Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/lib/libzonecfg/common/libzonecfg.c
          +++ new/usr/src/lib/libzonecfg/common/libzonecfg.c
↓ open down ↓ 89 lines elided ↑ open up ↑
  90   90  #define DTD_ELEM_RCTLVALUE      (const xmlChar *) "rctl-value"
  91   91  #define DTD_ELEM_ZONE           (const xmlChar *) "zone"
  92   92  #define DTD_ELEM_DATASET        (const xmlChar *) "dataset"
  93   93  #define DTD_ELEM_TMPPOOL        (const xmlChar *) "tmp_pool"
  94   94  #define DTD_ELEM_PSET           (const xmlChar *) "pset"
  95   95  #define DTD_ELEM_MCAP           (const xmlChar *) "mcap"
  96   96  #define DTD_ELEM_PACKAGE        (const xmlChar *) "package"
  97   97  #define DTD_ELEM_OBSOLETES      (const xmlChar *) "obsoletes"
  98   98  #define DTD_ELEM_DEV_PERM       (const xmlChar *) "dev-perm"
  99   99  #define DTD_ELEM_ADMIN          (const xmlChar *) "admin"
      100 +#define DTD_ELEM_SECFLAGS       (const xmlChar *) "security-flags"
 100  101  
 101  102  #define DTD_ATTR_ACTION         (const xmlChar *) "action"
 102  103  #define DTD_ATTR_ADDRESS        (const xmlChar *) "address"
 103  104  #define DTD_ATTR_ALLOWED_ADDRESS        (const xmlChar *) "allowed-address"
 104  105  #define DTD_ATTR_AUTOBOOT       (const xmlChar *) "autoboot"
 105  106  #define DTD_ATTR_IPTYPE         (const xmlChar *) "ip-type"
 106  107  #define DTD_ATTR_DEFROUTER      (const xmlChar *) "defrouter"
 107  108  #define DTD_ATTR_DIR            (const xmlChar *) "directory"
 108  109  #define DTD_ATTR_LIMIT          (const xmlChar *) "limit"
 109  110  #define DTD_ATTR_LIMITPRIV      (const xmlChar *) "limitpriv"
↓ open down ↓ 17 lines elided ↑ open up ↑
 127  128  #define DTD_ATTR_ID             (const xmlChar *) "id"
 128  129  #define DTD_ATTR_UID            (const xmlChar *) "uid"
 129  130  #define DTD_ATTR_GID            (const xmlChar *) "gid"
 130  131  #define DTD_ATTR_MODE           (const xmlChar *) "mode"
 131  132  #define DTD_ATTR_ACL            (const xmlChar *) "acl"
 132  133  #define DTD_ATTR_BRAND          (const xmlChar *) "brand"
 133  134  #define DTD_ATTR_HOSTID         (const xmlChar *) "hostid"
 134  135  #define DTD_ATTR_USER           (const xmlChar *) "user"
 135  136  #define DTD_ATTR_AUTHS          (const xmlChar *) "auths"
 136  137  #define DTD_ATTR_FS_ALLOWED     (const xmlChar *) "fs-allowed"
      138 +#define DTD_ATTR_DEFAULT        (const xmlChar *) "default"
      139 +#define DTD_ATTR_LOWER          (const xmlChar *) "lower"
      140 +#define DTD_ATTR_UPPER          (const xmlChar *) "upper"
      141 +
 137  142  
 138  143  #define DTD_ENTITY_BOOLEAN      "boolean"
 139  144  #define DTD_ENTITY_DEVPATH      "devpath"
 140  145  #define DTD_ENTITY_DRIVER       "driver"
 141  146  #define DTD_ENTITY_DRVMIN       "drv_min"
 142  147  #define DTD_ENTITY_FALSE        "false"
 143  148  #define DTD_ENTITY_INT          "int"
 144  149  #define DTD_ENTITY_STRING       "string"
 145  150  #define DTD_ENTITY_TRUE         "true"
 146  151  #define DTD_ENTITY_UINT         "uint"
↓ open down ↓ 2481 lines elided ↑ open up ↑
2628 2633  
2629 2634          if ((err = operation_prep(handle)) != Z_OK)
2630 2635                  return (err);
2631 2636  
2632 2637          if ((err = zonecfg_add_auth_core(handle, tabptr,
2633 2638              zonename)) != Z_OK)
2634 2639                  return (err);
2635 2640  
2636 2641          return (Z_OK);
2637 2642  }
     2643 +
2638 2644  static int
2639 2645  zonecfg_delete_auth_core(zone_dochandle_t handle, struct zone_admintab *tabptr,
2640 2646      char *zonename)
2641 2647  {
2642 2648          xmlNodePtr cur = handle->zone_dh_cur;
2643 2649          boolean_t auth_match;
2644 2650          int err;
2645 2651  
2646 2652          for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
