Audit arguments to System V IPC system calls implementing sempahores,
message queues, and shared memory. Obtained from: TrustedBSD Project MFC after: 3 weeks Sponsored by: DARPA, AFRL
This commit is contained in:
parent
f907080983
commit
1c2da02938
@ -18,6 +18,7 @@
|
||||
*/
|
||||
/*-
|
||||
* Copyright (c) 2003-2005 McAfee, Inc.
|
||||
* Copyright (c) 2016-2017 Robert N. M. Watson
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project in part by McAfee
|
||||
@ -25,6 +26,11 @@
|
||||
* contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research
|
||||
* program.
|
||||
*
|
||||
* Portions of this software were developed by BAE Systems, the University of
|
||||
* Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL
|
||||
* contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent
|
||||
* Computing (TC) research program.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
@ -508,6 +514,8 @@ kern_msgctl(td, msqid, cmd, msqbuf)
|
||||
if (rpr == NULL)
|
||||
return (ENOSYS);
|
||||
|
||||
AUDIT_ARG_SVIPC_CMD(cmd);
|
||||
AUDIT_ARG_SVIPC_ID(msqid);
|
||||
msqix = IPCID_TO_IX(msqid);
|
||||
|
||||
if (msqix < 0 || msqix >= msginfo.msgmni) {
|
||||
@ -579,6 +587,7 @@ kern_msgctl(td, msqid, cmd, msqbuf)
|
||||
break;
|
||||
|
||||
case IPC_SET:
|
||||
AUDIT_ARG_SVIPC_PERM(&msqbuf->msg_perm);
|
||||
if ((error = ipcperm(td, &msqkptr->u.msg_perm, IPC_M)))
|
||||
goto done2;
|
||||
if (msqbuf->msg_qbytes > msqkptr->u.msg_qbytes) {
|
||||
@ -667,6 +676,8 @@ sys_msgget(td, uap)
|
||||
error = EEXIST;
|
||||
goto done2;
|
||||
}
|
||||
AUDIT_ARG_SVIPC_ID(IXSEQ_TO_IPCID(msqid,
|
||||
msqkptr->u.msg_perm));
|
||||
if ((error = ipcperm(td, &msqkptr->u.msg_perm,
|
||||
msgflg & 0700))) {
|
||||
DPRINTF(("requester doesn't have 0%o access\n",
|
||||
@ -735,6 +746,7 @@ sys_msgget(td, uap)
|
||||
#ifdef MAC
|
||||
mac_sysvmsq_create(cred, msqkptr);
|
||||
#endif
|
||||
AUDIT_ARG_SVIPC_PERM(&msqkptr->u.msg_perm);
|
||||
} else {
|
||||
DPRINTF(("didn't find it and wasn't asked to create it\n"));
|
||||
error = ENOENT;
|
||||
@ -780,6 +792,7 @@ kern_msgsnd(td, msqid, msgp, msgsz, msgflg, mtype)
|
||||
return (ENOSYS);
|
||||
|
||||
mtx_lock(&msq_mtx);
|
||||
AUDIT_ARG_SVIPC_ID(msqid);
|
||||
msqix = IPCID_TO_IX(msqid);
|
||||
|
||||
if (msqix < 0 || msqix >= msginfo.msgmni) {
|
||||
@ -790,6 +803,7 @@ kern_msgsnd(td, msqid, msgp, msgsz, msgflg, mtype)
|
||||
}
|
||||
|
||||
msqkptr = &msqids[msqix];
|
||||
AUDIT_ARG_SVIPC_PERM(&msqkptr->u.msg_perm);
|
||||
if (msqkptr->u.msg_qbytes == 0) {
|
||||
DPRINTF(("no such message queue id\n"));
|
||||
error = EINVAL;
|
||||
@ -1152,6 +1166,7 @@ kern_msgrcv(td, msqid, msgp, msgsz, msgtyp, msgflg, mtype)
|
||||
if (rpr == NULL)
|
||||
return (ENOSYS);
|
||||
|
||||
AUDIT_ARG_SVIPC_ID(msqid);
|
||||
msqix = IPCID_TO_IX(msqid);
|
||||
|
||||
if (msqix < 0 || msqix >= msginfo.msgmni) {
|
||||
@ -1162,6 +1177,7 @@ kern_msgrcv(td, msqid, msgp, msgsz, msgtyp, msgflg, mtype)
|
||||
|
||||
msqkptr = &msqids[msqix];
|
||||
mtx_lock(&msq_mtx);
|
||||
AUDIT_ARG_SVIPC_PERM(&msqkptr->u.msg_perm);
|
||||
if (msqkptr->u.msg_qbytes == 0) {
|
||||
DPRINTF(("no such message queue id\n"));
|
||||
error = EINVAL;
|
||||
|
@ -7,6 +7,7 @@
|
||||
*/
|
||||
/*-
|
||||
* Copyright (c) 2003-2005 McAfee, Inc.
|
||||
* Copyright (c) 2016-2017 Robert N. M. Watson
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project in part by McAfee
|
||||
@ -14,6 +15,11 @@
|
||||
* contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research
|
||||
* program.
