Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/security/mac_stub/mac_stub.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001-2005 McAfee, Inc. 4 * Copyright (c) 2005 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * 9 * This software was developed for the FreeBSD Project in part by McAfee 10 * Research, the Security Research Division of McAfee, Inc. under 11 * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA 12 * CHATS research program. 13 * 14 * This software was enhanced by SPARTA ISSO under SPAWAR contract 15 * N66001-04-C-6019 ("SEFOS"). 16 * 17 * Redistribution and use in source and binary forms, with or without 18 * modification, are permitted provided that the following conditions 19 * are met: 20 * 1. Redistributions of source code must retain the above copyright 21 * notice, this list of conditions and the following disclaimer. 22 * 2. Redistributions in binary form must reproduce the above copyright 23 * notice, this list of conditions and the following disclaimer in the 24 * documentation and/or other materials provided with the distribution. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * $FreeBSD: releng/6.2/sys/security/mac_stub/mac_stub.c 150969 2005-10-05 10:31:05Z rwatson $ 39 */ 40 41 /* 42 * Developed by the TrustedBSD Project. 43 * 44 * Stub module that implements a NOOP for most (if not all) MAC Framework 45 * policy entry points. 46 */ 47 48 #include <sys/types.h> 49 #include <sys/param.h> 50 #include <sys/acl.h> 51 #include <sys/conf.h> 52 #include <sys/extattr.h> 53 #include <sys/kernel.h> 54 #include <sys/mac.h> 55 #include <sys/mount.h> 56 #include <sys/proc.h> 57 #include <sys/systm.h> 58 #include <sys/sysproto.h> 59 #include <sys/sysent.h> 60 #include <sys/vnode.h> 61 #include <sys/file.h> 62 #include <sys/socket.h> 63 #include <sys/socketvar.h> 64 #include <sys/pipe.h> 65 #include <sys/sx.h> 66 #include <sys/sysctl.h> 67 #include <sys/msg.h> 68 #include <sys/sem.h> 69 #include <sys/shm.h> 70 71 #include <posix4/ksem.h> 72 73 #include <fs/devfs/devfs.h> 74 75 #include <net/bpfdesc.h> 76 #include <net/if.h> 77 #include <net/if_types.h> 78 #include <net/if_var.h> 79 80 #include <netinet/in.h> 81 #include <netinet/in_pcb.h> 82 #include <netinet/ip_var.h> 83 84 #include <vm/vm.h> 85 86 #include <sys/mac_policy.h> 87 88 SYSCTL_DECL(_security_mac); 89 90 SYSCTL_NODE(_security_mac, OID_AUTO, stub, CTLFLAG_RW, 0, 91 "TrustedBSD mac_stub policy controls"); 92 93 static int stub_enabled = 1; 94 SYSCTL_INT(_security_mac_stub, OID_AUTO, enabled, CTLFLAG_RW, 95 &stub_enabled, 0, "Enforce mac_stub policy"); 96 97 /* 98 * Policy module operations. 99 */ 100 static void 101 stub_destroy(struct mac_policy_conf *conf) 102 { 103 104 } 105 106 static void 107 stub_init(struct mac_policy_conf *conf) 108 { 109 110 } 111 112 static int 113 stub_syscall(struct thread *td, int call, void *arg) 114 { 115 116 return (0); 117 } 118 119 /* 120 * Label operations. 121 */ 122 static void 123 stub_init_label(struct label *label) 124 { 125 126 } 127 128 static int 129 stub_init_label_waitcheck(struct label *label, int flag) 130 { 131 132 return (0); 133 } 134 135 static void 136 stub_destroy_label(struct label *label) 137 { 138 139 } 140 141 static void 142 stub_copy_label(struct label *src, struct label *dest) 143 { 144 145 } 146 147 static int 148 stub_externalize_label(struct label *label, char *element_name, 149 struct sbuf *sb, int *claimed) 150 { 151 152 return (0); 153 } 154 155 static int 156 stub_internalize_label(struct label *label, char *element_name, 157 char *element_data, int *claimed) 158 { 159 160 return (0); 161 } 162 163 /* 164 * Labeling event operations: file system objects, and things that look 165 * a lot like file system objects. 