secmodel_suser.c revision 1.37
1 /* $NetBSD: secmodel_suser.c,v 1.37 2012/01/13 16:05:15 cegger Exp $ */ 2 /*- 3 * Copyright (c) 2006 Elad Efrat <elad (at) NetBSD.org> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. The name of the author may not be used to endorse or promote products 15 * derived from this software without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 /* 30 * This file contains kauth(9) listeners needed to implement the traditional 31 * NetBSD superuser access restrictions. 32 * 33 * There are two main resources a request can be issued to: user-owned and 34 * system owned. For the first, traditional Unix access checks are done, as 35 * well as superuser checks. If needed, the request context is examined before 36 * a decision is made. For the latter, usually only superuser checks are done 37 * as normal users are not allowed to access system resources. 38 */ 39 40 #include <sys/cdefs.h> 41 __KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.37 2012/01/13 16:05:15 cegger Exp $"); 42 43 #include <sys/types.h> 44 #include <sys/param.h> 45 #include <sys/kauth.h> 46 47 #include <sys/mutex.h> 48 #include <sys/mount.h> 49 #include <sys/socketvar.h> 50 #include <sys/sysctl.h> 51 #include <sys/vnode.h> 52 #include <sys/proc.h> 53 #include <sys/module.h> 54 55 #include <secmodel/secmodel.h> 56 #include <secmodel/suser/suser.h> 57 58 MODULE(MODULE_CLASS_SECMODEL, suser, NULL); 59 60 static kauth_listener_t l_generic, l_system, l_process, l_network, l_machdep, 61 l_device, l_vnode; 62 63 static secmodel_t suser_sm; 64 static struct sysctllog *suser_sysctl_log; 65 66 void 67 sysctl_security_suser_setup(struct sysctllog **clog) 68 { 69 const struct sysctlnode *rnode; 70 71 sysctl_createv(clog, 0, NULL, &rnode, 72 CTLFLAG_PERMANENT, 73 CTLTYPE_NODE, "security", NULL, 74 NULL, 0, NULL, 0, 75 CTL_SECURITY, CTL_EOL); 76 77 sysctl_createv(clog, 0, &rnode, &rnode, 78 CTLFLAG_PERMANENT, 79 CTLTYPE_NODE, "models", NULL, 80 NULL, 0, NULL, 0, 81 CTL_CREATE, CTL_EOL); 82 83 sysctl_createv(clog, 0, &rnode, &rnode, 84 CTLFLAG_PERMANENT, 85 CTLTYPE_NODE, "suser", NULL, 86 NULL, 0, NULL, 0, 87 CTL_CREATE, CTL_EOL); 88 89 sysctl_createv(clog, 0, &rnode, NULL, 90 CTLFLAG_PERMANENT, 91 CTLTYPE_STRING, "name", NULL, 92 NULL, 0, __UNCONST(SECMODEL_SUSER_NAME), 0, 93 CTL_CREATE, CTL_EOL); 94 } 95 96 void 97 secmodel_suser_init(void) 98 { 99 100 } 101 102 void 103 secmodel_suser_start(void) 104 { 105 l_generic = kauth_listen_scope(KAUTH_SCOPE_GENERIC, 106 secmodel_suser_generic_cb, NULL); 107 l_system = kauth_listen_scope(KAUTH_SCOPE_SYSTEM, 108 secmodel_suser_system_cb, NULL); 109 l_process = kauth_listen_scope(KAUTH_SCOPE_PROCESS, 110 secmodel_suser_process_cb, NULL); 111 l_network = kauth_listen_scope(KAUTH_SCOPE_NETWORK, 112 secmodel_suser_network_cb, NULL); 113 l_machdep = kauth_listen_scope(KAUTH_SCOPE_MACHDEP, 