CVS commit: src/sys

Fri, 02 Oct 2009 16:50:32 -0700 

Module Name:    src
Committed By:   elad
Date:           Fri Oct  2 23:50:16 UTC 2009

Modified Files:
        src/sys/kern: uipc_socket.c
        src/sys/secmodel/suser: secmodel_suser.c

Log Message:
Move some of the socket policy back to the subsystem.

Remove include we don't need in the secmodel code.


To generate a diff of this commit:
cvs rdiff -u -r1.190 -r1.191 src/sys/kern/uipc_socket.c
cvs rdiff -u -r1.12 -r1.13 src/sys/secmodel/suser/secmodel_suser.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/kern/uipc_socket.c
diff -u src/sys/kern/uipc_socket.c:1.190 src/sys/kern/uipc_socket.c:1.191
--- src/sys/kern/uipc_socket.c:1.190	Fri Sep 11 22:06:29 2009
+++ src/sys/kern/uipc_socket.c	Fri Oct  2 23:50:16 2009
@@ -1,4 +1,4 @@
-/*	$NetBSD: uipc_socket.c,v 1.190 2009/09/11 22:06:29 dyoung Exp $	*/
+/*	$NetBSD: uipc_socket.c,v 1.191 2009/10/02 23:50:16 elad Exp $	*/
 
 /*-
  * Copyright (c) 2002, 2007, 2008, 2009 The NetBSD Foundation, Inc.
@@ -63,7 +63,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.190 2009/09/11 22:06:29 dyoung Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.191 2009/10/02 23:50:16 elad Exp $");
 
 #include "opt_compat_netbsd.h"
 #include "opt_sock_counters.h"
@@ -151,6 +151,8 @@
 static int socurkva;
 static kcondvar_t socurkva_cv;
 
+static kauth_listener_t socket_listener;
+
 #define	SOCK_LOAN_CHUNK		65536
 
 static size_t sodopendfree(void);
@@ -428,6 +430,53 @@
 	return m;
 }
 
+static int
+socket_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie,
+    void *arg0, void *arg1, void *arg2, void *arg3)
+{
+	int result;
+	enum kauth_network_req req;
+
+	result = KAUTH_RESULT_DEFER;
+	req = (enum kauth_network_req)arg0;
+
+	if (action != KAUTH_NETWORK_SOCKET)
+		return result;
+
+	switch (req) {
+	case KAUTH_REQ_NETWORK_SOCKET_DROP: {
+		/* Normal users can only drop their own connections. */
+		struct socket *so = (struct socket *)arg1;
+		uid_t sockuid = so->so_uidinfo->ui_uid;
+
+		if (sockuid == kauth_cred_getuid(cred) ||
+		    sockuid == kauth_cred_geteuid(cred))
+			result = KAUTH_RESULT_ALLOW;
+
+		break;
+		}
+
+	case KAUTH_REQ_NETWORK_SOCKET_OPEN:
+		/* We allow "raw" routing/bluetooth sockets to anyone. */
+		if ((u_long)arg1 == PF_ROUTE || (u_long)arg1 == PF_BLUETOOTH)
+			result = KAUTH_RESULT_ALLOW;
+		else {
+			/* Privileged, let secmodel handle this. */
+			if ((u_long)arg2 == SOCK_RAW)
+				break;
+		}
+
+		result = KAUTH_RESULT_ALLOW;
+
+		break;
+
+	default:
+		break;
+	}
+
+	return result;
+}
+
 void
 soinit(void)
 {
@@ -445,6 +494,9 @@
 
 	callback_register(&vm_map_to_kernel(kernel_map)->vmk_reclaim_callback,
 	    &sokva_reclaimerentry, NULL, sokva_reclaim_callback);
+
+	socket_listener = kauth_listen_scope(KAUTH_SCOPE_NETWORK,
+	    socket_listener_cb, NULL);
 }
 
