secmodel_suser.c revision 1.39.2.2
1 /* $NetBSD: secmodel_suser.c,v 1.39.2.2 2014/08/20 00:04:43 tls Exp $ */ 2 /*- 3 * Copyright (c) 2006 Elad Efrat <elad (at) NetBSD.org> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. The name of the author may not be used to endorse or promote products 15 * derived from this software without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 /* 30 * This file contains kauth(9) listeners needed to implement the traditional 31 * NetBSD superuser access restrictions. 32 * 33 * There are two main resources a request can be issued to: user-owned and 34 * system owned. For the first, traditional Unix access checks are done, as 35 * well as superuser checks. If needed, the request context is examined before 36 * a decision is made. For the latter, usually only superuser checks are done 37 * as normal users are not allowed to access system resources. 38 */ 39 40 #include <sys/cdefs.h> 41 __KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.39.2.2 2014/08/20 00:04:43 tls Exp $"); 42 43 #include <sys/types.h> 44 #include <sys/param.h> 45 #include <sys/kauth.h> 46 47 #include <sys/mutex.h> 48 #include <sys/mount.h> 49 #include <sys/socketvar.h> 50 #include <sys/sysctl.h> 51 #include <sys/vnode.h> 52 #include <sys/proc.h> 53 #include <sys/module.h> 54 55 #include <secmodel/secmodel.h> 56 #include <secmodel/suser/suser.h> 57 58 MODULE(MODULE_CLASS_SECMODEL, suser, NULL); 59 60 static kauth_listener_t l_generic, l_system, l_process, l_network, l_machdep, 61 l_device, l_vnode; 62 63 static secmodel_t suser_sm; 64 static struct sysctllog *suser_sysctl_log; 65 66 void 67 sysctl_security_suser_setup(struct sysctllog **clog) 68 { 69 const struct sysctlnode *rnode; 70 71 sysctl_createv(clog, 0, NULL, &rnode, 72 CTLFLAG_PERMANENT, 73 CTLTYPE_NODE, "models", NULL, 74 NULL, 0, NULL, 0, 75 CTL_SECURITY, CTL_CREATE, CTL_EOL); 76 77 sysctl_createv(clog, 0, &rnode, &rnode, 78 CTLFLAG_PERMANENT, 79 CTLTYPE_NODE, "suser", NULL, 80 NULL, 0, NULL, 0, 81 CTL_CREATE, CTL_EOL); 82 83 sysctl_createv(clog, 0, &rnode, NULL, 84 CTLFLAG_PERMANENT, 85 CTLTYPE_STRING, "name", NULL, 86 NULL, 0, __UNCONST(SECMODEL_SUSER_NAME), 0, 87 CTL_CREATE, CTL_EOL); 88 } 89 90 void 91 secmodel_suser_init(void) 92 { 93 94 } 95 96 void 97 secmodel_suser_start(void) 98 { 99 l_generic = kauth_listen_scope(KAUTH_SCOPE_GENERIC, 100 secmodel_suser_generic_cb, NULL); 101 l_system = kauth_listen_scope(KAUTH_SCOPE_SYSTEM, 102 secmodel_suser_system_cb, NULL); 103 l_process = kauth_listen_scope(KAUTH_SCOPE_PROCESS, 104 secmodel_suser_process_cb, NULL); 105 l_network = kauth_listen_scope(KAUTH_SCOPE_NETWORK, 106 secmodel_suser_network_cb, NULL); 107 l_machdep = kauth_listen_scope(KAUTH_SCOPE_MACHDEP, 108 secmodel_suser_machdep_cb, NULL); 109 l_device = kauth_listen_scope(KAUTH_SCOPE_DEVICE, 110 