1/*-
2 * Copyright (c) 1999-2002 Robert N. M. Watson
3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc.
4 * Copyright (c) 2005-2006 SPARTA, Inc.
5 * All rights reserved.
6 *
7 * This software was developed by Robert Watson for the TrustedBSD Project.
8 *
9 * This software was developed for the FreeBSD Project in part by Network
10 * Associates Laboratories, the Security Research Division of Network
11 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
12 * as part of the DARPA CHATS research program.
13 *
14 * This software was enhanced by SPARTA ISSO under SPAWAR contract
15 * N66001-04-C-6019 ("SEFOS").
16 *
17 * Redistribution and use in source and binary forms, with or without
18 * modification, are permitted provided that the following conditions
19 * are met:
20 * 1. Redistributions of source code must retain the above copyright
21 * notice, this list of conditions and the following disclaimer.
22 * 2. Redistributions in binary form must reproduce the above copyright
23 * notice, this list of conditions and the following disclaimer in the
24 * documentation and/or other materials provided with the distribution.
25 *
26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * SUCH DAMAGE.
37 *
38 * $FreeBSD: head/sys/security/mac/mac_policy.h 168954 2007-04-22 16:18:10Z rwatson $
39 */
40/*
41 * Kernel interface for MAC policy modules.
42 */
43#ifndef _SYS_SECURITY_MAC_MAC_POLICY_H_
44#define _SYS_SECURITY_MAC_MAC_POLICY_H_
45
46#ifndef _KERNEL
47#error "no user-serviceable parts inside"
48#endif
49
50/*-
51 * Pluggable access control policy definition structure.
52 *
53 * List of operations that are performed as part of the implementation of a
54 * MAC policy. Policy implementors declare operations with a mac_policy_ops
55 * structure, and using the MAC_POLICY_SET() macro. If an entry point is not
56 * declared, then then the policy will be ignored during evaluation of that
57 * event or check.
58 *
59 * Operations are sorted first by general class of operation, then
60 * alphabetically.
61 */
62#include <sys/acl.h> /* XXX acl_type_t */
63
64struct acl;
65struct auditinfo;
66struct bpf_d;
67struct cdev;
68struct componentname;
69struct devfs_dirent;
70struct ifnet;
71struct image_params;
72struct inpcb;
73struct ipq;
74struct ksem;
75struct label;
76struct mac_policy_conf;
77struct mbuf;
78struct mount;
79struct msg;
80struct msqid_kernel;
81struct pipepair;
82struct proc;
83struct sbuf;
84struct semid_kernel;
85struct shmid_kernel;
86struct sockaddr;
87struct socket;
88struct sysctl_oid;
89struct sysctl_req;
90struct thread;
91struct ucred;
92struct uio;
93struct vattr;
94struct vnode;
95
96/*
97 * Policy module operations.
98 */
99typedef void (*mpo_destroy_t)(struct mac_policy_conf *mpc);
100typedef void (*mpo_init_t)(struct mac_policy_conf *mpc);
101
102/*
103 * General policy-directed security system call so that policies may
104 * implement new services without reserving explicit system call numbers.
105 */
106typedef int (*mpo_syscall_t)(struct thread *td, int call, void *arg);
107
108/*
109 * Place-holder function pointers for ABI-compatibility purposes.
110 */
111typedef void (*mpo_placeholder_t)(void);
112
113/*
114 * Label operations. Initialize label storage, destroy label storage,
115 * recycle for re-use without init/destroy, copy a label to initialized
116 * storage, and externalize/internalize from/to initialized storage.
117 */
118typedef void (*mpo_init_bpfdesc_label_t)(struct label *label);
119typedef void (*mpo_init_cred_label_t)(struct label *label);
120typedef void (*mpo_init_devfsdirent_label_t)(struct label *label);
121typedef void (*mpo_init_ifnet_label_t)(struct label *label);
122typedef int (*mpo_init_inpcb_label_t)(struct label *label, int flag);
123typedef void (*mpo_init_sysv_msgmsg_label_t)(struct label *label);
124typedef void (*mpo_init_sysv_msgqueue_label_t)(struct label *label);
125typedef void (*mpo_init_sysv_sem_label_t)(struct label *label);
126typedef void (*mpo_init_sysv_shm_label_t)(struct label *label);
127typedef int (*mpo_init_ipq_label_t)(struct label *label, int flag);
128typedef int (*mpo_init_mbuf_label_t)(struct label *label, int flag);
129typedef void (*mpo_init_mount_label_t)(struct label *label);
130typedef int (*mpo_init_socket_label_t)(struct label *label, int flag);
131typedef int (*mpo_init_socket_peer_label_t)(struct label *label,
132 int flag);
133typedef void (*mpo_init_pipe_label_t)(struct label *label);
134typedef void (*mpo_init_posix_sem_label_t)(struct label *label);
135typedef void (*mpo_init_proc_label_t)(struct label *label);
136typedef void (*mpo_init_vnode_label_t)(struct label *label);
137typedef void (*mpo_destroy_bpfdesc_label_t)(struct label *label);
138typedef void (*mpo_destroy_cred_label_t)(struct label *label);
139typedef void (*mpo_destroy_devfsdirent_label_t)(struct label *label);
140typedef void (*mpo_destroy_ifnet_label_t)(struct label *label);
141typedef void (*mpo_destroy_inpcb_label_t)(struct label *label);
142typedef void (*mpo_destroy_sysv_msgmsg_label_t)(struct label *label);
143typedef void (*mpo_destroy_sysv_msgqueue_label_t)(struct label *label);
144typedef void (*mpo_destroy_sysv_sem_label_t)(struct label *label);
145typedef void (*mpo_destroy_sysv_shm_label_t)(struct label *label);
146typedef void (*mpo_destroy_ipq_label_t)(struct label *label);
147typedef void (*mpo_destroy_mbuf_label_t)(struct label *label);
148typedef void (*mpo_destroy_mount_label_t)(struct label *label);
149typedef void (*mpo_destroy_socket_label_t)(struct label *label);
150typedef void (*mpo_destroy_socket_peer_label_t)(struct label *label);
151typedef void (*mpo_destroy_pipe_label_t)(struct label *label);
152typedef void (*mpo_destroy_posix_sem_label_t)(struct label *label);
153typedef void (*mpo_destroy_proc_label_t)(struct label *label);
154typedef void (*mpo_destroy_vnode_label_t)(struct label *label);
155typedef void (*mpo_cleanup_sysv_msgmsg_t)(struct label *msglabel);
156typedef void (*mpo_cleanup_sysv_msgqueue_t)(struct label *msqlabel);
157typedef void (*mpo_cleanup_sysv_sem_t)(struct label *semalabel);
158typedef void (*mpo_cleanup_sysv_shm_t)(struct label *shmlabel);
159typedef void (*mpo_copy_cred_label_t)(struct label *src,
160 struct label *dest);
161typedef void (*mpo_copy_ifnet_label_t)(struct label *src,
162 struct label *dest);
163typedef void (*mpo_copy_mbuf_label_t)(struct label *src,
164 struct label *dest);
165typedef void (*mpo_copy_pipe_label_t)(struct label *src,
166 struct label *dest);
167typedef void (*mpo_copy_socket_label_t)(struct label *src,
168 struct label *dest);
169typedef void (*mpo_copy_vnode_label_t)(struct label *src,
170 struct label *dest);
171typedef int (*mpo_externalize_cred_label_t)(struct label *label,
172 char *element_name, struct sbuf *sb, int *claimed);
173typedef int (*mpo_externalize_ifnet_label_t)(struct label *label,
174 char *element_name, struct sbuf *sb, int *claimed);
175typedef int (*mpo_externalize_pipe_label_t)(struct label *label,
176 char *element_name, struct sbuf *sb, int *claimed);
177typedef int (*mpo_externalize_socket_label_t)(struct label *label,
178 char *element_name, struct sbuf *sb, int *claimed);
179typedef int (*mpo_externalize_socket_peer_label_t)(struct label *label,
180 char *element_name, struct sbuf *sb, int *claimed);
181typedef int (*mpo_externalize_vnode_label_t)(struct label *label,
182 char *element_name, struct sbuf *sb, int *claimed);
183typedef int (*mpo_internalize_cred_label_t)(struct label *label,
184 char *element_name, char *element_data, int *claimed);
185typedef int (*mpo_internalize_ifnet_label_t)(struct label *label,
186 char *element_name, char *element_data, int *claimed);
187typedef int (*mpo_internalize_pipe_label_t)(struct label *label,
188 char *element_name, char *element_data, int *claimed);
189typedef int (*mpo_internalize_socket_label_t)(struct label *label,
190 char *element_name, char *element_data, int *claimed);
191typedef int (*mpo_internalize_vnode_label_t)(struct label *label,
192 char *element_name, char *element_data, int *claimed);
193
194/*
195 * Labeling event operations: file system objects, and things that look a lot
196 * like file system objects.
197 */
198typedef void (*mpo_associate_vnode_devfs_t)(struct mount *mp,
199 struct label *mntlabel, struct devfs_dirent *de,
200 struct label *delabel, struct vnode *vp,
201 struct label *vlabel);
202typedef int (*mpo_associate_vnode_extattr_t)(struct mount *mp,
203 struct label *mntlabel, struct vnode *vp,
204 struct label *vlabel);
205typedef void (*mpo_associate_vnode_singlelabel_t)(struct mount *mp,
206 struct label *mntlabel, struct vnode *vp,
207 struct label *vlabel);
208typedef void (*mpo_create_devfs_device_t)(struct ucred *cred,
209 struct mount *mp, struct cdev *dev,
210 struct devfs_dirent *de, struct label *label);
211typedef void (*mpo_create_devfs_directory_t)(struct mount *mp,
212 char *dirname, int dirnamelen, struct devfs_dirent *de,
213 struct label *label);
214typedef void (*mpo_create_devfs_symlink_t)(struct ucred *cred,
215 struct mount *mp, struct devfs_dirent *dd,
216 struct label *ddlabel, struct devfs_dirent *de,
217 struct label *delabel);
218typedef int (*mpo_create_vnode_extattr_t)(struct ucred *cred,
219 struct mount *mp, struct label *mntlabel,
220 struct vnode *dvp, struct label *dlabel,
221 struct vnode *vp, struct label *vlabel,
222 struct componentname *cnp);
223typedef void (*mpo_create_mount_t)(struct ucred *cred, struct mount *mp,
224 struct label *mntlabel);
225typedef void (*mpo_relabel_vnode_t)(struct ucred *cred, struct vnode *vp,
226 struct label *vnodelabel, struct label *label);
227typedef int (*mpo_setlabel_vnode_extattr_t)(struct ucred *cred,
228 struct vnode *vp, struct label *vlabel,
229 struct label *intlabel);
230typedef void (*mpo_update_devfsdirent_t)(struct mount *mp,
231 struct devfs_dirent *devfs_dirent,
232 struct label *direntlabel, struct vnode *vp,
233 struct label *vnodelabel);
234
235/*
236 * Labeling event operations: IPC objects.
237 */
238typedef void (*mpo_create_mbuf_from_socket_t)(struct socket *so,
239 struct label *socketlabel, struct mbuf *m,
240 struct label *mbuflabel);
241typedef void (*mpo_create_socket_t)(struct ucred *cred, struct socket *so,
242 struct label *socketlabel);
243typedef void (*mpo_create_socket_from_socket_t)(struct socket *oldsocket,
244 struct label *oldsocketlabel, struct socket *newsocket,
245 struct label *newsocketlabel);
246typedef void (*mpo_relabel_socket_t)(struct ucred *cred, struct socket *so,
247 struct label *oldlabel, struct label *newlabel);
248typedef void (*mpo_relabel_pipe_t)(struct ucred *cred, struct pipepair *pp,
249 struct label *oldlabel, struct label *newlabel);
250typedef void (*mpo_set_socket_peer_from_mbuf_t)(struct mbuf *mbuf,
251 struct label *mbuflabel, struct socket *so,
252 struct label *socketpeerlabel);
253typedef void (*mpo_set_socket_peer_from_socket_t)(struct socket *oldsocket,
254 struct label *oldsocketlabel, struct socket *newsocket,
255 struct label *newsocketpeerlabel);
256typedef void (*mpo_create_pipe_t)(struct ucred *cred, struct pipepair *pp,
257 struct label *pipelabel);
258
259/*
260 * Labeling event operations: System V IPC primitives.
261 */
262typedef void (*mpo_create_sysv_msgmsg_t)(struct ucred *cred,
263 struct msqid_kernel *msqkptr, struct label *msqlabel,
264 struct msg *msgptr, struct label *msglabel);
265typedef void (*mpo_create_sysv_msgqueue_t)(struct ucred *cred,
266 struct msqid_kernel *msqkptr, struct label *msqlabel);
267typedef void (*mpo_create_sysv_sem_t)(struct ucred *cred,
268 struct semid_kernel *semakptr, struct label *semalabel);
269typedef void (*mpo_create_sysv_shm_t)(struct ucred *cred,
270 struct shmid_kernel *shmsegptr, struct label *shmlabel);
271
272/*
273 * Labeling event operations: POSIX (global/inter-process) semaphores.
274 */
275typedef void (*mpo_create_posix_sem_t)(struct ucred *cred,
276 struct ksem *ksemptr, struct label *ks_label);
277
278/*
279 * Labeling event operations: network objects.
280 */
281typedef void (*mpo_create_bpfdesc_t)(struct ucred *cred,
282 struct bpf_d *bpf_d, struct label *bpflabel);
283typedef void (*mpo_create_ifnet_t)(struct ifnet *ifnet,
284 struct label *ifnetlabel);
285typedef void (*mpo_create_inpcb_from_socket_t)(struct socket *so,
286 struct label *solabel, struct inpcb *inp,
287 struct label *inplabel);
288typedef void (*mpo_create_ipq_t)(struct mbuf *fragment,
289 struct label *fragmentlabel, struct ipq *ipq,
290 struct label *ipqlabel);
291typedef void (*mpo_create_datagram_from_ipq)
292 (struct ipq *ipq, struct label *ipqlabel,
293 struct mbuf *datagram, struct label *datagramlabel);
294typedef void (*mpo_create_fragment_t)(struct mbuf *datagram,
295 struct label *datagramlabel, struct mbuf *fragment,
296 struct label *fragmentlabel);
297typedef void (*mpo_create_mbuf_from_inpcb_t)(struct inpcb *inp,
298 struct label *inplabel, struct mbuf *m,
299 struct label *mlabel);
300typedef void (*mpo_create_mbuf_linklayer_t)(struct ifnet *ifnet,
301 struct label *ifnetlabel, struct mbuf *mbuf,
302 struct label *mbuflabel);
303typedef void (*mpo_create_mbuf_from_bpfdesc_t)(struct bpf_d *bpf_d,
304 struct label *bpflabel, struct mbuf *mbuf,
305 struct label *mbuflabel);
306typedef void (*mpo_create_mbuf_from_ifnet_t)(struct ifnet *ifnet,
307 struct label *ifnetlabel, struct mbuf *mbuf,
308 struct label *mbuflabel);
309typedef void (*mpo_create_mbuf_multicast_encap_t)(struct mbuf *oldmbuf,
310 struct label *oldmbuflabel, struct ifnet *ifnet,
311 struct label *ifnetlabel, struct mbuf *newmbuf,
312 struct label *newmbuflabel);
313typedef void (*mpo_create_mbuf_netlayer_t)(struct mbuf *oldmbuf,
314 struct label *oldmbuflabel, struct mbuf *newmbuf,
315 struct label *newmbuflabel);
316typedef int (*mpo_fragment_match_t)(struct mbuf *fragment,
317 struct label *fragmentlabel, struct ipq *ipq,
318 struct label *ipqlabel);
319typedef void (*mpo_reflect_mbuf_icmp_t)(struct mbuf *m,
320 struct label *mlabel);
321typedef void (*mpo_reflect_mbuf_tcp_t)(struct mbuf *m,
322 struct label *mlabel);
323typedef void (*mpo_relabel_ifnet_t)(struct ucred *cred,
324 struct ifnet *ifnet, struct label *ifnetlabel,
325 struct label *newlabel);
326typedef void (*mpo_update_ipq_t)(struct mbuf *fragment,
327 struct label *fragmentlabel, struct ipq *ipq,
328 struct label *ipqlabel);
329typedef void (*mpo_inpcb_sosetlabel_t)(struct socket *so,
330 struct label *label, struct inpcb *inp,
331 struct label *inplabel);
332
333typedef void (*mpo_create_mbuf_from_firewall_t)(struct mbuf *m,
334 struct label *label);
335typedef void (*mpo_destroy_syncache_label_t)(struct label *label);
336typedef int (*mpo_init_syncache_label_t)(struct label *label, int flag);
337typedef void (*mpo_init_syncache_from_inpcb_t)(struct label *label,
338 struct inpcb *inp);
339typedef void (*mpo_create_mbuf_from_syncache_t)(struct label *sc_label,
340 struct mbuf *m, struct label *mbuf_label);
341/*
342 * Labeling event operations: processes.
343 */
344typedef void (*mpo_execve_transition_t)(struct ucred *old,
345 struct ucred *new, struct vnode *vp,
346 struct label *vnodelabel, struct label *interpvnodelabel,
347 struct image_params *imgp, struct label *execlabel);
348typedef int (*mpo_execve_will_transition_t)(struct ucred *old,
349 struct vnode *vp, struct label *vnodelabel,
350 struct label *interpvnodelabel,
351 struct image_params *imgp, struct label *execlabel);
352typedef void (*mpo_create_proc0_t)(struct ucred *cred);
353typedef void (*mpo_create_proc1_t)(struct ucred *cred);
354typedef void (*mpo_relabel_cred_t)(struct ucred *cred,
355 struct label *newlabel);
356typedef void (*mpo_thread_userret_t)(struct thread *thread);
357
358/*
359 * Access control checks.
360 */
361typedef int (*mpo_check_bpfdesc_receive_t)(struct bpf_d *bpf_d,
362 struct label *bpflabel, struct ifnet *ifnet,
363 struct label *ifnetlabel);
364typedef int (*mpo_check_cred_relabel_t)(struct ucred *cred,
365 struct label *newlabel);
366typedef int (*mpo_check_cred_visible_t)(struct ucred *u1,
367 struct ucred *u2);
368typedef int (*mpo_check_ifnet_relabel_t)(struct ucred *cred,
369 struct ifnet *ifnet, struct label *ifnetlabel,
370 struct label *newlabel);
371typedef int (*mpo_check_ifnet_transmit_t)(struct ifnet *ifnet,
372 struct label *ifnetlabel, struct mbuf *m,
373 struct label *mbuflabel);
374typedef int (*mpo_check_inpcb_deliver_t)(struct inpcb *inp,
375 struct label *inplabel, struct mbuf *m,
376 struct label *mlabel);
377typedef int (*mpo_check_sysv_msgmsq_t)(struct ucred *cred,
378 struct msg *msgptr, struct label *msglabel,
379 struct msqid_kernel *msqkptr, struct label *msqklabel);
380typedef int (*mpo_check_sysv_msgrcv_t)(struct ucred *cred,
381 struct msg *msgptr, struct label *msglabel);
382typedef int (*mpo_check_sysv_msgrmid_t)(struct ucred *cred,
383 struct msg *msgptr, struct label *msglabel);
384typedef int (*mpo_check_sysv_msqget_t)(struct ucred *cred,
385 struct msqid_kernel *msqkptr, struct label *msqklabel);
386typedef int (*mpo_check_sysv_msqsnd_t)(struct ucred *cred,
387 struct msqid_kernel *msqkptr, struct label *msqklabel);
388typedef int (*mpo_check_sysv_msqrcv_t)(struct ucred *cred,
389 struct msqid_kernel *msqkptr, struct label *msqklabel);
390typedef int (*mpo_check_sysv_msqctl_t)(struct ucred *cred,
391 struct msqid_kernel *msqkptr, struct label *msqklabel,
392 int cmd);
393typedef int (*mpo_check_sysv_semctl_t)(struct ucred *cred,
394 struct semid_kernel *semakptr, struct label *semaklabel,
395 int cmd);
396typedef int (*mpo_check_sysv_semget_t)(struct ucred *cred,
397 struct semid_kernel *semakptr, struct label *semaklabel);
398typedef int (*mpo_check_sysv_semop_t)(struct ucred *cred,
399 struct semid_kernel *semakptr, struct label *semaklabel,
400 size_t accesstype);
401typedef int (*mpo_check_sysv_shmat_t)(struct ucred *cred,
402 struct shmid_kernel *shmsegptr,
403 struct label *shmseglabel, int shmflg);
404typedef int (*mpo_check_sysv_shmctl_t)(struct ucred *cred,
405 struct shmid_kernel *shmsegptr,
406 struct label *shmseglabel, int cmd);
407typedef int (*mpo_check_sysv_shmdt_t)(struct ucred *cred,
408 struct shmid_kernel *shmsegptr,
409 struct label *shmseglabel);
410typedef int (*mpo_check_sysv_shmget_t)(struct ucred *cred,
411 struct shmid_kernel *shmsegptr,
412 struct label *shmseglabel, int shmflg);
413typedef int (*mpo_check_kenv_dump_t)(struct ucred *cred);
414typedef int (*mpo_check_kenv_get_t)(struct ucred *cred, char *name);
415typedef int (*mpo_check_kenv_set_t)(struct ucred *cred, char *name,
416 char *value);
417typedef int (*mpo_check_kenv_unset_t)(struct ucred *cred, char *name);
418typedef int (*mpo_check_kld_load_t)(struct ucred *cred, struct vnode *vp,
419 struct label *vlabel);
420typedef int (*mpo_check_kld_stat_t)(struct ucred *cred);
421typedef int (*mpo_mpo_placeholder19_t)(void);
422typedef int (*mpo_mpo_placeholder20_t)(void);
423typedef int (*mpo_check_mount_stat_t)(struct ucred *cred,
424 struct mount *mp, struct label *mntlabel);
425typedef int (*mpo_mpo_placeholder21_t)(void);
426typedef int (*mpo_check_pipe_ioctl_t)(struct ucred *cred,
427 struct pipepair *pp, struct label *pipelabel,
428 unsigned long cmd, void *data);
429typedef int (*mpo_check_pipe_poll_t)(struct ucred *cred,
430 struct pipepair *pp, struct label *pipelabel);
431typedef int (*mpo_check_pipe_read_t)(struct ucred *cred,
432 struct pipepair *pp, struct label *pipelabel);
433typedef int (*mpo_check_pipe_relabel_t)(struct ucred *cred,
434 struct pipepair *pp, struct label *pipelabel,
435 struct label *newlabel);
436typedef int (*mpo_check_pipe_stat_t)(struct ucred *cred,
437 struct pipepair *pp, struct label *pipelabel);
438typedef int (*mpo_check_pipe_write_t)(struct ucred *cred,
439 struct pipepair *pp, struct label *pipelabel);
440typedef int (*mpo_check_posix_sem_destroy_t)(struct ucred *cred,
441 struct ksem *ksemptr, struct label *ks_label);
442typedef int (*mpo_check_posix_sem_getvalue_t)(struct ucred *cred,
443 struct ksem *ksemptr, struct label *ks_label);
444typedef int (*mpo_check_posix_sem_open_t)(struct ucred *cred,
445 struct ksem *ksemptr, struct label *ks_label);
446typedef int (*mpo_check_posix_sem_post_t)(struct ucred *cred,
447 struct ksem *ksemptr, struct label *ks_label);
448typedef int (*mpo_check_posix_sem_unlink_t)(struct ucred *cred,
449 struct ksem *ksemptr, struct label *ks_label);
450typedef int (*mpo_check_posix_sem_wait_t)(struct ucred *cred,
451 struct ksem *ksemptr, struct label *ks_label);
452typedef int (*mpo_check_proc_debug_t)(struct ucred *cred,
453 struct proc *proc);
454typedef int (*mpo_check_proc_sched_t)(struct ucred *cred,
455 struct proc *proc);
456typedef int (*mpo_check_proc_setaudit_t)(struct ucred *cred,
457 struct auditinfo *ai);
458typedef int (*mpo_check_proc_setauid_t)(struct ucred *cred, uid_t auid);
459typedef int (*mpo_check_proc_setuid_t)(struct ucred *cred, uid_t uid);
460typedef int (*mpo_check_proc_seteuid_t)(struct ucred *cred, uid_t euid);
461typedef int (*mpo_check_proc_setgid_t)(struct ucred *cred, gid_t gid);
462typedef int (*mpo_check_proc_setegid_t)(struct ucred *cred, gid_t egid);
463typedef int (*mpo_check_proc_setgroups_t)(struct ucred *cred, int ngroups,
464 gid_t *gidset);
465typedef int (*mpo_check_proc_setreuid_t)(struct ucred *cred, uid_t ruid,
466 uid_t euid);
467typedef int (*mpo_check_proc_setregid_t)(struct ucred *cred, gid_t rgid,
468 gid_t egid);
469typedef int (*mpo_check_proc_setresuid_t)(struct ucred *cred, uid_t ruid,
470 uid_t euid, uid_t suid);
471typedef int (*mpo_check_proc_setresgid_t)(struct ucred *cred, gid_t rgid,
472 gid_t egid, gid_t sgid);
473typedef int (*mpo_check_proc_signal_t)(struct ucred *cred,
474 struct proc *proc, int signum);
475typedef int (*mpo_check_proc_wait_t)(struct ucred *cred,
476 struct proc *proc);
477typedef int (*mpo_check_socket_accept_t)(struct ucred *cred,
478 struct socket *so, struct label *socketlabel);
479typedef int (*mpo_check_socket_bind_t)(struct ucred *cred,
480 struct socket *so, struct label *socketlabel,
481 struct sockaddr *sockaddr);
482typedef int (*mpo_check_socket_connect_t)(struct ucred *cred,
483 struct socket *so, struct label *socketlabel,
484 struct sockaddr *sockaddr);
485typedef int (*mpo_check_socket_create_t)(struct ucred *cred, int domain,
486 int type, int protocol);
487typedef int (*mpo_check_socket_deliver_t)(struct socket *so,
488 struct label *socketlabel, struct mbuf *m,
489 struct label *mbuflabel);
490typedef int (*mpo_check_socket_listen_t)(struct ucred *cred,
491 struct socket *so, struct label *socketlabel);
492typedef int (*mpo_check_socket_poll_t)(struct ucred *cred,
493 struct socket *so, struct label *socketlabel);
494typedef int (*mpo_check_socket_receive_t)(struct ucred *cred,
495 struct socket *so, struct label *socketlabel);
496typedef int (*mpo_check_socket_relabel_t)(struct ucred *cred,
497 struct socket *so, struct label *socketlabel,
498 struct label *newlabel);
499typedef int (*mpo_check_socket_send_t)(struct ucred *cred,
500 struct socket *so, struct label *socketlabel);
501typedef int (*mpo_check_socket_stat_t)(struct ucred *cred,
502 struct socket *so, struct label *socketlabel);
503typedef int (*mpo_check_socket_visible_t)(struct ucred *cred,
504 struct socket *so, struct label *socketlabel);
505typedef int (*mpo_check_system_acct_t)(struct ucred *cred,
506 struct vnode *vp, struct label *vlabel);
507typedef int (*mpo_check_system_audit_t)(struct ucred *cred, void *record,
508 int length);
509typedef int (*mpo_check_system_auditctl_t)(struct ucred *cred,
510 struct vnode *vp, struct label *vplabel);
511typedef int (*mpo_check_system_auditon_t)(struct ucred *cred, int cmd);
512typedef int (*mpo_check_system_reboot_t)(struct ucred *cred, int howto);
513typedef int (*mpo_check_system_swapon_t)(struct ucred *cred,
514 struct vnode *vp, struct label *label);
515typedef int (*mpo_check_system_swapoff_t)(struct ucred *cred,
516 struct vnode *vp, struct label *label);
517typedef int (*mpo_check_system_sysctl_t)(struct ucred *cred,
518 struct sysctl_oid *oidp, void *arg1, int arg2,
519 struct sysctl_req *req);
520typedef int (*mpo_check_vnode_access_t)(struct ucred *cred,
521 struct vnode *vp, struct label *label, int acc_mode);
522typedef int (*mpo_check_vnode_chdir_t)(struct ucred *cred,
523 struct vnode *dvp, struct label *dlabel);
524typedef int (*mpo_check_vnode_chroot_t)(struct ucred *cred,
525 struct vnode *dvp, struct label *dlabel);
526typedef int (*mpo_check_vnode_create_t)(struct ucred *cred,
527 struct vnode *dvp, struct label *dlabel,
528 struct componentname *cnp, struct vattr *vap);
529typedef int (*mpo_check_vnode_delete_t)(struct ucred *cred,
530 struct vnode *dvp, struct label *dlabel,
531 struct vnode *vp, struct label *label,
532 struct componentname *cnp);
533typedef int (*mpo_check_vnode_deleteacl_t)(struct ucred *cred,
534 struct vnode *vp, struct label *label, acl_type_t type);
535typedef int (*mpo_check_vnode_deleteextattr_t)(struct ucred *cred,
536 struct vnode *vp, struct label *label, int attrnamespace,
537 const char *name);
538typedef int (*mpo_check_vnode_exec_t)(struct ucred *cred,
539 struct vnode *vp, struct label *label,
540 struct image_params *imgp, struct label *execlabel);
541typedef int (*mpo_check_vnode_getacl_t)(struct ucred *cred,
542 struct vnode *vp, struct label *label, acl_type_t type);
543typedef int (*mpo_check_vnode_getextattr_t)(struct ucred *cred,
544 struct vnode *vp, struct label *label, int attrnamespace,
545 const char *name, struct uio *uio);
546typedef int (*mpo_check_vnode_link_t)(struct ucred *cred,
547 struct vnode *dvp, struct label *dlabel, struct vnode *vp,
548 struct label *label, struct componentname *cnp);
549typedef int (*mpo_check_vnode_listextattr_t)(struct ucred *cred,
550 struct vnode *vp, struct label *label,
551 int attrnamespace);
552typedef int (*mpo_check_vnode_lookup_t)(struct ucred *cred,
553 struct vnode *dvp, struct label *dlabel,
554 struct componentname *cnp);
555typedef int (*mpo_check_vnode_mmap_t)(struct ucred *cred,
556 struct vnode *vp, struct label *label, int prot,
557 int flags);
558typedef void (*mpo_check_vnode_mmap_downgrade_t)(struct ucred *cred,
559 struct vnode *vp, struct label *label, int *prot);
560typedef int (*mpo_check_vnode_mprotect_t)(struct ucred *cred,
561 struct vnode *vp, struct label *label, int prot);
562typedef int (*mpo_check_vnode_open_t)(struct ucred *cred,
563 struct vnode *vp, struct label *label, int acc_mode);
564typedef int (*mpo_check_vnode_poll_t)(struct ucred *active_cred,
565 struct ucred *file_cred, struct vnode *vp,
566 struct label *label);
567typedef int (*mpo_check_vnode_read_t)(struct ucred *active_cred,
568 struct ucred *file_cred, struct vnode *vp,
569 struct label *label);
570typedef int (*mpo_check_vnode_readdir_t)(struct ucred *cred,
571 struct vnode *dvp, struct label *dlabel);
572typedef int (*mpo_check_vnode_readlink_t)(struct ucred *cred,
573 struct vnode *vp, struct label *label);
574typedef int (*mpo_check_vnode_relabel_t)(struct ucred *cred,
575 struct vnode *vp, struct label *vnodelabel,
576 struct label *newlabel);
577typedef int (*mpo_check_vnode_rename_from_t)(struct ucred *cred,
578 struct vnode *dvp, struct label *dlabel,
579 struct vnode *vp, struct label *label,
580 struct componentname *cnp);
581typedef int (*mpo_check_vnode_rename_to_t)(struct ucred *cred,
582 struct vnode *dvp, struct label *dlabel,
583 struct vnode *vp, struct label *label, int samedir,
584 struct componentname *cnp);
585typedef int (*mpo_check_vnode_revoke_t)(struct ucred *cred,
586 struct vnode *vp, struct label *label);
587typedef int (*mpo_check_vnode_setacl_t)(struct ucred *cred,
588 struct vnode *vp, struct label *label, acl_type_t type,
589 struct acl *acl);
590typedef int (*mpo_check_vnode_setextattr_t)(struct ucred *cred,
591 struct vnode *vp, struct label *label, int attrnamespace,
592 const char *name, struct uio *uio);
593typedef int (*mpo_check_vnode_setflags_t)(struct ucred *cred,
594 struct vnode *vp, struct label *label, u_long flags);
595typedef int (*mpo_check_vnode_setmode_t)(struct ucred *cred,
596 struct vnode *vp, struct label *label, mode_t mode);
597typedef int (*mpo_check_vnode_setowner_t)(struct ucred *cred,
598 struct vnode *vp, struct label *label, uid_t uid,
599 gid_t gid);
600typedef int (*mpo_check_vnode_setutimes_t)(struct ucred *cred,
601 struct vnode *vp, struct label *label,
602 struct timespec atime, struct timespec mtime);
603typedef int (*mpo_check_vnode_stat_t)(struct ucred *active_cred,
604 struct ucred *file_cred, struct vnode *vp,
605 struct label *label);
606typedef int (*mpo_check_vnode_write_t)(struct ucred *active_cred,
607 struct ucred *file_cred, struct vnode *vp,
608 struct label *label);
609typedef void (*mpo_associate_nfsd_label_t)(struct ucred *cred);
610typedef int (*mpo_priv_check_t)(struct ucred *cred, int priv);
611typedef int (*mpo_priv_grant_t)(struct ucred *cred, int priv);
612
613struct mac_policy_ops {
614 /*
615 * Policy module operations.
616 */
617 mpo_destroy_t mpo_destroy;
618 mpo_init_t mpo_init;
619
620 /*
621 * General policy-directed security system call so that policies may
622 * implement new services without reserving explicit system call
623 * numbers.
624 */
625 mpo_syscall_t mpo_syscall;
626
627 /*
628 * Label operations. Initialize label storage, destroy label
629 * storage, recycle for re-use without init/destroy, copy a label to
630 * initialized storage, and externalize/internalize from/to
631 * initialized storage.
632 */
633 mpo_init_bpfdesc_label_t mpo_init_bpfdesc_label;
634 mpo_init_cred_label_t mpo_init_cred_label;
635 mpo_init_devfsdirent_label_t mpo_init_devfsdirent_label;
636 mpo_placeholder_t _mpo_placeholder0;
637 mpo_init_ifnet_label_t mpo_init_ifnet_label;
638 mpo_init_inpcb_label_t mpo_init_inpcb_label;
639 mpo_init_sysv_msgmsg_label_t mpo_init_sysv_msgmsg_label;
640 mpo_init_sysv_msgqueue_label_t mpo_init_sysv_msgqueue_label;
641 mpo_init_sysv_sem_label_t mpo_init_sysv_sem_label;
642 mpo_init_sysv_shm_label_t mpo_init_sysv_shm_label;
643 mpo_init_ipq_label_t mpo_init_ipq_label;
644 mpo_init_mbuf_label_t mpo_init_mbuf_label;
645 mpo_init_mount_label_t mpo_init_mount_label;
646 mpo_init_socket_label_t mpo_init_socket_label;
647 mpo_init_socket_peer_label_t mpo_init_socket_peer_label;
648 mpo_init_pipe_label_t mpo_init_pipe_label;
649 mpo_init_posix_sem_label_t mpo_init_posix_sem_label;
650 mpo_init_proc_label_t mpo_init_proc_label;
651 mpo_init_vnode_label_t mpo_init_vnode_label;
652 mpo_destroy_bpfdesc_label_t mpo_destroy_bpfdesc_label;
653 mpo_destroy_cred_label_t mpo_destroy_cred_label;
654 mpo_destroy_devfsdirent_label_t mpo_destroy_devfsdirent_label;
655 mpo_placeholder_t _mpo_placeholder1;
656 mpo_destroy_ifnet_label_t mpo_destroy_ifnet_label;
657 mpo_destroy_inpcb_label_t mpo_destroy_inpcb_label;
658 mpo_destroy_sysv_msgmsg_label_t mpo_destroy_sysv_msgmsg_label;
659 mpo_destroy_sysv_msgqueue_label_t mpo_destroy_sysv_msgqueue_label;
660 mpo_destroy_sysv_sem_label_t mpo_destroy_sysv_sem_label;
661 mpo_destroy_sysv_shm_label_t mpo_destroy_sysv_shm_label;
662 mpo_destroy_ipq_label_t mpo_destroy_ipq_label;
663 mpo_destroy_mbuf_label_t mpo_destroy_mbuf_label;
664 mpo_destroy_mount_label_t mpo_destroy_mount_label;
665 mpo_destroy_socket_label_t mpo_destroy_socket_label;
666 mpo_destroy_socket_peer_label_t mpo_destroy_socket_peer_label;
667 mpo_destroy_pipe_label_t mpo_destroy_pipe_label;
668 mpo_destroy_posix_sem_label_t mpo_destroy_posix_sem_label;
669 mpo_destroy_proc_label_t mpo_destroy_proc_label;
670 mpo_destroy_vnode_label_t mpo_destroy_vnode_label;
671 mpo_cleanup_sysv_msgmsg_t mpo_cleanup_sysv_msgmsg;
672 mpo_cleanup_sysv_msgqueue_t mpo_cleanup_sysv_msgqueue;
673 mpo_cleanup_sysv_sem_t mpo_cleanup_sysv_sem;
674 mpo_cleanup_sysv_shm_t mpo_cleanup_sysv_shm;
675 mpo_copy_cred_label_t mpo_copy_cred_label;
676 mpo_copy_ifnet_label_t mpo_copy_ifnet_label;
677 mpo_copy_mbuf_label_t mpo_copy_mbuf_label;
678 mpo_placeholder_t _mpo_placeholder2;
679 mpo_copy_pipe_label_t mpo_copy_pipe_label;
680 mpo_copy_socket_label_t mpo_copy_socket_label;
681 mpo_copy_vnode_label_t mpo_copy_vnode_label;
682 mpo_externalize_cred_label_t mpo_externalize_cred_label;
683 mpo_externalize_ifnet_label_t mpo_externalize_ifnet_label;
684 mpo_placeholder_t _mpo_placeholder3;
685 mpo_externalize_pipe_label_t mpo_externalize_pipe_label;
686 mpo_externalize_socket_label_t mpo_externalize_socket_label;
687 mpo_externalize_socket_peer_label_t mpo_externalize_socket_peer_label;
688 mpo_externalize_vnode_label_t mpo_externalize_vnode_label;
689 mpo_internalize_cred_label_t mpo_internalize_cred_label;
690 mpo_internalize_ifnet_label_t mpo_internalize_ifnet_label;
691 mpo_placeholder_t _mpo_placeholder4;
692 mpo_internalize_pipe_label_t mpo_internalize_pipe_label;
693 mpo_internalize_socket_label_t mpo_internalize_socket_label;
694 mpo_internalize_vnode_label_t mpo_internalize_vnode_label;
695
696 /*
697 * Labeling event operations: file system objects, and things that
698 * look a lot like file system objects.
699 */
700 mpo_associate_vnode_devfs_t mpo_associate_vnode_devfs;
701 mpo_associate_vnode_extattr_t mpo_associate_vnode_extattr;
702 mpo_associate_vnode_singlelabel_t mpo_associate_vnode_singlelabel;
703 mpo_create_devfs_device_t mpo_create_devfs_device;
704 mpo_create_devfs_directory_t mpo_create_devfs_directory;
705 mpo_create_devfs_symlink_t mpo_create_devfs_symlink;
706 mpo_placeholder_t _mpo_placeholder5;
707 mpo_create_vnode_extattr_t mpo_create_vnode_extattr;
708 mpo_create_mount_t mpo_create_mount;
709 mpo_relabel_vnode_t mpo_relabel_vnode;
710 mpo_setlabel_vnode_extattr_t mpo_setlabel_vnode_extattr;
711 mpo_update_devfsdirent_t mpo_update_devfsdirent;
712
713 /*
714 * Labeling event operations: IPC objects.
715 */
716 mpo_create_mbuf_from_socket_t mpo_create_mbuf_from_socket;
717 mpo_create_socket_t mpo_create_socket;
718 mpo_create_socket_from_socket_t mpo_create_socket_from_socket;
719 mpo_relabel_socket_t mpo_relabel_socket;
720 mpo_relabel_pipe_t mpo_relabel_pipe;
721 mpo_set_socket_peer_from_mbuf_t mpo_set_socket_peer_from_mbuf;
722 mpo_set_socket_peer_from_socket_t mpo_set_socket_peer_from_socket;
723 mpo_create_pipe_t mpo_create_pipe;
724
725 /*
726 * Labeling event operations: System V IPC primitives.
727 */
728 mpo_create_sysv_msgmsg_t mpo_create_sysv_msgmsg;
729 mpo_create_sysv_msgqueue_t mpo_create_sysv_msgqueue;
730 mpo_create_sysv_sem_t mpo_create_sysv_sem;
731 mpo_create_sysv_shm_t mpo_create_sysv_shm;
732
733 /*
734 * Labeling event operations: POSIX (global/inter-process) semaphores.
735 */
736 mpo_create_posix_sem_t mpo_create_posix_sem;
737
738 /*
739 * Labeling event operations: network objects.
740 */
741 mpo_create_bpfdesc_t mpo_create_bpfdesc;
742 mpo_create_ifnet_t mpo_create_ifnet;
743 mpo_create_inpcb_from_socket_t mpo_create_inpcb_from_socket;
744 mpo_create_ipq_t mpo_create_ipq;
745 mpo_create_datagram_from_ipq mpo_create_datagram_from_ipq;
746 mpo_create_fragment_t mpo_create_fragment;
747 mpo_create_mbuf_from_inpcb_t mpo_create_mbuf_from_inpcb;
748 mpo_create_mbuf_linklayer_t mpo_create_mbuf_linklayer;
749 mpo_create_mbuf_from_bpfdesc_t mpo_create_mbuf_from_bpfdesc;
750 mpo_create_mbuf_from_ifnet_t mpo_create_mbuf_from_ifnet;
751 mpo_create_mbuf_multicast_encap_t mpo_create_mbuf_multicast_encap;
752 mpo_create_mbuf_netlayer_t mpo_create_mbuf_netlayer;
753 mpo_fragment_match_t mpo_fragment_match;
754 mpo_reflect_mbuf_icmp_t mpo_reflect_mbuf_icmp;
755 mpo_reflect_mbuf_tcp_t mpo_reflect_mbuf_tcp;
756 mpo_relabel_ifnet_t mpo_relabel_ifnet;
757 mpo_update_ipq_t mpo_update_ipq;
758 mpo_inpcb_sosetlabel_t mpo_inpcb_sosetlabel;
759
760 /*
761 * Labeling event operations: processes.
762 */
763 mpo_execve_transition_t mpo_execve_transition;
764 mpo_execve_will_transition_t mpo_execve_will_transition;
765 mpo_create_proc0_t mpo_create_proc0;
766 mpo_create_proc1_t mpo_create_proc1;
767 mpo_relabel_cred_t mpo_relabel_cred;
768 mpo_placeholder_t _mpo_placeholder6;
769 mpo_thread_userret_t mpo_thread_userret;
770
771 /*
772 * Access control checks.
773 */
774 mpo_check_bpfdesc_receive_t mpo_check_bpfdesc_receive;
775 mpo_placeholder_t _mpo_placeholder7;
776 mpo_check_cred_relabel_t mpo_check_cred_relabel;
777 mpo_check_cred_visible_t mpo_check_cred_visible;
778 mpo_placeholder_t _mpo_placeholder8;
779 mpo_placeholder_t _mpo_placeholder9;
780 mpo_placeholder_t _mpo_placeholder10;
781 mpo_placeholder_t _mpo_placeholder11;
782 mpo_placeholder_t _mpo_placeholder12;
783 mpo_placeholder_t _mpo_placeholder13;
784 mpo_placeholder_t _mpo_placeholder14;
785 mpo_placeholder_t _mpo_placeholder15;
786 mpo_placeholder_t _mpo_placeholder16;
787 mpo_placeholder_t _mpo_placeholder17;
788 mpo_placeholder_t _mpo_placeholder18;
789 mpo_check_ifnet_relabel_t mpo_check_ifnet_relabel;
790 mpo_check_ifnet_transmit_t mpo_check_ifnet_transmit;
791 mpo_check_inpcb_deliver_t mpo_check_inpcb_deliver;
792 mpo_check_sysv_msgmsq_t mpo_check_sysv_msgmsq;
793 mpo_check_sysv_msgrcv_t mpo_check_sysv_msgrcv;
794 mpo_check_sysv_msgrmid_t mpo_check_sysv_msgrmid;
795 mpo_check_sysv_msqget_t mpo_check_sysv_msqget;
796 mpo_check_sysv_msqsnd_t mpo_check_sysv_msqsnd;
797 mpo_check_sysv_msqrcv_t mpo_check_sysv_msqrcv;
798 mpo_check_sysv_msqctl_t mpo_check_sysv_msqctl;
799 mpo_check_sysv_semctl_t mpo_check_sysv_semctl;
800 mpo_check_sysv_semget_t mpo_check_sysv_semget;
801 mpo_check_sysv_semop_t mpo_check_sysv_semop;
802 mpo_check_sysv_shmat_t mpo_check_sysv_shmat;
803 mpo_check_sysv_shmctl_t mpo_check_sysv_shmctl;
804 mpo_check_sysv_shmdt_t mpo_check_sysv_shmdt;
805 mpo_check_sysv_shmget_t mpo_check_sysv_shmget;
806 mpo_check_kenv_dump_t mpo_check_kenv_dump;
807 mpo_check_kenv_get_t mpo_check_kenv_get;
808 mpo_check_kenv_set_t mpo_check_kenv_set;
809 mpo_check_kenv_unset_t mpo_check_kenv_unset;
810 mpo_check_kld_load_t mpo_check_kld_load;
811 mpo_check_kld_stat_t mpo_check_kld_stat;
812 mpo_placeholder_t _mpo_placeholder19;
813 mpo_placeholder_t _mpo_placeholder20;
814 mpo_check_mount_stat_t mpo_check_mount_stat;
815 mpo_placeholder_t _mpo_placeholder_21;
816 mpo_check_pipe_ioctl_t mpo_check_pipe_ioctl;
817 mpo_check_pipe_poll_t mpo_check_pipe_poll;
818 mpo_check_pipe_read_t mpo_check_pipe_read;
819 mpo_check_pipe_relabel_t mpo_check_pipe_relabel;
820 mpo_check_pipe_stat_t mpo_check_pipe_stat;
821 mpo_check_pipe_write_t mpo_check_pipe_write;
822 mpo_check_posix_sem_destroy_t mpo_check_posix_sem_destroy;
823 mpo_check_posix_sem_getvalue_t mpo_check_posix_sem_getvalue;
824 mpo_check_posix_sem_open_t mpo_check_posix_sem_open;
825 mpo_check_posix_sem_post_t mpo_check_posix_sem_post;
826 mpo_check_posix_sem_unlink_t mpo_check_posix_sem_unlink;
827 mpo_check_posix_sem_wait_t mpo_check_posix_sem_wait;
828 mpo_check_proc_debug_t mpo_check_proc_debug;
829 mpo_check_proc_sched_t mpo_check_proc_sched;
830 mpo_check_proc_setaudit_t mpo_check_proc_setaudit;
831 mpo_check_proc_setauid_t mpo_check_proc_setauid;
832 mpo_check_proc_setuid_t mpo_check_proc_setuid;
833 mpo_check_proc_seteuid_t mpo_check_proc_seteuid;
834 mpo_check_proc_setgid_t mpo_check_proc_setgid;
835 mpo_check_proc_setegid_t mpo_check_proc_setegid;
836 mpo_check_proc_setgroups_t mpo_check_proc_setgroups;
837 mpo_check_proc_setreuid_t mpo_check_proc_setreuid;
838 mpo_check_proc_setregid_t mpo_check_proc_setregid;
839 mpo_check_proc_setresuid_t mpo_check_proc_setresuid;
840 mpo_check_proc_setresgid_t mpo_check_proc_setresgid;
841 mpo_check_proc_signal_t mpo_check_proc_signal;
842 mpo_check_proc_wait_t mpo_check_proc_wait;
843 mpo_check_socket_accept_t mpo_check_socket_accept;
844 mpo_check_socket_bind_t mpo_check_socket_bind;
845 mpo_check_socket_connect_t mpo_check_socket_connect;
846 mpo_check_socket_create_t mpo_check_socket_create;
847 mpo_check_socket_deliver_t mpo_check_socket_deliver;
848 mpo_placeholder_t _mpo_placeholder22;
849 mpo_check_socket_listen_t mpo_check_socket_listen;
850 mpo_check_socket_poll_t mpo_check_socket_poll;
851 mpo_check_socket_receive_t mpo_check_socket_receive;
852 mpo_check_socket_relabel_t mpo_check_socket_relabel;
853 mpo_check_socket_send_t mpo_check_socket_send;
854 mpo_check_socket_stat_t mpo_check_socket_stat;
855 mpo_check_socket_visible_t mpo_check_socket_visible;
856 mpo_check_system_acct_t mpo_check_system_acct;
857 mpo_check_system_audit_t mpo_check_system_audit;
858 mpo_check_system_auditctl_t mpo_check_system_auditctl;
859 mpo_check_system_auditon_t mpo_check_system_auditon;
860 mpo_check_system_reboot_t mpo_check_system_reboot;
861 mpo_check_system_swapon_t mpo_check_system_swapon;
862 mpo_check_system_swapoff_t mpo_check_system_swapoff;
863 mpo_check_system_sysctl_t mpo_check_system_sysctl;
864 mpo_placeholder_t _mpo_placeholder23;
865 mpo_check_vnode_access_t mpo_check_vnode_access;
866 mpo_check_vnode_chdir_t mpo_check_vnode_chdir;
867 mpo_check_vnode_chroot_t mpo_check_vnode_chroot;
868 mpo_check_vnode_create_t mpo_check_vnode_create;
869 mpo_check_vnode_delete_t mpo_check_vnode_delete;
870 mpo_check_vnode_deleteacl_t mpo_check_vnode_deleteacl;
871 mpo_check_vnode_deleteextattr_t mpo_check_vnode_deleteextattr;
872 mpo_check_vnode_exec_t mpo_check_vnode_exec;
873 mpo_check_vnode_getacl_t mpo_check_vnode_getacl;
874 mpo_check_vnode_getextattr_t mpo_check_vnode_getextattr;
875 mpo_placeholder_t _mpo_placeholder24;
876 mpo_check_vnode_link_t mpo_check_vnode_link;
877 mpo_check_vnode_listextattr_t mpo_check_vnode_listextattr;
878 mpo_check_vnode_lookup_t mpo_check_vnode_lookup;
879 mpo_check_vnode_mmap_t mpo_check_vnode_mmap;
880 mpo_check_vnode_mmap_downgrade_t mpo_check_vnode_mmap_downgrade;
881 mpo_check_vnode_mprotect_t mpo_check_vnode_mprotect;
882 mpo_check_vnode_open_t mpo_check_vnode_open;
883 mpo_check_vnode_poll_t mpo_check_vnode_poll;
884 mpo_check_vnode_read_t mpo_check_vnode_read;
885 mpo_check_vnode_readdir_t mpo_check_vnode_readdir;
886 mpo_check_vnode_readlink_t mpo_check_vnode_readlink;
887 mpo_check_vnode_relabel_t mpo_check_vnode_relabel;
888 mpo_check_vnode_rename_from_t mpo_check_vnode_rename_from;
889 mpo_check_vnode_rename_to_t mpo_check_vnode_rename_to;
890 mpo_check_vnode_revoke_t mpo_check_vnode_revoke;
891 mpo_check_vnode_setacl_t mpo_check_vnode_setacl;
892 mpo_check_vnode_setextattr_t mpo_check_vnode_setextattr;
893 mpo_check_vnode_setflags_t mpo_check_vnode_setflags;
894 mpo_check_vnode_setmode_t mpo_check_vnode_setmode;
895 mpo_check_vnode_setowner_t mpo_check_vnode_setowner;
896 mpo_check_vnode_setutimes_t mpo_check_vnode_setutimes;
897 mpo_check_vnode_stat_t mpo_check_vnode_stat;
898 mpo_check_vnode_write_t mpo_check_vnode_write;
899 mpo_associate_nfsd_label_t mpo_associate_nfsd_label;
900 mpo_create_mbuf_from_firewall_t mpo_create_mbuf_from_firewall;
901 mpo_init_syncache_label_t mpo_init_syncache_label;
902 mpo_destroy_syncache_label_t mpo_destroy_syncache_label;
903 mpo_init_syncache_from_inpcb_t mpo_init_syncache_from_inpcb;
904 mpo_create_mbuf_from_syncache_t mpo_create_mbuf_from_syncache;
905 mpo_priv_check_t mpo_priv_check;
906 mpo_priv_grant_t mpo_priv_grant;
907};
908
909/*
910 * struct mac_policy_conf is the registration structure for policies, and is
911 * provided to the MAC Framework using MAC_POLICY_SET() to invoke a SYSINIT
912 * to register the policy. In general, the fields are immutable, with the
913 * exception of the "security field", run-time flags, and policy list entry,
914 * which are managed by the MAC Framework. Be careful when modifying this
915 * structure, as its layout is statically compiled into all policies.
916 */
917struct mac_policy_conf {
918 char *mpc_name; /* policy name */
919 char *mpc_fullname; /* policy full name */
920 struct mac_policy_ops *mpc_ops; /* policy operations */
921 int mpc_loadtime_flags; /* flags */
922 int *mpc_field_off; /* security field */
923 int mpc_runtime_flags; /* flags */
924 LIST_ENTRY(mac_policy_conf) mpc_list; /* global list */
925};
926
927/* Flags for the mpc_loadtime_flags field. */
928#define MPC_LOADTIME_FLAG_NOTLATE 0x00000001
929#define MPC_LOADTIME_FLAG_UNLOADOK 0x00000002
930#define MPC_LOADTIME_FLAG_LABELMBUFS 0x00000004
931
932/* Flags for the mpc_runtime_flags field. */
933#define MPC_RUNTIME_FLAG_REGISTERED 0x00000001
934
935/*-
936 * The TrustedBSD MAC Framework has a major version number, MAC_VERSION,
937 * which defines the ABI of the Framework present in the kernel (and depended
938 * on by policy modules compiled against that kernel). Currently,
939 * MAC_POLICY_SET() requires that the kernel and module ABI version numbers
940 * exactly match. The following major versions have been defined to date:
941 *
942 * MAC version FreeBSD versions
943 * 1 5.x
944 * 2 6.x
945 * 3 7.x
946 */
947#define MAC_VERSION 3
948
949#define MAC_POLICY_SET(mpops, mpname, mpfullname, mpflags, privdata_wanted) \
950 static struct mac_policy_conf mpname##_mac_policy_conf = { \
951 #mpname, \
952 mpfullname, \
953 mpops, \
954 mpflags, \
955 privdata_wanted, \
956 0, \
957 }; \
958 static moduledata_t mpname##_mod = { \
959 #mpname, \
960 mac_policy_modevent, \
961 &mpname##_mac_policy_conf \
962 }; \
963 MODULE_DEPEND(mpname, kernel_mac_support, MAC_VERSION, \
964 MAC_VERSION, MAC_VERSION); \
965 DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY, \
966 SI_ORDER_MIDDLE)
967
968int mac_policy_modevent(module_t mod, int type, void *data);
969
970/*
971 * Policy interface to map a struct label pointer to per-policy data.
972 * Typically, policies wrap this in their own accessor macro that casts a
973 * uintptr_t to a policy-specific data type.
974 */
975intptr_t mac_label_get(struct label *l, int slot);
976void mac_label_set(struct label *l, int slot, intptr_t v);
977
978#endif /* !_SYS_SECURITY_MAC_MAC_POLICY_H_ */
2 * Copyright (c) 1999-2002 Robert N. M. Watson
3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc.
