Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys Move some of the socket policy back to the subsystem.



details:   https://anonhg.NetBSD.org/src/rev/fbbeb089facb
branches:  trunk
changeset: 747834:fbbeb089facb
user:      elad <elad%NetBSD.org@localhost>
date:      Fri Oct 02 23:50:16 2009 +0000

description:
Move some of the socket policy back to the subsystem.

Remove include we don't need in the secmodel code.

diffstat:

 sys/kern/uipc_socket.c              |  58 +++++++++++++++++++++++++++++++++++-
 sys/secmodel/suser/secmodel_suser.c |  45 +++++----------------------
 2 files changed, 65 insertions(+), 38 deletions(-)

diffs (196 lines):

diff -r 50cb6fc70780 -r fbbeb089facb sys/kern/uipc_socket.c
--- a/sys/kern/uipc_socket.c    Fri Oct 02 23:24:15 2009 +0000
+++ b/sys/kern/uipc_socket.c    Fri Oct 02 23:50:16 2009 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: uipc_socket.c,v 1.190 2009/09/11 22:06:29 dyoung Exp $ */
+/*     $NetBSD: uipc_socket.c,v 1.191 2009/10/02 23:50:16 elad Exp $   */
 
 /*-
  * Copyright (c) 2002, 2007, 2008, 2009 The NetBSD Foundation, Inc.
@@ -63,7 +63,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.190 2009/09/11 22:06:29 dyoung Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.191 2009/10/02 23:50:16 elad Exp $");
 
 #include "opt_compat_netbsd.h"
 #include "opt_sock_counters.h"
@@ -151,6 +151,8 @@
 static int socurkva;
 static kcondvar_t socurkva_cv;
 
+static kauth_listener_t socket_listener;
+
 #define        SOCK_LOAN_CHUNK         65536
 
 static size_t sodopendfree(void);
@@ -428,6 +430,53 @@
        return m;
 }
 
+static int
+socket_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie,
+    void *arg0, void *arg1, void *arg2, void *arg3)
+{
+       int result;
+       enum kauth_network_req req;
+
+       result = KAUTH_RESULT_DEFER;
+       req = (enum kauth_network_req)arg0;
+
+       if (action != KAUTH_NETWORK_SOCKET)
+               return result;
+
+       switch (req) {
+       case KAUTH_REQ_NETWORK_SOCKET_DROP: {
+               /* Normal users can only drop their own connections. */
+               struct socket *so = (struct socket *)arg1;
+               uid_t sockuid = so->so_uidinfo->ui_uid;
+
+               if (sockuid == kauth_cred_getuid(cred) ||
+                   sockuid == kauth_cred_geteuid(cred))
+                       result = KAUTH_RESULT_ALLOW;
+
+               break;
+               }
+
+       case KAUTH_REQ_NETWORK_SOCKET_OPEN:
+               /* We allow "raw" routing/bluetooth sockets to anyone. */
+               if ((u_long)arg1 == PF_ROUTE || (u_long)arg1 == PF_BLUETOOTH)
+                       result = KAUTH_RESULT_ALLOW;
+               else {
+                       /* Privileged, let secmodel handle this. */
+                       if ((u_long)arg2 == SOCK_RAW)
+                               break;
+               }
+
+               result = KAUTH_RESULT_ALLOW;
+
+               break;
+
+       default:
+               break;
+       }
+
+       return result;
+}
+
 void
 soinit(void)
 {
@@ -445,6 +494,9 @@
 
        callback_register(&vm_map_to_kernel(kernel_map)->vmk_reclaim_callback,
            &sokva_reclaimerentry, NULL, sokva_reclaim_callback);
+
+       socket_listener = kauth_listen_scope(KAUTH_SCOPE_NETWORK,
+           socket_listener_cb, NULL);
 }
 
