Use proper kauth(9) actions/requests for native scheduler stuff and the

recently introduced processor-sets. Discussed with and okay rmind@, yamt@, and christos@.
2008-01-30 17:54:55 +00:00 · 2008-01-30 17:54:55 +00:00 · fb37bad459
commit fb37bad459
parent a524d758da
6 changed files with 118 additions and 24 deletions
--- a/share/examples/secmodel/secmodel_example.c
+++ b/share/examples/secmodel/secmodel_example.c
@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_example.c,v 1.19 2008/01/23 15:04:38 elad Exp $ */
+/* $NetBSD: secmodel_example.c,v 1.20 2008/01/30 17:54:55 elad Exp $ */

 /*
 * This file is placed in the public domain.
@ -13,7 +13,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_example.c,v 1.19 2008/01/23 15:04:38 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_example.c,v 1.20 2008/01/30 17:54:55 elad Exp $");

 #include <sys/types.h>
 #include <sys/param.h>
@ -194,9 +194,22 @@ secmodel_example_system_cb(kauth_cred_t cred, kauth_action_t action,
 		}
 		break;

+	case KAUTH_SYSTEM_PSET:
+		switch (req) {
+		case KAUTH_REQ_SYSTEM_PSET_ASSIGN:
+		case KAUTH_REQ_SYSTEM_PSET_BIND:
+		case KAUTH_REQ_SYSTEM_PSET_CREATE:
+		case KAUTH_REQ_SYSTEM_PSET_DESTROY:
+		default:
+			result = KAUTH_RESULT_DEFER;
+			break;
+		}
+		break;
+
 	case KAUTH_SYSTEM_LKM:
 	case KAUTH_SYSTEM_FILEHANDLE:
 	case KAUTH_SYSTEM_MKNOD:
+	case KAUTH_SYSTEM_MODULE:
 	case KAUTH_SYSTEM_SETIDCORE:
 	case KAUTH_SYSTEM_SWAPCTL:
 	case KAUTH_SYSTEM_ACCOUNTING:
--- a/share/man/man9/kauth.9
+++ b/share/man/man9/kauth.9
@ -1,4 +1,4 @@
-.\" $NetBSD: kauth.9,v 1.64 2008/01/23 15:20:54 elad Exp $
+.\" $NetBSD: kauth.9,v 1.65 2008/01/30 17:54:55 elad Exp $
 .\"
 .\" Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>
 .\" All rights reserved.
@ -25,7 +25,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd January 23, 2008
+.Dd January 30, 2008
 .Dt KAUTH 9
 .Os
 .Sh NAME
@ -255,6 +255,21 @@ is a
 .Ft void *
 with file-system specific data, if any.
 .El
+.It Dv KAUTH_SYSTEM_PSET
+Check processor-set manipulation.
+.Pp
+.Ar req
+can be any of the following:
+.Bl -tag
+.It Dv KAUTH_REQ_SYSTEM_PSET_ASSIGN
+Change processor-set processor assignment.
+.It Dv KAUTH_REQ_SYSTEM_PSET_BIND
+Bind an LWP to a processor-set.
+.It Dv KAUTH_REQ_SYSTEM_PSET_CREATE
+Create a processor-set.
+.It Dv KAUTH_REQ_SYSTEM_PSET_DESTROY
+Destroy a processor-set.
+.El
 .It Dv KAUTH_SYSTEM_REBOOT
 Check if rebooting is allowed.
 .It Dv KAUTH_SYSTEM_SETIDCORE
@ -390,16 +405,20 @@ indicates the class of information being viewed, and can either of
 or
 .Dv KAUTH_REQ_PROCESS_CANSEE_OPENFILES .
 .It Dv KAUTH_PROCESS_SCHEDULER
-Checks whether changing scheduler policy and scheduling parameters is allowed.
+Checks whether viewing or changing scheduler policy, scheduling parameters,
+or scheduler affinity is allowed.
 .Ar arg1
 is the request, and can be
 .Dv KAUTH_REQ_PROCESS_SCHEDULER_GET ,
 .Dv KAUTH_REQ_PROCESS_SCHEDULER_SET ,
 .Dv KAUTH_REQ_PROCESS_SCHEDULER_GETPARAMS ,
-or
 .Dv KAUTH_REQ_PROCESS_SCHEDULER_SETPARAMS ,
-indicating retriving or modifying the scheduler policy and retrieving or
-modifying the scheduling parameters.
+.Dv KAUTH_REQ_PROCESS_SCHEDULER_GETAFFINITY ,
+or
+.Dv KAUTH_REQ_PROCESS_SCHEDULER_SETAFFINITY
+indicating retriving or modifying the scheduler policy, retrieving or
+modifying the scheduling parameters, or retrieving or modifying the
+scheduler affinity.
 .Pp
 For
 .Dv KAUTH_REQ_PROCESS_SCHEDULER_SET ,
--- a/sys/kern/sys_pset.c
+++ b/sys/kern/sys_pset.c
@ -1,4 +1,4 @@
-/*	$NetBSD: sys_pset.c,v 1.3 2008/01/24 14:41:12 rmind Exp $	*/
+/*	$NetBSD: sys_pset.c,v 1.4 2008/01/30 17:54:56 elad Exp $	*/

