| mac_biba.c (145855) | mac_biba.c (147091) |
|---|---|
| 1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by McAfee --- 17 unchanged lines hidden (view full) --- 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * | 1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by McAfee --- 17 unchanged lines hidden (view full) --- 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * |
| 34 * $FreeBSD: head/sys/security/mac_biba/mac_biba.c 145855 2005-05-04 10:39:15Z rwatson $ | 34 * $FreeBSD: head/sys/security/mac_biba/mac_biba.c 147091 2005-06-07 05:03:28Z rwatson $ |
| 35 */ 36 37/* 38 * Developed by the TrustedBSD Project. 39 * Biba fixed label mandatory integrity policy. 40 */ 41 42#include <sys/types.h> --- 1079 unchanged lines hidden (view full) --- 1122 1123 source = SLOT(cred->cr_label); 1124 dest = SLOT(msqlabel); 1125 1126 mac_biba_copy_effective(source, dest); 1127} 1128 1129static void | 35 */ 36 37/* 38 * Developed by the TrustedBSD Project. 39 * Biba fixed label mandatory integrity policy. 40 */ 41 42#include <sys/types.h> --- 1079 unchanged lines hidden (view full) --- 1122 1123 source = SLOT(cred->cr_label); 1124 dest = SLOT(msqlabel); 1125 1126 mac_biba_copy_effective(source, dest); 1127} 1128 1129static void |
| 1130mac_biba_create_sysv_sema(struct ucred *cred, struct semid_kernel *semakptr, | 1130mac_biba_create_sysv_sem(struct ucred *cred, struct semid_kernel *semakptr, |
| 1131 struct label *semalabel) 1132{ 1133 struct mac_biba *source, *dest; 1134 1135 source = SLOT(cred->cr_label); 1136 dest = SLOT(semalabel); 1137 1138 mac_biba_copy_effective(source, dest); --- 321 unchanged lines hidden (view full) --- 1460static void 1461mac_biba_cleanup_sysv_msgqueue(struct label *msqlabel) 1462{ 1463 1464 bzero(SLOT(msqlabel), sizeof(struct mac_biba)); 1465} 1466 1467static void | 1131 struct label *semalabel) 1132{ 1133 struct mac_biba *source, *dest; 1134 1135 source = SLOT(cred->cr_label); 1136 dest = SLOT(semalabel); 1137 1138 mac_biba_copy_effective(source, dest); --- 321 unchanged lines hidden (view full) --- 1460static void 1461mac_biba_cleanup_sysv_msgqueue(struct label *msqlabel) 1462{ 1463 1464 bzero(SLOT(msqlabel), sizeof(struct mac_biba)); 1465} 1466 1467static void |
| 1468mac_biba_cleanup_sysv_sema(struct label *semalabel) | 1468mac_biba_cleanup_sysv_sem(struct label *semalabel) |
| 1469{ 1470 1471 bzero(SLOT(semalabel), sizeof(struct mac_biba)); 1472} 1473 1474static void 1475mac_biba_cleanup_sysv_shm(struct label *shmlabel) 1476{ --- 1575 unchanged lines hidden (view full) --- 3052 .mpo_init = mac_biba_init, 3053 .mpo_init_bpfdesc_label = mac_biba_init_label, 3054 .mpo_init_cred_label = mac_biba_init_label, 3055 .mpo_init_devfsdirent_label = mac_biba_init_label, 3056 .mpo_init_ifnet_label = mac_biba_init_label, 