|
||||
*
|
||||
* Portions of this software were developed by BAE Systems, the University of
|
||||
* Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL
|
||||
* contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent
|
||||
* Computing (TC) research program.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
@ -691,6 +697,9 @@ kern_semctl(struct thread *td, int semid, int semnum, int cmd,
|
||||
DPRINTF(("call to semctl(%d, %d, %d, 0x%p)\n",
|
||||
semid, semnum, cmd, arg));
|
||||
|
||||
AUDIT_ARG_SVIPC_CMD(cmd);
|
||||
AUDIT_ARG_SVIPC_ID(semid);
|
||||
|
||||
rpr = sem_find_prison(td->td_ucred);
|
||||
if (sem == NULL)
|
||||
return (ENOSYS);
|
||||
@ -758,6 +767,7 @@ kern_semctl(struct thread *td, int semid, int semnum, int cmd,
|
||||
break;
|
||||
|
||||
case IPC_SET:
|
||||
AUDIT_ARG_SVIPC_PERM(&arg->buf->sem_perm);
|
||||
if ((error = semvalid(semid, rpr, semakptr)) != 0)
|
||||
goto done2;
|
||||
if ((error = ipcperm(td, &semakptr->u.sem_perm, IPC_M)))
|
||||
@ -948,6 +958,8 @@ sys_semget(struct thread *td, struct semget_args *uap)
|
||||
|
||||
DPRINTF(("semget(0x%x, %d, 0%o)\n", key, nsems, semflg));
|
||||
|
||||
AUDIT_ARG_VALUE(semflg);
|
||||
|
||||
if (sem_find_prison(cred) == NULL)
|
||||
return (ENOSYS);
|
||||
|
||||
@ -961,6 +973,7 @@ sys_semget(struct thread *td, struct semget_args *uap)
|
||||
break;
|
||||
}
|
||||
if (semid < seminfo.semmni) {
|
||||
AUDIT_ARG_SVIPC_ID(semid);
|
||||
DPRINTF(("found public key\n"));
|
||||
if ((semflg & IPC_CREAT) && (semflg & IPC_EXCL)) {
|
||||
DPRINTF(("not exclusive\n"));
|
||||
@ -1090,6 +1103,8 @@ sys_semop(struct thread *td, struct semop_args *uap)
|
||||
#endif
|
||||
DPRINTF(("call to semop(%d, %p, %u)\n", semid, sops, nsops));
|
||||
|
||||
AUDIT_ARG_SVIPC_ID(semid);
|
||||
|
||||
rpr = sem_find_prison(td->td_ucred);
|
||||
if (sem == NULL)
|
||||
return (ENOSYS);
|
||||
|
@ -30,6 +30,7 @@
|
||||
*/
|
||||
/*-
|
||||
* Copyright (c) 2003-2005 McAfee, Inc.
|
||||
* Copyright (c) 2016-2017 Robert N. M. Watson
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project in part by McAfee
|
||||
@ -37,6 +38,11 @@
|
||||
* contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research
|
||||
* program.
|
||||
*
|
||||
* Portions of this software were developed by BAE Systems, the University of
|
||||
* Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL
|
||||
* contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent
|
||||
* Computing (TC) research program.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
@ -324,8 +330,10 @@ kern_shmdt_locked(struct thread *td, const void *shmaddr)
|
||||
{
|
||||
struct proc *p = td->td_proc;
|
||||
struct shmmap_state *shmmap_s;
|
||||
#ifdef MAC
|
||||
#if defined(AUDIT) || defined(MAC)
|
||||
struct shmid_kernel *shmsegptr;
|
||||
#endif
|
||||
#ifdef MAC
|
||||
int error;
|
||||
#endif
|
||||
int i;
|
||||
@ -336,6 +344,7 @@ kern_shmdt_locked(struct thread *td, const void *shmaddr)
|
||||
shmmap_s = p->p_vmspace->vm_shm;
|
||||
if (shmmap_s == NULL)
|
||||
return (EINVAL);
|
||||
AUDIT_ARG_SVIPC_ID(shmmap_s->shmid);
|
||||
for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) {
|
||||
if (shmmap_s->shmid != -1 &&
|
||||
shmmap_s->va == (vm_offset_t)shmaddr) {
|
||||
@ -344,8 +353,10 @@ kern_shmdt_locked(struct thread *td, const void *shmaddr)
|
||||
}
|
||||
if (i == shminfo.shmseg)
|
||||
return (EINVAL);
|
||||
#ifdef MAC
|
