From c27b50f5b46027df1c2a944aec02b4885dca08aa Mon Sep 17 00:00:00 2001 From: Robert Watson Date: Sat, 5 Oct 2002 18:25:48 +0000 Subject: [PATCH] Merge implementation of mpo_check_vnode_link() for various appropriate file-system aware MAC policies. Sync to MAC tree. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories --- sys/security/mac_biba/mac_biba.c | 26 +++++++++++++++++ .../mac_bsdextended/mac_bsdextended.c | 29 +++++++++++++++++++ sys/security/mac_mls/mac_mls.c | 25 ++++++++++++++++ sys/security/mac_none/mac_none.c | 11 +++++++ sys/security/mac_stub/mac_stub.c | 11 +++++++ sys/security/mac_test/mac_test.c | 11 +++++++ 6 files changed, 113 insertions(+) diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c index 8d53cdbbce1d..eb1345fdc8e8 100644 --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -1509,6 +1509,30 @@ mac_biba_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, return (0); } +static int +mac_biba_check_vnode_link(struct ucred *cred, struct vnode *dvp, + struct label *dlabel, struct vnode *vp, struct label *label, + struct componentname *cnp) +{ + struct mac_biba *subj, *obj; + + if (!mac_biba_enabled) + return (0); + + subj = SLOT(&cred->cr_label); + obj = SLOT(dlabel); + + if (!mac_biba_dominate_single(subj, obj)) + return (EACCES); + + obj = SLOT(label); + + if (!mac_biba_dominate_single(subj, obj)) + return (EACCES); + + return (0); +} + static int mac_biba_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, struct label *dlabel, struct componentname *cnp) @@ -2087,6 +2111,8 @@ static struct mac_policy_op_entry mac_biba_ops[] = (macop_t)mac_biba_check_vnode_getacl }, { MAC_CHECK_VNODE_GETEXTATTR, (macop_t)mac_biba_check_vnode_getextattr }, + { MAC_CHECK_VNODE_LINK, + (macop_t)mac_biba_check_vnode_link }, { MAC_CHECK_VNODE_LOOKUP, (macop_t)mac_biba_check_vnode_lookup }, { MAC_CHECK_VNODE_OPEN, diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c index 7fae86754797..e6148cc12596 100644 --- a/sys/security/mac_bsdextended/mac_bsdextended.c +++ b/sys/security/mac_bsdextended/mac_bsdextended.c @@ -444,6 +444,33 @@ mac_bsdextended_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VREAD)); } +static int +mac_bsdextended_check_vnode_link(struct ucred *cred, struct vnode *dvp, + struct label *dlabel, struct vnode *vp, struct label *label, + struct componentname *cnp) +{ + struct vattr vap; + int error; + + if (!mac_bsdextended_enabled) + return (0); + + error = VOP_GETATTR(dvp, &vap, cred, curthread); + if (error) + return (error); + error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE); + if (error) + return (error); + + error = VOP_GETATTR(vp, &vap, cred, curthread); + if (error) + return (error); + error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE); + if (error) + return (error); + return (0); +} + static int mac_bsdextended_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, struct label *dlabel, struct componentname *cnp) @@ -715,6 +742,8 @@ static struct mac_policy_op_entry mac_bsdextended_ops[] = (macop_t)mac_bsdextended_check_vnode_getacl }, { MAC_CHECK_VNODE_GETEXTATTR, (macop_t)mac_bsdextended_check_vnode_getextattr }, + { MAC_CHECK_VNODE_LINK, + (macop_t)mac_bsdextended_check_vnode_link }, { MAC_CHECK_VNODE_LOOKUP, (macop_t)mac_bsdextended_check_vnode_lookup }, { MAC_CHECK_VNODE_OPEN, diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c index 27b74b1f8562..4adc3f5e9f8f 100644 --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -1471,6 +1471,29 @@ mac_mls_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, return (0); } +static int +mac_mls_check_vnode_link(struct ucred *cred, struct vnode *dvp, + struct