Date: Fri, 16 Aug 2002 06:37:30 -0700 (PDT) From: Chris Vance <cvance@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 16108 for review Message-ID: <200208161337.g7GDbU4G097682@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=16108 Change 16108 by cvance@cvance_laptop on 2002/08/16 06:36:36 Updates to SEBSD module: * Add sebsd_syscall.c to Makefile * Add sebsd_syscall MAC syscall handler * Move flask.h up a level and fix references * Implement avc_toggle() and avc_enforcing system calls * Rework entire execute/transition code, now checks creds at check_exec_vnode(), make correct decision in will_transition(), and only perform the transition in execve_transition(). Assumes entire exec process is "atomic" so permission checks may be performed first phase, and still remain valid when the actual re-label is done. * Add signal permission checks * Cleanup dead code and unused debug statements * Fix extended attribute handling (again) to do the right thing when an attribute isn't located (now uses SECINITSID_UNLABELED) * Add stubs for vnode operations (tagged "TBD: Not Implemented") * Reoganized sysctl handlers and removed/converted to syscall security.mac.sebsd.debug * That's it (I think) Affected files ... .. //depot/projects/trustedbsd/mac/sys/modules/sebsd/Makefile#2 edit .. //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/avc.c#4 edit .. //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/avc.h#6 edit .. //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/avc_ss.h#3 edit .. //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/flask.h#2 delete .. //depot/projects/trustedbsd/mac/sys/security/sebsd/flask.h#3 branch .. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#22 edit .. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.h#6 edit .. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd_syscall.c#1 add .. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd_sysctl.c#3 edit .. //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/global.h#4 edit .. //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/security.h#4 edit .. //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/sidtab.c#6 edit .. //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/symtab.c#4 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/modules/sebsd/Makefile#2 (text+ko) ==== @@ -6,6 +6,7 @@ SRCS= vnode_if.h \ opt_mac.h \ sebsd.c \ + sebsd_syscall.c \ sebsd_sysctl.c \ avc.c \ avtab.c \ ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/avc.c#4 (text+ko) ==== @@ -807,3 +807,59 @@ return avc_control(AVC_CALLBACK_AUDITDENY_DISABLE, ssid, tsid, tclass, perms, seqno, 0); } + +int +sys_avc_toggle(struct thread *td) +{ + extern int ss_initialized; + int error; + + /* + * TBD: enforce this: + */ + error = thread_has_system(curthread, SYSTEM__AVC_TOGGLE); + if (error) + return error; + + avc_debug_always_allow = !avc_debug_always_allow; + if (!avc_debug_always_allow) { + avc_ss_reset(avc_cache.latest_notif); + if (!ss_initialized) { + error = security_init(); + if (error) + panic("SELinux: Could not initialize\n"); + } + } + td->td_retval[0] = avc_debug_always_allow; + + return (0); +} + +int +sys_avc_enforcing(struct thread *td) +{ + td->td_retval[0] = !avc_debug_always_allow; + return 0; +} + + +#ifdef CONFIG_SECURITY_SELINUX_DEVELOP +/* + * TBD: should have build-time non development mode that does not permit + * toggling debug mode. + */ +int +sys_avc_toggle(struct thread *td) +{ + td->td_retval[0] = 0; + return (0); +} + +int +sys_avc_enforcing(struct thread *td) +{ + td->td_retval[0] = 1; + return (0); +} + +#endif /* CONFIG_SECURITY_SELINUX_DEVELOP */ ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/avc.h#6 (text+ko) ==== @@ -15,7 +15,7 @@ #ifdef __FreeBSD__ -#include <security/sebsd/avc/flask.h> +#include <security/sebsd/flask.h> #include <security/sebsd/sebsd.h> #include <security/sebsd/avc/av_permissions.h> #include <security/sebsd/ss/security.h> @@ -342,5 +342,8 @@ #define AVC_CALLBACK_AUDITDENY_ENABLE 64 #define AVC_CALLBACK_AUDITDENY_DISABLE 128 +extern int sys_avc_toggle(struct thread *td); +extern int sys_avc_enforcing(struct thread *td); + #endif /* _LINUX_AVC_H_ */ ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/avc_ss.h#3 (text+ko) ==== @@ -14,7 +14,7 @@ */ #ifdef __FreeBSD__ -#include <security/sebsd/avc/flask.h> +#include <security/sebsd/flask.h> #else /* __FreeBSD__ */ #include <linux/flask/flask.h> #endif /* __FreeBSD__ */ ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#22 (text+ko) ==== @@ -45,7 +45,6 @@ #include <sys/proc.h> #include <sys/systm.h> #include <sys/sysproto.h> -#include <sys/sysent.h> #include <sys/vnode.h> #include <vm/vm.h> @@ -80,6 +79,42 @@ printf("sebsd:: destroy\n"); } +static int +cred_has_perm(struct ucred *cred, struct proc *proc, access_vector_t perm) +{ + struct task_security_struct *task, *target; + + task = SLOT(&cred->cr_label); + target = SLOT(&proc->p_ucred->cr_label); + + return avc_has_perm_ref(task->sid, target->sid, SECCLASS_PROCESS, + perm, &target->avcr); +} + +static int +thread_has_perm(struct thread *td, struct proc *proc, access_vector_t perm) +{ + return (cred_has_perm(td->td_proc->p_ucred, proc, perm)); +} + +static int +cred_has_system(struct ucred *cred, access_vector_t perm) +{ + struct task_security_struct *task; + + task = SLOT(&cred->cr_label); + + return avc_has_perm(task->sid, SECINITSID_KERNEL, + SECCLASS_SYSTEM, perm); +} + +int +thread_has_system(struct thread *td, access_vector_t perm) +{ + return (cred_has_system(td->td_proc->p_ucred, perm)); +} + + static void sebsd_init_cred(struct ucred *ucred, struct label *label) { @@ -154,70 +189,52 @@ } static int -sebsd_compute_transition(struct ucred *cred, struct vnode *vp, - struct label *label, security_id_t *newsid) +sebsd_check_proc_signal(struct ucred *cred, struct proc *proc, int signum) { - struct task_security_struct *task; - struct vnode_security_struct *file; - int rc; + access_vector_t perm; - task = SLOT(&cred->cr_label); - file = SLOT(label); - rc = security_transition_sid(task->sid, file->sid, SECCLASS_PROCESS, - newsid); - if (rc) - return EACCES; - - if (sebsd_verbose > 0) { - u_int32_t scontext_len; - security_context_t scontext; - (void)security_sid_to_context(task->sid, &scontext, &scontext_len); - printf("exec_vnode:: tsid (%d) = %s", task->sid, scontext); - security_free_context(scontext); - (void)security_sid_to_context(file->sid, &scontext, &scontext_len); - printf(" fsid (%d) = %s", file->sid, scontext); - security_free_context(scontext); - (void)security_sid_to_context(*newsid, &scontext, &scontext_len); - printf(" newsid (%d) = %s\n", *newsid, scontext); - security_free_context(scontext); + switch (signum) { + case SIGCHLD: + perm = PROCESS__SIGCHLD; + break; + case SIGKILL: + perm = PROCESS__SIGKILL; + break; + case SIGSTOP: + perm = PROCESS__SIGSTOP; + break; + default: + perm = PROCESS__SIGNAL; + break; } - return (*newsid != task->sid); -#ifdef notdef - /* TBD, auditing not really working yet */ - if (newsid == task->sid) { - rc = avc_has_perm(task->sid, file->sid, - SECCLASS_FILE, FILE__EXECUTE_NO_TRANS); - if (rc) - return EACCES; - } else { - /* Check permissions for the transition. */ - rc = avc_has_perm(task->sid, newsid, SECCLASS_PROCESS, - PROCESS__TRANSITION); - if (rc) - return EACCES; + return cred_has_perm(cred, proc, perm); +} - rc = avc_has_perm(newsid, file->sid, - SECCLASS_FILE, FILE__ENTRYPOINT); -/* &file->avcr, &ad); */ - if (rc) - return EACCES; +static void +sebsd_execve_transition(struct ucred *old, struct ucred *new, + struct vnode *vp, struct mac *vnodelabel) +{ + struct task_security_struct *otask, *ntask; + struct vnode_security_struct *file; + int rc; - /* - * TBD: Check ptrace permission between the parent and - * the new SID for this process if this process is - * being traced. - */ + otask = SLOT(&old->cr_label); + ntask = SLOT(&new->cr_label); + file = SLOT(&vp->v_label); - /* - * TBD: Check share permission between the old and new - * SIDs of the process if the process will share - * state. - */ - } + /* + * Should have already checked all the permissions + * Should have no races with file/process labels + * So just make the transition. + */ + ntask->osid = otask->sid; + rc = security_transition_sid(otask->sid, file->sid, SECCLASS_PROCESS, + &ntask->sid); + if (rc) + return; /* TBD: what happens if the previous call failed? */ - task->osid = task->sid; - if (task->sid != newsid) { + if (otask->sid != ntask->sid) { /* * TBD: Need to flush any open files that are now * unauthorized. Likewise, SELinux forced a wait @@ -225,37 +242,31 @@ */ } - task->sid = newsid; -#endif /* notdef */ - return (0); + return; } -static void -sebsd_execve_transition(struct ucred *old, struct ucred *new, - struct vnode *vp, struct mac *vnodelabel) +static int +sebsd_execve_will_transition(struct ucred *old, struct vnode *vp, + struct mac *vnodelabel) { struct task_security_struct *task; + struct vnode_security_struct *file; security_id_t newsid; + int rc; - sebsd_compute_transition(old, vp, &vp->v_label, &newsid); - task = SLOT(&new->cr_label); - task->osid = task->sid; - task->sid = newsid; -} + task = SLOT(&old->cr_label); + file = SLOT(&vp->v_label); -static int -sebsd_execve_will_transition(struct ucred *old, struct vnode *vp, - struct mac *vnodelabel) -{ - security_id_t newsid; - return sebsd_compute_transition(old, vp, &vp->v_label, &newsid); -} + /* + * Should have already checked all the permissions, so just see if + * the SIDS are going to match. + */ + rc = security_transition_sid(task->sid, file->sid, SECCLASS_PROCESS, + &newsid); + if (rc) + return EACCES; -static int -sebsd_check_exec_vnode(struct ucred *cred, struct vnode *vp, - struct label *label) -{ - return 0; + return (newsid != task->sid); } static void @@ -283,8 +294,8 @@ static void sebsd_create_vnode(struct ucred *cred, struct vnode *parent, - struct label *parentlabel, struct vnode *child, - struct label *childlabel) + struct label *parentlabel, struct vnode *child, + struct label *childlabel) { struct vnode_security_struct *dir, *vsec; struct task_security_struct *task; @@ -326,6 +337,32 @@ } +static int +sebsd_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp, + struct label *dlabel, struct vnode *vp, + struct label *label) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp, + struct label *dlabel, struct vnode *vp, + struct label *label, int samedir) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_relabel(struct ucred *cred, struct vnode *vp, + struct label *oldlabel, struct label *newlabel) +{ + /* TBD: Not Implemented */ + return 0; +} + static void sebsd_relabel_vnode(struct ucred *cred, struct vnode *vp, struct label *vnodelabel, struct label *label) @@ -339,7 +376,6 @@ dest = SLOT(vnodelabel); if (!source) { -/* Debugger("sebsd_relabel_vnode:: source is NULL!\n"); */ printf("sebsd_relabel_vnode:: source is NULL!