2647 2653                  if (xmlStrcmp(cur->name, DTD_ELEM_ADMIN))
↓ open down ↓ 92 lines elided ↑ open up ↑
2740 2746              sizeof (tabptr->zone_admin_user))) != Z_OK)
2741 2747                  return (err);
2742 2748  
2743 2749          if ((err = fetchprop(cur, DTD_ATTR_AUTHS, tabptr->zone_admin_auths,
2744 2750              sizeof (tabptr->zone_admin_auths))) != Z_OK)
2745 2751                  return (err);
2746 2752  
2747 2753          return (Z_OK);
2748 2754  }
2749 2755  
     2756 +static int
     2757 +zonecfg_add_secflags_core(zone_dochandle_t handle,
     2758 +    struct zone_secflagstab *tabptr)
     2759 +{
     2760 +        xmlNodePtr newnode, cur = handle->zone_dh_cur;
     2761 +        int err;
     2762 +
     2763 +        newnode = xmlNewTextChild(cur, NULL, DTD_ELEM_SECFLAGS, NULL);
     2764 +        err = newprop(newnode, DTD_ATTR_DEFAULT, tabptr->zone_secflags_default);
     2765 +        if (err != Z_OK)
     2766 +                return (err);
     2767 +        err = newprop(newnode, DTD_ATTR_LOWER, tabptr->zone_secflags_lower);
     2768 +        if (err != Z_OK)
     2769 +                return (err);
     2770 +        err = newprop(newnode, DTD_ATTR_UPPER, tabptr->zone_secflags_upper);
     2771 +        if (err != Z_OK)
     2772 +                return (err);
     2773 +
     2774 +        return (Z_OK);
     2775 +}
     2776 +
     2777 +int
     2778 +zonecfg_add_secflags(zone_dochandle_t handle, struct zone_secflagstab *tabptr)
     2779 +{
     2780 +        int err;
     2781 +
     2782 +
     2783 +        if (tabptr == NULL)
     2784 +                return (Z_INVAL);
     2785 +
     2786 +        if ((err = operation_prep(handle)) != Z_OK)
     2787 +                return (err);
     2788 +
     2789 +        if ((err = zonecfg_add_secflags_core(handle, tabptr)) != Z_OK)
     2790 +                return (err);
     2791 +
     2792 +        return (Z_OK);
     2793 +}
     2794 +
     2795 +static int
     2796 +zonecfg_delete_secflags_core(zone_dochandle_t handle,
     2797 +    struct zone_secflagstab *tabptr)
     2798 +{
     2799 +        xmlNodePtr cur = handle->zone_dh_cur;
     2800 +        boolean_t def_match, low_match, up_match;
     2801 +
     2802 +        for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
     2803 +                if (xmlStrcmp(cur->name, DTD_ELEM_SECFLAGS) != 0)
     2804 +                        continue;
     2805 +
     2806 +                def_match = match_prop(cur, DTD_ATTR_DEFAULT,
     2807 +                    tabptr->zone_secflags_default);
     2808 +                low_match = match_prop(cur, DTD_ATTR_LOWER,
     2809 +                    tabptr->zone_secflags_lower);
     2810 +                up_match = match_prop(cur, DTD_ATTR_UPPER,
     2811 +                    tabptr->zone_secflags_upper);
     2812 +
     2813 +                if (def_match && low_match && up_match) {
     2814 +                        xmlUnlinkNode(cur);
     2815 +                        xmlFreeNode(cur);
     2816 +                        return (Z_OK);
     2817 +                }
     2818 +
     2819 +        }
     2820 +        return (Z_NO_RESOURCE_ID);
     2821 +}
     2822 +
     2823 +int
     2824 +zonecfg_delete_secflags(zone_dochandle_t handle,
     2825 +    struct zone_secflagstab *tabptr)
     2826 +{
     2827 +        int err;
     2828 +
     2829 +        if (tabptr == NULL)
     2830 +                return (Z_INVAL);
     2831 +
     2832 +        if ((err = operation_prep(handle)) != Z_OK)
     2833 +                return (err);
     2834 +
     2835 +        if ((err = zonecfg_delete_secflags_core(handle, tabptr)) != Z_OK)
     2836 +                return (err);
     2837 +
     2838 +        return (Z_OK);
