1/*-
2 * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc.
4 * Copyright (c) 2005-2006 SPARTA, Inc.
5 * All rights reserved.
6 *
7 * This software was developed by Robert Watson for the TrustedBSD Project.
8 *
9 * This software was developed for the FreeBSD Project in part by Network
10 * Associates Laboratories, the Security Research Division of Network
11 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
12 * as part of the DARPA CHATS research program.
13 *
14 * This software was enhanced by SPARTA ISSO under SPAWAR contract
15 * N66001-04-C-6019 ("SEFOS").
16 *
17 * Redistribution and use in source and binary forms, with or without
18 * modification, are permitted provided that the following conditions
19 * are met:
20 * 1. Redistributions of source code must retain the above copyright
21 * notice, this list of conditions and the following disclaimer.
22 * 2. Redistributions in binary form must reproduce the above copyright
23 * notice, this list of conditions and the following disclaimer in the
24 * documentation and/or other materials provided with the distribution.
25 *
26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * SUCH DAMAGE.
37 *
38 * $FreeBSD: head/sys/security/mac/mac_policy.h 179963 2008-06-23 21:37:53Z jhb $
39 */
40/*
41 * Kernel interface for MAC policy modules.
42 */
43#ifndef _SECURITY_MAC_MAC_POLICY_H_
44#define _SECURITY_MAC_MAC_POLICY_H_
45
46#ifndef _KERNEL
47#error "no user-serviceable parts inside"
48#endif
49
50/*-
51 * Pluggable access control policy definition structure.
52 *
53 * List of operations that are performed as part of the implementation of a
54 * MAC policy. Policy implementors declare operations with a mac_policy_ops
55 * structure, and using the MAC_POLICY_SET() macro. If an entry point is not
56 * declared, then then the policy will be ignored during evaluation of that
57 * event or check.
58 *
59 * Operations are sorted first by general class of operation, then
60 * alphabetically.
61 */
62#include <sys/acl.h> /* XXX acl_type_t */
63
64struct acl;
65struct auditinfo;
66struct auditinfo_addr;
67struct bpf_d;
68struct cdev;
69struct componentname;
70struct devfs_dirent;
71struct ifnet;
72struct image_params;
73struct inpcb;
74struct ipq;
75struct ksem;
76struct label;
77struct mac_policy_conf;
78struct mbuf;
79struct mount;
80struct msg;
81struct msqid_kernel;
82struct pipepair;
83struct proc;
84struct sbuf;
85struct semid_kernel;
86struct shmfd;
87struct shmid_kernel;
88struct sockaddr;
89struct socket;
90struct sysctl_oid;
91struct sysctl_req;
92struct thread;
93struct ucred;
94struct uio;
95struct vattr;
96struct vnode;
97
98/*
99 * Policy module operations.
100 */
101typedef void (*mpo_destroy_t)(struct mac_policy_conf *mpc);
102typedef void (*mpo_init_t)(struct mac_policy_conf *mpc);
103
104/*
105 * General policy-directed security system call so that policies may
106 * implement new services without reserving explicit system call numbers.
107 */
108typedef int (*mpo_syscall_t)(struct thread *td, int call, void *arg);
109
110/*
111 * Place-holder function pointers for ABI-compatibility purposes.
112 */
113typedef void (*mpo_placeholder_t)(void);
114
115/*
116 * Operations sorted alphabetically by primary object type and then method.
117 */
118typedef int (*mpo_bpfdesc_check_receive_t)(struct bpf_d *d,
119 struct label *dlabel, struct ifnet *ifp,
120 struct label *ifplabel);
121typedef void (*mpo_bpfdesc_create_t)(struct ucred *cred,
122 struct bpf_d *d, struct label *dlabel);
123typedef void (*mpo_bpfdesc_create_mbuf_t)(struct bpf_d *d,
124 struct label *dlabel, struct mbuf *m,
125 struct label *mlabel);
126typedef void (*mpo_bpfdesc_destroy_label_t)(struct label *label);
127typedef void (*mpo_bpfdesc_init_label_t)(struct label *label);
128
129typedef int (*mpo_cred_check_relabel_t)(struct ucred *cred,
130 struct label *newlabel);
131typedef int (*mpo_cred_check_visible_t)(struct ucred *cr1,
132 struct ucred *cr2);
133typedef void (*mpo_cred_copy_label_t)(struct label *src,
134 struct label *dest);
135typedef void (*mpo_cred_destroy_label_t)(struct label *label);
136typedef int (*mpo_cred_externalize_label_t)(struct label *label,
137 char *element_name, struct sbuf *sb, int *claimed);
138typedef void (*mpo_cred_init_label_t)(struct label *label);
139typedef int (*mpo_cred_internalize_label_t)(struct label *label,
140 char *element_name, char *element_data, int *claimed);
141typedef void (*mpo_cred_relabel_t)(struct ucred *cred,
142 struct label *newlabel);
143
144typedef void (*mpo_devfs_create_device_t)(struct ucred *cred,
145 struct mount *mp, struct cdev *dev,
146 struct devfs_dirent *de, struct label *delabel);
147typedef void (*mpo_devfs_create_directory_t)(struct mount *mp,
148 char *dirname, int dirnamelen, struct devfs_dirent *de,
149 struct label *delabel);
150typedef void (*mpo_devfs_create_symlink_t)(struct ucred *cred,
151 struct mount *mp, struct devfs_dirent *dd,
152 struct label *ddlabel, struct devfs_dirent *de,
153 struct label *delabel);
154typedef void (*mpo_devfs_destroy_label_t)(struct label *label);
155typedef void (*mpo_devfs_init_label_t)(struct label *label);
156typedef void (*mpo_devfs_update_t)(struct mount *mp,
157 struct devfs_dirent *de, struct label *delabel,
158 struct vnode *vp, struct label *vplabel);
159typedef void (*mpo_devfs_vnode_associate_t)(struct mount *mp,
160 struct label *mplabel, struct devfs_dirent *de,
161 struct label *delabel, struct vnode *vp,
162 struct label *vplabel);
163
164typedef int (*mpo_ifnet_check_relabel_t)(struct ucred *cred,
165 struct ifnet *ifp, struct label *ifplabel,
166 struct label *newlabel);
167typedef int (*mpo_ifnet_check_transmit_t)(struct ifnet *ifp,
168 struct label *ifplabel, struct mbuf *m,
169 struct label *mlabel);
170typedef void (*mpo_ifnet_copy_label_t)(struct label *src,
171 struct label *dest);
172typedef void (*mpo_ifnet_create_t)(struct ifnet *ifp,
173 struct label *ifplabel);
174typedef void (*mpo_ifnet_create_mbuf_t)(struct ifnet *ifp,
175 struct label *ifplabel, struct mbuf *m,
176 struct label *mlabel);
177typedef void (*mpo_ifnet_destroy_label_t)(struct label *label);
178typedef int (*mpo_ifnet_externalize_label_t)(struct label *label,
179 char *element_name, struct sbuf *sb, int *claimed);
180typedef void (*mpo_ifnet_init_label_t)(struct label *label);
181typedef int (*mpo_ifnet_internalize_label_t)(struct label *label,
182 char *element_name, char *element_data, int *claimed);
183typedef void (*mpo_ifnet_relabel_t)(struct ucred *cred, struct ifnet *ifp,
184 struct label *ifplabel, struct label *newlabel);
185
186typedef int (*mpo_inpcb_check_deliver_t)(struct inpcb *inp,
187 struct label *inplabel, struct mbuf *m,
188 struct label *mlabel);
189typedef void (*mpo_inpcb_create_t)(struct socket *so,
190 struct label *solabel, struct inpcb *inp,
191 struct label *inplabel);
192typedef void (*mpo_inpcb_create_mbuf_t)(struct inpcb *inp,
193 struct label *inplabel, struct mbuf *m,
194 struct label *mlabel);
195typedef void (*mpo_inpcb_destroy_label_t)(struct label *label);
196typedef int (*mpo_inpcb_init_label_t)(struct label *label, int flag);
197typedef void (*mpo_inpcb_sosetlabel_t)(struct socket *so,
198 struct label *label, struct inpcb *inp,
199 struct label *inplabel);
200
201typedef void (*mpo_ipq_create_t)(struct mbuf *m, struct label *mlabel,
202 struct ipq *q, struct label *qlabel);
203typedef void (*mpo_ipq_destroy_label_t)(struct label *label);
204typedef int (*mpo_ipq_init_label_t)(struct label *label, int flag);
205typedef int (*mpo_ipq_match_t)(struct mbuf *m, struct label *mlabel,
206 struct ipq *q, struct label *qlabel);
207typedef void (*mpo_ipq_reassemble)(struct ipq *q, struct label *qlabel,
208 struct mbuf *m, struct label *mlabel);
209typedef void (*mpo_ipq_update_t)(struct mbuf *m, struct label *mlabel,
210 struct ipq *q, struct label *qlabel);
211
212typedef int (*mpo_kenv_check_dump_t)(struct ucred *cred);
213typedef int (*mpo_kenv_check_get_t)(struct ucred *cred, char *name);
214typedef int (*mpo_kenv_check_set_t)(struct ucred *cred, char *name,
215 char *value);
216typedef int (*mpo_kenv_check_unset_t)(struct ucred *cred, char *name);
217
218typedef int (*mpo_kld_check_load_t)(struct ucred *cred, struct vnode *vp,
219 struct label *vplabel);
220typedef int (*mpo_kld_check_stat_t)(struct ucred *cred);
221
222typedef void (*mpo_mbuf_copy_label_t)(struct label *src,
223 struct label *dest);
224typedef void (*mpo_mbuf_destroy_label_t)(struct label *label);
225typedef int (*mpo_mbuf_init_label_t)(struct label *label, int flag);
226
227typedef int (*mpo_mount_check_stat_t)(struct ucred *cred,
228 struct mount *mp, struct label *mplabel);
229typedef void (*mpo_mount_create_t)(struct ucred *cred, struct mount *mp,
230 struct label *mplabel);
231typedef void (*mpo_mount_destroy_label_t)(struct label *label);
232typedef void (*mpo_mount_init_label_t)(struct label *label);
233
234typedef void (*mpo_netatalk_aarp_send_t)(struct ifnet *ifp,
235 struct label *ifplabel, struct mbuf *m,
236 struct label *mlabel);
237
238typedef void (*mpo_netinet_arp_send_t)(struct ifnet *ifp,
239 struct label *ifplabel, struct mbuf *m,
240 struct label *mlabel);
241typedef void (*mpo_netinet_firewall_reply_t)(struct mbuf *mrecv,
242 struct label *mrecvlabel, struct mbuf *msend,
243 struct label *msendlabel);
244typedef void (*mpo_netinet_firewall_send_t)(struct mbuf *m,
245 struct label *mlabel);
246typedef void (*mpo_netinet_fragment_t)(struct mbuf *m,
247 struct label *mlabel, struct mbuf *frag,
248 struct label *fraglabel);
249typedef void (*mpo_netinet_icmp_reply_t)(struct mbuf *mrecv,
250 struct label *mrecvlabel, struct mbuf *msend,
251 struct label *msendlabel);
252typedef void (*mpo_netinet_icmp_replyinplace_t)(struct mbuf *m,
253 struct label *mlabel);
254typedef void (*mpo_netinet_igmp_send_t)(struct ifnet *ifp,
255 struct label *ifplabel, struct mbuf *m,
256 struct label *mlabel);
257typedef void (*mpo_netinet_tcp_reply_t)(struct mbuf *m,
258 struct label *mlabel);
259
260typedef void (*mpo_netinet6_nd6_send_t)(struct ifnet *ifp,
261 struct label *ifplabel, struct mbuf *m,
262 struct label *mlabel);
263
264typedef int (*mpo_pipe_check_ioctl_t)(struct ucred *cred,
265 struct pipepair *pp, struct label *pplabel,
266 unsigned long cmd, void *data);
267typedef int (*mpo_pipe_check_poll_t)(struct ucred *cred,
268 struct pipepair *pp, struct label *pplabel);
269typedef int (*mpo_pipe_check_read_t)(struct ucred *cred,
270 struct pipepair *pp, struct label *pplabel);
271typedef int (*mpo_pipe_check_relabel_t)(struct ucred *cred,
272 struct pipepair *pp, struct label *pplabel,
273 struct label *newlabel);
274typedef int (*mpo_pipe_check_stat_t)(struct ucred *cred,
275 struct pipepair *pp, struct label *pplabel);
276typedef int (*mpo_pipe_check_write_t)(struct ucred *cred,
277 struct pipepair *pp, struct label *pplabel);
278typedef void (*mpo_pipe_copy_label_t)(struct label *src,
279 struct label *dest);
280typedef void (*mpo_pipe_create_t)(struct ucred *cred, struct pipepair *pp,
281 struct label *pplabel);
282typedef void (*mpo_pipe_destroy_label_t)(struct label *label);
283typedef int (*mpo_pipe_externalize_label_t)(struct label *label,
