diff options
author | rwatson <rwatson@FreeBSD.org> | 2007-10-29 13:33:06 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2007-10-29 13:33:06 +0000 |
commit | a4265719055fe445116eb2743b6aacf518bb1a8d (patch) | |
tree | b5d3ede5fbbf1cb40c13deb6bb8e406ce58b639e /sys/security/mac_partition | |
parent | 17e940f736d56194ae75e4a2963c775a59f0a3f6 (diff) | |
download | FreeBSD-src-a4265719055fe445116eb2743b6aacf518bb1a8d.zip FreeBSD-src-a4265719055fe445116eb2743b6aacf518bb1a8d.tar.gz |
Resort TrustedBSD MAC Framework policy entry point implementations and
declarations to match the object, operation sort order in the framework
itself.
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/security/mac_partition')
-rw-r--r-- | sys/security/mac_partition/mac_partition.c | 158 |
1 files changed, 81 insertions, 77 deletions
diff --git a/sys/security/mac_partition/mac_partition.c b/sys/security/mac_partition/mac_partition.c index a3bfbe4..33a036a 100644 --- a/sys/security/mac_partition/mac_partition.c +++ b/sys/security/mac_partition/mac_partition.c @@ -69,123 +69,113 @@ static int partition_slot; #define SLOT(l) mac_label_get((l), partition_slot) #define SLOT_SET(l, v) mac_label_set((l), partition_slot, (v)) -static void -partition_init_label(struct label *label) +static int +label_on_label(struct label *subject, struct label *object) { - SLOT_SET(label, 0); -} - -static void -partition_destroy_label(struct label *label) -{ + if (mac_partition_enabled == 0) + return (0); - SLOT_SET(label, 0); -} + if (SLOT(subject) == 0) + return (0); -static void -partition_copy_label(struct label *src, struct label *dest) -{ + if (SLOT(subject) == SLOT(object)) + return (0); - SLOT_SET(dest, SLOT(src)); + return (EPERM); } +/* + * Object-specific entry points are sorted alphabetically by object type name + * and then by operation. + */ static int -partition_externalize_label(struct label *label, char *element_name, - struct sbuf *sb, int *claimed) +partition_cred_check_relabel(struct ucred *cred, struct label *newlabel) { + int error; - if (strcmp(MAC_PARTITION_LABEL_NAME, element_name) != 0) - return (0); + error = 0; - (*claimed)++; + /* Treat "0" as a no-op request. */ + if (SLOT(newlabel) != 0) { + /* + * Require BSD privilege in order to change the partition. + * Originally we also required that the process not be in a + * partition in the first place, but this didn't interact + * well with sendmail. + */ + error = priv_check_cred(cred, PRIV_MAC_PARTITION, 0); + } - if (sbuf_printf(sb, "%jd", (intmax_t)SLOT(label)) == -1) - return (EINVAL); - else - return (0); + return (error); } static int -partition_internalize_label(struct label *label, char *element_name, - char *element_data, int *claimed) +partition_cred_check_visible(struct ucred *cr1, struct ucred *cr2) { + int error; - if (strcmp(MAC_PARTITION_LABEL_NAME, element_name) != 0) - return (0); - - (*claimed)++; - SLOT_SET(label, strtol(element_data, NULL, 10)); - return (0); -} - -static void -partition_proc_create_swapper(struct ucred *cred) -{ + error = label_on_label(cr1->cr_label, cr2->cr_label); - SLOT_SET(cred->cr_label, 0); + return (error == 0 ? 