Cross Reference: /freebsd-10.3-release/sys/security/mac_mls/mac

Deleted Added

sdiff udiff text old ( 173108 ) new ( 173138 )

full compact

mac_mls.c (173108)	mac_mls.c (173138)
1/- 2 Copyright (c) 1999-2002, 2007 Robert N. M. Watson 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * Copyright (c) 2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 *	1/- 2 Copyright (c) 1999-2002, 2007 Robert N. M. Watson 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * Copyright (c) 2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 *
38 * $FreeBSD: head/sys/security/mac_mls/mac_mls.c 173108 2007-10-28 17:55:57Z rwatson $	38 * $FreeBSD: head/sys/security/mac_mls/mac_mls.c 173138 2007-10-29 13:33:06Z rwatson $
39 / 40 41/ 42 * Developed by the TrustedBSD Project. 43 * 44 * MLS fixed label mandatory confidentiality policy. 45 / 46 --- 684 unchanged lines hidden* (view full) --- 731 732static void 733mls_copy_label(struct label src, struct label dest) 734{ 735 736 SLOT(dest) = SLOT(src); 737} 738	39 / 40 41/ 42 * Developed by the TrustedBSD Project. 43 * 44 * MLS fixed label mandatory confidentiality policy. 45 / 46 --- 684 unchanged lines hidden* (view full) --- 731 732static void 733mls_copy_label(struct label src, struct label dest) 734{ 735 736 SLOT(dest) = SLOT(src); 737} 738
	739
739/*	740/*
740 * Labeling event operations: file system objects, and things that look a lot 741 * like file system objects.	741 * Object-specific entry point implementations are sorted alphabetically by 742 * object type name and then by operation.
742 */	743 */
	744static int 745mls_bpfdesc_check_receive(struct bpf_d d, struct label dlabel, 746 struct ifnet ifp, struct label ifplabel) 747{ 748 struct mac_mls a, b; 749 750 if (!mls_enabled) 751 return (0); 752 753 a = SLOT(dlabel); 754 b = SLOT(ifplabel); 755 756 if (mls_equal_effective(a, b)) 757 return (0); 758 return (EACCES); 759} 760
743static void	761static void
	762mls_bpfdesc_create(struct ucred cred, struct bpf_d d, struct label dlabel) 763{ 764* struct mac_mls source, dest; 765 766 source = SLOT(cred->cr_label); 767 dest = SLOT(dlabel); 768 769 mls_copy_effective(source, dest); 770} 771 772static void 773mls_bpfdesc_create_mbuf(struct bpf_d d, struct label dlabel, 774 struct mbuf m, struct label mlabel) 775{ 776 struct mac_mls source, dest; 777 778 source = SLOT(dlabel); 779 dest = SLOT(mlabel); 780 781 mls_copy_effective(source, dest); 782} 783 784static int 785mls_cred_check_relabel(struct ucred cred, struct label newlabel) 786{ 787 struct mac_mls subj, new; 788 int error; 789 790 subj = SLOT(cred->cr_label); 791 new = SLOT(newlabel); 792 793 /* 794 * If there is an MLS label update for the credential, it may be an 795 * update of effective, range, or both. 796 / 797* error = mls_atmostflags(new, MAC_MLS_FLAGS_BOTH); 798 if (error) 799 return (error); 800 801 /* 802 * If the MLS label is to be changed, authorize as appropriate. 803 / 804* if (new->mm_flags & MAC_MLS_FLAGS_BOTH) { 805 /* 806 * If the change request modifies both the MLS label 807 * effective and range, check that the new effective will be 808 * in the new range. 809 / 810* if ((new->mm_flags & MAC_MLS_FLAGS_BOTH) == 811 MAC_MLS_FLAGS_BOTH && !mls_effective_in_range(new, new)) 812 return (EINVAL); 813 814 /* 815 * To change the MLS effective label on a credential, the new 816 * effective label must be in the current range. 817 / 818* if (new->mm_flags & MAC_MLS_FLAG_EFFECTIVE && 819 !mls_effective_in_range(new, subj)) 820 return (EPERM); 821 822 /* 823 * To change the MLS range label on a credential, the new 824 * range must be in the current range. 825 / 826* if (new->mm_flags & MAC_MLS_FLAG_RANGE && 827 !mls_range_in_range(new, subj)) 828 return (EPERM); 829 830 /* 831 * To have EQUAL in any component of the new credential MLS 832 * label, the subject must already have EQUAL in their label. 833 / 834* if (mls_contains_equal(new)) { 835 error = mls_subject_privileged(subj); 836 if (error) 837 return (error); 838 } 839 } 840 841 return (0); 842} 843 844static int 845mls_cred_check_visible(struct ucred cr1, struct ucred cr2) 846{ 847 struct mac_mls subj, obj; 848 849 if (!mls_enabled) 850 return (0); 851 852 subj = SLOT(cr1->cr_label); 853 obj = SLOT(cr2->cr_label); 854 855 /* XXX: range / 856* if (!mls_dominate_effective(subj, obj)) 857 return (ESRCH); 858 859 return (0); 860} 861 862static void 863mls_cred_relabel(struct ucred cred, struct label newlabel) 864{ 865 struct mac_mls source, dest; 866 867 source = SLOT(newlabel); 868 dest = SLOT(cred->cr_label); 869 870 mls_copy(source, dest); 871} 872 873static void
744mls_devfs_create_device(struct ucred cred, struct mount mp, 745 struct cdev dev, struct devfs_dirent de, struct label delabel) 746{ 747* struct mac_mls mm; 748* int mls_type; 749 750 mm = SLOT(delabel); 751 if (strcmp(dev->si_name, "null") == 0 \|\| --- 32 unchanged lines hidden (view full) --- 784 785 source = SLOT(cred->cr_label); 786 dest = SLOT(delabel); 787 788 mls_copy_effective(source, dest); 789} 790 791static void	874mls_devfs_create_device(struct ucred cred, struct mount mp, 875 struct cdev dev, struct devfs_dirent de, struct label delabel) 876{ 877* struct mac_mls mm; 878* int mls_type; 879 880 mm = SLOT(delabel); 881 if (strcmp(dev->si_name, "null") == 0 \|\| --- 32 unchanged lines hidden (view full) --- 914 915 source = SLOT(cred->cr_label); 916 dest = SLOT(delabel); 917 918 mls_copy_effective(source, dest); 919} 920 921static void
792mls_mount_create(struct ucred cred, struct mount mp, struct label mplabel) 793{ 794* struct mac_mls source, dest; 795 796 source = SLOT(cred->cr_label); 797 dest = SLOT(mplabel); 798 799 mls_copy_effective(source, dest); 800} 801 802static void 803mls_vnode_relabel(struct ucred cred, struct vnode vp, 804 struct label vplabel, struct label label) 805{ 806 struct mac_mls source, dest; 807 808 source = SLOT(label); 809 dest = SLOT(vplabel); 810 811 mls_copy(source, dest); 812} 813 814static void
815mls_devfs_update(struct mount mp, struct devfs_dirent de, 816 struct label delabel, struct vnode vp, struct label vplabel) 817{ 818* struct mac_mls source, dest; 819 820 source = SLOT(vplabel); 821 dest = SLOT(delabel); 822 --- 9 unchanged lines hidden (view full) --- 832 833 source = SLOT(delabel); 834 dest = SLOT(vplabel); 835 836 mls_copy_effective(source, dest); 837} 838 839static int	922mls_devfs_update(struct mount mp, struct devfs_dirent de, 923 struct label delabel, struct vnode vp, struct label vplabel) 924{ 925* struct mac_mls source, dest; 926 927 source = SLOT(vplabel); 928 dest = SLOT(delabel); 929 --- 9 unchanged lines hidden (view full) --- 939 940 source = SLOT(delabel); 941 dest = SLOT(vplabel); 942 943 mls_copy_effective(source, dest); 944} 945 946static int
840mls_vnode_associate_extattr(struct mount mp, struct label mplabel, 841 struct vnode vp, struct label vplabel)	947mls_ifnet_check_relabel(struct ucred cred, struct ifnet ifp, 948 struct label ifplabel, struct label newlabel)
842{	949{
843 struct mac_mls mm_temp, source, dest; 844 int buflen, error;	950 struct mac_mls subj, new; 951 int error;
845	952
846 source = SLOT(mplabel); 847 dest = SLOT(vplabel);	953 subj = SLOT(cred->cr_label); 954 new = SLOT(newlabel);
848	955
849 buflen = sizeof(mm_temp); 850 bzero(&mm_temp, buflen); 851 852 error = vn_extattr_get(vp, IO_NODELOCKED, MAC_MLS_EXTATTR_NAMESPACE, 853 MAC_MLS_EXTATTR_NAME, &buflen, (char ) &mm_temp, curthread); 854* if (error == ENOATTR \|\| error == EOPNOTSUPP) { 855 /* Fall back to the mntlabel. / 856* mls_copy_effective(source, dest); 857 return (0); 858 } else if (error)	956 /* 957 * If there is an MLS label update for the interface, it may be an 958 * update of effective, range, or both. 959 / 960* error = mls_atmostflags(new, MAC_MLS_FLAGS_BOTH); 961 if (error)
859 return (error); 860	962 return (error); 963
861 if (buflen != sizeof(mm_temp)) { 862 printf("mls_vnode_associate_extattr: bad size %d\n", buflen); 863 return (EPERM); 864 } 865 if (mls_valid(&mm_temp) != 0) { 866 printf("mls_vnode_associate_extattr: invalid\n"); 867 return (EPERM); 868 } 869 if ((mm_temp.mm_flags & MAC_MLS_FLAGS_BOTH) != 870 MAC_MLS_FLAG_EFFECTIVE) { 871 printf("mls_associated_vnode_extattr: not effective\n"); 872 return (EPERM); 873 }	964 /* 965 * Relabeling network interfaces requires MLS privilege. 966 / 967* error = mls_subject_privileged(subj);
874	968
875 mls_copy_effective(&mm_temp, dest);
876 return (0); 877} 878	969 return (0); 970} 971
879static void 880mls_vnode_associate_singlelabel(struct mount mp, struct label mplabel, 881 struct vnode vp, struct label vplabel) 882{ 883 struct mac_mls source, dest; 884 885 source = SLOT(mplabel); 886 dest = SLOT(vplabel); 887 888 mls_copy_effective(source, dest); 889} 890
891static int	972static int
892mls_vnode_create_extattr(struct ucred cred, struct mount mp, 893 struct label mplabel, struct vnode dvp, struct label dvplabel, 894* struct vnode vp, struct label vplabel, struct componentname *cnp)	973mls_ifnet_check_transmit(struct ifnet ifp, struct label ifplabel, 974 struct mbuf m, struct label mlabel)
895{	975{
896 struct mac_mls source, dest, mm_temp; 897 size_t buflen; 898 int error;	976 struct mac_mls p, i;
899	977