3057 .mpo_init_inpcb_label = mac_biba_init_label_waitcheck, 3058 .mpo_init_sysv_msgmsg_label = mac_biba_init_label, 3059 .mpo_init_sysv_msgqueue_label = mac_biba_init_label, | 1469{ 1470 1471 bzero(SLOT(semalabel), sizeof(struct mac_biba)); 1472} 1473 1474static void 1475mac_biba_cleanup_sysv_shm(struct label *shmlabel) 1476{ --- 1575 unchanged lines hidden (view full) --- 3052 .mpo_init = mac_biba_init, 3053 .mpo_init_bpfdesc_label = mac_biba_init_label, 3054 .mpo_init_cred_label = mac_biba_init_label, 3055 .mpo_init_devfsdirent_label = mac_biba_init_label, 3056 .mpo_init_ifnet_label = mac_biba_init_label, 3057 .mpo_init_inpcb_label = mac_biba_init_label_waitcheck, 3058 .mpo_init_sysv_msgmsg_label = mac_biba_init_label, 3059 .mpo_init_sysv_msgqueue_label = mac_biba_init_label, |
| 3060 .mpo_init_sysv_sema_label = mac_biba_init_label, | 3060 .mpo_init_sysv_sem_label = mac_biba_init_label, |
| 3061 .mpo_init_sysv_shm_label = mac_biba_init_label, 3062 .mpo_init_ipq_label = mac_biba_init_label_waitcheck, 3063 .mpo_init_mbuf_label = mac_biba_init_label_waitcheck, 3064 .mpo_init_mount_label = mac_biba_init_label, 3065 .mpo_init_mount_fs_label = mac_biba_init_label, 3066 .mpo_init_pipe_label = mac_biba_init_label, 3067 .mpo_init_posix_sem_label = mac_biba_init_label, 3068 .mpo_init_socket_label = mac_biba_init_label_waitcheck, 3069 .mpo_init_socket_peer_label = mac_biba_init_label_waitcheck, 3070 .mpo_init_vnode_label = mac_biba_init_label, 3071 .mpo_destroy_bpfdesc_label = mac_biba_destroy_label, 3072 .mpo_destroy_cred_label = mac_biba_destroy_label, 3073 .mpo_destroy_devfsdirent_label = mac_biba_destroy_label, 3074 .mpo_destroy_ifnet_label = mac_biba_destroy_label, 3075 .mpo_destroy_inpcb_label = mac_biba_destroy_label, 3076 .mpo_destroy_sysv_msgmsg_label = mac_biba_destroy_label, 3077 .mpo_destroy_sysv_msgqueue_label = mac_biba_destroy_label, | 3061 .mpo_init_sysv_shm_label = mac_biba_init_label, 3062 .mpo_init_ipq_label = mac_biba_init_label_waitcheck, 3063 .mpo_init_mbuf_label = mac_biba_init_label_waitcheck, 3064 .mpo_init_mount_label = mac_biba_init_label, 3065 .mpo_init_mount_fs_label = mac_biba_init_label, 3066 .mpo_init_pipe_label = mac_biba_init_label, 3067 .mpo_init_posix_sem_label = mac_biba_init_label, 3068 .mpo_init_socket_label = mac_biba_init_label_waitcheck, 3069 .mpo_init_socket_peer_label = mac_biba_init_label_waitcheck, 3070 .mpo_init_vnode_label = mac_biba_init_label, 3071 .mpo_destroy_bpfdesc_label = mac_biba_destroy_label, 3072 .mpo_destroy_cred_label = mac_biba_destroy_label, 3073 .mpo_destroy_devfsdirent_label = mac_biba_destroy_label, 3074 .mpo_destroy_ifnet_label = mac_biba_destroy_label, 3075 .mpo_destroy_inpcb_label = mac_biba_destroy_label, 3076 .mpo_destroy_sysv_msgmsg_label = mac_biba_destroy_label, 3077 .mpo_destroy_sysv_msgqueue_label = mac_biba_destroy_label, |
