| mac_test.c (102162) | mac_test.c (104514) |
|---|---|
| 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by NAI Labs, --- 20 unchanged lines hidden (view full) --- 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 * | 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by NAI Labs, --- 20 unchanged lines hidden (view full) --- 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 * |
| 37 * $FreeBSD: head/sys/security/mac_test/mac_test.c 102162 2002-08-20 02:53:35Z rwatson $ | 37 * $FreeBSD: head/sys/security/mac_test/mac_test.c 104514 2002-10-05 15:10:00Z rwatson $ |
| 38 */ 39 40/* 41 * Developed by the TrustedBSD Project. 42 * Generic mandatory access module that does nothing. 43 */ 44 45#include <sys/types.h> --- 67 unchanged lines hidden (view full) --- 113SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_ipq, CTLFLAG_RD, 114 &init_count_ipq, 0, "ipq init calls"); 115static int init_count_mbuf; 116SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_mbuf, CTLFLAG_RD, 117 &init_count_mbuf, 0, "mbuf init calls"); 118static int init_count_mount; 119SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_mount, CTLFLAG_RD, 120 &init_count_mount, 0, "mount init calls"); | 38 */ 39 40/* 41 * Developed by the TrustedBSD Project. 42 * Generic mandatory access module that does nothing. 43 */ 44 45#include <sys/types.h> --- 67 unchanged lines hidden (view full) --- 113SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_ipq, CTLFLAG_RD, 114 &init_count_ipq, 0, "ipq init calls"); 115static int init_count_mbuf; 116SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_mbuf, CTLFLAG_RD, 117 &init_count_mbuf, 0, "mbuf init calls"); 118static int init_count_mount; 119SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_mount, CTLFLAG_RD, 120 &init_count_mount, 0, "mount init calls"); |
| 121static int init_count_mount_fslabel; 122SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_mount_fslabel, CTLFLAG_RD, 123 &init_count_mount_fslabel, 0, "mount_fslabel init calls"); |
|
| 121static int init_count_socket; 122SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_socket, CTLFLAG_RD, 123 &init_count_socket, 0, "socket init calls"); | 124static int init_count_socket; 125SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_socket, CTLFLAG_RD, 126 &init_count_socket, 0, "socket init calls"); |
| 127static int init_count_socket_peerlabel; 128SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_socket_peerlabel, 129 CTLFLAG_RD, &init_count_socket_peerlabel, 0, 130 "socket_peerlabel init calls"); |
|
| 124static int init_count_pipe; 125SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_pipe, CTLFLAG_RD, 126 &init_count_pipe, 0, "pipe init calls"); 127static int init_count_temp; 128SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_temp, CTLFLAG_RD, 129 &init_count_temp, 0, "temp init calls"); 130static int init_count_vnode; 131SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_vnode, CTLFLAG_RD, --- 15 unchanged lines hidden (view full) --- 147SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_ipq, CTLFLAG_RD, 148 &destroy_count_ipq, 