mac_system.c revision 168955 
11541Srgrimes/*-
21541Srgrimes * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
31541Srgrimes * Copyright (c) 2007 Robert N. M. Watson
41541Srgrimes * All rights reserved.
51541Srgrimes *
61541Srgrimes * This software was developed for the FreeBSD Project in part by Network
71541Srgrimes * Associates Laboratories, the Security Research Division of Network
81541Srgrimes * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
91541Srgrimes * as part of the DARPA CHATS research program.
101541Srgrimes *
111541Srgrimes * Portions of this software were developed by Robert Watson for the
121541Srgrimes * TrustedBSD Project.
131541Srgrimes *
141541Srgrimes * Redistribution and use in source and binary forms, with or without
151541Srgrimes * modification, are permitted provided that the following conditions
161541Srgrimes * are met:
171541Srgrimes * 1. Redistributions of source code must retain the above copyright
181541Srgrimes *    notice, this list of conditions and the following disclaimer.
191541Srgrimes * 2. Redistributions in binary form must reproduce the above copyright
201541Srgrimes *    notice, this list of conditions and the following disclaimer in the
211541Srgrimes *    documentation and/or other materials provided with the distribution.
221541Srgrimes *
231541Srgrimes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
241541Srgrimes * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
251541Srgrimes * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
261541Srgrimes * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
271541Srgrimes * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
281541Srgrimes * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
291541Srgrimes * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
301541Srgrimes * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
311541Srgrimes * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
321541Srgrimes * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
331541Srgrimes * SUCH DAMAGE.
3412221Sbde */
351541Srgrimes
361541Srgrimes/*
371541Srgrimes * MAC Framework entry points relating to overall operation of system,
381541Srgrimes * including global services such as the kernel environment and loadable
3912221Sbde * modules.
401541Srgrimes *
411541Srgrimes * System checks often align with existing privilege checks, but provide
427090Sbde * additional security context that may be relevant to policies, such as the
437090Sbde * specific object being operated on.
441541Srgrimes */
457090Sbde
461541Srgrimes#include <sys/cdefs.h>
471541Srgrimes__FBSDID("$FreeBSD: head/sys/security/mac/mac_system.c 168955 2007-04-22 19:55:56Z rwatson $");
481541Srgrimes
491541Srgrimes#include "opt_mac.h"
501541Srgrimes
511541Srgrimes#include <sys/param.h>
5210653Sdg#include <sys/kernel.h>
5310358Sjulian#include <sys/lock.h>
5410358Sjulian#include <sys/malloc.h>
551541Srgrimes#include <sys/module.h>
561541Srgrimes#include <sys/mutex.h>
576009Sbde#include <sys/systm.h>
581541Srgrimes#include <sys/vnode.h>
591541Srgrimes#include <sys/sysctl.h>
6010407Sbde
6110407Sbde#include <security/mac/mac_framework.h>
6210653Sdg#include <security/mac/mac_internal.h>
631541Srgrimes#include <security/mac/mac_policy.h>
641541Srgrimes
651541Srgrimesint
661541Srgrimesmac_check_kenv_dump(struct ucred *cred)
671541Srgrimes{
681541Srgrimes	int error;
691541Srgrimes
706009Sbde	MAC_CHECK(check_kenv_dump, cred);
711541Srgrimes
721541Srgrimes	return (error);
731541Srgrimes}
741541Srgrimes
751541Srgrimesint
761541Srgrimesmac_check_kenv_get(struct ucred *cred, char *name)
771541Srgrimes{
781541Srgrimes	int error;
791541Srgrimes
801541Srgrimes	MAC_CHECK(check_kenv_get, cred, name);
811541Srgrimes
821541Srgrimes	return (error);
831541Srgrimes}
841541Srgrimes
851541Srgrimesint
861541Srgrimesmac_check_kenv_set(struct ucred *cred, char *name, char *value)
871541Srgrimes{
881541Srgrimes	int error;
891541Srgrimes
901541Srgrimes	MAC_CHECK(check_kenv_set, cred, name, value);
911541Srgrimes
921541Srgrimes	return (error);
931541Srgrimes}
941541Srgrimes
951541Srgrimesint
961541Srgrimesmac_check_kenv_unset(struct ucred *cred, char *name)
971541Srgrimes{
981541Srgrimes	int error;
991541Srgrimes
1001541Srgrimes	MAC_CHECK(check_kenv_unset, cred, name);
1012956Sbde
1022956Sbde	return (error);
1031541Srgrimes}
1041541Srgrimes
1051541Srgrimesint
1061541Srgrimesmac_check_kld_load(struct ucred *cred, struct vnode *vp)
1071541Srgrimes{
1081541Srgrimes	int error;
1091541Srgrimes
1101541Srgrimes	ASSERT_VOP_LOCKED(vp, "mac_check_kld_load");
1111541Srgrimes
1121541Srgrimes	MAC_CHECK(check_kld_load, cred, vp, vp->v_label);
1131541Srgrimes
1141541Srgrimes	return (error);
1151541Srgrimes}
1161541Srgrimes
1171541Srgrimesint
1181541Srgrimesmac_check_kld_stat(struct ucred *cred)
1191541Srgrimes{
1201541Srgrimes	int error;
1211541Srgrimes
1221541Srgrimes	MAC_CHECK(check_kld_stat, cred);
1231541Srgrimes
1241541Srgrimes	return (error);
1251541Srgrimes}
1261541Srgrimes
1271541Srgrimesint
1281541Srgrimesmac_check_system_acct(struct ucred *cred, struct vnode *vp)
1291541Srgrimes{
1301541Srgrimes	int error;
1311541Srgrimes
1321541Srgrimes	if (vp != NULL) {
1331541Srgrimes		ASSERT_VOP_LOCKED(vp, "mac_check_system_acct");
1341541Srgrimes	}
1351541Srgrimes
1361541Srgrimes	MAC_CHECK(check_system_acct, cred, vp,
1371541Srgrimes	    vp != NULL ? vp->v_label : NULL);
1381541Srgrimes
1391541Srgrimes	return (error);
1401541Srgrimes}
1411541Srgrimes
1421541Srgrimesint
1431541Srgrimesmac_check_system_reboot(struct ucred *cred, int howto)
1441541Srgrimes{
1451541Srgrimes	int error;
1461541Srgrimes
1471541Srgrimes	MAC_CHECK(check_system_reboot, cred, howto);
1481541Srgrimes
1491541Srgrimes	return (error);
1501541Srgrimes}
15112221Sbde
1521541Srgrimesint
1531541Srgrimesmac_check_system_swapon(struct ucred *cred, struct vnode *vp)
1541541Srgrimes{
1551541Srgrimes	int error;
1561541Srgrimes
1571541Srgrimes	ASSERT_VOP_LOCKED(vp, "mac_check_system_swapon");
15812221Sbde
1591541Srgrimes	MAC_CHECK(check_system_swapon, cred, vp, vp->v_label);
1601549Srgrimes	return (error);
1611541Srgrimes}
1621541Srgrimes
1631541Srgrimesint
1641541Srgrimesmac_check_system_swapoff(struct ucred *cred, struct vnode *vp)
1651541Srgrimes{
1661541Srgrimes	int error;
1671541Srgrimes
1681541Srgrimes	ASSERT_VOP_LOCKED(vp, "mac_check_system_swapoff");
1691541Srgrimes
1701541Srgrimes	MAC_CHECK(check_system_swapoff, cred, vp, vp->v_label);
1711541Srgrimes	return (error);
1721541Srgrimes}
1731541Srgrimes
1741541Srgrimesint
1751541Srgrimesmac_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
1761541Srgrimes    void *arg1, int arg2, struct sysctl_req *req)
1771541Srgrimes{
1781541Srgrimes	int error;
1791541Srgrimes
1801541Srgrimes	/*
1811541Srgrimes	 * XXXMAC: We would very much like to assert the SYSCTL_LOCK here,
1821541Srgrimes	 * but since it's not exported from kern_sysctl.c, we can't.
1831541Srgrimes	 */
1841541Srgrimes	MAC_CHECK(check_system_sysctl, cred, oidp, arg1, arg2, req);
1851541Srgrimes
1861541Srgrimes	return (error);
1871541Srgrimes}
1881541Srgrimes