1#include <sys/param.h>
2#include <sys/systm.h>		/* XXX printf() */
3
4#include <sys/types.h>
5#include <sys/fcntl.h>
6#include <sys/file.h>
7#include <sys/kauth.h>
8#include <sys/mount.h>
9#include <sys/msg.h>
10#include <sys/proc.h>
11#include <sys/socketvar.h>
12#include <sys/vnode.h>
13#include <security/mac.h>
14#include <security/mac_policy.h>
15
16#include <libkern/OSDebug.h>	/* OSBPrintBacktrace */
17
18
19/* forward declaration; see bsd_init.c */
20errno_t check_policy_init(int);
21int get_thread_lock_count(thread_t th);         /* forced forward */
22
23/*
24 * Policy flags used when the policy is enabled
25 *
26 * Note:	CHECK_POLICY_CHECK is probably not very useful unless you
27 *		are kernel debugging and set a breakpoint.
28 */
29#define	CHECK_POLICY_CHECK	0x00000001	/* Check on calls */
30#define	CHECK_POLICY_FAIL	0x00000002	/* EPERM on fails */
31#define	CHECK_POLICY_BACKTRACE	0x00000004	/* Show call stack on fails */
32#define	CHECK_POLICY_PANIC	0x00000008	/* Panic on fails */
33#define	CHECK_POLICY_PERIODIC	0x00000010	/* Show fails periodically */
34
35static int policy_flags = 0;
36
37
38#define CHECK_SET_HOOK(x)	.mpo_##x = (mpo_##x##_t *)common_hook,
39
40/*
41 * Init; currently, we only print our arrival notice.
42 */
43static void
44hook_policy_init(struct mac_policy_conf *mpc)
45{
46	printf("Policy '%s' = '%s' ready\n", mpc->mpc_name, mpc->mpc_fullname);
47}
48
49static void
50hook_policy_initbsd(struct mac_policy_conf *mpc)
51{
52	/* called with policy_grab_exclusive mutex held; exempt */
53	printf("hook_policy_initbsd: %s\n", mpc->mpc_name);
54}
55
56
57/* Implementation */
58#define	CLASS_PERIOD_LIMIT	10000
59#define	CLASS_PERIOD_MULT	20
60
61static int policy_check_event = 1;
62static int policy_check_period = 1;
63static int policy_check_next = CLASS_PERIOD_MULT;
64
65
66static int
67common_hook(void)
68{
69	int	i;
70	int	rv = 0;
71
72	if ((i = get_thread_lock_count(current_thread())) != 0) {
73		/*
74		 * fail the MACF check if we hold a lock; this assumes a
75		 * a non-void (authorization) MACF hook.
76		 */
77		if (policy_flags & CHECK_POLICY_FAIL)
78			rv = EPERM;
79
80		/*
81		 * display a backtrace if we hold a lock and we are not
82		 * going to panic
83		 */
84		if ((policy_flags & (CHECK_POLICY_BACKTRACE | CHECK_POLICY_PANIC)) == CHECK_POLICY_BACKTRACE) {
85			if (policy_flags & CHECK_POLICY_PERIODIC) {
86			    /* at exponentially increasing intervals */
87			    if (!(policy_check_event % policy_check_period)) {
88				if (policy_check_event <= policy_check_next || policy_check_period == CLASS_PERIOD_LIMIT) {
89					/*
90					 * According to Derek, we could
91					 * technically get a symbolicated name
92					 * here, if we refactered some code
93					 * and set the "keepsyms=1" boot
94					 * argument...
