mac_vfs.c revision 184413
1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001-2005 McAfee, Inc. 5 * Copyright (c) 2005-2006 SPARTA, Inc. 6 * Copyright (c) 2008 Apple Inc. 7 * All rights reserved. 8 * 9 * This software was developed by Robert Watson and Ilmar Habibulin for the 10 * TrustedBSD Project. 11 * 12 * This software was developed for the FreeBSD Project in part by McAfee 13 * Research, the Security Research Division of McAfee, Inc. under 14 * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA 15 * CHATS research program. 16 * 17 * This software was enhanced by SPARTA ISSO under SPAWAR contract 18 * N66001-04-C-6019 ("SEFOS"). 19 * 20 * Redistribution and use in source and binary forms, with or without 21 * modification, are permitted provided that the following conditions 22 * are met: 23 * 1. Redistributions of source code must retain the above copyright 24 * notice, this list of conditions and the following disclaimer. 25 * 2. Redistributions in binary form must reproduce the above copyright 26 * notice, this list of conditions and the following disclaimer in the 27 * documentation and/or other materials provided with the distribution. 28 * 29 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 30 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 31 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 32 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 33 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 34 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 35 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 36 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 37 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 38 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 39 * SUCH DAMAGE. 40 */ 41 42#include <sys/cdefs.h> 43__FBSDID("$FreeBSD: head/sys/security/mac/mac_vfs.c 184413 2008-10-28 13:44:11Z trasz $"); 44 45#include "opt_mac.h" 46 47#include <sys/param.h> 48#include <sys/condvar.h> 49#include <sys/extattr.h> 50#include <sys/imgact.h> 51#include <sys/kernel.h> 52#include <sys/lock.h> 53#include <sys/malloc.h> 54#include <sys/mutex.h> 55#include <sys/proc.h> 56#include <sys/sbuf.h> 57#include <sys/systm.h> 58#include <sys/vnode.h> 59#include <sys/mount.h> 60#include <sys/file.h> 61#include <sys/namei.h> 62#include <sys/sysctl.h> 63 64#include <vm/vm.h> 65#include <vm/pmap.h> 66#include <vm/vm_map.h> 67#include <vm/vm_object.h> 68 69#include <fs/devfs/devfs.h> 70 71#include <security/mac/mac_framework.h> 72#include <security/mac/mac_internal.h> 73#include <security/mac/mac_policy.h> 74 75/* 76 * Warn about EA transactions only the first time they happen. No locking on 77 * this variable. 78 */ 79static int ea_warn_once = 0; 80 81static int mac_vnode_setlabel_extattr(struct ucred *cred, 82 struct vnode *vp, struct label *intlabel); 83 84static struct label * 85mac_devfs_label_alloc(void) 86{ 87 struct label *label; 88 89 label = mac_labelzone_alloc(M_WAITOK); 90 MAC_PERFORM(devfs_init_label, label); 91 return (label); 92} 93 94void 95mac_devfs_init(struct devfs_dirent *de) 96{ 97 98 if (mac_labeled & MPC_OBJECT_DEVFS) 99 de->de_label = mac_devfs_label_alloc(); 100 else 101 de->de_label = NULL; 102} 103 104static struct label * 105mac_mount_label_alloc(void) 106{ 107 struct label *label; 108 109 label = mac_labelzone_alloc(M_WAITOK); 110 MAC_PERFORM(mount_init_label, label); 111 return (label); 112} 113 114void 115mac_mount_init(struct mount *mp) 116{ 117 118 if (mac_labeled & MPC_OBJECT_MOUNT) 119 mp->mnt_label = mac_mount_label_alloc(); 120 else 121 mp->mnt_label = NULL; 122} 123 124struct label * 125mac_vnode_label_alloc(void) 126{ 127 struct label *label; 128 129 label = mac_labelzone_alloc(M_WAITOK); 