900 buflen = sizeof(mm_temp); 901 bzero(&mm_temp, buflen); 902 903 source = SLOT(cred->cr_label); 904 dest = SLOT(vplabel); 905 mls_copy_effective(source, &mm_temp); 906 907 error = vn_extattr_set(vp, IO_NODELOCKED, MAC_MLS_EXTATTR_NAMESPACE, 908 MAC_MLS_EXTATTR_NAME, buflen, (char ) &mm_temp, curthread); 909* if (error == 0) 910 mls_copy_effective(source, dest); 911 return (error); 912} 913 914static int 915mls_vnode_setlabel_extattr(struct ucred cred, struct vnode vp, 916 struct label vplabel, struct label intlabel) 917{ 918 struct mac_mls source, mm_temp; 919* size_t buflen; 920 int error; 921 922 buflen = sizeof(mm_temp); 923 bzero(&mm_temp, buflen); 924 925 source = SLOT(intlabel); 926 if ((source->mm_flags & MAC_MLS_FLAG_EFFECTIVE) == 0)	978 if (!mls_enabled)
927 return (0); 928	979 return (0); 980
929 mls_copy_effective(source, &mm_temp);	981 p = SLOT(mlabel); 982 i = SLOT(ifplabel);
930	983
931 error = vn_extattr_set(vp, IO_NODELOCKED, MAC_MLS_EXTATTR_NAMESPACE, 932 MAC_MLS_EXTATTR_NAME, buflen, (char ) &mm_temp, curthread); 933* return (error);	984 return (mls_effective_in_range(p, i) ? 0 : EACCES);
934} 935	985} 986
936/* 937 * Labeling event operations: IPC object. 938 */
939static void	987static void
940mls_inpcb_create(struct socket so, struct label solabel, struct inpcb inp, 941* struct label *inplabel)	988mls_ifnet_create(struct ifnet ifp, struct label ifplabel)
942{	989{
943 struct mac_mls source, dest;	990 struct mac_mls dest; 991* int type;
944	992
945 source = SLOT(solabel); 946 dest = SLOT(inplabel);	993 dest = SLOT(ifplabel);
947	994
948 mls_copy_effective(source, dest);	995 if (ifp->if_type == IFT_LOOP) 996 type = MAC_MLS_TYPE_EQUAL; 997 else 998 type = MAC_MLS_TYPE_LOW; 999 1000 mls_set_effective(dest, type, 0, NULL); 1001 mls_set_range(dest, type, 0, NULL, type, 0, NULL);
949} 950 951static void	1002} 1003 1004static void
952mls_socket_create_mbuf(struct socket so, struct label solabel,	1005mls_ifnet_create_mbuf(struct ifnet ifp, struct label ifplabel,
953 struct mbuf m, struct label mlabel) 954{ 955 struct mac_mls source, dest; 956	1006 struct mbuf m, struct label mlabel) 1007{ 1008 struct mac_mls source, dest; 1009
957 source = SLOT(solabel);	1010 source = SLOT(ifplabel);
958 dest = SLOT(mlabel); 959 960 mls_copy_effective(source, dest); 961} 962 963static void	1011 dest = SLOT(mlabel); 1012 1013 mls_copy_effective(source, dest); 1014} 1015 1016static void
964mls_socket_create(struct ucred cred, struct socket so, 965 struct label *solabel)	1017mls_ifnet_relabel(struct ucred cred, struct ifnet ifp, 1018 struct label ifplabel, struct label newlabel)
966{ 967 struct mac_mls source, dest; 968	1019{ 1020 struct mac_mls source, dest; 1021
969 source = SLOT(cred->cr_label); 970 dest = SLOT(solabel);	1022 source = SLOT(newlabel); 1023 dest = SLOT(ifplabel);
971	1024
972 mls_copy_effective(source, dest);	1025 mls_copy(source, dest);
973} 974	1026} 1027
975static void 976mls_pipe_create(struct ucred cred, struct pipepair pp, 977 struct label *pplabel)	1028static int 1029mls_inpcb_check_deliver(struct inpcb inp, struct label inplabel, 1030 struct mbuf m, struct label mlabel)
978{	1031{
979 struct mac_mls source, dest;	1032 struct mac_mls p, i;
980	1033
981 source = SLOT(cred->cr_label); 982 dest = SLOT(pplabel);	1034 if (!mls_enabled) 1035 return (0);
983	1036
984 mls_copy_effective(source, dest);	1037 p = SLOT(mlabel); 1038 i = SLOT(inplabel); 1039 1040 return (mls_equal_effective(p, i) ? 0 : EACCES);
985} 986 987static void	1041} 1042 1043static void
988mls_posixsem_create(struct ucred cred, struct ksem ks, 989 struct label *kslabel)	1044mls_inpcb_create(struct socket so, struct label solabel, struct inpcb inp, 1045* struct label *inplabel)
990{ 991 struct mac_mls source, dest; 992	1046{ 1047 struct mac_mls source, dest; 1048
993 source = SLOT(cred->cr_label); 994 dest = SLOT(kslabel);	1049 source = SLOT(solabel); 1050 dest = SLOT(inplabel);
995 996 mls_copy_effective(source, dest); 997} 998 999static void	1051 1052 mls_copy_effective(source, dest); 1053} 1054 1055static void
1000mls_socket_newconn(struct socket oldso, struct label oldsolabel, 1001 struct socket newso, struct label newsolabel)	1056mls_inpcb_create_mbuf(struct inpcb inp, struct label inplabel, 1057 struct mbuf m, struct label mlabel)
1002{ 1003 struct mac_mls source, dest; 1004	1058{ 1059 struct mac_mls source, dest; 1060
1005 source = SLOT(oldsolabel); 1006 dest = SLOT(newsolabel);	1061 source = SLOT(inplabel); 1062 dest = SLOT(mlabel);
1007 1008 mls_copy_effective(source, dest); 1009} 1010 1011static void	1063 1064 mls_copy_effective(source, dest); 1065} 1066 1067static void
1012mls_socket_relabel(struct ucred cred, struct socket so, 1013 struct label solabel, struct label newlabel)	1068mls_inpcb_sosetlabel(struct socket so, struct label solabel, 1069 struct inpcb inp, struct label inplabel)
1014{ 1015 struct mac_mls source, dest; 1016	1070{ 1071 struct mac_mls source, dest; 1072
1017 source = SLOT(newlabel); 1018 dest = SLOT(solabel);	1073 source = SLOT(solabel); 1074 dest = SLOT(inplabel);
1019 1020 mls_copy(source, dest); 1021} 1022 1023static void	1075 1076 mls_copy(source, dest); 1077} 1078 1079static void
1024mls_pipe_relabel(struct ucred cred, struct pipepair pp, 1025 struct label pplabel, struct label newlabel)	1080mls_ipq_create(struct mbuf m, struct label mlabel, struct ipq ipq, 1081* struct label *ipqlabel)
1026{ 1027 struct mac_mls source, dest; 1028	1082{ 1083 struct mac_mls source, dest; 1084
1029 source = SLOT(newlabel); 1030 dest = SLOT(pplabel); 1031 1032 mls_copy(source, dest); 1033} 1034 1035static void 1036mls_socketpeer_set_from_mbuf(struct mbuf m, struct label mlabel, 1037 struct socket so, struct label sopeerlabel) 1038{ 1039 struct mac_mls source, dest; 1040
1041 source = SLOT(mlabel);	1085 source = SLOT(mlabel);
1042 dest = SLOT(sopeerlabel);	1086 dest = SLOT(ipqlabel);
1043 1044 mls_copy_effective(source, dest); 1045} 1046	1087 1088 mls_copy_effective(source, dest); 1089} 1090
1047/* 1048 * Labeling event operations: System V IPC objects. 1049 / 1050static void 1051mls_sysvmsg_create(struct ucred cred, struct msqid_kernel msqkptr, 1052* struct label msqlabel, struct msg msgptr, struct label *msglabel)	1091static int 1092mls_ipq_match(struct mbuf m, struct label mlabel, struct ipq ipq, 1093* struct label *ipqlabel)
1053{	1094{
1054 struct mac_mls source, dest;	1095 struct mac_mls a, b;
1055	1096
1056 /* Ignore the msgq label. / 1057* source = SLOT(cred->cr_label); 1058 dest = SLOT(msglabel);	1097 a = SLOT(ipqlabel); 1098 b = SLOT(mlabel);
1059	1099
1060 mls_copy_effective(source, dest);	1100 return (mls_equal_effective(a, b));
1061} 1062 1063static void	1101} 1102 1103static void
1064mls_sysvmsq_create(struct ucred cred, struct msqid_kernel msqkptr, 1065 struct label *msqlabel)	1104mls_ipq_reassemble(struct ipq ipq, struct label ipqlabel, struct mbuf m, 1105* struct label *mlabel)
1066{ 1067 struct mac_mls source, dest; 1068	1106{ 1107 struct mac_mls source, dest; 1108
1069 source = SLOT(cred->cr_label); 1070 dest = SLOT(msqlabel);	1109 source = SLOT(ipqlabel); 1110 dest = SLOT(mlabel);
1071	1111
	1112 /* Just use the head, since we require them all to match. */
1072 mls_copy_effective(source, dest); 1073} 1074 1075static void	1113 mls_copy_effective(source, dest); 1114} 1115 1116static void
1076mls_sysvsem_create(struct ucred cred, struct semid_kernel semakptr, 1077 struct label *semalabel)	1117mls_ipq_update(struct mbuf m, struct label mlabel, struct ipq ipq, 1118* struct label *ipqlabel)
1078{	1119{
1079 struct mac_mls source, dest;
1080	1120
1081 source = SLOT(cred->cr_label); 1082 dest = SLOT(semalabel); 1083 1084 mls_copy_effective(source, dest);	1121 /* NOOP: we only accept matching labels, so no need to update */
1085} 1086	1122} 1123
1087static void 1088mls_sysvshm_create(struct ucred cred, struct shmid_kernel shmsegptr, 1089 struct label *shmlabel)	1124static int 1125mls_mount_check_stat(struct ucred cred, struct mount mp, 1126 struct label *mntlabel)
1090{	1127{
1091 struct mac_mls source, dest;	1128 struct mac_mls subj, obj;
1092	1129
1093 source = SLOT(cred->cr_label); 1094 dest = SLOT(shmlabel);	1130 if (!mls_enabled) 1131 return (0);
1095	1132
1096 mls_copy_effective(source, dest);	1133 subj = SLOT(cred->cr_label); 1134 obj = SLOT(mntlabel); 1135 1136 if (!mls_dominate_effective(subj, obj)) 1137 return (EACCES); 1138 1139 return (0);
1097} 1098	1140} 1141
1099/* 1100 * Labeling event operations: network objects. 1101 */
1102static void	1142static void
1103mls_socketpeer_set_from_socket(struct socket oldso, 1104* struct label oldsolabel, struct socket newso, 1105 struct label *newsopeerlabel)	1143mls_mount_create(struct ucred cred, struct mount mp, struct label *mplabel)
1106{ 1107 struct mac_mls source, dest; 1108	1144{ 1145 struct mac_mls source, dest; 1146
1109 source = SLOT(oldsolabel); 1110 dest = SLOT(newsopeerlabel);	1147 source = SLOT(cred->cr_label); 1148 dest = SLOT(mplabel);
1111 1112 mls_copy_effective(source, dest); 1113} 1114 1115static void	1149 1150 mls_copy_effective(source, dest); 1151} 1152 1153static void
1116mls_bpfdesc_create(struct ucred cred, struct bpf_d d, struct label *dlabel)	1154mls_netatalk_aarp_send(struct ifnet ifp, struct label ifplabel, 1155 struct mbuf m, struct label mlabel)
1117{	1156{
1118 struct mac_mls source, dest;	1157 struct mac_mls *dest;
1119	1158
1120 source = SLOT(cred->cr_label); 1121 dest = SLOT(dlabel);	1159 dest = SLOT(mlabel);
1122	1160
1123 mls_copy_effective(source, dest);	1161 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL);
1124} 1125 1126static void	1162} 1163 1164static void
1127mls_ifnet_create(struct ifnet ifp, struct label ifplabel)	1165mls_netinet_arp_send(struct ifnet ifp, struct label ifplabel, 1166 struct mbuf m, struct label mlabel)