114 secmodel_suser_machdep_cb, NULL); 115 l_device = kauth_listen_scope(KAUTH_SCOPE_DEVICE, 116 secmodel_suser_device_cb, NULL); 117 l_vnode = kauth_listen_scope(KAUTH_SCOPE_VNODE, 118 secmodel_suser_vnode_cb, NULL); 119 } 120 121 void 122 secmodel_suser_stop(void) 123 { 124 kauth_unlisten_scope(l_generic); 125 kauth_unlisten_scope(l_system); 126 kauth_unlisten_scope(l_process); 127 kauth_unlisten_scope(l_network); 128 kauth_unlisten_scope(l_machdep); 129 kauth_unlisten_scope(l_device); 130 kauth_unlisten_scope(l_vnode); 131 } 132 133 static bool 134 suser_isroot(kauth_cred_t cred) 135 { 136 return kauth_cred_geteuid(cred) == 0; 137 } 138 139 static int 140 suser_eval(const char *what, void *arg, void *ret) 141 { 142 int error = 0; 143 144 if (strcasecmp(what, "is-root") == 0) { 145 kauth_cred_t cred = arg; 146 bool *bp = ret; 147 148 *bp = suser_isroot(cred); 149 } else { 150 error = ENOENT; 151 } 152 153 return error; 154 } 155 156 static int 157 suser_modcmd(modcmd_t cmd, void *arg) 158 { 159 int error = 0; 160 161 switch (cmd) { 162 case MODULE_CMD_INIT: 163 error = secmodel_register(&suser_sm, 164 SECMODEL_SUSER_ID, SECMODEL_SUSER_NAME, 165 NULL, suser_eval, NULL); 166 if (error != 0) 167 printf("suser_modcmd::init: secmodel_register " 168 "returned %d\n", error); 169 170 secmodel_suser_init(); 171 secmodel_suser_start(); 172 sysctl_security_suser_setup(&suser_sysctl_log); 173 break; 174 175 case MODULE_CMD_FINI: 176 sysctl_teardown(&suser_sysctl_log); 177 secmodel_suser_stop(); 178 179 error = secmodel_deregister(suser_sm); 180 if (error != 0) 181 printf("suser_modcmd::fini: secmodel_deregister " 182 "returned %d\n", error); 183 184 break; 185 186 case MODULE_CMD_AUTOUNLOAD: 187 error = EPERM; 188 break; 189 190 default: 191 error = ENOTTY; 192 break; 193 } 194 195 return (error); 196 } 197 198 /* 199 * kauth(9) listener 200 * 201 * Security model: Traditional NetBSD 202 * Scope: Generic 203 * Responsibility: Superuser access 204 */ 205 int 206 secmodel_suser_generic_cb(kauth_cred_t cred, kauth_action_t action, 207 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 208 { 209 bool isroot; 210 int result; 211 212 isroot = suser_isroot(cred); 213 result = KAUTH_RESULT_DEFER; 214 215 switch (action) { 216 case KAUTH_GENERIC_ISSUSER: 217 if (isroot) 218 result = KAUTH_RESULT_ALLOW; 219 break; 220 221 default: 222 break; 223 } 224 225 return (result); 226 } 227 228 /* 229 * kauth(9) listener 230 * 231 * Security model: Traditional NetBSD 232 * Scope: System 233 * Responsibility: Superuser access 234 */ 235 int 236 secmodel_suser_system_cb(kauth_cred_t cred, kauth_action_t action, 237 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 238 { 239 bool isroot; 240 int result; 241 enum kauth_system_req req; 242 243 isroot = suser_isroot(cred); 244 result = KAUTH_RESULT_DEFER; 245 