mac_system.c revision 168951
1100894Srwatson/*- 2121362Srwatson * Copyright (c) 2002, 2003 Networks Associates Technology, Inc. 3168951Srwatson * Copyright (c) 2007 Robert N. M. Watson 4100894Srwatson * All rights reserved. 5100894Srwatson * 6106392Srwatson * This software was developed for the FreeBSD Project in part by Network 7106392Srwatson * Associates Laboratories, the Security Research Division of Network 8106392Srwatson * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 9106392Srwatson * as part of the DARPA CHATS research program. 10100894Srwatson * 11168951Srwatson * Portions of this software were developed by Robert Watson for the 12168951Srwatson * TrustedBSD Project. 13168951Srwatson * 14100894Srwatson * Redistribution and use in source and binary forms, with or without 15100894Srwatson * modification, are permitted provided that the following conditions 16100894Srwatson * are met: 17100894Srwatson * 1. Redistributions of source code must retain the above copyright 18100894Srwatson * notice, this list of conditions and the following disclaimer. 19100894Srwatson * 2. Redistributions in binary form must reproduce the above copyright 20100894Srwatson * notice, this list of conditions and the following disclaimer in the 21100894Srwatson * documentation and/or other materials provided with the distribution. 22100894Srwatson * 23100894Srwatson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 24100894Srwatson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25100894Srwatson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26100894Srwatson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 27100894Srwatson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28100894Srwatson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29100894Srwatson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30100894Srwatson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31100894Srwatson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32100894Srwatson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33100894Srwatson * SUCH DAMAGE. 34100894Srwatson */ 35116182Sobrien 36168951Srwatson/* 37168951Srwatson * MAC Framework entry points relating to overall operation of system, 38168951Srwatson * including global services such as the kernel environment and loadable 39168951Srwatson * modules. 40168951Srwatson * 41168951Srwatson * System checks often align with existing privilege checks, but provide 42168951Srwatson * additional security context that may be relevant to policies, such as the 43168951Srwatson * specific object being operated on. 44168951Srwatson */ 45168951Srwatson 46116182Sobrien#include <sys/cdefs.h> 47116182Sobrien__FBSDID("$FreeBSD: head/sys/security/mac/mac_system.c 168951 2007-04-22 15:31:22Z rwatson $"); 48116182Sobrien 49100894Srwatson#include "opt_mac.h" 50101173Srwatson 51100894Srwatson#include <sys/param.h> 52100979Srwatson#include <sys/kernel.h> 53100979Srwatson#include <sys/lock.h> 54102949Sbde#include <sys/malloc.h> 55129880Sphk#include <sys/module.h> 56100979Srwatson#include <sys/mutex.h> 57100979Srwatson#include <sys/systm.h> 58100979Srwatson#include <sys/vnode.h> 59100979Srwatson#include <sys/sysctl.h> 60100894Srwatson 61163606Srwatson#include <security/mac/mac_framework.h> 62121362Srwatson#include <security/mac/mac_internal.h> 63165469Srwatson#include <security/mac/mac_policy.h> 64100979Srwatson 65100894Srwatsonint 66106308Srwatsonmac_check_kenv_dump(struct ucred *cred) 67106308Srwatson{ 68106308Srwatson int error; 69106308Srwatson 70106308Srwatson MAC_CHECK(check_kenv_dump, cred); 71106308Srwatson 72106308Srwatson return (error); 73106308Srwatson} 74106308Srwatson 75106308Srwatsonint 76106308Srwatsonmac_check_kenv_get(struct