1/*-
2 * Copyright (c) 1999-2002 Robert N. M. Watson
3 * Copyright (c) 2001-2005 McAfee, Inc.
4 * All rights reserved.
5 *
6 * This software was developed by Robert Watson for the TrustedBSD Project.
7 *
8 * This software was developed for the FreeBSD Project in part by McAfee
9 * Research, the Security Research Division of McAfee, Inc. under
10 * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA
--- 15 unchanged lines hidden (view full) ---
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 * $FreeBSD: head/sys/security/mac_test/mac_test.c 166531 2007-02-06 10:59:23Z rwatson $
35 */
36
37/*
38 * Developed by the TrustedBSD Project.
39 * Generic mandatory access module that does nothing.
40 */
41
42#include <sys/types.h>
--- 54 unchanged lines hidden (view full) ---
97#define SYSVIPCSHMMAGIC 0x76119ab0
98#define PIPEMAGIC 0xdc6c9919
99#define POSIXSEMMAGIC 0x78ae980c
100#define PROCMAGIC 0x3b4be98f
101#define CREDMAGIC 0x9a5a4987
102#define VNODEMAGIC 0x1a67a45c
103#define EXMAGIC 0x849ba1fd
104
105#define SLOT(x) LABEL_TO_SLOT((x), test_slot).l_long
106
107#define ASSERT_BPF_LABEL(x) KASSERT(SLOT(x) == BPFMAGIC || \
108 SLOT(x) == 0, ("%s: Bad BPF label", __func__ ))
109#define ASSERT_DEVFS_LABEL(x) KASSERT(SLOT(x) == DEVFSMAGIC || \
110 SLOT(x) == 0, ("%s: Bad DEVFS label", __func__ ))
111#define ASSERT_IFNET_LABEL(x) KASSERT(SLOT(x) == IFNETMAGIC || \
112 SLOT(x) == 0, ("%s: Bad IFNET label", __func__ ))
113#define ASSERT_INPCB_LABEL(x) KASSERT(SLOT(x) == INPCBMAGIC || \
--- 186 unchanged lines hidden (view full) ---
300
301/*
302 * Label operations.
303 */
304static void
305mac_test_init_bpfdesc_label(struct label *label)
306{
307
308 SLOT(label) = BPFMAGIC;
309 atomic_add_int(&init_count_bpfdesc, 1);
310}
311
312static void
313mac_test_init_cred_label(struct label *label)
314{
315
316 SLOT(label) = CREDMAGIC;
317 atomic_add_int(&init_count_cred, 1);
318}
319
320static void
321mac_test_init_devfsdirent_label(struct label *label)
322{
323
324 SLOT(label) = DEVFSMAGIC;
325 atomic_add_int(&init_count_devfsdirent, 1);
326}
327
328static void
329mac_test_init_ifnet_label(struct label *label)
330{
331
332 SLOT(label) = IFNETMAGIC;
333 atomic_add_int(&init_count_ifnet, 1);
334}
335
336static int
337mac_test_init_inpcb_label(struct label *label, int flag)
338{
339
340 if (flag & M_WAITOK)
341 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
342 "mac_test_init_inpcb_label() at %s:%d", __FILE__,
343 __LINE__);
344
345 SLOT(label) = INPCBMAGIC;
346 atomic_add_int(&init_count_inpcb, 1);
347 return (0);
348}
349
350static void
351mac_test_init_sysv_msgmsg_label(struct label *label)
352{
353 SLOT(label) = SYSVIPCMSGMAGIC;
354 atomic_add_int(&init_count_sysv_msg, 1);
355}
356
357static void
358mac_test_init_sysv_msgqueue_label(struct label *label)
359{
360 SLOT(label) = SYSVIPCMSQMAGIC;
361 atomic_add_int(&init_count_sysv_msq, 1);
362}
363
364static void
365mac_test_init_sysv_sem_label(struct label *label)
366{
367 SLOT(label) = SYSVIPCSEMMAGIC;
368 atomic_add_int(&init_count_sysv_sem, 1);
369}
370
371static void
372mac_test_init_sysv_shm_label(struct label *label)
373{
374 SLOT(label) = SYSVIPCSHMMAGIC;
375 atomic_add_int(&init_count_sysv_shm, 1);
376}
377
378static int