req = (enum kauth_system_req)arg0; 246 247 switch (action) { 248 case KAUTH_SYSTEM_CPU: 249 switch (req) { 250 case KAUTH_REQ_SYSTEM_CPU_SETSTATE: 251 case KAUTH_REQ_SYSTEM_CPU_UCODE_APPLY: 252 if (isroot) 253 result = KAUTH_RESULT_ALLOW; 254 255 break; 256 257 default: 258 break; 259 } 260 261 break; 262 263 case KAUTH_SYSTEM_FS_QUOTA: 264 switch (req) { 265 case KAUTH_REQ_SYSTEM_FS_QUOTA_GET: 266 case KAUTH_REQ_SYSTEM_FS_QUOTA_ONOFF: 267 case KAUTH_REQ_SYSTEM_FS_QUOTA_MANAGE: 268 case KAUTH_REQ_SYSTEM_FS_QUOTA_NOLIMIT: 269 if (isroot) 270 result = KAUTH_RESULT_ALLOW; 271 break; 272 273 default: 274 break; 275 } 276 277 break; 278 279 case KAUTH_SYSTEM_MOUNT: 280 switch (req) { 281 case KAUTH_REQ_SYSTEM_MOUNT_GET: 282 if (isroot) { 283 result = KAUTH_RESULT_ALLOW; 284 break; 285 } 286 287 break; 288 289 case KAUTH_REQ_SYSTEM_MOUNT_NEW: 290 case KAUTH_REQ_SYSTEM_MOUNT_UNMOUNT: 291 case KAUTH_REQ_SYSTEM_MOUNT_UPDATE: 292 if (isroot) { 293 result = KAUTH_RESULT_ALLOW; 294 break; 295 } 296 297 break; 298 299 default: 300 break; 301 } 302 303 break; 304 305 case KAUTH_SYSTEM_PSET: 306 switch (req) { 307 case KAUTH_REQ_SYSTEM_PSET_ASSIGN: 308 case KAUTH_REQ_SYSTEM_PSET_BIND: 309 case KAUTH_REQ_SYSTEM_PSET_CREATE: 310 case KAUTH_REQ_SYSTEM_PSET_DESTROY: 311 if (isroot) 312 result = KAUTH_RESULT_ALLOW; 313 314 break; 315 316 default: 317 break; 318 } 319 320 break; 321 322 case KAUTH_SYSTEM_TIME: 323 switch (req) { 324 case KAUTH_REQ_SYSTEM_TIME_ADJTIME: 325 case KAUTH_REQ_SYSTEM_TIME_NTPADJTIME: 326 case KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS: 327 case KAUTH_REQ_SYSTEM_TIME_SYSTEM: 328 case KAUTH_REQ_SYSTEM_TIME_RTCOFFSET: 329 if (isroot) 330 result = KAUTH_RESULT_ALLOW; 331 break; 332 333 default: 334 break; 335 } 336 break; 337 338 case KAUTH_SYSTEM_SYSCTL: 339 switch (req) { 340 case KAUTH_REQ_SYSTEM_SYSCTL_ADD: 341 case KAUTH_REQ_SYSTEM_SYSCTL_DELETE: 342 case KAUTH_REQ_SYSTEM_SYSCTL_DESC: 343 case KAUTH_REQ_SYSTEM_SYSCTL_MODIFY: 344 case KAUTH_REQ_SYSTEM_SYSCTL_PRVT: 345 if (isroot) 346 result = KAUTH_RESULT_ALLOW; 347 break; 348 349 default: 350 break; 351 } 352 353 break; 354 355 case KAUTH_SYSTEM_SWAPCTL: 356 case KAUTH_SYSTEM_ACCOUNTING: 357 case KAUTH_SYSTEM_REBOOT: 358 case KAUTH_SYSTEM_CHROOT: 359 case KAUTH_SYSTEM_FILEHANDLE: 360 case KAUTH_SYSTEM_MKNOD: 361 case KAUTH_SYSTEM_SETIDCORE: 362 case KAUTH_SYSTEM_MODULE: 363 case KAUTH_SYSTEM_FS_RESERVEDSPACE: 364 if (isroot) 365 result = KAUTH_RESULT_ALLOW; 366 break; 367 368 case KAUTH_SYSTEM_DEBUG: 369 switch (req) { 370 case KAUTH_REQ_SYSTEM_DEBUG_IPKDB: 371 if (isroot) 372 result = KAUTH_RESULT_ALLOW; 373 374 break; 375 376 default: 377 break; 378 } 379 380 break; 381 382 case KAUTH_SYSTEM_CHSYSFLAGS: 383 /* 384 * Needs to be checked in conjunction with the immutable and 385 * append-only flags (usually). Should be handled differently. 