mac_system.c revision 168951 
1100894Srwatson/*-
2121362Srwatson * Copyright (c) 2002, 2003 Networks Associates Technology, Inc.
3168951Srwatson * Copyright (c) 2007 Robert N. M. Watson
4100894Srwatson * All rights reserved.
5100894Srwatson *
6106392Srwatson * This software was developed for the FreeBSD Project in part by Network
7106392Srwatson * Associates Laboratories, the Security Research Division of Network
8106392Srwatson * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
9106392Srwatson * as part of the DARPA CHATS research program.
10100894Srwatson *
11168951Srwatson * Portions of this software were developed by Robert Watson for the
12168951Srwatson * TrustedBSD Project.
13168951Srwatson *
14100894Srwatson * Redistribution and use in source and binary forms, with or without
15100894Srwatson * modification, are permitted provided that the following conditions
16100894Srwatson * are met:
17100894Srwatson * 1. Redistributions of source code must retain the above copyright
18100894Srwatson *    notice, this list of conditions and the following disclaimer.
19100894Srwatson * 2. Redistributions in binary form must reproduce the above copyright
20100894Srwatson *    notice, this list of conditions and the following disclaimer in the
21100894Srwatson *    documentation and/or other materials provided with the distribution.
22100894Srwatson *
23100894Srwatson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24100894Srwatson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25100894Srwatson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26100894Srwatson * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27100894Srwatson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28100894Srwatson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29100894Srwatson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30100894Srwatson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31100894Srwatson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32100894Srwatson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33100894Srwatson * SUCH DAMAGE.
34100894Srwatson */
35116182Sobrien
36168951Srwatson/*
37168951Srwatson * MAC Framework entry points relating to overall operation of system,
38168951Srwatson * including global services such as the kernel environment and loadable
39168951Srwatson * modules.
40168951Srwatson *
41168951Srwatson * System checks often align with existing privilege checks, but provide
42168951Srwatson * additional security context that may be relevant to policies, such as the
43168951Srwatson * specific object being operated on.
44168951Srwatson */
45168951Srwatson
46116182Sobrien#include <sys/cdefs.h>
47116182Sobrien__FBSDID("$FreeBSD: head/sys/security/mac/mac_system.c 168951 2007-04-22 15:31:22Z rwatson $");
48116182Sobrien
49100894Srwatson#include "opt_mac.h"
50101173Srwatson
51100894Srwatson#include <sys/param.h>
52100979Srwatson#include <sys/kernel.h>
53100979Srwatson#include <sys/lock.h>
54102949Sbde#include <sys/malloc.h>
55129880Sphk#include <sys/module.h>
56100979Srwatson#include <sys/mutex.h>
57100979Srwatson#include <sys/systm.h>
58100979Srwatson#include <sys/vnode.h>
59100979Srwatson#include <sys/sysctl.h>
60100894Srwatson
61163606Srwatson#include <security/mac/mac_framework.h>
62121362Srwatson#include <security/mac/mac_internal.h>
63165469Srwatson#include <security/mac/mac_policy.h>
64100979Srwatson
65100894Srwatsonint
66106308Srwatsonmac_check_kenv_dump(struct ucred *cred)
67106308Srwatson{
68106308Srwatson	int error;
69106308Srwatson
70106308Srwatson	MAC_CHECK(check_kenv_dump, cred);
71106308Srwatson
72106308Srwatson	return (error);
73106308Srwatson}
74106308Srwatson
75106308Srwatsonint
