From owner-p4-projects  Thu Oct 31 14:31:20 2002
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 199C737B404; Thu, 31 Oct 2002 14:31:17 -0800 (PST)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A476337B401
	for <perforce@freebsd.org>; Thu, 31 Oct 2002 14:31:16 -0800 (PST)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3DEA543E91
	for <perforce@freebsd.org>; Thu, 31 Oct 2002 14:31:16 -0800 (PST)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id g9VMTsmV024209
	for <perforce@freebsd.org>; Thu, 31 Oct 2002 14:29:54 -0800 (PST)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.12.6/8.12.6/Submit) id g9VMTr7T024203
	for perforce@freebsd.org; Thu, 31 Oct 2002 14:29:53 -0800 (PST)
Date: Thu, 31 Oct 2002 14:29:53 -0800 (PST)
Message-Id: <200210312229.g9VMTr7T024203@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
Subject: PERFORCE change 20495 for review
To: Perforce Change Reviews <perforce@freebsd.org>
Sender: owner-p4-projects@FreeBSD.ORG
Precedence: bulk
List-ID: <p4-projects.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20p4-projects>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20p4-projects>
X-Loop: FreeBSD.ORG

http://perforce.freebsd.org/chv.cgi?CH=20495

Change 20495 by rwatson@rwatson_tislabs on 2002/10/31 14:29:13

	Don't permit a process to bind to nfsd services in the kernel
	unless MAC policies permit it to.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#346 edit
.. //depot/projects/trustedbsd/mac/sys/nfsserver/nfs_syscalls.c#9 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#207 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#163 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#346 (text+ko) ====

@@ -2534,6 +2534,19 @@
 }
 
 int
+mac_check_system_nfsd(struct ucred *cred)
+{
+	int error;
+
+	if (!mac_enforce_system)
+		return (0);
+
+	MAC_CHECK(check_system_nfsd, cred);
+
+	return (error);
+}
+
+int
 mac_check_system_reboot(struct ucred *cred, int howto)
 {
 	int error;

==== //depot/projects/trustedbsd/mac/sys/nfsserver/nfs_syscalls.c#9 (text+ko) ====

@@ -41,6 +41,7 @@
 __FBSDID("$FreeBSD: src/sys/nfsserver/nfs_syscalls.c,v 1.81 2002/09/18 19:44:14 phk Exp $");
 
 #include "opt_inet6.h"
+#include "opt_mac.h"
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -50,6 +51,7 @@
 #include <sys/file.h>
 #include <sys/filedesc.h>
 #include <sys/vnode.h>
+#include <sys/mac.h>
 #include <sys/malloc.h>
 #include <sys/mount.h>
 #include <sys/proc.h>
@@ -137,10 +139,15 @@
 	struct nfsd_args nfsdarg;
 	int error;
 
-	mtx_lock(&Giant);
+#ifdef MAC
+	error = mac_check_system_nfsd(td->td_ucred);
+	if (error)
+		return (error);
+#endif
 	error = suser(td);
 	if (error)
-		goto done2;
+		return (error);
+	mtx_lock(&Giant);
 	while (nfssvc_sockhead_flag & SLP_INIT) {
 		 nfssvc_sockhead_flag |= SLP_WANTINIT;
 		(void) tsleep((caddr_t)&nfssvc_sockhead, PSOCK, "nfsd init", 0);

==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#207 (text+ko) ====

@@ -265,6 +265,7 @@
 int	mac_check_socket_send(struct ucred *cred, struct socket *so);
 int	mac_check_socket_visible(struct ucred *cred, struct socket *so);
 int	mac_check_system_acct(struct ucred *cred, struct vnode *vp);
+int	mac_check_system_nfsd(struct ucred *cred);
 int	mac_check_system_reboot(struct ucred *cred, int howto);
 int	mac_check_system_settime(struct ucred *cred);
 int	mac_check_system_swapon(struct ucred *cred, struct vnode *vp);

==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#163 (text+ko) ====

@@ -323,6 +323,7 @@
 		    struct socket *so, struct label *socketlabel);
 	int	(*mpo_check_system_acct)(struct ucred *cred,
 		    struct vnode *vp, struct label *vlabel);
+	int	(*mpo_check_system_nfsd)(struct ucred *cred);
 	int	(*mpo_check_system_reboot)(struct ucred *cred, int howto);
 	int	(*mpo_check_system_settime)(struct ucred *cred);
 	int	(*mpo_check_system_swapon)(struct ucred *cred,

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message