summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sys/security/mac/mac_framework.h2
-rw-r--r--sys/security/mac/mac_policy.h2
-rw-r--r--sys/security/mac/mac_vfs.c5
-rw-r--r--sys/security/mac_biba/mac_biba.c5
-rw-r--r--sys/security/mac_lomac/mac_lomac.c5
-rw-r--r--sys/security/mac_mls/mac_mls.c5
-rw-r--r--sys/security/mac_stub/mac_stub.c2
-rw-r--r--sys/security/mac_test/mac_test.c2
-rw-r--r--sys/sys/mac.h2
-rw-r--r--sys/sys/mac_policy.h2
-rw-r--r--sys/vm/vm_mmap.c10
11 files changed, 23 insertions, 19 deletions
diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h
index b7d08f5..055a5ad 100644
--- a/sys/security/mac/mac_framework.h
+++ b/sys/security/mac/mac_framework.h
@@ -375,7 +375,7 @@ int mac_check_vnode_listextattr(struct ucred *cred, struct vnode *vp,
int mac_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
struct componentname *cnp);
int mac_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
- int prot);
+ int prot, int flags);
int mac_check_vnode_mprotect(struct ucred *cred, struct vnode *vp,
int prot);
int mac_check_vnode_open(struct ucred *cred, struct vnode *vp,
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h
index 952a1ba..036c7a9 100644
--- a/sys/security/mac/mac_policy.h
+++ b/sys/security/mac/mac_policy.h
@@ -478,7 +478,7 @@ struct mac_policy_ops {
struct vnode *dvp, struct label *dlabel,
struct componentname *cnp);
int (*mpo_check_vnode_mmap)(struct ucred *cred, struct vnode *vp,
- struct label *label, int prot);
+ struct label *label, int prot, int flags);
void (*mpo_check_vnode_mmap_downgrade)(struct ucred *cred,
struct vnode *vp, struct label *label, int *prot);
int (*mpo_check_vnode_mprotect)(struct ucred *cred,
diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c
index 6bb9518..acf21a5 100644
--- a/sys/security/mac/mac_vfs.c
+++ b/sys/security/mac/mac_vfs.c
@@ -598,7 +598,8 @@ mac_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
}
int
-mac_check_vnode_mmap(struct ucred *cred, struct vnode *vp, int prot)
+mac_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
+ int prot, int flags)
{
int error;
@@ -607,7 +608,7 @@ mac_check_vnode_mmap(struct ucred *cred, struct vnode *vp, int prot)
if (!mac_enforce_fs || !mac_enforce_vm)
return (0);
- MAC_CHECK(check_vnode_mmap, cred, vp, vp->v_label, prot);
+ MAC_CHECK(check_vnode_mmap, cred, vp, vp->v_label, prot, flags);
return (error);
}
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
index bf32677..1ff1f0f 100644
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -47,6 +47,7 @@
#include <sys/kernel.h>
#include <sys/mac.h>
#include <sys/malloc.h>
+#include <sys/mman.h>
#include <sys/mount.h>
#include <sys/proc.h>
#include <sys/sbuf.h>
@@ -2607,7 +2608,7 @@ mac_biba_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
static int
mac_biba_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
- struct label *label, int prot)
+ struct label *label, int prot, int flags)
{
struct mac_biba *subj, *obj;
@@ -2625,7 +2626,7 @@ mac_biba_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
if (!mac_biba_dominate_effective(obj, subj))
return (EACCES);
}
- if (prot & VM_PROT_WRITE) {
+ if (((prot & VM_PROT_WRITE) != 0) && ((flags & MAP_SHARED) != 0)) {
if (!mac_biba_dominate_effective(subj, obj))
return (EACCES);
}
diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c
index 117f256..c4c001a 100644
--- a/sys/security/mac_lomac/mac_lomac.c
+++ b/sys/security/mac_lomac/mac_lomac.c
@@ -47,6 +47,7 @@
#include <sys/kernel.h>
#include <sys/mac.h>
#include <sys/malloc.h>
+#include <sys/mman.h>
#include <sys/mount.h>
#include <sys/proc.h>
#include <sys/sbuf.h>
@@ -2181,7 +2182,7 @@ mac_lomac_check_vnode_link(struct ucred *cred, struct vnode *dvp,
static int
mac_lomac_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
- struct label *label, int prot)
+ struct label *label, int prot, int flags)
{
struct mac_lomac *subj, *obj;
