1/*-
2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
3 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc.
4 * All rights reserved.
5 *
6 * This software was developed by Robert Watson for the TrustedBSD Project.
7 *
8 * This software was developed for the FreeBSD Project in part by NAI Labs,
9 * the Security Research Division of Network Associates, Inc. under
10 * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA
11 * CHATS research program.
12 *
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
15 * are met:
16 * 1. Redistributions of source code must retain the above copyright
17 * notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
21 * 3. The names of the authors may not be used to endorse or promote
22 * products derived from this software without specific prior written
23 * permission.
24 *
25 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * SUCH DAMAGE.
36 *
37 * $FreeBSD: head/sys/security/mac/mac_policy.h 101238 2002-08-02 20:33:05Z rwatson $
38 */
39/*
40 * Kernel interface for MAC policy modules.
41 */
42#ifndef _SYS_MAC_POLICY_H
43#define _SYS_MAC_POLICY_H
44
45/*-
46 * Pluggable access control policy definition structure.
47 *
48 * List of operations that are performed as part of the implementation
49 * of a MAC policy. Policy implementors declare operations with a
50 * mac_policy_ops structure, and using the MAC_POLICY_SET() macro.
51 * If an entry point is not declared, then then the policy will be ignored
52 * during evaluation of that event or check.
53 *
54 * Operations are sorted first by general class of operation, then
55 * alphabetically.
56 */
57struct mac_policy_conf;
58struct mac_policy_ops {
59 /*
60 * Policy module operations.
61 */
62 void (*mpo_destroy)(struct mac_policy_conf *mpc);
63 void (*mpo_init)(struct mac_policy_conf *mpc);
64
65 /*
66 * Label operations.
67 */
68 void (*mpo_init_bpfdesc)(struct bpf_d *, struct label *label);
69 void (*mpo_init_cred)(struct ucred *, struct label *label);
70 void (*mpo_init_devfsdirent)(struct devfs_dirent *,
71 struct label *label);
72 void (*mpo_init_ifnet)(struct ifnet *, struct label *label);
73 void (*mpo_init_ipq)(struct ipq *ipq, struct label *label);
74 int (*mpo_init_mbuf)(struct mbuf *, int how, struct label *label);
75 void (*mpo_init_mount)(struct mount *, struct label *mntlabel,
76 struct label *fslabel);
77 void (*mpo_init_socket)(struct socket *so, struct label *label,
78 struct label *peerlabel);
79 void (*mpo_init_pipe)(struct pipe *pipe, struct label *label);
80 void (*mpo_init_temp)(struct label *label);
81 void (*mpo_init_vnode)(struct vnode *, struct label *label);
82 void (*mpo_destroy_bpfdesc)(struct bpf_d *, struct label *label);
83 void (*mpo_destroy_cred)(struct ucred *, struct label *label);
84 void (*mpo_destroy_devfsdirent)(struct devfs_dirent *de,
85 struct label *label);
86 void (*mpo_destroy_ifnet)(struct ifnet *, struct label *label);
87 void (*mpo_destroy_ipq)(struct ipq *ipq, struct label *label);
88 void (*mpo_destroy_mbuf)(struct mbuf *, struct label *label);
89 void (*mpo_destroy_mount)(struct mount *, struct label *mntlabel,
90 struct label *fslabel);
91 void (*mpo_destroy_socket)(struct socket *so, struct label *label,
92 struct label *peerlabel);
93 void (*mpo_destroy_pipe)(struct pipe *pipe, struct label *label);
94 void (*mpo_destroy_temp)(struct label *label);
95 void (*mpo_destroy_vnode)(struct vnode *, struct label *label);
96 int (*mpo_externalize)(struct label *label, struct mac *extmac);
97 int (*mpo_internalize)(struct label *label, struct mac *extmac);
98
99 /*
100 * Labeling event operations: file system objects, and things that
101 * look a lot like file system objects.
102 */
103 void (*mpo_create_devfs_device)(dev_t dev, struct devfs_dirent *de,
104 struct label *label);
105 void (*mpo_create_devfs_directory)(char *dirname, int dirnamelen,
106 struct devfs_dirent *de, struct label *label);
107 void (*mpo_create_devfs_vnode)(struct devfs_dirent *de,
108 struct label *direntlabel, struct vnode *vp,
109 struct label *vnodelabel);
110 void (*mpo_create_vnode)(struct ucred *cred, struct vnode *parent,
111 struct label *parentlabel, struct vnode *child,
112 struct label *childlabel);
113 void (*mpo_create_mount)(struct ucred *cred, struct mount *mp,
114 struct label *mntlabel, struct label *fslabel);
115 void (*mpo_create_root_mount)(struct ucred *cred, struct mount *mp,
116 struct label *mountlabel, struct label *fslabel);
117 void (*mpo_relabel_vnode)(struct ucred *cred, struct vnode *vp,
118 struct label *vnodelabel, struct label *label);
119 int (*mpo_stdcreatevnode_ea)(struct vnode *vp,
120 struct label *vnodelabel);
121 void (*mpo_update_devfsdirent)(struct devfs_dirent *devfs_dirent,
122 struct label *direntlabel, struct vnode *vp,
123 struct label *vnodelabel);
124 void (*mpo_update_procfsvnode)(struct vnode *vp,
125 struct label *vnodelabel, struct ucred *cred);
126 int (*mpo_update_vnode_from_extattr)(struct vnode *vp,
127 struct label *vnodelabel, struct mount *mp,
128 struct label *fslabel);
129 int (*mpo_update_vnode_from_externalized)(struct vnode *vp,
130 struct label *vnodelabel, struct mac *mac);
131 void (*mpo_update_vnode_from_mount)(struct vnode *vp,
132 struct label *vnodelabel, struct mount *mp,
133 struct label *fslabel);
134
135 /*
136 * Labeling event operations: IPC objects.