76106308Srwatsonmac_check_kenv_get(struct ucred *cred, char *name)
77106308Srwatson{
78106308Srwatson	int error;
79106308Srwatson
80106308Srwatson	MAC_CHECK(check_kenv_get, cred, name);
81106308Srwatson
82106308Srwatson	return (error);
83106308Srwatson}
84106308Srwatson
85106308Srwatsonint
86106308Srwatsonmac_check_kenv_set(struct ucred *cred, char *name, char *value)
87106308Srwatson{
88106308Srwatson	int error;
89106308Srwatson
90106308Srwatson	MAC_CHECK(check_kenv_set, cred, name, value);
91106308Srwatson
92106308Srwatson	return (error);
93106308Srwatson}
94106308Srwatson
95106308Srwatsonint
96106308Srwatsonmac_check_kenv_unset(struct ucred *cred, char *name)
97106308Srwatson{
98106308Srwatson	int error;
99106308Srwatson
100106308Srwatson	MAC_CHECK(check_kenv_unset, cred, name);
101106308Srwatson
102106308Srwatson	return (error);
103106308Srwatson}
104106308Srwatson
105106308Srwatsonint
106107089Srwatsonmac_check_kld_load(struct ucred *cred, struct vnode *vp)
107107089Srwatson{
108107089Srwatson	int error;
109107089Srwatson
110107089Srwatson	ASSERT_VOP_LOCKED(vp, "mac_check_kld_load");
111107089Srwatson
112122524Srwatson	MAC_CHECK(check_kld_load, cred, vp, vp->v_label);
113107089Srwatson
114107089Srwatson	return (error);
115107089Srwatson}
116107089Srwatson
117107089Srwatsonint
118107089Srwatsonmac_check_kld_stat(struct ucred *cred)
119107089Srwatson{
120107089Srwatson	int error;
121107089Srwatson
122107089Srwatson	MAC_CHECK(check_kld_stat, cred);
123107089Srwatson
124107089Srwatson	return (error);
125107089Srwatson}
126107089Srwatson
127107089Srwatsonint
128106412Srwatsonmac_check_system_acct(struct ucred *cred, struct vnode *vp)
129106412Srwatson{
130106412Srwatson	int error;
131106412Srwatson
132106412Srwatson	if (vp != NULL) {
133106412Srwatson		ASSERT_VOP_LOCKED(vp, "mac_check_system_acct");
134106412Srwatson	}
135106412Srwatson
136106412Srwatson	MAC_CHECK(check_system_acct, cred, vp,
137122524Srwatson	    vp != NULL ? vp->v_label : NULL);
138106412Srwatson
139106412Srwatson	return (error);
140106412Srwatson}
141106412Srwatson
142106412Srwatsonint
143106024Srwatsonmac_check_system_reboot(struct ucred *cred, int howto)
144106024Srwatson{
145106024Srwatson	int error;
146106024Srwatson
147106024Srwatson	MAC_CHECK(check_system_reboot, cred, howto);
148106045Srwatson
149106024Srwatson	return (error);
150106024Srwatson}
151106024Srwatson
152106024Srwatsonint
153106023Srwatsonmac_check_system_swapon(struct ucred *cred, struct vnode *vp)
154106023Srwatson{
155106023Srwatson	int error;
156106023Srwatson
157106023Srwatson	ASSERT_VOP_LOCKED(vp, "mac_check_system_swapon");
158106023Srwatson
159122524Srwatson	MAC_CHECK(check_system_swapon, cred, vp, vp->v_label);
160106023Srwatson	return (error);
161106023Srwatson}
162106023Srwatson
163106023Srwatsonint
164111936Srwatsonmac_check_system_swapoff(struct ucred *cred, struct vnode *vp)
165111936Srwatson{
166111936Srwatson	int error;
167111936Srwatson
168111936Srwatson	ASSERT_VOP_LOCKED(vp, "mac_check_system_swapoff");
169111936Srwatson
170122524Srwatson	MAC_CHECK(check_system_swapoff, cred, vp, vp->v_label);
171111936Srwatson	return (error);
172111936Srwatson}
173111936Srwatson
174111936Srwatsonint
175168951Srwatsonmac_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
176168951Srwatson    void *arg1, int arg2, struct sysctl_req *req)
177106025Srwatson{
178106025Srwatson	int error;
179106025Srwatson
180106025Srwatson	/*
181147222Scsjp	 * XXXMAC: We would very much like to assert the SYSCTL_LOCK here,
182106025Srwatson	 * but since it's not exported from kern_sysctl.c, we can't.
183106025Srwatson	 */
184126121Spjd	MAC_CHECK(check_system_sysctl, cred, oidp, arg1, arg2, req);
185106025Srwatson
186106025Srwatson	return (error);
187106025Srwatson}
188