secmodel_suser_device_cb, NULL); 111 l_vnode = kauth_listen_scope(KAUTH_SCOPE_VNODE, 112 secmodel_suser_vnode_cb, NULL); 113 } 114 115 void 116 secmodel_suser_stop(void) 117 { 118 kauth_unlisten_scope(l_generic); 119 kauth_unlisten_scope(l_system); 120 kauth_unlisten_scope(l_process); 121 kauth_unlisten_scope(l_network); 122 kauth_unlisten_scope(l_machdep); 123 kauth_unlisten_scope(l_device); 124 kauth_unlisten_scope(l_vnode); 125 } 126 127 static bool 128 suser_isroot(kauth_cred_t cred) 129 { 130 return kauth_cred_geteuid(cred) == 0; 131 } 132 133 static int 134 suser_eval(const char *what, void *arg, void *ret) 135 { 136 int error = 0; 137 138 if (strcasecmp(what, "is-root") == 0) { 139 kauth_cred_t cred = arg; 140 bool *bp = ret; 141 142 *bp = suser_isroot(cred); 143 } else { 144 error = ENOENT; 145 } 146 147 return error; 148 } 149 150 static int 151 suser_modcmd(modcmd_t cmd, void *arg) 152 { 153 int error = 0; 154 155 switch (cmd) { 156 case MODULE_CMD_INIT: 157 error = secmodel_register(&suser_sm, 158 SECMODEL_SUSER_ID, SECMODEL_SUSER_NAME, 159 NULL, suser_eval, NULL); 160 if (error != 0) 161 printf("suser_modcmd::init: secmodel_register " 162 "returned %d\n", error); 163 164 secmodel_suser_init(); 165 secmodel_suser_start(); 166 sysctl_security_suser_setup(&suser_sysctl_log); 167 break; 168 169 case MODULE_CMD_FINI: 170 sysctl_teardown(&suser_sysctl_log); 171 secmodel_suser_stop(); 172 173 error = secmodel_deregister(suser_sm); 174 if (error != 0) 175 printf("suser_modcmd::fini: secmodel_deregister " 176 "returned %d\n", error); 177 178 break; 179 180 case MODULE_CMD_AUTOUNLOAD: 181 error = EPERM; 182 break; 183 184 default: 185 error = ENOTTY; 186 break; 187 } 188 189 return (error); 190 } 191 192 /* 193 * kauth(9) listener 194 * 195 * Security model: Traditional NetBSD 196 * Scope: Generic 197 * Responsibility: Superuser access 198 */ 199 int 200 secmodel_suser_generic_cb(kauth_cred_t cred, kauth_action_t action, 201 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 202 { 203 bool isroot; 204 int result; 205 206 isroot = suser_isroot(cred); 207 result = KAUTH_RESULT_DEFER; 208 209 switch (action) { 210 case KAUTH_GENERIC_ISSUSER: 211 if (isroot) 212 result = KAUTH_RESULT_ALLOW; 213 break; 214 215 default: 216 break; 217 } 218 219 return (result); 220 } 221 222 /* 223 * kauth(9) listener 224 * 225 * Security model: Traditional NetBSD 226 * Scope: System 227 * Responsibility: Superuser access 228 */ 229 int 230 secmodel_suser_system_cb(kauth_cred_t cred, kauth_action_t action, 231 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 232 { 233 bool isroot; 234 int result; 235 enum kauth_system_req req; 236 237 isroot = suser_isroot(cred); 238 result = KAUTH_RESULT_DEFER; 239 req = (enum kauth_system_req)arg0; 240 241 switch (action) { 242 case KAUTH_SYSTEM_CPU: 243 