PERFORCE change 34994 for review
Chris Vance
cvance at FreeBSD.org
Fri Jul 25 17:23:29 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=34994
Change 34994 by cvance at cvance_osx_laptop on 2003/07/25 10:22:57
Convince the TrustedBSD framework to at least build and boot
under an OSX 10.2.6 userspace environment. This required
crippling the framework a bit, and some user elements (airport
cards) don't appear to work quite right. Broad changes
include:
- using the appropriate Darwin MALLOC/FREE macros
- commenting out the new system calls
- ifdef'ing out the use of mbuf labels (the labels break
binary compatibility)
- previous commits added new routines needed by the framework:
strsep, condition variables, sbufs, etc.
Affected files ...
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#14 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#14 (text+ko) ====
@@ -53,6 +53,7 @@
#include <sys/sbuf.h>
#include <sys/systm.h>
#include <sys/vnode.h>
+#include <sys/vnode_if.h>
#include <sys/mbuf.h>
#include <sys/mount.h>
#include <sys/file.h>
@@ -60,6 +61,7 @@
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/sysctl.h>
+#include <sys/libkern.h>
#include <sys/mac_policy.h>
@@ -89,8 +91,11 @@
#define mtx_assert(x, y)
#define MA_OWNED
#define PROC_LOCK_ASSERT(x, y)
+#define M_ASSERTPKTHDR(x)
-SYSCTL_DECL(_security);
+#define ASSERT_VOP_LOCKED(vp,msg) \
+ if (vp && !VOP_ISLOCKED(vp)) \
+ Debugger("vnode lock violation.\n");
SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0,
"TrustedBSD MAC policy controls");
@@ -132,42 +137,42 @@
static int mac_labelmbufs = 0;
#endif
-static int mac_enforce_fs = 1;
+static int mac_enforce_fs = 0;
SYSCTL_INT(_security_mac, OID_AUTO, enforce_fs, CTLFLAG_RW,
&mac_enforce_fs, 0, "Enforce MAC policy on file system objects");
TUNABLE_INT("security.mac.enforce_fs", &mac_enforce_fs);
-static int mac_enforce_kld = 1;
+static int mac_enforce_kld = 0;
SYSCTL_INT(_security_mac, OID_AUTO, enforce_kld, CTLFLAG_RW,
&mac_enforce_kld, 0, "Enforce MAC policy on kld operations");
TUNABLE_INT("security.mac.enforce_kld", &mac_enforce_kld);
-static int mac_enforce_network = 1;
+static int mac_enforce_network = 0;
SYSCTL_INT(_security_mac, OID_AUTO, enforce_network, CTLFLAG_RW,
&mac_enforce_network, 0, "Enforce MAC policy on network packets");
TUNABLE_INT("security.mac.enforce_network", &mac_enforce_network);
-static int mac_enforce_pipe = 1;
+static int mac_enforce_pipe = 0;
SYSCTL_INT(_security_mac, OID_AUTO, enforce_pipe, CTLFLAG_RW,
&mac_enforce_pipe, 0, "Enforce MAC policy on pipe operations");
TUNABLE_INT("security.mac.enforce_pipe", &mac_enforce_pipe);
-static int mac_enforce_process = 1;
+static int mac_enforce_process = 0;
SYSCTL_INT(_security_mac, OID_AUTO, enforce_process, CTLFLAG_RW,
&mac_enforce_process, 0, "Enforce MAC policy on inter-process operations");
TUNABLE_INT("security.mac.enforce_process", &mac_enforce_process);
-static int mac_enforce_socket = 1;
+static int mac_enforce_socket = 0;
SYSCTL_INT(_security_mac, OID_AUTO, enforce_socket, CTLFLAG_RW,
&mac_enforce_socket, 0, "Enforce MAC policy on socket operations");
TUNABLE_INT("security.mac.enforce_socket", &mac_enforce_socket);
-static int mac_enforce_system = 1;
+static int mac_enforce_system = 0;
SYSCTL_INT(_security_mac, OID_AUTO, enforce_system, CTLFLAG_RW,
&mac_enforce_system, 0, "Enforce MAC policy on system operations");
TUNABLE_INT("security.mac.enforce_system", &mac_enforce_system);
-static int mac_enforce_vm = 1;
+static int mac_enforce_vm = 0;
SYSCTL_INT(_security_mac, OID_AUTO, enforce_vm, CTLFLAG_RW,
&mac_enforce_vm, 0, "Enforce MAC policy on vm operations");
TUNABLE_INT("security.mac.enforce_vm", &mac_enforce_vm);
@@ -176,7 +181,7 @@
SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation, CTLFLAG_RW,
