1/*- 2 * Copyright (c) 1999-2002, 2007-2011 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2005-2006 SPARTA, Inc. 5 * Copyright (c) 2008 Apple Inc. 6 * All rights reserved. 7 * 8 * This software was developed by Robert Watson for the TrustedBSD Project. 9 * 10 * This software was developed for the FreeBSD Project in part by Network 11 * Associates Laboratories, the Security Research Division of Network 12 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 13 * as part of the DARPA CHATS research program. 14 * 15 * This software was enhanced by SPARTA ISSO under SPAWAR contract 16 * N66001-04-C-6019 ("SEFOS"). 17 * 18 * This software was developed at the University of Cambridge Computer 19 * Laboratory with support from a grant from Google, Inc. 20 * 21 * Redistribution and use in source and binary forms, with or without 22 * modification, are permitted provided that the following conditions 23 * are met: 24 * 1. Redistributions of source code must retain the above copyright 25 * notice, this list of conditions and the following disclaimer. 26 * 2. Redistributions in binary form must reproduce the above copyright 27 * notice, this list of conditions and the following disclaimer in the 28 * documentation and/or other materials provided with the distribution. 29 * 30 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 31 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 32 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 33 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 34 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 35 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 36 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 37 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 38 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 39 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 40 * SUCH DAMAGE. 41 * 42 * $FreeBSD$ 43 */ 44/* 45 * Kernel interface for MAC policy modules. 46 */ 47#ifndef _SECURITY_MAC_MAC_POLICY_H_ 48#define _SECURITY_MAC_MAC_POLICY_H_ 49 50#ifndef _KERNEL 51#error "no user-serviceable parts inside" 52#endif 53 54/*- 55 * Pluggable access control policy definition structure. 56 * 57 * List of operations that are performed as part of the implementation of a 58 * MAC policy. Policy implementors declare operations with a mac_policy_ops 59 * structure, and using the MAC_POLICY_SET() macro. If an entry point is not 60 * declared, then then the policy will be ignored during evaluation of that 61 * event or check. 62 * 63 * Operations are sorted first by general class of operation, then 64 * alphabetically. 65 */ 66#include <sys/acl.h> /* XXX acl_type_t */ 67#include <sys/types.h> /* XXX accmode_t */ 68 69struct acl; 70struct auditinfo; 71struct auditinfo_addr; 72struct bpf_d; 73struct cdev; 74struct componentname; 75struct devfs_dirent; 76struct ifnet; 77struct image_params; 78struct inpcb; 79struct ip6q; 80struct ipq; 81struct ksem; 82struct label; 83struct mac_policy_conf; 84struct mbuf; 85struct mount; 86struct msg; 87struct msqid_kernel; 88struct pipepair; 89struct proc; 90struct sbuf; 91struct semid_kernel; 92struct shmfd; 93struct shmid_kernel; 94struct sockaddr; 95struct socket; 96struct sysctl_oid; 97struct sysctl_req; 98struct thread; 99struct ucred; 100struct vattr; 101struct vnode; 102 103/* 104 * Policy module operations. 105 */ 106typedef void (*mpo_destroy_t)(struct mac_policy_conf *mpc); 107typedef void (*mpo_init_t)(struct mac_policy_conf *mpc); 108 109/* 110 * General policy-directed security system call so that policies may 111 * implement new services without reserving explicit system call numbers. 112 */ 113typedef int (*mpo_syscall_t)(struct thread *td, int call, void *arg); 114 115/* 116 * Place-holder function pointers for ABI-compatibility purposes. 117 */ 118typedef void (*mpo_placeholder_t)(void); 119 120/* 121 * Operations sorted alphabetically by primary object type and then method. 122 */ 123typedef int (*mpo_bpfdesc_check_receive_t)(struct bpf_d *d, 124 struct label *dlabel, struct ifnet *ifp, 125 struct label *ifplabel); 126typedef void (*mpo_bpfdesc_create_t)(struct ucred *cred, 127 struct bpf_d *d, struct label *dlabel); 128typedef void (*mpo_bpfdesc_create_mbuf_t)(struct bpf_d *d, 129 struct label *dlabel, struct mbuf *m, 130 struct label *mlabel); 131typedef void (*mpo_bpfdesc_destroy_label_t)(struct label *label); 132typedef void (*mpo_bpfdesc_init_label_t)(struct label *label); 133 134typedef void (*mpo_cred_associate_nfsd_t)(struct ucred *cred); 135typedef int (*mpo_cred_check_relabel_t)(struct ucred *cred, 136 struct label *newlabel); 137typedef int (*mpo_cred_check_setaudit_t)(struct ucred *cred, 138 struct auditinfo *ai); 139typedef int (*mpo_cred_check_setaudit_addr_t)(struct ucred *cred, 140 struct auditinfo_addr *aia); 141typedef int (*mpo_cred_check_setauid_t)(struct ucred *cred, uid_t auid); 142typedef int (*mpo_cred_check_setegid_t)(struct ucred *cred, gid_t egid); 143typedef int (*mpo_cred_check_seteuid_t)(struct ucred *cred, uid_t euid); 144typedef int (*mpo_cred_check_setgid_t)(struct ucred *cred, gid_t gid); 145typedef int (*mpo_cred_check_setgroups_t)(struct ucred *cred, int ngroups, 146 gid_t *gidset); 147typedef int (*mpo_cred_check_setregid_t)(struct ucred *cred, gid_t rgid, 148 gid_t egid); 149typedef int (*mpo_cred_check_setresgid_t)(struct ucred *cred, gid_t rgid, 150 gid_t egid, gid_t sgid); 151typedef int (*mpo_cred_check_setresuid_t)(struct ucred *cred, uid_t ruid, 152 uid_t euid, uid_t suid); 153typedef int (*mpo_cred_check_setreuid_t)(struct ucred *cred, uid_t ruid, 154 uid_t euid); 155typedef int (*mpo_cred_check_setuid_t)(struct ucred *cred, uid_t uid); 156typedef int (*mpo_cred_check_visible_t)(struct ucred *cr1, 157 struct ucred *cr2); 158typedef void (*mpo_cred_copy_label_t)(struct label *src, 159 struct label *dest); 160typedef void (*mpo_cred_create_init_t)(struct ucred *cred); 161typedef void (*mpo_cred_create_swapper_t)(struct ucred *cred); 162typedef void (*mpo_cred_destroy_label_t)(struct label *label); 