switch (req) { 244 case KAUTH_REQ_SYSTEM_CPU_SETSTATE: 245 if (isroot) 246 result = KAUTH_RESULT_ALLOW; 247 248 break; 249 250 default: 251 break; 252 } 253 254 break; 255 256 case KAUTH_SYSTEM_DEVMAPPER: 257 if (isroot) 258 result = KAUTH_RESULT_ALLOW; 259 260 break; 261 262 case KAUTH_SYSTEM_FS_QUOTA: 263 switch (req) { 264 case KAUTH_REQ_SYSTEM_FS_QUOTA_GET: 265 case KAUTH_REQ_SYSTEM_FS_QUOTA_ONOFF: 266 case KAUTH_REQ_SYSTEM_FS_QUOTA_MANAGE: 267 case KAUTH_REQ_SYSTEM_FS_QUOTA_NOLIMIT: 268 if (isroot) 269 result = KAUTH_RESULT_ALLOW; 270 break; 271 272 default: 273 break; 274 } 275 276 break; 277 278 case KAUTH_SYSTEM_SYSVIPC: 279 switch (req) { 280 case KAUTH_REQ_SYSTEM_SYSVIPC_BYPASS: 281 case KAUTH_REQ_SYSTEM_SYSVIPC_SHM_LOCK: 282 case KAUTH_REQ_SYSTEM_SYSVIPC_SHM_UNLOCK: 283 case KAUTH_REQ_SYSTEM_SYSVIPC_MSGQ_OVERSIZE: 284 if (isroot) 285 result = KAUTH_RESULT_ALLOW; 286 287 break; 288 289 default: 290 break; 291 } 292 293 break; 294 295 case KAUTH_SYSTEM_MOUNT: 296 switch (req) { 297 case KAUTH_REQ_SYSTEM_MOUNT_DEVICE: 298 case KAUTH_REQ_SYSTEM_MOUNT_GET: 299 case KAUTH_REQ_SYSTEM_MOUNT_NEW: 300 case KAUTH_REQ_SYSTEM_MOUNT_UNMOUNT: 301 case KAUTH_REQ_SYSTEM_MOUNT_UPDATE: 302 case KAUTH_REQ_SYSTEM_MOUNT_UMAP: 303 if (isroot) { 304 result = KAUTH_RESULT_ALLOW; 305 break; 306 } 307 308 break; 309 310 default: 311 break; 312 } 313 314 break; 315 316 case KAUTH_SYSTEM_MQUEUE: 317 if (isroot) 318 result = KAUTH_RESULT_ALLOW; 319 320 break; 321 322 case KAUTH_SYSTEM_PSET: 323 switch (req) { 324 case KAUTH_REQ_SYSTEM_PSET_ASSIGN: 325 case KAUTH_REQ_SYSTEM_PSET_BIND: 326 case KAUTH_REQ_SYSTEM_PSET_CREATE: 327 case KAUTH_REQ_SYSTEM_PSET_DESTROY: 328 if (isroot) 329 result = KAUTH_RESULT_ALLOW; 330 331 break; 332 333 default: 334 break; 335 } 336 337 break; 338 339 case KAUTH_SYSTEM_TIME: 340 switch (req) { 341 case KAUTH_REQ_SYSTEM_TIME_ADJTIME: 342 case KAUTH_REQ_SYSTEM_TIME_NTPADJTIME: 343 case KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS: 344 case KAUTH_REQ_SYSTEM_TIME_SYSTEM: 345 case KAUTH_REQ_SYSTEM_TIME_RTCOFFSET: 346 if (isroot) 347 result = KAUTH_RESULT_ALLOW; 348 break; 349 350 default: 351 break; 352 } 353 break; 354 355 case KAUTH_SYSTEM_SEMAPHORE: 356 if (isroot) 357 result = KAUTH_RESULT_ALLOW; 358 359 break; 360 361 case KAUTH_SYSTEM_SYSCTL: 362 switch (req) { 363 case KAUTH_REQ_SYSTEM_SYSCTL_ADD: 364 case KAUTH_REQ_SYSTEM_SYSCTL_DELETE: 365 case KAUTH_REQ_SYSTEM_SYSCTL_DESC: 366 case KAUTH_REQ_SYSTEM_SYSCTL_MODIFY: 367 case KAUTH_REQ_SYSTEM_SYSCTL_PRVT: 368 if (isroot) 369 result = KAUTH_RESULT_ALLOW; 370 break; 371 372 default: 373 break; 374 } 375 376 break; 377 378 case KAUTH_SYSTEM_SWAPCTL: 379 case KAUTH_SYSTEM_ACCOUNTING: 380 case KAUTH_SYSTEM_REBOOT: 381 case KAUTH_SYSTEM_CHROOT: 382 case KAUTH_SYSTEM_FILEHANDLE: 383 case KAUTH_SYSTEM_MKNOD: 384 case KAUTH_SYSTEM_SETIDCORE: 385 case KAUTH_SYSTEM_MODULE: 386 case KAUTH_SYSTEM_FS_RESERVEDSPACE: 387 case KAUTH_SYSTEM_MAP_VA_ZERO: 388 case KAUTH_SYSTEM_FS_EXTATTR: 389 case KAUTH_SYSTEM_FS_SNAPSHOT: 390 if (isroot) 391 result = KAUTH_RESULT_ALLOW; 392 break; 393 394 case KAUTH_SYSTEM_DEBUG: 395 switch (req) { 396 case KAUTH_REQ_SYSTEM_DEBUG_IPKDB: 397 if (isroot) 398 result = KAUTH_RESULT_ALLOW; 399 400 break; 401 402 default: 403 break; 404 } 405 406 break; 407 408 case KAUTH_SYSTEM_CHSYSFLAGS: 409 /* Deprecated. */ 410 if (isroot) 411 result = KAUTH_RESULT_ALLOW; 412 413 break; 414 415 case KAUTH_SYSTEM_VERIEXEC: 416 switch (req) { 417 case KAUTH_REQ_SYSTEM_VERIEXEC_ACCESS: 418 case KAUTH_REQ_SYSTEM_VERIEXEC_MODIFY: 419 if (isroot) 420 result = KAUTH_RESULT_ALLOW; 421 422 break; 423 424 default: 425 break; 426 } 427 428 break; 429 430 case KAUTH_SYSTEM_LFS: 431 switch (req) { 432 case KAUTH_REQ_SYSTEM_LFS_MARKV: 433 case KAUTH_REQ_SYSTEM_LFS_BMAPV: 434 case KAUTH_REQ_SYSTEM_LFS_SEGCLEAN: 435 case KAUTH_REQ_SYSTEM_LFS_SEGWAIT: 436 case KAUTH_REQ_SYSTEM_LFS_FCNTL: 437 if (isroot) 438 result = KAUTH_RESULT_ALLOW; 439 440 default: 441 break; 442 } 443 444 break; 445 446 default: 447 break; 448 } 449 450 return (result); 451 } 452 453 /* 454 * kauth(9) listener 455 * 456 * Security model: Traditional NetBSD 457 * Scope: Process 458 * Responsibility: Superuser access 459 */ 460 int 461 secmodel_suser_process_cb(kauth_cred_t cred, kauth_action_t action, 462 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 463 { 464 bool isroot; 465 int result; 466 467 isroot = suser_isroot(cred); 468 result = KAUTH_RESULT_DEFER; 469 470 switch (action) { 471 case KAUTH_PROCESS_SIGNAL: 472 case KAUTH_PROCESS_KTRACE: 473 case KAUTH_PROCESS_PROCFS: 474 case KAUTH_PROCESS_PTRACE: 475 case KAUTH_PROCESS_SCHEDULER_GETPARAM: 476 case KAUTH_PROCESS_SCHEDULER_SETPARAM: 477 case KAUTH_PROCESS_SCHEDULER_GETAFFINITY: 478 case KAUTH_PROCESS_SCHEDULER_SETAFFINITY: 479 case KAUTH_PROCESS_SETID: 480 case KAUTH_PROCESS_KEVENT_FILTER: 481 case KAUTH_PROCESS_NICE: 482 case KAUTH_PROCESS_FORK: 483 case KAUTH_PROCESS_CORENAME: 484 case KAUTH_PROCESS_STOPFLAG: 485 if (isroot) 486 result = KAUTH_RESULT_ALLOW; 487 488 break; 489 490 case KAUTH_PROCESS_CANSEE: { 491 unsigned long req; 492 493 req = (unsigned long)arg1; 494 495 switch (req) { 496 case KAUTH_REQ_PROCESS_CANSEE_ARGS: 497 case KAUTH_REQ_PROCESS_CANSEE_ENTRY: 498 case KAUTH_REQ_PROCESS_CANSEE_OPENFILES: 499 if (isroot) { 500 result = KAUTH_RESULT_ALLOW; 501 break; 502 } 503 504 break; 505 506 case KAUTH_REQ_PROCESS_CANSEE_ENV: 507 if (isroot) 508 result = KAUTH_RESULT_ALLOW; 509 510 break; 511 512 default: 513 break; 514 } 515 516 break; 517 } 518 519 case KAUTH_PROCESS_RLIMIT: { 520 enum kauth_process_req req; 521 522 req = (enum kauth_process_req)(unsigned long)arg1; 523 524 switch (req) { 525 case KAUTH_REQ_PROCESS_RLIMIT_SET: 526 case KAUTH_REQ_PROCESS_RLIMIT_GET: 527 case KAUTH_REQ_PROCESS_RLIMIT_BYPASS: 528 if (isroot) 529 result = KAUTH_RESULT_ALLOW; 530 531 break; 532 533 default: 534 break; 535 } 536 537 break; 538 } 539 540 default: 541 break; 542 } 543 544 return (result); 545 } 546 547 /* 548 * kauth(9) listener 549 * 550 * Security model: Traditional NetBSD 551 * Scope: Network 552 * Responsibility: Superuser access 553 */ 554 int 555 secmodel_suser_network_cb(kauth_cred_t cred, kauth_action_t action, 556 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 557 { 558 bool isroot; 559 int result; 560 enum kauth_network_req req; 561 562 isroot = suser_isroot(cred); 563 result = KAUTH_RESULT_DEFER; 564 req = (enum kauth_network_req)arg0; 565 566 switch (action) { 567 case KAUTH_NETWORK_ALTQ: 568 switch (req) { 569 case KAUTH_REQ_NETWORK_ALTQ_AFMAP: 570 case KAUTH_REQ_NETWORK_ALTQ_BLUE: 571 case KAUTH_REQ_NETWORK_ALTQ_CBQ: 572 case KAUTH_REQ_NETWORK_ALTQ_CDNR: 573 case KAUTH_REQ_NETWORK_ALTQ_CONF: 574 case KAUTH_REQ_NETWORK_ALTQ_FIFOQ: 575 case KAUTH_REQ_NETWORK_ALTQ_HFSC: 576 case KAUTH_REQ_NETWORK_ALTQ_JOBS: 577 case KAUTH_REQ_NETWORK_ALTQ_PRIQ: 578 case KAUTH_REQ_NETWORK_ALTQ_RED: 579 case KAUTH_REQ_NETWORK_ALTQ_RIO: 580 case KAUTH_REQ_NETWORK_ALTQ_WFQ: 581 if (isroot) 582 result = KAUTH_RESULT_ALLOW; 583 break; 584 585 default: 586 break; 587 } 588 589 break; 590 591 case KAUTH_NETWORK_BIND: 592 switch (req) { 593 case KAUTH_REQ_NETWORK_BIND_PORT: 594 case KAUTH_REQ_NETWORK_BIND_PRIVPORT: 595 if (isroot) 596 result = KAUTH_RESULT_ALLOW; 597 break; 598 599 default: 600 break; 601 } 602 break; 603 604 case KAUTH_NETWORK_FIREWALL: 605 switch (req) { 606 case KAUTH_REQ_NETWORK_FIREWALL_FW: 607 case KAUTH_REQ_NETWORK_FIREWALL_NAT: 608 if (isroot) 609 result = KAUTH_RESULT_ALLOW; 610 611 break; 612 613 default: 614 break; 615 } 616 break; 617 618 case KAUTH_NETWORK_FORWSRCRT: 619 case KAUTH_NETWORK_ROUTE: 620 if (isroot) 621 result = KAUTH_RESULT_ALLOW; 622 623 break; 624 625 case KAUTH_NETWORK_INTERFACE: 626 switch (req) { 627 case KAUTH_REQ_NETWORK_INTERFACE_GET: 628 case KAUTH_REQ_NETWORK_INTERFACE_SET: 629 case KAUTH_REQ_NETWORK_INTERFACE_GETPRIV: 630 case KAUTH_REQ_NETWORK_INTERFACE_SETPRIV: 631 case KAUTH_REQ_NETWORK_INTERFACE_FIRMWARE: 632 if (isroot) 633 result = KAUTH_RESULT_ALLOW; 634 break; 635 636 default: 637 break; 638 } 639 break; 640 641 case KAUTH_NETWORK_INTERFACE_BRIDGE: 642 switch (req) { 643 case KAUTH_REQ_NETWORK_INTERFACE_BRIDGE_GETPRIV: 644 case KAUTH_REQ_NETWORK_INTERFACE_BRIDGE_SETPRIV: 645 if (isroot) 646 result = KAUTH_RESULT_ALLOW; 647 break; 648 649 default: 650 break; 651 } 652 653 break; 654 655 case KAUTH_NETWORK_INTERFACE_PPP: 656 switch (req) { 657 case KAUTH_REQ_NETWORK_INTERFACE_PPP_ADD: 