379mac_test_init_ipq_label(struct label *label, int flag)
380{
381
382 if (flag & M_WAITOK)
383 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
384 "mac_test_init_ipq_label() at %s:%d", __FILE__,
385 __LINE__);
386
387 SLOT(label) = IPQMAGIC;
388 atomic_add_int(&init_count_ipq, 1);
389 return (0);
390}
391
392static int
393mac_test_init_mbuf_label(struct label *label, int flag)
394{
395
396 if (flag & M_WAITOK)
397 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
398 "mac_test_init_mbuf_label() at %s:%d", __FILE__,
399 __LINE__);
400
401 SLOT(label) = MBUFMAGIC;
402 atomic_add_int(&init_count_mbuf, 1);
403 return (0);
404}
405
406static void
407mac_test_init_mount_label(struct label *label)
408{
409
410 SLOT(label) = MOUNTMAGIC;
411 atomic_add_int(&init_count_mount, 1);
412}
413
414static void
415mac_test_init_mount_fs_label(struct label *label)
416{
417
418 SLOT(label) = MOUNTMAGIC;
419 atomic_add_int(&init_count_mount_fslabel, 1);
420}
421
422static int
423mac_test_init_socket_label(struct label *label, int flag)
424{
425
426 if (flag & M_WAITOK)
427 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
428 "mac_test_init_socket_label() at %s:%d", __FILE__,
429 __LINE__);
430
431 SLOT(label) = SOCKETMAGIC;
432 atomic_add_int(&init_count_socket, 1);
433 return (0);
434}
435
436static int
437mac_test_init_socket_peer_label(struct label *label, int flag)
438{
439
440 if (flag & M_WAITOK)
441 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
442 "mac_test_init_socket_peer_label() at %s:%d", __FILE__,
443 __LINE__);
444
445 SLOT(label) = SOCKETMAGIC;
446 atomic_add_int(&init_count_socket_peerlabel, 1);
447 return (0);
448}
449
450static void
451mac_test_init_pipe_label(struct label *label)
452{
453
454 SLOT(label) = PIPEMAGIC;
455 atomic_add_int(&init_count_pipe, 1);
456}
457
458static void
459mac_test_init_posix_sem_label(struct label *label)
460{
461
462 SLOT(label) = POSIXSEMMAGIC;
463 atomic_add_int(&init_count_posixsems, 1);
464}
465
466static void
467mac_test_init_proc_label(struct label *label)
468{
469
470 SLOT(label) = PROCMAGIC;
471 atomic_add_int(&init_count_proc, 1);
472}
473
474static void
475mac_test_init_vnode_label(struct label *label)
476{
477
478 SLOT(label) = VNODEMAGIC;
479 atomic_add_int(&init_count_vnode, 1);
480}
481
482static void
483mac_test_destroy_bpfdesc_label(struct label *label)
484{
485
486 if (SLOT(label) == BPFMAGIC || SLOT(label) == 0) {
487 atomic_add_int(&destroy_count_bpfdesc, 1);
488 SLOT(label) = EXMAGIC;
489 } else if (SLOT(label) == EXMAGIC) {
490 DEBUGGER("mac_test_destroy_bpfdesc: dup destroy");
491 } else {
492 DEBUGGER("mac_test_destroy_bpfdesc: corrupted label");
493 }
494}
495
496static void
497mac_test_destroy_cred_label(struct label *label)
498{
499
500 if (SLOT(label) == CREDMAGIC || SLOT(label) == 0) {
501 atomic_add_int(&destroy_count_cred, 1);
502 SLOT(label) = EXMAGIC;
503 } else if (SLOT(label) == EXMAGIC) {
504 DEBUGGER("mac_test_destroy_cred: dup destroy");
505 } else {
506 DEBUGGER("mac_test_destroy_cred: corrupted label");
507 }
508}
509
510static void
511mac_test_destroy_devfsdirent_label(struct label *label)
512{
513
514 if (SLOT(label) == DEVFSMAGIC || SLOT(label) == 0) {
