From 011f42054d1f861cd2435866ba646fa0cf752103 Mon Sep 17 00:00:00 2001 From: kib Date: Tue, 16 Aug 2011 20:07:47 +0000 Subject: Add the fo_chown and fo_chmod methods to struct fileops and use them to implement fchown(2) and fchmod(2) support for several file types that previously lacked it. Add MAC entries for chown/chmod done on posix shared memory and (old) in-kernel posix semaphores. Based on the submission by: glebius Reviewed by: rwatson Approved by: re (bz) --- sys/security/mac/mac_framework.h | 8 +++++++ sys/security/mac/mac_policy.h | 16 +++++++++++++ sys/security/mac/mac_posix_sem.c | 32 +++++++++++++++++++++++++ sys/security/mac/mac_posix_shm.c | 32 +++++++++++++++++++++++++ sys/security/mac_stub/mac_stub.c | 36 ++++++++++++++++++++++++++++ sys/security/mac_test/mac_test.c | 52 ++++++++++++++++++++++++++++++++++++++++ 6 files changed, 176 insertions(+) (limited to 'sys/security') diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h index f515e98e..011cb86 100644 --- a/sys/security/mac/mac_framework.h +++ b/sys/security/mac/mac_framework.h @@ -225,6 +225,10 @@ int mac_posixsem_check_getvalue(struct ucred *active_cred, int mac_posixsem_check_open(struct ucred *cred, struct ksem *ks); int mac_posixsem_check_post(struct ucred *active_cred, struct ucred *file_cred, struct ksem *ks); +int mac_posixsem_check_setmode(struct ucred *cred, struct ksem *ks, + mode_t mode); +int mac_posixsem_check_setowner(struct ucred *cred, struct ksem *ks, + uid_t uid, gid_t gid); int mac_posixsem_check_stat(struct ucred *active_cred, struct ucred *file_cred, struct ksem *ks); int mac_posixsem_check_unlink(struct ucred *cred, struct ksem *ks); @@ -237,6 +241,10 @@ void mac_posixsem_init(struct ksem *); int mac_posixshm_check_mmap(struct ucred *cred, struct shmfd *shmfd, int prot, int flags); int mac_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd); +int mac_posixshm_check_setmode(struct ucred *cred, struct shmfd *shmfd, + mode_t mode); +int mac_posixshm_check_setowner(struct ucred *cred, struct shmfd *shmfd, + uid_t uid, gid_t gid); int mac_posixshm_check_stat(struct ucred *active_cred, struct ucred *file_cred, struct shmfd *shmfd); int mac_posixshm_check_truncate(struct ucred *active_cred, diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h index b874c41..b7ef07b 100644 --- a/sys/security/mac/mac_policy.h +++ b/sys/security/mac/mac_policy.h @@ -336,6 +336,12 @@ typedef int (*mpo_posixsem_check_open_t)(struct ucred *cred, typedef int (*mpo_posixsem_check_post_t)(struct ucred *active_cred, struct ucred *file_cred, struct ksem *ks, struct label *kslabel); +typedef int (*mpo_posixsem_check_setmode_t)(struct ucred *cred, + struct ksem *ks, struct label *shmlabel, + mode_t mode); +typedef int (*mpo_posixsem_check_setowner_t)(struct ucred *cred, + struct ksem *ks, struct label *shmlabel, + uid_t uid, gid_t gid); typedef int (*mpo_posixsem_check_stat_t)(struct ucred *active_cred, struct ucred *file_cred, struct ksem *ks, struct label *kslabel); @@ -354,6 +360,12 @@ typedef int (*mpo_posixshm_check_mmap_t)(struct ucred *cred, int flags); typedef int (*mpo_posixshm_check_open_t)(struct ucred *cred, struct shmfd *shmfd, struct label *shmlabel); +typedef int (*mpo_posixshm_check_setmode_t)(struct ucred *cred, + struct shmfd *shmfd, struct label *shmlabel, + mode_t mode); +typedef int (*mpo_posixshm_check_setowner_t)(struct ucred *cred, + struct shmfd *shmfd, struct label *shmlabel, + uid_t uid, gid_t gid); typedef int (*mpo_posixshm_check_stat_t)(struct ucred *active_cred, struct ucred *file_cred, struct shmfd *shmfd, struct label *shmlabel); @@ -791,6 +803,8 @@ struct mac_policy_ops { mpo_posixsem_check_getvalue_t mpo_posixsem_check_getvalue; mpo_posixsem_check_open_t mpo_posixsem_check_open; mpo_posixsem_check_post_t mpo_posixsem_check_post; + mpo_posixsem_check_setmode_t mpo_posixsem_check_setmode; + mpo_posixsem_check_setowner_t