PERFORCE change 87602 for review

Todd Miller millert at FreeBSD.org
Thu Dec 1 21:17:50 GMT 2005


http://perforce.freebsd.org/chv.cgi?CH=87602

Change 87602 by millert at millert_g4tower on 2005/12/01 21:17:10

	Update login context code from DSEP and implement
	sebsd_check_proc_setlcid() for SEDarwin.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/darwin/Makefile#5 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/libmac/mac_get.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/libmac/mac_set.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/mac_cmds/Makefile#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/mac_cmds/getlcmac/Makefile#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/mac_cmds/getlcmac/getlcmac.8#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/mac_cmds/getlcmac/getlcmac.c#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/mac_cmds/lcs/Makefile#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/mac_cmds/lcs/lcs.8#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/mac_cmds/lcs/lcs.c#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/mac_cmds/setlcmac/Makefile#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/mac_cmds/setlcmac/setlcmac.8#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/mac_cmds/setlcmac/setlcmac.c#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam/pam.d/login#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam/pam.d/sshd#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/PAMModule.defs#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_lctx/GNUmakefile#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_lctx/Makefile#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_lctx/lctx.c#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_lctx/pam_lctx.8#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/pam_lctx/pam_lctx.c#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/init_sysent.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/kern_bsm_klib.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/kern_exit.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/kern_fork.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/kern_proc.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/kern_prot.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/kern_sysctl.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/syscalls.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/sysctl_init.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/Makefile#4 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/lctx.h#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/mac.h#5 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/mac_policy.h#11 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/proc.h#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/syscall.h#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/sysctl.h#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/security/mac_base.c#6 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/security/mac_internal.h#5 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/security/mac_process.c#3 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#23 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/Makefile#5 (text+ko) ====

@@ -19,6 +19,7 @@
 	cd mach_cmds && gnumake
 	cd top && make
 	cd bsm/bsm/lib && gnumake
+	cd pam_modules/pam_lctx && gnumake
 	cd system_cmds/mach_init.tproj && gnumake
 
 install:
@@ -38,6 +39,7 @@
 	cd mach_cmds && gnumake install
 	cd top && make install
 	cd bsm/bsm/lib && gnumake install
+	cd pam_modules/pam_lctx && gnumake DSTROOT=$(DESTDIR) install
 	cd system_cmds/mach_init.tproj && gnumake install
 
 clean:
@@ -57,6 +59,6 @@
 	cd mach_cmds && gnumake clean
 	cd top && make clean
 	cd bsm/bsm/lib && gnumake clean
+	cd pam_modules/pam_lctx && gnumake clean
 	cd system_cmds/mach_init.tproj && gnumake clean
 	rm -rf build/obj
-

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/libmac/mac_get.c#3 (text+ko) ====

@@ -52,6 +52,20 @@
 }
 
 int
+mac_get_lcid(pid_t lcid, struct mac *label)
+{
+
+	return (syscall(SYS___mac_get_lcid, lcid, label));
+}
+
+int
+mac_get_lctx(struct mac *label)
+{
+
+	return (syscall(SYS___mac_get_lctx, label));
+}
+
+int
 mac_get_link(const char *path, struct mac *label)
 {
 

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/libmac/mac_set.c#3 (text+ko) ====

@@ -51,6 +51,13 @@
 }
 
 int
+mac_set_lctx(struct mac *label)
+{
+
+       return (syscall(SYS___mac_set_lctx, label));
+}
+
+int
 mac_set_link(const char *path, struct mac *label)
 {
 

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/mac_cmds/Makefile#3 (text+ko) ====

@@ -1,22 +1,27 @@
 include ../../Makeconfig
 
+SUBDIR=	getfmac getlcmac getpmac mexec setfsmac setlcmac setpmac lcs
+
 all:
-	cd getfmac && gnumake
-	cd getpmac && gnumake
-	cd mexec && gnumake
-	cd setfsmac && gnumake
-	cd setpmac && gnumake
+	@for dir in $(SUBDIR); do \
+		gnumake -C $$dir ; \
+		if [ $$? -ne 0 ] ; then \
+			exit 1 ; \
+		fi ; \
+	done
 