163typedef int (*mpo_cred_externalize_label_t)(struct label *label, 164 char *element_name, struct sbuf *sb, int *claimed); 165typedef void (*mpo_cred_init_label_t)(struct label *label); 166typedef int (*mpo_cred_internalize_label_t)(struct label *label, 167 char *element_name, char *element_data, int *claimed); 168typedef void (*mpo_cred_relabel_t)(struct ucred *cred, 169 struct label *newlabel); 170 171typedef void (*mpo_devfs_create_device_t)(struct ucred *cred, 172 struct mount *mp, struct cdev *dev, 173 struct devfs_dirent *de, struct label *delabel); 174typedef void (*mpo_devfs_create_directory_t)(struct mount *mp, 175 char *dirname, int dirnamelen, struct devfs_dirent *de, 176 struct label *delabel); 177typedef void (*mpo_devfs_create_symlink_t)(struct ucred *cred, 178 struct mount *mp, struct devfs_dirent *dd, 179 struct label *ddlabel, struct devfs_dirent *de, 180 struct label *delabel); 181typedef void (*mpo_devfs_destroy_label_t)(struct label *label); 182typedef void (*mpo_devfs_init_label_t)(struct label *label); 183typedef void (*mpo_devfs_update_t)(struct mount *mp, 184 struct devfs_dirent *de, struct label *delabel, 185 struct vnode *vp, struct label *vplabel); 186typedef void (*mpo_devfs_vnode_associate_t)(struct mount *mp, 187 struct label *mplabel, struct devfs_dirent *de, 188 struct label *delabel, struct vnode *vp, 189 struct label *vplabel); 190 191typedef int (*mpo_ifnet_check_relabel_t)(struct ucred *cred, 192 struct ifnet *ifp, struct label *ifplabel, 193 struct label *newlabel); 194typedef int (*mpo_ifnet_check_transmit_t)(struct ifnet *ifp, 195 struct label *ifplabel, struct mbuf *m, 196 struct label *mlabel); 197typedef void (*mpo_ifnet_copy_label_t)(struct label *src, 198 struct label *dest); 199typedef void (*mpo_ifnet_create_t)(struct ifnet *ifp, 200 struct label *ifplabel); 201typedef void (*mpo_ifnet_create_mbuf_t)(struct ifnet *ifp, 202 struct label *ifplabel, struct mbuf *m, 203 struct label *mlabel); 204typedef void (*mpo_ifnet_destroy_label_t)(struct label *label); 205typedef int (*mpo_ifnet_externalize_label_t)(struct label *label, 206 char *element_name, struct sbuf *sb, int *claimed); 207typedef void (*mpo_ifnet_init_label_t)(struct label *label); 208typedef int (*mpo_ifnet_internalize_label_t)(struct label *label, 209 char *element_name, char *element_data, int *claimed); 210typedef void (*mpo_ifnet_relabel_t)(struct ucred *cred, struct ifnet *ifp, 211 struct label *ifplabel, struct label *newlabel); 212 213typedef int (*mpo_inpcb_check_deliver_t)(struct inpcb *inp, 214 struct label *inplabel, struct mbuf *m, 215 struct label *mlabel); 216typedef int (*mpo_inpcb_check_visible_t)(struct ucred *cred, 217 struct inpcb *inp, struct label *inplabel); 218typedef void (*mpo_inpcb_create_t)(struct socket *so, 219 struct label *solabel, struct inpcb *inp, 220 struct label *inplabel); 221typedef void (*mpo_inpcb_create_mbuf_t)(struct inpcb *inp, 222 struct label *inplabel, struct mbuf *m, 223 struct label *mlabel); 224typedef void (*mpo_inpcb_destroy_label_t)(struct label *label); 225typedef int (*mpo_inpcb_init_label_t)(struct label *label, int flag); 226typedef void (*mpo_inpcb_sosetlabel_t)(struct socket *so, 227 struct label *label, struct inpcb *inp, 228 struct label *inplabel); 229 230typedef void (*mpo_ip6q_create_t)(struct mbuf *m, struct label *mlabel, 231 struct ip6q *q6, struct label *q6label); 232typedef void (*mpo_ip6q_destroy_label_t)(struct label *label); 233typedef int (*mpo_ip6q_init_label_t)(struct label *label, int flag); 234typedef int (*mpo_ip6q_match_t)(struct mbuf *m, struct label *mlabel, 235 struct ip6q *q6, struct label *q6label); 236typedef void (*mpo_ip6q_reassemble)(struct ip6q *q6, struct label *q6label, 237 struct mbuf *m, struct label *mlabel); 238typedef void (*mpo_ip6q_update_t)(struct mbuf *m, struct label *mlabel, 239 struct ip6q *q6, struct label *q6label); 240 241typedef void (*mpo_ipq_create_t)(struct mbuf *m, struct label *mlabel, 242 struct ipq *q, struct label *qlabel); 243typedef void (*mpo_ipq_destroy_label_t)(struct label *label); 244typedef int (*mpo_ipq_init_label_t)(struct label *label, int flag); 245typedef int (*mpo_ipq_match_t)(struct mbuf *m, struct label *mlabel, 246 struct ipq *q, struct label *qlabel); 247typedef void (*mpo_ipq_reassemble)(struct ipq *q, struct label *qlabel, 248 struct mbuf *m, struct label *mlabel); 249typedef void (*mpo_ipq_update_t)(struct mbuf *m, struct label *mlabel, 250 struct ipq *q, struct label *qlabel); 251 252typedef int (*mpo_kenv_check_dump_t)(struct ucred *cred); 253typedef int (*mpo_kenv_check_get_t)(struct ucred *cred, char *name); 254typedef int (*mpo_kenv_check_set_t)(struct ucred *cred, char *name, 255 char *value); 256typedef int (*mpo_kenv_check_unset_t)(struct ucred *cred, char *name); 257 258typedef int (*mpo_kld_check_load_t)(struct ucred *cred, struct vnode *vp, 259 struct label *vplabel); 260typedef int (*mpo_kld_check_stat_t)(struct ucred *cred); 261 262typedef void (*mpo_mbuf_copy_label_t)(struct label *src, 263 struct label *dest); 264typedef void (*mpo_mbuf_destroy_label_t)(struct label *label); 265typedef int (*mpo_mbuf_init_label_t)(struct label *label, int flag); 266 267typedef int (*mpo_mount_check_stat_t)(struct ucred *cred, 268 struct mount *mp, struct label *mplabel); 269typedef void (*mpo_mount_create_t)(struct ucred *cred, struct mount *mp, 270 struct label *mplabel); 271typedef void (*mpo_mount_destroy_label_t)(struct label *label); 272typedef void (*mpo_mount_init_label_t)(struct label *label); 273 274typedef void (*mpo_netatalk_aarp_send_t)(struct ifnet *ifp, 275 struct label *ifplabel, struct mbuf *m, 276 struct label *mlabel); 277 278typedef void (*mpo_netinet_arp_send_t)(struct ifnet *ifp, 279 struct label *ifplabel, struct mbuf *m, 280 struct label *mlabel); 281typedef void (*mpo_netinet_firewall_reply_t)(struct mbuf *mrecv, 282 struct label *mrecvlabel, struct mbuf *msend, 283 struct label *msendlabel); 284typedef void (*mpo_netinet_firewall_send_t)(struct mbuf *m, 285 struct label *mlabel); 