1/*- 2 * Copyright (c) 1999-2002, 2007-2011 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2005-2006 SPARTA, Inc. 5 * Copyright (c) 2008 Apple Inc. 6 * All rights reserved. 7 * 8 * This software was developed by Robert Watson for the TrustedBSD Project. 9 * 10 * This software was developed for the FreeBSD Project in part by Network 11 * Associates Laboratories, the Security Research Division of Network 12 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 13 * as part of the DARPA CHATS research program. 14 * 15 * This software was enhanced by SPARTA ISSO under SPAWAR contract 16 * N66001-04-C-6019 ("SEFOS"). 17 * 18 * This software was developed at the University of Cambridge Computer 19 * Laboratory with support from a grant from Google, Inc. 20 * 21 * Redistribution and use in source and binary forms, with or without 22 * modification, are permitted provided that the following conditions 23 * are met: 24 * 1. Redistributions of source code must retain the above copyright 25 * notice, this list of conditions and the following disclaimer. 26 * 2. Redistributions in binary form must reproduce the above copyright 27 * notice, this list of conditions and the following disclaimer in the 28 * documentation and/or other materials provided with the distribution. 29 * 30 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 31 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 32 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 33 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 34 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 35 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 36 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 37 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 38 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 39 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 40 * SUCH DAMAGE. 41 */ 42/* 43 * Kernel interface for MAC policy modules. 44 */ 45#ifndef _SECURITY_MAC_MAC_POLICY_H_ 46#define _SECURITY_MAC_MAC_POLICY_H_ 47 48#ifndef _KERNEL 49#error "no user-serviceable parts inside" 50#endif 51 52/*- 53 * Pluggable access control policy definition structure. 54 * 55 * List of operations that are performed as part of the implementation of a 56 * MAC policy. Policy implementors declare operations with a mac_policy_ops 57 * structure, and using the MAC_POLICY_SET() macro. If an entry point is not 58 * declared, then then the policy will be ignored during evaluation of that 59 * event or check. 60 * 61 * Operations are sorted first by general class of operation, then 62 * alphabetically. 63 */ 64#include <sys/acl.h> /* XXX acl_type_t */ 65#include <sys/types.h> /* XXX accmode_t */ 66 67#include <ddb/ddb.h> /* XXX db_expr_t */ 68 69struct acl; 70struct auditinfo; 71struct auditinfo_addr; 72struct bpf_d; 73struct cdev; 74struct componentname; 75struct db_command; 76struct devfs_dirent; 77struct ifnet; 78struct image_params; 79struct inpcb; 80struct ip6q; 81struct ipq; 82struct kdb_dbbe; 83struct ksem; 84struct label; 85struct mac_policy_conf; 86struct mbuf; 87struct mount; 88struct msg; 89struct msqid_kernel; 90struct pipepair; 91struct proc; 92struct sbuf; 93struct semid_kernel; 94struct shmfd; 95struct shmid_kernel; 96struct sockaddr; 97struct socket; 98struct sysctl_oid; 99struct sysctl_req; 100struct thread; 101struct ucred; 102struct vattr; 103struct vnode; 104 105struct in_addr; 106struct in6_addr; 107 108/* 109 * Policy module operations. 110 */ 111typedef void (*mpo_destroy_t)(struct mac_policy_conf *mpc); 112typedef void (*mpo_init_t)(struct mac_policy_conf *mpc); 113 114/* 115 * General policy-directed security system call so that policies may 116 * implement new services without reserving explicit system call numbers. 117 */ 118typedef int (*mpo_syscall_t)(struct thread *td, int call, void *arg); 119 120/* 121 * Place-holder function pointers for ABI-compatibility purposes. 122 */ 123typedef void (*mpo_placeholder_t)(void); 124 125/* 126 * Operations sorted alphabetically by primary object type and then method. 127 */ 128typedef int (*mpo_bpfdesc_check_receive_t)(struct bpf_d *d, 129 struct label *dlabel, struct ifnet *ifp, 130 struct label *ifplabel); 131typedef void (*mpo_bpfdesc_create_t)(struct ucred *cred, 132 struct bpf_d *d, struct label *dlabel); 133typedef void (*mpo_bpfdesc_create_mbuf_t)(struct bpf_d *d, 134 struct label *dlabel, struct mbuf *m, 135 struct label *mlabel); 136typedef void (*mpo_bpfdesc_destroy_label_t)(struct label *label); 137typedef void (*mpo_bpfdesc_init_label_t)(struct label *label); 138 139typedef void (*mpo_cred_associate_nfsd_t)(struct ucred *cred); 140typedef int (*mpo_cred_check_relabel_t)(struct ucred *cred, 141 struct label *newlabel); 142typedef int (*mpo_cred_check_setaudit_t)(struct ucred *cred, 143 struct auditinfo *ai); 144typedef int (*mpo_cred_check_setaudit_addr_t)(struct ucred *cred, 145 struct auditinfo_addr *aia); 146typedef int (*mpo_cred_check_setauid_t)(struct ucred *cred, uid_t auid); 147typedef int (*mpo_cred_check_setegid_t)(struct ucred *cred, gid_t egid); 148typedef int (*mpo_cred_check_seteuid_t)(struct ucred *cred, uid_t euid); 149typedef int (*mpo_cred_check_setgid_t)(struct ucred *cred, gid_t gid); 150typedef int (*mpo_cred_check_setgroups_t)(struct ucred *cred, int ngroups, 151 gid_t *gidset); 152typedef int (*mpo_cred_check_setregid_t)(struct ucred *cred, gid_t rgid, 153 gid_t egid); 154typedef int (*mpo_cred_check_setresgid_t)(struct ucred *cred, gid_t rgid, 155 gid_t egid, gid_t sgid); 156typedef int (*mpo_cred_check_setresuid_t)(struct ucred *cred, uid_t ruid, 157 uid_t euid, uid_t suid); 158typedef int (*mpo_cred_check_setreuid_t)(struct ucred *cred, uid_t ruid, 159 uid_t euid); 160typedef int (*mpo_cred_check_setuid_t)(struct ucred *cred, uid_t uid); 161typedef int (*mpo_cred_check_visible_t)(struct ucred *cr1, 162 struct ucred *cr2); 163typedef void (*mpo_cred_copy_label_t)(struct label *src, 164 struct label *dest); 165typedef void (*mpo_cred_create_init_t)(struct ucred *cred); 166typedef void (*mpo_cred_create_swapper_t)(struct ucred *cred); 167typedef void (*mpo_cred_destroy_label_t)(struct label *label); 168typedef int (*mpo_cred_externalize_label_t)(struct label *label, 169 char *element_name, struct sbuf *sb, int *claimed); 170typedef void (*mpo_cred_init_label_t)(struct label *label); 171typedef int (*mpo_cred_internalize_label_t)(struct label *label, 172 char *element_name, char *element_data, int *claimed); 173typedef void (*mpo_cred_relabel_t)(struct ucred *cred, 174 struct label *newlabel); 175 176typedef int (*mpo_ddb_command_register_t)(struct db_command_table *table, 177 struct db_command *cmd); 178typedef int (*mpo_ddb_command_exec_t)(struct db_command *cmd, 179 db_expr_t addr, bool have_addr, db_expr_t count, 180 char *modif); 181 182typedef void (*mpo_devfs_create_device_t)(struct ucred *cred, 183 struct mount *mp, struct cdev *dev, 184 struct devfs_dirent *de, struct label *delabel); 185typedef void (*mpo_devfs_create_directory_t)(struct mount *mp, 186 char *dirname, int dirnamelen, struct devfs_dirent *de, 187 struct label *delabel); 188typedef void (*mpo_devfs_create_symlink_t)(struct ucred *cred, 189 struct mount *mp, struct devfs_dirent *dd, 190 struct label *ddlabel, struct devfs_dirent *de, 191 struct label *delabel); 192typedef void (*mpo_devfs_destroy_label_t)(struct label *label); 193typedef void (*mpo_devfs_init_label_t)(struct label *label); 194typedef void (*mpo_devfs_update_t)(struct mount *mp, 195 struct devfs_dirent *de, struct label *delabel, 196 struct vnode *vp, struct label *vplabel); 197typedef void (*mpo_devfs_vnode_associate_t)(struct mount *mp, 198 struct label *mplabel, struct devfs_dirent *de, 199 struct label *delabel, struct vnode *vp, 200 struct label *vplabel); 201 202typedef int (*mpo_ifnet_check_relabel_t)(struct ucred *cred, 203 struct ifnet *ifp, struct label *ifplabel, 204 struct label *newlabel); 205typedef int (*mpo_ifnet_check_transmit_t)(struct ifnet *ifp, 206 struct label *ifplabel, struct mbuf *m, 207 struct label *mlabel); 208typedef void (*mpo_ifnet_copy_label_t)(struct label *src, 209 struct label *dest); 210typedef void (*mpo_ifnet_create_t)(struct ifnet *ifp, 211 struct label *ifplabel); 212typedef void (*mpo_ifnet_create_mbuf_t)(struct ifnet *ifp, 213 struct label *ifplabel, struct mbuf *m, 214 struct label *mlabel); 215typedef void (*mpo_ifnet_destroy_label_t)(struct label *label); 216typedef int (*mpo_ifnet_externalize_label_t)(struct label *label, 217 char *element_name, struct sbuf *sb, int *claimed); 218typedef void (*mpo_ifnet_init_label_t)(struct label *label); 219typedef int (*mpo_ifnet_internalize_label_t)(struct label *label, 220 char *element_name, char *element_data, int *claimed); 221typedef void (*mpo_ifnet_relabel_t)(struct ucred *cred, struct ifnet *ifp, 222 struct label *ifplabel, struct label *newlabel); 223 224typedef int (*mpo_inpcb_check_deliver_t)(struct inpcb *inp, 225 struct label *inplabel, struct mbuf *m, 226 struct label *mlabel); 227typedef int (*mpo_inpcb_check_visible_t)(struct ucred *cred, 228 struct inpcb *inp, struct label *inplabel); 229typedef void (*mpo_inpcb_create_t)(struct socket *so, 230 struct label *solabel, struct inpcb *inp, 231 struct label *inplabel); 232typedef void (*mpo_inpcb_create_mbuf_t)(struct inpcb *inp, 233 struct label *inplabel, struct mbuf *m, 234 struct label *mlabel); 235typedef void (*mpo_inpcb_destroy_label_t)(struct label *label); 236typedef int (*mpo_inpcb_init_label_t)(struct label *label, int flag); 237typedef void (*mpo_inpcb_sosetlabel_t)(struct socket *so, 238 struct label *label, struct inpcb *inp, 239 struct label *inplabel); 240 241typedef void (*mpo_ip6q_create_t)(struct mbuf *m, struct label *mlabel, 242 struct ip6q *q6, struct label *q6label); 243typedef void (*mpo_ip6q_destroy_label_t)(struct label *label); 244typedef int (*mpo_ip6q_init_label_t)(struct label *label, int flag); 245typedef int (*mpo_ip6q_match_t)(struct mbuf *m, struct label *mlabel, 246 struct ip6q *q6, struct label *q6label); 247typedef void (*mpo_ip6q_reassemble)(struct ip6q *q6, struct label *q6label, 248 struct mbuf *m, struct label *mlabel); 249typedef void (*mpo_ip6q_update_t)(struct mbuf *m, struct label *mlabel, 250 struct ip6q *q6, struct label *q6label); 251 252/* Policy ops checking IPv4 and IPv6 address for ipacl. */ 253typedef int (*mpo_ip4_check_jail_t)(struct ucred *cred, 254 const struct in_addr *ia, struct ifnet *ifp); 255typedef int (*mpo_ip6_check_jail_t)(struct ucred *cred, 256 const struct in6_addr *ia6, struct ifnet *ifp); 257 258typedef void (*mpo_ipq_create_t)(struct mbuf *m, struct label *mlabel, 259 struct ipq *q, struct label *qlabel); 260typedef void (*mpo_ipq_destroy_label_t)(struct label *label); 261typedef int (*mpo_ipq_init_label_t)(struct label *label, int flag); 262typedef int (*mpo_ipq_match_t)(struct mbuf *m, struct label *mlabel, 263 struct ipq *q, struct label *qlabel); 264typedef void (*mpo_ipq_reassemble)(struct ipq *q, struct label *qlabel, 265 struct mbuf *m, struct label *mlabel); 266typedef void (*mpo_ipq_update_t)(struct mbuf *m, struct label *mlabel, 267 struct ipq *q, struct label *qlabel); 268 269typedef int (*mpo_kdb_check_backend_t)(struct kdb_dbbe *be); 270 271typedef int (*mpo_kenv_check_dump_t)(struct ucred *cred); 272typedef int (*mpo_kenv_check_get_t)(struct ucred *cred, char *name); 273typedef int (*mpo_kenv_check_set_t)(struct ucred *cred, char *name, 274 char *value); 275typedef int (*mpo_kenv_check_unset_t)(struct ucred *cred, char *name); 276 277typedef int (*mpo_kld_check_load_t)(struct ucred *cred, struct vnode *vp, 278 struct label *vplabel); 279typedef int (*mpo_kld_check_stat_t)(struct ucred *cred); 280 281typedef void (*mpo_mbuf_copy_label_t)(struct label *src, 282 struct label *dest); 283typedef void (*mpo_mbuf_destroy_label_t)(struct label *label); 284typedef int (*mpo_mbuf_init_label_t)(struct label *label, int flag); 285 286typedef int (*mpo_mount_check_stat_t)(struct ucred *cred, 287 struct mount *mp, struct label *mplabel); 288typedef void (*mpo_mount_create_t)(struct ucred *cred, struct mount *mp, 289 struct label *mplabel); 290typedef void (*mpo_mount_destroy_label_t)(struct label *label); 291typedef void (*mpo_mount_init_label_t)(struct label *label); 292 