| mac_stub.c (187016) | mac_stub.c (189529) |
|---|---|
| 1/*- | 1/*- |
| 2 * Copyright (c) 1999-2002, 2007-2008 Robert N. M. Watson | 2 * Copyright (c) 1999-2002, 2007-2009 Robert N. M. Watson |
| 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * Copyright (c) 2005-2006 SPARTA, Inc. 5 * Copyright (c) 2008 Apple Inc. 6 * All rights reserved. 7 * 8 * This software was developed by Robert Watson for the TrustedBSD Project. 9 * 10 * This software was developed for the FreeBSD Project in part by McAfee 11 * Research, the Security Research Division of McAfee, Inc. under 12 * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA 13 * CHATS research program. 14 * 15 * This software was enhanced by SPARTA ISSO under SPAWAR contract 16 * N66001-04-C-6019 ("SEFOS"). 17 * | 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * Copyright (c) 2005-2006 SPARTA, Inc. 5 * Copyright (c) 2008 Apple Inc. 6 * All rights reserved. 7 * 8 * This software was developed by Robert Watson for the TrustedBSD Project. 9 * 10 * This software was developed for the FreeBSD Project in part by McAfee 11 * Research, the Security Research Division of McAfee, Inc. under 12 * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA 13 * CHATS research program. 14 * 15 * This software was enhanced by SPARTA ISSO under SPAWAR contract 16 * N66001-04-C-6019 ("SEFOS"). 17 * |
| 18 * This software was developed at the University of Cambridge Computer 19 * Laboratory with support from a grant from Google, Inc. 20 * |
|
| 18 * Redistribution and use in source and binary forms, with or without 19 * modification, are permitted provided that the following conditions 20 * are met: 21 * 1. Redistributions of source code must retain the above copyright 22 * notice, this list of conditions and the following disclaimer. 23 * 2. Redistributions in binary form must reproduce the above copyright 24 * notice, this list of conditions and the following disclaimer in the 25 * documentation and/or other materials provided with the distribution. --- 5 unchanged lines hidden (view full) --- 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * | 21 * Redistribution and use in source and binary forms, with or without 22 * modification, are permitted provided that the following conditions 23 * are met: 24 * 1. Redistributions of source code must retain the above copyright 25 * notice, this list of conditions and the following disclaimer. 26 * 2. Redistributions in binary form must reproduce the above copyright 27 * notice, this list of conditions and the following disclaimer in the 28 * documentation and/or other materials provided with the distribution. --- 5 unchanged lines hidden (view full) --- 34 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 35 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 36 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 37 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 38 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 39 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 40 * SUCH DAMAGE. 41 * |
| 39 * $FreeBSD: head/sys/security/mac_stub/mac_stub.c 187016 2009-01-10 10:58:41Z rwatson $ | 42 * $FreeBSD: head/sys/security/mac_stub/mac_stub.c 189529 2009-03-08 10:58:37Z rwatson $ |
| 40 */ 41 42/* 43 * Developed by the TrustedBSD Project. 44 * 45 * Stub module that implements a NOOP for most (if not all) MAC Framework 46 * policy entry points. 47 */ --- 146 unchanged lines hidden (view full) --- 194static int 195stub_cred_check_relabel(struct ucred *cred, struct label *newlabel) 196{ 197 198 return (0); 199} 200 201static int | 43 */ 44 45/* 46 * Developed by the TrustedBSD Project. 47 * 48 * Stub module that implements a NOOP for most (if not all) MAC Framework 49 * policy entry points. 50 */ --- 146 unchanged lines hidden (view full) --- 197static int 198stub_cred_check_relabel(struct ucred *cred, struct label *newlabel) 199{ 200 201 return (0); 202} 203 204static int |
