From owner-p4-projects  Mon Jun 24  7:44:36 2002
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id CF17F37B401; Mon, 24 Jun 2002 07:44:11 -0700 (PDT)
Delivered-To: perforce@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 54C1337B404
	for <perforce@freebsd.org>; Mon, 24 Jun 2002 07:44:10 -0700 (PDT)
Received: (from perforce@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g5OEiAm41914
	for perforce@freebsd.org; Mon, 24 Jun 2002 07:44:10 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Mon, 24 Jun 2002 07:44:10 -0700 (PDT)
Message-Id: <200206241444.g5OEiAm41914@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
Subject: PERFORCE change 13372 for review
To: Perforce Change Reviews <perforce@freebsd.org>
Sender: owner-p4-projects@FreeBSD.ORG
Precedence: bulk
List-ID: <p4-projects.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20p4-projects>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20p4-projects>
X-Loop: FreeBSD.ORG

http://people.freebsd.org/~peter/p4db/chv.cgi?CH=13372

Change 13372 by rwatson@rwatson_tislabs on 2002/06/24 07:43:16

	Let mac_update_vnode_from_externalized() return a failure so that
	invalid labels are ignored.

Affected files ...

... //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#151 edit
... //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#50 edit
... //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#36 edit
... //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#30 edit
... //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#3 edit
... //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#65 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#151 (text+ko) ====

@@ -853,11 +853,14 @@
  * Given an externalized mac label, internalize it and stamp it on a
  * vnode.
  */
-static void
+static int
 mac_update_vnode_from_externalized(struct vnode *vp, struct mac *extmac)
 {
+	int error;
 
-	MAC_PERFORM(update_vnode_from_externalized, vp, &vp->v_label, extmac);
+	MAC_CHECK(update_vnode_from_externalized, vp, &vp->v_label, extmac);
+
+	return (error);
 }
 
 /*
@@ -905,8 +908,10 @@
 	}
 
 	if (buflen == sizeof(extmac))
-		mac_update_vnode_from_externalized(vp, &extmac);
-	else {
+		error = EPERM;		/* Fail very closed. */
+	if (error == 0)
+		error = mac_update_vnode_from_externalized(vp, &extmac);
+	if (error) {
 		if (mac_debug_label_fallback) {
 			printf("Corrupted label, falling back.\n");
 			mac_update_vnode_from_mount(vp, vp->v_mount);

==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#50 (text+ko) ====

@@ -704,17 +704,26 @@
 	mac_biba_copy_single(source, dest);
 }
 
-static void
+static int
 mac_biba_update_vnode_from_externalized(struct vnode *vp,
     struct label *vnodelabel, struct mac *extmac)
 {
 	struct mac_biba *source, *dest;
+	int error;
 
-	/* XXX: Validity check. */
 	source = &extmac->m_biba;
 	dest = SLOT(vnodelabel);
 
+	error = mac_biba_valid(source);
+	if (error)
+		return (error);
+
+	if ((source->mb_flags & MAC_BIBA_FLAGS_BOTH) != MAC_BIBA_FLAG_SINGLE)
+		return (EINVAL);
+
 	mac_biba_copy_single(source, dest);
+
+	return (0);
 }
 
 static void

==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#36 (text+ko) ====

@@ -689,17 +689,26 @@
 	mac_mls_copy_single(source, dest);
 }
 
-static void
+static int
 mac_mls_update_vnode_from_externalized(struct vnode *vp,
     struct label *vnodelabel, struct mac *extmac)
 {
 	struct mac_mls *source, *dest;
+	int error;
 
-	/* XXX: Validity check. */
 	source = &extmac->m_mls;
 	dest = SLOT(vnodelabel);
 
+	error = mac_mls_valid(source);
+	if (error)
+		return (error);
+
+	if ((source->mm_flags & MAC_MLS_FLAGS_BOTH) != MAC_MLS_FLAG_SINGLE)
+		return (EINVAL);
+
 	mac_mls_copy_single(source, dest);
+
+	return (0);
 }
 
 static void

==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#30 (text+ko) ====

@@ -305,11 +305,12 @@
 
 }
 
-static void
+static int
 mac_none_update_vnode_from_externalized(struct vnode *vp,
     struct label *vnodelabel, struct mac *extmac)
 {
 
+	return (0);
 }
 
 static void

==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#3 (text+ko) ====

@@ -498,11 +498,12 @@
 
 }
 
-static void
+static int
 mac_test_update_vnode_from_externalized(struct vnode *vp,
     struct label *vnodelabel, struct mac *extmac)
 {
 
+	return (0);
 }
 
 static void

==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#65 (text+ko) ====

@@ -130,7 +130,7 @@
 		    struct label *vnodelabel);
 	void	(*mpo_update_procfsvnode_from_subject)(struct vnode *vp,
 		    struct label *vnodelabel, struct ucred *cred);
-	void	(*mpo_update_vnode_from_externalized)(struct vnode *vp,
+	int	(*mpo_update_vnode_from_externalized)(struct vnode *vp,
 		    struct label *vnodelabel, struct mac *mac);
 	void	(*mpo_update_vnode_from_mount)(struct vnode *vp,
 		    struct label *vnodelabel, struct mount *mp,

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message