340 lines
10 KiB
C
340 lines
10 KiB
C
/*
|
|
* Copyright 1991, Silicon Graphics, Inc.
|
|
* All Rights Reserved.
|
|
*
|
|
* This is UNPUBLISHED PROPRIETARY SOURCE CODE of Silicon Graphics, Inc.;
|
|
* the contents of this file may not be disclosed to third parties, copied or
|
|
* duplicated in any form, in whole or in part, without the prior written
|
|
* permission of Silicon Graphics, Inc.
|
|
*
|
|
* RESTRICTED RIGHTS LEGEND:
|
|
* Use, duplication or disclosure by the Government is subject to restrictions
|
|
* as set forth in subdivision (c)(1)(ii) of the Rights in Technical Data
|
|
* and Computer Software clause at DFARS 252.227-7013, and/or in similar or
|
|
* successor clauses in the FAR, DOD or NASA FAR Supplement. Unpublished -
|
|
* rights reserved under the Copyright Laws of the United States.
|
|
*/
|
|
#include "soc.h"
|
|
|
|
/*
|
|
* socket_ioctl_lbl.c -- Tests ability of process to set new label on
|
|
* an AF_INET socket using ioctl(descriptor, SIOCGETLABEL, &label).
|
|
*/
|
|
|
|
static int socket_ioctl_lbl1(int n, char *casename, int type, uid_t uid,
|
|
struct msen_l* msenptr, struct mint_l* mintptr,
|
|
struct msen_l* smsenptr, struct mint_l* smintptr);
|
|
|
|
/*
|
|
* Tests whether a process can set the label on a newly-created
|
|
* socket by calling ioctl(sd, SIOCSETLABEL, &slbl). This should
|
|
* succeed if and only if the effective uid is superuser.
|
|
*/
|
|
int
|
|
socket_ioctl_lbl(void)
|
|
{
|
|
short ncases = (NTYPES * NUIDS * NMSEN * NMINT * NSMSEN * NMINT);
|
|
/* Number of test cases */
|
|
register short n = 0; /* Test case counter */
|
|
register short npos = 0; /* Count of positive cases */
|
|
register short j,k,l,m,o,p; /* Array indices */
|
|
int fail = 0; /* Set on failed test case */
|
|
int incomplete = 0; /* Set on incomplete test case */
|
|
char str[MSGLEN]; /* used to write to logfiles */
|
|
char desc[MSGLEN]; /* used to write to logfiles */
|
|
char *casename; /* used to write to logfiles */
|
|
char testname[SLEN]; /* used to write to logfiles */
|
|
|
|
strcpy(testname,"socket_ioctl_lbl");
|
|
/*
|
|
* Write formatted info to raw log.
|
|
*/
|
|
RAWLOG_SETUP(testname, ncases);
|
|
/*
|
|
* Call function for each test case
|
|
*/
|
|
for (j = 0; j < NTYPES; j++) {
|
|
for (k = 0; k < NUIDS; k++) {
|
|
for (l = 0; l < NMSEN; l++) {
|
|
for (m = 0; m < NMINT; m++) {
|
|
for (o = 0; o < (NSMSEN); o++) {
|
|
for (p = 0; p < NMINT; p++) {
|
|
flush_raw_log();
|
|
casename = calloc(1, (size_t)SLEN);
|
|
/*
|
|
* Superuser cases are positive
|
|
*/
|
|
if (uid[k] == SUPER) {
|
|
sprintf(casename, "pos%3.3d\0",
|
|
npos++);
|
|
}
|
|
else {
|
|
sprintf(casename, "neg%3.3d\0",
|
|
(n-npos));
|
|
}
|
|
switch ( socket_ioctl_lbl1(n, casename,
|
|
type[j], uid[k],
|
|
&msenlist[l],
|
|
&mintlist[m],
|
|
&smsenlist[o],
|
|
&mintlist[p]) ) {
|
|
/*
|
|
* Write formatted result to raw log.
|
|
*/
|
|
|
|
case PASS: /* Passed */
|
|
RAWPASS(n, casename);
|
|
break;
|
|
case FAIL: /* Failed */
|
|
sprintf(desc,
|
|
"%s, %s, %s, %s, %s, %s",
|
|
typedesc[j], uiddesc[k],
|
|
msendesc[l], mintdesc[m],
|
|
smsendesc[o], mintdesc[p] );
|
|
RAWFAIL(n, casename, desc);
|
|
fail = 1;
|
|
break;
|
|
default:
|
|
RAWINC(n, casename);
|
|
incomplete = 1;
|
|
break; /* Incomplete */
|
|
}
|
|
n++;
|
|
flush_raw_log();
|
|
free(casename);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
/*
|
|
* Return 0, 1, or 2 to calling function, which records
|
|
* result in summary log. If ANY case failed or was
|
|
* incomplete, the whole test is recorded as failed or
|
|
* incomplete. Incomplete supercedes fail.
