diff options
| author | rwatson <rwatson@FreeBSD.org> | 2008-08-23 15:26:36 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2008-08-23 15:26:36 +0000 |
| commit | 78a117e6fa3ea5484baa385417846432dcafd758 (patch) | |
| tree | 5219c0b4d17dd1dcbcb5fda367c1905a0929ee2b /sys/security/mac_partition | |
| parent | 36dc0db8e1fa12d3f6a38164a5fb1ae82fc45eba (diff) | |
| download | FreeBSD-src-78a117e6fa3ea5484baa385417846432dcafd758.zip FreeBSD-src-78a117e6fa3ea5484baa385417846432dcafd758.tar.gz | |
Introduce two related changes to the TrustedBSD MAC Framework:
(1) Abstract interpreter vnode labeling in execve(2) and mac_execve(2)
so that the general exec code isn't aware of the details of
allocating, copying, and freeing labels, rather, simply passes in
a void pointer to start and stop functions that will be used by
the framework. This change will be MFC'd.
(2) Introduce a new flags field to the MAC_POLICY_SET(9) interface
allowing policies to declare which types of objects require label
allocation, initialization, and destruction, and define a set of
flags covering various supported object types (MPC_OBJECT_PROC,
MPC_OBJECT_VNODE, MPC_OBJECT_INPCB, ...). This change reduces the
overhead of compiling the MAC Framework into the kernel if policies
aren't loaded, or if policies require labels on only a small number
or even no object types. Each time a policy is loaded or unloaded,
we recalculate a mask of labeled object types across all policies
present in the system. Eliminate MAC_ALWAYS_LABEL_MBUF option as it
is no longer required.
MFC after: 1 week ((1) only)
Reviewed by: csjp
Obtained from: TrustedBSD Project
Sponsored by: Apple, Inc.
Diffstat (limited to 'sys/security/mac_partition')
| -rw-r--r-- | sys/security/mac_partition/mac_partition.c | 33 |
1 files changed, 26 insertions, 7 deletions
diff --git a/sys/security/mac_partition/mac_partition.c b/sys/security/mac_partition/mac_partition.c index 153155c..255e776 100644 --- a/sys/security/mac_partition/mac_partition.c +++ b/sys/security/mac_partition/mac_partition.c @@ -2,6 +2,7 @@ * Copyright (c) 1999-2002, 2007 Robert N. M. Watson * Copyright (c) 2001-2002 Networks Associates Technology, Inc. * Copyright (c) 2006 SPARTA, Inc. + * Copyright (c) 2008 Apple Inc. * All rights reserved. * * This software was developed by Robert Watson for the TrustedBSD Project. @@ -76,9 +77,20 @@ label_on_label(struct label *subject, struct label *object) if (partition_enabled == 0) return (0); + if (subject == NULL) + return (0); + if (SLOT(subject) == 0) return (0); + /* + * If the object label hasn't been allocated, then it's effectively + * not in a partition, and we know the subject is as it has a label + * and it's not 0, so reject. + */ + if (object == NULL) + return (EPERM); + if (SLOT(subject) == SLOT(object)) return (0); @@ -124,7 +136,10 @@ static void partition_cred_copy_label(struct label *src, struct label *dest) { - SLOT_SET(dest, SLOT(src)); + if (src != NULL && dest != NULL) + SLOT_SET(dest, SLOT(src)); + else if (dest != NULL) + SLOT_SET(dest, 0); } static void @@ -144,10 +159,14 @@ partition_cred_externalize_label(struct label *label, char *element_name, (*claimed)++; - if (sbuf_printf(sb, "%jd", (intmax_t)SLOT(label)) == -1) - return (EINVAL); - else - return (0); + if (label != NULL) { + if (sbuf_printf(sb, "%jd", (intmax_t)SLOT(label)) == -1) + return (EINVAL); + } else { + if (sbuf_printf(sb, "0") == -1) + return (EINVAL); + } + return (0); } static void @@ -174,7 +193,7 @@ static void partition_cred_relabel(struct ucred *cred, struct label *newlabel) { - if (SLOT(newlabel) != 0) + if (newlabel != NULL && SLOT(newlabel) != 0) SLOT_SET(cred->cr_label, SLOT(newlabel)); } @@ -273,4 +292,4 @@ static struct mac_policy_ops partition_ops = }; MAC_POLICY_SET(&partition_ops, mac_partition, "TrustedBSD MAC/Partition", - MPC_LOADTIME_FLAG_UNLOADOK, &partition_slot); + MPC_LOADTIME_FLAG_UNLOADOK, &partition_slot, MPC_OBJECT_CRED); |