0, "ipq destroy calls"); 149static int destroy_count_mbuf; 150SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_mbuf, CTLFLAG_RD, 151 &destroy_count_mbuf, 0, "mbuf destroy calls"); 152static int destroy_count_mount; 153SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_mount, CTLFLAG_RD, 154 &destroy_count_mount, 0, "mount destroy calls"); | 131static int init_count_pipe; 132SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_pipe, CTLFLAG_RD, 133 &init_count_pipe, 0, "pipe init calls"); 134static int init_count_temp; 135SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_temp, CTLFLAG_RD, 136 &init_count_temp, 0, "temp init calls"); 137static int init_count_vnode; 138SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_vnode, CTLFLAG_RD, --- 15 unchanged lines hidden (view full) --- 154SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_ipq, CTLFLAG_RD, 155 &destroy_count_ipq, 0, "ipq destroy calls"); 156static int destroy_count_mbuf; 157SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_mbuf, CTLFLAG_RD, 158 &destroy_count_mbuf, 0, "mbuf destroy calls"); 159static int destroy_count_mount; 160SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_mount, CTLFLAG_RD, 161 &destroy_count_mount, 0, "mount destroy calls"); |
| 162static int destroy_count_mount_fslabel; 163SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_mount_fslabel, 164 CTLFLAG_RD, &destroy_count_mount_fslabel, 0, 165 "mount_fslabel destroy calls"); |
|
| 155static int destroy_count_socket; 156SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_socket, CTLFLAG_RD, 157 &destroy_count_socket, 0, "socket destroy calls"); | 166static int destroy_count_socket; 167SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_socket, CTLFLAG_RD, 168 &destroy_count_socket, 0, "socket destroy calls"); |
| 169static int destroy_count_socket_peerlabel; 170SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_socket_peerlabel, 171 CTLFLAG_RD, &destroy_count_socket_peerlabel, 0, 172 "socket_peerlabel destroy calls"); |
|
| 158static int destroy_count_pipe; 159SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_pipe, CTLFLAG_RD, 160 &destroy_count_pipe, 0, "pipe destroy calls"); 161static int destroy_count_temp; 162SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_temp, CTLFLAG_RD, 163 &destroy_count_temp, 0, "temp destroy calls"); 164static int destroy_count_vnode; 165SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_vnode, CTLFLAG_RD, --- 27 unchanged lines hidden (view full) --- 193 194 return (0); 195} 196 197/* 198 * Label operations. 199 */ 200static void | 173static int destroy_count_pipe; 174SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_pipe, CTLFLAG_RD, 175 &destroy_count_pipe, 0, "pipe destroy calls"); 176static int destroy_count_temp; 177SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_temp, CTLFLAG_RD, 178 &destroy_count_temp, 0, "temp destroy calls"); 179static int destroy_count_vnode; 180SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_vnode, CTLFLAG_RD, --- 27 unchanged lines hidden (view full) --- 208 209 return (0); 210} 211 212/* 213 * Label operations. 214 */ 215static void |
