| mac_test.c (166531) | mac_test.c (166533) |
|---|---|
| 1/*- | 1/*- |
| 2 * Copyright (c) 1999-2002 Robert N. M. Watson | 2 * Copyright (c) 1999-2002, 2007 Robert N. M. Watson |
| 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by McAfee 9 * Research, the Security Research Division of McAfee, Inc. under 10 * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA --- 15 unchanged lines hidden (view full) --- 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * | 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by McAfee 9 * Research, the Security Research Division of McAfee, Inc. under 10 * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA --- 15 unchanged lines hidden (view full) --- 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * |
| 34 * $FreeBSD: head/sys/security/mac_test/mac_test.c 166531 2007-02-06 10:59:23Z rwatson $ | 34 * $FreeBSD: head/sys/security/mac_test/mac_test.c 166533 2007-02-06 14:19:25Z rwatson $ |
| 35 */ 36 37/* 38 * Developed by the TrustedBSD Project. 39 * Generic mandatory access module that does nothing. 40 */ 41 42#include <sys/types.h> --- 54 unchanged lines hidden (view full) --- 97#define SYSVIPCSHMMAGIC 0x76119ab0 98#define PIPEMAGIC 0xdc6c9919 99#define POSIXSEMMAGIC 0x78ae980c 100#define PROCMAGIC 0x3b4be98f 101#define CREDMAGIC 0x9a5a4987 102#define VNODEMAGIC 0x1a67a45c 103#define EXMAGIC 0x849ba1fd 104 | 35 */ 36 37/* 38 * Developed by the TrustedBSD Project. 39 * Generic mandatory access module that does nothing. 40 */ 41 42#include <sys/types.h> --- 54 unchanged lines hidden (view full) --- 97#define SYSVIPCSHMMAGIC 0x76119ab0 98#define PIPEMAGIC 0xdc6c9919 99#define POSIXSEMMAGIC 0x78ae980c 100#define PROCMAGIC 0x3b4be98f 101#define CREDMAGIC 0x9a5a4987 102#define VNODEMAGIC 0x1a67a45c 103#define EXMAGIC 0x849ba1fd 104 |
| 105#define SLOT(x) LABEL_TO_SLOT((x), test_slot).l_long | 105#define SLOT(x) mac_label_get((x), test_slot) 106#define SLOT_SET(x, v) mac_label_set((x), test_slot, (v)) |
| 106 107#define ASSERT_BPF_LABEL(x) KASSERT(SLOT(x) == BPFMAGIC || \ 108 SLOT(x) == 0, ("%s: Bad BPF label", __func__ )) 109#define ASSERT_DEVFS_LABEL(x) KASSERT(SLOT(x) == DEVFSMAGIC || \ 110 SLOT(x) == 0, ("%s: Bad DEVFS label", __func__ )) 111#define ASSERT_IFNET_LABEL(x) KASSERT(SLOT(x) == IFNETMAGIC || \ 112 SLOT(x) == 0, ("%s: Bad IFNET label", __func__ )) 113#define ASSERT_INPCB_LABEL(x) KASSERT(SLOT(x) == INPCBMAGIC || \ --- 186 unchanged lines hidden (view full) --- 300 301/* 302 * Label operations. 303 */ 304static void 305mac_test_init_bpfdesc_label(struct label *label) 306{ 307 | 107 108#define ASSERT_BPF_LABEL(x) KASSERT(SLOT(x) == BPFMAGIC || \ 109 SLOT(x) == 0, ("%s: Bad BPF label", __func__ )) 110#define ASSERT_DEVFS_LABEL(x) KASSERT(SLOT(x) == DEVFSMAGIC || \ 111 SLOT(x) == 0, ("%s: Bad DEVFS label", __func__ )) 112#define ASSERT_IFNET_LABEL(x) KASSERT(SLOT(x) == IFNETMAGIC || \ 113 SLOT(x) == 0, ("%s: Bad IFNET label", __func__ )) 114#define ASSERT_INPCB_LABEL(x) KASSERT(SLOT(x) == INPCBMAGIC || \ --- 186 unchanged lines hidden (view full) --- 301 302/* 303 * Label operations. 304 */ 305static void 306mac_test_init_bpfdesc_label(struct label *label) 307{ 308 |
| 308 SLOT(label) = BPFMAGIC; | 309 SLOT_SET(label, BPFMAGIC); |