||||
#if (defined(AUDIT) && defined(KDTRACE_HOOKS)) || defined(MAC)
|
||||
shmsegptr = &shmsegs[IPCID_TO_IX(shmmap_s->shmid)];
|
||||
#endif
|
||||
#ifdef MAC
|
||||
error = mac_sysvshm_check_shmdt(td->td_ucred, shmsegptr);
|
||||
if (error != 0)
|
||||
return (error);
|
||||
@ -382,6 +393,9 @@ kern_shmat_locked(struct thread *td, int shmid, const void *shmaddr,
|
||||
vm_size_t size;
|
||||
int error, i, rv;
|
||||
|
||||
AUDIT_ARG_SVIPC_ID(shmid);
|
||||
AUDIT_ARG_VALUE(shmflg);
|
||||
|
||||
SYSVSHM_ASSERT_LOCKED();
|
||||
rpr = shm_find_prison(td->td_ucred);
|
||||
if (rpr == NULL)
|
||||
@ -493,6 +507,9 @@ kern_shmctl_locked(struct thread *td, int shmid, int cmd, void *buf,
|
||||
if (rpr == NULL)
|
||||
return (ENOSYS);
|
||||
|
||||
AUDIT_ARG_SVIPC_ID(shmid);
|
||||
AUDIT_ARG_SVIPC_CMD(cmd);
|
||||
|
||||
switch (cmd) {
|
||||
/*
|
||||
* It is possible that kern_shmctl is being called from the Linux ABI
|
||||
@ -550,6 +567,7 @@ kern_shmctl_locked(struct thread *td, int shmid, int cmd, void *buf,
|
||||
break;
|
||||
case IPC_SET:
|
||||
shmidp = (struct shmid_ds *)buf;
|
||||
AUDIT_ARG_SVIPC_PERM(&shmidp->shm_perm);
|
||||
error = ipcperm(td, &shmseg->u.shm_perm, IPC_M);
|
||||
if (error != 0)
|
||||
return (error);
|
||||
|
@ -239,6 +239,11 @@ void audit_thread_free(struct thread *td);
|
||||
audit_arg_pid((pid)); \
|
||||
} while (0)
|
||||
|
||||
#define AUDIT_ARG_POSIX_IPC_PERM(uid, gid, mode) do { \
|
||||
if (AUDITING_TD(curthread)) \
|
||||
audit_arg_posix_ipc_perm((uid), (gid), (mod)); \
|
||||
} while (0)
|
||||
|
||||
#define AUDIT_ARG_PROCESS(p) do { \
|
||||
if (AUDITING_TD(curthread)) \
|
||||
audit_arg_process((p)); \
|
||||
@ -289,6 +294,26 @@ void audit_thread_free(struct thread *td);
|
||||
audit_arg_suid((suid)); \
|
||||
} while (0)
|
||||
|
||||
#define AUDIT_ARG_SVIPC_CMD(cmd) do { \
|
||||
if (AUDITING_TD(curthread)) \
|
||||
audit_arg_svipc_cmd((cmd)); \
|
||||
} while (0)
|
||||
|
||||
#define AUDIT_ARG_SVIPC_PERM(perm) do { \
|
||||
if (AUDITING_TD(curthread)) \
|
||||
audit_arg_svipc_perm((perm)); \
|
||||
} while (0)
|
||||
|
||||
#define AUDIT_ARG_SVIPC_ID(id) do { \
|
||||
if (AUDITING_TD(curthread)) \
|
||||
audit_arg_svipc_id((id)); \
|
||||
} while (0)
|
||||
|
||||
#define AUDIT_ARG_SVIPC_ADDR(addr) do { \
|
||||
if (AUDITING_TD(curthread)) \
|
||||
audit_arg_svipc_addr((addr)); \
|
||||
} while (0)
|
||||
|
||||
#define AUDIT_ARG_SVIPC_WHICH(which) do { \
|
||||
if (AUDITING_TD(curthread)) \
|
||||
audit_arg_svipc_which((which)); \
|
||||
@ -375,6 +400,7 @@ void audit_thread_free(struct thread *td);
|
||||
#define AUDIT_ARG_MODE(mode)
|
||||
#define AUDIT_ARG_OWNER(uid, gid)
|
||||
#define AUDIT_ARG_PID(pid)
|
||||
#define AUDIT_ARG_POSIX_IPC_PERM(uid, gid, mode)
|
||||
#define AUDIT_ARG_PROCESS(p)
|
||||
#define AUDIT_ARG_RGID(rgid)
|
||||
#define AUDIT_ARG_RIGHTS(rights)
|
||||
@ -385,6 +411,10 @@ void audit_thread_free(struct thread *td);
|
||||
#define AUDIT_ARG_SOCKET(sodomain, sotype, soprotocol)
|
||||
#define AUDIT_ARG_SOCKADDR(td, dirfd, sa)
|
||||
#define AUDIT_ARG_SUID(suid)
|
||||
#define AUDIT_ARG_SVIPC_CMD(cmd)
|
||||
#define AUDIT_ARG_SVIPC_PERM(perm)
|
||||
#define AUDIT_ARG_SVIPC_ID(id)
|
||||
#define AUDIT_ARG_SVIPC_ADDR(addr)
|
||||
#define AUDIT_ARG_SVIPC_WHICH(which)
|
||||
#define AUDIT_ARG_TEXT(text)
|
||||
#define AUDIT_ARG_UID(uid)
|
||||
|
Loading…
x
Reference in New Issue
Block a user