95					 */
96					OSReportWithBacktrace("calling MACF hook with mutex count %d (event %d) ", i, policy_check_event);
97				}
98			    } else {
99				if (policy_check_period < CLASS_PERIOD_LIMIT) {
100					policy_check_next *= CLASS_PERIOD_MULT;
101					policy_check_period *= CLASS_PERIOD_MULT;
102				}
103			    }
104			} else {
105				/* always */
106				OSReportWithBacktrace("calling MACF hook with mutex count %d (event %d) ", i, policy_check_event);
107			}
108		}
109
110		/* Panic */
111		if (policy_flags & CHECK_POLICY_PANIC)
112			panic("calling MACF hook with mutex count %d\n", i);
113
114		/* count for non-fatal tracing */
115		policy_check_event++;
116	}
117
118	return rv;
119}
120
121#if (MAC_POLICY_OPS_VERSION != 24)
122# error "struct mac_policy_ops doesn't match definition in mac_policy.h"
123#endif
124/*
125 * Policy hooks; one per possible hook
126 *
127 * Please note that this struct initialization should be kept in sync with
128 * security/mac_policy.h (mac_policy_ops struct definition).
129 */
130static struct mac_policy_ops policy_ops = {
131	CHECK_SET_HOOK(audit_check_postselect)
132	CHECK_SET_HOOK(audit_check_preselect)
133
134	CHECK_SET_HOOK(bpfdesc_label_associate)
135	CHECK_SET_HOOK(bpfdesc_label_destroy)
136	CHECK_SET_HOOK(bpfdesc_label_init)
137	CHECK_SET_HOOK(bpfdesc_check_receive)
138
139	CHECK_SET_HOOK(cred_check_label_update_execve)
140	CHECK_SET_HOOK(cred_check_label_update)
141	CHECK_SET_HOOK(cred_check_visible)
142	CHECK_SET_HOOK(cred_label_associate_fork)
143	CHECK_SET_HOOK(cred_label_associate_kernel)
144	CHECK_SET_HOOK(cred_label_associate)
145	CHECK_SET_HOOK(cred_label_associate_user)
146	CHECK_SET_HOOK(cred_label_destroy)
147	CHECK_SET_HOOK(cred_label_externalize_audit)
148	CHECK_SET_HOOK(cred_label_externalize)
149	CHECK_SET_HOOK(cred_label_init)
150	CHECK_SET_HOOK(cred_label_internalize)
151	CHECK_SET_HOOK(cred_label_update_execve)
152	CHECK_SET_HOOK(cred_label_update)
153
154	CHECK_SET_HOOK(devfs_label_associate_device)
155	CHECK_SET_HOOK(devfs_label_associate_directory)
156	CHECK_SET_HOOK(devfs_label_copy)
157	CHECK_SET_HOOK(devfs_label_destroy)
158	CHECK_SET_HOOK(devfs_label_init)
159	CHECK_SET_HOOK(devfs_label_update)
160
161	CHECK_SET_HOOK(file_check_change_offset)
162	CHECK_SET_HOOK(file_check_create)
163	CHECK_SET_HOOK(file_check_dup)
164	CHECK_SET_HOOK(file_check_fcntl)
165	CHECK_SET_HOOK(file_check_get_offset)
166	CHECK_SET_HOOK(file_check_get)
167	CHECK_SET_HOOK(file_check_inherit)
168	CHECK_SET_HOOK(file_check_ioctl)
169	CHECK_SET_HOOK(file_check_lock)
170	CHECK_SET_HOOK(file_check_mmap_downgrade)
171	CHECK_SET_HOOK(file_check_mmap)
172	CHECK_SET_HOOK(file_check_receive)
173	CHECK_SET_HOOK(file_check_set)