 /*
 * Copyright (c) 2008, Mindaugas Rasiukevicius <rmind at NetBSD org>
@ -36,7 +36,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sys_pset.c,v 1.3 2008/01/24 14:41:12 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sys_pset.c,v 1.4 2008/01/30 17:54:56 elad Exp $");

 #include <sys/param.h>

@ -243,7 +243,8 @@ sys_pset_create(struct lwp *l, const struct sys_pset_create_args *uap,
 	int error;

 	/* Available only for super-user */
-	if (kauth_authorize_generic(l->l_cred, KAUTH_GENERIC_ISSUSER, NULL))
+	if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_PSET,
+	    KAUTH_REQ_SYSTEM_PSET_CREATE, NULL, NULL, NULL))
 		return EPERM;

 	error = kern_pset_create(&psid);
@ -266,7 +267,9 @@ sys_pset_destroy(struct lwp *l, const struct sys_pset_destroy_args *uap,
 	} */

 	/* Available only for super-user */
-	if (kauth_authorize_generic(l->l_cred, KAUTH_GENERIC_ISSUSER, NULL))
+	if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_PSET,
+	    KAUTH_REQ_SYSTEM_PSET_DESTROY,
+	    KAUTH_ARG(SCARG(uap, psid)), NULL, NULL))
 		return EPERM;

 	return kern_pset_destroy(SCARG(uap, psid));
@ -288,8 +291,9 @@ sys_pset_assign(struct lwp *l, const struct sys_pset_assign_args *uap,
 	int error = 0;

 	/* Available only for super-user, except the case of PS_QUERY */
-	if (kauth_authorize_generic(l->l_cred, KAUTH_GENERIC_ISSUSER, NULL) &&
-	    psid != PS_QUERY)
+	if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_PSET,
+	    KAUTH_REQ_SYSTEM_PSET_ASSIGN, KAUTH_ARG(SCARG(uap, psid)), NULL,
+	    NULL))
 		return EPERM;

 	/* Find the target CPU */
@ -346,8 +350,9 @@ sys__pset_bind(struct lwp *l, const struct sys__pset_bind_args *uap,
 	psid = SCARG(uap, psid);

 	/* Available only for super-user, except the case of PS_QUERY */
-	if (kauth_authorize_generic(l->l_cred, KAUTH_GENERIC_ISSUSER, NULL) &&
-	    psid != PS_QUERY)
+	if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_PSET,
+	    KAUTH_REQ_SYSTEM_PSET_BIND, KAUTH_ARG(SCARG(uap, psid)), NULL,
+	    NULL))
 		return EPERM;

 	mutex_enter(&psets_lock);
--- a/sys/kern/sys_sched.c
+++ b/sys/kern/sys_sched.c
@ -1,4 +1,4 @@
-/*	$NetBSD: sys_sched.c,v 1.7 2008/01/26 17:55:29 rmind Exp $	*/
+/*	$NetBSD: sys_sched.c,v 1.8 2008/01/30 17:54:56 elad Exp $	*/

