Sysctls cleanup.
Pawel Jakub Dawidek
nick at garage.freebsd.pl
Thu Oct 16 00:32:56 PDT 2003
Helloi hackers...
I think this is more correct (but I haven't test it!).
I've started to implement labels for sysctls, but after thinking this
over again, I think this isn't really necessary.
--
Pawel Jakub Dawidek pawel at dawidek.net
UNIX Systems Programmer/Administrator http://garage.freebsd.pl
Am I Evil? Yes, I Am! http://cerber.sourceforge.net
-------------- next part --------------
(c) 2003 Pawel Jakub Dawidek <jules at garage.freebsd.pl>
Patch against FreeBSD 5.1-CURRENT, kern.osreldate: 501110.
diff -upr /usr/src/sys/kern/kern_mac.c src/sys/kern/kern_mac.c
--- /usr/src/sys/kern/kern_mac.c Tue Oct 14 21:15:22 2003
+++ src/sys/kern/kern_mac.c Thu Oct 16 04:45:37 2003
@@ -2961,8 +2961,8 @@ mac_check_system_swapoff(struct ucred *c
}
int
-mac_check_system_sysctl(struct ucred *cred, int *name, u_int namelen,
- void *old, size_t *oldlenp, int inkernel, void *new, size_t newlen)
+mac_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp, void *arg1,
+ int arg2, struct sysctl_req *req)
{
int error;
@@ -2973,8 +2973,7 @@ mac_check_system_sysctl(struct ucred *cr
if (!mac_enforce_system)
return (0);
- MAC_CHECK(check_system_sysctl, cred, name, namelen, old, oldlenp,
- inkernel, new, newlen);
+ MAC_CHECK(check_system_sysctl, cred, oidp, arg1, arg2, req);
return (error);
}
diff -upr /usr/src/sys/kern/kern_sysctl.c src/sys/kern/kern_sysctl.c
--- /usr/src/sys/kern/kern_sysctl.c Thu Oct 16 02:58:27 2003
+++ src/sys/kern/kern_sysctl.c Thu Oct 16 04:51:02 2003
@@ -1175,12 +1175,22 @@ sysctl_root(SYSCTL_HANDLER_ARGS)
if (!oid->oid_handler)
return EINVAL;
- if ((oid->oid_kind & CTLTYPE) == CTLTYPE_NODE)
- error = oid->oid_handler(oid, (int *)arg1 + indx, arg2 - indx,
- req);
- else
- error = oid->oid_handler(oid, oid->oid_arg1, oid->oid_arg2,
- req);
+ if ((oid->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
+ (int *)arg1 += indx;
+ arg2 -= indx;
+ } else {
+ arg1 = oid->oid_arg1;
+ arg2 = oid->oid_arg2;
+ }
+
+#ifdef MAC
+ error = mac_check_system_sysctl(td->td_ucred, oid, arg1, arg2, req);
+ if (error != 0)
+ return (error);
+#endif
+
+ error = oid->oid_handler(oid, arg1, arg2, req);
+
return (error);
}
@@ -1271,15 +1281,6 @@ userland_sysctl(struct thread *td, int *
req.lock = REQ_LOCKED;
SYSCTL_LOCK();
-
-#ifdef MAC
- error = mac_check_system_sysctl(td->td_ucred, name, namelen, old,
- oldlenp, inkernel, new, newlen);
- if (error) {
- SYSCTL_UNLOCK();
- return (error);
- }
-#endif
do {
req2 = req;
diff -upr /usr/src/sys/security/mac_biba/mac_biba.c src/sys/security/mac_biba/mac_biba.c
--- /usr/src/sys/security/mac_biba/mac_biba.c Thu Aug 21 16:34:54 2003
+++ src/sys/security/mac_biba/mac_biba.c Thu Oct 16 04:34:56 2003
@@ -1941,8 +1941,8 @@ mac_biba_check_system_swapoff(struct ucr
}
static int
-mac_biba_check_system_sysctl(struct ucred *cred, int *name, u_int namelen,
- void *old, size_t *oldlenp, int inkernel, void *new, size_t newlen)
+mac_biba_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
+ void *arg1, int arg2, struct sysctl_req *req)
{
struct mac_biba *subj;
int error;
@@ -1953,16 +1953,10 @@ mac_biba_check_system_sysctl(struct ucre
subj = SLOT(&cred->cr_label);
/*
- * In general, treat sysctl variables as biba/high, but also
- * require privilege to change them, since they are a
- * communications channel between grades. Exempt MIB
- * queries from this due to undocmented sysctl magic.
- * XXXMAC: This probably requires some more review.
+ * Treat sysctl variables without CTLFLAG_ANYBODY flag as
+ * biba/high, but also require privilege to change them.