137 */
138 void (*mpo_create_mbuf_from_socket)(struct socket *so,
139 struct label *socketlabel, struct mbuf *m,
140 struct label *mbuflabel);
141 void (*mpo_create_socket)(struct ucred *cred, struct socket *so,
142 struct label *socketlabel);
143 void (*mpo_create_socket_from_socket)(struct socket *oldsocket,
144 struct label *oldsocketlabel, struct socket *newsocket,
145 struct label *newsocketlabel);
146 void (*mpo_relabel_socket)(struct ucred *cred, struct socket *so,
147 struct label *oldlabel, struct label *newlabel);
148 void (*mpo_relabel_pipe)(struct ucred *cred, struct pipe *pipe,
149 struct label *oldlabel, struct label *newlabel);
150 void (*mpo_set_socket_peer_from_mbuf)(struct mbuf *mbuf,
151 struct label *mbuflabel, struct socket *so,
152 struct label *socketpeerlabel);
153 void (*mpo_set_socket_peer_from_socket)(struct socket *oldsocket,
154 struct label *oldsocketlabel, struct socket *newsocket,
155 struct label *newsocketpeerlabel);
156 void (*mpo_create_pipe)(struct ucred *cred, struct pipe *pipe,
157 struct label *pipelabel);
158
159 /*
160 * Labeling event operations: network objects.
161 */
162 void (*mpo_create_bpfdesc)(struct ucred *cred, struct bpf_d *bpf_d,
163 struct label *bpflabel);
164 void (*mpo_create_ifnet)(struct ifnet *ifnet,
165 struct label *ifnetlabel);
166 void (*mpo_create_ipq)(struct mbuf *fragment,
167 struct label *fragmentlabel, struct ipq *ipq,
168 struct label *ipqlabel);
169 void (*mpo_create_datagram_from_ipq)
170 (struct ipq *ipq, struct label *ipqlabel,
171 struct mbuf *datagram, struct label *datagramlabel);
172 void (*mpo_create_fragment)(struct mbuf *datagram,
173 struct label *datagramlabel, struct mbuf *fragment,
174 struct label *fragmentlabel);
175 void (*mpo_create_mbuf_from_mbuf)(struct mbuf *oldmbuf,
176 struct label *oldlabel, struct mbuf *newmbuf,
177 struct label *newlabel);
178 void (*mpo_create_mbuf_linklayer)(struct ifnet *ifnet,
179 struct label *ifnetlabel, struct mbuf *mbuf,
180 struct label *mbuflabel);
181 void (*mpo_create_mbuf_from_bpfdesc)(struct bpf_d *bpf_d,
182 struct label *bpflabel, struct mbuf *mbuf,
183 struct label *mbuflabel);
184 void (*mpo_create_mbuf_from_ifnet)(struct ifnet *ifnet,
185 struct label *ifnetlabel, struct mbuf *mbuf,
186 struct label *mbuflabel);
187 void (*mpo_create_mbuf_multicast_encap)(struct mbuf *oldmbuf,
188 struct label *oldmbuflabel, struct ifnet *ifnet,
189 struct label *ifnetlabel, struct mbuf *newmbuf,
190 struct label *newmbuflabel);
191 void (*mpo_create_mbuf_netlayer)(struct mbuf *oldmbuf,
192 struct label *oldmbuflabel, struct mbuf *newmbuf,
193 struct label *newmbuflabel);
194 int (*mpo_fragment_match)(struct mbuf *fragment,
195 struct label *fragmentlabel, struct ipq *ipq,
196 struct label *ipqlabel);
197 void (*mpo_relabel_ifnet)(struct ucred *cred, struct ifnet *ifnet,
198 struct label *ifnetlabel, struct label *newlabel);
199 void (*mpo_update_ipq)(struct mbuf *fragment,
200 struct label *fragmentlabel, struct ipq *ipq,
201 struct label *ipqlabel);
202
203 /*
204 * Labeling event operations: processes.
205 */
206 void (*mpo_create_cred)(struct ucred *parent_cred,
207 struct ucred *child_cred);
208 void (*mpo_execve_transition)(struct ucred *old, struct ucred *new,
209 struct vnode *vp, struct label *vnodelabel);
210 int (*mpo_execve_will_transition)(struct ucred *old,
211 struct vnode *vp, struct label *vnodelabel);
212 void (*mpo_create_proc0)(struct ucred *cred);
213 void (*mpo_create_proc1)(struct ucred *cred);
214 void (*mpo_relabel_cred)(struct ucred *cred,
215 struct label *newlabel);
216
217 /*
218 * Access control checks.
219 */
220 int (*mpo_check_bpfdesc_receive)(struct bpf_d *bpf_d,
221 struct label *bpflabel, struct ifnet *ifnet,
222 struct label *ifnetlabel);
223 int (*mpo_check_cred_relabel)(struct ucred *cred,
224 struct label *newlabel);
225 int (*mpo_check_cred_visible)(struct ucred *u1, struct ucred *u2);
226 int (*mpo_check_ifnet_relabel)(struct ucred *cred,
227 struct ifnet *ifnet, struct label *ifnetlabel,
228 struct label *newlabel);
229 int (*mpo_check_ifnet_transmit)(struct ifnet *ifnet,
230 struct label *ifnetlabel, struct mbuf *m,
231 struct label *mbuflabel);
232 int (*mpo_check_mount_stat)(struct ucred *cred, struct mount *mp,
233 struct label *mntlabel);
234 int (*mpo_check_pipe_ioctl)(struct ucred *cred, struct pipe *pipe,
235 struct label *pipelabel, unsigned long cmd, void *data);
236 int (*mpo_check_pipe_op)(struct ucred *cred, struct pipe *pipe,
237 struct label *pipelabel, int op);