166 */ 167 static void 168 stub_associate_vnode_devfs(struct mount *mp, struct label *fslabel, 169 struct devfs_dirent *de, struct label *delabel, struct vnode *vp, 170 struct label *vlabel) 171 { 172 173 } 174 175 static int 176 stub_associate_vnode_extattr(struct mount *mp, struct label *fslabel, 177 struct vnode *vp, struct label *vlabel) 178 { 179 180 return (0); 181 } 182 183 static void 184 stub_associate_vnode_singlelabel(struct mount *mp, 185 struct label *fslabel, struct vnode *vp, struct label *vlabel) 186 { 187 188 } 189 190 static void 191 stub_create_devfs_device(struct ucred *cred, struct mount *mp, 192 struct cdev *dev, struct devfs_dirent *devfs_dirent, struct label *label) 193 { 194 195 } 196 197 static void 198 stub_create_devfs_directory(struct mount *mp, char *dirname, 199 int dirnamelen, struct devfs_dirent *devfs_dirent, struct label *label) 200 { 201 202 } 203 204 static void 205 stub_create_devfs_symlink(struct ucred *cred, struct mount *mp, 206 struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de, 207 struct label *delabel) 208 { 209 210 } 211 212 static int 213 stub_create_vnode_extattr(struct ucred *cred, struct mount *mp, 214 struct label *fslabel, struct vnode *dvp, struct label *dlabel, 215 struct vnode *vp, struct label *vlabel, struct componentname *cnp) 216 { 217 218 return (0); 219 } 220 221 static void 222 stub_create_mount(struct ucred *cred, struct mount *mp, 223 struct label *mntlabel, struct label *fslabel) 224 { 225 226 } 227 228 static void 229 stub_relabel_vnode(struct ucred *cred, struct vnode *vp, 230 struct label *vnodelabel, struct label *label) 231 { 232 233 } 234 235 static int 236 stub_setlabel_vnode_extattr(struct ucred *cred, struct vnode *vp, 237 struct label *vlabel, struct label *intlabel) 238 { 239 240 return (0); 241 } 242 243 static void 244 stub_update_devfsdirent(struct mount *mp, 245 struct devfs_dirent *devfs_dirent, struct label *direntlabel, 246 struct vnode *vp, struct label *vnodelabel) 247 { 248 249 } 250 251 /* 252 * Labeling event operations: IPC object. 253 */ 254 static void 255 stub_create_mbuf_from_socket(struct socket *so, struct label *socketlabel, 256 struct mbuf *m, struct label *mbuflabel) 257 { 258 259 } 260 261 static void 262 stub_create_socket(struct ucred *cred, struct socket *socket, 263 struct label *socketlabel) 264 { 265 266 } 267 268 static void 269 stub_create_pipe(struct ucred *cred, struct pipepair *pp, 270 struct label *pipelabel) 271 { 272 273 } 274 275 static void 276 stub_create_posix_sem(struct ucred *cred, struct ksem *ksemptr, 277 struct label *ks_label) 278 { 279 280 } 281 282 static void 283 stub_create_socket_from_socket(struct socket *oldsocket, 284 struct label *oldsocketlabel, struct socket *newsocket, 285 struct label *newsocketlabel) 286 { 287 288 } 289 290 static void 291 stub_relabel_socket(struct ucred *cred, struct socket *socket, 292 struct label *socketlabel, struct label *newlabel) 293 { 294 295 } 296 297 static void 298 stub_relabel_pipe(struct ucred *cred, struct pipepair *pp, 299 struct label *pipelabel, struct label *newlabel) 300 { 301 302 } 303 304 static void 305 stub_set_socket_peer_from_mbuf(struct mbuf *mbuf, struct label *mbuflabel, 306 struct socket *socket, struct label *socketpeerlabel) 307 { 308 309 } 310 311 static void 312 stub_set_socket_peer_from_socket(struct socket *oldsocket, 313 struct label *oldsocketlabel, struct socket *newsocket, 314 struct label *newsocketpeerlabel) 315 { 316 317 } 318 319 /* 320 * Labeling event operations: network objects. 321 */ 322 static void 323 stub_create_bpfdesc(struct ucred *cred, struct bpf_d *bpf_d, 324 struct label *bpflabel) 325 { 326 327 } 328 329 static void 330 stub_create_datagram_from_ipq(struct ipq *ipq, struct label *ipqlabel, 331 struct mbuf *datagram, struct label *datagramlabel) 332 { 333 334 } 335 336 static void 337 stub_create_fragment(struct mbuf *datagram, struct label *datagramlabel, 338 struct mbuf *fragment, struct label *fragmentlabel) 339 { 340 341 } 342 343 static void 344 stub_create_ifnet(struct ifnet *ifnet, struct label *ifnetlabel) 345 { 346 347 } 348 349 static void 350 stub_create_inpcb_from_socket(struct socket *so, struct label *solabel, 351 struct inpcb *inp, struct label *inplabel) 352 { 353 354 } 355 356 static void 357 stub_create_sysv_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr, 358 struct label *msqlabel, struct msg *msgptr, struct label *msglabel) 359 { 360 361 } 362 363 static void 364 