diff options
-rw-r--r-- | sys/security/mac/mac_framework.h | 2 | ||||
-rw-r--r-- | sys/security/mac/mac_policy.h | 2 | ||||
-rw-r--r-- | sys/security/mac/mac_vfs.c | 5 | ||||
-rw-r--r-- | sys/security/mac_biba/mac_biba.c | 5 | ||||
-rw-r--r-- | sys/security/mac_lomac/mac_lomac.c | 5 | ||||
-rw-r--r-- | sys/security/mac_mls/mac_mls.c | 5 | ||||
-rw-r--r-- | sys/security/mac_stub/mac_stub.c | 2 | ||||
-rw-r--r-- | sys/security/mac_test/mac_test.c | 2 | ||||
-rw-r--r-- | sys/sys/mac.h | 2 | ||||
-rw-r--r-- | sys/sys/mac_policy.h | 2 | ||||
-rw-r--r-- | sys/vm/vm_mmap.c | 10 |
11 files changed, 23 insertions, 19 deletions
diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h index b7d08f5..055a5ad 100644 --- a/sys/security/mac/mac_framework.h +++ b/sys/security/mac/mac_framework.h @@ -375,7 +375,7 @@ int mac_check_vnode_listextattr(struct ucred *cred, struct vnode *vp, int mac_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, struct componentname *cnp); int mac_check_vnode_mmap(struct ucred *cred, struct vnode *vp, - int prot); + int prot, int flags); int mac_check_vnode_mprotect(struct ucred *cred, struct vnode *vp, int prot); int mac_check_vnode_open(struct ucred *cred, struct vnode *vp, diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h index 952a1ba..036c7a9 100644 --- a/sys/security/mac/mac_policy.h +++ b/sys/security/mac/mac_policy.h @@ -478,7 +478,7 @@ struct mac_policy_ops { struct vnode *dvp, struct label *dlabel, struct componentname *cnp); int (*mpo_check_vnode_mmap)(struct ucred *cred, struct vnode *vp, - struct label *label, int prot); + struct label *label, int prot, int flags); void (*mpo_check_vnode_mmap_downgrade)(struct ucred *cred, struct vnode *vp, struct label *label, int *prot); int (*mpo_check_vnode_mprotect)(struct ucred *cred, diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c index 6bb9518..acf21a5 100644 --- a/sys/security/mac/mac_vfs.c +++ b/sys/security/mac/mac_vfs.c @@ -598,7 +598,8 @@ mac_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, } int -mac_check_vnode_mmap(struct ucred *cred, struct vnode *vp, int prot) +mac_check_vnode_mmap(struct ucred *cred, struct vnode *vp, + int prot, int flags) { int error; @@ -607,7 +608,7 @@ mac_check_vnode_mmap(struct ucred *cred, struct vnode *vp, int prot) if (!mac_enforce_fs || !mac_enforce_vm) return (0); - MAC_CHECK(check_vnode_mmap, cred, vp, vp->v_label, prot); + MAC_CHECK(check_vnode_mmap, cred, vp, vp->v_label, prot, flags); return (error); } diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c index bf32677..1ff1f0f 100644 --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -47,6 +47,7 @@ #include <sys/kernel.h> #include <sys/mac.h> #include <sys/malloc.h> +#include <sys/mman.h> #include <sys/mount.h> #include <sys/proc.h> #include <sys/sbuf.h> @@ -2607,7 +2608,7 @@ mac_biba_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, static int mac_biba_check_vnode_mmap(struct ucred *cred, struct vnode *vp, - struct label *label, int prot) + struct label *label, int prot, int flags) { struct mac_biba *subj, *obj; @@ -2625,7 +2626,7 @@ mac_biba_check_vnode_mmap(struct ucred *cred, struct vnode *vp, if (!mac_biba_dominate_effective(obj, subj)) return (EACCES); } - if (prot & VM_PROT_WRITE) { + if (((prot & VM_PROT_WRITE) != 0) && ((flags & MAP_SHARED) != 0)) { if (!mac_biba_dominate_effective(subj, obj)) return (EACCES); } diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c index 117f256..c4c001a 100644 --- a/sys/security/mac_lomac/mac_lomac.c +++ b/sys/security/mac_lomac/mac_lomac.c @@ -47,6 +47,7 @@ #include <sys/kernel.h> #include <sys/mac.h> #include <sys/malloc.h> +#include <sys/mman.h> #include <sys/mount.h> #include <sys/proc.h> #include <sys/sbuf.h> @@ -2181,7 +2182,7 @@ mac_lomac_check_vnode_link(struct ucred *cred, struct vnode *dvp, static int mac_lomac_check_vnode_mmap(struct ucred *cred, struct vnode *vp, - struct label *label, int prot) + struct