Date: Wed, 5 Nov 2003 06:26:11 -0800 (PST) From: Andrew Reisse <areisse@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 41442 for review Message-ID: <200311051426.hA5EQBmc099013@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=41442 Change 41442 by areisse@areisse_ibook on 2003/11/05 06:25:20 devfs labelling support. Don't rely on 'mount *mp' being valid in devfs labelling events. Affected files ... .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#23 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/miscfs/devfs/Makefile#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/miscfs/devfs/devfs_tree.c#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/miscfs/devfs/devfsdefs.h#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/mac.h#6 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/mac_policy.h#4 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#7 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#23 (text+ko) ==== @@ -75,6 +75,8 @@ #include <kern/wait_queue.h> #include <kern/lock.h> +#include <miscfs/devfs/devfsdefs.h> + #ifdef MAC /* @@ -855,11 +857,8 @@ static void mac_init_cred_label(struct label *label) { - printf ("mac_init_cred_label %d\n", label); mac_init_label(label); - printf ("mpo_init_cred_label %d\n", label); MAC_PERFORM(init_cred_label, label); - printf ("mac_init_cred_label done %d\n", label); MAC_DEBUG_COUNTER_INC(&nmaccreds); } @@ -870,16 +869,13 @@ mac_init_cred_label(&cred->cr_label); } -#if 0 void -mac_init_devfsdirent(struct devfs_dirent *de) +mac_init_devfsdirent(struct devnode *de) { - - mac_init_label(&de->de_label); - MAC_PERFORM(init_devfsdirent_label, &de->de_label); + mac_init_label(&de->dn_label); + MAC_PERFORM(init_devfsdirent_label, &de->dn_label); MAC_DEBUG_COUNTER_INC(&nmacdevfsdirents); } -#endif static void mac_init_ifnet_label(struct label *label) @@ -1114,16 +1110,14 @@ mac_destroy_cred_label(&cred->cr_label); } -#if 0 void -mac_destroy_devfsdirent(struct devfs_dirent *de) +mac_destroy_devfsdirent(struct devnode *de) { - MAC_PERFORM(destroy_devfsdirent_label, &de->de_label); - mac_destroy_label(&de->de_label); + MAC_PERFORM(destroy_devfsdirent_label, &de->dn_label); + mac_destroy_label(&de->dn_label); MAC_DEBUG_COUNTER_DEC(&nmacdevfsdirents); } -#endif static void mac_destroy_ifnet_label(struct label *label) @@ -1268,6 +1262,12 @@ MAC_PERFORM(copy_vnode_label, src, dest); } +void +mac_copy_devfs_label(struct label *src, struct label *dest) +{ + MAC_PERFORM(copy_devfs_label, src, dest); +} + static int mac_check_structmac_consistent(struct mac *mac) { @@ -1442,9 +1442,7 @@ void mac_create_cred(struct ucred *parent_cred, struct ucred *child_cred) { - printf ("mpo_create_cred %d %d %d\n", parent_cred, child_cred, 0); MAC_PERFORM(create_cred, parent_cred, child_cred); - printf ("mpo_create_cred done\n"); } #if 0 @@ -1456,16 +1454,16 @@ MAC_PERFORM(update_devfsdirent, mp, de, &de->de_label, vp, &vp->v_label); } +#endif void -mac_associate_vnode_devfs(struct mount *mp, struct devfs_dirent *de, +mac_associate_vnode_devfs(struct mount *mp, struct devnode *de, struct vnode *vp) { MAC_PERFORM(associate_vnode_devfs, mp, &mp->mnt_fslabel, de, - &de->de_label, vp, &vp->v_label); + &de->dn_label, vp, &vp->v_label); } -#endif int mac_associate_vnode_extattr(struct mount *mp, struct vnode *vp) @@ -3216,16 +3214,16 @@ return (0); } -#if 0 void -mac_create_devfs_device(struct mount *mp, dev_t dev, struct devfs_dirent *de, +mac_create_devfs_device(struct ucred *cr, struct mount *mp, dev_t dev, struct devnode *de, const char *fullpath) { - MAC_PERFORM(create_devfs_device, mp, dev, de, &de->de_label, - fullpath); + MAC_PERFORM(create_devfs_device, cr, mp, dev, de, &de->dn_label, + fullpath); } +#if 