     2839 +}
     2840 +
     2841 +int
     2842 +zonecfg_modify_secflags(zone_dochandle_t handle,
     2843 +    struct zone_secflagstab *oldtabptr,
     2844 +    struct zone_secflagstab *newtabptr)
     2845 +{
     2846 +        int err;
     2847 +
     2848 +        if (oldtabptr == NULL || newtabptr == NULL)
     2849 +                return (Z_INVAL);
     2850 +
     2851 +        if ((err = operation_prep(handle)) != Z_OK)
     2852 +                return (err);
     2853 +
     2854 +        if ((err = zonecfg_delete_secflags_core(handle, oldtabptr))
     2855 +            != Z_OK)
     2856 +                return (err);
     2857 +
     2858 +        if ((err = zonecfg_add_secflags_core(handle, newtabptr)) != Z_OK)
     2859 +                return (err);
     2860 +
     2861 +        return (Z_OK);
     2862 +}
     2863 +
     2864 +int
     2865 +zonecfg_lookup_secflags(zone_dochandle_t handle,
     2866 +    struct zone_secflagstab *tabptr)
     2867 +{
     2868 +        xmlNodePtr cur;
     2869 +        int err;
     2870 +
     2871 +        if (tabptr == NULL)
     2872 +                return (Z_INVAL);
     2873 +
     2874 +        if ((err = operation_prep(handle)) != Z_OK)
     2875 +                return (err);
     2876 +
     2877 +        cur = handle->zone_dh_cur;
     2878 +
     2879 +        for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) {
     2880 +                if (xmlStrcmp(cur->name, DTD_ELEM_SECFLAGS) != 0)
     2881 +                        continue;
     2882 +
     2883 +                if ((err = fetchprop(cur, DTD_ATTR_DEFAULT,
     2884 +                    tabptr->zone_secflags_default,
     2885 +                    sizeof (tabptr->zone_secflags_default))) != Z_OK) {
     2886 +                        handle->zone_dh_cur = handle->zone_dh_top;
     2887 +                        return (err);
     2888 +                }
     2889 +
     2890 +                if ((err = fetchprop(cur, DTD_ATTR_LOWER,
     2891 +                    tabptr->zone_secflags_lower,
     2892 +                    sizeof (tabptr->zone_secflags_lower))) != Z_OK) {
     2893 +                        handle->zone_dh_cur = handle->zone_dh_top;
     2894 +                        return (err);
     2895 +                }
     2896 +
     2897 +                if ((err = fetchprop(cur, DTD_ATTR_UPPER,
     2898 +                    tabptr->zone_secflags_upper,
     2899 +                    sizeof (tabptr->zone_secflags_upper))) != Z_OK) {
     2900 +                        handle->zone_dh_cur = handle->zone_dh_top;
     2901 +                        return (err);
     2902 +                }
     2903 +
     2904 +                return (Z_OK);
     2905 +        }
     2906 +
     2907 +        return (Z_NO_ENTRY);
     2908 +}
2750 2909  
2751 2910  /* Lock to serialize all devwalks */
2752 2911  static pthread_mutex_t zonecfg_devwalk_lock = PTHREAD_MUTEX_INITIALIZER;
2753 2912  /*
2754 2913   * Global variables used to pass data from zonecfg_dev_manifest to the nftw
2755 2914   * call-back (zonecfg_devwalk_cb).  g_devwalk_data is really the void*
2756 2915   * parameter and g_devwalk_cb is really the *cb parameter from
2757 2916   * zonecfg_dev_manifest.
2758 2917   */
2759 2918  typedef struct __g_devwalk_data *g_devwalk_data_t;
↓ open down ↓ 163 lines elided ↑ open up ↑
2923 3082   * This function finds everything mounted under a zone's rootpath.
2924 3083   * This returns the number of mounts under rootpath, or -1 on error.
2925 3084   * callback is called once per mount found with the first argument
2926 3085   * pointing to a mnttab structure containing the mount's information.
2927 3086   *
2928 3087   * If the callback function returns non-zero zonecfg_find_mounts
2929 3088   * aborts with an error.
