1175164Sjhb/*-
2175164Sjhb * Copyright (c) 2003-2006 SPARTA, Inc.
3225344Srwatson * Copyright (c) 2009-2011 Robert N. M. Watson
4175164Sjhb * All rights reserved.
5175164Sjhb *
6175164Sjhb * This software was developed for the FreeBSD Project in part by Network
7175164Sjhb * Associates Laboratories, the Security Research Division of Network
8175164Sjhb * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
9175164Sjhb * as part of the DARPA CHATS research program.
10175164Sjhb *
11175164Sjhb * This software was enhanced by SPARTA ISSO under SPAWAR contract
12189503Srwatson * N66001-04-C-6019 ("SEFOS"). *
13175164Sjhb *
14189503Srwatson * This software was developed at the University of Cambridge Computer
15189503Srwatson * Laboratory with support from a grant from Google, Inc.
16189503Srwatson *
17175164Sjhb * Redistribution and use in source and binary forms, with or without
18175164Sjhb * modification, are permitted provided that the following conditions
19175164Sjhb * are met:
20175164Sjhb * 1. Redistributions of source code must retain the above copyright
21175164Sjhb *    notice, this list of conditions and the following disclaimer.
22175164Sjhb * 2. Redistributions in binary form must reproduce the above copyright
23175164Sjhb *    notice, this list of conditions and the following disclaimer in the
24175164Sjhb *    documentation and/or other materials provided with the distribution.
25175164Sjhb *
26175164Sjhb * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
27175164Sjhb * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28175164Sjhb * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29175164Sjhb * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
30175164Sjhb * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31175164Sjhb * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32175164Sjhb * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33175164Sjhb * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34175164Sjhb * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35175164Sjhb * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36175164Sjhb * SUCH DAMAGE.
37175164Sjhb */
38175164Sjhb
39175164Sjhb#include <sys/cdefs.h>
40175164Sjhb__FBSDID("$FreeBSD$");
41175164Sjhb
42189503Srwatson#include "opt_kdtrace.h"
43175164Sjhb#include "opt_mac.h"
44175164Sjhb
45175164Sjhb#include <sys/param.h>
46175164Sjhb#include <sys/kernel.h>
47175164Sjhb#include <sys/mman.h>
48175164Sjhb#include <sys/malloc.h>
49175164Sjhb#include <sys/module.h>
50189503Srwatson#include <sys/sdt.h>
51175164Sjhb#include <sys/systm.h>
52175164Sjhb#include <sys/sysctl.h>
53175164Sjhb
54175164Sjhb#include <security/mac/mac_framework.h>
55175164Sjhb#include <security/mac/mac_internal.h>
56175164Sjhb#include <security/mac/mac_policy.h>
57175164Sjhb
58175164Sjhbstatic struct label *
59175164Sjhbmac_posixshm_label_alloc(void)
60175164Sjhb{
61175164Sjhb	struct label *label;
62175164Sjhb
63175164Sjhb	label = mac_labelzone_alloc(M_WAITOK);
64191731Srwatson	MAC_POLICY_PERFORM(posixshm_init_label, label);
65175164Sjhb	return (label);
