Merge implementation of mpo_check_vnode_link() for various appropriate

file-system aware MAC policies.  Sync to MAC tree.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories

6 files changed, 113 insertions, 0 deletions

diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
index 8d53cdb..eb1345f 100644
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -1510,6 +1510,30 @@ mac_biba_check_vnode_getextattr(struct ucred *cred, struct vnode *vp,
 }
 
 static int
+mac_biba_check_vnode_link(struct ucred *cred, struct vnode *dvp,
+    struct label *dlabel, struct vnode *vp, struct label *label,
+    struct componentname *cnp)
+{
+	struct mac_biba *subj, *obj;
+
+	if (!mac_biba_enabled)
+		return (0);
+
+	subj = SLOT(&cred->cr_label);
+	obj = SLOT(dlabel);
+
+	if (!mac_biba_dominate_single(subj, obj))
+		return (EACCES);
+
+	obj = SLOT(label);
+
+	if (!mac_biba_dominate_single(subj, obj))
+		return (EACCES);
+
+	return (0);
+}
+
+static int
 mac_biba_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
     struct label *dlabel, struct componentname *cnp)
 {
@@ -2087,6 +2111,8 @@ static struct mac_policy_op_entry mac_biba_ops[] =
 	    (macop_t)mac_biba_check_vnode_getacl },
 	{ MAC_CHECK_VNODE_GETEXTATTR,
 	    (macop_t)mac_biba_check_vnode_getextattr },
+	{ MAC_CHECK_VNODE_LINK,
+	    (macop_t)mac_biba_check_vnode_link },
 	{ MAC_CHECK_VNODE_LOOKUP,
 	    (macop_t)mac_biba_check_vnode_lookup },
 	{ MAC_CHECK_VNODE_OPEN,
diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c
index 7fae867..e6148cc 100644
--- a/sys/security/mac_bsdextended/mac_bsdextended.c
+++ b/sys/security/mac_bsdextended/mac_bsdextended.c
@@ -445,6 +445,33 @@ mac_bsdextended_check_vnode_getextattr(struct ucred *cred, struct vnode *vp,
 }
 
 static int
+mac_bsdextended_check_vnode_link(struct ucred *cred, struct vnode *dvp,
+    struct label *dlabel, struct vnode *vp, struct label *label,
+    struct componentname *cnp)
+{
+	struct vattr vap;
+	int error;
+
+	if (!mac_bsdextended_enabled)
+		return (0);
+
+	error = VOP_GETATTR(dvp, &vap, cred, curthread);
+	if (error)
+		return (error);
+	error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE);
+		if (error)  
+	return (error);
+
+	error = VOP_GETATTR(vp, &vap, cred, curthread);
+	if (error)
+		return (error);
+	error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE);
+	if (error)
+		return (error);
+	return (0);
+}
+
+static int
 mac_bsdextended_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
     struct label *dlabel, struct componentname *cnp)
 {
@@ -715,6 +742,8 @@ static struct mac_policy_op_entry mac_bsdextended_ops[] =
 	    (macop_t)mac_bsdextended_check_vnode_getacl },
 	{ MAC_CHECK_VNODE_GETEXTATTR,
 	    (macop_t)mac_bsdextended_check_vnode_getextattr },
+	{ MAC_CHECK_VNODE_LINK,
+	    (macop_t)mac_bsdextended_check_vnode_link },
 	{ MAC_CHECK_VNODE_LOOKUP,
 	    (macop_t)mac_bsdextended_check_vnode_lookup },
 	{ MAC_CHECK_VNODE_OPEN,
diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c
index 27b74b1..4adc3f5 100644
--- a/sys/security/mac_mls/mac_mls.c
+++ b/sys/security/mac_mls/mac_mls.c
@@ -1471,6 +1471,29 @@ mac_mls_check_vnode_getextattr(struct ucred *cred, struct vnode *vp,
 	return (0);
 }
 