238 int (*mpo_check_pipe_relabel)(struct ucred *cred,
239 struct pipe *pipe, struct label *pipelabel,
240 struct label *newlabel);
241 int (*mpo_check_proc_debug)(struct ucred *cred,
242 struct proc *proc);
243 int (*mpo_check_proc_sched)(struct ucred *cred,
244 struct proc *proc);
245 int (*mpo_check_proc_signal)(struct ucred *cred,
246 struct proc *proc, int signum);
247 int (*mpo_check_socket_bind)(struct ucred *cred,
248 struct socket *so, struct label *socketlabel,
249 struct sockaddr *sockaddr);
250 int (*mpo_check_socket_connect)(struct ucred *cred,
251 struct socket *so, struct label *socketlabel,
252 struct sockaddr *sockaddr);
253 int (*mpo_check_socket_listen)(struct ucred *cred,
254 struct socket *so, struct label *socketlabel);
255 int (*mpo_check_socket_receive)(struct socket *so,
256 struct label *socketlabel, struct mbuf *m,
257 struct label *mbuflabel);
258 int (*mpo_check_socket_relabel)(struct ucred *cred,
259 struct socket *so, struct label *socketlabel,
260 struct label *newlabel);
261 int (*mpo_check_socket_visible)(struct ucred *cred,
262 struct socket *so, struct label *socketlabel);
263 int (*mpo_check_vnode_access)(struct ucred *cred,
264 struct vnode *vp, struct label *label, int flags);
265 int (*mpo_check_vnode_chdir)(struct ucred *cred,
266 struct vnode *dvp, struct label *dlabel);
267 int (*mpo_check_vnode_chroot)(struct ucred *cred,
268 struct vnode *dvp, struct label *dlabel);
269 int (*mpo_check_vnode_create)(struct ucred *cred,
270 struct vnode *dvp, struct label *dlabel,
271 struct componentname *cnp, struct vattr *vap);
272 int (*mpo_check_vnode_delete)(struct ucred *cred,
273 struct vnode *dvp, struct label *dlabel,
274 struct vnode *vp, void *label, struct componentname *cnp);
275 int (*mpo_check_vnode_deleteacl)(struct ucred *cred,
276 struct vnode *vp, struct label *label, acl_type_t type);
277 int (*mpo_check_vnode_exec)(struct ucred *cred, struct vnode *vp,
278 struct label *label);
279 int (*mpo_check_vnode_getacl)(struct ucred *cred,
280 struct vnode *vp, struct label *label, acl_type_t type);
281 int (*mpo_check_vnode_getextattr)(struct ucred *cred,
282 struct vnode *vp, struct label *label, int attrnamespace,
283 const char *name, struct uio *uio);
284 int (*mpo_check_vnode_lookup)(struct ucred *cred,
285 struct vnode *dvp, struct label *dlabel,
286 struct componentname *cnp);
287 vm_prot_t (*mpo_check_vnode_mmap_perms)(struct ucred *cred,
288 struct vnode *vp, struct label *label, int newmapping);
289 int (*mpo_check_vnode_op)(struct ucred *cred, struct vnode *vp,
290 struct label *label, int op);
291 int (*mpo_check_vnode_open)(struct ucred *cred, struct vnode *vp,
292 struct label *label, mode_t acc_mode);
293 int (*mpo_check_vnode_readdir)(struct ucred *cred,
294 struct vnode *dvp, struct label *dlabel);
295 int (*mpo_check_vnode_readlink)(struct ucred *cred,
296 struct vnode *vp, struct label *label);
297 int (*mpo_check_vnode_relabel)(struct ucred *cred,
298 struct vnode *vp, struct label *vnodelabel,
299 struct label *newlabel);
300 int (*mpo_check_vnode_rename_from)(struct ucred *cred,
301 struct vnode *dvp, struct label *dlabel, struct vnode *vp,
302 struct label *label, struct componentname *cnp);
303 int (*mpo_check_vnode_rename_to)(struct ucred *cred,
304 struct vnode *dvp, struct label *dlabel, struct vnode *vp,
305 struct label *label, int samedir,
306 struct componentname *cnp);
307 int (*mpo_check_vnode_revoke)(struct ucred *cred,
308 struct vnode *vp, struct label *label);
309 int (*mpo_check_vnode_setacl)(struct ucred *cred,
310 struct vnode *vp, struct label *label, acl_type_t type,
311 struct acl *acl);
312 int (*mpo_check_vnode_setextattr)(struct ucred *cred,
313 struct vnode *vp, struct label *label, int attrnamespace,
314 const char *name, struct uio *uio);
315 int (*mpo_check_vnode_setflags)(struct ucred *cred,
316 struct vnode *vp, struct label *label, u_long flags);
317 int (*mpo_check_vnode_setmode)(struct ucred *cred,
318 struct vnode *vp, struct label *label, mode_t mode);
319 int (*mpo_check_vnode_setowner)(struct ucred *cred,
320 struct vnode *vp, struct label *label, uid_t uid,
321 gid_t gid);
322 int (*mpo_check_vnode_setutimes)(struct ucred *cred,
323 struct vnode *vp, struct label *label,
324 struct timespec atime, struct timespec mtime);
325 int (*mpo_check_vnode_stat)(struct ucred *cred, struct vnode *vp,
326 struct label *label);
327};
328
329typedef const void *macop_t;
330
331enum mac_op_constant {
332 MAC_OP_LAST,
333 MAC_DESTROY,
334 MAC_INIT,
