search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Ignore machine-check MSRs
[freebsd-src/fkvm-freebsd.git] / lib / libugidfw / ugidfw.c
blob341ac25f4a6be4885969cab3dc27a0143d802b32
1 /*-
2 * Copyright (c) 2002-2005 Networks Associates Technology, Inc.
3 * All rights reserved.
4 *
5 * This software was developed for the FreeBSD Project by Network Associates
6 * Laboratories, the Security Research Division of Network Associates, Inc.
7 * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
8 * DARPA CHATS research program.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 *
31 * $FreeBSD$
32 */
33 #include <sys/param.h>
34 #include <sys/errno.h>
35 #include <sys/time.h>
36 #include <sys/sysctl.h>
37 #include <sys/ucred.h>
38 #include <sys/mount.h>
39
40 #include <security/mac_bsdextended/mac_bsdextended.h>
41
42 #include <grp.h>
43 #include <pwd.h>
44 #include <stdio.h>
45 #include <stdlib.h>
46 #include <string.h>
47
48 #include "ugidfw.h"
49
50 /*
51 * Text format for rules: rules contain subject and object elements, mode.
52 * The total form is "subject [s_element] object [o_element] mode [mode]".
53 * At least * one of a uid or gid entry must be present; both may also be
54 * present.
55 */
56
57 #define MIB "security.mac.bsdextended"
58
59 int
60 bsde_rule_to_string(struct mac_bsdextended_rule *rule, char *buf, size_t buflen)
61 {
62 struct group *grp;
63 struct passwd *pwd;
64 struct statfs *mntbuf;
65 char *cur, type[sizeof(rule->mbr_object.mbo_type) * CHAR_BIT + 1];
66 size_t left, len;
67 int anymode, unknownmode, truncated, numfs, i, notdone;
68
69 cur = buf;
70 left = buflen;
71 truncated = 0;
72
73 len = snprintf(cur, left, "subject ");
74 if (len < 0 || len > left)
75 goto truncated;
76 left -= len;
77 cur += len;
78 if (rule->mbr_subject.mbs_flags) {
79 if (rule->mbr_subject.mbs_neg == MBS_ALL_FLAGS) {
80 len = snprintf(cur, left, "not ");
81 if (len < 0 || len > left)
82 goto truncated;
83 left -= len;
84 cur += len;
85 notdone = 1;
86 } else {
87 notdone = 0;
88 }
89
90 if (!notdone && (rule->mbr_subject.mbs_neg & MBO_UID_DEFINED)) {
91 len = snprintf(cur, left, "! ");
92 if (len < 0 || len > left)
93 goto truncated;
94 left -= len;
95 cur += len;
96 }
97 if (rule->mbr_subject.mbs_flags & MBO_UID_DEFINED) {
98 pwd = getpwuid(rule->mbr_subject.mbs_uid_min);
99 if (pwd != NULL) {
100 len = snprintf(cur, left, "uid %s",
101 pwd->pw_name);
102 if (len < 0 || len > left)
103 goto truncated;
104 left -= len;
105 cur += len;
106 } else {
107 len = snprintf(cur, left, "uid %u",
108 rule->mbr_subject.mbs_uid_min);
109 if (len < 0 || len > left)
110 goto truncated;
111 left -= len;
112 cur += len;
113 }
114 if (rule->mbr_subject.mbs_uid_min !=
115 rule->mbr_subject.mbs_uid_max) {
116 pwd = getpwuid(rule->mbr_subject.mbs_uid_max);
117 if (pwd != NULL) {
118 len = snprintf(cur, left, ":%s ",
119 pwd->pw_name);
120 if (len < 0 || len > left)
121 goto truncated;
122 left -= len;
123 cur += len;
124 } else {
125 len = snprintf(cur, left, ":%u ",
126 rule->mbr_subject.mbs_uid_max);
127 if (len < 0 || len > left)
128 goto truncated;
129 left -= len;
130 cur += len;
131 }
132 } else {
133 len = snprintf(cur, left, " ");
134 if (len < 0 || len > left)
135 goto truncated;
136 left -= len;
137 cur += len;
138 }
139 }
140 if (!notdone && (rule->mbr_subject.mbs_neg & MBO_GID_DEFINED)) {
141 len = snprintf(cur, left, "! ");
142 if (len < 0 || len > left)
143 goto truncated;
144 left -= len;
145 cur += len;
146 }
147 if (rule->mbr_subject.mbs_flags & MBO_GID_DEFINED) {
148 grp = getgrgid(rule->mbr_subject.mbs_gid_min);
149 if (grp != NULL) {
150 len = snprintf(cur, left, "gid %s",
151 grp->gr_name);
152 if (len < 0 || len > left)
153 goto truncated;
154 left -= len;
155 cur += len;
156 } else {
157 len = snprintf(cur, left, "gid %u",
158 rule->mbr_subject.mbs_gid_min);
159 if (len < 0 || len > left)
160 goto truncated;
161 left -= len;