0 void mac_create_devfs_symlink(struct ucred *cred, struct mount *mp, struct devfs_dirent *dd, struct devfs_dirent *de, const char *fullpath) ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/miscfs/devfs/Makefile#2 (text+ko) ==== @@ -20,11 +20,8 @@ EXPINC_SUBDIRS_I386 = \ DATAFILES = \ - devfs.h + devfs.h devfs_proto.h devfsdefs.h -PRIVATE_DATAFILES = \ - devfs_proto.h devfsdefs.h - INSTALL_MI_LIST = ${DATAFILES} INSTALL_MI_DIR = miscfs/devfs @@ -33,7 +30,7 @@ EXPORT_MI_DIR = miscfs/devfs -INSTALL_MI_LIST = ${DATAFILES} ${PRIVATE_DATAFILES} +INSTALL_MI_LIST = ${DATAFILES} include $(MakeInc_rule) include $(MakeInc_dir) ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/miscfs/devfs/devfs_tree.c#2 (text+ko) ==== @@ -555,6 +555,11 @@ *(dnp->dn_prevsiblingp) = dnp; dnp->dn_nextsibling = proto; proto->dn_prevsiblingp = &(dnp->dn_nextsibling); + +#ifdef MAC + mac_init_devfsdirent (dnp); + mac_copy_devfs_label (&proto->dn_label, &dnp->dn_label); +#endif } else { struct timeval tv; @@ -569,6 +574,10 @@ dnp->dn_atime.tv_sec = tv.tv_sec; dnp->dn_mtime.tv_sec = tv.tv_sec; dnp->dn_ctime.tv_sec = tv.tv_sec; + +#ifdef MAC + mac_init_devfsdirent (dnp); +#endif } dnp->dn_dvm = dvm; @@ -677,6 +686,10 @@ #endif 0 dnp->dn_delete = TRUE; } + +#ifdef MAC + mac_destroy_devfsdirent (dnp); +#endif } } @@ -1018,6 +1031,10 @@ vn_p->v_data = (void *)dnp; dnp->dn_vn = vn_p; error = vn_lock(vn_p, LK_EXCLUSIVE | LK_RETRY, p); +#ifdef MAC + if (!error) + mac_associate_vnode_devfs (NULL, dnp, vn_p); +#endif } return error; } @@ -1074,7 +1091,7 @@ devnode_t * dnp; /* devnode for parent directory */ devnode_type_t typeinfo; - char *name, *path, buf[256]; /* XXX */ + char *name, *path, buf[256], buff[256]; /* XXX */ boolean_t funnel_state; int i; va_list ap; @@ -1093,6 +1110,10 @@ vsnprintf(buf, sizeof(buf), fmt, ap); va_end(ap); +#ifdef MAC + bcopy (buf, buff, 256); + buff[255] = 0; +#endif name = NULL; for(i=strlen(buf); i>0; i--) @@ -1120,6 +1141,10 @@ new_dev->de_dnp->dn_gid = gid; new_dev->de_dnp->dn_uid = uid; new_dev->de_dnp->dn_mode |= perms; +#ifdef MAC + mac_create_devfs_device (NULL, NULL, + dev, new_dev->de_dnp, buff); +#endif devfs_propogate(dnp->dn_typeinfo.Dir.myname, new_dev); } } ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/miscfs/devfs/devfsdefs.h#2 (text+ko) ==== @@ -60,6 +60,8 @@ #include <sys/appleapiopts.h> +#include <sys/mac.h> + #ifdef __APPLE_API_PRIVATE #define DEVMAXNAMESIZE 32 /* XXX */ #define DEVMAXPATHSIZE 128 /* XXX */ @@ -128,6 +130,7 @@ devnode_t * * dn_prevsiblingp;/* backpointer for the above */ devnode_type_t dn_typeinfo; int dn_delete; /* mark for deletion */ + struct label dn_label; }; struct devdirent ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/mac.h#6 (text+ko) ==== @@ -104,7 +104,7 @@ */ struct bpf_d; struct componentname; -struct devfs_dirent; +struct devnode; struct ifnet; struct ifreq; struct image_params; @@ -134,7 +134,7 @@ */ void mac_init_bpfdesc(struct bpf_d *); void mac_init_cred(struct ucred *); -void mac_init_devfsdirent(struct devfs_dirent *); +void mac_init_devfsdirent(struct devnode *); void mac_init_ifnet(struct ifnet *); int mac_init_ipq(struct ipq *, int flag); int mac_init_socket(struct socket *, int flag); @@ -147,9 +147,10 @@ void mac_init_vnode_label(struct label *); void mac_copy_mbuf_tag(struct m_tag *, struct m_tag *); void mac_copy_vnode_label(struct label *, struct label *label); +void mac_copy_devfs_label(struct label *, struct label *label); void mac_destroy_bpfdesc(struct bpf_d *); void mac_destroy_cred(struct ucred *); -void mac_destroy_devfsdirent(struct devfs_dirent *); +void mac_destroy_devfsdirent(struct devnode *); void mac_destroy_ifnet(struct ifnet *); void