\n"); return; } @@ -375,18 +411,15 @@ } static int -sebsd_check_create_vnode(struct ucred *cred, struct vnode *dvp, +sebsd_check_vnode_create(struct ucred *cred, struct vnode *dvp, struct label *dlabel, struct vattr *vap) { + /* TBD: Not Implemented */ struct vnode_security_struct *file, *dir; file = SLOT(&cred->cr_label); dir = SLOT(dlabel); -/* - printf("check_create_vnode:: file=%d, dir=%d\n", file->sid, - dir->sid); -*/ return 0; } @@ -400,51 +433,208 @@ u_int32_t context_len; int error; - /* - * XXX: this check is probably redundant, since we'll only get - * called here for multilabel file systems. - */ - if ((mp->mnt_flag & MNT_MULTILABEL) == 0) { - return (EOPNOTSUPP); - } + vsec = SLOT(vnodelabel); context_len = 128; /* TBD: bad fixed length */ error = vn_extattr_get(vp, IO_NODELOCKED, SEBSD_MAC_EXTATTR_NAMESPACE, SEBSD_MAC_EXTATTR_NAME, &context_len, context, curthread); - if (error) - return (error); + if (error == ENOATTR) { + vsec->sid = SECINITSID_UNLABELED; /* Use the default label */ + struct vattr va; + + VOP_GETATTR(vp, &va, curthread->td_ucred, curthread); + printf("sebsd_update_vnode_from_extattr: no label for inode=%d, fsid=%d\n", va.va_fileid, va.va_fsid); + + return (0); + } + if (error) { + return (error); /* Fail closed */ + } if (sebsd_verbose > 1) { - char *fullpath = "unknown"; - char *freepath = NULL; struct vattr va; - /* - * XXX Releasing the vnode lock here is a very bad idea. - */ VOP_GETATTR(vp, &va, curthread->td_ucred, curthread); - VOP_UNLOCK(vp, 0, curthread); - vn_fullpath(curthread, vp->v_dd, vp, &fullpath, &freepath); - printf("sebsd_vnode_from_extattr: len=%d: context=%s file=%s inode=%d, fsid=%d\n", context_len, context, fullpath, va.va_fileid, va.va_fsid); - if (freepath) - free(freepath, M_TEMP); - vn_lock(vp, LK_EXCLUSIVE, curthread); + printf("sebsd_vnode_from_extattr: len=%d: context=%s inode=%d, fsid=%d\n", context_len, context, va.va_fileid, va.va_fsid); } - vsec = SLOT(vnodelabel); error = security_context_to_sid(context, context_len, &vsec->sid); if (error) { printf("sebsd_update_vnode_from_extattr: ERROR mapping context to sid: %s\n", context); + return (0); /* TBD bad, bad, bad */ } -/* printf("sebsd_update_vnode_from_extattr got sid %d, label size=%d: %s\n", vsec->sid, context_len, context); */ + return (0); +} + +static int +sebsd_check_vnode_exec(struct ucred *cred, struct vnode *vp, + struct label *label) +{ + struct task_security_struct *task; + struct vnode_security_struct *file; + security_id_t newsid; + int rc; + + task = SLOT(&cred->cr_label); + file = SLOT(label); + rc = security_transition_sid(task->sid, file->sid, SECCLASS_PROCESS, + &newsid); + if (rc) + return EACCES; + + if (newsid == task->sid) { + rc = avc_has_perm(task->sid, file->sid, + SECCLASS_FILE, FILE__EXECUTE_NO_TRANS); + if (rc) + return EACCES; + } else { + /* Check permissions for the transition. */ + rc = avc_has_perm(task->sid, newsid, SECCLASS_PROCESS, + PROCESS__TRANSITION); + if (rc) + return EACCES; + + rc = avc_has_perm(newsid, file->sid, + SECCLASS_FILE, FILE__ENTRYPOINT); + if (rc) + return EACCES; + + /* + * TBD: Check ptrace permission between the parent and + * the new SID for this process if this process is + * being traced. + */ + + /* + * TBD: Check share permission between the old and new + * SIDs of the process if the process will share + * state. + */ + } return (0); } static int +sebsd_check_vnode_getacl(struct ucred *cred, struct vnode *vp, + struct label *label, acl_type_t type) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, + struct label *label, int attrnamespace, + const char *name, struct uio *uio) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_revoke(struct ucred *cred, struct vnode *vp, + struct label *label) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_setacl(struct ucred *cred, struct vnode *vp, + struct label *label, acl_type_t type, struct acl *acl) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_setextattr(struct ucred *cred, struct vnode *vp, + struct label *label, int attrnamespace, + const char *name, struct uio *uio) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_setflags(struct ucred *cred, struct vnode *vp, + struct label *label, u_long flags) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_setmode(struct