162 cur += len;
163 }
164 if (rule->mbr_subject.mbs_gid_min !=
165 rule->mbr_subject.mbs_gid_max) {
166 grp = getgrgid(rule->mbr_subject.mbs_gid_max);
167 if (grp != NULL) {
168 len = snprintf(cur, left, ":%s ",
169 grp->gr_name);
170 if (len < 0 || len > left)
171 goto truncated;
172 left -= len;
173 cur += len;
174 } else {
175 len = snprintf(cur, left, ":%u ",
176 rule->mbr_subject.mbs_gid_max);
177 if (len < 0 || len > left)
178 goto truncated;
179 left -= len;
180 cur += len;
181 }
182 } else {
183 len = snprintf(cur, left, " ");
184 if (len < 0 || len > left)
185 goto truncated;
186 left -= len;
187 cur += len;
188 }
189 }
190 if (!notdone && (rule->mbr_subject.mbs_neg & MBS_PRISON_DEFINED)) {
191 len = snprintf(cur, left, "! ");
192 if (len < 0 || len > left)
193 goto truncated;
194 left -= len;
195 cur += len;
196 }
197 if (rule->mbr_subject.mbs_flags & MBS_PRISON_DEFINED) {
198 len = snprintf(cur, left, "jailid %d ",
199 rule->mbr_subject.mbs_prison);
200 if (len < 0 || len > left)
201 goto truncated;
202 left -= len;
203 cur += len;
204 }
205 }
206
207 len = snprintf(cur, left, "object ");
208 if (len < 0 || len > left)
209 goto truncated;
210 left -= len;
211 cur += len;
212 if (rule->mbr_object.mbo_flags) {
213 if (rule->mbr_object.mbo_neg == MBO_ALL_FLAGS) {
214 len = snprintf(cur, left, "not ");
215 if (len < 0 || len > left)
216 goto truncated;
217 left -= len;
218 cur += len;
219 notdone = 1;
220 } else {
221 notdone = 0;
222 }
223
224 if (!notdone && (rule->mbr_object.mbo_neg & MBO_UID_DEFINED)) {
225 len = snprintf(cur, left, "! ");
226 if (len < 0 || len > left)
227 goto truncated;
228 left -= len;
229 cur += len;
230 }
231 if (rule->mbr_object.mbo_flags & MBO_UID_DEFINED) {
232 pwd = getpwuid(rule->mbr_object.mbo_uid_min);
233 if (pwd != NULL) {
234 len = snprintf(cur, left, "uid %s",
235 pwd->pw_name);
236 if (len < 0 || len > left)
237 goto truncated;
238 left -= len;
239 cur += len;
240 } else {
241 len = snprintf(cur, left, "uid %u",
242 rule->mbr_object.mbo_uid_min);
243 if (len < 0 || len > left)
244 goto truncated;
245 left -= len;
246 cur += len;
247 }
248 if (rule->mbr_object.mbo_uid_min !=
249 rule->mbr_object.mbo_uid_max) {
250 pwd = getpwuid(rule->mbr_object.mbo_uid_max);
251 if (pwd != NULL) {
252 len = snprintf(cur, left, ":%s ",
253 pwd->pw_name);
254 if (len < 0 || len > left)
255 goto truncated;
256 left -= len;
257 cur += len;
258 } else {
259 len = snprintf(cur, left, ":%u ",
260 rule->mbr_object.mbo_uid_max);
261 if (len < 0 || len > left)
262 goto truncated;
263 left -= len;
264 cur += len;
265 }
266 } else {
267 len = snprintf(cur, left, " ");
268 if (len < 0 || len > left)
269 goto truncated;
270 left -= len;
271 cur += len;
272 }
273 }
274 if (!notdone && (rule->mbr_object.mbo_neg & MBO_GID_DEFINED)) {
275 len = snprintf(cur, left, "! ");
276 if (len < 0 || len > left)
277 goto truncated;
278 left -= len;
279 cur += len;
280 }
281 if (rule->mbr_object.mbo_flags & MBO_GID_DEFINED) {
282 grp = getgrgid(rule->mbr_object.mbo_gid_min);
283 if (grp != NULL) {
284 len = snprintf(cur, left, "gid %s",
285 grp->gr_name);
286 if (len < 0 || len > left)
287 goto truncated;
288 left -= len;
289 cur += len;
290 } else {
291 len = snprintf(cur, left, "gid %u",
292 rule->mbr_object.mbo_gid_min);
293 if (len < 0 || len > left)
294 goto truncated;
295 left -= len;
296 cur += len;
297 }
298 if (rule->mbr_object.mbo_gid_min !=
299 rule->mbr_object.mbo_gid_max) {
300 grp = getgrgid(rule->mbr_object.mbo_gid_max);
301 if (grp != NULL) {
302 len = snprintf(cur, left, ":%s ",
303 grp->gr_name);
304 if (len < 0 || len > left)
305 goto truncated;
306 left -= len;
307 cur += len;
308 } else {
309 len = snprintf(cur, left, ":%u ",
310 rule->mbr_object.mbo_gid_max);
311 if (len < 0 || len > left)
312 goto truncated;
313 left -= len;
314 cur += len;
315 }
316 } else {
317 len = snprintf(cur, left, " ");
318 if (len < 0 || len > left)