label *label, int prot, int flags) { struct mac_lomac *subj, *obj; @@ -2195,7 +2196,7 @@ mac_lomac_check_vnode_mmap(struct ucred *cred, struct vnode *vp, subj = SLOT(cred->cr_label); obj = SLOT(label); - if (prot & VM_PROT_WRITE) { + if (((prot & VM_PROT_WRITE) != 0) && ((flags & MAP_SHARED) != 0)) { if (!mac_lomac_subject_dominate(subj, obj)) return (EACCES); } diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c index b2f525a..fb0c2a5 100644 --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -46,6 +46,7 @@ #include <sys/extattr.h> #include <sys/kernel.h> #include <sys/mac.h> +#include <sys/mman.h> #include <sys/malloc.h> #include <sys/mount.h> #include <sys/proc.h> @@ -2380,7 +2381,7 @@ mac_mls_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, static int mac_mls_check_vnode_mmap(struct ucred *cred, struct vnode *vp, - struct label *label, int prot) + struct label *label, int prot, int flags) { struct mac_mls *subj, *obj; @@ -2398,7 +2399,7 @@ mac_mls_check_vnode_mmap(struct ucred *cred, struct vnode *vp, if (!mac_mls_dominate_effective(subj, obj)) return (EACCES); } - if (prot & VM_PROT_WRITE) { + if (((prot & VM_PROT_WRITE) != 0) && ((flags & MAP_SHARED) != 0)) { if (!mac_mls_dominate_effective(obj, subj)) return (EACCES); } diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c index 8ea7cb3..35e3c34 100644 --- a/sys/security/mac_stub/mac_stub.c +++ b/sys/security/mac_stub/mac_stub.c @@ -1051,7 +1051,7 @@ stub_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, static int stub_check_vnode_mmap(struct ucred *cred, struct vnode *vp, - struct label *label, int prot) + struct label *label, int prot, int flags) { return (0); diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index cda195a..d2555bc 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -1995,7 +1995,7 @@ mac_test_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, static int mac_test_check_vnode_mmap(struct ucred *cred, struct vnode *vp, - struct label *label, int prot) + struct label *label, int prot, int flags) { ASSERT_CRED_LABEL(cred->cr_label); diff --git a/sys/sys/mac.h b/sys/sys/mac.h index b7d08f5..055a5ad 100644 --- a/sys/sys/mac.h +++ b/sys/sys/mac.h @@ -375,7 +375,7 @@ int mac_check_vnode_listextattr(struct ucred *cred, struct vnode *vp, int mac_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, struct componentname *cnp); int mac_check_vnode_mmap(struct ucred *cred, struct vnode *vp, - int prot); + int prot, int flags); int mac_check_vnode_mprotect(struct ucred *cred, struct vnode *vp, int prot); int mac_check_vnode_open(struct ucred *cred, struct vnode *vp, diff --git a/sys/sys/mac_policy.h b/sys/sys/mac_policy.h index 952a1ba..036c7a9 100644 --- a/sys/sys/mac_policy.h +++ b/sys/sys/mac_policy.h @@ -478,7 +478,7 @@ struct mac_policy_ops { struct vnode *dvp, struct label *dlabel, struct componentname *cnp); int (*mpo_check_vnode_mmap)(struct ucred *cred, struct vnode *vp, - struct label *label, int prot); + struct label *label, int prot, int flags); void (*mpo_check_vnode_mmap_downgrade)(struct ucred *cred, struct vnode *vp, struct label *label, int *prot); int (*mpo_check_vnode_mprotect)(struct ucred *cred, diff --git a/sys/vm/vm_mmap.c b/sys/vm/vm_mmap.c index dc653cf..15368c1 100644 --- a/sys/vm/vm_mmap.c +++ b/sys/vm/vm_mmap.c @@ -1133,6 +1133,11 @@ vm_mmap_vnode(struct thread *td, vm_size_t objsize, if ((error = VOP_GETATTR(vp, &va, td->td_ucred, td))) { goto done; } +#ifdef MAC + error = mac_check_vnode_mmap(td->td_ucred, vp, prot, flags); + if (error != 0) + goto done; +#endif if ((flags & MAP_SHARED) != 0) { if ((va.va_flags & (SF_SNAPSHOT|IMMUTABLE|APPEND)) != 0) { if (prot & PROT_WRITE) { @@ -1141,11 +1146,6 @@ vm_mmap_vnode(struct thread *td, vm_size_t objsize, } *maxprotp &= ~VM_PROT_WRITE; } -#ifdef MAC - error = mac_check_vnode_mmap(td->td_ucred, vp, prot); - if (error != 0) - goto done; -#endif } /* * If it is a regular file without any references |