130 MAC_PERFORM(vnode_init_label, label); 131 return (label); 132} 133 134void 135mac_vnode_init(struct vnode *vp) 136{ 137 138 if (mac_labeled & MPC_OBJECT_VNODE) 139 vp->v_label = mac_vnode_label_alloc(); 140 else 141 vp->v_label = NULL; 142} 143 144static void 145mac_devfs_label_free(struct label *label) 146{ 147 148 MAC_PERFORM(devfs_destroy_label, label); 149 mac_labelzone_free(label); 150} 151 152void 153mac_devfs_destroy(struct devfs_dirent *de) 154{ 155 156 if (de->de_label != NULL) { 157 mac_devfs_label_free(de->de_label); 158 de->de_label = NULL; 159 } 160} 161 162static void 163mac_mount_label_free(struct label *label) 164{ 165 166 MAC_PERFORM(mount_destroy_label, label); 167 mac_labelzone_free(label); 168} 169 170void 171mac_mount_destroy(struct mount *mp) 172{ 173 174 if (mp->mnt_label != NULL) { 175 mac_mount_label_free(mp->mnt_label); 176 mp->mnt_label = NULL; 177 } 178} 179 180void 181mac_vnode_label_free(struct label *label) 182{ 183 184 MAC_PERFORM(vnode_destroy_label, label); 185 mac_labelzone_free(label); 186} 187 188void 189mac_vnode_destroy(struct vnode *vp) 190{ 191 192 if (vp->v_label != NULL) { 193 mac_vnode_label_free(vp->v_label); 194 vp->v_label = NULL; 195 } 196} 197 198void 199mac_vnode_copy_label(struct label *src, struct label *dest) 200{ 201 202 MAC_PERFORM(vnode_copy_label, src, dest); 203} 204 205int 206mac_vnode_externalize_label(struct label *label, char *elements, 207 char *outbuf, size_t outbuflen) 208{ 209 int error; 210 211 MAC_EXTERNALIZE(vnode, label, elements, outbuf, outbuflen); 212 213 return (error); 214} 215 216int 217mac_vnode_internalize_label(struct label *label, char *string) 218{ 219 int error; 220 221 MAC_INTERNALIZE(vnode, label, string); 222 223 return (error); 224} 225 226void 227mac_devfs_update(struct mount *mp, struct devfs_dirent *de, struct vnode *vp) 228{ 229 230 MAC_PERFORM(devfs_update, mp, de, de->de_label, vp, vp->v_label); 231} 232 233void 234mac_devfs_vnode_associate(struct mount *mp, struct devfs_dirent *de, 235 struct vnode *vp) 236{ 237 238 MAC_PERFORM(devfs_vnode_associate, mp, mp->mnt_label, de, 239 de->de_label, vp, vp->v_label); 240} 241 242int 243mac_vnode_associate_extattr(struct mount *mp, struct vnode *vp) 244{ 245 int error; 246 247 ASSERT_VOP_LOCKED(vp, "mac_vnode_associate_extattr"); 248 249 MAC_CHECK(vnode_associate_extattr, mp, mp->mnt_label, vp, 250 vp->v_label); 251 252 return (error); 253} 254 255void 256mac_vnode_associate_singlelabel(struct mount *mp, struct vnode *vp) 257{ 258 259 MAC_PERFORM(vnode_associate_singlelabel, mp, mp->mnt_label, vp, 260 vp->v_label); 261} 262 263/* 264 * Functions implementing extended-attribute backed labels for file systems 265 * that support it. 266 * 267 * Where possible, we use EA transactions to make writes to multiple 268 * attributes across difference policies mutually atomic. We allow work to 269 * continue on file systems not supporting EA transactions, but generate a 270 * printf warning. 271 */ 272int 273mac_vnode_create_extattr(struct ucred *cred, struct mount *mp, 274 struct vnode *dvp, struct vnode *vp, struct componentname *cnp) 275{ 276 int error; 277 278 ASSERT_VOP_LOCKED(dvp, "mac_vnode_create_extattr"); 279 ASSERT_VOP_LOCKED(vp, "mac_vnode_create_extattr"); 280 281 error = VOP_OPENEXTATTR(vp, cred, curthread); 282 if (error == EOPNOTSUPP) { 283 if (ea_warn_once == 0) { 284 printf("Warning: transactions not supported " 285 "in EA write.