From owner-p4-projects  Tue Oct 22 13:19:49 2002
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 71FF937B404; Tue, 22 Oct 2002 13:19:43 -0700 (PDT)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1C0E437B401
	for <perforce@freebsd.org>; Tue, 22 Oct 2002 13:19:43 -0700 (PDT)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B84F143E42
	for <perforce@freebsd.org>; Tue, 22 Oct 2002 13:19:42 -0700 (PDT)
	(envelope-from green@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id g9MKJ7mV029960
	for <perforce@freebsd.org>; Tue, 22 Oct 2002 13:19:07 -0700 (PDT)
	(envelope-from green@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.12.6/8.12.6/Submit) id g9MKJ7Wt029957
	for perforce@freebsd.org; Tue, 22 Oct 2002 13:19:07 -0700 (PDT)
Date: Tue, 22 Oct 2002 13:19:07 -0700 (PDT)
Message-Id: <200210222019.g9MKJ7Wt029957@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to green@freebsd.org using -f
From: Brian Feldman <green@FreeBSD.org>
Subject: PERFORCE change 19928 for review
To: Perforce Change Reviews <perforce@freebsd.org>
Sender: owner-p4-projects@FreeBSD.ORG
Precedence: bulk
List-ID: <p4-projects.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20p4-projects>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20p4-projects>
X-Loop: FreeBSD.ORG

http://perforce.freebsd.org/chv.cgi?CH=19928

Change 19928 by green@green_laptop_2 on 2002/10/22 13:18:58

	* Correct a style bug.
	* Don't require impossible permissions for swapping.
	* Implement most of the forthcoming changes needed for new-style
	  MAC extended attribute usage.  As a side-effect, mac_lomac works
	  as a (drumroll please...) trimmed down Biba, right now :)

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#13 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#13 (text+ko) ====

@@ -46,6 +46,7 @@
 #include <sys/param.h>
 #include <sys/acl.h>
 #include <sys/conf.h>
+#include <sys/extattr.h>
 #include <sys/kernel.h>
 #include <sys/mac.h>
 #include <sys/malloc.h>
@@ -83,6 +84,10 @@
 SYSCTL_NODE(_security_mac, OID_AUTO, lomac, CTLFLAG_RW, 0,
     "TrustedBSD mac_lomac policy controls");
 
+static int	mac_lomac_label_size = sizeof(struct mac_lomac);
+SYSCTL_INT(_security_mac_lomac, OID_AUTO, label_size, CTLFLAG_RD,
+    &mac_lomac_label_size, 0, "Size of struct mac_lomac");
+
 static int	mac_lomac_enabled = 0;
 SYSCTL_INT(_security_mac_lomac, OID_AUTO, enabled, CTLFLAG_RW,
     &mac_lomac_enabled, 0, "Enforce MAC/LOMAC policy");
@@ -152,7 +157,7 @@
     struct mac_lomac_element *b)
 {
 
-	switch(a->mle_type) {
+	switch (a->mle_type) {
 	case MAC_LOMAC_TYPE_EQUAL:
 	case MAC_LOMAC_TYPE_HIGH:
 		return (1);
@@ -750,15 +755,27 @@
 }
 
 static void
-mac_lomac_create_vnode(struct ucred *cred, struct vnode *parent,
-    struct label *parentlabel, struct vnode *child, struct label *childlabel)
+mac_lomac_create_vnode(struct ucred *cred, struct vnode *dvp,
+    struct label *dlabel, struct vnode *vp, struct label *vlabel)
 {
-	struct mac_lomac *source, *dest;
+	struct mac_lomac *source, *dest, temp;
+	size_t buflen;
+	int error;
+
+	buflen = sizeof(temp);
+	bzero(&temp, buflen);
 
 	source = SLOT(&cred->cr_label);
-	dest = SLOT(childlabel);
+	dest = SLOT(vlabel);
+	mac_lomac_copy_single(source, &temp);
 