1128{ 1129 struct mac_mls *dest;	1167{ 1168 struct mac_mls *dest;
1130 int type;
1131	1169
1132 dest = SLOT(ifplabel);	1170 dest = SLOT(mlabel);
1133	1171
1134 if (ifp->if_type == IFT_LOOP) 1135 type = MAC_MLS_TYPE_EQUAL; 1136 else 1137 type = MAC_MLS_TYPE_LOW; 1138 1139 mls_set_effective(dest, type, 0, NULL); 1140 mls_set_range(dest, type, 0, NULL, type, 0, NULL);	1172 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL);
1141} 1142 1143static void	1173} 1174 1175static void
1144mls_ipq_create(struct mbuf m, struct label mlabel, struct ipq ipq, 1145* struct label *ipqlabel)	1176mls_netinet_firewall_reply(struct mbuf mrecv, struct label mrecvlabel, 1177 struct mbuf msend, struct label msendlabel)
1146{ 1147 struct mac_mls source, dest; 1148	1178{ 1179 struct mac_mls source, dest; 1180
1149 source = SLOT(mlabel); 1150 dest = SLOT(ipqlabel);	1181 source = SLOT(mrecvlabel); 1182 dest = SLOT(msendlabel);
1151 1152 mls_copy_effective(source, dest); 1153} 1154 1155static void	1183 1184 mls_copy_effective(source, dest); 1185} 1186 1187static void
1156mls_ipq_reassemble(struct ipq ipq, struct label ipqlabel, struct mbuf m, 1157* struct label *mlabel)	1188mls_netinet_firewall_send(struct mbuf m, struct label mlabel)
1158{	1189{
1159 struct mac_mls source, dest;	1190 struct mac_mls *dest;
1160	1191
1161 source = SLOT(ipqlabel);
1162 dest = SLOT(mlabel); 1163	1192 dest = SLOT(mlabel); 1193
1164 /* Just use the head, since we require them all to match. / 1165* mls_copy_effective(source, dest);	1194 /* XXX: where is the label for the firewall really comming from? / 1195* mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL);
1166} 1167 1168static void 1169mls_netinet_fragment(struct mbuf m, struct label mlabel, struct mbuf frag, 1170* struct label fraglabel) 1171{ 1172* struct mac_mls source, dest; 1173 1174 source = SLOT(mlabel); 1175 dest = SLOT(fraglabel); 1176 1177 mls_copy_effective(source, dest); 1178} 1179 1180static void	1196} 1197 1198static void 1199mls_netinet_fragment(struct mbuf m, struct label mlabel, struct mbuf frag, 1200* struct label fraglabel) 1201{ 1202* struct mac_mls source, dest; 1203 1204 source = SLOT(mlabel); 1205 dest = SLOT(fraglabel); 1206 1207 mls_copy_effective(source, dest); 1208} 1209 1210static void
1181mls_inpcb_create_mbuf(struct inpcb inp, struct label inplabel, 1182 struct mbuf m, struct label mlabel)	1211mls_netinet_icmp_reply(struct mbuf mrecv, struct label mrecvlabel, 1212 struct mbuf msend, struct label msendlabel)
1183{ 1184 struct mac_mls source, dest; 1185	1213{ 1214 struct mac_mls source, dest; 1215
1186 source = SLOT(inplabel); 1187 dest = SLOT(mlabel);	1216 source = SLOT(mrecvlabel); 1217 dest = SLOT(msendlabel);
1188 1189 mls_copy_effective(source, dest); 1190} 1191 1192static void	1218 1219 mls_copy_effective(source, dest); 1220} 1221 1222static void
1193mls_bpfdesc_create_mbuf(struct bpf_d d, struct label dlabel,	1223mls_netinet_igmp_send(struct ifnet ifp, struct label ifplabel,
1194 struct mbuf m, struct label mlabel) 1195{	1224 struct mbuf m, struct label mlabel) 1225{
1196 struct mac_mls source, dest;	1226 struct mac_mls *dest;
1197	1227
1198 source = SLOT(dlabel);
1199 dest = SLOT(mlabel); 1200	1228 dest = SLOT(mlabel); 1229
1201 mls_copy_effective(source, dest);	1230 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL);
1202} 1203 1204static void	1231} 1232 1233static void
1205mls_ifnet_create_mbuf(struct ifnet ifp, struct label ifplabel,	1234mls_netinet6_nd6_send(struct ifnet ifp, struct label ifplabel,
1206 struct mbuf m, struct label mlabel) 1207{	1235 struct mbuf m, struct label mlabel) 1236{
1208 struct mac_mls source, dest;	1237 struct mac_mls *dest;
1209	1238
1210 source = SLOT(ifplabel);
1211 dest = SLOT(mlabel); 1212	1239 dest = SLOT(mlabel); 1240
1213 mls_copy_effective(source, dest);	1241 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL);
1214} 1215 1216static int	1242} 1243 1244static int
1217mls_ipq_match(struct mbuf m, struct label mlabel, struct ipq ipq, 1218* struct label *ipqlabel)	1245mls_pipe_check_ioctl(struct ucred cred, struct pipepair pp, 1246 struct label pplabel, unsigned long cmd, void / caddr_t / data)
1219{	1247{
1220 struct mac_mls a, b;
1221	1248
1222 a = SLOT(ipqlabel); 1223 b = SLOT(mlabel);	1249 if (!mls_enabled) 1250 return (0);
1224	1251
1225 return (mls_equal_effective(a, b));	1252 /* XXX: This will be implemented soon... / 1253* 1254 return (0);
1226} 1227	1255} 1256
1228static void 1229mls_ifnet_relabel(struct ucred cred, struct ifnet ifp, 1230 struct label ifplabel, struct label newlabel)	1257static int 1258mls_pipe_check_poll(struct ucred cred, struct pipepair pp, 1259 struct label *pplabel)
1231{	1260{
1232 struct mac_mls source, dest;	1261 struct mac_mls subj, obj;
1233	1262
1234 source = SLOT(newlabel); 1235 dest = SLOT(ifplabel);	1263 if (!mls_enabled) 1264 return (0);
1236	1265
1237 mls_copy(source, dest); 1238}	1266 subj = SLOT(cred->cr_label); 1267 obj = SLOT(pplabel);
1239	1268
1240static void 1241mls_ipq_update(struct mbuf m, struct label mlabel, struct ipq ipq, 1242* struct label ipqlabel) 1243*{	1269 if (!mls_dominate_effective(subj, obj)) 1270 return (EACCES);
1244	1271
1245 /* NOOP: we only accept matching labels, so no need to update */	1272 return (0);
1246} 1247	1273} 1274
1248static void 1249mls_inpcb_sosetlabel(struct socket so, struct label solabel, 1250 struct inpcb inp, struct label inplabel)	1275static int 1276mls_pipe_check_read(struct ucred cred, struct pipepair pp, 1277 struct label *pplabel)
1251{	1278{
1252 struct mac_mls source, dest;	1279 struct mac_mls subj, obj;
1253	1280
1254 source = SLOT(solabel); 1255 dest = SLOT(inplabel);	1281 if (!mls_enabled) 1282 return (0);
1256	1283
1257 mls_copy(source, dest);	1284 subj = SLOT(cred->cr_label); 1285 obj = SLOT(pplabel); 1286 1287 if (!mls_dominate_effective(subj, obj)) 1288 return (EACCES); 1289 1290 return (0);
1258} 1259	1291} 1292
1260static void 1261mls_netatalk_aarp_send(struct ifnet ifp, struct label ifplabel, 1262 struct mbuf m, struct label mlabel)	1293static int 1294mls_pipe_check_relabel(struct ucred cred, struct pipepair pp, 1295 struct label pplabel, struct label newlabel)
1263{	1296{
1264 struct mac_mls *dest;	1297 struct mac_mls subj, obj, new; 1298* int error;
1265	1299
1266 dest = SLOT(mlabel);	1300 new = SLOT(newlabel); 1301 subj = SLOT(cred->cr_label); 1302 obj = SLOT(pplabel);
1267	1303
1268 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL); 1269}	1304 /* 1305 * If there is an MLS label update for a pipe, it must be a effective 1306 * update. 1307 / 1308* error = mls_atmostflags(new, MAC_MLS_FLAG_EFFECTIVE); 1309 if (error) 1310 return (error);
1270	1311
1271static void 1272mls_netinet_arp_send(struct ifnet ifp, struct label ifplabel, 1273 struct mbuf m, struct label mlabel) 1274{ 1275 struct mac_mls *dest;	1312 /* 1313 * To perform a relabel of a pipe (MLS label or not), MLS must 1314 * authorize the relabel. 1315 / 1316* if (!mls_effective_in_range(obj, subj)) 1317 return (EPERM);
1276	1318
1277 dest = SLOT(mlabel);	1319 /* 1320 * If the MLS label is to be changed, authorize as appropriate. 1321 / 1322* if (new->mm_flags & MAC_MLS_FLAG_EFFECTIVE) { 1323 /* 1324 * To change the MLS label on a pipe, the new pipe label must 1325 * be in the subject range. 1326 / 1327* if (!mls_effective_in_range(new, subj)) 1328 return (EPERM);
1278	1329
1279 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL);	1330 /* 1331 * To change the MLS label on a pipe to be EQUAL, the subject 1332 * must have appropriate privilege. 1333 / 1334* if (mls_contains_equal(new)) { 1335 error = mls_subject_privileged(subj); 1336 if (error) 1337 return (error); 1338 } 1339 } 1340 1341 return (0);
1280} 1281	1342} 1343
1282static void 1283mls_netinet_firewall_reply(struct mbuf mrecv, struct label mrecvlabel, 1284 struct mbuf msend, struct label msendlabel)	1344static int 1345mls_pipe_check_stat(struct ucred cred, struct pipepair pp, 1346 struct label *pplabel)
1285{	1347{
1286 struct mac_mls source, dest;	1348 struct mac_mls subj, obj;
1287	1349
1288 source = SLOT(mrecvlabel); 1289 dest = SLOT(msendlabel);	1350 if (!mls_enabled) 1351 return (0);
1290	1352
1291 mls_copy_effective(source, dest);	1353 subj = SLOT(cred->cr_label); 1354 obj = SLOT(pplabel); 1355 1356 if (!mls_dominate_effective(subj, obj)) 1357 return (EACCES); 1358 1359 return (0);
1292} 1293	1360} 1361
1294static void 1295mls_netinet_firewall_send(struct mbuf m, struct label mlabel)	1362static int 1363mls_pipe_check_write(struct ucred cred, struct pipepair pp, 1364 struct label *pplabel)
1296{	1365{
1297 struct mac_mls *dest;	1366 struct mac_mls subj, obj;
1298	1367
1299 dest = SLOT(mlabel);	1368 if (!mls_enabled) 1369 return (0);
1300	1370
1301 /* XXX: where is the label for the firewall really comming from? / 1302* mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL);	1371 subj = SLOT(cred->cr_label); 1372 obj = SLOT(pplabel); 1373 1374 if (!mls_dominate_effective(obj, subj)) 1375 return (EACCES); 1376 1377 return (0);
1303} 1304 1305static void	1378} 1379 1380static void
1306mls_netinet_icmp_reply(struct mbuf mrecv, struct label mrecvlabel, 1307 struct mbuf msend, struct label msendlabel)	1381mls_pipe_create(struct ucred cred, struct pipepair pp, 1382 struct label *pplabel)
1308{ 1309 struct mac_mls source, dest; 1310	1383{ 1384 struct mac_mls source, dest; 1385
1311 source = SLOT(mrecvlabel); 1312 dest = SLOT(msendlabel);	1386 source = SLOT(cred->cr_label); 1387 dest = SLOT(pplabel);
