Deleted Added
sdiff udiff text old ( 173108 ) new ( 173138 )
full compact
mac_stub.c (173108) mac_stub.c (173138)
1/*-
2 * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
3 * Copyright (c) 2001-2005 McAfee, Inc.
4 * Copyright (c) 2005-2006 SPARTA, Inc.
5 * All rights reserved.
6 *
7 * This software was developed by Robert Watson for the TrustedBSD Project.
8 *

--- 21 unchanged lines hidden (view full) ---

30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * SUCH DAMAGE.
37 *
1/*-
2 * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
3 * Copyright (c) 2001-2005 McAfee, Inc.
4 * Copyright (c) 2005-2006 SPARTA, Inc.
5 * All rights reserved.
6 *
7 * This software was developed by Robert Watson for the TrustedBSD Project.
8 *

--- 21 unchanged lines hidden (view full) ---

30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * SUCH DAMAGE.
37 *
38 * $FreeBSD: head/sys/security/mac_stub/mac_stub.c 173108 2007-10-28 17:55:57Z rwatson $
38 * $FreeBSD: head/sys/security/mac_stub/mac_stub.c 173138 2007-10-29 13:33:06Z rwatson $
39 */
40
41/*
42 * Developed by the TrustedBSD Project.
43 *
44 * Stub module that implements a NOOP for most (if not all) MAC Framework
45 * policy entry points.
46 */

--- 107 unchanged lines hidden (view full) ---

154stub_internalize_label(struct label *label, char *element_name,
155 char *element_data, int *claimed)
156{
157
158 return (0);
159}
160
161/*
39 */
40
41/*
42 * Developed by the TrustedBSD Project.
43 *
44 * Stub module that implements a NOOP for most (if not all) MAC Framework
45 * policy entry points.
46 */

--- 107 unchanged lines hidden (view full) ---

154stub_internalize_label(struct label *label, char *element_name,
155 char *element_data, int *claimed)
156{
157
158 return (0);
159}
160
161/*
162 * Labeling event operations: file system objects, and things that look
163 * a lot like file system objects.
162 * Object-specific entry point imeplementations are sorted alphabetically by
163 * object type name and then by operation.
164 */
164 */
165static void
166stub_devfs_vnode_associate(struct mount *mp, struct label *mplabel,
167 struct devfs_dirent *de, struct label *delabel, struct vnode *vp,
168 struct label *vplabel)
169{
170
171}
172
173static int
165static int
174stub_vnode_associate_extattr(struct mount *mp, struct label *mplabel,
175 struct vnode *vp, struct label *vplabel)
166stub_bpfdesc_check_receive(struct bpf_d *d, struct label *dlabel,
167 struct ifnet *ifp, struct label *ifplabel)
176{
177
168{
169
178 return (0);
170 return (0);
179}
180
181static void
171}
172
173static void
182stub_vnode_associate_singlelabel(struct mount *mp, struct label *mplabel,
183 struct vnode *vp, struct label *vplabel)
174stub_bpfdesc_create(struct ucred *cred, struct bpf_d *d,
175 struct label *dlabel)
184{
185
186}
187
188static void
176{
177
178}
179
180static void
189stub_devfs_create_device(struct ucred *cred, struct mount *mp,
190 struct cdev *dev, struct devfs_dirent *de, struct label *delabel)
181stub_bpfdesc_create_mbuf(struct bpf_d *d, struct label *dlabel,
182 struct mbuf *m, struct label *mlabel)
191{
192
193}
194
183{
184
185}
186
195static void
196stub_devfs_create_directory(struct mount *mp, char *dirname,
197 int dirnamelen, struct devfs_dirent *de, struct label *delabel)
187static int
188stub_cred_check_relabel(struct ucred *cred, struct label *newlabel)
198{
199
189{
190
191 return (0);
200}
201
192}
193
202static void
203stub_devfs_create_symlink(struct ucred *cred, struct mount *mp,
204 struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de,
205 struct label *delabel)
206{
207
208}
209
210static int
194static int
211stub_vnode_create_extattr(struct ucred *cred, struct mount *mp,
212 struct label *mntlabel, struct vnode *dvp, struct label *dvplabel,
213 struct vnode *vp, struct label *vplabel, struct componentname *cnp)
195stub_cred_check_visible(struct ucred *cr1, struct ucred *cr2)
214{
215
216 return (0);
217}
218
219static void
196{
197
198 return (0);
199}
200
201static void
220stub_mount_create(struct ucred *cred, struct mount *mp,
221 struct label *mplabel)
202stub_cred_relabel(struct ucred *cred, struct label *newlabel)
222{
223
224}
225
226static void
203{
204
205}
206
207static void
227stub_vnode_relabel(struct ucred *cred, struct vnode *vp,
228 struct label *vplabel, struct label *label)
208stub_devfs_create_device(struct ucred *cred, struct mount *mp,
209 struct cdev *dev, struct devfs_dirent *de, struct label *delabel)
229{
230
231}
232
210{
211
212}
213
233static int
234stub_vnode_setlabel_extattr(struct ucred *cred, struct vnode *vp,
235 struct label *vplabel, struct label *intlabel)
236{
237
238 return (0);
239}
240
241static void
214static void
242stub_devfs_update(struct mount *mp, struct devfs_dirent *de,
243 struct label *delabel, struct vnode *vp, struct label *vplabel)
215stub_devfs_create_directory(struct mount *mp, char *dirname,
216 int dirnamelen, struct devfs_dirent *de, struct label *delabel)
244{
245
246}
247
217{
218
219}
220
248/*
249 * Labeling event operations: IPC object.
250 */
251static void
221static void
252stub_socket_create_mbuf(struct socket *so, struct label *solabel,
253 struct mbuf *m, struct label *mlabel)
222stub_devfs_create_symlink(struct ucred *cred, struct mount *mp,
223 struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de,
224 struct label *delabel)
254{
255
256}
257
258static void
225{
226
227}
228
229static void
259stub_socket_create(struct ucred *cred, struct socket *so,
260 struct label *solabel)
230stub_devfs_update(struct mount *mp, struct devfs_dirent *de,
231 struct label *delabel, struct vnode *vp, struct label *vplabel)
261{
262
263}
264
265static void
232{
233
234}
235
236static void
266stub_pipe_create(struct ucred *cred, struct pipepair *pp,
267 struct label *pplabel)
237stub_devfs_vnode_associate(struct mount *mp, struct label *mplabel,
238 struct devfs_dirent *de, struct label *delabel, struct vnode *vp,
239 struct label *vplabel)
268{
269
270}
271
240{
241
242}
243
272static void
273stub_posixsem_create(struct ucred *cred, struct ksem *ks,
274 struct label *kslabel)
244static int
245stub_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifp,
246 struct label *ifplabel, struct label *newlabel)
275{
276
247{
248
249 return (0);
277}
278
250}
251
279static void
280stub_socket_newconn(struct socket *oldso, struct label *oldsolabel,
281 struct socket *newso, struct label *newsolabel)
252static int
253stub_ifnet_check_transmit(struct ifnet *ifp, struct label *ifplabel,
254 struct mbuf *m, struct label *mlabel)
282{
283
255{
256
257 return (0);
284}
285
286static void
258}
259
260static void
287stub_socket_relabel(struct ucred *cred, struct socket *so,
288 struct label *solabel, struct label *newlabel)
261stub_ifnet_create(struct ifnet *ifp, struct label *ifplabel)
289{
290
291}
292
293static void
262{
263
264}
265
266static void
294stub_pipe_relabel(struct ucred *cred, struct pipepair *pp,
295 struct label *pplabel, struct label *newlabel)
267stub_ifnet_create_mbuf(struct ifnet *ifp, struct label *ifplabel,
268 struct mbuf *m, struct label *mlabel)
296{
297
298}
299
300static void
269{
270
271}
272
273static void
301stub_socketpeer_set_from_mbuf(struct mbuf *m, struct label *mlabel,
302 struct socket *so, struct label *sopeerlabel)
274stub_ifnet_relabel(struct ucred *cred, struct ifnet *ifp,
275 struct label *ifplabel, struct label *newlabel)
303{
304
305}
306
276{
277
278}
279
307static void
308stub_socketpeer_set_from_socket(struct socket *oldso,
309 struct label *oldsolabel, struct socket *newso,
310 struct label *newsopeerlabel)
280static int
281stub_inpcb_check_deliver(struct inpcb *inp, struct label *inplabel,
282 struct mbuf *m, struct label *mlabel)
311{
312
283{
284
285 return (0);
313}
314
286}
287
315/*
316 * Labeling event operations: network objects.
317 */
318static void
288static void
319stub_bpfdesc_create(struct ucred *cred, struct bpf_d *d,
320 struct label *dlabel)
289stub_inpcb_create(struct socket *so, struct label *solabel,
290 struct inpcb *inp, struct label *inplabel)
321{
322
323}
324
325static void
291{
292
293}
294
295static void
326stub_ipq_reassemble(struct ipq *ipq, struct label *ipqlabel,
296stub_inpcb_create_mbuf(struct inpcb *inp, struct label *inplabel,
327 struct mbuf *m, struct label *mlabel)
328{
329
330}
331
332static void
297 struct mbuf *m, struct label *mlabel)
298{
299
300}
301
302static void
333stub_netinet_fragment(struct mbuf *m, struct label *mlabel, struct mbuf *frag,
334 struct label *fraglabel)
303stub_inpcb_sosetlabel(struct socket *so, struct label *solabel,
304 struct inpcb *inp, struct label *inplabel)
335{
336
337}
338
339static void
305{
306
307}
308
309static void
340stub_ifnet_create(struct ifnet *ifp, struct label *ifplabel)
310stub_ipq_create(struct mbuf *m, struct label *mlabel, struct ipq *ipq,
311 struct label *ipqlabel)
341{
342
343}
344
312{
313
314}
315
345static void
346stub_inpcb_create(struct socket *so, struct label *solabel,
347 struct inpcb *inp, struct label *inplabel)
316static int
317stub_ipq_match(struct mbuf *m, struct label *mlabel, struct ipq *ipq,
318 struct label *ipqlabel)
348{
349
319{
320
321 return (1);
350}
351
352static void
322}
323
324static void
353stub_syncache_create(struct label *label, struct inpcb *inp)
325stub_ipq_reassemble(struct ipq *ipq, struct label *ipqlabel,
326 struct mbuf *m, struct label *mlabel)
354{
355
356}
357
358static void
327{
328
329}
330
331static void
359stub_sysvmsg_create(struct ucred *cred, struct msqid_kernel *msqkptr,
360 struct label *msqlabel, struct msg *msgptr, struct label *msglabel)
332stub_ipq_update(struct mbuf *m, struct label *mlabel, struct ipq *ipq,
333 struct label *ipqlabel)
361{
362
363}
364
334{
335
336}
337
365static void
366stub_sysvmsq_create(struct ucred *cred, struct msqid_kernel *msqkptr,
367 struct label *msqlabel)
338static int
339stub_kenv_check_dump(struct ucred *cred)
368{
369
340{
341
342 return (0);
370}
371
343}
344
372static void
373stub_sysvsem_create(struct ucred *cred, struct semid_kernel *semakptr,
374 struct label *semalabel)
345static int
346stub_kenv_check_get(struct ucred *cred, char *name)
375{
376
347{
348
349 return (0);
377}
378
350}
351
379static void
380stub_sysvshm_create(struct ucred *cred, struct shmid_kernel *shmsegptr,
381 struct label *shmalabel)
352static int
353stub_kenv_check_set(struct ucred *cred, char *name, char *value)
382{
383
354{
355
356 return (0);
384}
385
357}
358
386static void
387stub_ipq_create(struct mbuf *m, struct label *mlabel, struct ipq *ipq,
388 struct label *ipqlabel)
359static int
360stub_kenv_check_unset(struct ucred *cred, char *name)
389{
390
361{
362
363 return (0);
391}
392
364}
365
393static void
394stub_inpcb_create_mbuf(struct inpcb *inp, struct label *inplabel,
395 struct mbuf *m, struct label *mlabel)
366static int
367stub_kld_check_load(struct ucred *cred, struct vnode *vp,
368 struct label *vplabel)
396{
397
369{
370
371 return (0);
398}
399
372}
373
400static void
401stub_syncache_create_mbuf(struct label *sc_label, struct mbuf *m,
402 struct label *mlabel)
374static int
375stub_kld_check_stat(struct ucred *cred)
403{
404
376{
377
378 return (0);
405}
406
379}
380
407static void
408stub_bpfdesc_create_mbuf(struct bpf_d *d, struct label *dlabel,
409 struct mbuf *m, struct label *mlabel)
381static int
382stub_mount_check_stat(struct ucred *cred, struct mount *mp,
383 struct label *mplabel)
410{
411
384{
385
386 return (0);
412}
413
414static void
387}
388
389static void
415stub_ifnet_create_mbuf(struct ifnet *ifp, struct label *ifplabel,
416 struct mbuf *m, struct label *mlabel)
390stub_mount_create(struct ucred *cred, struct mount *mp,
391 struct label *mplabel)
417{
418
419}
420
421static void
422stub_netatalk_aarp_send(struct ifnet *ifp, struct label *iflpabel,
423 struct mbuf *m, struct label *mlabel)
424{