 install:
-	cd getfmac && gnumake install
-	cd getpmac && gnumake install
-	cd mexec && gnumake install
-	cd setfsmac && gnumake install
-	cd setpmac && gnumake install
+	@for dir in $(SUBDIR); do \
+		gnumake -C $$dir install ; \
+		if [ $$? -ne 0 ] ; then \
+			exit 1 ; \
+		fi ; \
+	done
 
 clean:
-	cd getfmac && gnumake clean
-	cd getpmac && gnumake clean
-	cd mexec && gnumake clean
-	cd setfsmac && gnumake clean
-	cd setpmac && gnumake clean
+	@for dir in $(SUBDIR); do \
+		gnumake -C $$dir clean ; \
+		if [ $$? -ne 0 ] ; then \
+			exit 1 ; \
+		fi ; \
+	done

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/pam/pam.d/login#3 (text+ko) ====

@@ -6,3 +6,4 @@
 account    required       pam_permit.so
 password   required       pam_deny.so
 session    required       pam_uwtmp.so
+session    required       pam_lctx.so

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/pam/pam.d/sshd#3 (text+ko) ====

@@ -6,3 +6,4 @@
 account    required       pam_permit.so
 password   required       pam_deny.so
 session    required       pam_permit.so
+session    required       pam_lctx.so

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/pam_modules/PAMModule.defs#3 (text+ko) ====

@@ -24,8 +24,8 @@
 Sources = .
 endif
 
-Extra_CC_Flags += -Ddarwin -no-cpp-precomp -Wall -I/usr/include/pam -arch i386 -arch ppc
-Extra_LD_Libraries += -lpam -arch i386 -arch ppc
+Extra_CC_Flags += -Ddarwin -no-cpp-precomp -Wall -I/usr/include/pam -arch ppc
+Extra_LD_Libraries += -lpam -arch ppc
 
 include $(CoreOSMakefiles)/Standard/Standard.make
 

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/init_sysent.c#3 (text+ko) ====

@@ -378,6 +378,9 @@
 
 int getlcid();
 int setlcid();
+int __mac_get_lcid();
+int __mac_get_lctx();
+int __mac_set_lctx();
 
 /*
  * System call switch table.
@@ -907,6 +910,9 @@
 
 	syss(getlcid,1),	/* 404 = getlcid */
 	sysp(setlcid,2),	/* 405 = setlcid */
+	syss(__mac_get_lcid,2),	/* 406 = __mac_get_lcid */
+	syss(__mac_get_lctx,1),	/* 407 = __mac_get_lctx */
+	syss(__mac_set_lctx,1),	/* 408 = __mac_set_lctx */
 /*
  * N.B.
  * The argument count numbers in this table are actually

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/kern_bsm_klib.c#3 (text+ko) ====

@@ -468,7 +468,11 @@
 	 * XXXMAC We may wish to add audit to these later
 	 */
 	AUE_NULL,			/* 404 = getlcid */
-	AUE_NULL			/* 405 = setlcid */
+	AUE_NULL,			/* 405 = setlcid */
+	AUE_NULL,			/* 406 = __mac_get_lcid */
+	AUE_NULL,			/* 407 = __mac_get_lctx */
+	AUE_NULL,			/* 408 = __mac_set_lctx */
+
 };
 int	nsys_au_event = sizeof(sys_au_event) / sizeof(sys_au_event[0]);
 

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/kern_exit.c#3 (text+ko) ====

@@ -669,6 +669,12 @@
 				wakeup(&p->p_stat);
 				return (0);
 			}
+#ifdef LCTX
+			PROC_LOCK(p);
+			leavelctx(p);
+			PROC_UNLOCK(p);
+#endif
+
 			p->p_xstat = 0;
 			if (p->p_ru) {
 				ruadd(&q->p_stats->p_cru, p->p_ru);
@@ -715,9 +721,7 @@
 			 * Unlink it from its process group and free it.
 			 */
 			leavepgrp(p);
-#ifdef LCTX
-			leavelctx(p);
-#endif
+
 			LIST_REMOVE(p, p_list);	/* off zombproc */
 			LIST_REMOVE(p, p_sibling);
 			p->p_flag &= ~P_WAITING;

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/kern_fork.c#3 (text+ko) ====