2930 3089   */
2931 3090  int
2932 3091  zonecfg_find_mounts(char *rootpath, int (*callback)(const struct mnttab *,
2933      -    void *), void *priv) {
     3092 +    void *), void *priv)
     3093 +{
2934 3094          FILE *mnttab;
2935 3095          struct mnttab m;
2936 3096          size_t l;
2937 3097          int zfsl;
2938 3098          int rv = 0;
2939 3099          char zfs_path[MAXPATHLEN];
2940 3100  
2941 3101          assert(rootpath != NULL);
2942 3102  
2943 3103          if ((zfsl = snprintf(zfs_path, sizeof (zfs_path), "%s/.zfs/", rootpath))
↓ open down ↓ 3970 lines elided ↑ open up ↑
6914 7074                          handle->zone_dh_cur = handle->zone_dh_top;
6915 7075                          return (err);
6916 7076                  }
6917 7077  
6918 7078                  return (Z_OK);
6919 7079          }
6920 7080  
6921 7081          return (Z_NO_ENTRY);
6922 7082  }
6923 7083  
     7084 +int
     7085 +zonecfg_getsecflagsent(zone_dochandle_t handle,
     7086 +    struct zone_secflagstab *tabptr)
     7087 +{
     7088 +        int err;
     7089 +        xmlNodePtr cur;
     7090 +
     7091 +        if (handle == NULL)
     7092 +                return (Z_INVAL);
     7093 +
     7094 +        if ((err = zonecfg_setent(handle)) != Z_OK)
     7095 +                return (err);
     7096 +
     7097 +
     7098 +        if ((cur = handle->zone_dh_cur) == NULL)
     7099 +                return (Z_NO_ENTRY);
     7100 +
     7101 +        for (; cur != NULL; cur = cur->next) {
     7102 +                if (xmlStrcmp(cur->name, DTD_ELEM_SECFLAGS) == 0)
     7103 +                        break;
     7104 +        }
     7105 +
     7106 +        if (cur == NULL) {
     7107 +                handle->zone_dh_cur = handle->zone_dh_top;
     7108 +                return (Z_NO_ENTRY);
     7109 +        }
     7110 +
     7111 +        if ((err = fetchprop(cur, DTD_ATTR_DEFAULT,
     7112 +            tabptr->zone_secflags_default,
     7113 +            sizeof (tabptr->zone_secflags_default))) != Z_OK) {
     7114 +                handle->zone_dh_cur = handle->zone_dh_top;
     7115 +                return (err);
     7116 +        }
     7117 +
     7118 +        if ((err = fetchprop(cur, DTD_ATTR_LOWER,
     7119 +            tabptr->zone_secflags_lower,
     7120 +            sizeof (tabptr->zone_secflags_lower))) != Z_OK) {
     7121 +                handle->zone_dh_cur = handle->zone_dh_top;
     7122 +                return (err);
     7123 +        }
     7124 +
     7125 +        if ((err = fetchprop(cur, DTD_ATTR_UPPER,
     7126 +            tabptr->zone_secflags_upper,
     7127 +            sizeof (tabptr->zone_secflags_upper))) != Z_OK) {
     7128 +                handle->zone_dh_cur = handle->zone_dh_top;
     7129 +                return (err);
     7130 +        }
     7131 +
     7132 +        handle->zone_dh_cur = cur->next;
     7133 +
     7134 +        (void) zonecfg_endent(handle);
     7135 +
     7136 +        return (err);
     7137 +}
     7138 +
6924 7139  static int
6925 7140  getmcapent_core(zone_dochandle_t handle, struct zone_mcaptab *tabptr)
6926 7141  {
6927 7142          xmlNodePtr cur;
6928 7143          int err;
6929 7144  
6930 7145          if (handle == NULL)
6931 7146                  return (Z_INVAL);
6932 7147  
6933 7148          if ((cur = handle->zone_dh_cur) == NULL)
↓ open down ↓ 1096 lines elided ↑ open up ↑
8030 8245  
8031 8246          (void) strlcpy(new->user, user, sizeof (new->user));
8032 8247          (void) strlcpy(new->zonename, zonename, sizeof (new->zonename));
8033 8248          new->next = NULL;
8034 8249          *prev = new;
8035 8250          return (Z_OK);
8036 8251  }
8037 8252  
8038 8253  int
8039 8254  zonecfg_remove_userauths(zone_dochandle_t handle, char *user, char *zonename,
8040      -        boolean_t deauthorize)
     8255 +    boolean_t deauthorize)
8041 8256  {
8042 8257          zone_userauths_t *new, **prev, *next;
8043 8258  
8044 8259          prev = &handle->zone_dh_userauths;
8045 8260          next = *prev;
8046 8261  
8047 8262          while (next) {
8048 8263                  if ((strlen(user) == 0 ||
8049 8264                      strncmp(next->user, user, MAXUSERNAME) == 0) &&
8050 8265                      (strlen(zonename) == 0 ||
↓ open down ↓ 15 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX