mac_mls.c (122879) | mac_mls.c (123173) |
---|---|
1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001, 2002, 2003 Networks Associates Technology, Inc. 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by Network --- 17 unchanged lines hidden (view full) --- 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * | 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001, 2002, 2003 Networks Associates Technology, Inc. 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by Network --- 17 unchanged lines hidden (view full) --- 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * |
34 * $FreeBSD: head/sys/security/mac_mls/mac_mls.c 122879 2003-11-18 04:11:52Z rwatson $ | 34 * $FreeBSD: head/sys/security/mac_mls/mac_mls.c 123173 2003-12-06 21:48:03Z rwatson $ |
35 */ 36 37/* 38 * Developed by the TrustedBSD Project. 39 * MLS fixed label mandatory confidentiality policy. 40 */ 41 42#include <sys/types.h> --- 1210 unchanged lines hidden (view full) --- 1253 1254 mac_mls_copy(source, dest); 1255} 1256 1257/* 1258 * Labeling event operations: processes. 1259 */ 1260static void | 35 */ 36 37/* 38 * Developed by the TrustedBSD Project. 39 * MLS fixed label mandatory confidentiality policy. 40 */ 41 42#include <sys/types.h> --- 1210 unchanged lines hidden (view full) --- 1253 1254 mac_mls_copy(source, dest); 1255} 1256 1257/* 1258 * Labeling event operations: processes. 1259 */ 1260static void |
1261mac_mls_create_cred(struct ucred *cred_parent, struct ucred *cred_child) 1262{ 1263 struct mac_mls *source, *dest; 1264 1265 source = SLOT(cred_parent->cr_label); 1266 dest = SLOT(cred_child->cr_label); 1267 1268 mac_mls_copy_single(source, dest); 1269 mac_mls_copy_range(source, dest); 1270} 1271 1272static void | |
1273mac_mls_create_proc0(struct ucred *cred) 1274{ 1275 struct mac_mls *dest; 1276 1277 dest = SLOT(cred->cr_label); 1278 1279 mac_mls_set_single(dest, MAC_MLS_TYPE_EQUAL, 0, NULL); 1280 mac_mls_set_range(dest, MAC_MLS_TYPE_LOW, 0, NULL, MAC_MLS_TYPE_HIGH, --- 1154 unchanged lines hidden (view full) --- 2435 .mpo_destroy_ipq_label = mac_mls_destroy_label, 2436 .mpo_destroy_mbuf_label = mac_mls_destroy_label, 2437 .mpo_destroy_mount_label = mac_mls_destroy_label, 2438 .mpo_destroy_mount_fs_label = mac_mls_destroy_label, 2439 .mpo_destroy_pipe_label = mac_mls_destroy_label, 2440 .mpo_destroy_socket_label = mac_mls_destroy_label, 2441 .mpo_destroy_socket_peer_label = mac_mls_destroy_label, 2442 .mpo_destroy_vnode_label = mac_mls_destroy_label, | 1261mac_mls_create_proc0(struct ucred *cred) 1262{ 1263 struct mac_mls *dest; 1264 1265 dest = SLOT(cred->cr_label); 1266 1267 mac_mls_set_single(dest, MAC_MLS_TYPE_EQUAL, 0, NULL); 1268 mac_mls_set_range(dest, MAC_MLS_TYPE_LOW, 0, NULL, MAC_MLS_TYPE_HIGH, --- 1154 unchanged lines hidden (view full) --- 2423 .mpo_destroy_ipq_label = mac_mls_destroy_label, 2424 .mpo_destroy_mbuf_label = mac_mls_destroy_label, 2425 .mpo_destroy_mount_label = mac_mls_destroy_label, 2426 .mpo_destroy_mount_fs_label = mac_mls_destroy_label, 2427 .mpo_destroy_pipe_label = mac_mls_destroy_label, 2428 .mpo_destroy_socket_label = mac_mls_destroy_label, 2429 .mpo_destroy_socket_peer_label = mac_mls_destroy_label, 2430 .mpo_destroy_vnode_label = mac_mls_destroy_label, |