| 205stub_cred_check_setaudit(struct ucred *cred, struct auditinfo *ai) 206{ 207 208 return (0); 209} 210 211static int 212stub_cred_check_setaudit_addr(struct ucred *cred, struct auditinfo_addr *aia) 213{ 214 215 return (0); 216} 217 218static int 219stub_cred_check_setauid(struct ucred *cred, uid_t auid) 220{ 221 222 return (0); 223} 224 225static int 226stub_cred_check_setegid(struct ucred *cred, gid_t egid) 227{ 228 229 return (0); 230} 231 232static int 233stub_cred_check_seteuid(struct ucred *cred, uid_t euid) 234{ 235 236 return (0); 237} 238 239static int 240stub_cred_check_setgid(struct ucred *cred, gid_t gid) 241{ 242 243 return (0); 244} 245 246static int 247stub_cred_check_setgroups(struct ucred *cred, int ngroups, 248 gid_t *gidset) 249{ 250 251 return (0); 252} 253 254static int 255stub_cred_check_setregid(struct ucred *cred, gid_t rgid, gid_t egid) 256{ 257 258 return (0); 259} 260 261static int 262stub_cred_check_setresgid(struct ucred *cred, gid_t rgid, gid_t egid, 263 gid_t sgid) 264{ 265 266 return (0); 267} 268 269static int 270stub_cred_check_setresuid(struct ucred *cred, uid_t ruid, uid_t euid, 271 uid_t suid) 272{ 273 274 return (0); 275} 276 277static int 278stub_cred_check_setreuid(struct ucred *cred, uid_t ruid, uid_t euid) 279{ 280 281 return (0); 282} 283 284static int 285stub_cred_check_setuid(struct ucred *cred, uid_t uid) 286{ 287 288 return (0); 289} 290 291static int |
|
| 202stub_cred_check_visible(struct ucred *cr1, struct ucred *cr2) 203{ 204 205 return (0); 206} 207 208static void 209stub_cred_create_init(struct ucred *cred) --- 486 unchanged lines hidden (view full) --- 696static int 697stub_proc_check_sched(struct ucred *cred, struct proc *p) 698{ 699 700 return (0); 701} 702 703static int | 292stub_cred_check_visible(struct ucred *cr1, struct ucred *cr2) 293{ 294 295 return (0); 296} 297 298static void 299stub_cred_create_init(struct ucred *cred) --- 486 unchanged lines hidden (view full) --- 786static int 787stub_proc_check_sched(struct ucred *cred, struct proc *p) 788{ 789 790 return (0); 791} 792 793static int |
| 704stub_proc_check_setaudit(struct ucred *cred, struct auditinfo *ai) 705{ 706 707 return (0); 708} 709 710static int 711stub_proc_check_setaudit_addr(struct ucred *cred, struct auditinfo_addr *aia) 712{ 713 714 return (0); 715} 716 717static int 718stub_proc_check_setauid(struct ucred *cred, uid_t auid) 719{ 720 721 return (0); 722} 723 724static int 725stub_proc_check_setegid(struct ucred *cred, gid_t egid) 726{ 727 728 return (0); 729} 730 731static int 732stub_proc_check_seteuid(struct ucred *cred, uid_t euid) 733{ 734 735 return (0); 736} 737 738static int 739stub_proc_check_setgid(struct ucred *cred, gid_t gid) 740{ 741 742 return (0); 743} 744 745static int 746stub_proc_check_setgroups(struct ucred *cred, int ngroups, 747 gid_t *gidset) 748{ 749 750 return (0); 751} 752 753static int 754stub_proc_check_setregid(struct ucred *cred, gid_t rgid, gid_t egid) 755{ 756 757 return (0); 758} 759 760static int 761stub_proc_check_setresgid(struct ucred *cred, gid_t rgid, gid_t egid, 762 gid_t sgid) 763{ 764 765 return (0); 766} 767 768static int 769stub_proc_check_setresuid(struct ucred *cred, uid_t ruid, uid_t euid, 770 uid_t suid) 771{ 772 773 return (0); 774} 775 776static int 777stub_proc_check_setreuid(struct ucred *cred, uid_t ruid, uid_t euid) 778{ 779 780 return (0); 781} 782 783static int 784stub_proc_check_setuid(struct ucred *cred, uid_t uid) 785{ 786 787 return (0); 788} 789 790static int | |
| 791stub_proc_check_signal(struct ucred *cred, struct proc *p, int signum) 792{ 793 794 return (0); 795} 796 797static int 798stub_proc_check_wait(struct ucred *cred, struct proc *p) --- 737 unchanged lines hidden (view full) --- 1536 .mpo_bpfdesc_check_receive = stub_bpfdesc_check_receive, 1537 .mpo_bpfdesc_create = stub_bpfdesc_create, 1538 .mpo_bpfdesc_create_mbuf = stub_bpfdesc_create_mbuf, 1539 .mpo_bpfdesc_destroy_label = stub_destroy_label, 1540 .mpo_bpfdesc_init_label = stub_init_label, 1541 1542 .mpo_cred_associate_nfsd = stub_cred_associate_nfsd, 1543 .mpo_cred_check_relabel = stub_cred_check_relabel, | 794stub_proc_check_signal(struct ucred *cred, struct proc *p, int signum) 795{ 796 797 return (0); 798} 799 800static int 801stub_proc_check_wait(struct ucred *cred, struct proc *p) --- 737 unchanged lines hidden (view full) --- 1539 .mpo_bpfdesc_check_receive = stub_bpfdesc_check_receive, 1540 .mpo_bpfdesc_create = stub_bpfdesc_create, 1541 .mpo_bpfdesc_create_mbuf = stub_bpfdesc_create_mbuf, 1542 .mpo_bpfdesc_destroy_label = stub_destroy_label, 1543 .mpo_bpfdesc_init_label = stub_init_label, 1544 1545 .mpo_cred_associate_nfsd = stub_cred_associate_nfsd, 1546 .mpo_cred_check_relabel = stub_cred_check_relabel, |
