In mac_bsdextended's auditctl and acct policy access control checks,

return success if the passed vnode pointer is NULL (rather than panicking). This can occur if either audit or accounting are disabled while the policy is running. Since the swapoff control has no real relevance to this policy, which is concerned about intent to write rather than water under the bridge, remove it. PR: kern/126100 Reported by: Alan Amesbury <amesbury at umn dot edu> MFC after: 3 days
2008-07-31 20:49:12 +00:00 · 2008-07-31 20:49:12 +00:00 · e3839f1499
commit e3839f1499
parent cedc71acdf
1 changed files with 8 additions and 11 deletions
--- a/sys/security/mac_bsdextended/mac_bsdextended.c
+++ b/sys/security/mac_bsdextended/mac_bsdextended.c
@ -451,7 +451,10 @@ ugidfw_system_check_acct(struct ucred *cred, struct vnode *vp,
    struct label *vplabel)
 {

-	return (ugidfw_check_vp(cred, vp, MBI_WRITE));
+	if (vp != NULL)
+		return (ugidfw_check_vp(cred, vp, MBI_WRITE));
+	else
+		return (0);
 }

 static int
@ -459,15 +462,10 @@ ugidfw_system_check_auditctl(struct ucred *cred, struct vnode *vp,
    struct label *vplabel)
 {

-	return (ugidfw_check_vp(cred, vp, MBI_WRITE));
-}
-
-static int
-ugidfw_system_check_swapoff(struct ucred *cred, struct vnode *vp,
-    struct label *vplabel)
-{
-
-	return (ugidfw_check_vp(cred, vp, MBI_WRITE));
+	if (vp != NULL)
+		return (ugidfw_check_vp(cred, vp, MBI_WRITE));
+	else
+		return (0);
 }

 static int
@ -720,7 +718,6 @@ static struct mac_policy_ops ugidfw_ops =
 	.mpo_init = ugidfw_init,
 	.mpo_system_check_acct = ugidfw_system_check_acct,
 	.mpo_system_check_auditctl = ugidfw_system_check_auditctl,
-	.mpo_system_check_swapoff = ugidfw_system_check_swapoff,
 	.mpo_system_check_swapon = ugidfw_system_check_swapon,
 	.mpo_vnode_check_access = ugidfw_vnode_check_access,
 	.mpo_vnode_check_chdir = ugidfw_vnode_check_chdir,