| 201mac_test_init_bpfdesc(struct bpf_d *bpf_d, struct label *label) | 216mac_test_init_bpfdesc_label(struct label *label) |
| 202{ 203 204 SLOT(label) = BPFMAGIC; 205 atomic_add_int(&init_count_bpfdesc, 1); 206} 207 208static void | 217{ 218 219 SLOT(label) = BPFMAGIC; 220 atomic_add_int(&init_count_bpfdesc, 1); 221} 222 223static void |
| 209mac_test_init_cred(struct ucred *ucred, struct label *label) | 224mac_test_init_cred_label(struct label *label) |
| 210{ 211 212 SLOT(label) = CREDMAGIC; 213 atomic_add_int(&init_count_cred, 1); 214} 215 216static void | 225{ 226 227 SLOT(label) = CREDMAGIC; 228 atomic_add_int(&init_count_cred, 1); 229} 230 231static void |
| 217mac_test_init_devfsdirent(struct devfs_dirent *devfs_dirent, 218 struct label *label) | 232mac_test_init_devfsdirent_label(struct label *label) |
| 219{ 220 221 SLOT(label) = DEVFSMAGIC; 222 atomic_add_int(&init_count_devfsdirent, 1); 223} 224 225static void | 233{ 234 235 SLOT(label) = DEVFSMAGIC; 236 atomic_add_int(&init_count_devfsdirent, 1); 237} 238 239static void |
| 226mac_test_init_ifnet(struct ifnet *ifnet, struct label *label) | 240mac_test_init_ifnet_label(struct label *label) |
| 227{ 228 229 SLOT(label) = IFNETMAGIC; 230 atomic_add_int(&init_count_ifnet, 1); 231} 232 233static void | 241{ 242 243 SLOT(label) = IFNETMAGIC; 244 atomic_add_int(&init_count_ifnet, 1); 245} 246 247static void |
| 234mac_test_init_ipq(struct ipq *ipq, struct label *label) | 248mac_test_init_ipq_label(struct label *label) |
| 235{ 236 237 SLOT(label) = IPQMAGIC; 238 atomic_add_int(&init_count_ipq, 1); 239} 240 241static int | 249{ 250 251 SLOT(label) = IPQMAGIC; 252 atomic_add_int(&init_count_ipq, 1); 253} 254 255static int |
| 242mac_test_init_mbuf(struct mbuf *mbuf, int how, struct label *label) | 256mac_test_init_mbuf_label(struct label *label, int flag) |
| 243{ 244 245 SLOT(label) = MBUFMAGIC; 246 atomic_add_int(&init_count_mbuf, 1); 247 return (0); 248} 249 250static void | 257{ 258 259 SLOT(label) = MBUFMAGIC; 260 atomic_add_int(&init_count_mbuf, 1); 261 return (0); 262} 263 264static void |
| 251mac_test_init_mount(struct mount *mount, struct label *mntlabel, 252 struct label *fslabel) | 265mac_test_init_mount_label(struct label *label) |
| 253{ 254 | 266{ 267 |
| 255 SLOT(mntlabel) = MOUNTMAGIC; 256 SLOT(fslabel) = MOUNTMAGIC; | 268 SLOT(label) = MOUNTMAGIC; |
| 257 atomic_add_int(&init_count_mount, 1); 258} 259 260static void | 269 atomic_add_int(&init_count_mount, 1); 270} 271 272static void |
| 261mac_test_init_socket(struct socket *socket, struct label *label, 262 struct label *peerlabel) | 273mac_test_init_mount_fs_label(struct label *label) |
| 263{ 264 | 274{ 275 |
| 276 SLOT(label) = MOUNTMAGIC; 277 atomic_add_int(&init_count_mount_fslabel, 1); 278} 279 280static void 281mac_test_init_socket_label(struct label *label) 282{ 283 |
|
| 265 SLOT(label) = SOCKETMAGIC; | 284 SLOT(label) = SOCKETMAGIC; |
| 266 SLOT(peerlabel) = SOCKETMAGIC; | |
| 267 atomic_add_int(&init_count_socket, 1); 268} 269 270static void | 285 atomic_add_int(&init_count_socket, 1); 286} 287 288static void |