label *dlabel, struct vnode *vp, struct label *label, + struct componentname *cnp) +{ + struct mac_mls *subj, *obj; + + if (!mac_mls_enabled) + return (0); + + subj = SLOT(&cred->cr_label); + obj = SLOT(dlabel); + + if (!mac_mls_dominate_single(obj, subj)) + return (EACCES); + + obj = SLOT(dlabel); + if (!mac_mls_dominate_single(obj, subj)) + return (EACCES); + + return (0); +} + static int mac_mls_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, struct label *dlabel, struct componentname *cnp) @@ -2050,6 +2073,8 @@ static struct mac_policy_op_entry mac_mls_ops[] = (macop_t)mac_mls_check_vnode_getacl }, { MAC_CHECK_VNODE_GETEXTATTR, (macop_t)mac_mls_check_vnode_getextattr }, + { MAC_CHECK_VNODE_LINK, + (macop_t)mac_mls_check_vnode_link }, { MAC_CHECK_VNODE_LOOKUP, (macop_t)mac_mls_check_vnode_lookup }, { MAC_CHECK_VNODE_OPEN, diff --git a/sys/security/mac_none/mac_none.c b/sys/security/mac_none/mac_none.c index 052628be07f4..4bda24ebab31 100644 --- a/sys/security/mac_none/mac_none.c +++ b/sys/security/mac_none/mac_none.c @@ -669,6 +669,15 @@ mac_none_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, return (0); } +static int +mac_none_check_vnode_link(struct ucred *cred, struct vnode *dvp, + struct label *dlabel, struct vnode *vp, struct label *label, + struct componentname *cnp) +{ + + return (0); +} + static int mac_none_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, struct label *dlabel, struct componentname *cnp) @@ -1019,6 +1028,8 @@ static struct mac_policy_op_entry mac_none_ops[] = (macop_t)mac_none_check_vnode_getacl }, { MAC_CHECK_VNODE_GETEXTATTR, (macop_t)mac_none_check_vnode_getextattr }, + { MAC_CHECK_VNODE_LINK, + (macop_t)mac_none_check_vnode_link }, { MAC_CHECK_VNODE_LOOKUP, (macop_t)mac_none_check_vnode_lookup }, { MAC_CHECK_VNODE_OPEN, diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c index 052628be07f4..4bda24ebab31 100644 --- a/sys/security/mac_stub/mac_stub.c +++ b/sys/security/mac_stub/mac_stub.c @@ -669,6 +669,15 @@ mac_none_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, return (0); } +static int +mac_none_check_vnode_link(struct ucred *cred, struct vnode *dvp, + struct label *dlabel, struct vnode *vp, struct label *label, + struct componentname *cnp) +{ + + return (0); +} + static int mac_none_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, struct label *dlabel, struct componentname *cnp) @@ -1019,6 +1028,8 @@ static struct mac_policy_op_entry mac_none_ops[] = (macop_t)mac_none_check_vnode_getacl }, { MAC_CHECK_VNODE_GETEXTATTR, (macop_t)mac_none_check_vnode_getextattr }, + { MAC_CHECK_VNODE_LINK, + (macop_t)mac_none_check_vnode_link }, { MAC_CHECK_VNODE_LOOKUP, (macop_t)mac_none_check_vnode_lookup }, { MAC_CHECK_VNODE_OPEN, diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index c6335da0ea49..bff758a3a1f9 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -1045,6 +1045,15 @@ mac_test_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, return (0); } +static int +mac_test_check_vnode_link(struct ucred *cred, struct vnode *dvp, + struct label *dlabel, struct vnode *vp, struct label *label, + struct componentname *cnp) +{ + + return (0); +} + static int mac_test_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, struct label *dlabel, struct componentname *cnp) @@ -1393,6 +1402,8 @@ static struct mac_policy_op_entry mac_test_ops[] = (macop_t)mac_test_check_vnode_getacl }, { MAC_CHECK_VNODE_GETEXTATTR, (macop_t)mac_test_check_vnode_getextattr }, + { MAC_CHECK_VNODE_LINK, + (macop_t)mac_test_check_vnode_link }, { MAC_CHECK_VNODE_LOOKUP, (macop_t)mac_test_check_vnode_lookup }, { MAC_CHECK_VNODE_OPEN,