--- 16 unchanged lines hidden (view full) ---

441
442static void
443stub_netinet_firewall_send(struct mbuf *m, struct label *mlabel)
444{
445
446}
447
448static void
392{
393
394}
395
396static void
397stub_netatalk_aarp_send(struct ifnet *ifp, struct label *iflpabel,
398 struct mbuf *m, struct label *mlabel)
399{

--- 16 unchanged lines hidden (view full) ---

416
417static void
418stub_netinet_firewall_send(struct mbuf *m, struct label *mlabel)
419{
420
421}
422
423static void
424stub_netinet_fragment(struct mbuf *m, struct label *mlabel, struct mbuf *frag,
425 struct label *fraglabel)
426{
427
428}
429
430static void
449stub_netinet_icmp_reply(struct mbuf *mrecv, struct label *mrecvlabel,
450 struct mbuf *msend, struct label *msendlabel)
451{
452
453}
454
455static void
456stub_netinet_icmp_replyinplace(struct mbuf *m, struct label *mlabel)

--- 4 unchanged lines hidden (view full) ---

461static void
462stub_netinet_igmp_send(struct ifnet *ifp, struct label *iflpabel,
463 struct mbuf *m, struct label *mlabel)
464{
465
466}
467
468static void
431stub_netinet_icmp_reply(struct mbuf *mrecv, struct label *mrecvlabel,
432 struct mbuf *msend, struct label *msendlabel)
433{
434
435}
436
437static void
438stub_netinet_icmp_replyinplace(struct mbuf *m, struct label *mlabel)