-	mac_lomac_copy_single(source, dest);
+	error = vn_extattr_set(vp, IO_NODELOCKED, MAC_LOMAC_EXTATTR_NAMESPACE,
+	    MAC_LOMAC_EXTATTR_NAME, buflen, (char *)&temp, curthread);
+	if (error == 0)
+		mac_lomac_copy_single(source, dest);
+#ifdef notyet
+	return (error);
+#endif
 }
 
 static void
@@ -791,12 +808,29 @@
 mac_lomac_relabel_vnode(struct ucred *cred, struct vnode *vp,
     struct label *vnodelabel, struct label *label)
 {
-	struct mac_lomac *source, *dest;
+	struct mac_lomac *source, temp;
+	size_t buflen;
+	int error;
+
+	buflen = sizeof(temp);
+	bzero(&temp, buflen);
 
 	source = SLOT(label);
-	dest = SLOT(vnodelabel);
+#ifdef notyet
+	if ((source->ml_flags & MAC_BIBA_FLAG_SINGLE) == 0)
+		return (0);
+#endif
+#ifndef notyet
+	mac_lomac_copy(source, SLOT(vnodelabel));
+#endif
+
+	mac_lomac_copy_single(source, &temp);
 
-	mac_lomac_copy(source, dest);
+	error = vn_extattr_set(vp, IO_NODELOCKED, MAC_LOMAC_EXTATTR_NAMESPACE,
+	    MAC_LOMAC_EXTATTR_NAME, buflen, (char *)&temp, curthread);
+#ifdef notyet
+	return (error);
+#endif
 }
 
 static void
@@ -827,29 +861,46 @@
 	mac_lomac_copy_single(source, dest);
 }
 
-#if 0
 static int
-mac_lomac_update_vnode_from_externalized(struct vnode *vp,
-    struct label *vnodelabel, struct oldmac *extmac)
+mac_lomac_update_vnode_from_extattr(struct vnode *vp, struct label *vlabel,
+    struct mount *mp, struct label *fslabel)
 {
-	struct mac_lomac *source, *dest;
+	struct mac_lomac temp, *source, *dest;
+	size_t buflen;
 	int error;
 
-	source = &extmac->m_lomac;
-	dest = SLOT(vnodelabel);
+	source = SLOT(fslabel);
+	dest = SLOT(vlabel);
+
+	buflen = sizeof(temp);
+	bzero(&temp, buflen);
 
-	error = mac_lomac_valid(source);
-	if (error)
+	error = vn_extattr_get(vp, IO_NODELOCKED, MAC_LOMAC_EXTATTR_NAMESPACE,
+	    MAC_LOMAC_EXTATTR_NAME, &buflen, (char *)&temp, curthread);
+	if (error == ENOATTR || error == EOPNOTSUPP) {
+		/* Fall back to the fslabel. */
+		mac_lomac_copy_single(source, dest);
+		return (0);
+	} else if (error)
 		return (error);
 
-	if ((source->ml_flags & MAC_LOMAC_FLAGS_BOTH) != MAC_LOMAC_FLAG_SINGLE)
-		return (EINVAL);
+	if (buflen != sizeof(temp)) {
+		printf("mac_lomac_associate_vnode_extattr: bad size %d\n",
+		    buflen);
+		return (EPERM);
+	}
+	if (mac_lomac_valid(&temp) != 0) {
+		printf("mac_lomac_associate_vnode_extattr: invalid\n");
+		return (EPERM);
+	}
+	if ((temp.ml_flags & MAC_LOMAC_FLAGS_BOTH) != MAC_LOMAC_FLAG_SINGLE) {
+		printf("mac_lomac_associate_vnode_extattr: not single\n");
+		return (EPERM);
+	}
 
-	mac_lomac_copy_single(source, dest);
-
+	mac_lomac_copy_single(&temp, dest);
 	return (0);
 }
-#endif
 
 static void
 mac_lomac_update_vnode_from_mount(struct vnode *vp, struct label *vnodelabel,
@@ -2288,8 +2339,7 @@
 	subj = SLOT(&cred->cr_label);
 	obj = SLOT(label);
 
-	if (!mac_lomac_dominate_single(subj, obj) ||
-	    !mac_lomac_dominate_single(obj, subj))
+	if (!mac_lomac_dominate_single(subj, obj))
 		return (EACCES);
 
 	return (0);
@@ -2413,6 +2463,8 @@
 	    (macop_t)mac_lomac_update_devfsdirent },
 	{ MAC_UPDATE_PROCFSVNODE,
 	    (macop_t)mac_lomac_update_procfsvnode },
+	{ MAC_UPDATE_VNODE_FROM_EXTATTR,
+	    (macop_t)mac_lomac_update_vnode_from_extattr },
 	{ MAC_UPDATE_VNODE_FROM_MOUNT,
 	    (macop_t)mac_lomac_update_vnode_from_mount },
 	{ MAC_CREATE_MBUF_FROM_SOCKET,

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message