Teach "ls -Z" to use the policy-agnostic MAC label interfaces rather

than the LOMAC-specific interfaces for listing MAC labels.  This permits
ls to view MAC labels in a manner similar to getfmac, when ls is used
with the -l argument.  Next generation LOMAC will use the MAC Framework
so should "just" work with this and other policies.  Not the prettiest
code in the world, but then, neither is ls(1).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories

bin/ls/Makefile

@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PROG=	ls
-SRCS=	cmp.c lomac.c ls.c print.c util.c
+SRCS=	cmp.c ls.c print.c util.c
 NO_WERROR=1
 WFORMAT=0
 DPADD=	${LIBM}

bin/ls/lomac.c

@@ -1,155 +0,0 @@
-/*-
- * Copyright (c) 2001 Networks Associates Technology, Inc.
- * All rights reserved.
- *
- * This software was developed for the FreeBSD Project by NAI Labs, the
- * Security Research Division of Network Associates, Inc. under
- * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA
- * CHATS research program.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- *    products derived from this software without specific prior written
- *    permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * $Id: lomac.c,v 1.5 2001/11/26 19:25:52 bfeldman Exp $
- */
-
-/*
- * This file encapsulates ls's use of LOMAC's ioctl interface.  ls uses
- * this interface to determine the LOMAC attributes of files.
- */
-
-#include <sys/cdefs.h>
- __FBSDID("$FreeBSD$");
-
-#include <sys/types.h>
-#include <security/lomac/lomacio.h>
-
-#include <err.h>
-#include <fts.h>
-#include <fcntl.h>
-#include <stdlib.h>
-#include <string.h>
-#include <stdio.h>
-#include <unistd.h>
-
-#include "lomac.h"
-
-#define LOMAC_DEVICE "/dev/lomac"
-
-static int devlomac; 			/* file descriptor for LOMAC_DEVICE */
-static struct lomac_fioctl2 ioctl_args;
-
-/* lomac_start()
- *
- * in:     nothing
- * out:    nothing
- * return: nothing
- *
- * Makes `devlomac' a fd to LOMAC_DEVICE
- */
-
-void 
-lomac_start(void)
-{
-	if ((devlomac = open(LOMAC_DEVICE, O_RDWR)) == -1)
-		err(1, "cannot open %s", LOMAC_DEVICE);
-}
-
-/* lomac_stop()
- *
- * in:     nothing
- * out:    nothing
- * return: nothing
- *
- * Closes `devlomac', the fd to LOMAC_DEVICE.
- */
-
-void 
-lomac_stop(void)
-{
-	if (close(devlomac) == -1)
-		err(1, "cannot close %s", LOMAC_DEVICE);
-}
-
-/* get_lattr()
- *
- * in:     ent - FTSENT describing file whose LOMAC attributes we wish to know
- * out:    nothing
- * return: a string describing `ent's LOMAC attributes
- *
- * This function uses LOMAC's ioctl interface to determine the LOMAC
- * attributes of the file described by `ent'.  
- *
- * This function dynamically allocates memory for the attribute strings.
- * The caller is responsible for eventually deallocating these strings.
- */
-
-char *
-get_lattr(const FTSENT *ent)
-{
-	char *lattr;
-
-#ifdef NOT_NOW
-	printf("p%d n%d\n", ent->fts_pathlen, ent->fts_namelen);
-	printf("ftscycle %x\n", ent->fts_cycle);
-	printf("ftsparent %x\n", ent->fts_parent);
-	printf("ftslink %x\n", ent->fts_link);
-	printf("ftsnumber %x\n", ent->fts_number);
-	printf("ftslevel %x\n", ent->fts_level);
-	if (ent->fts_pathlen > 0)
-		printf("%x : %s\n", ent->fts_path, ent->fts_path);
-	else
-		printf("length 0 path\n");
-	if (ent->fts_namelen > 0)
-		printf("%x : %s\n", ent->fts_name, ent->fts_name);
-	else
-		printf("length 0 name\n");
-#endif
-	/*
-	 * We use ent->fts_level to determine whether or not ent->fts_path
-	 * is valid.  This is a hack, but the FTS code doesn't seem to
-	 * NULL the first byte of fts_path or zero fts_pathlen when fts_path
-	 * is invalid, so there didn't seem to be a better way of doing it.
-	 */
-	if (ent->fts_level > 0) {
-		strncpy(ioctl_args.path, ent->fts_path, MAXPATHLEN - 1);
-		strncat(ioctl_args.path, "/",
-		    MAXPATHLEN - strlen(ioctl_args.path) - 1);
-		strncat(ioctl_args.path, ent->fts_accpath,
-		    MAXPATHLEN - strlen(ioctl_args.path) - 1);
-	} else
-		strncpy(ioctl_args.path, ent->fts_accpath, MAXPATHLEN - 1);
-	if (ioctl(devlomac, LIOGETFLATTR, &ioctl_args) == -1)
-		err(1, "ioctl");
-
-	/* we use ioctl_args.path as scratch space to build lattr */
-	if (ioctl_args.flags != 0)
-		asprintf(&lattr, "%d.%x", ioctl_args.level, ioctl_args.flags);
-	else
-		asprintf(&lattr, "%d", ioctl_args.level);
-
-	if (lattr == NULL)
-		err(1, "lattr");
-	return (lattr);
-}