| 309 atomic_add_int(&init_count_bpfdesc, 1); 310} 311 312static void 313mac_test_init_cred_label(struct label *label) 314{ 315 | 310 atomic_add_int(&init_count_bpfdesc, 1); 311} 312 313static void 314mac_test_init_cred_label(struct label *label) 315{ 316 |
| 316 SLOT(label) = CREDMAGIC; | 317 SLOT_SET(label, CREDMAGIC); |
| 317 atomic_add_int(&init_count_cred, 1); 318} 319 320static void 321mac_test_init_devfsdirent_label(struct label *label) 322{ 323 | 318 atomic_add_int(&init_count_cred, 1); 319} 320 321static void 322mac_test_init_devfsdirent_label(struct label *label) 323{ 324 |
| 324 SLOT(label) = DEVFSMAGIC; | 325 SLOT_SET(label, DEVFSMAGIC); |
| 325 atomic_add_int(&init_count_devfsdirent, 1); 326} 327 328static void 329mac_test_init_ifnet_label(struct label *label) 330{ 331 | 326 atomic_add_int(&init_count_devfsdirent, 1); 327} 328 329static void 330mac_test_init_ifnet_label(struct label *label) 331{ 332 |
| 332 SLOT(label) = IFNETMAGIC; | 333 SLOT_SET(label, IFNETMAGIC); |
| 333 atomic_add_int(&init_count_ifnet, 1); 334} 335 336static int 337mac_test_init_inpcb_label(struct label *label, int flag) 338{ 339 340 if (flag & M_WAITOK) 341 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, 342 "mac_test_init_inpcb_label() at %s:%d", __FILE__, 343 __LINE__); 344 | 334 atomic_add_int(&init_count_ifnet, 1); 335} 336 337static int 338mac_test_init_inpcb_label(struct label *label, int flag) 339{ 340 341 if (flag & M_WAITOK) 342 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, 343 "mac_test_init_inpcb_label() at %s:%d", __FILE__, 344 __LINE__); 345 |
| 345 SLOT(label) = INPCBMAGIC; | 346 SLOT_SET(label, INPCBMAGIC); |
| 346 atomic_add_int(&init_count_inpcb, 1); 347 return (0); 348} 349 350static void 351mac_test_init_sysv_msgmsg_label(struct label *label) 352{ | 347 atomic_add_int(&init_count_inpcb, 1); 348 return (0); 349} 350 351static void 352mac_test_init_sysv_msgmsg_label(struct label *label) 353{ |
| 353 SLOT(label) = SYSVIPCMSGMAGIC; | 354 SLOT_SET(label, SYSVIPCMSGMAGIC); |
| 354 atomic_add_int(&init_count_sysv_msg, 1); 355} 356 357static void 358mac_test_init_sysv_msgqueue_label(struct label *label) 359{ | 355 atomic_add_int(&init_count_sysv_msg, 1); 356} 357 358static void 359mac_test_init_sysv_msgqueue_label(struct label *label) 360{ |
| 360 SLOT(label) = SYSVIPCMSQMAGIC; | 361 SLOT_SET(label, SYSVIPCMSQMAGIC); |
| 361 atomic_add_int(&init_count_sysv_msq, 1); 362} 363 364static void 365mac_test_init_sysv_sem_label(struct label *label) 366{ | 362 atomic_add_int(&init_count_sysv_msq, 1); 363} 364 365static void 366mac_test_init_sysv_sem_label(struct label *label) 367{ |
| 367 SLOT(label) = SYSVIPCSEMMAGIC; | 368 SLOT_SET(label, SYSVIPCSEMMAGIC); |
| 368 atomic_add_int(&init_count_sysv_sem, 1); 369} 370 371static void 372mac_test_init_sysv_shm_label(struct label *label) 373{ | 369 atomic_add_int(&init_count_sysv_sem, 1); 370} 371 372static void 373mac_test_init_sysv_shm_label(struct label *label) 374{ |
| 374 SLOT(label) = SYSVIPCSHMMAGIC; | 375 SLOT_SET(label, SYSVIPCSHMMAGIC); |
| 375 atomic_add_int(&init_count_sysv_shm, 1); 376} 377 378static int 379mac_test_init_ipq_label(struct label *label, int flag) 380{ 381 382 if (flag & M_WAITOK) 383 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, 384 "mac_test_init_ipq_label() at %s:%d", __FILE__, 385 __LINE__); 386 | 376 atomic_add_int(&init_count_sysv_shm, 1); 377} 378 379static int 380mac_test_init_ipq_label(struct label *label, int flag) 381{ 382 383 if (flag & M_WAITOK) 384 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, 385 "mac_test_init_ipq_label() at %s:%d", __FILE__, 386 __LINE__); 387 |