stub_create_sysv_msgqueue(struct ucred *cred, struct msqid_kernel *msqkptr, 365 struct label *msqlabel) 366 { 367 368 } 369 370 static void 371 stub_create_sysv_sem(struct ucred *cred, struct semid_kernel *semakptr, 372 struct label *semalabel) 373 { 374 375 } 376 377 static void 378 stub_create_sysv_shm(struct ucred *cred, struct shmid_kernel *shmsegptr, 379 struct label *shmalabel) 380 { 381 382 } 383 384 static void 385 stub_create_ipq(struct mbuf *fragment, struct label *fragmentlabel, 386 struct ipq *ipq, struct label *ipqlabel) 387 { 388 389 } 390 391 static void 392 stub_create_mbuf_from_inpcb(struct inpcb *inp, struct label *inplabel, 393 struct mbuf *m, struct label *mlabel) 394 { 395 396 } 397 398 static void 399 stub_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel, 400 struct mbuf *mbuf, struct label *mbuflabel) 401 { 402 403 } 404 405 static void 406 stub_create_mbuf_from_bpfdesc(struct bpf_d *bpf_d, struct label *bpflabel, 407 struct mbuf *mbuf, struct label *mbuflabel) 408 { 409 410 } 411 412 static void 413 stub_create_mbuf_from_ifnet(struct ifnet *ifnet, struct label *ifnetlabel, 414 struct mbuf *m, struct label *mbuflabel) 415 { 416 417 } 418 419 static void 420 stub_create_mbuf_multicast_encap(struct mbuf *oldmbuf, 421 struct label *oldmbuflabel, struct ifnet *ifnet, struct label *ifnetlabel, 422 struct mbuf *newmbuf, struct label *newmbuflabel) 423 { 424 425 } 426 427 static void 428 stub_create_mbuf_netlayer(struct mbuf *oldmbuf, 429 struct label *oldmbuflabel, struct mbuf *newmbuf, struct label *newmbuflabel) 430 { 431 432 } 433 434 static int 435 stub_fragment_match(struct mbuf *fragment, struct label *fragmentlabel, 436 struct ipq *ipq, struct label *ipqlabel) 437 { 438 439 return (1); 440 } 441 442 static void 443 stub_reflect_mbuf_icmp(struct mbuf *m, struct label *mlabel) 444 { 445 446 } 447 448 static void 449 stub_reflect_mbuf_tcp(struct mbuf *m, struct label *mlabel) 450 { 451 452 } 453 454 static void 455 stub_relabel_ifnet(struct ucred *cred, struct ifnet *ifnet, 456 struct label *ifnetlabel, struct label *newlabel) 457 { 458 459 } 460 461 static void 462 stub_update_ipq(struct mbuf *fragment, struct label *fragmentlabel, 463 struct ipq *ipq, struct label *ipqlabel) 464 { 465 466 } 467 468 static void 469 stub_inpcb_sosetlabel(struct socket *so, struct label *solabel, 470 struct inpcb *inp, struct label *inplabel) 471 { 472 473 } 474 475 /* 476 * Labeling event operations: processes. 477 */ 478 static void 479 stub_execve_transition(struct ucred *old, struct ucred *new, 480 struct vnode *vp, struct label *vnodelabel, 481 struct label *interpvnodelabel, struct image_params *imgp, 482 struct label *execlabel) 483 { 484 485 } 486 487 static int 488 stub_execve_will_transition(struct ucred *old, struct vnode *vp, 489 struct label *vnodelabel, struct label *interpvnodelabel, 490 struct image_params *imgp, struct label *execlabel) 491 { 492 493 return (0); 494 } 495 496 static void 497 stub_create_proc0(struct ucred *cred) 498 { 499 500 } 501 502 static void 503 stub_create_proc1(struct ucred *cred) 504 { 505 506 } 507 508 static void 509 stub_relabel_cred(struct ucred *cred, struct label *newlabel) 510 { 511 512 } 513 514 static void 515 stub_thread_userret(struct thread *td) 516 { 517 518 } 519 520 /* 521 * Label cleanup/flush operations 522 */ 523 static void 524 stub_cleanup_sysv_msgmsg(struct label *msglabel) 525 { 526 527 } 528 529 static void 530 stub_cleanup_sysv_msgqueue(struct label *msqlabel) 531 { 532 533 } 534 535 static void 536 stub_cleanup_sysv_sem(struct label *semalabel) 537 { 538 539 } 540 541 static void 542 stub_cleanup_sysv_shm(struct label *shmlabel) 543 { 544 545 } 546 547 /* 548 * Access control checks. 