335 MAC_INIT_BPFDESC,
336 MAC_INIT_CRED,
337 MAC_INIT_DEVFSDIRENT,
338 MAC_INIT_IFNET,
339 MAC_INIT_IPQ,
340 MAC_INIT_MBUF,
341 MAC_INIT_MOUNT,
342 MAC_INIT_PIPE,
343 MAC_INIT_SOCKET,
344 MAC_INIT_TEMP,
345 MAC_INIT_VNODE,
346 MAC_DESTROY_BPFDESC,
347 MAC_DESTROY_CRED,
348 MAC_DESTROY_DEVFSDIRENT,
349 MAC_DESTROY_IFNET,
350 MAC_DESTROY_IPQ,
351 MAC_DESTROY_MBUF,
352 MAC_DESTROY_MOUNT,
353 MAC_DESTROY_PIPE,
354 MAC_DESTROY_SOCKET,
355 MAC_DESTROY_TEMP,
356 MAC_DESTROY_VNODE,
357 MAC_EXTERNALIZE,
358 MAC_INTERNALIZE,
359 MAC_CREATE_DEVFS_DEVICE,
360 MAC_CREATE_DEVFS_DIRECTORY,
361 MAC_CREATE_DEVFS_VNODE,
362 MAC_CREATE_VNODE,
363 MAC_CREATE_MOUNT,
364 MAC_CREATE_ROOT_MOUNT,
365 MAC_RELABEL_VNODE,
366 MAC_STDCREATEVNODE_EA,
367 MAC_UPDATE_DEVFSDIRENT,
368 MAC_UPDATE_PROCFSVNODE,
369 MAC_UPDATE_VNODE_FROM_EXTATTR,
370 MAC_UPDATE_VNODE_FROM_EXTERNALIZED,
371 MAC_UPDATE_VNODE_FROM_MOUNT,
372 MAC_CREATE_MBUF_FROM_SOCKET,
373 MAC_CREATE_PIPE,
374 MAC_CREATE_SOCKET,
375 MAC_CREATE_SOCKET_FROM_SOCKET,
376 MAC_RELABEL_PIPE,
377 MAC_RELABEL_SOCKET,
378 MAC_SET_SOCKET_PEER_FROM_MBUF,
379 MAC_SET_SOCKET_PEER_FROM_SOCKET,
380 MAC_CREATE_BPFDESC,
381 MAC_CREATE_DATAGRAM_FROM_IPQ,
382 MAC_CREATE_IFNET,
383 MAC_CREATE_IPQ,
384 MAC_CREATE_FRAGMENT,
385 MAC_CREATE_MBUF_FROM_MBUF,
386 MAC_CREATE_MBUF_LINKLAYER,
387 MAC_CREATE_MBUF_FROM_BPFDESC,
388 MAC_CREATE_MBUF_FROM_IFNET,
389 MAC_CREATE_MBUF_MULTICAST_ENCAP,
390 MAC_CREATE_MBUF_NETLAYER,
391 MAC_FRAGMENT_MATCH,
392 MAC_RELABEL_IFNET,
393 MAC_UPDATE_IPQ,
394 MAC_CREATE_CRED,
395 MAC_EXECVE_TRANSITION,
396 MAC_EXECVE_WILL_TRANSITION,
397 MAC_CREATE_PROC0,
398 MAC_CREATE_PROC1,
399 MAC_RELABEL_CRED,
400 MAC_CHECK_BPFDESC_RECEIVE,
401 MAC_CHECK_CRED_RELABEL,
402 MAC_CHECK_CRED_VISIBLE,
403 MAC_CHECK_IFNET_RELABEL,
404 MAC_CHECK_IFNET_TRANSMIT,
405 MAC_CHECK_MOUNT_STAT,
406 MAC_CHECK_PIPE_IOCTL,
407 MAC_CHECK_PIPE_OP,
408 MAC_CHECK_PIPE_RELABEL,
409 MAC_CHECK_PROC_DEBUG,
410 MAC_CHECK_PROC_SCHED,
411 MAC_CHECK_PROC_SIGNAL,
412 MAC_CHECK_SOCKET_BIND,
413 MAC_CHECK_SOCKET_CONNECT,
414 MAC_CHECK_SOCKET_LISTEN,
415 MAC_CHECK_SOCKET_RELABEL,
416 MAC_CHECK_SOCKET_RECEIVE,
417 MAC_CHECK_SOCKET_VISIBLE,
418 MAC_CHECK_VNODE_ACCESS,
419 MAC_CHECK_VNODE_CHDIR,
420 MAC_CHECK_VNODE_CHROOT,
421 MAC_CHECK_VNODE_CREATE,
422 MAC_CHECK_VNODE_DELETE,
423 MAC_CHECK_VNODE_DELETEACL,
424 MAC_CHECK_VNODE_EXEC,
425 MAC_CHECK_VNODE_GETACL,
426 MAC_CHECK_VNODE_GETEXTATTR,
427 MAC_CHECK_VNODE_LOOKUP,
428 MAC_CHECK_VNODE_MMAP_PERMS,
429 MAC_CHECK_VNODE_OP,
430 MAC_CHECK_VNODE_OPEN,
431 MAC_CHECK_VNODE_READDIR,
432 MAC_CHECK_VNODE_READLINK,
433 MAC_CHECK_VNODE_RELABEL,
434 MAC_CHECK_VNODE_RENAME_FROM,
435 MAC_CHECK_VNODE_RENAME_TO,
436 MAC_CHECK_VNODE_REVOKE,
437 MAC_CHECK_VNODE_SETACL,
438 MAC_CHECK_VNODE_SETEXTATTR,
439 MAC_CHECK_VNODE_SETFLAGS,
440 MAC_CHECK_VNODE_SETMODE,
441 MAC_CHECK_VNODE_SETOWNER,
442 MAC_CHECK_VNODE_SETUTIMES,
443 MAC_CHECK_VNODE_STAT,
444};
445
446struct mac_policy_op_entry {
447 enum mac_op_constant mpe_constant; /* what this hook implements */
448 macop_t mpe_function; /* hook's implementation */
449};
450
451struct mac_policy_conf {
452 char *mpc_name; /* policy name */
453 char *mpc_fullname; /* policy full name */
454 struct mac_policy_ops *mpc_ops; /* policy operations */
455 struct mac_policy_op_entry *mpc_entries; /* ops to fill in */
456 int mpc_loadtime_flags; /* flags */
457 int *mpc_field_off; /* security field */
458 int mpc_runtime_flags; /* flags */
459 LIST_ENTRY(mac_policy_conf) mpc_list; /* global list */
460};
461
462/* Flags for the mpc_loadtime_flags field. */
463#define MPC_LOADTIME_FLAG_NOTLATE 0x00000001
464#define MPC_LOADTIME_FLAG_UNLOADOK 0x00000002
465
466/* Flags for the mpc_runtime_flags field. */
467#define MPC_RUNTIME_FLAG_REGISTERED 0x00000001
468
469#define MAC_POLICY_SET(mpents, mpname, mpfullname, mpflags, privdata_wanted) \
470 static struct mac_policy_conf mpname##_mac_policy_conf = { \
471 #mpname, \
472 mpfullname, \
473 NULL, \
474 mpents, \
475 mpflags, \
476 privdata_wanted, \
477 0, \
478 }; \
479 static moduledata_t mpname##_mod = { \
480 #mpname, \
481 mac_policy_modevent, \
482 &mpname##_mac_policy_conf \
483 }; \
484 DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY, \
485 SI_ORDER_MIDDLE)
486
487int mac_policy_modevent(module_t mod, int type, void *data);
488
489#define LABEL_TO_SLOT(l, s) (l)->l_perpolicy[s]
490
491#endif /* !_SYS_MAC_POLICY_H */
2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
3 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc.
