Cross Reference: /freebsd-10.2-release/sys/security/mac/mac

Deleted Added

sdiff udiff text old ( 104541 ) new ( 104546 )

full compact

mac_framework.c (104541)	mac_framework.c (104546)
1/- 2 Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 22 unchanged lines hidden (view full) --- 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 *	1/- 2 Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 22 unchanged lines hidden (view full) --- 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 *
39 * $FreeBSD: head/sys/security/mac/mac_framework.c 104541 2002-10-05 21:23:47Z rwatson $	39 * $FreeBSD: head/sys/security/mac/mac_framework.c 104546 2002-10-06 02:46:26Z rwatson $
40 / 41/ 42 * Developed by the TrustedBSD Project. 43 * 44 * Framework for extensible kernel access control. Kernel and userland 45 * interface to the framework, policy registration and composition. 46 / 47 --- 163 unchanged lines hidden* (view full) --- 211#endif 212 213static int error_select(int error1, int error2); 214static int mac_externalize(struct label label, struct mac mac); 215static int mac_policy_register(struct mac_policy_conf mpc); 216static int mac_policy_unregister(struct mac_policy_conf mpc); 217 218static int mac_stdcreatevnode_ea(struct vnode *vp);	40 / 41/ 42 * Developed by the TrustedBSD Project. 43 * 44 * Framework for extensible kernel access control. Kernel and userland 45 * interface to the framework, policy registration and composition. 46 / 47 --- 163 unchanged lines hidden* (view full) --- 211#endif 212 213static int error_select(int error1, int error2); 214static int mac_externalize(struct label label, struct mac mac); 215static int mac_policy_register(struct mac_policy_conf mpc); 216static int mac_policy_unregister(struct mac_policy_conf mpc); 217 218static int mac_stdcreatevnode_ea(struct vnode *vp);
219static void mac_cred_mmapped_drop_perms(struct thread td, 220* struct ucred *cred);	219static void mac_check_vnode_mmap_downgrade(struct ucred cred, 220* struct vnode vp, int prot);
221static void mac_cred_mmapped_drop_perms_recurse(struct thread td, 222* struct ucred cred, struct vm_map map); 223 224static void mac_destroy_socket_label(struct label label); 225* 226MALLOC_DEFINE(M_MACOPVEC, "macopvec", "MAC policy operation vector"); 227MALLOC_DEFINE(M_MACPIPELABEL, "macpipelabel", "MAC labels for pipes"); 228 --- 579 unchanged lines hidden (view full) --- 808 case MAC_CHECK_VNODE_LINK: 809 mpc->mpc_ops->mpo_check_vnode_link = 810 mpe->mpe_function; 811 break; 812 case MAC_CHECK_VNODE_LOOKUP: 813 mpc->mpc_ops->mpo_check_vnode_lookup = 814 mpe->mpe_function; 815 break;	221static void mac_cred_mmapped_drop_perms_recurse(struct thread td, 222* struct ucred cred, struct vm_map map); 223 224static void mac_destroy_socket_label(struct label label); 225* 226MALLOC_DEFINE(M_MACOPVEC, "macopvec", "MAC policy operation vector"); 227MALLOC_DEFINE(M_MACPIPELABEL, "macpipelabel", "MAC labels for pipes"); 228 --- 579 unchanged lines hidden (view full) --- 808 case MAC_CHECK_VNODE_LINK: 809 mpc->mpc_ops->mpo_check_vnode_link = 810 mpe->mpe_function; 811 break; 812 case MAC_CHECK_VNODE_LOOKUP: 813 mpc->mpc_ops->mpo_check_vnode_lookup = 814 mpe->mpe_function; 815 break;
816 case MAC_CHECK_VNODE_MMAP_PERMS: 817 mpc->mpc_ops->mpo_check_vnode_mmap_perms =	816 case MAC_CHECK_VNODE_MMAP: 817 mpc->mpc_ops->mpo_check_vnode_mmap =
818 mpe->mpe_function; 819 break;	818 mpe->mpe_function; 819 break;
	820 case MAC_CHECK_VNODE_MMAP_DOWNGRADE: 821 mpc->mpc_ops->mpo_check_vnode_mmap_downgrade = 822 mpe->mpe_function; 823 break; 824 case MAC_CHECK_VNODE_MPROTECT: 825 mpc->mpc_ops->mpo_check_vnode_mprotect = 826 mpe->mpe_function; 827 break;
820 case MAC_CHECK_VNODE_OPEN: 821 mpc->mpc_ops->mpo_check_vnode_open = 822 mpe->mpe_function; 823 break; 824 case MAC_CHECK_VNODE_POLL: 825 mpc->mpc_ops->mpo_check_vnode_poll = 826 mpe->mpe_function; 827 break; --- 1107 unchanged lines hidden (view full) --- 1935 error = vn_refreshlabel(dvp, cred); 1936 if (error) 1937 return (error); 1938 1939 MAC_CHECK(check_vnode_lookup, cred, dvp, &dvp->v_label, cnp); 1940 return (error); 1941} 1942	828 case MAC_CHECK_VNODE_OPEN: 829 mpc->mpc_ops->mpo_check_vnode_open = 830 mpe->mpe_function; 831 break; 832 case MAC_CHECK_VNODE_POLL: 833 mpc->mpc_ops->mpo_check_vnode_poll = 834 mpe->mpe_function; 835 break; --- 1107 unchanged lines hidden (view full) --- 1943 error = vn_refreshlabel(dvp, cred); 1944 if (error) 1945 return (error); 1946 1947 MAC_CHECK(check_vnode_lookup, cred, dvp, &dvp->v_label, cnp); 1948 return (error); 1949} 1950
