[src/netbsd-6-0]: src/sys/secmodel Pull up following revision(s) (requested b...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/netbsd-6-0]: src/sys/secmodel Pull up following revision(s) (requested b...
From: riz <riz%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 22:20:54 +0000

details:   https://anonhg.NetBSD.org/src/rev/629f60d16119
branches:  netbsd-6-0
changeset: 774762:629f60d16119
user:      riz <riz%NetBSD.org@localhost>
date:      Fri Feb 08 23:04:01 2013 +0000

description:
Pull up following revision(s) (requested by jym in ticket #802):
        sys/secmodel/securelevel/secmodel_securelevel.c: revision 1.29
        sys/secmodel/extensions/secmodel_extensions.c: revision 1.4
Re-instate backwards compatible security.models.bsd44.{curtain,securelevel}.
They were mistakenly removed when curtain and securelevel moved to
secmodel_extensions(9).
Reported by tls@ on tech-security@.
XXX will ask for pull-up for -6.

diffstat:

 sys/secmodel/extensions/secmodel_extensions.c   |  23 ++++++++++++++++++++---
 sys/secmodel/securelevel/secmodel_securelevel.c |  22 +++++++++++++++++++---
 2 files changed, 39 insertions(+), 6 deletions(-)

diffs (101 lines):

diff -r 7a301722c16e -r 629f60d16119 sys/secmodel/extensions/secmodel_extensions.c
--- a/sys/secmodel/extensions/secmodel_extensions.c     Fri Feb 08 23:01:40 2013 +0000
+++ b/sys/secmodel/extensions/secmodel_extensions.c     Fri Feb 08 23:04:01 2013 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_extensions.c,v 1.2 2011/12/04 21:04:51 jym Exp $ */
+/* $NetBSD: secmodel_extensions.c,v 1.2.8.1 2013/02/08 23:04:01 riz Exp $ */
 /*-
  * Copyright (c) 2011 Elad Efrat <elad%NetBSD.org@localhost>
  * All rights reserved.
@@ -27,7 +27,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_extensions.c,v 1.2 2011/12/04 21:04:51 jym Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_extensions.c,v 1.2.8.1 2013/02/08 23:04:01 riz Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -73,7 +73,7 @@
 static void
 sysctl_security_extensions_setup(struct sysctllog **clog)
 {
-       const struct sysctlnode *rnode;
+       const struct sysctlnode *rnode, *rnode2;
 
        sysctl_createv(clog, 0, NULL, &rnode,
                       CTLFLAG_PERMANENT,
@@ -87,6 +87,23 @@
                       NULL, 0, NULL, 0,
                       CTL_CREATE, CTL_EOL);
 
+       /* Compatibility: security.models.bsd44 */
+       rnode2 = rnode;
+       sysctl_createv(clog, 0, &rnode2, &rnode2,
+                      CTLFLAG_PERMANENT,
+                      CTLTYPE_NODE, "bsd44", NULL,
+                      NULL, 0, NULL, 0,
+                      CTL_CREATE, CTL_EOL);
+
+        /* Compatibility: security.models.bsd44.curtain */
+       sysctl_createv(clog, 0, &rnode2, NULL,
+                      CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+                      CTLTYPE_INT, "curtain",
+                      SYSCTL_DESCR("Curtain information about objects to "\
+                                   "users not owning them."),
+                      sysctl_extensions_curtain_handler, 0, &curtain, 0,
+                      CTL_CREATE, CTL_EOL);
+
        sysctl_createv(clog, 0, &rnode, &rnode,
                       CTLFLAG_PERMANENT,
                       CTLTYPE_NODE, "extensions", NULL,
diff -r 7a301722c16e -r 629f60d16119 sys/secmodel/securelevel/secmodel_securelevel.c
--- a/sys/secmodel/securelevel/secmodel_securelevel.c   Fri Feb 08 23:01:40 2013 +0000
+++ b/sys/secmodel/securelevel/secmodel_securelevel.c   Fri Feb 08 23:04:01 2013 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_securelevel.c,v 1.26 2012/01/17 10:47:27 cegger Exp $ */
+/* $NetBSD: secmodel_securelevel.c,v 1.26.6.1 2013/02/08 23:04:01 riz Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <elad%NetBSD.org@localhost>
  * All rights reserved.
@@ -35,7 +35,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_securelevel.c,v 1.26 2012/01/17 10:47:27 cegger Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_securelevel.c,v 1.26.6.1 2013/02/08 23:04:01 riz Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_insecure.h"
@@ -95,7 +95,7 @@
 void
 sysctl_security_securelevel_setup(struct sysctllog **clog)
 {
-       const struct sysctlnode *rnode;
+       const struct sysctlnode *rnode, *rnode2;
 
        sysctl_createv(clog, 0, NULL, &rnode,
                       CTLFLAG_PERMANENT,
@@ -109,6 +109,22 @@
                       NULL, 0, NULL, 0,
                       CTL_CREATE, CTL_EOL);
 
+       /* Compatibility: security.models.bsd44 */
+       rnode2 = rnode;
+       sysctl_createv(clog, 0, &rnode2, &rnode2,
+                      CTLFLAG_PERMANENT,
+                      CTLTYPE_NODE, "bsd44", NULL,
+                      NULL, 0, NULL, 0,
+                      CTL_CREATE, CTL_EOL);
+
+        /* Compatibility: security.models.bsd44.securelevel */
+       sysctl_createv(clog, 0, &rnode2, NULL,
+                      CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+                      CTLTYPE_INT, "securelevel",
+                      SYSCTL_DESCR("System security level"),
+                      secmodel_securelevel_sysctl, 0, NULL, 0,
+                      CTL_CREATE, CTL_EOL);
+
        sysctl_createv(clog, 0, &rnode, &rnode,
                       CTLFLAG_PERMANENT,
                       CTLTYPE_NODE, "securelevel", NULL,

Prev by Date: [src/netbsd-6-0]: src/etc Pull up following revision(s) (requested by apb in ...
Next by Date: [src/netbsd-6-0]: src/doc Ticket 801.
Previous by Thread: [src/netbsd-6-0]: src/etc Pull up following revision(s) (requested by apb in ...
Next by Thread: [src/netbsd-6-0]: src/doc Ticket 801.
Indexes:

Home | Main Index | Thread Index | Old Index