1313 1314 mls_copy_effective(source, dest); 1315} 1316 1317static void	1388 1389 mls_copy_effective(source, dest); 1390} 1391 1392static void
1318mls_netinet_igmp_send(struct ifnet ifp, struct label ifplabel, 1319 struct mbuf m, struct label mlabel)	1393mls_pipe_relabel(struct ucred cred, struct pipepair pp, 1394 struct label pplabel, struct label newlabel)
1320{	1395{
1321 struct mac_mls *dest;	1396 struct mac_mls source, dest;
1322	1397
1323 dest = SLOT(mlabel);	1398 source = SLOT(newlabel); 1399 dest = SLOT(pplabel);
1324	1400
1325 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL);	1401 mls_copy(source, dest);
1326} 1327	1402} 1403
1328static void 1329mls_netinet6_nd6_send(struct ifnet ifp, struct label ifplabel, 1330 struct mbuf m, struct label mlabel)	1404static int 1405mls_posixsem_check_rdonly(struct ucred cred, struct ksem ks, 1406 struct label *kslabel)
1331{	1407{
1332 struct mac_mls *dest;	1408 struct mac_mls subj, obj;
1333	1409
1334 dest = SLOT(mlabel);	1410 if (!mls_enabled) 1411 return (0);
1335	1412
1336 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL); 1337}	1413 subj = SLOT(cred->cr_label); 1414 obj = SLOT(kslabel);
1338	1415
1339static void 1340mls_syncache_create(struct label label, struct inpcb inp) 1341{ 1342 struct mac_mls source, dest;	1416 if (!mls_dominate_effective(subj, obj)) 1417 return (EACCES);
1343	1418
1344 source = SLOT(inp->inp_label); 1345 dest = SLOT(label); 1346 1347 mls_copy_effective(source, dest);	1419 return (0);
1348} 1349	1420} 1421
1350static void 1351mls_syncache_create_mbuf(struct label sc_label, struct mbuf m, 1352 struct label *mlabel)	1422static int 1423mls_posixsem_check_write(struct ucred cred, struct ksem ks, 1424 struct label *kslabel)
1353{	1425{
1354 struct mac_mls source, dest;	1426 struct mac_mls subj, obj;
1355	1427
1356 source = SLOT(sc_label); 1357 dest = SLOT(mlabel);	1428 if (!mls_enabled) 1429 return (0);
1358	1430
1359 mls_copy_effective(source, dest); 1360}	1431 subj = SLOT(cred->cr_label); 1432 obj = SLOT(kslabel);
1361	1433
1362/* 1363 * Labeling event operations: processes. 1364 / 1365static void 1366mls_proc_create_swapper(struct ucred cred) 1367{ 1368 struct mac_mls *dest;	1434 if (!mls_dominate_effective(obj, subj)) 1435 return (EACCES);
1369	1436
1370 dest = SLOT(cred->cr_label); 1371 1372 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL); 1373 mls_set_range(dest, MAC_MLS_TYPE_LOW, 0, NULL, MAC_MLS_TYPE_HIGH, 0, 1374 NULL);	1437 return (0);
1375} 1376 1377static void	1438} 1439 1440static void
1378mls_proc_create_init(struct ucred *cred)	1441mls_posixsem_create(struct ucred cred, struct ksem ks, 1442 struct label *kslabel)
1379{	1443{
1380 struct mac_mls *dest;	1444 struct mac_mls source, dest;
1381	1445
1382 dest = SLOT(cred->cr_label);	1446 source = SLOT(cred->cr_label); 1447 dest = SLOT(kslabel);
1383	1448
1384 mls_set_effective(dest, MAC_MLS_TYPE_LOW, 0, NULL); 1385 mls_set_range(dest, MAC_MLS_TYPE_LOW, 0, NULL, MAC_MLS_TYPE_HIGH, 0, 1386 NULL);	1449 mls_copy_effective(source, dest);
1387} 1388 1389static void 1390mls_proc_associate_nfsd(struct ucred cred) 1391{ 1392* struct mac_mls label; 1393* 1394 label = SLOT(cred->cr_label); 1395 mls_set_effective(label, MAC_MLS_TYPE_LOW, 0, NULL); 1396 mls_set_range(label, MAC_MLS_TYPE_LOW, 0, NULL, MAC_MLS_TYPE_HIGH, 0, 1397 NULL); 1398} 1399	1450} 1451 1452static void 1453mls_proc_associate_nfsd(struct ucred cred) 1454{ 1455* struct mac_mls label; 1456* 1457 label = SLOT(cred->cr_label); 1458 mls_set_effective(label, MAC_MLS_TYPE_LOW, 0, NULL); 1459 mls_set_range(label, MAC_MLS_TYPE_LOW, 0, NULL, MAC_MLS_TYPE_HIGH, 0, 1460 NULL); 1461} 1462
1400static void 1401mls_cred_relabel(struct ucred cred, struct label newlabel)	1463static int 1464mls_proc_check_debug(struct ucred cred, struct proc p)
1402{	1465{
1403 struct mac_mls source, dest;	1466 struct mac_mls subj, obj;
1404	1467
1405 source = SLOT(newlabel); 1406 dest = SLOT(cred->cr_label);	1468 if (!mls_enabled) 1469 return (0);
1407	1470
1408 mls_copy(source, dest);	1471 subj = SLOT(cred->cr_label); 1472 obj = SLOT(p->p_ucred->cr_label); 1473 1474 /* XXX: range checks / 1475* if (!mls_dominate_effective(subj, obj)) 1476 return (ESRCH); 1477 if (!mls_dominate_effective(obj, subj)) 1478 return (EACCES); 1479 1480 return (0);
1409} 1410	1481} 1482
1411/* 1412 * Label cleanup/flush operations. 1413 / 1414static void 1415mls_sysvmsg_cleanup(struct label msglabel)	1483static int 1484mls_proc_check_sched(struct ucred cred, struct proc p)
1416{	1485{
	1486 struct mac_mls subj, obj;
1417	1487
1418 bzero(SLOT(msglabel), sizeof(struct mac_mls));	1488 if (!mls_enabled) 1489 return (0); 1490 1491 subj = SLOT(cred->cr_label); 1492 obj = SLOT(p->p_ucred->cr_label); 1493 1494 /* XXX: range checks / 1495* if (!mls_dominate_effective(subj, obj)) 1496 return (ESRCH); 1497 if (!mls_dominate_effective(obj, subj)) 1498 return (EACCES); 1499 1500 return (0);
1419} 1420	1501} 1502
1421static void 1422mls_sysvmsq_cleanup(struct label *msqlabel)	1503static int 1504mls_proc_check_signal(struct ucred cred, struct proc p, int signum)
1423{	1505{
	1506 struct mac_mls subj, obj;
1424	1507
1425 bzero(SLOT(msqlabel), sizeof(struct mac_mls));	1508 if (!mls_enabled) 1509 return (0); 1510 1511 subj = SLOT(cred->cr_label); 1512 obj = SLOT(p->p_ucred->cr_label); 1513 1514 /* XXX: range checks / 1515* if (!mls_dominate_effective(subj, obj)) 1516 return (ESRCH); 1517 if (!mls_dominate_effective(obj, subj)) 1518 return (EACCES); 1519 1520 return (0);
1426} 1427 1428static void	1521} 1522 1523static void
1429mls_sysvsem_cleanup(struct label *semalabel)	1524mls_proc_create_init(struct ucred *cred)
1430{	1525{
	1526 struct mac_mls *dest;
1431	1527
1432 bzero(SLOT(semalabel), sizeof(struct mac_mls));	1528 dest = SLOT(cred->cr_label); 1529 1530 mls_set_effective(dest, MAC_MLS_TYPE_LOW, 0, NULL); 1531 mls_set_range(dest, MAC_MLS_TYPE_LOW, 0, NULL, MAC_MLS_TYPE_HIGH, 0, 1532 NULL);
1433} 1434 1435static void	1533} 1534 1535static void
1436mls_sysvshm_cleanup(struct label *shmlabel)	1536mls_proc_create_swapper(struct ucred *cred)
1437{	1537{
	1538 struct mac_mls *dest;
1438	1539
1439 bzero(SLOT(shmlabel), sizeof(struct mac_mls));	1540 dest = SLOT(cred->cr_label); 1541 1542 mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL); 1543 mls_set_range(dest, MAC_MLS_TYPE_LOW, 0, NULL, MAC_MLS_TYPE_HIGH, 0, 1544 NULL);
1440} 1441	1545} 1546
1442/* 1443 * Access control checks. 1444 */
1445static int	1547static int
1446mls_bpfdesc_check_receive(struct bpf_d d, struct label dlabel, 1447 struct ifnet ifp, struct label ifplabel)	1548mls_socket_check_deliver(struct socket so, struct label solabel, 1549 struct mbuf m, struct label mlabel)
1448{	1550{
1449 struct mac_mls a, b;	1551 struct mac_mls p, s;
1450 1451 if (!mls_enabled) 1452 return (0); 1453	1552 1553 if (!mls_enabled) 1554 return (0); 1555
1454 a = SLOT(dlabel); 1455 b = SLOT(ifplabel);	1556 p = SLOT(mlabel); 1557 s = SLOT(solabel);
1456	1558
1457 if (mls_equal_effective(a, b)) 1458 return (0); 1459 return (EACCES);	1559 return (mls_equal_effective(p, s) ? 0 : EACCES);
1460} 1461 1462static int	1560} 1561 1562static int
1463mls_cred_check_relabel(struct ucred cred, struct label newlabel)	1563mls_socket_check_relabel(struct ucred cred, struct socket so, 1564 struct label solabel, struct label newlabel)
1464{	1565{
1465 struct mac_mls subj, new;	1566 struct mac_mls subj, obj, *new;
1466 int error; 1467	1567 int error; 1568
1468 subj = SLOT(cred->cr_label);
1469 new = SLOT(newlabel);	1569 new = SLOT(newlabel);
	1570 subj = SLOT(cred->cr_label); 1571 obj = SLOT(solabel);
1470 1471 /*	1572 1573 /*
1472 * If there is an MLS label update for the credential, it may be an 1473 * update of effective, range, or both.	1574 * If there is an MLS label update for the socket, it may be an 1575 * update of effective.
1474 */	1576 */
1475 error = mls_atmostflags(new, MAC_MLS_FLAGS_BOTH);	1577 error = mls_atmostflags(new, MAC_MLS_FLAG_EFFECTIVE);
1476 if (error) 1477 return (error); 1478 1479 /*	1578 if (error) 1579 return (error); 1580 1581 /*
	1582 * To relabel a socket, the old socket effective must be in the 1583 * subject range. 1584 / 1585* if (!mls_effective_in_range(obj, subj)) 1586 return (EPERM); 1587 1588 /*
1480 * If the MLS label is to be changed, authorize as appropriate. 1481 */	1589 * If the MLS label is to be changed, authorize as appropriate. 1590 */
1482 if (new->mm_flags & MAC_MLS_FLAGS_BOTH) {	1591 if (new->mm_flags & MAC_MLS_FLAG_EFFECTIVE) {
1483 /*	1592 /*
1484 * If the change request modifies both the MLS label 1485 * effective and range, check that the new effective will be 1486 * in the new range.	1593 * To relabel a socket, the new socket effective must be in 1594 * the subject range.
1487 */	1595 */
1488 if ((new->mm_flags & MAC_MLS_FLAGS_BOTH) == 1489 MAC_MLS_FLAGS_BOTH && !mls_effective_in_range(new, new)) 1490 return (EINVAL); 1491 1492 /* 1493 * To change the MLS effective label on a credential, the new 1494 * effective label must be in the current range. 1495 / 1496* if (new->mm_flags & MAC_MLS_FLAG_EFFECTIVE && 1497 !mls_effective_in_range(new, subj))	1596 if (!mls_effective_in_range(new, subj))
1498 return (EPERM); 1499 1500 /*	1597 return (EPERM); 1598 1599 /*
1501 * To change the MLS range label on a credential, the new 1502 * range must be in the current range.	1600 * To change the MLS label on the socket to contain EQUAL, 1601 * the subject must have appropriate privilege.
