dsl_prop_unregister_all(dmu_objset_ds(os), zfsvfs);
}
-#ifdef SECLABEL
-/*
- * Convert a decimal digit string to a uint64_t integer.
- */
-static int
-str_to_uint64(char *str, uint64_t *objnum)
-{
- uint64_t num = 0;
-
- while (*str) {
- if (*str < '0' || *str > '9')
- return (SET_ERROR(EINVAL));
-
- num = num*10 + *str++ - '0';
- }
-
- *objnum = num;
- return (0);
-}
-
-/*
- * The boot path passed from the boot loader is in the form of
- * "rootpool-name/root-filesystem-object-number'. Convert this
- * string to a dataset name: "rootpool-name/root-filesystem-name".
- */
-static int
-zfs_parse_bootfs(char *bpath, char *outpath)
-{
- char *slashp;
- uint64_t objnum;
- int error;
-
- if (*bpath == 0 || *bpath == '/')
- return (SET_ERROR(EINVAL));
-
- (void) strcpy(outpath, bpath);
-
- slashp = strchr(bpath, '/');
-
- /* if no '/', just return the pool name */
- if (slashp == NULL) {
- return (0);
- }
-
- /* if not a number, just return the root dataset name */
- if (str_to_uint64(slashp+1, &objnum)) {
- return (0);
- }
-
- *slashp = '\0';
- error = dsl_dsobj_to_dsname(bpath, objnum, outpath);
- *slashp = '/';
-
- return (error);
-}
-
-/*
- * Check that the hex label string is appropriate for the dataset being
- * mounted into the global_zone proper.
- *
- * Return an error if the hex label string is not default or
- * admin_low/admin_high. For admin_low labels, the corresponding
- * dataset must be readonly.
- */
-int
-zfs_check_global_label(const char *dsname, const char *hexsl)
-{
- if (strcasecmp(hexsl, ZFS_MLSLABEL_DEFAULT) == 0)
- return (0);
- if (strcasecmp(hexsl, ADMIN_HIGH) == 0)
- return (0);
- if (strcasecmp(hexsl, ADMIN_LOW) == 0) {
- /* must be readonly */
- uint64_t rdonly;
-
- if (dsl_prop_get_integer(dsname,
- zfs_prop_to_name(ZFS_PROP_READONLY), &rdonly, NULL))
- return (SET_ERROR(EACCES));
- return (rdonly ? 0 : EACCES);
- }
- return (SET_ERROR(EACCES));
-}
-
-/*
- * Determine whether the mount is allowed according to MAC check.
- * by comparing (where appropriate) label of the dataset against
- * the label of the zone being mounted into. If the dataset has
- * no label, create one.
- *
- * Returns 0 if access allowed, error otherwise (e.g. EACCES)
- */
-static int
-zfs_mount_label_policy(vfs_t *vfsp, char *osname)
-{
- int error, retv;
- zone_t *mntzone = NULL;
- ts_label_t *mnt_tsl;
- bslabel_t *mnt_sl;
- bslabel_t ds_sl;
- char ds_hexsl[MAXNAMELEN];
-
- retv = EACCES; /* assume the worst */
-
- /*
- * Start by getting the dataset label if it exists.
- */
- error = dsl_prop_get(osname, zfs_prop_to_name(ZFS_PROP_MLSLABEL),
- 1, sizeof (ds_hexsl), &ds_hexsl, NULL);
- if (error)
- return (SET_ERROR(EACCES));
-
- /*
- * If labeling is NOT enabled, then disallow the mount of datasets
- * which have a non-default label already. No other label checks
- * are needed.
- */
- if (!is_system_labeled()) {
- if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) == 0)
- return (0);
- return (SET_ERROR(EACCES));
- }
-
- /*
- * Get the label of the mountpoint. If mounting into the global
- * zone (i.e. mountpoint is not within an active zone and the
- * zoned property is off), the label must be default or
- * admin_low/admin_high only; no other checks are needed.
- */
- mntzone = zone_find_by_any_path(vfsp->vfs_mntpt, B_FALSE);
- if (mntzone->zone_id == GLOBAL_ZONEID) {
- uint64_t zoned;
-
- zone_rele(mntzone);
-
- if (dsl_prop_get_integer(osname,
- zfs_prop_to_name(ZFS_PROP_ZONED), &zoned, NULL))
- return (SET_ERROR(EACCES));
- if (!zoned)
- return (zfs_check_global_label(osname, ds_hexsl));
- else
- /*
- * This is the case of a zone dataset being mounted
- * initially, before the zone has been fully created;
- * allow this mount into global zone.
- */
- return (0);
- }
-
- mnt_tsl = mntzone->zone_slabel;
- ASSERT(mnt_tsl != NULL);
- label_hold(mnt_tsl);
- mnt_sl = label2bslabel(mnt_tsl);
-
- if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) == 0) {
- /*
- * The dataset doesn't have a real label, so fabricate one.
- */
- char *str = NULL;
-
- if (l_to_str_internal(mnt_sl, &str) == 0 &&
- dsl_prop_set_string(osname,
- zfs_prop_to_name(ZFS_PROP_MLSLABEL),
- ZPROP_SRC_LOCAL, str) == 0)
- retv = 0;
- if (str != NULL)
- kmem_free(str, strlen(str) + 1);
- } else if (hexstr_to_label(ds_hexsl, &ds_sl) == 0) {
- /*
- * Now compare labels to complete the MAC check. If the
- * labels are equal then allow access. If the mountpoint
- * label dominates the dataset label, allow readonly access.
- * Otherwise, access is denied.
- */
- if (blequal(mnt_sl, &ds_sl))
- retv = 0;
- else if (bldominates(mnt_sl, &ds_sl)) {
- vfs_setmntopt(vfsp, MNTOPT_RO, NULL, 0);
- retv = 0;
- }
- }
-
- label_rele(mnt_tsl);
- zone_rele(mntzone);
- return (retv);
-}
-#endif /* SECLABEL */
-
static int
getpoolname(const char *osname, char *poolname)
{
goto out;
}
-#ifdef SECLABEL
- error = zfs_mount_label_policy(vfsp, osname);
- if (error)
- goto out;
-#endif
-
vfsp->vfs_flag |= MNT_NFS4ACLS;
/*
projects / mirror_zfs.git / commitdiff