| 271mac_test_init_pipe(struct pipe *pipe, struct label *label) | 289mac_test_init_socket_peer_label(struct label *label) |
| 272{ 273 | 290{ 291 |
| 292 SLOT(label) = SOCKETMAGIC; 293 atomic_add_int(&init_count_socket_peerlabel, 1); 294} 295 296static void 297mac_test_init_pipe_label(struct label *label) 298{ 299 |
|
| 274 SLOT(label) = PIPEMAGIC; 275 atomic_add_int(&init_count_pipe, 1); 276} 277 278static void | 300 SLOT(label) = PIPEMAGIC; 301 atomic_add_int(&init_count_pipe, 1); 302} 303 304static void |
| 279mac_test_init_temp(struct label *label) | 305mac_test_init_temp_label(struct label *label) |
| 280{ 281 282 SLOT(label) = TEMPMAGIC; 283 atomic_add_int(&init_count_temp, 1); 284} 285 286static void | 306{ 307 308 SLOT(label) = TEMPMAGIC; 309 atomic_add_int(&init_count_temp, 1); 310} 311 312static void |
| 287mac_test_init_vnode(struct vnode *vp, struct label *label) | 313mac_test_init_vnode_label(struct label *label) |
| 288{ 289 290 SLOT(label) = VNODEMAGIC; 291 atomic_add_int(&init_count_vnode, 1); 292} 293 294static void | 314{ 315 316 SLOT(label) = VNODEMAGIC; 317 atomic_add_int(&init_count_vnode, 1); 318} 319 320static void |
| 295mac_test_destroy_bpfdesc(struct bpf_d *bpf_d, struct label *label) | 321mac_test_destroy_bpfdesc_label(struct label *label) |
| 296{ 297 298 if (SLOT(label) == BPFMAGIC || SLOT(label) == 0) { 299 atomic_add_int(&destroy_count_bpfdesc, 1); 300 SLOT(label) = EXMAGIC; 301 } else if (SLOT(label) == EXMAGIC) { 302 Debugger("mac_test_destroy_bpfdesc: dup destroy"); 303 } else { 304 Debugger("mac_test_destroy_bpfdesc: corrupted label"); 305 } 306} 307 308static void | 322{ 323 324 if (SLOT(label) == BPFMAGIC || SLOT(label) == 0) { 325 atomic_add_int(&destroy_count_bpfdesc, 1); 326 SLOT(label) = EXMAGIC; 327 } else if (SLOT(label) == EXMAGIC) { 328 Debugger("mac_test_destroy_bpfdesc: dup destroy"); 329 } else { 330 Debugger("mac_test_destroy_bpfdesc: corrupted label"); 331 } 332} 333 334static void |
| 309mac_test_destroy_cred(struct ucred *ucred, struct label *label) | 335mac_test_destroy_cred_label(struct label *label) |
| 310{ 311 312 if (SLOT(label) == CREDMAGIC || SLOT(label) == 0) { 313 atomic_add_int(&destroy_count_cred, 1); 314 SLOT(label) = EXMAGIC; 315 } else if (SLOT(label) == EXMAGIC) { 316 Debugger("mac_test_destroy_cred: dup destroy"); 317 } else { 318 Debugger("mac_test_destroy_cred: corrupted label"); 319 } 320} 321 322static void | 336{ 337 338 if (SLOT(label) == CREDMAGIC || SLOT(label) == 0) { 339 atomic_add_int(&destroy_count_cred, 1); 340 SLOT(label) = EXMAGIC; 341 } else if (SLOT(label) == EXMAGIC) { 342 Debugger("mac_test_destroy_cred: dup destroy"); 343 } else { 344 Debugger("mac_test_destroy_cred: corrupted label"); 345 } 346} 347 348static void |
| 323mac_test_destroy_devfsdirent(struct devfs_dirent *devfs_dirent, 324 struct label *label) | 349mac_test_destroy_devfsdirent_label(struct label *label) |