658 if (isroot) 659 result = KAUTH_RESULT_ALLOW; 660 break; 661 662 default: 663 break; 664 } 665 666 break; 667 668 case KAUTH_NETWORK_INTERFACE_PVC: 669 switch (req) { 670 case KAUTH_REQ_NETWORK_INTERFACE_PVC_ADD: 671 if (isroot) 672 result = KAUTH_RESULT_ALLOW; 673 674 break; 675 676 default: 677 break; 678 } 679 680 break; 681 682 case KAUTH_NETWORK_INTERFACE_SLIP: 683 switch (req) { 684 case KAUTH_REQ_NETWORK_INTERFACE_SLIP_ADD: 685 if (isroot) 686 result = KAUTH_RESULT_ALLOW; 687 break; 688 689 default: 690 break; 691 } 692 693 break; 694 695 case KAUTH_NETWORK_INTERFACE_STRIP: 696 switch (req) { 697 case KAUTH_REQ_NETWORK_INTERFACE_STRIP_ADD: 698 if (isroot) 699 result = KAUTH_RESULT_ALLOW; 700 break; 701 702 default: 703 break; 704 } 705 706 break; 707 708 case KAUTH_NETWORK_INTERFACE_TUN: 709 switch (req) { 710 case KAUTH_REQ_NETWORK_INTERFACE_TUN_ADD: 711 if (isroot) 712 result = KAUTH_RESULT_ALLOW; 713 break; 714 715 default: 716 break; 717 } 718 719 break; 720 721 case KAUTH_NETWORK_IPV6: 722 switch (req) { 723 case KAUTH_REQ_NETWORK_IPV6_HOPBYHOP: 724 case KAUTH_REQ_NETWORK_IPV6_JOIN_MULTICAST: 725 if (isroot) 726 result = KAUTH_RESULT_ALLOW; 727 728 break; 729 730 default: 731 break; 732 } 733 734 break; 735 736 case KAUTH_NETWORK_NFS: 737 switch (req) { 738 case KAUTH_REQ_NETWORK_NFS_EXPORT: 739 case KAUTH_REQ_NETWORK_NFS_SVC: 740 if (isroot) 741 result = KAUTH_RESULT_ALLOW; 742 743 break; 744 745 default: 746 break; 747 } 748 break; 749 750 case KAUTH_NETWORK_SMB: 751 switch (req) { 752 case KAUTH_REQ_NETWORK_SMB_SHARE_ACCESS: 753 case KAUTH_REQ_NETWORK_SMB_SHARE_CREATE: 754 case KAUTH_REQ_NETWORK_SMB_VC_ACCESS: 755 case KAUTH_REQ_NETWORK_SMB_VC_CREATE: 756 if (isroot) 757 result = KAUTH_RESULT_ALLOW; 758 759 break; 760 761 default: 762 break; 763 } 764 765 break; 766 767 case KAUTH_NETWORK_SOCKET: 768 switch (req) { 769 case KAUTH_REQ_NETWORK_SOCKET_DROP: 770 case KAUTH_REQ_NETWORK_SOCKET_OPEN: 771 case KAUTH_REQ_NETWORK_SOCKET_RAWSOCK: 772 case KAUTH_REQ_NETWORK_SOCKET_SETPRIV: 773 if (isroot) 774 result = KAUTH_RESULT_ALLOW; 775 break; 776 777 case KAUTH_REQ_NETWORK_SOCKET_CANSEE: 778 if (isroot) { 779 result = KAUTH_RESULT_ALLOW; 780 break; 781 } 782 783 break; 784 785 default: 786 break; 787 } 788 789 break; 790 791 case KAUTH_NETWORK_IPSEC: 792 switch (req) { 793 case KAUTH_REQ_NETWORK_IPSEC_BYPASS: 794 if (isroot) 795 result = KAUTH_RESULT_ALLOW; 796 797 break; 798 799 default: 800 break; 801 } 802 803 break; 804 805 default: 806 break; 807 } 808 809 return (result); 810 } 811 812 /* 813 * kauth(9) listener 814 * 815 * Security model: Traditional NetBSD 816 * Scope: Machdep 817 * Responsibility: Superuser access 818 */ 819 int 820 secmodel_suser_machdep_cb(kauth_cred_t cred, kauth_action_t action, 821 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 