| mac_lomac.c (172970) | mac_lomac.c (173018) |
|---|---|
| 1/*- 2 * Copyright (c) 1999-2002, 2007 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * | 1/*- 2 * Copyright (c) 1999-2002, 2007 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * |
| 38 * $FreeBSD: head/sys/security/mac_lomac/mac_lomac.c 172970 2007-10-25 14:37:37Z rwatson $ | 38 * $FreeBSD: head/sys/security/mac_lomac/mac_lomac.c 173018 2007-10-26 13:18:38Z rwatson $ |
| 39 */ 40 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * Low-watermark floating label mandatory integrity policy. 45 */ 46 --- 1280 unchanged lines hidden (view full) --- 1327 1328 source = SLOT(inplabel); 1329 dest = SLOT(mlabel); 1330 1331 lomac_copy_single(source, dest); 1332} 1333 1334static void | 39 */ 40 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * Low-watermark floating label mandatory integrity policy. 45 */ 46 --- 1280 unchanged lines hidden (view full) --- 1327 1328 source = SLOT(inplabel); 1329 dest = SLOT(mlabel); 1330 1331 lomac_copy_single(source, dest); 1332} 1333 1334static void |
| 1335lomac_create_mbuf_linklayer(struct ifnet *ifp, struct label *ifplabel, | 1335lomac_mbuf_create_linklayer(struct ifnet *ifp, struct label *ifplabel, |
| 1336 struct mbuf *m, struct label *mlabel) 1337{ 1338 struct mac_lomac *dest; 1339 1340 dest = SLOT(mlabel); 1341 1342 lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0); 1343} --- 108 unchanged lines hidden (view full) --- 1452 struct mac_lomac *source, *dest; 1453 1454 source = SLOT(sc_label); 1455 dest = SLOT(mlabel); 1456 lomac_copy(source, dest); 1457} 1458 1459static void | 1336 struct mbuf *m, struct label *mlabel) 1337{ 1338 struct mac_lomac *dest; 1339 1340 dest = SLOT(mlabel); 1341 1342 lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0); 1343} --- 108 unchanged lines hidden (view full) --- 1452 struct mac_lomac *source, *dest; 1453 1454 source = SLOT(sc_label); 1455 dest = SLOT(mlabel); 1456 lomac_copy(source, dest); 1457} 1458 1459static void |
| 1460lomac_mbuf_create_from_firewall(struct mbuf *m, struct label *mlabel) | 1460lomac_netinet_firewall_send(struct mbuf *m, struct label *mlabel) |
| 1461{ 1462 struct mac_lomac *dest; 1463 1464 dest = SLOT(mlabel); 1465 1466 /* XXX: where is the label for the firewall really comming from? */ 1467 lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0); 1468} --- 1404 unchanged lines hidden (view full) --- 2873 .mpo_socketpeer_set_from_socket = lomac_socketpeer_set_from_socket, 2874 .mpo_bpfdesc_create = lomac_bpfdesc_create, 2875 .mpo_ipq_reassemble = lomac_ipq_reassemble, 2876 .mpo_netinet_fragment = lomac_netinet_fragment, 2877 .mpo_ifnet_create = lomac_ifnet_create, 2878 .mpo_inpcb_create = lomac_inpcb_create, 2879 .mpo_ipq_create = lomac_ipq_create, 2880 .mpo_inpcb_create_mbuf = lomac_inpcb_create_mbuf, | 1461{ 1462 struct mac_lomac *dest; 1463 1464 dest = SLOT(mlabel); 1465 1466 /* XXX: where is the label for the firewall really comming from? */ 1467 lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0); 