@@ -582,8 +582,8 @@
 	p2->p_lctx = NULL;
 	/* Add new process to login context (if any). */
 	if (p1->p_lctx != NULL) {
-		p2->p_lctx = p1->p_lctx;
-		LIST_INSERT_AFTER(p1, p2, p_lclist);
+		LCTX_LOCK(p1->p_lctx);
+		enterlctx(p2, p1->p_lctx, 0);
 	}
 #endif
 

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/kern_proc.c#3 (text+ko) ====

@@ -81,10 +81,12 @@
 #include <ufs/ufs/quota.h>
 #include <sys/uio.h>
 #include <sys/malloc.h>
+#include <sys/mac.h>
 #include <sys/mbuf.h>
 #include <sys/ioctl.h>
 #include <sys/tty.h>
 #include <sys/signalvar.h>
+#include <sys/sysctl.h>
 #include <sys/syslog.h>
 
 /*
@@ -110,7 +112,11 @@
 struct proclist zombproc;
 
 #ifdef LCTX
-static pid_t lastlcid = 1;
+static pid_t	lastlcid = 1;
+static int	alllctx_cnt;
+
+#define	LCID_MAX	8192	/* Does this really need to be large? */
+static int	maxlcid = LCID_MAX;
 
 LIST_HEAD(lctxlist, lctx);
 static struct lctxlist alllctx;
@@ -132,6 +138,7 @@
 	LIST_INIT(&zombproc);
 #ifdef LCTX
 	LIST_INIT(&alllctx);
+	alllctx_cnt = 0;
 #endif
 	pidhashtbl = hashinit(maxproc / 4, M_PROC, &pidhash);
 	pgrphashtbl = hashinit(maxproc / 4, M_PROC, &pgrphash);
@@ -260,34 +267,76 @@
 struct lctx *
 lcfind(pid_t lcid)
 {
-	struct lctx *lc;
+	struct lctx *l;
 
-	LIST_FOREACH(lc, &alllctx, lc_list)
-		if (lc->lc_id == lcid)
+	ALLLCTX_LOCK;
+	LIST_FOREACH(l, &alllctx, lc_list) {
+		if (l->lc_id == lcid) {
+			LCTX_LOCK(l);
 			break;
-	return (lc);
+		}
+	}
+	ALLLCTX_UNLOCK;
+	return (l);
 }
 
-#define	LCID_MAX	8192	/* Does this really need to be large? */
+#define	LCID_INC				\
+	do {					\
+		lastlcid++;			\
+		if (lastlcid > maxlcid)	\
+			lastlcid = 1;		\
+	} while (0)				\
+
 struct lctx *
 lccreate(void)
 {
-	struct lctx *lc;
+	struct lctx *l;
 
 	/* Not very efficient but this isn't a common operation. */
-	while ((lc = lcfind(lastlcid)) != NULL) {
-		lastlcid++;
-		if (lastlcid > LCID_MAX)
-			lastlcid = 1;
+	while ((l = lcfind(lastlcid)) != NULL) {
+		LCTX_UNLOCK(l);
+		LCID_INC;
 	}
 	/* Possible race condition with lastlcid here? */
 
-	MALLOC(lc, struct lctx *, sizeof(struct lctx), M_LCTX, M_WAITOK|M_ZERO);
-	lc->lc_id = lastlcid;
-	lastlcid++;
-	LIST_INIT(&lc->lc_members);
-	LIST_INSERT_HEAD(&alllctx, lc, lc_list);
-	return (lc);
+	MALLOC(l, struct lctx *, sizeof(struct lctx), M_LCTX, M_WAITOK|M_ZERO);
+	l->lc_id = lastlcid;
+	LCID_INC;
+	LIST_INIT(&l->lc_members);
+#ifdef MAC
+	l->lc_label = mac_lctx_label_alloc();
+#endif
+	ALLLCTX_LOCK;
+	LIST_INSERT_HEAD(&alllctx, l, lc_list);
+	alllctx_cnt++;
+	ALLLCTX_UNLOCK;
+
+	return (l);
+}
+
+/*
+ * Call with proc and lctx locked.
+ * Will unlock lctx on return.
+ */
+void
+enterlctx (struct proc *p, struct lctx *l, int create)
+{
+	if (l == NULL)
+		return;
+
+	p->p_lctx = l;
+	LIST_INSERT_HEAD(&l->lc_members, p, p_lclist);
+	l->lc_mc++;
+
+#ifdef MAC
+	if (create)
+		mac_proc_create_lctx(p, l);
+	else
+		mac_proc_join_lctx(p, l);
+#endif
+	LCTX_UNLOCK(l);
+
+	return;
 }
 
