Date: Sat, 17 Aug 2002 18:07:21 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 16176 for review Message-ID: <200208180107.g7I17Lv9058846@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=16176 Change 16176 by rwatson@rwatson_tislabs on 2002/08/17 18:06:27 Break out mac_check_pipe_op() into mac_check_pipe_xxx() and remove the pipe operation enumeration. It seemed like a good idea, but this approach is more consistent with other object types, such as vnode. Implement these entry points for each policy. Affected files ... .. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#249 edit .. //depot/projects/trustedbsd/mac/sys/kern/sys_pipe.c#28 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#100 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#82 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#69 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#73 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#38 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac.h#154 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#118 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#249 (text+ko) ==== @@ -675,14 +675,26 @@ mpc->mpc_ops->mpo_check_pipe_ioctl = mpe->mpe_function; break; - case MAC_CHECK_PIPE_OP: - mpc->mpc_ops->mpo_check_pipe_op = + case MAC_CHECK_PIPE_POLL: + mpc->mpc_ops->mpo_check_pipe_poll = + mpe->mpe_function; + break; + case MAC_CHECK_PIPE_READ: + mpc->mpc_ops->mpo_check_pipe_read = mpe->mpe_function; break; case MAC_CHECK_PIPE_RELABEL: mpc->mpc_ops->mpo_check_pipe_relabel = mpe->mpe_function; break; + case MAC_CHECK_PIPE_STAT: + mpc->mpc_ops->mpo_check_pipe_stat = + mpe->mpe_function; + break; + case MAC_CHECK_PIPE_WRITE: + mpc->mpc_ops->mpo_check_pipe_write = + mpe->mpe_function; + break; case MAC_CHECK_PROC_DEBUG: mpc->mpc_ops->mpo_check_proc_debug = mpe->mpe_function; @@ -2548,11 +2560,21 @@ } int -mac_check_pipe_op(struct ucred *cred, struct pipe *pipe, int op) +mac_check_pipe_poll(struct ucred *cred, struct pipe *pipe) +{ + int error; + + MAC_CHECK(check_pipe_poll, cred, pipe, pipe->pipe_label); + + return (error); +} + +int +mac_check_pipe_read(struct ucred *cred, struct pipe *pipe) { int error; - MAC_CHECK(check_pipe_op, cred, pipe, pipe->pipe_label, op); + MAC_CHECK(check_pipe_read, cred, pipe, pipe->pipe_label); return (error); } @@ -2569,6 +2591,27 @@ } int +mac_check_pipe_stat(struct ucred *cred, struct pipe *pipe) +{ + int error; + + MAC_CHECK(check_pipe_stat, cred, pipe, pipe->pipe_label); + + return (error); +} + +int +mac_check_pipe_write(struct ucred *cred, struct pipe *pipe) +{ + int error; + + MAC_CHECK(check_pipe_write, cred, pipe, pipe->pipe_label); + + return (error); +} + + +int mac_check_proc_debug(struct ucred *cred, struct proc *proc) { int error; ==== //depot/projects/trustedbsd/mac/sys/kern/sys_pipe.c#28 (text+ko) ==== @@ -469,7 +469,7 @@ goto unlocked_error; #ifdef MAC - error = mac_check_pipe_op(active_cred, rpipe, MAC_OP_PIPE_READ); + error = mac_check_pipe_read(active_cred, rpipe); if (error) goto locked_error; #endif @@ -885,7 +885,7 @@ return (EPIPE); } #ifdef MAC - error = mac_check_pipe_op(active_cred, wpipe, MAC_OP_PIPE_WRITE); + error = mac_check_pipe_write(active_cred, wpipe); if (error) { PIPE_UNLOCK(rpipe); return (error); @@ -1233,7 +1233,7 @@ wpipe = rpipe->pipe_peer; PIPE_LOCK(rpipe); #ifdef MAC - error = mac_check_pipe_op(active_cred, rpipe, MAC_OP_PIPE_POLL); + error = mac_check_pipe_poll(active_cred, rpipe); if (error) goto locked_error; #endif @@ -1289,7 +1289,7 @@ int error; /* XXXMAC: Pipe should be locked for this check. */ - error = mac_check_pipe_op(active_cred, pipe, MAC_OP_PIPE_STAT); + error = mac_check_pipe_stat(active_cred, pipe); if (error) return (error); #endif ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#100 (text+ko) ==== @@ -1397,8 +1397,26 @@ } static int -mac_biba_check_pipe_op(struct ucred *cred, struct pipe *pipe, - struct label *pipelabel, int op) +mac_biba_check_pipe_poll(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + struct mac_biba *subj, *obj; + + if (!mac_biba_enabled) + return (0); + + subj = SLOT(&cred->cr_label); + obj = SLOT((pipelabel)); + + if (!mac_biba_dominate_single(obj, subj)) + return (EACCES); + + return (0); +} + +static int +mac_biba_check_pipe_read(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) { struct mac_biba *subj, *obj; @@ -1408,20 +1426,8 @@ subj = SLOT(&cred->cr_label); obj = SLOT((pipelabel)); - switch(op) { - case MAC_OP_PIPE_READ: - case MAC_OP_PIPE_STAT: - case MAC_OP_PIPE_POLL: - if (!mac_biba_dominate_single(obj, subj)) - return (EACCES); - break; - case MAC_OP_PIPE_WRITE: - if (!mac_biba_dominate_single(subj, obj)) - return (EACCES); - break; - default: - panic("mac_biba_check_pipe_op: invalid pipe operation"); - } + if (!mac_biba_dominate_single(obj, subj)) + return (EACCES); return (0); } @@ -1478,6 +1484,42 @@ } static int +mac_biba_check_pipe_stat(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + struct mac_biba *subj, *obj; + + if (!mac_biba_enabled) + return (0); + + subj = SLOT(&cred->cr_label); + obj = SLOT((pipelabel)); + + if (!mac_biba_dominate_single(obj, subj)) + return (EACCES); + + return (0); +} + +static int +mac_biba_check_pipe_write(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + struct mac_biba *subj, *obj; + + if (!mac_biba_enabled) + return (0); + + subj = SLOT(&cred->cr_label); + obj = SLOT((pipelabel)); + + if (!mac_biba_dominate_single(subj, obj)) + return (EACCES); + + return (0); +} + +static int mac_biba_check_proc_debug(struct ucred *cred, struct proc *proc) { struct mac_biba *subj, *obj; @@ -2342,10 +2384,16 @@ (macop_t)mac_biba_check_mount_stat }, { MAC_CHECK_PIPE_IOCTL, (macop_t)mac_biba_check_pipe_ioctl }, - { MAC_CHECK_PIPE_OP, - (macop_t)mac_biba_check_pipe_op }, + { MAC_CHECK_PIPE_POLL, + (macop_t)mac_biba_check_pipe_poll }, + { MAC_CHECK_PIPE_READ, + (macop_t)mac_biba_check_pipe_read }, { MAC_CHECK_PIPE_RELABEL, (macop_t)mac_biba_check_pipe_relabel }, + { MAC_CHECK_PIPE_STAT, + (macop_t)mac_biba_check_pipe_stat }, + { MAC_CHECK_PIPE_WRITE, + (macop_t)mac_biba_check_pipe_write }, { MAC_CHECK_PROC_DEBUG, (macop_t)mac_biba_check_proc_debug }, { MAC_CHECK_PROC_SCHED, ==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#82 (text+ko) ==== @@ -1349,8 +1349,26 @@ } static int -mac_mls_check_pipe_op(struct ucred *cred, struct pipe *pipe, - struct label *pipelabel, int op) +mac_mls_check_pipe_poll(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + struct mac_mls *subj, *obj; + + if (!mac_mls_enabled) + return (0); + + subj = SLOT(&cred->cr_label); + obj = SLOT((pipelabel)); + + if (!mac_mls_dominate_single(subj, obj)) + return (EACCES); + + return (0); +} + +static int +mac_mls_check_pipe_read(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) { struct mac_mls *subj, *obj; @@ -1360,20 +1378,8 @@ subj = SLOT(&cred->cr_label); obj = SLOT((pipelabel)); - switch(op) { - case MAC_OP_PIPE_READ: - case MAC_OP_PIPE_STAT: - case MAC_OP_PIPE_POLL: - if (!mac_mls_dominate_single(subj, obj)) - return (EACCES); - break; - case MAC_OP_PIPE_WRITE: - if (!mac_mls_dominate_single(obj, subj)) - return (EACCES); - break; - default: - panic("mac_mls_check_pipe_op: invalid pipe operation"); - } + if (!mac_mls_dominate_single(subj, obj)) + return (EACCES); return (0); } @@ -1430,6 +1436,42 @@ } static int +mac_mls_check_pipe_stat(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + struct mac_mls *subj, *obj; + + if (!mac_mls_enabled) + return (0); + + subj = SLOT(&cred->cr_label); + obj = SLOT((pipelabel)); + + if (!mac_mls_dominate_single(subj, obj)) + return (EACCES); + + return (0); +} + +static int +mac_mls_check_pipe_write(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + struct mac_mls *subj, *obj; + + if (!mac_mls_enabled) + return (0); + + subj = SLOT(&cred->cr_label); + obj = SLOT((pipelabel)); + + if (!mac_mls_dominate_single(obj, subj)) + return (EACCES); + + return (0); +} + +static int mac_mls_check_proc_debug(struct ucred *cred, struct proc *proc) { struct mac_mls *subj, *obj; @@ -2297,10 +2339,16 @@ (macop_t)mac_mls_check_mount_stat }, { MAC_CHECK_PIPE_IOCTL, (macop_t)mac_mls_check_pipe_ioctl }, - { MAC_CHECK_PIPE_OP, - (macop_t)mac_mls_check_pipe_op }, + { MAC_CHECK_PIPE_POLL, + (macop_t)mac_mls_check_pipe_poll }, + { MAC_CHECK_PIPE_READ, + (macop_t)mac_mls_check_pipe_read }, { MAC_CHECK_PIPE_RELABEL, (macop_t)mac_mls_check_pipe_relabel }, + { MAC_CHECK_PIPE_STAT, + (macop_t)mac_mls_check_pipe_stat }, + { MAC_CHECK_PIPE_WRITE, + (macop_t)mac_mls_check_pipe_write }, { MAC_CHECK_PROC_DEBUG, (macop_t)mac_mls_check_proc_debug }, { MAC_CHECK_PROC_SCHED, ==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#69 (text+ko) ==== @@ -608,8 +608,16 @@ } static int -mac_none_check_pipe_op(struct ucred *cred, struct pipe *pipe, - struct label *pipelabel, int op) +mac_none_check_pipe_poll(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + + return (0); +} + +static int +mac_none_check_pipe_read(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) { return (0); @@ -624,6 +632,22 @@ } static int +mac_none_check_pipe_stat(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + + return (0); +} + +static int +mac_none_check_pipe_write(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + + return (0); +} + +static int mac_none_check_proc_debug(struct ucred *cred, struct proc *proc) { @@ -1061,10 +1085,16 @@ (macop_t)mac_none_check_mount_stat }, { MAC_CHECK_PIPE_IOCTL, (macop_t)mac_none_check_pipe_ioctl }, - { MAC_CHECK_PIPE_OP, - (macop_t)mac_none_check_pipe_op }, + { MAC_CHECK_PIPE_POLL, + (macop_t)mac_none_check_pipe_poll }, + { MAC_CHECK_PIPE_READ, + (macop_t)mac_none_check_pipe_read }, { MAC_CHECK_PIPE_RELABEL, (macop_t)mac_none_check_pipe_relabel }, + { MAC_CHECK_PIPE_STAT, + (macop_t)mac_none_check_pipe_stat }, + { MAC_CHECK_PIPE_WRITE, + (macop_t)mac_none_check_pipe_write }, { MAC_CHECK_PROC_DEBUG, (macop_t)mac_none_check_proc_debug }, { MAC_CHECK_PROC_SCHED, ==== //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#73 (text+ko) ==== @@ -707,8 +707,18 @@ } static int -mac_te_check_pipe_op(struct ucred *cred, struct pipe *pipe, - struct label *pipelabel, int op) +mac_te_check_pipe_poll(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + + /* XXX: This will be implemented soon... */ + + return (0); +} + +static int +mac_te_check_pipe_read(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) { /* XXX: This will be implemented soon... */ @@ -732,6 +742,26 @@ } static int +mac_te_check_pipe_stat(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + + /* XXX: This will be implemented soon... */ + + return (0); +} + +static int +mac_te_check_pipe_write(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + + /* XXX: This will be implemented soon... */ + + return (0); +} + +static int mac_te_check_proc_debug(struct ucred *cred, struct proc *proc) { @@ -1767,10 +1797,16 @@ (macop_t)mac_te_check_mount_stat }, { MAC_CHECK_PIPE_IOCTL, (macop_t)mac_te_check_pipe_ioctl }, - { MAC_CHECK_PIPE_OP, - (macop_t)mac_te_check_pipe_op }, + { MAC_CHECK_PIPE_POLL, + (macop_t)mac_te_check_pipe_poll }, + { MAC_CHECK_PIPE_READ, + (macop_t)mac_te_check_pipe_read }, { MAC_CHECK_PIPE_RELABEL, (macop_t)mac_te_check_pipe_relabel }, + { MAC_CHECK_PIPE_STAT, + (macop_t)mac_te_check_pipe_stat }, + { MAC_CHECK_PIPE_WRITE, + (macop_t)mac_te_check_pipe_write }, { MAC_CHECK_PROC_DEBUG, (macop_t)mac_te_check_proc_debug }, { MAC_CHECK_PROC_SCHED, ==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#38 (text+ko) ==== @@ -816,8 +816,16 @@ } static int -mac_test_check_pipe_op(struct ucred *cred, struct pipe *pipe, - struct label *pipelabel, int op) +mac_test_check_pipe_poll(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + + return (0); +} + +static int +mac_test_check_pipe_read(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) { return (0); @@ -832,6 +840,22 @@ } static int +mac_test_check_pipe_stat(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + + return (0); +} + +static int +mac_test_check_pipe_write(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel) +{ + + return (0); +} + +static int mac_test_check_proc_debug(struct ucred *cred, struct proc *proc) { @@ -1267,10 +1291,16 @@ (macop_t)mac_test_check_mount_stat }, { MAC_CHECK_PIPE_IOCTL, (macop_t)mac_test_check_pipe_ioctl }, - { MAC_CHECK_PIPE_OP, - (macop_t)mac_test_check_pipe_op }, + { MAC_CHECK_PIPE_POLL, + (macop_t)mac_test_check_pipe_poll }, + { MAC_CHECK_PIPE_READ, + (macop_t)mac_test_check_pipe_read }, { MAC_CHECK_PIPE_RELABEL, (macop_t)mac_test_check_pipe_relabel }, + { MAC_CHECK_PIPE_STAT, + (macop_t)mac_test_check_pipe_stat }, + { MAC_CHECK_PIPE_WRITE, + (macop_t)mac_test_check_pipe_write }, { MAC_CHECK_PROC_DEBUG, (macop_t)mac_test_check_proc_debug }, { MAC_CHECK_PROC_SCHED, ==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#154 (text+ko) ==== @@ -189,16 +189,6 @@ }; /* - * MAC entry point operations - */ -enum mac_ep_ops { - MAC_OP_PIPE_READ, - MAC_OP_PIPE_WRITE, - MAC_OP_PIPE_STAT, - MAC_OP_PIPE_POLL -}; - -/* * Kernel functions to manage and evaluate labels. */ struct bpf_d; @@ -312,9 +302,12 @@ int mac_check_cred_visible(struct ucred *u1, struct ucred *u2); int mac_check_ifnet_transmit(struct ifnet *ifnet, struct mbuf *m); int mac_check_mount_stat(struct ucred *cred, struct mount *mp); -int mac_check_pipe_op(struct ucred *cred, struct pipe *pipe, int op); int mac_check_pipe_ioctl(struct ucred *cred, struct pipe *pipe, unsigned long cmd, void *data); +int mac_check_pipe_poll(struct ucred *cred, struct pipe *pipe); +int mac_check_pipe_read(struct ucred *cred, struct pipe *pipe); +int mac_check_pipe_stat(struct ucred *cred, struct pipe *pipe); +int mac_check_pipe_write(struct ucred *cred, struct pipe *pipe); int mac_check_proc_debug(struct ucred *cred, struct proc *proc); int mac_check_proc_sched(struct ucred *cred, struct proc *proc); int mac_check_proc_signal(struct ucred *cred, struct proc *proc, ==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#118 (text+ko) ==== @@ -240,11 +240,17 @@ struct label *mntlabel); int (*mpo_check_pipe_ioctl)(struct ucred *cred, struct pipe *pipe, struct label *pipelabel, unsigned long cmd, void *data); - int (*mpo_check_pipe_op)(struct ucred *cred, struct pipe *pipe, - struct label *pipelabel, int op); + int (*mpo_check_pipe_poll)(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel); + int (*mpo_check_pipe_read)(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel); int (*mpo_check_pipe_relabel)(struct ucred *cred, struct pipe *pipe, struct label *pipelabel, struct label *newlabel); + int (*mpo_check_pipe_stat)(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel); + int (*mpo_check_pipe_write)(struct ucred *cred, struct pipe *pipe, + struct label *pipelabel); int (*mpo_check_proc_debug)(struct ucred *cred, struct proc *proc); int (*mpo_check_proc_sched)(struct ucred *cred, @@ -421,8 +427,11 @@ MAC_CHECK_IFNET_TRANSMIT, MAC_CHECK_MOUNT_STAT, MAC_CHECK_PIPE_IOCTL, - MAC_CHECK_PIPE_OP, + MAC_CHECK_PIPE_POLL, + MAC_CHECK_PIPE_READ, MAC_CHECK_PIPE_RELABEL, + MAC_CHECK_PIPE_STAT, + MAC_CHECK_PIPE_WRITE, MAC_CHECK_PROC_DEBUG, MAC_CHECK_PROC_SCHED, MAC_CHECK_PROC_SIGNAL, To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208180107.g7I17Lv9058846>