[src/trunk]: src/sys/dev/dm Now that we have allowed operator to access the c...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys/dev/dm Now that we have allowed operator to access the c...
From: christos <christos%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 19:41:06 +0000

details:   https://anonhg.NetBSD.org/src/rev/ed320929030b
branches:  trunk
changeset: 760007:ed320929030b
user:      christos <christos%NetBSD.org@localhost>
date:      Thu Dec 23 20:07:13 2010 +0000

description:
Now that we have allowed operator to access the control node, make sure
that he cannot cause damage, by only allowing the superuser to do ioctls
that can cause damage.

diffstat:

 sys/dev/dm/device-mapper.c |  44 +++++++++++++++++++++++++-------------------
 sys/dev/dm/dm.h            |   6 ++++--
 2 files changed, 29 insertions(+), 21 deletions(-)

diffs (103 lines):

diff -r 6ca3fd5a4004 -r ed320929030b sys/dev/dm/device-mapper.c
--- a/sys/dev/dm/device-mapper.c        Thu Dec 23 19:15:55 2010 +0000
+++ b/sys/dev/dm/device-mapper.c        Thu Dec 23 20:07:13 2010 +0000
@@ -1,4 +1,4 @@
-/*        $NetBSD: device-mapper.c,v 1.27 2010/12/23 14:58:13 mlelstv Exp $ */
+/*        $NetBSD: device-mapper.c,v 1.28 2010/12/23 20:07:13 christos Exp $ */
 
 /*
  * Copyright (c) 2010 The NetBSD Foundation, Inc.
@@ -45,6 +45,7 @@
 #include <sys/ioctl.h>
 #include <sys/ioccom.h>
 #include <sys/kmem.h>
+#include <sys/kauth.h>
 
 #include "netbsd-dm.h"
 #include "dm.h"
@@ -121,23 +122,23 @@
  * ioctl to kernel but will do another things in userspace.
  *
  */
-struct cmd_function cmd_fn[] = {
-               { .cmd = "version", .fn = dm_get_version_ioctl},
-               { .cmd = "targets", .fn = dm_list_versions_ioctl},
-               { .cmd = "create",  .fn = dm_dev_create_ioctl},
-               { .cmd = "info",    .fn = dm_dev_status_ioctl},
-               { .cmd = "mknodes", .fn = dm_dev_status_ioctl},         
-               { .cmd = "names",   .fn = dm_dev_list_ioctl},
-               { .cmd = "suspend", .fn = dm_dev_suspend_ioctl},
-               { .cmd = "remove",  .fn = dm_dev_remove_ioctl}, 
-               { .cmd = "rename",  .fn = dm_dev_rename_ioctl},
-               { .cmd = "resume",  .fn = dm_dev_resume_ioctl},
-               { .cmd = "clear",   .fn = dm_table_clear_ioctl},
-               { .cmd = "deps",    .fn = dm_table_deps_ioctl},
-               { .cmd = "reload",  .fn = dm_table_load_ioctl},
-               { .cmd = "status",  .fn = dm_table_status_ioctl},
-               { .cmd = "table",   .fn = dm_table_status_ioctl},
-               {NULL, NULL}    
+static const struct cmd_function cmd_fn[] = {
+       { .cmd = "version", .fn = dm_get_version_ioctl,   .allowed = 1 },
+       { .cmd = "targets", .fn = dm_list_versions_ioctl, .allowed = 1 },
+       { .cmd = "create",  .fn = dm_dev_create_ioctl,    .allowed = 0 },
+       { .cmd = "info",    .fn = dm_dev_status_ioctl,    .allowed = 1 },
+       { .cmd = "mknodes", .fn = dm_dev_status_ioctl,    .allowed = 1 },
+       { .cmd = "names",   .fn = dm_dev_list_ioctl,      .allowed = 1 },
+       { .cmd = "suspend", .fn = dm_dev_suspend_ioctl,   .allowed = 0 },
+       { .cmd = "remove",  .fn = dm_dev_remove_ioctl,    .allowed = 0 }, 
+       { .cmd = "rename",  .fn = dm_dev_rename_ioctl,    .allowed = 0 },
+       { .cmd = "resume",  .fn = dm_dev_resume_ioctl,    .allowed = 0 },
+       { .cmd = "clear",   .fn = dm_table_clear_ioctl,   .allowed = 0 },
+       { .cmd = "deps",    .fn = dm_table_deps_ioctl,    .allowed = 1 },
+       { .cmd = "reload",  .fn = dm_table_load_ioctl,    .allowed = 0 },
+       { .cmd = "status",  .fn = dm_table_status_ioctl,  .allowed = 1 },
+       { .cmd = "table",   .fn = dm_table_status_ioctl,  .allowed = 1 },
+       { .cmd = NULL,      .fn = NULL,                   .allowed = 0 }        
 };
 
 #ifdef _MODULE
@@ -382,7 +383,7 @@
  * Translate command sent from libdevmapper to func.
  */
 static int
-dm_cmd_to_fun(prop_dictionary_t dm_dict){
+dm_cmd_to_fun(prop_dictionary_t dm_dict) {
        int i, r;
        prop_string_t command;
        
@@ -395,6 +396,11 @@
                if (prop_string_equals_cstring(command, cmd_fn[i].cmd))
                        break;
 
+       if (!cmd_fn[i].allowed && 
+           (r = kauth_authorize_generic(kauth_cred_get(),
+           KAUTH_GENERIC_ISSUSER, NULL)) != 0)
+               return r;
+
        if (cmd_fn[i].cmd == NULL)
                return EINVAL;
 
diff -r 6ca3fd5a4004 -r ed320929030b sys/dev/dm/dm.h
--- a/sys/dev/dm/dm.h   Thu Dec 23 19:15:55 2010 +0000
+++ b/sys/dev/dm/dm.h   Thu Dec 23 20:07:13 2010 +0000
@@ -1,4 +1,4 @@
-/*        $NetBSD: dm.h,v 1.21 2010/12/23 14:58:13 mlelstv Exp $      */
+/*        $NetBSD: dm.h,v 1.22 2010/12/23 20:07:13 christos Exp $      */
 
 /*
  * Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -258,11 +258,13 @@
  * This structure is used to translate command sent to kernel driver in
  * <key>command</key>
  * <value></value>
- * to function which I can call.
+ * to function which I can call, and if the command is allowed for
+ * non-superusers.
  */
 struct cmd_function {
        const char *cmd;
        int  (*fn)(prop_dictionary_t);
+       int  allowed;
 };
 
 /* device-mapper */

Prev by Date: [src/trunk]: src/external/gpl2/lvm2/dist/libdm/ioctl false needs stdbool.h
Next by Date: [src/trunk]: src/share/man/man4 Remove double-quotes from .Sx macros.
Previous by Thread: [src/trunk]: src/external/gpl2/lvm2/dist/libdm/ioctl false needs stdbool.h
Next by Thread: [src/trunk]: src/share/man/man4 Remove double-quotes from .Sx macros.
Indexes:

Home | Main Index | Thread Index | Old Index