 /*
@@ -296,15 +345,32 @@
 void
 leavelctx (struct proc *p)
 {
+	struct lctx *l;
+
 	if (p->p_lctx == NULL)
 		return;
 
+	LCTX_LOCK(p->p_lctx);
+	l = p->p_lctx;
+	p->p_lctx = NULL;
 	LIST_REMOVE(p, p_lclist);
-	if (LIST_EMPTY(&p->p_lctx->lc_members)) {
-		LIST_REMOVE(p->p_lctx, lc_list);
-		FREE(p->p_lctx, M_LCTX);
-	}
-	p->p_lctx = NULL;
+	l->lc_mc--;
+#ifdef MAC
+	mac_proc_leave_lctx(p, l);
+#endif
+	if (LIST_EMPTY(&l->lc_members)) {
+		ALLLCTX_LOCK;
+		LIST_REMOVE(l, lc_list);
+		alllctx_cnt--;
+		ALLLCTX_UNLOCK;
+		LCTX_UNLOCK(l);
+#ifdef MAC
+		mac_lctx_label_free(l->lc_label);
+#endif
+		FREE(l, M_LCTX);
+	} else
+		LCTX_UNLOCK(l);
+
 	return;
 }
 #endif	/* LCTX */
@@ -605,3 +671,79 @@
 	FREE(temp, M_TEMP);
 	return (NULL);
 }
+
+#ifdef LCTX
+
+static int
+sysctl_kern_lctx SYSCTL_HANDLER_ARGS
+{
+	int *name = (int*) arg1;
+	u_int namelen = arg2;
+	struct kinfo_lctx kil;
+	struct lctx *l;
+	int error;
+
+	error = 0;
+
+	switch (oidp->oid_number) {
+	case KERN_LCTX_ALL:
+		ALLLCTX_LOCK;
+		/* Request for size. */
+		if (!req->oldptr) {
+			error = SYSCTL_OUT(req, 0,
+				sizeof(struct kinfo_lctx) * (alllctx_cnt + 1));
+			goto out;
+		}
+		break;
+
+	case KERN_LCTX_LCID:
+		/* No space */
+		if (req->oldlen < sizeof(struct kinfo_lctx))
+			return (ENOMEM);
+		/* No argument */
+		if (namelen != 1)
+			return (EINVAL);
+		/* No login context */
+		l = lcfind((pid_t)name[0]);
+		if (l == NULL)
+			return (ENOENT);
+		kil.id = l->lc_id;
+		kil.mc = l->lc_mc;
+		LCTX_UNLOCK(l);
+		return (SYSCTL_OUT(req, (caddr_t)&kil, sizeof(kil)));
+
+	default:
+		return (EINVAL);
+	}
+
+	/* Provided buffer is too small. */
+	if (req->oldlen < (sizeof(struct kinfo_lctx) * alllctx_cnt)) {
+		error = ENOMEM;
+		goto out;
+	}
+
+	LIST_FOREACH(l, &alllctx, lc_list) {
+		LCTX_LOCK(l);
+		kil.id = l->lc_id;
+		kil.mc = l->lc_mc;
+		LCTX_UNLOCK(l);
+		error = SYSCTL_OUT(req, (caddr_t)&kil, sizeof(kil));
+		if (error)
+			break;
+	}
+out:
+	ALLLCTX_UNLOCK;
+
+	return (error);
+}
+SYSCTL_NODE(_kern, KERN_LCTX, lctx, CTLFLAG_RD, 0, "Login Context");
+SYSCTL_PROC(_kern_lctx, KERN_LCTX_ALL, all, CTLFLAG_RD|CTLTYPE_STRUCT,
+	    0, 0, sysctl_kern_lctx, "S,lctx",
+	    "Return entire login context table");
+SYSCTL_NODE(_kern_lctx, KERN_LCTX_LCID, lcid, CTLFLAG_RD,
+	    sysctl_kern_lctx, "Login Context Table");
+SYSCTL_INT(_kern_lctx, OID_AUTO, last,  CTLFLAG_RD, &lastlcid, 0, ""); 
+SYSCTL_INT(_kern_lctx, OID_AUTO, count, CTLFLAG_RD, &alllctx_cnt, 0, "");
+SYSCTL_INT(_kern_lctx, OID_AUTO, max, CTLFLAG_RW, &maxlcid, 0, "");
+
+#endif	/* LCTX */

