Date: Fri, 31 Oct 2003 11:01:26 -0800 (PST) From: Andrew Reisse <areisse@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 40993 for review Message-ID: <200310311901.h9VJ1Qp4002934@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=40993 Change 40993 by areisse@areisse_ibook on 2003/10/31 11:01:09 initial support for exec transitions leak some memory because mach free needs size hfs associate_extattr hook Affected files ... .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/hfs/hfs_cnode.c#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_exec.c#3 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/linux-compat.h#4 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/security.h#2 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/hfs/hfs_cnode.c#2 (text+ko) ==== @@ -28,6 +28,7 @@ #include <sys/malloc.h> #include <sys/ubc.h> #include <sys/quota.h> +#include <sys/mac.h> #include <miscfs/specfs/specdev.h> #include <miscfs/fifofs/fifo.h> @@ -443,6 +444,10 @@ panic("hfs_getcnode: missing vp!"); UBCINFOCHECK("hfs_getcnode", vp); + +#ifdef MAC + mac_associate_vnode_extattr (hfsmp->hfs_mp, vp); +#endif *vpp = vp; return (0); } ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_exec.c#3 (text+ko) ==== @@ -116,8 +116,16 @@ (type *)( ( (unsigned)(addr) + 16 - 1) \ & ~(16 - 1) ) +struct mac_execve_args { + char *fname; + char **argp; + char **envp; + struct mac *mac_p; +}; + static int load_return_to_errno(load_return_t lrtn); int execve(struct proc *p, struct execve_args *uap, register_t *retval); +int mac_execve(struct proc *p, struct mac_execve_args *uap, register_t *retval); static int execargs_alloc(vm_offset_t *addrp); static int execargs_free(vm_offset_t addr); @@ -131,11 +139,24 @@ return (execve(p, args, retval)); } -/* ARGSUSED */ +int +execve(p, args, retval) + struct proc *p; + struct execve_args *args; + int *retval; +{ + struct mac_execve_args margs; + margs.fname = args->fname; + margs.argp = args->argp; + margs.envp = args->envp; + margs.mac_p = NULL; + return (mac_execve(p, &margs, retval)); +} + int -execve(p, uap, retval) - register struct proc *p; - register struct execve_args *uap; +mac_execve(p, uap, retval) + register struct proc *p; + register struct mac_execve_args *uap; register_t *retval; { register struct ucred *cred = p->p_ucred; @@ -189,6 +210,13 @@ unsigned long arch_offset =0; unsigned long arch_size = 0; char *ws_cache_name = NULL; /* used for pre-heat */ + int cred_change = 0; +#ifdef MAC + struct label execlabel; + struct label *execlabelp; + int no_trans = 0; + int will_transition = 0; +#endif task = current_task(); thr_act = current_act(); @@ -207,10 +235,14 @@ } } -#ifdef MAC_TBD - error = mac_execve_enter(NULL, NULL); - if (error) - return(error); +#ifdef MAC + if (uap->mac_p) { + error = mac_execve_enter (uap->mac_p, &execlabel); + if (error) + return(error); + execlabelp = &execlabel; + } else + execlabelp = NULL; #endif error = execargs_alloc(&execargs); @@ -277,8 +309,12 @@ } indir = 0; - if ((vp->v_mount->mnt_flag & MNT_NOSUID) || (p->p_flag & P_TRACED)) + if ((vp->v_mount->mnt_flag & MNT_NOSUID) || (p->p_flag & P_TRACED)) { origvattr.va_mode &= ~(VSUID | VSGID); +#ifdef MAC + no_trans = 1; +#endif + } *(&vattr) = *(&origvattr); @@ -564,6 +600,13 @@ /* load_machfile() maps the vnode */ ubc_map(vp); + /* Transitions */ +#ifdef MAC + will_transition = mac_execve_will_transition (p->p_ucred, vp, NULL, + execlabelp); + cred_change |= will_transition; +#endif + /* * deal with set[ug]id. */ @@ -571,8 +614,10 @@ if (((origvattr.va_mode & VSUID) != 0 && p->p_ucred->cr_uid != origvattr.va_uid) || (origvattr.va_mode & VSGID) != 0 && - p->p_ucred->cr_gid != origvattr.va_gid) { - p->p_ucred = crcopy(cred); + p->p_ucred->cr_gid != origvattr.va_gid) + cred_change = 1; + + if (cred_change) { #if KTRACE /* * If process is being ktraced, turn off - unless @@ -585,13 +630,25 @@ vrele(tvp); } #endif - if (origvattr.va_mode & VSUID) - p->p_ucred->cr_uid = origvattr.va_uid; - if (origvattr.va_mode & VSGID) - p->p_ucred->cr_gid = origvattr.va_gid; + + p->p_ucred = crdup(cred); + + if (origvattr.va_mode & (VSUID || VSGID)) { + if (origvattr.va_mode & VSUID) + p->p_ucred->cr_uid = origvattr.va_uid; + if (origvattr.va_mode & VSGID) + p->p_ucred->cr_gid = origvattr.va_gid; + + set_security_token(p); + p->p_flag |= P_SUGID; + } + +#ifdef MAC + if (will_transition && !no_trans) + mac_execve_transition (cred, p->p_ucred, vp, NULL, execlabelp); +#endif - set_security_token(p); - p->p_flag |= P_SUGID; + crfree (cred); /* Radar 2261856; setuid security hole fix */ /* Patch from OpenBSD: A. Ramesh */ ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/linux-compat.h#4 (text+ko) ==== @@ -133,7 +133,7 @@ #endif /* __APPLE__ */ #define kmalloc(size,flags) sebsd_malloc(size, flags) -#define kfree(v) free(v, M_SEBSD) +#define kfree(v) /*free(v, M_SEBSD)*/ /* XXX need page size */ #define __get_free_page(flags) sebsd_malloc(4096, flags) #define GFP_ATOMIC M_NOWAIT ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/ss/security.h#2 (text+ko) ==== @@ -67,7 +67,7 @@ int security_genfs_sid(const char *fstype, char *name, security_class_t sclass, security_id_t *sid); -#define security_free_context(ctx) ({ if (ctx) free(ctx, M_SEBSD); }) +#define security_free_context(ctx) /*({ if (ctx) free(ctx, M_SEBSD); })*/ #endif /* _SELINUX_SECURITY_H_ */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200310311901.h9VJ1Qp4002934>