515 atomic_add_int(&destroy_count_devfsdirent, 1);
516 SLOT(label) = EXMAGIC;
517 } else if (SLOT(label) == EXMAGIC) {
518 DEBUGGER("mac_test_destroy_devfsdirent: dup destroy");
519 } else {
520 DEBUGGER("mac_test_destroy_devfsdirent: corrupted label");
521 }
522}
523
524static void
525mac_test_destroy_ifnet_label(struct label *label)
526{
527
528 if (SLOT(label) == IFNETMAGIC || SLOT(label) == 0) {
529 atomic_add_int(&destroy_count_ifnet, 1);
530 SLOT(label) = EXMAGIC;
531 } else if (SLOT(label) == EXMAGIC) {
532 DEBUGGER("mac_test_destroy_ifnet: dup destroy");
533 } else {
534 DEBUGGER("mac_test_destroy_ifnet: corrupted label");
535 }
536}
537
538static void
539mac_test_destroy_inpcb_label(struct label *label)
540{
541
542 if (SLOT(label) == INPCBMAGIC || SLOT(label) == 0) {
543 atomic_add_int(&destroy_count_inpcb, 1);
544 SLOT(label) = EXMAGIC;
545 } else if (SLOT(label) == EXMAGIC) {
546 DEBUGGER("mac_test_destroy_inpcb: dup destroy");
547 } else {
548 DEBUGGER("mac_test_destroy_inpcb: corrupted label");
549 }
550}
551
552static void
553mac_test_destroy_sysv_msgmsg_label(struct label *label)
554{
555
556 if (SLOT(label) == SYSVIPCMSGMAGIC || SLOT(label) == 0) {
557 atomic_add_int(&destroy_count_sysv_msg, 1);
558 SLOT(label) = EXMAGIC;
559 } else if (SLOT(label) == EXMAGIC) {
560 DEBUGGER("mac_test_destroy_sysv_msgmsg_label: dup destroy");
561 } else {
562 DEBUGGER(
563 "mac_test_destroy_sysv_msgmsg_label: corrupted label");
564 }
565}
566
567static void
568mac_test_destroy_sysv_msgqueue_label(struct label *label)
569{
570
571 if (SLOT(label) == SYSVIPCMSQMAGIC || SLOT(label) == 0) {
572 atomic_add_int(&destroy_count_sysv_msq, 1);
573 SLOT(label) = EXMAGIC;
574 } else if (SLOT(label) == EXMAGIC) {
575 DEBUGGER("mac_test_destroy_sysv_msgqueue_label: dup destroy");
576 } else {
577 DEBUGGER(
578 "mac_test_destroy_sysv_msgqueue_label: corrupted label");
579 }
580}
581
582static void
583mac_test_destroy_sysv_sem_label(struct label *label)
584{
585
586 if (SLOT(label) == SYSVIPCSEMMAGIC || SLOT(label) == 0) {
587 atomic_add_int(&destroy_count_sysv_sem, 1);
588 SLOT(label) = EXMAGIC;
589 } else if (SLOT(label) == EXMAGIC) {
590 DEBUGGER("mac_test_destroy_sysv_sem_label: dup destroy");
591 } else {
592 DEBUGGER("mac_test_destroy_sysv_sem_label: corrupted label");
593 }
594}
595
596static void
597mac_test_destroy_sysv_shm_label(struct label *label)
598{
599
600 if (SLOT(label) == SYSVIPCSHMMAGIC || SLOT(label) == 0) {
601 atomic_add_int(&destroy_count_sysv_shm, 1);
602 SLOT(label) = EXMAGIC;
603 } else if (SLOT(label) == EXMAGIC) {
604 DEBUGGER("mac_test_destroy_sysv_shm_label: dup destroy");
605 } else {
606 DEBUGGER("mac_test_destroy_sysv_shm_label: corrupted label");
607 }
608}
609
610static void
611mac_test_destroy_ipq_label(struct label *label)
612{
613
614 if (SLOT(label) == IPQMAGIC || SLOT(label) == 0) {
615 atomic_add_int(&destroy_count_ipq, 1);
616 SLOT(label) = EXMAGIC;
617 } else if (SLOT(label) == EXMAGIC) {
618 DEBUGGER("mac_test_destroy_ipq: dup destroy");
619 } else {
620 DEBUGGER("mac_test_destroy_ipq: corrupted label");
621 }
622}
623
624static void
--- 5 unchanged lines hidden (view full) ---
630 * didn't have label storage allocated for them. Handle this
631 * gracefully.
