RS: fix IPC privilege computation bug

Take into account the ALL and ALL_SYS cases when constructing proper
symmetrical IPC send masks. Fix system.conf accordingly, to keep
userland processes from sending to several non-interface servers and
drivers. Also fix IS's F4 formatting.
This commit is contained in:
David van Moolenbroek 2010-12-08 14:54:08 +00:00
parent 7bef45ad3b
commit 9639af49d2
3 changed files with 46 additions and 25 deletions

View file

@ -23,7 +23,7 @@ service rs
service ds
{
uid 0;
ipc ALL; # ALL ipc targets allowed
ipc ALL_SYS; # All system ipc targets allowed
system ALL; # ALL kernel calls allowed
vm BASIC; # Only basic VM calls allowed
io NONE; # No I/O range allowed
@ -76,7 +76,7 @@ service pm
service sched
{
uid 0;
ipc ALL; # ALL ipc targets allowed
ipc ALL_SYS; # All system ipc targets allowed
system ALL; # ALL kernel calls allowed
vm BASIC; # Only basic VM calls allowed
io NONE; # No I/O range allowed
@ -108,7 +108,7 @@ service vfs
service mfs
{
uid 0;
ipc ALL; # ALL ipc targets allowed
ipc ALL_SYS; # All system ipc targets allowed
system BASIC; # Only basic kernel calls allowed
vm BASIC; # Only basic VM calls allowed
io NONE; # No I/O range allowed
@ -121,7 +121,7 @@ service mfs
service ext2
{
ipc ALL; # ALL ipc targets allowed
ipc ALL_SYS; # All system ipc targets allowed
system BASIC; # Only basic kernel calls allowed
vm BASIC; # Only basic VM calls allowed
io NONE; # No I/O range allowed
@ -135,7 +135,7 @@ service ext2
service pfs
{
uid 0;
ipc ALL; # ALL ipc targets allowed
ipc ALL_SYS; # All system ipc targets allowed
system BASIC; # Only basic kernel calls allowed
vm BASIC; # Only basic VM calls allowed
io NONE; # No I/O range allowed
@ -149,7 +149,7 @@ service pfs
service tty
{
uid 0;
ipc ALL; # ALL ipc targets allowed
ipc ALL_SYS; # All system ipc targets allowed
system # Extra kernel calls allowed:
KILL # 06
SEGCTL # 12
@ -177,7 +177,7 @@ service tty
service memory
{
uid 0;
ipc ALL; # ALL ipc targets allowed
ipc ALL_SYS; # All system ipc targets allowed
system # Extra kernel calls allowed:
SEGCTL # 12
UMAP # 14
@ -202,7 +202,7 @@ service memory
service log
{
uid 0;
ipc ALL; # ALL ipc targets allowed
ipc ALL_SYS; # All system ipc targets allowed
system # Extra kernel calls allowed:
SEGCTL # 12
UMAP # 14

View file

@ -326,7 +326,8 @@ PUBLIC void privileges_dmp()
return;
}
printf("-nr- -id- -name-- -flags- traps grants -ipc_to-- -kernel calls-\n");
printf("-nr- -id- -name-- -flags- traps grants -ipc_to--"
" -kernel calls-\n");
PROCLOOP(rp, oldrp)
r = -1;
@ -335,7 +336,7 @@ PUBLIC void privileges_dmp()
if (r == -1 && !isemptyp(rp)) {
sp = &priv[USER_PRIV_ID];
}
printf("(%02u) %-7.7s %s %s %7d",
printf("(%02u) %-7.7s %s %s %6d",
sp->s_id, rp->p_name,
s_flags_str(sp->s_flags), s_traps_str(sp->s_trap_mask),
sp->s_grant_entries);

View file

@ -1957,7 +1957,7 @@ struct priv *privp;
struct rproc *rrp;
struct rprocpub *rrpub;
char *proc_name;
int priv_id;
int priv_id, is_ipc_all, is_ipc_all_sys;
proc_name = rp->r_pub->proc_name;
@ -1965,20 +1965,41 @@ struct priv *privp;
if (!(rrp->r_flags & RS_IN_USE))
continue;
/* If an IPC target list was provided for the process being
* checked here, make sure that the name of the new process
if (!rrp->r_ipc_list[0])
continue;
/* If the process being checked is set to allow IPC to all
* other processes, or for all other system processes and the
* target process is a system process, add a permission bit.
*/
rrpub = rrp->r_pub;
is_ipc_all = !strcmp(rrp->r_ipc_list, RSS_IPC_ALL);
is_ipc_all_sys = !strcmp(rrp->r_ipc_list, RSS_IPC_ALL_SYS);
if (is_ipc_all ||
(is_ipc_all_sys && (privp->s_flags & SYS_PROC))) {
#if PRIV_DEBUG
printf(" RS: add_backward_ipc: setting sendto bit "
"for %d...\n", rrpub->endpoint);
#endif
priv_id= rrp->r_priv.s_id;
set_sys_bit(privp->s_ipc_to, priv_id);
continue;
}
/* An IPC target list was provided for the process being
* checked here. Make sure that the name of the new process
* is in that process's list. There may be multiple matches.
*/
if (rrp->r_ipc_list[0]) {
rrpub = rrp->r_pub;
p = rrp->r_ipc_list;
while ((p = get_next_name(p, name,
rrpub->label)) != NULL) {
while ((p = get_next_name(p, name, rrpub->label)) != NULL) {
if (!strcmp(proc_name, name)) {
#if PRIV_DEBUG
printf(" RS: add_backward_ipc: setting"
" sendto bit for %d...\n",
printf(" RS: add_backward_ipc: setting sendto"
" bit for %d...\n",
rrpub->endpoint);
#endif
priv_id= rrp->r_priv.s_id;
@ -1986,7 +2007,6 @@ struct priv *privp;
}
}
}
}
}