174	CHECK_SET_HOOK(file_label_init)
175	CHECK_SET_HOOK(file_label_destroy)
176	CHECK_SET_HOOK(file_label_associate)
177
178	CHECK_SET_HOOK(ifnet_check_label_update)
179	CHECK_SET_HOOK(ifnet_check_transmit)
180	CHECK_SET_HOOK(ifnet_label_associate)
181	CHECK_SET_HOOK(ifnet_label_copy)
182	CHECK_SET_HOOK(ifnet_label_destroy)
183	CHECK_SET_HOOK(ifnet_label_externalize)
184	CHECK_SET_HOOK(ifnet_label_init)
185	CHECK_SET_HOOK(ifnet_label_internalize)
186	CHECK_SET_HOOK(ifnet_label_update)
187	CHECK_SET_HOOK(ifnet_label_recycle)
188
189	CHECK_SET_HOOK(inpcb_check_deliver)
190	CHECK_SET_HOOK(inpcb_label_associate)
191	CHECK_SET_HOOK(inpcb_label_destroy)
192	CHECK_SET_HOOK(inpcb_label_init)
193	CHECK_SET_HOOK(inpcb_label_recycle)
194	CHECK_SET_HOOK(inpcb_label_update)
195
196	CHECK_SET_HOOK(iokit_check_device)
197
198	CHECK_SET_HOOK(ipq_label_associate)
199	CHECK_SET_HOOK(ipq_label_compare)
200	CHECK_SET_HOOK(ipq_label_destroy)
201	CHECK_SET_HOOK(ipq_label_init)
202	CHECK_SET_HOOK(ipq_label_update)
203
204	CHECK_SET_HOOK(lctx_check_label_update)
205	CHECK_SET_HOOK(lctx_label_destroy)
206	CHECK_SET_HOOK(lctx_label_externalize)
207	CHECK_SET_HOOK(lctx_label_init)
208	CHECK_SET_HOOK(lctx_label_internalize)
209	CHECK_SET_HOOK(lctx_label_update)
210	CHECK_SET_HOOK(lctx_notify_create)
211	CHECK_SET_HOOK(lctx_notify_join)
212	CHECK_SET_HOOK(lctx_notify_leave)
213
214	CHECK_SET_HOOK(mbuf_label_associate_bpfdesc)
215	CHECK_SET_HOOK(mbuf_label_associate_ifnet)
216	CHECK_SET_HOOK(mbuf_label_associate_inpcb)
217	CHECK_SET_HOOK(mbuf_label_associate_ipq)
218	CHECK_SET_HOOK(mbuf_label_associate_linklayer)
219	CHECK_SET_HOOK(mbuf_label_associate_multicast_encap)
220	CHECK_SET_HOOK(mbuf_label_associate_netlayer)
221	CHECK_SET_HOOK(mbuf_label_associate_socket)
222	CHECK_SET_HOOK(mbuf_label_copy)
223	CHECK_SET_HOOK(mbuf_label_destroy)
224	CHECK_SET_HOOK(mbuf_label_init)
225
226	CHECK_SET_HOOK(mount_check_fsctl)
227	CHECK_SET_HOOK(mount_check_getattr)
228	CHECK_SET_HOOK(mount_check_label_update)
229	CHECK_SET_HOOK(mount_check_mount)
230	CHECK_SET_HOOK(mount_check_remount)
231	CHECK_SET_HOOK(mount_check_setattr)
232	CHECK_SET_HOOK(mount_check_stat)
233	CHECK_SET_HOOK(mount_check_umount)
234	CHECK_SET_HOOK(mount_label_associate)
235	CHECK_SET_HOOK(mount_label_destroy)
236	CHECK_SET_HOOK(mount_label_externalize)
237	CHECK_SET_HOOK(mount_label_init)
238	CHECK_SET_HOOK(mount_label_internalize)
239
240	CHECK_SET_HOOK(netinet_fragment)
241	CHECK_SET_HOOK(netinet_icmp_reply)
242	CHECK_SET_HOOK(netinet_tcp_reply)
243
244	CHECK_SET_HOOK(pipe_check_ioctl)
245	CHECK_SET_HOOK(pipe_check_kqfilter)
246	CHECK_SET_HOOK(pipe_check_label_update)
247	CHECK_SET_HOOK(pipe_check_read)
248	CHECK_SET_HOOK(pipe_check_select)