--- 4 unchanged lines hidden (view full) ---

443static void
444stub_netinet_igmp_send(struct ifnet *ifp, struct label *iflpabel,
445 struct mbuf *m, struct label *mlabel)
446{
447
448}
449
450static void
469stub_netinet6_nd6_send(struct ifnet *ifp, struct label *iflpabel,
470 struct mbuf *m, struct label *mlabel)
451stub_netinet_tcp_reply(struct mbuf *m, struct label *mlabel)
471{
472
473}
474
452{
453
454}
455
475static int
476stub_ipq_match(struct mbuf *m, struct label *mlabel, struct ipq *ipq,
477 struct label *ipqlabel)
456static void
457stub_netinet6_nd6_send(struct ifnet *ifp, struct label *iflpabel,
458 struct mbuf *m, struct label *mlabel)
478{
479
459{
460
480 return (1);
481}
482
461}
462
483static void
484stub_netinet_tcp_reply(struct mbuf *m, struct label *mlabel)
463static int
464stub_pipe_check_ioctl(struct ucred *cred, struct pipepair *pp,
465 struct label *pplabel, unsigned long cmd, void /* caddr_t */ *data)
485{
486
466{
467
468 return (0);
487}
488
469}
470
489static void
490stub_ifnet_relabel(struct ucred *cred, struct ifnet *ifp,
491 struct label *ifplabel, struct label *newlabel)
471static int
472stub_pipe_check_poll(struct ucred *cred, struct pipepair *pp,
473 struct label *pplabel)
492{
493
474{
475
476 return (0);
494}
495
477}
478
496static void
497stub_ipq_update(struct mbuf *m, struct label *mlabel, struct ipq *ipq,
498 struct label *ipqlabel)
479static int
480stub_pipe_check_read(struct ucred *cred, struct pipepair *pp,
481 struct label *pplabel)
499{
500
482{
483
484 return (0);
501}
502
485}
486
503static void
504stub_inpcb_sosetlabel(struct socket *so, struct label *solabel,
505 struct inpcb *inp, struct label *inplabel)
487static int
488stub_pipe_check_relabel(struct ucred *cred, struct pipepair *pp,
489 struct label *pplabel, struct label *newlabel)
506{
507
490{
491
492 return (0);
508}
509
493}
494
510/*
511 * Labeling event operations: processes.
512 */
513static void
514stub_vnode_execve_transition(struct ucred *old, struct ucred *new,
515 struct vnode *vp, struct label *vplabel, struct label *interpvplabel,
516 struct image_params *imgp, struct label *execlabel)
495static int
496stub_pipe_check_stat(struct ucred *cred, struct pipepair *pp,
497 struct label *pplabel)
517{
518
498{
499
500 return (0);
519}
520
521static int
501}
502
503static int
522stub_vnode_execve_will_transition(struct ucred *old, struct vnode *vp,
523 struct label *vplabel, struct label *interpvplabel,
524 struct image_params *imgp, struct label *execlabel)
504stub_pipe_check_write(struct ucred *cred, struct pipepair *pp,
505 struct label *pplabel)
525{
526
527 return (0);
528}
529
530static void
506{
507
508 return (0);
509}
510
511static void
531stub_proc_create_swapper(struct ucred *cred)
512stub_pipe_create(struct ucred *cred, struct pipepair *pp,
513 struct label *pplabel)
532{
533
534}
535
536static void
514{
515
516}
517
518static void
537stub_proc_create_init(struct ucred *cred)
519stub_pipe_relabel(struct ucred *cred, struct pipepair *pp,
520 struct label *pplabel, struct label *newlabel)
538{
539
540}
541
521{
522
523}
524
542static void
543stub_proc_associate_nfsd(struct ucred *cred)
525static int
526stub_posixsem_check_destroy(struct ucred *cred, struct ksem *ks,
527 struct label *kslabel)
544{
545
528{
529
530 return (0);
546}
547
531}
532
548static void
549stub_cred_relabel(struct ucred *cred, struct label *newlabel)
533static int
534stub_posixsem_check_getvalue(struct ucred *cred, struct ksem *ks,
535 struct label *kslabel)
550{
551
536{
537
538 return (0);
552}
553
539}
540
554static void
555stub_thread_userret(struct thread *td)
541static int
542stub_posixsem_check_open(struct ucred *cred, struct ksem *ks,
543 struct label *kslabel)
556{
557
544{
545
546 return (0);
558}
559
547}
548
560/*
561 * Label cleanup/flush operations
562 */
563static void
564stub_sysvmsg_cleanup(struct label *msglabel)
549static int
550stub_posixsem_check_post(struct ucred *cred, struct ksem *ks,
551 struct label *kslabel)
565{
566
552{
553
554 return (0);
567}
568
555}
556
569static void
570stub_sysvmsq_cleanup(struct label *msqlabel)
557static int
558stub_posixsem_check_unlink(struct ucred *cred, struct ksem *ks,
559 struct label *kslabel)
571{
572
560{
561
562 return (0);
573}
574
563}
564
575static void
576stub_sysvsem_cleanup(struct label *semalabel)
565static int
566stub_posixsem_check_wait(struct ucred *cred, struct ksem *ks,
567 struct label *kslabel)
577{
578
568{
569
570 return (0);
579}
580
581static void
571}
572
573static void
582stub_sysvshm_cleanup(struct label *shmlabel)
574stub_posixsem_create(struct ucred *cred, struct ksem *ks,
575 struct label *kslabel)
583{
584
585}
586
576{
577
578}
579
587/*
588 * Access control checks.
589 */
590static int
580static int
591stub_bpfdesc_check_receive(struct bpf_d *d, struct label *dlabel,
592 struct ifnet *ifp, struct label *ifplabel)
581stub_priv_check(struct ucred *cred, int priv)
593{
594
582{
583
595 return (0);
584 return (0);
596}
597
598static int
585}
586
587static int
599stub_cred_check_relabel(struct ucred *cred, struct label *newlabel)
588stub_priv_grant(struct ucred *cred, int priv)
600{
601
589{
590
602 return (0);
591 return (EPERM);
603}
604
592}
593
605static int
606stub_cred_check_visible(struct ucred *cr1, struct ucred *cr2)
594static void
595stub_proc_associate_nfsd(struct ucred *cred)
607{
608
596{
597
609 return (0);
610}
611
612static int
598}
599
600static int
613stub_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifp,
614 struct label *ifplabel, struct label *newlabel)
601stub_proc_check_debug(struct ucred *cred, struct proc *p)
615{
616
617 return (0);
618}
619
620static int
602{
603
604 return (0);
605}
606
607static int
621stub_ifnet_check_transmit(struct ifnet *ifp, struct label *ifplabel,
622 struct mbuf *m, struct label *mlabel)
608stub_proc_check_sched(struct ucred *cred, struct proc *p)
623{
624
625 return (0);
626}
627
628static int
609{
610
611 return (0);
612}
613
614static int
629stub_inpcb_check_deliver(struct inpcb *inp, struct label *inplabel,
630 struct mbuf *m, struct label *mlabel)
615stub_proc_check_setaudit(struct ucred *cred, struct auditinfo *ai)
631{
632
633 return (0);
634}
635
636static int
616{
617
618 return (0);
619}
620
621static int
637stub_sysvmsq_check_msgmsq(struct ucred *cred, struct msg *msgptr,
638 struct label *msglabel, struct msqid_kernel *msqkptr,
639 struct label *msqklabel)
622stub_proc_check_setaudit_addr(struct ucred *cred, struct auditinfo_addr *aia)
640{
641
642 return (0);
643}
644
645static int
623{
624
625 return (0);
626}
627
628static int
646stub_sysvmsq_check_msgrcv(struct ucred *cred, struct msg *msgptr,
647 struct label *msglabel)
629stub_proc_check_setauid(struct ucred *cred, uid_t auid)
648{
649
650 return (0);
651}
652
630{
631
632 return (0);
633}
634
653
654static int
635static int
655stub_sysvmsq_check_msgrmid(struct ucred *cred, struct msg *msgptr,
656 struct label *msglabel)
636stub_proc_check_setegid(struct ucred *cred, gid_t egid)
657{
658
659 return (0);
660}
661
637{
638
639 return (0);
640}
641
662
663static int
642static int
664stub_sysvmsq_check_msqget(struct ucred *cred, struct msqid_kernel *msqkptr,
665 struct label *msqklabel)
643stub_proc_check_seteuid(struct ucred *cred, uid_t euid)
666{
667
668 return (0);
669}
670
644{
645
646 return (0);
647}
648
671
672static int
649static int
673stub_sysvmsq_check_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr,
674 struct label *msqklabel)
650stub_proc_check_setgid(struct ucred *cred, gid_t gid)
675{
676
677 return (0);
678}
679
680static int
651{
652
653 return (0);
654}
655
656static int
681stub_sysvmsq_check_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr,
682 struct label *msqklabel)
657stub_proc_check_setgroups(struct ucred *cred, int ngroups,
658 gid_t *gidset)
683{
684
685 return (0);
686}
687
659{
660
661 return (0);
662}
663
688
689static int
664static int
690stub_sysvmsq_check_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr,
691 struct label *msqklabel, int cmd)
665stub_proc_check_setregid(struct ucred *cred, gid_t rgid, gid_t egid)
692{
693
694 return (0);
695}
696
666{
667
668 return (0);
669}
670
697
698static int
671static int
699stub_sysvsem_check_semctl(struct ucred *cred, struct semid_kernel *semakptr,
700 struct label *semaklabel, int cmd)
672stub_proc_check_setresgid(struct ucred *cred, gid_t rgid, gid_t egid,
673 gid_t sgid)
701{
702
703 return (0);
704}
705
706static int
674{
675
676 return (0);
677}
678
679static int
707stub_sysvsem_check_semget(struct ucred *cred, struct semid_kernel *semakptr,
708 struct label *semaklabel)
680stub_proc_check_setresuid(struct ucred *cred, uid_t ruid, uid_t euid,
681 uid_t suid)
709{
710
711 return (0);
712}
713
682{
683
684 return (0);
685}
686
714
715static int
687static int
716stub_sysvsem_check_semop(struct ucred *cred, struct semid_kernel *semakptr,
717 struct label *semaklabel, size_t accesstype)
688stub_proc_check_setreuid(struct ucred *cred, uid_t ruid, uid_t euid)
718{
719
720 return (0);
721}
722
723static int
689{
690
691 return (0);
692}
693
694static int
724stub_sysvshm_check_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr,
725 struct label *shmseglabel, int shmflg)
695stub_proc_check_setuid(struct ucred *cred, uid_t uid)
726{
727
728 return (0);
729}
730
731static int
696{
697
698 return (0);
699}
700
701static int
732stub_sysvshm_check_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr,
733 struct label *shmseglabel, int cmd)
702stub_proc_check_signal(struct ucred *cred, struct proc *p, int signum)
734{
735
736 return (0);
737}
738
739static int
703{
704
705 return (0);
706}
707
708static int
740stub_sysvshm_check_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr,
741 struct label *shmseglabel)
709stub_proc_check_wait(struct ucred *cred, struct proc *p)
742{
743
744 return (0);
745}
746
710{
711
712 return (0);
713}
714
747
748static int
749stub_sysvshm_check_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr,
750 struct label *shmseglabel, int shmflg)
715static void
716stub_proc_create_init(struct ucred *cred)
751{
752
717{
718
753 return (0);
754}
755
719}
720
756static int
757stub_kenv_check_dump(struct ucred *cred)
721static void
722stub_proc_create_swapper(struct ucred *cred)
758{
759
723{
724
760 return (0);
761}
762
763static int
725}
726
727static int
764stub_kenv_check_get(struct ucred *cred, char *name)
728stub_socket_check_accept(struct ucred *cred, struct socket *so,
729 struct label *solabel)
765{
766
767 return (0);
768}
769
770static int
730{
731
732 return (0);
733}
734
735static int
771stub_kenv_check_set(struct ucred *cred, char *name, char *value)
736stub_socket_check_bind(struct ucred *cred, struct socket *so,
737 struct label *solabel, struct sockaddr *sa)
772{
773
774 return (0);
775}
776
777static int
738{
739
740 return (0);
741}
742
743static int
778stub_kenv_check_unset(struct ucred *cred, char *name)
744stub_socket_check_connect(struct ucred *cred, struct socket *so,
745 struct label *solabel, struct sockaddr *sa)
779{
780
781 return (0);
782}
783
784static int
746{
747
748 return (0);
749}
750
751static int
785stub_kld_check_load(struct ucred *cred, struct vnode *vp,
786 struct label *vplabel)
752stub_socket_check_create(struct ucred *cred, int domain, int type, int proto)
787{
788
789 return (0);
790}
791
792static int
753{
754
755 return (0);
756}
757
758static int
793stub_kld_check_stat(struct ucred *cred)
759stub_socket_check_deliver(struct socket *so, struct label *solabel,
760 struct mbuf *m, struct label *mlabel)
794{
795
796 return (0);
797}
798
799static int
761{
762
763 return (0);
764}
765
766static int
800stub_mount_check_stat(struct ucred *cred, struct mount *mp,
801 struct label *mplabel)
767stub_socket_check_listen(struct ucred *cred, struct socket *so,
768 struct label *solabel)
802{
803
804 return (0);
805}
806
807static int
769{
770
771 return (0);
772}
773
774static int
808stub_pipe_check_ioctl(struct ucred *cred, struct pipepair *pp,
809 struct label *pplabel, unsigned long cmd, void /* caddr_t */ *data)
775stub_socket_check_poll(struct ucred *cred, struct socket *so,
776 struct label *solabel)
810{
811
812 return (0);
813}
814
815static int
777{
778
779 return (0);
780}
781
782static int
816stub_pipe_check_poll(struct ucred *cred, struct pipepair *pp,
817 struct label *pplabel)
783stub_socket_check_receive(struct ucred *cred, struct socket *so,
784 struct label *solabel)
818{
819
820 return (0);
821}
822
823static int
785{
786
787 return (0);
788}
789
790static int
824stub_pipe_check_read(struct ucred *cred, struct pipepair *pp,
825 struct label *pplabel)
791stub_socket_check_relabel(struct ucred *cred, struct socket *so,
792 struct label *solabel, struct label *newlabel)
826{
827
828 return (0);
829}
793{
794
795 return (0);
796}
830
831static int
797static int
832stub_pipe_check_relabel(struct ucred *cred, struct pipepair *pp,
833 struct label *pplabel, struct label *newlabel)
798stub_socket_check_send(struct ucred *cred, struct socket *so,
799 struct label *solabel)
834{
835
836 return (0);
837}
838
839static int
800{
801
802 return (0);
803}
804
805static int
840stub_pipe_check_stat(struct ucred *cred, struct pipepair *pp,
841 struct label *pplabel)
806stub_socket_check_stat(struct ucred *cred, struct socket *so,
807 struct label *solabel)
842{
843
844 return (0);
845}
846
847static int
808{
809