\n"); 286 ea_warn_once = 1; 287 } 288 } else if (error) 289 return (error); 290 291 MAC_CHECK(vnode_create_extattr, cred, mp, mp->mnt_label, dvp, 292 dvp->v_label, vp, vp->v_label, cnp); 293 294 if (error) { 295 VOP_CLOSEEXTATTR(vp, 0, NOCRED, curthread); 296 return (error); 297 } 298 299 error = VOP_CLOSEEXTATTR(vp, 1, NOCRED, curthread); 300 if (error == EOPNOTSUPP) 301 error = 0; 302 303 return (error); 304} 305 306static int 307mac_vnode_setlabel_extattr(struct ucred *cred, struct vnode *vp, 308 struct label *intlabel) 309{ 310 int error; 311 312 ASSERT_VOP_LOCKED(vp, "mac_vnode_setlabel_extattr"); 313 314 error = VOP_OPENEXTATTR(vp, cred, curthread); 315 if (error == EOPNOTSUPP) { 316 if (ea_warn_once == 0) { 317 printf("Warning: transactions not supported " 318 "in EA write.\n"); 319 ea_warn_once = 1; 320 } 321 } else if (error) 322 return (error); 323 324 MAC_CHECK(vnode_setlabel_extattr, cred, vp, vp->v_label, intlabel); 325 326 if (error) { 327 VOP_CLOSEEXTATTR(vp, 0, NOCRED, curthread); 328 return (error); 329 } 330 331 error = VOP_CLOSEEXTATTR(vp, 1, NOCRED, curthread); 332 if (error == EOPNOTSUPP) 333 error = 0; 334 335 return (error); 336} 337 338void 339mac_vnode_execve_transition(struct ucred *old, struct ucred *new, 340 struct vnode *vp, struct label *interpvplabel, struct image_params *imgp) 341{ 342 343 ASSERT_VOP_LOCKED(vp, "mac_vnode_execve_transition"); 344 345 MAC_PERFORM(vnode_execve_transition, old, new, vp, vp->v_label, 346 interpvplabel, imgp, imgp->execlabel); 347} 348 349int 350mac_vnode_execve_will_transition(struct ucred *old, struct vnode *vp, 351 struct label *interpvplabel, struct image_params *imgp) 352{ 353 int result; 354 355 ASSERT_VOP_LOCKED(vp, "mac_vnode_execve_will_transition"); 356 357 result = 0; 358 MAC_BOOLEAN(vnode_execve_will_transition, ||, old, vp, vp->v_label, 359 interpvplabel, imgp, imgp->execlabel); 360 361 return (result); 362} 363 364int 365mac_vnode_check_access(struct ucred *cred, struct vnode *vp, accmode_t accmode) 366{ 367 int error; 368 369 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_access"); 370 371 MAC_CHECK(vnode_check_access, cred, vp, vp->v_label, accmode); 372 return (error); 373} 374 375int 376mac_vnode_check_chdir(struct ucred *cred, struct vnode *dvp) 377{ 378 int error; 379 380 ASSERT_VOP_LOCKED(dvp, "mac_vnode_check_chdir"); 381 382 MAC_CHECK(vnode_check_chdir, cred, dvp, dvp->v_label); 383 return (error); 384} 385 386int 387mac_vnode_check_chroot(struct ucred *cred, struct vnode *dvp) 388{ 389 int error; 390 391 ASSERT_VOP_LOCKED(dvp, "mac_vnode_check_chroot"); 392 393 MAC_CHECK(vnode_check_chroot, cred, dvp, dvp->v_label); 394 return (error); 395} 396 397int 398mac_vnode_check_create(struct ucred *cred, struct vnode *dvp, 399 struct componentname *cnp, struct vattr *vap) 400{ 401 int error; 402 403 ASSERT_VOP_LOCKED(dvp, "mac_vnode_check_create"); 404 405 MAC_CHECK(vnode_check_create, cred, dvp, dvp->v_label, cnp, vap); 406 return (error); 407} 408 409int 410mac_vnode_check_deleteacl(struct ucred *cred, struct vnode *vp, 411 acl_type_t type) 412{ 413 int error; 414 415 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_deleteacl"); 416 417 MAC_CHECK(vnode_check_deleteacl, cred, vp, vp->v_label, type); 418 return (error); 419} 420 421int 422mac_vnode_check_deleteextattr(struct ucred *cred, struct vnode *vp, 423 int attrnamespace, const char *name) 424{ 425 int error; 426 427 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_deleteextattr"); 428 429 MAC_CHECK(vnode_check_deleteextattr, cred, vp, vp->v_label, 430 attrnamespace, name); 431 return (error); 432} 433 434int 435mac_vnode_check_exec(struct ucred *cred, struct vnode *vp, 436 struct image_params *imgp) 437{ 438 int error; 439 440 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_exec"); 441 442 MAC_CHECK(vnode_check_exec, cred, vp, vp->v_label, imgp, 443 imgp->execlabel); 444 445 return (error); 446} 447 448int 449mac_vnode_check_getacl(struct ucred *cred, struct vnode *vp, acl_type_t