| 3078 .mpo_destroy_sysv_sema_label = mac_biba_destroy_label, | 3078 .mpo_destroy_sysv_sem_label = mac_biba_destroy_label, |
| 3079 .mpo_destroy_sysv_shm_label = mac_biba_destroy_label, 3080 .mpo_destroy_ipq_label = mac_biba_destroy_label, 3081 .mpo_destroy_mbuf_label = mac_biba_destroy_label, 3082 .mpo_destroy_mount_label = mac_biba_destroy_label, 3083 .mpo_destroy_mount_fs_label = mac_biba_destroy_label, 3084 .mpo_destroy_pipe_label = mac_biba_destroy_label, 3085 .mpo_destroy_posix_sem_label = mac_biba_destroy_label, 3086 .mpo_destroy_socket_label = mac_biba_destroy_label, --- 39 unchanged lines hidden (view full) --- 3126 .mpo_set_socket_peer_from_socket = mac_biba_set_socket_peer_from_socket, 3127 .mpo_create_bpfdesc = mac_biba_create_bpfdesc, 3128 .mpo_create_datagram_from_ipq = mac_biba_create_datagram_from_ipq, 3129 .mpo_create_fragment = mac_biba_create_fragment, 3130 .mpo_create_ifnet = mac_biba_create_ifnet, 3131 .mpo_create_inpcb_from_socket = mac_biba_create_inpcb_from_socket, 3132 .mpo_create_sysv_msgmsg = mac_biba_create_sysv_msgmsg, 3133 .mpo_create_sysv_msgqueue = mac_biba_create_sysv_msgqueue, | 3079 .mpo_destroy_sysv_shm_label = mac_biba_destroy_label, 3080 .mpo_destroy_ipq_label = mac_biba_destroy_label, 3081 .mpo_destroy_mbuf_label = mac_biba_destroy_label, 3082 .mpo_destroy_mount_label = mac_biba_destroy_label, 3083 .mpo_destroy_mount_fs_label = mac_biba_destroy_label, 3084 .mpo_destroy_pipe_label = mac_biba_destroy_label, 3085 .mpo_destroy_posix_sem_label = mac_biba_destroy_label, 3086 .mpo_destroy_socket_label = mac_biba_destroy_label, --- 39 unchanged lines hidden (view full) --- 3126 .mpo_set_socket_peer_from_socket = mac_biba_set_socket_peer_from_socket, 3127 .mpo_create_bpfdesc = mac_biba_create_bpfdesc, 3128 .mpo_create_datagram_from_ipq = mac_biba_create_datagram_from_ipq, 3129 .mpo_create_fragment = mac_biba_create_fragment, 3130 .mpo_create_ifnet = mac_biba_create_ifnet, 3131 .mpo_create_inpcb_from_socket = mac_biba_create_inpcb_from_socket, 3132 .mpo_create_sysv_msgmsg = mac_biba_create_sysv_msgmsg, 3133 .mpo_create_sysv_msgqueue = mac_biba_create_sysv_msgqueue, |
| 3134 .mpo_create_sysv_sema = mac_biba_create_sysv_sema, | 3134 .mpo_create_sysv_sem = mac_biba_create_sysv_sem, |
| 3135 .mpo_create_sysv_shm = mac_biba_create_sysv_shm, 3136 .mpo_create_ipq = mac_biba_create_ipq, 3137 .mpo_create_mbuf_from_inpcb = mac_biba_create_mbuf_from_inpcb, 3138 .mpo_create_mbuf_from_mbuf = mac_biba_create_mbuf_from_mbuf, 3139 .mpo_create_mbuf_linklayer = mac_biba_create_mbuf_linklayer, 3140 .mpo_create_mbuf_from_bpfdesc = mac_biba_create_mbuf_from_bpfdesc, 3141 .mpo_create_mbuf_from_ifnet = mac_biba_create_mbuf_from_ifnet, 3142 .mpo_create_mbuf_multicast_encap = mac_biba_create_mbuf_multicast_encap, 3143 .mpo_create_mbuf_netlayer = mac_biba_create_mbuf_netlayer, 3144 .mpo_fragment_match = mac_biba_fragment_match, 3145 .mpo_relabel_ifnet = mac_biba_relabel_ifnet, 3146 .mpo_update_ipq = mac_biba_update_ipq, 3147 .mpo_inpcb_sosetlabel = mac_biba_inpcb_sosetlabel, 3148 .mpo_create_proc0 = mac_biba_create_proc0, 3149 .mpo_create_proc1 = mac_biba_create_proc1, 3150 .mpo_relabel_cred = mac_biba_relabel_cred, 3151 .mpo_cleanup_sysv_msgmsg = mac_biba_cleanup_sysv_msgmsg, 3152 .mpo_cleanup_sysv_msgqueue = mac_biba_cleanup_sysv_msgqueue, | 3135 .mpo_create_sysv_shm = mac_biba_create_sysv_shm, 3136 .mpo_create_ipq = mac_biba_create_ipq, 3137 .mpo_create_mbuf_from_inpcb = mac_biba_create_mbuf_from_inpcb, 3138 .mpo_create_mbuf_from_mbuf = mac_biba_create_mbuf_from_mbuf, 3139 .mpo_create_mbuf_linklayer = mac_biba_create_mbuf_linklayer, 3140 .mpo_create_mbuf_from_bpfdesc = mac_biba_create_mbuf_from_bpfdesc, 3141 .mpo_create_mbuf_from_ifnet = mac_biba_create_mbuf_from_ifnet, 3142 .mpo_create_mbuf_multicast_encap = mac_biba_create_mbuf_multicast_encap, 3143 .mpo_create_mbuf_netlayer = mac_biba_create_mbuf_netlayer, 3144 .mpo_fragment_match = mac_biba_fragment_match, 3145 .mpo_relabel_ifnet = mac_biba_relabel_ifnet, 3146 .mpo_update_ipq = mac_biba_update_ipq, 3147 .mpo_inpcb_sosetlabel = mac_biba_inpcb_sosetlabel, 3148 .mpo_create_proc0 = mac_biba_create_proc0, 3149 .mpo_create_proc1 = mac_biba_create_proc1, 3150 .mpo_relabel_cred = mac_biba_relabel_cred, 3151 .mpo_cleanup_sysv_msgmsg = mac_biba_cleanup_sysv_msgmsg, 3152 .mpo_cleanup_sysv_msgqueue = mac_biba_cleanup_sysv_msgqueue, |
| 3153 .mpo_cleanup_sysv_sema = mac_biba_cleanup_sysv_sema, | 3153 .mpo_cleanup_sysv_sem = mac_biba_cleanup_sysv_sem, |
| 3154 .mpo_cleanup_sysv_shm = mac_biba_cleanup_sysv_shm, 3155 .mpo_check_bpfdesc_receive = mac_biba_check_bpfdesc_receive, 3156 .mpo_check_cred_relabel = mac_biba_check_cred_relabel, 3157 .mpo_check_cred_visible = mac_biba_check_cred_visible, 3158 .mpo_check_ifnet_relabel = mac_biba_check_ifnet_relabel, 3159 .mpo_check_ifnet_transmit = mac_biba_check_ifnet_transmit, 3160 .mpo_check_inpcb_deliver = mac_biba_check_inpcb_deliver, 3161 .mpo_check_sysv_msgrcv = mac_biba_check_sysv_msgrcv, --- 73 unchanged lines hidden --- | 3154 .mpo_cleanup_sysv_shm = mac_biba_cleanup_sysv_shm, 3155 .mpo_check_bpfdesc_receive = mac_biba_check_bpfdesc_receive, 3156 .mpo_check_cred_relabel = mac_biba_check_cred_relabel, 3157 .mpo_check_cred_visible = mac_biba_check_cred_visible, 3158 .mpo_check_ifnet_relabel = mac_biba_check_ifnet_relabel, 3159 .mpo_check_ifnet_transmit = mac_biba_check_ifnet_transmit, 3160 .mpo_check_inpcb_deliver = mac_biba_check_inpcb_deliver, 3161 .mpo_check_sysv_msgrcv = mac_biba_check_sysv_msgrcv, --- 73 unchanged lines hidden --- |