ucred *cred, struct vnode *vp, + struct label *label, mode_t mode) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_setowner(struct ucred *cred, struct vnode *vp, + struct label *label, uid_t uid, gid_t gid) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_setutimes(struct ucred *cred, struct vnode *vp, + struct label *label, struct timespec atime, + struct timespec mtime) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_stat(struct ucred *cred, struct vnode *vp, + struct label *label) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_chdir(struct ucred *cred, struct vnode *dvp, + struct label *dlabel) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_delete(struct ucred *cred, struct vnode *dvp, + struct label *dlabel, struct vnode *vp, + struct label *label) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, + struct label *label, acl_type_t type) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int +sebsd_check_vnode_open(struct ucred *cred, struct vnode *vp, + struct label *filelabel, mode_t acc_mode) +{ + /* TBD: Not Implemented */ + return 0; +} + +static int sebsd_externalize(struct label *label, struct mac *extmac) { /* TBD: this assumes vnodes only and only stores '5' */ @@ -493,7 +683,7 @@ */ static void sebsd_create_root_mount(struct ucred *cred, struct mount *mp, - struct mount *mntlabel, struct mount *fslabel) + struct mount *mntlabel, struct mount *fslabel) { avc_init(); if (security_init()) { @@ -507,12 +697,15 @@ { MAC_DESTROY, (macop_t)sebsd_destroy }, + { MAC_SYSCALL, + (macop_t)sebsd_syscall }, + /* Process operations */ { MAC_INIT_CRED, (macop_t)sebsd_init_cred }, { MAC_CREATE_CRED, (macop_t)sebsd_create_cred }, - { MAC_CHECK_CRED_RELABEL, + { MAC_CHECK_CRED_RELABEL, (macop_t)sebsd_check_cred_relabel }, { MAC_RELABEL_CRED, (macop_t)sebsd_relabel_cred }, @@ -523,6 +716,9 @@ (macop_t)sebsd_create_proc0 }, { MAC_CREATE_PROC1, (macop_t)sebsd_create_proc1 }, + { MAC_CHECK_PROC_SIGNAL, + (macop_t)sebsd_check_proc_signal }, + /* file operations */ { MAC_INIT_VNODE, @@ -536,10 +732,44 @@ { MAC_RELABEL_VNODE, (macop_t)sebsd_relabel_vnode }, { MAC_CHECK_VNODE_EXEC, - (macop_t)sebsd_check_exec_vnode }, + (macop_t)sebsd_check_vnode_exec }, { MAC_CHECK_VNODE_CREATE, - (macop_t)sebsd_check_create_vnode }, + (macop_t)sebsd_check_vnode_create }, + { MAC_CHECK_VNODE_STAT, + (macop_t)sebsd_check_vnode_stat }, + { MAC_CHECK_VNODE_CHDIR, + (macop_t)sebsd_check_vnode_chdir }, + { MAC_CHECK_VNODE_DELETE, + (macop_t)sebsd_check_vnode_delete }, + { MAC_CHECK_VNODE_DELETEACL, + (macop_t)sebsd_check_vnode_deleteacl }, + { MAC_CHECK_VNODE_GETACL, + (macop_t)sebsd_check_vnode_getacl }, + { MAC_CHECK_VNODE_GETEXTATTR, + (macop_t)sebsd_check_vnode_getextattr }, + { MAC_CHECK_VNODE_OPEN, + (macop_t)sebsd_check_vnode_open }, + { MAC_CHECK_VNODE_RENAME_FROM, + (macop_t)sebsd_check_vnode_rename_from }, + { MAC_CHECK_VNODE_RENAME_TO, + (macop_t)sebsd_check_vnode_rename_to }, + { MAC_CHECK_VNODE_REVOKE, + (macop_t)sebsd_check_vnode_revoke }, + { MAC_CHECK_VNODE_SETACL, + (macop_t)sebsd_check_vnode_setacl }, + { MAC_CHECK_VNODE_SETEXTATTR, + (macop_t)sebsd_check_vnode_setextattr }, + { MAC_CHECK_VNODE_SETFLAGS, + (macop_t)sebsd_check_vnode_setflags }, + { MAC_CHECK_VNODE_SETMODE, + (macop_t)sebsd_check_vnode_setmode }, + { MAC_CHECK_VNODE_SETOWNER, + (macop_t)sebsd_check_vnode_setowner }, + { MAC_CHECK_VNODE_SETUTIMES, + (macop_t)sebsd_check_vnode_setutimes }, + { MAC_CHECK_VNODE_RELABEL, + (macop_t)sebsd_check_vnode_relabel }, { MAC_EXECVE_TRANSITION, (macop_t)sebsd_execve_transition }, ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.h#6 (text+ko) ==== @@ -37,17 +37,21 @@ #ifndef _SYS_SECURITY_SEBSD_H #define _SYS_SECURITY_SEBSD_H +#include <security/sebsd/flask_types.h> + +#define SELINUX_MAGIC 0xf97cff8c +#define SEBSD_MAC_EXTATTR_NAME "sebsd" +#define SEBSD_MAC_EXTATTR_NAMESPACE EXTATTR_NAMESPACE_SYSTEM + #ifdef _KERNEL MALLOC_DECLARE(M_SEBSD); -#endif /* _KERNEL */ extern int avc_debug_always_allow; -extern int security_init(void); extern int sebsd_verbose; -#define SELINUX_MAGIC 0xf97cff8c - -#define SEBSD_MAC_EXTATTR_NAME "sebsd" -#define SEBSD_MAC_EXTATTR_NAMESPACE EXTATTR_NAMESPACE_SYSTEM +extern int security_init(void); +extern int sebsd_syscall(struct thread *td, int call, void *args); +extern int thread_has_system(struct thread *td, access_vector_t perm); +#endif /* _KERNEL */ #endif /* _SYS_SECURITY_SEBSD_H */ ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd_sysctl.c#3 (text+ko) ==== @@ -46,37 +46,9 @@ #include <security/sebsd/ss/security.h> #include <security/sebsd/ss/sidtab.h> -static int sysctl_list_sids(SYSCTL_HANDLER_ARGS); - -SYSCTL_DECL(_security_mac); -SYSCTL_NODE(_security_mac, OID_AUTO, sebsd, CTLFLAG_RW, 0, - "Security Enhanced BSD policy controls"); - -/* -int sebsd_enabled = 1; -SYSCTL_INT(_security_mac_sebsd, OID_AUTO, enabled, CTLFLAG_RW, - &sebsd_enabled, 0, "Enable Security Enhanced BSD"); -TUNABLE_INT("security.mac.sebsd.enabled", &sebsd_enabled); -*/ - -SYSCTL_INT(_security_mac_sebsd, OID_AUTO, debug, CTLFLAG_RW, - &avc_debug_always_allow, 0, "Debug Security Enhanced BSD policy"); -TUNABLE_INT("security.mac.sebsd.debug", &avc_debug_always_allow); - -SYSCTL_INT(_security_mac_sebsd, OID_AUTO, verbose, CTLFLAG_RW, - &sebsd_verbose, 0, " SEBSD Verbose Debug Stuff"); -TUNABLE_INT("security.mac.sebsd.verbose", &sebsd_verbose); - -SYSCTL_OID(_security_mac_sebsd, OID_AUTO, sids, CTLTYPE_STRING|CTLFLAG_RD, - NULL, 0, sysctl_list_sids, "A", "SEBSD SIDs"); - - /* * Sysctl handler for security.mac.sebsd.sids - * - * Lists the SIDs active in the security server - * - * based on sysctl for vm.zone + * Lists the SIDs currently active in the security server */ static int sysctl_list_sids(SYSCTL_HANDLER_ARGS) @@ -115,3 +87,23 @@ FREE(buffer, M_TEMP); return (error); } + +SYSCTL_DECL(_security_mac); +SYSCTL_NODE(_security_mac, OID_AUTO, sebsd, CTLFLAG_RW, 0, + "Security Enhanced BSD policy controls"); + +#ifdef now_a_syscall +SYSCTL_PROC(_security_mac_sebsd, OID_AUTO, debug, CTLTYPE_INT|CTLFLAG_RW, + 0, 0, sysctl_sebsd_debug, "I", + "Debug Security Enhanced BSD policy"); +TUNABLE_INT("security.mac.sebsd.debug", &avc_debug_always_allow); +#endif + +SYSCTL_INT(_security_mac_sebsd, OID_AUTO, verbose, CTLFLAG_RW, + &sebsd_verbose, 0, " SEBSD Verbose Debug Stuff"); +TUNABLE_INT("security.mac.sebsd.verbose", &sebsd_verbose); + +SYSCTL_OID(_security_mac_sebsd, OID_AUTO, sids, CTLTYPE_STRING|CTLFLAG_RD, + NULL, 0, sysctl_list_sids, "A", "SEBSD SIDs"); + + ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/global.h#4 (text+ko) ==== ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/security.h#4 (text+ko) ==== @@ -17,7 +17,7 @@ */ #ifdef __FreeBSD__ -#include <security/sebsd/avc/flask.h> +#include <security/sebsd/flask.h> #else /* __FreeBSD__ */ #include <linux/flask/flask.h> #endif /* __FreeBSD__ */ ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/sidtab.c#6 (text+ko) ==== @@ -18,7 +18,7 @@ #include <security/sebsd/linux-compat.h> #include <security/sebsd/ss/sidtab.h> -#include <security/sebsd/avc/flask.h> +#include <security/sebsd/flask.h> #include <security/sebsd/ss/global.h> #include <security/sebsd/ss/services.h> ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/symtab.c#4 (text+ko) ==== @@ -14,7 +14,7 @@ #endif /* FreeBSD _KERNEL */ #include <security/sebsd/linux-compat.h> -#include <security/sebsd/avc/flask.h> +#include <security/sebsd/flask.h> #include <security/sebsd/ss/global.h> #include <security/sebsd/ss/symtab.h> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208161337.g7GDbU4G097682>