mac_system.c revision 168955
11541Srgrimes/*- 21541Srgrimes * Copyright (c) 2002-2003 Networks Associates Technology, Inc. 31541Srgrimes * Copyright (c) 2007 Robert N. M. Watson 41541Srgrimes * All rights reserved. 51541Srgrimes * 61541Srgrimes * This software was developed for the FreeBSD Project in part by Network 71541Srgrimes * Associates Laboratories, the Security Research Division of Network 81541Srgrimes * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 91541Srgrimes * as part of the DARPA CHATS research program. 101541Srgrimes * 111541Srgrimes * Portions of this software were developed by Robert Watson for the 121541Srgrimes * TrustedBSD Project. 131541Srgrimes * 141541Srgrimes * Redistribution and use in source and binary forms, with or without 151541Srgrimes * modification, are permitted provided that the following conditions 161541Srgrimes * are met: 171541Srgrimes * 1. Redistributions of source code must retain the above copyright 181541Srgrimes * notice, this list of conditions and the following disclaimer. 191541Srgrimes * 2. Redistributions in binary form must reproduce the above copyright 201541Srgrimes * notice, this list of conditions and the following disclaimer in the 211541Srgrimes * documentation and/or other materials provided with the distribution. 221541Srgrimes * 231541Srgrimes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 241541Srgrimes * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 251541Srgrimes * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 261541Srgrimes * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 271541Srgrimes * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 281541Srgrimes * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 291541Srgrimes * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 301541Srgrimes * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 311541Srgrimes * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 321541Srgrimes * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 331541Srgrimes * SUCH DAMAGE. 3412221Sbde */ 351541Srgrimes 361541Srgrimes/* 371541Srgrimes * MAC Framework entry points relating to overall operation of system, 381541Srgrimes * including global services such as the kernel environment and loadable 3912221Sbde * modules. 401541Srgrimes * 411541Srgrimes * System checks often align with existing privilege checks, but provide 427090Sbde * additional security context that may be relevant to policies, such as the 437090Sbde * specific object being operated on. 441541Srgrimes */ 457090Sbde 461541Srgrimes#include <sys/cdefs.h> 471541Srgrimes__FBSDID("$FreeBSD: head/sys/security/mac/mac_system.c 168955 2007-04-22 19:55:56Z rwatson $"); 481541Srgrimes 491541Srgrimes#include "opt_mac.h" 501541Srgrimes 511541Srgrimes#include <sys/param.h> 5210653Sdg#include <sys/kernel.h> 5310358Sjulian#include <sys/lock.h> 5410358Sjulian#include <sys/malloc.h> 551541Srgrimes#include <sys/module.h> 561541Srgrimes#include <sys/mutex.h> 576009Sbde#include <sys/systm.h> 581541Srgrimes#include <sys/vnode.h> 591541Srgrimes#include <sys/sysctl.h> 6010407Sbde 6110407Sbde#include <security/mac/mac_framework.h> 6210653Sdg#include <security/mac/mac_internal.h> 631541Srgrimes#include <security/mac/mac_policy.h> 641541Srgrimes 651541Srgrimesint 661541Srgrimesmac_check_kenv_dump(struct ucred *cred) 671541Srgrimes{ 681541Srgrimes int error; 691541Srgrimes 706009Sbde MAC_CHECK(check_kenv_dump, cred); 711541Srgrimes 721541Srgrimes return (error); 731541Srgrimes} 741541Srgrimes 751541Srgrimesint 