| 325{ 326 327 if (SLOT(label) == DEVFSMAGIC || SLOT(label) == 0) { 328 atomic_add_int(&destroy_count_devfsdirent, 1); 329 SLOT(label) = EXMAGIC; 330 } else if (SLOT(label) == EXMAGIC) { 331 Debugger("mac_test_destroy_devfsdirent: dup destroy"); 332 } else { 333 Debugger("mac_test_destroy_devfsdirent: corrupted label"); 334 } 335} 336 337static void | 350{ 351 352 if (SLOT(label) == DEVFSMAGIC || SLOT(label) == 0) { 353 atomic_add_int(&destroy_count_devfsdirent, 1); 354 SLOT(label) = EXMAGIC; 355 } else if (SLOT(label) == EXMAGIC) { 356 Debugger("mac_test_destroy_devfsdirent: dup destroy"); 357 } else { 358 Debugger("mac_test_destroy_devfsdirent: corrupted label"); 359 } 360} 361 362static void |
| 338mac_test_destroy_ifnet(struct ifnet *ifnet, struct label *label) | 363mac_test_destroy_ifnet_label(struct label *label) |
| 339{ 340 341 if (SLOT(label) == IFNETMAGIC || SLOT(label) == 0) { 342 atomic_add_int(&destroy_count_ifnet, 1); 343 SLOT(label) = EXMAGIC; 344 } else if (SLOT(label) == EXMAGIC) { 345 Debugger("mac_test_destroy_ifnet: dup destroy"); 346 } else { 347 Debugger("mac_test_destroy_ifnet: corrupted label"); 348 } 349} 350 351static void | 364{ 365 366 if (SLOT(label) == IFNETMAGIC || SLOT(label) == 0) { 367 atomic_add_int(&destroy_count_ifnet, 1); 368 SLOT(label) = EXMAGIC; 369 } else if (SLOT(label) == EXMAGIC) { 370 Debugger("mac_test_destroy_ifnet: dup destroy"); 371 } else { 372 Debugger("mac_test_destroy_ifnet: corrupted label"); 373 } 374} 375 376static void |
| 352mac_test_destroy_ipq(struct ipq *ipq, struct label *label) | 377mac_test_destroy_ipq_label(struct label *label) |
| 353{ 354 355 if (SLOT(label) == IPQMAGIC || SLOT(label) == 0) { 356 atomic_add_int(&destroy_count_ipq, 1); 357 SLOT(label) = EXMAGIC; 358 } else if (SLOT(label) == EXMAGIC) { 359 Debugger("mac_test_destroy_ipq: dup destroy"); 360 } else { 361 Debugger("mac_test_destroy_ipq: corrupted label"); 362 } 363} 364 365static void | 378{ 379 380 if (SLOT(label) == IPQMAGIC || SLOT(label) == 0) { 381 atomic_add_int(&destroy_count_ipq, 1); 382 SLOT(label) = EXMAGIC; 383 } else if (SLOT(label) == EXMAGIC) { 384 Debugger("mac_test_destroy_ipq: dup destroy"); 385 } else { 386 Debugger("mac_test_destroy_ipq: corrupted label"); 387 } 388} 389 390static void |
| 366mac_test_destroy_mbuf(struct mbuf *mbuf, struct label *label) | 391mac_test_destroy_mbuf_label(struct label *label) |
| 367{ 368 369 if (SLOT(label) == MBUFMAGIC || SLOT(label) == 0) { 370 atomic_add_int(&destroy_count_mbuf, 1); 371 SLOT(label) = EXMAGIC; 372 } else if (SLOT(label) == EXMAGIC) { 373 Debugger("mac_test_destroy_mbuf: dup destroy"); 374 } else { 375 Debugger("mac_test_destroy_mbuf: corrupted label"); 376 } 377} 378 379static void | 392{ 393 394 if (SLOT(label) == MBUFMAGIC || SLOT(label) == 0) { 395 atomic_add_int(&destroy_count_mbuf, 1); 396 SLOT(label) = EXMAGIC; 397 } else if (SLOT(label) == EXMAGIC) { 398 Debugger("mac_test_destroy_mbuf: dup destroy"); 399 } else { 400 Debugger("mac_test_destroy_mbuf: corrupted label"); 401 } 402} 403 404static void |
| 380mac_test_destroy_mount(struct mount *mount, struct label *mntlabel, 381 struct label *fslabel) | 405mac_test_destroy_mount_label(struct label *label) |
| 382{ 383 | 406{ 407 |