249	CHECK_SET_HOOK(pipe_check_stat)
250	CHECK_SET_HOOK(pipe_check_write)
251	CHECK_SET_HOOK(pipe_label_associate)
252	CHECK_SET_HOOK(pipe_label_copy)
253	CHECK_SET_HOOK(pipe_label_destroy)
254	CHECK_SET_HOOK(pipe_label_externalize)
255	CHECK_SET_HOOK(pipe_label_init)
256	CHECK_SET_HOOK(pipe_label_internalize)
257	CHECK_SET_HOOK(pipe_label_update)
258
259	CHECK_SET_HOOK(policy_destroy)
260	/* special hooks for policy init's */
261	.mpo_policy_init = hook_policy_init,
262	.mpo_policy_initbsd = hook_policy_initbsd,
263	CHECK_SET_HOOK(policy_syscall)
264
265	CHECK_SET_HOOK(port_check_copy_send)
266	CHECK_SET_HOOK(port_check_hold_receive)
267	CHECK_SET_HOOK(port_check_hold_send_once)
268	CHECK_SET_HOOK(port_check_hold_send)
269	CHECK_SET_HOOK(port_check_label_update)
270	CHECK_SET_HOOK(port_check_make_send_once)
271	CHECK_SET_HOOK(port_check_make_send)
272	CHECK_SET_HOOK(port_check_method)
273	CHECK_SET_HOOK(port_check_move_receive)
274	CHECK_SET_HOOK(port_check_move_send_once)
275	CHECK_SET_HOOK(port_check_move_send)
276	CHECK_SET_HOOK(port_check_receive)
277	CHECK_SET_HOOK(port_check_send)
278	CHECK_SET_HOOK(port_check_service)
279	CHECK_SET_HOOK(port_label_associate_kernel)
280	CHECK_SET_HOOK(port_label_associate)
281	CHECK_SET_HOOK(port_label_compute)
282	CHECK_SET_HOOK(port_label_copy)
283	CHECK_SET_HOOK(port_label_destroy)
284	CHECK_SET_HOOK(port_label_init)
285	CHECK_SET_HOOK(port_label_update_cred)
286	CHECK_SET_HOOK(port_label_update_kobject)
287
288	CHECK_SET_HOOK(posixsem_check_create)
289	CHECK_SET_HOOK(posixsem_check_open)
290	CHECK_SET_HOOK(posixsem_check_post)
291	CHECK_SET_HOOK(posixsem_check_unlink)
292	CHECK_SET_HOOK(posixsem_check_wait)
293	CHECK_SET_HOOK(posixsem_label_associate)
294	CHECK_SET_HOOK(posixsem_label_destroy)
295	CHECK_SET_HOOK(posixsem_label_init)
296	CHECK_SET_HOOK(posixshm_check_create)
297	CHECK_SET_HOOK(posixshm_check_mmap)
298	CHECK_SET_HOOK(posixshm_check_open)
299	CHECK_SET_HOOK(posixshm_check_stat)
300	CHECK_SET_HOOK(posixshm_check_truncate)
301	CHECK_SET_HOOK(posixshm_check_unlink)
302	CHECK_SET_HOOK(posixshm_label_associate)
303	CHECK_SET_HOOK(posixshm_label_destroy)
304	CHECK_SET_HOOK(posixshm_label_init)
305
306	CHECK_SET_HOOK(proc_check_debug)
307	CHECK_SET_HOOK(proc_check_fork)
308	CHECK_SET_HOOK(proc_check_get_task_name)
309	CHECK_SET_HOOK(proc_check_get_task)
310	CHECK_SET_HOOK(proc_check_getaudit)
311	CHECK_SET_HOOK(proc_check_getauid)
312	CHECK_SET_HOOK(proc_check_getlcid)
313	CHECK_SET_HOOK(proc_check_mprotect)
314	CHECK_SET_HOOK(proc_check_sched)
315	CHECK_SET_HOOK(proc_check_setaudit)
316	CHECK_SET_HOOK(proc_check_setauid)
317	CHECK_SET_HOOK(proc_check_setlcid)
318	CHECK_SET_HOOK(proc_check_signal)