2431 .mpo_copy_cred_label = mac_mls_copy_label, |
|
2443 .mpo_copy_mbuf_label = mac_mls_copy_label, 2444 .mpo_copy_pipe_label = mac_mls_copy_label, 2445 .mpo_copy_socket_label = mac_mls_copy_label, 2446 .mpo_copy_vnode_label = mac_mls_copy_label, 2447 .mpo_externalize_cred_label = mac_mls_externalize_label, 2448 .mpo_externalize_ifnet_label = mac_mls_externalize_label, 2449 .mpo_externalize_pipe_label = mac_mls_externalize_label, 2450 .mpo_externalize_socket_label = mac_mls_externalize_label, --- 35 unchanged lines hidden (view full) --- 2486 .mpo_create_mbuf_from_bpfdesc = mac_mls_create_mbuf_from_bpfdesc, 2487 .mpo_create_mbuf_from_ifnet = mac_mls_create_mbuf_from_ifnet, 2488 .mpo_create_mbuf_multicast_encap = mac_mls_create_mbuf_multicast_encap, 2489 .mpo_create_mbuf_netlayer = mac_mls_create_mbuf_netlayer, 2490 .mpo_fragment_match = mac_mls_fragment_match, 2491 .mpo_relabel_ifnet = mac_mls_relabel_ifnet, 2492 .mpo_update_ipq = mac_mls_update_ipq, 2493 .mpo_inpcb_sosetlabel = mac_mls_inpcb_sosetlabel, | 2432 .mpo_copy_mbuf_label = mac_mls_copy_label, 2433 .mpo_copy_pipe_label = mac_mls_copy_label, 2434 .mpo_copy_socket_label = mac_mls_copy_label, 2435 .mpo_copy_vnode_label = mac_mls_copy_label, 2436 .mpo_externalize_cred_label = mac_mls_externalize_label, 2437 .mpo_externalize_ifnet_label = mac_mls_externalize_label, 2438 .mpo_externalize_pipe_label = mac_mls_externalize_label, 2439 .mpo_externalize_socket_label = mac_mls_externalize_label, --- 35 unchanged lines hidden (view full) --- 2475 .mpo_create_mbuf_from_bpfdesc = mac_mls_create_mbuf_from_bpfdesc, 2476 .mpo_create_mbuf_from_ifnet = mac_mls_create_mbuf_from_ifnet, 2477 .mpo_create_mbuf_multicast_encap = mac_mls_create_mbuf_multicast_encap, 2478 .mpo_create_mbuf_netlayer = mac_mls_create_mbuf_netlayer, 2479 .mpo_fragment_match = mac_mls_fragment_match, 2480 .mpo_relabel_ifnet = mac_mls_relabel_ifnet, 2481 .mpo_update_ipq = mac_mls_update_ipq, 2482 .mpo_inpcb_sosetlabel = mac_mls_inpcb_sosetlabel, |
2494 .mpo_create_cred = mac_mls_create_cred, | |
2495 .mpo_create_proc0 = mac_mls_create_proc0, 2496 .mpo_create_proc1 = mac_mls_create_proc1, 2497 .mpo_relabel_cred = mac_mls_relabel_cred, 2498 .mpo_check_bpfdesc_receive = mac_mls_check_bpfdesc_receive, 2499 .mpo_check_cred_relabel = mac_mls_check_cred_relabel, 2500 .mpo_check_cred_visible = mac_mls_check_cred_visible, 2501 .mpo_check_ifnet_relabel = mac_mls_check_ifnet_relabel, 2502 .mpo_check_ifnet_transmit = mac_mls_check_ifnet_transmit, --- 51 unchanged lines hidden --- | 2483 .mpo_create_proc0 = mac_mls_create_proc0, 2484 .mpo_create_proc1 = mac_mls_create_proc1, 2485 .mpo_relabel_cred = mac_mls_relabel_cred, 2486 .mpo_check_bpfdesc_receive = mac_mls_check_bpfdesc_receive, 2487 .mpo_check_cred_relabel = mac_mls_check_cred_relabel, 2488 .mpo_check_cred_visible = mac_mls_check_cred_visible, 2489 .mpo_check_ifnet_relabel = mac_mls_check_ifnet_relabel, 2490 .mpo_check_ifnet_transmit = mac_mls_check_ifnet_transmit, --- 51 unchanged lines hidden --- |