286typedef void (*mpo_netinet_fragment_t)(struct mbuf *m, 287 struct label *mlabel, struct mbuf *frag, 288 struct label *fraglabel); 289typedef void (*mpo_netinet_icmp_reply_t)(struct mbuf *mrecv, 290 struct label *mrecvlabel, struct mbuf *msend, 291 struct label *msendlabel); 292typedef void (*mpo_netinet_icmp_replyinplace_t)(struct mbuf *m, 293 struct label *mlabel); 294typedef void (*mpo_netinet_igmp_send_t)(struct ifnet *ifp, 295 struct label *ifplabel, struct mbuf *m, 296 struct label *mlabel); 297typedef void (*mpo_netinet_tcp_reply_t)(struct mbuf *m, 298 struct label *mlabel); 299 300typedef void (*mpo_netinet6_nd6_send_t)(struct ifnet *ifp, 301 struct label *ifplabel, struct mbuf *m, 302 struct label *mlabel); 303 304typedef int (*mpo_pipe_check_ioctl_t)(struct ucred *cred, 305 struct pipepair *pp, struct label *pplabel, 306 unsigned long cmd, void *data); 307typedef int (*mpo_pipe_check_poll_t)(struct ucred *cred, 308 struct pipepair *pp, struct label *pplabel); 309typedef int (*mpo_pipe_check_read_t)(struct ucred *cred, 310 struct pipepair *pp, struct label *pplabel); 311typedef int (*mpo_pipe_check_relabel_t)(struct ucred *cred, 312 struct pipepair *pp, struct label *pplabel, 313 struct label *newlabel); 314typedef int (*mpo_pipe_check_stat_t)(struct ucred *cred, 315 struct pipepair *pp, struct label *pplabel); 316typedef int (*mpo_pipe_check_write_t)(struct ucred *cred, 317 struct pipepair *pp, struct label *pplabel); 318typedef void (*mpo_pipe_copy_label_t)(struct label *src, 319 struct label *dest); 320typedef void (*mpo_pipe_create_t)(struct ucred *cred, struct pipepair *pp, 321 struct label *pplabel); 322typedef void (*mpo_pipe_destroy_label_t)(struct label *label); 323typedef int (*mpo_pipe_externalize_label_t)(struct label *label, 324 char *element_name, struct sbuf *sb, int *claimed); 325typedef void (*mpo_pipe_init_label_t)(struct label *label); 326typedef int (*mpo_pipe_internalize_label_t)(struct label *label, 327 char *element_name, char *element_data, int *claimed); 328typedef void (*mpo_pipe_relabel_t)(struct ucred *cred, struct pipepair *pp, 329 struct label *oldlabel, struct label *newlabel); 330 331typedef int (*mpo_posixsem_check_getvalue_t)(struct ucred *active_cred, 332 struct ucred *file_cred, struct ksem *ks, 333 struct label *kslabel); 334typedef int (*mpo_posixsem_check_open_t)(struct ucred *cred, 335 struct ksem *ks, struct label *kslabel); 336typedef int (*mpo_posixsem_check_post_t)(struct ucred *active_cred, 337 struct ucred *file_cred, struct ksem *ks, 338 struct label *kslabel); 339typedef int (*mpo_posixsem_check_setmode_t)(struct ucred *cred, 340 struct ksem *ks, struct label *shmlabel, 341 mode_t mode); 342typedef int (*mpo_posixsem_check_setowner_t)(struct ucred *cred, 343 struct ksem *ks, struct label *shmlabel, 344 uid_t uid, gid_t gid); 345typedef int (*mpo_posixsem_check_stat_t)(struct ucred *active_cred, 346 struct ucred *file_cred, struct ksem *ks, 347 struct label *kslabel); 348typedef int (*mpo_posixsem_check_unlink_t)(struct ucred *cred, 349 struct ksem *ks, struct label *kslabel); 350typedef int (*mpo_posixsem_check_wait_t)(struct ucred *active_cred, 351 struct ucred *file_cred, struct ksem *ks, 352 struct label *kslabel); 353typedef void (*mpo_posixsem_create_t)(struct ucred *cred, 354 struct ksem *ks, struct label *kslabel); 355typedef void (*mpo_posixsem_destroy_label_t)(struct label *label); 356typedef void (*mpo_posixsem_init_label_t)(struct label *label); 357 358typedef int (*mpo_posixshm_check_create_t)(struct ucred *cred, 359 const char *path); 360typedef int (*mpo_posixshm_check_mmap_t)(struct ucred *cred, 361 struct shmfd *shmfd, struct label *shmlabel, int prot, 362 int flags); 363typedef int (*mpo_posixshm_check_open_t)(struct ucred *cred, 364 struct shmfd *shmfd, struct label *shmlabel, 365 accmode_t accmode); 366typedef int (*mpo_posixshm_check_read_t)(struct ucred *active_cred, 367 struct ucred *file_cred, struct shmfd *shmfd, 368 struct label *shmlabel); 369typedef int (*mpo_posixshm_check_setmode_t)(struct ucred *cred, 370 struct shmfd *shmfd, struct label *shmlabel, 371 mode_t mode); 372typedef int (*mpo_posixshm_check_setowner_t)(struct ucred *cred, 373 struct shmfd *shmfd, struct label *shmlabel, 374 uid_t uid, gid_t gid); 375typedef int (*mpo_posixshm_check_stat_t)(struct ucred *active_cred, 376 struct ucred *file_cred, struct shmfd *shmfd, 377 struct label *shmlabel); 378typedef int (*mpo_posixshm_check_truncate_t)(struct ucred *active_cred, 379 struct ucred *file_cred, struct shmfd *shmfd, 380 struct label *shmlabel); 381typedef int (*mpo_posixshm_check_unlink_t)(struct ucred *cred, 382 struct shmfd *shmfd, struct label *shmlabel); 383typedef int (*mpo_posixshm_check_write_t)(struct ucred *active_cred, 384 struct ucred *file_cred, struct shmfd *shmfd, 385 struct label *shmlabel); 386typedef void (*mpo_posixshm_create_t)(struct ucred *cred, 387 struct shmfd *shmfd, struct label *shmlabel); 388typedef void (*mpo_posixshm_destroy_label_t)(struct label *label); 389typedef void (*mpo_posixshm_init_label_t)(struct label *label); 390 391typedef int (*mpo_priv_check_t)(struct ucred *cred, int priv); 392typedef int (*mpo_priv_grant_t)(struct ucred *cred, int priv); 393 394typedef int (*mpo_proc_check_debug_t)(struct ucred *cred, 395 struct proc *p); 396typedef int (*mpo_proc_check_sched_t)(struct ucred *cred, 397 struct proc *p); 398typedef int (*mpo_proc_check_signal_t)(struct ucred *cred, 399 struct proc *proc, int signum); 400typedef int (*mpo_proc_check_wait_t)(struct ucred *cred, 401 struct proc *proc); 402typedef void (*mpo_proc_destroy_label_t)(struct label *label); 403typedef void (*mpo_proc_init_label_t)(struct label *label); 404 405typedef int (*mpo_socket_check_accept_t)(struct ucred *cred, 406 struct socket *so, struct label *solabel); 407typedef int (*mpo_socket_check_bind_t)(struct ucred *cred, 408 struct socket *so, struct label *solabel, 409 struct sockaddr *sa); 410typedef int (*mpo_socket_check_connect_t)(struct ucred *cred, 411 struct socket *so, struct