1/*-
2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
3 * Copyright (c) 2001 Ilmar S. Habibulin
4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc.
5 * All rights reserved.
6 *
7 * This software was developed by Robert Watson and Ilmar Habibulin for the
8 * TrustedBSD Project.
--- 22 unchanged lines hidden (view full) ---
31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * SUCH DAMAGE.
38 *
39 * $FreeBSD: head/sys/security/mac/mac_system.c 102103 2002-08-19 15:30:30Z rwatson $
40 */
41/*
42 * Developed by the TrustedBSD Project.
43 *
44 * Framework for extensible kernel access control. Kernel and userland
45 * interface to the framework, policy registration and composition.
46 */
47
--- 702 unchanged lines hidden (view full) ---
750 case MAC_CHECK_VNODE_LOOKUP:
751 mpc->mpc_ops->mpo_check_vnode_lookup =
752 mpe->mpe_function;
753 break;
754 case MAC_CHECK_VNODE_MMAP_PERMS:
755 mpc->mpc_ops->mpo_check_vnode_mmap_perms =
756 mpe->mpe_function;
757 break;
758 case MAC_CHECK_VNODE_OP:
759 mpc->mpc_ops->mpo_check_vnode_op =
760 mpe->mpe_function;
761 break;
762 case MAC_CHECK_VNODE_OPEN:
763 mpc->mpc_ops->mpo_check_vnode_open =
764 mpe->mpe_function;
765 break;
766 case MAC_CHECK_VNODE_READDIR:
767 mpc->mpc_ops->mpo_check_vnode_readdir =
768 mpe->mpe_function;
769 break;
770 case MAC_CHECK_VNODE_READLINK:
771 mpc->mpc_ops->mpo_check_vnode_readlink =
772 mpe->mpe_function;
773 break;
--- 36 unchanged lines hidden (view full) ---
810 case MAC_CHECK_VNODE_SETUTIMES:
811 mpc->mpc_ops->mpo_check_vnode_setutimes =
812 mpe->mpe_function;
813 break;
814 case MAC_CHECK_VNODE_STAT:
815 mpc->mpc_ops->mpo_check_vnode_stat =
816 mpe->mpe_function;
817 break;
818/*
819 default:
820 printf("MAC policy `%s': unknown operation %d\n",
821 mpc->mpc_name, mpe->mpe_constant);
822 return (EINVAL);
823*/
824 }
825 }
--- 931 unchanged lines hidden (view full) ---
1757 */
1758 ASSERT_VOP_LOCKED(vp, "mac_check_vnode_mmap_perms");
1759 MAC_BOOLEAN(check_vnode_mmap_perms, &, cred, vp, &vp->v_label,
1760 newmapping);
1761 return (result);
1762}
1763
1764int
1765mac_check_vnode_op(struct ucred *cred, struct vnode *vp, int op)
1766{
1767 int error;
1768
1769 if (!mac_enforce_fs)
1770 return (0);
1771
1772 ASSERT_VOP_LOCKED(vp, "mac_check_vnode_op");
1773
1774 error = vn_refreshlabel(vp, cred);
1775 if (error)
1776 return (error);
1777
1778 MAC_CHECK(check_vnode_op, cred, vp, &vp->v_label, op);
1779
1780 return (error);
1781}
1782
1783int
1784mac_check_vnode_open(struct ucred *cred, struct vnode *vp, mode_t acc_mode)
1785{
1786 int error;
1787
1788 ASSERT_VOP_LOCKED(vp, "mac_check_vnode_open");
1789
1790 if (!mac_enforce_fs)
1791 return (0);
1792
1793 error = vn_refreshlabel(vp, cred);
1794 if (error)
1795 return (error);
1796
1797 MAC_CHECK(check_vnode_open, cred, vp, &vp->v_label, acc_mode);
1798 return (error);
1799}
1800
1801int
1802mac_check_vnode_readdir(struct ucred *cred, struct vnode *dvp)
1803{
1804 int error;
1805
--- 239 unchanged lines hidden (view full) ---
2045 error = vn_refreshlabel(vp, cred);
2046 if (error)
2047 return (error);
2048
2049 MAC_CHECK(check_vnode_stat, cred, vp, &vp->v_label);
2050 return (error);
2051}
2052
2053/*
2054 * When relabeling a process, call out to the policies for the maximum
2055 * permission allowed for each object type we know about in its
2056 * memory space, and revoke access (in the least surprising ways we
2057 * know) when necessary. The process lock is not held here.
2058 */
2059static void
2060mac_cred_mmapped_drop_perms(struct thread *td, struct ucred *cred)
--- 1114 unchanged lines hidden ---
2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
3 * Copyright (c) 2001 Ilmar S. Habibulin
4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc.
