ugidfw_vnode.c revision 101099
1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by NAI Labs, 9 * the Security Research Division of Network Associates, Inc. under 10 * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA 11 * CHATS research program. 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 2. Redistributions in binary form must reproduce the above copyright 19 * notice, this list of conditions and the following disclaimer in the 20 * documentation and/or other materials provided with the distribution. 21 * 3. The names of the authors may not be used to endorse or promote 22 * products derived from this software without specific prior written 23 * permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 * 37 * $FreeBSD: head/sys/security/mac_bsdextended/mac_bsdextended.c 101099 2002-07-31 18:07:45Z rwatson $ 38 */ 39/* 40 * Developed by the TrustedBSD Project. 41 * "BSD Extended" MAC policy, allowing the administrator to impose 42 * mandatory rules regarding users and some system objects. 43 * 44 * XXX: Much locking support required here. 45 */ 46 47#include <sys/types.h> 48#include <sys/param.h> 49#include <sys/acl.h> 50#include <sys/conf.h> 51#include <sys/kernel.h> 52#include <sys/mac.h> 53#include <sys/malloc.h> 54#include <sys/mount.h> 55#include <sys/proc.h> 56#include <sys/systm.h> 57#include <sys/sysproto.h> 58#include <sys/sysent.h> 59#include <sys/vnode.h> 60#include <sys/file.h> 61#include <sys/socket.h> 62#include <sys/socketvar.h> 63#include <sys/sysctl.h> 64 65#include <net/bpfdesc.h> 66#include <net/if.h> 67#include <net/if_types.h> 68#include <net/if_var.h> 69 70#include <vm/vm.h> 71 72#include <sys/mac_policy.h> 73 74#include <security/mac_bsdextended/mac_bsdextended.h> 75 76SYSCTL_DECL(_security_mac); 77 78SYSCTL_NODE(_security_mac, OID_AUTO, bsdextended, CTLFLAG_RW, 0, 79 "TrustedBSD extended BSD MAC policy controls"); 80 81static int mac_bsdextended_enabled = 1; 82SYSCTL_INT(_security_mac_bsdextended, OID_AUTO, enabled, CTLFLAG_RW, 83 &mac_bsdextended_enabled, 0, "Enforce extended BSD policy"); 84TUNABLE_INT("security.mac.bsdextended.enabled", &mac_bsdextended_enabled); 85 86MALLOC_DEFINE(M_MACBSDEXTENDED, "mac_bsdextended", "BSD Extended MAC rule"); 87 88#define MAC_BSDEXTENDED_MAXRULES 250 89static struct mac_bsdextended_rule *rules[MAC_BSDEXTENDED_MAXRULES]; 90static int rule_count = 0; 91static int rule_slots = 0; 92 93SYSCTL_INT(_security_mac_bsdextended, OID_AUTO, rule_count, CTLFLAG_RD, 94 &rule_count, 0, "Number of defined rules\n"); 95SYSCTL_INT(_security_mac_bsdextended, OID_AUTO, rule_slots, CTLFLAG_RD, 96 &rule_slots, 0, "Number of used rule slots\n"); 97 98static int mac_bsdextended_debugging; 99SYSCTL_INT(_security_mac_bsdextended, OID_AUTO, debugging, CTLFLAG_RW, 100 &mac_bsdextended_debugging, 0, "Enable debugging on failure"); 101 102static int 103mac_bsdextended_rule_valid(struct mac_bsdextended_rule *rule) 104{ 105 106 if ((rule->mbr_subject.mbi_flags | MBI_BITS) != MBI_BITS) 107 return (EINVAL); 108 109 if ((rule->mbr_object.mbi_flags | MBI_BITS) != MBI_BITS) 110 return (EINVAL); 111 112 if ((rule->mbr_mode | VALLPERM) != VALLPERM) 113 return (EINVAL); 114 115 return (0); 116} 117 118static int 119sysctl_rule(SYSCTL_HANDLER_ARGS) 