293typedef void (*mpo_netinet_arp_send_t)(struct ifnet *ifp, 294 struct label *ifplabel, struct mbuf *m, 295 struct label *mlabel); 296typedef void (*mpo_netinet_firewall_reply_t)(struct mbuf *mrecv, 297 struct label *mrecvlabel, struct mbuf *msend, 298 struct label *msendlabel); 299typedef void (*mpo_netinet_firewall_send_t)(struct mbuf *m, 300 struct label *mlabel); 301typedef void (*mpo_netinet_fragment_t)(struct mbuf *m, 302 struct label *mlabel, struct mbuf *frag, 303 struct label *fraglabel); 304typedef void (*mpo_netinet_icmp_reply_t)(struct mbuf *mrecv, 305 struct label *mrecvlabel, struct mbuf *msend, 306 struct label *msendlabel); 307typedef void (*mpo_netinet_icmp_replyinplace_t)(struct mbuf *m, 308 struct label *mlabel); 309typedef void (*mpo_netinet_igmp_send_t)(struct ifnet *ifp, 310 struct label *ifplabel, struct mbuf *m, 311 struct label *mlabel); 312typedef void (*mpo_netinet_tcp_reply_t)(struct mbuf *m, 313 struct label *mlabel); 314 315typedef void (*mpo_netinet6_nd6_send_t)(struct ifnet *ifp, 316 struct label *ifplabel, struct mbuf *m, 317 struct label *mlabel); 318 319typedef int (*mpo_pipe_check_ioctl_t)(struct ucred *cred, 320 struct pipepair *pp, struct label *pplabel, 321 unsigned long cmd, void *data); 322typedef int (*mpo_pipe_check_poll_t)(struct ucred *cred, 323 struct pipepair *pp, struct label *pplabel); 324typedef int (*mpo_pipe_check_read_t)(struct ucred *cred, 325 struct pipepair *pp, struct label *pplabel); 326typedef int (*mpo_pipe_check_relabel_t)(struct ucred *cred, 327 struct pipepair *pp, struct label *pplabel, 328 struct label *newlabel); 329typedef int (*mpo_pipe_check_stat_t)(struct ucred *cred, 330 struct pipepair *pp, struct label *pplabel); 331typedef int (*mpo_pipe_check_write_t)(struct ucred *cred, 332 struct pipepair *pp, struct label *pplabel); 333typedef void (*mpo_pipe_copy_label_t)(struct label *src, 334 struct label *dest); 335typedef void (*mpo_pipe_create_t)(struct ucred *cred, struct pipepair *pp, 336 struct label *pplabel); 337typedef void (*mpo_pipe_destroy_label_t)(struct label *label); 338typedef int (*mpo_pipe_externalize_label_t)(struct label *label, 339 char *element_name, struct sbuf *sb, int *claimed); 340typedef void (*mpo_pipe_init_label_t)(struct label *label); 341typedef int (*mpo_pipe_internalize_label_t)(struct label *label, 342 char *element_name, char *element_data, int *claimed); 343typedef void (*mpo_pipe_relabel_t)(struct ucred *cred, struct pipepair *pp, 344 struct label *oldlabel, struct label *newlabel); 345 346typedef int (*mpo_posixsem_check_getvalue_t)(struct ucred *active_cred, 347 struct ucred *file_cred, struct ksem *ks, 348 struct label *kslabel); 349typedef int (*mpo_posixsem_check_open_t)(struct ucred *cred, 350 struct ksem *ks, struct label *kslabel); 351typedef int (*mpo_posixsem_check_post_t)(struct ucred *active_cred, 352 struct ucred *file_cred, struct ksem *ks, 353 struct label *kslabel); 354typedef int (*mpo_posixsem_check_setmode_t)(struct ucred *cred, 355 struct ksem *ks, struct label *shmlabel, 356 mode_t mode); 357typedef int (*mpo_posixsem_check_setowner_t)(struct ucred *cred, 358 struct ksem *ks, struct label *shmlabel, 359 uid_t uid, gid_t gid); 360typedef int (*mpo_posixsem_check_stat_t)(struct ucred *active_cred, 361 struct ucred *file_cred, struct ksem *ks, 362 struct label *kslabel); 363typedef int (*mpo_posixsem_check_unlink_t)(struct ucred *cred, 364 struct ksem *ks, struct label *kslabel); 365typedef int (*mpo_posixsem_check_wait_t)(struct ucred *active_cred, 366 struct ucred *file_cred, struct ksem *ks, 367 struct label *kslabel); 368typedef void (*mpo_posixsem_create_t)(struct ucred *cred, 369 struct ksem *ks, struct label *kslabel); 370typedef void (*mpo_posixsem_destroy_label_t)(struct label *label); 371typedef void (*mpo_posixsem_init_label_t)(struct label *label); 372 373typedef int (*mpo_posixshm_check_create_t)(struct ucred *cred, 374 const char *path); 375typedef int (*mpo_posixshm_check_mmap_t)(struct ucred *cred, 376 struct shmfd *shmfd, struct label *shmlabel, int prot, 377 int flags); 378typedef int (*mpo_posixshm_check_open_t)(struct ucred *cred, 379 struct shmfd *shmfd, struct label *shmlabel, 380 accmode_t accmode); 381typedef int (*mpo_posixshm_check_read_t)(struct ucred *active_cred, 382 struct ucred *file_cred, struct shmfd *shmfd, 383 struct label *shmlabel); 384typedef int (*mpo_posixshm_check_setmode_t)(struct ucred *cred, 385 struct shmfd *shmfd, struct label *shmlabel, 386 mode_t mode); 387typedef int (*mpo_posixshm_check_setowner_t)(struct ucred *cred, 388 struct shmfd *shmfd, struct label *shmlabel, 389 uid_t uid, gid_t gid); 390typedef int (*mpo_posixshm_check_stat_t)(struct ucred *active_cred, 391 struct ucred *file_cred, struct shmfd *shmfd, 392 struct label *shmlabel); 393typedef int (*mpo_posixshm_check_truncate_t)(struct ucred *active_cred, 394 struct ucred *file_cred, struct shmfd *shmfd, 395 struct label *shmlabel); 396typedef int (*mpo_posixshm_check_unlink_t)(struct ucred *cred, 397 struct shmfd *shmfd, struct label *shmlabel); 398typedef int (*mpo_posixshm_check_write_t)(struct ucred *active_cred, 399 struct ucred *file_cred, struct shmfd *shmfd, 400 struct label *shmlabel); 401typedef void (*mpo_posixshm_create_t)(struct ucred *cred, 402 struct shmfd *shmfd, struct label *shmlabel); 403typedef void (*mpo_posixshm_destroy_label_t)(struct label *label); 404typedef void (*mpo_posixshm_init_label_t)(struct label *label); 405 406typedef int (*mpo_priv_check_t)(struct ucred *cred, int priv); 407typedef int (*mpo_priv_grant_t)(struct ucred *cred, int priv); 408 409typedef int (*mpo_proc_check_debug_t)(struct ucred *cred, 410 struct proc *p); 411typedef int (*mpo_proc_check_sched_t)(struct ucred *cred, 412 struct proc *p); 413typedef int (*mpo_proc_check_signal_t)(struct ucred *cred, 414 struct proc *proc, int signum); 415typedef int (*mpo_proc_check_wait_t)(struct ucred *cred, 416 struct proc *proc); 417typedef void (*mpo_proc_destroy_label_t)(struct label *label); 418typedef void (*mpo_proc_init_label_t)(struct label *label); 419 420typedef int (*mpo_socket_check_accept_t)(struct ucred *cred, 421 struct