386 * Infects ufs, ext2fs, tmpfs, and rump. 387 */ 388 if (isroot) 389 result = KAUTH_RESULT_ALLOW; 390 391 break; 392 393 default: 394 break; 395 } 396 397 return (result); 398 } 399 400 /* 401 * kauth(9) listener 402 * 403 * Security model: Traditional NetBSD 404 * Scope: Process 405 * Responsibility: Superuser access 406 */ 407 int 408 secmodel_suser_process_cb(kauth_cred_t cred, kauth_action_t action, 409 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 410 { 411 struct proc *p; 412 bool isroot; 413 int result; 414 415 isroot = suser_isroot(cred); 416 result = KAUTH_RESULT_DEFER; 417 p = arg0; 418 419 switch (action) { 420 case KAUTH_PROCESS_SIGNAL: 421 case KAUTH_PROCESS_KTRACE: 422 case KAUTH_PROCESS_PROCFS: 423 case KAUTH_PROCESS_PTRACE: 424 case KAUTH_PROCESS_SCHEDULER_GETPARAM: 425 case KAUTH_PROCESS_SCHEDULER_SETPARAM: 426 case KAUTH_PROCESS_SCHEDULER_GETAFFINITY: 427 case KAUTH_PROCESS_SCHEDULER_SETAFFINITY: 428 case KAUTH_PROCESS_SETID: 429 case KAUTH_PROCESS_KEVENT_FILTER: 430 case KAUTH_PROCESS_NICE: 431 case KAUTH_PROCESS_FORK: 432 case KAUTH_PROCESS_CORENAME: 433 case KAUTH_PROCESS_STOPFLAG: 434 if (isroot) 435 result = KAUTH_RESULT_ALLOW; 436 437 break; 438 439 case KAUTH_PROCESS_CANSEE: { 440 unsigned long req; 441 442 req = (unsigned long)arg1; 443 444 switch (req) { 445 case KAUTH_REQ_PROCESS_CANSEE_ARGS: 446 case KAUTH_REQ_PROCESS_CANSEE_ENTRY: 447 case KAUTH_REQ_PROCESS_CANSEE_OPENFILES: 448 if (isroot) { 449 result = KAUTH_RESULT_ALLOW; 450 break; 451 } 452 453 break; 454 455 case KAUTH_REQ_PROCESS_CANSEE_ENV: 456 if (isroot) 457 result = KAUTH_RESULT_ALLOW; 458 459 break; 460 461 default: 462 break; 463 } 464 465 break; 466 } 467 468 case KAUTH_PROCESS_RLIMIT: { 469 enum kauth_process_req req; 470 471 req = (enum kauth_process_req)(unsigned long)arg1; 472 473 switch (req) { 474 case KAUTH_REQ_PROCESS_RLIMIT_SET: 475 case KAUTH_REQ_PROCESS_RLIMIT_GET: 476 if (isroot) 477 result = KAUTH_RESULT_ALLOW; 478 479 break; 480 481 default: 482 break; 483 } 484 485 break; 486 } 487 488 default: 489 break; 490 } 491 492 return (result); 493 } 494 495 /* 496 * kauth(9) listener 497 * 498 * Security model: Traditional NetBSD 499 * Scope: Network 500 * Responsibility: Superuser access 501 */ 502 int 503 secmodel_suser_network_cb(kauth_cred_t cred, kauth_action_t action, 504 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 505 { 506 bool isroot; 507 int result; 508 enum kauth_network_req req; 509 510 isroot = suser_isroot(cred); 511 result = KAUTH_RESULT_DEFER; 512 req = (enum kauth_network_req)arg0; 513 514 switch (action) { 515 case KAUTH_NETWORK_ALTQ: 516 switch (req) { 517 case KAUTH_REQ_NETWORK_ALTQ_AFMAP: 518 case KAUTH_REQ_NETWORK_ALTQ_BLUE: 519 case KAUTH_REQ_NETWORK_ALTQ_CBQ: 520 case KAUTH_REQ_NETWORK_ALTQ_CDNR: 521 case KAUTH_REQ_NETWORK_ALTQ_CONF: 522 case