diff options
author | rwatson <rwatson@FreeBSD.org> | 2002-11-08 18:04:36 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2002-11-08 18:04:36 +0000 |
commit | f3748b0c0b9b7ae4a57068095ab2eb98aaea333d (patch) | |
tree | 229b6b138af158da4b65f931e1632502f1dde91f /sys/security | |
parent | 95c4afbed0766fa2e0e178afbc7d5beb07b7d2da (diff) | |
download | FreeBSD-src-f3748b0c0b9b7ae4a57068095ab2eb98aaea333d.zip FreeBSD-src-f3748b0c0b9b7ae4a57068095ab2eb98aaea333d.tar.gz |
Update MAC modules for changes in arguments for exec MAC policy
entry points to include an explicit execlabel.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Diffstat (limited to 'sys/security')
-rw-r--r-- | sys/security/mac_biba/mac_biba.c | 18 | ||||
-rw-r--r-- | sys/security/mac_bsdextended/mac_bsdextended.c | 3 | ||||
-rw-r--r-- | sys/security/mac_mls/mac_mls.c | 18 | ||||
-rw-r--r-- | sys/security/mac_none/mac_none.c | 8 | ||||
-rw-r--r-- | sys/security/mac_partition/mac_partition.c | 19 | ||||
-rw-r--r-- | sys/security/mac_stub/mac_stub.c | 8 | ||||
-rw-r--r-- | sys/security/mac_test/mac_test.c | 8 |
7 files changed, 68 insertions, 14 deletions
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c index 2770941..3268dd7 100644 --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -2044,9 +2044,23 @@ mac_biba_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, static int mac_biba_check_vnode_exec(struct ucred *cred, struct vnode *vp, - struct label *label, struct image_params *imgp) + struct label *label, struct image_params *imgp, + struct label *execlabel) { - struct mac_biba *subj, *obj; + struct mac_biba *subj, *obj, *exec; + int error; + + if (execlabel != NULL) { + /* + * We currently don't permit labels to be changed at + * exec-time as part of Biba, so disallow non-NULL + * Biba label elements in the execlabel. + */ + exec = SLOT(execlabel); + error = biba_atmostflags(exec, 0); + if (error) + return (error); + } if (!mac_biba_enabled) return (0); diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c index 840a456..d090884 100644 --- a/sys/security/mac_bsdextended/mac_bsdextended.c +++ b/sys/security/mac_bsdextended/mac_bsdextended.c @@ -394,7 +394,8 @@ mac_bsdextended_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, static int mac_bsdextended_check_vnode_exec(struct ucred *cred, struct vnode *vp, - struct label *label, struct image_params *imgp) + struct label *label, struct image_params *imgp, + struct label *execlabel) { struct vattr vap; int error; diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c index 71f03c2..898630e 100644 --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -1862,9 +1862,23 @@ mac_mls_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, static int mac_mls_check_vnode_exec(struct ucred *cred, struct vnode *vp, - struct label *label, struct image_params *imgp) + struct label *label, struct image_params *imgp, + struct label *execlabel) { - struct mac_mls *subj, *obj; + struct mac_mls *subj, *obj, *exec; + int error; + + if (execlabel != NULL) { + /* + * We currently don't permit labels to be changed at + * exec-time as part of MLS, so disallow non-NULL + * MLS label elements in the execlabel. + */ + exec = SLOT(execlabel); + error = mls_atmostflags(exec, 0); + if (error) + return (error); + } if (!mac_mls_enabled) return (0); diff --git a/sys/security/mac_none/mac_none.c b/sys/security/mac_none/mac_none.c index 127746b..7039420 100644 --- a/sys/security/mac_none/mac_none.c +++ b/sys/security/mac_none/mac_none.c @@ -417,7 +417,8 @@ mac_none_create_cred(struct ucred *cred_parent, struct ucred *cred_child) static void mac_none_execve_transition(struct ucred *old, struct ucred *new, struct vnode *vp, struct label *vnodelabel, - struct label *interpvnodelabel, struct image_params *imgp) + struct label *interpvnodelabel, struct image_params *imgp, + struct label *execlabel) { } @@ -425,7 +426,7 @@ mac_none_execve_transition(struct ucred *old, struct ucred *new, static int mac_none_execve_will_transition(struct