mac_test.c (174898) | mac_test.c (175164) |
---|---|
1/*- 2 * Copyright (c) 1999-2002, 2007 Robert N. M. Watson 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * Copyright (c) 2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * | 1/*- 2 * Copyright (c) 1999-2002, 2007 Robert N. M. Watson 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * Copyright (c) 2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * |
38 * $FreeBSD: head/sys/security/mac_test/mac_test.c 174898 2007-12-25 17:52:02Z rwatson $ | 38 * $FreeBSD: head/sys/security/mac_test/mac_test.c 175164 2008-01-08 21:58:16Z jhb $ |
39 */ 40 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * MAC Test policy - tests MAC Framework labeling by assigning object class 45 * magic numbers to each label and validates that each time an object label 46 * is passed into the policy, it has a consistent object type, catching --- 42 unchanged lines hidden (view full) --- 89#define MAGIC_SOCKET 0x9199c6cd 90#define MAGIC_SYNCACHE 0x7fb838a8 91#define MAGIC_SYSV_MSG 0x8bbba61e 92#define MAGIC_SYSV_MSQ 0xea672391 93#define MAGIC_SYSV_SEM 0x896e8a0b 94#define MAGIC_SYSV_SHM 0x76119ab0 95#define MAGIC_PIPE 0xdc6c9919 96#define MAGIC_POSIX_SEM 0x78ae980c | 39 */ 40 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * MAC Test policy - tests MAC Framework labeling by assigning object class 45 * magic numbers to each label and validates that each time an object label 46 * is passed into the policy, it has a consistent object type, catching --- 42 unchanged lines hidden (view full) --- 89#define MAGIC_SOCKET 0x9199c6cd 90#define MAGIC_SYNCACHE 0x7fb838a8 91#define MAGIC_SYSV_MSG 0x8bbba61e 92#define MAGIC_SYSV_MSQ 0xea672391 93#define MAGIC_SYSV_SEM 0x896e8a0b 94#define MAGIC_SYSV_SHM 0x76119ab0 95#define MAGIC_PIPE 0xdc6c9919 96#define MAGIC_POSIX_SEM 0x78ae980c |
97#define MAGIC_POSIX_SHM 0x4e853fc9 |
|
97#define MAGIC_PROC 0x3b4be98f 98#define MAGIC_CRED 0x9a5a4987 99#define MAGIC_VNODE 0x1a67a45c 100#define MAGIC_FREE 0x849ba1fd 101 102#define SLOT(x) mac_label_get((x), test_slot) 103#define SLOT_SET(x, v) mac_label_set((x), test_slot, (v)) 104 --- 1006 unchanged lines hidden (view full) --- 1111static void 1112test_posixsem_init_label(struct label *label) 1113{ 1114 1115 LABEL_INIT(label, MAGIC_POSIX_SEM); 1116 COUNTER_INC(posixsem_init_label); 1117} 1118 | 98#define MAGIC_PROC 0x3b4be98f 99#define MAGIC_CRED 0x9a5a4987 100#define MAGIC_VNODE 0x1a67a45c 101#define MAGIC_FREE 0x849ba1fd 102 103#define SLOT(x) mac_label_get((x), test_slot) 104#define SLOT_SET(x, v) mac_label_set((x), test_slot, (v)) 105 --- 1006 unchanged lines hidden (view full) --- 1112static void 1113test_posixsem_init_label(struct label *label) 1114{ 1115 1116 LABEL_INIT(label, MAGIC_POSIX_SEM); 1117 COUNTER_INC(posixsem_init_label); 1118} 1119 |
1120COUNTER_DECL(posixshm_check_mmap); 1121static int 1122test_posixshm_check_mmap(struct ucred *cred, struct shmfd *shmfd, 1123 struct label *shmfdlabel, int prot, int flags) 1124{ 1125 1126 LABEL_CHECK(cred->cr_label, MAGIC_CRED); 1127 LABEL_CHECK(shmfdlabel, MAGIC_POSIX_SHM); 1128 return (0); 1129} 1130 1131COUNTER_DECL(posixshm_check_open); 1132static int 1133test_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd, 1134 struct label *shmfdlabel) 1135{ 1136 1137 LABEL_CHECK(cred->cr_label, MAGIC_CRED); 1138 LABEL_CHECK(shmfdlabel, MAGIC_POSIX_SHM); 1139 return (0); 1140} 1141 1142COUNTER_DECL(posixshm_check_stat); 1143static int 1144test_posixshm_check_stat(struct ucred *active_cred, 1145 struct ucred *file_cred, struct shmfd *shmfd, struct label *shmfdlabel) 1146{ 1147 1148 LABEL_CHECK(active_cred->cr_label, MAGIC_CRED); 1149 LABEL_CHECK(file_cred->cr_label, MAGIC_CRED); 1150 LABEL_CHECK(shmfdlabel, MAGIC_POSIX_SHM); 1151 return (0); 1152} 1153 1154COUNTER_DECL(posixshm_check_truncate); 1155static int 1156test_posixshm_check_truncate(struct ucred *active_cred, 1157 struct ucred *file_cred, struct shmfd *shmfd, struct label *shmfdlabel) 1158{ 1159 1160 LABEL_CHECK(active_cred->cr_label, MAGIC_CRED); 1161 