5 * All rights reserved.
6 *
7 * This software was developed by Robert Watson and Ilmar Habibulin for the
8 * TrustedBSD Project.
--- 22 unchanged lines hidden (view full) ---
31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * SUCH DAMAGE.
38 *
39 * $FreeBSD: head/sys/security/mac/mac_system.c 102103 2002-08-19 15:30:30Z rwatson $
40 */
41/*
42 * Developed by the TrustedBSD Project.
43 *
44 * Framework for extensible kernel access control. Kernel and userland
45 * interface to the framework, policy registration and composition.
46 */
47
--- 702 unchanged lines hidden (view full) ---
750 case MAC_CHECK_VNODE_LOOKUP:
751 mpc->mpc_ops->mpo_check_vnode_lookup =
752 mpe->mpe_function;
753 break;
754 case MAC_CHECK_VNODE_MMAP_PERMS:
755 mpc->mpc_ops->mpo_check_vnode_mmap_perms =
756 mpe->mpe_function;
757 break;
758 case MAC_CHECK_VNODE_OP:
759 mpc->mpc_ops->mpo_check_vnode_op =
760 mpe->mpe_function;
761 break;
762 case MAC_CHECK_VNODE_OPEN:
763 mpc->mpc_ops->mpo_check_vnode_open =
764 mpe->mpe_function;
765 break;
766 case MAC_CHECK_VNODE_READDIR:
767 mpc->mpc_ops->mpo_check_vnode_readdir =
768 mpe->mpe_function;
769 break;
770 case MAC_CHECK_VNODE_READLINK:
771 mpc->mpc_ops->mpo_check_vnode_readlink =
772 mpe->mpe_function;
773 break;
--- 36 unchanged lines hidden (view full) ---
810 case MAC_CHECK_VNODE_SETUTIMES:
811 mpc->mpc_ops->mpo_check_vnode_setutimes =
812 mpe->mpe_function;
813 break;
814 case MAC_CHECK_VNODE_STAT:
815 mpc->mpc_ops->mpo_check_vnode_stat =
816 mpe->mpe_function;
817 break;
818/*
819 default:
820 printf("MAC policy `%s': unknown operation %d\n",
821 mpc->mpc_name, mpe->mpe_constant);
822 return (EINVAL);
823*/
824 }
825 }
--- 931 unchanged lines hidden (view full) ---
1757 */
1758 ASSERT_VOP_LOCKED(vp, "mac_check_vnode_mmap_perms");
1759 MAC_BOOLEAN(check_vnode_mmap_perms, &, cred, vp, &vp->v_label,
1760 newmapping);
1761 return (result);
1762}
1763
1764int
1765mac_check_vnode_op(struct ucred *cred, struct vnode *vp, int op)
1766{
1767 int error;
1768
1769 if (!mac_enforce_fs)
1770 return (0);
1771
1772 ASSERT_VOP_LOCKED(vp, "mac_check_vnode_op");
1773
1774 error = vn_refreshlabel(vp, cred);
1775 if (error)
1776 return (error);
1777
1778 MAC_CHECK(check_vnode_op, cred, vp, &vp->v_label, op);
1779
1780 return (error);
1781}
1782
1783int
1784mac_check_vnode_open(struct ucred *cred, struct vnode *vp, mode_t acc_mode)
1785{
1786 int error;
1787
1788 ASSERT_VOP_LOCKED(vp, "mac_check_vnode_open");
1789
1790 if (!mac_enforce_fs)
1791 return (0);
1792
1793 error = vn_refreshlabel(vp, cred);
1794 if (error)
1795 return (error);
1796
1797 MAC_CHECK(check_vnode_open, cred, vp, &vp->v_label, acc_mode);
1798 return (error);
1799}
1800
1801int
1802mac_check_vnode_readdir(struct ucred *cred, struct vnode *dvp)
1803{
1804 int error;
1805
--- 239 unchanged lines hidden (view full) ---
2045 error = vn_refreshlabel(vp, cred);
2046 if (error)
2047 return (error);
2048
2049 MAC_CHECK(check_vnode_stat, cred, vp, &vp->v_label);
2050 return (error);
2051}
2052
2053/*
2054 * When relabeling a process, call out to the policies for the maximum
2055 * permission allowed for each object type we know about in its
2056 * memory space, and revoke access (in the least surprising ways we
2057 * know) when necessary. The process lock is not held here.
2058 */
2059static void
2060mac_cred_mmapped_drop_perms(struct thread *td, struct ucred *cred)
--- 1114 unchanged lines hidden ---