label *solabel, 412 struct sockaddr *sa); 413typedef int (*mpo_socket_check_create_t)(struct ucred *cred, int domain, 414 int type, int protocol); 415typedef int (*mpo_socket_check_deliver_t)(struct socket *so, 416 struct label *solabel, struct mbuf *m, 417 struct label *mlabel); 418typedef int (*mpo_socket_check_listen_t)(struct ucred *cred, 419 struct socket *so, struct label *solabel); 420typedef int (*mpo_socket_check_poll_t)(struct ucred *cred, 421 struct socket *so, struct label *solabel); 422typedef int (*mpo_socket_check_receive_t)(struct ucred *cred, 423 struct socket *so, struct label *solabel); 424typedef int (*mpo_socket_check_relabel_t)(struct ucred *cred, 425 struct socket *so, struct label *solabel, 426 struct label *newlabel); 427typedef int (*mpo_socket_check_send_t)(struct ucred *cred, 428 struct socket *so, struct label *solabel); 429typedef int (*mpo_socket_check_stat_t)(struct ucred *cred, 430 struct socket *so, struct label *solabel); 431typedef int (*mpo_socket_check_visible_t)(struct ucred *cred, 432 struct socket *so, struct label *solabel); 433typedef void (*mpo_socket_copy_label_t)(struct label *src, 434 struct label *dest); 435typedef void (*mpo_socket_create_t)(struct ucred *cred, struct socket *so, 436 struct label *solabel); 437typedef void (*mpo_socket_create_mbuf_t)(struct socket *so, 438 struct label *solabel, struct mbuf *m, 439 struct label *mlabel); 440typedef void (*mpo_socket_destroy_label_t)(struct label *label); 441typedef int (*mpo_socket_externalize_label_t)(struct label *label, 442 char *element_name, struct sbuf *sb, int *claimed); 443typedef int (*mpo_socket_init_label_t)(struct label *label, int flag); 444typedef int (*mpo_socket_internalize_label_t)(struct label *label, 445 char *element_name, char *element_data, int *claimed); 446typedef void (*mpo_socket_newconn_t)(struct socket *oldso, 447 struct label *oldsolabel, struct socket *newso, 448 struct label *newsolabel); 449typedef void (*mpo_socket_relabel_t)(struct ucred *cred, struct socket *so, 450 struct label *oldlabel, struct label *newlabel); 451 452typedef void (*mpo_socketpeer_destroy_label_t)(struct label *label); 453typedef int (*mpo_socketpeer_externalize_label_t)(struct label *label, 454 char *element_name, struct sbuf *sb, int *claimed); 455typedef int (*mpo_socketpeer_init_label_t)(struct label *label, 456 int flag); 457typedef void (*mpo_socketpeer_set_from_mbuf_t)(struct mbuf *m, 458 struct label *mlabel, struct socket *so, 459 struct label *sopeerlabel); 460typedef void (*mpo_socketpeer_set_from_socket_t)(struct socket *oldso, 461 struct label *oldsolabel, struct socket *newso, 462 struct label *newsopeerlabel); 463 464typedef void (*mpo_syncache_create_t)(struct label *label, 465 struct inpcb *inp); 466typedef void (*mpo_syncache_create_mbuf_t)(struct label *sc_label, 467 struct mbuf *m, struct label *mlabel); 468typedef void (*mpo_syncache_destroy_label_t)(struct label *label); 469typedef int (*mpo_syncache_init_label_t)(struct label *label, int flag); 470 471typedef int (*mpo_system_check_acct_t)(struct ucred *cred, 472 struct vnode *vp, struct label *vplabel); 473typedef int (*mpo_system_check_audit_t)(struct ucred *cred, void *record, 474 int length); 475typedef int (*mpo_system_check_auditctl_t)(struct ucred *cred, 476 struct vnode *vp, struct label *vplabel); 477typedef int (*mpo_system_check_auditon_t)(struct ucred *cred, int cmd); 478typedef int (*mpo_system_check_reboot_t)(struct ucred *cred, int howto); 479typedef int (*mpo_system_check_swapon_t)(struct ucred *cred, 480 struct vnode *vp, struct label *vplabel); 481typedef int (*mpo_system_check_swapoff_t)(struct ucred *cred, 482 struct vnode *vp, struct label *vplabel); 483typedef int (*mpo_system_check_sysctl_t)(struct ucred *cred, 484 struct sysctl_oid *oidp, void *arg1, int arg2, 485 struct sysctl_req *req); 486 487typedef void (*mpo_sysvmsg_cleanup_t)(struct label *msglabel); 488typedef void (*mpo_sysvmsg_create_t)(struct ucred *cred, 489 struct msqid_kernel *msqkptr, struct label *msqlabel, 490 struct msg *msgptr, struct label *msglabel); 491typedef void (*mpo_sysvmsg_destroy_label_t)(struct label *label); 492typedef void (*mpo_sysvmsg_init_label_t)(struct label *label); 493 494typedef int (*mpo_sysvmsq_check_msgmsq_t)(struct ucred *cred, 495 struct msg *msgptr, struct label *msglabel, 496 struct msqid_kernel *msqkptr, struct label *msqklabel); 497typedef int (*mpo_sysvmsq_check_msgrcv_t)(struct ucred *cred, 498 struct msg *msgptr, struct label *msglabel); 499typedef int (*mpo_sysvmsq_check_msgrmid_t)(struct ucred *cred, 500 struct msg *msgptr, struct label *msglabel); 501typedef int (*mpo_sysvmsq_check_msqget_t)(struct ucred *cred, 502 struct msqid_kernel *msqkptr, struct label *msqklabel); 503typedef int (*mpo_sysvmsq_check_msqctl_t)(struct ucred *cred, 504 struct msqid_kernel *msqkptr, struct label *msqklabel, 505 int cmd); 506typedef int (*mpo_sysvmsq_check_msqrcv_t)(struct ucred *cred, 507 struct msqid_kernel *msqkptr, struct label *msqklabel); 508typedef int (*mpo_sysvmsq_check_msqsnd_t)(struct ucred *cred, 509 struct msqid_kernel *msqkptr, struct label *msqklabel); 510typedef void (*mpo_sysvmsq_cleanup_t)(struct label *msqlabel); 511typedef void (*mpo_sysvmsq_create_t)(struct ucred *cred, 512 struct msqid_kernel *msqkptr, struct label *msqlabel); 513typedef void (*mpo_sysvmsq_destroy_label_t)(struct label *label); 514typedef void (*mpo_sysvmsq_init_label_t)(struct label *label); 515 516typedef int (*mpo_sysvsem_check_semctl_t)(struct ucred *cred, 517 struct semid_kernel *semakptr, struct label *semaklabel, 518 int cmd); 519typedef int (*mpo_sysvsem_check_semget_t)(struct ucred *cred, 520 struct semid_kernel *semakptr, struct label *semaklabel); 521typedef int (*mpo_sysvsem_check_semop_t)(struct ucred *cred, 522 struct semid_kernel *semakptr, struct label *semaklabel, 523 size_t accesstype); 524typedef void (*mpo_sysvsem_cleanup_t)(struct label *semalabel); 525typedef void (*mpo_sysvsem_create_t)(struct ucred *cred, 526 struct semid_kernel *semakptr, struct