| 1547 .mpo_cred_check_setaudit = stub_cred_check_setaudit, 1548 .mpo_cred_check_setaudit_addr = stub_cred_check_setaudit_addr, 1549 .mpo_cred_check_setauid = stub_cred_check_setauid, 1550 .mpo_cred_check_setegid = stub_cred_check_setegid, 1551 .mpo_cred_check_seteuid = stub_cred_check_seteuid, 1552 .mpo_cred_check_setgid = stub_cred_check_setgid, 1553 .mpo_cred_check_setgroups = stub_cred_check_setgroups, 1554 .mpo_cred_check_setregid = stub_cred_check_setregid, 1555 .mpo_cred_check_setresgid = stub_cred_check_setresgid, 1556 .mpo_cred_check_setresuid = stub_cred_check_setresuid, 1557 .mpo_cred_check_setreuid = stub_cred_check_setreuid, 1558 .mpo_cred_check_setuid = stub_cred_check_setuid, |
|
| 1544 .mpo_cred_check_visible = stub_cred_check_visible, 1545 .mpo_cred_copy_label = stub_copy_label, 1546 .mpo_cred_create_init = stub_cred_create_init, 1547 .mpo_cred_create_swapper = stub_cred_create_swapper, 1548 .mpo_cred_destroy_label = stub_destroy_label, 1549 .mpo_cred_externalize_label = stub_externalize_label, 1550 .mpo_cred_init_label = stub_init_label, 1551 .mpo_cred_internalize_label = stub_internalize_label, --- 103 unchanged lines hidden (view full) --- 1655 .mpo_posixshm_destroy_label = stub_destroy_label, 1656 .mpo_posixshm_init_label = stub_init_label, 1657 1658 .mpo_priv_check = stub_priv_check, 1659 .mpo_priv_grant = stub_priv_grant, 1660 1661 .mpo_proc_check_debug = stub_proc_check_debug, 1662 .mpo_proc_check_sched = stub_proc_check_sched, | 1559 .mpo_cred_check_visible = stub_cred_check_visible, 1560 .mpo_cred_copy_label = stub_copy_label, 1561 .mpo_cred_create_init = stub_cred_create_init, 1562 .mpo_cred_create_swapper = stub_cred_create_swapper, 1563 .mpo_cred_destroy_label = stub_destroy_label, 1564 .mpo_cred_externalize_label = stub_externalize_label, 1565 .mpo_cred_init_label = stub_init_label, 1566 .mpo_cred_internalize_label = stub_internalize_label, --- 103 unchanged lines hidden (view full) --- 1670 .mpo_posixshm_destroy_label = stub_destroy_label, 1671 .mpo_posixshm_init_label = stub_init_label, 1672 1673 .mpo_priv_check = stub_priv_check, 1674 .mpo_priv_grant = stub_priv_grant, 1675 1676 .mpo_proc_check_debug = stub_proc_check_debug, 1677 .mpo_proc_check_sched = stub_proc_check_sched, |
| 1663 .mpo_proc_check_setaudit = stub_proc_check_setaudit, 1664 .mpo_proc_check_setaudit_addr = stub_proc_check_setaudit_addr, 1665 .mpo_proc_check_setauid = stub_proc_check_setauid, 1666 .mpo_proc_check_setegid = stub_proc_check_setegid, 1667 .mpo_proc_check_seteuid = stub_proc_check_seteuid, 1668 .mpo_proc_check_setgid = stub_proc_check_setgid, 1669 .mpo_proc_check_setgroups = stub_proc_check_setgroups, 1670 .mpo_proc_check_setregid = stub_proc_check_setregid, 1671 .mpo_proc_check_setresgid = stub_proc_check_setresgid, 1672 .mpo_proc_check_setresuid = stub_proc_check_setresuid, 1673 .mpo_proc_check_setreuid = stub_proc_check_setreuid, 1674 .mpo_proc_check_setuid = stub_proc_check_setuid, | |
| 1675 .mpo_proc_check_signal = stub_proc_check_signal, 1676 .mpo_proc_check_wait = stub_proc_check_wait, 1677 1678 .mpo_socket_check_accept = stub_socket_check_accept, 1679 .mpo_socket_check_bind = stub_socket_check_bind, 1680 .mpo_socket_check_connect = stub_socket_check_connect, 1681 .mpo_socket_check_create = stub_socket_check_create, 1682 .mpo_socket_check_deliver = stub_socket_check_deliver, --- 122 unchanged lines hidden --- | 1678 .mpo_proc_check_signal = stub_proc_check_signal, 1679 .mpo_proc_check_wait = stub_proc_check_wait, 1680 1681 .mpo_socket_check_accept = stub_socket_check_accept, 1682 .mpo_socket_check_bind = stub_socket_check_bind, 1683 .mpo_socket_check_connect = stub_socket_check_connect, 1684 .mpo_socket_check_create = stub_socket_check_create, 1685 .mpo_socket_check_deliver = stub_socket_check_deliver, --- 122 unchanged lines hidden --- |