810 return (0);
811}
812
813static int
848stub_pipe_check_write(struct ucred *cred, struct pipepair *pp,
849 struct label *pplabel)
814stub_socket_check_visible(struct ucred *cred, struct socket *so,
815 struct label *solabel)
850{
851
852 return (0);
853}
854
816{
817
818 return (0);
819}
820
855static int
856stub_posixsem_check_destroy(struct ucred *cred, struct ksem *ks,
857 struct label *kslabel)
821static void
822stub_socket_create(struct ucred *cred, struct socket *so,
823 struct label *solabel)
858{
859
824{
825
860 return (0);
861}
862
826}
827
863static int
864stub_posixsem_check_getvalue(struct ucred *cred, struct ksem *ks,
865 struct label *kslabel)
828static void
829stub_socket_create_mbuf(struct socket *so, struct label *solabel,
830 struct mbuf *m, struct label *mlabel)
866{
867
831{
832
868 return (0);
869}
870
833}
834
871static int
872stub_posixsem_check_open(struct ucred *cred, struct ksem *ks,
873 struct label *kslabel)
835static void
836stub_socket_newconn(struct socket *oldso, struct label *oldsolabel,
837 struct socket *newso, struct label *newsolabel)
874{
875
838{
839
876 return (0);
877}
878
840}
841
879static int
880stub_posixsem_check_post(struct ucred *cred, struct ksem *ks,
881 struct label *kslabel)
842static void
843stub_socket_relabel(struct ucred *cred, struct socket *so,
844 struct label *solabel, struct label *newlabel)
882{
883
845{
846
884 return (0);
885}
886
847}
848
887static int
888stub_posixsem_check_unlink(struct ucred *cred, struct ksem *ks,
889 struct label *kslabel)
849static void
850stub_socketpeer_set_from_mbuf(struct mbuf *m, struct label *mlabel,
851 struct socket *so, struct label *sopeerlabel)
890{
891
852{
853
892 return (0);
893}
894
854}
855
895static int
896stub_posixsem_check_wait(struct ucred *cred, struct ksem *ks,
897 struct label *kslabel)
856static void
857stub_socketpeer_set_from_socket(struct socket *oldso,
858 struct label *oldsolabel, struct socket *newso,
859 struct label *newsopeerlabel)
898{
899
860{
861
900 return (0);
901}
902
862}
863
903static int
904stub_proc_check_debug(struct ucred *cred, struct proc *p)
864static void
865stub_syncache_create(struct label *label, struct inpcb *inp)
905{
906
866{
867
907 return (0);
908}
909
868}
869
910static int
911stub_proc_check_sched(struct ucred *cred, struct proc *p)
870static void
871stub_syncache_create_mbuf(struct label *sc_label, struct mbuf *m,
872 struct label *mlabel)
912{
913
873{
874
914 return (0);
915}
916
917static int
875}
876
877static int
918stub_proc_check_signal(struct ucred *cred, struct proc *p, int signum)
878stub_system_check_acct(struct ucred *cred, struct vnode *vp,
879 struct label *vplabel)
919{
920
921 return (0);
922}
923
924static int
880{
881
882 return (0);
883}
884
885static int
925stub_proc_check_wait(struct ucred *cred, struct proc *p)
886stub_system_check_audit(struct ucred *cred, void *record, int length)
926{
927
928 return (0);
929}
930
931static int
887{
888
889 return (0);
890}
891
892static int
932stub_proc_check_setaudit(struct ucred *cred, struct auditinfo *ai)
893stub_system_check_auditctl(struct ucred *cred, struct vnode *vp,
894 struct label *vplabel)
933{
934
935 return (0);
936}
937
938static int
895{
896
897 return (0);
898}
899
900static int
939stub_proc_check_setaudit_addr(struct ucred *cred, struct auditinfo_addr *aia)
901stub_system_check_auditon(struct ucred *cred, int cmd)
940{
941
942 return (0);
943}
944
945static int
902{
903
904 return (0);
905}
906
907static int
946stub_proc_check_setauid(struct ucred *cred, uid_t auid)
908stub_system_check_reboot(struct ucred *cred, int how)
947{
948
949 return (0);
950}
951
952static int
909{
910
911 return (0);
912}
913
914static int
953stub_proc_check_setuid(struct ucred *cred, uid_t uid)
915stub_system_check_swapoff(struct ucred *cred, struct vnode *vp,
916 struct label *vplabel)
954{
955
956 return (0);
957}
958
959static int
917{
918
919 return (0);
920}
921
922static int
960stub_proc_check_seteuid(struct ucred *cred, uid_t euid)
923stub_system_check_swapon(struct ucred *cred, struct vnode *vp,
924 struct label *vplabel)
961{
962
963 return (0);
964}
965
966static int
925{
926
927 return (0);
928}
929
930static int
967stub_proc_check_setgid(struct ucred *cred, gid_t gid)
931stub_system_check_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
932 void *arg1, int arg2, struct sysctl_req *req)
968{
969
970 return (0);
971}
972
973static int
933{
934
935 return (0);
936}
937
938static int
974stub_proc_check_setegid(struct ucred *cred, gid_t egid)
939stub_vnode_check_access(struct ucred *cred, struct vnode *vp,
940 struct label *vplabel, int acc_mode)
975{
976
977 return (0);
978}
979
980static int
941{
942
943 return (0);
944}
945
946static int
981stub_proc_check_setgroups(struct ucred *cred, int ngroups,
982 gid_t *gidset)
947stub_vnode_check_chdir(struct ucred *cred, struct vnode *dvp,
948 struct label *dvplabel)
983{
984
985 return (0);
986}
987
988static int
949{
950
951 return (0);
952}
953
954static int
989stub_proc_check_setreuid(struct ucred *cred, uid_t ruid, uid_t euid)
955stub_vnode_check_chroot(struct ucred *cred, struct vnode *dvp,
956 struct label *dvplabel)
990{
991
992 return (0);
993}
994
995static int
957{
958
959 return (0);
960}
961
962static int
996stub_proc_check_setregid(struct ucred *cred, gid_t rgid, gid_t egid)
963stub_vnode_check_create(struct ucred *cred, struct vnode *dvp,
964 struct label *dvplabel, struct componentname *cnp, struct vattr *vap)
997{
998
999 return (0);
1000}
1001
965{
966
967 return (0);
968}
969
1002static int
1003stub_proc_check_setresuid(struct ucred *cred, uid_t ruid, uid_t euid,
1004 uid_t suid)
970static void
971stub_sysvmsg_cleanup(struct label *msglabel)
1005{
1006
972{
973
1007 return (0);
1008}
1009
974}
975
1010static int
1011stub_proc_check_setresgid(struct ucred *cred, gid_t rgid, gid_t egid,
1012 gid_t sgid)
976static void
977stub_sysvmsg_create(struct ucred *cred, struct msqid_kernel *msqkptr,
978 struct label *msqlabel, struct msg *msgptr, struct label *msglabel)
1013{
1014
979{
980
1015 return (0);
1016}
1017
1018static int
981}
982
983static int
1019stub_socket_check_accept(struct ucred *cred, struct socket *so,
1020 struct label *solabel)
984stub_sysvmsq_check_msgmsq(struct ucred *cred, struct msg *msgptr,
985 struct label *msglabel, struct msqid_kernel *msqkptr,
986 struct label *msqklabel)
1021{
1022
1023 return (0);
1024}
1025
1026static int
987{
988
989 return (0);
990}
991
992static int
1027stub_socket_check_bind(struct ucred *cred, struct socket *so,
1028 struct label *solabel, struct sockaddr *sa)
993stub_sysvmsq_check_msgrcv(struct ucred *cred, struct msg *msgptr,
994 struct label *msglabel)
1029{
1030
1031 return (0);
1032}
1033
995{
996
997 return (0);
998}
999
1000
1034static int
1001static int
1035stub_socket_check_connect(struct ucred *cred, struct socket *so,
1036 struct label *solabel, struct sockaddr *sa)
1002stub_sysvmsq_check_msgrmid(struct ucred *cred, struct msg *msgptr,
1003 struct label *msglabel)
1037{
1038
1039 return (0);
1040}
1041
1004{
1005
1006 return (0);
1007}
1008
1009
1042static int
1010static int
1043stub_socket_check_create(struct ucred *cred, int domain, int type, int proto)
1011stub_sysvmsq_check_msqget(struct ucred *cred, struct msqid_kernel *msqkptr,
1012 struct label *msqklabel)
1044{
1045
1046 return (0);
1047}
1048
1013{
1014
1015 return (0);
1016}
1017
1018
1049static int
1019static int
1050stub_socket_check_deliver(struct socket *so, struct label *solabel,
1051 struct mbuf *m, struct label *mlabel)
1020stub_sysvmsq_check_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr,
1021 struct label *msqklabel)
1052{
1053
1054 return (0);
1055}
1056
1057static int
1022{
1023
1024 return (0);
1025}
1026
1027static int
1058stub_socket_check_listen(struct ucred *cred, struct socket *so,
1059 struct label *solabel)
1028stub_sysvmsq_check_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr,
1029 struct label *msqklabel)
1060{
1061
1062 return (0);
1063}
1064
1030{
1031
1032 return (0);
1033}
1034
1035
1065static int
1036static int
1066stub_socket_check_poll(struct ucred *cred, struct socket *so,
1067 struct label *solabel)
1037stub_sysvmsq_check_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr,
1038 struct label *msqklabel, int cmd)
1068{
1069
1070 return (0);
1071}
1072
1039{
1040
1041 return (0);
1042}
1043
1073static int
1074stub_socket_check_receive(struct ucred *cred, struct socket *so,
1075 struct label *solabel)
1044
1045static void
1046stub_sysvmsq_cleanup(struct label *msqlabel)
1076{
1077
1047{
1048
1078 return (0);
1079}
1080
1049}
1050
1081static int
1082stub_socket_check_relabel(struct ucred *cred, struct socket *so,
1083 struct label *solabel, struct label *newlabel)
1051static void
1052stub_sysvmsq_create(struct ucred *cred, struct msqid_kernel *msqkptr,
1053 struct label *msqlabel)
1084{
1085
1054{
1055
1086 return (0);
1087}
1056}
1088static int
1089stub_socket_check_send(struct ucred *cred, struct socket *so,
1090 struct label *solabel)
1091{
1092
1057
1093 return (0);
1094}
1095
1096static int
1058static int
1097stub_socket_check_stat(struct ucred *cred, struct socket *so,
1098 struct label *solabel)
1059stub_sysvsem_check_semctl(struct ucred *cred, struct semid_kernel *semakptr,
1060 struct label *semaklabel, int cmd)
1099{
1100
1101 return (0);
1102}
1103
1104static int
1061{
1062
1063 return (0);
1064}
1065
1066static int
1105stub_socket_check_visible(struct ucred *cred, struct socket *so,
1106 struct label *solabel)
1067stub_sysvsem_check_semget(struct ucred *cred, struct semid_kernel *semakptr,
1068 struct label *semaklabel)
1107{
1108
1109 return (0);
1110}
1111
1069{
1070
1071 return (0);
1072}
1073
1074
1112static int
1075static int
1113stub_system_check_acct(struct ucred *cred, struct vnode *vp,
1114 struct label *vplabel)
1076stub_sysvsem_check_semop(struct ucred *cred, struct semid_kernel *semakptr,
1077 struct label *semaklabel, size_t accesstype)
1115{
1116
1117 return (0);
1118}
1119
1078{
1079
1080 return (0);
1081}
1082
1120static int
1121stub_system_check_audit(struct ucred *cred, void *record, int length)
1083static void
1084stub_sysvsem_cleanup(struct label *semalabel)
1122{
1123
1085{
1086
1124 return (0);
1125}
1126
1087}
1088
1127static int
1128stub_system_check_auditctl(struct ucred *cred, struct vnode *vp,
1129 struct label *vplabel)
1089static void
1090stub_sysvsem_create(struct ucred *cred, struct semid_kernel *semakptr,
1091 struct label *semalabel)
1130{
1131
1092{
1093
1132 return (0);
1133}
1134
1135static int
1094}
1095
1096static int
1136stub_system_check_auditon(struct ucred *cred, int cmd)
1097stub_sysvshm_check_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr,
1098 struct label *shmseglabel, int shmflg)
1137{
1138
1139 return (0);
1140}
1141
1142static int
1099{
1100
1101 return (0);
1102}
1103
1104static int
1143stub_system_check_reboot(struct ucred *cred, int how)
1105stub_sysvshm_check_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr,
1106 struct label *shmseglabel, int cmd)
1144{
1145
1146 return (0);
1147}
1148
1149static int
1107{
1108
1109 return (0);
1110}
1111
1112static int
1150stub_system_check_swapoff(struct ucred *cred, struct vnode *vp,
1151 struct label *vplabel)
1113stub_sysvshm_check_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr,
1114 struct label *shmseglabel)
1152{
1153
1154 return (0);
1155}
1156
1115{
1116
1117 return (0);
1118}
1119
1120
1157static int
1121static int
1158stub_system_check_swapon(struct ucred *cred, struct vnode *vp,
1159 struct label *vplabel)
1122stub_sysvshm_check_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr,
1123 struct label *shmseglabel, int shmflg)
1160{
1161
1162 return (0);
1163}
1164
1124{
1125
1126 return (0);
1127}
1128
1165static int
1166stub_system_check_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
1167 void *arg1, int arg2, struct sysctl_req *req)
1129static void
1130stub_sysvshm_cleanup(struct label *shmlabel)
1168{
1169
1131{
1132
1170 return (0);
1171}
1172
1133}
1134
1173static int
1174stub_vnode_check_access(struct ucred *cred, struct vnode *vp,
1175 struct label *vplabel, int acc_mode)
1135static void
1136stub_sysvshm_create(struct ucred *cred, struct shmid_kernel *shmsegptr,
1137 struct label *shmalabel)
1176{
1177
1138{
1139
1178 return (0);
1179}
1180
1140}
1141
1181static int
1182stub_vnode_check_chdir(struct ucred *cred, struct vnode *dvp,
1183 struct label *dvplabel)
1142static void
1143stub_thread_userret(struct thread *td)
1184{
1185
1144{
1145
1186 return (0);
1187}
1188
1189static int
1146}
1147
1148static int
1190stub_vnode_check_chroot(struct ucred *cred, struct vnode *dvp,
1191 struct label *dvplabel)
1149stub_vnode_associate_extattr(struct mount *mp, struct label *mplabel,
1150 struct vnode *vp, struct label *vplabel)
1192{
1193
1194 return (0);
1195}
1196
1151{
1152
1153 return (0);
1154}
1155
1197static int
1198stub_vnode_check_create(struct ucred *cred, struct vnode *dvp,
1199 struct label *dvplabel, struct componentname *cnp, struct vattr *vap)
1156static void
1157stub_vnode_associate_singlelabel(struct mount *mp, struct label *mplabel,
1158 struct vnode *vp, struct label *vplabel)
1200{
1201
1159{
1160
1202 return (0);
1203}
1204
1205static int
1206stub_vnode_check_deleteacl(struct ucred *cred, struct vnode *vp,
1207 struct label *vplabel, acl_type_t type)
1208{
1209
1210 return (0);