ucred *old, struct vnode *vp, struct label *vnodelabel, struct label *interpvnodelabel, - struct image_params *imgp) + struct image_params *imgp, struct label *execlabel) { return (0); @@ -689,7 +690,8 @@ mac_none_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, static int mac_none_check_vnode_exec(struct ucred *cred, struct vnode *vp, - struct label *label, struct image_params *imgp) + struct label *label, struct image_params *imgp, + struct label *execlabel) { return (0); diff --git a/sys/security/mac_partition/mac_partition.c b/sys/security/mac_partition/mac_partition.c index 3465eab..d7fc25c 100644 --- a/sys/security/mac_partition/mac_partition.c +++ b/sys/security/mac_partition/mac_partition.c @@ -244,6 +244,24 @@ mac_partition_check_socket_visible(struct ucred *cred, struct socket *socket, return (error ? ENOENT : 0); } +static int +mac_partition_check_vnode_exec(struct ucred *cred, struct vnode *vp, + struct label *label, struct image_params *imgp, struct label *execlabel) +{ + + if (execlabel != NULL) { + /* + * We currently don't permit labels to be changed at + * exec-time as part of the partition model, so disallow + * non-NULL partition label changes in execlabel. + */ + if (SLOT(execlabel) != 0) + return (EINVAL); + } + + return (0); +} + static struct mac_policy_ops mac_partition_ops = { .mpo_init = mac_partition_init, @@ -261,6 +279,7 @@ static struct mac_policy_ops mac_partition_ops = .mpo_check_proc_sched = mac_partition_check_proc_sched, .mpo_check_proc_signal = mac_partition_check_proc_signal, .mpo_check_socket_visible = mac_partition_check_socket_visible, + .mpo_check_vnode_exec = mac_partition_check_vnode_exec, }; MAC_POLICY_SET(&mac_partition_ops, trustedbsd_mac_partition, diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c index 127746b..7039420 100644 --- a/sys/security/mac_stub/mac_stub.c +++ b/sys/security/mac_stub/mac_stub.c @@ -417,7 +417,8 @@ mac_none_create_cred(struct ucred *cred_parent, struct ucred *cred_child) static void mac_none_execve_transition(struct ucred *old, struct ucred *new, struct vnode *vp, struct label *vnodelabel, - struct label *interpvnodelabel, struct image_params *imgp) + struct label *interpvnodelabel, struct image_params *imgp, + struct label *execlabel) { } @@ -425,7 +426,7 @@ mac_none_execve_transition(struct ucred *old, struct ucred *new, static int mac_none_execve_will_transition(struct ucred *old, struct vnode *vp, struct label *vnodelabel, struct label *interpvnodelabel, - struct image_params *imgp) + struct image_params *imgp, struct label *execlabel) { return (0); @@ -689,7 +690,8 @@ mac_none_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, static int mac_none_check_vnode_exec(struct ucred *cred, struct vnode *vp, - struct label *label, struct image_params *imgp) + struct label *label, struct image_params *imgp, + struct label *execlabel) { return (0); diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index d630c57..7ab30d0 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -767,7 +767,8 @@ mac_test_create_cred(struct ucred *cred_parent, struct ucred *cred_child) static void mac_test_execve_transition(struct ucred *old, struct ucred *new, struct vnode *vp, struct label *filelabel, - struct label *interpvnodelabel, struct image_params *imgp) + struct label *interpvnodelabel, struct image_params *imgp, + struct label *execlabel) { } @@ -775,7 +776,7 @@ mac_test_execve_transition(struct ucred *old, struct ucred *new, static int mac_test_execve_will_transition(struct ucred *old, struct vnode *vp, struct label *filelabel, struct label *interpvnodelabel, - struct image_params *imgp) + struct image_params *imgp, struct label *execlabel) { return (0); @@ -1016,7 +1017,8 @@ mac_test_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, static int mac_test_check_vnode_exec(struct ucred *cred, struct vnode *vp, - struct label *label, struct image_params *imgp) + struct label *label, struct image_params *imgp, + struct label *execlabel) { return (0); |