 /*
 * Copyright (c) 2008, Mindaugas Rasiukevicius <rmind at NetBSD org>
@ -33,7 +33,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sys_sched.c,v 1.7 2008/01/26 17:55:29 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sys_sched.c,v 1.8 2008/01/30 17:54:56 elad Exp $");

 #include <sys/param.h>

@ -118,7 +118,8 @@ sys__sched_setparam(struct lwp *l, const struct sys__sched_setparam_args *uap,
 	int error;

 	/* Available only for super-user */
-	if (kauth_authorize_generic(l->l_cred, KAUTH_GENERIC_ISSUSER, NULL))
+	if (kauth_authorize_process(l->l_cred, KAUTH_PROCESS_SCHEDULER,
+	    KAUTH_ARG(KAUTH_REQ_PROCESS_SCHEDULER_SETPARAM), NULL, NULL, NULL))
 		return EPERM;

 	/* Get the parameters from the user-space */
@ -211,6 +212,10 @@ sys__sched_getparam(struct lwp *l, const struct sys__sched_getparam_args *uap,
 	lwpid_t lid;
 	int error;

+	if (kauth_authorize_process(l->l_cred, KAUTH_PROCESS_SCHEDULER,
+	    KAUTH_ARG(KAUTH_REQ_PROCESS_SCHEDULER_GETPARAM), NULL, NULL, NULL))
+		return EACCES;
+
 	sp = kmem_zalloc(sizeof(struct sched_param), KM_SLEEP);

 	/* If not specified, use the first LWP */
@ -273,7 +278,9 @@ sys__sched_setaffinity(struct lwp *l,
 	int error;

 	/* Available only for super-user */
-	if (kauth_authorize_generic(l->l_cred, KAUTH_GENERIC_ISSUSER, NULL))
+	if (kauth_authorize_process(l->l_cred, KAUTH_PROCESS_SCHEDULER,
+	    l->l_proc, KAUTH_ARG(KAUTH_REQ_PROCESS_SCHEDULER_SETAFFINITY), NULL,
+	    NULL))
 		return EPERM;

 	if (SCARG(uap, size) <= 0)
@ -368,6 +375,11 @@ sys__sched_getaffinity(struct lwp *l,
 	if (SCARG(uap, size) <= 0)
 		return EINVAL;

+	if (kauth_authorize_process(l->l_cred, KAUTH_PROCESS_SCHEDULER,
+	    l->l_proc, KAUTH_ARG(KAUTH_REQ_PROCESS_SCHEDULER_GETAFFINITY), NULL,
+	    NULL))
+		return EACCES;
+
 	cpuset = kmem_zalloc(sizeof(cpuset_t), KM_SLEEP);

 	/* If not specified, use the first LWP */
--- a/sys/secmodel/bsd44/secmodel_bsd44_suser.c
+++ b/sys/secmodel/bsd44/secmodel_bsd44_suser.c
@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_bsd44_suser.c,v 1.46 2008/01/23 15:04:41 elad Exp $ */
+/* $NetBSD: secmodel_bsd44_suser.c,v 1.47 2008/01/30 17:54:56 elad Exp $ */
 /*-
 * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
 * All rights reserved.
@ -38,7 +38,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44_suser.c,v 1.46 2008/01/23 15:04:41 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44_suser.c,v 1.47 2008/01/30 17:54:56 elad Exp $");

 #include <sys/types.h>
 #include <sys/param.h>
@ -235,6 +235,33 @@ secmodel_bsd44_suser_system_cb(kauth_cred_t cred, kauth_action_t action,

 		break;

