PERFORCE change 109960 for review
Todd Miller
millert at FreeBSD.org
Tue Nov 14 18:51:18 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=109960
Change 109960 by millert at millert_g5tower on 2006/11/14 18:51:12
Rename mac_vnode_label_associate_file() to
mac_vnode_label_associate_fdesc() and pass in a richer set
of args. With this we no longer need a vnode_label_associate_cred
entry point. The policy itself can decide whether to fall
back to the cred or mount label in the abscence of a file label.
Affected files ...
.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_framework.h#15 edit
.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_policy.h#23 edit
.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_vfs.c#18 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_framework.h#15 (text+ko) ====
@@ -56,6 +56,7 @@
struct bpf_d;
struct componentname;
struct devnode;
+struct fdescnode;
struct fileglob;
struct ifnet;
struct lctx;
@@ -149,8 +150,8 @@
struct vnode *vp);
int mac_vnode_label_associate_extattr(struct mount *mp, struct vnode *vp);
void mac_vnode_label_associate_singlelabel(struct mount *mp, struct vnode *vp);
-int mac_vnode_label_associate_file(struct ucred *cred, struct fileglob *fg,
- struct vnode *vp);
+int mac_vnode_label_associate_fdesc(struct mount *mp, struct fdescnode *fnp,
+ struct vnode *vp, vfs_context_t ctx);
void mac_devfs_label_associate_device(dev_t dev, struct devnode *de,
const char *fullpath);
void mac_devfs_label_associate_directory(char *dirname, int dirnamelen,
==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_policy.h#23 (text+ko) ====
@@ -1462,6 +1462,8 @@
/**
@brief Associate a file label with a vnode
@param cred User credential
+ @param mp Fdesc mount point
+ @param mntlabel Fdesc mount point label
@param fg Fileglob structure
@param label Policy label for fg
@param vp Vnode to label
@@ -1473,6 +1475,8 @@
*/
typedef void mpo_vnode_label_associate_file_t(
struct ucred *cred,
+ struct mount *mp,
+ struct label *mntlabel,
struct fileglob *fg,
struct label *label,
struct vnode *vp,
==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/security/mac_vfs.c#18 (text+ko) ====
@@ -256,8 +256,7 @@
struct fdescnode *fnp;
struct fileglob *fg;
struct proc *p;
- int error;
- int fd;
+ int error, fd;
error = 0;
@@ -269,11 +268,7 @@
break;
case VT_FDESC:
fnp = VTOFDESC(vp);
- p = vfs_context_proc(ctx);
- fd = fnp->fd_fd;
- fg = fd != -1 ? p->p_fd->fd_ofiles[fd]->f_fglob : NULL;
- error = mac_vnode_label_associate_file(vfs_context_ucred(ctx),
- fg, vp);
+ error = mac_vnode_label_associate_fdesc(mp, fnp, vp, ctx);
break;
default:
error = mac_vnode_label_associate_extattr(mp, vp);
@@ -778,10 +773,6 @@
if (strcmp(mp->mnt_vfsstat.f_fstypename, "fdesc") == 0)
mp->mnt_flag |= MNT_MULTILABEL;
- /* MULTILABEL on FDESC. */
- if (strcmp(mp->mnt_vfsstat.f_fstypename, "fdesc") == 0)
- mp->mnt_flag |= MNT_MULTILABEL;
-
/* MULTILABEL on all NFS filesystems. */
if (strcmp(mp->mnt_vfsstat.f_fstypename, "nfs") == 0)
mp->mnt_flag |= MNT_MULTILABEL;
@@ -939,9 +930,10 @@
}
int
-mac_vnode_label_associate_file(struct ucred *cred, struct fileglob *fg,
- struct vnode *vp)
+mac_vnode_label_associate_fdesc(struct mount *mp, struct fdescnode *fnp,
+ struct vnode *vp, vfs_context_t ctx)
{
+ struct fileglob *fg;
struct pseminfo *psem;
struct pshminfo *pshm;
struct xsocket xso;
@@ -951,14 +943,15 @@
int error;
/*
- * If no backing file, use the cred label.
+ * If no backing file, let the policy choose which label to use.
*/
- if (fg == NULL) {
- MAC_PERFORM(vnode_label_associate_cred, cred,
- vp, vp->v_label);
+ if (fnp->fd_fd == -1) {
+ MAC_PERFORM(vnode_label_associate_file, vfs_context_ucred(ctx),
+ mp, mp->mnt_mntlabel, NULL, NULL, vp, vp->v_label);
return (0);
}
+ fg = (*fdfile(vfs_context_proc(ctx), fnp->fd_fd))->f_fglob;
switch (fg->fg_type) {
case DTYPE_VNODE:
fvp = (struct vnode *)fg->fg_data;
@@ -970,37 +963,40 @@
case DTYPE_SOCKET:
so = (struct socket *)fg->fg_data;
sotoxsocket(so, &xso);
- MAC_PERFORM(vnode_label_associate_socket, cred, &xso,
- so->so_label, vp, vp->v_label);
+ MAC_PERFORM(vnode_label_associate_socket,
+ vfs_context_ucred(ctx), &xso, so->so_label,
+ vp, vp->v_label);
break;
case DTYPE_PSXSHM:
/* XXX: should hold the PSHM_SUBSYS lock. */
pshm = pshmnodeinfo((struct pshmnode *)fg->fg_data);
if (pshm == NULL)
return (EINVAL);
- MAC_PERFORM(vnode_label_associate_posixshm, cred, pshm,
- pshm->pshm_label, vp, vp->v_label);
+ MAC_PERFORM(vnode_label_associate_posixshm,
+ vfs_context_ucred(ctx), pshm, pshm->pshm_label,
+ vp, vp->v_label);
break;
case DTYPE_PSXSEM:
/* XXX: should hold the PSEM_SUBSYS lock. */
psem = psemnodeinfo((struct psemnode *)fg->fg_data);
if (psem == NULL)
return (EINVAL);
- MAC_PERFORM(vnode_label_associate_posixsem, cred, psem,
- psem->psem_label, vp, vp->v_label);
+ MAC_PERFORM(vnode_label_associate_posixsem,
+ vfs_context_ucred(ctx), psem, psem->psem_label,
+ vp, vp->v_label);
vnode_unlock(vp);
break;
case DTYPE_PIPE:
/* XXX: should PIPE_LOCK */
cpipe = (struct pipe *)fg->fg_data;
- MAC_PERFORM(vnode_label_associate_pipe, cred, cpipe,
- cpipe->pipe_label, vp, vp->v_label);
+ MAC_PERFORM(vnode_label_associate_pipe, vfs_context_ucred(ctx),
+ cpipe, cpipe->pipe_label, vp, vp->v_label);
break;
case DTYPE_KQUEUE:
case DTYPE_FSEVENTS:
default:
- MAC_PERFORM(vnode_label_associate_file, cred, fg, fg->fg_label,
- vp, vp->v_label);
+ MAC_PERFORM(vnode_label_associate_file, vfs_context_ucred(ctx),
+ mp, mp->mnt_mntlabel, fg, fg->fg_label, vp, vp->v_label);
break;
}
return (0);
More information about the p4-projects
mailing list