label *semalabel); 527typedef void (*mpo_sysvsem_destroy_label_t)(struct label *label); 528typedef void (*mpo_sysvsem_init_label_t)(struct label *label); 529 530typedef int (*mpo_sysvshm_check_shmat_t)(struct ucred *cred, 531 struct shmid_kernel *shmsegptr, 532 struct label *shmseglabel, int shmflg); 533typedef int (*mpo_sysvshm_check_shmctl_t)(struct ucred *cred, 534 struct shmid_kernel *shmsegptr, 535 struct label *shmseglabel, int cmd); 536typedef int (*mpo_sysvshm_check_shmdt_t)(struct ucred *cred, 537 struct shmid_kernel *shmsegptr, 538 struct label *shmseglabel); 539typedef int (*mpo_sysvshm_check_shmget_t)(struct ucred *cred, 540 struct shmid_kernel *shmsegptr, 541 struct label *shmseglabel, int shmflg); 542typedef void (*mpo_sysvshm_cleanup_t)(struct label *shmlabel); 543typedef void (*mpo_sysvshm_create_t)(struct ucred *cred, 544 struct shmid_kernel *shmsegptr, struct label *shmlabel); 545typedef void (*mpo_sysvshm_destroy_label_t)(struct label *label); 546typedef void (*mpo_sysvshm_init_label_t)(struct label *label); 547 548typedef void (*mpo_thread_userret_t)(struct thread *thread); 549 550typedef int (*mpo_vnode_associate_extattr_t)(struct mount *mp, 551 struct label *mplabel, struct vnode *vp, 552 struct label *vplabel); 553typedef void (*mpo_vnode_associate_singlelabel_t)(struct mount *mp, 554 struct label *mplabel, struct vnode *vp, 555 struct label *vplabel); 556typedef int (*mpo_vnode_check_access_t)(struct ucred *cred, 557 struct vnode *vp, struct label *vplabel, 558 accmode_t accmode); 559typedef int (*mpo_vnode_check_chdir_t)(struct ucred *cred, 560 struct vnode *dvp, struct label *dvplabel); 561typedef int (*mpo_vnode_check_chroot_t)(struct ucred *cred, 562 struct vnode *dvp, struct label *dvplabel); 563typedef int (*mpo_vnode_check_create_t)(struct ucred *cred, 564 struct vnode *dvp, struct label *dvplabel, 565 struct componentname *cnp, struct vattr *vap); 566typedef int (*mpo_vnode_check_deleteacl_t)(struct ucred *cred, 567 struct vnode *vp, struct label *vplabel, 568 acl_type_t type); 569typedef int (*mpo_vnode_check_deleteextattr_t)(struct ucred *cred, 570 struct vnode *vp, struct label *vplabel, 571 int attrnamespace, const char *name); 572typedef int (*mpo_vnode_check_exec_t)(struct ucred *cred, 573 struct vnode *vp, struct label *vplabel, 574 struct image_params *imgp, struct label *execlabel); 575typedef int (*mpo_vnode_check_getacl_t)(struct ucred *cred, 576 struct vnode *vp, struct label *vplabel, 577 acl_type_t type); 578typedef int (*mpo_vnode_check_getextattr_t)(struct ucred *cred, 579 struct vnode *vp, struct label *vplabel, 580 int attrnamespace, const char *name); 581typedef int (*mpo_vnode_check_link_t)(struct ucred *cred, 582 struct vnode *dvp, struct label *dvplabel, 583 struct vnode *vp, struct label *vplabel, 584 struct componentname *cnp); 585typedef int (*mpo_vnode_check_listextattr_t)(struct ucred *cred, 586 struct vnode *vp, struct label *vplabel, 587 int attrnamespace); 588typedef int (*mpo_vnode_check_lookup_t)(struct ucred *cred, 589 struct vnode *dvp, struct label *dvplabel, 590 struct componentname *cnp); 591typedef int (*mpo_vnode_check_mmap_t)(struct ucred *cred, 592 struct vnode *vp, struct label *label, int prot, 593 int flags); 594typedef void (*mpo_vnode_check_mmap_downgrade_t)(struct ucred *cred, 595 struct vnode *vp, struct label *vplabel, int *prot); 596typedef int (*mpo_vnode_check_mprotect_t)(struct ucred *cred, 597 struct vnode *vp, struct label *vplabel, int prot); 598typedef int (*mpo_vnode_check_open_t)(struct ucred *cred, 599 struct vnode *vp, struct label *vplabel, 600 accmode_t accmode); 601typedef int (*mpo_vnode_check_poll_t)(struct ucred *active_cred, 602 struct ucred *file_cred, struct vnode *vp, 603 struct label *vplabel); 604typedef int (*mpo_vnode_check_read_t)(struct ucred *active_cred, 605 struct ucred *file_cred, struct vnode *vp, 606 struct label *vplabel); 607typedef int (*mpo_vnode_check_readdir_t)(struct ucred *cred, 608 struct vnode *dvp, struct label *dvplabel); 609typedef int (*mpo_vnode_check_readlink_t)(struct ucred *cred, 610 struct vnode *vp, struct label *vplabel); 611typedef int (*mpo_vnode_check_relabel_t)(struct ucred *cred, 612 struct vnode *vp, struct label *vplabel, 613 struct label *newlabel); 614typedef int (*mpo_vnode_check_rename_from_t)(struct ucred *cred, 615 struct vnode *dvp, struct label *dvplabel, 616 struct vnode *vp, struct label *vplabel, 617 struct componentname *cnp); 618typedef int (*mpo_vnode_check_rename_to_t)(struct ucred *cred, 619 struct vnode *dvp, struct label *dvplabel, 620 struct vnode *vp, struct label *vplabel, int samedir, 621 struct componentname *cnp); 622typedef int (*mpo_vnode_check_revoke_t)(struct ucred *cred, 623 struct vnode *vp, struct label *vplabel); 624typedef int (*mpo_vnode_check_setacl_t)(struct ucred *cred, 625 struct vnode *vp, struct label *vplabel, acl_type_t type, 626 struct acl *acl); 627typedef int (*mpo_vnode_check_setextattr_t)(struct ucred *cred, 628 struct vnode *vp, struct label *vplabel, 629 int attrnamespace, const char *name); 630typedef int (*mpo_vnode_check_setflags_t)(struct ucred *cred, 631 struct vnode *vp, struct label *vplabel, u_long flags); 632typedef int (*mpo_vnode_check_setmode_t)(struct ucred *cred, 633 struct vnode *vp, struct label *vplabel, mode_t mode); 634typedef int (*mpo_vnode_check_setowner_t)(struct ucred *cred, 635 struct vnode *vp, struct label *vplabel, uid_t uid, 636 gid_t gid); 637typedef int (*mpo_vnode_check_setutimes_t)(struct ucred *cred, 638 struct vnode *vp, struct label *vplabel, 639 struct timespec atime, struct timespec mtime); 640typedef int (*mpo_vnode_check_stat_t)(struct ucred *active_cred, 641 struct ucred *file_cred, struct vnode *vp, 642 struct label *vplabel); 643typedef int (*mpo_vnode_check_unlink_t)(struct ucred *cred, 644 struct vnode *dvp, struct label *dvplabel, 645 struct vnode *vp, struct label *vplabel, 646 struct componentname *cnp); 647typedef int (*mpo_vnode_check_write_t)(struct ucred *active_cred, 648 struct ucred *file_cred, struct