PERFORCE change 97745 for review
Rob Deker
deker at FreeBSD.org
Wed May 24 16:14:27 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=97745
Change 97745 by deker at sebsd_build on 2006/05/24 16:12:02
Add patch from pleblanc with the following comments:
Added the same classes of missing entry points to sebsd
as were added to sedarwin. Specifically:
mpo_check_system_*
acct
reboot
settime
mpo_check_proc_*
wait
setuid
seteuid
setgid
setegid
setreuid
setregid
setresuid
setresgid
All supported SYSV and POSIX IPC syscalls are already
implemented, and the BSD MAC Framework doesn't have audit
hooks yet.
This builds & boots; works during brief normal usage at least.
Affected files ...
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#43 edit
Differences ...
==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#43 (text+ko) ====
@@ -97,6 +97,28 @@
panic("sebsd_destroy");
}
+static int
+signal_to_av(int signum)
+{
+ uint32_t perm;
+
+ switch (signum) {
+ case SIGCHLD:
+ perm = PROCESS__SIGCHLD;
+ break;
+ case SIGKILL:
+ perm = PROCESS__SIGKILL;
+ break;
+ case SIGSTOP:
+ perm = PROCESS__SIGSTOP;
+ break;
+ default:
+ perm = PROCESS__SIGNAL;
+ break;
+ }
+ return perm;
+}
+
/*
* Check whether a task is allowed to use a capability.
*/
@@ -1116,27 +1138,73 @@
return (cred_has_perm(cred, proc, PROCESS__SETSCHED));
}
+/*
+ * TBD: The SETGID and SETUID capabilities are currently used for
+ * all functions in those families.
+ */
+static int
+sebsd_check_proc_setgid(struct ucred *cred, gid_t gid)
+{
+
+ return (cred_has_capability(cred, CAPABILITY__SETGID));
+}
+
+static int
+sebsd_check_proc_setregid(struct ucred *cred, gid_t rgid, gid_t egid)
+{
+
+ return (cred_has_capability(cred, CAPABILITY__SETGID));
+}
+
+static int
+sebsd_check_proc_setresgid(struct ucred *cred, gid_t rgid, gid_t egid,
+ gid_t sgid)
+{
+
+ return (cred_has_capability(cred, CAPABILITY__SETGID));
+}
+
+static int
+sebsd_check_proc_setuid(struct ucred *cred, uid_t uid)
+{
+
+ return (cred_has_capability(cred, CAPABILITY__SETUID));
+}
+
+static int
+sebsd_check_proc_setreuid(struct ucred *cred, uid_t ruid, uid_t euid)
+{
+
+ return (cred_has_capability(cred, CAPABILITY__SETUID));
+}
+
+static int
+sebsd_check_proc_setresuid(struct ucred *cred, uid_t ruid, uid_t euid,
+ uid_t suid)
+{
+
+ return (cred_has_capability(cred, CAPABILITY__SETUID));
+}
+
static int
sebsd_check_proc_signal(struct ucred *cred, struct proc *proc, int signum)
{
u_int32_t perm;
- switch (signum) {
- case SIGCHLD:
- perm = PROCESS__SIGCHLD;
- break;
- case SIGKILL:
- perm = PROCESS__SIGKILL;
- break;
- case SIGSTOP:
- perm = PROCESS__SIGSTOP;
- break;
- default:
- perm = PROCESS__SIGNAL;
- break;
- }
+ perm = signal_to_av(signum);
+ return (cred_has_perm(cred, proc, perm));
+}
+
+static int
+sebsd_check_proc_wait(struct ucred *cred, struct proc *proc)
+{
+ u_int32_t perm, exit_status;
+
+ exit_status = proc->p_xstat; // (promote to 32 btis)
+ exit_status &= 0177;
- return (cred_has_perm(cred, proc, perm));
+ perm = signal_to_av(exit_status);
+ return (cred_has_perm(cred, proc, perm));
}
static void
@@ -1812,6 +1880,14 @@
return (vnode_has_perm(cred, vp, FILE__GETATTR));
}
+static int
+sebsd_check_system_acct(struct ucred *cred, struct vnode *c,
+ struct label *vl)
+{
+
+ return (cred_has_capability(cred, CAPABILITY__SYS_PACCT));
+}
+
/*
* TBD: LSM/SELinux doesn't have a nfsd hook
*/
@@ -1823,6 +1899,20 @@
}
static int
+sebsd_check_system_reboot(struct ucred *cred, int how)
+{
+
+ return (cred_has_capability(cred, CAPABILITY__SYS_BOOT));
+}
+
+static int
+sebsd_check_system_settime(struct ucred *cred)
+{
+
+ return (cred_has_capability(cred, CAPABILITY__SYS_TIME));
+}
+
+static int
sebsd_check_system_swapon(struct ucred *cred, struct vnode *vp,
struct label *vnodelabel)
{
@@ -2488,11 +2578,11 @@
.mpo_check_mount = sebsd_check_mount,
.mpo_check_umount = sebsd_check_umount,
.mpo_check_remount = sebsd_check_remount,
+ .mpo_check_sysv_msgmsq = sebsd_check_sysv_msgmsq,
.mpo_check_sysv_msgrcv = sebsd_check_sysv_msgrcv,
.mpo_check_sysv_msgrmid = sebsd_check_sysv_msgrmid,
.mpo_check_sysv_msqget = sebsd_check_sysv_msqget,
.mpo_check_sysv_msqsnd = sebsd_check_sysv_msqsnd,
- .mpo_check_sysv_msgmsq = sebsd_check_sysv_msgmsq,
.mpo_check_sysv_msqrcv = sebsd_check_sysv_msqrcv,
.mpo_check_sysv_msqctl = sebsd_check_sysv_msqctl,
.mpo_check_sysv_semctl = sebsd_check_sysv_semctl,
@@ -2520,8 +2610,20 @@
.mpo_check_proc_debug = sebsd_check_proc_debug,
.mpo_check_proc_sched = sebsd_check_proc_sched,
+ .mpo_check_proc_setuid = sebsd_check_proc_setuid,
+ .mpo_check_proc_seteuid = sebsd_check_proc_setuid,
+ .mpo_check_proc_setgid = sebsd_check_proc_setgid,
+ .mpo_check_proc_setegid = sebsd_check_proc_setgid,
+ .mpo_check_proc_setreuid = sebsd_check_proc_setreuid,
+ .mpo_check_proc_setregid = sebsd_check_proc_setregid,
+ .mpo_check_proc_setresuid = sebsd_check_proc_setresuid,
+ .mpo_check_proc_setresgid = sebsd_check_proc_setresgid,
.mpo_check_proc_signal = sebsd_check_proc_signal,
+ .mpo_check_proc_wait = sebsd_check_proc_wait,
+ .mpo_check_system_acct = sebsd_check_system_acct,
.mpo_check_system_nfsd = sebsd_check_system_nfsd,
+ .mpo_check_system_reboot = sebsd_check_system_reboot,
+ .mpo_check_system_settime = sebsd_check_system_settime,
.mpo_check_system_swapon = sebsd_check_system_swapon,
.mpo_check_system_swapoff = sebsd_check_system_swapoff,
.mpo_check_system_sysctl = sebsd_check_system_sysctl,
More information about the trustedbsd-cvs
mailing list