Permit MAC policies to instrument the access control decisions for

system accounting configuration and for nfsd server thread attach.
Policies might use this to protect the integrity or confidentiality
of accounting data, limit the ability to turn on or off accounting,
as well as to prevent inappropriately labeled threads from becoming nfs
server threads.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories

1 files changed, 9 insertions, 2 deletions

diff --git a/sys/nfsserver/nfs_syscalls.c b/sys/nfsserver/nfs_syscalls.c
index 10e0ed2aced7..80271cd106b6 100644
--- a/sys/nfsserver/nfs_syscalls.c
+++ b/sys/nfsserver/nfs_syscalls.c
@@ -41,6 +41,7 @@
 __FBSDID("$FreeBSD$");
 
 #include "opt_inet6.h"
+#include "opt_mac.h"
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -50,6 +51,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/file.h>
 #include <sys/filedesc.h>
 #include <sys/vnode.h>
+#include <sys/mac.h>
 #include <sys/malloc.h>
 #include <sys/mount.h>
 #include <sys/proc.h>
@@ -137,10 +139,15 @@ nfssvc(struct thread *td, struct nfssvc_args *uap)
 	struct nfsd_args nfsdarg;
 	int error;
 
-	mtx_lock(&Giant);
+#ifdef MAC
+	error = mac_check_system_nfsd(td->td_ucred);
+	if (error)
+		return (error);
+#endif
 	error = suser(td);
 	if (error)
-		goto done2;
+		return (error);
+	mtx_lock(&Giant);
 	while (nfssvc_sockhead_flag & SLP_INIT) {
 		 nfssvc_sockhead_flag |= SLP_WANTINIT;
 		(void) tsleep((caddr_t)&nfssvc_sockhead, PSOCK, "nfsd init", 0);