vnode *vp, 649 struct label *vplabel); 650typedef void (*mpo_vnode_copy_label_t)(struct label *src, 651 struct label *dest); 652typedef int (*mpo_vnode_create_extattr_t)(struct ucred *cred, 653 struct mount *mp, struct label *mplabel, 654 struct vnode *dvp, struct label *dvplabel, 655 struct vnode *vp, struct label *vplabel, 656 struct componentname *cnp); 657typedef void (*mpo_vnode_destroy_label_t)(struct label *label); 658typedef void (*mpo_vnode_execve_transition_t)(struct ucred *old, 659 struct ucred *new, struct vnode *vp, 660 struct label *vplabel, struct label *interpvplabel, 661 struct image_params *imgp, struct label *execlabel); 662typedef int (*mpo_vnode_execve_will_transition_t)(struct ucred *old, 663 struct vnode *vp, struct label *vplabel, 664 struct label *interpvplabel, struct image_params *imgp, 665 struct label *execlabel); 666typedef int (*mpo_vnode_externalize_label_t)(struct label *label, 667 char *element_name, struct sbuf *sb, int *claimed); 668typedef void (*mpo_vnode_init_label_t)(struct label *label); 669typedef int (*mpo_vnode_internalize_label_t)(struct label *label, 670 char *element_name, char *element_data, int *claimed); 671typedef void (*mpo_vnode_relabel_t)(struct ucred *cred, struct vnode *vp, 672 struct label *vplabel, struct label *label); 673typedef int (*mpo_vnode_setlabel_extattr_t)(struct ucred *cred, 674 struct vnode *vp, struct label *vplabel, 675 struct label *intlabel); 676 677struct mac_policy_ops { 678 /* 679 * Policy module operations. 680 */ 681 mpo_destroy_t mpo_destroy; 682 mpo_init_t mpo_init; 683 684 /* 685 * General policy-directed security system call so that policies may 686 * implement new services without reserving explicit system call 687 * numbers. 688 */ 689 mpo_syscall_t mpo_syscall; 690 691 /* 692 * Label operations. Initialize label storage, destroy label 693 * storage, recycle for re-use without init/destroy, copy a label to 694 * initialized storage, and externalize/internalize from/to 695 * initialized storage. 696 */ 697 mpo_bpfdesc_check_receive_t mpo_bpfdesc_check_receive; 698 mpo_bpfdesc_create_t mpo_bpfdesc_create; 699 mpo_bpfdesc_create_mbuf_t mpo_bpfdesc_create_mbuf; 700 mpo_bpfdesc_destroy_label_t mpo_bpfdesc_destroy_label; 701 mpo_bpfdesc_init_label_t mpo_bpfdesc_init_label; 702 703 mpo_cred_associate_nfsd_t mpo_cred_associate_nfsd; 704 mpo_cred_check_relabel_t mpo_cred_check_relabel; 705 mpo_cred_check_setaudit_t mpo_cred_check_setaudit; 706 mpo_cred_check_setaudit_addr_t mpo_cred_check_setaudit_addr; 707 mpo_cred_check_setauid_t mpo_cred_check_setauid; 708 mpo_cred_check_setuid_t mpo_cred_check_setuid; 709 mpo_cred_check_seteuid_t mpo_cred_check_seteuid; 710 mpo_cred_check_setgid_t mpo_cred_check_setgid; 711 mpo_cred_check_setegid_t mpo_cred_check_setegid; 712 mpo_cred_check_setgroups_t mpo_cred_check_setgroups; 713 mpo_cred_check_setreuid_t mpo_cred_check_setreuid; 714 mpo_cred_check_setregid_t mpo_cred_check_setregid; 715 mpo_cred_check_setresuid_t mpo_cred_check_setresuid; 716 mpo_cred_check_setresgid_t mpo_cred_check_setresgid; 717 mpo_cred_check_visible_t mpo_cred_check_visible; 718 mpo_cred_copy_label_t mpo_cred_copy_label; 719 mpo_cred_create_swapper_t mpo_cred_create_swapper; 720 mpo_cred_create_init_t mpo_cred_create_init; 721 mpo_cred_destroy_label_t mpo_cred_destroy_label; 722 mpo_cred_externalize_label_t mpo_cred_externalize_label; 723 mpo_cred_init_label_t mpo_cred_init_label; 724 mpo_cred_internalize_label_t mpo_cred_internalize_label; 725 mpo_cred_relabel_t mpo_cred_relabel; 726 727 mpo_devfs_create_device_t mpo_devfs_create_device; 728 mpo_devfs_create_directory_t mpo_devfs_create_directory; 729 mpo_devfs_create_symlink_t mpo_devfs_create_symlink; 730 mpo_devfs_destroy_label_t mpo_devfs_destroy_label; 731 mpo_devfs_init_label_t mpo_devfs_init_label; 732 mpo_devfs_update_t mpo_devfs_update; 733 mpo_devfs_vnode_associate_t mpo_devfs_vnode_associate; 734 735 mpo_ifnet_check_relabel_t mpo_ifnet_check_relabel; 736 mpo_ifnet_check_transmit_t mpo_ifnet_check_transmit; 737 mpo_ifnet_copy_label_t mpo_ifnet_copy_label; 738 mpo_ifnet_create_t mpo_ifnet_create; 739 mpo_ifnet_create_mbuf_t mpo_ifnet_create_mbuf; 740 mpo_ifnet_destroy_label_t mpo_ifnet_destroy_label; 741 mpo_ifnet_externalize_label_t mpo_ifnet_externalize_label; 742 mpo_ifnet_init_label_t mpo_ifnet_init_label; 743 mpo_ifnet_internalize_label_t mpo_ifnet_internalize_label; 744 mpo_ifnet_relabel_t mpo_ifnet_relabel; 745 746 mpo_inpcb_check_deliver_t mpo_inpcb_check_deliver; 747 mpo_inpcb_check_visible_t mpo_inpcb_check_visible; 748 mpo_inpcb_create_t mpo_inpcb_create; 749 mpo_inpcb_create_mbuf_t mpo_inpcb_create_mbuf; 750 mpo_inpcb_destroy_label_t mpo_inpcb_destroy_label; 751 mpo_inpcb_init_label_t mpo_inpcb_init_label; 752 mpo_inpcb_sosetlabel_t mpo_inpcb_sosetlabel; 753 754 mpo_ip6q_create_t mpo_ip6q_create; 755 mpo_ip6q_destroy_label_t mpo_ip6q_destroy_label; 756 mpo_ip6q_init_label_t mpo_ip6q_init_label; 757 mpo_ip6q_match_t mpo_ip6q_match; 758 mpo_ip6q_reassemble mpo_ip6q_reassemble; 759 mpo_ip6q_update_t mpo_ip6q_update; 760 761 mpo_ipq_create_t mpo_ipq_create; 762 mpo_ipq_destroy_label_t mpo_ipq_destroy_label; 763 mpo_ipq_init_label_t mpo_ipq_init_label; 764 mpo_ipq_match_t mpo_ipq_match; 765 mpo_ipq_reassemble mpo_ipq_reassemble; 766 mpo_ipq_update_t mpo_ipq_update; 767 768 mpo_kenv_check_dump_t mpo_kenv_check_dump; 769 mpo_kenv_check_get_t mpo_kenv_check_get; 770 mpo_kenv_check_set_t mpo_kenv_check_set; 771 mpo_kenv_check_unset_t mpo_kenv_check_unset; 772 773 mpo_kld_check_load_t mpo_kld_check_load; 774 mpo_kld_check_stat_t mpo_kld_check_stat; 775 776 mpo_mbuf_copy_label_t mpo_mbuf_copy_label; 777 mpo_mbuf_destroy_label_t mpo_mbuf_destroy_label; 778 mpo_mbuf_init_label_t mpo_mbuf_init_label; 779 780 mpo_mount_check_stat_t mpo_mount_check_stat; 781 mpo_mount_create_t mpo_mount_create; 782 mpo_mount_destroy_label_t mpo_mount_destroy_label; 783 mpo_mount_init_label_t mpo_mount_init_label; 784 785 mpo_netatalk_aarp_send_t mpo_netatalk_aarp_send; 786 787 mpo_netinet_arp_send_t