PERFORCE change 18288 for review

Sat Sep 28 19:26:17 GMT 2002

http://people.freebsd.org/~peter/p4db/chv.cgi?CH=18288

Change 18288 by rwatson at rwatson_tislabs on 2002/09/28 12:25:23

	Similar class of changes to those made in Biba a little bit
	ago: teach the kernel module how to speak our MLS label strings,
	and get rid of the MLS user module, since that's no longer
	needed.  Update mac.conf to reflect the fact that libmac_generic
	can now be used with MLS strings.

Affected files ...

.. //depot/projects/trustedbsd/mac/etc/mac.conf#3 edit
.. //depot/projects/trustedbsd/mac/lib/libmac/modules/Makefile#3 edit
.. //depot/projects/trustedbsd/mac/lib/libmac/modules/mac_mls/Makefile#2 delete
.. //depot/projects/trustedbsd/mac/lib/libmac/modules/mac_mls/mac_mls.c#2 delete
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#95 edit

Differences ...

==== //depot/projects/trustedbsd/mac/etc/mac.conf#3 (text+ko) ====

@@ -17,7 +17,6 @@
 # Bind policy names to loadable shared modules
 #
 
-module mac_mls libmac_mls.so.1			# MLS confidentiality
-module mac_generic libmac_generic.so.1 biba te	# Type enforcement
-module mac_partition libmac_partition.so.1	# Partition policy
+module mac_generic libmac_generic.so.1 biba mls, te	# Type enforcement
+module mac_partition libmac_partition.so.1		# Partition policy
 

==== //depot/projects/trustedbsd/mac/lib/libmac/modules/Makefile#3 (text+ko) ====

@@ -1,3 +1,3 @@
-SUBDIR		= mac_generic mac_mls mac_partition
+SUBDIR		= mac_generic mac_partition
 
 .include <bsd.subdir.mk>

==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#95 (text+ko) ====

@@ -53,6 +53,7 @@
 #include <sys/systm.h>
 #include <sys/sysproto.h>
 #include <sys/sysent.h>
+#include <sys/systm.h>
 #include <sys/vnode.h>
 #include <sys/file.h>
 #include <sys/socket.h>
@@ -466,26 +467,104 @@
 	SLOT(label) = NULL;
 }
 
+/*
+ * mac_mls_element_to_string() is basically an snprintf wrapper with
+ * the same properties as snprintf().  It returns the length it would
+ * have added to the string in the event the string is too short.
+ */
+static int
+mac_mls_element_to_string(char *string, size_t size,
+    struct mac_mls_element *element)
+{
+
+	switch (element->mme_type) {
+	case MAC_MLS_TYPE_HIGH:
+		return (snprintf(string, size, "high"));
+
+	case MAC_MLS_TYPE_LOW:
+		return (snprintf(string, size, "low"));
+
+	case MAC_MLS_TYPE_EQUAL:
+		return (snprintf(string, size, "equal"));
+
+	case MAC_MLS_TYPE_LEVEL:
+		return (snprintf(string, size, "%d", element->mme_level));
+
+	default:
+		panic("mac_mls_element_to_string: invalid type (%d)",
+		    element->mme_type);
+	}
+}
+
 static int
 mac_mls_externalize_label(struct label *label, struct mac *mac,
     struct mac_element *element, int *claimed)
 {
 	struct mac_mls *mac_mls;
+	char string[MAC_MAX_LABEL_ELEMENT_DATALEN], *curptr;
+	size_t left, len;
 	int error;
 
 	if (strcmp(MAC_MLS_LABEL_NAME, element->me_name) == 0) {
 		(*claimed)++;
 
-		if (element->me_databuflen < sizeof(struct mac_mls))
+		mac_mls = SLOT(label);
+
+		bzero(string, sizeof(string));
+		curptr = string;
+		left = MAC_MAX_LABEL_ELEMENT_DATALEN;
+
+		if (mac_mls->mm_flags & MAC_MLS_FLAG_SINGLE) {
+			len = mac_mls_element_to_string(curptr, left,
+			    &mac_mls->mm_single);
+			if (len >= left)
+				return (EINVAL);
+			left -= len;
+			curptr += len;
+		}
+
+		if (mac_mls->mm_flags & MAC_MLS_FLAG_RANGE) {
+			len = snprintf(curptr, left, "(");
+			if (len >= left)
+				return (EINVAL);
+			left -= len;
+			curptr += len;
+
+			len = mac_mls_element_to_string(curptr, left,
+			    &mac_mls->mm_rangelow);
+			if (len >= left)
+				return (EINVAL);
+			left -= len;
+			curptr += len;
+
+			len = snprintf(curptr, left, "-");
+			if (len >= left)
+				return (EINVAL);
+			left -= len;
+			curptr += len;
+
+			len = mac_mls_element_to_string(curptr, left,
+			    &mac_mls->mm_rangehigh);
+			if (len >= left)
+				return (EINVAL);
+			left -= len;
+			curptr += len;
+
+			len = snprintf(curptr, left, ")");
+			if (len >= left)
+				return (EINVAL);
+			left -= len;
+			curptr += len;
+		}
+
+		if (strlen(string)+1 > element->me_databuflen)
 			return (EINVAL);
 