|
|
*/
|
|
if (incomplete)
|
|
return(INCOMPLETE);
|
|
if (fail)
|
|
return(FAIL);
|
|
return(PASS);
|
|
}
|
|
|
|
/*
|
|
* socket_ioctl_lbl1 sets process label and uid according to parameters,
|
|
* creates an INET socket, and attempts to reset the socket
|
|
* label. If successful, it compares the label of the socket to the
|
|
* socket label parameter values. All superuser cases are positive,
|
|
* that is, the superuser should be able to set the socket label to
|
|
* any legal value. All non-superuser cases are negative; a normal
|
|
* user should never be able to set the label of a socket.
|
|
*/
|
|
|
|
static int
|
|
socket_ioctl_lbl1(int n, char *casename, int type, uid_t uid,
|
|
struct msen_l* msenptr, struct mint_l* mintptr,
|
|
struct msen_l* smsenptr, struct mint_l* smintptr)
|
|
{
|
|
register char i = 0; /* cat/dev loop counter */
|
|
char testname[SLEN]; /* used to write to logfiles */
|
|
char namestring[MSGLEN]; /* Used in error messages. */
|
|
int retval = 0; /* Return value of test call. */
|
|
pid_t forkval = 0; /* Child pid returned to parent */
|
|
mac_t plptr; /* Pointer to MAC label of process. */
|
|
mac_t slptr; /* Pointer to MAC label set. */
|
|
mac_t glptr; /* Pointer to MAC label gotten. */
|
|
int status; /* For wait. */
|
|
int sd; /* Socket descriptor */
|
|
int loc_errno; /* Local copy of test call errno */
|
|
|
|
strcpy(testname,"socket_ioctl_lbl");
|
|
sprintf(namestring, "%s, case %d, %s:\n ", testname, n, casename);
|
|
|
|
/*
|
|
* Fork a child and wait for it.
|
|
*/
|
|
|
|
if ( ( forkval = fork() ) == -1 ) {
|
|
w_error(SYSCALL, namestring, err[F_FORK], errno);
|
|
return(INCOMPLETE);
|
|
}
|
|
|
|
/*
|
|
* This is the parent. Wait for child and return
|
|
* 2 on unexpected error. Otherwise, return child's
|
|
* exit code.
|
|
*/
|
|
if ( forkval ) {
|
|
if ( wait(&status) == -1 ) {
|
|
w_error(SYSCALL, namestring, err[F_WAIT], errno);
|
|
return(INCOMPLETE);
|
|
}
|
|
if ( !WIFEXITED(status) ) {
|
|
w_error(GENERAL, namestring, err[C_NOTEXIT], 0);
|
|
return(INCOMPLETE);
|
|
}
|
|
return(WEXITSTATUS(status) );
|
|
}
|
|
|
|
|
|
/*
|
|
* This is the child. Calloc label,
|
|
* set process label and free pointer.
|
|
*/
|
|
plptr = mac_get_proc();
|
|
plptr->ml_msen_type = msenptr->msen;
|
|
plptr->ml_level = msenptr->level;
|
|
plptr->ml_catcount = msenptr->catcount;
|
|
for ( i = 0; i < msenptr->catcount; i++ ) {
|
|
plptr->ml_list[i] = msenptr->catlist[i];
|
|
}
|
|
plptr->ml_mint_type = mintptr->mint;
|
|
plptr->ml_grade = mintptr->grade;
|
|
plptr->ml_divcount = mintptr->divcount;
|
|
for ( i = 0; i < mintptr->divcount; i++ ) {
|
|
plptr->ml_list[i + msenptr->catcount] =
|
|
mintptr->divlist[i];
|
|
}
|
|
if ( cap_setplabel(plptr) ) {
|
|
w_error(SYSCALL,namestring,err[F_SETPLABEL],errno);
|
|
exit(INCOMPLETE);
|
|
}
|
|
mac_free(plptr);
|
|
/*
|
|
* Set effective uid and verify it.
|
|
*/
|
|
if ( ( cap_setreuid(SUPER, uid) ) < 0 ) {
|
|
w_error(SYSCALL, namestring, err[SETREUID_S], errno);
|
|
exit(INCOMPLETE);
|
|
}
|
|
if ( geteuid() != uid ) {
|
|
w_error(GENERAL, namestring, err[BADUIDS_S], 0);
|
|
exit(INCOMPLETE);
|
|
}
|
|
|
|
/*
|
|
* Create a socket.
|
|
*/
|
|
if ( ( sd = socket(AF_INET , type, 0) ) < 0 ) {
|
|
w_error(SYSCALL, namestring, err[F_SOCKET], errno);
|
|
exit(INCOMPLETE);
|
|
}
|
|
|
|
/*
|
|
* Prepare socket label.
