PERFORCE change 42242 for review

Andrew Reisse areisse at FreeBSD.org
Thu Nov 13 15:35:29 GMT 2003


http://perforce.freebsd.org/chv.cgi?CH=42242

Change 42242 by areisse at areisse_ibook on 2003/11/13 07:35:09

	added get_user_sids as a sebsd syscall (instead of sysctl)

Affected files ...

.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/init_sysent.c#7 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#27 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#11 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd_syscall.c#3 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd_syscalls.h#2 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd_sysctl.c#4 edit
.. //depot/projects/trustedbsd/sedarwin/libsebsd/Makefile#2 edit
.. //depot/projects/trustedbsd/sedarwin/libsebsd/sebsd.h#3 edit
.. //depot/projects/trustedbsd/sedarwin/libsebsd/security_get_user_contexts.c#2 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/init_sysent.c#7 (text+ko) ====

@@ -334,6 +334,7 @@
 int __mac_get_pid();
 int __mac_set_proc();
 int mac_execve();
+int mac_syscall();
 #endif
 
 /*
@@ -745,11 +746,11 @@
 	syss(__mac_get_link,2), /* 339 */
 	syss(__mac_get_proc,1),	/* 340 */
 	syss(__mac_set_proc,1),	/* 341 */
-	/*syss(mac_execve,4),	/* 342 */
-	syss(nosys,0),		/* 342 */
+	syss(mac_execve,4),	/* 342 */
 	syss(__mac_get_pid,2),	/* 343 */
 	syss(__mac_set_file,2),	/* 344 */
 	syss(__mac_set_link,2),	/* 345 */
+	syss(mac_syscall,3),	/* 346 */
 #else
 	syss(nosys,0),		/* 338 */
 	syss(nosys,0),		/* 339 */
@@ -759,8 +760,8 @@
 	syss(nosys,0),		/* 343 */
 	syss(nosys,0),		/* 344 */
 	syss(nosys,0),		/* 345 */
+	syss(nosys,0),		/* 346 */
 #endif
-	syss(nosys,0),		/* 346 */
 	syss(nosys,0),		/* 347 */
 	syss(nosys,0),		/* 348 */
 	syss(nosys,0),		/* 349 */

==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#27 (text+ko) ====

@@ -1562,6 +1562,7 @@
 	struct mac mac;
 	char *buffer;
 	int error;
+	size_t dummy;
 
 	if (mac_p == NULL)
 		return (0);
@@ -1575,7 +1576,7 @@
 		return (error);
 
 	buffer = _MALLOC(mac.m_buflen, M_MACTEMP, M_WAITOK);
-	error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL);
+	error = copyinstr(mac.m_string, buffer, mac.m_buflen, &dummy);
 	if (error) {
 		FREE(buffer, M_MACTEMP);
 		return (error);
@@ -4150,13 +4151,14 @@
 	struct mac_policy_conf *mpc;
 	char target[MAC_MAX_POLICY_NAME];
 	int entrycount, error;
+	size_t dummy;
 
-	error = copyinstr(uap->policy, target, sizeof(target), NULL);
+	error = copyinstr(uap->policy, target, sizeof(target), &dummy);
 	if (error)
 		return (error);
 
 	error = ENOSYS;
-	LIST_FOREACH(mpc, &mac_policy_list, mpc_list) {
+	LIST_FOREACH(mpc, &mac_static_policy_list, mpc_list) {
 		if (strcmp(mpc->mpc_name, target) == 0 &&
 		    mpc->mpc_ops->mpo_syscall != NULL) {
 			error = mpc->mpc_ops->mpo_syscall(td,

==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#11 (text+ko) ====

@@ -106,6 +106,9 @@
 
 void sebsd_ss_free (void *v)
 {
+  if (v == NULL)
+    return;
+
   size_t *vs = (size_t *) v;
   sebsd_free (vs-1, vs[-1]);
 }
@@ -196,7 +199,7 @@
 	    SECCLASS_SYSTEM, perm, NULL, NULL));
 }
 
