diff options
Diffstat (limited to 'sys')
-rw-r--r-- | sys/kern/kern_mac.c | 52 | ||||
-rw-r--r-- | sys/security/mac/mac_framework.c | 52 | ||||
-rw-r--r-- | sys/security/mac/mac_syscalls.c | 52 |
3 files changed, 120 insertions, 36 deletions
diff --git a/sys/kern/kern_mac.c b/sys/kern/kern_mac.c index d5963d1..7047db1 100644 --- a/sys/kern/kern_mac.c +++ b/sys/kern/kern_mac.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1999-2002 Robert N. M. Watson + * Copyright (c) 1999-2002, 2006 Robert N. M. Watson * Copyright (c) 2001 Ilmar S. Habibulin * Copyright (c) 2001-2005 Networks Associates Technology, Inc. * Copyright (c) 2005-2006 SPARTA, Inc. @@ -39,10 +39,26 @@ */ /*- - * Framework for extensible kernel access control. This file contains - * Kernel and userland interface to the framework, policy registration - * and composition. Per-object interfaces, controls, and labeling may be - * found in src/sys/security/mac/. Sample policies may be found in + * Framework for extensible kernel access control. This file contains core + * kernel infrastructure for the TrustedBSD MAC Framework, including policy + * registration, versioning, locking, error composition operator, and system + * calls. + * + * The MAC Framework implements three programming interfaces: + * + * - The kernel MAC interface, defined in mac_framework.h, and invoked + * throughout the kernel to request security decisions, notify of security + * related events, etc. + * + * - The MAC policy module interface, defined in mac_policy.h, which is + * implemented by MAC policy modules and invoked by the MAC Framework to + * forward kernel security requests and notifications to policy modules. + * + * - The user MAC API, defined in mac.h, which allows user programs to query + * and set label state on objects. + * + * The majority of the MAC Framework implementation may be found in + * src/sys/security/mac. Sample policy modules may be found in * src/sys/security/mac_*. */ @@ -96,16 +112,24 @@ __FBSDID("$FreeBSD$"); #ifdef MAC /* - * Declare that the kernel provides MAC support, version 1. This permits - * modules to refuse to be loaded if the necessary support isn't present, - * even if it's pre-boot. + * Root sysctl node for all MAC and MAC policy controls. */ -MODULE_VERSION(kernel_mac_support, 3); - SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); /* + * Declare that the kernel provides MAC support, version 3 (FreeBSD 7.x). + * This permits modules to refuse to be loaded if the necessary support isn't + * present, even if it's pre-boot. + */ +#define MAC_VERSION 3 +static unsigned int mac_version = MAC_VERSION; + +MODULE_VERSION(kernel_mac_support, MAC_VERSION); +SYSCTL_UINT(_security_mac, OID_AUTO, version, CTLFLAG_RD, &mac_version, 0, + ""); + +/* * Labels consist of a indexed set of "slots", which are allocated policies * as required. The MAC Framework maintains a bitmask of slots allocated so * far to prevent reuse. Slots cannot be reused, as the MAC Framework @@ -121,8 +145,8 @@ SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, static unsigned int mac_max_slots = MAC_MAX_SLOTS; static unsigned int mac_slot_offsets_free = (1 << MAC_MAX_SLOTS) - 1; -SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, - &mac_max_slots, 0, ""); +SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, &mac_max_slots, + 0, ""); /* * Has the kernel started generating labeled objects yet? All read/write @@ -180,6 +204,10 @@ MALLOC_DEFINE(M_MACTEMP, "mactemp", "MAC temporary label storage"); * Another reason for never blocking on read references is that the MAC * Framework may recurse: if a policy calls a VOP, for example, this might * lead to vnode life cycle operations (such as init/destroy). + * + * If the kernel option MAC_STATIC has been compiled in, all locking becomes + * a no-op, and the global list of policies is not allowed to change after + * early boot. */ #ifndef MAC_STATIC static struct mtx mac_policy_mtx; diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c index d5963d1..7047db1 100644 --- a/sys/security/mac/mac_framework.c +++ b/sys/security/mac/mac_framework.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1999-2002 Robert N. M. Watson + * Copyright (c) 1999-2002, 2006 Robert N. M. Watson * Copyright (c) 2001 Ilmar S. Habibulin * Copyright (c) 2001-2005 Networks Associates Technology, Inc. * Copyright (c) 2005-2006 SPARTA, Inc. @@ -39,10 +39,26 @@ */ /*- - * Framework for extensible kernel access control. This file contains - * Kernel and userland interface to the framework, policy registration - * and composition. Per-object interfaces, controls, and labeling may be - * found in src/sys/security/mac/. Sample policies may be found in + * Framework for extensible kernel access control. This file contains core + * kernel infrastructure for the TrustedBSD MAC Framework, including policy + * registration, versioning, locking, error composition operator, and system + * calls. + * + * The MAC Framework implements three programming interfaces: + * + * - The kernel MAC interface, defined in mac_framework.h, and invoked + * throughout the kernel to request security decisions, notify of security + * related events, etc. + * + * - The MAC policy module interface, defined in mac_policy.h, which is + * implemented by MAC policy modules and invoked by the MAC Framework to + * forward kernel security requests and notifications to policy modules. + * + * - The user MAC API, defined in mac.h, which allows user programs to query + * and set label state on objects. + * + * The majority of the MAC Framework implementation may be found in + * src/sys/security/mac. Sample policy modules may be found in * src/sys/security/mac_*. */ @@ -96,16 +112,24 @@ __FBSDID("$FreeBSD$"); #ifdef MAC /* - * Declare that the kernel provides MAC support, version 1. This permits - * modules to refuse to be loaded if the necessary support isn't present, - * even if it's pre-boot. + * Root sysctl node for all MAC and MAC policy controls. */ -MODULE_VERSION(kernel_mac_support, 3); - SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); /* + * Declare that the kernel provides MAC support, version 3 (FreeBSD 7.x). + * This permits modules to refuse to be loaded if the necessary support isn't + * present, even if it's pre-boot. + */ +#define MAC_VERSION 3 +static unsigned int mac_version = MAC_VERSION; + +MODULE_VERSION(kernel_mac_support, MAC_VERSION); +SYSCTL_UINT(_security_mac, OID_AUTO, version, CTLFLAG_RD, &mac_version, 0, + ""); + +/* * Labels consist of a indexed set of "slots", which are allocated policies * as required. The MAC Framework maintains a bitmask of slots allocated so * far to prevent reuse. Slots cannot be reused, as the MAC Framework @@ -121,8 +145,8 @@ SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, static unsigned int mac_max_slots = MAC_MAX_SLOTS; static unsigned int mac_slot_offsets_free = (1 << MAC_MAX_SLOTS) - 1; -SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, - &mac_max_slots, 0, ""); +SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, &mac_max_slots, + 0, ""); /* * Has the kernel started generating labeled objects yet? All read/write @@ -180,6 +204,10 @@ MALLOC_DEFINE(M_MACTEMP, "mactemp", "MAC temporary label storage"); * Another reason for never blocking on read references is that the MAC * Framework may recurse: if a policy calls a VOP, for example, this might * lead to vnode life cycle operations (such as init/destroy). + * + * If the kernel option MAC_STATIC has been compiled in, all locking becomes + * a no-op, and the global list of policies is not allowed to change after + * early boot. */ #ifndef MAC_STATIC static struct mtx mac_policy_mtx; diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c index d5963d1..7047db1 100644 --- a/sys/security/mac/mac_syscalls.c +++ b/sys/security/mac/mac_syscalls.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1999-2002 Robert N. M. Watson + * Copyright (c) 1999-2002, 2006 Robert N. M. Watson * Copyright (c) 2001 Ilmar S. Habibulin * Copyright (c) 2001-2005 Networks Associates Technology, Inc. * Copyright (c) 2005-2006 SPARTA, Inc. @@ -39,10 +39,26 @@ */ /*- - * Framework for extensible kernel access control. This file contains - * Kernel and userland interface to the framework, policy registration - * and composition. Per-object interfaces, controls, and labeling may be - * found in src/sys/security/mac/. Sample policies may be found in + * Framework for extensible kernel access control. This file contains core + * kernel infrastructure for the TrustedBSD MAC Framework, including policy + * registration, versioning, locking, error composition operator, and system + * calls. + * + * The MAC Framework implements three programming interfaces: + * + * - The kernel MAC interface, defined in mac_framework.h, and invoked + * throughout the kernel to request security decisions, notify of security + * related events, etc. + * + * - The MAC policy module interface, defined in mac_policy.h, which is + * implemented by MAC policy modules and invoked by the MAC Framework to + * forward kernel security requests and notifications to policy modules. + * + * - The user MAC API, defined in mac.h, which allows user programs to query + * and set label state on objects. + * + * The majority of the MAC Framework implementation may be found in + * src/sys/security/mac. Sample policy modules may be found in * src/sys/security/mac_*. */ @@ -96,16 +112,24 @@ __FBSDID("$FreeBSD$"); #ifdef MAC /* - * Declare that the kernel provides MAC support, version 1. This permits - * modules to refuse to be loaded if the necessary support isn't present, - * even if it's pre-boot. + * Root sysctl node for all MAC and MAC policy controls. */ -MODULE_VERSION(kernel_mac_support, 3); - SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); /* + * Declare that the kernel provides MAC support, version 3 (FreeBSD 7.x). + * This permits modules to refuse to be loaded if the necessary support isn't + * present, even if it's pre-boot. + */ +#define MAC_VERSION 3 +static unsigned int mac_version = MAC_VERSION; + +MODULE_VERSION(kernel_mac_support, MAC_VERSION); +SYSCTL_UINT(_security_mac, OID_AUTO, version, CTLFLAG_RD, &mac_version, 0, + ""); + +/* * Labels consist of a indexed set of "slots", which are allocated policies * as required. The MAC Framework maintains a bitmask of slots allocated so * far to prevent reuse. Slots cannot be reused, as the MAC Framework @@ -121,8 +145,8 @@ SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, static unsigned int mac_max_slots = MAC_MAX_SLOTS; static unsigned int mac_slot_offsets_free = (1 << MAC_MAX_SLOTS) - 1; -SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, - &mac_max_slots, 0, ""); +SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, &mac_max_slots, + 0, ""); /* * Has the kernel started generating labeled objects yet? All read/write @@ -180,6 +204,10 @@ MALLOC_DEFINE(M_MACTEMP, "mactemp", "MAC temporary label storage"); * Another reason for never blocking on read references is that the MAC * Framework may recurse: if a policy calls a VOP, for example, this might * lead to vnode life cycle operations (such as init/destroy). + * + * If the kernel option MAC_STATIC has been compiled in, all locking becomes + * a no-op, and the global list of policies is not allowed to change after + * early boot. */ #ifndef MAC_STATIC static struct mtx mac_policy_mtx; |