| 387 SLOT(label) = IPQMAGIC; | 388 SLOT_SET(label, IPQMAGIC); |
| 388 atomic_add_int(&init_count_ipq, 1); 389 return (0); 390} 391 392static int 393mac_test_init_mbuf_label(struct label *label, int flag) 394{ 395 396 if (flag & M_WAITOK) 397 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, 398 "mac_test_init_mbuf_label() at %s:%d", __FILE__, 399 __LINE__); 400 | 389 atomic_add_int(&init_count_ipq, 1); 390 return (0); 391} 392 393static int 394mac_test_init_mbuf_label(struct label *label, int flag) 395{ 396 397 if (flag & M_WAITOK) 398 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, 399 "mac_test_init_mbuf_label() at %s:%d", __FILE__, 400 __LINE__); 401 |
| 401 SLOT(label) = MBUFMAGIC; | 402 SLOT_SET(label, MBUFMAGIC); |
| 402 atomic_add_int(&init_count_mbuf, 1); 403 return (0); 404} 405 406static void 407mac_test_init_mount_label(struct label *label) 408{ 409 | 403 atomic_add_int(&init_count_mbuf, 1); 404 return (0); 405} 406 407static void 408mac_test_init_mount_label(struct label *label) 409{ 410 |
| 410 SLOT(label) = MOUNTMAGIC; | 411 SLOT_SET(label, MOUNTMAGIC); |
| 411 atomic_add_int(&init_count_mount, 1); 412} 413 414static void 415mac_test_init_mount_fs_label(struct label *label) 416{ 417 | 412 atomic_add_int(&init_count_mount, 1); 413} 414 415static void 416mac_test_init_mount_fs_label(struct label *label) 417{ 418 |
| 418 SLOT(label) = MOUNTMAGIC; | 419 SLOT_SET(label, MOUNTMAGIC); |
| 419 atomic_add_int(&init_count_mount_fslabel, 1); 420} 421 422static int 423mac_test_init_socket_label(struct label *label, int flag) 424{ 425 426 if (flag & M_WAITOK) 427 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, 428 "mac_test_init_socket_label() at %s:%d", __FILE__, 429 __LINE__); 430 | 420 atomic_add_int(&init_count_mount_fslabel, 1); 421} 422 423static int 424mac_test_init_socket_label(struct label *label, int flag) 425{ 426 427 if (flag & M_WAITOK) 428 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, 429 "mac_test_init_socket_label() at %s:%d", __FILE__, 430 __LINE__); 431 |
| 431 SLOT(label) = SOCKETMAGIC; | 432 SLOT_SET(label, SOCKETMAGIC); |
| 432 atomic_add_int(&init_count_socket, 1); 433 return (0); 434} 435 436static int 437mac_test_init_socket_peer_label(struct label *label, int flag) 438{ 439 440 if (flag & M_WAITOK) 441 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, 442 "mac_test_init_socket_peer_label() at %s:%d", __FILE__, 443 __LINE__); 444 | 433 atomic_add_int(&init_count_socket, 1); 434 return (0); 435} 436 437static int 438mac_test_init_socket_peer_label(struct label *label, int flag) 439{ 440 441 if (flag & M_WAITOK) 442 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, 443 "mac_test_init_socket_peer_label() at %s:%d", __FILE__, 444 __LINE__); 445 |
| 445 SLOT(label) = SOCKETMAGIC; | 446 SLOT_SET(label, SOCKETMAGIC); |
| 446 atomic_add_int(&init_count_socket_peerlabel, 1); 447 return (0); 448} 449 450static void 451mac_test_init_pipe_label(struct label *label) 452{ 453 | 447 atomic_add_int(&init_count_socket_peerlabel, 1); 448 return (0); 449} 450 451static void 452mac_test_init_pipe_label(struct label *label) 453{ 454 |
| 454 SLOT(label) = PIPEMAGIC; | 455 SLOT_SET(label, PIPEMAGIC); |
