summaryrefslogtreecommitdiffstats
path: root/sys/security
diff options
context:
space:
mode:
Diffstat (limited to 'sys/security')
-rw-r--r--sys/security/mac/mac_framework.h11
-rw-r--r--sys/security/mac/mac_policy.h19
-rw-r--r--sys/security/mac/mac_posix_sem.c30
-rw-r--r--sys/security/mac_biba/mac_biba.c31
-rw-r--r--sys/security/mac_mls/mac_mls.c31
-rw-r--r--sys/security/mac_stub/mac_stub.c21
-rw-r--r--sys/security/mac_test/mac_test.c35
7 files changed, 136 insertions, 42 deletions
diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h
index c68d2d1..2a8b00c 100644
--- a/sys/security/mac/mac_framework.h
+++ b/sys/security/mac/mac_framework.h
@@ -189,11 +189,16 @@ void mac_pipe_init(struct pipepair *);
int mac_pipe_label_set(struct ucred *cred, struct pipepair *pp,
struct label *label);
-int mac_posixsem_check_getvalue(struct ucred *cred,struct ksem *ks);
+int mac_posixsem_check_getvalue(struct ucred *active_cred,
+ struct ucred *file_cred, struct ksem *ks);
int mac_posixsem_check_open(struct ucred *cred, struct ksem *ks);
-int mac_posixsem_check_post(struct ucred *cred, struct ksem *ks);
+int mac_posixsem_check_post(struct ucred *active_cred,
+ struct ucred *file_cred, struct ksem *ks);
+int mac_posixsem_check_stat(struct ucred *active_cred,
+ struct ucred *file_cred, struct ksem *ks);
int mac_posixsem_check_unlink(struct ucred *cred, struct ksem *ks);
-int mac_posixsem_check_wait(struct ucred *cred, struct ksem *ks);
+int mac_posixsem_check_wait(struct ucred *active_cred,
+ struct ucred *file_cred, struct ksem *ks);
void mac_posixsem_create(struct ucred *cred, struct ksem *ks);
void mac_posixsem_destroy(struct ksem *);
void mac_posixsem_init(struct ksem *);
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h
index f0fa755..532ca24 100644
--- a/sys/security/mac/mac_policy.h
+++ b/sys/security/mac/mac_policy.h
@@ -288,16 +288,22 @@ typedef int (*mpo_pipe_internalize_label_t)(struct label *label,
typedef void (*mpo_pipe_relabel_t)(struct ucred *cred, struct pipepair *pp,
struct label *oldlabel, struct label *newlabel);
-typedef int (*mpo_posixsem_check_getvalue_t)(struct ucred *cred,
- struct ksem *ks, struct label *kslabel);
+typedef int (*mpo_posixsem_check_getvalue_t)(struct ucred *active_cred,
+ struct ucred *file_cred, struct ksem *ks,
+ struct label *kslabel);
typedef int (*mpo_posixsem_check_open_t)(struct ucred *cred,
struct ksem *ks, struct label *kslabel);
-typedef int (*mpo_posixsem_check_post_t)(struct ucred *cred,
- struct ksem *ks, struct label *kslabel);
+typedef int (*mpo_posixsem_check_post_t)(struct ucred *active_cred,
+ struct ucred *file_cred, struct ksem *ks,
+ struct label *kslabel);
+typedef int (*mpo_posixsem_check_stat_t)(struct ucred *active_cred,
+ struct ucred *file_cred, struct ksem *ks,
+ struct label *kslabel);
typedef int (*mpo_posixsem_check_unlink_t)(struct ucred *cred,
struct ksem *ks, struct label *kslabel);
-typedef int (*mpo_posixsem_check_wait_t)(struct ucred *cred,
- struct ksem *ks, struct label *kslabel);
+typedef int (*mpo_posixsem_check_wait_t)(struct ucred *active_cred,
+ struct ucred *file_cred, struct ksem *ks,
+ struct label *kslabel);
typedef void (*mpo_posixsem_create_t)(struct ucred *cred,
struct ksem *ks, struct label *kslabel);
typedef void (*mpo_posixsem_destroy_label_t)(struct label *label);
@@ -742,6 +748,7 @@ struct mac_policy_ops {
mpo_posixsem_check_getvalue_t mpo_posixsem_check_getvalue;