ucred *cred, char *name) 77106308Srwatson{ 78106308Srwatson int error; 79106308Srwatson 80106308Srwatson MAC_CHECK(check_kenv_get, cred, name); 81106308Srwatson 82106308Srwatson return (error); 83106308Srwatson} 84106308Srwatson 85106308Srwatsonint 86106308Srwatsonmac_check_kenv_set(struct ucred *cred, char *name, char *value) 87106308Srwatson{ 88106308Srwatson int error; 89106308Srwatson 90106308Srwatson MAC_CHECK(check_kenv_set, cred, name, value); 91106308Srwatson 92106308Srwatson return (error); 93106308Srwatson} 94106308Srwatson 95106308Srwatsonint 96106308Srwatsonmac_check_kenv_unset(struct ucred *cred, char *name) 97106308Srwatson{ 98106308Srwatson int error; 99106308Srwatson 100106308Srwatson MAC_CHECK(check_kenv_unset, cred, name); 101106308Srwatson 102106308Srwatson return (error); 103106308Srwatson} 104106308Srwatson 105106308Srwatsonint 106107089Srwatsonmac_check_kld_load(struct ucred *cred, struct vnode *vp) 107107089Srwatson{ 108107089Srwatson int error; 109107089Srwatson 110107089Srwatson ASSERT_VOP_LOCKED(vp, "mac_check_kld_load"); 111107089Srwatson 112122524Srwatson MAC_CHECK(check_kld_load, cred, vp, vp->v_label); 113107089Srwatson 114107089Srwatson return (error); 115107089Srwatson} 116107089Srwatson 117107089Srwatsonint 118107089Srwatsonmac_check_kld_stat(struct ucred *cred) 119107089Srwatson{ 120107089Srwatson int error; 121107089Srwatson 122107089Srwatson MAC_CHECK(check_kld_stat, cred); 123107089Srwatson 124107089Srwatson return (error); 125107089Srwatson} 126107089Srwatson 127107089Srwatsonint 128106412Srwatsonmac_check_system_acct(struct ucred *cred, struct vnode *vp) 129106412Srwatson{ 130106412Srwatson int error; 131106412Srwatson 132106412Srwatson if (vp != NULL) { 133106412Srwatson ASSERT_VOP_LOCKED(vp, "mac_check_system_acct"); 134106412Srwatson } 135106412Srwatson 136106412Srwatson MAC_CHECK(check_system_acct, cred, vp, 137122524Srwatson vp != NULL ? vp->v_label : NULL); 138106412Srwatson 139106412Srwatson return (error); 140106412Srwatson} 141106412Srwatson 142106412Srwatsonint 143106024Srwatsonmac_check_system_reboot(struct ucred *cred, int howto) 144106024Srwatson{ 145106024Srwatson int error; 146106024Srwatson 147106024Srwatson MAC_CHECK(check_system_reboot, cred, howto); 148106045Srwatson 149106024Srwatson return (error); 150106024Srwatson} 151106024Srwatson 152106024Srwatsonint 153106023Srwatsonmac_check_system_swapon(struct ucred *cred, struct vnode *vp) 154106023Srwatson{ 155106023Srwatson int error; 156106023Srwatson 157106023Srwatson ASSERT_VOP_LOCKED(vp, "mac_check_system_swapon"); 158106023Srwatson 159122524Srwatson MAC_CHECK(check_system_swapon, cred, vp, vp->v_label); 160106023Srwatson return (error); 161106023Srwatson} 162106023Srwatson 163106023Srwatsonint 164111936Srwatsonmac_check_system_swapoff(struct ucred *cred, struct vnode *vp) 165111936Srwatson{ 166111936Srwatson int error; 167111936Srwatson 168111936Srwatson ASSERT_VOP_LOCKED(vp, "mac_check_system_swapoff"); 169111936Srwatson 170122524Srwatson MAC_CHECK(check_system_swapoff, cred, vp, vp->v_label); 171111936Srwatson return (error); 172111936Srwatson} 173111936Srwatson 174111936Srwatsonint 175168951Srwatsonmac_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp, 176168951Srwatson void *arg1, int arg2, struct sysctl_req *req) 177106025Srwatson{ 178106025Srwatson int error; 179106025Srwatson 180106025Srwatson /* 181147222Scsjp * XXXMAC: We would very much like to assert the SYSCTL_LOCK here, 182106025Srwatson * but since it's not exported from kern_sysctl.c, we can't. 183106025Srwatson */ 184126121Spjd MAC_CHECK(check_system_sysctl, cred, oidp, arg1, arg2, req); 185106025Srwatson 186106025Srwatson return (error); 187106025Srwatson} 188