From owner-p4-projects  Sat Sep 21 21:34:17 2002
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 4FD8337B404; Sat, 21 Sep 2002 21:34:10 -0700 (PDT)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id ED00C37B401
	for <perforce@freebsd.org>; Sat, 21 Sep 2002 21:34:09 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8AA4E43E4A
	for <perforce@freebsd.org>; Sat, 21 Sep 2002 21:34:09 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from freefall.freebsd.org (perforce@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g8M4Y9Co099975
	for <perforce@freebsd.org>; Sat, 21 Sep 2002 21:34:09 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g8M4Y9a0099972
	for perforce@freebsd.org; Sat, 21 Sep 2002 21:34:09 -0700 (PDT)
Date: Sat, 21 Sep 2002 21:34:09 -0700 (PDT)
Message-Id: <200209220434.g8M4Y9a0099972@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
Subject: PERFORCE change 17906 for review
To: Perforce Change Reviews <perforce@freebsd.org>
Sender: owner-p4-projects@FreeBSD.ORG
Precedence: bulk
List-ID: <p4-projects.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20p4-projects>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20p4-projects>
X-Loop: FreeBSD.ORG

http://people.freebsd.org/~peter/p4db/chv.cgi?CH=17906

Change 17906 by rwatson@rwatson_tislabs on 2002/09/21 21:33:48

	Introduce a new MAC Framework and MAC Policy entry point,
	mac_create_devfs_symlink(), which is invoked to initialize the
	label on a newly created symlink in devfs in the scenario
	where symlink() is called by a user process (the case where
	it's associated with a device during make_dev_alias is handled
	by the mac_create_devfs_device() case, since it has a dev_t).
	The current method of copying the label from the vnode
	didn't work as it broke assertions in the handling of the
	vnode due to a duplicate vnode creation event.  This should
	fix problems in Biba, MLS, TE, and SEBSD relating to correct
	labeling of user generated symlinks (such as /dev/log).
	
	In Biba, MLS, and TE, we derive the symlink label from the
	subject credential creating the symlink.  It could also
	come from the parent directory of the symlink, which is
	available in the entry point arguments.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/fs/devfs/devfs_vnops.c#24 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#110 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#91 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#75 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#77 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#46 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#162 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#126 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/fs/devfs/devfs_vnops.c#24 (text+ko) ====

@@ -878,12 +878,11 @@
 	MALLOC(de->de_symlink, char *, i, M_DEVFS, M_WAITOK);
 	bcopy(ap->a_target, de->de_symlink, i);
 	lockmgr(&dmp->dm_lock, LK_EXCLUSIVE, 0, curthread);
+#ifdef MAC
+	mac_create_devfs_symlink(ap->a_cnp->cn_cred, dd, de);
+#endif
 	TAILQ_INSERT_TAIL(&dd->de_dlist, de, de_list);
 	devfs_allocv(de, ap->a_dvp->v_mount, ap->a_vpp, 0);
-#ifdef MAC
-	mac_create_vnode(ap->a_cnp->cn_cred, ap->a_dvp, *ap->a_vpp);
-	mac_update_devfsdirent(de, *ap->a_vpp);
-#endif /* MAC */
 	lockmgr(&dmp->dm_lock, LK_RELEASE, 0, curthread);
 	return (0);
 }

==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#110 (text+ko) ====

@@ -584,6 +584,18 @@
 }
 
 static void
+mac_biba_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd,
+    struct label *ddlabel, struct devfs_dirent *de, struct label *delabel)
+{
+	struct mac_biba *source, *dest;
+
+	source = SLOT(&cred->cr_label);
+	dest = SLOT(delabel);
+
+	mac_biba_copy_single(source, dest);
+}
+
+static void
 mac_biba_create_devfs_vnode(struct devfs_dirent *devfs_dirent,
     struct label *direntlabel, struct vnode *vp, struct label *vnodelabel)
 {
@@ -2231,6 +2243,8 @@
 	    (macop_t)mac_biba_create_devfs_device },
 	{ MAC_CREATE_DEVFS_DIRECTORY,
 	    (macop_t)mac_biba_create_devfs_directory },
+	{ MAC_CREATE_DEVFS_SYMLINK,
+	    (macop_t)mac_biba_create_devfs_symlink },
 	{ MAC_CREATE_DEVFS_VNODE,
 	    (macop_t)mac_biba_create_devfs_vnode },
 	{ MAC_CREATE_VNODE,

==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#91 (text+ko) ====

@@ -575,6 +575,18 @@
 }
 
 static void
+mac_mls_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd,
+    struct label *ddlabel, struct devfs_dirent *de, struct label *delabel)
+{
+	struct mac_mls *source, *dest;
+
+	source = SLOT(&cred->cr_label);
+	dest = SLOT(delabel);
+
+	mac_mls_copy_single(source, dest);
+}
+
+static void
 mac_mls_create_devfs_vnode(struct devfs_dirent *devfs_dirent,
     struct label *direntlabel, struct vnode *vp, struct label *vnodelabel)
 {
@@ -2166,6 +2178,8 @@
 	    (macop_t)mac_mls_create_devfs_device },
 	{ MAC_CREATE_DEVFS_DIRECTORY,
 	    (macop_t)mac_mls_create_devfs_directory },
+	{ MAC_CREATE_DEVFS_SYMLINK,
+	    (macop_t)mac_mls_create_devfs_symlink },
 	{ MAC_CREATE_DEVFS_VNODE,
 	    (macop_t)mac_mls_create_devfs_vnode },
 	{ MAC_CREATE_VNODE,