socket *so, struct label *solabel); 422typedef int (*mpo_socket_check_bind_t)(struct ucred *cred, 423 struct socket *so, struct label *solabel, 424 struct sockaddr *sa); 425typedef int (*mpo_socket_check_connect_t)(struct ucred *cred, 426 struct socket *so, struct label *solabel, 427 struct sockaddr *sa); 428typedef int (*mpo_socket_check_create_t)(struct ucred *cred, int domain, 429 int type, int protocol); 430typedef int (*mpo_socket_check_deliver_t)(struct socket *so, 431 struct label *solabel, struct mbuf *m, 432 struct label *mlabel); 433typedef int (*mpo_socket_check_listen_t)(struct ucred *cred, 434 struct socket *so, struct label *solabel); 435typedef int (*mpo_socket_check_poll_t)(struct ucred *cred, 436 struct socket *so, struct label *solabel); 437typedef int (*mpo_socket_check_receive_t)(struct ucred *cred, 438 struct socket *so, struct label *solabel); 439typedef int (*mpo_socket_check_relabel_t)(struct ucred *cred, 440 struct socket *so, struct label *solabel, 441 struct label *newlabel); 442typedef int (*mpo_socket_check_send_t)(struct ucred *cred, 443 struct socket *so, struct label *solabel); 444typedef int (*mpo_socket_check_stat_t)(struct ucred *cred, 445 struct socket *so, struct label *solabel); 446typedef int (*mpo_socket_check_visible_t)(struct ucred *cred, 447 struct socket *so, struct label *solabel); 448typedef void (*mpo_socket_copy_label_t)(struct label *src, 449 struct label *dest); 450typedef void (*mpo_socket_create_t)(struct ucred *cred, struct socket *so, 451 struct label *solabel); 452typedef void (*mpo_socket_create_mbuf_t)(struct socket *so, 453 struct label *solabel, struct mbuf *m, 454 struct label *mlabel); 455typedef void (*mpo_socket_destroy_label_t)(struct label *label); 456typedef int (*mpo_socket_externalize_label_t)(struct label *label, 457 char *element_name, struct sbuf *sb, int *claimed); 458typedef int (*mpo_socket_init_label_t)(struct label *label, int flag); 459typedef int (*mpo_socket_internalize_label_t)(struct label *label, 460 char *element_name, char *element_data, int *claimed); 461typedef void (*mpo_socket_newconn_t)(struct socket *oldso, 462 struct label *oldsolabel, struct socket *newso, 463 struct label *newsolabel); 464typedef void (*mpo_socket_relabel_t)(struct ucred *cred, struct socket *so, 465 struct label *oldlabel, struct label *newlabel); 466 467typedef void (*mpo_socketpeer_destroy_label_t)(struct label *label); 468typedef int (*mpo_socketpeer_externalize_label_t)(struct label *label, 469 char *element_name, struct sbuf *sb, int *claimed); 470typedef int (*mpo_socketpeer_init_label_t)(struct label *label, 471 int flag); 472typedef void (*mpo_socketpeer_set_from_mbuf_t)(struct mbuf *m, 473 struct label *mlabel, struct socket *so, 474 struct label *sopeerlabel); 475typedef void (*mpo_socketpeer_set_from_socket_t)(struct socket *oldso, 476 struct label *oldsolabel, struct socket *newso, 477 struct label *newsopeerlabel); 478 479typedef void (*mpo_syncache_create_t)(struct label *label, 480 struct inpcb *inp); 481typedef void (*mpo_syncache_create_mbuf_t)(struct label *sc_label, 482 struct mbuf *m, struct label *mlabel); 483typedef void (*mpo_syncache_destroy_label_t)(struct label *label); 484typedef int (*mpo_syncache_init_label_t)(struct label *label, int flag); 485 486typedef int (*mpo_system_check_acct_t)(struct ucred *cred, 487 struct vnode *vp, struct label *vplabel); 488typedef int (*mpo_system_check_audit_t)(struct ucred *cred, void *record, 489 int length); 490typedef int (*mpo_system_check_auditctl_t)(struct ucred *cred, 491 struct vnode *vp, struct label *vplabel); 492typedef int (*mpo_system_check_auditon_t)(struct ucred *cred, int cmd); 493typedef int (*mpo_system_check_reboot_t)(struct ucred *cred, int howto); 494typedef int (*mpo_system_check_swapon_t)(struct ucred *cred, 495 struct vnode *vp, struct label *vplabel); 496typedef int (*mpo_system_check_swapoff_t)(struct ucred *cred, 497 struct vnode *vp, struct label *vplabel); 498typedef int (*mpo_system_check_sysctl_t)(struct ucred *cred, 499 struct sysctl_oid *oidp, void *arg1, int arg2, 500 struct sysctl_req *req); 501 502typedef void (*mpo_sysvmsg_cleanup_t)(struct label *msglabel); 503typedef void (*mpo_sysvmsg_create_t)(struct ucred *cred, 504 struct msqid_kernel *msqkptr, struct label *msqlabel, 505 struct msg *msgptr, struct label *msglabel); 506typedef void (*mpo_sysvmsg_destroy_label_t)(struct label *label); 507typedef void (*mpo_sysvmsg_init_label_t)(struct label *label); 508 509typedef int (*mpo_sysvmsq_check_msgmsq_t)(struct ucred *cred, 510 struct msg *msgptr, struct label *msglabel, 511 struct msqid_kernel *msqkptr, struct label *msqklabel); 512typedef int (*mpo_sysvmsq_check_msgrcv_t)(struct ucred *cred, 513 struct msg *msgptr, struct label *msglabel); 514typedef int (*mpo_sysvmsq_check_msgrmid_t)(struct ucred *cred, 515 struct msg *msgptr, struct label *msglabel); 516typedef int (*mpo_sysvmsq_check_msqget_t)(struct ucred *cred, 517 struct msqid_kernel *msqkptr, struct label *msqklabel); 518typedef int (*mpo_sysvmsq_check_msqctl_t)(struct ucred *cred, 519 struct msqid_kernel *msqkptr, struct label *msqklabel, 520 int cmd); 521typedef int (*mpo_sysvmsq_check_msqrcv_t)(struct ucred *cred, 522 struct msqid_kernel *msqkptr, struct label *msqklabel); 523typedef int (*mpo_sysvmsq_check_msqsnd_t)(struct ucred *cred, 524 struct msqid_kernel *msqkptr, struct label *msqklabel); 525typedef void (*mpo_sysvmsq_cleanup_t)(struct label *msqlabel); 526typedef void (*mpo_sysvmsq_create_t)(struct ucred *cred, 527 struct msqid_kernel *msqkptr, struct label *msqlabel); 528typedef void (*mpo_sysvmsq_destroy_label_t)(struct label *label); 529typedef void (*mpo_sysvmsq_init_label_t)(struct label *label); 530 531typedef int (*mpo_sysvsem_check_semctl_t)(struct ucred *cred, 532 struct semid_kernel *semakptr, struct label *semaklabel, 533 int cmd); 534typedef int (*mpo_sysvsem_check_semget_t)(struct ucred *cred, 535 struct semid_kernel *semakptr, struct label *semaklabel); 536typedef int (*mpo_sysvsem_check_semop_t)(struct ucred *cred, 537 struct semid_kernel *semakptr, struct label *semaklabel, 538 size_t accesstype); 