319 goto truncated;
320 left -= len;
321 cur += len;
322 }
323 }
324 if (!notdone && (rule->mbr_object.mbo_neg & MBO_FSID_DEFINED)) {
325 len = snprintf(cur, left, "! ");
326 if (len < 0 || len > left)
327 goto truncated;
328 left -= len;
329 cur += len;
330 }
331 if (rule->mbr_object.mbo_flags & MBO_FSID_DEFINED) {
332 numfs = getmntinfo(&mntbuf, MNT_NOWAIT);
333 for (i = 0; i < numfs; i++)
334 if (memcmp(&(rule->mbr_object.mbo_fsid),
335 &(mntbuf[i].f_fsid),
336 sizeof(mntbuf[i].f_fsid)) == 0)
337 break;
338 len = snprintf(cur, left, "filesys %s ",
339 i == numfs ? "???" : mntbuf[i].f_mntonname);
340 if (len < 0 || len > left)
341 goto truncated;
342 left -= len;
343 cur += len;
344 }
345 if (!notdone && (rule->mbr_object.mbo_neg & MBO_SUID)) {
346 len = snprintf(cur, left, "! ");
347 if (len < 0 || len > left)
348 goto truncated;
349 left -= len;
350 cur += len;
351 }
352 if (rule->mbr_object.mbo_flags & MBO_SUID) {
353 len = snprintf(cur, left, "suid ");
354 if (len < 0 || len > left)
355 goto truncated;
356 left -= len;
357 cur += len;
358 }
359 if (!notdone && (rule->mbr_object.mbo_neg & MBO_SGID)) {
360 len = snprintf(cur, left, "! ");
361 if (len < 0 || len > left)
362 goto truncated;
363 left -= len;
364 cur += len;
365 }
366 if (rule->mbr_object.mbo_flags & MBO_SGID) {
367 len = snprintf(cur, left, "sgid ");
368 if (len < 0 || len > left)
369 goto truncated;
370 left -= len;
371 cur += len;
372 }
373 if (!notdone && (rule->mbr_object.mbo_neg & MBO_UID_SUBJECT)) {
374 len = snprintf(cur, left, "! ");
375 if (len < 0 || len > left)
376 goto truncated;
377 left -= len;
378 cur += len;
379 }
380 if (rule->mbr_object.mbo_flags & MBO_UID_SUBJECT) {
381 len = snprintf(cur, left, "uid_of_subject ");
382 if (len < 0 || len > left)
383 goto truncated;
384 left -= len;
385 cur += len;
386 }
387 if (!notdone && (rule->mbr_object.mbo_neg & MBO_GID_SUBJECT)) {
388 len = snprintf(cur, left, "! ");
389 if (len < 0 || len > left)
390 goto truncated;
391 left -= len;
392 cur += len;
393 }
394 if (rule->mbr_object.mbo_flags & MBO_GID_SUBJECT) {
395 len = snprintf(cur, left, "gid_of_subject ");
396 if (len < 0 || len > left)
397 goto truncated;
398 left -= len;
399 cur += len;
400 }
401 if (!notdone && (rule->mbr_object.mbo_neg & MBO_TYPE_DEFINED)) {
402 len = snprintf(cur, left, "! ");
403 if (len < 0 || len > left)
404 goto truncated;
405 left -= len;
406 cur += len;
407 }
408 if (rule->mbr_object.mbo_flags & MBO_TYPE_DEFINED) {
409 i = 0;
410 if (rule->mbr_object.mbo_type & MBO_TYPE_REG)
411 type[i++] = 'r';
412 if (rule->mbr_object.mbo_type & MBO_TYPE_DIR)
413 type[i++] = 'd';
414 if (rule->mbr_object.mbo_type & MBO_TYPE_BLK)
415 type[i++] = 'b';
416 if (rule->mbr_object.mbo_type & MBO_TYPE_CHR)
417 type[i++] = 'c';
418 if (rule->mbr_object.mbo_type & MBO_TYPE_LNK)
419 type[i++] = 'l';
420 if (rule->mbr_object.mbo_type & MBO_TYPE_SOCK)
421 type[i++] = 's';
422 if (rule->mbr_object.mbo_type & MBO_TYPE_FIFO)
423 type[i++] = 'p';
424 if (rule->mbr_object.mbo_type == MBO_ALL_TYPE) {
425 i = 0;
426 type[i++] = 'a';
427 }
428 type[i++] = '\0';
429 len = snprintf(cur, left, "type %s ", type);
430 if (len < 0 || len > left)
431 goto truncated;
432 left -= len;
433 cur += len;
434 }
435 }
436
437 len = snprintf(cur, left, "mode ");
438 if (len < 0 || len > left)
439 goto truncated;
440 left -= len;
441 cur += len;
442
443 anymode = (rule->mbr_mode & MBI_ALLPERM);
444 unknownmode = (rule->mbr_mode & ~MBI_ALLPERM);
445
446 if (rule->mbr_mode & MBI_ADMIN) {
447 len = snprintf(cur, left, "a");
448 if (len < 0 || len > left)
449 goto truncated;
450
451 left -= len;
452 cur += len;
453 }
454 if (rule->mbr_mode & MBI_READ) {
455 len = snprintf(cur, left, "r");
456 if (len < 0 || len > left)
457 goto truncated;
458
459 left -= len;
460 cur += len;
461 }
462 if (rule->mbr_mode & MBI_STAT) {
463 len = snprintf(cur, left, "s");
464 if (len < 0 || len > left)