KAUTH_REQ_NETWORK_ALTQ_FIFOQ: 523 case KAUTH_REQ_NETWORK_ALTQ_HFSC: 524 case KAUTH_REQ_NETWORK_ALTQ_JOBS: 525 case KAUTH_REQ_NETWORK_ALTQ_PRIQ: 526 case KAUTH_REQ_NETWORK_ALTQ_RED: 527 case KAUTH_REQ_NETWORK_ALTQ_RIO: 528 case KAUTH_REQ_NETWORK_ALTQ_WFQ: 529 if (isroot) 530 result = KAUTH_RESULT_ALLOW; 531 break; 532 533 default: 534 break; 535 } 536 537 break; 538 539 case KAUTH_NETWORK_BIND: 540 switch (req) { 541 case KAUTH_REQ_NETWORK_BIND_PORT: 542 case KAUTH_REQ_NETWORK_BIND_PRIVPORT: 543 if (isroot) 544 result = KAUTH_RESULT_ALLOW; 545 break; 546 547 default: 548 break; 549 } 550 break; 551 552 case KAUTH_NETWORK_FIREWALL: 553 switch (req) { 554 case KAUTH_REQ_NETWORK_FIREWALL_FW: 555 case KAUTH_REQ_NETWORK_FIREWALL_NAT: 556 if (isroot) 557 result = KAUTH_RESULT_ALLOW; 558 559 break; 560 561 default: 562 break; 563 } 564 break; 565 566 case KAUTH_NETWORK_FORWSRCRT: 567 case KAUTH_NETWORK_ROUTE: 568 if (isroot) 569 result = KAUTH_RESULT_ALLOW; 570 571 break; 572 573 case KAUTH_NETWORK_INTERFACE: 574 switch (req) { 575 case KAUTH_REQ_NETWORK_INTERFACE_GET: 576 case KAUTH_REQ_NETWORK_INTERFACE_SET: 577 case KAUTH_REQ_NETWORK_INTERFACE_GETPRIV: 578 case KAUTH_REQ_NETWORK_INTERFACE_SETPRIV: 579 if (isroot) 580 result = KAUTH_RESULT_ALLOW; 581 break; 582 583 default: 584 break; 585 } 586 break; 587 588 case KAUTH_NETWORK_INTERFACE_PPP: 589 switch (req) { 590 case KAUTH_REQ_NETWORK_INTERFACE_PPP_ADD: 591 if (isroot) 592 result = KAUTH_RESULT_ALLOW; 593 break; 594 595 default: 596 break; 597 } 598 599 break; 600 601 case KAUTH_NETWORK_INTERFACE_SLIP: 602 switch (req) { 603 case KAUTH_REQ_NETWORK_INTERFACE_SLIP_ADD: 604 if (isroot) 605 result = KAUTH_RESULT_ALLOW; 606 break; 607 608 default: 609 break; 610 } 611 612 break; 613 614 case KAUTH_NETWORK_INTERFACE_STRIP: 615 switch (req) { 616 case KAUTH_REQ_NETWORK_INTERFACE_STRIP_ADD: 617 if (isroot) 618 result = KAUTH_RESULT_ALLOW; 619 break; 620 621 default: 622 break; 623 } 624 625 break; 626 627 case KAUTH_NETWORK_INTERFACE_TUN: 628 switch (req) { 629 case KAUTH_REQ_NETWORK_INTERFACE_TUN_ADD: 630 if (isroot) 631 result = KAUTH_RESULT_ALLOW; 632 break; 633 634 default: 635 break; 636 } 637 638 break; 639 640 case KAUTH_NETWORK_NFS: 641 switch (req) { 642 case KAUTH_REQ_NETWORK_NFS_EXPORT: 643 case KAUTH_REQ_NETWORK_NFS_SVC: 644 if (isroot) 645 result = KAUTH_RESULT_ALLOW; 646 647 break; 648 649 default: 650 break; 651 } 652 break; 653 654 case KAUTH_NETWORK_SOCKET: 655 switch (req) { 656 case KAUTH_REQ_NETWORK_SOCKET_DROP: 657 case KAUTH_REQ_NETWORK_SOCKET_OPEN: 658 case KAUTH_REQ_NETWORK_SOCKET_RAWSOCK: 659 case KAUTH_REQ_NETWORK_SOCKET_SETPRIV: 660 if (isroot) 661 result = KAUTH_RESULT_ALLOW; 662 break; 663 664 case KAUTH_REQ_NETWORK_SOCKET_CANSEE: 665 if (isroot) { 666 result = KAUTH_RESULT_ALLOW; 667 break; 668 } 669 670 break; 671 672 default: 673 