539typedef void (*mpo_sysvsem_cleanup_t)(struct label *semalabel); 540typedef void (*mpo_sysvsem_create_t)(struct ucred *cred, 541 struct semid_kernel *semakptr, struct label *semalabel); 542typedef void (*mpo_sysvsem_destroy_label_t)(struct label *label); 543typedef void (*mpo_sysvsem_init_label_t)(struct label *label); 544 545typedef int (*mpo_sysvshm_check_shmat_t)(struct ucred *cred, 546 struct shmid_kernel *shmsegptr, 547 struct label *shmseglabel, int shmflg); 548typedef int (*mpo_sysvshm_check_shmctl_t)(struct ucred *cred, 549 struct shmid_kernel *shmsegptr, 550 struct label *shmseglabel, int cmd); 551typedef int (*mpo_sysvshm_check_shmdt_t)(struct ucred *cred, 552 struct shmid_kernel *shmsegptr, 553 struct label *shmseglabel); 554typedef int (*mpo_sysvshm_check_shmget_t)(struct ucred *cred, 555 struct shmid_kernel *shmsegptr, 556 struct label *shmseglabel, int shmflg); 557typedef void (*mpo_sysvshm_cleanup_t)(struct label *shmlabel); 558typedef void (*mpo_sysvshm_create_t)(struct ucred *cred, 559 struct shmid_kernel *shmsegptr, struct label *shmlabel); 560typedef void (*mpo_sysvshm_destroy_label_t)(struct label *label); 561typedef void (*mpo_sysvshm_init_label_t)(struct label *label); 562 563typedef void (*mpo_thread_userret_t)(struct thread *thread); 564 565typedef int (*mpo_vnode_associate_extattr_t)(struct mount *mp, 566 struct label *mplabel, struct vnode *vp, 567 struct label *vplabel); 568typedef void (*mpo_vnode_associate_singlelabel_t)(struct mount *mp, 569 struct label *mplabel, struct vnode *vp, 570 struct label *vplabel); 571typedef int (*mpo_vnode_check_access_t)(struct ucred *cred, 572 struct vnode *vp, struct label *vplabel, 573 accmode_t accmode); 574typedef int (*mpo_vnode_check_chdir_t)(struct ucred *cred, 575 struct vnode *dvp, struct label *dvplabel); 576typedef int (*mpo_vnode_check_chroot_t)(struct ucred *cred, 577 struct vnode *dvp, struct label *dvplabel); 578typedef int (*mpo_vnode_check_create_t)(struct ucred *cred, 579 struct vnode *dvp, struct label *dvplabel, 580 struct componentname *cnp, struct vattr *vap); 581typedef int (*mpo_vnode_check_deleteacl_t)(struct ucred *cred, 582 struct vnode *vp, struct label *vplabel, 583 acl_type_t type); 584typedef int (*mpo_vnode_check_deleteextattr_t)(struct ucred *cred, 585 struct vnode *vp, struct label *vplabel, 586 int attrnamespace, const char *name); 587typedef int (*mpo_vnode_check_exec_t)(struct ucred *cred, 588 struct vnode *vp, struct label *vplabel, 589 struct image_params *imgp, struct label *execlabel); 590typedef int (*mpo_vnode_check_getacl_t)(struct ucred *cred, 591 struct vnode *vp, struct label *vplabel, 592 acl_type_t type); 593typedef int (*mpo_vnode_check_getextattr_t)(struct ucred *cred, 594 struct vnode *vp, struct label *vplabel, 595 int attrnamespace, const char *name); 596typedef int (*mpo_vnode_check_link_t)(struct ucred *cred, 597 struct vnode *dvp, struct label *dvplabel, 598 struct vnode *vp, struct label *vplabel, 599 struct componentname *cnp); 600typedef int (*mpo_vnode_check_listextattr_t)(struct ucred *cred, 601 struct vnode *vp, struct label *vplabel, 602 int attrnamespace); 603typedef int (*mpo_vnode_check_lookup_t)(struct ucred *cred, 604 struct vnode *dvp, struct label *dvplabel, 605 struct componentname *cnp); 606typedef int (*mpo_vnode_check_mmap_t)(struct ucred *cred, 607 struct vnode *vp, struct label *label, int prot, 608 int flags); 609typedef void (*mpo_vnode_check_mmap_downgrade_t)(struct ucred *cred, 610 struct vnode *vp, struct label *vplabel, int *prot); 611typedef int (*mpo_vnode_check_mprotect_t)(struct ucred *cred, 612 struct vnode *vp, struct label *vplabel, int prot); 613typedef int (*mpo_vnode_check_open_t)(struct ucred *cred, 614 struct vnode *vp, struct label *vplabel, 615 accmode_t accmode); 616typedef int (*mpo_vnode_check_poll_t)(struct ucred *active_cred, 617 struct ucred *file_cred, struct vnode *vp, 618 struct label *vplabel); 619typedef int (*mpo_vnode_check_read_t)(struct ucred *active_cred, 620 struct ucred *file_cred, struct vnode *vp, 621 struct label *vplabel); 622typedef int (*mpo_vnode_check_readdir_t)(struct ucred *cred, 623 struct vnode *dvp, struct label *dvplabel); 624typedef int (*mpo_vnode_check_readlink_t)(struct ucred *cred, 625 struct vnode *vp, struct label *vplabel); 626typedef int (*mpo_vnode_check_relabel_t)(struct ucred *cred, 627 struct vnode *vp, struct label *vplabel, 628 struct label *newlabel); 629typedef int (*mpo_vnode_check_rename_from_t)(struct ucred *cred, 630 struct vnode *dvp, struct label *dvplabel, 631 struct vnode *vp, struct label *vplabel, 632 struct componentname *cnp); 633typedef int (*mpo_vnode_check_rename_to_t)(struct ucred *cred, 634 struct vnode *dvp, struct label *dvplabel, 635 struct vnode *vp, struct label *vplabel, int samedir, 636 struct componentname *cnp); 637typedef int (*mpo_vnode_check_revoke_t)(struct ucred *cred, 638 struct vnode *vp, struct label *vplabel); 639typedef int (*mpo_vnode_check_setacl_t)(struct ucred *cred, 640 struct vnode *vp, struct label *vplabel, acl_type_t type, 641 struct acl *acl); 642typedef int (*mpo_vnode_check_setextattr_t)(struct ucred *cred, 643 struct vnode *vp, struct label *vplabel, 644 int attrnamespace, const char *name); 645typedef int (*mpo_vnode_check_setflags_t)(struct ucred *cred, 646 struct vnode *vp, struct label *vplabel, u_long flags); 647typedef int (*mpo_vnode_check_setmode_t)(struct ucred *cred, 648 struct vnode *vp, struct label *vplabel, mode_t mode); 649typedef int (*mpo_vnode_check_setowner_t)(struct ucred *cred, 650 struct vnode *vp, struct label *vplabel, uid_t uid, 651 gid_t gid); 652typedef int (*mpo_vnode_check_setutimes_t)(struct ucred *cred, 653 struct vnode *vp, struct label *vplabel, 654 struct timespec atime, struct timespec mtime); 655typedef int (*mpo_vnode_check_stat_t)(struct ucred *active_cred, 656 struct ucred *file_cred, struct vnode *vp, 657 struct label *vplabel); 658typedef int (*mpo_vnode_check_unlink_t)(struct ucred *cred, 659 struct vnode *dvp, struct label *dvplabel, 660 struct vnode *vp, struct label *vplabel, 661 struct componentname *cnp); 662typedef int (*mpo_vnode_check_write_t)(struct ucred *active_cred, 663 struct ucred *file_cred, struct vnode *vp, 664 struct label *vplabel); 665typedef void (*mpo_vnode_copy_label_t)(struct label *src, 666 struct label *dest); 667typedef int (*mpo_vnode_create_extattr_t)(struct ucred *cred, 668 struct mount *mp, struct label *mplabel, 669 struct vnode *dvp, struct label *dvplabel, 670 struct vnode *vp, struct label *vplabel, 671 struct componentname *cnp); 672typedef void (*mpo_vnode_destroy_label_t)(struct label *label); 673typedef void (*mpo_vnode_execve_transition_t)(struct ucred *old, 674 struct ucred *new, struct vnode *vp, 675 struct label *vplabel, struct label *interpvplabel, 676 struct image_params *imgp, struct label *execlabel); 677typedef int (*mpo_vnode_execve_will_transition_t)(struct ucred *old, 678 struct vnode *vp, struct label *vplabel, 679 struct label *interpvplabel, struct image_params *imgp, 680 struct label *execlabel); 681typedef int (*mpo_vnode_externalize_label_t)(struct label *label, 682 char *element_name, struct sbuf *sb, int *claimed); 683typedef void (*mpo_vnode_init_label_t)(struct label *label); 684typedef int (*mpo_vnode_internalize_label_t)(struct label *label, 685 char *element_name, char *element_data, int *claimed); 686typedef void (*mpo_vnode_relabel_t)(struct ucred *cred, struct vnode *vp, 687 struct label *vplabel, struct label *label); 688typedef int (*mpo_vnode_setlabel_extattr_t)(struct ucred *cred, 689 struct vnode *vp, struct label *vplabel, 690 struct label *intlabel); 691 692struct mac_policy_ops { 693 /* 694 * Policy module operations. 695 */ 696 mpo_destroy_t mpo_destroy; 697 mpo_init_t mpo_init; 698 699 /* 700 * General policy-directed security system call so that policies may 701 * implement new services without reserving explicit system call 702 * numbers. 703 */ 704 mpo_syscall_t mpo_syscall; 705 706 /* 707 * Label operations. Initialize label storage, destroy label 708 * storage, recycle for re-use without init/destroy, copy a label to 709 * initialized storage, and externalize/internalize from/to 710 * initialized storage. 711 */ 712 mpo_bpfdesc_check_receive_t mpo_bpfdesc_check_receive; 713 mpo_bpfdesc_create_t mpo_bpfdesc_create; 714 mpo_bpfdesc_create_mbuf_t mpo_bpfdesc_create_mbuf; 715 mpo_bpfdesc_destroy_label_t mpo_bpfdesc_destroy_label; 716 mpo_bpfdesc_init_label_t mpo_bpfdesc_init_label; 717 718 mpo_cred_associate_nfsd_t mpo_cred_associate_nfsd; 719 mpo_cred_check_relabel_t mpo_cred_check_relabel; 720 mpo_cred_check_setaudit_t mpo_cred_check_setaudit; 721 mpo_cred_check_setaudit_addr_t mpo_cred_check_setaudit_addr; 722 mpo_cred_check_setauid_t mpo_cred_check_setauid; 723 mpo_cred_check_setuid_t mpo_cred_check_setuid; 724 mpo_cred_check_seteuid_t mpo_cred_check_seteuid; 725 mpo_cred_check_setgid_t mpo_cred_check_setgid; 726 mpo_cred_check_setegid_t mpo_cred_check_setegid; 727 mpo_cred_check_setgroups_t mpo_cred_check_setgroups; 728 mpo_cred_check_setreuid_t mpo_cred_check_setreuid; 729 mpo_cred_check_setregid_t mpo_cred_check_setregid; 730 mpo_cred_check_setresuid_t mpo_cred_check_setresuid; 731 mpo_cred_check_setresgid_t mpo_cred_check_setresgid; 732 mpo_cred_check_visible_t mpo_cred_check_visible; 733 mpo_cred_copy_label_t mpo_cred_copy_label; 734 mpo_cred_create_swapper_t mpo_cred_create_swapper; 735 mpo_cred_create_init_t mpo_cred_create_init; 736 mpo_cred_destroy_label_t mpo_cred_destroy_label; 737 mpo_cred_externalize_label_t mpo_cred_externalize_label; 738 mpo_cred_init_label_t mpo_cred_init_label; 739 mpo_cred_internalize_label_t mpo_cred_internalize_label; 740 mpo_cred_relabel_t mpo_cred_relabel; 741 742 mpo_ddb_command_register_t mpo_ddb_command_register; 743 mpo_ddb_command_exec_t mpo_ddb_command_exec; 744 745 mpo_devfs_create_device_t mpo_devfs_create_device; 746 mpo_devfs_create_directory_t mpo_devfs_create_directory; 747 mpo_devfs_create_symlink_t mpo_devfs_create_symlink; 748 mpo_devfs_destroy_label_t mpo_devfs_destroy_label; 749 mpo_devfs_init_label_t mpo_devfs_init_label; 750 mpo_devfs_update_t mpo_devfs_update; 751 mpo_devfs_vnode_associate_t mpo_devfs_vnode_associate; 752 753 mpo_ifnet_check_relabel_t mpo_ifnet_check_relabel; 754 mpo_ifnet_check_transmit_t mpo_ifnet_check_transmit; 755 mpo_ifnet_copy_label_t mpo_ifnet_copy_label; 756 mpo_ifnet_create_t mpo_ifnet_create; 757 mpo_ifnet_create_mbuf_t mpo_ifnet_create_mbuf; 758 mpo_ifnet_destroy_label_t mpo_ifnet_destroy_label; 759 mpo_ifnet_externalize_label_t mpo_ifnet_externalize_label; 760 mpo_ifnet_init_label_t mpo_ifnet_init_label; 761 mpo_ifnet_internalize_label_t mpo_ifnet_internalize_label; 762 mpo_ifnet_relabel_t mpo_ifnet_relabel; 763 764 mpo_inpcb_check_deliver_t mpo_inpcb_check_deliver; 765 mpo_inpcb_check_visible_t mpo_inpcb_check_visible; 766 mpo_inpcb_create_t mpo_inpcb_create; 767 mpo_inpcb_create_mbuf_t mpo_inpcb_create_mbuf; 768 mpo_inpcb_destroy_label_t mpo_inpcb_destroy_label; 769 mpo_inpcb_init_label_t mpo_inpcb_init_label; 770 mpo_inpcb_sosetlabel_t mpo_inpcb_sosetlabel; 771 772 mpo_ip4_check_jail_t mpo_ip4_check_jail; 773 mpo_ip6_check_jail_t mpo_ip6_check_jail; 774 775 mpo_ip6q_create_t mpo_ip6q_create; 776 mpo_ip6q_destroy_label_t mpo_ip6q_destroy_label; 777 mpo_ip6q_init_label_t mpo_ip6q_init_label; 778 mpo_ip6q_match_t mpo_ip6q_match; 779 mpo_ip6q_reassemble mpo_ip6q_reassemble; 780 mpo_ip6q_update_t mpo_ip6q_update; 781 782 mpo_ipq_create_t mpo_ipq_create; 783 mpo_ipq_destroy_label_t mpo_ipq_destroy_label; 784 mpo_ipq_init_label_t mpo_ipq_init_label; 785 mpo_ipq_match_t mpo_ipq_match; 786 mpo_ipq_reassemble mpo_ipq_reassemble; 787 mpo_ipq_update_t mpo_ipq_update; 788 789 mpo_kdb_check_backend_t mpo_kdb_check_backend; 790 791 mpo_kenv_check_dump_t mpo_kenv_check_dump; 792 mpo_kenv_check_get_t mpo_kenv_check_get; 793 mpo_kenv_check_set_t mpo_kenv_check_set; 794 mpo_kenv_check_unset_t mpo_kenv_check_unset; 795 796 mpo_kld_check_load_t mpo_kld_check_load; 797 mpo_kld_check_stat_t mpo_kld_check_stat; 798 799 mpo_mbuf_copy_label_t mpo_mbuf_copy_label; 800 mpo_mbuf_destroy_label_t mpo_mbuf_destroy_label; 801 mpo_mbuf_init_label_t mpo_mbuf_init_label; 802 803 mpo_mount_check_stat_t mpo_mount_check_stat; 804 mpo_mount_create_t