type) 450{ 451 int error; 452 453 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_getacl"); 454 455 MAC_CHECK(vnode_check_getacl, cred, vp, vp->v_label, type); 456 return (error); 457} 458 459int 460mac_vnode_check_getextattr(struct ucred *cred, struct vnode *vp, 461 int attrnamespace, const char *name, struct uio *uio) 462{ 463 int error; 464 465 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_getextattr"); 466 467 MAC_CHECK(vnode_check_getextattr, cred, vp, vp->v_label, 468 attrnamespace, name, uio); 469 return (error); 470} 471 472int 473mac_vnode_check_link(struct ucred *cred, struct vnode *dvp, 474 struct vnode *vp, struct componentname *cnp) 475{ 476 int error; 477 478 ASSERT_VOP_LOCKED(dvp, "mac_vnode_check_link"); 479 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_link"); 480 481 MAC_CHECK(vnode_check_link, cred, dvp, dvp->v_label, vp, 482 vp->v_label, cnp); 483 return (error); 484} 485 486int 487mac_vnode_check_listextattr(struct ucred *cred, struct vnode *vp, 488 int attrnamespace) 489{ 490 int error; 491 492 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_listextattr"); 493 494 MAC_CHECK(vnode_check_listextattr, cred, vp, vp->v_label, 495 attrnamespace); 496 return (error); 497} 498 499int 500mac_vnode_check_lookup(struct ucred *cred, struct vnode *dvp, 501 struct componentname *cnp) 502{ 503 int error; 504 505 ASSERT_VOP_LOCKED(dvp, "mac_vnode_check_lookup"); 506 507 MAC_CHECK(vnode_check_lookup, cred, dvp, dvp->v_label, cnp); 508 return (error); 509} 510 511int 512mac_vnode_check_mmap(struct ucred *cred, struct vnode *vp, int prot, 513 int flags) 514{ 515 int error; 516 517 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_mmap"); 518 519 MAC_CHECK(vnode_check_mmap, cred, vp, vp->v_label, prot, flags); 520 return (error); 521} 522 523void 524mac_vnode_check_mmap_downgrade(struct ucred *cred, struct vnode *vp, 525 int *prot) 526{ 527 int result = *prot; 528 529 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_mmap_downgrade"); 530 531 MAC_PERFORM(vnode_check_mmap_downgrade, cred, vp, vp->v_label, 532 &result); 533 534 *prot = result; 535} 536 537int 538mac_vnode_check_mprotect(struct ucred *cred, struct vnode *vp, int prot) 539{ 540 int error; 541 542 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_mprotect"); 543 544 MAC_CHECK(vnode_check_mprotect, cred, vp, vp->v_label, prot); 545 return (error); 546} 547 548int 549mac_vnode_check_open(struct ucred *cred, struct vnode *vp, accmode_t accmode) 550{ 551 int error; 552 553 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_open"); 554 555 MAC_CHECK(vnode_check_open, cred, vp, vp->v_label, accmode); 556 return (error); 557} 558 559int 560mac_vnode_check_poll(struct ucred *active_cred, struct ucred *file_cred, 561 struct vnode *vp) 562{ 563 int error; 564 565 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_poll"); 566 567 MAC_CHECK(vnode_check_poll, active_cred, file_cred, vp, 568 vp->v_label); 569 570 return (error); 571} 572 573int 574mac_vnode_check_read(struct ucred *active_cred, struct ucred *file_cred, 575 struct vnode *vp) 576{ 577 int error; 578 579 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_read"); 580 581 MAC_CHECK(vnode_check_read, active_cred, file_cred, vp, 582 vp->v_label); 583 584 return (error); 585} 586 587int 588mac_vnode_check_readdir(struct ucred *cred, struct vnode *dvp) 589{ 590 int error; 591 592 ASSERT_VOP_LOCKED(dvp, "mac_vnode_check_readdir"); 593 594 MAC_CHECK(vnode_check_readdir, cred, dvp, dvp->v_label); 595 return (error); 596} 597 598int 599mac_vnode_check_readlink(struct ucred *cred, struct vnode *vp) 600{ 601 int error; 602 603 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_readlink"); 604 605 