|
|
*/
|
|
|
|
slptr = mac_get_proc();
|
|
slptr->ml_msen_type = smsenptr->msen;
|
|
slptr->ml_level = smsenptr->level;
|
|
slptr->ml_catcount = smsenptr->catcount;
|
|
for ( i = 0; i < smsenptr->catcount; i++ ) {
|
|
slptr->ml_list[i] = smsenptr->catlist[i];
|
|
}
|
|
slptr->ml_mint_type = smintptr->mint;
|
|
slptr->ml_grade = smintptr->grade;
|
|
slptr->ml_divcount = smintptr->divcount;
|
|
for ( i = 0; i < smintptr->divcount; i++ ) {
|
|
slptr->ml_list[i + smsenptr->catcount] =
|
|
smintptr->divlist[i];
|
|
}
|
|
|
|
/*
|
|
* Test call: Call ioctl(sd, SIOCSETLABEL, slptr).
|
|
*/
|
|
retval = ( ioctl(sd, SIOCSETLABEL, slptr) );
|
|
loc_errno = errno;
|
|
mac_free(slptr);
|
|
|
|
/*
|
|
* Set effective uid back to SUPER and verify it.
|
|
*/
|
|
if ( ( cap_setreuid(-1, SUPER) ) < 0 ) {
|
|
w_error(SYSCALL, namestring, err[SETREUID_S], errno);
|
|
exit(INCOMPLETE);
|
|
}
|
|
if ( geteuid() != SUPER ) {
|
|
w_error(GENERAL, namestring, err[BADUIDS_S], 0);
|
|
exit(INCOMPLETE);
|
|
}
|
|
|
|
/*
|
|
* Set process label.
|
|
*/
|
|
plptr = mac_get_proc();
|
|
plptr->ml_msen_type = MSH;
|
|
plptr->ml_mint_type = MIE;
|
|
if ( cap_setplabel(plptr) ) {
|
|
w_error(SYSCALL,namestring,err[F_SETPLABEL],errno);
|
|
exit(INCOMPLETE);
|
|
}
|
|
mac_free(plptr);
|
|
|
|
/*
|
|
* Get current label on socket.
|
|
*/
|
|
glptr = mac_get_proc();
|
|
if ( ioctl(sd, SIOCGETLABEL, glptr) < 0 ) {
|
|
w_error(SYSCALL, namestring, err[F_IOCTLGETLBL], errno);
|
|
close(sd);
|
|
exit(INCOMPLETE);
|
|
}
|
|
close(sd);
|
|
|
|
/*
|
|
* For positive cases (all superuser cases)
|
|
* retval should be 0 and socket label retreived
|
|
* by ioctl should match socket label parameters.
|
|
*/
|
|
if ( (uid == SUPER) && (smsenptr->msen != MSM) ) {
|
|
if ( retval < 0 ) {
|
|
w_error(SYSCALL, namestring, err[TESTCALL], loc_errno);
|
|
exit(FAIL);
|
|
}
|
|
if ( retval > 0 ) {
|
|
w_error(PRINTNUM, namestring, err[TEST_RETVAL],retval);
|
|
exit(FAIL);
|
|
}
|
|
if ( ( glptr->ml_msen_type != smsenptr->msen ) ||
|
|
( glptr->ml_mint_type != smintptr->mint ) ||
|
|
( glptr->ml_level != smsenptr->level ) ||
|
|
( glptr->ml_grade != smintptr->grade ) ||
|
|
( glptr->ml_catcount != smsenptr->catcount ) ||
|
|
( glptr->ml_divcount != smintptr->divcount ) ) {
|
|
w_error(GENERAL, namestring, err[BADLABEL], 0);
|
|
exit(FAIL);
|
|
}
|
|
for ( i = 0; i < smsenptr->catcount; i++ ) {
|
|
if ( glptr->ml_list[i] != smsenptr->catlist[i] ) {
|
|
w_error(GENERAL, namestring, err[BADLABEL], 0);
|
|
exit(FAIL);
|
|
}
|
|
}
|
|
for ( i = 0; i < smintptr->divcount; i++ ) {
|
|
if ( glptr->ml_list[i + smsenptr->catcount] !=
|
|
smintptr->divlist[i] ) {
|
|
w_error(GENERAL, namestring, err[BADLABEL], 0);
|
|
exit(FAIL);
|
|
}
|
|
}
|
|
exit(PASS);
|
|
}
|
|
|
|
/*
|
|
* For negative test cases (all non-superuser cases),
|
|
* retval should be -1 and errno should equal EPERM. If
|
|
* not, write error message. Exit 0 for PASS, 1 for FAIL.
|
|
*/
|
|
if ( retval != -1 ) {
|
|
w_error(PRINTNUM, namestring, err[TEST_RETVAL],retval);
|
|
exit(FAIL);
|
|
}
|
|
if ( loc_errno != EPERM ) {
|
|
w_error(SYSCALL, namestring, err[TEST_ERRNO],loc_errno);
|
|
exit(FAIL);
|
|
}
|
|
exit(PASS);
|
|
return(PASS);
|
|
}
|