-static int
+int
 cred_has_security(struct ucred *cred, access_vector_t perm)
 {
 	struct task_security_struct *task;
@@ -2099,6 +2102,8 @@
 	    FD__USE, NULL));
 }
 
+extern int sebsd_syscall(struct thread *td, int call, void *args);
+
 static struct mac_policy_ops sebsd_ops = {
   .mpo_init = sebsd_init,
 
@@ -2135,7 +2140,9 @@
 
   /* Transition */
   .mpo_execve_will_transition = sebsd_execve_will_transition,
-  .mpo_execve_transition = sebsd_execve_transition
+  .mpo_execve_transition = sebsd_execve_transition,
+
+  .mpo_syscall = sebsd_syscall
 };
 
 #if 0

==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd_syscall.c#3 (text+ko) ====

@@ -34,7 +34,6 @@
  * $FreeBSD$
  */
 
-#if 0
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/kernel.h>
@@ -47,6 +46,8 @@
 #include <security/sebsd/avc/avc.h>
 #include <security/sebsd/ss/services.h>
 
+#define MAX_UC 510
+
 struct lp_args
 {
 	void  *data;
@@ -54,11 +55,11 @@
 };
 
 static int
-sys_load_policy(struct thread *td, void *data, size_t len)
+sys_load_policy(struct proc *td, void *data, size_t len)
 {
 	int rc;
 	
-	rc = thread_has_security(td, SECURITY__LOAD_POLICY);
+	rc = cred_has_security(td->p_ucred, SECURITY__LOAD_POLICY);
 	if (rc)
 		return (rc);
 
@@ -73,8 +74,70 @@
 	return (rc);
 }
 
+/*
+ * Lists the SIDs currently available for transition to by a given
+ * "context\0username\0"
+ */
+
+static int
+sys_user_sids (char *context, char *username, char *out, int *outlen)
+{
+	u_int32_t n, nsids, scontext_len;
+	security_id_t *sids, sid;
+	security_context_t scontext;
+	int error;
+	int olen = 1;
+	int ubufsz;
+
+	if (copyin (outlen, &ubufsz, sizeof (int)))
+	  {
+	    error = EFAULT;
+	    goto out;
+	  }
+
+	/*
+	 * XXX We need POLICY_RDLOCK here, but it's not exported!
+	 */
+	error = security_context_to_sid(context, strlen (context), &sid);
+	if (error)
+		goto out;
+	error = security_get_user_sids(sid, username, &sids, &nsids);
+	if (error)
+		goto out;
+	for (n = 0; n < nsids; n++) {
+		error = security_sid_to_context(sids[n], &scontext,
+		    &scontext_len);
+		if (error)
+			goto out2;
+		if (out && olen + scontext_len <= ubufsz)
+		  {
+		    error = copyout (scontext, out, scontext_len);
+		    out += scontext_len;
+		  }
+		else if (out)
+		  error = ENOMEM;
+		olen += scontext_len;
+		security_free_context(scontext);
+		if (error)
+		  goto out2;
+	}
+	error = copyout (&olen, outlen, sizeof(int));
+out2:
+	sebsd_ss_free(sids);
+out:
+	return (error);
+}
+
+struct getsid_args
+{
+  char *ctx;
+  char *usr;
+  char *out;
+  int  *outlen;
+};
+
 int
-sebsd_syscall(struct thread *td, int call, void *args)
+sebsd_syscall(struct proc *td, int call, void *args)
 {
 	int err = EINVAL;
 	struct lp_args p;
@@ -85,6 +148,35 @@
 			return (EFAULT);
 		err = sys_load_policy (td, p.data, p.len);
 		break;
+
+	case SEBSDCALL_GETUSERSIDS:
+	  {
+	    struct getsid_args uap;
+	    err = copyin (args, &uap, sizeof (struct getsid_args));
+	    if (err)
+	      return err;
+	    size_t dummy;
+	    char *ctx = sebsd_ss_malloc (MAX_UC, M_WAITOK);
+	    err = copyinstr(uap.ctx, ctx, MAX_UC, &dummy);
+	    if (err) {
+	      sebsd_ss_free (ctx);
+	      return err;
+	    }
+	    char *usr = sebsd_ss_malloc (MAX_UC, M_WAITOK);
+	    err = copyinstr(uap.usr, usr, MAX_UC, &dummy);
+	    if (err) {
+	      sebsd_ss_free (ctx);
+	      sebsd_ss_free (usr);
+	      return err;
+	    }
+	    ctx[MAX_UC-1] = 0;
+	    usr[MAX_UC-1] = 0;
+	    err = sys_user_sids (ctx, usr, uap.out, uap.outlen);
+	    sebsd_ss_free (ctx);
+	    sebsd_ss_free (usr);
+	  }
+	  break;
+
 	default:
 		err = EINVAL;
 		break;
@@ -92,4 +184,3 @@
 