632 */
633 if (label == NULL)
634 return;
635
636 if (SLOT(label) == MBUFMAGIC || SLOT(label) == 0) {
637 atomic_add_int(&destroy_count_mbuf, 1);
638 SLOT(label) = EXMAGIC;
639 } else if (SLOT(label) == EXMAGIC) {
640 DEBUGGER("mac_test_destroy_mbuf: dup destroy");
641 } else {
642 DEBUGGER("mac_test_destroy_mbuf: corrupted label");
643 }
644}
645
646static void
647mac_test_destroy_mount_label(struct label *label)
648{
649
650 if ((SLOT(label) == MOUNTMAGIC || SLOT(label) == 0)) {
651 atomic_add_int(&destroy_count_mount, 1);
652 SLOT(label) = EXMAGIC;
653 } else if (SLOT(label) == EXMAGIC) {
654 DEBUGGER("mac_test_destroy_mount: dup destroy");
655 } else {
656 DEBUGGER("mac_test_destroy_mount: corrupted label");
657 }
658}
659
660static void
661mac_test_destroy_mount_fs_label(struct label *label)
662{
663
664 if ((SLOT(label) == MOUNTMAGIC || SLOT(label) == 0)) {
665 atomic_add_int(&destroy_count_mount_fslabel, 1);
666 SLOT(label) = EXMAGIC;
667 } else if (SLOT(label) == EXMAGIC) {
668 DEBUGGER("mac_test_destroy_mount_fslabel: dup destroy");
669 } else {
670 DEBUGGER("mac_test_destroy_mount_fslabel: corrupted label");
671 }
672}
673
674static void
675mac_test_destroy_socket_label(struct label *label)
676{
677
678 if ((SLOT(label) == SOCKETMAGIC || SLOT(label) == 0)) {
679 atomic_add_int(&destroy_count_socket, 1);
680 SLOT(label) = EXMAGIC;
681 } else if (SLOT(label) == EXMAGIC) {
682 DEBUGGER("mac_test_destroy_socket: dup destroy");
683 } else {
684 DEBUGGER("mac_test_destroy_socket: corrupted label");
685 }
686}
687
688static void
689mac_test_destroy_socket_peer_label(struct label *label)
690{
691
692 if ((SLOT(label) == SOCKETMAGIC || SLOT(label) == 0)) {
693 atomic_add_int(&destroy_count_socket_peerlabel, 1);
694 SLOT(label) = EXMAGIC;
695 } else if (SLOT(label) == EXMAGIC) {
696 DEBUGGER("mac_test_destroy_socket_peerlabel: dup destroy");
697 } else {
698 DEBUGGER("mac_test_destroy_socket_peerlabel: corrupted label");
699 }
700}
701
702static void
703mac_test_destroy_pipe_label(struct label *label)
704{
705
706 if ((SLOT(label) == PIPEMAGIC || SLOT(label) == 0)) {
707 atomic_add_int(&destroy_count_pipe, 1);
708 SLOT(label) = EXMAGIC;
709 } else if (SLOT(label) == EXMAGIC) {
710 DEBUGGER("mac_test_destroy_pipe: dup destroy");
711 } else {
712 DEBUGGER("mac_test_destroy_pipe: corrupted label");
713 }
714}
715
716static void
717mac_test_destroy_posix_sem_label(struct label *label)
718{
719
720 if ((SLOT(label) == POSIXSEMMAGIC || SLOT(label) == 0)) {
721 atomic_add_int(&destroy_count_posixsems, 1);
722 SLOT(label) = EXMAGIC;
723 } else if (SLOT(label) == EXMAGIC) {
724 DEBUGGER("mac_test_destroy_posix_sem: dup destroy");
725 } else {
726 DEBUGGER("mac_test_destroy_posix_sem: corrupted label");
727 }
728}
729
730static void
731mac_test_destroy_proc_label(struct label *label)
732{
733
734 if ((SLOT(label) == PROCMAGIC || SLOT(label) == 0)) {
735 atomic_add_int(&destroy_count_proc, 1);
736 SLOT(label) = EXMAGIC;
737 } else if (SLOT(label) == EXMAGIC) {
738 DEBUGGER("mac_test_destroy_proc: dup destroy");
739 } else {
740 DEBUGGER("mac_test_destroy_proc: corrupted label");
741 }
742}
743
744static void
745mac_test_destroy_vnode_label(struct label *label)
746{
747
748 if (SLOT(label) == VNODEMAGIC || SLOT(label) == 0) {
749 atomic_add_int(&destroy_count_vnode, 1);
750 SLOT(label) = EXMAGIC;
751 } else if (SLOT(label) == EXMAGIC) {
752 DEBUGGER("mac_test_destroy_vnode: dup destroy");
753 } else {
754 DEBUGGER("mac_test_destroy_vnode: corrupted label");
755 }
756}
757
758static void
--- 1855 unchanged lines hidden ---
2 * Copyright (c) 1999-2002 Robert N. M. Watson
3 * Copyright (c) 2001-2005 McAfee, Inc.