465 goto truncated;
466
467 left -= len;
468 cur += len;
469 }
470 if (rule->mbr_mode & MBI_WRITE) {
471 len = snprintf(cur, left, "w");
472 if (len < 0 || len > left)
473 goto truncated;
474
475 left -= len;
476 cur += len;
477 }
478 if (rule->mbr_mode & MBI_EXEC) {
479 len = snprintf(cur, left, "x");
480 if (len < 0 || len > left)
481 goto truncated;
482
483 left -= len;
484 cur += len;
485 }
486 if (!anymode) {
487 len = snprintf(cur, left, "n");
488 if (len < 0 || len > left)
489 goto truncated;
490
491 left -= len;
492 cur += len;
493 }
494 if (unknownmode) {
495 len = snprintf(cur, left, "?");
496 if (len < 0 || len > left)
497 goto truncated;
498
499 left -= len;
500 cur += len;
501 }
502
503 return (0);
504
505 truncated:
506 return (-1);
507 }
508
509 int
510 bsde_parse_uidrange(char *spec, uid_t *min, uid_t *max,
511 size_t buflen, char *errstr){
512 struct passwd *pwd;
513 uid_t uid1, uid2;
514 char *spec1, *spec2, *endp;
515 unsigned long value;
516 size_t len;
517
518 spec2 = spec;
519 spec1 = strsep(&spec2, ":");
520
521 pwd = getpwnam(spec1);
522 if (pwd != NULL)
523 uid1 = pwd->pw_uid;
524 else {
525 value = strtoul(spec1, &endp, 10);
526 if (*endp != '\0') {
527 len = snprintf(errstr, buflen,
528 "invalid uid: '%s'", spec1);
529 return (-1);
530 }
531 uid1 = value;
532 }
533
534 if (spec2 == NULL) {
535 *max = *min = uid1;
536 return (0);
537 }
538
539 pwd = getpwnam(spec2);
540 if (pwd != NULL)
541 uid2 = pwd->pw_uid;
542 else {
543 value = strtoul(spec2, &endp, 10);
544 if (*endp != '\0') {
545 len = snprintf(errstr, buflen,
546 "invalid uid: '%s'", spec2);
547 return (-1);
548 }
549 uid2 = value;
550 }
551
552 *min = uid1;
553 *max = uid2;
554
555 return (0);
556 }
557
558 int
559 bsde_parse_gidrange(char *spec, gid_t *min, gid_t *max,
560 size_t buflen, char *errstr){
561 struct group *grp;
562 gid_t gid1, gid2;
563 char *spec1, *spec2, *endp;
564 unsigned long value;
565 size_t len;
566
567 spec2 = spec;
568 spec1 = strsep(&spec2, ":");
569
570 grp = getgrnam(spec1);
571 if (grp != NULL)
572 gid1 = grp->gr_gid;
573 else {
574 value = strtoul(spec1, &endp, 10);
575 if (*endp != '\0') {
576 len = snprintf(errstr, buflen,
577 "invalid gid: '%s'", spec1);
578 return (-1);
579 }
580 gid1 = value;
581 }
582
583 if (spec2 == NULL) {
584 *max = *min = gid1;
585 return (0);
586 }
587
588 grp = getgrnam(spec2);
589 if (grp != NULL)
590 gid2 = grp->gr_gid;
591 else {
592 value = strtoul(spec2, &endp, 10);
593 if (*endp != '\0') {
594 len = snprintf(errstr, buflen,
595 "invalid gid: '%s'", spec2);
596 return (-1);
597 }
598 gid2 = value;
599 }
600
601 *min = gid1;
602 *max = gid2;
603
604 return (0);
605 }
606
607 int
608 bsde_parse_subject(int argc, char *argv[],
609 struct mac_bsdextended_subject *subject, size_t buflen, char *errstr)
610 {
611 int not_seen, flags;
612 int current, neg, nextnot;
613 char *endp;
614 uid_t uid_min, uid_max;
615 gid_t gid_min, gid_max;
616 int jid;
617 size_t len;
618 long value;
619
620 current = 0;
621 flags = 0;
622 neg = 0;
623 nextnot = 0;
624
625 if (strcmp("not", argv[current]) == 0) {
626 not_seen = 1;
627 current++;
628 } else
629 not_seen = 0;
630
631 while (current < argc) {
632 if (strcmp(argv[current], "uid") == 0) {
633 if (current + 2 > argc) {
634 len = snprintf(errstr, buflen, "uid short");
635 return (-1);
636 }
637 if (flags & MBS_UID_DEFINED) {
638 len = snprintf(errstr, buflen, "one uid only");
639 return (-1);
640 }
641 if (bsde_parse_uidrange(argv[current+1],
642 &uid_min, &uid_max, buflen, errstr) < 0)
643 return (-1);
644 flags |= MBS_UID_DEFINED;
645 if (nextnot) {
646 neg ^= MBS_UID_DEFINED;
647 nextnot = 0;
648 }
649 current += 2;
650 } else if (strcmp(argv[current], "gid") == 0) {
651 if (current + 2 > argc) {
652 len = snprintf(errstr, buflen, "gid short");
653 return (-1);
654 }
655 if (flags & MBS_GID_DEFINED) {
656 len = snprintf(errstr, buflen, "one gid only");