--- 225 unchanged lines hidden (view full) ---

1436stub_vnode_check_write(struct ucred *active_cred, struct ucred *file_cred,
1437 struct vnode *vp, struct label *vplabel)
1438{
1439
1440 return (0);
1441}
1442
1443static int
1161}
1162
1163static int
1164stub_vnode_check_deleteacl(struct ucred *cred, struct vnode *vp,
1165 struct label *vplabel, acl_type_t type)
1166{
1167
1168 return (0);

--- 225 unchanged lines hidden (view full) ---

1394stub_vnode_check_write(struct ucred *active_cred, struct ucred *file_cred,
1395 struct vnode *vp, struct label *vplabel)
1396{
1397
1398 return (0);
1399}
1400
1401static int
1444stub_priv_check(struct ucred *cred, int priv)
1402stub_vnode_create_extattr(struct ucred *cred, struct mount *mp,
1403 struct label *mntlabel, struct vnode *dvp, struct label *dvplabel,
1404 struct vnode *vp, struct label *vplabel, struct componentname *cnp)
1445{
1446
1447 return (0);
1448}
1449
1405{
1406
1407 return (0);
1408}
1409
1410static void
1411stub_vnode_execve_transition(struct ucred *old, struct ucred *new,
1412 struct vnode *vp, struct label *vplabel, struct label *interpvplabel,
1413 struct image_params *imgp, struct label *execlabel)
1414{
1415
1416}
1417
1450static int
1418static int
1451stub_priv_grant(struct ucred *cred, int priv)
1419stub_vnode_execve_will_transition(struct ucred *old, struct vnode *vp,
1420 struct label *vplabel, struct label *interpvplabel,
1421 struct image_params *imgp, struct label *execlabel)
1452{
1453
1422{
1423
1454 return (EPERM);
1424 return (0);
1455}
1456
1425}
1426
1427static void
1428stub_vnode_relabel(struct ucred *cred, struct vnode *vp,
1429 struct label *vplabel, struct label *label)
1430{
1431
1432}
1433
1434static int
1435stub_vnode_setlabel_extattr(struct ucred *cred, struct vnode *vp,
1436 struct label *vplabel, struct label *intlabel)
1437{
1438
1439 return (0);
1440}
1441
1442/*
1443 * Register functions with MAC Framework policy entry points.
1444 */
1457static struct mac_policy_ops stub_ops =
1458{
1459 .mpo_destroy = stub_destroy,
1460 .mpo_init = stub_init,
1461 .mpo_syscall = stub_syscall,
1445static struct mac_policy_ops stub_ops =
1446{
1447 .mpo_destroy = stub_destroy,
1448 .mpo_init = stub_init,
1449 .mpo_syscall = stub_syscall,
1462 .mpo_bpfdesc_init_label = stub_init_label,
1463 .mpo_cred_init_label = stub_init_label,
1464 .mpo_devfs_init_label = stub_init_label,
1465 .mpo_ifnet_init_label = stub_init_label,
1466 .mpo_inpcb_init_label = stub_init_label_waitcheck,
1467 .mpo_sysvmsg_init_label = stub_init_label,
1468 .mpo_sysvmsq_init_label = stub_init_label,
1469 .mpo_sysvsem_init_label = stub_init_label,
1470 .mpo_sysvshm_init_label = stub_init_label,
1471 .mpo_ipq_init_label = stub_init_label_waitcheck,
1472 .mpo_mbuf_init_label = stub_init_label_waitcheck,
1473 .mpo_mount_init_label = stub_init_label,
1474 .mpo_pipe_init_label = stub_init_label,
1475 .mpo_posixsem_init_label = stub_init_label,
1476 .mpo_socket_init_label = stub_init_label_waitcheck,
1477 .mpo_socketpeer_init_label = stub_init_label_waitcheck,
1478 .mpo_vnode_init_label = stub_init_label,
1450
1451 .mpo_bpfdesc_check_receive = stub_bpfdesc_check_receive,
1452 .mpo_bpfdesc_create = stub_bpfdesc_create,
1453 .mpo_bpfdesc_create_mbuf = stub_bpfdesc_create_mbuf,
1479 .mpo_bpfdesc_destroy_label = stub_destroy_label,
1454 .mpo_bpfdesc_destroy_label = stub_destroy_label,
1480 .mpo_cred_destroy_label = stub_destroy_label,
1481 .mpo_devfs_destroy_label = stub_destroy_label,
1482 .mpo_ifnet_destroy_label = stub_destroy_label,
1483 .mpo_inpcb_destroy_label = stub_destroy_label,
1484 .mpo_sysvmsg_destroy_label = stub_destroy_label,
1485 .mpo_sysvmsq_destroy_label = stub_destroy_label,
1486 .mpo_sysvsem_destroy_label = stub_destroy_label,
1487 .mpo_sysvshm_destroy_label = stub_destroy_label,
1488 .mpo_ipq_destroy_label = stub_destroy_label,
1489 .mpo_mbuf_destroy_label = stub_destroy_label,
1490 .mpo_mount_destroy_label = stub_destroy_label,
1491 .mpo_pipe_destroy_label = stub_destroy_label,
1492 .mpo_posixsem_destroy_label = stub_destroy_label,
1493 .mpo_socket_destroy_label = stub_destroy_label,
1494 .mpo_socketpeer_destroy_label = stub_destroy_label,
1495 .mpo_vnode_destroy_label = stub_destroy_label,
1455 .mpo_bpfdesc_init_label = stub_init_label,
1456
1457 .mpo_cred_check_relabel = stub_cred_check_relabel,
1458 .mpo_cred_check_visible = stub_cred_check_visible,
1496 .mpo_cred_copy_label = stub_copy_label,
1459 .mpo_cred_copy_label = stub_copy_label,
1497 .mpo_ifnet_copy_label = stub_copy_label,
1498 .mpo_mbuf_copy_label = stub_copy_label,
1499 .mpo_pipe_copy_label = stub_copy_label,
1500 .mpo_socket_copy_label = stub_copy_label,
1501 .mpo_vnode_copy_label = stub_copy_label,
1460 .mpo_cred_destroy_label = stub_destroy_label,
1502 .mpo_cred_externalize_label = stub_externalize_label,
1461 .mpo_cred_externalize_label = stub_externalize_label,
1503 .mpo_ifnet_externalize_label = stub_externalize_label,
1504 .mpo_pipe_externalize_label = stub_externalize_label,
1505 .mpo_socket_externalize_label = stub_externalize_label,
1506 .mpo_socketpeer_externalize_label = stub_externalize_label,
1507 .mpo_vnode_externalize_label = stub_externalize_label,
1462 .mpo_cred_init_label = stub_init_label,
1508 .mpo_cred_internalize_label = stub_internalize_label,
1463 .mpo_cred_internalize_label = stub_internalize_label,
1509 .mpo_ifnet_internalize_label = stub_internalize_label,
1510 .mpo_pipe_internalize_label = stub_internalize_label,
1511 .mpo_socket_internalize_label = stub_internalize_label,
1512 .mpo_vnode_internalize_label = stub_internalize_label,
1513 .mpo_devfs_vnode_associate = stub_devfs_vnode_associate,
1514 .mpo_vnode_associate_extattr = stub_vnode_associate_extattr,
1515 .mpo_vnode_associate_singlelabel = stub_vnode_associate_singlelabel,
1464 .mpo_cred_relabel= stub_cred_relabel,
1465
1516 .mpo_devfs_create_device = stub_devfs_create_device,
1517 .mpo_devfs_create_directory = stub_devfs_create_directory,
1518 .mpo_devfs_create_symlink = stub_devfs_create_symlink,
1466 .mpo_devfs_create_device = stub_devfs_create_device,
1467 .mpo_devfs_create_directory = stub_devfs_create_directory,
1468 .mpo_devfs_create_symlink = stub_devfs_create_symlink,
1519 .mpo_sysvmsg_create = stub_sysvmsg_create,
1520 .mpo_sysvmsq_create = stub_sysvmsq_create,
1521 .mpo_sysvsem_create = stub_sysvsem_create,
1522 .mpo_sysvshm_create = stub_sysvshm_create,
1523 .mpo_vnode_create_extattr = stub_vnode_create_extattr,
1524 .mpo_mount_create = stub_mount_create,
1525 .mpo_vnode_relabel = stub_vnode_relabel,
1526 .mpo_vnode_setlabel_extattr = stub_vnode_setlabel_extattr,
1469 .mpo_devfs_destroy_label = stub_destroy_label,
1470 .mpo_devfs_init_label = stub_init_label,
1527 .mpo_devfs_update = stub_devfs_update,
1471 .mpo_devfs_update = stub_devfs_update,
1528 .mpo_socket_create_mbuf = stub_socket_create_mbuf,
1529 .mpo_pipe_create = stub_pipe_create,
1530 .mpo_posixsem_create = stub_posixsem_create,
1531 .mpo_socket_create = stub_socket_create,
1532 .mpo_socket_newconn = stub_socket_newconn,
1533 .mpo_pipe_relabel = stub_pipe_relabel,
1534 .mpo_socket_relabel = stub_socket_relabel,
1535 .mpo_socketpeer_set_from_mbuf = stub_socketpeer_set_from_mbuf,
1536 .mpo_socketpeer_set_from_socket = stub_socketpeer_set_from_socket,
1537 .mpo_bpfdesc_create = stub_bpfdesc_create,
1472 .mpo_devfs_vnode_associate = stub_devfs_vnode_associate,
1473
1474 .mpo_ifnet_check_relabel = stub_ifnet_check_relabel,
1475 .mpo_ifnet_check_transmit = stub_ifnet_check_transmit,
1476 .mpo_ifnet_copy_label = stub_copy_label,
1538 .mpo_ifnet_create = stub_ifnet_create,
1477 .mpo_ifnet_create = stub_ifnet_create,
1478 .mpo_ifnet_create_mbuf = stub_ifnet_create_mbuf,
1479 .mpo_ifnet_destroy_label = stub_destroy_label,
1480 .mpo_ifnet_externalize_label = stub_externalize_label,
1481 .mpo_ifnet_init_label = stub_init_label,
1482 .mpo_ifnet_internalize_label = stub_internalize_label,
1483 .mpo_ifnet_relabel = stub_ifnet_relabel,
1484
1485 .mpo_inpcb_check_deliver = stub_inpcb_check_deliver,
1539 .mpo_inpcb_create = stub_inpcb_create,
1486 .mpo_inpcb_create = stub_inpcb_create,
1540 .mpo_ipq_create = stub_ipq_create,
1541 .mpo_ipq_reassemble = stub_ipq_reassemble,
1542 .mpo_netinet_fragment = stub_netinet_fragment,
1543 .mpo_inpcb_create_mbuf = stub_inpcb_create_mbuf,
1487 .mpo_inpcb_create_mbuf = stub_inpcb_create_mbuf,
1544 .mpo_bpfdesc_create_mbuf = stub_bpfdesc_create_mbuf,
1545 .mpo_ifnet_create_mbuf = stub_ifnet_create_mbuf,
1546 .mpo_netatalk_aarp_send = stub_netatalk_aarp_send,
1547 .mpo_netinet_arp_send = stub_netinet_arp_send,
1548 .mpo_netinet_firewall_reply = stub_netinet_firewall_reply,
1549 .mpo_netinet_firewall_send = stub_netinet_firewall_send,
1550 .mpo_netinet_icmp_reply = stub_netinet_icmp_reply,
1551 .mpo_netinet_icmp_replyinplace = stub_netinet_icmp_replyinplace,
1552 .mpo_netinet_igmp_send = stub_netinet_igmp_send,
1553 .mpo_netinet6_nd6_send = stub_netinet6_nd6_send,
1488 .mpo_inpcb_destroy_label = stub_destroy_label,
1489 .mpo_inpcb_init_label = stub_init_label_waitcheck,
1490 .mpo_inpcb_sosetlabel = stub_inpcb_sosetlabel,
1491
1492 .mpo_ipq_create = stub_ipq_create,
1493 .mpo_ipq_destroy_label = stub_destroy_label,
1494 .mpo_ipq_init_label = stub_init_label_waitcheck,
1554 .mpo_ipq_match = stub_ipq_match,
1495 .mpo_ipq_match = stub_ipq_match,
1555 .mpo_netinet_icmp_reply = stub_netinet_icmp_reply,
1556 .mpo_netinet_icmp_replyinplace = stub_netinet_icmp_replyinplace,
1557 .mpo_netinet_tcp_reply = stub_netinet_tcp_reply,
1558 .mpo_ifnet_relabel = stub_ifnet_relabel,
1559 .mpo_ipq_update = stub_ipq_update,
1496 .mpo_ipq_update = stub_ipq_update,
1560 .mpo_inpcb_sosetlabel = stub_inpcb_sosetlabel,
1561 .mpo_vnode_execve_transition = stub_vnode_execve_transition,
1562 .mpo_vnode_execve_will_transition = stub_vnode_execve_will_transition,
1563 .mpo_proc_create_swapper = stub_proc_create_swapper,
1564 .mpo_proc_create_init = stub_proc_create_init,
1565 .mpo_proc_associate_nfsd = stub_proc_associate_nfsd,
1566 .mpo_cred_relabel= stub_cred_relabel,
1567 .mpo_thread_userret = stub_thread_userret,
1568 .mpo_sysvmsg_cleanup = stub_sysvmsg_cleanup,
1569 .mpo_sysvmsq_cleanup = stub_sysvmsq_cleanup,
1570 .mpo_sysvsem_cleanup = stub_sysvsem_cleanup,
1571 .mpo_sysvshm_cleanup = stub_sysvshm_cleanup,
1572 .mpo_bpfdesc_check_receive = stub_bpfdesc_check_receive,
1573 .mpo_cred_check_relabel = stub_cred_check_relabel,
1574 .mpo_cred_check_visible = stub_cred_check_visible,
1575 .mpo_ifnet_check_relabel = stub_ifnet_check_relabel,
1576 .mpo_ifnet_check_transmit = stub_ifnet_check_transmit,
1577 .mpo_inpcb_check_deliver = stub_inpcb_check_deliver,
1578 .mpo_sysvmsq_check_msgmsq = stub_sysvmsq_check_msgmsq,
1579 .mpo_sysvmsq_check_msgrcv = stub_sysvmsq_check_msgrcv,
1580 .mpo_sysvmsq_check_msgrmid = stub_sysvmsq_check_msgrmid,
1581 .mpo_sysvmsq_check_msqget = stub_sysvmsq_check_msqget,
1582 .mpo_sysvmsq_check_msqsnd = stub_sysvmsq_check_msqsnd,
1583 .mpo_sysvmsq_check_msqrcv = stub_sysvmsq_check_msqrcv,
1584 .mpo_sysvmsq_check_msqctl = stub_sysvmsq_check_msqctl,
1585 .mpo_sysvsem_check_semctl = stub_sysvsem_check_semctl,
1586 .mpo_sysvsem_check_semget = stub_sysvsem_check_semget,
1587 .mpo_sysvsem_check_semop = stub_sysvsem_check_semop,
1588 .mpo_sysvshm_check_shmat = stub_sysvshm_check_shmat,
1589 .mpo_sysvshm_check_shmctl = stub_sysvshm_check_shmctl,
1590 .mpo_sysvshm_check_shmdt = stub_sysvshm_check_shmdt,
1591 .mpo_sysvshm_check_shmget = stub_sysvshm_check_shmget,
1497 .mpo_ipq_reassemble = stub_ipq_reassemble,
1498
1592 .mpo_kenv_check_dump = stub_kenv_check_dump,
1593 .mpo_kenv_check_get = stub_kenv_check_get,
1594 .mpo_kenv_check_set = stub_kenv_check_set,
1595 .mpo_kenv_check_unset = stub_kenv_check_unset,
1499 .mpo_kenv_check_dump = stub_kenv_check_dump,
1500 .mpo_kenv_check_get = stub_kenv_check_get,
1501 .mpo_kenv_check_set = stub_kenv_check_set,
1502 .mpo_kenv_check_unset = stub_kenv_check_unset,
1503
1596 .mpo_kld_check_load = stub_kld_check_load,
1597 .mpo_kld_check_stat = stub_kld_check_stat,
1504 .mpo_kld_check_load = stub_kld_check_load,
1505 .mpo_kld_check_stat = stub_kld_check_stat,
1506
1507 .mpo_mbuf_copy_label = stub_copy_label,
1508 .mpo_mbuf_destroy_label = stub_destroy_label,
1509 .mpo_mbuf_init_label = stub_init_label_waitcheck,
1510
1598 .mpo_mount_check_stat = stub_mount_check_stat,
1511 .mpo_mount_check_stat = stub_mount_check_stat,
1512 .mpo_mount_create = stub_mount_create,
1513 .mpo_mount_destroy_label = stub_destroy_label,
1514 .mpo_mount_init_label = stub_init_label,
1515
1516 .mpo_netatalk_aarp_send = stub_netatalk_aarp_send,
1517
1518 .mpo_netinet_arp_send = stub_netinet_arp_send,
1519 .mpo_netinet_firewall_reply = stub_netinet_firewall_reply,
1520 .mpo_netinet_firewall_send = stub_netinet_firewall_send,
1521 .mpo_netinet_fragment = stub_netinet_fragment,
1522 .mpo_netinet_icmp_reply = stub_netinet_icmp_reply,
1523 .mpo_netinet_icmp_replyinplace = stub_netinet_icmp_replyinplace,
1524 .mpo_netinet_tcp_reply = stub_netinet_tcp_reply,
1525 .mpo_netinet_igmp_send = stub_netinet_igmp_send,
1526
1527 .mpo_netinet6_nd6_send = stub_netinet6_nd6_send,
1528
1599 .mpo_pipe_check_ioctl = stub_pipe_check_ioctl,
1600 .mpo_pipe_check_poll = stub_pipe_check_poll,
1601 .mpo_pipe_check_read = stub_pipe_check_read,
1602 .mpo_pipe_check_relabel = stub_pipe_check_relabel,
1603 .mpo_pipe_check_stat = stub_pipe_check_stat,
1604 .mpo_pipe_check_write = stub_pipe_check_write,
1529 .mpo_pipe_check_ioctl = stub_pipe_check_ioctl,
1530 .mpo_pipe_check_poll = stub_pipe_check_poll,
1531 .mpo_pipe_check_read = stub_pipe_check_read,
1532 .mpo_pipe_check_relabel = stub_pipe_check_relabel,
1533 .mpo_pipe_check_stat = stub_pipe_check_stat,
1534 .mpo_pipe_check_write = stub_pipe_check_write,
1535 .mpo_pipe_copy_label = stub_copy_label,
1536 .mpo_pipe_create = stub_pipe_create,
1537 .mpo_pipe_destroy_label = stub_destroy_label,
1538 .mpo_pipe_externalize_label = stub_externalize_label,
1539 .mpo_pipe_init_label = stub_init_label,
1540 .mpo_pipe_internalize_label = stub_internalize_label,
1541 .mpo_pipe_relabel = stub_pipe_relabel,
1542
1605 .mpo_posixsem_check_destroy = stub_posixsem_check_destroy,
1606 .mpo_posixsem_check_getvalue = stub_posixsem_check_getvalue,
1607 .mpo_posixsem_check_open = stub_posixsem_check_open,
1608 .mpo_posixsem_check_post = stub_posixsem_check_post,
1609 .mpo_posixsem_check_unlink = stub_posixsem_check_unlink,
1610 .mpo_posixsem_check_wait = stub_posixsem_check_wait,
1543 .mpo_posixsem_check_destroy = stub_posixsem_check_destroy,
1544 .mpo_posixsem_check_getvalue = stub_posixsem_check_getvalue,
1545 .mpo_posixsem_check_open = stub_posixsem_check_open,
1546 .mpo_posixsem_check_post = stub_posixsem_check_post,
1547 .mpo_posixsem_check_unlink = stub_posixsem_check_unlink,
1548 .mpo_posixsem_check_wait = stub_posixsem_check_wait,
1549 .mpo_posixsem_create = stub_posixsem_create,
1550 .mpo_posixsem_destroy_label = stub_destroy_label,
1551 .mpo_posixsem_init_label = stub_init_label,
1552
1553 .mpo_priv_check = stub_priv_check,
1554 .mpo_priv_grant = stub_priv_grant,
1555
1556 .mpo_proc_associate_nfsd = stub_proc_associate_nfsd,