 /*
@@ -499,6 +551,7 @@
        so->so_snd.sb_mowner = &prp->pr_domain->dom_mowner;
        so->so_mowner = &prp->pr_domain->dom_mowner;
 #endif
+       /* so->so_cred = kauth_cred_dup(l->l_cred); */
        uid = kauth_cred_geteuid(l->l_cred);
        so->so_uidinfo = uid_find(uid);
        so->so_egid = kauth_cred_getegid(l->l_cred);
@@ -641,6 +694,7 @@
        /* Remove acccept filter if one is present. */
        if (so->so_accf != NULL)
                (void)accept_filt_clear(so);
+       /* kauth_cred_free(so->so_cred); */
        sounlock(so);
        if (refs == 0)          /* XXX */
                soput(so);
diff -r 50cb6fc70780 -r fbbeb089facb sys/secmodel/suser/secmodel_suser.c
--- a/sys/secmodel/suser/secmodel_suser.c       Fri Oct 02 23:24:15 2009 +0000
+++ b/sys/secmodel/suser/secmodel_suser.c       Fri Oct 02 23:50:16 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_suser.c,v 1.12 2009/10/02 23:24:15 elad Exp $ */
+/* $NetBSD: secmodel_suser.c,v 1.13 2009/10/02 23:50:16 elad Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <elad%NetBSD.org@localhost>
  * All rights reserved.
@@ -38,7 +38,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.12 2009/10/02 23:24:15 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.13 2009/10/02 23:50:16 elad Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -49,7 +49,6 @@
 #include <sys/socketvar.h>
 #include <sys/sysctl.h>
 #include <sys/tty.h>
-#include <net/route.h>
 #include <sys/vnode.h>
 #include <sys/proc.h>
 #include <sys/uidinfo.h>
@@ -864,55 +863,29 @@
        case KAUTH_NETWORK_SOCKET:
                switch (req) {
                case KAUTH_REQ_NETWORK_SOCKET_DROP:
-                       /*
-                        * The superuser can drop any connection.  Normal users
-                        * can only drop their own connections.
-                        */
-                       if (isroot)
-                               result = KAUTH_RESULT_ALLOW;
-                       else {
-                               struct socket *so = (struct socket *)arg1;
-                               uid_t sockuid = so->so_uidinfo->ui_uid;
-
-                               if (sockuid == kauth_cred_getuid(cred) ||
-                                   sockuid == kauth_cred_geteuid(cred))
-                                       result = KAUTH_RESULT_ALLOW;
-                       }
-
-                       
-                       break;
-
                case KAUTH_REQ_NETWORK_SOCKET_OPEN:
-                       if ((u_long)arg1 == PF_ROUTE || (u_long)arg1 == PF_BLUETOOTH)
-                               result = KAUTH_RESULT_ALLOW;
-                       else if ((u_long)arg2 == SOCK_RAW) {
-                               if (isroot)
-                                       result = KAUTH_RESULT_ALLOW;
-                       } else
-                               result = KAUTH_RESULT_ALLOW;
-                       break;
-
                case KAUTH_REQ_NETWORK_SOCKET_RAWSOCK:
+               case KAUTH_REQ_NETWORK_SOCKET_SETPRIV:
                        if (isroot)
                                result = KAUTH_RESULT_ALLOW;
                        break;
 
                case KAUTH_REQ_NETWORK_SOCKET_CANSEE:
+                       if (isroot) {
+                               result = KAUTH_RESULT_ALLOW;
+                               break;
+                       }
+
                        if (secmodel_bsd44_curtain) {
                                uid_t so_uid;
 
                                so_uid =
                                    ((struct socket *)arg1)->so_uidinfo->ui_uid;
-                               if (isroot ||
-                                   kauth_cred_geteuid(cred) == so_uid)
+                               if (kauth_cred_geteuid(cred) == so_uid)
                                        result = KAUTH_RESULT_ALLOW;
                        } else
                                result = KAUTH_RESULT_ALLOW;
-                       break;
 
-               case KAUTH_REQ_NETWORK_SOCKET_SETPRIV:
-                       if (isroot)
-                               result = KAUTH_RESULT_ALLOW;
                        break;
 
                default:



Home | Main Index | Thread Index | Old Index