Implement mpo_associate_nfsd_label entry point for the BIBA security policy,

we will initialize the label to biba/low for files that have been created
through an NFS RPC. This is a safe default given the default nature of our
NFS implementation, there is not a whole lot of data integrity there by
default. This also fixes kernel panics associated with file creation over NFS
while creating files on filesystems which have multilabel enabled with BIBA
enabled.

MFC after:	2 weeks
Discussed with:	rwatson

1 files changed, 13 insertions, 0 deletions

diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
index 6d6c8fd..c098fe2 100644
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -3019,6 +3019,18 @@ mac_biba_check_vnode_write(struct ucred *active_cred,
 	return (0);
 }
 
+static int
+mac_biba_associate_nfsd_label(struct ucred *cred)
+{
+	struct mac_biba *label;
+
+	label = SLOT(cred->cr_label);
+	mac_biba_set_effective(label, MAC_BIBA_TYPE_LOW, 0, NULL);
+	mac_biba_set_range(label, MAC_BIBA_TYPE_LOW, 0, NULL,
+	    MAC_BIBA_TYPE_HIGH, 0, NULL);
+	return (0);
+}
+
 static struct mac_policy_ops mac_biba_ops =
 {
 	.mpo_init = mac_biba_init,
@@ -3198,6 +3210,7 @@ static struct mac_policy_ops mac_biba_ops =
 	.mpo_check_vnode_setutimes = mac_biba_check_vnode_setutimes,
 	.mpo_check_vnode_stat = mac_biba_check_vnode_stat,
 	.mpo_check_vnode_write = mac_biba_check_vnode_write,
+	.mpo_associate_nfsd_label = mac_biba_associate_nfsd_label,
 };
 
 MAC_POLICY_SET(&mac_biba_ops, mac_biba, "TrustedBSD MAC/Biba",