From owner-p4-projects Fri Jun 14 18:34:17 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id A026237B405; Fri, 14 Jun 2002 18:34:05 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 91EAA37B422 for ; Fri, 14 Jun 2002 18:34:04 -0700 (PDT) Received: (from perforce@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g5F1Y4R07781 for perforce@freebsd.org; Fri, 14 Jun 2002 18:34:04 -0700 (PDT) (envelope-from amigus@FreeBSD.org) Date: Fri, 14 Jun 2002 18:34:04 -0700 (PDT) Message-Id: <200206150134.g5F1Y4R07781@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to amigus@FreeBSD.org using -f From: Adam Migus Subject: PERFORCE change 12955 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=12955 Change 12955 by amigus@amigus_euromede on 2002/06/14 18:33:16 Biba now (again) labels network interfaces at low integrity by default. You can either set security.mac.biba.trust_all_interfaces=1 or list the interfaces you want to trust in security.mac.biba.trusted_interfaces as a comma separated list in /boot/loader.conf to set them to high. This code silently ignores mistakes. If you don't like this, let me know. Affected files ... ... //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#49 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#49 (text+ko) ==== @@ -84,6 +84,17 @@ SYSCTL_INT(_security_mac_biba, OID_AUTO, destroyed_not_inited, CTLFLAG_RD, &destroyed_not_inited, 0, "Count of labels destroyed but not inited"); +static int trust_all_interfaces = 0; +SYSCTL_INT(_security_mac_biba, OID_AUTO, trust_all_interfaces, CTLFLAG_RD, + &trust_all_interfaces, 0, "Consider all interfaces 'trusted' by MAC/Biba"); +TUNABLE_INT("security.mac.biba.trust_all_interfaces", &trust_all_interfaces); + +static char trusted_interfaces[128]; +SYSCTL_STRING(_security_mac_biba, OID_AUTO, trusted_interfaces, CTLFLAG_RD, + trusted_interfaces, 0, "Interfaces considered 'trusted' by MAC/Biba"); +TUNABLE_STR("security.mac.biba.trusted_interfaces", trusted_interfaces, + sizeof(trusted_interfaces)); + static int slot; #define SLOT(l) ((struct mac_biba *)LABEL_TO_SLOT((l), slot).l_ptr) @@ -816,12 +827,54 @@ static void mac_biba_create_ifnet(struct ifnet *ifnet, struct label *ifnetlabel) { + char tifname[IFNAMSIZ], ifname[IFNAMSIZ], *p, *q; + char tiflist[sizeof(trusted_interfaces)]; struct mac_biba *dest; + int len, grade; dest = SLOT(ifnetlabel); - mac_biba_set_single(dest, MAC_BIBA_TYPE_HIGH, 0); - mac_biba_set_range(dest, MAC_BIBA_TYPE_LOW, 0, MAC_BIBA_TYPE_HIGH, 0); + if (ifnet->if_type == IFT_LOOP) { + grade = MAC_BIBA_TYPE_EQUAL; + goto set; + } + + if (trust_all_interfaces) { + grade = MAC_BIBA_TYPE_HIGH; + goto set; + } + + grade = MAC_BIBA_TYPE_LOW; + + if (trusted_interfaces[0] == '\0' || + !strvalid(trusted_interfaces, sizeof(trusted_interfaces))) + goto set; + + for (p = trusted_interfaces, q = tiflist; *p != '\0'; p++, q++) + if(*p != ' ' && *p != '\t') + *q = *p; + + snprintf(ifname, IFNAMSIZ, "%s%d", ifnet->if_name, ifnet->if_unit); + + for (p = q = tiflist;; p++) { + if (*p == ',' || *p == '\0') { + len = p - q; + if (len < IFNAMSIZ) { + bzero(tifname, sizeof(tifname)); + bcopy(q, tifname, len); + if (strcmp(tifname, ifname) == 0) { + grade = MAC_BIBA_TYPE_HIGH; + break; + } + } + if (*p == '\0') + break; + q = p + 1; + } + } +set: + mac_biba_set_single(dest, grade, 0); + mac_biba_set_range(dest, grade, 0, grade, 0); } static void To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message