| 455 atomic_add_int(&init_count_pipe, 1); 456} 457 458static void 459mac_test_init_posix_sem_label(struct label *label) 460{ 461 | 456 atomic_add_int(&init_count_pipe, 1); 457} 458 459static void 460mac_test_init_posix_sem_label(struct label *label) 461{ 462 |
| 462 SLOT(label) = POSIXSEMMAGIC; | 463 SLOT_SET(label, POSIXSEMMAGIC); |
| 463 atomic_add_int(&init_count_posixsems, 1); 464} 465 466static void 467mac_test_init_proc_label(struct label *label) 468{ 469 | 464 atomic_add_int(&init_count_posixsems, 1); 465} 466 467static void 468mac_test_init_proc_label(struct label *label) 469{ 470 |
| 470 SLOT(label) = PROCMAGIC; | 471 SLOT_SET(label, PROCMAGIC); |
| 471 atomic_add_int(&init_count_proc, 1); 472} 473 474static void 475mac_test_init_vnode_label(struct label *label) 476{ 477 | 472 atomic_add_int(&init_count_proc, 1); 473} 474 475static void 476mac_test_init_vnode_label(struct label *label) 477{ 478 |
| 478 SLOT(label) = VNODEMAGIC; | 479 SLOT_SET(label, VNODEMAGIC); |
| 479 atomic_add_int(&init_count_vnode, 1); 480} 481 482static void 483mac_test_destroy_bpfdesc_label(struct label *label) 484{ 485 486 if (SLOT(label) == BPFMAGIC || SLOT(label) == 0) { 487 atomic_add_int(&destroy_count_bpfdesc, 1); | 480 atomic_add_int(&init_count_vnode, 1); 481} 482 483static void 484mac_test_destroy_bpfdesc_label(struct label *label) 485{ 486 487 if (SLOT(label) == BPFMAGIC || SLOT(label) == 0) { 488 atomic_add_int(&destroy_count_bpfdesc, 1); |
| 488 SLOT(label) = EXMAGIC; | 489 SLOT_SET(label, EXMAGIC); |
| 489 } else if (SLOT(label) == EXMAGIC) { 490 DEBUGGER("mac_test_destroy_bpfdesc: dup destroy"); 491 } else { 492 DEBUGGER("mac_test_destroy_bpfdesc: corrupted label"); 493 } 494} 495 496static void 497mac_test_destroy_cred_label(struct label *label) 498{ 499 500 if (SLOT(label) == CREDMAGIC || SLOT(label) == 0) { 501 atomic_add_int(&destroy_count_cred, 1); | 490 } else if (SLOT(label) == EXMAGIC) { 491 DEBUGGER("mac_test_destroy_bpfdesc: dup destroy"); 492 } else { 493 DEBUGGER("mac_test_destroy_bpfdesc: corrupted label"); 494 } 495} 496 497static void 498mac_test_destroy_cred_label(struct label *label) 499{ 500 501 if (SLOT(label) == CREDMAGIC || SLOT(label) == 0) { 502 atomic_add_int(&destroy_count_cred, 1); |
| 502 SLOT(label) = EXMAGIC; | 503 SLOT_SET(label, EXMAGIC); |
| 503 } else if (SLOT(label) == EXMAGIC) { 504 DEBUGGER("mac_test_destroy_cred: dup destroy"); 505 } else { 506 DEBUGGER("mac_test_destroy_cred: corrupted label"); 507 } 508} 509 510static void 511mac_test_destroy_devfsdirent_label(struct label *label) 512{ 513 514 if (SLOT(label) == DEVFSMAGIC || SLOT(label) == 0) { 515 atomic_add_int(&destroy_count_devfsdirent, 1); | 504 } else if (SLOT(label) == EXMAGIC) { 505 DEBUGGER("mac_test_destroy_cred: dup destroy"); 506 } else { 507 DEBUGGER("mac_test_destroy_cred: corrupted label"); 508 } 509} 510 511static void 512mac_test_destroy_devfsdirent_label(struct label *label) 513{ 514 515 if (SLOT(label) == DEVFSMAGIC || SLOT(label) == 0) { 516 atomic_add_int(&destroy_count_devfsdirent, 1); |
| 516 SLOT(label) = EXMAGIC; | 517 SLOT_SET(label, EXMAGIC); |