120{ 121 struct mac_bsdextended_rule temprule, *ruleptr; 122 u_int namelen; 123 int error, index, *name; 124 125 name = (int *)arg1; 126 namelen = arg2; 127 128 /* printf("bsdextended sysctl handler (namelen %d)\n", namelen); */ 129 130 if (namelen != 1) 131 return (EINVAL); 132 133 index = name[0]; 134 if (index < 0 || index > rule_slots + 1) 135 return (ENOENT); 136 if (rule_slots >= MAC_BSDEXTENDED_MAXRULES) 137 return (ENOENT); 138 139 if (req->oldptr) { 140 if (rules[index] == NULL) 141 return (ENOENT); 142 143 error = SYSCTL_OUT(req, rules[index], sizeof(*rules[index])); 144 if (error) 145 return (error); 146 } 147 148 if (req->newptr) { 149 if (req->newlen == 0) { 150 /* printf("deletion\n"); */ 151 ruleptr = rules[index]; 152 if (ruleptr == NULL) 153 return (ENOENT); 154 rule_count--; 155 rules[index] = NULL; 156 FREE(ruleptr, M_MACBSDEXTENDED); 157 return(0); 158 } 159 error = SYSCTL_IN(req, &temprule, sizeof(temprule)); 160 if (error) 161 return (error); 162 163 error = mac_bsdextended_rule_valid(&temprule); 164 if (error) 165 return (error); 166 167 if (rules[index] == NULL) { 168 /* printf("addition\n"); */ 169 MALLOC(ruleptr, struct mac_bsdextended_rule *, 170 sizeof(*ruleptr), M_MACBSDEXTENDED, M_WAITOK | 171 M_ZERO); 172 *ruleptr = temprule; 173 rules[index] = ruleptr; 174 if (index+1 > rule_slots) 175 rule_slots = index+1; 176 rule_count++; 177 } else { 178 /* printf("replacement\n"); */ 179 *rules[index] = temprule; 180 } 181 } 182 183 return (0); 184} 185 186SYSCTL_NODE(_security_mac_bsdextended, OID_AUTO, rules, 187 CTLFLAG_RW, sysctl_rule, "BSD extended MAC rules"); 188 189static void 190mac_bsdextended_init(struct mac_policy_conf *mpc) 191{ 192 193 /* Initialize ruleset lock. */ 194 /* Register dynamic sysctl's for rules. */ 195} 196 197static void 198mac_bsdextended_destroy(struct mac_policy_conf *mpc) 199{ 200 201 /* Tear down sysctls. */ 202 /* Destroy ruleset lock. */ 203} 204 205static int 206mac_bsdextended_rulecheck(struct mac_bsdextended_rule *rule, 207 struct ucred *cred, uid_t object_uid, gid_t object_gid, mode_t acc_mode) 208{ 209 int match; 210 211 /* 212 * Is there a subject match? 213 */ 214 if (rule->mbr_subject.mbi_flags & MBI_UID_DEFINED) { 215 match = (rule->mbr_subject.mbi_uid == cred->cr_uid || 216 rule->mbr_subject.mbi_uid == cred->cr_ruid || 217 rule->mbr_subject.mbi_uid == cred->cr_svuid); 218 219 if (rule->mbr_subject.mbi_flags & MBI_NEGATED) 220 match = !match; 221 222 if (!match) 223 return (0); 224 } 225 226 if (rule->mbr_subject.mbi_flags & MBI_GID_DEFINED) { 227 match = (groupmember(rule->mbr_subject.mbi_gid, cred) || 228 rule->mbr_subject.mbi_gid == cred->cr_rgid || 229 rule->mbr_subject.mbi_gid == cred->cr_svgid); 230 231 if (rule->mbr_subject.mbi_flags & MBI_NEGATED) 232 match = !match; 233 234 if (!match) 235 return (0); 236 } 237 238 /* 239 * Is there an object match? 240 */ 241 if (rule->mbr_object.mbi_flags & MBI_UID_DEFINED) { 242 match = (rule->mbr_object.mbi_uid == object_uid); 243 244 if (rule->mbr_object.mbi_flags & MBI_NEGATED) 245 match = !match; 246 247 if (!match) 248 return (0); 249 } 250 251 if (rule->mbr_object.mbi_flags & MBI_GID_DEFINED) { 252 match = (rule->mbr_object.mbi_gid == object_gid); 253 254 if (rule->mbr_object.mbi_flags & MBI_NEGATED) 255 match = !match; 256 257 if (!match) 258 return (0); 259 } 260 261 /* 262 * Is the access permitted? 