-		mac_mls = SLOT(label);
-
-		error = copyout(mac_mls, element->me_data, sizeof(*mac_mls));
+		error = copyout(string, element->me_data, strlen(string)+1);
 		if (error)
 			return (error);
 
-		element->me_datalen = sizeof(*mac_mls);
+		element->me_datalen = strlen(string)+1;
 	}
 
 	return (0);
@@ -509,22 +588,106 @@
 }
 
 static int
+mac_mls_parse_element(struct mac_mls_element *element, char *string)
+{
+
+	if (strcmp(string, "high") == 0 ||
+	    strcmp(string, "hi") == 0) {
+		element->mme_type = MAC_MLS_TYPE_HIGH;
+		element->mme_level = MAC_MLS_TYPE_UNDEF;
+	} else if (strcmp(string, "low") == 0 ||
+	    strcmp(string, "lo") == 0) {
+		element->mme_type = MAC_MLS_TYPE_LOW;
+		element->mme_level = MAC_MLS_TYPE_UNDEF;
+	} else if (strcmp(string, "equal") == 0 ||
+	    strcmp(string, "eq") == 0) {
+		element->mme_type = MAC_MLS_TYPE_EQUAL;
+		element->mme_level = MAC_MLS_TYPE_UNDEF;
+	} else {
+		int d;
+
+		d = strtol(string, NULL, 10);
+		if (d < 0 || d > 65535)
+			return (EINVAL);
+		element->mme_type = MAC_MLS_TYPE_LEVEL;
+		element->mme_level = d;
+	}
+
+	return (0);
+}
+
+static int
 mac_mls_internalize_label(struct label *label, struct mac *mac,
     struct mac_element *element, int *claimed)
 {
 	struct mac_mls *mac_mls, mac_mls_temp;
+	char string[MAC_MAX_LABEL_ELEMENT_DATALEN];		/* XXX */
+	char *range, *rangeend, *rangehigh, *rangelow, *single;
 	int error;
 
 	if (strcmp(MAC_MLS_LABEL_NAME, element->me_name) == 0) {
 		(*claimed)++;
 
-		if (element->me_datalen != sizeof(*mac_mls))
+		error = copyin(element->me_data, &string, element->me_datalen);
+		if (error)
+			return (error);
+
+		if (!strvalid(string, MAC_MAX_LABEL_ELEMENT_DATALEN))
 			return (EINVAL);
 
-		error = copyin(element->me_data, &mac_mls_temp,
-		    sizeof(mac_mls_temp));
-		if (error)
-			return (error);
+		/* Do we have a range? */
+		single = string;
+		range = index(string, '(');
+		if (range == single)
+			single = NULL;
+		rangelow = rangehigh = NULL;
+		if (range != NULL) {
+			/* Nul terminate the end of the single string. */
+			*range = '\0';
+			range++;
+			rangelow = range;
+			rangehigh = index(rangelow, '-');
+			if (rangehigh == NULL)
+				return (EINVAL);
+			rangehigh++;
+			if (*rangelow == '\0' || *rangehigh == '\0')
+				return (EINVAL);
+			rangeend = index(rangehigh, ')');
+			if (rangeend == NULL)
+				return (EINVAL);
+			if (*(rangeend + 1) != '\0')
+				return (EINVAL);
+			/* Nul terminate the ends of the ranges. */
+			*(rangehigh - 1) = '\0';
+			*rangeend = '\0';
+		}
+		KASSERT((rangelow != NULL && rangehigh != NULL) ||
+		    (rangelow == NULL && rangehigh == NULL),
+		    ("mac_biba_internalize_label: range mismatch"));
+
+		printf("MLS: single: %s, range low: %s, range high: %s\n",
+		    single, rangelow, rangehigh);
+
+		bzero(&mac_mls_temp, sizeof(mac_mls_temp));
+		if (single != NULL) {
+			error = mac_mls_parse_element(
+			    &mac_mls_temp.mm_single, single);
+			if (error)
+				return (error);
+			mac_mls_temp.mm_flags |= MAC_MLS_FLAG_SINGLE;
+		}
+
+		if (rangelow != NULL) {
+			error = mac_mls_parse_element(
+			    &mac_mls_temp.mm_rangelow, rangelow);
+			if (error)
+				return (error);
+			error = mac_mls_parse_element(
+			    &mac_mls_temp.mm_rangehigh, rangehigh);
+			if (error)
+				return (error);
+			mac_mls_temp.mm_flags |= MAC_MLS_FLAG_RANGE;
+		}
 
 		error = mac_mls_valid(&mac_mls_temp);
 		if (error)
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