1611 .mpo_proc_check_debug = stub_proc_check_debug,
1612 .mpo_proc_check_sched = stub_proc_check_sched,
1613 .mpo_proc_check_setaudit = stub_proc_check_setaudit,
1614 .mpo_proc_check_setaudit_addr = stub_proc_check_setaudit_addr,
1615 .mpo_proc_check_setauid = stub_proc_check_setauid,
1557 .mpo_proc_check_debug = stub_proc_check_debug,
1558 .mpo_proc_check_sched = stub_proc_check_sched,
1559 .mpo_proc_check_setaudit = stub_proc_check_setaudit,
1560 .mpo_proc_check_setaudit_addr = stub_proc_check_setaudit_addr,
1561 .mpo_proc_check_setauid = stub_proc_check_setauid,
1616 .mpo_proc_check_setuid = stub_proc_check_setuid,
1562 .mpo_proc_check_setegid = stub_proc_check_setegid,
1617 .mpo_proc_check_seteuid = stub_proc_check_seteuid,
1618 .mpo_proc_check_setgid = stub_proc_check_setgid,
1563 .mpo_proc_check_seteuid = stub_proc_check_seteuid,
1564 .mpo_proc_check_setgid = stub_proc_check_setgid,
1619 .mpo_proc_check_setegid = stub_proc_check_setegid,
1620 .mpo_proc_check_setgroups = stub_proc_check_setgroups,
1565 .mpo_proc_check_setgroups = stub_proc_check_setgroups,
1621 .mpo_proc_check_setreuid = stub_proc_check_setreuid,
1622 .mpo_proc_check_setregid = stub_proc_check_setregid,
1566 .mpo_proc_check_setregid = stub_proc_check_setregid,
1623 .mpo_proc_check_setresuid = stub_proc_check_setresuid,
1624 .mpo_proc_check_setresgid = stub_proc_check_setresgid,
1567 .mpo_proc_check_setresgid = stub_proc_check_setresgid,
1568 .mpo_proc_check_setresuid = stub_proc_check_setresuid,
1569 .mpo_proc_check_setreuid = stub_proc_check_setreuid,
1570 .mpo_proc_check_setuid = stub_proc_check_setuid,
1625 .mpo_proc_check_signal = stub_proc_check_signal,
1626 .mpo_proc_check_wait = stub_proc_check_wait,
1571 .mpo_proc_check_signal = stub_proc_check_signal,
1572 .mpo_proc_check_wait = stub_proc_check_wait,
1573 .mpo_proc_create_init = stub_proc_create_init,
1574 .mpo_proc_create_swapper = stub_proc_create_swapper,
1575
1627 .mpo_socket_check_accept = stub_socket_check_accept,
1628 .mpo_socket_check_bind = stub_socket_check_bind,
1629 .mpo_socket_check_connect = stub_socket_check_connect,
1630 .mpo_socket_check_create = stub_socket_check_create,
1631 .mpo_socket_check_deliver = stub_socket_check_deliver,
1632 .mpo_socket_check_listen = stub_socket_check_listen,
1633 .mpo_socket_check_poll = stub_socket_check_poll,
1634 .mpo_socket_check_receive = stub_socket_check_receive,
1635 .mpo_socket_check_relabel = stub_socket_check_relabel,
1636 .mpo_socket_check_send = stub_socket_check_send,
1637 .mpo_socket_check_stat = stub_socket_check_stat,
1638 .mpo_socket_check_visible = stub_socket_check_visible,
1576 .mpo_socket_check_accept = stub_socket_check_accept,
1577 .mpo_socket_check_bind = stub_socket_check_bind,
1578 .mpo_socket_check_connect = stub_socket_check_connect,
1579 .mpo_socket_check_create = stub_socket_check_create,
1580 .mpo_socket_check_deliver = stub_socket_check_deliver,
1581 .mpo_socket_check_listen = stub_socket_check_listen,
1582 .mpo_socket_check_poll = stub_socket_check_poll,
1583 .mpo_socket_check_receive = stub_socket_check_receive,
1584 .mpo_socket_check_relabel = stub_socket_check_relabel,
1585 .mpo_socket_check_send = stub_socket_check_send,
1586 .mpo_socket_check_stat = stub_socket_check_stat,
1587 .mpo_socket_check_visible = stub_socket_check_visible,
1588 .mpo_socket_copy_label = stub_copy_label,
1589 .mpo_socket_create = stub_socket_create,
1590 .mpo_socket_create_mbuf = stub_socket_create_mbuf,
1591 .mpo_socket_destroy_label = stub_destroy_label,
1592 .mpo_socket_externalize_label = stub_externalize_label,
1593 .mpo_socket_init_label = stub_init_label_waitcheck,
1594 .mpo_socket_internalize_label = stub_internalize_label,
1595 .mpo_socket_newconn = stub_socket_newconn,
1596 .mpo_socket_relabel = stub_socket_relabel,
1597
1598 .mpo_socketpeer_destroy_label = stub_destroy_label,
1599 .mpo_socketpeer_externalize_label = stub_externalize_label,
1600 .mpo_socketpeer_init_label = stub_init_label_waitcheck,
1601 .mpo_socketpeer_set_from_mbuf = stub_socketpeer_set_from_mbuf,
1602 .mpo_socketpeer_set_from_socket = stub_socketpeer_set_from_socket,
1603
1604 .mpo_syncache_init_label = stub_init_label_waitcheck,
1605 .mpo_syncache_destroy_label = stub_destroy_label,
1606 .mpo_syncache_create = stub_syncache_create,
1607 .mpo_syncache_create_mbuf= stub_syncache_create_mbuf,
1608
1609 .mpo_sysvmsg_cleanup = stub_sysvmsg_cleanup,
1610 .mpo_sysvmsg_create = stub_sysvmsg_create,
1611 .mpo_sysvmsg_destroy_label = stub_destroy_label,
1612 .mpo_sysvmsg_init_label = stub_init_label,
1613
1614 .mpo_sysvmsq_check_msgmsq = stub_sysvmsq_check_msgmsq,
1615 .mpo_sysvmsq_check_msgrcv = stub_sysvmsq_check_msgrcv,
1616 .mpo_sysvmsq_check_msgrmid = stub_sysvmsq_check_msgrmid,
1617 .mpo_sysvmsq_check_msqget = stub_sysvmsq_check_msqget,
1618 .mpo_sysvmsq_check_msqsnd = stub_sysvmsq_check_msqsnd,
1619 .mpo_sysvmsq_check_msqrcv = stub_sysvmsq_check_msqrcv,
1620 .mpo_sysvmsq_check_msqctl = stub_sysvmsq_check_msqctl,
1621 .mpo_sysvmsq_cleanup = stub_sysvmsq_cleanup,
1622 .mpo_sysvmsq_create = stub_sysvmsq_create,
1623 .mpo_sysvmsq_destroy_label = stub_destroy_label,
1624 .mpo_sysvmsq_init_label = stub_init_label,
1625
1626 .mpo_sysvsem_check_semctl = stub_sysvsem_check_semctl,
1627 .mpo_sysvsem_check_semget = stub_sysvsem_check_semget,
1628 .mpo_sysvsem_check_semop = stub_sysvsem_check_semop,
1629 .mpo_sysvsem_cleanup = stub_sysvsem_cleanup,
1630 .mpo_sysvsem_create = stub_sysvsem_create,
1631 .mpo_sysvsem_destroy_label = stub_destroy_label,
1632 .mpo_sysvsem_init_label = stub_init_label,
1633
1634 .mpo_sysvshm_check_shmat = stub_sysvshm_check_shmat,
1635 .mpo_sysvshm_check_shmctl = stub_sysvshm_check_shmctl,
1636 .mpo_sysvshm_check_shmdt = stub_sysvshm_check_shmdt,
1637 .mpo_sysvshm_check_shmget = stub_sysvshm_check_shmget,
1638 .mpo_sysvshm_cleanup = stub_sysvshm_cleanup,
1639 .mpo_sysvshm_create = stub_sysvshm_create,
1640 .mpo_sysvshm_destroy_label = stub_destroy_label,
1641 .mpo_sysvshm_init_label = stub_init_label,
1642
1639 .mpo_system_check_acct = stub_system_check_acct,
1640 .mpo_system_check_audit = stub_system_check_audit,
1641 .mpo_system_check_auditctl = stub_system_check_auditctl,
1642 .mpo_system_check_auditon = stub_system_check_auditon,
1643 .mpo_system_check_reboot = stub_system_check_reboot,
1644 .mpo_system_check_swapoff = stub_system_check_swapoff,
1645 .mpo_system_check_swapon = stub_system_check_swapon,
1646 .mpo_system_check_sysctl = stub_system_check_sysctl,
1643 .mpo_system_check_acct = stub_system_check_acct,
1644 .mpo_system_check_audit = stub_system_check_audit,
1645 .mpo_system_check_auditctl = stub_system_check_auditctl,
1646 .mpo_system_check_auditon = stub_system_check_auditon,
1647 .mpo_system_check_reboot = stub_system_check_reboot,
1648 .mpo_system_check_swapoff = stub_system_check_swapoff,
1649 .mpo_system_check_swapon = stub_system_check_swapon,
1650 .mpo_system_check_sysctl = stub_system_check_sysctl,
1651
1652 .mpo_thread_userret = stub_thread_userret,
1653
1654 .mpo_vnode_associate_extattr = stub_vnode_associate_extattr,
1655 .mpo_vnode_associate_singlelabel = stub_vnode_associate_singlelabel,
1647 .mpo_vnode_check_access = stub_vnode_check_access,
1648 .mpo_vnode_check_chdir = stub_vnode_check_chdir,
1649 .mpo_vnode_check_chroot = stub_vnode_check_chroot,
1650 .mpo_vnode_check_create = stub_vnode_check_create,
1651 .mpo_vnode_check_deleteacl = stub_vnode_check_deleteacl,
1652 .mpo_vnode_check_deleteextattr = stub_vnode_check_deleteextattr,
1653 .mpo_vnode_check_exec = stub_vnode_check_exec,
1654 .mpo_vnode_check_getacl = stub_vnode_check_getacl,