761541Srgrimesmac_check_kenv_get(struct ucred *cred, char *name) 771541Srgrimes{ 781541Srgrimes int error; 791541Srgrimes 801541Srgrimes MAC_CHECK(check_kenv_get, cred, name); 811541Srgrimes 821541Srgrimes return (error); 831541Srgrimes} 841541Srgrimes 851541Srgrimesint 861541Srgrimesmac_check_kenv_set(struct ucred *cred, char *name, char *value) 871541Srgrimes{ 881541Srgrimes int error; 891541Srgrimes 901541Srgrimes MAC_CHECK(check_kenv_set, cred, name, value); 911541Srgrimes 921541Srgrimes return (error); 931541Srgrimes} 941541Srgrimes 951541Srgrimesint 961541Srgrimesmac_check_kenv_unset(struct ucred *cred, char *name) 971541Srgrimes{ 981541Srgrimes int error; 991541Srgrimes 1001541Srgrimes MAC_CHECK(check_kenv_unset, cred, name); 1012956Sbde 1022956Sbde return (error); 1031541Srgrimes} 1041541Srgrimes 1051541Srgrimesint 1061541Srgrimesmac_check_kld_load(struct ucred *cred, struct vnode *vp) 1071541Srgrimes{ 1081541Srgrimes int error; 1091541Srgrimes 1101541Srgrimes ASSERT_VOP_LOCKED(vp, "mac_check_kld_load"); 1111541Srgrimes 1121541Srgrimes MAC_CHECK(check_kld_load, cred, vp, vp->v_label); 1131541Srgrimes 1141541Srgrimes return (error); 1151541Srgrimes} 1161541Srgrimes 1171541Srgrimesint 1181541Srgrimesmac_check_kld_stat(struct ucred *cred) 1191541Srgrimes{ 1201541Srgrimes int error; 1211541Srgrimes 1221541Srgrimes MAC_CHECK(check_kld_stat, cred); 1231541Srgrimes 1241541Srgrimes return (error); 1251541Srgrimes} 1261541Srgrimes 1271541Srgrimesint 1281541Srgrimesmac_check_system_acct(struct ucred *cred, struct vnode *vp) 1291541Srgrimes{ 1301541Srgrimes int error; 1311541Srgrimes 1321541Srgrimes if (vp != NULL) { 1331541Srgrimes ASSERT_VOP_LOCKED(vp, "mac_check_system_acct"); 1341541Srgrimes } 1351541Srgrimes 1361541Srgrimes MAC_CHECK(check_system_acct, cred, vp, 1371541Srgrimes vp != NULL ? vp->v_label : NULL); 1381541Srgrimes 1391541Srgrimes return (error); 1401541Srgrimes} 1411541Srgrimes 1421541Srgrimesint 1431541Srgrimesmac_check_system_reboot(struct ucred *cred, int howto) 1441541Srgrimes{ 1451541Srgrimes int error; 1461541Srgrimes 1471541Srgrimes MAC_CHECK(check_system_reboot, cred, howto); 1481541Srgrimes 1491541Srgrimes return (error); 1501541Srgrimes} 15112221Sbde 1521541Srgrimesint 1531541Srgrimesmac_check_system_swapon(struct ucred *cred, struct vnode *vp) 1541541Srgrimes{ 1551541Srgrimes int error; 1561541Srgrimes 1571541Srgrimes ASSERT_VOP_LOCKED(vp, "mac_check_system_swapon"); 15812221Sbde 1591541Srgrimes MAC_CHECK(check_system_swapon, cred, vp, vp->v_label); 1601549Srgrimes return (error); 1611541Srgrimes} 1621541Srgrimes 1631541Srgrimesint 1641541Srgrimesmac_check_system_swapoff(struct ucred *cred, struct vnode *vp) 1651541Srgrimes{ 1661541Srgrimes int error; 1671541Srgrimes 1681541Srgrimes ASSERT_VOP_LOCKED(vp, "mac_check_system_swapoff"); 1691541Srgrimes 1701541Srgrimes MAC_CHECK(check_system_swapoff, cred, vp, vp->v_label); 1711541Srgrimes return (error); 1721541Srgrimes} 1731541Srgrimes 1741541Srgrimesint 1751541Srgrimesmac_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp, 1761541Srgrimes void *arg1, int arg2, struct sysctl_req *req) 1771541Srgrimes{ 1781541Srgrimes int error; 1791541Srgrimes 1801541Srgrimes /* 1811541Srgrimes * XXXMAC: We would very much like to assert the SYSCTL_LOCK here, 1821541Srgrimes * but since it's not exported from kern_sysctl.c, we can't. 1831541Srgrimes */ 1841541Srgrimes MAC_CHECK(check_system_sysctl, cred, oidp, arg1, arg2, req); 1851541Srgrimes 1861541Srgrimes return (error); 1871541Srgrimes} 1881541Srgrimes