 	return err;
 }
-#endif /* 0 */

==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd_syscalls.h#2 (text+ko) ====

@@ -5,6 +5,7 @@
  * TBD: Should we really try to line up with SELinux?
  */
 #define SEBSDCALL_LOAD_POLICY		7
+#define SEBSDCALL_GETUSERSIDS		6
 
 #define SEBSDCALL_NUM			7
 

==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd_sysctl.c#4 (text+ko) ====

@@ -139,64 +139,6 @@
 }
 
 #if 0
-/*
- * Sysctl handler for security.mac.sebsd.user_sids
- * Lists the SIDs currently available for transition to by a given
- * "context\0username\0"
- */
-static int
-sysctl_user_sids(SYSCTL_HANDLER_ARGS)
-{
-	u_int32_t n, nsids, scontext_len;
-	security_id_t *sids, sid;
-	security_context_t scontext;
-	char *context, *username;
-	int error, len;
-
-	if (req->newlen == 0)
-		return (EINVAL);
-	if (req->newlen > 512)	/* arbitrary */
-		return (ENAMETOOLONG);
-	context = sebsd_malloc(req->newlen, M_SEBSD, M_WAITOK);
-	error = SYSCTL_IN(req, context, req->newlen); 
-	if (error)
-		goto out;
-	if (context[req->newlen - 1] != '\0') {
-		error = EINVAL;
-		goto out;
-	}
-	len = strlen(context);
-	if (len + 1 >= req->newlen) {
-		error = EINVAL;
-		goto out;
-	}
-	username = context + len + 1;
-	/*
-	 * XXX We need POLICY_RDLOCK here, but it's not exported!
-	 */
-	error = security_context_to_sid(context, len + 1, &sid);
-	if (error)
-		goto out;
-	error = security_get_user_sids(sid, username, &sids, &nsids);
-	if (error)
-		goto out;
-	for (n = 0; n < nsids; n++) {
-		error = security_sid_to_context(sids[n], &scontext,
-		    &scontext_len);
-		if (error)
-			goto out2;
-		error = SYSCTL_OUT(req, scontext, scontext_len);
-		security_free_context(scontext);
-		if (error)
-			goto out2;
-	}
-	error = SYSCTL_OUT(req, "", 1);
-out2:
-	sebsd_free(sids, M_SEBSD);
-out:
-	sebsd_free(context, M_SEBSD);
-	return (error);
-}
 
 /*
  * Sysctl handler for security.mac.sebsd.change_sid

==== //depot/projects/trustedbsd/sedarwin/libsebsd/Makefile#2 (text+ko) ====

@@ -1,13 +1,30 @@
 
 include ../Makeconfig
 
+all: libsebsd.a
+
 OBJS=	system.o security_get_user_contexts.o get_ordered_context_list.o \
 	getseccontext.o query_user_context.o security_change_context.o \
 	string_to_security_class.o security_compute_av.o context.o \
 	get_default_type.o
 