mpo_posixsem_check_open_t mpo_posixsem_check_open;
mpo_posixsem_check_post_t mpo_posixsem_check_post;
+ mpo_posixsem_check_stat_t mpo_posixsem_check_stat;
mpo_posixsem_check_unlink_t mpo_posixsem_check_unlink;
mpo_posixsem_check_wait_t mpo_posixsem_check_wait;
mpo_posixsem_create_t mpo_posixsem_create;
diff --git a/sys/security/mac/mac_posix_sem.c b/sys/security/mac/mac_posix_sem.c
index 68fb56c..2296afe 100644
--- a/sys/security/mac/mac_posix_sem.c
+++ b/sys/security/mac/mac_posix_sem.c
@@ -101,21 +101,37 @@ mac_posixsem_check_open(struct ucred *cred, struct ksem *ks)
}
int
-mac_posixsem_check_getvalue(struct ucred *cred, struct ksem *ks)
+mac_posixsem_check_getvalue(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks)
{
int error;
- MAC_CHECK(posixsem_check_getvalue, cred, ks, ks->ks_label);
+ MAC_CHECK(posixsem_check_getvalue, active_cred, file_cred, ks,
+ ks->ks_label);
return (error);
}
int
-mac_posixsem_check_post(struct ucred *cred, struct ksem *ks)
+mac_posixsem_check_post(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks)
{
int error;
- MAC_CHECK(posixsem_check_post, cred, ks, ks->ks_label);
+ MAC_CHECK(posixsem_check_post, active_cred, file_cred, ks,
+ ks->ks_label);
+
+ return (error);
+}
+
+int
+mac_posixsem_check_stat(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks)
+{
+ int error;
+
+ MAC_CHECK(posixsem_check_stat, active_cred, file_cred, ks,
+ ks->ks_label);
return (error);
}
@@ -131,11 +147,13 @@ mac_posixsem_check_unlink(struct ucred *cred, struct ksem *ks)
}
int
-mac_posixsem_check_wait(struct ucred *cred, struct ksem *ks)
+mac_posixsem_check_wait(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks)
{
int error;
- MAC_CHECK(posixsem_check_wait, cred, ks, ks->ks_label);
+ MAC_CHECK(posixsem_check_wait, active_cred, file_cred, ks,
+ ks->ks_label);
return (error);
}
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
index 4c0c85b..960591c 100644
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -1504,7 +1504,7 @@ biba_pipe_relabel(struct ucred *cred, struct pipepair *pp,
}
static int
-biba_posixsem_check_write(struct ucred *cred, struct ksem *ks,
+biba_posixsem_check_openunlink(struct ucred *cred, struct ksem *ks,
struct label *kslabel)
{
struct mac_biba *subj, *obj;
@@ -1522,15 +1522,33 @@ biba_posixsem_check_write(struct ucred *cred, struct ksem *ks,
}
static int
-biba_posixsem_check_rdonly(struct ucred *cred, struct ksem *ks,
- struct label *kslabel)
+biba_posixsem_check_write(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks, struct label *kslabel)
{
struct mac_biba *subj, *obj;
if (!biba_enabled)
return (0);
- subj = SLOT(cred->cr_label);
+ subj = SLOT(active_cred->cr_label);
+ obj = SLOT(kslabel);
+
+ if (!biba_dominate_effective(subj, obj))
+ return (EACCES);
+
+ return (0);
+}
+
+static int
+biba_posixsem_check_rdonly(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks, struct label *kslabel)
+{
+ struct mac_biba *subj, *obj;
+
+ if (!biba_enabled)
+ return (0);
+
+ subj = SLOT(active_cred->cr_label);
obj = SLOT(kslabel);
if (!biba_dominate_effective(obj, subj))
@@ -3335,9 +3353,10 @@ static struct mac_policy_ops mac_biba_ops =
.mpo_pipe_relabel = biba_pipe_relabel,
.mpo_posixsem_check_getvalue = biba_posixsem_check_rdonly,
- .mpo_posixsem_check_open = biba_posixsem_check_write,
+ .mpo_posixsem_check_open = biba_posixsem_check_openunlink,
.mpo_posixsem_check_post = biba_posixsem_check_write,