mpo_mount_create; 805 mpo_mount_destroy_label_t mpo_mount_destroy_label; 806 mpo_mount_init_label_t mpo_mount_init_label; 807 808 mpo_netinet_arp_send_t mpo_netinet_arp_send; 809 mpo_netinet_firewall_reply_t mpo_netinet_firewall_reply; 810 mpo_netinet_firewall_send_t mpo_netinet_firewall_send; 811 mpo_netinet_fragment_t mpo_netinet_fragment; 812 mpo_netinet_icmp_reply_t mpo_netinet_icmp_reply; 813 mpo_netinet_icmp_replyinplace_t mpo_netinet_icmp_replyinplace; 814 mpo_netinet_igmp_send_t mpo_netinet_igmp_send; 815 mpo_netinet_tcp_reply_t mpo_netinet_tcp_reply; 816 817 mpo_netinet6_nd6_send_t mpo_netinet6_nd6_send; 818 819 mpo_pipe_check_ioctl_t mpo_pipe_check_ioctl; 820 mpo_pipe_check_poll_t mpo_pipe_check_poll; 821 mpo_pipe_check_read_t mpo_pipe_check_read; 822 mpo_pipe_check_relabel_t mpo_pipe_check_relabel; 823 mpo_pipe_check_stat_t mpo_pipe_check_stat; 824 mpo_pipe_check_write_t mpo_pipe_check_write; 825 mpo_pipe_copy_label_t mpo_pipe_copy_label; 826 mpo_pipe_create_t mpo_pipe_create; 827 mpo_pipe_destroy_label_t mpo_pipe_destroy_label; 828 mpo_pipe_externalize_label_t mpo_pipe_externalize_label; 829 mpo_pipe_init_label_t mpo_pipe_init_label; 830 mpo_pipe_internalize_label_t mpo_pipe_internalize_label; 831 mpo_pipe_relabel_t mpo_pipe_relabel; 832 833 mpo_posixsem_check_getvalue_t mpo_posixsem_check_getvalue; 834 mpo_posixsem_check_open_t mpo_posixsem_check_open; 835 mpo_posixsem_check_post_t mpo_posixsem_check_post; 836 mpo_posixsem_check_setmode_t mpo_posixsem_check_setmode; 837 mpo_posixsem_check_setowner_t mpo_posixsem_check_setowner; 838 mpo_posixsem_check_stat_t mpo_posixsem_check_stat; 839 mpo_posixsem_check_unlink_t mpo_posixsem_check_unlink; 840 mpo_posixsem_check_wait_t mpo_posixsem_check_wait; 841 mpo_posixsem_create_t mpo_posixsem_create; 842 mpo_posixsem_destroy_label_t mpo_posixsem_destroy_label; 843 mpo_posixsem_init_label_t mpo_posixsem_init_label; 844 845 mpo_posixshm_check_create_t mpo_posixshm_check_create; 846 mpo_posixshm_check_mmap_t mpo_posixshm_check_mmap; 847 mpo_posixshm_check_open_t mpo_posixshm_check_open; 848 mpo_posixshm_check_read_t mpo_posixshm_check_read; 849 mpo_posixshm_check_setmode_t mpo_posixshm_check_setmode; 850 mpo_posixshm_check_setowner_t mpo_posixshm_check_setowner; 851 mpo_posixshm_check_stat_t mpo_posixshm_check_stat; 852 mpo_posixshm_check_truncate_t mpo_posixshm_check_truncate; 853 mpo_posixshm_check_unlink_t mpo_posixshm_check_unlink; 854 mpo_posixshm_check_write_t mpo_posixshm_check_write; 855 mpo_posixshm_create_t mpo_posixshm_create; 856 mpo_posixshm_destroy_label_t mpo_posixshm_destroy_label; 857 mpo_posixshm_init_label_t mpo_posixshm_init_label; 858 859 mpo_priv_check_t mpo_priv_check; 860 mpo_priv_grant_t mpo_priv_grant; 861 862 mpo_proc_check_debug_t mpo_proc_check_debug; 863 mpo_proc_check_sched_t mpo_proc_check_sched; 864 mpo_proc_check_signal_t mpo_proc_check_signal; 865 mpo_proc_check_wait_t mpo_proc_check_wait; 866 mpo_proc_destroy_label_t mpo_proc_destroy_label; 867 mpo_proc_init_label_t mpo_proc_init_label; 868 869 mpo_socket_check_accept_t mpo_socket_check_accept; 870 mpo_socket_check_bind_t mpo_socket_check_bind; 871 mpo_socket_check_connect_t mpo_socket_check_connect; 872 mpo_socket_check_create_t mpo_socket_check_create; 873 mpo_socket_check_deliver_t mpo_socket_check_deliver; 874 mpo_socket_check_listen_t mpo_socket_check_listen; 875 mpo_socket_check_poll_t mpo_socket_check_poll; 876 mpo_socket_check_receive_t mpo_socket_check_receive; 877 mpo_socket_check_relabel_t mpo_socket_check_relabel; 878 mpo_socket_check_send_t mpo_socket_check_send; 879 mpo_socket_check_stat_t mpo_socket_check_stat; 880 mpo_socket_check_visible_t mpo_socket_check_visible; 881 mpo_socket_copy_label_t mpo_socket_copy_label; 882 mpo_socket_create_t mpo_socket_create; 883 mpo_socket_create_mbuf_t mpo_socket_create_mbuf; 884 mpo_socket_destroy_label_t mpo_socket_destroy_label; 885 mpo_socket_externalize_label_t mpo_socket_externalize_label; 886 mpo_socket_init_label_t mpo_socket_init_label; 887 mpo_socket_internalize_label_t mpo_socket_internalize_label; 888 mpo_socket_newconn_t mpo_socket_newconn; 889 mpo_socket_relabel_t mpo_socket_relabel; 890 891 mpo_socketpeer_destroy_label_t mpo_socketpeer_destroy_label; 892 mpo_socketpeer_externalize_label_t mpo_socketpeer_externalize_label; 893 mpo_socketpeer_init_label_t mpo_socketpeer_init_label; 894 mpo_socketpeer_set_from_mbuf_t mpo_socketpeer_set_from_mbuf; 895 mpo_socketpeer_set_from_socket_t mpo_socketpeer_set_from_socket; 896 897 mpo_syncache_init_label_t mpo_syncache_init_label; 898 mpo_syncache_destroy_label_t mpo_syncache_destroy_label; 899 mpo_syncache_create_t mpo_syncache_create; 900 mpo_syncache_create_mbuf_t mpo_syncache_create_mbuf; 901 902 mpo_system_check_acct_t mpo_system_check_acct; 903 mpo_system_check_audit_t mpo_system_check_audit; 904 mpo_system_check_auditctl_t mpo_system_check_auditctl; 905 mpo_system_check_auditon_t mpo_system_check_auditon; 906 mpo_system_check_reboot_t mpo_system_check_reboot; 907 mpo_system_check_swapon_t mpo_system_check_swapon; 908 mpo_system_check_swapoff_t mpo_system_check_swapoff; 909 mpo_system_check_sysctl_t mpo_system_check_sysctl; 910 911 mpo_sysvmsg_cleanup_t mpo_sysvmsg_cleanup; 912 mpo_sysvmsg_create_t mpo_sysvmsg_create; 913 mpo_sysvmsg_destroy_label_t mpo_sysvmsg_destroy_label; 914 mpo_sysvmsg_init_label_t mpo_sysvmsg_init_label; 915 916 mpo_sysvmsq_check_msgmsq_t mpo_sysvmsq_check_msgmsq; 917 mpo_sysvmsq_check_msgrcv_t mpo_sysvmsq_check_msgrcv; 918 mpo_sysvmsq_check_msgrmid_t mpo_sysvmsq_check_msgrmid; 919 mpo_sysvmsq_check_msqctl_t mpo_sysvmsq_check_msqctl; 920 mpo_sysvmsq_check_msqget_t mpo_sysvmsq_check_msqget; 921 mpo_sysvmsq_check_msqrcv_t mpo_sysvmsq_check_msqrcv; 922 mpo_sysvmsq_check_msqsnd_t mpo_sysvmsq_check_msqsnd; 923 mpo_sysvmsq_cleanup_t mpo_sysvmsq_cleanup; 924 mpo_sysvmsq_create_t mpo_sysvmsq_create; 925 mpo_sysvmsq_destroy_label_t mpo_sysvmsq_destroy_label; 926 mpo_sysvmsq_init_label_t mpo_sysvmsq_init_label; 927 928 mpo_sysvsem_check_semctl_t mpo_sysvsem_check_semctl; 929 mpo_sysvsem_check_semget_t mpo_sysvsem_check_semget; 930 mpo_sysvsem_check_semop_t mpo_sysvsem_check_semop; 