From owner-p4-projects Tue Oct 22 11:20:19 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id CA39137B404; Tue, 22 Oct 2002 11:20:08 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 59E6C37B401 for ; Tue, 22 Oct 2002 11:20:08 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id E32D643E88 for ; Tue, 22 Oct 2002 11:20:07 -0700 (PDT) (envelope-from green@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id g9MIJXmV021649 for ; Tue, 22 Oct 2002 11:19:33 -0700 (PDT) (envelope-from green@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id g9MIJWsW021644 for perforce@freebsd.org; Tue, 22 Oct 2002 11:19:32 -0700 (PDT) Date: Tue, 22 Oct 2002 11:19:32 -0700 (PDT) Message-Id: <200210221819.g9MIJWsW021644@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to green@freebsd.org using -f From: Brian Feldman Subject: PERFORCE change 19914 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://perforce.freebsd.org/chv.cgi?CH=19914 Change 19914 by green@green_laptop_2 on 2002/10/22 11:19:17 * Hook up the mac_lomac module to the build. Keep it synched with mac_biba! It's a derivative! * Perform a compartmentectomy on mac_lomac. And God said, "Let LOMAC have no compartments!!" Affected files ... .. //depot/projects/trustedbsd/mac/sys/modules/Makefile#43 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#12 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.h#7 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/modules/Makefile#43 (text+ko) ==== @@ -67,6 +67,7 @@ mac_bsdextended \ mac_ifoff \ mac_mls \ + mac_lomac \ mac_none \ mac_partition \ mac_seeotheruids \ ==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#12 (text+ko) ==== @@ -103,10 +103,6 @@ TUNABLE_STR("security.mac.lomac.trusted_interfaces", trusted_interfaces, sizeof(trusted_interfaces)); -static int max_compartments = MAC_LOMAC_MAX_COMPARTMENTS; -SYSCTL_INT(_security_mac_lomac, OID_AUTO, max_compartments, CTLFLAG_RD, - &max_compartments, 0, "Maximum supported compartments"); - static int ptys_equal = 0; SYSCTL_INT(_security_mac_lomac, OID_AUTO, ptys_equal, CTLFLAG_RW, &ptys_equal, 0, "Label pty devices as lomac/equal on create"); @@ -122,16 +118,6 @@ MALLOC_DEFINE(M_MACLOMAC, "lomac label", "MAC/LOMAC labels"); -static __inline int -lomac_bit_set_empty(u_char *set) { - int i; - - for (i = 0; i < MAC_LOMAC_MAX_COMPARTMENTS >> 3; i++) - if (set[i] != 0) - return (0); - return (1); -} - static struct mac_lomac * lomac_alloc(int flag) { @@ -165,7 +151,6 @@ mac_lomac_dominate_element(struct mac_lomac_element *a, struct mac_lomac_element *b) { - int bit; switch(a->mle_type) { case MAC_LOMAC_TYPE_EQUAL: @@ -196,11 +181,6 @@ return (0); case MAC_LOMAC_TYPE_GRADE: - for (bit = 1; bit <= MAC_LOMAC_MAX_COMPARTMENTS; bit++) - if (!MAC_LOMAC_BIT_TEST(bit, - a->mle_compartments) && - MAC_LOMAC_BIT_TEST(bit, b->mle_compartments)) - return (0); return (a->mle_grade >= b->mle_grade); default: @@ -326,15 +306,9 @@ if (mac_lomac->ml_flags & MAC_LOMAC_FLAG_SINGLE) { switch (mac_lomac->ml_single.mle_type) { case MAC_LOMAC_TYPE_GRADE: - break; - case MAC_LOMAC_TYPE_EQUAL: case MAC_LOMAC_TYPE_HIGH: case MAC_LOMAC_TYPE_LOW: - if (mac_lomac->ml_single.mle_grade != 0 || - !MAC_LOMAC_BIT_SET_EMPTY( - mac_lomac->ml_single.mle_compartments)) - return (EINVAL); break; default: @@ -348,15 +322,9 @@ if (mac_lomac->ml_flags & MAC_LOMAC_FLAG_RANGE) { switch (mac_lomac->ml_rangelow.mle_type) { case MAC_LOMAC_TYPE_GRADE: - break; - case MAC_LOMAC_TYPE_EQUAL: case MAC_LOMAC_TYPE_HIGH: case MAC_LOMAC_TYPE_LOW: - if (mac_lomac->ml_rangelow.mle_grade != 0 || - !MAC_LOMAC_BIT_SET_EMPTY( - mac_lomac->ml_rangelow.mle_compartments)) - return (EINVAL); break; default: @@ -365,15 +333,9 @@ switch (mac_lomac->ml_rangehigh.mle_type) { case MAC_LOMAC_TYPE_GRADE: - break; - case MAC_LOMAC_TYPE_EQUAL: case MAC_LOMAC_TYPE_HIGH: case MAC_LOMAC_TYPE_LOW: - if (mac_lomac->ml_rangehigh.mle_grade != 0 || - !MAC_LOMAC_BIT_SET_EMPTY( - mac_lomac->ml_rangehigh.mle_compartments)) - return (EINVAL); break; default: @@ -393,35 +355,22 @@ static void mac_lomac_set_range(struct mac_lomac *mac_lomac, u_short typelow, - u_short gradelow, u_char *compartmentslow, u_short typehigh, - u_short gradehigh, u_char *compartmentshigh) + u_short gradelow, u_short typehigh, u_short gradehigh) { mac_lomac->ml_rangelow.mle_type = typelow; mac_lomac->ml_rangelow.mle_grade = gradelow; - if (compartmentslow != NULL) - memcpy(mac_lomac->ml_rangelow.mle_compartments, - compartmentslow, - sizeof(mac_lomac->ml_rangelow.mle_compartments)); mac_lomac->ml_rangehigh.mle_type = typehigh; mac_lomac->ml_rangehigh.mle_grade = gradehigh; - if (compartmentshigh != NULL) - memcpy(mac_lomac->ml_rangehigh.mle_compartments, - compartmentshigh, - sizeof(mac_lomac->ml_rangehigh.mle_compartments)); mac_lomac->ml_flags |= MAC_LOMAC_FLAG_RANGE; } static void -mac_lomac_set_single(struct mac_lomac *mac_lomac, u_short type, u_short grade, - u_char *compartments) +mac_lomac_set_single(struct mac_lomac *mac_lomac, u_short type, u_short grade) { mac_lomac->ml_single.mle_type = type; mac_lomac->ml_single.mle_grade = grade; - if (compartments != NULL) - memcpy(mac_lomac->ml_single.mle_compartments, compartments, - sizeof(mac_lomac->ml_single.mle_compartments)); mac_lomac->ml_flags |= MAC_LOMAC_FLAG_SINGLE; } @@ -511,7 +460,6 @@ mac_lomac_element_to_string(char *string, size_t size, struct mac_lomac_element *element) { - int pos, bit = 1; switch (element->mle_type) { case MAC_LOMAC_TYPE_HIGH: @@ -524,15 +472,7 @@ return (snprintf(string, size, "equal")); case MAC_LOMAC_TYPE_GRADE: - pos = snprintf(string, size, "%d:", element->mle_grade); - for (bit = 1; bit <= MAC_LOMAC_MAX_COMPARTMENTS; bit++) { - if (MAC_LOMAC_BIT_TEST(bit, element->mle_compartments)) - pos += snprintf(string + pos, size - pos, - "%d+", bit); - } - if (string[pos - 1] == '+' || string[pos - 1] == ':') - string[--pos] = NULL; - return (pos); + return (snprintf(string, size, "%d", element->mle_grade)); default: panic("mac_lomac_element_to_string: invalid type (%d)", @@ -647,28 +587,8 @@ element->mle_type = MAC_LOMAC_TYPE_GRADE; element->mle_grade = d; - if (*p1 != ':') { - if (p1 == p0 || *p1 != '\0') - return (EINVAL); - else - return (0); - } - else - if (*(p1 + 1) == '\0') - return (0); - - while ((p0 = ++p1)) { - d = strtol(p0, &p1, 10); - if (d < 1 || d > MAC_LOMAC_MAX_COMPARTMENTS) - return (EINVAL); - - MAC_LOMAC_BIT_SET(d, element->mle_compartments); - - if (*p1 == '\0') - break; - if (p1 == p0 || *p1 != '+') - return (EINVAL); - } + if (p1 == p0 || *p1 != '\0') + return (EINVAL); } return (0); @@ -793,7 +713,7 @@ lomac_type = MAC_LOMAC_TYPE_EQUAL; else lomac_type = MAC_LOMAC_TYPE_HIGH; - mac_lomac_set_single(mac_lomac, lomac_type, 0, NULL); + mac_lomac_set_single(mac_lomac, lomac_type, 0); } static void @@ -803,7 +723,7 @@ struct mac_lomac *mac_lomac; mac_lomac = SLOT(label); - mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0, NULL); + mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0); } static void @@ -862,9 +782,9 @@ /* Always mount root as high integrity. */ mac_lomac = SLOT(fslabel); - mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0, NULL); + mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0); mac_lomac = SLOT(mntlabel); - mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0, NULL); + mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0); } static void @@ -1115,8 +1035,8 @@ } } set: - mac_lomac_set_single(dest, grade, 0, NULL); - mac_lomac_set_range(dest, grade, 0, NULL, grade, 0, NULL); + mac_lomac_set_single(dest, grade, 0); + mac_lomac_set_range(dest, grade, 0, grade, 0); } static void @@ -1185,7 +1105,7 @@ dest = SLOT(mbuflabel); - mac_lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0, NULL); + mac_lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0); } static void @@ -1314,9 +1234,9 @@ dest = SLOT(&cred->cr_label); - mac_lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0, NULL); - mac_lomac_set_range(dest, MAC_LOMAC_TYPE_LOW, 0, NULL, - MAC_LOMAC_TYPE_HIGH, 0, NULL); + mac_lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0); + mac_lomac_set_range(dest, MAC_LOMAC_TYPE_LOW, 0, MAC_LOMAC_TYPE_HIGH, + 0); } static void @@ -1326,9 +1246,9 @@ dest = SLOT(&cred->cr_label); - mac_lomac_set_single(dest, MAC_LOMAC_TYPE_HIGH, 0, NULL); - mac_lomac_set_range(dest, MAC_LOMAC_TYPE_LOW, 0, NULL, - MAC_LOMAC_TYPE_HIGH, 0, NULL); + mac_lomac_set_single(dest, MAC_LOMAC_TYPE_HIGH, 0); + mac_lomac_set_range(dest, MAC_LOMAC_TYPE_LOW, 0, MAC_LOMAC_TYPE_HIGH, + 0); } static void ==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.h#7 (text+ko) ==== @@ -68,12 +68,9 @@ * mb_type. */ -#define MAC_LOMAC_MAX_COMPARTMENTS 256 - struct mac_lomac_element { u_short mle_type; u_short mle_grade; - u_char mle_compartments[MAC_LOMAC_MAX_COMPARTMENTS >> 3]; }; /* @@ -88,14 +85,4 @@ struct mac_lomac_element ml_rangelow, ml_rangehigh; }; -/* - * LOMAC compartments bit test/set macros. - * The range is 1 to MAC_LOMAC_MAX_COMPARTMENTS. - */ -#define MAC_LOMAC_BIT_TEST(b, w) \ - ((w)[(((b) - 1) >> 3)] & (1 << (((b) - 1) & 7))) -#define MAC_LOMAC_BIT_SET(b, w) \ - ((w)[(((b) - 1) >> 3)] |= (1 << (((b) - 1) & 7))) -#define MAC_LOMAC_BIT_SET_EMPTY(set) lomac_bit_set_empty(set) - #endif /* !_SYS_SECURITY_MAC_LOMAC_H */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message