mac_destroy_ipq(struct ipq *); void mac_destroy_socket(struct socket *); @@ -164,16 +165,16 @@ * Labeling event operations: file system objects, and things that * look a lot like file system objects. */ -void mac_associate_vnode_devfs(struct mount *mp, struct devfs_dirent *de, +void mac_associate_vnode_devfs(struct mount *mp, struct devnode *de, struct vnode *vp); int mac_associate_vnode_extattr(struct mount *mp, struct vnode *vp); void mac_associate_vnode_singlelabel(struct mount *mp, struct vnode *vp); -void mac_create_devfs_device(struct mount *mp, dev_t dev, - struct devfs_dirent *de, const char *fullpath); +void mac_create_devfs_device(struct ucred *cr, struct mount *mp, dev_t dev, + struct devnode *de, const char *fullpath); void mac_create_devfs_directory(struct mount *mp, char *dirname, - int dirnamelen, struct devfs_dirent *de, const char *fullpath); + int dirnamelen, struct devnode *de, const char *fullpath); void mac_create_devfs_symlink(struct ucred *cred, struct mount *mp, - struct devfs_dirent *dd, struct devfs_dirent *de, + struct devnode *dd, struct devnode *de, const char *fullpath); int mac_create_vnode_extattr(struct ucred *cred, struct mount *mp, struct vnode *dvp, struct vnode *vp, struct componentname *cnp); @@ -181,7 +182,7 @@ void mac_create_root_mount(struct ucred *cred, struct mount *mp); void mac_relabel_vnode(struct ucred *cred, struct vnode *vp, struct label *newlabel); -void mac_update_devfsdirent(struct mount *mp, struct devfs_dirent *de, +void mac_update_devfsdirent(struct mount *mp, struct devnode *de, struct vnode *vp); /* ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/sys/mac_policy.h#4 (text+ko) ==== @@ -62,6 +62,8 @@ struct socket; struct ucred; struct vnode; +struct devnode; + struct mac_policy_ops { /* * Policy module operations. @@ -81,9 +83,7 @@ */ void (*mpo_init_bpfdesc_label)(struct label *label); void (*mpo_init_cred_label)(struct label *label); -#if 0 void (*mpo_init_devfsdirent_label)(struct label *label); -#endif void (*mpo_init_ifnet_label)(struct label *label); int (*mpo_init_ipq_label)(struct label *label, int flag); int (*mpo_init_mbuf_label)(struct label *label, int flag); @@ -98,9 +98,7 @@ void (*mpo_init_vnode_label)(struct label *label); void (*mpo_destroy_bpfdesc_label)(struct label *label); void (*mpo_destroy_cred_label)(struct label *label); -#if 0 void (*mpo_destroy_devfsdirent_label)(struct label *label); -#endif void (*mpo_destroy_ifnet_label)(struct label *label); void (*mpo_destroy_ipq_label)(struct label *label); void (*mpo_destroy_mbuf_label)(struct label *label); @@ -121,6 +119,8 @@ #endif void (*mpo_copy_vnode_label)(struct label *src, struct label *dest); + void (*mpo_copy_devfs_label)(struct label *src, + struct label *dest); int (*mpo_externalize_cred_label)(struct label *label, char *element_name, struct sbuf *sb, int *claimed); int (*mpo_externalize_ifnet_label)(struct label *label, @@ -152,30 +152,29 @@ * Labeling event operations: file system objects, and things that * look a lot like file system objects. */ -#if 0 void (*mpo_associate_vnode_devfs)(struct mount *mp, - struct label *fslabel, struct devfs_dirent *de, + struct label *fslabel, struct devnode *de, struct label *delabel, struct vnode *vp, struct label *vlabel); -#endif + int (*mpo_associate_vnode_extattr)(struct mount *mp, struct label *fslabel, struct vnode *vp, struct label *vlabel); void (*mpo_associate_vnode_singlelabel)(struct mount *mp, struct label *fslabel, struct vnode *vp, struct label *vlabel); -#if 0 - void (*mpo_create_devfs_device)(struct mount *mp, dev_t dev, - struct devfs_dirent *de, struct label *label, + + void (*mpo_create_devfs_device)(struct ucred *cr, struct mount *mp, dev_t