mpo_netinet_arp_send; 788 mpo_netinet_firewall_reply_t mpo_netinet_firewall_reply; 789 mpo_netinet_firewall_send_t mpo_netinet_firewall_send; 790 mpo_netinet_fragment_t mpo_netinet_fragment; 791 mpo_netinet_icmp_reply_t mpo_netinet_icmp_reply; 792 mpo_netinet_icmp_replyinplace_t mpo_netinet_icmp_replyinplace; 793 mpo_netinet_igmp_send_t mpo_netinet_igmp_send; 794 mpo_netinet_tcp_reply_t mpo_netinet_tcp_reply; 795 796 mpo_netinet6_nd6_send_t mpo_netinet6_nd6_send; 797 798 mpo_pipe_check_ioctl_t mpo_pipe_check_ioctl; 799 mpo_pipe_check_poll_t mpo_pipe_check_poll; 800 mpo_pipe_check_read_t mpo_pipe_check_read; 801 mpo_pipe_check_relabel_t mpo_pipe_check_relabel; 802 mpo_pipe_check_stat_t mpo_pipe_check_stat; 803 mpo_pipe_check_write_t mpo_pipe_check_write; 804 mpo_pipe_copy_label_t mpo_pipe_copy_label; 805 mpo_pipe_create_t mpo_pipe_create; 806 mpo_pipe_destroy_label_t mpo_pipe_destroy_label; 807 mpo_pipe_externalize_label_t mpo_pipe_externalize_label; 808 mpo_pipe_init_label_t mpo_pipe_init_label; 809 mpo_pipe_internalize_label_t mpo_pipe_internalize_label; 810 mpo_pipe_relabel_t mpo_pipe_relabel; 811 812 mpo_posixsem_check_getvalue_t mpo_posixsem_check_getvalue; 813 mpo_posixsem_check_open_t mpo_posixsem_check_open; 814 mpo_posixsem_check_post_t mpo_posixsem_check_post; 815 mpo_posixsem_check_setmode_t mpo_posixsem_check_setmode; 816 mpo_posixsem_check_setowner_t mpo_posixsem_check_setowner; 817 mpo_posixsem_check_stat_t mpo_posixsem_check_stat; 818 mpo_posixsem_check_unlink_t mpo_posixsem_check_unlink; 819 mpo_posixsem_check_wait_t mpo_posixsem_check_wait; 820 mpo_posixsem_create_t mpo_posixsem_create; 821 mpo_posixsem_destroy_label_t mpo_posixsem_destroy_label; 822 mpo_posixsem_init_label_t mpo_posixsem_init_label; 823 824 mpo_posixshm_check_create_t mpo_posixshm_check_create; 825 mpo_posixshm_check_mmap_t mpo_posixshm_check_mmap; 826 mpo_posixshm_check_open_t mpo_posixshm_check_open; 827 mpo_posixshm_check_read_t mpo_posixshm_check_read; 828 mpo_posixshm_check_setmode_t mpo_posixshm_check_setmode; 829 mpo_posixshm_check_setowner_t mpo_posixshm_check_setowner; 830 mpo_posixshm_check_stat_t mpo_posixshm_check_stat; 831 mpo_posixshm_check_truncate_t mpo_posixshm_check_truncate; 832 mpo_posixshm_check_unlink_t mpo_posixshm_check_unlink; 833 mpo_posixshm_check_write_t mpo_posixshm_check_write; 834 mpo_posixshm_create_t mpo_posixshm_create; 835 mpo_posixshm_destroy_label_t mpo_posixshm_destroy_label; 836 mpo_posixshm_init_label_t mpo_posixshm_init_label; 837 838 mpo_priv_check_t mpo_priv_check; 839 mpo_priv_grant_t mpo_priv_grant; 840 841 mpo_proc_check_debug_t mpo_proc_check_debug; 842 mpo_proc_check_sched_t mpo_proc_check_sched; 843 mpo_proc_check_signal_t mpo_proc_check_signal; 844 mpo_proc_check_wait_t mpo_proc_check_wait; 845 mpo_proc_destroy_label_t mpo_proc_destroy_label; 846 mpo_proc_init_label_t mpo_proc_init_label; 847 848 mpo_socket_check_accept_t mpo_socket_check_accept; 849 mpo_socket_check_bind_t mpo_socket_check_bind; 850 mpo_socket_check_connect_t mpo_socket_check_connect; 851 mpo_socket_check_create_t mpo_socket_check_create; 852 mpo_socket_check_deliver_t mpo_socket_check_deliver; 853 mpo_socket_check_listen_t mpo_socket_check_listen; 854 mpo_socket_check_poll_t mpo_socket_check_poll; 855 mpo_socket_check_receive_t mpo_socket_check_receive; 856 mpo_socket_check_relabel_t mpo_socket_check_relabel; 857 mpo_socket_check_send_t mpo_socket_check_send; 858 mpo_socket_check_stat_t mpo_socket_check_stat; 859 mpo_socket_check_visible_t mpo_socket_check_visible; 860 mpo_socket_copy_label_t mpo_socket_copy_label; 861 mpo_socket_create_t mpo_socket_create; 862 mpo_socket_create_mbuf_t mpo_socket_create_mbuf; 863 mpo_socket_destroy_label_t mpo_socket_destroy_label; 864 mpo_socket_externalize_label_t mpo_socket_externalize_label; 865 mpo_socket_init_label_t mpo_socket_init_label; 866 mpo_socket_internalize_label_t mpo_socket_internalize_label; 867 mpo_socket_newconn_t mpo_socket_newconn; 868 mpo_socket_relabel_t mpo_socket_relabel; 869 870 mpo_socketpeer_destroy_label_t mpo_socketpeer_destroy_label; 871 mpo_socketpeer_externalize_label_t mpo_socketpeer_externalize_label; 872 mpo_socketpeer_init_label_t mpo_socketpeer_init_label; 873 mpo_socketpeer_set_from_mbuf_t mpo_socketpeer_set_from_mbuf; 874 mpo_socketpeer_set_from_socket_t mpo_socketpeer_set_from_socket; 875 876 mpo_syncache_init_label_t mpo_syncache_init_label; 877 mpo_syncache_destroy_label_t mpo_syncache_destroy_label; 878 mpo_syncache_create_t mpo_syncache_create; 879 mpo_syncache_create_mbuf_t mpo_syncache_create_mbuf; 880 881 mpo_system_check_acct_t mpo_system_check_acct; 882 mpo_system_check_audit_t mpo_system_check_audit; 883 mpo_system_check_auditctl_t mpo_system_check_auditctl; 884 mpo_system_check_auditon_t mpo_system_check_auditon; 885 mpo_system_check_reboot_t mpo_system_check_reboot; 886 mpo_system_check_swapon_t mpo_system_check_swapon; 887 mpo_system_check_swapoff_t mpo_system_check_swapoff; 888 mpo_system_check_sysctl_t mpo_system_check_sysctl; 889 890 mpo_sysvmsg_cleanup_t mpo_sysvmsg_cleanup; 891 mpo_sysvmsg_create_t mpo_sysvmsg_create; 892 mpo_sysvmsg_destroy_label_t mpo_sysvmsg_destroy_label; 893 mpo_sysvmsg_init_label_t mpo_sysvmsg_init_label; 894 895 mpo_sysvmsq_check_msgmsq_t mpo_sysvmsq_check_msgmsq; 896 mpo_sysvmsq_check_msgrcv_t mpo_sysvmsq_check_msgrcv; 897 mpo_sysvmsq_check_msgrmid_t mpo_sysvmsq_check_msgrmid; 898 mpo_sysvmsq_check_msqctl_t mpo_sysvmsq_check_msqctl; 899 mpo_sysvmsq_check_msqget_t mpo_sysvmsq_check_msqget; 900 mpo_sysvmsq_check_msqrcv_t mpo_sysvmsq_check_msqrcv; 901 mpo_sysvmsq_check_msqsnd_t mpo_sysvmsq_check_msqsnd; 902 mpo_sysvmsq_cleanup_t mpo_sysvmsq_cleanup; 903 mpo_sysvmsq_create_t mpo_sysvmsq_create; 904 mpo_sysvmsq_destroy_label_t mpo_sysvmsq_destroy_label; 905 mpo_sysvmsq_init_label_t mpo_sysvmsq_init_label; 906 907 mpo_sysvsem_check_semctl_t mpo_sysvsem_check_semctl; 908 mpo_sysvsem_check_semget_t mpo_sysvsem_check_semget; 909 mpo_sysvsem_check_semop_t mpo_sysvsem_check_semop; 910 mpo_sysvsem_cleanup_t mpo_sysvsem_cleanup; 911 