284 char *element_name, struct sbuf *sb, int *claimed);
285typedef void (*mpo_pipe_init_label_t)(struct label *label);
286typedef int (*mpo_pipe_internalize_label_t)(struct label *label,
287 char *element_name, char *element_data, int *claimed);
288typedef void (*mpo_pipe_relabel_t)(struct ucred *cred, struct pipepair *pp,
289 struct label *oldlabel, struct label *newlabel);
290
291typedef int (*mpo_posixsem_check_getvalue_t)(struct ucred *cred,
292 struct ksem *ks, struct label *kslabel);
293typedef int (*mpo_posixsem_check_open_t)(struct ucred *cred,
294 struct ksem *ks, struct label *kslabel);
295typedef int (*mpo_posixsem_check_post_t)(struct ucred *cred,
296 struct ksem *ks, struct label *kslabel);
297typedef int (*mpo_posixsem_check_unlink_t)(struct ucred *cred,
298 struct ksem *ks, struct label *kslabel);
299typedef int (*mpo_posixsem_check_wait_t)(struct ucred *cred,
300 struct ksem *ks, struct label *kslabel);
301typedef void (*mpo_posixsem_create_t)(struct ucred *cred,
302 struct ksem *ks, struct label *kslabel);
303typedef void (*mpo_posixsem_destroy_label_t)(struct label *label);
304typedef void (*mpo_posixsem_init_label_t)(struct label *label);
305
306typedef int (*mpo_posixshm_check_mmap_t)(struct ucred *cred,
307 struct shmfd *shmfd, struct label *shmlabel, int prot,
308 int flags);
309typedef int (*mpo_posixshm_check_open_t)(struct ucred *cred,
310 struct shmfd *shmfd, struct label *shmlabel);
311typedef int (*mpo_posixshm_check_stat_t)(struct ucred *active_cred,
312 struct ucred *file_cred, struct shmfd *shmfd,
313 struct label *shmlabel);
314typedef int (*mpo_posixshm_check_truncate_t)(struct ucred *active_cred,
315 struct ucred *file_cred, struct shmfd *shmfd,
316 struct label *shmlabel);
317typedef int (*mpo_posixshm_check_unlink_t)(struct ucred *cred,
318 struct shmfd *shmfd, struct label *shmlabel);
319typedef void (*mpo_posixshm_create_t)(struct ucred *cred,
320 struct shmfd *shmfd, struct label *shmlabel);
321typedef void (*mpo_posixshm_destroy_label_t)(struct label *label);
322typedef void (*mpo_posixshm_init_label_t)(struct label *label);
323
324typedef int (*mpo_priv_check_t)(struct ucred *cred, int priv);
325typedef int (*mpo_priv_grant_t)(struct ucred *cred, int priv);
326
327typedef void (*mpo_proc_associate_nfsd_t)(struct ucred *cred);
328typedef int (*mpo_proc_check_debug_t)(struct ucred *cred,
329 struct proc *p);
330typedef int (*mpo_proc_check_sched_t)(struct ucred *cred,
331 struct proc *p);
332typedef int (*mpo_proc_check_setaudit_t)(struct ucred *cred,
333 struct auditinfo *ai);
334typedef int (*mpo_proc_check_setaudit_addr_t)(struct ucred *cred,
335 struct auditinfo_addr *aia);
336typedef int (*mpo_proc_check_setauid_t)(struct ucred *cred, uid_t auid);
337typedef int (*mpo_proc_check_setegid_t)(struct ucred *cred, gid_t egid);
338typedef int (*mpo_proc_check_seteuid_t)(struct ucred *cred, uid_t euid);
339typedef int (*mpo_proc_check_setgid_t)(struct ucred *cred, gid_t gid);
340typedef int (*mpo_proc_check_setgroups_t)(struct ucred *cred, int ngroups,
341 gid_t *gidset);
342typedef int (*mpo_proc_check_setregid_t)(struct ucred *cred, gid_t rgid,
343 gid_t egid);
344typedef int (*mpo_proc_check_setresgid_t)(struct ucred *cred, gid_t rgid,
345 gid_t egid, gid_t sgid);
346typedef int (*mpo_proc_check_setresuid_t)(struct ucred *cred, uid_t ruid,
347 uid_t euid, uid_t suid);
348typedef int (*mpo_proc_check_setreuid_t)(struct ucred *cred, uid_t ruid,
349 uid_t euid);
350typedef int (*mpo_proc_check_setuid_t)(struct ucred *cred, uid_t uid);
351typedef int (*mpo_proc_check_signal_t)(struct ucred *cred,
352 struct proc *proc, int signum);
353typedef int (*mpo_proc_check_wait_t)(struct ucred *cred,
354 struct proc *proc);
355typedef void (*mpo_proc_create_init_t)(struct ucred *cred);
356typedef void (*mpo_proc_create_swapper_t)(struct ucred *cred);
357typedef void (*mpo_proc_destroy_label_t)(struct label *label);
358typedef void (*mpo_proc_init_label_t)(struct label *label);
359
360typedef int (*mpo_socket_check_accept_t)(struct ucred *cred,
361 struct socket *so, struct label *solabel);
362typedef int (*mpo_socket_check_bind_t)(struct ucred *cred,
363 struct socket *so, struct label *solabel,
364 struct sockaddr *sa);
365typedef int (*mpo_socket_check_connect_t)(struct ucred *cred,
366 struct socket *so, struct label *solabel,
367 struct sockaddr *sa);
368typedef int (*mpo_socket_check_create_t)(struct ucred *cred, int domain,
369 int type, int protocol);
370typedef int (*mpo_socket_check_deliver_t)(struct socket *so,
371 struct label *solabel, struct mbuf *m,
372 struct label *mlabel);
373typedef int (*mpo_socket_check_listen_t)(struct ucred *cred,
374 struct socket *so, struct label *solabel);
375typedef int (*mpo_socket_check_poll_t)(struct ucred *cred,
376 struct socket *so, struct label *solabel);
377typedef int (*mpo_socket_check_receive_t)(struct ucred *cred,
378 struct socket *so, struct label *solabel);
379typedef int (*mpo_socket_check_relabel_t)(struct ucred *cred,
380 struct socket *so, struct label *solabel,
381 struct label *newlabel);
382typedef int (*mpo_socket_check_send_t)(struct ucred *cred,
383 struct socket *so, struct label *solabel);
384typedef int (*mpo_socket_check_stat_t)(struct ucred *cred,
385 struct socket *so, struct label *solabel);
386typedef int (*mpo_socket_check_visible_t)(struct ucred *cred,
387 struct socket *so, struct label *solabel);
388typedef void (*mpo_socket_copy_label_t)(struct label *src,
389 struct label *dest);
390typedef void (*mpo_socket_create_t)(struct ucred *cred, struct socket *so,
391 struct label *solabel);
392typedef void (*mpo_socket_create_mbuf_t)(struct socket *so,
393 struct label *solabel, struct mbuf *m,
394 struct label *mlabel);
395typedef void (*mpo_socket_destroy_label_t)(struct label *label);
396typedef int (*mpo_socket_externalize_label_t)(struct label *label,
397 char *element_name, struct sbuf *sb, int *claimed);
398typedef int (*mpo_socket_init_label_t)(struct label *label, int flag);
399typedef int (*mpo_socket_internalize_label_t)(struct label *label,
400 char *element_name, char *element_data, int *claimed);
401typedef void (*mpo_socket_newconn_t)(struct socket *oldso,
402 struct label *oldsolabel, struct socket *newso,
403 struct label *newsolabel);
404typedef void (*mpo_socket_relabel_t)(struct ucred *cred, struct socket *so,
405 struct label *oldlabel, struct label *newlabel);
406
407typedef void (*mpo_socketpeer_destroy_label_t)(struct label *label);
408typedef int (*mpo_socketpeer_externalize_label_t)(struct label *label,
409 char *element_name, struct sbuf *sb, int *claimed);
410typedef int (*mpo_socketpeer_init_label_t)(struct label *label,
411 int flag);
412typedef void (*mpo_socketpeer_set_from_mbuf_t)(struct mbuf *m,
413 struct label *mlabel, struct socket *so,
414 struct label *sopeerlabel);
415typedef void (*mpo_socketpeer_set_from_socket_t)(struct socket *oldso,
416 struct label *oldsolabel, struct socket *newso,
417 struct label *newsopeerlabel);
418
419typedef void (*mpo_syncache_create_t)(struct label *label,
420 struct inpcb *inp);
421typedef void (*mpo_syncache_create_mbuf_t)(struct label *sc_label,
422 struct mbuf *m, struct label *mlabel);
423typedef void (*mpo_syncache_destroy_label_t)(struct label *label);
424typedef int (*mpo_syncache_init_label_t)(struct label *label, int flag);
425
426typedef int (*mpo_system_check_acct_t)(struct ucred *cred,
427 struct vnode *vp, struct label *vplabel);
428typedef int (*mpo_system_check_audit_t)(struct ucred *cred, void *record,
429 int length);
430typedef int (*mpo_system_check_auditctl_t)(struct ucred *cred,
431 struct vnode *vp, struct label *vplabel);
432typedef int (*mpo_system_check_auditon_t)(struct ucred *cred, int cmd);
433typedef int (*mpo_system_check_reboot_t)(struct ucred *cred, int howto);
434typedef int (*mpo_system_check_swapon_t)(struct ucred *cred,
435 struct vnode *vp, struct label *vplabel);
436typedef int (*mpo_system_check_swapoff_t)(struct ucred *cred,
437 struct vnode *vp, struct label *vplabel);
438typedef int (*mpo_system_check_sysctl_t)(struct ucred *cred,
439 struct sysctl_oid *oidp, void *arg1, int arg2,
440 struct sysctl_req *req);
441
442typedef void (*mpo_sysvmsg_cleanup_t)(struct label *msglabel);
443typedef void (*mpo_sysvmsg_create_t)(struct ucred *cred,
444 struct msqid_kernel *msqkptr, struct label *msqlabel,
445 struct msg *msgptr, struct label *msglabel);
446typedef void (*mpo_sysvmsg_destroy_label_t)(struct label *label);
447typedef void (*mpo_sysvmsg_init_label_t)(struct label *label);
448
449typedef int (*mpo_sysvmsq_check_msgmsq_t)(struct ucred *cred,
450 struct msg *msgptr, struct label *msglabel,
451 struct msqid_kernel *msqkptr, struct label *msqklabel);
452typedef int (*mpo_sysvmsq_check_msgrcv_t)(struct ucred *cred,
453 struct msg *msgptr, struct label *msglabel);
454typedef int (*mpo_sysvmsq_check_msgrmid_t)(struct ucred *cred,
455 struct msg *msgptr, struct label *msglabel);
456typedef int (*mpo_sysvmsq_check_msqget_t)(struct ucred *cred,
457 struct msqid_kernel *msqkptr, struct label *msqklabel);
458typedef int (*mpo_sysvmsq_check_msqctl_t)(struct ucred *cred,
459 struct msqid_kernel *msqkptr, struct label *msqklabel,
460 int cmd);
461typedef int (*mpo_sysvmsq_check_msqrcv_t)(struct ucred *cred,
462 struct msqid_kernel *msqkptr, struct label *msqklabel);
463typedef int (*mpo_sysvmsq_check_msqsnd_t)(struct ucred *cred,
464 struct msqid_kernel *msqkptr, struct label *msqklabel);
465typedef void (*mpo_sysvmsq_cleanup_t)(struct label *msqlabel);
466typedef void (*mpo_sysvmsq_create_t)(struct ucred *cred,
467 struct msqid_kernel *msqkptr, struct label *msqlabel);
468typedef void (*mpo_sysvmsq_destroy_label_t)(struct label *label);
469typedef void (*mpo_sysvmsq_init_label_t)(struct label *label);
470
471typedef int (*mpo_sysvsem_check_semctl_t)(struct ucred *cred,
472 struct semid_kernel *semakptr, struct label *semaklabel,
473 int cmd);
474typedef int (*mpo_sysvsem_check_semget_t)(struct ucred *cred,
475 struct semid_kernel *semakptr, struct label *semaklabel);
476typedef int (*mpo_sysvsem_check_semop_t)(struct ucred *cred,
477 struct semid_kernel *semakptr, struct label *semaklabel,
478 size_t accesstype);
479typedef void (*mpo_sysvsem_cleanup_t)(struct label *semalabel);
480typedef void (*mpo_sysvsem_create_t)(struct ucred *cred,
481 struct semid_kernel *semakptr, struct label *semalabel);
482typedef void (*mpo_sysvsem_destroy_label_t)(struct label *label);
483typedef void (*mpo_sysvsem_init_label_t)(struct label *label);
484
485typedef int (*mpo_sysvshm_check_shmat_t)(struct ucred *cred,
486 struct shmid_kernel *shmsegptr,
487 struct label *shmseglabel, int shmflg);
488typedef int (*mpo_sysvshm_check_shmctl_t)(struct ucred *cred,
489 struct shmid_kernel *shmsegptr,
490 struct label *shmseglabel, int cmd);
491typedef int (*mpo_sysvshm_check_shmdt_t)(struct ucred *cred,
492 struct shmid_kernel *shmsegptr,
493 struct label *shmseglabel);
494typedef int (*mpo_sysvshm_check_shmget_t)(struct ucred *cred,
495 struct shmid_kernel *shmsegptr,
496 struct label *shmseglabel, int shmflg);
497typedef void (*mpo_sysvshm_cleanup_t)(struct label *shmlabel);
498typedef void (*mpo_sysvshm_create_t)(struct ucred *cred,
