diff options
| author | rwatson <rwatson@FreeBSD.org> | 2003-03-25 01:10:54 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2003-03-25 01:10:54 +0000 |
| commit | 5ad4b8c16bc537f2f4f33f224c2c02cf7495d022 (patch) | |
| tree | 0da91e1424a61c83c4897435169f08282b589b64 /sys/security | |
| parent | a1a4db34716d3a62508baec4c37b5dcfc017f823 (diff) | |
| download | FreeBSD-src-5ad4b8c16bc537f2f4f33f224c2c02cf7495d022.zip FreeBSD-src-5ad4b8c16bc537f2f4f33f224c2c02cf7495d022.tar.gz | |
Expand scope of the Biba policy to include some of the new entry
points available for enforcement:
mac_biba_check_sysarch_ioperm() - Require Biba privilege to make
use of privileged machine-dependent interfaces, protecting against
bypass of the policy via various mechanisms.
mac_biba_check_system_swapoff() - Require Biba privilege to disable
swapping against a vnode target.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Diffstat (limited to 'sys/security')
| -rw-r--r-- | sys/security/mac_biba/mac_biba.c | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c index 4674d07..2b045e4 100644 --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -1878,6 +1878,24 @@ mac_biba_check_socket_visible(struct ucred *cred, struct socket *socket, } static int +mac_biba_check_sysarch_ioperm(struct ucred *cred) +{ + struct mac_biba *subj; + int error; + + if (!mac_biba_enabled) + return (0); + + subj = SLOT(&cred->cr_label); + + error = mac_biba_subject_privileged(subj); + if (error) + return (error); + + return (0); +} + +static int mac_biba_check_system_acct(struct ucred *cred, struct vnode *vp, struct label *label) { @@ -1945,6 +1963,26 @@ mac_biba_check_system_swapon(struct ucred *cred, struct vnode *vp, } static int +mac_biba_check_system_swapoff(struct ucred *cred, struct vnode *vp, + struct label *label) +{ + struct mac_biba *subj, *obj; + int error; + + if (!mac_biba_enabled) + return (0); + + subj = SLOT(&cred->cr_label); + obj = SLOT(label); + + error = mac_biba_subject_privileged(subj); + if (error) + return (error); + + return (0); +} + +static int mac_biba_check_system_sysctl(struct ucred *cred, int *name, u_int namelen, void *old, size_t *oldlenp, int inkernel, void *new, size_t newlen) { @@ -2674,9 +2712,11 @@ static struct mac_policy_ops mac_biba_ops = .mpo_check_socket_deliver = mac_biba_check_socket_deliver, .mpo_check_socket_relabel = mac_biba_check_socket_relabel, .mpo_check_socket_visible = mac_biba_check_socket_visible, + .mpo_check_sysarch_ioperm = mac_biba_check_sysarch_ioperm, .mpo_check_system_acct = mac_biba_check_system_acct, .mpo_check_system_settime = mac_biba_check_system_settime, .mpo_check_system_swapon = mac_biba_check_system_swapon, + .mpo_check_system_swapoff = mac_biba_check_system_swapoff, .mpo_check_system_sysctl = mac_biba_check_system_sysctl, .mpo_check_vnode_access = mac_biba_check_vnode_open, .mpo_check_vnode_chdir = mac_biba_check_vnode_chdir, |