LABEL_CHECK(file_cred->cr_label, MAGIC_CRED); 1162 LABEL_CHECK(shmfdlabel, MAGIC_POSIX_SHM); 1163 return (0); 1164} 1165 1166COUNTER_DECL(posixshm_check_unlink); 1167static int 1168test_posixshm_check_unlink(struct ucred *cred, struct shmfd *shmfd, 1169 struct label *shmfdlabel) 1170{ 1171 1172 LABEL_CHECK(cred->cr_label, MAGIC_CRED); 1173 LABEL_CHECK(shmfdlabel, MAGIC_POSIX_SHM); 1174 return (0); 1175} 1176 1177COUNTER_DECL(posixshm_create); 1178static void 1179test_posixshm_create(struct ucred *cred, struct shmfd *shmfd, 1180 struct label *shmfdlabel) 1181{ 1182 1183 LABEL_CHECK(cred->cr_label, MAGIC_CRED); 1184 LABEL_CHECK(shmfdlabel, MAGIC_POSIX_SHM); 1185 COUNTER_INC(posixshm_create); 1186} 1187 1188COUNTER_DECL(posixshm_destroy_label); 1189static void 1190test_posixshm_destroy_label(struct label *label) 1191{ 1192 1193 LABEL_DESTROY(label, MAGIC_POSIX_SHM); 1194 COUNTER_INC(posixshm_destroy_label); 1195} 1196 1197COUNTER_DECL(posixshm_init_label); 1198static void 1199test_posixshm_init_label(struct label *label) 1200{ 1201 1202 LABEL_INIT(label, MAGIC_POSIX_SHM); 1203 COUNTER_INC(posixshm_init_label); 1204} 1205 |
|
1119COUNTER_DECL(proc_check_debug); 1120static int 1121test_proc_check_debug(struct ucred *cred, struct proc *p) 1122{ 1123 1124 LABEL_CHECK(cred->cr_label, MAGIC_CRED); 1125 LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED); 1126 COUNTER_INC(proc_check_debug); --- 1677 unchanged lines hidden (view full) --- 2804 .mpo_posixsem_check_open = test_posixsem_check_open, 2805 .mpo_posixsem_check_post = test_posixsem_check_post, 2806 .mpo_posixsem_check_unlink = test_posixsem_check_unlink, 2807 .mpo_posixsem_check_wait = test_posixsem_check_wait, 2808 .mpo_posixsem_create = test_posixsem_create, 2809 .mpo_posixsem_destroy_label = test_posixsem_destroy_label, 2810 .mpo_posixsem_init_label = test_posixsem_init_label, 2811 | 1206COUNTER_DECL(proc_check_debug); 1207static int 1208test_proc_check_debug(struct ucred *cred, struct proc *p) 1209{ 1210 1211 LABEL_CHECK(cred->cr_label, MAGIC_CRED); 1212 LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED); 1213 COUNTER_INC(proc_check_debug); --- 1677 unchanged lines hidden (view full) --- 2891 .mpo_posixsem_check_open = test_posixsem_check_open, 2892 .mpo_posixsem_check_post = test_posixsem_check_post, 2893 .mpo_posixsem_check_unlink = test_posixsem_check_unlink, 2894 .mpo_posixsem_check_wait = test_posixsem_check_wait, 2895 .mpo_posixsem_create = test_posixsem_create, 2896 .mpo_posixsem_destroy_label = test_posixsem_destroy_label, 2897 .mpo_posixsem_init_label = test_posixsem_init_label, 2898 |
2899 .mpo_posixshm_check_mmap = test_posixshm_check_mmap, 2900 .mpo_posixshm_check_open = test_posixshm_check_open, 2901 .mpo_posixshm_check_stat = test_posixshm_check_stat, 2902 .mpo_posixshm_check_truncate = test_posixshm_check_truncate, 2903 .mpo_posixshm_check_unlink = test_posixshm_check_unlink, 2904 .mpo_posixshm_create = test_posixshm_create, 2905 .mpo_posixshm_destroy_label = test_posixshm_destroy_label, 2906 .mpo_posixshm_init_label = test_posixshm_init_label, 2907 |
|
2812 .mpo_proc_check_debug = test_proc_check_debug, 2813 .mpo_proc_check_sched = test_proc_check_sched, 2814 .mpo_proc_check_setaudit = test_proc_check_setaudit, 2815 .mpo_proc_check_setaudit_addr = test_proc_check_setaudit_addr, 2816 .mpo_proc_check_setauid = test_proc_check_setauid, 2817 .mpo_proc_check_seteuid = test_proc_check_seteuid, 2818 .mpo_proc_check_setegid = test_proc_check_setegid, 2819 .mpo_proc_check_setgid = test_proc_check_setgid, --- 127 unchanged lines hidden --- | 2908 .mpo_proc_check_debug = test_proc_check_debug, 2909 .mpo_proc_check_sched = test_proc_check_sched, 2910 .mpo_proc_check_setaudit = test_proc_check_setaudit, 2911 .mpo_proc_check_setaudit_addr = test_proc_check_setaudit_addr, 2912 .mpo_proc_check_setauid = test_proc_check_setauid, 2913 .mpo_proc_check_seteuid = test_proc_check_seteuid, 2914 .mpo_proc_check_setegid = test_proc_check_setegid, 2915 .mpo_proc_check_setgid = test_proc_check_setgid, --- 127 unchanged lines hidden --- |