4 * All rights reserved.
5 *
6 * This software was developed by Robert Watson for the TrustedBSD Project.
7 *
8 * This software was developed for the FreeBSD Project in part by NAI Labs,
9 * the Security Research Division of Network Associates, Inc. under
10 * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA
11 * CHATS research program.
12 *
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
15 * are met:
16 * 1. Redistributions of source code must retain the above copyright
17 * notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
21 * 3. The names of the authors may not be used to endorse or promote
22 * products derived from this software without specific prior written
23 * permission.
24 *
25 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * SUCH DAMAGE.
36 *
37 * $FreeBSD: head/sys/security/mac/mac_policy.h 101238 2002-08-02 20:33:05Z rwatson $
38 */
39/*
40 * Kernel interface for MAC policy modules.
41 */
42#ifndef _SYS_MAC_POLICY_H
43#define _SYS_MAC_POLICY_H
44
45/*-
46 * Pluggable access control policy definition structure.
47 *
48 * List of operations that are performed as part of the implementation
49 * of a MAC policy. Policy implementors declare operations with a
50 * mac_policy_ops structure, and using the MAC_POLICY_SET() macro.
51 * If an entry point is not declared, then then the policy will be ignored
52 * during evaluation of that event or check.
53 *
54 * Operations are sorted first by general class of operation, then
55 * alphabetically.
56 */
57struct mac_policy_conf;
58struct mac_policy_ops {
59 /*
60 * Policy module operations.
61 */
62 void (*mpo_destroy)(struct mac_policy_conf *mpc);
63 void (*mpo_init)(struct mac_policy_conf *mpc);
64
65 /*
66 * Label operations.
67 */
68 void (*mpo_init_bpfdesc)(struct bpf_d *, struct label *label);
69 void (*mpo_init_cred)(struct ucred *, struct label *label);
70 void (*mpo_init_devfsdirent)(struct devfs_dirent *,
71 struct label *label);
72 void (*mpo_init_ifnet)(struct ifnet *, struct label *label);
73 void (*mpo_init_ipq)(struct ipq *ipq, struct label *label);
74 int (*mpo_init_mbuf)(struct mbuf *, int how, struct label *label);
75 void (*mpo_init_mount)(struct mount *, struct label *mntlabel,
76 struct label *fslabel);
77 void (*mpo_init_socket)(struct socket *so, struct label *label,
78 struct label *peerlabel);
79 void (*mpo_init_pipe)(struct pipe *pipe, struct label *label);
80 void (*mpo_init_temp)(struct label *label);
81 void (*mpo_init_vnode)(struct vnode *, struct label *label);
82 void (*mpo_destroy_bpfdesc)(struct bpf_d *, struct label *label);
83 void (*mpo_destroy_cred)(struct ucred *, struct label *label);
84 void (*mpo_destroy_devfsdirent)(struct devfs_dirent *de,
85 struct label *label);
86 void (*mpo_destroy_ifnet)(struct ifnet *, struct label *label);
87 void (*mpo_destroy_ipq)(struct ipq *ipq, struct label *label);
88 void (*mpo_destroy_mbuf)(struct mbuf *, struct label *label);
89 void (*mpo_destroy_mount)(struct mount *, struct label *mntlabel,
90 struct label *fslabel);
91 void (*mpo_destroy_socket)(struct socket *so, struct label *label,
92 struct label *peerlabel);
93 void (*mpo_destroy_pipe)(struct pipe *pipe, struct label *label);
94 void (*mpo_destroy_temp)(struct label *label);
95 void (*mpo_destroy_vnode)(struct vnode *, struct label *label);
96 int (*mpo_externalize)(struct label *label, struct mac *extmac);
97 int (*mpo_internalize)(struct label *label, struct mac *extmac);
98
99 /*
100 * Labeling event operations: file system objects, and things that
101 * look a lot like file system objects.
102 */
103 void (*mpo_create_devfs_device)(dev_t dev, struct devfs_dirent *de,
104 struct label *label);
105 void (*mpo_create_devfs_directory)(char *dirname, int dirnamelen,
106 struct devfs_dirent *de, struct label *label);
107 void (*mpo_create_devfs_vnode)(struct devfs_dirent *de,
108 struct label *direntlabel, struct vnode *vp,
109 struct label *vnodelabel);
110 void (*mpo_create_vnode)(struct ucred *cred, struct vnode *parent,
111 struct label *parentlabel, struct vnode *child,
112 struct label *childlabel);
113 void (*mpo_create_mount)(struct ucred *cred, struct mount *mp,
114 struct label *mntlabel, struct label *fslabel);
115 void (*mpo_create_root_mount)(struct ucred *cred, struct mount *mp,
116 struct label *mountlabel, struct label *fslabel);
117 void (*mpo_relabel_vnode)(struct ucred *cred, struct vnode *vp,
118 struct label *vnodelabel, struct label *label);
119 int (*mpo_stdcreatevnode_ea)(struct vnode *vp,
120 struct label *vnodelabel);
121 void (*mpo_update_devfsdirent)(struct devfs_dirent *devfs_dirent,
122 struct label *direntlabel, struct vnode *vp,
123 struct label *vnodelabel);
124 void (*mpo_update_procfsvnode)(struct vnode *vp,
125 struct label *vnodelabel, struct ucred *cred);
126 int (*mpo_update_vnode_from_extattr)(struct vnode *vp,
127 struct label *vnodelabel, struct mount *mp,
128 struct label *fslabel);
129 int (*mpo_update_vnode_from_externalized)(struct vnode *vp,
130 struct label *vnodelabel, struct mac *mac);
131 void (*mpo_update_vnode_from_mount)(struct vnode *vp,
132 struct label *vnodelabel, struct mount *mp,
133 struct label *fslabel);
134
135 /*
136 * Labeling event operations: IPC objects.
