm_check_shmat, 3355 .mpo_sysvshm_check_shmctl = biba_sysvshm_check_shmctl, 3356 .mpo_sysvshm_check_shmget = biba_sysvshm_check_shmget, 3357 .mpo_kld_check_load = biba_kld_check_load, 3358 .mpo_mount_check_stat = biba_mount_check_stat, 3359 .mpo_pipe_check_ioctl = biba_pipe_check_ioctl, 3360 .mpo_pipe_check_poll = biba_pipe_check_poll, 3361 .mpo_pipe_check_read = biba_pipe_check_read, 3362 .mpo_pipe_check_relabel = biba_pipe_check_relabel, 3363 .mpo_pipe_check_stat = biba_pipe_check_stat, 3364 .mpo_pipe_check_write = biba_pipe_check_write, 3365 .mpo_posixsem_check_destroy = biba_posixsem_check_write, 3366 .mpo_posixsem_check_getvalue = biba_posixsem_check_rdonly, 3367 .mpo_posixsem_check_open = biba_posixsem_check_write, 3368 .mpo_posixsem_check_post = biba_posixsem_check_write, 3369 .mpo_posixsem_check_unlink = biba_posixsem_check_write, 3370 .mpo_posixsem_check_wait = biba_posixsem_check_write, 3371 .mpo_proc_check_debug = biba_proc_check_debug, 3372 .mpo_proc_check_sched = biba_proc_check_sched, 3373 .mpo_proc_check_signal = biba_proc_check_signal, 3374 .mpo_socket_check_deliver = biba_socket_check_deliver, 3375 .mpo_socket_check_relabel = biba_socket_check_relabel, 3376 .mpo_socket_check_visible = biba_socket_check_visible, 3377 .mpo_system_check_acct = biba_system_check_acct, 3378 .mpo_system_check_auditctl = biba_system_check_auditctl, 3379 .mpo_system_check_auditon = biba_system_check_auditon, 3380 .mpo_system_check_swapon = biba_system_check_swapon, 3381 .mpo_system_check_swapoff = biba_system_check_swapoff, 3382 .mpo_system_check_sysctl = biba_system_check_sysctl, 3383 .mpo_vnode_check_access = biba_vnode_check_open, 3384 .mpo_vnode_check_chdir = biba_vnode_check_chdir, 3385 .mpo_vnode_check_chroot = biba_vnode_check_chroot, 3386 .mpo_vnode_check_create = biba_vnode_check_create, 3387 .mpo_vnode_check_deleteacl = biba_vnode_check_deleteacl, 3388 .mpo_vnode_check_deleteextattr = biba_vnode_check_deleteextattr, 3389 .mpo_vnode_check_exec = biba_vnode_check_exec, 3390 .mpo_vnode_check_getacl = biba_vnode_check_getacl, 3391 .mpo_vnode_check_getextattr = biba_vnode_check_getextattr, 3392 .mpo_vnode_check_link = biba_vnode_check_link, 3393 .mpo_vnode_check_listextattr = biba_vnode_check_listextattr, 3394 .mpo_vnode_check_lookup = biba_vnode_check_lookup, 3395 .mpo_vnode_check_mmap = biba_vnode_check_mmap, 3396 .mpo_vnode_check_open = biba_vnode_check_open, 3397 .mpo_vnode_check_poll = biba_vnode_check_poll, 3398 .mpo_vnode_check_read = biba_vnode_check_read, 3399 .mpo_vnode_check_readdir = biba_vnode_check_readdir, 3400 .mpo_vnode_check_readlink = biba_vnode_check_readlink, 3401 .mpo_vnode_check_relabel = biba_vnode_check_relabel, 3402 .mpo_vnode_check_rename_from = biba_vnode_check_rename_from, 3403 .mpo_vnode_check_rename_to = biba_vnode_check_rename_to, 3404 .mpo_vnode_check_revoke = biba_vnode_check_revoke, 3405 .mpo_vnode_check_setacl = biba_vnode_check_setacl, 3406 .mpo_vnode_check_setextattr = biba_vnode_check_setextattr, 3407 .mpo_vnode_check_setflags = biba_vnode_check_setflags, 3408 .mpo_vnode_check_setmode = biba_vnode_check_setmode, 3409 .mpo_vnode_check_setowner = biba_vnode_check_setowner, 3410 .mpo_vnode_check_setutimes = biba_vnode_check_setutimes, 3411 .mpo_vnode_check_stat = biba_vnode_check_stat, 3412 .mpo_vnode_check_unlink = biba_vnode_check_unlink, 3413 .mpo_vnode_check_write = biba_vnode_check_write, 3414 .mpo_associate_nfsd_label = biba_associate_nfsd_label, 3415 .mpo_mbuf_create_from_firewall = biba_mbuf_create_from_firewall, 3416 .mpo_priv_check = biba_priv_check,
3427}; 3428 3429MAC_POLICY_SET(&mac_biba_ops, mac_biba, "TrustedBSD MAC/Biba",	3417}; 3418 3419MAC_POLICY_SET(&mac_biba_ops, mac_biba, "TrustedBSD MAC/Biba",
3430 MPC_LOADTIME_FLAG_NOTLATE \| MPC_LOADTIME_FLAG_LABELMBUFS, &mac_biba_slot);	3420 MPC_LOADTIME_FLAG_NOTLATE \| MPC_LOADTIME_FLAG_LABELMBUFS, &biba_slot);