263 */ 264 if ((rule->mbr_mode & acc_mode) != acc_mode) { 265 if (mac_bsdextended_debugging) 266 printf("mac_bsdextended: %d:%d request %d on %d:%d" 267 " fails\n", cred->cr_ruid, cred->cr_rgid, 268 acc_mode, object_uid, object_gid); 269 return (EACCES); 270 } 271 272 return (0); 273} 274 275static int 276mac_bsdextended_check(struct ucred *cred, uid_t object_uid, gid_t object_gid, 277 mode_t acc_mode) 278{ 279 int error, i; 280 281 for (i = 0; i < rule_slots; i++) { 282 if (rules[i] == NULL) 283 continue; 284 285 error = mac_bsdextended_rulecheck(rules[i], cred, object_uid, 286 object_gid, acc_mode); 287 if (error) 288 return (error); 289 } 290 291 return (0); 292} 293 294static int 295mac_bsdextended_check_vnode_access(struct ucred *cred, struct vnode *vp, 296 struct label *label, mode_t flags) 297{ 298 struct vattr vap; 299 int error; 300 301 if (!mac_bsdextended_enabled) 302 return (0); 303 304 error = VOP_GETATTR(vp, &vap, cred, curthread); 305 if (error) 306 return (error); 307 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, flags)); 308} 309 310static int 311mac_bsdextended_check_vnode_chdir(struct ucred *cred, struct vnode *dvp, 312 struct label *dlabel) 313{ 314 struct vattr vap; 315 int error; 316 317 if (!mac_bsdextended_enabled) 318 return (0); 319 320 error = VOP_GETATTR(dvp, &vap, cred, curthread); 321 if (error) 322 return (error); 323 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VEXEC)); 324} 325 326static int 327mac_bsdextended_check_vnode_chroot(struct ucred *cred, struct vnode *dvp, 328 struct label *dlabel) 329{ 330 struct vattr vap; 331 int error; 332 333 if (!mac_bsdextended_enabled) 334 return (0); 335 336 error = VOP_GETATTR(dvp, &vap, cred, curthread); 337 if (error) 338 return (error); 339 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VEXEC)); 340} 341 342static int 343mac_bsdextended_check_create_vnode(struct ucred *cred, struct vnode *dvp, 344 struct label *dlabel, struct componentname *cnp, struct vattr *vap) 345{ 346 struct vattr dvap; 347 int error; 348 349 if (!mac_bsdextended_enabled) 350 return (0); 351 352 error = VOP_GETATTR(dvp, &dvap, cred, curthread); 353 if (error) 354 return (error); 355 return (mac_bsdextended_check(cred, dvap.va_uid, dvap.va_gid, VWRITE)); 356} 357 358static int 359mac_bsdextended_check_vnode_delete(struct ucred *cred, struct vnode *dvp, 360 struct label *dlabel, struct vnode *vp, struct label *label, 361 struct componentname *cnp) 362{ 363 struct vattr vap; 364 int error; 365 366 if (!mac_bsdextended_enabled) 367 return (0); 368 369 error = VOP_GETATTR(dvp, &vap, cred, curthread); 370 if (error) 371 return (error); 372 error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE); 373 if (error) 374 return (error); 375 376 error = VOP_GETATTR(vp, &vap, cred, curthread); 377 if (error) 378 return (error); 379 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE)); 380} 381 382static int 383mac_bsdextended_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, 384 struct label *label, acl_type_t type) 385{ 386 struct vattr vap; 387 int error; 388 389 if (!mac_bsdextended_enabled) 390 