137 */
138 void (*mpo_create_mbuf_from_socket)(struct socket *so,
139 struct label *socketlabel, struct mbuf *m,
140 struct label *mbuflabel);
141 void (*mpo_create_socket)(struct ucred *cred, struct socket *so,
142 struct label *socketlabel);
143 void (*mpo_create_socket_from_socket)(struct socket *oldsocket,
144 struct label *oldsocketlabel, struct socket *newsocket,
145 struct label *newsocketlabel);
146 void (*mpo_relabel_socket)(struct ucred *cred, struct socket *so,
147 struct label *oldlabel, struct label *newlabel);
148 void (*mpo_relabel_pipe)(struct ucred *cred, struct pipe *pipe,
149 struct label *oldlabel, struct label *newlabel);
150 void (*mpo_set_socket_peer_from_mbuf)(struct mbuf *mbuf,
151 struct label *mbuflabel, struct socket *so,
152 struct label *socketpeerlabel);
153 void (*mpo_set_socket_peer_from_socket)(struct socket *oldsocket,
154 struct label *oldsocketlabel, struct socket *newsocket,
155 struct label *newsocketpeerlabel);
156 void (*mpo_create_pipe)(struct ucred *cred, struct pipe *pipe,
157 struct label *pipelabel);
158
159 /*
160 * Labeling event operations: network objects.
161 */
162 void (*mpo_create_bpfdesc)(struct ucred *cred, struct bpf_d *bpf_d,
163 struct label *bpflabel);
164 void (*mpo_create_ifnet)(struct ifnet *ifnet,
165 struct label *ifnetlabel);
166 void (*mpo_create_ipq)(struct mbuf *fragment,
167 struct label *fragmentlabel, struct ipq *ipq,
168 struct label *ipqlabel);
169 void (*mpo_create_datagram_from_ipq)
170 (struct ipq *ipq, struct label *ipqlabel,
171 struct mbuf *datagram, struct label *datagramlabel);
172 void (*mpo_create_fragment)(struct mbuf *datagram,
173 struct label *datagramlabel, struct mbuf *fragment,
174 struct label *fragmentlabel);
175 void (*mpo_create_mbuf_from_mbuf)(struct mbuf *oldmbuf,
176 struct label *oldlabel, struct mbuf *newmbuf,
177 struct label *newlabel);
178 void (*mpo_create_mbuf_linklayer)(struct ifnet *ifnet,
179 struct label *ifnetlabel, struct mbuf *mbuf,
180 struct label *mbuflabel);
181 void (*mpo_create_mbuf_from_bpfdesc)(struct bpf_d *bpf_d,
182 struct label *bpflabel, struct mbuf *mbuf,
183 struct label *mbuflabel);
184 void (*mpo_create_mbuf_from_ifnet)(struct ifnet *ifnet,
185 struct label *ifnetlabel, struct mbuf *mbuf,
186 struct label *mbuflabel);
187 void (*mpo_create_mbuf_multicast_encap)(struct mbuf *oldmbuf,
188 struct label *oldmbuflabel, struct ifnet *ifnet,
189 struct label *ifnetlabel, struct mbuf *newmbuf,
190 struct label *newmbuflabel);
191 void (*mpo_create_mbuf_netlayer)(struct mbuf *oldmbuf,
192 struct label *oldmbuflabel, struct mbuf *newmbuf,
193 struct label *newmbuflabel);
194 int (*mpo_fragment_match)(struct mbuf *fragment,
195 struct label *fragmentlabel, struct ipq *ipq,
196 struct label *ipqlabel);
197 void (*mpo_relabel_ifnet)(struct ucred *cred, struct ifnet *ifnet,
198 struct label *ifnetlabel, struct label *newlabel);
199 void (*mpo_update_ipq)(struct mbuf *fragment,
200 struct label *fragmentlabel, struct ipq *ipq,
201 struct label *ipqlabel);
202
203 /*
204 * Labeling event operations: processes.
205 */
206 void (*mpo_create_cred)(struct ucred *parent_cred,
207 struct ucred *child_cred);
208 void (*mpo_execve_transition)(struct ucred *old, struct ucred *new,
209 struct vnode *vp, struct label *vnodelabel);
210 int (*mpo_execve_will_transition)(struct ucred *old,
211 struct vnode *vp, struct label *vnodelabel);
212 void (*mpo_create_proc0)(struct ucred *cred);
213 void (*mpo_create_proc1)(struct ucred *cred);
214 void (*mpo_relabel_cred)(struct ucred *cred,
215 struct label *newlabel);
216
217 /*
218 * Access control checks.
219 */
220 int (*mpo_check_bpfdesc_receive)(struct bpf_d *bpf_d,
221 struct label *bpflabel, struct ifnet *ifnet,
222 struct label *ifnetlabel);
223 int (*mpo_check_cred_relabel)(struct ucred *cred,
224 struct label *newlabel);
225 int (*mpo_check_cred_visible)(struct ucred *u1, struct ucred *u2);
226 int (*mpo_check_ifnet_relabel)(struct ucred *cred,
227 struct ifnet *ifnet, struct label *ifnetlabel,
228 struct label *newlabel);
229 int (*mpo_check_ifnet_transmit)(struct ifnet *ifnet,
230 struct label *ifnetlabel, struct mbuf *m,
231 struct label *mbuflabel);
232 int (*mpo_check_mount_stat)(struct ucred *cred, struct mount *mp,
233 struct label *mntlabel);
234 int (*mpo_check_pipe_ioctl)(struct ucred *cred, struct pipe *pipe,
235 struct label *pipelabel, unsigned long cmd, void *data);
236 int (*mpo_check_pipe_op)(struct ucred *cred, struct pipe *pipe,