mpo_sysvsem_create_t mpo_sysvsem_create; 912 mpo_sysvsem_destroy_label_t mpo_sysvsem_destroy_label; 913 mpo_sysvsem_init_label_t mpo_sysvsem_init_label; 914 915 mpo_sysvshm_check_shmat_t mpo_sysvshm_check_shmat; 916 mpo_sysvshm_check_shmctl_t mpo_sysvshm_check_shmctl; 917 mpo_sysvshm_check_shmdt_t mpo_sysvshm_check_shmdt; 918 mpo_sysvshm_check_shmget_t mpo_sysvshm_check_shmget; 919 mpo_sysvshm_cleanup_t mpo_sysvshm_cleanup; 920 mpo_sysvshm_create_t mpo_sysvshm_create; 921 mpo_sysvshm_destroy_label_t mpo_sysvshm_destroy_label; 922 mpo_sysvshm_init_label_t mpo_sysvshm_init_label; 923 924 mpo_thread_userret_t mpo_thread_userret; 925 926 mpo_vnode_check_access_t mpo_vnode_check_access; 927 mpo_vnode_check_chdir_t mpo_vnode_check_chdir; 928 mpo_vnode_check_chroot_t mpo_vnode_check_chroot; 929 mpo_vnode_check_create_t mpo_vnode_check_create; 930 mpo_vnode_check_deleteacl_t mpo_vnode_check_deleteacl; 931 mpo_vnode_check_deleteextattr_t mpo_vnode_check_deleteextattr; 932 mpo_vnode_check_exec_t mpo_vnode_check_exec; 933 mpo_vnode_check_getacl_t mpo_vnode_check_getacl; 934 mpo_vnode_check_getextattr_t mpo_vnode_check_getextattr; 935 mpo_vnode_check_link_t mpo_vnode_check_link; 936 mpo_vnode_check_listextattr_t mpo_vnode_check_listextattr; 937 mpo_vnode_check_lookup_t mpo_vnode_check_lookup; 938 mpo_vnode_check_mmap_t mpo_vnode_check_mmap; 939 mpo_vnode_check_mmap_downgrade_t mpo_vnode_check_mmap_downgrade; 940 mpo_vnode_check_mprotect_t mpo_vnode_check_mprotect; 941 mpo_vnode_check_open_t mpo_vnode_check_open; 942 mpo_vnode_check_poll_t mpo_vnode_check_poll; 943 mpo_vnode_check_read_t mpo_vnode_check_read; 944 mpo_vnode_check_readdir_t mpo_vnode_check_readdir; 945 mpo_vnode_check_readlink_t mpo_vnode_check_readlink; 946 mpo_vnode_check_relabel_t mpo_vnode_check_relabel; 947 mpo_vnode_check_rename_from_t mpo_vnode_check_rename_from; 948 mpo_vnode_check_rename_to_t mpo_vnode_check_rename_to; 949 mpo_vnode_check_revoke_t mpo_vnode_check_revoke; 950 mpo_vnode_check_setacl_t mpo_vnode_check_setacl; 951 mpo_vnode_check_setextattr_t mpo_vnode_check_setextattr; 952 mpo_vnode_check_setflags_t mpo_vnode_check_setflags; 953 mpo_vnode_check_setmode_t mpo_vnode_check_setmode; 954 mpo_vnode_check_setowner_t mpo_vnode_check_setowner; 955 mpo_vnode_check_setutimes_t mpo_vnode_check_setutimes; 956 mpo_vnode_check_stat_t mpo_vnode_check_stat; 957 mpo_vnode_check_unlink_t mpo_vnode_check_unlink; 958 mpo_vnode_check_write_t mpo_vnode_check_write; 959 mpo_vnode_associate_extattr_t mpo_vnode_associate_extattr; 960 mpo_vnode_associate_singlelabel_t mpo_vnode_associate_singlelabel; 961 mpo_vnode_destroy_label_t mpo_vnode_destroy_label; 962 mpo_vnode_copy_label_t mpo_vnode_copy_label; 963 mpo_vnode_create_extattr_t mpo_vnode_create_extattr; 964 mpo_vnode_execve_transition_t mpo_vnode_execve_transition; 965 mpo_vnode_execve_will_transition_t mpo_vnode_execve_will_transition; 966 mpo_vnode_externalize_label_t mpo_vnode_externalize_label; 967 mpo_vnode_init_label_t mpo_vnode_init_label; 968 mpo_vnode_internalize_label_t mpo_vnode_internalize_label; 969 mpo_vnode_relabel_t mpo_vnode_relabel; 970 mpo_vnode_setlabel_extattr_t mpo_vnode_setlabel_extattr; 971}; 972 973/* 974 * struct mac_policy_conf is the registration structure for policies, and is 975 * provided to the MAC Framework using MAC_POLICY_SET() to invoke a SYSINIT 976 * to register the policy. In general, the fields are immutable, with the 977 * exception of the "security field", run-time flags, and policy list entry, 978 * which are managed by the MAC Framework. Be careful when modifying this 979 * structure, as its layout is statically compiled into all policies. 980 */ 981struct mac_policy_conf { 982 char *mpc_name; /* policy name */ 983 char *mpc_fullname; /* policy full name */ 984 struct mac_policy_ops *mpc_ops; /* policy operations */ 985 int mpc_loadtime_flags; /* flags */ 986 int *mpc_field_off; /* security field */ 987 int mpc_runtime_flags; /* flags */ 988 int _mpc_spare1; /* Spare. */ 989 uint64_t _mpc_spare2; /* Spare. */ 990 uint64_t _mpc_spare3; /* Spare. */ 991 void *_mpc_spare4; /* Spare. */ 992 LIST_ENTRY(mac_policy_conf) mpc_list; /* global list */ 993}; 994 995/* Flags for the mpc_loadtime_flags field. */ 996#define MPC_LOADTIME_FLAG_NOTLATE 0x00000001 997#define MPC_LOADTIME_FLAG_UNLOADOK 0x00000002 998 999/* Flags for the mpc_runtime_flags field. */ 1000#define MPC_RUNTIME_FLAG_REGISTERED 0x00000001 1001 1002/*- 1003 * The TrustedBSD MAC Framework has a major version number, MAC_VERSION, 1004 * which defines the ABI of the Framework present in the kernel (and depended 1005 * on by policy modules compiled against that kernel). Currently, 1006 * MAC_POLICY_SET() requires that the kernel and module ABI version numbers 1007 * exactly match. The following major versions have been defined to date: 1008 * 1009 * MAC version FreeBSD versions 1010 * 1 5.x 1011 * 2 6.x 1012 * 3 7.x 1013 * 4 8.x 1014 */ 1015#define MAC_VERSION 4 1016 1017#define MAC_POLICY_SET(mpops, mpname, mpfullname, mpflags, privdata_wanted) \ 1018 static struct mac_policy_conf mpname##_mac_policy_conf = { \ 1019 .mpc_name = #mpname, \ 1020 .mpc_fullname = mpfullname, \ 1021 .mpc_ops = mpops, \ 1022 .mpc_loadtime_flags = mpflags, \ 1023 .mpc_field_off = privdata_wanted, \ 1024 }; \ 1025 static moduledata_t mpname##_mod = { \ 1026 #mpname, \ 1027 mac_policy_modevent, \ 1028 &mpname##_mac_policy_conf \ 1029 }; \ 1030 MODULE_DEPEND(mpname, kernel_mac_support, MAC_VERSION, \ 1031 MAC_VERSION, MAC_VERSION); \ 1032 DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY, \ 1033 SI_ORDER_MIDDLE) 1034 1035int mac_policy_modevent(module_t mod, int type, void *data); 1036 1037/* 1038 * Policy interface to map a struct label pointer to per-policy data. 1039 * Typically, policies wrap this in their own accessor macro that casts a 1040 * uintptr_t to a policy-specific data type. 1041 */ 1042intptr_t mac_label_get(struct label *l, int slot); 1043void mac_label_set(struct label *l, int slot, intptr_t v); 1044 1045#endif /* !_SECURITY_MAC_MAC_POLICY_H_ */ 1046