&mac_mmap_revocation, 0, "Revoke mmap access to files on subject "
"relabel");
-static int mac_mmap_revocation_via_cow = 1;
+static int mac_mmap_revocation_via_cow = 0;
SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation_via_cow, CTLFLAG_RW,
&mac_mmap_revocation_via_cow, 0, "Revoke mmap access to files via "
"copy-on-write semantics, or by removing all write access");
@@ -751,8 +756,9 @@
tag = m_tag_find(mbuf, PACKET_TAG_MACLABEL, NULL);
label = (struct label *)(tag+1);
#endif
+#ifdef NO_MBUF
label = &mbuf->m_pkthdr.label;
-
+#endif
return (label);
}
@@ -907,12 +913,14 @@
}
#endif
#else
+#ifdef NO_MBUF
mac_init_label(&m->m_pkthdr.label);
MAC_CHECK(init_mbuf_label, &m->m_pkthdr.label, flag);
if (error) {
MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label);
- mac_destroy(&m->m_pkthdr.label);
+ mac_destroy_label(&m->m_pkthdr.label);
}
+#endif /* NO_MBUF */
#ifdef MAC_DEBUG
if (error == 0)
atomic_add_int(&nmacmbufs, 1);
@@ -951,7 +959,8 @@
{
struct label *label;
- label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK);
+ MALLOC(label, struct label *,
+ sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK);
pipe->pipe_label = label;
pipe->pipe_peer->pipe_label = label;
mac_init_pipe_label(label);
@@ -1115,8 +1124,10 @@
mac_destroy_mbuf(struct mbuf *m)
{
+#ifdef NO_MBUF
MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label);
mac_destroy_label(&m->m_pkthdr.label);
+#endif /* NO_MBUF */
#ifdef MAC_DEBUG
atomic_subtract_int(&nmacmbufs, 1);
#endif
@@ -1152,7 +1163,7 @@
{
mac_destroy_pipe_label(pipe->pipe_label);
- free(pipe->pipe_label, M_MACPIPELABEL);
+ FREE(pipe->pipe_label, M_MACPIPELABEL);
}
#endif
@@ -1216,7 +1227,9 @@
mac_copy_mbuf(struct mbuf *src, struct mbuf *dst)
{
+#ifdef NO_MBUF
MAC_PERFORM(copy_mbuf_label, &src->m_pkthdr.label, &dst->m_pkthdr.label);
+#endif /* NO_MBUF */
}
#if 0
@@ -1449,6 +1462,7 @@
&vp->v_label);
}
+#if 0
int
mac_create_vnode_extattr(struct ucred *cred, struct mount *mp,
struct vnode *dvp, struct vnode *vp, struct componentname *cnp)
@@ -1519,7 +1533,6 @@
return (error);
}
-#if 0
int
mac_execve_enter(struct image_params *imgp, struct mac *mac_p,
struct label *execlabelstorage)
@@ -1542,13 +1555,13 @@
buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL);
if (error) {
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
return (error);
}
mac_init_cred_label(execlabelstorage);
error = mac_internalize_cred_label(execlabelstorage, buffer);
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
if (error) {
mac_destroy_cred_label(execlabelstorage);
return (error);
@@ -3085,21 +3098,21 @@
if (error)
return (error);
- elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(elements, char *, mac.m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL);
if (error) {
- free(elements, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
- buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
+ MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
error = mac_externalize_ifnet_label(&ifnet->if_label, elements,
buffer, mac.m_buflen, M_WAITOK);
if (error == 0)
error = copyout(buffer, mac.m_string, strlen(buffer)+1);
- free(buffer, M_MACTEMP);
- free(elements, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
@@ -3121,16 +3134,16 @@
if (error)
return (error);
- buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL);
if (error) {
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
return (error);
}
mac_init_ifnet_label(&intlabel);
error = mac_internalize_ifnet_label(&intlabel, buffer);
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
if (error) {
mac_destroy_ifnet_label(&intlabel);
return (error);
@@ -3141,7 +3154,10 @@
* policies impose this check themselves if required by the
* policy. Eventually, this should go away.
*/
- error = suser_cred(cred, 0);
+ /*
+ * Since it doesn't compile on Darwin...