499 struct shmid_kernel *shmsegptr, struct label *shmlabel);
500typedef void (*mpo_sysvshm_destroy_label_t)(struct label *label);
501typedef void (*mpo_sysvshm_init_label_t)(struct label *label);
502
503typedef void (*mpo_thread_userret_t)(struct thread *thread);
504
505typedef int (*mpo_vnode_associate_extattr_t)(struct mount *mp,
506 struct label *mplabel, struct vnode *vp,
507 struct label *vplabel);
508typedef void (*mpo_vnode_associate_singlelabel_t)(struct mount *mp,
509 struct label *mplabel, struct vnode *vp,
510 struct label *vplabel);
511typedef int (*mpo_vnode_check_access_t)(struct ucred *cred,
512 struct vnode *vp, struct label *vplabel, int acc_mode);
513typedef int (*mpo_vnode_check_chdir_t)(struct ucred *cred,
514 struct vnode *dvp, struct label *dvplabel);
515typedef int (*mpo_vnode_check_chroot_t)(struct ucred *cred,
516 struct vnode *dvp, struct label *dvplabel);
517typedef int (*mpo_vnode_check_create_t)(struct ucred *cred,
518 struct vnode *dvp, struct label *dvplabel,
519 struct componentname *cnp, struct vattr *vap);
520typedef int (*mpo_vnode_check_deleteacl_t)(struct ucred *cred,
521 struct vnode *vp, struct label *vplabel,
522 acl_type_t type);
523typedef int (*mpo_vnode_check_deleteextattr_t)(struct ucred *cred,
524 struct vnode *vp, struct label *vplabel,
525 int attrnamespace, const char *name);
526typedef int (*mpo_vnode_check_exec_t)(struct ucred *cred,
527 struct vnode *vp, struct label *vplabel,
528 struct image_params *imgp, struct label *execlabel);
529typedef int (*mpo_vnode_check_getacl_t)(struct ucred *cred,
530 struct vnode *vp, struct label *vplabel,
531 acl_type_t type);
532typedef int (*mpo_vnode_check_getextattr_t)(struct ucred *cred,
533 struct vnode *vp, struct label *vplabel,
534 int attrnamespace, const char *name, struct uio *uio);
535typedef int (*mpo_vnode_check_link_t)(struct ucred *cred,
536 struct vnode *dvp, struct label *dvplabel,
537 struct vnode *vp, struct label *vplabel,
538 struct componentname *cnp);
539typedef int (*mpo_vnode_check_listextattr_t)(struct ucred *cred,
540 struct vnode *vp, struct label *vplabel,
541 int attrnamespace);
542typedef int (*mpo_vnode_check_lookup_t)(struct ucred *cred,
543 struct vnode *dvp, struct label *dvplabel,
544 struct componentname *cnp);
545typedef int (*mpo_vnode_check_mmap_t)(struct ucred *cred,
546 struct vnode *vp, struct label *label, int prot,
547 int flags);
548typedef void (*mpo_vnode_check_mmap_downgrade_t)(struct ucred *cred,
549 struct vnode *vp, struct label *vplabel, int *prot);
550typedef int (*mpo_vnode_check_mprotect_t)(struct ucred *cred,
551 struct vnode *vp, struct label *vplabel, int prot);
552typedef int (*mpo_vnode_check_open_t)(struct ucred *cred,
553 struct vnode *vp, struct label *vplabel, int acc_mode);
554typedef int (*mpo_vnode_check_poll_t)(struct ucred *active_cred,
555 struct ucred *file_cred, struct vnode *vp,
556 struct label *vplabel);
557typedef int (*mpo_vnode_check_read_t)(struct ucred *active_cred,
558 struct ucred *file_cred, struct vnode *vp,
559 struct label *vplabel);
560typedef int (*mpo_vnode_check_readdir_t)(struct ucred *cred,
561 struct vnode *dvp, struct label *dvplabel);
562typedef int (*mpo_vnode_check_readlink_t)(struct ucred *cred,
563 struct vnode *vp, struct label *vplabel);
564typedef int (*mpo_vnode_check_relabel_t)(struct ucred *cred,
565 struct vnode *vp, struct label *vplabel,
566 struct label *newlabel);
567typedef int (*mpo_vnode_check_rename_from_t)(struct ucred *cred,
568 struct vnode *dvp, struct label *dvplabel,
569 struct vnode *vp, struct label *vplabel,
570 struct componentname *cnp);
571typedef int (*mpo_vnode_check_rename_to_t)(struct ucred *cred,
572 struct vnode *dvp, struct label *dvplabel,
573 struct vnode *vp, struct label *vplabel, int samedir,
574 struct componentname *cnp);
575typedef int (*mpo_vnode_check_revoke_t)(struct ucred *cred,
576 struct vnode *vp, struct label *vplabel);
577typedef int (*mpo_vnode_check_setacl_t)(struct ucred *cred,
578 struct vnode *vp, struct label *vplabel, acl_type_t type,
579 struct acl *acl);
580typedef int (*mpo_vnode_check_setextattr_t)(struct ucred *cred,
581 struct vnode *vp, struct label *vplabel,
582 int attrnamespace, const char *name, struct uio *uio);
583typedef int (*mpo_vnode_check_setflags_t)(struct ucred *cred,
584 struct vnode *vp, struct label *vplabel, u_long flags);
585typedef int (*mpo_vnode_check_setmode_t)(struct ucred *cred,
586 struct vnode *vp, struct label *vplabel, mode_t mode);
587typedef int (*mpo_vnode_check_setowner_t)(struct ucred *cred,
588 struct vnode *vp, struct label *vplabel, uid_t uid,
589 gid_t gid);
590typedef int (*mpo_vnode_check_setutimes_t)(struct ucred *cred,
591 struct vnode *vp, struct label *vplabel,
592 struct timespec atime, struct timespec mtime);
593typedef int (*mpo_vnode_check_stat_t)(struct ucred *active_cred,
594 struct ucred *file_cred, struct vnode *vp,
595 struct label *vplabel);
596typedef int (*mpo_vnode_check_unlink_t)(struct ucred *cred,
597 struct vnode *dvp, struct label *dvplabel,
598 struct vnode *vp, struct label *vplabel,
599 struct componentname *cnp);
600typedef int (*mpo_vnode_check_write_t)(struct ucred *active_cred,
601 struct ucred *file_cred, struct vnode *vp,
602 struct label *vplabel);
603typedef void (*mpo_vnode_copy_label_t)(struct label *src,
604 struct label *dest);
605typedef int (*mpo_vnode_create_extattr_t)(struct ucred *cred,
606 struct mount *mp, struct label *mplabel,
607 struct vnode *dvp, struct label *dvplabel,
608 struct vnode *vp, struct label *vplabel,
609 struct componentname *cnp);
610typedef void (*mpo_vnode_destroy_label_t)(struct label *label);
611typedef void (*mpo_vnode_execve_transition_t)(struct ucred *old,
612 struct ucred *new, struct vnode *vp,
613 struct label *vplabel, struct label *interpvplabel,
614 struct image_params *imgp, struct label *execlabel);
615typedef int (*mpo_vnode_execve_will_transition_t)(struct ucred *old,
616 struct vnode *vp, struct label *vplabel,
617 struct label *interpvplabel, struct image_params *imgp,
618 struct label *execlabel);
619typedef int (*mpo_vnode_externalize_label_t)(struct label *label,
620 char *element_name, struct sbuf *sb, int *claimed);
621typedef void (*mpo_vnode_init_label_t)(struct label *label);
622typedef int (*mpo_vnode_internalize_label_t)(struct label *label,
623 char *element_name, char *element_data, int *claimed);
624typedef void (*mpo_vnode_relabel_t)(struct ucred *cred, struct vnode *vp,
625 struct label *vplabel, struct label *label);
626typedef int (*mpo_vnode_setlabel_extattr_t)(struct ucred *cred,
627 struct vnode *vp, struct label *vplabel,
628 struct label *intlabel);
629
630struct mac_policy_ops {
631 /*
632 * Policy module operations.
633 */
634 mpo_destroy_t mpo_destroy;
635 mpo_init_t mpo_init;
636
637 /*
638 * General policy-directed security system call so that policies may
639 * implement new services without reserving explicit system call
640 * numbers.
641 */
642 mpo_syscall_t mpo_syscall;
643
644 /*
645 * Label operations. Initialize label storage, destroy label
646 * storage, recycle for re-use without init/destroy, copy a label to
647 * initialized storage, and externalize/internalize from/to
648 * initialized storage.
649 */
650 mpo_bpfdesc_check_receive_t mpo_bpfdesc_check_receive;
651 mpo_bpfdesc_create_t mpo_bpfdesc_create;
652 mpo_bpfdesc_create_mbuf_t mpo_bpfdesc_create_mbuf;
653 mpo_bpfdesc_destroy_label_t mpo_bpfdesc_destroy_label;
654 mpo_bpfdesc_init_label_t mpo_bpfdesc_init_label;
655
656 mpo_cred_check_relabel_t mpo_cred_check_relabel;
657 mpo_cred_check_visible_t mpo_cred_check_visible;
658 mpo_cred_copy_label_t mpo_cred_copy_label;
659 mpo_cred_destroy_label_t mpo_cred_destroy_label;
660 mpo_cred_externalize_label_t mpo_cred_externalize_label;
661 mpo_cred_init_label_t mpo_cred_init_label;
662 mpo_cred_internalize_label_t mpo_cred_internalize_label;
663 mpo_cred_relabel_t mpo_cred_relabel;
664
665 mpo_devfs_create_device_t mpo_devfs_create_device;
666 mpo_devfs_create_directory_t mpo_devfs_create_directory;
667 mpo_devfs_create_symlink_t mpo_devfs_create_symlink;
668 mpo_devfs_destroy_label_t mpo_devfs_destroy_label;
669 mpo_devfs_init_label_t mpo_devfs_init_label;
670 mpo_devfs_update_t mpo_devfs_update;
671 mpo_devfs_vnode_associate_t mpo_devfs_vnode_associate;
672
673 mpo_ifnet_check_relabel_t mpo_ifnet_check_relabel;
674 mpo_ifnet_check_transmit_t mpo_ifnet_check_transmit;
675 mpo_ifnet_copy_label_t mpo_ifnet_copy_label;
676 mpo_ifnet_create_t mpo_ifnet_create;
677 mpo_ifnet_create_mbuf_t mpo_ifnet_create_mbuf;
678 mpo_ifnet_destroy_label_t mpo_ifnet_destroy_label;
679 mpo_ifnet_externalize_label_t mpo_ifnet_externalize_label;
680 mpo_ifnet_init_label_t mpo_ifnet_init_label;
681 mpo_ifnet_internalize_label_t mpo_ifnet_internalize_label;
682 mpo_ifnet_relabel_t mpo_ifnet_relabel;
683
684 mpo_inpcb_check_deliver_t mpo_inpcb_check_deliver;
685 mpo_inpcb_create_t mpo_inpcb_create;
686 mpo_inpcb_create_mbuf_t mpo_inpcb_create_mbuf;
687 mpo_inpcb_destroy_label_t mpo_inpcb_destroy_label;
688 mpo_inpcb_init_label_t mpo_inpcb_init_label;
689 mpo_inpcb_sosetlabel_t mpo_inpcb_sosetlabel;
690
691 mpo_ipq_create_t mpo_ipq_create;
692 mpo_ipq_destroy_label_t mpo_ipq_destroy_label;
693 mpo_ipq_init_label_t mpo_ipq_init_label;
694 mpo_ipq_match_t mpo_ipq_match;
695 mpo_ipq_reassemble mpo_ipq_reassemble;
696 mpo_ipq_update_t mpo_ipq_update;
697
698 mpo_kenv_check_dump_t mpo_kenv_check_dump;
699 mpo_kenv_check_get_t mpo_kenv_check_get;
700 mpo_kenv_check_set_t mpo_kenv_check_set;
701 mpo_kenv_check_unset_t mpo_kenv_check_unset;
702
703 mpo_kld_check_load_t mpo_kld_check_load;
704 mpo_kld_check_stat_t mpo_kld_check_stat;
705
706 mpo_mbuf_copy_label_t mpo_mbuf_copy_label;
707 mpo_mbuf_destroy_label_t mpo_mbuf_destroy_label;
708 mpo_mbuf_init_label_t mpo_mbuf_init_label;
709
710 mpo_mount_check_stat_t mpo_mount_check_stat;
711 mpo_mount_create_t mpo_mount_create;
712 mpo_mount_destroy_label_t mpo_mount_destroy_label;
713 mpo_mount_init_label_t mpo_mount_init_label;
714
715 mpo_netatalk_aarp_send_t mpo_netatalk_aarp_send;
716
717 mpo_netinet_arp_send_t mpo_netinet_arp_send;
718 mpo_netinet_firewall_reply_t mpo_netinet_firewall_reply;
719 mpo_netinet_firewall_send_t mpo_netinet_firewall_send;
720 mpo_netinet_fragment_t mpo_netinet_fragment;
721 mpo_netinet_icmp_reply_t mpo_netinet_icmp_reply;
722 mpo_netinet_icmp_replyinplace_t mpo_netinet_icmp_replyinplace;
723 mpo_netinet_igmp_send_t mpo_netinet_igmp_send;
724 mpo_netinet_tcp_reply_t mpo_netinet_tcp_reply;
725
726 mpo_netinet6_nd6_send_t mpo_netinet6_nd6_send;
727
728 mpo_pipe_check_ioctl_t mpo_pipe_check_ioctl;
729 mpo_pipe_check_poll_t mpo_pipe_check_poll;
730 mpo_pipe_check_read_t mpo_pipe_check_read;
731 mpo_pipe_check_relabel_t mpo_pipe_check_relabel;
732 mpo_pipe_check_stat_t mpo_pipe_check_stat;
733 mpo_pipe_check_write_t mpo_pipe_check_write;
734 mpo_pipe_copy_label_t mpo_pipe_copy_label;
735 mpo_pipe_create_t mpo_pipe_create;
736 mpo_pipe_destroy_label_t mpo_pipe_destroy_label;
737 mpo_pipe_externalize_label_t mpo_pipe_externalize_label;
738 mpo_pipe_init_label_t mpo_pipe_init_label;
739 mpo_pipe_internalize_label_t mpo_pipe_internalize_label;
