From owner-p4-projects@FreeBSD.ORG Fri Jul 25 10:23:32 2003 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id E3A8C37B407; Fri, 25 Jul 2003 10:23:31 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6F61A37B401 for ; Fri, 25 Jul 2003 10:23:31 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1B58B43F85 for ; Fri, 25 Jul 2003 10:23:30 -0700 (PDT) (envelope-from cvance@nailabs.com) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id h6PHNU0U045771 for ; Fri, 25 Jul 2003 10:23:30 -0700 (PDT) (envelope-from cvance@nailabs.com) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id h6PHNTxi045768 for perforce@freebsd.org; Fri, 25 Jul 2003 10:23:29 -0700 (PDT) Date: Fri, 25 Jul 2003 10:23:29 -0700 (PDT) Message-Id: <200307251723.h6PHNTxi045768@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to cvance@nailabs.com using -f From: Chris Vance To: Perforce Change Reviews Subject: PERFORCE change 34994 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jul 2003 17:23:33 -0000 http://perforce.freebsd.org/chv.cgi?CH=34994 Change 34994 by cvance@cvance_osx_laptop on 2003/07/25 10:22:57 Convince the TrustedBSD framework to at least build and boot under an OSX 10.2.6 userspace environment. This required crippling the framework a bit, and some user elements (airport cards) don't appear to work quite right. Broad changes include: - using the appropriate Darwin MALLOC/FREE macros - commenting out the new system calls - ifdef'ing out the use of mbuf labels (the labels break binary compatibility) - previous commits added new routines needed by the framework: strsep, condition variables, sbufs, etc. Affected files ... .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#14 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#14 (text+ko) ==== @@ -53,6 +53,7 @@ #include #include #include +#include #include #include #include @@ -60,6 +61,7 @@ #include #include #include +#include #include @@ -89,8 +91,11 @@ #define mtx_assert(x, y) #define MA_OWNED #define PROC_LOCK_ASSERT(x, y) +#define M_ASSERTPKTHDR(x) -SYSCTL_DECL(_security); +#define ASSERT_VOP_LOCKED(vp,msg) \ + if (vp && !VOP_ISLOCKED(vp)) \ + Debugger("vnode lock violation.\n"); SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); @@ -132,42 +137,42 @@ static int mac_labelmbufs = 0; #endif -static int mac_enforce_fs = 1; +static int mac_enforce_fs = 0; SYSCTL_INT(_security_mac, OID_AUTO, enforce_fs, CTLFLAG_RW, &mac_enforce_fs, 0, "Enforce MAC policy on file system objects"); TUNABLE_INT("security.mac.enforce_fs", &mac_enforce_fs); -static int mac_enforce_kld = 1; +static int mac_enforce_kld = 0; SYSCTL_INT(_security_mac, OID_AUTO, enforce_kld, CTLFLAG_RW, &mac_enforce_kld, 0, "Enforce MAC policy on kld operations"); TUNABLE_INT("security.mac.enforce_kld", &mac_enforce_kld); -static int mac_enforce_network = 1; +static int mac_enforce_network = 0; SYSCTL_INT(_security_mac, OID_AUTO, enforce_network, CTLFLAG_RW, &mac_enforce_network, 0, "Enforce MAC policy on network packets"); TUNABLE_INT("security.mac.enforce_network", &mac_enforce_network); -static int mac_enforce_pipe = 1; +static int mac_enforce_pipe = 0; SYSCTL_INT(_security_mac, OID_AUTO, enforce_pipe, CTLFLAG_RW, &mac_enforce_pipe, 0, "Enforce MAC policy on pipe operations"); TUNABLE_INT("security.mac.enforce_pipe", &mac_enforce_pipe); -static int mac_enforce_process = 1; +static int mac_enforce_process = 0; SYSCTL_INT(_security_mac, OID_AUTO, enforce_process, CTLFLAG_RW, &mac_enforce_process, 0, "Enforce MAC policy on inter-process operations"); TUNABLE_INT("security.mac.enforce_process", &mac_enforce_process); -static int mac_enforce_socket = 1; +static int mac_enforce_socket = 0; SYSCTL_INT(_security_mac, OID_AUTO, enforce_socket, CTLFLAG_RW, &mac_enforce_socket, 0, "Enforce MAC policy on socket operations"); TUNABLE_INT("security.mac.enforce_socket", &mac_enforce_socket); -static int mac_enforce_system = 1; +static int mac_enforce_system = 0; SYSCTL_INT(_security_mac, OID_AUTO, enforce_system, CTLFLAG_RW, &mac_enforce_system, 0, "Enforce MAC policy on system operations"); TUNABLE_INT("security.mac.enforce_system", &mac_enforce_system); -static int mac_enforce_vm = 1; +static int mac_enforce_vm = 0; SYSCTL_INT(_security_mac, OID_AUTO, enforce_vm, CTLFLAG_RW, &mac_enforce_vm, 0, "Enforce MAC policy on vm operations"); TUNABLE_INT("security.mac.enforce_vm", &mac_enforce_vm); @@ -176,7 +181,7 @@ SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation, CTLFLAG_RW, &mac_mmap_revocation, 0, "Revoke mmap access to files on subject " "relabel"); -static int mac_mmap_revocation_via_cow = 1; +static int mac_mmap_revocation_via_cow = 0; SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation_via_cow, CTLFLAG_RW, &mac_mmap_revocation_via_cow, 