1503 */	1602 */
1504 if (new->mm_flags & MAC_MLS_FLAG_RANGE && 1505 !mls_range_in_range(new, subj)) 1506 return (EPERM); 1507 1508 /* 1509 * To have EQUAL in any component of the new credential MLS 1510 * label, the subject must already have EQUAL in their label. 1511 */
1512 if (mls_contains_equal(new)) { 1513 error = mls_subject_privileged(subj); 1514 if (error) 1515 return (error); 1516 } 1517 } 1518 1519 return (0); 1520} 1521 1522static int	1603 if (mls_contains_equal(new)) { 1604 error = mls_subject_privileged(subj); 1605 if (error) 1606 return (error); 1607 } 1608 } 1609 1610 return (0); 1611} 1612 1613static int
1523mls_cred_check_visible(struct ucred cr1, struct ucred cr2)	1614mls_socket_check_visible(struct ucred cred, struct socket so, 1615 struct label *solabel)
1524{ 1525 struct mac_mls subj, obj; 1526 1527 if (!mls_enabled) 1528 return (0); 1529	1616{ 1617 struct mac_mls subj, obj; 1618 1619 if (!mls_enabled) 1620 return (0); 1621
1530 subj = SLOT(cr1->cr_label); 1531 obj = SLOT(cr2->cr_label);	1622 subj = SLOT(cred->cr_label); 1623 obj = SLOT(solabel);
1532	1624
1533 /* XXX: range */
1534 if (!mls_dominate_effective(subj, obj))	1625 if (!mls_dominate_effective(subj, obj))
1535 return (ESRCH);	1626 return (ENOENT);
1536 1537 return (0); 1538} 1539	1627 1628 return (0); 1629} 1630
	1631static void 1632mls_socket_create(struct ucred cred, struct socket so, 1633 struct label solabel) 1634{ 1635* struct mac_mls source, dest; 1636 1637 source = SLOT(cred->cr_label); 1638 dest = SLOT(solabel); 1639 1640 mls_copy_effective(source, dest); 1641} 1642 1643static void 1644mls_socket_create_mbuf(struct socket so, struct label solabel, 1645 struct mbuf m, struct label mlabel) 1646{ 1647 struct mac_mls source, dest; 1648 1649 source = SLOT(solabel); 1650 dest = SLOT(mlabel); 1651 1652 mls_copy_effective(source, dest); 1653} 1654 1655static void 1656mls_socket_newconn(struct socket oldso, struct label oldsolabel, 1657 struct socket newso, struct label newsolabel) 1658{ 1659 struct mac_mls source, dest; 1660 1661 source = SLOT(oldsolabel); 1662 dest = SLOT(newsolabel); 1663 1664 mls_copy_effective(source, dest); 1665} 1666 1667static void 1668mls_socket_relabel(struct ucred cred, struct socket so, 1669 struct label solabel, struct label newlabel) 1670{ 1671 struct mac_mls source, dest; 1672 1673 source = SLOT(newlabel); 1674 dest = SLOT(solabel); 1675 1676 mls_copy(source, dest); 1677} 1678 1679static void 1680mls_socketpeer_set_from_mbuf(struct mbuf m, struct label mlabel, 1681 struct socket so, struct label sopeerlabel) 1682{ 1683 struct mac_mls source, dest; 1684 1685 source = SLOT(mlabel); 1686 dest = SLOT(sopeerlabel); 1687 1688 mls_copy_effective(source, dest); 1689} 1690 1691static void 1692mls_socketpeer_set_from_socket(struct socket oldso, 1693* struct label oldsolabel, struct socket newso, 1694 struct label newsopeerlabel) 1695{ 1696* struct mac_mls source, dest; 1697 1698 source = SLOT(oldsolabel); 1699 dest = SLOT(newsopeerlabel); 1700 1701 mls_copy_effective(source, dest); 1702} 1703 1704static void 1705mls_syncache_create(struct label label, struct inpcb inp) 1706{ 1707 struct mac_mls source, dest; 1708 1709 source = SLOT(inp->inp_label); 1710 dest = SLOT(label); 1711 1712 mls_copy_effective(source, dest); 1713} 1714 1715static void 1716mls_syncache_create_mbuf(struct label sc_label, struct mbuf m, 1717 struct label mlabel) 1718{ 1719* struct mac_mls source, dest; 1720 1721 source = SLOT(sc_label); 1722 dest = SLOT(mlabel); 1723 1724 mls_copy_effective(source, dest); 1725} 1726
1540static int	1727static int
1541mls_ifnet_check_relabel(struct ucred cred, struct ifnet ifp, 1542 struct label ifplabel, struct label newlabel)	1728mls_system_check_acct(struct ucred cred, struct vnode vp, 1729 struct label *vplabel)
1543{	1730{
1544 struct mac_mls subj, new; 1545 int error;	1731 struct mac_mls subj, obj;
1546	1732
	1733 if (!mls_enabled) 1734 return (0); 1735
1547 subj = SLOT(cred->cr_label);	1736 subj = SLOT(cred->cr_label);
1548 new = SLOT(newlabel);	1737 obj = SLOT(vplabel);
1549	1738
1550 /* 1551 * If there is an MLS label update for the interface, it may be an 1552 * update of effective, range, or both. 1553 / 1554* error = mls_atmostflags(new, MAC_MLS_FLAGS_BOTH); 1555 if (error) 1556 return (error);	1739 if (!mls_dominate_effective(obj, subj) \|\| 1740 !mls_dominate_effective(subj, obj)) 1741 return (EACCES);
1557	1742
1558 /* 1559 * Relabeling network interfaces requires MLS privilege. 1560 / 1561* error = mls_subject_privileged(subj); 1562
1563 return (0); 1564} 1565 1566static int	1743 return (0); 1744} 1745 1746static int
1567mls_ifnet_check_transmit(struct ifnet ifp, struct label ifplabel, 1568 struct mbuf m, struct label mlabel)	1747mls_system_check_auditctl(struct ucred cred, struct vnode vp, 1748 struct label *vplabel)
1569{	1749{
1570 struct mac_mls p, i;	1750 struct mac_mls subj, obj;
1571 1572 if (!mls_enabled) 1573 return (0); 1574	1751 1752 if (!mls_enabled) 1753 return (0); 1754
1575 p = SLOT(mlabel); 1576 i = SLOT(ifplabel);	1755 subj = SLOT(cred->cr_label); 1756 obj = SLOT(vplabel);
1577	1757
1578 return (mls_effective_in_range(p, i) ? 0 : EACCES);	1758 if (!mls_dominate_effective(obj, subj) \|\| 1759 !mls_dominate_effective(subj, obj)) 1760 return (EACCES); 1761 1762 return (0);
1579} 1580 1581static int	1763} 1764 1765static int
1582mls_inpcb_check_deliver(struct inpcb inp, struct label inplabel, 1583 struct mbuf m, struct label mlabel)	1766mls_system_check_swapon(struct ucred cred, struct vnode vp, 1767 struct label *vplabel)
1584{	1768{
1585 struct mac_mls p, i;	1769 struct mac_mls subj, obj;
1586 1587 if (!mls_enabled) 1588 return (0); 1589	1770 1771 if (!mls_enabled) 1772 return (0); 1773
1590 p = SLOT(mlabel); 1591 i = SLOT(inplabel);	1774 subj = SLOT(cred->cr_label); 1775 obj = SLOT(vplabel);
1592	1776
1593 return (mls_equal_effective(p, i) ? 0 : EACCES);	1777 if (!mls_dominate_effective(obj, subj) \|\| 1778 !mls_dominate_effective(subj, obj)) 1779 return (EACCES); 1780 1781 return (0);
1594} 1595	1782} 1783
	1784static void 1785mls_sysvmsg_cleanup(struct label msglabel) 1786{ 1787* 1788 bzero(SLOT(msglabel), sizeof(struct mac_mls)); 1789} 1790 1791static void 1792mls_sysvmsg_create(struct ucred cred, struct msqid_kernel msqkptr, 1793 struct label msqlabel, struct msg msgptr, struct label msglabel) 1794{ 1795* struct mac_mls source, dest; 1796 1797 /* Ignore the msgq label. / 1798* source = SLOT(cred->cr_label); 1799 dest = SLOT(msglabel); 1800 1801 mls_copy_effective(source, dest); 1802} 1803
1596static int 1597mls_sysvmsq_check_msgrcv(struct ucred cred, struct msg msgptr, 1598 struct label msglabel) 1599{ 1600* struct mac_mls subj, obj; 1601 1602 if (!mls_enabled) 1603 return (0); --- 105 unchanged lines hidden (view full) --- 1709 1710 default: 1711 return (EACCES); 1712 } 1713 1714 return (0); 1715} 1716	1804static int 1805mls_sysvmsq_check_msgrcv(struct ucred cred, struct msg msgptr, 1806 struct label msglabel) 1807{ 1808* struct mac_mls subj, obj; 1809 1810 if (!mls_enabled) 1811 return (0); --- 105 unchanged lines hidden (view full) --- 1917 1918 default: 1919 return (EACCES); 1920 } 1921 1922 return (0); 1923} 1924
	1925static void 1926mls_sysvmsq_cleanup(struct label msqlabel) 1927{ 1928* 1929 bzero(SLOT(msqlabel), sizeof(struct mac_mls)); 1930} 1931 1932static void 1933mls_sysvmsq_create(struct ucred cred, struct msqid_kernel msqkptr, 1934 struct label msqlabel) 1935{ 1936* struct mac_mls source, dest; 1937 1938 source = SLOT(cred->cr_label); 1939 dest = SLOT(msqlabel); 1940 1941 mls_copy_effective(source, dest); 1942} 1943
1717static int 1718mls_sysvsem_check_semctl(struct ucred cred, struct semid_kernel semakptr, 1719 struct label semaklabel, int cmd) 1720{ 1721* struct mac_mls subj, obj; 1722 1723 if (!mls_enabled) 1724 return (0); --- 63 unchanged lines hidden (view full) --- 1788 1789 if( accesstype & SEM_A ) 1790 if (!mls_dominate_effective(obj, subj)) 1791 return (EACCES); 1792 1793 return (0); 1794} 1795	1944static int 1945mls_sysvsem_check_semctl(struct ucred cred, struct semid_kernel semakptr, 1946 struct label semaklabel, int cmd) 1947{ 1948* struct mac_mls subj, obj; 1949 1950 if (!mls_enabled) 1951 return (0); --- 63 unchanged lines hidden (view full) --- 2015 2016 if( accesstype & SEM_A ) 2017 if (!mls_dominate_effective(obj, subj)) 2018 return (EACCES); 2019 2020 return (0); 2021} 2022
	2023static void 2024mls_sysvsem_cleanup(struct label semalabel) 2025{ 2026* 2027 bzero(SLOT(semalabel), sizeof(struct mac_mls)); 2028} 2029 2030static void 2031mls_sysvsem_create(struct ucred cred, struct semid_kernel semakptr, 2032 struct label semalabel) 2033{ 2034* struct mac_mls source, dest; 2035 2036 source = SLOT(cred->cr_label); 2037 dest = SLOT(semalabel); 2038 2039 mls_copy_effective(source, dest); 2040} 2041
1796static int 1797mls_sysvshm_check_shmat(struct ucred cred, struct shmid_kernel shmsegptr, 1798 struct label shmseglabel, int shmflg) 1799{ 1800* struct mac_mls subj, obj; 1801 1802 if (!mls_enabled) 1803 return (0); --- 56 unchanged lines hidden (view full) --- 1860 obj = SLOT(shmseglabel); 1861 1862 if (!mls_dominate_effective(obj, subj)) 1863 return (EACCES); 1864 1865 return (0); 1866} 1867	2042static int 2043mls_sysvshm_check_shmat(struct ucred cred, struct shmid_kernel shmsegptr, 2044 struct label shmseglabel, int shmflg) 2045{ 2046* struct mac_mls subj, obj; 2047 2048 if (!mls_enabled) 2049 return (0); --- 56 unchanged lines hidden (view full) --- 2106 obj = SLOT(shmseglabel); 2107 2108 if (!mls_dominate_effective(obj, subj)) 2109 return (EACCES); 2110 2111 return (0); 2112} 2113
1868static int 1869mls_mount_check_stat(struct ucred cred, struct mount mp, 1870 struct label *mntlabel)	2114static void 2115mls_sysvshm_cleanup(struct label *shmlabel)
1871{	2116{
1872 struct mac_mls subj, obj;
1873	2117
1874 if (!mls_enabled) 1875 return (0); 1876 1877 subj = SLOT(cred->cr_label); 1878 obj = SLOT(mntlabel); 1879 1880 if (!mls_dominate_effective(subj, obj)) 1881 return (EACCES); 1882 1883 return (0);	2118 bzero(SLOT(shmlabel), sizeof(struct mac_mls));
1884} 1885	2119} 2120