+	case KAUTH_SYSTEM_PSET: {
+		psetid_t id;
+
+		id = (psetid_t)(unsigned long)arg1;
+
+		switch (req) {
+		case KAUTH_REQ_SYSTEM_PSET_ASSIGN:
+		case KAUTH_REQ_SYSTEM_PSET_BIND:
+			if (isroot || id == PS_QUERY)
+				result = KAUTH_RESULT_ALLOW;
+
+			break;
+
+		case KAUTH_REQ_SYSTEM_PSET_CREATE:
+		case KAUTH_REQ_SYSTEM_PSET_DESTROY:
+			if (isroot)
+				result = KAUTH_RESULT_ALLOW;
+
+			break;
+
+		default:
+			break;
+		}
+
+		break;
+		}
+
 	case KAUTH_SYSTEM_TIME:
 		switch (req) {
 		case KAUTH_REQ_SYSTEM_TIME_ADJTIME:
@ -657,7 +684,7 @@ secmodel_bsd44_suser_process_cb(kauth_cred_t cred, kauth_action_t action,
 	case KAUTH_PROCESS_SCHEDULER: {
 		unsigned long req;

-		req = (unsigned long)arg2;
+		req = (unsigned long)arg1;

 		switch (req) {
 		case KAUTH_REQ_PROCESS_SCHEDULER_GET:
@ -677,6 +704,17 @@ secmodel_bsd44_suser_process_cb(kauth_cred_t cred, kauth_action_t action,

 			break;

+		case KAUTH_REQ_PROCESS_SCHEDULER_GETAFFINITY:
+			result = KAUTH_RESULT_ALLOW;
+
+			break;
+
+		case KAUTH_REQ_PROCESS_SCHEDULER_SETAFFINITY:
+			if (isroot)
+				result = KAUTH_RESULT_ALLOW;
+
+			break;
+
 		default:
 			break;
 		}
--- a/sys/sys/kauth.h
+++ b/sys/sys/kauth.h
@ -1,4 +1,4 @@
-/* $NetBSD: kauth.h,v 1.46 2008/01/23 15:04:41 elad Exp $ */
+/* $NetBSD: kauth.h,v 1.47 2008/01/30 17:54:55 elad Exp $ */

 /*-
 * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>  
@ -88,6 +88,7 @@ enum {
 	KAUTH_SYSTEM_LKM,
 	KAUTH_SYSTEM_MKNOD,
 	KAUTH_SYSTEM_MOUNT,
+	KAUTH_SYSTEM_PSET,
 	KAUTH_SYSTEM_REBOOT,
 	KAUTH_SYSTEM_SETIDCORE,
 	KAUTH_SYSTEM_SWAPCTL,
@ -107,6 +108,10 @@ enum kauth_system_req {
 	KAUTH_REQ_SYSTEM_MOUNT_NEW,
 	KAUTH_REQ_SYSTEM_MOUNT_UNMOUNT,
 	KAUTH_REQ_SYSTEM_MOUNT_UPDATE,
+	KAUTH_REQ_SYSTEM_PSET_ASSIGN,
+	KAUTH_REQ_SYSTEM_PSET_BIND,
+	KAUTH_REQ_SYSTEM_PSET_CREATE,
+	KAUTH_REQ_SYSTEM_PSET_DESTROY,
 	KAUTH_REQ_SYSTEM_SYSCTL_ADD,
 	KAUTH_REQ_SYSTEM_SYSCTL_DELETE,
 	KAUTH_REQ_SYSTEM_SYSCTL_DESC,
@ -155,6 +160,8 @@ enum kauth_process_req {
 	KAUTH_REQ_PROCESS_RLIMIT_SET,
 	KAUTH_REQ_PROCESS_SCHEDULER_GET,
 	KAUTH_REQ_PROCESS_SCHEDULER_SET,
+	KAUTH_REQ_PROCESS_SCHEDULER_GETAFFINITY,
+	KAUTH_REQ_PROCESS_SCHEDULER_SETAFFINITY,
 	KAUTH_REQ_PROCESS_SCHEDULER_GETPARAM,
 	KAUTH_REQ_PROCESS_SCHEDULER_SETPARAM
 };