Attachment 'head.diff'

Download

   1 Index: pefs_head/head/libexec/rtld-elf/rtld.c
   2 ===================================================================
   3 --- pefs_head/head/libexec/rtld-elf/rtld.c	(revision 235718)
   4 +++ pefs_head/head/libexec/rtld-elf/rtld.c	(revision 240588)
   5 @@ -1937,6 +1937,23 @@
   6  	    return NULL;
   7  	}
   8      }
   9 +    /* XXXgpf: check schg flag for every object */
  10 +    {
  11 +		int enabled, rval;
  12 +		size_t enabled_len;
  13 +
  14 +		enabled_len = sizeof(enabled);
  15 +		rval = sysctlbyname("vfs.pefs.exec.enable",	&enabled,
  16 +					&enabled_len, 0, 0);
  17 +
  18 +		if (rval == 0 && enabled != 0) {
  19 +			if ((sbp->st_flags & SF_IMMUTABLE) == 0) {
  20 +				_rtld_error("Cannot execute object: %s without schg\n", path);
  21 +				return NULL;
  22 +			}
  23 +		}
  24 +	}
  25 +
  26      dbg("loading \"%s\"", printable_path(path));
  27      obj = map_object(fd, printable_path(path), sbp);
  28      if (obj == NULL)
  29 Index: pefs_head/head/sys/kern/kern_exec.c
  30 ===================================================================
  31 --- pefs_head/head/sys/kern/kern_exec.c	(revision 235718)
  32 +++ pefs_head/head/sys/kern/kern_exec.c	(revision 240588)
  33 @@ -122,7 +122,7 @@
  34      NULL, 0, sysctl_kern_stackprot, "I", "");
  35  
  36  u_long ps_arg_cache_limit = PAGE_SIZE / 16;
  37 -SYSCTL_ULONG(_kern, OID_AUTO, ps_arg_cache_limit, CTLFLAG_RW, 
  38 +SYSCTL_ULONG(_kern, OID_AUTO, ps_arg_cache_limit, CTLFLAG_RW,
  39      &ps_arg_cache_limit, 0, "");
  40  
  41  static int map_at_zero = 0;
  42 @@ -186,9 +186,9 @@
  43  
  44  #ifndef _SYS_SYSPROTO_H_
  45  struct execve_args {
  46 -	char    *fname; 
  47 +	char    *fname;
  48  	char    **argv;
  49 -	char    **envv; 
  50 +	char    **envv;
  51  };
  52  #endif
  53  
  54 @@ -548,6 +548,12 @@
  55  		goto interpret;
  56  	}
  57  
  58 +#ifdef MAC
  59 +	error = mac_vnode_check_exec_noscript(td->td_ucred, imgp->vp, imgp);
  60 +	if (error)
  61 +		goto exec_fail_dealloc;
  62 +#endif
  63 +
  64  	/*
  65  	 * NB: We unlock the vnode here because it is believed that none
  66  	 * of the sv_copyout_strings/sv_fixup operations require the vnode.
  67 @@ -821,7 +827,7 @@
  68  
  69  	/* Set values passed into the program in registers. */
  70  	if (p->p_sysent->sv_setregs)
  71 -		(*p->p_sysent->sv_setregs)(td, imgp, 
  72 +		(*p->p_sysent->sv_setregs)(td, imgp,
  73  		    (u_long)(uintptr_t)stack_base);
  74  	else
  75  		exec_setregs(td, imgp, (u_long)(uintptr_t)stack_base);
  76 @@ -1160,7 +1166,7 @@
  77  		}
  78  		if ((error = copyinstr(argp, args->endp,
  79  		    args->stringspace, &length))) {
  80 -			if (error == ENAMETOOLONG) 
  81 +			if (error == ENAMETOOLONG)
  82  				error = E2BIG;
  83  			goto err_exit;
  84  		}
  85 Index: pefs_head/head/sys/vm/vm_mmap.c
  86 ===================================================================
  87 --- pefs_head/head/sys/vm/vm_mmap.c	(revision 235718)
  88 +++ pefs_head/head/sys/vm/vm_mmap.c	(revision 240588)
  89 @@ -1295,6 +1295,7 @@
  90  	error = mac_vnode_check_mmap(cred, vp, prot, flags);
  91  	if (error != 0)
  92  		goto done;
  93 +	mac_vnode_set_mmap_maxprot(cred, vp, maxprotp, flags);
  94  #endif
  95  	if ((flags & MAP_SHARED) != 0) {