237 struct label *pipelabel, int op);
238 int (*mpo_check_pipe_relabel)(struct ucred *cred,
239 struct pipe *pipe, struct label *pipelabel,
240 struct label *newlabel);
241 int (*mpo_check_proc_debug)(struct ucred *cred,
242 struct proc *proc);
243 int (*mpo_check_proc_sched)(struct ucred *cred,
244 struct proc *proc);
245 int (*mpo_check_proc_signal)(struct ucred *cred,
246 struct proc *proc, int signum);
247 int (*mpo_check_socket_bind)(struct ucred *cred,
248 struct socket *so, struct label *socketlabel,
249 struct sockaddr *sockaddr);
250 int (*mpo_check_socket_connect)(struct ucred *cred,
251 struct socket *so, struct label *socketlabel,
252 struct sockaddr *sockaddr);
253 int (*mpo_check_socket_listen)(struct ucred *cred,
254 struct socket *so, struct label *socketlabel);
255 int (*mpo_check_socket_receive)(struct socket *so,
256 struct label *socketlabel, struct mbuf *m,
257 struct label *mbuflabel);
258 int (*mpo_check_socket_relabel)(struct ucred *cred,
259 struct socket *so, struct label *socketlabel,
260 struct label *newlabel);
261 int (*mpo_check_socket_visible)(struct ucred *cred,
262 struct socket *so, struct label *socketlabel);
263 int (*mpo_check_vnode_access)(struct ucred *cred,
264 struct vnode *vp, struct label *label, int flags);
265 int (*mpo_check_vnode_chdir)(struct ucred *cred,
266 struct vnode *dvp, struct label *dlabel);
267 int (*mpo_check_vnode_chroot)(struct ucred *cred,
268 struct vnode *dvp, struct label *dlabel);
269 int (*mpo_check_vnode_create)(struct ucred *cred,
270 struct vnode *dvp, struct label *dlabel,
271 struct componentname *cnp, struct vattr *vap);
272 int (*mpo_check_vnode_delete)(struct ucred *cred,
273 struct vnode *dvp, struct label *dlabel,
274 struct vnode *vp, void *label, struct componentname *cnp);
275 int (*mpo_check_vnode_deleteacl)(struct ucred *cred,
276 struct vnode *vp, struct label *label, acl_type_t type);
277 int (*mpo_check_vnode_exec)(struct ucred *cred, struct vnode *vp,
278 struct label *label);
279 int (*mpo_check_vnode_getacl)(struct ucred *cred,
280 struct vnode *vp, struct label *label, acl_type_t type);
281 int (*mpo_check_vnode_getextattr)(struct ucred *cred,
282 struct vnode *vp, struct label *label, int attrnamespace,
283 const char *name, struct uio *uio);
284 int (*mpo_check_vnode_lookup)(struct ucred *cred,
285 struct vnode *dvp, struct label *dlabel,
286 struct componentname *cnp);
287 vm_prot_t (*mpo_check_vnode_mmap_perms)(struct ucred *cred,
288 struct vnode *vp, struct label *label, int newmapping);
289 int (*mpo_check_vnode_op)(struct ucred *cred, struct vnode *vp,
290 struct label *label, int op);
291 int (*mpo_check_vnode_open)(struct ucred *cred, struct vnode *vp,
292 struct label *label, mode_t acc_mode);
293 int (*mpo_check_vnode_readdir)(struct ucred *cred,
294 struct vnode *dvp, struct label *dlabel);
295 int (*mpo_check_vnode_readlink)(struct ucred *cred,
296 struct vnode *vp, struct label *label);
297 int (*mpo_check_vnode_relabel)(struct ucred *cred,
298 struct vnode *vp, struct label *vnodelabel,
299 struct label *newlabel);
300 int (*mpo_check_vnode_rename_from)(struct ucred *cred,
301 struct vnode *dvp, struct label *dlabel, struct vnode *vp,
302 struct label *label, struct componentname *cnp);
303 int (*mpo_check_vnode_rename_to)(struct ucred *cred,
304 struct vnode *dvp, struct label *dlabel, struct vnode *vp,
305 struct label *label, int samedir,
306 struct componentname *cnp);
307 int (*mpo_check_vnode_revoke)(struct ucred *cred,
308 struct vnode *vp, struct label *label);
309 int (*mpo_check_vnode_setacl)(struct ucred *cred,
310 struct vnode *vp, struct label *label, acl_type_t type,
311 struct acl *acl);
312 int (*mpo_check_vnode_setextattr)(struct ucred *cred,
313 struct vnode *vp, struct label *label, int attrnamespace,
314 const char *name, struct uio *uio);
315 int (*mpo_check_vnode_setflags)(struct ucred *cred,
316 struct vnode *vp, struct label *label, u_long flags);
317 int (*mpo_check_vnode_setmode)(struct ucred *cred,
318 struct vnode *vp, struct label *label, mode_t mode);
319 int (*mpo_check_vnode_setowner)(struct ucred *cred,
320 struct vnode *vp, struct label *label, uid_t uid,
321 gid_t gid);
322 int (*mpo_check_vnode_setutimes)(struct ucred *cred,
323 struct vnode *vp, struct label *label,
324 struct timespec atime, struct timespec mtime);
325 int (*mpo_check_vnode_stat)(struct ucred *cred, struct vnode *vp,
326 struct label *label);
327};
328
329typedef const void *macop_t;
330