4 * Copyright (c) 2005-2006 SPARTA, Inc.
5 * All rights reserved.
6 *
7 * This software was developed by Robert Watson for the TrustedBSD Project.
8 *
9 * This software was developed for the FreeBSD Project in part by Network
10 * Associates Laboratories, the Security Research Division of Network
11 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
12 * as part of the DARPA CHATS research program.
13 *
14 * This software was enhanced by SPARTA ISSO under SPAWAR contract
15 * N66001-04-C-6019 ("SEFOS").
16 *
17 * Redistribution and use in source and binary forms, with or without
18 * modification, are permitted provided that the following conditions
19 * are met:
20 * 1. Redistributions of source code must retain the above copyright
21 * notice, this list of conditions and the following disclaimer.
22 * 2. Redistributions in binary form must reproduce the above copyright
23 * notice, this list of conditions and the following disclaimer in the
24 * documentation and/or other materials provided with the distribution.
25 *
26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * SUCH DAMAGE.
37 *
38 * $FreeBSD: head/sys/security/mac/mac_policy.h 168954 2007-04-22 16:18:10Z rwatson $
39 */
40/*
41 * Kernel interface for MAC policy modules.
42 */
43#ifndef _SYS_SECURITY_MAC_MAC_POLICY_H_
44#define _SYS_SECURITY_MAC_MAC_POLICY_H_
45
46#ifndef _KERNEL
47#error "no user-serviceable parts inside"
48#endif
49
50/*-
51 * Pluggable access control policy definition structure.
52 *
53 * List of operations that are performed as part of the implementation of a
54 * MAC policy. Policy implementors declare operations with a mac_policy_ops
55 * structure, and using the MAC_POLICY_SET() macro. If an entry point is not
56 * declared, then then the policy will be ignored during evaluation of that
57 * event or check.
58 *
59 * Operations are sorted first by general class of operation, then
60 * alphabetically.
61 */
62#include <sys/acl.h> /* XXX acl_type_t */
63
64struct acl;
65struct auditinfo;
66struct bpf_d;
67struct cdev;
68struct componentname;
69struct devfs_dirent;
70struct ifnet;
71struct image_params;
72struct inpcb;
73struct ipq;
74struct ksem;
75struct label;
76struct mac_policy_conf;
77struct mbuf;
78struct mount;
79struct msg;
80struct msqid_kernel;
81struct pipepair;
82struct proc;
83struct sbuf;
84struct semid_kernel;
85struct shmid_kernel;
86struct sockaddr;
87struct socket;
88struct sysctl_oid;
89struct sysctl_req;
90struct thread;
91struct ucred;
92struct uio;
93struct vattr;
94struct vnode;
95
96/*
97 * Policy module operations.
98 */
99typedef void (*mpo_destroy_t)(struct mac_policy_conf *mpc);
100typedef void (*mpo_init_t)(struct mac_policy_conf *mpc);
101
102/*
103 * General policy-directed security system call so that policies may
104 * implement new services without reserving explicit system call numbers.
105 */
106typedef int (*mpo_syscall_t)(struct thread *td, int call, void *arg);
107
108/*
109 * Place-holder function pointers for ABI-compatibility purposes.
110 */
111typedef void (*mpo_placeholder_t)(void);
112
113/*
114 * Label operations. Initialize label storage, destroy label storage,
115 * recycle for re-use without init/destroy, copy a label to initialized
116 * storage, and externalize/internalize from/to initialized storage.
117 */
118typedef void (*mpo_init_bpfdesc_label_t)(struct label *label);
119typedef void (*mpo_init_cred_label_t)(struct label *label);
120typedef void (*mpo_init_devfsdirent_label_t)(struct label *label);
121typedef void (*mpo_init_ifnet_label_t)(struct label *label);
122typedef int (*mpo_init_inpcb_label_t)(struct label *label, int flag);
123typedef void (*mpo_init_sysv_msgmsg_label_t)(struct label *label);
124typedef void (*mpo_init_sysv_msgqueue_label_t)(struct label *label);
125typedef void (*mpo_init_sysv_sem_label_t)(struct label *label);
126typedef void (*mpo_init_sysv_shm_label_t)(struct label *label);
127typedef int (*mpo_init_ipq_label_t)(struct label *label, int flag);
128typedef int (*mpo_init_mbuf_label_t)(struct label *label, int flag);
129typedef void (*mpo_init_mount_label_t)(struct label *label);
130typedef int (*mpo_init_socket_label_t)(struct label *label, int flag);
131typedef int (*mpo_init_socket_peer_label_t)(struct label *label,
132 int flag);
133typedef void (*mpo_init_pipe_label_t)(struct label *label);
134typedef void (*mpo_init_posix_sem_label_t)(struct label *label);
135typedef void (*mpo_init_proc_label_t)(struct label *label);
136typedef void (*mpo_init_vnode_label_t)(struct label *label);
137typedef void (*mpo_destroy_bpfdesc_label_t)(struct label *label);
138typedef void (*mpo_destroy_cred_label_t)(struct label *label);
139typedef void (*mpo_destroy_devfsdirent_label_t)(struct label *label);
140typedef void (*mpo_destroy_ifnet_label_t)(struct label *label);
141typedef void (*mpo_destroy_inpcb_label_t)(struct label *label);
142typedef void (*mpo_destroy_sysv_msgmsg_label_t)(struct label *label);
143typedef void (*mpo_destroy_sysv_msgqueue_label_t)(struct label *label);
144typedef void (*mpo_destroy_sysv_sem_label_t)(struct label *label);
145typedef void (*mpo_destroy_sysv_shm_label_t)(struct label *label);
146typedef void (*mpo_destroy_ipq_label_t)(struct label *label);
147typedef void (*mpo_destroy_mbuf_label_t)(struct label *label);
148typedef void (*mpo_destroy_mount_label_t)(struct label *label);
149typedef void (*mpo_destroy_socket_label_t)(struct label *label);
150typedef void (*mpo_destroy_socket_peer_label_t)(struct label *label);
151typedef void (*mpo_destroy_pipe_label_t)(struct label *label);
152typedef void (*mpo_destroy_posix_sem_label_t)(struct label *label);
153typedef void (*mpo_destroy_proc_label_t)(struct label *label);
154typedef void (*mpo_destroy_vnode_label_t)(struct label *label);
155typedef void (*mpo_cleanup_sysv_msgmsg_t)(struct label *msglabel);
156typedef void (*mpo_cleanup_sysv_msgqueue_t)(struct label *msqlabel);
157typedef void (*mpo_cleanup_sysv_sem_t)(struct label *semalabel);
158typedef void (*mpo_cleanup_sysv_shm_t)(struct label *shmlabel);
159typedef void (*mpo_copy_cred_label_t)(struct label *src,
160 struct label *dest);
161typedef void (*mpo_copy_ifnet_label_t)(struct label *src,
162 struct label *dest);
163typedef void (*mpo_copy_mbuf_label_t)(struct label *src,
164 struct label *dest);
165typedef void (*mpo_copy_pipe_label_t)(struct label *src,
166 struct label *dest);
167typedef void (*mpo_copy_socket_label_t)(struct label *src,
168 struct label *dest);
169typedef void (*mpo_copy_vnode_label_t)(struct label *src,
170 struct label *dest);
171typedef int (*mpo_externalize_cred_label_t)(struct label *label,
172 char *element_name, struct sbuf *sb, int *claimed);
173typedef int (*mpo_externalize_ifnet_label_t)(struct label *label,
174 char *element_name, struct sbuf *sb, int *claimed);
175typedef int (*mpo_externalize_pipe_label_t)(struct label *label,
176 char *element_name, struct sbuf *sb, int *claimed);
177typedef int (*mpo_externalize_socket_label_t)(struct label *label,
178 char *element_name, struct sbuf *sb, int *claimed);
179typedef int (*mpo_externalize_socket_peer_label_t)(struct label *label,
180 char *element_name, struct sbuf *sb, int *claimed);
181typedef int (*mpo_externalize_vnode_label_t)(struct label *label,
182 char *element_name, struct sbuf *sb, int *claimed);
183typedef int (*mpo_internalize_cred_label_t)(struct label *label,
184 char *element_name, char *element_data, int *claimed);
185typedef int (*mpo_internalize_ifnet_label_t)(struct label *label,
186 char *element_name, char *element_data, int *claimed);
187typedef int (*mpo_internalize_pipe_label_t)(struct label *label,
188 char *element_name, char *element_data, int *claimed);
189typedef int (*mpo_internalize_socket_label_t)(struct label *label,
190 char *element_name, char *element_data, int *claimed);
191typedef int (*mpo_internalize_vnode_label_t)(struct label *label,
192 char *element_name, char *element_data, int *claimed);
193
194/*
195 * Labeling event operations: file system objects, and things that look a lot
196 * like file system objects.
197 */
198typedef void (*mpo_associate_vnode_devfs_t)(struct mount *mp,
199 struct label *mntlabel, struct devfs_dirent *de,
200 struct label *delabel, struct vnode *vp,
201 struct label *vlabel);
202typedef int (*mpo_associate_vnode_extattr_t)(struct mount *mp,
203 struct label *mntlabel, struct vnode *vp,
204 struct label *vlabel);
205typedef void (*mpo_associate_vnode_singlelabel_t)(struct mount *mp,
206 struct label *mntlabel, struct vnode *vp,
207 struct label *vlabel);
208typedef void (*mpo_create_devfs_device_t)(struct ucred *cred,
209 struct mount *mp, struct cdev *dev,
210 struct devfs_dirent *de, struct label *label);
211typedef void (*mpo_create_devfs_directory_t)(struct mount *mp,
212 char *dirname, int dirnamelen, struct devfs_dirent *de,
213 struct label *label);
214typedef void (*mpo_create_devfs_symlink_t)(struct ucred *cred,
215 struct mount *mp, struct devfs_dirent *dd,
216 struct label *ddlabel, struct devfs_dirent *de,
217 struct label *delabel);
218typedef int (*mpo_create_vnode_extattr_t)(struct ucred *cred,
219 struct mount *mp, struct label *mntlabel,
220 struct vnode *dvp, struct label *dlabel,
221 struct vnode *vp, struct label *vlabel,
222 struct componentname *cnp);
223typedef void (*mpo_create_mount_t)(struct ucred *cred, struct mount *mp,
224 struct label *mntlabel);
225typedef void (*mpo_relabel_vnode_t)(struct ucred *cred, struct vnode *vp,
226 struct label *vnodelabel, struct label *label);
227typedef int (*mpo_setlabel_vnode_extattr_t)(struct ucred *cred,
228 struct vnode *vp, struct label *vlabel,
229 struct label *intlabel);
230typedef void (*mpo_update_devfsdirent_t)(struct mount *mp,
231 struct devfs_dirent *devfs_dirent,
232 struct label *direntlabel, struct vnode *vp,
233 struct label *vnodelabel);
234
235/*
236 * Labeling event operations: IPC objects.
237 */
238typedef void (*mpo_create_mbuf_from_socket_t)(struct socket *so,
239 struct label *socketlabel, struct mbuf *m,
240 struct label *mbuflabel);
241typedef void (*mpo_create_socket_t)(struct ucred *cred, struct socket *so,
242 struct label *socketlabel);
243typedef void (*mpo_create_socket_from_socket_t)(struct socket *oldsocket,
244 struct label *oldsocketlabel, struct socket *newsocket,
245 struct label *newsocketlabel);
246typedef void (*mpo_relabel_socket_t)(struct ucred *cred, struct socket *so,
247 struct label *oldlabel, struct label *newlabel);
248typedef void (*mpo_relabel_pipe_t)(struct ucred *cred, struct pipepair *pp,
249 struct label *oldlabel, struct label *newlabel);
250typedef void (*mpo_set_socket_peer_from_mbuf_t)(struct mbuf *mbuf,
251 struct label *mbuflabel, struct socket *so,
252 struct label *socketpeerlabel);
253typedef void (*mpo_set_socket_peer_from_socket_t)(struct socket *oldsocket,
254 struct label *oldsocketlabel, struct socket *newsocket,
255 struct label *newsocketpeerlabel);
256typedef void (*mpo_create_pipe_t)(struct ucred *cred, struct pipepair *pp,
257 struct label *pipelabel);
258
259/*
260 * Labeling event operations: System V IPC primitives.
261 */
262typedef void (*mpo_create_sysv_msgmsg_t)(struct ucred *cred,
263 struct msqid_kernel *msqkptr, struct label *msqlabel,
264 struct msg *msgptr, struct label *msglabel);
265typedef void (*mpo_create_sysv_msgqueue_t)(struct ucred *cred,
266 struct msqid_kernel *msqkptr, struct label *msqlabel);
267typedef void (*mpo_create_sysv_sem_t)(struct ucred *cred,
268 struct semid_kernel *semakptr, struct label *semalabel);
269typedef void (*mpo_create_sysv_shm_t)(struct ucred *cred,
270 struct shmid_kernel *shmsegptr, struct label *shmlabel);
271
272/*
273 * Labeling event operations: POSIX (global/inter-process) semaphores.
274 */
275typedef void (*mpo_create_posix_sem_t)(struct ucred *cred,
276 struct ksem *ksemptr, struct label *ks_label);
277
278/*
279 * Labeling event operations: network objects.
280 */
281typedef void (*mpo_create_bpfdesc_t)(struct ucred *cred,
282 struct bpf_d *bpf_d, struct label *bpflabel);
283typedef void (*mpo_create_ifnet_t)(struct ifnet *ifnet,
284 struct label *ifnetlabel);
285typedef void (*mpo_create_inpcb_from_socket_t)(struct socket *so,
286 struct label *solabel, struct inpcb *inp,
287 struct label *inplabel);
288typedef void (*mpo_create_ipq_t)(struct mbuf *fragment,
289 struct label *fragmentlabel, struct ipq *ipq,
290 struct label *ipqlabel);
291typedef void (*mpo_create_datagram_from_ipq)
292 (struct ipq *ipq, struct label *ipqlabel,
293 struct mbuf *datagram, struct label *datagramlabel);
294typedef void (*mpo_create_fragment_t)(struct mbuf *datagram,
295 struct label *datagramlabel, struct mbuf *fragment,
296 struct label *fragmentlabel);
297typedef void (*mpo_create_mbuf_from_inpcb_t)(struct inpcb *inp,
298 struct label *inplabel, struct mbuf *m,
299 struct label *mlabel);
300typedef void (*mpo_create_mbuf_linklayer_t)(struct ifnet *ifnet,
301 struct label *ifnetlabel, struct mbuf *mbuf,
302 struct label *mbuflabel);
303typedef void (*mpo_create_mbuf_from_bpfdesc_t)(struct bpf_d *bpf_d,
304 struct label *bpflabel, struct mbuf *mbuf,
305 struct label *mbuflabel);
306typedef void (*mpo_create_mbuf_from_ifnet_t)(struct ifnet *ifnet,
307 struct label *ifnetlabel, struct mbuf *mbuf,
308 struct label *mbuflabel);
309typedef void (*mpo_create_mbuf_multicast_encap_t)(struct mbuf *oldmbuf,
310 struct label *oldmbuflabel, struct ifnet *ifnet,
311 struct label *ifnetlabel, struct mbuf *newmbuf,
312 struct label *newmbuflabel);
313typedef void (*mpo_create_mbuf_netlayer_t)(struct mbuf *oldmbuf,
314 struct label *oldmbuflabel, struct mbuf *newmbuf,
315 struct label *newmbuflabel);
316typedef int (*mpo_fragment_match_t)(struct mbuf *fragment,
317 struct label *fragmentlabel, struct ipq *ipq,
318 struct label *ipqlabel);
319typedef void (*mpo_reflect_mbuf_icmp_t)(struct mbuf *m,
320 struct label *mlabel);
321typedef void (*mpo_reflect_mbuf_tcp_t)(struct mbuf *m,
322 struct label *mlabel);
323typedef void (*mpo_relabel_ifnet_t)(struct ucred *cred,
324 struct ifnet *ifnet, struct label *ifnetlabel,
325 struct label *newlabel);
326typedef void (*mpo_update_ipq_t)(struct mbuf *fragment,
327 struct label *fragmentlabel, struct ipq *ipq,
328 struct label *ipqlabel);
329typedef void (*mpo_inpcb_sosetlabel_t)(struct socket *so,
330 struct label *label, struct inpcb *inp,
331 struct label *inplabel);
332
333typedef void (*mpo_create_mbuf_from_firewall_t)(struct mbuf *m,
334 struct label *label);
335typedef void (*mpo_destroy_syncache_label_t)(struct label *label);
336typedef int (*mpo_init_syncache_label_t)(struct label *label, int flag);
337typedef void (*mpo_init_syncache_from_inpcb_t)(struct label *label,
338 struct inpcb *inp);
339typedef void (*mpo_create_mbuf_from_syncache_t)(struct label *sc_label,
340 struct mbuf *m, struct label *mbuf_label);
341/*
342 * Labeling event operations: processes.
343 */
344typedef void (*mpo_execve_transition_t)(struct ucred *old,
345 struct ucred *new, struct vnode *vp,
346 struct label *vnodelabel, struct label *interpvnodelabel,
347 struct image_params *imgp, struct label *execlabel);
348typedef int (*mpo_execve_will_transition_t)(struct ucred *old,
349 struct vnode *vp, struct label *vnodelabel,
350 struct label *interpvnodelabel,
351 struct image_params *imgp, struct label *execlabel);
352typedef void (*mpo_create_proc0_t)(struct ucred *cred);
353typedef void (*mpo_create_proc1_t)(struct ucred *cred);
354typedef void (*mpo_relabel_cred_t)(struct ucred *cred,
355 struct label *newlabel);
356typedef void (*mpo_thread_userret_t)(struct thread *thread);
357
358/*
359 * Access control checks.
360 */
361typedef int (*mpo_check_bpfdesc_receive_t)(struct bpf_d *bpf_d,
362 struct label *bpflabel, struct ifnet *ifnet,
363 struct label *ifnetlabel);
364typedef int (*mpo_check_cred_relabel_t)(struct ucred *cred,
365 struct label *newlabel);
366typedef int (*mpo_check_cred_visible_t)(struct ucred *u1,
367 struct ucred *u2);
368typedef int (*mpo_check_ifnet_relabel_t)(struct ucred *cred,
369 struct ifnet *ifnet, struct label *ifnetlabel,
370 struct label *newlabel);
371typedef int (*mpo_check_ifnet_transmit_t)(struct ifnet *ifnet,
372 struct label *ifnetlabel, struct mbuf *m,
373 struct label *mbuflabel);
374typedef int (*mpo_check_inpcb_deliver_t)(struct inpcb *inp,
375 struct label *inplabel, struct mbuf *m,
376 struct label *mlabel);
377typedef int (*mpo_check_sysv_msgmsq_t)(struct ucred *cred,
378 struct msg *msgptr, struct label *msglabel,
379 struct msqid_kernel *msqkptr, struct label *msqklabel);
380typedef int (*mpo_check_sysv_msgrcv_t)(struct ucred *cred,
381 struct msg *msgptr, struct label *msglabel);
382typedef int (*mpo_check_sysv_msgrmid_t)(struct ucred *cred,
383 struct msg *msgptr, struct label *msglabel);
384typedef int (*mpo_check_sysv_msqget_t)(struct ucred *cred,
385 struct msqid_kernel *msqkptr, struct label *msqklabel);
386typedef int (*mpo_check_sysv_msqsnd_t)(struct ucred *cred,
387 struct msqid_kernel *msqkptr, struct label *msqklabel);
388typedef int (*mpo_check_sysv_msqrcv_t)(struct ucred *cred,
389 struct msqid_kernel *msqkptr, struct label *msqklabel);
390typedef int (*mpo_check_sysv_msqctl_t)(struct ucred *cred,
391 struct msqid_kernel *msqkptr, struct label *msqklabel,
392 int cmd);
393typedef int (*mpo_check_sysv_semctl_t)(struct ucred *cred,
394 struct semid_kernel *semakptr, struct label *semaklabel,
395 int cmd);
396typedef int (*mpo_check_sysv_semget_t)(struct ucred *cred,
397 struct semid_kernel *semakptr, struct label *semaklabel);
398typedef int (*mpo_check_sysv_semop_t)(struct ucred *cred,
399 struct semid_kernel *semakptr, struct label *semaklabel,
400 size_t accesstype);
401typedef int (*mpo_check_sysv_shmat_t)(struct ucred *cred,
402 struct shmid_kernel *shmsegptr,
403 struct label *shmseglabel, int shmflg);
404typedef int (*mpo_check_sysv_shmctl_t)(struct ucred *cred,
405 struct shmid_kernel *shmsegptr,
406 struct label *shmseglabel, int cmd);
407typedef int (*mpo_check_sysv_shmdt_t)(struct ucred *cred,
408 struct shmid_kernel *shmsegptr,
409 struct label *shmseglabel);
410typedef int (*mpo_check_sysv_shmget_t)(struct ucred *cred,
411 struct shmid_kernel *shmsegptr,
412 struct label *shmseglabel, int shmflg);
413typedef int (*mpo_check_kenv_dump_t)(struct ucred *cred);
414typedef int (*mpo_check_kenv_get_t)(struct ucred *cred, char *name);
415typedef int (*mpo_check_kenv_set_t)(struct ucred *cred, char *name,
416 char *value);
417typedef int (*mpo_check_kenv_unset_t)(struct ucred *cred, char *name);
418typedef int (*mpo_check_kld_load_t)(struct ucred *cred, struct vnode *vp,
419 struct label *vlabel);
420typedef int (*mpo_check_kld_stat_t)(struct ucred *cred);
421typedef int (*mpo_mpo_placeholder19_t)(void);
422typedef int (*mpo_mpo_placeholder20_t)(void);
423typedef int (*mpo_check_mount_stat_t)(struct ucred *cred,
424 struct mount *mp, struct label *mntlabel);
425typedef int (*mpo_mpo_placeholder21_t)(void);
426typedef int (*mpo_check_pipe_ioctl_t)(struct ucred *cred,
427 struct pipepair *pp, struct label *pipelabel,
428 unsigned long cmd, void *data);
429typedef int (*mpo_check_pipe_poll_t)(struct ucred *cred,
430 struct pipepair *pp, struct label *pipelabel);
431typedef int (*mpo_check_pipe_read_t)(struct ucred *cred,
432 struct pipepair *pp, struct label *pipelabel);
433typedef int (*mpo_check_pipe_relabel_t)(struct ucred *cred,
434 struct pipepair *pp, struct label *pipelabel,
435 struct label *newlabel);
436typedef int (*mpo_check_pipe_stat_t)(struct ucred *cred,
437 struct pipepair *pp, struct label *pipelabel);
438typedef int (*mpo_check_pipe_write_t)(struct ucred *cred,
439 struct pipepair *pp, struct label *pipelabel);
440typedef int (*mpo_check_posix_sem_destroy_t)(struct ucred *cred,
441 struct ksem *ksemptr, struct label *ks_label);
442typedef int (*mpo_check_posix_sem_getvalue_t)(struct ucred *cred,
443 struct ksem *ksemptr, struct label *ks_label);
444typedef int (*mpo_check_posix_sem_open_t)(struct ucred *cred,
445 struct ksem *ksemptr, struct label *ks_label);
446typedef int (*mpo_check_posix_sem_post_t)(struct ucred *cred,
447 struct ksem *ksemptr, struct label *ks_label);
448typedef int (*mpo_check_posix_sem_unlink_t)(struct ucred *cred,
449 struct ksem *ksemptr, struct label *ks_label);
450typedef int (*mpo_check_posix_sem_wait_t)(struct ucred *cred,
451 struct ksem *ksemptr, struct label *ks_label);
452typedef int (*mpo_check_proc_debug_t)(struct ucred *cred,
453 struct proc *proc);
454typedef int (*mpo_check_proc_sched_t)(struct ucred *cred,
455 struct proc *proc);
456typedef int (*mpo_check_proc_setaudit_t)(struct ucred *cred,
457 struct auditinfo *ai);
458typedef int (*mpo_check_proc_setauid_t)(struct ucred *cred, uid_t auid);
459typedef int (*mpo_check_proc_setuid_t)(struct ucred *cred, uid_t uid);
460typedef int (*mpo_check_proc_seteuid_t)(struct ucred *cred, uid_t euid);
461typedef int (*mpo_check_proc_setgid_t)(struct ucred *cred, gid_t gid);
462typedef int (*mpo_check_proc_setegid_t)(struct ucred *cred, gid_t egid);
463typedef int (*mpo_check_proc_setgroups_t)(struct ucred *cred, int ngroups,
464 gid_t *gidset);
465typedef int (*mpo_check_proc_setreuid_t)(struct ucred *cred, uid_t ruid,
466 uid_t euid);
467typedef int (*mpo_check_proc_setregid_t)(struct ucred *cred, gid_t rgid,
468 gid_t egid);
469typedef int (*mpo_check_proc_setresuid_t)(struct ucred *cred, uid_t ruid,
470 uid_t euid, uid_t suid);
471typedef int (*mpo_check_proc_setresgid_t)(struct ucred *cred, gid_t rgid,
472 gid_t egid, gid_t sgid);
473typedef int (*mpo_check_proc_signal_t)(struct ucred *cred,
474 struct proc *proc, int signum);
475typedef int (*mpo_check_proc_wait_t)(struct ucred *cred,
476 struct proc *proc);
477typedef int (*mpo_check_socket_accept_t)(struct ucred *cred,
478 struct socket *so, struct label *socketlabel);
479typedef int (*mpo_check_socket_bind_t)(struct ucred *cred,
480 struct socket *so, struct label *socketlabel,
481 struct sockaddr *sockaddr);
482typedef int (*mpo_check_socket_connect_t)(struct ucred *cred,
483 struct socket *so, struct label *socketlabel,
484 struct sockaddr *sockaddr);
485typedef int (*mpo_check_socket_create_t)(struct ucred *cred, int domain,
486 int type, int protocol);
487typedef int (*mpo_check_socket_deliver_t)(struct socket *so,
488 struct label *socketlabel, struct mbuf *m,
489 struct label *mbuflabel);
490typedef int (*mpo_check_socket_listen_t)(struct ucred *cred,
491 struct socket *so, struct label *socketlabel);
492typedef int (*mpo_check_socket_poll_t)(struct ucred *cred,
493 struct socket *so, struct label *socketlabel);
494typedef int (*mpo_check_socket_receive_t)(struct ucred *cred,
495 struct socket *so, struct label *socketlabel);
496typedef int (*mpo_check_socket_relabel_t)(struct ucred *cred,
497 struct socket *so, struct label *socketlabel,
498 struct label *newlabel);
499typedef int (*mpo_check_socket_send_t)(struct ucred *cred,
500 struct socket *so, struct label *socketlabel);
501typedef int (*mpo_check_socket_stat_t)(struct ucred *cred,
502 struct socket *so, struct label *socketlabel);
503typedef int (*mpo_check_socket_visible_t)(struct ucred *cred,
504 struct socket *so, struct label *socketlabel);
505typedef int (*mpo_check_system_acct_t)(struct ucred *cred,