657 return (-1);
658 }
659 if (bsde_parse_gidrange(argv[current+1],
660 &gid_min, &gid_max, buflen, errstr) < 0)
661 return (-1);
662 flags |= MBS_GID_DEFINED;
663 if (nextnot) {
664 neg ^= MBS_GID_DEFINED;
665 nextnot = 0;
666 }
667 current += 2;
668 } else if (strcmp(argv[current], "jailid") == 0) {
669 if (current + 2 > argc) {
670 len = snprintf(errstr, buflen, "prison short");
671 return (-1);
672 }
673 if (flags & MBS_PRISON_DEFINED) {
674 len = snprintf(errstr, buflen, "one jail only");
675 return (-1);
676 }
677 value = strtol(argv[current+1], &endp, 10);
678 if (*endp != '\0') {
679 len = snprintf(errstr, buflen,
680 "invalid jid: '%s'", argv[current+1]);
681 return (-1);
682 }
683 jid = value;
684 flags |= MBS_PRISON_DEFINED;
685 if (nextnot) {
686 neg ^= MBS_PRISON_DEFINED;
687 nextnot = 0;
688 }
689 current += 2;
690 } else if (strcmp(argv[current], "!") == 0) {
691 if (nextnot) {
692 len = snprintf(errstr, buflen,
693 "double negative");
694 return (-1);
695 }
696 nextnot = 1;
697 current += 1;
698 } else {
699 len = snprintf(errstr, buflen, "'%s' not expected",
700 argv[current]);
701 return (-1);
702 }
703 }
704
705 subject->mbs_flags = flags;
706 if (not_seen)
707 subject->mbs_neg = MBS_ALL_FLAGS ^ neg;
708 else
709 subject->mbs_neg = neg;
710 if (flags & MBS_UID_DEFINED) {
711 subject->mbs_uid_min = uid_min;
712 subject->mbs_uid_max = uid_max;
713 }
714 if (flags & MBS_GID_DEFINED) {
715 subject->mbs_gid_min = gid_min;
716 subject->mbs_gid_max = gid_max;
717 }
718 if (flags & MBS_PRISON_DEFINED)
719 subject->mbs_prison = jid;
720
721 return (0);
722 }
723
724 int
725 bsde_parse_type(char *spec, int *type, size_t buflen, char *errstr)
726 {
727 size_t len;
728 int i;
729
730 *type = 0;
731 for (i = 0; i < strlen(spec); i++) {
732 switch (spec[i]) {
733 case 'r':
734 case '-':
735 *type |= MBO_TYPE_REG;
736 break;
737 case 'd':
738 *type |= MBO_TYPE_DIR;
739 break;
740 case 'b':
741 *type |= MBO_TYPE_BLK;
742 break;
743 case 'c':
744 *type |= MBO_TYPE_CHR;
745 break;
746 case 'l':
747 *type |= MBO_TYPE_LNK;
748 break;
749 case 's':
750 *type |= MBO_TYPE_SOCK;
751 break;
752 case 'p':
753 *type |= MBO_TYPE_FIFO;
754 break;
755 case 'a':
756 *type |= MBO_ALL_TYPE;
757 break;
758 default:
759 len = snprintf(errstr, buflen, "Unknown type code: %c",
760 spec[i]);
761 return (-1);
762 }
763 }
764
765 return (0);
766 }
767
768 int
769 bsde_parse_fsid(char *spec, struct fsid *fsid, size_t buflen, char *errstr)
770 {
771 size_t len;
772 struct statfs buf;
773 int i;
774
775 if (statfs(spec, &buf) < 0) {
776 len = snprintf(errstr, buflen, "Unable to get id for %s: %s",
777 spec, strerror(errno));
778 return (-1);
779 }
780
781 *fsid = buf.f_fsid;
782
783 return (0);
784 }
785
786 int
787 bsde_parse_object(int argc, char *argv[],
788 struct mac_bsdextended_object *object, size_t buflen, char *errstr)
789 {
790 int not_seen, flags;
791 int current, neg, nextnot;
792 uid_t uid_min, uid_max;
793 gid_t gid_min, gid_max;
794 int type;
795 struct fsid fsid;
796 size_t len;
797
798 current = 0;
799 flags = 0;
800 neg = 0;
801 nextnot = 0;
802
803 if (strcmp("not", argv[current]) == 0) {
804 not_seen = 1;
805 current++;
806 } else
807 not_seen = 0;
808
809 while (current < argc) {
810 if (strcmp(argv[current], "uid") == 0) {
811 if (current + 2 > argc) {
812 len = snprintf(errstr, buflen, "uid short");
813 return (-1);
814 }
815 if (flags & MBO_UID_DEFINED) {
816 len = snprintf(errstr, buflen, "one uid only");
817 return (-1);
818 }
819 if (bsde_parse_uidrange(argv[current+1],
820 &uid_min, &uid_max, buflen, errstr) < 0)
821 return (-1);
822 flags |= MBO_UID_DEFINED;
823 if (nextnot) {
824 neg ^= MBO_UID_DEFINED;
825 nextnot = 0;
826 }
827 current += 2;
828 } else if (strcmp(argv[current], "gid") == 0) {
829 if (current + 2 > argc) {
830 len = snprintf(errstr, buflen, "gid short");
831 return (-1);
832 }
833 if (flags & MBO_GID_DEFINED) {