740 mpo_pipe_relabel_t mpo_pipe_relabel;
741
742 mpo_posixsem_check_getvalue_t mpo_posixsem_check_getvalue;
743 mpo_posixsem_check_open_t mpo_posixsem_check_open;
744 mpo_posixsem_check_post_t mpo_posixsem_check_post;
745 mpo_posixsem_check_unlink_t mpo_posixsem_check_unlink;
746 mpo_posixsem_check_wait_t mpo_posixsem_check_wait;
747 mpo_posixsem_create_t mpo_posixsem_create;
748 mpo_posixsem_destroy_label_t mpo_posixsem_destroy_label;
749 mpo_posixsem_init_label_t mpo_posixsem_init_label;
750
751 mpo_posixshm_check_mmap_t mpo_posixshm_check_mmap;
752 mpo_posixshm_check_open_t mpo_posixshm_check_open;
753 mpo_posixshm_check_stat_t mpo_posixshm_check_stat;
754 mpo_posixshm_check_truncate_t mpo_posixshm_check_truncate;
755 mpo_posixshm_check_unlink_t mpo_posixshm_check_unlink;
756 mpo_posixshm_create_t mpo_posixshm_create;
757 mpo_posixshm_destroy_label_t mpo_posixshm_destroy_label;
758 mpo_posixshm_init_label_t mpo_posixshm_init_label;
759
760 mpo_priv_check_t mpo_priv_check;
761 mpo_priv_grant_t mpo_priv_grant;
762
763 mpo_proc_associate_nfsd_t mpo_proc_associate_nfsd;
764 mpo_proc_check_debug_t mpo_proc_check_debug;
765 mpo_proc_check_sched_t mpo_proc_check_sched;
766 mpo_proc_check_setaudit_t mpo_proc_check_setaudit;
767 mpo_proc_check_setaudit_addr_t mpo_proc_check_setaudit_addr;
768 mpo_proc_check_setauid_t mpo_proc_check_setauid;
769 mpo_proc_check_setuid_t mpo_proc_check_setuid;
770 mpo_proc_check_seteuid_t mpo_proc_check_seteuid;
771 mpo_proc_check_setgid_t mpo_proc_check_setgid;
772 mpo_proc_check_setegid_t mpo_proc_check_setegid;
773 mpo_proc_check_setgroups_t mpo_proc_check_setgroups;
774 mpo_proc_check_setreuid_t mpo_proc_check_setreuid;
775 mpo_proc_check_setregid_t mpo_proc_check_setregid;
776 mpo_proc_check_setresuid_t mpo_proc_check_setresuid;
777 mpo_proc_check_setresgid_t mpo_proc_check_setresgid;
778 mpo_proc_check_signal_t mpo_proc_check_signal;
779 mpo_proc_check_wait_t mpo_proc_check_wait;
780 mpo_proc_create_swapper_t mpo_proc_create_swapper;
781 mpo_proc_create_init_t mpo_proc_create_init;
782 mpo_proc_destroy_label_t mpo_proc_destroy_label;
783 mpo_proc_init_label_t mpo_proc_init_label;
784
785 mpo_socket_check_accept_t mpo_socket_check_accept;
786 mpo_socket_check_bind_t mpo_socket_check_bind;
787 mpo_socket_check_connect_t mpo_socket_check_connect;
788 mpo_socket_check_create_t mpo_socket_check_create;
789 mpo_socket_check_deliver_t mpo_socket_check_deliver;
790 mpo_socket_check_listen_t mpo_socket_check_listen;
791 mpo_socket_check_poll_t mpo_socket_check_poll;
792 mpo_socket_check_receive_t mpo_socket_check_receive;
793 mpo_socket_check_relabel_t mpo_socket_check_relabel;
794 mpo_socket_check_send_t mpo_socket_check_send;
795 mpo_socket_check_stat_t mpo_socket_check_stat;
796 mpo_socket_check_visible_t mpo_socket_check_visible;
797 mpo_socket_copy_label_t mpo_socket_copy_label;
798 mpo_socket_create_t mpo_socket_create;
799 mpo_socket_create_mbuf_t mpo_socket_create_mbuf;
800 mpo_socket_destroy_label_t mpo_socket_destroy_label;
801 mpo_socket_externalize_label_t mpo_socket_externalize_label;
802 mpo_socket_init_label_t mpo_socket_init_label;
803 mpo_socket_internalize_label_t mpo_socket_internalize_label;
804 mpo_socket_newconn_t mpo_socket_newconn;
805 mpo_socket_relabel_t mpo_socket_relabel;
806
807 mpo_socketpeer_destroy_label_t mpo_socketpeer_destroy_label;
808 mpo_socketpeer_externalize_label_t mpo_socketpeer_externalize_label;
809 mpo_socketpeer_init_label_t mpo_socketpeer_init_label;
810 mpo_socketpeer_set_from_mbuf_t mpo_socketpeer_set_from_mbuf;
811 mpo_socketpeer_set_from_socket_t mpo_socketpeer_set_from_socket;
812
813 mpo_syncache_init_label_t mpo_syncache_init_label;
814 mpo_syncache_destroy_label_t mpo_syncache_destroy_label;
815 mpo_syncache_create_t mpo_syncache_create;
816 mpo_syncache_create_mbuf_t mpo_syncache_create_mbuf;
817
818 mpo_system_check_acct_t mpo_system_check_acct;
819 mpo_system_check_audit_t mpo_system_check_audit;
820 mpo_system_check_auditctl_t mpo_system_check_auditctl;
821 mpo_system_check_auditon_t mpo_system_check_auditon;
822 mpo_system_check_reboot_t mpo_system_check_reboot;
823 mpo_system_check_swapon_t mpo_system_check_swapon;
824 mpo_system_check_swapoff_t mpo_system_check_swapoff;
825 mpo_system_check_sysctl_t mpo_system_check_sysctl;
826
827 mpo_sysvmsg_cleanup_t mpo_sysvmsg_cleanup;
828 mpo_sysvmsg_create_t mpo_sysvmsg_create;
829 mpo_sysvmsg_destroy_label_t mpo_sysvmsg_destroy_label;
830 mpo_sysvmsg_init_label_t mpo_sysvmsg_init_label;
831
832 mpo_sysvmsq_check_msgmsq_t mpo_sysvmsq_check_msgmsq;
833 mpo_sysvmsq_check_msgrcv_t mpo_sysvmsq_check_msgrcv;
834 mpo_sysvmsq_check_msgrmid_t mpo_sysvmsq_check_msgrmid;
835 mpo_sysvmsq_check_msqctl_t mpo_sysvmsq_check_msqctl;
836 mpo_sysvmsq_check_msqget_t mpo_sysvmsq_check_msqget;
837 mpo_sysvmsq_check_msqrcv_t mpo_sysvmsq_check_msqrcv;
838 mpo_sysvmsq_check_msqsnd_t mpo_sysvmsq_check_msqsnd;
839 mpo_sysvmsq_cleanup_t mpo_sysvmsq_cleanup;
840 mpo_sysvmsq_create_t mpo_sysvmsq_create;
841 mpo_sysvmsq_destroy_label_t mpo_sysvmsq_destroy_label;
842 mpo_sysvmsq_init_label_t mpo_sysvmsq_init_label;
843
844 mpo_sysvsem_check_semctl_t mpo_sysvsem_check_semctl;
845 mpo_sysvsem_check_semget_t mpo_sysvsem_check_semget;
846 mpo_sysvsem_check_semop_t mpo_sysvsem_check_semop;
847 mpo_sysvsem_cleanup_t mpo_sysvsem_cleanup;
848 mpo_sysvsem_create_t mpo_sysvsem_create;
849 mpo_sysvsem_destroy_label_t mpo_sysvsem_destroy_label;
850 mpo_sysvsem_init_label_t mpo_sysvsem_init_label;
851
852 mpo_sysvshm_check_shmat_t mpo_sysvshm_check_shmat;
853 mpo_sysvshm_check_shmctl_t mpo_sysvshm_check_shmctl;
854 mpo_sysvshm_check_shmdt_t mpo_sysvshm_check_shmdt;
855 mpo_sysvshm_check_shmget_t mpo_sysvshm_check_shmget;
856 mpo_sysvshm_cleanup_t mpo_sysvshm_cleanup;
857 mpo_sysvshm_create_t mpo_sysvshm_create;
858 mpo_sysvshm_destroy_label_t mpo_sysvshm_destroy_label;
859 mpo_sysvshm_init_label_t mpo_sysvshm_init_label;
860
861 mpo_thread_userret_t mpo_thread_userret;
862
863 mpo_vnode_check_access_t mpo_vnode_check_access;
864 mpo_vnode_check_chdir_t mpo_vnode_check_chdir;
865 mpo_vnode_check_chroot_t mpo_vnode_check_chroot;
866 mpo_vnode_check_create_t mpo_vnode_check_create;
867 mpo_vnode_check_deleteacl_t mpo_vnode_check_deleteacl;
868 mpo_vnode_check_deleteextattr_t mpo_vnode_check_deleteextattr;
869 mpo_vnode_check_exec_t mpo_vnode_check_exec;
870 mpo_vnode_check_getacl_t mpo_vnode_check_getacl;
871 mpo_vnode_check_getextattr_t mpo_vnode_check_getextattr;
872 mpo_vnode_check_link_t mpo_vnode_check_link;
873 mpo_vnode_check_listextattr_t mpo_vnode_check_listextattr;
874 mpo_vnode_check_lookup_t mpo_vnode_check_lookup;
875 mpo_vnode_check_mmap_t mpo_vnode_check_mmap;
876 mpo_vnode_check_mmap_downgrade_t mpo_vnode_check_mmap_downgrade;
877 mpo_vnode_check_mprotect_t mpo_vnode_check_mprotect;
878 mpo_vnode_check_open_t mpo_vnode_check_open;
879 mpo_vnode_check_poll_t mpo_vnode_check_poll;
880 mpo_vnode_check_read_t mpo_vnode_check_read;
881 mpo_vnode_check_readdir_t mpo_vnode_check_readdir;
882 mpo_vnode_check_readlink_t mpo_vnode_check_readlink;
883 mpo_vnode_check_relabel_t mpo_vnode_check_relabel;
884 mpo_vnode_check_rename_from_t mpo_vnode_check_rename_from;
885 mpo_vnode_check_rename_to_t mpo_vnode_check_rename_to;
886 mpo_vnode_check_revoke_t mpo_vnode_check_revoke;
887 mpo_vnode_check_setacl_t mpo_vnode_check_setacl;
888 mpo_vnode_check_setextattr_t mpo_vnode_check_setextattr;
889 mpo_vnode_check_setflags_t mpo_vnode_check_setflags;
890 mpo_vnode_check_setmode_t mpo_vnode_check_setmode;
891 mpo_vnode_check_setowner_t mpo_vnode_check_setowner;
892 mpo_vnode_check_setutimes_t mpo_vnode_check_setutimes;
893 mpo_vnode_check_stat_t mpo_vnode_check_stat;
894 mpo_vnode_check_unlink_t mpo_vnode_check_unlink;
895 mpo_vnode_check_write_t mpo_vnode_check_write;
896 mpo_vnode_associate_extattr_t mpo_vnode_associate_extattr;
897 mpo_vnode_associate_singlelabel_t mpo_vnode_associate_singlelabel;
898 mpo_vnode_destroy_label_t mpo_vnode_destroy_label;
899 mpo_vnode_copy_label_t mpo_vnode_copy_label;
900 mpo_vnode_create_extattr_t mpo_vnode_create_extattr;
901 mpo_vnode_execve_transition_t mpo_vnode_execve_transition;
902 mpo_vnode_execve_will_transition_t mpo_vnode_execve_will_transition;
903 mpo_vnode_externalize_label_t mpo_vnode_externalize_label;
904 mpo_vnode_init_label_t mpo_vnode_init_label;
905 mpo_vnode_internalize_label_t mpo_vnode_internalize_label;
906 mpo_vnode_relabel_t mpo_vnode_relabel;
907 mpo_vnode_setlabel_extattr_t mpo_vnode_setlabel_extattr;
908};
909
910/*
911 * struct mac_policy_conf is the registration structure for policies, and is
912 * provided to the MAC Framework using MAC_POLICY_SET() to invoke a SYSINIT
913 * to register the policy. In general, the fields are immutable, with the
914 * exception of the "security field", run-time flags, and policy list entry,
915 * which are managed by the MAC Framework. Be careful when modifying this
916 * structure, as its layout is statically compiled into all policies.
917 */
918struct mac_policy_conf {
919 char *mpc_name; /* policy name */
920 char *mpc_fullname; /* policy full name */
921 struct mac_policy_ops *mpc_ops; /* policy operations */
922 int mpc_loadtime_flags; /* flags */
923 int *mpc_field_off; /* security field */
924 int mpc_runtime_flags; /* flags */
925 LIST_ENTRY(mac_policy_conf) mpc_list; /* global list */
926};
927
928/* Flags for the mpc_loadtime_flags field. */
929#define MPC_LOADTIME_FLAG_NOTLATE 0x00000001
930#define MPC_LOADTIME_FLAG_UNLOADOK 0x00000002
931#define MPC_LOADTIME_FLAG_LABELMBUFS 0x00000004
932
933/* Flags for the mpc_runtime_flags field. */
934#define MPC_RUNTIME_FLAG_REGISTERED 0x00000001
935
936/*-
937 * The TrustedBSD MAC Framework has a major version number, MAC_VERSION,
938 * which defines the ABI of the Framework present in the kernel (and depended
939 * on by policy modules compiled against that kernel). Currently,
940 * MAC_POLICY_SET() requires that the kernel and module ABI version numbers
941 * exactly match. The following major versions have been defined to date:
942 *
943 * MAC version FreeBSD versions
944 * 1 5.x
945 * 2 6.x
946 * 3 7.x
947 * 4 8.x
948 */
949#define MAC_VERSION 4
950
951#define MAC_POLICY_SET(mpops, mpname, mpfullname, mpflags, privdata_wanted) \
952 static struct mac_policy_conf mpname##_mac_policy_conf = { \
953 #mpname, \
954 mpfullname, \
955 mpops, \
956 mpflags, \
957 privdata_wanted, \
958 0, \
959 }; \
960 static moduledata_t mpname##_mod = { \
961 #mpname, \
962 mac_policy_modevent, \
963 &mpname##_mac_policy_conf \
964 }; \
965 MODULE_DEPEND(mpname, kernel_mac_support, MAC_VERSION, \
966 MAC_VERSION, MAC_VERSION); \
967 DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY, \
968 SI_ORDER_MIDDLE)
969
970int mac_policy_modevent(module_t mod, int type, void *data);
971
972/*
973 * Policy interface to map a struct label pointer to per-policy data.
974 * Typically, policies wrap this in their own accessor macro that casts a
975 * uintptr_t to a policy-specific data type.
976 */
977intptr_t mac_label_get(struct label *l, int slot);
978void mac_label_set(struct label *l, int slot, intptr_t v);
979
980#endif /* !_SECURITY_MAC_MAC_POLICY_H_ */
2 * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc.