0 : ESRCH); } static void -partition_proc_create_init(struct ucred *cred) +partition_cred_copy_label(struct label *src, struct label *dest) { - SLOT_SET(cred->cr_label, 0); + SLOT_SET(dest, SLOT(src)); } static void -partition_cred_relabel(struct ucred *cred, struct label *newlabel) +partition_cred_destroy_label(struct label *label) { - if (SLOT(newlabel) != 0) - SLOT_SET(cred->cr_label, SLOT(newlabel)); + SLOT_SET(label, 0); } static int -label_on_label(struct label *subject, struct label *object) +partition_cred_externalize_label(struct label *label, char *element_name, + struct sbuf *sb, int *claimed) { - if (mac_partition_enabled == 0) + if (strcmp(MAC_PARTITION_LABEL_NAME, element_name) != 0) return (0); - if (SLOT(subject) == 0) - return (0); + (*claimed)++; - if (SLOT(subject) == SLOT(object)) + if (sbuf_printf(sb, "%jd", (intmax_t)SLOT(label)) == -1) + return (EINVAL); + else return (0); +} - return (EPERM); +static void +partition_cred_init_label(struct label *label) +{ + + SLOT_SET(label, 0); } static int -partition_cred_check_relabel(struct ucred *cred, struct label *newlabel) +partition_cred_internalize_label(struct label *label, char *element_name, + char *element_data, int *claimed) { - int error; - - error = 0; - /* Treat "0" as a no-op request. */ - if (SLOT(newlabel) != 0) { - /* - * Require BSD privilege in order to change the partition. - * Originally we also required that the process not be in a - * partition in the first place, but this didn't interact - * well with sendmail. - */ - error = priv_check_cred(cred, PRIV_MAC_PARTITION, 0); - } + if (strcmp(MAC_PARTITION_LABEL_NAME, element_name) != 0) + return (0); - return (error); + (*claimed)++; + SLOT_SET(label, strtol(element_data, NULL, 10)); + return (0); } -static int -partition_cred_check_visible(struct ucred *cr1, struct ucred *cr2) +static void +partition_cred_relabel(struct ucred *cred, struct label *newlabel) { - int error; - error = label_on_label(cr1->cr_label, cr2->cr_label); - - return (error == 0 ? 0 : ESRCH); + if (SLOT(newlabel) != 0) + SLOT_SET(cred->cr_label, SLOT(newlabel)); } static int @@ -219,6 +209,20 @@ partition_proc_check_signal(struct ucred *cred, struct proc *p, return (error ? ESRCH : 0); } +static void +partition_proc_create_init(struct ucred *cred) +{ + + SLOT_SET(cred->cr_label, 0); +} + +static void +partition_proc_create_swapper(struct ucred *cred) +{ + + SLOT_SET(cred->cr_label, 0); +} + static int partition_socket_check_visible(struct ucred *cred, struct socket *so, struct label *solabel) @@ -251,19 +255,19 @@ partition_vnode_check_exec(struct ucred *cred, struct vnode *vp, static struct mac_policy_ops partition_ops = { - .mpo_cred_init_label = partition_init_label, - .mpo_cred_destroy_label = partition_destroy_label, - .mpo_cred_copy_label = partition_copy_label, - .mpo_cred_externalize_label = partition_externalize_label, - .mpo_cred_internalize_label = partition_internalize_label, - .mpo_proc_create_swapper = partition_proc_create_swapper, - .mpo_proc_create_init = partition_proc_create_init, - .mpo_cred_relabel = partition_cred_relabel, .mpo_cred_check_relabel = partition_cred_check_relabel, .mpo_cred_check_visible = partition_cred_check_visible, + .mpo_cred_copy_label = partition_cred_copy_label, + .mpo_cred_destroy_label = partition_cred_destroy_label, + .mpo_cred_externalize_label = partition_cred_externalize_label, + .mpo_cred_init_label = partition_cred_init_label, + .mpo_cred_internalize_label = partition_cred_internalize_label, + .mpo_cred_relabel = partition_cred_relabel, .mpo_proc_check_debug = partition_proc_check_debug, .mpo_proc_check_sched = partition_proc_check_sched, .mpo_proc_check_signal = partition_proc_check_signal, + .mpo_proc_create_init = partition_proc_create_init, + .mpo_proc_create_swapper = partition_proc_create_swapper, .mpo_socket_check_visible = partition_socket_check_visible, .mpo_vnode_check_exec = partition_vnode_check_exec, }; |