*/
- if (new != NULL) {
- if (namelen > 0 && name[0] == 0)
- return (0);
-
+ if (req->newptr != NULL && (oid->oid_kind & CTLFLAG_ANYBODY) == 0) {
if (!mac_biba_subject_dominate_high(subj))
return (EACCES);
diff -upr /usr/src/sys/security/mac_lomac/mac_lomac.c src/sys/security/mac_lomac/mac_lomac.c
--- /usr/src/sys/security/mac_lomac/mac_lomac.c Thu Aug 21 20:07:52 2003
+++ src/sys/security/mac_lomac/mac_lomac.c Thu Oct 16 04:51:58 2003
@@ -2031,8 +2031,8 @@ mac_lomac_check_system_swapon(struct ucr
}
static int
-mac_lomac_check_system_sysctl(struct ucred *cred, int *name, u_int namelen,
- void *old, size_t *oldlenp, int inkernel, void *new, size_t newlen)
+mac_lomac_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
+ void *arg1, int arg2, struct sysctl_req *req)
{
struct mac_lomac *subj;
@@ -2042,16 +2042,10 @@ mac_lomac_check_system_sysctl(struct ucr
subj = SLOT(&cred->cr_label);
/*
- * In general, treat sysctl variables as lomac/high, but also
- * require privilege to change them, since they are a
- * communications channel between grades. Exempt MIB
- * queries from this due to undocmented sysctl magic.
- * XXXMAC: This probably requires some more review.
+ * Treat sysctl variables without CTLFLAG_ANYBODY flag as
+ * lomac/high, but also require privilege to change them.
*/
- if (new != NULL) {
- if (namelen > 0 && name[0] == 0)
- return (0);
-
+ if (req->newptr != NULL && (oid->oid_kind & CTLFLAG_ANYBODY) == 0) {
#ifdef notdef
if (!mac_lomac_subject_dominate_high(subj))
return (EACCES);
diff -upr /usr/src/sys/security/mac_stub/mac_stub.c src/sys/security/mac_stub/mac_stub.c
--- /usr/src/sys/security/mac_stub/mac_stub.c Thu Aug 21 19:05:36 2003
+++ src/sys/security/mac_stub/mac_stub.c Thu Oct 16 04:42:42 2003
@@ -727,8 +727,8 @@ stub_check_system_swapoff(struct ucred *
}
static int
-stub_check_system_sysctl(struct ucred *cred, int *name, u_int namelen,
- void *old, size_t *oldlenp, int inkernel, void *new, size_t newlen)
+stub_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
+ void *arg1, int arg2, struct sysctl_req *req)
{
return (0);
diff -upr /usr/src/sys/security/mac_test/mac_test.c src/sys/security/mac_test/mac_test.c
--- /usr/src/sys/security/mac_test/mac_test.c Tue Oct 14 21:16:35 2003
+++ src/sys/security/mac_test/mac_test.c Thu Oct 16 04:44:22 2003
@@ -1361,8 +1361,8 @@ mac_test_check_system_swapoff(struct ucr
}
static int
-mac_test_check_system_sysctl(struct ucred *cred, int *name, u_int namelen,
- void *old, size_t *oldlenp, int inkernel, void *new, size_t newlen)
+mac_test_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
+ void *arg1, int arg2, struct sysctl_req *req)
{
ASSERT_CRED_LABEL(&cred->cr_label);
diff -upr /usr/src/sys/sys/mac.h src/sys/sys/mac.h
--- /usr/src/sys/sys/mac.h Tue Oct 14 21:16:40 2003
+++ src/sys/sys/mac.h Thu Oct 16 04:38:12 2003
@@ -270,9 +270,8 @@ int mac_check_system_reboot(struct ucred
int mac_check_system_settime(struct ucred *cred);
int mac_check_system_swapon(struct ucred *cred, struct vnode *vp);
int mac_check_system_swapoff(struct ucred *cred, struct vnode *vp);
-int mac_check_system_sysctl(struct ucred *cred, int *name,
- u_int namelen, void *old, size_t *oldlenp, int inkernel,
- void *new, size_t newlen);
+int mac_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
+ void *arg1, int arg2, struct sysctl_req *req);
int mac_check_vnode_access(struct ucred *cred, struct vnode *vp,
int acc_mode);
int mac_check_vnode_chdir(struct ucred *cred, struct vnode *dvp);
diff -upr /usr/src/sys/sys/mac_policy.h src/sys/sys/mac_policy.h
--- /usr/src/sys/sys/mac_policy.h Tue Oct 14 21:16:40 2003
+++ src/sys/sys/mac_policy.h Thu Oct 16 04:36:02 2003
@@ -344,9 +344,9 @@ struct mac_policy_ops {
struct vnode *vp, struct label *label);
int (*mpo_check_system_swapoff)(struct ucred *cred,
struct vnode *vp, struct label *label);
- int (*mpo_check_system_sysctl)(struct ucred *cred, int *name,
- u_int namelen, void *old, size_t *oldlenp, int inkernel,
- void *new, size_t newlen);
+ int (*mpo_check_system_sysctl)(struct ucred *cred,
+ struct sysctl_oid *oidp, void *arg1, int arg2,
+ struct sysctl_req *req);
int (*mpo_check_vnode_access)(struct ucred *cred,
struct vnode *vp, struct label *label, int acc_mode);
int (*mpo_check_vnode_chdir)(struct ucred *cred,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20031016/e048be0e/attachment.bin
More information about the freebsd-hackers
mailing list