| 517 } else if (SLOT(label) == EXMAGIC) { 518 DEBUGGER("mac_test_destroy_devfsdirent: dup destroy"); 519 } else { 520 DEBUGGER("mac_test_destroy_devfsdirent: corrupted label"); 521 } 522} 523 524static void 525mac_test_destroy_ifnet_label(struct label *label) 526{ 527 528 if (SLOT(label) == IFNETMAGIC || SLOT(label) == 0) { 529 atomic_add_int(&destroy_count_ifnet, 1); | 518 } else if (SLOT(label) == EXMAGIC) { 519 DEBUGGER("mac_test_destroy_devfsdirent: dup destroy"); 520 } else { 521 DEBUGGER("mac_test_destroy_devfsdirent: corrupted label"); 522 } 523} 524 525static void 526mac_test_destroy_ifnet_label(struct label *label) 527{ 528 529 if (SLOT(label) == IFNETMAGIC || SLOT(label) == 0) { 530 atomic_add_int(&destroy_count_ifnet, 1); |
| 530 SLOT(label) = EXMAGIC; | 531 SLOT_SET(label, EXMAGIC); |
| 531 } else if (SLOT(label) == EXMAGIC) { 532 DEBUGGER("mac_test_destroy_ifnet: dup destroy"); 533 } else { 534 DEBUGGER("mac_test_destroy_ifnet: corrupted label"); 535 } 536} 537 538static void 539mac_test_destroy_inpcb_label(struct label *label) 540{ 541 542 if (SLOT(label) == INPCBMAGIC || SLOT(label) == 0) { 543 atomic_add_int(&destroy_count_inpcb, 1); | 532 } else if (SLOT(label) == EXMAGIC) { 533 DEBUGGER("mac_test_destroy_ifnet: dup destroy"); 534 } else { 535 DEBUGGER("mac_test_destroy_ifnet: corrupted label"); 536 } 537} 538 539static void 540mac_test_destroy_inpcb_label(struct label *label) 541{ 542 543 if (SLOT(label) == INPCBMAGIC || SLOT(label) == 0) { 544 atomic_add_int(&destroy_count_inpcb, 1); |
| 544 SLOT(label) = EXMAGIC; | 545 SLOT_SET(label, EXMAGIC); |
| 545 } else if (SLOT(label) == EXMAGIC) { 546 DEBUGGER("mac_test_destroy_inpcb: dup destroy"); 547 } else { 548 DEBUGGER("mac_test_destroy_inpcb: corrupted label"); 549 } 550} 551 552static void 553mac_test_destroy_sysv_msgmsg_label(struct label *label) 554{ 555 556 if (SLOT(label) == SYSVIPCMSGMAGIC || SLOT(label) == 0) { 557 atomic_add_int(&destroy_count_sysv_msg, 1); | 546 } else if (SLOT(label) == EXMAGIC) { 547 DEBUGGER("mac_test_destroy_inpcb: dup destroy"); 548 } else { 549 DEBUGGER("mac_test_destroy_inpcb: corrupted label"); 550 } 551} 552 553static void 554mac_test_destroy_sysv_msgmsg_label(struct label *label) 555{ 556 557 if (SLOT(label) == SYSVIPCMSGMAGIC || SLOT(label) == 0) { 558 atomic_add_int(&destroy_count_sysv_msg, 1); |
| 558 SLOT(label) = EXMAGIC; | 559 SLOT_SET(label, EXMAGIC); |
| 559 } else if (SLOT(label) == EXMAGIC) { 560 DEBUGGER("mac_test_destroy_sysv_msgmsg_label: dup destroy"); 561 } else { 562 DEBUGGER( 563 "mac_test_destroy_sysv_msgmsg_label: corrupted label"); 564 } 565} 566 567static void 568mac_test_destroy_sysv_msgqueue_label(struct label *label) 569{ 570 571 if (SLOT(label) == SYSVIPCMSQMAGIC || SLOT(label) == 0) { 572 atomic_add_int(&destroy_count_sysv_msq, 1); | 560 } else if (SLOT(label) == EXMAGIC) { 561 DEBUGGER("mac_test_destroy_sysv_msgmsg_label: dup destroy"); 562 } else { 563 DEBUGGER( 564 "mac_test_destroy_sysv_msgmsg_label: corrupted label"); 565 } 566} 567 568static void 569mac_test_destroy_sysv_msgqueue_label(struct label *label) 570{ 571 572 if (SLOT(label) == SYSVIPCMSQMAGIC || SLOT(label) == 0) { 573 atomic_add_int(&destroy_count_sysv_msq, 1); |
| 573 SLOT(label) = EXMAGIC; | 574 SLOT_SET(label, EXMAGIC); |