dev, + struct devnode *de, struct label *label, const char *fullpath); void (*mpo_create_devfs_directory)(struct mount *mp, char *dirname, - int dirnamelen, struct devfs_dirent *de, + int dirnamelen, struct devnode *de, struct label *label, const char *fullpath); void (*mpo_create_devfs_symlink)(struct ucred *cred, - struct mount *mp, struct devfs_dirent *dd, - struct label *ddlabel, struct devfs_dirent *de, + struct mount *mp, struct devnode *dd, + struct label *ddlabel, struct devnode *de, struct label *delabel, const char *fullpath); -#endif + int (*mpo_create_vnode_extattr)(struct ucred *cred, struct mount *mp, struct label *fslabel, struct vnode *dvp, struct label *dlabel, @@ -192,7 +191,7 @@ struct label *intlabel); #if 0 void (*mpo_update_devfsdirent)(struct mount *mp, - struct devfs_dirent *devfs_dirent, + struct devnode *devfs_dirent, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel); #endif ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#7 (text+ko) ==== @@ -68,6 +68,7 @@ #include <sys/ucred.h> #include <vm/vm_kern.h> +#include <miscfs/devfs/devfsdefs.h> #endif #include <sys/mac_policy.h> @@ -239,33 +240,22 @@ return SECCLASS_FILE; } -#ifdef HAS_DEVFS_DIRENT static __inline security_class_t -dirent_type_to_security_class(__uint8_t type) +devfs_type_to_security_class(int type) { switch (type) { - case DT_REG: - return SECCLASS_FILE; - case DT_DIR: + case DEV_DIR: return SECCLASS_DIR; - case DT_BLK: + case DEV_BDEV: return SECCLASS_BLK_FILE; - case DT_CHR: + case DEV_CDEV: return SECCLASS_CHR_FILE; - case DT_LNK: + case DEV_SLNK: return SECCLASS_LNK_FILE; - case DT_SOCK: - return SECCLASS_SOCK_FILE; - case DT_FIFO: - return SECCLASS_FIFO_FILE; - case DT_UNKNOWN: - case DT_WHT: - return SECCLASS_FILE; } return SECCLASS_FILE; } -#endif static __inline access_vector_t file_mask_to_av(enum vtype vt, int mask) @@ -428,6 +418,17 @@ } static void +sebsd_init_devfs_label(struct label *label) +{ + struct vnode_security_struct *vsec; + + vsec = sebsd_malloc(sizeof(*vsec), M_ZERO | M_WAITOK); + vsec->sid = SECINITSID_UNLABELED; + vsec->task_sid = SECINITSID_UNLABELED; + SLOT(label) = vsec; +} + +static void sebsd_destroy_cred_label(struct label *label) { sebsd_free (SLOT(label), sizeof (struct task_security_struct)); @@ -447,10 +448,9 @@ printf("sebsd_relabel_cred:: This does nothing\n"); } -#ifdef HAS_DEVFS_DIRENT static void sebsd_associate_vnode_devfs(struct mount *mp, struct label *fslabel, - struct devfs_dirent *de, struct label *delabel, struct vnode *vp, + struct devnode *de, struct label *delabel, struct vnode *vp, struct label *vlabel) { struct vnode_security_struct *vsec, *dsec; @@ -461,30 +461,23 @@ vsec->sid = dsec->sid; vsec->task_sid = dsec->task_sid; vsec->sclass = dsec->sclass; - - /* - * This is a no-op for now, but when devfs_dirents do contain - * labels, they should be copied to the vp here as per how - * sebsd_update_vnode_from_extattr() functions. They will be - * kept synchronized from here on automatically with the vnode - * relabel calls. - */ } -#endif -#ifdef HAS_EXTATTRS static int sebsd_associate_vnode_extattr(struct mount *mp, struct label *fslabel, struct vnode *vp, struct label *vlabel) { struct vnode_security_struct *vsec; /* TBD: Need to limit size of contexts used in extattr labels */ - char context[128]; + /*char context[128];*/ u_int32_t context_len; + const char *context = NULL; int error; vsec = SLOT(vlabel); +#ifdef HAS_EXTATTRS + context_len = sizeof(context); /* TBD: bad fixed length */ error = vn_extattr_get(vp, IO_NODELOCKED, SEBSD_MAC_EXTATTR_NAMESPACE, @@ -515,8 +508,22 @@ "inode=%ld, fsid=%d\n", context_len, context_len, context, va.va_fileid, va.va_fsid); } +#endif - error = security_context_to_sid(context, context_len, &vsec->sid); + struct proc *p = current_proc(); + if (p == NULL || vp == NULL || vp->v_op == NULL || vp->v_tag != VT_HFS || vp->v_data == NULL) + goto dosclass; + + struct vattr va; + error = VOP_GETATTR (vp, &va, p->p_ucred, p); + if (error) + goto dosclass; + if (va.va_fileid == 28308) + context = "system_u:object_r:shell_exec_t"; + else + goto dosclass; + + error = security_context_to_sid(context, strlen(context), &vsec->sid); if (error) { printf("sebsd_update_vnode_from_extattr: ERROR mapping " "context to sid: %.*s\n", context_len, context); @@ -532,7 +539,6 @@ return (0); } -#endif static void sebsd_associate_vnode_singlelabel(struct mount *mp, struct label *fslabel, @@ -560,6 +566,9 @@ parent = SLOT(&cred_parent->cr_label); task = SLOT(&cred_child->cr_label); + if (parent == task) + panic ("parent child equal"); + /* Default to using the attributes from the parent process */ task->osid = parent->osid; task->sid = parent->sid; @@ -579,32 +588,29 @@ fsec->sid = tsec->sid; } -#ifdef HAS_DEVFS_DIRENT static void sebsd_create_devfs_device(struct ucred *cr, struct mount *mp, dev_t dev, - struct devfs_dirent *devfs_dirent, struct label *label, + struct devnode *devfs_dirent, struct label *label, const char *fullpath) { char *path; int rc; security_id_t newsid; - struct mount_security_struct *sbsec; struct vnode_security_struct *dirent; dirent = SLOT(label); - sbsec = SLOT(&mp->mnt_mntlabel); /* Default to the filesystem SID. */ - dirent->sid = sbsec->sid; + dirent->sid = SECINITSID_DEVFS; dirent->task_sid = SECINITSID_KERNEL; dirent->sclass = - dirent_type_to_security_class(devfs_dirent->de_dirent->d_type); + devfs_type_to_security_class(devfs_dirent->dn_type); /* Obtain a SID based on the fstype, path, and class. */ path = sebsd_malloc(strlen(fullpath) + 2, M_ZERO | M_WAITOK); path[0] = '/'; strcpy(&path[1], fullpath); - rc = security_genfs_sid(mp->mnt_vfc->vfc_name, path, dirent->sclass, + rc = security_genfs_sid("devfs", path, dirent->sclass, &newsid); if (rc == 0) @@ -625,14 +631,15 @@ /* TBD: debugging */ if (sebsd_verbose > 1) { - printf("sebsd_create_devfs_device(%s): sbsid=%d, " - "mountpoint=%s, rc=%d, sclass=%d, computedsid=%d, " - "dirent=%d\n", path, sbsec->sid, mp->mnt_stat.f_mntonname, + printf("sebsd_create_devfs_device(%s): " + "rc=%d, sclass=%d, computedsid=%d, " + "dirent=%d\n", path, rc, dirent->sclass, newsid, dirent->sid); } sebsd_free (path, 2 + strlen(fullpath)); } +#if 0 static void sebsd_create_devfs_directory(struct mount *mp, char *dirname, int dirnamelen, struct devfs_dirent *devfs_dirent, struct label *label, @@ -2082,10 +2089,15 @@ .mpo_init_cred_label = sebsd_init_cred_label, .mpo_init_vnode_label = sebsd_init_vnode_label, + .mpo_init_devfsdirent_label = sebsd_init_devfs_label, .mpo_destroy = sebsd_destroy, .mpo_destroy_cred_label = sebsd_destroy_cred_label, .mpo_destroy_vnode_label = sebsd_destroy_vnode_label, + .mpo_destroy_devfsdirent_label = sebsd_destroy_vnode_label, + + .mpo_copy_vnode_label = sebsd_copy_vnode_label, + .mpo_copy_devfs_label = sebsd_copy_vnode_label, .mpo_internalize_cred_label = sebsd_internalize_cred_label, .mpo_externalize_cred_label = sebsd_externalize_cred_label, @@ -2099,6 +2111,11 @@ .mpo_create_proc0 = sebsd_create_proc0, .mpo_create_proc1 = sebsd_create_proc1, + .mpo_create_devfs_device = sebsd_create_devfs_device, + + .mpo_associate_vnode_extattr = sebsd_associate_vnode_extattr, + .mpo_associate_vnode_devfs = sebsd_associate_vnode_devfs, + /* Transition */ .mpo_execve_will_transition = sebsd_execve_will_transition, .mpo_execve_transition = sebsd_execve_transition
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311051426.hA5EQBmc099013>