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/kern_prot.c#3 (text+ko) ====

@@ -86,6 +86,7 @@
 #include <sys/malloc.h>
 
 #include <bsm/audit_kernel.h>
+#include <sys/lctx.h>
 #include <sys/mac.h>
 
 #include <sys/mount.h>
@@ -140,10 +141,6 @@
 
 #ifdef LCTX
 
-#define	LCID_PROC_SELF	(0)
-#define	LCID_REMOVE	(-1)
-#define	LCID_CREATE	(0)
-
 /*
  * Set Login Context ID
  */
@@ -158,40 +155,53 @@
  */
 /* ARGSUSED */
 int
-setlcid(struct proc *td, struct setlcid_args *uap, register_t *retval)
+setlcid(struct proc *p0, struct setlcid_args *uap, register_t *retval)
 {
 	struct proc *p;
-	struct lctx *lc;
-
-	/* XXXMAC: need check here? */
+	struct lctx *l;
+	int error;
 
 	if (uap->pid == LCID_PROC_SELF) {	/* Create/Join/Leave */
-		p = td;
+		p = p0;
+		PROC_LOCK(p);
 	} else {				/* Adopt/Orphan */
 		p = pfind(uap->pid);
 		if (p == NULL)
 			return (ESRCH);
 
 #if 0	/* XXX: we probably need the Darwin version of this... */
-		if (p_cansee(td, p))
+		if (p_cansee(p0, p)) {
+			PROC_UNLOCK(p);
 			return (EPERM);
+		}
 #endif
 	}
 
+#ifdef MAC
+	error = mac_check_proc_setlcid(p0, p, uap->pid, uap->lcid);
+	if (error) {
+		PROC_UNLOCK(p);
+		return (error);
+	}
+#endif
+
 	switch (uap->lcid) {
 	/* Leave/Orphan */
 	case LCID_REMOVE:
 
-		/* XXXMAC: need check here? */
 		/* Only root may Leave/Orphan. */
-		if (!is_suser1())
+		if (!is_suser1()) {
+			PROC_UNLOCK(p);
 			return (EPERM);
+		}
 
 		/* Process not in login context. */
-		if (p->p_lctx == NULL)
+		if (p->p_lctx == NULL) {
+			PROC_UNLOCK(p);
 			return (ENOATTR);
+		}
 
-		lc = NULL;
+		l = NULL;
 
 		break;
 
@@ -199,42 +209,48 @@
 	case LCID_CREATE:
 
 		/* Create only valid for self! */
-		if (uap->pid != 0)
+		if (uap->pid != LCID_PROC_SELF) {
+			PROC_UNLOCK(p);
 			return (EPERM);
+		}
 
 		/* Already in a login context. */
-		if (p->p_lctx != NULL)
+		if (p->p_lctx != NULL) {
+			PROC_UNLOCK(p);
 			return (EPERM);
+		}
 
-		lc = lccreate();
-		if (lc == NULL)
+		l = lccreate();
+		if (l == NULL) {
+			PROC_UNLOCK(p);
 			return (ENOMEM);
+		}
+		LCTX_LOCK(l);
 
 		break;
 
 	/* Join/Adopt */
 	default:
 
-		/* XXXMAC: need check here? */
 		/* Only root may Join/Adopt. */
-		if (!is_suser1())
+		if (!is_suser1()) {
+			PROC_UNLOCK(p);
 			return (EPERM);
+		}
 
-		lc = lcfind(uap->lcid);
-		if (lc == NULL)
+		l = lcfind(uap->lcid);
+		if (l == NULL) {
+			PROC_UNLOCK(p);
 			return (ENOATTR);
+		}
 
 		break;
 	}
 
 	leavelctx(p);
+	enterlctx(p, l, (uap->lcid == LCID_CREATE) ? 1 : 0);
 