mpo_posixsem_check_setowner; mpo_posixsem_check_stat_t mpo_posixsem_check_stat; mpo_posixsem_check_unlink_t mpo_posixsem_check_unlink; mpo_posixsem_check_wait_t mpo_posixsem_check_wait; @@ -800,6 +814,8 @@ struct mac_policy_ops { mpo_posixshm_check_mmap_t mpo_posixshm_check_mmap; mpo_posixshm_check_open_t mpo_posixshm_check_open; + mpo_posixshm_check_setmode_t mpo_posixshm_check_setmode; + mpo_posixshm_check_setowner_t mpo_posixshm_check_setowner; mpo_posixshm_check_stat_t mpo_posixshm_check_stat; mpo_posixshm_check_truncate_t mpo_posixshm_check_truncate; mpo_posixshm_check_unlink_t mpo_posixshm_check_unlink; diff --git a/sys/security/mac/mac_posix_sem.c b/sys/security/mac/mac_posix_sem.c index 9035d60..461e5db 100644 --- a/sys/security/mac/mac_posix_sem.c +++ b/sys/security/mac/mac_posix_sem.c @@ -198,3 +198,35 @@ mac_posixsem_check_wait(struct ucred *active_cred, struct ucred *file_cred, return (error); } + +MAC_CHECK_PROBE_DEFINE3(posixsem_check_setmode, "struct ucred *", + "struct ksem *", "mode_t"); + +int +mac_posixsem_check_setmode(struct ucred *cred, struct ksem *ks, mode_t mode) +{ + int error; + + MAC_POLICY_CHECK_NOSLEEP(posixsem_check_setmode, cred, ks, + ks->ks_label, mode); + MAC_CHECK_PROBE3(posixsem_check_setmode, error, cred, ks, mode); + + return (error); +} + +MAC_CHECK_PROBE_DEFINE4(posixsem_check_setowner, "struct ucred *", + "struct ks *", "uid_t", "gid_t"); + +int +mac_posixsem_check_setowner(struct ucred *cred, struct ksem *ks, uid_t uid, + gid_t gid) +{ + int error; + + MAC_POLICY_CHECK_NOSLEEP(posixsem_check_setowner, cred, ks, + ks->ks_label, uid, gid); + MAC_CHECK_PROBE4(posixsem_check_setowner, error, cred, ks, + uid, gid); + + return (error); +} diff --git a/sys/security/mac/mac_posix_shm.c b/sys/security/mac/mac_posix_shm.c index 4432a98..7e1c3f7 100644 --- a/sys/security/mac/mac_posix_shm.c +++ b/sys/security/mac/mac_posix_shm.c @@ -181,3 +181,35 @@ mac_posixshm_check_unlink(struct ucred *cred, struct shmfd *shmfd) return (error); } + +MAC_CHECK_PROBE_DEFINE3(posixshm_check_setmode, "struct ucred *", + "struct shmfd *", "mode_t"); + +int +mac_posixshm_check_setmode(struct ucred *cred, struct shmfd *shmfd, mode_t mode) +{ + int error; + + MAC_POLICY_CHECK_NOSLEEP(posixshm_check_setmode, cred, shmfd, + shmfd->shm_label, mode); + MAC_CHECK_PROBE3(posixshm_check_setmode, error, cred, shmfd, mode); + + return (error); +} + +MAC_CHECK_PROBE_DEFINE4(posixshm_check_setowner, "struct ucred *", + "struct shmfd *", "uid_t", "gid_t"); + +int +mac_posixshm_check_setowner(struct ucred *cred, struct shmfd *shmfd, uid_t uid, + gid_t gid) +{ + int error; + + MAC_POLICY_CHECK_NOSLEEP(posixshm_check_setowner, cred, shmfd, + shmfd->shm_label, uid, gid); + MAC_CHECK_PROBE4(posixshm_check_setowner, error, cred, shmfd, + uid, gid); + + return (error); +} diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c index 007efb8..361bb15 100644 --- a/sys/security/mac_stub/mac_stub.c +++ b/sys/security/mac_stub/mac_stub.c @@ -687,6 +687,22 @@ stub_posixsem_check_post(struct ucred *active_cred, struct ucred *file_cred, } static int +stub_posixsem_check_setmode(struct ucred *cred, struct ksem *ks, + struct label *kslabel, mode_t mode) +{ + + return (0); +} + +static int +stub_posixsem_check_setowner(struct ucred *cred, struct ksem *ks, + struct label *kslabel, uid_t uid, gid_t gid) +{ + + return (0); +} + +static int stub_posixsem_check_stat(struct ucred *active_cred, struct ucred *file_cred, struct ksem *ks, struct label *kslabel) { @@ -734,6 +750,22 @@ stub_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd, } static int +stub_posixshm_check_setmode(struct ucred *cred, struct shmfd *shmfd, + struct label *shmlabel, mode_t mode) +{ + + return (0); +} + +static int +stub_posixshm_check_setowner(struct ucred *cred, struct shmfd *shmfd, + struct label *shmlabel, uid_t uid, gid_t gid) +{ + + return (0); +} + +static