| 574 } else if (SLOT(label) == EXMAGIC) { 575 DEBUGGER("mac_test_destroy_sysv_msgqueue_label: dup destroy"); 576 } else { 577 DEBUGGER( 578 "mac_test_destroy_sysv_msgqueue_label: corrupted label"); 579 } 580} 581 582static void 583mac_test_destroy_sysv_sem_label(struct label *label) 584{ 585 586 if (SLOT(label) == SYSVIPCSEMMAGIC || SLOT(label) == 0) { 587 atomic_add_int(&destroy_count_sysv_sem, 1); | 575 } else if (SLOT(label) == EXMAGIC) { 576 DEBUGGER("mac_test_destroy_sysv_msgqueue_label: dup destroy"); 577 } else { 578 DEBUGGER( 579 "mac_test_destroy_sysv_msgqueue_label: corrupted label"); 580 } 581} 582 583static void 584mac_test_destroy_sysv_sem_label(struct label *label) 585{ 586 587 if (SLOT(label) == SYSVIPCSEMMAGIC || SLOT(label) == 0) { 588 atomic_add_int(&destroy_count_sysv_sem, 1); |
| 588 SLOT(label) = EXMAGIC; | 589 SLOT_SET(label, EXMAGIC); |
| 589 } else if (SLOT(label) == EXMAGIC) { 590 DEBUGGER("mac_test_destroy_sysv_sem_label: dup destroy"); 591 } else { 592 DEBUGGER("mac_test_destroy_sysv_sem_label: corrupted label"); 593 } 594} 595 596static void 597mac_test_destroy_sysv_shm_label(struct label *label) 598{ 599 600 if (SLOT(label) == SYSVIPCSHMMAGIC || SLOT(label) == 0) { 601 atomic_add_int(&destroy_count_sysv_shm, 1); | 590 } else if (SLOT(label) == EXMAGIC) { 591 DEBUGGER("mac_test_destroy_sysv_sem_label: dup destroy"); 592 } else { 593 DEBUGGER("mac_test_destroy_sysv_sem_label: corrupted label"); 594 } 595} 596 597static void 598mac_test_destroy_sysv_shm_label(struct label *label) 599{ 600 601 if (SLOT(label) == SYSVIPCSHMMAGIC || SLOT(label) == 0) { 602 atomic_add_int(&destroy_count_sysv_shm, 1); |
| 602 SLOT(label) = EXMAGIC; | 603 SLOT_SET(label, EXMAGIC); |
| 603 } else if (SLOT(label) == EXMAGIC) { 604 DEBUGGER("mac_test_destroy_sysv_shm_label: dup destroy"); 605 } else { 606 DEBUGGER("mac_test_destroy_sysv_shm_label: corrupted label"); 607 } 608} 609 610static void 611mac_test_destroy_ipq_label(struct label *label) 612{ 613 614 if (SLOT(label) == IPQMAGIC || SLOT(label) == 0) { 615 atomic_add_int(&destroy_count_ipq, 1); | 604 } else if (SLOT(label) == EXMAGIC) { 605 DEBUGGER("mac_test_destroy_sysv_shm_label: dup destroy"); 606 } else { 607 DEBUGGER("mac_test_destroy_sysv_shm_label: corrupted label"); 608 } 609} 610 611static void 612mac_test_destroy_ipq_label(struct label *label) 613{ 614 615 if (SLOT(label) == IPQMAGIC || SLOT(label) == 0) { 616 atomic_add_int(&destroy_count_ipq, 1); |
| 616 SLOT(label) = EXMAGIC; | 617 SLOT_SET(label, EXMAGIC); |
| 617 } else if (SLOT(label) == EXMAGIC) { 618 DEBUGGER("mac_test_destroy_ipq: dup destroy"); 619 } else { 620 DEBUGGER("mac_test_destroy_ipq: corrupted label"); 621 } 622} 623 624static void --- 5 unchanged lines hidden (view full) --- 630 * didn't have label storage allocated for them. Handle this 631 * gracefully. 632 */ 633 if (label == NULL) 634 return; 635 636 if (SLOT(label) == MBUFMAGIC || SLOT(label) == 0) { 637 atomic_add_int(&destroy_count_mbuf, 1); | 618 } else if (SLOT(label) == EXMAGIC) { 619 DEBUGGER("mac_test_destroy_ipq: dup destroy"); 620 } else { 621 DEBUGGER("mac_test_destroy_ipq: corrupted label"); 622 } 623} 624 625static void --- 5 unchanged lines hidden (view full) --- 631 * didn't have label storage allocated for them. Handle this 632 * gracefully. 633 */ 634 if (label == NULL) 635 return; 636 637 if (SLOT(label) == MBUFMAGIC || SLOT(label) == 0) { 638 atomic_add_int(&destroy_count_mbuf, 1); |
| 638 SLOT(label) = EXMAGIC; | 639 SLOT_SET(label, EXMAGIC); |