4 * All rights reserved.
5 *
6 * This software was developed by Robert Watson for the TrustedBSD Project.
7 *
8 * This software was developed for the FreeBSD Project in part by McAfee
9 * Research, the Security Research Division of McAfee, Inc. under
10 * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA
--- 15 unchanged lines hidden (view full) ---
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 * $FreeBSD: head/sys/security/mac_test/mac_test.c 166531 2007-02-06 10:59:23Z rwatson $
35 */
36
37/*
38 * Developed by the TrustedBSD Project.
39 * Generic mandatory access module that does nothing.
40 */
41
42#include <sys/types.h>
--- 54 unchanged lines hidden (view full) ---
97#define SYSVIPCSHMMAGIC 0x76119ab0
98#define PIPEMAGIC 0xdc6c9919
99#define POSIXSEMMAGIC 0x78ae980c
100#define PROCMAGIC 0x3b4be98f
101#define CREDMAGIC 0x9a5a4987
102#define VNODEMAGIC 0x1a67a45c
103#define EXMAGIC 0x849ba1fd
104
105#define SLOT(x) LABEL_TO_SLOT((x), test_slot).l_long
106
107#define ASSERT_BPF_LABEL(x) KASSERT(SLOT(x) == BPFMAGIC || \
108 SLOT(x) == 0, ("%s: Bad BPF label", __func__ ))
109#define ASSERT_DEVFS_LABEL(x) KASSERT(SLOT(x) == DEVFSMAGIC || \
110 SLOT(x) == 0, ("%s: Bad DEVFS label", __func__ ))
111#define ASSERT_IFNET_LABEL(x) KASSERT(SLOT(x) == IFNETMAGIC || \
112 SLOT(x) == 0, ("%s: Bad IFNET label", __func__ ))
113#define ASSERT_INPCB_LABEL(x) KASSERT(SLOT(x) == INPCBMAGIC || \
--- 186 unchanged lines hidden (view full) ---
300
301/*
302 * Label operations.
303 */
304static void
305mac_test_init_bpfdesc_label(struct label *label)
306{
307
308 SLOT(label) = BPFMAGIC;
309 atomic_add_int(&init_count_bpfdesc, 1);
310}
311
312static void
313mac_test_init_cred_label(struct label *label)
314{
315
316 SLOT(label) = CREDMAGIC;
317 atomic_add_int(&init_count_cred, 1);
318}
319
320static void
321mac_test_init_devfsdirent_label(struct label *label)
322{
323
324 SLOT(label) = DEVFSMAGIC;
325 atomic_add_int(&init_count_devfsdirent, 1);
326}
327
328static void
329mac_test_init_ifnet_label(struct label *label)
330{
331
332 SLOT(label) = IFNETMAGIC;
333 atomic_add_int(&init_count_ifnet, 1);
334}
335
336static int
337mac_test_init_inpcb_label(struct label *label, int flag)
338{
339
340 if (flag & M_WAITOK)
341 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
342 "mac_test_init_inpcb_label() at %s:%d", __FILE__,
343 __LINE__);
344
345 SLOT(label) = INPCBMAGIC;
346 atomic_add_int(&init_count_inpcb, 1);
347 return (0);
348}
349
350static void
351mac_test_init_sysv_msgmsg_label(struct label *label)
352{
353 SLOT(label) = SYSVIPCMSGMAGIC;
354 atomic_add_int(&init_count_sysv_msg, 1);
355}
356
357static void
358mac_test_init_sysv_msgqueue_label(struct label *label)
359{
360 SLOT(label) = SYSVIPCMSQMAGIC;
361 atomic_add_int(&init_count_sysv_msq, 1);
362}
363
364static void
365mac_test_init_sysv_sem_label(struct label *label)
366{
367 SLOT(label) = SYSVIPCSEMMAGIC;
368 atomic_add_int(&init_count_sysv_sem, 1);
369}
370
371static void
372mac_test_init_sysv_shm_label(struct label *label)
373{
374 SLOT(label) = SYSVIPCSHMMAGIC;
375 atomic_add_int(&init_count_sysv_shm, 1);
376}
377
378static int
379mac_test_init_ipq_label(struct label *label, int flag)