1886static int 1887mls_pipe_check_ioctl(struct ucred cred, struct pipepair pp, 1888 struct label pplabel, unsigned long cmd, void / caddr_t / data)	2121static void 2122mls_sysvshm_create(struct ucred cred, struct shmid_kernel shmsegptr, 2123 struct label *shmlabel)
1889{	2124{
	2125 struct mac_mls source, dest;
1890	2126
1891 if (!mls_enabled) 1892 return (0);	2127 source = SLOT(cred->cr_label); 2128 dest = SLOT(shmlabel);
1893	2129
1894 /* XXX: This will be implemented soon... / 1895* 1896 return (0);	2130 mls_copy_effective(source, dest);
1897} 1898 1899static int	2131} 2132 2133static int
1900mls_pipe_check_poll(struct ucred cred, struct pipepair pp, 1901 struct label *pplabel)	2134mls_vnode_associate_extattr(struct mount mp, struct label mplabel, 2135 struct vnode vp, struct label vplabel)
1902{	2136{
1903 struct mac_mls subj, obj;	2137 struct mac_mls mm_temp, source, dest; 2138 int buflen, error;
1904	2139
1905 if (!mls_enabled) 1906 return (0);	2140 source = SLOT(mplabel); 2141 dest = SLOT(vplabel);
1907	2142
1908 subj = SLOT(cred->cr_label); 1909 obj = SLOT(pplabel);	2143 buflen = sizeof(mm_temp); 2144 bzero(&mm_temp, buflen);
1910	2145
1911 if (!mls_dominate_effective(subj, obj)) 1912 return (EACCES); 1913 1914 return (0); 1915} 1916 1917static int 1918mls_pipe_check_read(struct ucred cred, struct pipepair pp, 1919 struct label pplabel) 1920{ 1921* struct mac_mls subj, obj; 1922 1923 if (!mls_enabled)	2146 error = vn_extattr_get(vp, IO_NODELOCKED, MAC_MLS_EXTATTR_NAMESPACE, 2147 MAC_MLS_EXTATTR_NAME, &buflen, (char ) &mm_temp, curthread); 2148* if (error == ENOATTR \|\| error == EOPNOTSUPP) { 2149 /* Fall back to the mntlabel. / 2150* mls_copy_effective(source, dest);
1924 return (0);	2151 return (0);
1925 1926 subj = SLOT(cred->cr_label); 1927 obj = SLOT(pplabel); 1928 1929 if (!mls_dominate_effective(subj, obj)) 1930 return (EACCES); 1931 1932 return (0); 1933} 1934 1935static int 1936mls_pipe_check_relabel(struct ucred cred, struct pipepair pp, 1937 struct label pplabel, struct label newlabel) 1938{ 1939 struct mac_mls subj, obj, new; 1940* int error; 1941 1942 new = SLOT(newlabel); 1943 subj = SLOT(cred->cr_label); 1944 obj = SLOT(pplabel); 1945 1946 /* 1947 * If there is an MLS label update for a pipe, it must be a effective 1948 * update. 1949 / 1950* error = mls_atmostflags(new, MAC_MLS_FLAG_EFFECTIVE); 1951 if (error)	2152 } else if (error)
1952 return (error); 1953	2153 return (error); 2154
1954 /* 1955 * To perform a relabel of a pipe (MLS label or not), MLS must 1956 * authorize the relabel. 1957 / 1958* if (!mls_effective_in_range(obj, subj))	2155 if (buflen != sizeof(mm_temp)) { 2156 printf("mls_vnode_associate_extattr: bad size %d\n", buflen);
1959 return (EPERM);	2157 return (EPERM);
1960 1961 /* 1962 * If the MLS label is to be changed, authorize as appropriate. 1963 / 1964* if (new->mm_flags & MAC_MLS_FLAG_EFFECTIVE) { 1965 /* 1966 * To change the MLS label on a pipe, the new pipe label must 1967 * be in the subject range. 1968 / 1969* if (!mls_effective_in_range(new, subj)) 1970 return (EPERM); 1971 1972 /* 1973 * To change the MLS label on a pipe to be EQUAL, the subject 1974 * must have appropriate privilege. 1975 / 1976* if (mls_contains_equal(new)) { 1977 error = mls_subject_privileged(subj); 1978 if (error) 1979 return (error); 1980 }
1981 }	2158 }
1982 1983 return (0); 1984} 1985 1986static int 1987mls_pipe_check_stat(struct ucred cred, struct pipepair pp, 1988 struct label pplabel) 1989{ 1990* struct mac_mls subj, obj; 1991 1992 if (!mls_enabled) 1993 return (0); 1994 1995 subj = SLOT(cred->cr_label); 1996 obj = SLOT(pplabel); 1997 1998 if (!mls_dominate_effective(subj, obj)) 1999 return (EACCES); 2000 2001 return (0); 2002} 2003 2004static int 2005mls_pipe_check_write(struct ucred cred, struct pipepair pp, 2006 struct label pplabel) 2007{ 2008* struct mac_mls subj, obj; 2009 2010 if (!mls_enabled) 2011 return (0); 2012 2013 subj = SLOT(cred->cr_label); 2014 obj = SLOT(pplabel); 2015 2016 if (!mls_dominate_effective(obj, subj)) 2017 return (EACCES); 2018 2019 return (0); 2020} 2021 2022static int 2023mls_posixsem_check_write(struct ucred cred, struct ksem ks, 2024 struct label kslabel) 2025{ 2026* struct mac_mls subj, obj; 2027 2028 if (!mls_enabled) 2029 return (0); 2030 2031 subj = SLOT(cred->cr_label); 2032 obj = SLOT(kslabel); 2033 2034 if (!mls_dominate_effective(obj, subj)) 2035 return (EACCES); 2036 2037 return (0); 2038} 2039 2040static int 2041mls_posixsem_check_rdonly(struct ucred cred, struct ksem ks, 2042 struct label kslabel) 2043{ 2044* struct mac_mls subj, obj; 2045 2046 if (!mls_enabled) 2047 return (0); 2048 2049 subj = SLOT(cred->cr_label); 2050 obj = SLOT(kslabel); 2051 2052 if (!mls_dominate_effective(subj, obj)) 2053 return (EACCES); 2054 2055 return (0); 2056} 2057 2058static int 2059mls_proc_check_debug(struct ucred cred, struct proc p) 2060{ 2061 struct mac_mls subj, obj; 2062 2063 if (!mls_enabled) 2064 return (0); 2065 2066 subj = SLOT(cred->cr_label); 2067 obj = SLOT(p->p_ucred->cr_label); 2068 2069 /* XXX: range checks / 2070* if (!mls_dominate_effective(subj, obj)) 2071 return (ESRCH); 2072 if (!mls_dominate_effective(obj, subj)) 2073 return (EACCES); 2074 2075 return (0); 2076} 2077 2078static int 2079mls_proc_check_sched(struct ucred cred, struct proc p) 2080{ 2081 struct mac_mls subj, obj; 2082 2083 if (!mls_enabled) 2084 return (0); 2085 2086 subj = SLOT(cred->cr_label); 2087 obj = SLOT(p->p_ucred->cr_label); 2088 2089 /* XXX: range checks / 2090* if (!mls_dominate_effective(subj, obj)) 2091 return (ESRCH); 2092 if (!mls_dominate_effective(obj, subj)) 2093 return (EACCES); 2094 2095 return (0); 2096} 2097 2098static int 2099mls_proc_check_signal(struct ucred cred, struct proc p, int signum) 2100{ 2101 struct mac_mls subj, obj; 2102 2103 if (!mls_enabled) 2104 return (0); 2105 2106 subj = SLOT(cred->cr_label); 2107 obj = SLOT(p->p_ucred->cr_label); 2108 2109 /* XXX: range checks / 2110* if (!mls_dominate_effective(subj, obj)) 2111 return (ESRCH); 2112 if (!mls_dominate_effective(obj, subj)) 2113 return (EACCES); 2114 2115 return (0); 2116} 2117 2118static int 2119mls_socket_check_deliver(struct socket so, struct label solabel, 2120 struct mbuf m, struct label mlabel) 2121{ 2122 struct mac_mls p, s; 2123 2124 if (!mls_enabled) 2125 return (0); 2126 2127 p = SLOT(mlabel); 2128 s = SLOT(solabel); 2129 2130 return (mls_equal_effective(p, s) ? 0 : EACCES); 2131} 2132 2133static int 2134mls_socket_check_relabel(struct ucred cred, struct socket so, 2135 struct label solabel, struct label newlabel) 2136{ 2137 struct mac_mls subj, obj, new; 2138* int error; 2139 2140 new = SLOT(newlabel); 2141 subj = SLOT(cred->cr_label); 2142 obj = SLOT(solabel); 2143 2144 /* 2145 * If there is an MLS label update for the socket, it may be an 2146 * update of effective. 2147 / 2148* error = mls_atmostflags(new, MAC_MLS_FLAG_EFFECTIVE); 2149 if (error) 2150 return (error); 2151 2152 /* 2153 * To relabel a socket, the old socket effective must be in the 2154 * subject range. 2155 / 2156* if (!mls_effective_in_range(obj, subj))	2159 if (mls_valid(&mm_temp) != 0) { 2160 printf("mls_vnode_associate_extattr: invalid\n");
2157 return (EPERM);	2161 return (EPERM);
2158 2159 /* 2160 * If the MLS label is to be changed, authorize as appropriate. 2161 / 2162* if (new->mm_flags & MAC_MLS_FLAG_EFFECTIVE) { 2163 /* 2164 * To relabel a socket, the new socket effective must be in 2165 * the subject range. 2166 / 2167* if (!mls_effective_in_range(new, subj)) 2168 return (EPERM); 2169 2170 /* 2171 * To change the MLS label on the socket to contain EQUAL, 2172 * the subject must have appropriate privilege. 2173 / 2174* if (mls_contains_equal(new)) { 2175 error = mls_subject_privileged(subj); 2176 if (error) 2177 return (error); 2178 }
2179 }	2162 }
	2163 if ((mm_temp.mm_flags & MAC_MLS_FLAGS_BOTH) != 2164 MAC_MLS_FLAG_EFFECTIVE) { 2165 printf("mls_associated_vnode_extattr: not effective\n"); 2166 return (EPERM); 2167 }
2180	2168
	2169 mls_copy_effective(&mm_temp, dest);
2181 return (0); 2182} 2183	2170 return (0); 2171} 2172
2184static int 2185mls_socket_check_visible(struct ucred cred, struct socket so, 2186 struct label *solabel)	2173static void 2174mls_vnode_associate_singlelabel(struct mount mp, struct label mplabel, 2175 struct vnode vp, struct label vplabel)
2187{	2176{
2188 struct mac_mls subj, obj;	2177 struct mac_mls source, dest;
2189	2178
2190 if (!mls_enabled) 2191 return (0);	2179 source = SLOT(mplabel); 2180 dest = SLOT(vplabel);
2192	2181
2193 subj = SLOT(cred->cr_label); 2194 obj = SLOT(solabel); 2195 2196 if (!mls_dominate_effective(subj, obj)) 2197 return (ENOENT); 2198 2199 return (0);	2182 mls_copy_effective(source, dest);
2200} 2201 2202static int	2183} 2184 2185static int
2203mls_system_check_acct(struct ucred cred, struct vnode vp, 2204 struct label vplabel) 2205{ 2206* struct mac_mls subj, obj; 2207 2208 if (!mls_enabled) 2209 return (0); 2210 2211 subj = SLOT(cred->cr_label); 2212 obj = SLOT(vplabel); 2213 2214 if (!mls_dominate_effective(obj, subj) \|\| 2215 !mls_dominate_effective(subj, obj)) 2216 return (EACCES); 2217 2218 return (0); 2219} 2220 2221static int 2222mls_system_check_auditctl(struct ucred cred, struct vnode vp, 2223 struct label vplabel) 2224{ 2225* struct mac_mls subj, obj; 2226 2227 if (!mls_enabled) 2228 return (0); 2229 2230 subj = SLOT(cred->cr_label); 2231 obj = SLOT(vplabel); 2232 2233 if (!mls_dominate_effective(obj, subj) \|\| 2234 !mls_dominate_effective(subj, obj)) 2235 return (EACCES); 2236 2237 return (0); 2238} 2239 2240static int 2241mls_system_check_swapon(struct ucred cred, struct vnode vp, 2242 struct label vplabel) 2243{ 2244* struct mac_mls subj, obj; 2245 2246 if (!mls_enabled) 2247 return (0); 2248 2249 subj = SLOT(cred->cr_label); 2250 obj = SLOT(vplabel); 2251 2252 if (!mls_dominate_effective(obj, subj) \|\| 2253 !mls_dominate_effective(subj, obj)) 2254 return (EACCES); 2255 2256 return (0); 2257} 2258 2259static int