| 384 if ((SLOT(mntlabel) == MOUNTMAGIC || SLOT(mntlabel) == 0) && 385 (SLOT(fslabel) == MOUNTMAGIC || SLOT(fslabel) == 0)) { | 408 if ((SLOT(label) == MOUNTMAGIC || SLOT(label) == 0)) { |
| 386 atomic_add_int(&destroy_count_mount, 1); | 409 atomic_add_int(&destroy_count_mount, 1); |
| 387 SLOT(mntlabel) = EXMAGIC; 388 SLOT(fslabel) = EXMAGIC; 389 } else if (SLOT(mntlabel) == EXMAGIC || SLOT(fslabel) == EXMAGIC) { | 410 SLOT(label) = EXMAGIC; 411 } else if (SLOT(label) == EXMAGIC) { |
| 390 Debugger("mac_test_destroy_mount: dup destroy"); 391 } else { 392 Debugger("mac_test_destroy_mount: corrupted label"); 393 } 394} 395 396static void | 412 Debugger("mac_test_destroy_mount: dup destroy"); 413 } else { 414 Debugger("mac_test_destroy_mount: corrupted label"); 415 } 416} 417 418static void |
| 397mac_test_destroy_socket(struct socket *socket, struct label *label, 398 struct label *peerlabel) | 419mac_test_destroy_mount_fs_label(struct label *label) |
| 399{ 400 | 420{ 421 |
| 401 if ((SLOT(label) == SOCKETMAGIC || SLOT(label) == 0) && 402 (SLOT(peerlabel) == SOCKETMAGIC || SLOT(peerlabel) == 0)) { | 422 if ((SLOT(label) == MOUNTMAGIC || SLOT(label) == 0)) { 423 atomic_add_int(&destroy_count_mount_fslabel, 1); 424 SLOT(label) = EXMAGIC; 425 } else if (SLOT(label) == EXMAGIC) { 426 Debugger("mac_test_destroy_mount_fslabel: dup destroy"); 427 } else { 428 Debugger("mac_test_destroy_mount_fslabel: corrupted label"); 429 } 430} 431 432static void 433mac_test_destroy_socket_label(struct label *label) 434{ 435 436 if ((SLOT(label) == SOCKETMAGIC || SLOT(label) == 0)) { |
| 403 atomic_add_int(&destroy_count_socket, 1); 404 SLOT(label) = EXMAGIC; | 437 atomic_add_int(&destroy_count_socket, 1); 438 SLOT(label) = EXMAGIC; |
| 405 SLOT(peerlabel) = EXMAGIC; 406 } else if (SLOT(label) == EXMAGIC || SLOT(peerlabel) == EXMAGIC) { | 439 } else if (SLOT(label) == EXMAGIC) { |
| 407 Debugger("mac_test_destroy_socket: dup destroy"); 408 } else { 409 Debugger("mac_test_destroy_socket: corrupted label"); 410 } 411} | 440 Debugger("mac_test_destroy_socket: dup destroy"); 441 } else { 442 Debugger("mac_test_destroy_socket: corrupted label"); 443 } 444} |
| 445 |
|
| 412static void | 446static void |
| 413mac_test_destroy_pipe(struct pipe *pipe, struct label *label) | 447mac_test_destroy_socket_peer_label(struct label *label) |
| 414{ 415 | 448{ 449 |
| 450 if ((SLOT(label) == SOCKETMAGIC || SLOT(label) == 0)) { 451 atomic_add_int(&destroy_count_socket_peerlabel, 1); 452 SLOT(label) = EXMAGIC; 453 } else if (SLOT(label) == EXMAGIC) { 454 Debugger("mac_test_destroy_socket_peerlabel: dup destroy"); 455 } else { 456 Debugger("mac_test_destroy_socket_peerlabel: corrupted label"); 457 } 458} 459 460static void 461mac_test_destroy_pipe_label(struct label *label) 462{ 463 |
|
| 416 if ((SLOT(label) == PIPEMAGIC || SLOT(label) == 0)) { 417 atomic_add_int(&destroy_count_pipe, 1); 418 SLOT(label) = EXMAGIC; 419 } else if (SLOT(label) == EXMAGIC) { 420 Debugger("mac_test_destroy_pipe: dup destroy"); 421 } else { 422 Debugger("mac_test_destroy_pipe: corrupted label"); 423 } 424} 425 426static void | 464 if ((SLOT(label) == PIPEMAGIC || SLOT(label) == 0)) { 465 atomic_add_int(&destroy_count_pipe, 1); 466 SLOT(label) = EXMAGIC; 467 } else if (SLOT(label) == EXMAGIC) { 468 Debugger("mac_test_destroy_pipe: dup destroy"); 469 } else { 470 Debugger("mac_test_destroy_pipe: corrupted label"); 471 } 472} 473 474static void |