380{
381
382 if (flag & M_WAITOK)
383 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
384 "mac_test_init_ipq_label() at %s:%d", __FILE__,
385 __LINE__);
386
387 SLOT(label) = IPQMAGIC;
388 atomic_add_int(&init_count_ipq, 1);
389 return (0);
390}
391
392static int
393mac_test_init_mbuf_label(struct label *label, int flag)
394{
395
396 if (flag & M_WAITOK)
397 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
398 "mac_test_init_mbuf_label() at %s:%d", __FILE__,
399 __LINE__);
400
401 SLOT(label) = MBUFMAGIC;
402 atomic_add_int(&init_count_mbuf, 1);
403 return (0);
404}
405
406static void
407mac_test_init_mount_label(struct label *label)
408{
409
410 SLOT(label) = MOUNTMAGIC;
411 atomic_add_int(&init_count_mount, 1);
412}
413
414static void
415mac_test_init_mount_fs_label(struct label *label)
416{
417
418 SLOT(label) = MOUNTMAGIC;
419 atomic_add_int(&init_count_mount_fslabel, 1);
420}
421
422static int
423mac_test_init_socket_label(struct label *label, int flag)
424{
425
426 if (flag & M_WAITOK)
427 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
428 "mac_test_init_socket_label() at %s:%d", __FILE__,
429 __LINE__);
430
431 SLOT(label) = SOCKETMAGIC;
432 atomic_add_int(&init_count_socket, 1);
433 return (0);
434}
435
436static int
437mac_test_init_socket_peer_label(struct label *label, int flag)
438{
439
440 if (flag & M_WAITOK)
441 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
442 "mac_test_init_socket_peer_label() at %s:%d", __FILE__,
443 __LINE__);
444
445 SLOT(label) = SOCKETMAGIC;
446 atomic_add_int(&init_count_socket_peerlabel, 1);
447 return (0);
448}
449
450static void
451mac_test_init_pipe_label(struct label *label)
452{
453
454 SLOT(label) = PIPEMAGIC;
455 atomic_add_int(&init_count_pipe, 1);
456}
457
458static void
459mac_test_init_posix_sem_label(struct label *label)
460{
461
462 SLOT(label) = POSIXSEMMAGIC;
463 atomic_add_int(&init_count_posixsems, 1);
464}
465
466static void
467mac_test_init_proc_label(struct label *label)
468{
469
470 SLOT(label) = PROCMAGIC;
471 atomic_add_int(&init_count_proc, 1);
472}
473
474static void
475mac_test_init_vnode_label(struct label *label)
476{
477
478 SLOT(label) = VNODEMAGIC;
479 atomic_add_int(&init_count_vnode, 1);
480}
481
482static void
483mac_test_destroy_bpfdesc_label(struct label *label)
484{
485
486 if (SLOT(label) == BPFMAGIC || SLOT(label) == 0) {
487 atomic_add_int(&destroy_count_bpfdesc, 1);
488 SLOT(label) = EXMAGIC;
489 } else if (SLOT(label) == EXMAGIC) {
490 DEBUGGER("mac_test_destroy_bpfdesc: dup destroy");
491 } else {
492 DEBUGGER("mac_test_destroy_bpfdesc: corrupted label");
493 }
494}
495
496static void
497mac_test_destroy_cred_label(struct label *label)
498{
499
500 if (SLOT(label) == CREDMAGIC || SLOT(label) == 0) {
501 atomic_add_int(&destroy_count_cred, 1);
502 SLOT(label) = EXMAGIC;
503 } else if (SLOT(label) == EXMAGIC) {
504 DEBUGGER("mac_test_destroy_cred: dup destroy");
505 } else {
506 DEBUGGER("mac_test_destroy_cred: corrupted label");
507 }
508}
509
510static void
511mac_test_destroy_devfsdirent_label(struct label *label)
512{
513
514 if (SLOT(label) == DEVFSMAGIC || SLOT(label) == 0) {
515 atomic_add_int(&destroy_count_devfsdirent, 1);
