| mac_mls.c (172970) | mac_mls.c (173018) |
|---|---|
| 1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * Copyright (c) 2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * | 1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * Copyright (c) 2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * |
| 38 * $FreeBSD: head/sys/security/mac_mls/mac_mls.c 172970 2007-10-25 14:37:37Z rwatson $ | 38 * $FreeBSD: head/sys/security/mac_mls/mac_mls.c 173018 2007-10-26 13:18:38Z rwatson $ |
| 39 */ 40 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * MLS fixed label mandatory confidentiality policy. 45 */ 46 --- 1138 unchanged lines hidden (view full) --- 1185 1186 source = SLOT(inplabel); 1187 dest = SLOT(mlabel); 1188 1189 mls_copy_effective(source, dest); 1190} 1191 1192static void | 39 */ 40 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * MLS fixed label mandatory confidentiality policy. 45 */ 46 --- 1138 unchanged lines hidden (view full) --- 1185 1186 source = SLOT(inplabel); 1187 dest = SLOT(mlabel); 1188 1189 mls_copy_effective(source, dest); 1190} 1191 1192static void |
| 1193mls_create_mbuf_linklayer(struct ifnet *ifp, struct label *ifplabel, | 1193mls_mbuf_create_linklayer(struct ifnet *ifp, struct label *ifplabel, |
| 1194 struct mbuf *m, struct label *mlabel) 1195{ 1196 struct mac_mls *dest; 1197 1198 dest = SLOT(mlabel); 1199 1200 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL); 1201} --- 87 unchanged lines hidden (view full) --- 1289 1290 source = SLOT(solabel); 1291 dest = SLOT(inplabel); 1292 1293 mls_copy(source, dest); 1294} 1295 1296static void | 1194 struct mbuf *m, struct label *mlabel) 1195{ 1196 struct mac_mls *dest; 1197 1198 dest = SLOT(mlabel); 1199 1200 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL); 1201} --- 87 unchanged lines hidden (view full) --- 1289 1290 source = SLOT(solabel); 1291 dest = SLOT(inplabel); 1292 1293 mls_copy(source, dest); 1294} 1295 1296static void |
| 1297mls_mbuf_create_from_firewall(struct mbuf *m, struct label *mlabel) | 1297mls_netinet_firewall_send(struct mbuf *m, struct label *mlabel) |
| 1298{ 1299 struct mac_mls *dest; 1300 1301 dest = SLOT(mlabel); 1302 1303 /* XXX: where is the label for the firewall really comming from? */ 1304 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL); 1305} --- 1636 unchanged lines hidden (view full) --- 2942 .mpo_inpcb_create = mls_inpcb_create, 2943 .mpo_syncache_create = mls_syncache_create, 2944 .mpo_ipq_create = mls_ipq_create, 2945 .mpo_sysvmsg_create = mls_sysvmsg_create, 2946 .mpo_sysvmsq_create = mls_sysvmsq_create, 2947 .mpo_sysvsem_create = mls_sysvsem_create, 2948 .mpo_sysvshm_create = mls_sysvshm_create, 2949 .mpo_inpcb_create_mbuf = mls_inpcb_create_mbuf, | 1298{ 1299 struct mac_mls *dest; 1300 1301 dest = SLOT(mlabel); 1302 1303 /* XXX: where is the label for the firewall really comming from? */ 1304 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL); 1305} --- 1636 unchanged lines hidden (view full) --- 2942 .mpo_inpcb_create = mls_inpcb_create, 2943 .mpo_syncache_create = mls_syncache_create, 2944 .mpo_ipq_create = mls_ipq_create, 2945 .mpo_sysvmsg_create = mls_sysvmsg_create, 2946 .mpo_sysvmsq_create = mls_sysvmsq_create, 2947 .mpo_sysvsem_create = mls_sysvsem_create, 2948 .mpo_sysvshm_create = mls_sysvshm_create, 2949 .mpo_inpcb_create_mbuf = mls_inpcb_create_mbuf, |
| 2950 .mpo_create_mbuf_linklayer = mls_create_mbuf_linklayer, | 2950 .mpo_mbuf_create_linklayer = mls_mbuf_create_linklayer, |
| 2951 .mpo_bpfdesc_create_mbuf = mls_bpfdesc_create_mbuf, 2952 .mpo_ifnet_create_mbuf = mls_ifnet_create_mbuf, 2953 .mpo_mbuf_create_multicast_encap = mls_mbuf_create_multicast_encap, 2954 .mpo_mbuf_create_netlayer = mls_mbuf_create_netlayer, 2955 .mpo_ipq_match = mls_ipq_match, 2956 .mpo_ifnet_relabel = mls_ifnet_relabel, 2957 .mpo_ipq_update = mls_ipq_update, 2958 .mpo_inpcb_sosetlabel = mls_inpcb_sosetlabel, --- 71 unchanged lines hidden (view full) --- 3030 .mpo_vnode_check_setextattr = mls_vnode_check_setextattr, 3031 .mpo_vnode_check_setflags = mls_vnode_check_setflags, 3032 .mpo_vnode_check_setmode = mls_vnode_check_setmode, 3033 .mpo_vnode_check_setowner = mls_vnode_check_setowner, 3034 .mpo_vnode_check_setutimes = mls_vnode_check_setutimes, 3035 .mpo_vnode_check_stat = mls_vnode_check_stat, 3036 .mpo_vnode_check_unlink = mls_vnode_check_unlink, 3037 .mpo_vnode_check_write = mls_vnode_check_write, | 2951 .mpo_bpfdesc_create_mbuf = mls_bpfdesc_create_mbuf, 2952 .mpo_ifnet_create_mbuf = mls_ifnet_create_mbuf, 2953 .mpo_mbuf_create_multicast_encap = mls_mbuf_create_multicast_encap, 2954 .mpo_mbuf_create_netlayer = mls_mbuf_create_netlayer, 2955 .mpo_ipq_match = mls_ipq_match, 2956 .mpo_ifnet_relabel = mls_ifnet_relabel, 2957 .mpo_ipq_update = mls_ipq_update, 2958 .mpo_inpcb_sosetlabel = mls_inpcb_sosetlabel, --- 71 unchanged lines hidden (view full) --- 3030 .mpo_vnode_check_setextattr = mls_vnode_check_setextattr, 3031 .mpo_vnode_check_setflags = mls_vnode_check_setflags, 3032 .mpo_vnode_check_setmode = mls_vnode_check_setmode, 3033 .mpo_vnode_check_setowner = mls_vnode_check_setowner, 3034 .mpo_vnode_check_setutimes = mls_vnode_check_setutimes, 3035 .mpo_vnode_check_stat = mls_vnode_check_stat, 3036 .mpo_vnode_check_unlink = mls_vnode_check_unlink, 3037 .mpo_vnode_check_write = mls_vnode_check_write, |
| 3038 .mpo_mbuf_create_from_firewall = mls_mbuf_create_from_firewall, | 3038 .mpo_netinet_firewall_send = mls_netinet_firewall_send, |
| 3039}; 3040 3041MAC_POLICY_SET(&mls_ops, mac_mls, "TrustedBSD MAC/MLS", 3042 MPC_LOADTIME_FLAG_NOTLATE | MPC_LOADTIME_FLAG_LABELMBUFS, &mls_slot); | 3039}; 3040 3041MAC_POLICY_SET(&mls_ops, mac_mls, "TrustedBSD MAC/MLS", 3042 MPC_LOADTIME_FLAG_NOTLATE | MPC_LOADTIME_FLAG_LABELMBUFS, &mls_slot); |