66175164Sjhb}
67175164Sjhb
68175164Sjhbvoid
69175164Sjhbmac_posixshm_init(struct shmfd *shmfd)
70175164Sjhb{
71175164Sjhb
72182063Srwatson	if (mac_labeled & MPC_OBJECT_POSIXSHM)
73182063Srwatson		shmfd->shm_label = mac_posixshm_label_alloc();
74182063Srwatson	else
75182063Srwatson		shmfd->shm_label = NULL;
76175164Sjhb}
77175164Sjhb
78175164Sjhbstatic void
79175164Sjhbmac_posixshm_label_free(struct label *label)
80175164Sjhb{
81175164Sjhb
82191731Srwatson	MAC_POLICY_PERFORM_NOSLEEP(posixshm_destroy_label, label);
83175164Sjhb	mac_labelzone_free(label);
84175164Sjhb}
85175164Sjhb
86175164Sjhbvoid
87175164Sjhbmac_posixshm_destroy(struct shmfd *shmfd)
88175164Sjhb{
89175164Sjhb
90182063Srwatson	if (shmfd->shm_label != NULL) {
91182063Srwatson		mac_posixshm_label_free(shmfd->shm_label);
92182063Srwatson		shmfd->shm_label = NULL;
93182063Srwatson	}
94175164Sjhb}
95175164Sjhb
96175164Sjhbvoid
97175164Sjhbmac_posixshm_create(struct ucred *cred, struct shmfd *shmfd)
98175164Sjhb{
99175164Sjhb
100191731Srwatson	MAC_POLICY_PERFORM_NOSLEEP(posixshm_create, cred, shmfd,
101191731Srwatson	    shmfd->shm_label);
102175164Sjhb}
103175164Sjhb
104225344SrwatsonMAC_CHECK_PROBE_DEFINE2(posixshm_check_create, "struct ucred *",
105225344Srwatson    "const char *");
106225344Srwatson
107225344Srwatsonint
108225344Srwatsonmac_posixshm_check_create(struct ucred *cred, const char *path)
109225344Srwatson{
110225344Srwatson	int error;
111225344Srwatson
112225344Srwatson	MAC_POLICY_CHECK_NOSLEEP(posixshm_check_create, cred, path);
113225344Srwatson	MAC_CHECK_PROBE2(posixshm_check_create, error, cred, path);
114225344Srwatson
115225344Srwatson	return (error);
116225344Srwatson}
117225344Srwatson
118189503SrwatsonMAC_CHECK_PROBE_DEFINE4(posixshm_check_mmap, "struct ucred *",
119189503Srwatson    "struct shmfd *", "int", "int");
120189503Srwatson
121175164Sjhbint
122175164Sjhbmac_posixshm_check_mmap(struct ucred *cred, struct shmfd *shmfd, int prot,
123175164Sjhb    int flags)
124175164Sjhb{
125175164Sjhb	int error;
126175164Sjhb
127191731Srwatson	MAC_POLICY_CHECK_NOSLEEP(posixshm_check_mmap, cred, shmfd,
128191731Srwatson	    shmfd->shm_label, prot, flags);
129189503Srwatson	MAC_CHECK_PROBE4(posixshm_check_mmap, error, cred, shmfd, prot,
130189503Srwatson	    flags);
131175164Sjhb
132175164Sjhb	return (error);
133175164Sjhb}
134175164Sjhb
135225344SrwatsonMAC_CHECK_PROBE_DEFINE3(posixshm_check_open, "struct ucred *",
136262056Savg    "struct shmfd *", "accmode_t");
137189503Srwatson
138175164Sjhbint
139225344Srwatsonmac_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd,
140225344Srwatson    accmode_t accmode)
141175164Sjhb{
142175164Sjhb	int error;
143175164Sjhb
144191731Srwatson	MAC_POLICY_CHECK_NOSLEEP(posixshm_check_open, cred, shmfd,
145225344Srwatson	    shmfd->shm_label, accmode);
146225344Srwatson	MAC_CHECK_PROBE3(posixshm_check_open, error, cred, shmfd, accmode);
147175164Sjhb
148175164Sjhb	return (error);
149175164Sjhb}
150175164Sjhb
151189503SrwatsonMAC_CHECK_PROBE_DEFINE3(posixshm_check_stat, "struct ucred *",