-CFLAGS+= -I$(EXPORT_HDRS)/security/sebsd
+CFLAGS+= -g -I$(EXPORT_HDRS)/security/sebsd
 
 libsebsd.a: $(OBJS)
 	ar cr $@ $(OBJS)
 	ranlib $@
+
+HDIR = /usr/include/security/sebsd
+HEADERS = $(HDIR)/sebsd.h $(HDIR)/sebsd_ss.h $(HDIR)/flask_types.h $(HDIR)/linux-compat.h $(HDIR)/sebsd_context.h $(HDIR)/sebsd_proc.h $(HDIR)/sebsd_fs.h $(HDIR)/flask.h $(HDIR)/sebsd_syscalls.h
+
+install: $(HDIR) $(HEADERS)
+
+$(HDIR):
+	mkdir -p $(HDIR)
+
+$(HDIR)/%.h: %.h
+	cp $< $@
+
+$(HDIR)/%.h: $(EXPORT_HDRS)/security/sebsd/%.h
+	cp $< $@
+

==== //depot/projects/trustedbsd/sedarwin/libsebsd/sebsd.h#3 (text+ko) ====

@@ -40,7 +40,7 @@
 #include <sys/types.h>
 
 #ifdef USE_PAM
-#include <security/pam_types.h>
+#include <pam/_pam_types.h>
 #endif
 
 #include "flask_types.h"
@@ -73,8 +73,8 @@
 	    char ***retcontexts, size_t *ncontexts);
 int security_change_context(const char *domain, const char *ocontext,
 	    security_class_t oclass, char **newcontext);
-int security_compute_av(struct security_query *query, 
-	    struct security_response *response);
+extern int security_compute_av(struct security_query *query, 
+			       struct security_response *response);
 
 
 

==== //depot/projects/trustedbsd/sedarwin/libsebsd/security_get_user_contexts.c#2 (text+ko) ====

@@ -43,6 +43,14 @@
 #include <string.h>
 #include <unistd.h>
 
+struct getsid_args
+{
+  char *ctx;
+  char *usr;
+  char *out;
+  int  *outlen;
+};
+
 /*
  * Get a malloc()ed array of malloc()ed strings which indicate the
  * allowed SEBSD transitions to be made by a given user in a given
@@ -52,29 +60,26 @@
 security_get_user_contexts(const char *fromcontext, const char *username,
     char ***retcontexts, size_t *ncontexts)
 {
-	char *arguments, *contexts, *s, **contextarray;
-	ssize_t arguments_len;
+	char *contexts, *s, **contextarray;
 	size_t contexts_len, n;
 	int error;
+	struct getsid_args uap;
 
-	arguments_len = asprintf(&arguments, "%s%c%s%c", fromcontext, 0,
-	    username, 0);
-	if (arguments_len == -1)
-		return (-1);
 bigger:
-	contexts_len = 0;
-	if (sysctlbyname("security.mac.sebsd.user_sids", NULL, &contexts_len,
-	    arguments, arguments_len) == -1) {
-		free(arguments);
-		return (-1);
-	}
+	uap.outlen = &contexts_len;
+	uap.ctx = fromcontext;
+	uap.usr = username;
+	uap.out = NULL;
+	if (mac_syscall ("sebsd", 6, &uap))
+	  {
+	    return (-1);
+	  }
 	contexts = malloc(contexts_len);
 	if (contexts == NULL) {
-		free(arguments);
 		return (-1);
 	}
-	error = sysctlbyname("security.mac.sebsd.user_sids", contexts,
-	    &contexts_len, arguments, arguments_len);
+	uap.out = contexts;
+	error = mac_syscall ("sebsd", 6, &uap);
 	/*
 	 * We could possibly race and not have a large enough space
 	 * for the current set of contexts.
@@ -83,7 +88,6 @@
 		free(contexts);
 		goto bigger;
 	}
-	free(arguments);
 	if (error == -1) {
 		free(contexts);
 		return (-1);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message



More information about the trustedbsd-cvs mailing list