516 SLOT(label) = EXMAGIC;
517 } else if (SLOT(label) == EXMAGIC) {
518 DEBUGGER("mac_test_destroy_devfsdirent: dup destroy");
519 } else {
520 DEBUGGER("mac_test_destroy_devfsdirent: corrupted label");
521 }
522}
523
524static void
525mac_test_destroy_ifnet_label(struct label *label)
526{
527
528 if (SLOT(label) == IFNETMAGIC || SLOT(label) == 0) {
529 atomic_add_int(&destroy_count_ifnet, 1);
530 SLOT(label) = EXMAGIC;
531 } else if (SLOT(label) == EXMAGIC) {
532 DEBUGGER("mac_test_destroy_ifnet: dup destroy");
533 } else {
534 DEBUGGER("mac_test_destroy_ifnet: corrupted label");
535 }
536}
537
538static void
539mac_test_destroy_inpcb_label(struct label *label)
540{
541
542 if (SLOT(label) == INPCBMAGIC || SLOT(label) == 0) {
543 atomic_add_int(&destroy_count_inpcb, 1);
544 SLOT(label) = EXMAGIC;
545 } else if (SLOT(label) == EXMAGIC) {
546 DEBUGGER("mac_test_destroy_inpcb: dup destroy");
547 } else {
548 DEBUGGER("mac_test_destroy_inpcb: corrupted label");
549 }
550}
551
552static void
553mac_test_destroy_sysv_msgmsg_label(struct label *label)
554{
555
556 if (SLOT(label) == SYSVIPCMSGMAGIC || SLOT(label) == 0) {
557 atomic_add_int(&destroy_count_sysv_msg, 1);
558 SLOT(label) = EXMAGIC;
559 } else if (SLOT(label) == EXMAGIC) {
560 DEBUGGER("mac_test_destroy_sysv_msgmsg_label: dup destroy");
561 } else {
562 DEBUGGER(
563 "mac_test_destroy_sysv_msgmsg_label: corrupted label");
564 }
565}
566
567static void
568mac_test_destroy_sysv_msgqueue_label(struct label *label)
569{
570
571 if (SLOT(label) == SYSVIPCMSQMAGIC || SLOT(label) == 0) {
572 atomic_add_int(&destroy_count_sysv_msq, 1);
573 SLOT(label) = EXMAGIC;
574 } else if (SLOT(label) == EXMAGIC) {
575 DEBUGGER("mac_test_destroy_sysv_msgqueue_label: dup destroy");
576 } else {
577 DEBUGGER(
578 "mac_test_destroy_sysv_msgqueue_label: corrupted label");
579 }
580}
581
582static void
583mac_test_destroy_sysv_sem_label(struct label *label)
584{
585
586 if (SLOT(label) == SYSVIPCSEMMAGIC || SLOT(label) == 0) {
587 atomic_add_int(&destroy_count_sysv_sem, 1);
588 SLOT(label) = EXMAGIC;
589 } else if (SLOT(label) == EXMAGIC) {
590 DEBUGGER("mac_test_destroy_sysv_sem_label: dup destroy");
591 } else {
592 DEBUGGER("mac_test_destroy_sysv_sem_label: corrupted label");
593 }
594}
595
596static void
597mac_test_destroy_sysv_shm_label(struct label *label)
598{
599
600 if (SLOT(label) == SYSVIPCSHMMAGIC || SLOT(label) == 0) {
601 atomic_add_int(&destroy_count_sysv_shm, 1);
602 SLOT(label) = EXMAGIC;
603 } else if (SLOT(label) == EXMAGIC) {
604 DEBUGGER("mac_test_destroy_sysv_shm_label: dup destroy");
605 } else {
606 DEBUGGER("mac_test_destroy_sysv_shm_label: corrupted label");
607 }
608}
609
610static void
611mac_test_destroy_ipq_label(struct label *label)
612{
613
614 if (SLOT(label) == IPQMAGIC || SLOT(label) == 0) {
615 atomic_add_int(&destroy_count_ipq, 1);
616 SLOT(label) = EXMAGIC;
617 } else if (SLOT(label) == EXMAGIC) {
618 DEBUGGER("mac_test_destroy_ipq: dup destroy");
619 } else {
620 DEBUGGER("mac_test_destroy_ipq: corrupted label");
621 }
622}
623
624static void
--- 5 unchanged lines hidden (view full) ---
630 * didn't have label storage allocated for them. Handle this
631 * gracefully.