331enum mac_op_constant {
332 MAC_OP_LAST,
333 MAC_DESTROY,
334 MAC_INIT,
335 MAC_INIT_BPFDESC,
336 MAC_INIT_CRED,
337 MAC_INIT_DEVFSDIRENT,
338 MAC_INIT_IFNET,
339 MAC_INIT_IPQ,
340 MAC_INIT_MBUF,
341 MAC_INIT_MOUNT,
342 MAC_INIT_PIPE,
343 MAC_INIT_SOCKET,
344 MAC_INIT_TEMP,
345 MAC_INIT_VNODE,
346 MAC_DESTROY_BPFDESC,
347 MAC_DESTROY_CRED,
348 MAC_DESTROY_DEVFSDIRENT,
349 MAC_DESTROY_IFNET,
350 MAC_DESTROY_IPQ,
351 MAC_DESTROY_MBUF,
352 MAC_DESTROY_MOUNT,
353 MAC_DESTROY_PIPE,
354 MAC_DESTROY_SOCKET,
355 MAC_DESTROY_TEMP,
356 MAC_DESTROY_VNODE,
357 MAC_EXTERNALIZE,
358 MAC_INTERNALIZE,
359 MAC_CREATE_DEVFS_DEVICE,
360 MAC_CREATE_DEVFS_DIRECTORY,
361 MAC_CREATE_DEVFS_VNODE,
362 MAC_CREATE_VNODE,
363 MAC_CREATE_MOUNT,
364 MAC_CREATE_ROOT_MOUNT,
365 MAC_RELABEL_VNODE,
366 MAC_STDCREATEVNODE_EA,
367 MAC_UPDATE_DEVFSDIRENT,
368 MAC_UPDATE_PROCFSVNODE,
369 MAC_UPDATE_VNODE_FROM_EXTATTR,
370 MAC_UPDATE_VNODE_FROM_EXTERNALIZED,
371 MAC_UPDATE_VNODE_FROM_MOUNT,
372 MAC_CREATE_MBUF_FROM_SOCKET,
373 MAC_CREATE_PIPE,
374 MAC_CREATE_SOCKET,
375 MAC_CREATE_SOCKET_FROM_SOCKET,
376 MAC_RELABEL_PIPE,
377 MAC_RELABEL_SOCKET,
378 MAC_SET_SOCKET_PEER_FROM_MBUF,
379 MAC_SET_SOCKET_PEER_FROM_SOCKET,
380 MAC_CREATE_BPFDESC,
381 MAC_CREATE_DATAGRAM_FROM_IPQ,
382 MAC_CREATE_IFNET,
383 MAC_CREATE_IPQ,
384 MAC_CREATE_FRAGMENT,
385 MAC_CREATE_MBUF_FROM_MBUF,
386 MAC_CREATE_MBUF_LINKLAYER,
387 MAC_CREATE_MBUF_FROM_BPFDESC,
388 MAC_CREATE_MBUF_FROM_IFNET,
389 MAC_CREATE_MBUF_MULTICAST_ENCAP,
390 MAC_CREATE_MBUF_NETLAYER,
391 MAC_FRAGMENT_MATCH,
392 MAC_RELABEL_IFNET,
393 MAC_UPDATE_IPQ,
394 MAC_CREATE_CRED,
395 MAC_EXECVE_TRANSITION,
396 MAC_EXECVE_WILL_TRANSITION,
397 MAC_CREATE_PROC0,
398 MAC_CREATE_PROC1,
399 MAC_RELABEL_CRED,
400 MAC_CHECK_BPFDESC_RECEIVE,
401 MAC_CHECK_CRED_RELABEL,
402 MAC_CHECK_CRED_VISIBLE,
403 MAC_CHECK_IFNET_RELABEL,
404 MAC_CHECK_IFNET_TRANSMIT,
405 MAC_CHECK_MOUNT_STAT,
406 MAC_CHECK_PIPE_IOCTL,
407 MAC_CHECK_PIPE_OP,
408 MAC_CHECK_PIPE_RELABEL,
409 MAC_CHECK_PROC_DEBUG,
410 MAC_CHECK_PROC_SCHED,
411 MAC_CHECK_PROC_SIGNAL,
412 MAC_CHECK_SOCKET_BIND,
413 MAC_CHECK_SOCKET_CONNECT,
414 MAC_CHECK_SOCKET_LISTEN,
415 MAC_CHECK_SOCKET_RELABEL,
416 MAC_CHECK_SOCKET_RECEIVE,
417 MAC_CHECK_SOCKET_VISIBLE,
418 MAC_CHECK_VNODE_ACCESS,
419 MAC_CHECK_VNODE_CHDIR,
420 MAC_CHECK_VNODE_CHROOT,
421 MAC_CHECK_VNODE_CREATE,
422 MAC_CHECK_VNODE_DELETE,
423 MAC_CHECK_VNODE_DELETEACL,
424 MAC_CHECK_VNODE_EXEC,
425 MAC_CHECK_VNODE_GETACL,
426 MAC_CHECK_VNODE_GETEXTATTR,
427 MAC_CHECK_VNODE_LOOKUP,
428 MAC_CHECK_VNODE_MMAP_PERMS,
429 MAC_CHECK_VNODE_OP,
430 MAC_CHECK_VNODE_OPEN,
431 MAC_CHECK_VNODE_READDIR,
432 MAC_CHECK_VNODE_READLINK,
433 MAC_CHECK_VNODE_RELABEL,
434 MAC_CHECK_VNODE_RENAME_FROM,
435 MAC_CHECK_VNODE_RENAME_TO,
436 MAC_CHECK_VNODE_REVOKE,
437 MAC_CHECK_VNODE_SETACL,
438 MAC_CHECK_VNODE_SETEXTATTR,
439 MAC_CHECK_VNODE_SETFLAGS,
440 MAC_CHECK_VNODE_SETMODE,
441 MAC_CHECK_VNODE_SETOWNER,
442 MAC_CHECK_VNODE_SETUTIMES,
443 MAC_CHECK_VNODE_STAT,
444};
445
446struct mac_policy_op_entry {
447 enum mac_op_constant mpe_constant; /* what this hook implements */
448 macop_t mpe_function; /* hook's implementation */
449};
450
451struct mac_policy_conf {
452 char *mpc_name; /* policy name */
453 char *mpc_fullname; /* policy full name */
454 struct mac_policy_ops *mpc_ops; /* policy operations */
455 struct mac_policy_op_entry *mpc_entries; /* ops to fill in */
456 int mpc_loadtime_flags; /* flags */
457 int *mpc_field_off; /* security field */
458 int mpc_runtime_flags; /* flags */
459 LIST_ENTRY(mac_policy_conf) mpc_list; /* global list */
460};
461
462/* Flags for the mpc_loadtime_flags field. */
463#define MPC_LOADTIME_FLAG_NOTLATE 0x00000001
464#define MPC_LOADTIME_FLAG_UNLOADOK 0x00000002
465
466/* Flags for the mpc_runtime_flags field. */
467#define MPC_RUNTIME_FLAG_REGISTERED 0x00000001
468
469#define MAC_POLICY_SET(mpents, mpname, mpfullname, mpflags, privdata_wanted) \
470 static struct mac_policy_conf mpname##_mac_policy_conf = { \
471 #mpname, \
472 mpfullname, \
473 NULL, \
474 mpents, \
475 mpflags, \
476 privdata_wanted, \
477 0, \
478 }; \
479 static moduledata_t mpname##_mod = { \
480 #mpname, \
481 mac_policy_modevent, \
482 &mpname##_mac_policy_conf \
483 }; \
484 DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY, \
485 SI_ORDER_MIDDLE)
486
487int mac_policy_modevent(module_t mod, int type, void *data);
488
489#define LABEL_TO_SLOT(l, s) (l)->l_perpolicy[s]
490
491#endif /* !_SYS_MAC_POLICY_H */