319	CHECK_SET_HOOK(proc_check_wait)
320	CHECK_SET_HOOK(proc_label_destroy)
321	CHECK_SET_HOOK(proc_label_init)
322
323	CHECK_SET_HOOK(socket_check_accept)
324	CHECK_SET_HOOK(socket_check_accepted)
325	CHECK_SET_HOOK(socket_check_bind)
326	CHECK_SET_HOOK(socket_check_connect)
327	CHECK_SET_HOOK(socket_check_create)
328	CHECK_SET_HOOK(socket_check_deliver)
329	CHECK_SET_HOOK(socket_check_kqfilter)
330	CHECK_SET_HOOK(socket_check_label_update)
331	CHECK_SET_HOOK(socket_check_listen)
332	CHECK_SET_HOOK(socket_check_receive)
333	CHECK_SET_HOOK(socket_check_received)
334	CHECK_SET_HOOK(socket_check_select)
335	CHECK_SET_HOOK(socket_check_send)
336	CHECK_SET_HOOK(socket_check_stat)
337	CHECK_SET_HOOK(socket_check_setsockopt)
338	CHECK_SET_HOOK(socket_check_getsockopt)
339	CHECK_SET_HOOK(socket_label_associate_accept)
340	CHECK_SET_HOOK(socket_label_associate)
341	CHECK_SET_HOOK(socket_label_copy)
342	CHECK_SET_HOOK(socket_label_destroy)
343	CHECK_SET_HOOK(socket_label_externalize)
344	CHECK_SET_HOOK(socket_label_init)
345	CHECK_SET_HOOK(socket_label_internalize)
346	CHECK_SET_HOOK(socket_label_update)
347
348	CHECK_SET_HOOK(socketpeer_label_associate_mbuf)
349	CHECK_SET_HOOK(socketpeer_label_associate_socket)
350	CHECK_SET_HOOK(socketpeer_label_destroy)
351	CHECK_SET_HOOK(socketpeer_label_externalize)
352	CHECK_SET_HOOK(socketpeer_label_init)
353
354	CHECK_SET_HOOK(system_check_acct)
355	CHECK_SET_HOOK(system_check_audit)
356	CHECK_SET_HOOK(system_check_auditctl)
357	CHECK_SET_HOOK(system_check_auditon)
358	CHECK_SET_HOOK(system_check_host_priv)
359	CHECK_SET_HOOK(system_check_nfsd)
360	CHECK_SET_HOOK(system_check_reboot)
361	CHECK_SET_HOOK(system_check_settime)
362	CHECK_SET_HOOK(system_check_swapoff)
363	CHECK_SET_HOOK(system_check_swapon)
364	CHECK_SET_HOOK(system_check_sysctl)
365
366	CHECK_SET_HOOK(sysvmsg_label_associate)
367	CHECK_SET_HOOK(sysvmsg_label_destroy)
368	CHECK_SET_HOOK(sysvmsg_label_init)
369	CHECK_SET_HOOK(sysvmsg_label_recycle)
370	CHECK_SET_HOOK(sysvmsq_check_enqueue)
371	CHECK_SET_HOOK(sysvmsq_check_msgrcv)
372	CHECK_SET_HOOK(sysvmsq_check_msgrmid)
373	CHECK_SET_HOOK(sysvmsq_check_msqctl)
374	CHECK_SET_HOOK(sysvmsq_check_msqget)
375	CHECK_SET_HOOK(sysvmsq_check_msqrcv)
376	CHECK_SET_HOOK(sysvmsq_check_msqsnd)
377	CHECK_SET_HOOK(sysvmsq_label_associate)
378	CHECK_SET_HOOK(sysvmsq_label_destroy)
379	CHECK_SET_HOOK(sysvmsq_label_init)
380	CHECK_SET_HOOK(sysvmsq_label_recycle)
381	CHECK_SET_HOOK(sysvsem_check_semctl)
382	CHECK_SET_HOOK(sysvsem_check_semget)
383	CHECK_SET_HOOK(sysvsem_check_semop)
384	CHECK_SET_HOOK(sysvsem_label_associate)
385	CHECK_SET_HOOK(sysvsem_label_destroy)
386	CHECK_SET_HOOK(sysvsem_label_init)