@@ -2195,7 +2196,7 @@ mac_lomac_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
subj = SLOT(cred->cr_label);
obj = SLOT(label);
- if (prot & VM_PROT_WRITE) {
+ if (((prot & VM_PROT_WRITE) != 0) && ((flags & MAP_SHARED) != 0)) {
if (!mac_lomac_subject_dominate(subj, obj))
return (EACCES);
}
diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c
index b2f525a..fb0c2a5 100644
--- a/sys/security/mac_mls/mac_mls.c
+++ b/sys/security/mac_mls/mac_mls.c
@@ -46,6 +46,7 @@
#include <sys/extattr.h>
#include <sys/kernel.h>
#include <sys/mac.h>
+#include <sys/mman.h>
#include <sys/malloc.h>
#include <sys/mount.h>
#include <sys/proc.h>
@@ -2380,7 +2381,7 @@ mac_mls_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
static int
mac_mls_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
- struct label *label, int prot)
+ struct label *label, int prot, int flags)
{
struct mac_mls *subj, *obj;
@@ -2398,7 +2399,7 @@ mac_mls_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
if (!mac_mls_dominate_effective(subj, obj))
return (EACCES);
}
- if (prot & VM_PROT_WRITE) {
+ if (((prot & VM_PROT_WRITE) != 0) && ((flags & MAP_SHARED) != 0)) {
if (!mac_mls_dominate_effective(obj, subj))
return (EACCES);
}
diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c
index 8ea7cb3..35e3c34 100644
--- a/sys/security/mac_stub/mac_stub.c
+++ b/sys/security/mac_stub/mac_stub.c
@@ -1051,7 +1051,7 @@ stub_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
static int
stub_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
- struct label *label, int prot)
+ struct label *label, int prot, int flags)
{
return (0);
diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c
index cda195a..d2555bc 100644
--- a/sys/security/mac_test/mac_test.c
+++ b/sys/security/mac_test/mac_test.c
@@ -1995,7 +1995,7 @@ mac_test_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
static int
mac_test_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
- struct label *label, int prot)
+ struct label *label, int prot, int flags)
{
ASSERT_CRED_LABEL(cred->cr_label);
diff --git a/sys/sys/mac.h b/sys/sys/mac.h
index b7d08f5..055a5ad 100644
--- a/sys/sys/mac.h
+++ b/sys/sys/mac.h
@@ -375,7 +375,7 @@ int mac_check_vnode_listextattr(struct ucred *cred, struct vnode *vp,
int mac_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
struct componentname *cnp);
int mac_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
- int prot);
+ int prot, int flags);
int mac_check_vnode_mprotect(struct ucred *cred, struct vnode *vp,
int prot);
int mac_check_vnode_open(struct ucred *cred, struct vnode *vp,
diff --git a/sys/sys/mac_policy.h b/sys/sys/mac_policy.h
index 952a1ba..036c7a9 100644
--- a/sys/sys/mac_policy.h
+++ b/sys/sys/mac_policy.h
@@ -478,7 +478,7 @@ struct mac_policy_ops {
struct vnode *dvp, struct label *dlabel,
struct componentname *cnp);
int (*mpo_check_vnode_mmap)(struct ucred *cred, struct vnode *vp,
- struct label *label, int prot);
+ struct label *label, int prot, int flags);
void (*mpo_check_vnode_mmap_downgrade)(struct ucred *cred,
struct vnode *vp, struct label *label, int *prot);
int (*mpo_check_vnode_mprotect)(struct ucred *cred,
diff --git a/sys/vm/vm_mmap.c b/sys/vm/vm_mmap.c
index dc653cf..15368c1 100644
--- a/sys/vm/vm_mmap.c
+++ b/sys/vm/vm_mmap.c
@@ -1133,6 +1133,11 @@ vm_mmap_vnode(struct thread *td, vm_size_t objsize,
if ((error = VOP_GETATTR(vp, &va, td->td_ucred, td))) {
goto done;
}
+#ifdef MAC
+ error = mac_check_vnode_mmap(td->td_ucred, vp, prot, flags);
+ if (error != 0)
+ goto done;
+#endif
if ((flags & MAP_SHARED) != 0) {
if ((va.va_flags & (SF_SNAPSHOT|IMMUTABLE|APPEND)) != 0) {
if (prot & PROT_WRITE) {
@@ -1141,11 +1146,6 @@ vm_mmap_vnode(struct thread *td, vm_size_t objsize,
}
*maxprotp &= ~VM_PROT_WRITE;
}
-#ifdef MAC
- error = mac_check_vnode_mmap(td->td_ucred, vp, prot);
- if (error != 0)
- goto done;
-#endif
}
/*
* If it is a regular file without any references
OpenPOWER on IntegriCloud