-	/* Add process to login context. */
-	if (lc != NULL) {
-		p->p_lctx = lc;
-		LIST_INSERT_HEAD(&lc->lc_members, p, p_lclist);
-	}
-
+	PROC_UNLOCK(p);
 	return (0);
 }
 
@@ -251,26 +267,37 @@
  */
 /* ARGSUSED */
 int
-getlcid(struct proc *td, struct getlcid_args *uap, register_t *retval)
+getlcid(struct proc *p0, struct getlcid_args *uap, register_t *retval)
 {
 	struct proc *p;
+	int error;
 
-	/* XXXMAC: need check here? */
-
-	if (uap->pid == 0) {
-		p = td;
+	if (uap->pid == LCID_PROC_SELF) {
+		p = p0;
+		PROC_LOCK(p);
 	} else {
 		p = pfind(uap->pid);
 		if (p == NULL)
 			return (ESRCH);
 #if 0	/* XXX: we probably need the Darwin version of this... */
-		if (p_cansee(td, p))
+		if (p_cansee(p0, p)) {
+			PROC_UNLOCK(p);
 			return (EPERM);
+		}
 #endif
 	}
+#ifdef MAC
+	error = mac_check_proc_getlcid(p0, p, uap->pid);
+	if (error) {
+		PROC_UNLOCK(p);
+		return (error);
+	}
+#endif
 	if (p->p_lctx == NULL)
 		return (ENOATTR);
 	*retval = p->p_lctx->lc_id;
+
+	PROC_UNLOCK(p);
 	return (0);
 }
 #endif	/* LCTX */

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/kern_sysctl.c#3 (text+ko) ====

@@ -501,7 +501,8 @@
 			|| name[0] == KERN_SYSV
 			|| name[0] == KERN_AFFINITY
 			|| name[0] == KERN_CLASSIC
-			|| name[0] == KERN_PANICINFO)
+			|| name[0] == KERN_PANICINFO
+			|| name[0] == KERN_LCTX)
 		)
 		return (ENOTDIR);		/* overloaded */
 
@@ -1483,7 +1484,6 @@
 	return (0);
 }
 
-
 /*
  * Validate parameters and get old / set new parameters
  * for max number of concurrent aio requests.  Makes sure

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/syscalls.c#3 (text+ko) ====

@@ -441,5 +441,8 @@
 	"__mac_set_fd",		/* 402 = __mac_set_fd */
 	"__mac_get_pid",	/* 403 = __mac_get_pid */
 	"getlcid",		/* 404 = getlcid */
-	"setlcid"		/* 405 = setlcid */
+	"setlcid",		/* 405 = setlcid */
+	"__mac_get_lcid",	/* 406 = __mac_get_lcid */
+	"__mac_get_lctx",	/* 407 = __mac_get_lctx */
+	"__mac_set_lctx",	/* 408 = __mac_set_lctx */
 };

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/kern/sysctl_init.c#3 (text+ko) ====

@@ -99,6 +99,13 @@
 extern struct sysctl_oid sysctl__kern_ipc_sosendminchain;
 extern struct sysctl_oid sysctl__kern_ipc_sorecvmincopy;
 extern struct sysctl_oid sysctl__kern_ipc_maxsockets;
+
+extern struct sysctl_oid sysctl__kern_lctx_all;
+extern struct sysctl_oid sysctl__kern_lctx_lcid;
+extern struct sysctl_oid sysctl__kern_lctx_last;
+extern struct sysctl_oid sysctl__kern_lctx_count;
+extern struct sysctl_oid sysctl__kern_lctx_max;
+
 extern struct sysctl_oid sysctl__net_inet_icmp_icmplim;
 extern struct sysctl_oid sysctl__net_inet_icmp_maskrepl;
 extern struct sysctl_oid sysctl__net_inet_icmp_timestamp;
@@ -270,6 +277,7 @@
 
 extern struct sysctl_oid sysctl__kern_ipc;
 extern struct sysctl_oid sysctl__kern_sysv;
+extern struct sysctl_oid sysctl__kern_lctx;
 
 extern struct sysctl_oid sysctl__net_inet;
 