506 struct vnode *vp, struct label *vlabel);
507typedef int (*mpo_check_system_audit_t)(struct ucred *cred, void *record,
508 int length);
509typedef int (*mpo_check_system_auditctl_t)(struct ucred *cred,
510 struct vnode *vp, struct label *vplabel);
511typedef int (*mpo_check_system_auditon_t)(struct ucred *cred, int cmd);
512typedef int (*mpo_check_system_reboot_t)(struct ucred *cred, int howto);
513typedef int (*mpo_check_system_swapon_t)(struct ucred *cred,
514 struct vnode *vp, struct label *label);
515typedef int (*mpo_check_system_swapoff_t)(struct ucred *cred,
516 struct vnode *vp, struct label *label);
517typedef int (*mpo_check_system_sysctl_t)(struct ucred *cred,
518 struct sysctl_oid *oidp, void *arg1, int arg2,
519 struct sysctl_req *req);
520typedef int (*mpo_check_vnode_access_t)(struct ucred *cred,
521 struct vnode *vp, struct label *label, int acc_mode);
522typedef int (*mpo_check_vnode_chdir_t)(struct ucred *cred,
523 struct vnode *dvp, struct label *dlabel);
524typedef int (*mpo_check_vnode_chroot_t)(struct ucred *cred,
525 struct vnode *dvp, struct label *dlabel);
526typedef int (*mpo_check_vnode_create_t)(struct ucred *cred,
527 struct vnode *dvp, struct label *dlabel,
528 struct componentname *cnp, struct vattr *vap);
529typedef int (*mpo_check_vnode_delete_t)(struct ucred *cred,
530 struct vnode *dvp, struct label *dlabel,
531 struct vnode *vp, struct label *label,
532 struct componentname *cnp);
533typedef int (*mpo_check_vnode_deleteacl_t)(struct ucred *cred,
534 struct vnode *vp, struct label *label, acl_type_t type);
535typedef int (*mpo_check_vnode_deleteextattr_t)(struct ucred *cred,
536 struct vnode *vp, struct label *label, int attrnamespace,
537 const char *name);
538typedef int (*mpo_check_vnode_exec_t)(struct ucred *cred,
539 struct vnode *vp, struct label *label,
540 struct image_params *imgp, struct label *execlabel);
541typedef int (*mpo_check_vnode_getacl_t)(struct ucred *cred,
542 struct vnode *vp, struct label *label, acl_type_t type);
543typedef int (*mpo_check_vnode_getextattr_t)(struct ucred *cred,
544 struct vnode *vp, struct label *label, int attrnamespace,
545 const char *name, struct uio *uio);
546typedef int (*mpo_check_vnode_link_t)(struct ucred *cred,
547 struct vnode *dvp, struct label *dlabel, struct vnode *vp,
548 struct label *label, struct componentname *cnp);
549typedef int (*mpo_check_vnode_listextattr_t)(struct ucred *cred,
550 struct vnode *vp, struct label *label,
551 int attrnamespace);
552typedef int (*mpo_check_vnode_lookup_t)(struct ucred *cred,
553 struct vnode *dvp, struct label *dlabel,
554 struct componentname *cnp);
555typedef int (*mpo_check_vnode_mmap_t)(struct ucred *cred,
556 struct vnode *vp, struct label *label, int prot,
557 int flags);
558typedef void (*mpo_check_vnode_mmap_downgrade_t)(struct ucred *cred,
559 struct vnode *vp, struct label *label, int *prot);
560typedef int (*mpo_check_vnode_mprotect_t)(struct ucred *cred,
561 struct vnode *vp, struct label *label, int prot);
562typedef int (*mpo_check_vnode_open_t)(struct ucred *cred,
563 struct vnode *vp, struct label *label, int acc_mode);
564typedef int (*mpo_check_vnode_poll_t)(struct ucred *active_cred,
565 struct ucred *file_cred, struct vnode *vp,
566 struct label *label);
567typedef int (*mpo_check_vnode_read_t)(struct ucred *active_cred,
568 struct ucred *file_cred, struct vnode *vp,
569 struct label *label);
570typedef int (*mpo_check_vnode_readdir_t)(struct ucred *cred,
571 struct vnode *dvp, struct label *dlabel);
572typedef int (*mpo_check_vnode_readlink_t)(struct ucred *cred,
573 struct vnode *vp, struct label *label);
574typedef int (*mpo_check_vnode_relabel_t)(struct ucred *cred,
575 struct vnode *vp, struct label *vnodelabel,
576 struct label *newlabel);
577typedef int (*mpo_check_vnode_rename_from_t)(struct ucred *cred,
578 struct vnode *dvp, struct label *dlabel,
579 struct vnode *vp, struct label *label,
580 struct componentname *cnp);
581typedef int (*mpo_check_vnode_rename_to_t)(struct ucred *cred,
582 struct vnode *dvp, struct label *dlabel,
583 struct vnode *vp, struct label *label, int samedir,
584 struct componentname *cnp);
585typedef int (*mpo_check_vnode_revoke_t)(struct ucred *cred,
586 struct vnode *vp, struct label *label);
587typedef int (*mpo_check_vnode_setacl_t)(struct ucred *cred,
588 struct vnode *vp, struct label *label, acl_type_t type,
589 struct acl *acl);
590typedef int (*mpo_check_vnode_setextattr_t)(struct ucred *cred,
591 struct vnode *vp, struct label *label, int attrnamespace,
592 const char *name, struct uio *uio);
593typedef int (*mpo_check_vnode_setflags_t)(struct ucred *cred,
594 struct vnode *vp, struct label *label, u_long flags);
595typedef int (*mpo_check_vnode_setmode_t)(struct ucred *cred,
596 struct vnode *vp, struct label *label, mode_t mode);
597typedef int (*mpo_check_vnode_setowner_t)(struct ucred *cred,
598 struct vnode *vp, struct label *label, uid_t uid,
599 gid_t gid);
600typedef int (*mpo_check_vnode_setutimes_t)(struct ucred *cred,
601 struct vnode *vp, struct label *label,
602 struct timespec atime, struct timespec mtime);
603typedef int (*mpo_check_vnode_stat_t)(struct ucred *active_cred,
604 struct ucred *file_cred, struct vnode *vp,
605 struct label *label);
606typedef int (*mpo_check_vnode_write_t)(struct ucred *active_cred,
607 struct ucred *file_cred, struct vnode *vp,
608 struct label *label);
609typedef void (*mpo_associate_nfsd_label_t)(struct ucred *cred);
610typedef int (*mpo_priv_check_t)(struct ucred *cred, int priv);
611typedef int (*mpo_priv_grant_t)(struct ucred *cred, int priv);
612
613struct mac_policy_ops {
614 /*
615 * Policy module operations.
616 */
617 mpo_destroy_t mpo_destroy;
618 mpo_init_t mpo_init;
619
620 /*
621 * General policy-directed security system call so that policies may
622 * implement new services without reserving explicit system call
623 * numbers.
624 */
625 mpo_syscall_t mpo_syscall;
626
627 /*
628 * Label operations. Initialize label storage, destroy label
629 * storage, recycle for re-use without init/destroy, copy a label to
630 * initialized storage, and externalize/internalize from/to
631 * initialized storage.
632 */
633 mpo_init_bpfdesc_label_t mpo_init_bpfdesc_label;
634 mpo_init_cred_label_t mpo_init_cred_label;
635 mpo_init_devfsdirent_label_t mpo_init_devfsdirent_label;
636 mpo_placeholder_t _mpo_placeholder0;
637 mpo_init_ifnet_label_t mpo_init_ifnet_label;
638 mpo_init_inpcb_label_t mpo_init_inpcb_label;
639 mpo_init_sysv_msgmsg_label_t mpo_init_sysv_msgmsg_label;
640 mpo_init_sysv_msgqueue_label_t mpo_init_sysv_msgqueue_label;
641 mpo_init_sysv_sem_label_t mpo_init_sysv_sem_label;
642 mpo_init_sysv_shm_label_t mpo_init_sysv_shm_label;
643 mpo_init_ipq_label_t mpo_init_ipq_label;
644 mpo_init_mbuf_label_t mpo_init_mbuf_label;
645 mpo_init_mount_label_t mpo_init_mount_label;
646 mpo_init_socket_label_t mpo_init_socket_label;
647 mpo_init_socket_peer_label_t mpo_init_socket_peer_label;
648 mpo_init_pipe_label_t mpo_init_pipe_label;
649 mpo_init_posix_sem_label_t mpo_init_posix_sem_label;
650 mpo_init_proc_label_t mpo_init_proc_label;
651 mpo_init_vnode_label_t mpo_init_vnode_label;
652 mpo_destroy_bpfdesc_label_t mpo_destroy_bpfdesc_label;
653 mpo_destroy_cred_label_t mpo_destroy_cred_label;
654 mpo_destroy_devfsdirent_label_t mpo_destroy_devfsdirent_label;
655 mpo_placeholder_t _mpo_placeholder1;
656 mpo_destroy_ifnet_label_t mpo_destroy_ifnet_label;
657 mpo_destroy_inpcb_label_t mpo_destroy_inpcb_label;
658 mpo_destroy_sysv_msgmsg_label_t mpo_destroy_sysv_msgmsg_label;
659 mpo_destroy_sysv_msgqueue_label_t mpo_destroy_sysv_msgqueue_label;
660 mpo_destroy_sysv_sem_label_t mpo_destroy_sysv_sem_label;
661 mpo_destroy_sysv_shm_label_t mpo_destroy_sysv_shm_label;
662 mpo_destroy_ipq_label_t mpo_destroy_ipq_label;
663 mpo_destroy_mbuf_label_t mpo_destroy_mbuf_label;
664 mpo_destroy_mount_label_t mpo_destroy_mount_label;
665 mpo_destroy_socket_label_t mpo_destroy_socket_label;
666 mpo_destroy_socket_peer_label_t mpo_destroy_socket_peer_label;
667 mpo_destroy_pipe_label_t mpo_destroy_pipe_label;
668 mpo_destroy_posix_sem_label_t mpo_destroy_posix_sem_label;
669 mpo_destroy_proc_label_t mpo_destroy_proc_label;
670 mpo_destroy_vnode_label_t mpo_destroy_vnode_label;
671 mpo_cleanup_sysv_msgmsg_t mpo_cleanup_sysv_msgmsg;
672 mpo_cleanup_sysv_msgqueue_t mpo_cleanup_sysv_msgqueue;
673 mpo_cleanup_sysv_sem_t mpo_cleanup_sysv_sem;
674 mpo_cleanup_sysv_shm_t mpo_cleanup_sysv_shm;
675 mpo_copy_cred_label_t mpo_copy_cred_label;
676 mpo_copy_ifnet_label_t mpo_copy_ifnet_label;
677 mpo_copy_mbuf_label_t mpo_copy_mbuf_label;
678 mpo_placeholder_t _mpo_placeholder2;
679 mpo_copy_pipe_label_t mpo_copy_pipe_label;
680 mpo_copy_socket_label_t mpo_copy_socket_label;
681 mpo_copy_vnode_label_t mpo_copy_vnode_label;
682 mpo_externalize_cred_label_t mpo_externalize_cred_label;
683 mpo_externalize_ifnet_label_t mpo_externalize_ifnet_label;
684 mpo_placeholder_t _mpo_placeholder3;
685 mpo_externalize_pipe_label_t mpo_externalize_pipe_label;
686 mpo_externalize_socket_label_t mpo_externalize_socket_label;
687 mpo_externalize_socket_peer_label_t mpo_externalize_socket_peer_label;
688 mpo_externalize_vnode_label_t mpo_externalize_vnode_label;
689 mpo_internalize_cred_label_t mpo_internalize_cred_label;
690 mpo_internalize_ifnet_label_t mpo_internalize_ifnet_label;
691 mpo_placeholder_t _mpo_placeholder4;
692 mpo_internalize_pipe_label_t mpo_internalize_pipe_label;
693 mpo_internalize_socket_label_t mpo_internalize_socket_label;
694 mpo_internalize_vnode_label_t mpo_internalize_vnode_label;
695
696 /*
697 * Labeling event operations: file system objects, and things that
698 * look a lot like file system objects.
699 */
700 mpo_associate_vnode_devfs_t mpo_associate_vnode_devfs;
701 mpo_associate_vnode_extattr_t mpo_associate_vnode_extattr;
702 mpo_associate_vnode_singlelabel_t mpo_associate_vnode_singlelabel;
703 mpo_create_devfs_device_t mpo_create_devfs_device;
704 mpo_create_devfs_directory_t mpo_create_devfs_directory;
705 mpo_create_devfs_symlink_t mpo_create_devfs_symlink;
706 mpo_placeholder_t _mpo_placeholder5;
707 mpo_create_vnode_extattr_t mpo_create_vnode_extattr;
708 mpo_create_mount_t mpo_create_mount;
709 mpo_relabel_vnode_t mpo_relabel_vnode;
710 mpo_setlabel_vnode_extattr_t mpo_setlabel_vnode_extattr;
711 mpo_update_devfsdirent_t mpo_update_devfsdirent;
712
713 /*
714 * Labeling event operations: IPC objects.
715 */
716 mpo_create_mbuf_from_socket_t mpo_create_mbuf_from_socket;
717 mpo_create_socket_t mpo_create_socket;
718 mpo_create_socket_from_socket_t mpo_create_socket_from_socket;
719 mpo_relabel_socket_t mpo_relabel_socket;
720 mpo_relabel_pipe_t mpo_relabel_pipe;
721 mpo_set_socket_peer_from_mbuf_t mpo_set_socket_peer_from_mbuf;
722 mpo_set_socket_peer_from_socket_t mpo_set_socket_peer_from_socket;
723 mpo_create_pipe_t mpo_create_pipe;
724
725 /*
726 * Labeling event operations: System V IPC primitives.
727 */
728 mpo_create_sysv_msgmsg_t mpo_create_sysv_msgmsg;
729 mpo_create_sysv_msgqueue_t mpo_create_sysv_msgqueue;
730 mpo_create_sysv_sem_t mpo_create_sysv_sem;
731 mpo_create_sysv_shm_t mpo_create_sysv_shm;
732
733 /*
734 * Labeling event operations: POSIX (global/inter-process) semaphores.
735 */
736 mpo_create_posix_sem_t mpo_create_posix_sem;
737
738 /*
739 * Labeling event operations: network objects.