632 */
633 if (label == NULL)
634 return;
635
636 if (SLOT(label) == MBUFMAGIC || SLOT(label) == 0) {
637 atomic_add_int(&destroy_count_mbuf, 1);
638 SLOT(label) = EXMAGIC;
639 } else if (SLOT(label) == EXMAGIC) {
640 DEBUGGER("mac_test_destroy_mbuf: dup destroy");
641 } else {
642 DEBUGGER("mac_test_destroy_mbuf: corrupted label");
643 }
644}
645
646static void
647mac_test_destroy_mount_label(struct label *label)
648{
649
650 if ((SLOT(label) == MOUNTMAGIC || SLOT(label) == 0)) {
651 atomic_add_int(&destroy_count_mount, 1);
652 SLOT(label) = EXMAGIC;
653 } else if (SLOT(label) == EXMAGIC) {
654 DEBUGGER("mac_test_destroy_mount: dup destroy");
655 } else {
656 DEBUGGER("mac_test_destroy_mount: corrupted label");
657 }
658}
659
660static void
661mac_test_destroy_mount_fs_label(struct label *label)
662{
663
664 if ((SLOT(label) == MOUNTMAGIC || SLOT(label) == 0)) {
665 atomic_add_int(&destroy_count_mount_fslabel, 1);
666 SLOT(label) = EXMAGIC;
667 } else if (SLOT(label) == EXMAGIC) {
668 DEBUGGER("mac_test_destroy_mount_fslabel: dup destroy");
669 } else {
670 DEBUGGER("mac_test_destroy_mount_fslabel: corrupted label");
671 }
672}
673
674static void
675mac_test_destroy_socket_label(struct label *label)
676{
677
678 if ((SLOT(label) == SOCKETMAGIC || SLOT(label) == 0)) {
679 atomic_add_int(&destroy_count_socket, 1);
680 SLOT(label) = EXMAGIC;
681 } else if (SLOT(label) == EXMAGIC) {
682 DEBUGGER("mac_test_destroy_socket: dup destroy");
683 } else {
684 DEBUGGER("mac_test_destroy_socket: corrupted label");
685 }
686}
687
688static void
689mac_test_destroy_socket_peer_label(struct label *label)
690{
691
692 if ((SLOT(label) == SOCKETMAGIC || SLOT(label) == 0)) {
693 atomic_add_int(&destroy_count_socket_peerlabel, 1);
694 SLOT(label) = EXMAGIC;
695 } else if (SLOT(label) == EXMAGIC) {
696 DEBUGGER("mac_test_destroy_socket_peerlabel: dup destroy");
697 } else {
698 DEBUGGER("mac_test_destroy_socket_peerlabel: corrupted label");
699 }
700}
701
702static void
703mac_test_destroy_pipe_label(struct label *label)
704{
705
706 if ((SLOT(label) == PIPEMAGIC || SLOT(label) == 0)) {
707 atomic_add_int(&destroy_count_pipe, 1);
708 SLOT(label) = EXMAGIC;
709 } else if (SLOT(label) == EXMAGIC) {
710 DEBUGGER("mac_test_destroy_pipe: dup destroy");
711 } else {
712 DEBUGGER("mac_test_destroy_pipe: corrupted label");
713 }
714}
715
716static void
717mac_test_destroy_posix_sem_label(struct label *label)
718{
719
720 if ((SLOT(label) == POSIXSEMMAGIC || SLOT(label) == 0)) {
721 atomic_add_int(&destroy_count_posixsems, 1);
722 SLOT(label) = EXMAGIC;
723 } else if (SLOT(label) == EXMAGIC) {
724 DEBUGGER("mac_test_destroy_posix_sem: dup destroy");
725 } else {
726 DEBUGGER("mac_test_destroy_posix_sem: corrupted label");
727 }
728}
729
730static void
731mac_test_destroy_proc_label(struct label *label)
732{
733
734 if ((SLOT(label) == PROCMAGIC || SLOT(label) == 0)) {
735 atomic_add_int(&destroy_count_proc, 1);
736 SLOT(label) = EXMAGIC;
737 } else if (SLOT(label) == EXMAGIC) {
738 DEBUGGER("mac_test_destroy_proc: dup destroy");
739 } else {
740 DEBUGGER("mac_test_destroy_proc: corrupted label");
741 }
742}
743
744static void
745mac_test_destroy_vnode_label(struct label *label)
746{
747
748 if (SLOT(label) == VNODEMAGIC || SLOT(label) == 0) {
749 atomic_add_int(&destroy_count_vnode, 1);
750 SLOT(label) = EXMAGIC;
751 } else if (SLOT(label) == EXMAGIC) {
752 DEBUGGER("mac_test_destroy_vnode: dup destroy");
753 } else {
754 DEBUGGER("mac_test_destroy_vnode: corrupted label");
755 }
756}
757
758static void
--- 1855 unchanged lines hidden ---