diff options
| author | kib <kib@FreeBSD.org> | 2013-08-21 17:45:00 +0000 |
|---|---|---|
| committer | kib <kib@FreeBSD.org> | 2013-08-21 17:45:00 +0000 |
| commit | d11c4f9c32bf7f78b6ca5f9fc02e869111dbe680 (patch) | |
| tree | d04455df948dc71b9ece838e75596e329c610c9d /sys/security/mac_test/mac_test.c | |
| parent | 6a459eb27c6a215b645e8673b5275f94003510a4 (diff) | |
| download | FreeBSD-src-d11c4f9c32bf7f78b6ca5f9fc02e869111dbe680.zip FreeBSD-src-d11c4f9c32bf7f78b6ca5f9fc02e869111dbe680.tar.gz | |
Implement read(2)/write(2) and neccessary lseek(2) for posix shmfd.
Add MAC framework entries for posix shm read and write.
Do not allow implicit extension of the underlying memory segment past
the limit set by ftruncate(2) by either of the syscalls. Read and
write returns short i/o, lseek(2) fails with EINVAL when resulting
offset does not fit into the limit.
Discussed with: alc
Tested by: pho
Sponsored by: The FreeBSD Foundation
Diffstat (limited to 'sys/security/mac_test/mac_test.c')
| -rw-r--r-- | sys/security/mac_test/mac_test.c | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index 1781798..4d48dfd 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -1423,6 +1423,21 @@ test_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd, return (0); } +COUNTER_DECL(posixshm_check_read); +static int +test_posixshm_check_read(struct ucred *active_cred, + struct ucred *file_cred, struct shmfd *shm, struct label *shmlabel) +{ + + LABEL_CHECK(active_cred->cr_label, MAGIC_CRED); + if (file_cred != NULL) + LABEL_CHECK(file_cred->cr_label, MAGIC_CRED); + LABEL_CHECK(shmlabel, MAGIC_POSIX_SHM); + COUNTER_INC(posixshm_check_read); + + return (0); +} + COUNTER_DECL(posixshm_check_setmode); static int test_posixshm_check_setmode(struct ucred *cred, struct shmfd *shmfd, @@ -1485,6 +1500,21 @@ test_posixshm_check_unlink(struct ucred *cred, struct shmfd *shmfd, return (0); } +COUNTER_DECL(posixshm_check_write); +static int +test_posixshm_check_write(struct ucred *active_cred, + struct ucred *file_cred, struct shmfd *shm, struct label *shmlabel) +{ + + LABEL_CHECK(active_cred->cr_label, MAGIC_CRED); + if (file_cred != NULL) + LABEL_CHECK(file_cred->cr_label, MAGIC_CRED); + LABEL_CHECK(shmlabel, MAGIC_POSIX_SHM); + COUNTER_INC(posixshm_check_write); + + return (0); +} + COUNTER_DECL(posixshm_create); static void test_posixshm_create(struct ucred *cred, struct shmfd *shmfd, @@ -3114,11 +3144,13 @@ static struct mac_policy_ops test_ops = .mpo_posixshm_check_create = test_posixshm_check_create, .mpo_posixshm_check_mmap = test_posixshm_check_mmap, .mpo_posixshm_check_open = test_posixshm_check_open, + .mpo_posixshm_check_read = test_posixshm_check_read, .mpo_posixshm_check_setmode = test_posixshm_check_setmode, .mpo_posixshm_check_setowner = test_posixshm_check_setowner, .mpo_posixshm_check_stat = test_posixshm_check_stat, .mpo_posixshm_check_truncate = test_posixshm_check_truncate, .mpo_posixshm_check_unlink = test_posixshm_check_unlink, + .mpo_posixshm_check_write = test_posixshm_check_write, .mpo_posixshm_create = test_posixshm_create, .mpo_posixshm_destroy_label = test_posixshm_destroy_label, .mpo_posixshm_init_label = test_posixshm_init_label, |