+ * error = suser_cred(cred, 0);
+ */
if (error) {
mac_destroy_ifnet_label(&intlabel);
return (error);
@@ -3201,16 +3217,16 @@
if (error)
return (error);
- buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(buffer, char *, mac->m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac->m_string, buffer, mac->m_buflen, NULL);
if (error) {
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
return (error);
}
mac_init_socket_label(&intlabel, M_WAITOK);
error = mac_internalize_socket_label(&intlabel, buffer);
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
if (error) {
mac_destroy_socket_label(&intlabel);
return (error);
@@ -3257,21 +3273,21 @@
if (error)
return (error);
- elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(elements, char *, mac->m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL);
if (error) {
- free(elements, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
- buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
+ MALLOC(buffer, char *, mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
error = mac_externalize_socket_label(&so->so_label, elements,
buffer, mac->m_buflen, M_WAITOK);
if (error == 0)
error = copyout(buffer, mac->m_string, strlen(buffer)+1);
- free(buffer, M_MACTEMP);
- free(elements, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
@@ -3287,25 +3303,26 @@
if (error)
return (error);
- elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(elements, char *, mac->m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL);
if (error) {
- free(elements, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
- buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
+ MALLOC(buffer, char *, mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
error = mac_externalize_socket_peer_label(&so->so_peerlabel,
elements, buffer, mac->m_buflen, M_WAITOK);
if (error == 0)
error = copyout(buffer, mac->m_string, strlen(buffer)+1);
- free(buffer, M_MACTEMP);
- free(elements, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
+#if 0 /* TBD/CDV */
/*
* Implementation of VOP_SETLABEL() that relies on extended attributes
* to store label data. Can be referenced by filesystems supporting
@@ -3404,22 +3421,22 @@
if (error)
return (error);
- elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(elements, char *, mac.m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL);
if (error) {
- free(elements, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
crfree(tcred);
return (error);
}
- buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
+ MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
error = mac_externalize_cred_label(&tcred->cr_label, elements,
buffer, mac.m_buflen, M_WAITOK);
if (error == 0)
error = copyout(buffer, mac.m_string, strlen(buffer)+1);
- free(buffer, M_MACTEMP);
- free(elements, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
crfree(tcred);
return (error);
}
@@ -3442,21 +3459,21 @@
if (error)
return (error);
- elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(elements, char *, mac.m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL);
if (error) {
- free(elements, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
- buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
+ MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
error = mac_externalize_cred_label(&td->td_ucred->cr_label,
elements, buffer, mac.m_buflen, M_WAITOK);
if (error == 0)
error = copyout(buffer, mac.m_string, strlen(buffer)+1);
- free(buffer, M_MACTEMP);
- free(elements, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
@@ -3481,16 +3498,16 @@
if (error)
return (error);
- buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL);
if (error) {
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
return (error);
}
mac_init_cred_label(&intlabel);
error = mac_internalize_cred_label(&intlabel, buffer);
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
if (error) {
mac_destroy_cred_label(&intlabel);
return (error);
@@ -3562,14 +3579,14 @@
if (error)
return (error);
- elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(elements, char *, mac.m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL);
if (error) {
- free(elements, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
- buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
+ MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
#if 0
mutex_lock(&Giant); /* VFS */ /* XXX FUNNEL? */
#endif
@@ -3638,8 +3655,8 @@
#if 0
mutex_unlock(&Giant); /* VFS */ /* XXX FUNNEL? */
#endif
- free(buffer, M_MACTEMP);
- free(elements, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
@@ -3664,14 +3681,14 @@
if (error)
return (error);
- elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(elements, char *, mac.m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL);
if (error) {
- free(elements, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
- buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
+ MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
#if 0
mutex_lock(&Giant); /* VFS */ /* XXX FUNNEL? */
#endif
@@ -3697,8 +3714,8 @@
mutex_unlock(&Giant); /* VFS */ /* XXX FUNNEL? */
#endif
- free(buffer, M_MACTEMP);
- free(elements, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
@@ -3723,14 +3740,14 @@
if (error)
return (error);
- elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(elements, char *, mac.m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL);
if (error) {
- free(elements, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
- buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
+ MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
#if 0
mutex_lock(&Giant); /* VFS */ /* XXX FUNNEL? */
#endif
@@ -3755,8 +3772,8 @@
mutex_unlock(&Giant); /* VFS */ /* XXX FUNNEL? */
#endif
- free(buffer, M_MACTEMP);
- free(elements, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
+ FREE(elements, M_MACTEMP);
return (error);
}
@@ -3786,10 +3803,10 @@
if (error)
return (error);
- buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL);
if (error) {
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
return (error);
}
@@ -3854,7 +3871,7 @@
mutex_unlock(&Giant); /* VFS */ /* XXX FUNNEL? */
#endif
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
return (error);
}
@@ -3880,16 +3897,16 @@
if (error)
return (error);
- buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL);
if (error) {
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
return (error);
}
mac_init_vnode_label(&intlabel);
error = mac_internalize_vnode_label(&intlabel, buffer);
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
if (error) {
mac_destroy_vnode_label(&intlabel);
return (error);
@@ -3940,16 +3957,16 @@
if (error)
return (error);
- buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
+ MALLOC(buffer, char *, mac.m_buflen, M_MACTEMP, M_WAITOK);
error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL);
if (error) {
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
return (error);
}
mac_init_vnode_label(&intlabel);
error = mac_internalize_vnode_label(&intlabel, buffer);
- free(buffer, M_MACTEMP);
+ FREE(buffer, M_MACTEMP);
if (error) {
mac_destroy_vnode_label(&intlabel);
return (error);
@@ -4017,12 +4034,14 @@
out:
return (error);
}
+#endif /* !0 TBD/CDV*/
SYSINIT(mac, SI_SUB_MAC, SI_ORDER_FIRST, mac_init, NULL);
SYSINIT(mac_late, SI_SUB_MAC_LATE, SI_ORDER_FIRST, mac_late_init, NULL);
#else /* !MAC */
+#if 0 /* TBD/CDV*/
int
__mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap)
{
@@ -4047,7 +4066,7 @@
int
__mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap)
{
-
+>
return (ENOSYS);
}
@@ -4092,5 +4111,6 @@
return (ENOSYS);
}
+#endif /* !0 TBD/CDV*/
#endif /* !MAC */
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list