--- 17 unchanged lines hidden (view full) ---

1672 .mpo_vnode_check_setextattr = stub_vnode_check_setextattr,
1673 .mpo_vnode_check_setflags = stub_vnode_check_setflags,
1674 .mpo_vnode_check_setmode = stub_vnode_check_setmode,
1675 .mpo_vnode_check_setowner = stub_vnode_check_setowner,
1676 .mpo_vnode_check_setutimes = stub_vnode_check_setutimes,
1677 .mpo_vnode_check_stat = stub_vnode_check_stat,
1678 .mpo_vnode_check_unlink = stub_vnode_check_unlink,
1679 .mpo_vnode_check_write = stub_vnode_check_write,
1656 .mpo_vnode_check_access = stub_vnode_check_access,
1657 .mpo_vnode_check_chdir = stub_vnode_check_chdir,
1658 .mpo_vnode_check_chroot = stub_vnode_check_chroot,
1659 .mpo_vnode_check_create = stub_vnode_check_create,
1660 .mpo_vnode_check_deleteacl = stub_vnode_check_deleteacl,
1661 .mpo_vnode_check_deleteextattr = stub_vnode_check_deleteextattr,
1662 .mpo_vnode_check_exec = stub_vnode_check_exec,
1663 .mpo_vnode_check_getacl = stub_vnode_check_getacl,

--- 17 unchanged lines hidden (view full) ---

1681 .mpo_vnode_check_setextattr = stub_vnode_check_setextattr,
1682 .mpo_vnode_check_setflags = stub_vnode_check_setflags,
1683 .mpo_vnode_check_setmode = stub_vnode_check_setmode,
1684 .mpo_vnode_check_setowner = stub_vnode_check_setowner,
1685 .mpo_vnode_check_setutimes = stub_vnode_check_setutimes,
1686 .mpo_vnode_check_stat = stub_vnode_check_stat,
1687 .mpo_vnode_check_unlink = stub_vnode_check_unlink,
1688 .mpo_vnode_check_write = stub_vnode_check_write,
1680 .mpo_priv_check = stub_priv_check,
1681 .mpo_priv_grant = stub_priv_grant,
1682 .mpo_syncache_init_label = stub_init_label_waitcheck,
1683 .mpo_syncache_destroy_label = stub_destroy_label,
1684 .mpo_syncache_create = stub_syncache_create,
1685 .mpo_syncache_create_mbuf= stub_syncache_create_mbuf,
1689 .mpo_vnode_copy_label = stub_copy_label,
1690 .mpo_vnode_create_extattr = stub_vnode_create_extattr,
1691 .mpo_vnode_destroy_label = stub_destroy_label,
1692 .mpo_vnode_execve_transition = stub_vnode_execve_transition,
1693 .mpo_vnode_execve_will_transition = stub_vnode_execve_will_transition,
1694 .mpo_vnode_externalize_label = stub_externalize_label,
1695 .mpo_vnode_init_label = stub_init_label,
1696 .mpo_vnode_internalize_label = stub_internalize_label,
1697 .mpo_vnode_relabel = stub_vnode_relabel,
1698 .mpo_vnode_setlabel_extattr = stub_vnode_setlabel_extattr,
1686};
1687
1688MAC_POLICY_SET(&stub_ops, mac_stub, "TrustedBSD MAC/Stub",
1689 MPC_LOADTIME_FLAG_UNLOADOK, NULL);
1699};
1700
1701MAC_POLICY_SET(&stub_ops, mac_stub, "TrustedBSD MAC/Stub",
1702 MPC_LOADTIME_FLAG_UNLOADOK, NULL);