==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#75 (text+ko) ====

@@ -169,6 +169,13 @@
 }
 
 static void
+mac_none_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd,
+    struct label *ddlabel, struct devfs_dirent *de, struct label *delabel)
+{
+
+}
+
+static void
 mac_none_create_devfs_vnode(struct devfs_dirent *devfs_dirent,
     struct label *direntlabel, struct vnode *vp, struct label *vnodelabel)
 {
@@ -923,6 +930,8 @@
 	    (macop_t)mac_none_create_devfs_device },
 	{ MAC_CREATE_DEVFS_DIRECTORY,
 	    (macop_t)mac_none_create_devfs_directory },
+	{ MAC_CREATE_DEVFS_SYMLINK,
+	    (macop_t)mac_none_create_devfs_symlink },
 	{ MAC_CREATE_DEVFS_VNODE,
 	    (macop_t)mac_none_create_devfs_vnode },
 	{ MAC_CREATE_VNODE,

==== //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#77 (text+ko) ====

@@ -1005,6 +1005,14 @@
 }
 
 static void
+mac_te_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd,
+    struct label *ddlabel, struct devfs_dirent *de, struct label *delabel)
+{
+
+	mac_te_copy_label(&cred->cr_label, delabel);
+}
+
+static void
 mac_te_create_devfs_vnode(struct devfs_dirent *de, struct label *direntlabel,
     struct vnode *vp, struct label *vnodelabel)
 {
@@ -1679,6 +1687,8 @@
 	    (macop_t)mac_te_create_devfs_device },
 	{ MAC_CREATE_DEVFS_DIRECTORY,
 	    (macop_t)mac_te_create_devfs_directory },
+	{ MAC_CREATE_DEVFS_SYMLINK,
+	    (macop_t)mac_te_create_devfs_symlink },
 	{ MAC_CREATE_DEVFS_VNODE,
 	    (macop_t)mac_te_create_devfs_vnode },
 	{ MAC_CREATE_VNODE,

==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#46 (text+ko) ====

@@ -543,6 +543,13 @@
 }
 
 static void
+mac_test_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd,
+    struct label *ddlabel, struct devfs_dirent *de, struct label *delabel)
+{
+
+}
+
+static void
 mac_test_create_devfs_vnode(struct devfs_dirent *devfs_dirent,
     struct label *direntlabel, struct vnode *vp, struct label *vnodelabel)
 {
@@ -1301,6 +1308,8 @@
 	    (macop_t)mac_test_create_devfs_device },
 	{ MAC_CREATE_DEVFS_DIRECTORY,
 	    (macop_t)mac_test_create_devfs_directory },
+	{ MAC_CREATE_DEVFS_SYMLINK,
+	    (macop_t)mac_test_create_devfs_symlink },
 	{ MAC_CREATE_DEVFS_VNODE,
 	    (macop_t)mac_test_create_devfs_vnode },
 	{ MAC_CREATE_VNODE,

==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#162 (text+ko) ====

@@ -267,6 +267,8 @@
 void	mac_create_devfs_device(dev_t dev, struct devfs_dirent *de);
 void	mac_create_devfs_directory(char *dirname, int dirnamelen,
 	    struct devfs_dirent *de);
+void	mac_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd,
+	    struct devfs_dirent *de);
 void	mac_create_devfs_vnode(struct devfs_dirent *de, struct vnode *vp);
 void	mac_create_vnode(struct ucred *cred, struct vnode *parent,
 	    struct vnode *child);

==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#126 (text+ko) ====

@@ -146,6 +146,9 @@
 		    struct label *label);
 	void	(*mpo_create_devfs_directory)(char *dirname, int dirnamelen,
 		    struct devfs_dirent *de, struct label *label);
+	void	(*mpo_create_devfs_symlink)(struct ucred *cred,
+		    struct devfs_dirent *dd, struct label *ddlabel,
+		    struct devfs_dirent *de, struct label *delabel);
 	void	(*mpo_create_devfs_vnode)(struct devfs_dirent *de,
 		    struct label *direntlabel, struct vnode *vp,
 		    struct label *vnodelabel);
@@ -435,6 +438,7 @@
 	MAC_INTERNALIZE_VNODE_LABEL,
 	MAC_CREATE_DEVFS_DEVICE,
 	MAC_CREATE_DEVFS_DIRECTORY,
+	MAC_CREATE_DEVFS_SYMLINK,
 	MAC_CREATE_DEVFS_VNODE,
 	MAC_CREATE_VNODE,
 	MAC_CREATE_MOUNT,

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message