break; 674 } 675 676 break; 677 678 679 default: 680 break; 681 } 682 683 return (result); 684 } 685 686 /* 687 * kauth(9) listener 688 * 689 * Security model: Traditional NetBSD 690 * Scope: Machdep 691 * Responsibility: Superuser access 692 */ 693 int 694 secmodel_suser_machdep_cb(kauth_cred_t cred, kauth_action_t action, 695 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 696 { 697 bool isroot; 698 int result; 699 700 isroot = suser_isroot(cred); 701 result = KAUTH_RESULT_DEFER; 702 703 switch (action) { 704 case KAUTH_MACHDEP_IOPERM_GET: 705 case KAUTH_MACHDEP_LDT_GET: 706 case KAUTH_MACHDEP_LDT_SET: 707 case KAUTH_MACHDEP_MTRR_GET: 708 case KAUTH_MACHDEP_CACHEFLUSH: 709 case KAUTH_MACHDEP_IOPERM_SET: 710 case KAUTH_MACHDEP_IOPL: 711 case KAUTH_MACHDEP_MTRR_SET: 712 case KAUTH_MACHDEP_NVRAM: 713 case KAUTH_MACHDEP_UNMANAGEDMEM: 714 if (isroot) 715 result = KAUTH_RESULT_ALLOW; 716 break; 717 718 default: 719 break; 720 } 721 722 return (result); 723 } 724 725 /* 726 * kauth(9) listener 727 * 728 * Security model: Traditional NetBSD 729 * Scope: Device 730 * Responsibility: Superuser access 731 */ 732 int 733 secmodel_suser_device_cb(kauth_cred_t cred, kauth_action_t action, 734 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 735 { 736 bool isroot; 737 int result; 738 739 isroot = suser_isroot(cred); 740 result = KAUTH_RESULT_DEFER; 741 742 switch (action) { 743 case KAUTH_DEVICE_BLUETOOTH_SETPRIV: 744 case KAUTH_DEVICE_BLUETOOTH_SEND: 745 case KAUTH_DEVICE_BLUETOOTH_RECV: 746 case KAUTH_DEVICE_TTY_OPEN: 747 case KAUTH_DEVICE_TTY_PRIVSET: 748 case KAUTH_DEVICE_TTY_STI: 749 case KAUTH_DEVICE_RND_ADDDATA: 750 case KAUTH_DEVICE_RND_ADDDATA_ESTIMATE: 751 case KAUTH_DEVICE_RND_GETPRIV: 752 case KAUTH_DEVICE_RND_SETPRIV: 753 if (isroot) 754 result = KAUTH_RESULT_ALLOW; 755 break; 756 757 case KAUTH_DEVICE_BLUETOOTH_BCSP: 758 case KAUTH_DEVICE_BLUETOOTH_BTUART: { 759 enum kauth_device_req req; 760 761 req = (enum kauth_device_req)arg0; 762 switch (req) { 763 case KAUTH_REQ_DEVICE_BLUETOOTH_BCSP_ADD: 764 case KAUTH_REQ_DEVICE_BLUETOOTH_BTUART_ADD: 765 if (isroot) 766 result = KAUTH_RESULT_ALLOW; 767 break; 768 769 default: 770 break; 771 } 772 773 break; 774 } 775 776 case KAUTH_DEVICE_GPIO_PINSET: 777 /* 778 * root can access gpio pins, secmodel_securlevel can veto 779 * this decision. 780 */ 781 if (isroot) 782 result = KAUTH_RESULT_ALLOW; 783 break; 784 785 default: 786 break; 787 } 788 789 return (result); 790 } 791 792 int 793 secmodel_suser_vnode_cb(kauth_cred_t cred, kauth_action_t action, 794 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 795 { 796 bool isroot; 797 int result; 798 799 isroot = suser_isroot(cred); 800 result = KAUTH_RESULT_DEFER; 801 802 if (isroot) 803 result = KAUTH_RESULT_ALLOW; 804 805 return (result); 806 } 807 808
Indexes created Tue Oct 14 01:09:49 GMT 2025