387	CHECK_SET_HOOK(sysvsem_label_recycle)
388	CHECK_SET_HOOK(sysvshm_check_shmat)
389	CHECK_SET_HOOK(sysvshm_check_shmctl)
390	CHECK_SET_HOOK(sysvshm_check_shmdt)
391	CHECK_SET_HOOK(sysvshm_check_shmget)
392	CHECK_SET_HOOK(sysvshm_label_associate)
393	CHECK_SET_HOOK(sysvshm_label_destroy)
394	CHECK_SET_HOOK(sysvshm_label_init)
395	CHECK_SET_HOOK(sysvshm_label_recycle)
396
397	CHECK_SET_HOOK(task_label_associate_kernel)
398	CHECK_SET_HOOK(task_label_associate)
399	CHECK_SET_HOOK(task_label_copy)
400	CHECK_SET_HOOK(task_label_destroy)
401	CHECK_SET_HOOK(task_label_externalize)
402	CHECK_SET_HOOK(task_label_init)
403	CHECK_SET_HOOK(task_label_internalize)
404	CHECK_SET_HOOK(task_label_update)
405
406	CHECK_SET_HOOK(iokit_check_hid_control)
407
408	CHECK_SET_HOOK(vnode_check_access)
409	CHECK_SET_HOOK(vnode_check_chdir)
410	CHECK_SET_HOOK(vnode_check_chroot)
411	CHECK_SET_HOOK(vnode_check_create)
412	CHECK_SET_HOOK(vnode_check_deleteextattr)
413	CHECK_SET_HOOK(vnode_check_exchangedata)
414	CHECK_SET_HOOK(vnode_check_exec)
415	CHECK_SET_HOOK(vnode_check_getattrlist)
416	CHECK_SET_HOOK(vnode_check_getextattr)
417	CHECK_SET_HOOK(vnode_check_ioctl)
418	CHECK_SET_HOOK(vnode_check_kqfilter)
419	CHECK_SET_HOOK(vnode_check_label_update)
420	CHECK_SET_HOOK(vnode_check_link)
421	CHECK_SET_HOOK(vnode_check_listextattr)
422	CHECK_SET_HOOK(vnode_check_lookup)
423	CHECK_SET_HOOK(vnode_check_open)
424	CHECK_SET_HOOK(vnode_check_read)
425	CHECK_SET_HOOK(vnode_check_readdir)
426	CHECK_SET_HOOK(vnode_check_readlink)
427	CHECK_SET_HOOK(vnode_check_rename_from)
428	CHECK_SET_HOOK(vnode_check_rename_to)
429	CHECK_SET_HOOK(vnode_check_revoke)
430	CHECK_SET_HOOK(vnode_check_select)
431	CHECK_SET_HOOK(vnode_check_setattrlist)
432	CHECK_SET_HOOK(vnode_check_setextattr)
433	CHECK_SET_HOOK(vnode_check_setflags)
434	CHECK_SET_HOOK(vnode_check_setmode)
435	CHECK_SET_HOOK(vnode_check_setowner)
436	CHECK_SET_HOOK(vnode_check_setutimes)
437	CHECK_SET_HOOK(vnode_check_stat)
438	CHECK_SET_HOOK(vnode_check_truncate)
439	CHECK_SET_HOOK(vnode_check_unlink)
440	CHECK_SET_HOOK(vnode_check_write)
441	CHECK_SET_HOOK(vnode_label_associate_devfs)
442	CHECK_SET_HOOK(vnode_label_associate_extattr)
443	CHECK_SET_HOOK(vnode_label_associate_file)
444	CHECK_SET_HOOK(vnode_label_associate_pipe)
445	CHECK_SET_HOOK(vnode_label_associate_posixsem)
446	CHECK_SET_HOOK(vnode_label_associate_posixshm)
447	CHECK_SET_HOOK(vnode_label_associate_singlelabel)
448	CHECK_SET_HOOK(vnode_label_associate_socket)
449	CHECK_SET_HOOK(vnode_label_copy)
450	CHECK_SET_HOOK(vnode_label_destroy)
451	CHECK_SET_HOOK(vnode_label_externalize_audit)
452	CHECK_SET_HOOK(vnode_label_externalize)
453	CHECK_SET_HOOK(vnode_label_init)
454	CHECK_SET_HOOK(vnode_label_internalize)