bin/ls/lomac.h

@@ -1,40 +0,0 @@
-/*-
- * Copyright (c) 2001 Networks Associates Technology, Inc.
- * All rights reserved.
- *
- * This software was developed for the FreeBSD Project by NAI Labs, the
- * Security Research Division of Network Associates, Inc. under
- * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA
- * CHATS research program.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- *    products derived from this software without specific prior written
- *    permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * $Id: lomac.h,v 1.3 2001/11/26 19:23:02 bfeldman Exp $
- * $FreeBSD$
- */
-
-void lomac_start(void);
-void lomac_stop(void);
-char *get_lattr(const FTSENT *);

bin/ls/ls.1

@@ -146,7 +146,7 @@ month, day, hour, minute, second, and year.
 .It Fl W
 Display whiteouts when scanning directories.
 .It Fl Z
-Display each file's LOMAC level.
+Display each file's MAC label.
 .It Fl a
 Include directory entries whose names begin with a
 dot
@@ -303,7 +303,7 @@ option is given, the following information
 is displayed for each file:
 file mode,
 number of links, owner name, group name,
-LOMAC level,
+MAC label,
 number of bytes in the file, abbreviated
 month, day-of-month file was last modified,
 hour file last modified, minute file last
@@ -618,11 +618,6 @@ The group field is now automatically included in the long listing for
 files in order to be compatible with the
 .St -p1003.2
 specification.
-.Sh FILES
-.Bl -tag -width ".Pa /dev/lomac" -compact
-.It Pa /dev/lomac
-interface used to query the
-.Xr lomac 4
 KLD
 .El
 .Sh SEE ALSO
@@ -630,7 +625,6 @@ KLD
 .Xr chmod 1 ,
 .Xr sort 1 ,
 .Xr xterm 1 ,
-.Xr lomac 4 ,
 .Xr termcap 5 ,
 .Xr symlink 7 ,
 .Xr sticky 8

bin/ls/ls.c

@@ -51,6 +51,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/ioctl.h>
+#include <sys/mac.h>
 
 #include <dirent.h>
 #include <err.h>
@@ -71,7 +72,6 @@ __FBSDID("$FreeBSD$");
 
 #include "ls.h"
 #include "extern.h"
-#include "lomac.h"
 
 /*
  * Upward approximation of the maximum number of characters needed to
@@ -80,7 +80,7 @@ __FBSDID("$FreeBSD$");
  */
 #define	STRBUF_SIZEOF(t)	(1 + CHAR_BIT * sizeof(t) / 3 + 1)
 
-static void	 display(FTSENT *, FTSENT *);
+static void	 display(FTSENT *, FTSENT *, int);
 static u_quad_t	 makenines(u_long);
 static int	 mastercmp(const FTSENT * const *, const FTSENT * const *);
 static void	 traverse(int, char **, int);
@@ -118,7 +118,7 @@ static int f_singlecol;		/* use single column output */
 static int f_timesort;		/* sort by time vice name */
        int f_type;		/* add type character for non-regular files */
 static int f_whiteout;		/* show whiteout entries */
-       int f_lomac;		/* show LOMAC attributes */
+       int f_label;		/* show MAC label */
 #ifdef COLORLS
        int f_color;		/* add type in color for non-regular files */
 
@@ -300,7 +300,7 @@ main(int argc, char *argv[])
 			f_octal_escape = 0;
 			break;
 		case 'Z':
-			f_lomac = 1;
+			f_label = 1;
 			break;
 		default:
 		case '?':
@@ -440,7 +440,7 @@ traverse(int argc, char *argv[], int options)
 	    fts_open(argv, options, f_nosort ? NULL : mastercmp)) == NULL)
 		err(1, "fts_open");
 