2260mls_vnode_check_chdir(struct ucred cred, struct vnode dvp, 2261 struct label dvplabel) 2262{ 2263* struct mac_mls subj, obj; 2264 2265 if (!mls_enabled) 2266 return (0); 2267 --- 617 unchanged lines hidden (view full) --- 2885 obj = SLOT(vplabel); 2886 2887 if (!mls_dominate_effective(obj, subj)) 2888 return (EACCES); 2889 2890 return (0); 2891} 2892	2186mls_vnode_check_chdir(struct ucred cred, struct vnode dvp, 2187 struct label dvplabel) 2188{ 2189* struct mac_mls subj, obj; 2190 2191 if (!mls_enabled) 2192 return (0); 2193 --- 617 unchanged lines hidden (view full) --- 2811 obj = SLOT(vplabel); 2812 2813 if (!mls_dominate_effective(obj, subj)) 2814 return (EACCES); 2815 2816 return (0); 2817} 2818
	2819static int 2820mls_vnode_create_extattr(struct ucred cred, struct mount mp, 2821 struct label mplabel, struct vnode dvp, struct label dvplabel, 2822* struct vnode vp, struct label vplabel, struct componentname cnp) 2823{ 2824* struct mac_mls source, dest, mm_temp; 2825 size_t buflen; 2826 int error; 2827 2828 buflen = sizeof(mm_temp); 2829 bzero(&mm_temp, buflen); 2830 2831 source = SLOT(cred->cr_label); 2832 dest = SLOT(vplabel); 2833 mls_copy_effective(source, &mm_temp); 2834 2835 error = vn_extattr_set(vp, IO_NODELOCKED, MAC_MLS_EXTATTR_NAMESPACE, 2836 MAC_MLS_EXTATTR_NAME, buflen, (char ) &mm_temp, curthread); 2837* if (error == 0) 2838 mls_copy_effective(source, dest); 2839 return (error); 2840} 2841 2842static void 2843mls_vnode_relabel(struct ucred cred, struct vnode vp, 2844 struct label vplabel, struct label label) 2845{ 2846 struct mac_mls source, dest; 2847 2848 source = SLOT(label); 2849 dest = SLOT(vplabel); 2850 2851 mls_copy(source, dest); 2852} 2853 2854static int 2855mls_vnode_setlabel_extattr(struct ucred cred, struct vnode vp, 2856 struct label vplabel, struct label intlabel) 2857{ 2858 struct mac_mls source, mm_temp; 2859* size_t buflen; 2860 int error; 2861 2862 buflen = sizeof(mm_temp); 2863 bzero(&mm_temp, buflen); 2864 2865 source = SLOT(intlabel); 2866 if ((source->mm_flags & MAC_MLS_FLAG_EFFECTIVE) == 0) 2867 return (0); 2868 2869 mls_copy_effective(source, &mm_temp); 2870 2871 error = vn_extattr_set(vp, IO_NODELOCKED, MAC_MLS_EXTATTR_NAMESPACE, 2872 MAC_MLS_EXTATTR_NAME, buflen, (char ) &mm_temp, curthread); 2873* return (error); 2874} 2875
2893static struct mac_policy_ops mls_ops = 2894{ 2895 .mpo_init = mls_init,	2876static struct mac_policy_ops mls_ops = 2877{ 2878 .mpo_init = mls_init,
2896 .mpo_bpfdesc_init_label = mls_init_label, 2897 .mpo_cred_init_label = mls_init_label, 2898 .mpo_devfs_init_label = mls_init_label, 2899 .mpo_ifnet_init_label = mls_init_label, 2900 .mpo_inpcb_init_label = mls_init_label_waitcheck, 2901 .mpo_syncache_init_label = mls_init_label_waitcheck, 2902 .mpo_sysvmsg_init_label = mls_init_label, 2903 .mpo_sysvmsq_init_label = mls_init_label, 2904 .mpo_sysvsem_init_label = mls_init_label, 2905 .mpo_sysvshm_init_label = mls_init_label, 2906 .mpo_ipq_init_label = mls_init_label_waitcheck, 2907 .mpo_mbuf_init_label = mls_init_label_waitcheck, 2908 .mpo_mount_init_label = mls_init_label, 2909 .mpo_pipe_init_label = mls_init_label, 2910 .mpo_posixsem_init_label = mls_init_label, 2911 .mpo_socket_init_label = mls_init_label_waitcheck, 2912 .mpo_socketpeer_init_label = mls_init_label_waitcheck, 2913 .mpo_vnode_init_label = mls_init_label,	2879 2880 .mpo_bpfdesc_check_receive = mls_bpfdesc_check_receive, 2881 .mpo_bpfdesc_create = mls_bpfdesc_create, 2882 .mpo_bpfdesc_create_mbuf = mls_bpfdesc_create_mbuf,
2914 .mpo_bpfdesc_destroy_label = mls_destroy_label,	2883 .mpo_bpfdesc_destroy_label = mls_destroy_label,
2915 .mpo_cred_destroy_label = mls_destroy_label, 2916 .mpo_devfs_destroy_label = mls_destroy_label, 2917 .mpo_ifnet_destroy_label = mls_destroy_label, 2918 .mpo_inpcb_destroy_label = mls_destroy_label, 2919 .mpo_syncache_destroy_label = mls_destroy_label, 2920 .mpo_sysvmsg_destroy_label = mls_destroy_label, 2921 .mpo_sysvmsq_destroy_label = mls_destroy_label, 2922 .mpo_sysvsem_destroy_label = mls_destroy_label, 2923 .mpo_sysvshm_destroy_label = mls_destroy_label, 2924 .mpo_ipq_destroy_label = mls_destroy_label, 2925 .mpo_mbuf_destroy_label = mls_destroy_label, 2926 .mpo_mount_destroy_label = mls_destroy_label, 2927 .mpo_pipe_destroy_label = mls_destroy_label, 2928 .mpo_posixsem_destroy_label = mls_destroy_label, 2929 .mpo_socket_destroy_label = mls_destroy_label, 2930 .mpo_socketpeer_destroy_label = mls_destroy_label, 2931 .mpo_vnode_destroy_label = mls_destroy_label,	2884 .mpo_bpfdesc_init_label = mls_init_label, 2885 2886 .mpo_cred_check_relabel = mls_cred_check_relabel, 2887 .mpo_cred_check_visible = mls_cred_check_visible,
2932 .mpo_cred_copy_label = mls_copy_label,	2888 .mpo_cred_copy_label = mls_copy_label,
2933 .mpo_ifnet_copy_label = mls_copy_label, 2934 .mpo_mbuf_copy_label = mls_copy_label, 2935 .mpo_pipe_copy_label = mls_copy_label, 2936 .mpo_socket_copy_label = mls_copy_label, 2937 .mpo_vnode_copy_label = mls_copy_label,	2889 .mpo_cred_destroy_label = mls_destroy_label,
2938 .mpo_cred_externalize_label = mls_externalize_label,	2890 .mpo_cred_externalize_label = mls_externalize_label,
2939 .mpo_ifnet_externalize_label = mls_externalize_label, 2940 .mpo_pipe_externalize_label = mls_externalize_label, 2941 .mpo_socket_externalize_label = mls_externalize_label, 2942 .mpo_socketpeer_externalize_label = mls_externalize_label, 2943 .mpo_vnode_externalize_label = mls_externalize_label,	2891 .mpo_cred_init_label = mls_init_label,
2944 .mpo_cred_internalize_label = mls_internalize_label,	2892 .mpo_cred_internalize_label = mls_internalize_label,
2945 .mpo_ifnet_internalize_label = mls_internalize_label, 2946 .mpo_pipe_internalize_label = mls_internalize_label, 2947 .mpo_socket_internalize_label = mls_internalize_label, 2948 .mpo_vnode_internalize_label = mls_internalize_label,	2893 .mpo_cred_relabel = mls_cred_relabel, 2894
2949 .mpo_devfs_create_device = mls_devfs_create_device, 2950 .mpo_devfs_create_directory = mls_devfs_create_directory, 2951 .mpo_devfs_create_symlink = mls_devfs_create_symlink,	2895 .mpo_devfs_create_device = mls_devfs_create_device, 2896 .mpo_devfs_create_directory = mls_devfs_create_directory, 2897 .mpo_devfs_create_symlink = mls_devfs_create_symlink,
2952 .mpo_mount_create = mls_mount_create, 2953 .mpo_vnode_relabel = mls_vnode_relabel,	2898 .mpo_devfs_destroy_label = mls_destroy_label, 2899 .mpo_devfs_init_label = mls_init_label,
2954 .mpo_devfs_update = mls_devfs_update, 2955 .mpo_devfs_vnode_associate = mls_devfs_vnode_associate,	2900 .mpo_devfs_update = mls_devfs_update, 2901 .mpo_devfs_vnode_associate = mls_devfs_vnode_associate,
2956 .mpo_vnode_associate_extattr = mls_vnode_associate_extattr, 2957 .mpo_vnode_associate_singlelabel = mls_vnode_associate_singlelabel, 2958 .mpo_vnode_create_extattr = mls_vnode_create_extattr, 2959 .mpo_vnode_setlabel_extattr = mls_vnode_setlabel_extattr, 2960 .mpo_socket_create_mbuf = mls_socket_create_mbuf, 2961 .mpo_syncache_create_mbuf = mls_syncache_create_mbuf, 2962 .mpo_pipe_create = mls_pipe_create, 2963 .mpo_posixsem_create = mls_posixsem_create, 2964 .mpo_socket_create = mls_socket_create, 2965 .mpo_socket_newconn = mls_socket_newconn, 2966 .mpo_pipe_relabel = mls_pipe_relabel, 2967 .mpo_socket_relabel = mls_socket_relabel, 2968 .mpo_socketpeer_set_from_mbuf = mls_socketpeer_set_from_mbuf, 2969 .mpo_socketpeer_set_from_socket = mls_socketpeer_set_from_socket, 2970 .mpo_bpfdesc_create = mls_bpfdesc_create, 2971 .mpo_ipq_reassemble = mls_ipq_reassemble, 2972 .mpo_netinet_fragment = mls_netinet_fragment,	2902 2903 .mpo_ifnet_check_relabel = mls_ifnet_check_relabel, 2904 .mpo_ifnet_check_transmit = mls_ifnet_check_transmit, 2905 .mpo_ifnet_copy_label = mls_copy_label,
2973 .mpo_ifnet_create = mls_ifnet_create,	2906 .mpo_ifnet_create = mls_ifnet_create,
	2907 .mpo_ifnet_create_mbuf = mls_ifnet_create_mbuf, 2908 .mpo_ifnet_destroy_label = mls_destroy_label, 2909 .mpo_ifnet_externalize_label = mls_externalize_label, 2910 .mpo_ifnet_init_label = mls_init_label, 2911 .mpo_ifnet_internalize_label = mls_internalize_label, 2912 .mpo_ifnet_relabel = mls_ifnet_relabel, 2913 2914 .mpo_inpcb_check_deliver = mls_inpcb_check_deliver,
2974 .mpo_inpcb_create = mls_inpcb_create,	2915 .mpo_inpcb_create = mls_inpcb_create,
2975 .mpo_syncache_create = mls_syncache_create, 2976 .mpo_ipq_create = mls_ipq_create, 2977 .mpo_sysvmsg_create = mls_sysvmsg_create, 2978 .mpo_sysvmsq_create = mls_sysvmsq_create, 2979 .mpo_sysvsem_create = mls_sysvsem_create, 2980 .mpo_sysvshm_create = mls_sysvshm_create,
2981 .mpo_inpcb_create_mbuf = mls_inpcb_create_mbuf,	2916 .mpo_inpcb_create_mbuf = mls_inpcb_create_mbuf,
2982 .mpo_bpfdesc_create_mbuf = mls_bpfdesc_create_mbuf, 2983 .mpo_ifnet_create_mbuf = mls_ifnet_create_mbuf,	2917 .mpo_inpcb_destroy_label = mls_destroy_label, 2918 .mpo_inpcb_init_label = mls_init_label_waitcheck, 2919 .mpo_inpcb_sosetlabel = mls_inpcb_sosetlabel, 2920 2921 .mpo_ipq_create = mls_ipq_create, 2922 .mpo_ipq_destroy_label = mls_destroy_label, 2923 .mpo_ipq_init_label = mls_init_label_waitcheck,
2984 .mpo_ipq_match = mls_ipq_match,	2924 .mpo_ipq_match = mls_ipq_match,
2985 .mpo_ifnet_relabel = mls_ifnet_relabel,	2925 .mpo_ipq_reassemble = mls_ipq_reassemble,
2986 .mpo_ipq_update = mls_ipq_update,	2926 .mpo_ipq_update = mls_ipq_update,
2987 .mpo_inpcb_sosetlabel = mls_inpcb_sosetlabel, 2988 .mpo_proc_create_swapper = mls_proc_create_swapper, 2989 .mpo_proc_create_init = mls_proc_create_init, 2990 .mpo_proc_associate_nfsd = mls_proc_associate_nfsd, 2991 .mpo_cred_relabel = mls_cred_relabel, 2992 .mpo_sysvmsg_cleanup = mls_sysvmsg_cleanup, 2993 .mpo_sysvmsq_cleanup = mls_sysvmsq_cleanup, 2994 .mpo_sysvsem_cleanup = mls_sysvsem_cleanup, 2995 .mpo_sysvshm_cleanup = mls_sysvshm_cleanup, 2996 .mpo_bpfdesc_check_receive = mls_bpfdesc_check_receive, 2997 .mpo_cred_check_relabel = mls_cred_check_relabel, 2998 .mpo_cred_check_visible = mls_cred_check_visible, 2999 .mpo_ifnet_check_relabel = mls_ifnet_check_relabel, 3000 .mpo_ifnet_check_transmit = mls_ifnet_check_transmit, 3001 .mpo_inpcb_check_deliver = mls_inpcb_check_deliver, 3002 .mpo_sysvmsq_check_msgrcv = mls_sysvmsq_check_msgrcv, 3003 .mpo_sysvmsq_check_msgrmid = mls_sysvmsq_check_msgrmid, 3004 .mpo_sysvmsq_check_msqget = mls_sysvmsq_check_msqget, 3005 .mpo_sysvmsq_check_msqsnd = mls_sysvmsq_check_msqsnd, 3006 .mpo_sysvmsq_check_msqrcv = mls_sysvmsq_check_msqrcv, 3007 .mpo_sysvmsq_check_msqctl = mls_sysvmsq_check_msqctl, 3008 .mpo_sysvsem_check_semctl = mls_sysvsem_check_semctl, 3009 .mpo_sysvsem_check_semget = mls_sysvsem_check_semget, 3010 .mpo_sysvsem_check_semop = mls_sysvsem_check_semop, 3011 .mpo_sysvshm_check_shmat = mls_sysvshm_check_shmat, 3012 .mpo_sysvshm_check_shmctl = mls_sysvshm_check_shmctl, 3013 .mpo_sysvshm_check_shmget = mls_sysvshm_check_shmget,	2927 2928 .mpo_mbuf_copy_label = mls_copy_label, 2929 .mpo_mbuf_destroy_label = mls_destroy_label, 2930 .mpo_mbuf_init_label = mls_init_label_waitcheck, 2931