834 len = snprintf(errstr, buflen, "one gid only");
835 return (-1);
836 }
837 if (bsde_parse_gidrange(argv[current+1],
838 &gid_min, &gid_max, buflen, errstr) < 0)
839 return (-1);
840 flags |= MBO_GID_DEFINED;
841 if (nextnot) {
842 neg ^= MBO_GID_DEFINED;
843 nextnot = 0;
844 }
845 current += 2;
846 } else if (strcmp(argv[current], "filesys") == 0) {
847 if (current + 2 > argc) {
848 len = snprintf(errstr, buflen, "filesys short");
849 return (-1);
850 }
851 if (flags & MBO_FSID_DEFINED) {
852 len = snprintf(errstr, buflen, "one fsid only");
853 return (-1);
854 }
855 if (bsde_parse_fsid(argv[current+1], &fsid,
856 buflen, errstr) < 0)
857 return (-1);
858 flags |= MBO_FSID_DEFINED;
859 if (nextnot) {
860 neg ^= MBO_FSID_DEFINED;
861 nextnot = 0;
862 }
863 current += 2;
864 } else if (strcmp(argv[current], "suid") == 0) {
865 flags |= MBO_SUID;
866 if (nextnot) {
867 neg ^= MBO_SUID;
868 nextnot = 0;
869 }
870 current += 1;
871 } else if (strcmp(argv[current], "sgid") == 0) {
872 flags |= MBO_SGID;
873 if (nextnot) {
874 neg ^= MBO_SGID;
875 nextnot = 0;
876 }
877 current += 1;
878 } else if (strcmp(argv[current], "uid_of_subject") == 0) {
879 flags |= MBO_UID_SUBJECT;
880 if (nextnot) {
881 neg ^= MBO_UID_SUBJECT;
882 nextnot = 0;
883 }
884 current += 1;
885 } else if (strcmp(argv[current], "gid_of_subject") == 0) {
886 flags |= MBO_GID_SUBJECT;
887 if (nextnot) {
888 neg ^= MBO_GID_SUBJECT;
889 nextnot = 0;
890 }
891 current += 1;
892 } else if (strcmp(argv[current], "type") == 0) {
893 if (current + 2 > argc) {
894 len = snprintf(errstr, buflen, "type short");
895 return (-1);
896 }
897 if (flags & MBO_TYPE_DEFINED) {
898 len = snprintf(errstr, buflen, "one type only");
899 return (-1);
900 }
901 if (bsde_parse_type(argv[current+1], &type,
902 buflen, errstr) < 0)
903 return (-1);
904 flags |= MBO_TYPE_DEFINED;
905 if (nextnot) {
906 neg ^= MBO_TYPE_DEFINED;
907 nextnot = 0;
908 }
909 current += 2;
910 } else if (strcmp(argv[current], "!") == 0) {
911 if (nextnot) {
912 len = snprintf(errstr, buflen,
913 "double negative'");
914 return (-1);
915 }
916 nextnot = 1;
917 current += 1;
918 } else {
919 len = snprintf(errstr, buflen, "'%s' not expected",
920 argv[current]);
921 return (-1);
922 }
923 }
924
925 object->mbo_flags = flags;
926 if (not_seen)
927 object->mbo_neg = MBO_ALL_FLAGS ^ neg;
928 else
929 object->mbo_neg = neg;
930 if (flags & MBO_UID_DEFINED) {
931 object->mbo_uid_min = uid_min;
932 object->mbo_uid_max = uid_max;
933 }
934 if (flags & MBO_GID_DEFINED) {
935 object->mbo_gid_min = gid_min;
936 object->mbo_gid_max = gid_max;
937 }
938 if (flags & MBO_FSID_DEFINED)
939 object->mbo_fsid = fsid;
940 if (flags & MBO_TYPE_DEFINED)
941 object->mbo_type = type;
942
943 return (0);
944 }
945
946 int
947 bsde_parse_mode(int argc, char *argv[], mode_t *mode, size_t buflen,
948 char *errstr)
949 {
950 size_t len;
951 int i;
952
953 if (argc == 0) {
954 len = snprintf(errstr, buflen, "mode expects mode value");
955 return (-1);
956 }
957
958 if (argc != 1) {
959 len = snprintf(errstr, buflen, "'%s' unexpected", argv[1]);
960 return (-1);
961 }
962
963 *mode = 0;
964 for (i = 0; i < strlen(argv[0]); i++) {
965 switch (argv[0][i]) {
966 case 'a':
967 *mode |= MBI_ADMIN;
968 break;
969 case 'r':
970 *mode |= MBI_READ;
971 break;
972 case 's':
973 *mode |= MBI_STAT;
974 break;
975 case 'w':
976 *mode |= MBI_WRITE;
977 break;
978 case 'x':
979 *mode |= MBI_EXEC;
980 break;
981 case 'n':
982 /* ignore */
983 break;
984 default:
985 len = snprintf(errstr, buflen, "Unknown mode letter: %c",
986 argv[0][i]);
987 return (-1);
988 }
989 }
990
991 return (0);
992 }
993
994 int
995 bsde_parse_rule(int argc, char *argv[], struct mac_bsdextended_rule *rule,
996 size_t buflen, char *errstr)
997 {
998 int subject, subject_elements, subject_elements_length;
999 int object, object_elements, object_elements_length;
1000 int mode, mode_elements, mode_elements_length;
1001 int error, i;
1002 size_t len;
1003
1004 bzero(rule, sizeof(*rule));
1005
1006 if (argc < 1) {
1007 len = snprintf(errstr, buflen, "Rule must begin with subject");
1008 return (-1);
1009 }
1010
1011 if (strcmp(argv[0], "subject") != 0) {
1012 len = snprintf(errstr, buflen, "Rule must begin with subject");
1013 return (-1);
1014 }
1015 subject = 0;
1016 subject_elements = 1;
1017
1018 /* Search forward for object. */
1019
1020 object = -1;
1021 for (i = 1; i < argc; i++)
1022 if (strcmp(argv[i], "object") == 0)
1023 object = i;
1024
1025 if (object == -1) {
1026 len = snprintf(errstr, buflen, "Rule must contain an object");
1027 return (-1);
1028 }
1029
1030 /* Search forward for mode. */
1031 mode = -1;
1032 for (i = object; i < argc; i++)
1033 if (strcmp(argv[i], "mode") == 0)
1034 mode = i;
1035
1036 if (mode == -1) {
1037 len = snprintf(errstr, buflen, "Rule must contain mode");
1038 return (-1);
1039 }
1040
1041 subject_elements_length = object - subject - 1;
1042 object_elements = object + 1;
1043 object_elements_length = mode - object_elements;
1044 mode_elements = mode + 1;
1045 mode_elements_length = argc - mode_elements;
1046
1047 error = bsde_parse_subject(subject_elements_length,
1048 argv + subject_elements, &rule->mbr_subject, buflen, errstr);
1049 if (error)
1050 return (-1);
1051
1052 error = bsde_parse_object(object_elements_length,
1053 argv + object_elements, &rule->mbr_object, buflen, errstr);
1054 if (error)
1055 return (-1);
1056
1057 error = bsde_parse_mode(mode_elements_length, argv + mode_elements,
1058 &rule->mbr_mode, buflen, errstr);
1059 if (error)
1060 return (-1);
1061
1062 return (0);
1063 }
1064
1065 int
1066 bsde_parse_rule_string(const char *string, struct mac_bsdextended_rule *rule,
1067 size_t buflen, char *errstr)
1068 {
1069 char *stringdup, *stringp, *argv[100], **ap;
1070 int argc, error;
1071
1072 stringp = stringdup = strdup(string);
1073 while (*stringp == ' ' || *stringp == '\t')
1074 stringp++;
1075
1076 argc = 0;
1077 for (ap = argv; (*ap = strsep(&stringp, " \t")) != NULL;) {
1078 argc++;
1079 if (**ap != '\0')
1080 if (++ap >= &argv[100])
1081 break;
1082 }
1083
1084 error = bsde_parse_rule(argc, argv, rule, buflen, errstr);
1085
1086 free(stringdup);
1087
1088 return (error);
1089 }
1090
1091 int
1092 bsde_get_mib(const char *string, int *name, size_t *namelen)
1093 {
1094 size_t len;
1095 int error;
1096
1097 len = *namelen;
1098 error = sysctlnametomib(string, name, &len);
1099 if (error)
1100 return (error);
1101
1102 *namelen = len;
1103 return (0);
1104 }
1105
1106 int
1107 bsde_check_version(size_t buflen, char *errstr)
1108 {
1109 size_t len;
1110 int error;
1111 int version;
1112
1113 len = sizeof(version);
1114 error = sysctlbyname(MIB ".rule_version", &version, &len, NULL, 0);
1115 if (error) {
1116 len = snprintf(errstr, buflen, "version check failed: %s",
1117 strerror(errno));
1118 return (-1);
1119 }
1120 if (version != MB_VERSION) {
1121 len = snprintf(errstr, buflen, "module v%d != library v%d",
1122 version, MB_VERSION);
1123 return (-1);
1124 }
1125 return (0);
1126 }
1127
1128 int
1129 bsde_get_rule_count(size_t buflen, char *errstr)
1130 {
1131 size_t len;
1132 int error;
1133 int rule_count;
1134
1135 len = sizeof(rule_count);
1136 error = sysctlbyname(MIB ".rule_count", &rule_count, &len, NULL, 0);
1137 if (error) {
1138 len = snprintf(errstr, buflen, strerror(errno));
1139 return (-1);
1140 }
1141 if (len != sizeof(rule_count)) {
1142 len = snprintf(errstr, buflen, "Data error in %s.rule_count",
1143 MIB);
1144 return (-1);
1145 }
1146
1147 return (rule_count);
1148 }
1149
1150 int
1151 bsde_get_rule_slots(size_t buflen, char *errstr)
1152 {
1153 size_t len;
1154 int error;
1155 int rule_slots;
1156
1157 len = sizeof(rule_slots);
1158 error = sysctlbyname(MIB ".rule_slots", &rule_slots, &len, NULL, 0);
1159 if (error) {