-	display(NULL, fts_children(ftsp, 0));
+	display(NULL, fts_children(ftsp, 0), options);
 	if (f_listdir)
 		return;
 
@@ -480,7 +480,7 @@ traverse(int argc, char *argv[], int options)
 				output = 1;
 			}
 			chp = fts_children(ftsp, ch_options);
-			display(p, chp);
+			display(p, chp, options);
 
 			if (!f_recursive && chp != NULL)
 				(void)fts_set(ftsp, p, FTS_SKIP);
@@ -498,14 +498,15 @@ traverse(int argc, char *argv[], int options)
  * points to the parent directory of the display list.
  */
 static void
-display(FTSENT *p, FTSENT *list)
+display(FTSENT *p, FTSENT *list, int options)
 {
 	struct stat *sp;
 	DISPLAY d;
 	FTSENT *cur;
 	NAMES *np;
 	off_t maxsize;
-	u_long btotal, lattrlen, maxblock, maxinode, maxlen, maxnlink, maxlattr;
+	u_long btotal, labelstrlen, maxblock, maxinode, maxlen, maxnlink;
+	u_long maxlabelstr;
 	int bcfile, maxflags;
 	gid_t maxgroup;
 	uid_t maxuser;
@@ -513,7 +514,7 @@ display(FTSENT *p, FTSENT *list)
 	char *initmax;
 	int entries, needstats;
 	const char *user, *group;
-	char *flags, *lattr = NULL;
+	char *flags, *labelstr = NULL;
 	char buf[STRBUF_SIZEOF(u_quad_t) + 1];
 	char ngroup[STRBUF_SIZEOF(uid_t) + 1];
 	char nuser[STRBUF_SIZEOF(gid_t) + 1];
@@ -533,7 +534,7 @@ display(FTSENT *p, FTSENT *list)
 	btotal = 0;
 	initmax = getenv("LS_COLWIDTHS");
 	/* Fields match -lios order.  New ones should be added at the end. */
-	maxlattr = maxblock = maxinode = maxlen = maxnlink =
+	maxlabelstr = maxblock = maxinode = maxlen = maxnlink =
 	    maxuser = maxgroup = maxflags = maxsize = 0;
 	if (initmax != NULL && *initmax != '\0') {
 		char *initmax2, *jinitmax;
@@ -563,7 +564,7 @@ display(FTSENT *p, FTSENT *list)
 		ninitmax = sscanf(jinitmax,
 		    " %lu : %lu : %lu : %i : %i : %i : %llu : %lu : %lu ",
 		    &maxinode, &maxblock, &maxnlink, &maxuser,
-		    &maxgroup, &maxflags, &maxsize, &maxlen, &maxlattr);
+		    &maxgroup, &maxflags, &maxsize, &maxlen, &maxlabelstr);
 		f_notabs = 1;
 		switch (ninitmax) {
 		case 0:
@@ -591,7 +592,7 @@ display(FTSENT *p, FTSENT *list)
 			maxlen = 0;
 			/* FALLTHROUGH */
 		case 8:
-			maxlattr = 0;
+			maxlabelstr = 0;
 			/* FALLTHROUGH */
 #ifdef COLORLS
 			if (!f_color)
@@ -606,8 +607,6 @@ display(FTSENT *p, FTSENT *list)
 		maxnlink = makenines(maxnlink);
 		maxsize = makenines(maxsize);
 	}
-	if (f_lomac)
-		lomac_start();
 	bcfile = 0;
 	flags = NULL;
 	for (cur = list, entries = 0; cur; cur = cur->fts_link) {
@@ -684,16 +683,51 @@ display(FTSENT *p, FTSENT *list)
 						maxflags = flen;
 				} else
 					flen = 0;
-				lattr = NULL;
-				if (f_lomac) {
-					lattr = get_lattr(cur);
-					lattrlen = strlen(lattr);
-					if (lattrlen > maxlattr)
-						maxlattr = lattrlen;
-				} else
-					lattrlen = 0;
+				labelstr = NULL;
+				if (f_label) {
+					mac_t label;
+					int error;
 