3014 .mpo_mount_check_stat = mls_mount_check_stat,	2932 .mpo_mount_check_stat = mls_mount_check_stat,
	2933 .mpo_mount_create = mls_mount_create, 2934 .mpo_mount_destroy_label = mls_destroy_label, 2935 .mpo_mount_init_label = mls_init_label, 2936 2937 .mpo_netatalk_aarp_send = mls_netatalk_aarp_send, 2938 2939 .mpo_netinet_arp_send = mls_netinet_arp_send, 2940 .mpo_netinet_firewall_reply = mls_netinet_firewall_reply, 2941 .mpo_netinet_firewall_send = mls_netinet_firewall_send, 2942 .mpo_netinet_fragment = mls_netinet_fragment, 2943 .mpo_netinet_icmp_reply = mls_netinet_icmp_reply, 2944 .mpo_netinet_igmp_send = mls_netinet_igmp_send, 2945 2946 .mpo_netinet6_nd6_send = mls_netinet6_nd6_send, 2947
3015 .mpo_pipe_check_ioctl = mls_pipe_check_ioctl, 3016 .mpo_pipe_check_poll = mls_pipe_check_poll, 3017 .mpo_pipe_check_read = mls_pipe_check_read, 3018 .mpo_pipe_check_relabel = mls_pipe_check_relabel, 3019 .mpo_pipe_check_stat = mls_pipe_check_stat, 3020 .mpo_pipe_check_write = mls_pipe_check_write,	2948 .mpo_pipe_check_ioctl = mls_pipe_check_ioctl, 2949 .mpo_pipe_check_poll = mls_pipe_check_poll, 2950 .mpo_pipe_check_read = mls_pipe_check_read, 2951 .mpo_pipe_check_relabel = mls_pipe_check_relabel, 2952 .mpo_pipe_check_stat = mls_pipe_check_stat, 2953 .mpo_pipe_check_write = mls_pipe_check_write,
	2954 .mpo_pipe_copy_label = mls_copy_label, 2955 .mpo_pipe_create = mls_pipe_create, 2956 .mpo_pipe_destroy_label = mls_destroy_label, 2957 .mpo_pipe_externalize_label = mls_externalize_label, 2958 .mpo_pipe_init_label = mls_init_label, 2959 .mpo_pipe_internalize_label = mls_internalize_label, 2960 .mpo_pipe_relabel = mls_pipe_relabel, 2961
3021 .mpo_posixsem_check_destroy = mls_posixsem_check_write, 3022 .mpo_posixsem_check_getvalue = mls_posixsem_check_rdonly, 3023 .mpo_posixsem_check_open = mls_posixsem_check_write, 3024 .mpo_posixsem_check_post = mls_posixsem_check_write, 3025 .mpo_posixsem_check_unlink = mls_posixsem_check_write, 3026 .mpo_posixsem_check_wait = mls_posixsem_check_write,	2962 .mpo_posixsem_check_destroy = mls_posixsem_check_write, 2963 .mpo_posixsem_check_getvalue = mls_posixsem_check_rdonly, 2964 .mpo_posixsem_check_open = mls_posixsem_check_write, 2965 .mpo_posixsem_check_post = mls_posixsem_check_write, 2966 .mpo_posixsem_check_unlink = mls_posixsem_check_write, 2967 .mpo_posixsem_check_wait = mls_posixsem_check_write,
	2968 .mpo_posixsem_create = mls_posixsem_create, 2969 .mpo_posixsem_destroy_label = mls_destroy_label, 2970 .mpo_posixsem_init_label = mls_init_label, 2971 2972 .mpo_proc_associate_nfsd = mls_proc_associate_nfsd,
3027 .mpo_proc_check_debug = mls_proc_check_debug, 3028 .mpo_proc_check_sched = mls_proc_check_sched, 3029 .mpo_proc_check_signal = mls_proc_check_signal,	2973 .mpo_proc_check_debug = mls_proc_check_debug, 2974 .mpo_proc_check_sched = mls_proc_check_sched, 2975 .mpo_proc_check_signal = mls_proc_check_signal,
	2976 .mpo_proc_create_init = mls_proc_create_init, 2977 .mpo_proc_create_swapper = mls_proc_create_swapper, 2978
3030 .mpo_socket_check_deliver = mls_socket_check_deliver, 3031 .mpo_socket_check_relabel = mls_socket_check_relabel, 3032 .mpo_socket_check_visible = mls_socket_check_visible,	2979 .mpo_socket_check_deliver = mls_socket_check_deliver, 2980 .mpo_socket_check_relabel = mls_socket_check_relabel, 2981 .mpo_socket_check_visible = mls_socket_check_visible,
	2982 .mpo_socket_copy_label = mls_copy_label, 2983 .mpo_socket_create = mls_socket_create, 2984 .mpo_socket_create_mbuf = mls_socket_create_mbuf, 2985 .mpo_socket_destroy_label = mls_destroy_label, 2986 .mpo_socket_externalize_label = mls_externalize_label, 2987 .mpo_socket_init_label = mls_init_label_waitcheck, 2988 .mpo_socket_internalize_label = mls_internalize_label, 2989 .mpo_socket_newconn = mls_socket_newconn, 2990 .mpo_socket_relabel = mls_socket_relabel, 2991 2992 .mpo_socketpeer_destroy_label = mls_destroy_label, 2993 .mpo_socketpeer_externalize_label = mls_externalize_label, 2994 .mpo_socketpeer_init_label = mls_init_label_waitcheck, 2995 .mpo_socketpeer_set_from_mbuf = mls_socketpeer_set_from_mbuf, 2996 .mpo_socketpeer_set_from_socket = mls_socketpeer_set_from_socket, 2997 2998 .mpo_syncache_create = mls_syncache_create, 2999 .mpo_syncache_create_mbuf = mls_syncache_create_mbuf, 3000 .mpo_syncache_destroy_label = mls_destroy_label, 3001 .mpo_syncache_init_label = mls_init_label_waitcheck, 3002 3003 .mpo_sysvmsg_cleanup = mls_sysvmsg_cleanup, 3004 .mpo_sysvmsg_create = mls_sysvmsg_create, 3005 .mpo_sysvmsg_destroy_label = mls_destroy_label, 3006 .mpo_sysvmsg_init_label = mls_init_label, 3007 3008 .mpo_sysvmsq_check_msgrcv = mls_sysvmsq_check_msgrcv, 3009 .mpo_sysvmsq_check_msgrmid = mls_sysvmsq_check_msgrmid, 3010 .mpo_sysvmsq_check_msqget = mls_sysvmsq_check_msqget, 3011 .mpo_sysvmsq_check_msqsnd = mls_sysvmsq_check_msqsnd, 3012 .mpo_sysvmsq_check_msqrcv = mls_sysvmsq_check_msqrcv, 3013 .mpo_sysvmsq_check_msqctl = mls_sysvmsq_check_msqctl, 3014 .mpo_sysvmsq_cleanup = mls_sysvmsq_cleanup, 3015 .mpo_sysvmsq_destroy_label = mls_destroy_label, 3016 .mpo_sysvmsq_init_label = mls_init_label, 3017 .mpo_sysvmsq_create = mls_sysvmsq_create, 3018 3019 .mpo_sysvsem_check_semctl = mls_sysvsem_check_semctl, 3020 .mpo_sysvsem_check_semget = mls_sysvsem_check_semget, 3021 .mpo_sysvsem_check_semop = mls_sysvsem_check_semop, 3022 .mpo_sysvsem_cleanup = mls_sysvsem_cleanup, 3023 .mpo_sysvsem_create = mls_sysvsem_create, 3024 .mpo_sysvsem_destroy_label = mls_destroy_label, 3025 .mpo_sysvsem_init_label = mls_init_label, 3026 3027 .mpo_sysvshm_check_shmat = mls_sysvshm_check_shmat, 3028 .mpo_sysvshm_check_shmctl = mls_sysvshm_check_shmctl, 3029 .mpo_sysvshm_check_shmget = mls_sysvshm_check_shmget, 3030 .mpo_sysvshm_cleanup = mls_sysvshm_cleanup, 3031 .mpo_sysvshm_create = mls_sysvshm_create, 3032 .mpo_sysvshm_destroy_label = mls_destroy_label, 3033 .mpo_sysvshm_init_label = mls_init_label, 3034 3035
3033 .mpo_system_check_acct = mls_system_check_acct, 3034 .mpo_system_check_auditctl = mls_system_check_auditctl, 3035 .mpo_system_check_swapon = mls_system_check_swapon,	3036 .mpo_system_check_acct = mls_system_check_acct, 3037 .mpo_system_check_auditctl = mls_system_check_auditctl, 3038 .mpo_system_check_swapon = mls_system_check_swapon,
	3039 3040 .mpo_vnode_associate_extattr = mls_vnode_associate_extattr, 3041 .mpo_vnode_associate_singlelabel = mls_vnode_associate_singlelabel,
3036 .mpo_vnode_check_access = mls_vnode_check_open, 3037 .mpo_vnode_check_chdir = mls_vnode_check_chdir, 3038 .mpo_vnode_check_chroot = mls_vnode_check_chroot, 3039 .mpo_vnode_check_create = mls_vnode_check_create, 3040 .mpo_vnode_check_deleteacl = mls_vnode_check_deleteacl, 3041 .mpo_vnode_check_deleteextattr = mls_vnode_check_deleteextattr, 3042 .mpo_vnode_check_exec = mls_vnode_check_exec, 3043 .mpo_vnode_check_getacl = mls_vnode_check_getacl, --- 15 unchanged lines hidden (view full) --- 3059 .mpo_vnode_check_setextattr = mls_vnode_check_setextattr, 3060 .mpo_vnode_check_setflags = mls_vnode_check_setflags, 3061 .mpo_vnode_check_setmode = mls_vnode_check_setmode, 3062 .mpo_vnode_check_setowner = mls_vnode_check_setowner, 3063 .mpo_vnode_check_setutimes = mls_vnode_check_setutimes, 3064 .mpo_vnode_check_stat = mls_vnode_check_stat, 3065 .mpo_vnode_check_unlink = mls_vnode_check_unlink, 3066 .mpo_vnode_check_write = mls_vnode_check_write,	3042 .mpo_vnode_check_access = mls_vnode_check_open, 3043 .mpo_vnode_check_chdir = mls_vnode_check_chdir, 3044 .mpo_vnode_check_chroot = mls_vnode_check_chroot, 3045 .mpo_vnode_check_create = mls_vnode_check_create, 3046 .mpo_vnode_check_deleteacl = mls_vnode_check_deleteacl, 3047 .mpo_vnode_check_deleteextattr = mls_vnode_check_deleteextattr, 3048 .mpo_vnode_check_exec = mls_vnode_check_exec, 3049 .mpo_vnode_check_getacl = mls_vnode_check_getacl, --- 15 unchanged lines hidden (view full) --- 3065 .mpo_vnode_check_setextattr = mls_vnode_check_setextattr, 3066 .mpo_vnode_check_setflags = mls_vnode_check_setflags, 3067 .mpo_vnode_check_setmode = mls_vnode_check_setmode, 3068 .mpo_vnode_check_setowner = mls_vnode_check_setowner, 3069 .mpo_vnode_check_setutimes = mls_vnode_check_setutimes, 3070 .mpo_vnode_check_stat = mls_vnode_check_stat, 3071 .mpo_vnode_check_unlink = mls_vnode_check_unlink, 3072 .mpo_vnode_check_write = mls_vnode_check_write,
3067 .mpo_netatalk_aarp_send = mls_netatalk_aarp_send, 3068 .mpo_netinet_arp_send = mls_netinet_arp_send, 3069 .mpo_netinet_firewall_reply = mls_netinet_firewall_reply, 3070 .mpo_netinet_firewall_send = mls_netinet_firewall_send, 3071 .mpo_netinet_icmp_reply = mls_netinet_icmp_reply, 3072 .mpo_netinet_igmp_send = mls_netinet_igmp_send, 3073 .mpo_netinet6_nd6_send = mls_netinet6_nd6_send,	3073 .mpo_vnode_copy_label = mls_copy_label, 3074 .mpo_vnode_create_extattr = mls_vnode_create_extattr, 3075 .mpo_vnode_destroy_label = mls_destroy_label, 3076 .mpo_vnode_externalize_label = mls_externalize_label, 3077 .mpo_vnode_init_label = mls_init_label, 3078 .mpo_vnode_internalize_label = mls_internalize_label, 3079 .mpo_vnode_relabel = mls_vnode_relabel, 3080 .mpo_vnode_setlabel_extattr = mls_vnode_setlabel_extattr,
3074}; 3075 3076MAC_POLICY_SET(&mls_ops, mac_mls, "TrustedBSD MAC/MLS", 3077 MPC_LOADTIME_FLAG_NOTLATE \| MPC_LOADTIME_FLAG_LABELMBUFS, &mls_slot);	3081}; 3082 3083MAC_POLICY_SET(&mls_ops, mac_mls, "TrustedBSD MAC/MLS", 3084 MPC_LOADTIME_FLAG_NOTLATE \| MPC_LOADTIME_FLAG_LABELMBUFS, &mls_slot);