mac_system.c revision 168955
10Sstevel@tonic-gate/*- 20Sstevel@tonic-gate * Copyright (c) 2002-2003 Networks Associates Technology, Inc. 30Sstevel@tonic-gate * Copyright (c) 2007 Robert N. M. Watson 40Sstevel@tonic-gate * All rights reserved. 50Sstevel@tonic-gate * 60Sstevel@tonic-gate * This software was developed for the FreeBSD Project in part by Network 70Sstevel@tonic-gate * Associates Laboratories, the Security Research Division of Network 80Sstevel@tonic-gate * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 90Sstevel@tonic-gate * as part of the DARPA CHATS research program. 100Sstevel@tonic-gate * 110Sstevel@tonic-gate * Portions of this software were developed by Robert Watson for the 120Sstevel@tonic-gate * TrustedBSD Project. 130Sstevel@tonic-gate * 140Sstevel@tonic-gate * Redistribution and use in source and binary forms, with or without 150Sstevel@tonic-gate * modification, are permitted provided that the following conditions 160Sstevel@tonic-gate * are met: 170Sstevel@tonic-gate * 1. Redistributions of source code must retain the above copyright 180Sstevel@tonic-gate * notice, this list of conditions and the following disclaimer. 190Sstevel@tonic-gate * 2. Redistributions in binary form must reproduce the above copyright 200Sstevel@tonic-gate * notice, this list of conditions and the following disclaimer in the 210Sstevel@tonic-gate * documentation and/or other materials provided with the distribution. 220Sstevel@tonic-gate * 230Sstevel@tonic-gate * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 240Sstevel@tonic-gate * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 250Sstevel@tonic-gate * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 260Sstevel@tonic-gate * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 270Sstevel@tonic-gate * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 280Sstevel@tonic-gate * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 290Sstevel@tonic-gate * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 300Sstevel@tonic-gate * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 310Sstevel@tonic-gate * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 320Sstevel@tonic-gate * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 330Sstevel@tonic-gate * SUCH DAMAGE. 340Sstevel@tonic-gate */ 350Sstevel@tonic-gate 360Sstevel@tonic-gate/* 37 * MAC Framework entry points relating to overall operation of system, 38 * including global services such as the kernel environment and loadable 39 * modules. 40 * 41 * System checks often align with existing privilege checks, but provide 42 * additional security context that may be relevant to policies, such as the 43 * specific object being operated on. 44 */ 45 46#include <sys/cdefs.h> 47__FBSDID("$FreeBSD: head/sys/security/mac/mac_system.c 168955 2007-04-22 19:55:56Z rwatson $"); 48 49#include "opt_mac.h" 50 51#include <sys/param.h> 52#include <sys/kernel.h> 53#include <sys/lock.h> 54#include <sys/malloc.h> 55#include <sys/module.h> 56#include <sys/mutex.h> 57#include <sys/systm.h> 58#include <sys/vnode.h> 59#include <sys/sysctl.h> 60 61#include <security/mac/mac_framework.h> 62#include <security/mac/mac_internal.h> 63#include <security/mac/mac_policy.h> 64 65int 66mac_check_kenv_dump(struct ucred *cred) 67{ 68 int error; 69 70 MAC_CHECK(check_kenv_dump, cred); 71 72 return (error); 73} 74 75int 76mac_check_kenv_get(struct ucred *cred, char *name) 77{ 78 int error; 79 80 MAC_CHECK(check_kenv_get, cred, name); 81 82 return (error); 83} 84 85int 86mac_check_kenv_set(struct ucred *cred, char *name, char *value) 87{ 88 int error; 89 90 MAC_CHECK(check_kenv_set, cred, name, value); 91 92 return (error); 93} 94 95int 96mac_check_kenv_unset(struct ucred *cred, char *name) 97{ 98 int error; 99 100 MAC_CHECK(check_kenv_unset, cred, name); 101 102 return (error); 103} 104 105int 106mac_check_kld_load(struct ucred *cred, struct vnode *vp) 107{ 108 int error; 109 110 ASSERT_VOP_LOCKED(vp, "mac_check_kld_load"); 111 112 MAC_CHECK(check_kld_load, cred, vp, vp->v_label); 113 114 return (error); 115} 116 117int 118mac_check_kld_stat(struct ucred *cred) 119{ 120 int error; 121 122 MAC_CHECK(check_kld_stat, cred); 123 124 return (error); 125} 126 127int 128mac_check_system_acct(struct ucred *cred, struct vnode *vp) 129{ 130 int error; 131 132 if (vp != NULL) { 133 ASSERT_VOP_LOCKED(vp, "mac_check_system_acct"); 134 } 135 136 MAC_CHECK(check_system_acct, cred, vp, 137 vp != NULL ? vp->v_label : NULL); 138 139 return (error); 140} 141 142int 143mac_check_system_reboot(struct ucred *cred, int howto) 144{ 145 int error; 146 147 MAC_CHECK(check_system_reboot, cred, howto); 148 149 return (error); 150} 151 152int 153mac_check_system_swapon(struct ucred *cred, struct vnode *vp) 154{ 155 int error; 156 157 ASSERT_VOP_LOCKED(vp, "mac_check_system_swapon"); 158 159 MAC_CHECK(check_system_swapon, cred, vp, vp->v_label); 160 return (error); 161} 162 163int 164mac_check_system_swapoff(struct ucred *cred, struct vnode *vp) 165{ 166 int error; 167 168 ASSERT_VOP_LOCKED(vp, "mac_check_system_swapoff"); 169 170 MAC_CHECK(check_system_swapoff, cred, vp, vp->v_label); 171 return (error); 172} 173 174int 175mac_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp, 176 void *arg1, int arg2, struct sysctl_req *req) 177{ 178 int error; 179 180 /* 181 * XXXMAC: We would very much like to assert the SYSCTL_LOCK here, 182 * but since it's not exported from kern_sysctl.c, we can't. 183 */ 184 MAC_CHECK(check_system_sysctl, cred, oidp, arg1, arg2, req); 185 186 return (error); 187} 188