4 * Copyright (c) 2005-2006 SPARTA, Inc.
5 * All rights reserved.
6 *
7 * This software was developed by Robert Watson for the TrustedBSD Project.
8 *
9 * This software was developed for the FreeBSD Project in part by Network
10 * Associates Laboratories, the Security Research Division of Network
11 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
12 * as part of the DARPA CHATS research program.
13 *
14 * This software was enhanced by SPARTA ISSO under SPAWAR contract
15 * N66001-04-C-6019 ("SEFOS").
16 *
17 * Redistribution and use in source and binary forms, with or without
18 * modification, are permitted provided that the following conditions
19 * are met:
20 * 1. Redistributions of source code must retain the above copyright
21 * notice, this list of conditions and the following disclaimer.
22 * 2. Redistributions in binary form must reproduce the above copyright
23 * notice, this list of conditions and the following disclaimer in the
24 * documentation and/or other materials provided with the distribution.
25 *
26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * SUCH DAMAGE.
37 *
38 * $FreeBSD: head/sys/security/mac/mac_policy.h 179963 2008-06-23 21:37:53Z jhb $
39 */
40/*
41 * Kernel interface for MAC policy modules.
42 */
43#ifndef _SECURITY_MAC_MAC_POLICY_H_
44#define _SECURITY_MAC_MAC_POLICY_H_
45
46#ifndef _KERNEL
47#error "no user-serviceable parts inside"
48#endif
49
50/*-
51 * Pluggable access control policy definition structure.
52 *
53 * List of operations that are performed as part of the implementation of a
54 * MAC policy. Policy implementors declare operations with a mac_policy_ops
55 * structure, and using the MAC_POLICY_SET() macro. If an entry point is not
56 * declared, then then the policy will be ignored during evaluation of that
57 * event or check.
58 *
59 * Operations are sorted first by general class of operation, then
60 * alphabetically.
61 */
62#include <sys/acl.h> /* XXX acl_type_t */
63
64struct acl;
65struct auditinfo;
66struct auditinfo_addr;
67struct bpf_d;
68struct cdev;
69struct componentname;
70struct devfs_dirent;
71struct ifnet;
72struct image_params;
73struct inpcb;
74struct ipq;
75struct ksem;
76struct label;
77struct mac_policy_conf;
78struct mbuf;
79struct mount;
80struct msg;
81struct msqid_kernel;
82struct pipepair;
83struct proc;
84struct sbuf;
85struct semid_kernel;
86struct shmfd;
87struct shmid_kernel;
88struct sockaddr;
89struct socket;
90struct sysctl_oid;
91struct sysctl_req;
92struct thread;
93struct ucred;
94struct uio;
95struct vattr;
96struct vnode;
97
98/*
99 * Policy module operations.
100 */
101typedef void (*mpo_destroy_t)(struct mac_policy_conf *mpc);
102typedef void (*mpo_init_t)(struct mac_policy_conf *mpc);
103
104/*
105 * General policy-directed security system call so that policies may
106 * implement new services without reserving explicit system call numbers.
107 */
108typedef int (*mpo_syscall_t)(struct thread *td, int call, void *arg);
109
110/*
111 * Place-holder function pointers for ABI-compatibility purposes.
112 */
113typedef void (*mpo_placeholder_t)(void);
114
115/*
116 * Operations sorted alphabetically by primary object type and then method.
117 */
118typedef int (*mpo_bpfdesc_check_receive_t)(struct bpf_d *d,
119 struct label *dlabel, struct ifnet *ifp,
120 struct label *ifplabel);
121typedef void (*mpo_bpfdesc_create_t)(struct ucred *cred,
122 struct bpf_d *d, struct label *dlabel);
123typedef void (*mpo_bpfdesc_create_mbuf_t)(struct bpf_d *d,
124 struct label *dlabel, struct mbuf *m,
125 struct label *mlabel);
126typedef void (*mpo_bpfdesc_destroy_label_t)(struct label *label);
127typedef void (*mpo_bpfdesc_init_label_t)(struct label *label);
128
129typedef int (*mpo_cred_check_relabel_t)(struct ucred *cred,
130 struct label *newlabel);
131typedef int (*mpo_cred_check_visible_t)(struct ucred *cr1,
132 struct ucred *cr2);
133typedef void (*mpo_cred_copy_label_t)(struct label *src,
134 struct label *dest);
135typedef void (*mpo_cred_destroy_label_t)(struct label *label);
136typedef int (*mpo_cred_externalize_label_t)(struct label *label,
137 char *element_name, struct sbuf *sb, int *claimed);
138typedef void (*mpo_cred_init_label_t)(struct label *label);
139typedef int (*mpo_cred_internalize_label_t)(struct label *label,
140 char *element_name, char *element_data, int *claimed);
141typedef void (*mpo_cred_relabel_t)(struct ucred *cred,
142 struct label *newlabel);
143
144typedef void (*mpo_devfs_create_device_t)(struct ucred *cred,
145 struct mount *mp, struct cdev *dev,
146 struct devfs_dirent *de, struct label *delabel);
147typedef void (*mpo_devfs_create_directory_t)(struct mount *mp,
148 char *dirname, int dirnamelen, struct devfs_dirent *de,
149 struct label *delabel);
150typedef void (*mpo_devfs_create_symlink_t)(struct ucred *cred,
151 struct mount *mp, struct devfs_dirent *dd,
152 struct label *ddlabel, struct devfs_dirent *de,
153 struct label *delabel);
154typedef void (*mpo_devfs_destroy_label_t)(struct label *label);
155typedef void (*mpo_devfs_init_label_t)(struct label *label);
156typedef void (*mpo_devfs_update_t)(struct mount *mp,
157 struct devfs_dirent *de, struct label *delabel,
158 struct vnode *vp, struct label *vplabel);
159typedef void (*mpo_devfs_vnode_associate_t)(struct mount *mp,
160 struct label *mplabel, struct devfs_dirent *de,
161 struct label *delabel, struct vnode *vp,
162 struct label *vplabel);
163
164typedef int (*mpo_ifnet_check_relabel_t)(struct ucred *cred,
165 struct ifnet *ifp, struct label *ifplabel,
166 struct label *newlabel);
167typedef int (*mpo_ifnet_check_transmit_t)(struct ifnet *ifp,
168 struct label *ifplabel, struct mbuf *m,
169 struct label *mlabel);
170typedef void (*mpo_ifnet_copy_label_t)(struct label *src,
171 struct label *dest);
172typedef void (*mpo_ifnet_create_t)(struct ifnet *ifp,
173 struct label *ifplabel);
174typedef void (*mpo_ifnet_create_mbuf_t)(struct ifnet *ifp,
175 struct label *ifplabel, struct mbuf *m,
176 struct label *mlabel);
177typedef void (*mpo_ifnet_destroy_label_t)(struct label *label);
178typedef int (*mpo_ifnet_externalize_label_t)(struct label *label,
179 char *element_name, struct sbuf *sb, int *claimed);
180typedef void (*mpo_ifnet_init_label_t)(struct label *label);
181typedef int (*mpo_ifnet_internalize_label_t)(struct label *label,
182 char *element_name, char *element_data, int *claimed);
183typedef void (*mpo_ifnet_relabel_t)(struct ucred *cred, struct ifnet *ifp,
184 struct label *ifplabel, struct label *newlabel);
185
186typedef int (*mpo_inpcb_check_deliver_t)(struct inpcb *inp,
187 struct label *inplabel, struct mbuf *m,
188 struct label *mlabel);
189typedef void (*mpo_inpcb_create_t)(struct socket *so,
190 struct label *solabel, struct inpcb *inp,
191 struct label *inplabel);
192typedef void (*mpo_inpcb_create_mbuf_t)(struct inpcb *inp,
193 struct label *inplabel, struct mbuf *m,
194 struct label *mlabel);
195typedef void (*mpo_inpcb_destroy_label_t)(struct label *label);
196typedef int (*mpo_inpcb_init_label_t)(struct label *label, int flag);
197typedef void (*mpo_inpcb_sosetlabel_t)(struct socket *so,
198 struct label *label, struct inpcb *inp,
199 struct label *inplabel);
200
201typedef void (*mpo_ipq_create_t)(struct mbuf *m, struct label *mlabel,
202 struct ipq *q, struct label *qlabel);
203typedef void (*mpo_ipq_destroy_label_t)(struct label *label);
204typedef int (*mpo_ipq_init_label_t)(struct label *label, int flag);
205typedef int (*mpo_ipq_match_t)(struct mbuf *m, struct label *mlabel,
206 struct ipq *q, struct label *qlabel);
207typedef void (*mpo_ipq_reassemble)(struct ipq *q, struct label *qlabel,
208 struct mbuf *m, struct label *mlabel);
209typedef void (*mpo_ipq_update_t)(struct mbuf *m, struct label *mlabel,
210 struct ipq *q, struct label *qlabel);
211
212typedef int (*mpo_kenv_check_dump_t)(struct ucred *cred);
213typedef int (*mpo_kenv_check_get_t)(struct ucred *cred, char *name);
214typedef int (*mpo_kenv_check_set_t)(struct ucred *cred, char *name,
215 char *value);
216typedef int (*mpo_kenv_check_unset_t)(struct ucred *cred, char *name);
217
218typedef int (*mpo_kld_check_load_t)(struct ucred *cred, struct vnode *vp,
219 struct label *vplabel);
220typedef int (*mpo_kld_check_stat_t)(struct ucred *cred);
221
222typedef void (*mpo_mbuf_copy_label_t)(struct label *src,
223 struct label *dest);
224typedef void (*mpo_mbuf_destroy_label_t)(struct label *label);
225typedef int (*mpo_mbuf_init_label_t)(struct label *label, int flag);
226
227typedef int (*mpo_mount_check_stat_t)(struct ucred *cred,
228 struct mount *mp, struct label *mplabel);
229typedef void (*mpo_mount_create_t)(struct ucred *cred, struct mount *mp,
230 struct label *mplabel);
231typedef void (*mpo_mount_destroy_label_t)(struct label *label);
232typedef void (*mpo_mount_init_label_t)(struct label *label);
233
234typedef void (*mpo_netatalk_aarp_send_t)(struct ifnet *ifp,
235 struct label *ifplabel, struct mbuf *m,
236 struct label *mlabel);
237
238typedef void (*mpo_netinet_arp_send_t)(struct ifnet *ifp,
239 struct label *ifplabel, struct mbuf *m,
240 struct label *mlabel);
241typedef void (*mpo_netinet_firewall_reply_t)(struct mbuf *mrecv,
242 struct label *mrecvlabel, struct mbuf *msend,
243 struct label *msendlabel);
244typedef void (*mpo_netinet_firewall_send_t)(struct mbuf *m,
245 struct label *mlabel);
246typedef void (*mpo_netinet_fragment_t)(struct mbuf *m,
247 struct label *mlabel, struct mbuf *frag,
248 struct label *fraglabel);
249typedef void (*mpo_netinet_icmp_reply_t)(struct mbuf *mrecv,
250 struct label *mrecvlabel, struct mbuf *msend,
251 struct label *msendlabel);
252typedef void (*mpo_netinet_icmp_replyinplace_t)(struct mbuf *m,
253 struct label *mlabel);
254typedef void (*mpo_netinet_igmp_send_t)(struct ifnet *ifp,
255 struct label *ifplabel, struct mbuf *m,
256 struct label *mlabel);
257typedef void (*mpo_netinet_tcp_reply_t)(struct mbuf *m,
258 struct label *mlabel);
259
260typedef void (*mpo_netinet6_nd6_send_t)(struct ifnet *ifp,
261 struct label *ifplabel, struct mbuf *m,
262 struct label *mlabel);
263
264typedef int (*mpo_pipe_check_ioctl_t)(struct ucred *cred,
265 struct pipepair *pp, struct label *pplabel,
266 unsigned long cmd, void *data);
267typedef int (*mpo_pipe_check_poll_t)(struct ucred *cred,
268 struct pipepair *pp, struct label *pplabel);
269typedef int (*mpo_pipe_check_read_t)(struct ucred *cred,
270 struct pipepair *pp, struct label *pplabel);
271typedef int (*mpo_pipe_check_relabel_t)(struct ucred *cred,
272 struct pipepair *pp, struct label *pplabel,
273 struct label *newlabel);
274typedef int (*mpo_pipe_check_stat_t)(struct ucred *cred,
275 struct pipepair *pp, struct label *pplabel);
276typedef int (*mpo_pipe_check_write_t)(struct ucred *cred,
277 struct pipepair *pp, struct label *pplabel);
278typedef void (*mpo_pipe_copy_label_t)(struct label *src,
279 struct label *dest);
280typedef void (*mpo_pipe_create_t)(struct ucred *cred, struct pipepair *pp,
281 struct label *pplabel);
282typedef void (*mpo_pipe_destroy_label_t)(struct label *label);
283typedef int (*mpo_pipe_externalize_label_t)(struct label *label,
284 char *element_name, struct sbuf *sb, int *claimed);