@@ -462,6 +470,11 @@
     ,&sysctl__kern_ipc_sosendminchain
     ,&sysctl__kern_ipc_sorecvmincopy
     ,&sysctl__kern_ipc_maxsockets
+    ,&sysctl__kern_lctx_all
+    ,&sysctl__kern_lctx_lcid
+    ,&sysctl__kern_lctx_last
+    ,&sysctl__kern_lctx_count
+    ,&sysctl__kern_lctx_max
 
     ,&sysctl__hw_machine
     ,&sysctl__hw_model
@@ -666,6 +679,7 @@
     ,&sysctl__vfs_generic_nfs_client
     ,&sysctl__vfs_generic_nfs_client_initialdowndelay
     ,&sysctl__vfs_generic_nfs_client_nextdowndelay
+    ,&sysctl__kern_lctx
     ,&sysctl__kern_ipc
     ,&sysctl__kern_sysv
     ,&sysctl__net_inet

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/Makefile#4 (text+ko) ====

@@ -25,7 +25,7 @@
 	dir.h dirent.h disk.h disklabel.h disktab.h dkstat.h dmap.h domain.h \
 	errno.h ev.h event.h eventvar.h exec.h extattr.h fcntl.h file.h filedesc.h filio.h gmon.h ioccom.h ioctl.h \
 	ioctl_compat.h ipc.h kernel.h kern_event.h ktrace.h libkern.h loadable_fs.h lock.h lockf.h mach_swapon.h malloc.h \
-	kdebug.h linker_set.h md5.h kern_control.h \
+	kdebug.h lctx.h linker_set.h md5.h kern_control.h \
 	mac.h mac_policy.h \
 	mbuf.h mman.h mount.h msgbuf.h mtio.h namei.h netport.h param.h paths.h \
 	proc.h protosw.h ptrace.h queue.h quota.h random.h reboot.h resource.h resourcevar.h \

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/mac.h#5 (text+ko) ====

@@ -84,6 +84,8 @@
 int	 mac_from_text(mac_t *_label, const char *_text);
 int	 mac_get_fd(int _fd, mac_t _label);
 int	 mac_get_file(const char *_path, mac_t _label);
+int	 mac_get_lcid(pid_t _lcid, mac_t _label);
+int	 mac_get_lctx(mac_t _label);
 int	 mac_get_link(const char *_path, mac_t _label);
 int	 mac_get_pid(pid_t _pid, mac_t _label);
 int	 mac_get_proc(mac_t _label);
@@ -96,6 +98,7 @@
 int	 mac_prepare_process_label(mac_t *_label);
 int	 mac_set_fd(int _fildes, const mac_t _label);
 int	 mac_set_file(const char *_path, mac_t _label);
+int	 mac_set_lctx(mac_t _label);
 int	 mac_set_link(const char *_path, mac_t _label);
 int	 mac_set_proc(const mac_t _label);
 int	 mac_syscall(const char *_policyname, int _call, void *_arg);
@@ -111,6 +114,7 @@
 struct attrlist;
 struct componentname;
 struct devnode;
+struct lctx;
 struct mount;
 struct pseminfo;
 struct pshminfo;
@@ -167,6 +171,8 @@
 void		 mac_vnode_label_free(struct label *label);
 int		 mac_get_vnode_audit_labels(struct vnode *vp, 
 			struct mac *mac);
+struct label	*mac_lctx_label_alloc(void);
+void		 mac_lctx_label_free(struct label *label);
 
 #define mac_update_task_from_cred(cred, task)				\
 	mac_update_task_label(((cred)->cr_label), task)
@@ -256,6 +262,8 @@
 void	mac_thread_userret(struct uthread *td);
 #endif
 
+void	mac_relabel_lctx(struct lctx *l, struct label *newlabel);
+
 /*
  * Label cleanup operation: This is the inverse complement for the mac_create
  * and associate type of hooks.  This hook lets the policy module(s) perform
@@ -274,6 +282,7 @@
 	    const char *serv, const char *perm);
 int	mac_check_cred_relabel(struct ucred *cred, struct label *newlabel);
 int	mac_check_cred_visible(struct ucred *u1, struct ucred *u2);
+int	mac_check_lctx_relabel(struct lctx *l, struct label *newlabel);
 int	mac_check_posix_sem_create(struct ucred *cred, const char *name);
 int	mac_check_posix_sem_open(struct ucred *cred, struct pseminfo *ps);
 int	mac_check_posix_sem_post(struct ucred *cred, struct pseminfo *ps);
@@ -326,6 +335,8 @@
 int	mac_check_proc_signal(struct ucred *cred, struct proc *proc,
 	    int signum);
 int	mac_check_proc_wait(struct ucred *cred, struct proc *proc);
+int	mac_check_proc_setlcid(struct proc *, struct proc *, pid_t, pid_t);
+int	mac_check_proc_getlcid(struct proc *, struct proc *, pid_t);
 int	mac_check_set_fd(struct ucred *cred, struct file *fp, char *buf,
 	    int buflen);
 int     mac_check_socket_accept(struct ucred *cred, struct socket *so,
@@ -430,6 +441,10 @@
 int	mac_audit_postselect(struct ucred *cred, unsigned short syscode,
 	    void *args, int error, int retval, int mac_forced);
 