| 639 } else if (SLOT(label) == EXMAGIC) { 640 DEBUGGER("mac_test_destroy_mbuf: dup destroy"); 641 } else { 642 DEBUGGER("mac_test_destroy_mbuf: corrupted label"); 643 } 644} 645 646static void 647mac_test_destroy_mount_label(struct label *label) 648{ 649 650 if ((SLOT(label) == MOUNTMAGIC || SLOT(label) == 0)) { 651 atomic_add_int(&destroy_count_mount, 1); | 640 } else if (SLOT(label) == EXMAGIC) { 641 DEBUGGER("mac_test_destroy_mbuf: dup destroy"); 642 } else { 643 DEBUGGER("mac_test_destroy_mbuf: corrupted label"); 644 } 645} 646 647static void 648mac_test_destroy_mount_label(struct label *label) 649{ 650 651 if ((SLOT(label) == MOUNTMAGIC || SLOT(label) == 0)) { 652 atomic_add_int(&destroy_count_mount, 1); |
| 652 SLOT(label) = EXMAGIC; | 653 SLOT_SET(label, EXMAGIC); |
| 653 } else if (SLOT(label) == EXMAGIC) { 654 DEBUGGER("mac_test_destroy_mount: dup destroy"); 655 } else { 656 DEBUGGER("mac_test_destroy_mount: corrupted label"); 657 } 658} 659 660static void 661mac_test_destroy_mount_fs_label(struct label *label) 662{ 663 664 if ((SLOT(label) == MOUNTMAGIC || SLOT(label) == 0)) { 665 atomic_add_int(&destroy_count_mount_fslabel, 1); | 654 } else if (SLOT(label) == EXMAGIC) { 655 DEBUGGER("mac_test_destroy_mount: dup destroy"); 656 } else { 657 DEBUGGER("mac_test_destroy_mount: corrupted label"); 658 } 659} 660 661static void 662mac_test_destroy_mount_fs_label(struct label *label) 663{ 664 665 if ((SLOT(label) == MOUNTMAGIC || SLOT(label) == 0)) { 666 atomic_add_int(&destroy_count_mount_fslabel, 1); |
| 666 SLOT(label) = EXMAGIC; | 667 SLOT_SET(label, EXMAGIC); |
| 667 } else if (SLOT(label) == EXMAGIC) { 668 DEBUGGER("mac_test_destroy_mount_fslabel: dup destroy"); 669 } else { 670 DEBUGGER("mac_test_destroy_mount_fslabel: corrupted label"); 671 } 672} 673 674static void 675mac_test_destroy_socket_label(struct label *label) 676{ 677 678 if ((SLOT(label) == SOCKETMAGIC || SLOT(label) == 0)) { 679 atomic_add_int(&destroy_count_socket, 1); | 668 } else if (SLOT(label) == EXMAGIC) { 669 DEBUGGER("mac_test_destroy_mount_fslabel: dup destroy"); 670 } else { 671 DEBUGGER("mac_test_destroy_mount_fslabel: corrupted label"); 672 } 673} 674 675static void 676mac_test_destroy_socket_label(struct label *label) 677{ 678 679 if ((SLOT(label) == SOCKETMAGIC || SLOT(label) == 0)) { 680 atomic_add_int(&destroy_count_socket, 1); |
| 680 SLOT(label) = EXMAGIC; | 681 SLOT_SET(label, EXMAGIC); |
| 681 } else if (SLOT(label) == EXMAGIC) { 682 DEBUGGER("mac_test_destroy_socket: dup destroy"); 683 } else { 684 DEBUGGER("mac_test_destroy_socket: corrupted label"); 685 } 686} 687 688static void 689mac_test_destroy_socket_peer_label(struct label *label) 690{ 691 692 if ((SLOT(label) == SOCKETMAGIC || SLOT(label) == 0)) { 693 atomic_add_int(&destroy_count_socket_peerlabel, 1); | 682 } else if (SLOT(label) == EXMAGIC) { 683 DEBUGGER("mac_test_destroy_socket: dup destroy"); 684 } else { 685 DEBUGGER("mac_test_destroy_socket: corrupted label"); 686 } 687} 688 689static void 690mac_test_destroy_socket_peer_label(struct label *label) 691{ 692 693 if ((SLOT(label) == SOCKETMAGIC || SLOT(label) == 0)) { 694 atomic_add_int(&destroy_count_socket_peerlabel, 1); |
| 694 SLOT(label) = EXMAGIC; | 695 SLOT_SET(label, EXMAGIC); |