285typedef void (*mpo_pipe_init_label_t)(struct label *label);
286typedef int (*mpo_pipe_internalize_label_t)(struct label *label,
287 char *element_name, char *element_data, int *claimed);
288typedef void (*mpo_pipe_relabel_t)(struct ucred *cred, struct pipepair *pp,
289 struct label *oldlabel, struct label *newlabel);
290
291typedef int (*mpo_posixsem_check_getvalue_t)(struct ucred *cred,
292 struct ksem *ks, struct label *kslabel);
293typedef int (*mpo_posixsem_check_open_t)(struct ucred *cred,
294 struct ksem *ks, struct label *kslabel);
295typedef int (*mpo_posixsem_check_post_t)(struct ucred *cred,
296 struct ksem *ks, struct label *kslabel);
297typedef int (*mpo_posixsem_check_unlink_t)(struct ucred *cred,
298 struct ksem *ks, struct label *kslabel);
299typedef int (*mpo_posixsem_check_wait_t)(struct ucred *cred,
300 struct ksem *ks, struct label *kslabel);
301typedef void (*mpo_posixsem_create_t)(struct ucred *cred,
302 struct ksem *ks, struct label *kslabel);
303typedef void (*mpo_posixsem_destroy_label_t)(struct label *label);
304typedef void (*mpo_posixsem_init_label_t)(struct label *label);
305
306typedef int (*mpo_posixshm_check_mmap_t)(struct ucred *cred,
307 struct shmfd *shmfd, struct label *shmlabel, int prot,
308 int flags);
309typedef int (*mpo_posixshm_check_open_t)(struct ucred *cred,
310 struct shmfd *shmfd, struct label *shmlabel);
311typedef int (*mpo_posixshm_check_stat_t)(struct ucred *active_cred,
312 struct ucred *file_cred, struct shmfd *shmfd,
313 struct label *shmlabel);
314typedef int (*mpo_posixshm_check_truncate_t)(struct ucred *active_cred,
315 struct ucred *file_cred, struct shmfd *shmfd,
316 struct label *shmlabel);
317typedef int (*mpo_posixshm_check_unlink_t)(struct ucred *cred,
318 struct shmfd *shmfd, struct label *shmlabel);
319typedef void (*mpo_posixshm_create_t)(struct ucred *cred,
320 struct shmfd *shmfd, struct label *shmlabel);
321typedef void (*mpo_posixshm_destroy_label_t)(struct label *label);
322typedef void (*mpo_posixshm_init_label_t)(struct label *label);
323
324typedef int (*mpo_priv_check_t)(struct ucred *cred, int priv);
325typedef int (*mpo_priv_grant_t)(struct ucred *cred, int priv);
326
327typedef void (*mpo_proc_associate_nfsd_t)(struct ucred *cred);
328typedef int (*mpo_proc_check_debug_t)(struct ucred *cred,
329 struct proc *p);
330typedef int (*mpo_proc_check_sched_t)(struct ucred *cred,
331 struct proc *p);
332typedef int (*mpo_proc_check_setaudit_t)(struct ucred *cred,
333 struct auditinfo *ai);
334typedef int (*mpo_proc_check_setaudit_addr_t)(struct ucred *cred,
335 struct auditinfo_addr *aia);
336typedef int (*mpo_proc_check_setauid_t)(struct ucred *cred, uid_t auid);
337typedef int (*mpo_proc_check_setegid_t)(struct ucred *cred, gid_t egid);
338typedef int (*mpo_proc_check_seteuid_t)(struct ucred *cred, uid_t euid);
339typedef int (*mpo_proc_check_setgid_t)(struct ucred *cred, gid_t gid);
340typedef int (*mpo_proc_check_setgroups_t)(struct ucred *cred, int ngroups,
341 gid_t *gidset);
342typedef int (*mpo_proc_check_setregid_t)(struct ucred *cred, gid_t rgid,
343 gid_t egid);
344typedef int (*mpo_proc_check_setresgid_t)(struct ucred *cred, gid_t rgid,
345 gid_t egid, gid_t sgid);
346typedef int (*mpo_proc_check_setresuid_t)(struct ucred *cred, uid_t ruid,
347 uid_t euid, uid_t suid);
348typedef int (*mpo_proc_check_setreuid_t)(struct ucred *cred, uid_t ruid,
349 uid_t euid);
350typedef int (*mpo_proc_check_setuid_t)(struct ucred *cred, uid_t uid);
351typedef int (*mpo_proc_check_signal_t)(struct ucred *cred,
352 struct proc *proc, int signum);
353typedef int (*mpo_proc_check_wait_t)(struct ucred *cred,
354 struct proc *proc);
355typedef void (*mpo_proc_create_init_t)(struct ucred *cred);
356typedef void (*mpo_proc_create_swapper_t)(struct ucred *cred);
357typedef void (*mpo_proc_destroy_label_t)(struct label *label);
358typedef void (*mpo_proc_init_label_t)(struct label *label);
359
360typedef int (*mpo_socket_check_accept_t)(struct ucred *cred,
361 struct socket *so, struct label *solabel);
362typedef int (*mpo_socket_check_bind_t)(struct ucred *cred,
363 struct socket *so, struct label *solabel,
364 struct sockaddr *sa);
365typedef int (*mpo_socket_check_connect_t)(struct ucred *cred,
366 struct socket *so, struct label *solabel,
367 struct sockaddr *sa);
368typedef int (*mpo_socket_check_create_t)(struct ucred *cred, int domain,
369 int type, int protocol);
370typedef int (*mpo_socket_check_deliver_t)(struct socket *so,
371 struct label *solabel, struct mbuf *m,
372 struct label *mlabel);
373typedef int (*mpo_socket_check_listen_t)(struct ucred *cred,
374 struct socket *so, struct label *solabel);
375typedef int (*mpo_socket_check_poll_t)(struct ucred *cred,
376 struct socket *so, struct label *solabel);
377typedef int (*mpo_socket_check_receive_t)(struct ucred *cred,
378 struct socket *so, struct label *solabel);
379typedef int (*mpo_socket_check_relabel_t)(struct ucred *cred,
380 struct socket *so, struct label *solabel,
381 struct label *newlabel);
382typedef int (*mpo_socket_check_send_t)(struct ucred *cred,
383 struct socket *so, struct label *solabel);
384typedef int (*mpo_socket_check_stat_t)(struct ucred *cred,
385 struct socket *so, struct label *solabel);
386typedef int (*mpo_socket_check_visible_t)(struct ucred *cred,
387 struct socket *so, struct label *solabel);
388typedef void (*mpo_socket_copy_label_t)(struct label *src,
389 struct label *dest);
390typedef void (*mpo_socket_create_t)(struct ucred *cred, struct socket *so,
391 struct label *solabel);
392typedef void (*mpo_socket_create_mbuf_t)(struct socket *so,
393 struct label *solabel, struct mbuf *m,
394 struct label *mlabel);
395typedef void (*mpo_socket_destroy_label_t)(struct label *label);
396typedef int (*mpo_socket_externalize_label_t)(struct label *label,
397 char *element_name, struct sbuf *sb, int *claimed);
398typedef int (*mpo_socket_init_label_t)(struct label *label, int flag);
399typedef int (*mpo_socket_internalize_label_t)(struct label *label,
400 char *element_name, char *element_data, int *claimed);
401typedef void (*mpo_socket_newconn_t)(struct socket *oldso,
402 struct label *oldsolabel, struct socket *newso,
403 struct label *newsolabel);
404typedef void (*mpo_socket_relabel_t)(struct ucred *cred, struct socket *so,
405 struct label *oldlabel, struct label *newlabel);
406
407typedef void (*mpo_socketpeer_destroy_label_t)(struct label *label);
408typedef int (*mpo_socketpeer_externalize_label_t)(struct label *label,
409 char *element_name, struct sbuf *sb, int *claimed);
410typedef int (*mpo_socketpeer_init_label_t)(struct label *label,
411 int flag);
412typedef void (*mpo_socketpeer_set_from_mbuf_t)(struct mbuf *m,
413 struct label *mlabel, struct socket *so,
414 struct label *sopeerlabel);
415typedef void (*mpo_socketpeer_set_from_socket_t)(struct socket *oldso,
416 struct label *oldsolabel, struct socket *newso,
417 struct label *newsopeerlabel);
418
419typedef void (*mpo_syncache_create_t)(struct label *label,
420 struct inpcb *inp);
421typedef void (*mpo_syncache_create_mbuf_t)(struct label *sc_label,
422 struct mbuf *m, struct label *mlabel);
423typedef void (*mpo_syncache_destroy_label_t)(struct label *label);
424typedef int (*mpo_syncache_init_label_t)(struct label *label, int flag);
425
426typedef int (*mpo_system_check_acct_t)(struct ucred *cred,
427 struct vnode *vp, struct label *vplabel);
428typedef int (*mpo_system_check_audit_t)(struct ucred *cred, void *record,
429 int length);
430typedef int (*mpo_system_check_auditctl_t)(struct ucred *cred,
431 struct vnode *vp, struct label *vplabel);
432typedef int (*mpo_system_check_auditon_t)(struct ucred *cred, int cmd);
433typedef int (*mpo_system_check_reboot_t)(struct ucred *cred, int howto);
434typedef int (*mpo_system_check_swapon_t)(struct ucred *cred,
435 struct vnode *vp, struct label *vplabel);
436typedef int (*mpo_system_check_swapoff_t)(struct ucred *cred,
437 struct vnode *vp, struct label *vplabel);
438typedef int (*mpo_system_check_sysctl_t)(struct ucred *cred,
439 struct sysctl_oid *oidp, void *arg1, int arg2,
440 struct sysctl_req *req);
441
442typedef void (*mpo_sysvmsg_cleanup_t)(struct label *msglabel);
443typedef void (*mpo_sysvmsg_create_t)(struct ucred *cred,
444 struct msqid_kernel *msqkptr, struct label *msqlabel,
445 struct msg *msgptr, struct label *msglabel);
446typedef void (*mpo_sysvmsg_destroy_label_t)(struct label *label);
447typedef void (*mpo_sysvmsg_init_label_t)(struct label *label);
448
449typedef int (*mpo_sysvmsq_check_msgmsq_t)(struct ucred *cred,
450 struct msg *msgptr, struct label *msglabel,
451 struct msqid_kernel *msqkptr, struct label *msqklabel);
452typedef int (*mpo_sysvmsq_check_msgrcv_t)(struct ucred *cred,
453 struct msg *msgptr, struct label *msglabel);
454typedef int (*mpo_sysvmsq_check_msgrmid_t)(struct ucred *cred,
455 struct msg *msgptr, struct label *msglabel);
456typedef int (*mpo_sysvmsq_check_msqget_t)(struct ucred *cred,
457 struct msqid_kernel *msqkptr, struct label *msqklabel);
458typedef int (*mpo_sysvmsq_check_msqctl_t)(struct ucred *cred,
459 struct msqid_kernel *msqkptr, struct label *msqklabel,
460 int cmd);
461typedef int (*mpo_sysvmsq_check_msqrcv_t)(struct ucred *cred,
462 struct msqid_kernel *msqkptr, struct label *msqklabel);
463typedef int (*mpo_sysvmsq_check_msqsnd_t)(struct ucred *cred,
464 struct msqid_kernel *msqkptr, struct label *msqklabel);
465typedef void (*mpo_sysvmsq_cleanup_t)(struct label *msqlabel);
466typedef void (*mpo_sysvmsq_create_t)(struct ucred *cred,
467 struct msqid_kernel *msqkptr, struct label *msqlabel);
468typedef void (*mpo_sysvmsq_destroy_label_t)(struct label *label);
469typedef void (*mpo_sysvmsq_init_label_t)(struct label *label);
470
471typedef int (*mpo_sysvsem_check_semctl_t)(struct ucred *cred,
472 struct semid_kernel *semakptr, struct label *semaklabel,
473 int cmd);
474typedef int (*mpo_sysvsem_check_semget_t)(struct ucred *cred,
475 struct semid_kernel *semakptr, struct label *semaklabel);
476typedef int (*mpo_sysvsem_check_semop_t)(struct ucred *cred,
477 struct semid_kernel *semakptr, struct label *semaklabel,
478 size_t accesstype);
479typedef void (*mpo_sysvsem_cleanup_t)(struct label *semalabel);
480typedef void (*mpo_sysvsem_create_t)(struct ucred *cred,
481 struct semid_kernel *semakptr, struct label *semalabel);
482typedef void (*mpo_sysvsem_destroy_label_t)(struct label *label);
483typedef void (*mpo_sysvsem_init_label_t)(struct label *label);
484
485typedef int (*mpo_sysvshm_check_shmat_t)(struct ucred *cred,
486 struct shmid_kernel *shmsegptr,
487 struct label *shmseglabel, int shmflg);
488typedef int (*mpo_sysvshm_check_shmctl_t)(struct ucred *cred,
489 struct shmid_kernel *shmsegptr,
490 struct label *shmseglabel, int cmd);
491typedef int (*mpo_sysvshm_check_shmdt_t)(struct ucred *cred,
492 struct shmid_kernel *shmsegptr,
493 struct label *shmseglabel);
494typedef int (*mpo_sysvshm_check_shmget_t)(struct ucred *cred,
495 struct shmid_kernel *shmsegptr,
496 struct label *shmseglabel, int shmflg);
497typedef void (*mpo_sysvshm_cleanup_t)(struct label *shmlabel);
498typedef void (*mpo_sysvshm_create_t)(struct ucred *cred,