+void	mac_proc_create_lctx(struct proc *, struct lctx *);
+void	mac_proc_join_lctx(struct proc *, struct lctx *);
+void	mac_proc_leave_lctx(struct proc *, struct lctx *);
+
 /*
  * Calls to help various file systems implement labeling functionality
  * using their existing EA implementation.

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/mac_policy.h#11 (text+ko) ====

@@ -55,6 +55,7 @@
 struct ifnet;
 struct ipq;
 struct label;
+struct lctx;
 struct mac_policy_conf;
 struct mbuf;
 struct mount;
@@ -219,6 +220,14 @@
 );
 
 /**
+  @brief Initialize Login Context label
+  @param label New label to initialize
+*/
+typedef void mpo_init_lctx_label_t(
+	struct label *label
+);
+
+/**
   @brief Initialize devfs label
   @param label New label to initialize
 
@@ -489,6 +498,14 @@
 );
 
 /**
+ @brief Destroy Login Context label
+ @param label The label to be destroyed
+*/
+typedef void mpo_destroy_lctx_label_t(
+	struct label *label
+);
+
+/**
   @brief Destroy devfs label
   @param label The label to be destroyed
 
@@ -830,6 +847,29 @@
 );
 
 /**
+  @brief Externalize a Login Context label
+  @param label Label to be externalized
+  @param element_name Name of the label namespace for which labels should be 
+  externalized
+  @param sb String buffer to be filled with a text representation of the label
+
+  Produce an external representation of the label on a Login Context.
+  An externalized label consists of a text representation
+  of the label contents that can be used with user applications.
+  Policy-agnostic user space tools will display this externalized
+  version.
+
+  @return 0 on success, return non-zero if an error occurs while
+  externalizing the label data. 
+
+*/
+typedef int mpo_externalize_lctx_label_t(
+	struct label *label,
+	char *element_name,
+	struct sbuf *sb
+);
+
+/**
   @brief Externalize a vnode label
   @param label Label to be externalized
   @param element_name Name of the label namespace for which labels should be 
@@ -901,6 +941,32 @@
 );
 
 /**
+  @brief Internalize a Login Context label
+  @param label Label to be internalized
+  @param element_name Name of the label namespace for which the label should
+  be internalized
+  @param element_data Text data to be internalized
+
+  Produce a Login Context label from an external representation.  An
+  externalized label consists of a text representation of the label
+  contents that can be used with user applications.  Policy-agnostic
+  user space tools will forward text version to the kernel for
+  processing by individual policy modules.
+
+  The policy's internalize entry points will be called only if the
+  policy has registered interest in the label namespace.
+
+  @return 0 on success, Otherwise, return non-zero if an error occurs
+  while internalizing the label data. 
+
+*/
+typedef int mpo_internalize_lctx_label_t(
+	struct label *label,
+	char *element_name,
+	char *element_data
+);
+
+/**
   @brief Internalize a vnode label
   @param label Label to be internalized
   @param element_name Name of the label namespace for which the label should
@@ -1708,6 +1774,50 @@
 /*@}*/
 
 /**
+  @brief A process has created a login context
+  @param p Subject
+  @param l Login Context
+*/
+typedef void mpo_proc_create_lctx_t(
+	struct proc *p,
+	struct lctx *l
+);
+
+/**
+  @brief A process has joined a login context
+  @param p Subject

>>> TRUNCATED FOR MAIL (1000 lines) <<<
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message



More information about the trustedbsd-cvs mailing list