- .mpo_posixsem_check_unlink = biba_posixsem_check_write,
+ .mpo_posixsem_check_stat = biba_posixsem_check_rdonly,
+ .mpo_posixsem_check_unlink = biba_posixsem_check_openunlink,
.mpo_posixsem_check_wait = biba_posixsem_check_write,
.mpo_posixsem_create = biba_posixsem_create,
.mpo_posixsem_destroy_label = biba_destroy_label,
diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c
index cff9d88..34c618c 100644
--- a/sys/security/mac_mls/mac_mls.c
+++ b/sys/security/mac_mls/mac_mls.c
@@ -1400,7 +1400,7 @@ mls_pipe_relabel(struct ucred *cred, struct pipepair *pp,
}
static int
-mls_posixsem_check_rdonly(struct ucred *cred, struct ksem *ks,
+mls_posixsem_check_openunlink(struct ucred *cred, struct ksem *ks,
struct label *kslabel)
{
struct mac_mls *subj, *obj;
@@ -1411,6 +1411,24 @@ mls_posixsem_check_rdonly(struct ucred *cred, struct ksem *ks,
subj = SLOT(cred->cr_label);
obj = SLOT(kslabel);
+ if (!mls_dominate_effective(obj, subj))
+ return (EACCES);
+
+ return (0);
+}
+
+static int
+mls_posixsem_check_rdonly(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks, struct label *kslabel)
+{
+ struct mac_mls *subj, *obj;
+
+ if (!mls_enabled)
+ return (0);
+
+ subj = SLOT(active_cred->cr_label);
+ obj = SLOT(kslabel);
+
if (!mls_dominate_effective(subj, obj))
return (EACCES);
@@ -1418,15 +1436,15 @@ mls_posixsem_check_rdonly(struct ucred *cred, struct ksem *ks,
}
static int
-mls_posixsem_check_write(struct ucred *cred, struct ksem *ks,
- struct label *kslabel)
+mls_posixsem_check_write(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks, struct label *kslabel)
{
struct mac_mls *subj, *obj;
if (!mls_enabled)
return (0);
- subj = SLOT(cred->cr_label);
+ subj = SLOT(active_cred->cr_label);
obj = SLOT(kslabel);
if (!mls_dominate_effective(obj, subj))
@@ -2958,9 +2976,10 @@ static struct mac_policy_ops mls_ops =
.mpo_pipe_relabel = mls_pipe_relabel,
.mpo_posixsem_check_getvalue = mls_posixsem_check_rdonly,
- .mpo_posixsem_check_open = mls_posixsem_check_write,
+ .mpo_posixsem_check_open = mls_posixsem_check_openunlink,
.mpo_posixsem_check_post = mls_posixsem_check_write,
- .mpo_posixsem_check_unlink = mls_posixsem_check_write,
+ .mpo_posixsem_check_stat = mls_posixsem_check_rdonly,
+ .mpo_posixsem_check_unlink = mls_posixsem_check_openunlink,
.mpo_posixsem_check_wait = mls_posixsem_check_write,
.mpo_posixsem_create = mls_posixsem_create,
.mpo_posixsem_destroy_label = mls_destroy_label,
diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c
index 34f5cad..36339b5 100644
--- a/sys/security/mac_stub/mac_stub.c
+++ b/sys/security/mac_stub/mac_stub.c
@@ -523,8 +523,8 @@ stub_pipe_relabel(struct ucred *cred, struct pipepair *pp,
}
static int
-stub_posixsem_check_getvalue(struct ucred *cred, struct ksem *ks,
- struct label *kslabel)
+stub_posixsem_check_getvalue(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks, struct label *kslabel)
{
return (0);
@@ -539,8 +539,16 @@ stub_posixsem_check_open(struct ucred *cred, struct ksem *ks,
}
static int
-stub_posixsem_check_post(struct ucred *cred, struct ksem *ks,
- struct label *kslabel)
+stub_posixsem_check_post(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks, struct label *kslabel)
+{
+
+ return (0);
+}
+
+static int
+stub_posixsem_check_stat(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks, struct label *kslabel)
{
return (0);
@@ -555,8 +563,8 @@ stub_posixsem_check_unlink(struct ucred *cred, struct ksem *ks,
}
static int