1160 len = snprintf(errstr, buflen, strerror(errno));
1161 return (-1);
1162 }
1163 if (len != sizeof(rule_slots)) {
1164 len = snprintf(errstr, buflen, "Data error in %s.rule_slots",
1165 MIB);
1166 return (-1);
1167 }
1168
1169 return (rule_slots);
1170 }
1171
1172 /*
1173 * Returns 0 for success;
1174 * Returns -1 for failure;
1175 * Returns -2 for not present
1176 */
1177 int
1178 bsde_get_rule(int rulenum, struct mac_bsdextended_rule *rule, size_t errlen,
1179 char *errstr)
1180 {
1181 int name[10];
1182 size_t len, size;
1183 int error;
1184
1185 if (bsde_check_version(errlen, errstr) != 0)
1186 return (-1);
1187
1188 len = 10;
1189 error = bsde_get_mib(MIB ".rules", name, &len);
1190 if (error) {
1191 len = snprintf(errstr, errlen, "%s: %s", MIB ".rules",
1192 strerror(errno));
1193 return (-1);
1194 }
1195
1196 size = sizeof(*rule);
1197 name[len] = rulenum;
1198 len++;
1199 error = sysctl(name, len, rule, &size, NULL, 0);
1200 if (error == -1 && errno == ENOENT)
1201 return (-2);
1202 if (error) {
1203 len = snprintf(errstr, errlen, "%s.%d: %s", MIB ".rules",
1204 rulenum, strerror(errno));
1205 return (-1);
1206 } else if (size != sizeof(*rule)) {
1207 len = snprintf(errstr, errlen, "Data error in %s.%d: %s",
1208 MIB ".rules", rulenum, strerror(errno));
1209 return (-1);
1210 }
1211
1212 return (0);
1213 }
1214
1215 int
1216 bsde_delete_rule(int rulenum, size_t buflen, char *errstr)
1217 {
1218 struct mac_bsdextended_rule rule;
1219 int name[10];
1220 size_t len, size;
1221 int error;
1222
1223 if (bsde_check_version(buflen, errstr) != 0)
1224 return (-1);
1225
1226 len = 10;
1227 error = bsde_get_mib(MIB ".rules", name, &len);
1228 if (error) {
1229 len = snprintf(errstr, buflen, "%s: %s", MIB ".rules",
1230 strerror(errno));
1231 return (-1);
1232 }
1233
1234 name[len] = rulenum;
1235 len++;
1236
1237 size = sizeof(rule);
1238 error = sysctl(name, len, NULL, NULL, &rule, 0);
1239 if (error) {
1240 len = snprintf(errstr, buflen, "%s.%d: %s", MIB ".rules",
1241 rulenum, strerror(errno));
1242 return (-1);
1243 }
1244
1245 return (0);
1246 }
1247
1248 int
1249 bsde_set_rule(int rulenum, struct mac_bsdextended_rule *rule, size_t buflen,
1250 char *errstr)
1251 {
1252 int name[10];
1253 size_t len, size;
1254 int error;
1255
1256 if (bsde_check_version(buflen, errstr) != 0)
1257 return (-1);
1258
1259 len = 10;
1260 error = bsde_get_mib(MIB ".rules", name, &len);
1261 if (error) {
1262 len = snprintf(errstr, buflen, "%s: %s", MIB ".rules",
1263 strerror(errno));
1264 return (-1);
1265 }
1266
1267 name[len] = rulenum;
1268 len++;
1269
1270 size = sizeof(*rule);
1271 error = sysctl(name, len, NULL, NULL, rule, size);
1272 if (error) {
1273 len = snprintf(errstr, buflen, "%s.%d: %s", MIB ".rules",
1274 rulenum, strerror(errno));
1275 return (-1);
1276 }
1277
1278 return (0);
1279 }
1280
1281 int
1282 bsde_add_rule(int *rulenum, struct mac_bsdextended_rule *rule, size_t buflen,
1283 char *errstr)
1284 {
1285 char charstr[BUFSIZ];
1286 int name[10];
1287 size_t len, size;
1288 int error, rule_slots;
1289
1290 if (bsde_check_version(buflen, errstr) != 0)
1291 return (-1);
1292
1293 len = 10;
1294 error = bsde_get_mib(MIB ".rules", name, &len);
1295 if (error) {
1296 len = snprintf(errstr, buflen, "%s: %s", MIB ".rules",
1297 strerror(errno));
1298 return (-1);
1299 }
1300
1301 rule_slots = bsde_get_rule_slots(BUFSIZ, charstr);
1302 if (rule_slots == -1) {
1303 len = snprintf(errstr, buflen, "unable to get rule slots: %s",
1304 strerror(errno));
1305 return (-1);
1306 }
1307
1308 name[len] = rule_slots;
1309 len++;
1310
1311 size = sizeof(*rule);
1312 error = sysctl(name, len, NULL, NULL, rule, size);
1313 if (error) {
1314 len = snprintf(errstr, buflen, "%s.%d: %s", MIB ".rules",
1315 rule_slots, strerror(errno));
1316 return (-1);
1317 }
1318
1319 if (rulenum != NULL)
1320 *rulenum = rule_slots;
1321
1322 return (0);
1323 }
FreeBSD kvm: FreeBSD sources