From owner-p4-projects@FreeBSD.ORG Tue Jun 28 18:36:40 2005 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 885A216A420; Tue, 28 Jun 2005 18:36:39 +0000 (GMT) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3F97316A41F for ; Tue, 28 Jun 2005 18:36:39 +0000 (GMT) (envelope-from areisse@nailabs.com) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1E86543D1F for ; Tue, 28 Jun 2005 18:36:39 +0000 (GMT) (envelope-from areisse@nailabs.com) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j5SIac5U095194 for ; Tue, 28 Jun 2005 18:36:38 GMT (envelope-from areisse@nailabs.com) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j5SIacYR095191 for perforce@freebsd.org; Tue, 28 Jun 2005 18:36:38 GMT (envelope-from areisse@nailabs.com) Date: Tue, 28 Jun 2005 18:36:38 GMT Message-Id: <200506281836.j5SIacYR095191@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to areisse@nailabs.com using -f From: Andrew Reisse To: Perforce Change Reviews Cc: Subject: PERFORCE change 79087 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jun 2005 18:36:40 -0000 http://perforce.freebsd.org/chv.cgi?CH=79087 Change 79087 by areisse@areisse_ibook on 2005/06/28 18:36:04 Implement some missing features in our libselinux in order to remove libsedarwin entirely. This is security_compute_user, security_check_context, and getcon. The security_check_context provided here is a good candidate for replacement with a new syscall (perhaps sedarwin-specific) that simply validates a label. Affected files ... .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/Makefile#3 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/check_context.c#2 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/getcon.c#2 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/security_get_user_contexts.c#2 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/sedarwin_config.c#3 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/Makefile#3 (text+ko) ==== @@ -11,7 +11,7 @@ SRCS= system.c security_get_user_contexts.c get_context_list.c \ getseccontext.c query_user_context.c \ - context.c \ + context.c check_context.c getcon.c \ get_default_type.c filecon.c sedarwin_config.c \ freecon.c freeconary.c booleans.c ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/check_context.c#2 (text+ko) ==== @@ -1,27 +1,26 @@ -#include #include -#include #include #include #include -#include #include -#include "policy.h" #include +#include +#include +#include int security_check_context(security_context_t con) { - char path[PATH_MAX]; - int fd, ret; + kern_return_t kr; + char buf[strlen(con) + strlen(SEBSD_ID_STRING) + 2]; - snprintf(path, sizeof path, "%s/context", selinux_mnt); - fd = open(path, O_RDWR); - if (fd < 0) - return -1; + strcpy(buf, SEBSD_ID_STRING); + strcat(buf, "/"); + strcat(buf, con); - ret = write(fd, con, strlen(con)+1); - close(fd); - if (ret < 0) - return -1; - return 0; + kr = mac_check_name_port_access(mach_task_self(), mach_task_self(), + buf, "file", "read"); + if (kr == KERN_INVALID_ARGUMENT) + return (-1); + else + return (0); } ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/getcon.c#2 (text+ko) ==== @@ -1,44 +1,30 @@ #include -#include #include #include #include #include -#include -#include "policy.h" +#include +#include int getcon(security_context_t *context) { - char *buf; - size_t size; - int fd; - ssize_t ret; + mac_t label; + char *text; + int ret; - fd = open("/proc/self/attr/current", O_RDONLY); - if (fd < 0) - return -1; - - size = PAGE_SIZE; - buf = malloc(size); - if (!buf) { - ret = -1; - goto out; + if (mac_prepare(&label, SEBSD_ID_STRING)) + return (-1); + if (mac_get_proc(label)) { + mac_free(label); + return (-1); } - memset(buf, 0, size); + ret = mac_to_text(label, &text); + if (ret == 0) { + *context = strdup(text+1+strlen(SEBSD_ID_STRING)); + free(text); + } else + *context = NULL; - ret = read(fd, buf, size-1); - if (ret < 0) - goto out2; - - *context = strdup(buf); - if (!(*context)) { - ret = -1; - goto out2; - } - ret = 0; -out2: - free(buf); -out: - close(fd); + mac_free(label); return ret; } ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/security_get_user_contexts.c#2 (text+ko) ==== @@ -43,6 +43,8 @@ #include #include +#include + struct getsid_args { char *ctx; @@ -101,7 +103,7 @@ *retcontexts = NULL; return (0); } - contextarray = calloc(n, sizeof(char *)); + contextarray = calloc(1+n, sizeof(char *)); if (contextarray == NULL) { free(contexts); return (-1); @@ -136,3 +138,17 @@ { return security_get_some_contexts (5, fromcontext, "unused", retcontexts, ncontexts); } + +int security_compute_user(security_context_t scon, + const char *user, + security_context_t **con) +{ + size_t ncon; + int rc = security_get_user_contexts(scon,user,con,&ncon); + if (rc || ncon == 0) { + free(*con); + return -1; + } + con[ncon] = 0; + return rc; +} ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/sedarwin_config.c#3 (text+ko) ==== @@ -11,3 +11,18 @@ { return "/etc/security/sedarwin/booleans"; } + +char *selinux_default_context_path() +{ + return "/etc/security/sedarwin/default_contexts"; +} + +char *selinux_failsafe_context_path() +{ + return "/etc/security/sedarwin/failsafe_context"; +} + +char *selinux_user_contexts_path() +{ + return "/etc/security/sedarwin/user_context"; +}