kern/178667: [patch] mac_lomac policy ignores aux label when reading/writing file extattr
Priit Järv
priit at cc.ttu.ee
Wed May 15 18:00:00 UTC 2013
>Number: 178667
>Category: kern
>Synopsis: [patch] mac_lomac policy ignores aux label when reading/writing file extattr
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed May 15 18:00:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Priit Järv
>Release: 9.1-RELEASE
>Organization:
>Environment:
FreeBSD test 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Sat May 11 16:22:59 EEST 2013 root at test:/usr/obj/usr/src/sys/MACTEST amd64
>Description:
in sys/security/mac_lomac/mac_lomac.c:
lomac_vnode_associate_extattr() and lomac_vnode_setlabel_extattr() only copy part of the LOMAC label, ignoring the value of the auxiliary grade.
Note that lomac_vnode_create_extattr(), the third function to access the file extended attributes, does already copy the auxiliary grade if it is present.
The problem has been reported for 9.1-RELEASE but it has been confirmed to be present in stable/9. The same problem is likely to be present in head (-CURRENT) as the relevant code has not been modified.
>How-To-Repeat:
1. enable mac_lomac policy in kernel
2. create a multilabel filesystem (newfs -l -U /dev/somedev)
3. mount the filesystem and set lomac labels
mount /dev/somedev /mnt
mkdir /mnt/1
setfmac lomac/high\[low\] /mnt/1 # aux grade
touch /mnt/1/2 # inherits grade from directory
touch /mnt/1/3
setfmac lomac/high\[low\] /mnt/1/3 # set manually
4. use getextattr -x system mac_lomac /mnt/1 /mnt/1/2 /mnt/1/3
(only the file that inherited the grade has aux grade in extattr)
5. note the labels ls -lZa /mnt/1
6. umount /mnt; mount /dev/somedev /mnt
7. note the aux grades are missing with ls -lZa /mnt/1
>Fix:
Apply the patch. Tested with GENERIC kernel on 9.1-RELEASE and stable/9.
Patch attached with submission follows:
--- sys/security/mac_lomac/mac_lomac.c.orig 2013-05-10 22:56:10.000000000 +0300
+++ sys/security/mac_lomac/mac_lomac.c 2013-05-11 21:30:47.000000000 +0300
@@ -2334,6 +2334,8 @@
}
lomac_copy_single(&ml_temp, dest);
+ if (ml_temp.ml_flags & MAC_LOMAC_FLAG_AUX)
+ lomac_copy_auxsingle(&ml_temp, dest);
return (0);
}
@@ -2908,6 +2910,9 @@
return (0);
lomac_copy_single(source, &temp);
+ if (source->ml_flags & MAC_LOMAC_FLAG_AUX)
+ lomac_copy_auxsingle(source, &temp);
+
error = vn_extattr_set(vp, IO_NODELOCKED, MAC_LOMAC_EXTATTR_NAMESPACE,
MAC_LOMAC_EXTATTR_NAME, buflen, (char *)&temp, curthread);
return (error);
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list