931 mpo_sysvsem_cleanup_t mpo_sysvsem_cleanup; 932 mpo_sysvsem_create_t mpo_sysvsem_create; 933 mpo_sysvsem_destroy_label_t mpo_sysvsem_destroy_label; 934 mpo_sysvsem_init_label_t mpo_sysvsem_init_label; 935 936 mpo_sysvshm_check_shmat_t mpo_sysvshm_check_shmat; 937 mpo_sysvshm_check_shmctl_t mpo_sysvshm_check_shmctl; 938 mpo_sysvshm_check_shmdt_t mpo_sysvshm_check_shmdt; 939 mpo_sysvshm_check_shmget_t mpo_sysvshm_check_shmget; 940 mpo_sysvshm_cleanup_t mpo_sysvshm_cleanup; 941 mpo_sysvshm_create_t mpo_sysvshm_create; 942 mpo_sysvshm_destroy_label_t mpo_sysvshm_destroy_label; 943 mpo_sysvshm_init_label_t mpo_sysvshm_init_label; 944 945 mpo_thread_userret_t mpo_thread_userret; 946 947 mpo_vnode_check_access_t mpo_vnode_check_access; 948 mpo_vnode_check_chdir_t mpo_vnode_check_chdir; 949 mpo_vnode_check_chroot_t mpo_vnode_check_chroot; 950 mpo_vnode_check_create_t mpo_vnode_check_create; 951 mpo_vnode_check_deleteacl_t mpo_vnode_check_deleteacl; 952 mpo_vnode_check_deleteextattr_t mpo_vnode_check_deleteextattr; 953 mpo_vnode_check_exec_t mpo_vnode_check_exec; 954 mpo_vnode_check_getacl_t mpo_vnode_check_getacl; 955 mpo_vnode_check_getextattr_t mpo_vnode_check_getextattr; 956 mpo_vnode_check_link_t mpo_vnode_check_link; 957 mpo_vnode_check_listextattr_t mpo_vnode_check_listextattr; 958 mpo_vnode_check_lookup_t mpo_vnode_check_lookup; 959 mpo_vnode_check_mmap_t mpo_vnode_check_mmap; 960 mpo_vnode_check_mmap_downgrade_t mpo_vnode_check_mmap_downgrade; 961 mpo_vnode_check_mprotect_t mpo_vnode_check_mprotect; 962 mpo_vnode_check_open_t mpo_vnode_check_open; 963 mpo_vnode_check_poll_t mpo_vnode_check_poll; 964 mpo_vnode_check_read_t mpo_vnode_check_read; 965 mpo_vnode_check_readdir_t mpo_vnode_check_readdir; 966 mpo_vnode_check_readlink_t mpo_vnode_check_readlink; 967 mpo_vnode_check_relabel_t mpo_vnode_check_relabel; 968 mpo_vnode_check_rename_from_t mpo_vnode_check_rename_from; 969 mpo_vnode_check_rename_to_t mpo_vnode_check_rename_to; 970 mpo_vnode_check_revoke_t mpo_vnode_check_revoke; 971 mpo_vnode_check_setacl_t mpo_vnode_check_setacl; 972 mpo_vnode_check_setextattr_t mpo_vnode_check_setextattr; 973 mpo_vnode_check_setflags_t mpo_vnode_check_setflags; 974 mpo_vnode_check_setmode_t mpo_vnode_check_setmode; 975 mpo_vnode_check_setowner_t mpo_vnode_check_setowner; 976 mpo_vnode_check_setutimes_t mpo_vnode_check_setutimes; 977 mpo_vnode_check_stat_t mpo_vnode_check_stat; 978 mpo_vnode_check_unlink_t mpo_vnode_check_unlink; 979 mpo_vnode_check_write_t mpo_vnode_check_write; 980 mpo_vnode_associate_extattr_t mpo_vnode_associate_extattr; 981 mpo_vnode_associate_singlelabel_t mpo_vnode_associate_singlelabel; 982 mpo_vnode_destroy_label_t mpo_vnode_destroy_label; 983 mpo_vnode_copy_label_t mpo_vnode_copy_label; 984 mpo_vnode_create_extattr_t mpo_vnode_create_extattr; 985 mpo_vnode_execve_transition_t mpo_vnode_execve_transition; 986 mpo_vnode_execve_will_transition_t mpo_vnode_execve_will_transition; 987 mpo_vnode_externalize_label_t mpo_vnode_externalize_label; 988 mpo_vnode_init_label_t mpo_vnode_init_label; 989 mpo_vnode_internalize_label_t mpo_vnode_internalize_label; 990 mpo_vnode_relabel_t mpo_vnode_relabel; 991 mpo_vnode_setlabel_extattr_t mpo_vnode_setlabel_extattr; 992}; 993 994/* 995 * struct mac_policy_conf is the registration structure for policies, and is 996 * provided to the MAC Framework using MAC_POLICY_SET() to invoke a SYSINIT 997 * to register the policy. In general, the fields are immutable, with the 998 * exception of the "security field", run-time flags, and policy list entry, 999 * which are managed by the MAC Framework. Be careful when modifying this 1000 * structure, as its layout is statically compiled into all policies. 1001 */ 1002struct mac_policy_conf { 1003 char *mpc_name; /* policy name */ 1004 char *mpc_fullname; /* policy full name */ 1005 struct mac_policy_ops *mpc_ops; /* policy operations */ 1006 int mpc_loadtime_flags; /* flags */ 1007 int *mpc_field_off; /* security field */ 1008 int mpc_runtime_flags; /* flags */ 1009 int _mpc_spare1; /* Spare. */ 1010 uint64_t _mpc_spare2; /* Spare. */ 1011 uint64_t _mpc_spare3; /* Spare. */ 1012 void *_mpc_spare4; /* Spare. */ 1013 LIST_ENTRY(mac_policy_conf) mpc_list; /* global list */ 1014}; 1015 1016/* Flags for the mpc_loadtime_flags field. */ 1017#define MPC_LOADTIME_FLAG_NOTLATE 0x00000001 1018#define MPC_LOADTIME_FLAG_UNLOADOK 0x00000002 1019 1020/* Flags for the mpc_runtime_flags field. */ 1021#define MPC_RUNTIME_FLAG_REGISTERED 0x00000001 1022 1023/*- 1024 * The TrustedBSD MAC Framework has a major version number, MAC_VERSION, 1025 * which defines the ABI of the Framework present in the kernel (and depended 1026 * on by policy modules compiled against that kernel). Currently, 1027 * MAC_POLICY_SET() requires that the kernel and module ABI version numbers 1028 * exactly match. The following major versions have been defined to date: 1029 * 1030 * MAC version FreeBSD versions 1031 * 1 5.x 1032 * 2 6.x 1033 * 3 7.x 1034 * 4 8.x 1035 * 5 14.x 1036 */ 1037#define MAC_VERSION 5 1038 1039#define MAC_POLICY_SET(mpops, mpname, mpfullname, mpflags, privdata_wanted) \ 1040 static struct mac_policy_conf mpname##_mac_policy_conf = { \ 1041 .mpc_name = #mpname, \ 1042 .mpc_fullname = mpfullname, \ 1043 .mpc_ops = mpops, \ 1044 .mpc_loadtime_flags = mpflags, \ 1045 .mpc_field_off = privdata_wanted, \ 1046 }; \ 1047 static moduledata_t mpname##_mod = { \ 1048 #mpname, \ 1049 mac_policy_modevent, \ 1050 &mpname##_mac_policy_conf \ 1051 }; \ 1052 MODULE_DEPEND(mpname, kernel_mac_support, MAC_VERSION, \ 1053 MAC_VERSION, MAC_VERSION); \ 1054 DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY, \ 1055 SI_ORDER_MIDDLE) 1056 1057int mac_policy_modevent(module_t mod, int type, void *data); 1058 1059/* 1060 * Policy interface to map a struct label pointer to per-policy data. 1061 * Typically, policies wrap this in their own accessor macro that casts a 1062 * uintptr_t to a policy-specific data type. 1063 */ 1064intptr_t mac_label_get(struct label *l, int slot); 1065void mac_label_set(struct label *l, int slot, intptr_t v); 1066 1067#endif /* !_SECURITY_MAC_MAC_POLICY_H_ */ 1068