499 struct shmid_kernel *shmsegptr, struct label *shmlabel);
500typedef void (*mpo_sysvshm_destroy_label_t)(struct label *label);
501typedef void (*mpo_sysvshm_init_label_t)(struct label *label);
502
503typedef void (*mpo_thread_userret_t)(struct thread *thread);
504
505typedef int (*mpo_vnode_associate_extattr_t)(struct mount *mp,
506 struct label *mplabel, struct vnode *vp,
507 struct label *vplabel);
508typedef void (*mpo_vnode_associate_singlelabel_t)(struct mount *mp,
509 struct label *mplabel, struct vnode *vp,
510 struct label *vplabel);
511typedef int (*mpo_vnode_check_access_t)(struct ucred *cred,
512 struct vnode *vp, struct label *vplabel, int acc_mode);
513typedef int (*mpo_vnode_check_chdir_t)(struct ucred *cred,
514 struct vnode *dvp, struct label *dvplabel);
515typedef int (*mpo_vnode_check_chroot_t)(struct ucred *cred,
516 struct vnode *dvp, struct label *dvplabel);
517typedef int (*mpo_vnode_check_create_t)(struct ucred *cred,
518 struct vnode *dvp, struct label *dvplabel,
519 struct componentname *cnp, struct vattr *vap);
520typedef int (*mpo_vnode_check_deleteacl_t)(struct ucred *cred,
521 struct vnode *vp, struct label *vplabel,
522 acl_type_t type);
523typedef int (*mpo_vnode_check_deleteextattr_t)(struct ucred *cred,
524 struct vnode *vp, struct label *vplabel,
525 int attrnamespace, const char *name);
526typedef int (*mpo_vnode_check_exec_t)(struct ucred *cred,
527 struct vnode *vp, struct label *vplabel,
528 struct image_params *imgp, struct label *execlabel);
529typedef int (*mpo_vnode_check_getacl_t)(struct ucred *cred,
530 struct vnode *vp, struct label *vplabel,
531 acl_type_t type);
532typedef int (*mpo_vnode_check_getextattr_t)(struct ucred *cred,
533 struct vnode *vp, struct label *vplabel,
534 int attrnamespace, const char *name, struct uio *uio);
535typedef int (*mpo_vnode_check_link_t)(struct ucred *cred,
536 struct vnode *dvp, struct label *dvplabel,
537 struct vnode *vp, struct label *vplabel,
538 struct componentname *cnp);
539typedef int (*mpo_vnode_check_listextattr_t)(struct ucred *cred,
540 struct vnode *vp, struct label *vplabel,
541 int attrnamespace);
542typedef int (*mpo_vnode_check_lookup_t)(struct ucred *cred,
543 struct vnode *dvp, struct label *dvplabel,
544 struct componentname *cnp);
545typedef int (*mpo_vnode_check_mmap_t)(struct ucred *cred,
546 struct vnode *vp, struct label *label, int prot,
547 int flags);
548typedef void (*mpo_vnode_check_mmap_downgrade_t)(struct ucred *cred,
549 struct vnode *vp, struct label *vplabel, int *prot);
550typedef int (*mpo_vnode_check_mprotect_t)(struct ucred *cred,
551 struct vnode *vp, struct label *vplabel, int prot);
552typedef int (*mpo_vnode_check_open_t)(struct ucred *cred,
553 struct vnode *vp, struct label *vplabel, int acc_mode);
554typedef int (*mpo_vnode_check_poll_t)(struct ucred *active_cred,
555 struct ucred *file_cred, struct vnode *vp,
556 struct label *vplabel);
557typedef int (*mpo_vnode_check_read_t)(struct ucred *active_cred,
558 struct ucred *file_cred, struct vnode *vp,
559 struct label *vplabel);
560typedef int (*mpo_vnode_check_readdir_t)(struct ucred *cred,
561 struct vnode *dvp, struct label *dvplabel);
562typedef int (*mpo_vnode_check_readlink_t)(struct ucred *cred,
563 struct vnode *vp, struct label *vplabel);
564typedef int (*mpo_vnode_check_relabel_t)(struct ucred *cred,
565 struct vnode *vp, struct label *vplabel,
566 struct label *newlabel);
567typedef int (*mpo_vnode_check_rename_from_t)(struct ucred *cred,
568 struct vnode *dvp, struct label *dvplabel,
569 struct vnode *vp, struct label *vplabel,
570 struct componentname *cnp);
571typedef int (*mpo_vnode_check_rename_to_t)(struct ucred *cred,
572 struct vnode *dvp, struct label *dvplabel,
573 struct vnode *vp, struct label *vplabel, int samedir,
574 struct componentname *cnp);
575typedef int (*mpo_vnode_check_revoke_t)(struct ucred *cred,
576 struct vnode *vp, struct label *vplabel);
577typedef int (*mpo_vnode_check_setacl_t)(struct ucred *cred,
578 struct vnode *vp, struct label *vplabel, acl_type_t type,
579 struct acl *acl);
580typedef int (*mpo_vnode_check_setextattr_t)(struct ucred *cred,
581 struct vnode *vp, struct label *vplabel,
582 int attrnamespace, const char *name, struct uio *uio);
583typedef int (*mpo_vnode_check_setflags_t)(struct ucred *cred,
584 struct vnode *vp, struct label *vplabel, u_long flags);
585typedef int (*mpo_vnode_check_setmode_t)(struct ucred *cred,
586 struct vnode *vp, struct label *vplabel, mode_t mode);
587typedef int (*mpo_vnode_check_setowner_t)(struct ucred *cred,
588 struct vnode *vp, struct label *vplabel, uid_t uid,
589 gid_t gid);
590typedef int (*mpo_vnode_check_setutimes_t)(struct ucred *cred,
591 struct vnode *vp, struct label *vplabel,
592 struct timespec atime, struct timespec mtime);
593typedef int (*mpo_vnode_check_stat_t)(struct ucred *active_cred,
594 struct ucred *file_cred, struct vnode *vp,
595 struct label *vplabel);
596typedef int (*mpo_vnode_check_unlink_t)(struct ucred *cred,
597 struct vnode *dvp, struct label *dvplabel,
598 struct vnode *vp, struct label *vplabel,
599 struct componentname *cnp);
600typedef int (*mpo_vnode_check_write_t)(struct ucred *active_cred,
601 struct ucred *file_cred, struct vnode *vp,
602 struct label *vplabel);
603typedef void (*mpo_vnode_copy_label_t)(struct label *src,
604 struct label *dest);
605typedef int (*mpo_vnode_create_extattr_t)(struct ucred *cred,
606 struct mount *mp, struct label *mplabel,
607 struct vnode *dvp, struct label *dvplabel,
608 struct vnode *vp, struct label *vplabel,
609 struct componentname *cnp);
610typedef void (*mpo_vnode_destroy_label_t)(struct label *label);
611typedef void (*mpo_vnode_execve_transition_t)(struct ucred *old,
612 struct ucred *new, struct vnode *vp,
613 struct label *vplabel, struct label *interpvplabel,
614 struct image_params *imgp, struct label *execlabel);
615typedef int (*mpo_vnode_execve_will_transition_t)(struct ucred *old,
616 struct vnode *vp, struct label *vplabel,
617 struct label *interpvplabel, struct image_params *imgp,
618 struct label *execlabel);
619typedef int (*mpo_vnode_externalize_label_t)(struct label *label,
620 char *element_name, struct sbuf *sb, int *claimed);
621typedef void (*mpo_vnode_init_label_t)(struct label *label);
622typedef int (*mpo_vnode_internalize_label_t)(struct label *label,
623 char *element_name, char *element_data, int *claimed);
624typedef void (*mpo_vnode_relabel_t)(struct ucred *cred, struct vnode *vp,
625 struct label *vplabel, struct label *label);
626typedef int (*mpo_vnode_setlabel_extattr_t)(struct ucred *cred,
627 struct vnode *vp, struct label *vplabel,
628 struct label *intlabel);
629
630struct mac_policy_ops {
631 /*
632 * Policy module operations.
633 */
634 mpo_destroy_t mpo_destroy;
635 mpo_init_t mpo_init;
636
637 /*
638 * General policy-directed security system call so that policies may
639 * implement new services without reserving explicit system call
640 * numbers.
641 */
642 mpo_syscall_t mpo_syscall;
643
644 /*
645 * Label operations. Initialize label storage, destroy label
646 * storage, recycle for re-use without init/destroy, copy a label to
647 * initialized storage, and externalize/internalize from/to
648 * initialized storage.
649 */
650 mpo_bpfdesc_check_receive_t mpo_bpfdesc_check_receive;
651 mpo_bpfdesc_create_t mpo_bpfdesc_create;
652 mpo_bpfdesc_create_mbuf_t mpo_bpfdesc_create_mbuf;
653 mpo_bpfdesc_destroy_label_t mpo_bpfdesc_destroy_label;
654 mpo_bpfdesc_init_label_t mpo_bpfdesc_init_label;
655
656 mpo_cred_check_relabel_t mpo_cred_check_relabel;
657 mpo_cred_check_visible_t mpo_cred_check_visible;
658 mpo_cred_copy_label_t mpo_cred_copy_label;
659 mpo_cred_destroy_label_t mpo_cred_destroy_label;
660 mpo_cred_externalize_label_t mpo_cred_externalize_label;
661 mpo_cred_init_label_t mpo_cred_init_label;
662 mpo_cred_internalize_label_t mpo_cred_internalize_label;
663 mpo_cred_relabel_t mpo_cred_relabel;
664
665 mpo_devfs_create_device_t mpo_devfs_create_device;
666 mpo_devfs_create_directory_t mpo_devfs_create_directory;
667 mpo_devfs_create_symlink_t mpo_devfs_create_symlink;
668 mpo_devfs_destroy_label_t mpo_devfs_destroy_label;
669 mpo_devfs_init_label_t mpo_devfs_init_label;
670 mpo_devfs_update_t mpo_devfs_update;
671 mpo_devfs_vnode_associate_t mpo_devfs_vnode_associate;
672
673 mpo_ifnet_check_relabel_t mpo_ifnet_check_relabel;
674 mpo_ifnet_check_transmit_t mpo_ifnet_check_transmit;
675 mpo_ifnet_copy_label_t mpo_ifnet_copy_label;
676 mpo_ifnet_create_t mpo_ifnet_create;
677 mpo_ifnet_create_mbuf_t mpo_ifnet_create_mbuf;
678 mpo_ifnet_destroy_label_t mpo_ifnet_destroy_label;
679 mpo_ifnet_externalize_label_t mpo_ifnet_externalize_label;
680 mpo_ifnet_init_label_t mpo_ifnet_init_label;
681 mpo_ifnet_internalize_label_t mpo_ifnet_internalize_label;
682 mpo_ifnet_relabel_t mpo_ifnet_relabel;
683
684 mpo_inpcb_check_deliver_t mpo_inpcb_check_deliver;
685 mpo_inpcb_create_t mpo_inpcb_create;
686 mpo_inpcb_create_mbuf_t mpo_inpcb_create_mbuf;
687 mpo_inpcb_destroy_label_t mpo_inpcb_destroy_label;
688 mpo_inpcb_init_label_t mpo_inpcb_init_label;
689 mpo_inpcb_sosetlabel_t mpo_inpcb_sosetlabel;
690
691 mpo_ipq_create_t mpo_ipq_create;
692 mpo_ipq_destroy_label_t mpo_ipq_destroy_label;
693 mpo_ipq_init_label_t mpo_ipq_init_label;
694 mpo_ipq_match_t mpo_ipq_match;
695 mpo_ipq_reassemble mpo_ipq_reassemble;
696 mpo_ipq_update_t mpo_ipq_update;
697
698 mpo_kenv_check_dump_t mpo_kenv_check_dump;
699 mpo_kenv_check_get_t mpo_kenv_check_get;
700 mpo_kenv_check_set_t mpo_kenv_check_set;
701 mpo_kenv_check_unset_t mpo_kenv_check_unset;
702
703 mpo_kld_check_load_t mpo_kld_check_load;
704 mpo_kld_check_stat_t mpo_kld_check_stat;
705
706 mpo_mbuf_copy_label_t mpo_mbuf_copy_label;
707 mpo_mbuf_destroy_label_t mpo_mbuf_destroy_label;
708 mpo_mbuf_init_label_t mpo_mbuf_init_label;
709
710 mpo_mount_check_stat_t mpo_mount_check_stat;
711 mpo_mount_create_t mpo_mount_create;
712 mpo_mount_destroy_label_t mpo_mount_destroy_label;
713 mpo_mount_init_label_t mpo_mount_init_label;
714
715 mpo_netatalk_aarp_send_t mpo_netatalk_aarp_send;
716
717 mpo_netinet_arp_send_t mpo_netinet_arp_send;
718 mpo_netinet_firewall_reply_t mpo_netinet_firewall_reply;
719 mpo_netinet_firewall_send_t mpo_netinet_firewall_send;
720 mpo_netinet_fragment_t mpo_netinet_fragment;
721 mpo_netinet_icmp_reply_t mpo_netinet_icmp_reply;
722 mpo_netinet_icmp_replyinplace_t mpo_netinet_icmp_replyinplace;
723 mpo_netinet_igmp_send_t mpo_netinet_igmp_send;
724 mpo_netinet_tcp_reply_t mpo_netinet_tcp_reply;
725
726 mpo_netinet6_nd6_send_t mpo_netinet6_nd6_send;
727
728 mpo_pipe_check_ioctl_t mpo_pipe_check_ioctl;
729 mpo_pipe_check_poll_t mpo_pipe_check_poll;
730 mpo_pipe_check_read_t mpo_pipe_check_read;
731 mpo_pipe_check_relabel_t mpo_pipe_check_relabel;
732 mpo_pipe_check_stat_t mpo_pipe_check_stat;
733 mpo_pipe_check_write_t mpo_pipe_check_write;
734 mpo_pipe_copy_label_t mpo_pipe_copy_label;
735 mpo_pipe_create_t mpo_pipe_create;
736 mpo_pipe_destroy_label_t mpo_pipe_destroy_label;
737 mpo_pipe_externalize_label_t mpo_pipe_externalize_label;
738 mpo_pipe_init_label_t mpo_pipe_init_label;
739 mpo_pipe_internalize_label_t mpo_pipe_internalize_label;