455	CHECK_SET_HOOK(vnode_label_recycle)
456	CHECK_SET_HOOK(vnode_label_store)
457	CHECK_SET_HOOK(vnode_label_update_extattr)
458	CHECK_SET_HOOK(vnode_label_update)
459	CHECK_SET_HOOK(vnode_notify_create)
460	CHECK_SET_HOOK(vnode_check_signature)
461	CHECK_SET_HOOK(vnode_check_uipc_bind)
462	CHECK_SET_HOOK(vnode_check_uipc_connect)
463
464	/* CHECK_SET_HOOK(proc_check_run_cs_invalid) */
465	.mpo_proc_check_run_cs_invalid = (mac_proc_check_run_cs_invalid_t *)common_hook,
466	CHECK_SET_HOOK(proc_check_suspend_resume)
467
468	CHECK_SET_HOOK(thread_userret)
469
470	CHECK_SET_HOOK(iokit_check_set_properties)
471
472	CHECK_SET_HOOK(system_check_chud)
473
474	CHECK_SET_HOOK(vnode_check_searchfs)
475
476	CHECK_SET_HOOK(priv_check)
477	CHECK_SET_HOOK(priv_grant)
478
479	CHECK_SET_HOOK(proc_check_map_anon)
480
481	CHECK_SET_HOOK(vnode_check_fsgetpath)
482
483	CHECK_SET_HOOK(iokit_check_open)
484
485	CHECK_SET_HOOK(proc_check_ledger)
486
487	CHECK_SET_HOOK(vnode_notify_rename)
488
489	CHECK_SET_HOOK(thread_label_init)
490	CHECK_SET_HOOK(thread_label_destroy)
491
492	CHECK_SET_HOOK(system_check_kas_info)
493
494	CHECK_SET_HOOK(proc_check_cpumon)
495
496	CHECK_SET_HOOK(vnode_notify_open)
497
498	CHECK_SET_HOOK(system_check_info)
499
500	CHECK_SET_HOOK(pty_notify_grant)
501	CHECK_SET_HOOK(pty_notify_close)
502
503	CHECK_SET_HOOK(vnode_find_sigs)
504
505
506	CHECK_SET_HOOK(kext_check_load)
507	CHECK_SET_HOOK(kext_check_unload)
508
509	CHECK_SET_HOOK(proc_check_proc_info)
510
511	CHECK_SET_HOOK(vnode_notify_link)
512
513	.mpo_reserved28 = (mpo_reserved_hook_t *)common_hook,
514	.mpo_reserved29 = (mpo_reserved_hook_t *)common_hook,
515};
516
517/*
518 * Policy definition
519 */
520static struct mac_policy_conf policy_conf = {
521	.mpc_name               = "CHECK",
522	.mpc_fullname           = "Check Assumptions Policy",
523	.mpc_field_off          = NULL,		/* no label slot */
524	.mpc_labelnames         = NULL,		/* no policy label names */
525	.mpc_labelname_count    = 0,		/* count of label names is 0 */
526	.mpc_ops                = &policy_ops,	/* policy operations */
527	.mpc_loadtime_flags     = 0,
528	.mpc_runtime_flags      = 0,
529};
530
531static mac_policy_handle_t policy_handle;
532
533/*
534 * Init routine; for a loadable policy, this would be called during the KEXT
535 * initialization; we're going to call this from bsd_init() if the boot
536 * argument for checking is present.
537 */
538errno_t
539check_policy_init(int flags)
540{
541	/* Only instantiate the module if we have been asked to do checking */
542	if (!flags)
543		return 0;
544
545	policy_flags = flags;
546
547	return mac_policy_register(&policy_conf, &policy_handle, NULL);
548}
549