740 */
741 mpo_create_bpfdesc_t mpo_create_bpfdesc;
742 mpo_create_ifnet_t mpo_create_ifnet;
743 mpo_create_inpcb_from_socket_t mpo_create_inpcb_from_socket;
744 mpo_create_ipq_t mpo_create_ipq;
745 mpo_create_datagram_from_ipq mpo_create_datagram_from_ipq;
746 mpo_create_fragment_t mpo_create_fragment;
747 mpo_create_mbuf_from_inpcb_t mpo_create_mbuf_from_inpcb;
748 mpo_create_mbuf_linklayer_t mpo_create_mbuf_linklayer;
749 mpo_create_mbuf_from_bpfdesc_t mpo_create_mbuf_from_bpfdesc;
750 mpo_create_mbuf_from_ifnet_t mpo_create_mbuf_from_ifnet;
751 mpo_create_mbuf_multicast_encap_t mpo_create_mbuf_multicast_encap;
752 mpo_create_mbuf_netlayer_t mpo_create_mbuf_netlayer;
753 mpo_fragment_match_t mpo_fragment_match;
754 mpo_reflect_mbuf_icmp_t mpo_reflect_mbuf_icmp;
755 mpo_reflect_mbuf_tcp_t mpo_reflect_mbuf_tcp;
756 mpo_relabel_ifnet_t mpo_relabel_ifnet;
757 mpo_update_ipq_t mpo_update_ipq;
758 mpo_inpcb_sosetlabel_t mpo_inpcb_sosetlabel;
759
760 /*
761 * Labeling event operations: processes.
762 */
763 mpo_execve_transition_t mpo_execve_transition;
764 mpo_execve_will_transition_t mpo_execve_will_transition;
765 mpo_create_proc0_t mpo_create_proc0;
766 mpo_create_proc1_t mpo_create_proc1;
767 mpo_relabel_cred_t mpo_relabel_cred;
768 mpo_placeholder_t _mpo_placeholder6;
769 mpo_thread_userret_t mpo_thread_userret;
770
771 /*
772 * Access control checks.
773 */
774 mpo_check_bpfdesc_receive_t mpo_check_bpfdesc_receive;
775 mpo_placeholder_t _mpo_placeholder7;
776 mpo_check_cred_relabel_t mpo_check_cred_relabel;
777 mpo_check_cred_visible_t mpo_check_cred_visible;
778 mpo_placeholder_t _mpo_placeholder8;
779 mpo_placeholder_t _mpo_placeholder9;
780 mpo_placeholder_t _mpo_placeholder10;
781 mpo_placeholder_t _mpo_placeholder11;
782 mpo_placeholder_t _mpo_placeholder12;
783 mpo_placeholder_t _mpo_placeholder13;
784 mpo_placeholder_t _mpo_placeholder14;
785 mpo_placeholder_t _mpo_placeholder15;
786 mpo_placeholder_t _mpo_placeholder16;
787 mpo_placeholder_t _mpo_placeholder17;
788 mpo_placeholder_t _mpo_placeholder18;
789 mpo_check_ifnet_relabel_t mpo_check_ifnet_relabel;
790 mpo_check_ifnet_transmit_t mpo_check_ifnet_transmit;
791 mpo_check_inpcb_deliver_t mpo_check_inpcb_deliver;
792 mpo_check_sysv_msgmsq_t mpo_check_sysv_msgmsq;
793 mpo_check_sysv_msgrcv_t mpo_check_sysv_msgrcv;
794 mpo_check_sysv_msgrmid_t mpo_check_sysv_msgrmid;
795 mpo_check_sysv_msqget_t mpo_check_sysv_msqget;
796 mpo_check_sysv_msqsnd_t mpo_check_sysv_msqsnd;
797 mpo_check_sysv_msqrcv_t mpo_check_sysv_msqrcv;
798 mpo_check_sysv_msqctl_t mpo_check_sysv_msqctl;
799 mpo_check_sysv_semctl_t mpo_check_sysv_semctl;
800 mpo_check_sysv_semget_t mpo_check_sysv_semget;
801 mpo_check_sysv_semop_t mpo_check_sysv_semop;
802 mpo_check_sysv_shmat_t mpo_check_sysv_shmat;
803 mpo_check_sysv_shmctl_t mpo_check_sysv_shmctl;
804 mpo_check_sysv_shmdt_t mpo_check_sysv_shmdt;
805 mpo_check_sysv_shmget_t mpo_check_sysv_shmget;
806 mpo_check_kenv_dump_t mpo_check_kenv_dump;
807 mpo_check_kenv_get_t mpo_check_kenv_get;
808 mpo_check_kenv_set_t mpo_check_kenv_set;
809 mpo_check_kenv_unset_t mpo_check_kenv_unset;
810 mpo_check_kld_load_t mpo_check_kld_load;
811 mpo_check_kld_stat_t mpo_check_kld_stat;
812 mpo_placeholder_t _mpo_placeholder19;
813 mpo_placeholder_t _mpo_placeholder20;
814 mpo_check_mount_stat_t mpo_check_mount_stat;
815 mpo_placeholder_t _mpo_placeholder_21;
816 mpo_check_pipe_ioctl_t mpo_check_pipe_ioctl;
817 mpo_check_pipe_poll_t mpo_check_pipe_poll;
818 mpo_check_pipe_read_t mpo_check_pipe_read;
819 mpo_check_pipe_relabel_t mpo_check_pipe_relabel;
820 mpo_check_pipe_stat_t mpo_check_pipe_stat;
821 mpo_check_pipe_write_t mpo_check_pipe_write;
822 mpo_check_posix_sem_destroy_t mpo_check_posix_sem_destroy;
823 mpo_check_posix_sem_getvalue_t mpo_check_posix_sem_getvalue;
824 mpo_check_posix_sem_open_t mpo_check_posix_sem_open;
825 mpo_check_posix_sem_post_t mpo_check_posix_sem_post;
826 mpo_check_posix_sem_unlink_t mpo_check_posix_sem_unlink;
827 mpo_check_posix_sem_wait_t mpo_check_posix_sem_wait;
828 mpo_check_proc_debug_t mpo_check_proc_debug;
829 mpo_check_proc_sched_t mpo_check_proc_sched;
830 mpo_check_proc_setaudit_t mpo_check_proc_setaudit;
831 mpo_check_proc_setauid_t mpo_check_proc_setauid;
832 mpo_check_proc_setuid_t mpo_check_proc_setuid;
833 mpo_check_proc_seteuid_t mpo_check_proc_seteuid;
834 mpo_check_proc_setgid_t mpo_check_proc_setgid;
835 mpo_check_proc_setegid_t mpo_check_proc_setegid;
836 mpo_check_proc_setgroups_t mpo_check_proc_setgroups;
837 mpo_check_proc_setreuid_t mpo_check_proc_setreuid;
838 mpo_check_proc_setregid_t mpo_check_proc_setregid;
839 mpo_check_proc_setresuid_t mpo_check_proc_setresuid;
840 mpo_check_proc_setresgid_t mpo_check_proc_setresgid;
841 mpo_check_proc_signal_t mpo_check_proc_signal;
842 mpo_check_proc_wait_t mpo_check_proc_wait;
843 mpo_check_socket_accept_t mpo_check_socket_accept;
844 mpo_check_socket_bind_t mpo_check_socket_bind;
845 mpo_check_socket_connect_t mpo_check_socket_connect;
846 mpo_check_socket_create_t mpo_check_socket_create;
847 mpo_check_socket_deliver_t mpo_check_socket_deliver;
848 mpo_placeholder_t _mpo_placeholder22;
849 mpo_check_socket_listen_t mpo_check_socket_listen;
850 mpo_check_socket_poll_t mpo_check_socket_poll;
851 mpo_check_socket_receive_t mpo_check_socket_receive;
852 mpo_check_socket_relabel_t mpo_check_socket_relabel;
853 mpo_check_socket_send_t mpo_check_socket_send;
854 mpo_check_socket_stat_t mpo_check_socket_stat;
855 mpo_check_socket_visible_t mpo_check_socket_visible;
856 mpo_check_system_acct_t mpo_check_system_acct;
857 mpo_check_system_audit_t mpo_check_system_audit;
858 mpo_check_system_auditctl_t mpo_check_system_auditctl;
859 mpo_check_system_auditon_t mpo_check_system_auditon;
860 mpo_check_system_reboot_t mpo_check_system_reboot;
861 mpo_check_system_swapon_t mpo_check_system_swapon;
862 mpo_check_system_swapoff_t mpo_check_system_swapoff;
863 mpo_check_system_sysctl_t mpo_check_system_sysctl;
864 mpo_placeholder_t _mpo_placeholder23;
865 mpo_check_vnode_access_t mpo_check_vnode_access;
866 mpo_check_vnode_chdir_t mpo_check_vnode_chdir;
867 mpo_check_vnode_chroot_t mpo_check_vnode_chroot;
868 mpo_check_vnode_create_t mpo_check_vnode_create;
869 mpo_check_vnode_delete_t mpo_check_vnode_delete;
870 mpo_check_vnode_deleteacl_t mpo_check_vnode_deleteacl;
871 mpo_check_vnode_deleteextattr_t mpo_check_vnode_deleteextattr;
872 mpo_check_vnode_exec_t mpo_check_vnode_exec;
873 mpo_check_vnode_getacl_t mpo_check_vnode_getacl;
874 mpo_check_vnode_getextattr_t mpo_check_vnode_getextattr;
875 mpo_placeholder_t _mpo_placeholder24;
876 mpo_check_vnode_link_t mpo_check_vnode_link;
877 mpo_check_vnode_listextattr_t mpo_check_vnode_listextattr;
878 mpo_check_vnode_lookup_t mpo_check_vnode_lookup;
879 mpo_check_vnode_mmap_t mpo_check_vnode_mmap;
880 mpo_check_vnode_mmap_downgrade_t mpo_check_vnode_mmap_downgrade;
881 mpo_check_vnode_mprotect_t mpo_check_vnode_mprotect;
882 mpo_check_vnode_open_t mpo_check_vnode_open;
883 mpo_check_vnode_poll_t mpo_check_vnode_poll;
884 mpo_check_vnode_read_t mpo_check_vnode_read;
885 mpo_check_vnode_readdir_t mpo_check_vnode_readdir;
886 mpo_check_vnode_readlink_t mpo_check_vnode_readlink;
887 mpo_check_vnode_relabel_t mpo_check_vnode_relabel;
888 mpo_check_vnode_rename_from_t mpo_check_vnode_rename_from;
889 mpo_check_vnode_rename_to_t mpo_check_vnode_rename_to;
890 mpo_check_vnode_revoke_t mpo_check_vnode_revoke;
891 mpo_check_vnode_setacl_t mpo_check_vnode_setacl;
892 mpo_check_vnode_setextattr_t mpo_check_vnode_setextattr;
893 mpo_check_vnode_setflags_t mpo_check_vnode_setflags;
894 mpo_check_vnode_setmode_t mpo_check_vnode_setmode;
895 mpo_check_vnode_setowner_t mpo_check_vnode_setowner;
896 mpo_check_vnode_setutimes_t mpo_check_vnode_setutimes;
897 mpo_check_vnode_stat_t mpo_check_vnode_stat;
898 mpo_check_vnode_write_t mpo_check_vnode_write;
899 mpo_associate_nfsd_label_t mpo_associate_nfsd_label;
900 mpo_create_mbuf_from_firewall_t mpo_create_mbuf_from_firewall;
901 mpo_init_syncache_label_t mpo_init_syncache_label;
902 mpo_destroy_syncache_label_t mpo_destroy_syncache_label;
903 mpo_init_syncache_from_inpcb_t mpo_init_syncache_from_inpcb;
904 mpo_create_mbuf_from_syncache_t mpo_create_mbuf_from_syncache;
905 mpo_priv_check_t mpo_priv_check;
906 mpo_priv_grant_t mpo_priv_grant;
907};
908
909/*
910 * struct mac_policy_conf is the registration structure for policies, and is
911 * provided to the MAC Framework using MAC_POLICY_SET() to invoke a SYSINIT
912 * to register the policy. In general, the fields are immutable, with the
913 * exception of the "security field", run-time flags, and policy list entry,
914 * which are managed by the MAC Framework. Be careful when modifying this
915 * structure, as its layout is statically compiled into all policies.
916 */
917struct mac_policy_conf {
918 char *mpc_name; /* policy name */
919 char *mpc_fullname; /* policy full name */
920 struct mac_policy_ops *mpc_ops; /* policy operations */
921 int mpc_loadtime_flags; /* flags */
922 int *mpc_field_off; /* security field */
923 int mpc_runtime_flags; /* flags */
924 LIST_ENTRY(mac_policy_conf) mpc_list; /* global list */
925};
926
927/* Flags for the mpc_loadtime_flags field. */
928#define MPC_LOADTIME_FLAG_NOTLATE 0x00000001
929#define MPC_LOADTIME_FLAG_UNLOADOK 0x00000002
930#define MPC_LOADTIME_FLAG_LABELMBUFS 0x00000004
931
932/* Flags for the mpc_runtime_flags field. */
933#define MPC_RUNTIME_FLAG_REGISTERED 0x00000001
934
935/*-
936 * The TrustedBSD MAC Framework has a major version number, MAC_VERSION,
937 * which defines the ABI of the Framework present in the kernel (and depended
938 * on by policy modules compiled against that kernel). Currently,
939 * MAC_POLICY_SET() requires that the kernel and module ABI version numbers
940 * exactly match. The following major versions have been defined to date:
941 *
942 * MAC version FreeBSD versions
943 * 1 5.x
944 * 2 6.x
945 * 3 7.x
946 */
947#define MAC_VERSION 3
948
949#define MAC_POLICY_SET(mpops, mpname, mpfullname, mpflags, privdata_wanted) \
950 static struct mac_policy_conf mpname##_mac_policy_conf = { \
951 #mpname, \
952 mpfullname, \
953 mpops, \
954 mpflags, \
955 privdata_wanted, \
956 0, \
957 }; \
958 static moduledata_t mpname##_mod = { \
959 #mpname, \
960 mac_policy_modevent, \
961 &mpname##_mac_policy_conf \
962 }; \
963 MODULE_DEPEND(mpname, kernel_mac_support, MAC_VERSION, \
964 MAC_VERSION, MAC_VERSION); \
965 DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY, \
966 SI_ORDER_MIDDLE)
967
968int mac_policy_modevent(module_t mod, int type, void *data);
969
970/*
971 * Policy interface to map a struct label pointer to per-policy data.
972 * Typically, policies wrap this in their own accessor macro that casts a
973 * uintptr_t to a policy-specific data type.
974 */
975intptr_t mac_label_get(struct label *l, int slot);
976void mac_label_set(struct label *l, int slot, intptr_t v);
977
978#endif /* !_SYS_SECURITY_MAC_MAC_POLICY_H_ */