• Home
  • History
  • Annotate
  • Raw
  • Download
  • only in /freebsd-12-stable/sys/security/mac/

Lines Matching defs:label

80  * Currently, sockets hold two labels: the label of the socket itself, and a
81  * peer label, which may be used by policies to hold a copy of the label of
84  * Possibly, this peer label should be maintained at the protocol layer
86  * the label consistently.  For example, it might be copied live from a
94  * lock over some entry points in order to enforce atomicity (such as label
102 struct label *
105 	struct label *label;
108 	label = mac_labelzone_alloc(flag);
109 	if (label == NULL)
113 		MAC_POLICY_CHECK(socket_init_label, label, flag);
115 		MAC_POLICY_CHECK_NOSLEEP(socket_init_label, label, flag);
117 		MAC_POLICY_PERFORM_NOSLEEP(socket_destroy_label, label);
118 		mac_labelzone_free(label);
121 	return (label);
124 static struct label *
127 	struct label *label;
130 	label = mac_labelzone_alloc(flag);
131 	if (label == NULL)
135 		MAC_POLICY_CHECK(socketpeer_init_label, label, flag);
137 		MAC_POLICY_CHECK_NOSLEEP(socketpeer_init_label, label, flag);
139 		MAC_POLICY_PERFORM_NOSLEEP(socketpeer_destroy_label, label);
140 		mac_labelzone_free(label);
143 	return (label);
168 mac_socket_label_free(struct label *label)
171 	MAC_POLICY_PERFORM_NOSLEEP(socket_destroy_label, label);
172 	mac_labelzone_free(label);
176 mac_socketpeer_label_free(struct label *label)
179 	MAC_POLICY_PERFORM_NOSLEEP(socketpeer_destroy_label, label);
180 	mac_labelzone_free(label);
196 mac_socket_copy_label(struct label *src, struct label *dest)
203 mac_socket_externalize_label(struct label *label, char *elements,
208 	MAC_POLICY_EXTERNALIZE(socket, label, elements, outbuf, outbuflen);
214 mac_socketpeer_externalize_label(struct label *label, char *elements,
219 	MAC_POLICY_EXTERNALIZE(socketpeer, label, elements, outbuf,
226 mac_socket_internalize_label(struct label *label, char *string)
230 	MAC_POLICY_INTERNALIZE(socket, label, string);
252     struct label *newlabel)
264 	struct label *label;
269 	label = mac_mbuf_to_label(m);
271 	MAC_POLICY_PERFORM_NOSLEEP(socketpeer_set_from_mbuf, m, label, so,
289 	struct label *label;
294 	label = mac_mbuf_to_label(m);
297 	    label);
369 	struct label *label;
375 	label = mac_mbuf_to_label(m);
378 	    label);
429     "struct socket *", "struct label *");
433     struct label *newlabel)
491     struct label *label)
504 	error = mac_socket_check_relabel(cred, so, label);
510 	mac_socket_relabel(cred, so, label);
515 	 * such as if it needs to propagate changes to a cached pcb label
516 	 * from the socket, notify it of the label change while holding the
528 	struct label *intlabel;
562 	struct label *intlabel;
601 	struct label *intlabel;