-stub_posixsem_check_wait(struct ucred *cred, struct ksem *ks,
- struct label *kslabel)
+stub_posixsem_check_wait(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks, struct label *kslabel)
{
return (0);
@@ -1582,6 +1590,7 @@ static struct mac_policy_ops stub_ops =
.mpo_posixsem_check_getvalue = stub_posixsem_check_getvalue,
.mpo_posixsem_check_open = stub_posixsem_check_open,
.mpo_posixsem_check_post = stub_posixsem_check_post,
+ .mpo_posixsem_check_stat = stub_posixsem_check_stat,
.mpo_posixsem_check_unlink = stub_posixsem_check_unlink,
.mpo_posixsem_check_wait = stub_posixsem_check_wait,
.mpo_posixsem_create = stub_posixsem_create,
diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c
index c25e937..5e788b9 100644
--- a/sys/security/mac_test/mac_test.c
+++ b/sys/security/mac_test/mac_test.c
@@ -1012,11 +1012,12 @@ test_pipe_relabel(struct ucred *cred, struct pipepair *pp,
COUNTER_DECL(posixsem_check_getvalue);
static int
-test_posixsem_check_getvalue(struct ucred *cred, struct ksem *ks,
- struct label *kslabel)
+test_posixsem_check_getvalue(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks, struct label *kslabel)
{
- LABEL_CHECK(cred->cr_label, MAGIC_CRED);
+ LABEL_CHECK(active_cred->cr_label, MAGIC_CRED);
+ LABEL_CHECK(file_cred->cr_label, MAGIC_CRED);
LABEL_CHECK(kslabel, MAGIC_POSIX_SEM);
COUNTER_INC(posixsem_check_getvalue);
@@ -1038,17 +1039,31 @@ test_posixsem_check_open(struct ucred *cred, struct ksem *ks,
COUNTER_DECL(posixsem_check_post);
static int
-test_posixsem_check_post(struct ucred *cred, struct ksem *ks,
- struct label *kslabel)
+test_posixsem_check_post(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks, struct label *kslabel)
{
- LABEL_CHECK(cred->cr_label, MAGIC_CRED);
+ LABEL_CHECK(active_cred->cr_label, MAGIC_CRED);
+ LABEL_CHECK(file_cred->cr_label, MAGIC_CRED);
LABEL_CHECK(kslabel, MAGIC_POSIX_SEM);
COUNTER_INC(posixsem_check_post);
return (0);
}
+COUNTER_DECL(posixsem_check_stat);
+static int
+test_posixsem_check_stat(struct ucred *active_cred,
+ struct ucred *file_cred, struct ksem *ks, struct label *kslabel)
+{
+
+ LABEL_CHECK(active_cred->cr_label, MAGIC_CRED);
+ LABEL_CHECK(file_cred->cr_label, MAGIC_CRED);
+ LABEL_CHECK(kslabel, MAGIC_POSIX_SEM);
+ COUNTER_INC(posixsem_check_stat);
+ return (0);
+}
+
COUNTER_DECL(posixsem_check_unlink);
static int
test_posixsem_check_unlink(struct ucred *cred, struct ksem *ks,
@@ -1064,11 +1079,12 @@ test_posixsem_check_unlink(struct ucred *cred, struct ksem *ks,
COUNTER_DECL(posixsem_check_wait);
static int
-test_posixsem_check_wait(struct ucred *cred, struct ksem *ks,
- struct label *kslabel)
+test_posixsem_check_wait(struct ucred *active_cred, struct ucred *file_cred,
+ struct ksem *ks, struct label *kslabel)
{
- LABEL_CHECK(cred->cr_label, MAGIC_CRED);
+ LABEL_CHECK(active_cred->cr_label, MAGIC_CRED);
+ LABEL_CHECK(file_cred->cr_label, MAGIC_CRED);
LABEL_CHECK(kslabel, MAGIC_POSIX_SEM);
COUNTER_INC(posixsem_check_wait);
@@ -2881,6 +2897,7 @@ static struct mac_policy_ops test_ops =
.mpo_posixsem_check_getvalue = test_posixsem_check_getvalue,
.mpo_posixsem_check_open = test_posixsem_check_open,
.mpo_posixsem_check_post = test_posixsem_check_post,
+ .mpo_posixsem_check_stat = test_posixsem_check_stat,
.mpo_posixsem_check_unlink = test_posixsem_check_unlink,
.mpo_posixsem_check_wait = test_posixsem_check_wait,
.mpo_posixsem_create = test_posixsem_create,
OpenPOWER on IntegriCloud