1943vm_prot_t 1944mac_check_vnode_mmap_prot(struct ucred cred, struct vnode vp, int newmapping)	1951int 1952mac_check_vnode_mmap(struct ucred cred, struct vnode vp, int prot)
1945{	1953{
1946 vm_prot_t result = VM_PROT_ALL;	1954 int error;
1947	1955
1948 if (!mac_enforce_vm) 1949 return (result);	1956 ASSERT_VOP_LOCKED(vp, "mac_check_vnode_mmap");
1950	1957
1951 /* 1952 * This should be some sort of MAC_BITWISE, maybe :) 1953 / 1954* ASSERT_VOP_LOCKED(vp, "mac_check_vnode_mmap_perms"); 1955 MAC_BOOLEAN(check_vnode_mmap_perms, &, cred, vp, &vp->v_label, 1956 newmapping); 1957 return (result);	1958 if (!mac_enforce_fs \|\| !mac_enforce_vm) 1959 return (0); 1960 1961 error = vn_refreshlabel(vp, cred); 1962 if (error) 1963 return (error); 1964 1965 MAC_CHECK(check_vnode_mmap, cred, vp, &vp->v_label, prot); 1966 return (error);
1958} 1959	1967} 1968
	1969void 1970mac_check_vnode_mmap_downgrade(struct ucred cred, struct vnode vp, int prot) 1971{ 1972* int result = prot; 1973* 1974 ASSERT_VOP_LOCKED(vp, "mac_check_vnode_mmap_downgrade"); 1975 1976 if (!mac_enforce_fs \|\| !mac_enforce_vm) 1977 return; 1978 1979 MAC_PERFORM(check_vnode_mmap_downgrade, cred, vp, &vp->v_label, 1980 &result); 1981 1982 prot = result; 1983} 1984*
1960int	1985int
	1986mac_check_vnode_mprotect(struct ucred cred, struct vnode vp, int prot) 1987{ 1988 int error; 1989 1990 ASSERT_VOP_LOCKED(vp, "mac_check_vnode_mprotect"); 1991 1992 if (!mac_enforce_fs \|\| !mac_enforce_vm) 1993 return (0); 1994 1995 error = vn_refreshlabel(vp, cred); 1996 if (error) 1997 return (error); 1998 1999 MAC_CHECK(check_vnode_mprotect, cred, vp, &vp->v_label, prot); 2000 return (error); 2001} 2002 2003int
1961mac_check_vnode_open(struct ucred cred, struct vnode vp, mode_t acc_mode) 1962{ 1963 int error; 1964 1965 ASSERT_VOP_LOCKED(vp, "mac_check_vnode_open"); 1966 1967 if (!mac_enforce_fs) 1968 return (0); --- 363 unchanged lines hidden (view full) --- 2332 } 2333} 2334 2335static void 2336mac_cred_mmapped_drop_perms_recurse(struct thread td, struct ucred cred, 2337 struct vm_map map) 2338{ 2339* struct vm_map_entry *vme;	2004mac_check_vnode_open(struct ucred cred, struct vnode vp, mode_t acc_mode) 2005{ 2006 int error; 2007 2008 ASSERT_VOP_LOCKED(vp, "mac_check_vnode_open"); 2009 2010 if (!mac_enforce_fs) 2011 return (0); --- 363 unchanged lines hidden (view full) --- 2375 } 2376} 2377 2378static void 2379mac_cred_mmapped_drop_perms_recurse(struct thread td, struct ucred cred, 2380 struct vm_map map) 2381{ 2382* struct vm_map_entry *vme;
2340 vm_prot_t result, revokeperms;	2383 int result; 2384 vm_prot_t revokeperms;
2341 vm_object_t object; 2342 vm_ooffset_t offset; 2343 struct vnode vp; 2344* 2345 if (!mac_mmap_revocation) 2346 return; 2347 2348 vm_map_lock_read(map); --- 24 unchanged lines hidden (view full) --- 2373 * At the moment, vm_maps and objects aren't considered 2374 * by the MAC system, so only things with backing by a 2375 * normal object (read: vnodes) are checked. 2376 / 2377* if (object->type != OBJT_VNODE) 2378 continue; 2379 vp = (struct vnode )object->handle; 2380* vn_lock(vp, LK_EXCLUSIVE \| LK_RETRY, td);	2385 vm_object_t object; 2386 vm_ooffset_t offset; 2387 struct vnode vp; 2388* 2389 if (!mac_mmap_revocation) 2390 return; 2391 2392 vm_map_lock_read(map); --- 24 unchanged lines hidden (view full) --- 2417 * At the moment, vm_maps and objects aren't considered 2418 * by the MAC system, so only things with backing by a 2419 * normal object (read: vnodes) are checked. 2420 / 2421* if (object->type != OBJT_VNODE) 2422 continue; 2423 vp = (struct vnode )object->handle; 2424* vn_lock(vp, LK_EXCLUSIVE \| LK_RETRY, td);
2381 result = mac_check_vnode_mmap_prot(cred, vp, 0);	2425 result = vme->max_protection; 2426 mac_check_vnode_mmap_downgrade(cred, vp, &result);
2382 VOP_UNLOCK(vp, 0, td); 2383 /* 2384 * Find out what maximum protection we may be allowing 2385 * now but a policy needs to get removed. 2386 / 2387* revokeperms = vme->max_protection & ~result; 2388 if (!revokeperms) 2389 continue; --- 1142 unchanged lines hidden ---	2427 VOP_UNLOCK(vp, 0, td); 2428 /* 2429 * Find out what maximum protection we may be allowing 2430 * now but a policy needs to get removed. 2431 / 2432* revokeperms = vme->max_protection & ~result; 2433 if (!revokeperms) 2434 continue; --- 1142 unchanged lines hidden ---