152189503Srwatson    "struct ucred *", "struct shmfd *");
153189503Srwatson
154175164Sjhbint
155175164Sjhbmac_posixshm_check_stat(struct ucred *active_cred, struct ucred *file_cred,
156175164Sjhb    struct shmfd *shmfd)
157175164Sjhb{
158175164Sjhb	int error;
159175164Sjhb
160191731Srwatson	MAC_POLICY_CHECK_NOSLEEP(posixshm_check_stat, active_cred, file_cred,
161191731Srwatson	    shmfd, shmfd->shm_label);
162189503Srwatson	MAC_CHECK_PROBE3(posixshm_check_stat, error, active_cred, file_cred,
163189503Srwatson	    shmfd);
164175164Sjhb
165175164Sjhb	return (error);
166175164Sjhb}
167175164Sjhb
168189503SrwatsonMAC_CHECK_PROBE_DEFINE3(posixshm_check_truncate, "struct ucred *",
169189503Srwatson    "struct ucred *", "struct shmfd *");
170189503Srwatson
171175164Sjhbint
172175164Sjhbmac_posixshm_check_truncate(struct ucred *active_cred, struct ucred *file_cred,
173175164Sjhb    struct shmfd *shmfd)
174175164Sjhb{
175175164Sjhb	int error;
176175164Sjhb
177191731Srwatson	MAC_POLICY_CHECK_NOSLEEP(posixshm_check_truncate, active_cred,
178191731Srwatson	    file_cred, shmfd, shmfd->shm_label);
179189503Srwatson	MAC_CHECK_PROBE3(posixshm_check_truncate, error, active_cred,
180189503Srwatson	    file_cred, shmfd);
181175164Sjhb
182175164Sjhb	return (error);
183175164Sjhb}
184175164Sjhb
185189503SrwatsonMAC_CHECK_PROBE_DEFINE2(posixshm_check_unlink, "struct ucred *",
186189503Srwatson    "struct shmfd *");
187189503Srwatson
188175164Sjhbint
189175164Sjhbmac_posixshm_check_unlink(struct ucred *cred, struct shmfd *shmfd)
190175164Sjhb{
191175164Sjhb	int error;
192175164Sjhb
193191731Srwatson	MAC_POLICY_CHECK_NOSLEEP(posixshm_check_unlink, cred, shmfd,
194189797Srwatson	    shmfd->shm_label);
195189503Srwatson	MAC_CHECK_PROBE2(posixshm_check_unlink, error, cred, shmfd);
196175164Sjhb
197175164Sjhb	return (error);
198175164Sjhb}
199224914Skib
200224914SkibMAC_CHECK_PROBE_DEFINE3(posixshm_check_setmode, "struct ucred *",
201224914Skib    "struct shmfd *", "mode_t");
202224914Skib
203224914Skibint
204224914Skibmac_posixshm_check_setmode(struct ucred *cred, struct shmfd *shmfd, mode_t mode)
205224914Skib{
206224914Skib	int error;
207224914Skib
208224914Skib	MAC_POLICY_CHECK_NOSLEEP(posixshm_check_setmode, cred, shmfd,
209224914Skib	    shmfd->shm_label, mode);
210224914Skib	MAC_CHECK_PROBE3(posixshm_check_setmode, error, cred, shmfd, mode);
211224914Skib
212224914Skib	return (error);
213224914Skib}
214224914Skib
215224914SkibMAC_CHECK_PROBE_DEFINE4(posixshm_check_setowner, "struct ucred *",
216224914Skib    "struct shmfd *", "uid_t", "gid_t");
217224914Skib
218224914Skibint
219224914Skibmac_posixshm_check_setowner(struct ucred *cred, struct shmfd *shmfd, uid_t uid,
220224914Skib    gid_t gid)
221224914Skib{
222224914Skib	int error;
223224914Skib
224224914Skib	MAC_POLICY_CHECK_NOSLEEP(posixshm_check_setowner, cred, shmfd,
225224914Skib	    shmfd->shm_label, uid, gid);
226224914Skib	MAC_CHECK_PROBE4(posixshm_check_setowner, error, cred, shmfd,
227224914Skib	    uid, gid);
228224914Skib
229224914Skib	return (error);
230224914Skib}
231