return (0); 391 392 error = VOP_GETATTR(vp, &vap, cred, curthread); 393 if (error) 394 return (error); 395 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 396} 397 398static int 399mac_bsdextended_check_vnode_exec(struct ucred *cred, struct vnode *vp, 400 struct label *label) 401{ 402 struct vattr vap; 403 int error; 404 405 if (!mac_bsdextended_enabled) 406 return (0); 407 408 error = VOP_GETATTR(vp, &vap, cred, curthread); 409 if (error) 410 return (error); 411 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, 412 VREAD|VEXEC)); 413} 414 415static int 416mac_bsdextended_check_vnode_getacl(struct ucred *cred, struct vnode *vp, 417 struct label *label, acl_type_t type) 418{ 419 struct vattr vap; 420 int error; 421 422 if (!mac_bsdextended_enabled) 423 return (0); 424 425 error = VOP_GETATTR(vp, &vap, cred, curthread); 426 if (error) 427 return (error); 428 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VSTAT)); 429} 430 431static int 432mac_bsdextended_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, 433 struct label *label, int attrnamespace, const char *name, struct uio *uio) 434{ 435 struct vattr vap; 436 int error; 437 438 if (!mac_bsdextended_enabled) 439 return (0); 440 441 error = VOP_GETATTR(vp, &vap, cred, curthread); 442 if (error) 443 return (error); 444 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VREAD)); 445} 446 447static int 448mac_bsdextended_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, 449 struct label *dlabel, struct componentname *cnp) 450{ 451 struct vattr vap; 452 int error; 453 454 if (!mac_bsdextended_enabled) 455 return (0); 456 457 error = VOP_GETATTR(dvp, &vap, cred, curthread); 458 if (error) 459 return (error); 460 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VEXEC)); 461} 462 463static int 464mac_bsdextended_check_vnode_open(struct ucred *cred, struct vnode *vp, 465 struct label *filelabel, mode_t acc_mode) 466{ 467 struct vattr vap; 468 int error; 469 470 if (!mac_bsdextended_enabled) 471 return (0); 472 473 error = VOP_GETATTR(vp, &vap, cred, curthread); 474 if (error) 475 return (error); 476 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, acc_mode)); 477} 478 479static int 480mac_bsdextended_check_vnode_readdir(struct ucred *cred, struct vnode *dvp, 481 struct label *dlabel) 482{ 483 struct vattr vap; 484 int error; 485 486 if (!mac_bsdextended_enabled) 487 return (0); 488 489 error = VOP_GETATTR(dvp, &vap, cred, curthread); 490 if (error) 491 return (error); 492 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VREAD)); 493} 494 495static int 496mac_bsdextended_check_vnode_readdlink(struct ucred *cred, struct vnode *vp, 497 struct label *label) 498{ 499 struct vattr vap; 500 int error; 501 502 if (!mac_bsdextended_enabled) 503 return (0); 504 505 error = VOP_GETATTR(vp, &vap, cred, curthread); 506 if (error) 507 return (error); 508 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VREAD)); 509} 510 511static int 512mac_bsdextended_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp, 513 struct label *dlabel, struct vnode *vp, struct label *label, 514 struct componentname *cnp) 515{ 516 struct vattr vap; 517 int error; 518 519 if (!mac_bsdextended_enabled) 520 return (0); 521 522 error = VOP_GETATTR(dvp, &vap, cred, curthread); 523 if (error) 524 return (error); 525 error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE); 526 if (error) 527 return (error); 528 error = VOP_GETATTR(vp, &vap, cred, curthread); 529 if (error) 530 return (error); 531 error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE); 532 533 return (error); 534} 535 536static int 537mac_bsdextended_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp, 538 struct label *dlabel, struct vnode *vp, struct label *label, int samedir, 539 struct componentname *cnp) 540{ 541 struct vattr vap; 542 int error; 543 544 if (!mac_bsdextended_enabled) 545 return (0); 546 547 error = VOP_GETATTR(dvp, &vap, cred, curthread); 548 if (error) 549 return (error); 550 error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE); 551 if (error) 552 return (error); 553 554 if (vp != NULL) { 555 error = VOP_GETATTR(vp, &vap, cred, curthread); 556 if (error) 557 return (error); 558 error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, 559 VWRITE); 560 } 561 562 return (error); 563} 564 565static int 566mac_bsdextended_check_vnode_revoke(struct ucred *cred, struct vnode *vp, 567 struct label *label) 568{ 569 struct vattr vap; 570 int error; 571 572 if (!mac_bsdextended_enabled) 573 return (0); 574 575 error = VOP_GETATTR(vp, &vap, cred, curthread); 576 if (error) 577 return (error); 578 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 579} 580 581static int 582mac_bsdextended_check_setacl_vnode(struct ucred *cred, struct vnode *vp, 583 struct label *label, acl_type_t type, struct acl *acl) 584{ 585 struct vattr vap; 586 int error; 587 588 if (!mac_bsdextended_enabled) 589 return (0); 590 591 error = VOP_GETATTR(vp, &vap, cred, curthread); 592 if (error) 593 return (error); 594 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 595} 596 597static int 598mac_bsdextended_check_vnode_setextattr(struct ucred *cred, struct vnode *vp, 599 struct label *label, int attrnamespace, const char *name, struct uio *uio) 600{ 601 struct vattr vap; 602 int error; 603 604 if (!mac_bsdextended_enabled) 605 return (0); 606 607 error = VOP_GETATTR(vp, &vap, cred, curthread); 608 if (error) 609 return (error); 610 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE)); 611} 612 613static int 614mac_bsdextended_check_vnode_setflags(struct ucred *cred, struct vnode *vp, 615 struct label *label, u_long flags) 616{ 617 struct vattr vap; 618 int error; 619 620 if (!mac_bsdextended_enabled) 621 return (0); 622 623 error = VOP_GETATTR(vp, &vap, cred, curthread); 624 if (error) 625 return (error); 626 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 627} 628 629static int 630mac_bsdextended_check_vnode_setmode(struct ucred *cred, struct vnode *vp, 631 struct label *label, mode_t mode) 632{ 633 struct vattr vap; 634 int error; 635 636 if (!mac_bsdextended_enabled) 637 return (0); 638 639 error = VOP_GETATTR(vp, &vap, cred, curthread); 640 if (error) 641 return (error); 642 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 643} 644 645static int 646mac_bsdextended_check_vnode_setowner(struct ucred *cred, struct vnode *vp, 647 struct label *label, uid_t uid, gid_t gid) 648{ 649 struct vattr vap; 650 int error; 651 652 if (!mac_bsdextended_enabled) 653 return (0); 654 655 error = VOP_GETATTR(vp, &vap, cred, curthread); 656 if (error) 657 return (error); 658 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 659} 660 661static int 662mac_bsdextended_check_vnode_setutimes(struct ucred *cred, struct vnode *vp, 663 struct label *label, struct timespec atime, struct timespec utime) 664{ 665 struct vattr vap; 666 int error; 667 668 if (!mac_bsdextended_enabled) 669 return (0); 670 671 error = VOP_GETATTR(vp, &vap, cred, curthread); 672 if (error) 673 return (error); 674 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 675} 676 677static int 678mac_bsdextended_check_vnode_stat(struct ucred *cred, struct vnode *vp, 679 struct label *label) 680{ 681 struct vattr vap; 682 int error; 683 684 if (!mac_bsdextended_enabled) 685 return (0); 686 687 error = VOP_GETATTR(vp, &vap, cred, curthread); 688 if (error) 689 return (error); 690 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VSTAT)); 691} 692 693static struct mac_policy_op_entry mac_bsdextended_ops[] = 694{ 695 { MAC_DESTROY, 696 (macop_t)mac_bsdextended_destroy }, 697 { MAC_INIT, 698 (macop_t)mac_bsdextended_init }, 699 { MAC_CHECK_VNODE_ACCESS, 700 (macop_t)mac_bsdextended_check_vnode_access }, 701 { MAC_CHECK_VNODE_CHDIR, 702 (macop_t)mac_bsdextended_check_vnode_chdir }, 703 { MAC_CHECK_VNODE_CHROOT, 704 (macop_t)mac_bsdextended_check_vnode_chroot }, 705 { MAC_CHECK_VNODE_CREATE, 706 (macop_t)mac_bsdextended_check_create_vnode }, 707 { MAC_CHECK_VNODE_DELETE, 708 (macop_t)mac_bsdextended_check_vnode_delete }, 709 { MAC_CHECK_VNODE_DELETEACL, 710 (macop_t)mac_bsdextended_check_vnode_deleteacl }, 711 { MAC_CHECK_VNODE_EXEC, 712 (macop_t)mac_bsdextended_check_vnode_exec }, 713 { MAC_CHECK_VNODE_GETACL, 714 (macop_t)mac_bsdextended_check_vnode_getacl }, 715 { MAC_CHECK_VNODE_GETEXTATTR, 716 (macop_t)mac_bsdextended_check_vnode_getextattr }, 717 { MAC_CHECK_VNODE_LOOKUP, 718 (macop_t)mac_bsdextended_check_vnode_lookup }, 719 { MAC_CHECK_VNODE_OPEN, 720 (macop_t)mac_bsdextended_check_vnode_open }, 721 { MAC_CHECK_VNODE_READDIR, 722 (macop_t)mac_bsdextended_check_vnode_readdir }, 723 { MAC_CHECK_VNODE_READLINK, 724 (macop_t)mac_bsdextended_check_vnode_readdlink }, 725 { MAC_CHECK_VNODE_RENAME_FROM, 726 (macop_t)mac_bsdextended_check_vnode_rename_from }, 727 { MAC_CHECK_VNODE_RENAME_TO, 728 (macop_t)mac_bsdextended_check_vnode_rename_to }, 729 { MAC_CHECK_VNODE_REVOKE, 730 (macop_t)mac_bsdextended_check_vnode_revoke }, 731 { MAC_CHECK_VNODE_SETACL, 732 (macop_t)mac_bsdextended_check_setacl_vnode }, 733 { MAC_CHECK_VNODE_SETEXTATTR, 734 (macop_t)mac_bsdextended_check_vnode_setextattr }, 735 { MAC_CHECK_VNODE_SETFLAGS, 736 (macop_t)mac_bsdextended_check_vnode_setflags }, 737 { MAC_CHECK_VNODE_SETMODE, 738 (macop_t)mac_bsdextended_check_vnode_setmode }, 739 { MAC_CHECK_VNODE_SETOWNER, 740 (macop_t)mac_bsdextended_check_vnode_setowner }, 741 { MAC_CHECK_VNODE_SETUTIMES, 742 (macop_t)mac_bsdextended_check_vnode_setutimes }, 743 { MAC_CHECK_VNODE_STAT, 744 (macop_t)mac_bsdextended_check_vnode_stat }, 745 { MAC_OP_LAST, NULL } 746}; 747 748MAC_POLICY_SET(mac_bsdextended_ops, trustedbsd_mac_bsdextended, 749 "TrustedBSD MAC/BSD Extended", MPC_LOADTIME_FLAG_UNLOADOK, NULL); 750