| 695 } else if (SLOT(label) == EXMAGIC) { 696 DEBUGGER("mac_test_destroy_socket_peerlabel: dup destroy"); 697 } else { 698 DEBUGGER("mac_test_destroy_socket_peerlabel: corrupted label"); 699 } 700} 701 702static void 703mac_test_destroy_pipe_label(struct label *label) 704{ 705 706 if ((SLOT(label) == PIPEMAGIC || SLOT(label) == 0)) { 707 atomic_add_int(&destroy_count_pipe, 1); | 696 } else if (SLOT(label) == EXMAGIC) { 697 DEBUGGER("mac_test_destroy_socket_peerlabel: dup destroy"); 698 } else { 699 DEBUGGER("mac_test_destroy_socket_peerlabel: corrupted label"); 700 } 701} 702 703static void 704mac_test_destroy_pipe_label(struct label *label) 705{ 706 707 if ((SLOT(label) == PIPEMAGIC || SLOT(label) == 0)) { 708 atomic_add_int(&destroy_count_pipe, 1); |
| 708 SLOT(label) = EXMAGIC; | 709 SLOT_SET(label, EXMAGIC); |
| 709 } else if (SLOT(label) == EXMAGIC) { 710 DEBUGGER("mac_test_destroy_pipe: dup destroy"); 711 } else { 712 DEBUGGER("mac_test_destroy_pipe: corrupted label"); 713 } 714} 715 716static void 717mac_test_destroy_posix_sem_label(struct label *label) 718{ 719 720 if ((SLOT(label) == POSIXSEMMAGIC || SLOT(label) == 0)) { 721 atomic_add_int(&destroy_count_posixsems, 1); | 710 } else if (SLOT(label) == EXMAGIC) { 711 DEBUGGER("mac_test_destroy_pipe: dup destroy"); 712 } else { 713 DEBUGGER("mac_test_destroy_pipe: corrupted label"); 714 } 715} 716 717static void 718mac_test_destroy_posix_sem_label(struct label *label) 719{ 720 721 if ((SLOT(label) == POSIXSEMMAGIC || SLOT(label) == 0)) { 722 atomic_add_int(&destroy_count_posixsems, 1); |
| 722 SLOT(label) = EXMAGIC; | 723 SLOT_SET(label, EXMAGIC); |
| 723 } else if (SLOT(label) == EXMAGIC) { 724 DEBUGGER("mac_test_destroy_posix_sem: dup destroy"); 725 } else { 726 DEBUGGER("mac_test_destroy_posix_sem: corrupted label"); 727 } 728} 729 730static void 731mac_test_destroy_proc_label(struct label *label) 732{ 733 734 if ((SLOT(label) == PROCMAGIC || SLOT(label) == 0)) { 735 atomic_add_int(&destroy_count_proc, 1); | 724 } else if (SLOT(label) == EXMAGIC) { 725 DEBUGGER("mac_test_destroy_posix_sem: dup destroy"); 726 } else { 727 DEBUGGER("mac_test_destroy_posix_sem: corrupted label"); 728 } 729} 730 731static void 732mac_test_destroy_proc_label(struct label *label) 733{ 734 735 if ((SLOT(label) == PROCMAGIC || SLOT(label) == 0)) { 736 atomic_add_int(&destroy_count_proc, 1); |
| 736 SLOT(label) = EXMAGIC; | 737 SLOT_SET(label, EXMAGIC); |
| 737 } else if (SLOT(label) == EXMAGIC) { 738 DEBUGGER("mac_test_destroy_proc: dup destroy"); 739 } else { 740 DEBUGGER("mac_test_destroy_proc: corrupted label"); 741 } 742} 743 744static void 745mac_test_destroy_vnode_label(struct label *label) 746{ 747 748 if (SLOT(label) == VNODEMAGIC || SLOT(label) == 0) { 749 atomic_add_int(&destroy_count_vnode, 1); | 738 } else if (SLOT(label) == EXMAGIC) { 739 DEBUGGER("mac_test_destroy_proc: dup destroy"); 740 } else { 741 DEBUGGER("mac_test_destroy_proc: corrupted label"); 742 } 743} 744 745static void 746mac_test_destroy_vnode_label(struct label *label) 747{ 748 749 if (SLOT(label) == VNODEMAGIC || SLOT(label) == 0) { 750 atomic_add_int(&destroy_count_vnode, 1); |
| 750 SLOT(label) = EXMAGIC; | 751 SLOT_SET(label, EXMAGIC); |
| 751 } else if (SLOT(label) == EXMAGIC) { 752 DEBUGGER("mac_test_destroy_vnode: dup destroy"); 753 } else { 754 DEBUGGER("mac_test_destroy_vnode: corrupted label"); 755 } 756} 757 758static void --- 1855 unchanged lines hidden --- | 752 } else if (SLOT(label) == EXMAGIC) { 753 DEBUGGER("mac_test_destroy_vnode: dup destroy"); 754 } else { 755 DEBUGGER("mac_test_destroy_vnode: corrupted label"); 756 } 757} 758 759static void --- 1855 unchanged lines hidden --- |