+static int 
+mac_mls_check_vnode_link(struct ucred *cred, struct vnode *dvp,
+    struct label *dlabel, struct vnode *vp, struct label *label,
+    struct componentname *cnp)
+{
+	struct mac_mls *subj, *obj;
+
+	if (!mac_mls_enabled)
+		return (0);
+
+	subj = SLOT(&cred->cr_label);
+	obj = SLOT(dlabel);
+
+	if (!mac_mls_dominate_single(obj, subj))
+		return (EACCES);
+
+	obj = SLOT(dlabel);
+	if (!mac_mls_dominate_single(obj, subj))
+		return (EACCES);
+
+	return (0);
+}
+
 static int
 mac_mls_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
     struct label *dlabel, struct componentname *cnp)
@@ -2050,6 +2073,8 @@ static struct mac_policy_op_entry mac_mls_ops[] =
 	    (macop_t)mac_mls_check_vnode_getacl },
 	{ MAC_CHECK_VNODE_GETEXTATTR,
 	    (macop_t)mac_mls_check_vnode_getextattr },
+	{ MAC_CHECK_VNODE_LINK,
+	    (macop_t)mac_mls_check_vnode_link },
 	{ MAC_CHECK_VNODE_LOOKUP,
 	    (macop_t)mac_mls_check_vnode_lookup },
 	{ MAC_CHECK_VNODE_OPEN,
diff --git a/sys/security/mac_none/mac_none.c b/sys/security/mac_none/mac_none.c
index 052628b..4bda24e 100644
--- a/sys/security/mac_none/mac_none.c
+++ b/sys/security/mac_none/mac_none.c
@@ -669,6 +669,15 @@ mac_none_check_vnode_getextattr(struct ucred *cred, struct vnode *vp,
 	return (0);
 }
 
+static int 
+mac_none_check_vnode_link(struct ucred *cred, struct vnode *dvp,
+    struct label *dlabel, struct vnode *vp, struct label *label,
+    struct componentname *cnp)
+{
+
+	return (0);
+}
+
 static int
 mac_none_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, 
     struct label *dlabel, struct componentname *cnp)
@@ -1019,6 +1028,8 @@ static struct mac_policy_op_entry mac_none_ops[] =
 	    (macop_t)mac_none_check_vnode_getacl },
 	{ MAC_CHECK_VNODE_GETEXTATTR,
 	    (macop_t)mac_none_check_vnode_getextattr },
+	{ MAC_CHECK_VNODE_LINK,
+	    (macop_t)mac_none_check_vnode_link },
 	{ MAC_CHECK_VNODE_LOOKUP,
 	    (macop_t)mac_none_check_vnode_lookup },
 	{ MAC_CHECK_VNODE_OPEN,
diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c
index 052628b..4bda24e 100644
--- a/sys/security/mac_stub/mac_stub.c
+++ b/sys/security/mac_stub/mac_stub.c
@@ -669,6 +669,15 @@ mac_none_check_vnode_getextattr(struct ucred *cred, struct vnode *vp,
 	return (0);
 }
 
+static int 
+mac_none_check_vnode_link(struct ucred *cred, struct vnode *dvp,
+    struct label *dlabel, struct vnode *vp, struct label *label,
+    struct componentname *cnp)
+{
+
+	return (0);
+}
+
 static int
 mac_none_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, 
     struct label *dlabel, struct componentname *cnp)
@@ -1019,6 +1028,8 @@ static struct mac_policy_op_entry mac_none_ops[] =
 	    (macop_t)mac_none_check_vnode_getacl },
 	{ MAC_CHECK_VNODE_GETEXTATTR,
 	    (macop_t)mac_none_check_vnode_getextattr },
+	{ MAC_CHECK_VNODE_LINK,
+	    (macop_t)mac_none_check_vnode_link },
 	{ MAC_CHECK_VNODE_LOOKUP,
 	    (macop_t)mac_none_check_vnode_lookup },
 	{ MAC_CHECK_VNODE_OPEN,
diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c
index c6335da..bff758a 100644
--- a/sys/security/mac_test/mac_test.c
+++ b/sys/security/mac_test/mac_test.c
@@ -1046,6 +1046,15 @@ mac_test_check_vnode_getextattr(struct ucred *cred, struct vnode *vp,
 }
 
 static int
+mac_test_check_vnode_link(struct ucred *cred, struct vnode *dvp,
+    struct label *dlabel, struct vnode *vp, struct label *label,
+    struct componentname *cnp)
+{
+
+	return (0);
+}
+
+static int
 mac_test_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, 
     struct label *dlabel, struct componentname *cnp)
 {
@@ -1393,6 +1402,8 @@ static struct mac_policy_op_entry mac_test_ops[] =
 	    (macop_t)mac_test_check_vnode_getacl },
 	{ MAC_CHECK_VNODE_GETEXTATTR,
 	    (macop_t)mac_test_check_vnode_getextattr },
+	{ MAC_CHECK_VNODE_LINK,
+	    (macop_t)mac_test_check_vnode_link },
 	{ MAC_CHECK_VNODE_LOOKUP,
 	    (macop_t)mac_test_check_vnode_lookup },
 	{ MAC_CHECK_VNODE_OPEN,