MAC_CHECK(vnode_check_readlink, cred, vp, vp->v_label); 606 return (error); 607} 608 609static int 610mac_vnode_check_relabel(struct ucred *cred, struct vnode *vp, 611 struct label *newlabel) 612{ 613 int error; 614 615 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_relabel"); 616 617 MAC_CHECK(vnode_check_relabel, cred, vp, vp->v_label, newlabel); 618 619 return (error); 620} 621 622int 623mac_vnode_check_rename_from(struct ucred *cred, struct vnode *dvp, 624 struct vnode *vp, struct componentname *cnp) 625{ 626 int error; 627 628 ASSERT_VOP_LOCKED(dvp, "mac_vnode_check_rename_from"); 629 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_rename_from"); 630 631 MAC_CHECK(vnode_check_rename_from, cred, dvp, dvp->v_label, vp, 632 vp->v_label, cnp); 633 return (error); 634} 635 636int 637mac_vnode_check_rename_to(struct ucred *cred, struct vnode *dvp, 638 struct vnode *vp, int samedir, struct componentname *cnp) 639{ 640 int error; 641 642 ASSERT_VOP_LOCKED(dvp, "mac_vnode_check_rename_to"); 643 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_rename_to"); 644 645 MAC_CHECK(vnode_check_rename_to, cred, dvp, dvp->v_label, vp, 646 vp != NULL ? vp->v_label : NULL, samedir, cnp); 647 return (error); 648} 649 650int 651mac_vnode_check_revoke(struct ucred *cred, struct vnode *vp) 652{ 653 int error; 654 655 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_revoke"); 656 657 MAC_CHECK(vnode_check_revoke, cred, vp, vp->v_label); 658 return (error); 659} 660 661int 662mac_vnode_check_setacl(struct ucred *cred, struct vnode *vp, acl_type_t type, 663 struct acl *acl) 664{ 665 int error; 666 667 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_setacl"); 668 669 MAC_CHECK(vnode_check_setacl, cred, vp, vp->v_label, type, acl); 670 return (error); 671} 672 673int 674mac_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, 675 int attrnamespace, const char *name, struct uio *uio) 676{ 677 int error; 678 679 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_setextattr"); 680 681 MAC_CHECK(vnode_check_setextattr, cred, vp, vp->v_label, 682 attrnamespace, name, uio); 683 return (error); 684} 685 686int 687mac_vnode_check_setflags(struct ucred *cred, struct vnode *vp, u_long flags) 688{ 689 int error; 690 691 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_setflags"); 692 693 MAC_CHECK(vnode_check_setflags, cred, vp, vp->v_label, flags); 694 return (error); 695} 696 697int 698mac_vnode_check_setmode(struct ucred *cred, struct vnode *vp, mode_t mode) 699{ 700 int error; 701 702 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_setmode"); 703 704 MAC_CHECK(vnode_check_setmode, cred, vp, vp->v_label, mode); 705 return (error); 706} 707 708int 709mac_vnode_check_setowner(struct ucred *cred, struct vnode *vp, uid_t uid, 710 gid_t gid) 711{ 712 int error; 713 714 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_setowner"); 715 716 MAC_CHECK(vnode_check_setowner, cred, vp, vp->v_label, uid, gid); 717 return (error); 718} 719 720int 721mac_vnode_check_setutimes(struct ucred *cred, struct vnode *vp, 722 struct timespec atime, struct timespec mtime) 723{ 724 int error; 725 726 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_setutimes"); 727 728 MAC_CHECK(vnode_check_setutimes, cred, vp, vp->v_label, atime, 729 mtime); 730 return (error); 731} 732 733int 734mac_vnode_check_stat(struct ucred *active_cred, struct ucred *file_cred, 735 struct vnode *vp) 736{ 737 int error; 738 739 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_stat"); 740 741 MAC_CHECK(vnode_check_stat, active_cred, file_cred, vp, 742 vp->v_label); 743 return (error); 744} 745 746int 747mac_vnode_check_unlink(struct ucred *cred, struct vnode *dvp, 748 struct vnode *vp, struct