Date: Tue, 8 Oct 2002 08:00:47 -0400 (EDT) From: Chris Vance <cvance@tislabs.com> To: Chris Vance <cvance@freebsd.org> Cc: Perforce Change Reviews <perforce@freebsd.org> Subject: Re: PERFORCE change 18927 for review Message-ID: <Pine.LNX.4.33.0210080758460.8641-100000@zorg.gw.tislabs.com> In-Reply-To: <200210081159.g98BxYOM052945@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Ooops, I hadn't intended to submit sebsd.c. The comment pertains to setfiles.c For the rest (how do I go back and fix the p4 log message?): Add permission checks for vnode_open/vnode_access and vnode_poll Also began to work on mmap permissions (though ifdef'd out) chris. On Tue, 8 Oct 2002, Chris Vance wrote: > http://people.freebsd.org/~peter/p4db/chv.cgi?CH=18927 > > Change 18927 by cvance@cvance_laptop on 2002/10/08 04:58:50 > > Remove debugging statement that somehow survived until now > > Affected files ... > > .. //depot/projects/trustedbsd/mac/sbin/sebsd_setfiles/setfiles.c#7 edit > .. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#32 edit > > Differences ... > > ==== //depot/projects/trustedbsd/mac/sbin/sebsd_setfiles/setfiles.c#7 (text+ko) ==== > > @@ -220,7 +220,6 @@ > } > argc -= optind; > argv += optind; > - printf("optind = %d, argc now %d\n", optind, argc); > > if (argc < 2) { > printUsage(); > > ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#32 (text+ko) ==== > > @@ -114,6 +114,60 @@ > return (cred_has_system(td->td_proc->p_ucred, perm)); > } > > +static __inline security_class_t > +vnode_type_to_security_class(enum vtype vt) > +{ > + switch (vt) { > + case VREG: > + return SECCLASS_FILE; > + case VDIR: > + return SECCLASS_DIR; > + case VBLK: > + return SECCLASS_BLK_FILE; > + case VCHR: > + return SECCLASS_CHR_FILE; > + case VLNK: > + return SECCLASS_LNK_FILE; > + case VSOCK: > + return SECCLASS_SOCK_FILE; > + case VFIFO: > + return SECCLASS_FIFO_FILE; > + case VNON: > + case VBAD: > + return SECCLASS_FILE; > + } > + > + return SECCLASS_FILE; > +} > + > +static __inline access_vector_t > +file_mask_to_av(enum vtype vt, int mask) > +{ > + access_vector_t av = 0; > + > + if (vt != VDIR) { > + if (mask & VEXEC) > + av |= FILE__EXECUTE; > + if (mask & VREAD) > + av |= FILE__READ; > + > + if (mask & VAPPEND) > + av |= FILE__APPEND; > + else if (mask & VWRITE) > + av |= FILE__WRITE; > + > + } else { > + if (mask & VEXEC) > + av |= DIR__SEARCH; > + if (mask & VWRITE) > + av |= DIR__WRITE; > + if (mask & VREAD) > + av |= DIR__READ; > + } > + > + return av; > +} > + > static int > vnode_has_perm(struct ucred *cred, struct vnode *vp, access_vector_t perm, > avc_entry_ref_t *aeref) > @@ -298,32 +352,6 @@ > return (newsid != task->sid); > } > > -static __inline security_class_t > -vnode_type_to_security_class(enum vtype vt) > -{ > - switch (vt) { > - case VREG: > - return SECCLASS_FILE; > - case VDIR: > - return SECCLASS_DIR; > - case VBLK: > - return SECCLASS_BLK_FILE; > - case VCHR: > - return SECCLASS_CHR_FILE; > - case VLNK: > - return SECCLASS_LNK_FILE; > - case VSOCK: > - return SECCLASS_SOCK_FILE; > - case VFIFO: > - return SECCLASS_FIFO_FILE; > - case VNON: > - case VBAD: > - return SECCLASS_FILE; > - } > - > - return SECCLASS_FILE; > -} > - > static void > sebsd_init_vnode_label(struct label *label) > { > @@ -500,9 +528,11 @@ > sebsd_check_vnode_access(struct ucred *cred, struct vnode *vp, > struct label *label, mode_t flags) > { > + if (!flags) > + return 0; > > - /* TBD: Not Implemented */ > - return (0); > + return vnode_has_perm(cred, vp, file_mask_to_av(vp->v_type, flags), > + NULL); > } > > static int > @@ -686,16 +716,18 @@ > sebsd_check_vnode_open(struct ucred *cred, struct vnode *vp, > struct label *filelabel, mode_t acc_mode) > { > - /* TBD: Not Implemented */ > - return 0; > + if (!acc_mode) > + return 0; > + > + return vnode_has_perm(cred, vp, file_mask_to_av(vp->v_type, acc_mode), > + NULL); > } > > static int > sebsd_check_vnode_poll(struct ucred *cred, struct ucred *file_cred, > struct vnode *vp, struct label *label) > { > - /* TBD: Not Implemented */ > - return 0; > + return vnode_has_perm(cred, vp, FILE__POLL, NULL); > } > > static int > @@ -928,8 +960,26 @@ > sebsd_check_vnode_mmap(struct ucred *cred, struct vnode *vp, > struct label *label, int newmapping) > { > - /* TBD: Not Implemented */ > - return 0; > +#ifdef TBD > + access_vector_t av; > + > + /* TBD: Incomplete */ > + if (vp) { > + /* read access is always possible with a mapping */ > + av = FILE__READ; > + > + /* write access only matters if the mapping is shared */ > + if ((flags & MAP_TYPE) == MAP_SHARED && (prot & PROT_WRITE)) > + av |= FILE__WRITE; > + > + if (prot & PROT_EXEC) > + av |= FILE__EXECUTE; > + > + return vnode_has_perm(cred, vp, av, NULL); > + } > +#endif > + > + return (0); > } > > static int > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.33.0210080758460.8641-100000>