740 mpo_pipe_relabel_t mpo_pipe_relabel;
741
742 mpo_posixsem_check_getvalue_t mpo_posixsem_check_getvalue;
743 mpo_posixsem_check_open_t mpo_posixsem_check_open;
744 mpo_posixsem_check_post_t mpo_posixsem_check_post;
745 mpo_posixsem_check_unlink_t mpo_posixsem_check_unlink;
746 mpo_posixsem_check_wait_t mpo_posixsem_check_wait;
747 mpo_posixsem_create_t mpo_posixsem_create;
748 mpo_posixsem_destroy_label_t mpo_posixsem_destroy_label;
749 mpo_posixsem_init_label_t mpo_posixsem_init_label;
750
751 mpo_posixshm_check_mmap_t mpo_posixshm_check_mmap;
752 mpo_posixshm_check_open_t mpo_posixshm_check_open;
753 mpo_posixshm_check_stat_t mpo_posixshm_check_stat;
754 mpo_posixshm_check_truncate_t mpo_posixshm_check_truncate;
755 mpo_posixshm_check_unlink_t mpo_posixshm_check_unlink;
756 mpo_posixshm_create_t mpo_posixshm_create;
757 mpo_posixshm_destroy_label_t mpo_posixshm_destroy_label;
758 mpo_posixshm_init_label_t mpo_posixshm_init_label;
759
760 mpo_priv_check_t mpo_priv_check;
761 mpo_priv_grant_t mpo_priv_grant;
762
763 mpo_proc_associate_nfsd_t mpo_proc_associate_nfsd;
764 mpo_proc_check_debug_t mpo_proc_check_debug;
765 mpo_proc_check_sched_t mpo_proc_check_sched;
766 mpo_proc_check_setaudit_t mpo_proc_check_setaudit;
767 mpo_proc_check_setaudit_addr_t mpo_proc_check_setaudit_addr;
768 mpo_proc_check_setauid_t mpo_proc_check_setauid;
769 mpo_proc_check_setuid_t mpo_proc_check_setuid;
770 mpo_proc_check_seteuid_t mpo_proc_check_seteuid;
771 mpo_proc_check_setgid_t mpo_proc_check_setgid;
772 mpo_proc_check_setegid_t mpo_proc_check_setegid;
773 mpo_proc_check_setgroups_t mpo_proc_check_setgroups;
774 mpo_proc_check_setreuid_t mpo_proc_check_setreuid;
775 mpo_proc_check_setregid_t mpo_proc_check_setregid;
776 mpo_proc_check_setresuid_t mpo_proc_check_setresuid;
777 mpo_proc_check_setresgid_t mpo_proc_check_setresgid;
778 mpo_proc_check_signal_t mpo_proc_check_signal;
779 mpo_proc_check_wait_t mpo_proc_check_wait;
780 mpo_proc_create_swapper_t mpo_proc_create_swapper;
781 mpo_proc_create_init_t mpo_proc_create_init;
782 mpo_proc_destroy_label_t mpo_proc_destroy_label;
783 mpo_proc_init_label_t mpo_proc_init_label;
784
785 mpo_socket_check_accept_t mpo_socket_check_accept;
786 mpo_socket_check_bind_t mpo_socket_check_bind;
787 mpo_socket_check_connect_t mpo_socket_check_connect;
788 mpo_socket_check_create_t mpo_socket_check_create;
789 mpo_socket_check_deliver_t mpo_socket_check_deliver;
790 mpo_socket_check_listen_t mpo_socket_check_listen;
791 mpo_socket_check_poll_t mpo_socket_check_poll;
792 mpo_socket_check_receive_t mpo_socket_check_receive;
793 mpo_socket_check_relabel_t mpo_socket_check_relabel;
794 mpo_socket_check_send_t mpo_socket_check_send;
795 mpo_socket_check_stat_t mpo_socket_check_stat;
796 mpo_socket_check_visible_t mpo_socket_check_visible;
797 mpo_socket_copy_label_t mpo_socket_copy_label;
798 mpo_socket_create_t mpo_socket_create;
799 mpo_socket_create_mbuf_t mpo_socket_create_mbuf;
800 mpo_socket_destroy_label_t mpo_socket_destroy_label;
801 mpo_socket_externalize_label_t mpo_socket_externalize_label;
802 mpo_socket_init_label_t mpo_socket_init_label;
803 mpo_socket_internalize_label_t mpo_socket_internalize_label;
804 mpo_socket_newconn_t mpo_socket_newconn;
805 mpo_socket_relabel_t mpo_socket_relabel;
806
807 mpo_socketpeer_destroy_label_t mpo_socketpeer_destroy_label;
808 mpo_socketpeer_externalize_label_t mpo_socketpeer_externalize_label;
809 mpo_socketpeer_init_label_t mpo_socketpeer_init_label;
810 mpo_socketpeer_set_from_mbuf_t mpo_socketpeer_set_from_mbuf;
811 mpo_socketpeer_set_from_socket_t mpo_socketpeer_set_from_socket;
812
813 mpo_syncache_init_label_t mpo_syncache_init_label;
814 mpo_syncache_destroy_label_t mpo_syncache_destroy_label;
815 mpo_syncache_create_t mpo_syncache_create;
816 mpo_syncache_create_mbuf_t mpo_syncache_create_mbuf;
817
818 mpo_system_check_acct_t mpo_system_check_acct;
819 mpo_system_check_audit_t mpo_system_check_audit;
820 mpo_system_check_auditctl_t mpo_system_check_auditctl;
821 mpo_system_check_auditon_t mpo_system_check_auditon;
822 mpo_system_check_reboot_t mpo_system_check_reboot;
823 mpo_system_check_swapon_t mpo_system_check_swapon;
824 mpo_system_check_swapoff_t mpo_system_check_swapoff;
825 mpo_system_check_sysctl_t mpo_system_check_sysctl;
826
827 mpo_sysvmsg_cleanup_t mpo_sysvmsg_cleanup;
828 mpo_sysvmsg_create_t mpo_sysvmsg_create;
829 mpo_sysvmsg_destroy_label_t mpo_sysvmsg_destroy_label;
830 mpo_sysvmsg_init_label_t mpo_sysvmsg_init_label;
831
832 mpo_sysvmsq_check_msgmsq_t mpo_sysvmsq_check_msgmsq;
833 mpo_sysvmsq_check_msgrcv_t mpo_sysvmsq_check_msgrcv;
834 mpo_sysvmsq_check_msgrmid_t mpo_sysvmsq_check_msgrmid;
835 mpo_sysvmsq_check_msqctl_t mpo_sysvmsq_check_msqctl;
836 mpo_sysvmsq_check_msqget_t mpo_sysvmsq_check_msqget;
837 mpo_sysvmsq_check_msqrcv_t mpo_sysvmsq_check_msqrcv;
838 mpo_sysvmsq_check_msqsnd_t mpo_sysvmsq_check_msqsnd;
839 mpo_sysvmsq_cleanup_t mpo_sysvmsq_cleanup;
840 mpo_sysvmsq_create_t mpo_sysvmsq_create;
841 mpo_sysvmsq_destroy_label_t mpo_sysvmsq_destroy_label;
842 mpo_sysvmsq_init_label_t mpo_sysvmsq_init_label;
843
844 mpo_sysvsem_check_semctl_t mpo_sysvsem_check_semctl;
845 mpo_sysvsem_check_semget_t mpo_sysvsem_check_semget;
846 mpo_sysvsem_check_semop_t mpo_sysvsem_check_semop;
847 mpo_sysvsem_cleanup_t mpo_sysvsem_cleanup;
848 mpo_sysvsem_create_t mpo_sysvsem_create;
849 mpo_sysvsem_destroy_label_t mpo_sysvsem_destroy_label;
850 mpo_sysvsem_init_label_t mpo_sysvsem_init_label;
851
852 mpo_sysvshm_check_shmat_t mpo_sysvshm_check_shmat;
853 mpo_sysvshm_check_shmctl_t mpo_sysvshm_check_shmctl;
854 mpo_sysvshm_check_shmdt_t mpo_sysvshm_check_shmdt;
855 mpo_sysvshm_check_shmget_t mpo_sysvshm_check_shmget;
856 mpo_sysvshm_cleanup_t mpo_sysvshm_cleanup;
857 mpo_sysvshm_create_t mpo_sysvshm_create;
858 mpo_sysvshm_destroy_label_t mpo_sysvshm_destroy_label;
859 mpo_sysvshm_init_label_t mpo_sysvshm_init_label;
860
861 mpo_thread_userret_t mpo_thread_userret;
862
863 mpo_vnode_check_access_t mpo_vnode_check_access;
864 mpo_vnode_check_chdir_t mpo_vnode_check_chdir;
865 mpo_vnode_check_chroot_t mpo_vnode_check_chroot;
866 mpo_vnode_check_create_t mpo_vnode_check_create;
867 mpo_vnode_check_deleteacl_t mpo_vnode_check_deleteacl;
868 mpo_vnode_check_deleteextattr_t mpo_vnode_check_deleteextattr;
869 mpo_vnode_check_exec_t mpo_vnode_check_exec;
870 mpo_vnode_check_getacl_t mpo_vnode_check_getacl;
871 mpo_vnode_check_getextattr_t mpo_vnode_check_getextattr;
872 mpo_vnode_check_link_t mpo_vnode_check_link;
873 mpo_vnode_check_listextattr_t mpo_vnode_check_listextattr;
874 mpo_vnode_check_lookup_t mpo_vnode_check_lookup;
875 mpo_vnode_check_mmap_t mpo_vnode_check_mmap;
876 mpo_vnode_check_mmap_downgrade_t mpo_vnode_check_mmap_downgrade;
877 mpo_vnode_check_mprotect_t mpo_vnode_check_mprotect;
878 mpo_vnode_check_open_t mpo_vnode_check_open;
879 mpo_vnode_check_poll_t mpo_vnode_check_poll;
880 mpo_vnode_check_read_t mpo_vnode_check_read;
881 mpo_vnode_check_readdir_t mpo_vnode_check_readdir;
882 mpo_vnode_check_readlink_t mpo_vnode_check_readlink;
883 mpo_vnode_check_relabel_t mpo_vnode_check_relabel;
884 mpo_vnode_check_rename_from_t mpo_vnode_check_rename_from;
885 mpo_vnode_check_rename_to_t mpo_vnode_check_rename_to;
886 mpo_vnode_check_revoke_t mpo_vnode_check_revoke;
887 mpo_vnode_check_setacl_t mpo_vnode_check_setacl;
888 mpo_vnode_check_setextattr_t mpo_vnode_check_setextattr;
889 mpo_vnode_check_setflags_t mpo_vnode_check_setflags;
890 mpo_vnode_check_setmode_t mpo_vnode_check_setmode;
891 mpo_vnode_check_setowner_t mpo_vnode_check_setowner;
892 mpo_vnode_check_setutimes_t mpo_vnode_check_setutimes;
893 mpo_vnode_check_stat_t mpo_vnode_check_stat;
894 mpo_vnode_check_unlink_t mpo_vnode_check_unlink;
895 mpo_vnode_check_write_t mpo_vnode_check_write;
896 mpo_vnode_associate_extattr_t mpo_vnode_associate_extattr;
897 mpo_vnode_associate_singlelabel_t mpo_vnode_associate_singlelabel;
898 mpo_vnode_destroy_label_t mpo_vnode_destroy_label;
899 mpo_vnode_copy_label_t mpo_vnode_copy_label;
900 mpo_vnode_create_extattr_t mpo_vnode_create_extattr;
901 mpo_vnode_execve_transition_t mpo_vnode_execve_transition;
902 mpo_vnode_execve_will_transition_t mpo_vnode_execve_will_transition;
903 mpo_vnode_externalize_label_t mpo_vnode_externalize_label;
904 mpo_vnode_init_label_t mpo_vnode_init_label;
905 mpo_vnode_internalize_label_t mpo_vnode_internalize_label;
906 mpo_vnode_relabel_t mpo_vnode_relabel;
907 mpo_vnode_setlabel_extattr_t mpo_vnode_setlabel_extattr;
908};
909
910/*
911 * struct mac_policy_conf is the registration structure for policies, and is
912 * provided to the MAC Framework using MAC_POLICY_SET() to invoke a SYSINIT
913 * to register the policy. In general, the fields are immutable, with the
914 * exception of the "security field", run-time flags, and policy list entry,
915 * which are managed by the MAC Framework. Be careful when modifying this
916 * structure, as its layout is statically compiled into all policies.
917 */
918struct mac_policy_conf {
919 char *mpc_name; /* policy name */
920 char *mpc_fullname; /* policy full name */
921 struct mac_policy_ops *mpc_ops; /* policy operations */
922 int mpc_loadtime_flags; /* flags */
923 int *mpc_field_off; /* security field */
924 int mpc_runtime_flags; /* flags */
925 LIST_ENTRY(mac_policy_conf) mpc_list; /* global list */
926};
927
928/* Flags for the mpc_loadtime_flags field. */
929#define MPC_LOADTIME_FLAG_NOTLATE 0x00000001
930#define MPC_LOADTIME_FLAG_UNLOADOK 0x00000002
931#define MPC_LOADTIME_FLAG_LABELMBUFS 0x00000004
932
933/* Flags for the mpc_runtime_flags field. */
934#define MPC_RUNTIME_FLAG_REGISTERED 0x00000001
935
936/*-
937 * The TrustedBSD MAC Framework has a major version number, MAC_VERSION,
938 * which defines the ABI of the Framework present in the kernel (and depended
939 * on by policy modules compiled against that kernel). Currently,
940 * MAC_POLICY_SET() requires that the kernel and module ABI version numbers
941 * exactly match. The following major versions have been defined to date:
942 *
943 * MAC version FreeBSD versions
944 * 1 5.x
945 * 2 6.x
946 * 3 7.x
947 * 4 8.x
948 */
949#define MAC_VERSION 4
950
951#define MAC_POLICY_SET(mpops, mpname, mpfullname, mpflags, privdata_wanted) \
952 static struct mac_policy_conf mpname##_mac_policy_conf = { \
953 #mpname, \
954 mpfullname, \
955 mpops, \
956 mpflags, \
957 privdata_wanted, \
958 0, \
959 }; \
960 static moduledata_t mpname##_mod = { \
961 #mpname, \
962 mac_policy_modevent, \
963 &mpname##_mac_policy_conf \
964 }; \
965 MODULE_DEPEND(mpname, kernel_mac_support, MAC_VERSION, \
966 MAC_VERSION, MAC_VERSION); \
967 DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY, \
968 SI_ORDER_MIDDLE)
969
970int mac_policy_modevent(module_t mod, int type, void *data);
971
972/*
973 * Policy interface to map a struct label pointer to per-policy data.
974 * Typically, policies wrap this in their own accessor macro that casts a
975 * uintptr_t to a policy-specific data type.
976 */
977intptr_t mac_label_get(struct label *l, int slot);
978void mac_label_set(struct label *l, int slot, intptr_t v);
979
980#endif /* !_SECURITY_MAC_MAC_POLICY_H_ */