  96  		if ((va.va_flags & (SF_SNAPSHOT|IMMUTABLE|APPEND)) != 0) {
  97 Index: pefs_head/head/sys/security/mac/mac_vfs.c
  98 ===================================================================
  99 --- pefs_head/head/sys/security/mac/mac_vfs.c	(revision 235718)
 100 +++ pefs_head/head/sys/security/mac/mac_vfs.c	(revision 240588)
 101 @@ -489,6 +489,24 @@
 102  	return (error);
 103  }
 104  
 105 +MAC_CHECK_PROBE_DEFINE3(vnode_check_exec_noscript, "struct ucred *",
 106 +	"struct vnode *", "struct image_params *");
 107 +
 108 +int
 109 +mac_vnode_check_exec_noscript(struct ucred *cred, struct vnode *vp,
 110 +    struct image_params *imgp)
 111 +{
 112 +	int error;
 113 +
 114 +	ASSERT_VOP_LOCKED(vp, "mac_vnode_check_exec_noscript");
 115 +
 116 +	MAC_POLICY_CHECK(vnode_check_exec_noscript, cred, vp, vp->v_label, imgp,
 117 +	    imgp->execlabel);
 118 +	MAC_CHECK_PROBE3(vnode_check_exec_noscript, error, cred, vp, imgp);
 119 +
 120 +	return (error);
 121 +}
 122 +
 123  MAC_CHECK_PROBE_DEFINE3(vnode_check_getacl, "struct ucred *",
 124      "struct vnode *", "acl_type_t");
 125  
 126 @@ -597,6 +615,17 @@
 127  }
 128  
 129  void
 130 +mac_vnode_set_mmap_maxprot(struct ucred *cred, struct vnode *vp,
 131 +	vm_prot_t *maxprotp, int flags)
 132 +{
 133 +
 134 +	ASSERT_VOP_LOCKED(vp, "mac_vnode_set_mmap_maxprot");
 135 +
 136 +	MAC_POLICY_PERFORM(vnode_set_mmap_maxprot, cred, vp, vp->v_label,
 137 +		maxprotp, flags);
 138 +}
 139 +
 140 +void
 141  mac_vnode_check_mmap_downgrade(struct ucred *cred, struct vnode *vp,
 142      int *prot)
 143  {
 144 Index: pefs_head/head/sys/security/mac/mac_framework.h
 145 ===================================================================
 146 --- pefs_head/head/sys/security/mac/mac_framework.h	(revision 235718)
 147 +++ pefs_head/head/sys/security/mac/mac_framework.h	(revision 240588)
 148 @@ -91,6 +91,7 @@
 149  
 150  #include <sys/acl.h>			/* XXX acl_type_t */
 151  #include <sys/types.h>			/* accmode_t */
 152 +#include <vm/vm.h>				/* XXX vm_prot_t */
 153  
 154  /*
 155   * Entry points to the TrustedBSD MAC Framework from the remainder of the
 156 @@ -383,6 +384,8 @@
 157  	    int attrnamespace, const char *name);
 158  int	mac_vnode_check_exec(struct ucred *cred, struct vnode *vp,
 159  	    struct image_params *imgp);
 160 +int	mac_vnode_check_exec_noscript(struct ucred *cred, struct vnode *vp,
 161 +	    struct image_params *imgp);
 162  int	mac_vnode_check_getacl(struct ucred *cred, struct vnode *vp,
 163  	    acl_type_t type);
 164  int	mac_vnode_check_getextattr(struct ucred *cred, struct vnode *vp,
 165 @@ -395,6 +398,8 @@
 166   	    struct componentname *cnp);
 167  int	mac_vnode_check_mmap(struct ucred *cred, struct vnode *vp, int prot,
 168  	    int flags);
 169 +void mac_vnode_set_mmap_maxprot(struct ucred *cred, struct vnode *vp,
 170 +		vm_prot_t *maxprotp, int flags);
 171  int	mac_vnode_check_mprotect(struct ucred *cred, struct vnode *vp,
 172  	    int prot);
 173  int	mac_vnode_check_open(struct ucred *cred, struct vnode *vp,
 174 Index: pefs_head/head/sys/security/mac/mac_policy.h
 175 ===================================================================
 176 --- pefs_head/head/sys/security/mac/mac_policy.h	(revision 235718)
 177 +++ pefs_head/head/sys/security/mac/mac_policy.h	(revision 240588)
 178 @@ -65,6 +65,7 @@
 179   */