0, "Revoke mmap access to files via " "copy-on-write semantics, or by removing all write access"); @@ -751,8 +756,9 @@ tag = m_tag_find(mbuf, PACKET_TAG_MACLABEL, NULL); label = (struct label *)(tag+1); #endif +#ifdef NO_MBUF label = &mbuf->m_pkthdr.label; - +#endif return (label); } @@ -907,12 +913,14 @@ } #endif #else +#ifdef NO_MBUF mac_init_label(&m->m_pkthdr.label); MAC_CHECK(init_mbuf_label, &m->m_pkthdr.label, flag); if (error) { MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label); - mac_destroy(&m->m_pkthdr.label); + mac_destroy_label(&m->m_pkthdr.label); } +#endif /* NO_MBUF */ #ifdef MAC_DEBUG if (error == 0) atomic_add_int(&nmacmbufs, 1); @@ -951,7 +959,8 @@ { struct label *label; - label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK); + MALLOC(label, struct label *, + sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK); pipe->pipe_label = label; pipe->pipe_peer->pipe_label = label; mac_init_pipe_label(label); @@ -1115,8 +1124,10 @@ mac_destroy_mbuf(struct mbuf *m) { +#ifdef NO_MBUF MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label); mac_destroy_label(&m->m_pkthdr.label); +#endif /* NO_MBUF */ #ifdef MAC_DEBUG atomic_subtract_int(&nmacmbufs, 1); #endif @@ -1152,7 +1163,7 @@ { mac_destroy_pipe_label(pipe->pipe_label); - free(pipe->pipe_label, M_MACPIPELABEL); + FREE(pipe->pipe_label, M_MACPIPELABEL); } #endif @@ -1216,7 +1227,9 @@ mac_copy_mbuf(struct mbuf *src, struct mbuf *dst) { +#ifdef NO_MBUF MAC_PERFORM(copy_mbuf_label, &src->m_pkthdr.label, &dst->m_pkthdr.label); +#endif /* NO_MBUF */ } #if 0 @@ -1449,6 +1462,7 @@ &vp->v_label); } +#if 0 int mac_create_vnode_extattr(struct ucred *cred, struct mount *mp, struct vnode *dvp, struct vnode *vp, struct componentname *cnp) @@ -1519,7 +1533,6 @@ return (error); } -#if 0 int mac_execve_enter(struct image_params *imgp, struct mac *mac_p, struct label *execlabelstorage) @@ -1542,13 +1555,13 @@ buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); return (error); } mac_init_cred_label(execlabelstorage); error = mac_internalize_cred_label(execlabelstorage, buffer); - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); if (error) { mac_destroy_cred_label(execlabelstorage); return (error); @@ -3085,21 +3098,21 @@ if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(elements, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { - free(elements, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); error = mac_externalize_ifnet_label(&ifnet->if_label, elements, buffer, mac.m_buflen, M_WAITOK); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); - free(buffer, M_MACTEMP); - free(elements, M_MACTEMP); + FREE(buffer, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } @@ -3121,16 +3134,16 @@ if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); return (error); } mac_init_ifnet_label(&intlabel); error = mac_internalize_ifnet_label(&intlabel, buffer); - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); if (error) { mac_destroy_ifnet_label(&intlabel); return (error); @@ -3141,7 +3154,10 @@ * policies impose this check themselves if required by the * policy. Eventually, this should go away. */ - error = suser_cred(cred, 0); + /* + * Since it doesn't compile on Darwin... + * error = suser_cred(cred, 0); + */ if (error) { mac_destroy_ifnet_label(&intlabel); return (error); @@ -3201,16 +3217,16 @@ if (error) return (error); - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(buffer, char *, mac->m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac->m_string, buffer, mac->m_buflen, NULL); if (error) { - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); return (error); } mac_init_socket_label(&intlabel, M_WAITOK); error = mac_internalize_socket_label(&intlabel, buffer); - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); if (error) { mac_destroy_socket_label(&intlabel); return (error); @@ -3257,21 +3273,21 @@ if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(elements, char *, mac->m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { - free(elements, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + MALLOC(buffer, char *, mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); error = mac_externalize_socket_label(&so->so_label, elements, buffer, mac->m_buflen, M_WAITOK); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); - free(buffer, M_MACTEMP); - free(elements, M_MACTEMP); + FREE(buffer, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } @@ -3287,25 +3303,26 @@ if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(elements, char *, mac->m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { - free(elements, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + MALLOC(buffer, char *, mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); error = mac_externalize_socket_peer_label(&so->so_peerlabel, elements, buffer, mac->m_buflen, M_WAITOK); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); - free(buffer, M_MACTEMP); - free(elements, M_MACTEMP); + FREE(buffer, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } +#if 0 /* TBD/CDV */ /* * Implementation of VOP_SETLABEL() that relies on extended attributes * to store label data. Can be referenced by filesystems supporting @@ -3404,22 +3421,22 @@ if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(elements, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { - free(elements, M_MACTEMP); + FREE(elements, M_MACTEMP); crfree(tcred); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); error = mac_externalize_cred_label(&tcred->cr_label, elements, buffer, mac.m_buflen, M_WAITOK); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); - free(buffer, M_MACTEMP); - free(elements, M_MACTEMP); + FREE(buffer, M_MACTEMP); + FREE(elements, M_MACTEMP); crfree(tcred); return (error); } @@ -3442,21 +3459,21 @@ if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(elements, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { - free(elements, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); error = mac_externalize_cred_label(&td->td_ucred->cr_label, elements, buffer, mac.m_buflen, M_WAITOK); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); - free(buffer, M_MACTEMP); - free(elements, M_MACTEMP); + FREE(buffer, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } @@ -3481,16 +3498,16 @@ if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); return (error); } mac_init_cred_label(&intlabel); error = mac_internalize_cred_label(&intlabel, buffer); - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); if (error) { mac_destroy_cred_label(&intlabel); return (error); @@ -3562,14 +3579,14 @@ if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(elements, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { - free(elements, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); #if 0 mutex_lock(&Giant); /* VFS */ /* XXX FUNNEL? */ #endif @@ -3638,8 +3655,8 @@ #if 0 mutex_unlock(&Giant); /* VFS */ /* XXX FUNNEL? */ #endif - free(buffer, M_MACTEMP); - free(elements, M_MACTEMP); + FREE(buffer, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } @@ -3664,14 +3681,14 @@ if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(elements, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { - free(elements, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); #if 0 mutex_lock(&Giant); /* VFS */ /* XXX FUNNEL? */ #endif @@ -3697,8 +3714,8 @@ mutex_unlock(&Giant); /* VFS */ /* XXX FUNNEL? */ #endif - free(buffer, M_MACTEMP); - free(elements, M_MACTEMP); + FREE(buffer, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } @@ -3723,14 +3740,14 @@ if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(elements, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { - free(elements, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); #if 0 mutex_lock(&Giant); /* VFS */ /* XXX FUNNEL? */ #endif @@ -3755,8 +3772,8 @@ mutex_unlock(&Giant); /* VFS */ /* XXX FUNNEL? */ #endif - free(buffer, M_MACTEMP); - free(elements, M_MACTEMP); + FREE(buffer, M_MACTEMP); + FREE(elements, M_MACTEMP); return (error); } @@ -3786,10 +3803,10 @@ if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); return (error); } @@ -3854,7 +3871,7 @@ mutex_unlock(&Giant); /* VFS */ /* XXX FUNNEL? */ #endif - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); return (error); } @@ -3880,16 +3897,16 @@ if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); return (error); } mac_init_vnode_label(&intlabel); error = mac_internalize_vnode_label(&intlabel, buffer); - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); if (error) { mac_destroy_vnode_label(&intlabel); return (error); @@ -3940,16 +3957,16 @@ if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); return (error); } mac_init_vnode_label(&intlabel); error = mac_internalize_vnode_label(&intlabel, buffer); - free(buffer, M_MACTEMP); + FREE(buffer, M_MACTEMP); if (error) { mac_destroy_vnode_label(&intlabel); return (error); @@ -4017,12 +4034,14 @@ out: return (error); } +#endif /* !0 TBD/CDV*/ SYSINIT(mac, SI_SUB_MAC, SI_ORDER_FIRST, mac_init, NULL); SYSINIT(mac_late, SI_SUB_MAC_LATE, SI_ORDER_FIRST, mac_late_init, NULL); #else /* !MAC */ +#if 0 /* TBD/CDV*/ int __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) { @@ -4047,7 +4066,7 @@ int __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) { - +> return (ENOSYS); } @@ -4092,5 +4111,6 @@ return (ENOSYS); } +#endif /* !0 TBD/CDV*/ #endif /* !MAC */