| 427mac_test_destroy_temp(struct label *label) | 475mac_test_destroy_temp_label(struct label *label) |
| 428{ 429 430 if (SLOT(label) == TEMPMAGIC || SLOT(label) == 0) { 431 atomic_add_int(&destroy_count_temp, 1); 432 SLOT(label) = EXMAGIC; 433 } else if (SLOT(label) == EXMAGIC) { 434 Debugger("mac_test_destroy_temp: dup destroy"); 435 } else { 436 Debugger("mac_test_destroy_temp: corrupted label"); 437 } 438} 439 440static void | 476{ 477 478 if (SLOT(label) == TEMPMAGIC || SLOT(label) == 0) { 479 atomic_add_int(&destroy_count_temp, 1); 480 SLOT(label) = EXMAGIC; 481 } else if (SLOT(label) == EXMAGIC) { 482 Debugger("mac_test_destroy_temp: dup destroy"); 483 } else { 484 Debugger("mac_test_destroy_temp: corrupted label"); 485 } 486} 487 488static void |
| 441mac_test_destroy_vnode(struct vnode *vp, struct label *label) | 489mac_test_destroy_vnode_label(struct label *label) |
| 442{ 443 444 if (SLOT(label) == VNODEMAGIC || SLOT(label) == 0) { 445 atomic_add_int(&destroy_count_vnode, 1); 446 SLOT(label) = EXMAGIC; 447 } else if (SLOT(label) == EXMAGIC) { 448 Debugger("mac_test_destroy_vnode: dup destroy"); 449 } else { --- 696 unchanged lines hidden (view full) --- 1146static struct mac_policy_op_entry mac_test_ops[] = 1147{ 1148 { MAC_DESTROY, 1149 (macop_t)mac_test_destroy }, 1150 { MAC_INIT, 1151 (macop_t)mac_test_init }, 1152 { MAC_SYSCALL, 1153 (macop_t)mac_test_syscall }, | 490{ 491 492 if (SLOT(label) == VNODEMAGIC || SLOT(label) == 0) { 493 atomic_add_int(&destroy_count_vnode, 1); 494 SLOT(label) = EXMAGIC; 495 } else if (SLOT(label) == EXMAGIC) { 496 Debugger("mac_test_destroy_vnode: dup destroy"); 497 } else { --- 696 unchanged lines hidden (view full) --- 1194static struct mac_policy_op_entry mac_test_ops[] = 1195{ 1196 { MAC_DESTROY, 1197 (macop_t)mac_test_destroy }, 1198 { MAC_INIT, 1199 (macop_t)mac_test_init }, 1200 { MAC_SYSCALL, 1201 (macop_t)mac_test_syscall }, |
| 1154 { MAC_INIT_BPFDESC, 1155 (macop_t)mac_test_init_bpfdesc }, 1156 { MAC_INIT_CRED, 1157 (macop_t)mac_test_init_cred }, 1158 { MAC_INIT_DEVFSDIRENT, 1159 (macop_t)mac_test_init_devfsdirent }, 1160 { MAC_INIT_IFNET, 1161 (macop_t)mac_test_init_ifnet }, 1162 { MAC_INIT_IPQ, 1163 (macop_t)mac_test_init_ipq }, 1164 { MAC_INIT_MBUF, 1165 (macop_t)mac_test_init_mbuf }, 1166 { MAC_INIT_MOUNT, 1167 (macop_t)mac_test_init_mount }, 1168 { MAC_INIT_PIPE, 1169 (macop_t)mac_test_init_pipe }, 1170 { MAC_INIT_SOCKET, 1171 (macop_t)mac_test_init_socket }, 1172 { MAC_INIT_TEMP, 1173 (macop_t)mac_test_init_temp }, 1174 { MAC_INIT_VNODE, 1175 (macop_t)mac_test_init_vnode }, 1176 { MAC_DESTROY_BPFDESC, 1177 (macop_t)mac_test_destroy_bpfdesc }, 1178 { MAC_DESTROY_CRED, 1179 (macop_t)mac_test_destroy_cred }, 1180 { MAC_DESTROY_DEVFSDIRENT, 1181 (macop_t)mac_test_destroy_devfsdirent }, 1182 { MAC_DESTROY_IFNET, 1183 (macop_t)mac_test_destroy_ifnet }, 1184 { MAC_DESTROY_IPQ, 1185 (macop_t)mac_test_destroy_ipq }, 1186 { MAC_DESTROY_MBUF, 1187 (macop_t)mac_test_destroy_mbuf }, 1188 { MAC_DESTROY_MOUNT, 1189 (macop_t)mac_test_destroy_mount }, 1190 { MAC_DESTROY_PIPE, 1191 (macop_t)mac_test_destroy_pipe }, 1192 { MAC_DESTROY_SOCKET, 1193 (macop_t)mac_test_destroy_socket }, 1194 { MAC_DESTROY_TEMP, 1195 (macop_t)mac_test_destroy_temp }, 1196 { MAC_DESTROY_VNODE, 1197 (macop_t)mac_test_destroy_vnode }, | 1202 { MAC_INIT_BPFDESC_LABEL, 1203 (macop_t)mac_test_init_bpfdesc_label }, 1204 { MAC_INIT_CRED_LABEL, 1205 (macop_t)mac_test_init_cred_label }, 1206 { MAC_INIT_DEVFSDIRENT_LABEL, 1207 (macop_t)mac_test_init_devfsdirent_label }, 1208 { MAC_INIT_IFNET_LABEL, 1209 (macop_t)mac_test_init_ifnet_label }, 1210 { MAC_INIT_IPQ_LABEL, 1211 (macop_t)mac_test_init_ipq_label }, 1212 { MAC_INIT_MBUF_LABEL, 1213 (macop_t)mac_test_init_mbuf_label }, 1214 { MAC_INIT_MOUNT_LABEL, 1215 (macop_t)mac_test_init_mount_label }, 1216 { MAC_INIT_MOUNT_FS_LABEL, 1217 (macop_t)mac_test_init_mount_fs_label }, 1218 { MAC_INIT_PIPE_LABEL, 1219 (macop_t)mac_test_init_pipe_label }, 1220 { MAC_INIT_SOCKET_LABEL, 1221 (macop_t)mac_test_init_socket_label }, 1222 { MAC_INIT_SOCKET_PEER_LABEL, 1223 (macop_t)mac_test_init_socket_peer_label }, 1224 { MAC_INIT_TEMP_LABEL, 1225 (macop_t)mac_test_init_temp_label }, 1226 { MAC_INIT_VNODE_LABEL, 1227 (macop_t)mac_test_init_vnode_label }, 1228 { MAC_DESTROY_BPFDESC_LABEL, 1229 (macop_t)mac_test_destroy_bpfdesc_label }, 1230 { MAC_DESTROY_CRED_LABEL, 1231 (macop_t)mac_test_destroy_cred_label }, 1232 { MAC_DESTROY_DEVFSDIRENT_LABEL, 1233 (macop_t)mac_test_destroy_devfsdirent_label }, 1234 { MAC_DESTROY_IFNET_LABEL, 1235 (macop_t)mac_test_destroy_ifnet_label }, 1236 { MAC_DESTROY_IPQ_LABEL, 1237 (macop_t)mac_test_destroy_ipq_label }, 1238 { MAC_DESTROY_MBUF_LABEL, 1239 (macop_t)mac_test_destroy_mbuf_label }, 1240 { MAC_DESTROY_MOUNT_LABEL, 1241 (macop_t)mac_test_destroy_mount_label }, 1242 { MAC_DESTROY_MOUNT_FS_LABEL, 1243 (macop_t)mac_test_destroy_mount_fs_label }, 1244 { MAC_DESTROY_PIPE_LABEL, 1245 (macop_t)mac_test_destroy_pipe_label }, 1246 { MAC_DESTROY_SOCKET_LABEL, 1247 (macop_t)mac_test_destroy_socket_label }, 1248 { MAC_DESTROY_SOCKET_PEER_LABEL, 1249 (macop_t)mac_test_destroy_socket_peer_label }, 1250 { MAC_DESTROY_TEMP_LABEL, 1251 (macop_t)mac_test_destroy_temp_label }, 1252 { MAC_DESTROY_VNODE_LABEL, 1253 (macop_t)mac_test_destroy_vnode_label }, |
| 1198 { MAC_EXTERNALIZE, 1199 (macop_t)mac_test_externalize }, 1200 { MAC_INTERNALIZE, 1201 (macop_t)mac_test_internalize }, 1202 { MAC_CREATE_DEVFS_DEVICE, 1203 (macop_t)mac_test_create_devfs_device }, 1204 { MAC_CREATE_DEVFS_DIRECTORY, 1205 (macop_t)mac_test_create_devfs_directory }, --- 175 unchanged lines hidden --- | 1254 { MAC_EXTERNALIZE, 1255 (macop_t)mac_test_externalize }, 1256 { MAC_INTERNALIZE, 1257 (macop_t)mac_test_internalize }, 1258 { MAC_CREATE_DEVFS_DEVICE, 1259 (macop_t)mac_test_create_devfs_device }, 1260 { MAC_CREATE_DEVFS_DIRECTORY, 1261 (macop_t)mac_test_create_devfs_directory }, --- 175 unchanged lines hidden --- |