 /*
@@ -499,6 +551,7 @@
 	so->so_snd.sb_mowner = &prp->pr_domain->dom_mowner;
 	so->so_mowner = &prp->pr_domain->dom_mowner;
 #endif
+	/* so->so_cred = kauth_cred_dup(l->l_cred); */
 	uid = kauth_cred_geteuid(l->l_cred);
 	so->so_uidinfo = uid_find(uid);
 	so->so_egid = kauth_cred_getegid(l->l_cred);
@@ -641,6 +694,7 @@
 	/* Remove acccept filter if one is present. */
 	if (so->so_accf != NULL)
 		(void)accept_filt_clear(so);
+	/* kauth_cred_free(so->so_cred); */
 	sounlock(so);
 	if (refs == 0)		/* XXX */
 		soput(so);

Index: src/sys/secmodel/suser/secmodel_suser.c
diff -u src/sys/secmodel/suser/secmodel_suser.c:1.12 src/sys/secmodel/suser/secmodel_suser.c:1.13
--- src/sys/secmodel/suser/secmodel_suser.c:1.12	Fri Oct  2 23:24:15 2009
+++ src/sys/secmodel/suser/secmodel_suser.c	Fri Oct  2 23:50:16 2009
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_suser.c,v 1.12 2009/10/02 23:24:15 elad Exp $ */
+/* $NetBSD: secmodel_suser.c,v 1.13 2009/10/02 23:50:16 elad Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <e...@netbsd.org>
  * All rights reserved.
@@ -38,7 +38,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.12 2009/10/02 23:24:15 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.13 2009/10/02 23:50:16 elad Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -49,7 +49,6 @@
 #include <sys/socketvar.h>
 #include <sys/sysctl.h>
 #include <sys/tty.h>
-#include <net/route.h>
 #include <sys/vnode.h>
 #include <sys/proc.h>
 #include <sys/uidinfo.h>
@@ -864,55 +863,29 @@
 	case KAUTH_NETWORK_SOCKET:
 		switch (req) {
 		case KAUTH_REQ_NETWORK_SOCKET_DROP:
-			/*
-			 * The superuser can drop any connection.  Normal users
-			 * can only drop their own connections.
-			 */
-			if (isroot)
-				result = KAUTH_RESULT_ALLOW;
-			else {
-				struct socket *so = (struct socket *)arg1;
-				uid_t sockuid = so->so_uidinfo->ui_uid;
-
-				if (sockuid == kauth_cred_getuid(cred) ||
-				    sockuid == kauth_cred_geteuid(cred))
-					result = KAUTH_RESULT_ALLOW;
-			}
-
-			
-			break;
-
 		case KAUTH_REQ_NETWORK_SOCKET_OPEN:
-			if ((u_long)arg1 == PF_ROUTE || (u_long)arg1 == PF_BLUETOOTH)
-				result = KAUTH_RESULT_ALLOW;
-			else if ((u_long)arg2 == SOCK_RAW) {
-				if (isroot)
-					result = KAUTH_RESULT_ALLOW;
-			} else
-				result = KAUTH_RESULT_ALLOW;
-			break;
-
 		case KAUTH_REQ_NETWORK_SOCKET_RAWSOCK:
+		case KAUTH_REQ_NETWORK_SOCKET_SETPRIV:
 			if (isroot)
 				result = KAUTH_RESULT_ALLOW;
 			break;
 
 		case KAUTH_REQ_NETWORK_SOCKET_CANSEE:
+			if (isroot) {
+				result = KAUTH_RESULT_ALLOW;
+				break;
+			}
+
 			if (secmodel_bsd44_curtain) {
 				uid_t so_uid;
 
 				so_uid =
 				    ((struct socket *)arg1)->so_uidinfo->ui_uid;
-				if (isroot ||
-				    kauth_cred_geteuid(cred) == so_uid)
+				if (kauth_cred_geteuid(cred) == so_uid)
 					result = KAUTH_RESULT_ALLOW;
 			} else
 				result = KAUTH_RESULT_ALLOW;
-			break;
 
-		case KAUTH_REQ_NETWORK_SOCKET_SETPRIV:
-			if (isroot)
-				result = KAUTH_RESULT_ALLOW;
 			break;
 
 		default:

Reply via email to