822 { 823 bool isroot; 824 int result; 825 826 isroot = suser_isroot(cred); 827 result = KAUTH_RESULT_DEFER; 828 829 switch (action) { 830 case KAUTH_MACHDEP_CPU_UCODE_APPLY: 831 case KAUTH_MACHDEP_IOPERM_GET: 832 case KAUTH_MACHDEP_LDT_GET: 833 case KAUTH_MACHDEP_LDT_SET: 834 case KAUTH_MACHDEP_MTRR_GET: 835 case KAUTH_MACHDEP_CACHEFLUSH: 836 case KAUTH_MACHDEP_IOPERM_SET: 837 case KAUTH_MACHDEP_IOPL: 838 case KAUTH_MACHDEP_MTRR_SET: 839 case KAUTH_MACHDEP_NVRAM: 840 case KAUTH_MACHDEP_UNMANAGEDMEM: 841 case KAUTH_MACHDEP_PXG: 842 if (isroot) 843 result = KAUTH_RESULT_ALLOW; 844 break; 845 846 default: 847 break; 848 } 849 850 return (result); 851 } 852 853 /* 854 * kauth(9) listener 855 * 856 * Security model: Traditional NetBSD 857 * Scope: Device 858 * Responsibility: Superuser access 859 */ 860 int 861 secmodel_suser_device_cb(kauth_cred_t cred, kauth_action_t action, 862 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 863 { 864 bool isroot; 865 int result; 866 867 isroot = suser_isroot(cred); 868 result = KAUTH_RESULT_DEFER; 869 870 switch (action) { 871 case KAUTH_DEVICE_BLUETOOTH_SETPRIV: 872 case KAUTH_DEVICE_BLUETOOTH_SEND: 873 case KAUTH_DEVICE_BLUETOOTH_RECV: 874 case KAUTH_DEVICE_TTY_OPEN: 875 case KAUTH_DEVICE_TTY_PRIVSET: 876 case KAUTH_DEVICE_TTY_STI: 877 case KAUTH_DEVICE_TTY_VIRTUAL: 878 case KAUTH_DEVICE_RND_ADDDATA: 879 case KAUTH_DEVICE_RND_ADDDATA_ESTIMATE: 880 case KAUTH_DEVICE_RND_GETPRIV: 881 case KAUTH_DEVICE_RND_SETPRIV: 882 case KAUTH_DEVICE_WSCONS_KEYBOARD_BELL: 883 case KAUTH_DEVICE_WSCONS_KEYBOARD_KEYREPEAT: 884 if (isroot) 885 result = KAUTH_RESULT_ALLOW; 886 break; 887 888 case KAUTH_DEVICE_BLUETOOTH_BCSP: 889 case KAUTH_DEVICE_BLUETOOTH_BTUART: { 890 enum kauth_device_req req; 891 892 req = (enum kauth_device_req)arg0; 893 switch (req) { 894 case KAUTH_REQ_DEVICE_BLUETOOTH_BCSP_ADD: 895 case KAUTH_REQ_DEVICE_BLUETOOTH_BTUART_ADD: 896 if (isroot) 897 result = KAUTH_RESULT_ALLOW; 898 break; 899 900 default: 901 break; 902 } 903 904 break; 905 } 906 907 case KAUTH_DEVICE_GPIO_PINSET: 908 /* 909 * root can access gpio pins, secmodel_securlevel can veto 910 * this decision. 911 */ 912 if (isroot) 913 result = KAUTH_RESULT_ALLOW; 914 break; 915 916 default: 917 break; 918 } 919 920 return (result); 921 } 922 923 int 924 secmodel_suser_vnode_cb(kauth_cred_t cred, kauth_action_t action, 925 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 926 { 927 bool isroot; 928 int result; 929 930 isroot = suser_isroot(cred); 931 result = KAUTH_RESULT_DEFER; 932 933 if (isroot) { 934 /* Superuser can execute only if the file's executable. */ 935 if ((action & KAUTH_VNODE_EXECUTE) == 0 || 936 (action & KAUTH_VNODE_IS_EXEC)) 937 result = KAUTH_RESULT_ALLOW; 938 } 939 940 return (result); 941 } 942 943
Indexes created Wed Oct 15 07:09:58 GMT 2025