int stub_posixshm_check_stat(struct ucred *active_cred, struct ucred *file_cred, struct shmfd *shmfd, struct label *shmlabel) { @@ -1731,6 +1763,8 @@ static struct mac_policy_ops stub_ops = .mpo_posixsem_check_getvalue = stub_posixsem_check_getvalue, .mpo_posixsem_check_open = stub_posixsem_check_open, .mpo_posixsem_check_post = stub_posixsem_check_post, + .mpo_posixsem_check_setmode = stub_posixsem_check_setmode, + .mpo_posixsem_check_setowner = stub_posixsem_check_setowner, .mpo_posixsem_check_stat = stub_posixsem_check_stat, .mpo_posixsem_check_unlink = stub_posixsem_check_unlink, .mpo_posixsem_check_wait = stub_posixsem_check_wait, @@ -1740,6 +1774,8 @@ static struct mac_policy_ops stub_ops = .mpo_posixshm_check_mmap = stub_posixshm_check_mmap, .mpo_posixshm_check_open = stub_posixshm_check_open, + .mpo_posixshm_check_setmode = stub_posixshm_check_setmode, + .mpo_posixshm_check_setowner = stub_posixshm_check_setowner, .mpo_posixshm_check_stat = stub_posixshm_check_stat, .mpo_posixshm_check_truncate = stub_posixshm_check_truncate, .mpo_posixshm_check_unlink = stub_posixshm_check_unlink, diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index bef0cb7..2aa2e38 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -1297,6 +1297,30 @@ test_posixsem_check_post(struct ucred *active_cred, struct ucred *file_cred, return (0); } +COUNTER_DECL(posixsem_check_setmode); +static int +test_posixsem_check_setmode(struct ucred *cred, struct ksem *ks, + struct label *kslabel, mode_t mode) +{ + + LABEL_CHECK(cred->cr_label, MAGIC_CRED); + LABEL_CHECK(kslabel, MAGIC_POSIX_SHM); + COUNTER_INC(posixsem_check_setmode); + return (0); +} + +COUNTER_DECL(posixsem_check_setowner); +static int +test_posixsem_check_setowner(struct ucred *cred, struct ksem *ks, + struct label *kslabel, uid_t uid, gid_t gid) +{ + + LABEL_CHECK(cred->cr_label, MAGIC_CRED); + LABEL_CHECK(kslabel, MAGIC_POSIX_SHM); + COUNTER_INC(posixsem_check_setowner); + return (0); +} + COUNTER_DECL(posixsem_check_stat); static int test_posixsem_check_stat(struct ucred *active_cred, @@ -1390,6 +1414,30 @@ test_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd, return (0); } +COUNTER_DECL(posixshm_check_setmode); +static int +test_posixshm_check_setmode(struct ucred *cred, struct shmfd *shmfd, + struct label *shmfdlabel, mode_t mode) +{ + + LABEL_CHECK(cred->cr_label, MAGIC_CRED); + LABEL_CHECK(shmfdlabel, MAGIC_POSIX_SHM); + COUNTER_INC(posixshm_check_setmode); + return (0); +} + +COUNTER_DECL(posixshm_check_setowner); +static int +test_posixshm_check_setowner(struct ucred *cred, struct shmfd *shmfd, + struct label *shmfdlabel, uid_t uid, gid_t gid) +{ + + LABEL_CHECK(cred->cr_label, MAGIC_CRED); + LABEL_CHECK(shmfdlabel, MAGIC_POSIX_SHM); + COUNTER_INC(posixshm_check_setowner); + return (0); +} + COUNTER_DECL(posixshm_check_stat); static int test_posixshm_check_stat(struct ucred *active_cred, @@ -3045,6 +3093,8 @@ static struct mac_policy_ops test_ops = .mpo_posixsem_check_getvalue = test_posixsem_check_getvalue, .mpo_posixsem_check_open = test_posixsem_check_open, .mpo_posixsem_check_post = test_posixsem_check_post, + .mpo_posixsem_check_setmode = test_posixsem_check_setmode, + .mpo_posixsem_check_setowner = test_posixsem_check_setowner, .mpo_posixsem_check_stat = test_posixsem_check_stat, .mpo_posixsem_check_unlink = test_posixsem_check_unlink, .mpo_posixsem_check_wait = test_posixsem_check_wait, @@ -3054,6 +3104,8 @@ static struct mac_policy_ops test_ops = .mpo_posixshm_check_mmap = test_posixshm_check_mmap, .mpo_posixshm_check_open = test_posixshm_check_open, + .mpo_posixshm_check_setmode = test_posixshm_check_setmode, + .mpo_posixshm_check_setowner = test_posixshm_check_setowner, .mpo_posixshm_check_stat = test_posixshm_check_stat, .mpo_posixshm_check_truncate = test_posixshm_check_truncate, .mpo_posixshm_check_unlink = test_posixshm_check_unlink, -- cgit v1.1