-				if ((np = malloc(sizeof(NAMES) + lattrlen +
+					error = mac_prepare_file_label(&label);
+					if (error == -1) {
+						fprintf(stderr, "%s: %s\n",
+						    cur->fts_name,
+						    strerror(errno));
+						goto label_out;
+					}
+
+					if (options & FTS_LOGICAL)
+						error = mac_get_file(
+						    cur->fts_path, label);
+					else
+						error = mac_get_link(
+						    cur->fts_name, label);
+					if (error == -1) {
+						perror(cur->fts_name);
+						mac_free(label);
+						goto label_out;
+					}
+
+					error = mac_to_text(label,
+					    &labelstr);
+					if (error == -1) {
+						fprintf(stderr, "%s: %s\n",
+						    cur->fts_name,
+						    strerror(errno));
+						mac_free(label);
+						goto label_out;
+					}
+					mac_free(label);
+label_out:
+					if (labelstr == NULL)
+						labelstr = strdup("");
+					labelstrlen = strlen(labelstr);
+					if (labelstrlen > maxlabelstr)
+						maxlabelstr = labelstrlen;
+				} else
+					labelstrlen = 0;
+
+				if ((np = malloc(sizeof(NAMES) + labelstrlen +
 				    ulen + glen + flen + 4)) == NULL)
 					err(1, "malloc");
 
@@ -711,11 +745,11 @@ display(FTSENT *p, FTSENT *list)
 					(void)strcpy(np->flags, flags);
 					free(flags);
 				}
-				if (f_lomac) {
-					np->lattr = &np->data[ulen + glen + 2
+				if (f_label) {
+					np->label = &np->data[ulen + glen + 2
 					    + (f_flags ? flen + 1 : 0)];
-					(void)strcpy(np->lattr, lattr);
-					free(lattr);
+					(void)strcpy(np->label, labelstr);
+					free(labelstr);
 				}
 				cur->fts_pointer = np;
 			}
@@ -735,7 +769,7 @@ display(FTSENT *p, FTSENT *list)
 		(void)snprintf(buf, sizeof(buf), "%lu", maxblock);
 		d.s_block = strlen(buf);
 		d.s_flags = maxflags;
-		d.s_lattr = maxlattr;
+		d.s_label = maxlabelstr;
 		d.s_group = maxgroup;
 		(void)snprintf(buf, sizeof(buf), "%lu", maxinode);
 		d.s_inode = strlen(buf);
@@ -751,8 +785,6 @@ display(FTSENT *p, FTSENT *list)
 	if (f_longform)
 		for (cur = list; cur; cur = cur->fts_link)
 			free(cur->fts_pointer);
-	if (f_lomac)
-		lomac_stop();
 }
 
 /*

bin/ls/ls.h

@@ -45,7 +45,7 @@ extern long blocksize;		/* block size units */
 extern int f_accesstime;	/* use time of last access */
 extern int f_flags;		/* show flags associated with a file */
 extern int f_humanval;		/* show human-readable file sizes */
-extern int f_lomac;		/* show LOMAC attributes */
+extern int f_label;		/* show MAC label */
 extern int f_inode;		/* print inode */
 extern int f_longform;		/* long listing format */
 extern int f_octal;		/* print unprintables in octal */
@@ -70,7 +70,7 @@ typedef struct {
 	int maxlen;
 	u_int s_block;
 	u_int s_flags;
-	u_int s_lattr;
+	u_int s_label;
 	u_int s_group;
 	u_int s_inode;
 	u_int s_nlink;
@@ -82,6 +82,6 @@ typedef struct {
 	char *user;
 	char *group;
 	char *flags;
-	char *lattr;
+	char *label;
 	char data[1];
 } NAMES;

bin/ls/print.c

@@ -182,8 +182,8 @@ printlong(DISPLAY *dp)
 		    np->group);
 		if (f_flags)
 			(void)printf("%-*s ", dp->s_flags, np->flags);
-		if (f_lomac)
-			(void)printf("%-*s ", dp->s_lattr, np->lattr);
+		if (f_label)
+			(void)printf("%-*s ", dp->s_label, np->label);
 		if (S_ISCHR(sp->st_mode) || S_ISBLK(sp->st_mode))
 			if (minor(sp->st_rdev) > 255 || minor(sp->st_rdev) < 0)
 				(void)printf("%3d, 0x%08x ",

libexec/ftpd/Makefile

@@ -20,7 +20,7 @@ LDADD+=	-lopie
 
 LSDIR=	../../bin/ls
 .PATH:	${.CURDIR}/${LSDIR}
-SRCS+=	ls.c cmp.c lomac.c print.c util.c
+SRCS+=	ls.c cmp.c print.c util.c
 CFLAGS+=-Dmain=ls_main -I${.CURDIR}/${LSDIR}
 DPADD+=	${LIBM}
 LDADD+=	-lm