1468} --- 1404 unchanged lines hidden (view full) --- 2873 .mpo_socketpeer_set_from_socket = lomac_socketpeer_set_from_socket, 2874 .mpo_bpfdesc_create = lomac_bpfdesc_create, 2875 .mpo_ipq_reassemble = lomac_ipq_reassemble, 2876 .mpo_netinet_fragment = lomac_netinet_fragment, 2877 .mpo_ifnet_create = lomac_ifnet_create, 2878 .mpo_inpcb_create = lomac_inpcb_create, 2879 .mpo_ipq_create = lomac_ipq_create, 2880 .mpo_inpcb_create_mbuf = lomac_inpcb_create_mbuf, |
| 2881 .mpo_create_mbuf_linklayer = lomac_create_mbuf_linklayer, | 2881 .mpo_mbuf_create_linklayer = lomac_mbuf_create_linklayer, |
| 2882 .mpo_bpfdesc_create_mbuf = lomac_bpfdesc_create_mbuf, 2883 .mpo_ifnet_create_mbuf = lomac_ifnet_create_mbuf, 2884 .mpo_mbuf_create_multicast_encap = lomac_mbuf_create_multicast_encap, 2885 .mpo_mbuf_create_netlayer = lomac_mbuf_create_netlayer, 2886 .mpo_ipq_match = lomac_ipq_match, 2887 .mpo_ifnet_relabel = lomac_ifnet_relabel, 2888 .mpo_ipq_update = lomac_ipq_update, 2889 .mpo_inpcb_sosetlabel = lomac_inpcb_sosetlabel, --- 41 unchanged lines hidden (view full) --- 2931 .mpo_vnode_check_setextattr = lomac_vnode_check_setextattr, 2932 .mpo_vnode_check_setflags = lomac_vnode_check_setflags, 2933 .mpo_vnode_check_setmode = lomac_vnode_check_setmode, 2934 .mpo_vnode_check_setowner = lomac_vnode_check_setowner, 2935 .mpo_vnode_check_setutimes = lomac_vnode_check_setutimes, 2936 .mpo_vnode_check_unlink = lomac_vnode_check_unlink, 2937 .mpo_vnode_check_write = lomac_vnode_check_write, 2938 .mpo_thread_userret = lomac_thread_userret, | 2882 .mpo_bpfdesc_create_mbuf = lomac_bpfdesc_create_mbuf, 2883 .mpo_ifnet_create_mbuf = lomac_ifnet_create_mbuf, 2884 .mpo_mbuf_create_multicast_encap = lomac_mbuf_create_multicast_encap, 2885 .mpo_mbuf_create_netlayer = lomac_mbuf_create_netlayer, 2886 .mpo_ipq_match = lomac_ipq_match, 2887 .mpo_ifnet_relabel = lomac_ifnet_relabel, 2888 .mpo_ipq_update = lomac_ipq_update, 2889 .mpo_inpcb_sosetlabel = lomac_inpcb_sosetlabel, --- 41 unchanged lines hidden (view full) --- 2931 .mpo_vnode_check_setextattr = lomac_vnode_check_setextattr, 2932 .mpo_vnode_check_setflags = lomac_vnode_check_setflags, 2933 .mpo_vnode_check_setmode = lomac_vnode_check_setmode, 2934 .mpo_vnode_check_setowner = lomac_vnode_check_setowner, 2935 .mpo_vnode_check_setutimes = lomac_vnode_check_setutimes, 2936 .mpo_vnode_check_unlink = lomac_vnode_check_unlink, 2937 .mpo_vnode_check_write = lomac_vnode_check_write, 2938 .mpo_thread_userret = lomac_thread_userret, |
| 2939 .mpo_mbuf_create_from_firewall = lomac_mbuf_create_from_firewall, | 2939 .mpo_netinet_firewall_send = lomac_netinet_firewall_send, |
| 2940 .mpo_priv_check = lomac_priv_check, 2941}; 2942 2943MAC_POLICY_SET(&lomac_ops, mac_lomac, "TrustedBSD MAC/LOMAC", 2944 MPC_LOADTIME_FLAG_NOTLATE | MPC_LOADTIME_FLAG_LABELMBUFS, 2945 &lomac_slot); | 2940 .mpo_priv_check = lomac_priv_check, 2941}; 2942 2943MAC_POLICY_SET(&lomac_ops, mac_lomac, "TrustedBSD MAC/LOMAC", 2944 MPC_LOADTIME_FLAG_NOTLATE | MPC_LOADTIME_FLAG_LABELMBUFS, 2945 &lomac_slot); |