 180  #include <sys/acl.h>	/* XXX acl_type_t */
 181  #include <sys/types.h>	/* XXX accmode_t */
 182 +#include <vm/vm.h>		/* XXX vm_prot_t */
 183  
 184  struct acl;
 185  struct auditinfo;
 186 @@ -566,6 +567,9 @@
 187  typedef int	(*mpo_vnode_check_exec_t)(struct ucred *cred,
 188  		    struct vnode *vp, struct label *vplabel,
 189  		    struct image_params *imgp, struct label *execlabel);
 190 +typedef int	(*mpo_vnode_check_exec_noscript_t)(struct ucred *cred,
 191 +		    struct vnode *vp, struct label *vplabel,
 192 +		    struct image_params *imgp, struct label *execlabel);
 193  typedef int	(*mpo_vnode_check_getacl_t)(struct ucred *cred,
 194  		    struct vnode *vp, struct label *vplabel,
 195  		    acl_type_t type);
 196 @@ -585,6 +589,9 @@
 197  typedef int	(*mpo_vnode_check_mmap_t)(struct ucred *cred,
 198  		    struct vnode *vp, struct label *label, int prot,
 199  		    int flags);
 200 +typedef void	(*mpo_vnode_set_mmap_maxprot_t)(struct ucred *cred,
 201 +		    struct vnode *vp, struct label *label, vm_prot_t *maxprotp,
 202 +		    int flags);
 203  typedef void	(*mpo_vnode_check_mmap_downgrade_t)(struct ucred *cred,
 204  		    struct vnode *vp, struct label *vplabel, int *prot);
 205  typedef int	(*mpo_vnode_check_mprotect_t)(struct ucred *cred,
 206 @@ -922,12 +929,14 @@
 207  	mpo_vnode_check_deleteacl_t		mpo_vnode_check_deleteacl;
 208  	mpo_vnode_check_deleteextattr_t		mpo_vnode_check_deleteextattr;
 209  	mpo_vnode_check_exec_t			mpo_vnode_check_exec;
 210 +	mpo_vnode_check_exec_noscript_t		mpo_vnode_check_exec_noscript;
 211  	mpo_vnode_check_getacl_t		mpo_vnode_check_getacl;
 212  	mpo_vnode_check_getextattr_t		mpo_vnode_check_getextattr;
 213  	mpo_vnode_check_link_t			mpo_vnode_check_link;
 214  	mpo_vnode_check_listextattr_t		mpo_vnode_check_listextattr;
 215  	mpo_vnode_check_lookup_t		mpo_vnode_check_lookup;
 216  	mpo_vnode_check_mmap_t			mpo_vnode_check_mmap;
 217 +	mpo_vnode_set_mmap_maxprot_t	mpo_vnode_set_mmap_maxprot;
 218  	mpo_vnode_check_mmap_downgrade_t	mpo_vnode_check_mmap_downgrade;
 219  	mpo_vnode_check_mprotect_t		mpo_vnode_check_mprotect;
 220  	mpo_vnode_check_open_t			mpo_vnode_check_open;
 221 Index: pefs_head/head/sys/sys/mount.h
 222 ===================================================================
 223 --- pefs_head/head/sys/sys/mount.h	(revision 235718)
 224 +++ pefs_head/head/sys/sys/mount.h	(revision 240588)
 225 @@ -27,7 +27,7 @@
 226   * SUCH DAMAGE.
 227   *
 228   *	@(#)mount.h	8.21 (Berkeley) 5/20/95
 229 - * $FreeBSD$
 230 + * $FreeBSD: soc2012/gpf/pefs_head/head/sys/sys/mount.h 234765 2012-04-20 06:50:44Z mckusick $
 231   */
 232  
 233  #ifndef _SYS_MOUNT_H_
 234 
 235 Property changes on: pefs_head/head/sys/sys/mount.h
 236 ___________________________________________________________________
 237 Deleted: svn:keywords
 238 ## -1 +0,0 ##
 239 -FreeBSD=%H
 240 \ No newline at end of property

Attached Files

To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.
  • [get | view] (2012-08-20T16:31:46+0000, 8.1 KB) [[attachment:head.diff]]
  • [get | view] (2012-08-20T16:32:06+0000, 124.0 KB) [[attachment:pefs.diff]]
  • [get | view] (2012-04-30T18:52:11+0000, 73.7 KB) [[attachment:pefs_design.pdf]]
 All files | Selected Files: delete move to page copy to page

You are not allowed to attach a file to this page.