componentname *cnp) 749{ 750 int error; 751 752 ASSERT_VOP_LOCKED(dvp, "mac_vnode_check_unlink"); 753 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_unlink"); 754 755 MAC_CHECK(vnode_check_unlink, cred, dvp, dvp->v_label, vp, 756 vp->v_label, cnp); 757 return (error); 758} 759 760int 761mac_vnode_check_write(struct ucred *active_cred, struct ucred *file_cred, 762 struct vnode *vp) 763{ 764 int error; 765 766 ASSERT_VOP_LOCKED(vp, "mac_vnode_check_write"); 767 768 MAC_CHECK(vnode_check_write, active_cred, file_cred, vp, 769 vp->v_label); 770 771 return (error); 772} 773 774void 775mac_vnode_relabel(struct ucred *cred, struct vnode *vp, 776 struct label *newlabel) 777{ 778 779 MAC_PERFORM(vnode_relabel, cred, vp, vp->v_label, newlabel); 780} 781 782void 783mac_mount_create(struct ucred *cred, struct mount *mp) 784{ 785 786 MAC_PERFORM(mount_create, cred, mp, mp->mnt_label); 787} 788 789int 790mac_mount_check_stat(struct ucred *cred, struct mount *mount) 791{ 792 int error; 793 794 MAC_CHECK(mount_check_stat, cred, mount, mount->mnt_label); 795 796 return (error); 797} 798 799void 800mac_devfs_create_device(struct ucred *cred, struct mount *mp, 801 struct cdev *dev, struct devfs_dirent *de) 802{ 803 804 MAC_PERFORM(devfs_create_device, cred, mp, dev, de, de->de_label); 805} 806 807void 808mac_devfs_create_symlink(struct ucred *cred, struct mount *mp, 809 struct devfs_dirent *dd, struct devfs_dirent *de) 810{ 811 812 MAC_PERFORM(devfs_create_symlink, cred, mp, dd, dd->de_label, de, 813 de->de_label); 814} 815 816void 817mac_devfs_create_directory(struct mount *mp, char *dirname, int dirnamelen, 818 struct devfs_dirent *de) 819{ 820 821 MAC_PERFORM(devfs_create_directory, mp, dirname, dirnamelen, de, 822 de->de_label); 823} 824 825/* 826 * Implementation of VOP_SETLABEL() that relies on extended attributes to 827 * store label data. Can be referenced by filesystems supporting extended 828 * attributes. 829 */ 830int 831vop_stdsetlabel_ea(struct vop_setlabel_args *ap) 832{ 833 struct vnode *vp = ap->a_vp; 834 struct label *intlabel = ap->a_label; 835 int error; 836 837 ASSERT_VOP_LOCKED(vp, "vop_stdsetlabel_ea"); 838 839 if ((vp->v_mount->mnt_flag & MNT_MULTILABEL) == 0) 840 return (EOPNOTSUPP); 841 842 error = mac_vnode_setlabel_extattr(ap->a_cred, vp, intlabel); 843 if (error) 844 return (error); 845 846 mac_vnode_relabel(ap->a_cred, vp, intlabel); 847 848 return (0); 849} 850 851int 852vn_setlabel(struct vnode *vp, struct label *intlabel, struct ucred *cred) 853{ 854 int error; 855 856 if (vp->v_mount == NULL) { 857 /* printf("vn_setlabel: null v_mount\n"); */ 858 if (vp->v_type != VNON) 859 printf("vn_setlabel: null v_mount with non-VNON\n"); 860 return (EBADF); 861 } 862 863 if ((vp->v_mount->mnt_flag & MNT_MULTILABEL) == 0) 864 return (EOPNOTSUPP); 865 866 /* 867 * Multi-phase commit. First check the policies to confirm the 868 * change is OK. Then commit via the filesystem. Finally, update 869 * the actual vnode label. 870 * 871 * Question: maybe the filesystem should update the vnode at the end 872 * as part of VOP_SETLABEL()? 873 */ 874 error = mac_vnode_check_relabel(cred, vp, intlabel); 875 if (error) 876 return (error); 877 878 /* 879 * VADMIN provides the opportunity for the filesystem to make 880 * decisions about who is and is not able to modify labels and 881 * protections on files. This might not be right. We can't assume 882 * VOP_SETLABEL() will do it, because we might implement that as part 883 * of vop_stdsetlabel_ea(). 884 */ 885 error = VOP_ACCESS(vp, VADMIN, cred, curthread); 886 if (error) 887 return (error); 888 889 error = VOP_SETLABEL(vp, intlabel, cred, curthread); 890 if (error) 891 return (error); 892 893 return (0); 894} 895