549 */ 550 static int 551 stub_check_bpfdesc_receive(struct bpf_d *bpf_d, struct label *bpflabel, 552 struct ifnet *ifnet, struct label *ifnet_label) 553 { 554 555 return (0); 556 } 557 558 static int 559 stub_check_cred_relabel(struct ucred *cred, struct label *newlabel) 560 { 561 562 return (0); 563 } 564 565 static int 566 stub_check_cred_visible(struct ucred *u1, struct ucred *u2) 567 { 568 569 return (0); 570 } 571 572 static int 573 stub_check_ifnet_relabel(struct ucred *cred, struct ifnet *ifnet, 574 struct label *ifnetlabel, struct label *newlabel) 575 { 576 577 return (0); 578 } 579 580 static int 581 stub_check_ifnet_transmit(struct ifnet *ifnet, struct label *ifnetlabel, 582 struct mbuf *m, struct label *mbuflabel) 583 { 584 585 return (0); 586 } 587 588 static int 589 stub_check_inpcb_deliver(struct inpcb *inp, struct label *inplabel, 590 struct mbuf *m, struct label *mlabel) 591 { 592 593 return (0); 594 } 595 596 static int 597 stub_check_sysv_msgmsq(struct ucred *cred, struct msg *msgptr, 598 struct label *msglabel, struct msqid_kernel *msqkptr, 599 struct label *msqklabel) 600 { 601 602 return (0); 603 } 604 605 static int 606 stub_check_sysv_msgrcv(struct ucred *cred, struct msg *msgptr, 607 struct label *msglabel) 608 { 609 610 return (0); 611 } 612 613 614 static int 615 stub_check_sysv_msgrmid(struct ucred *cred, struct msg *msgptr, 616 struct label *msglabel) 617 { 618 619 return (0); 620 } 621 622 623 static int 624 stub_check_sysv_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, 625 struct label *msqklabel) 626 { 627 628 return (0); 629 } 630 631 632 static int 633 stub_check_sysv_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, 634 struct label *msqklabel) 635 { 636 637 return (0); 638 } 639 640 static int 641 stub_check_sysv_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, 642 struct label *msqklabel) 643 { 644 645 return (0); 646 } 647 648 649 static int 650 stub_check_sysv_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, 651 struct label *msqklabel, int cmd) 652 { 653 654 return (0); 655 } 656 657 658 static int 659 stub_check_sysv_semctl(struct ucred *cred, struct semid_kernel *semakptr, 660 struct label *semaklabel, int cmd) 661 { 662 663 return (0); 664 } 665 666 static int 667 stub_check_sysv_semget(struct ucred *cred, struct semid_kernel *semakptr, 668 struct label *semaklabel) 669 { 670 671 return (0); 672 } 673 674 675 static int 676 stub_check_sysv_semop(struct ucred *cred, struct semid_kernel *semakptr, 677 struct label *semaklabel, size_t accesstype) 678 { 679 680 return (0); 681 } 682 683 static int 684 stub_check_sysv_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr, 685 struct label *shmseglabel, int shmflg) 686 { 687 688 return (0); 689 } 690 691 static int 692 stub_check_sysv_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr, 693 struct label *shmseglabel, int cmd) 694 { 695 696 return (0); 697 } 698 699 static int 700 stub_check_sysv_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr, 701 struct label *shmseglabel) 702 { 703 704 return (0); 705 } 706 707 708 static int 709 stub_check_sysv_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr, 710 struct label *shmseglabel, int shmflg) 711 { 712 713 return (0); 714 } 715 716 static int 717 stub_check_kenv_dump(struct ucred *cred) 718 { 719 720 return (0); 721 } 722 723 static int 724 stub_check_kenv_get(struct ucred *cred, char *name) 725 { 726 727 return (0); 728 } 729 730 static int 731 stub_check_kenv_set(struct ucred *cred, char *name, char *value) 732 { 733 734 return (0); 735 } 736 737 static int 738 stub_check_kenv_unset(struct ucred *cred, char *name) 739 { 740 741 return (0); 742 } 743 744 static int 745 stub_check_kld_load(struct ucred *cred, struct vnode *vp, 746 struct label *vlabel) 747 { 748 749 return (0); 750 } 751 752 static int 753 stub_check_kld_stat(struct ucred *cred) 754 { 755 756 return (0); 757 } 758 759 static int 760 stub_check_kld_unload(struct ucred *cred) 761 { 762 763 return (0); 764 } 765 766 static int 767 stub_check_mount_stat(struct ucred *cred, struct mount *mp, 768 struct label *mntlabel) 769 { 770 771 return (0); 772 } 773 774 static int 775 stub_check_pipe_ioctl(struct ucred *cred, struct pipepair *pp, 776 struct label *pipelabel, unsigned long cmd, void /* caddr_t */ *data) 777 { 778 779 return (0); 780 } 781 782 static int 783 stub_check_pipe_poll(struct ucred *cred, struct pipepair *pp, 784 struct label *pipelabel) 785 { 786 787 return (0); 788 } 789 790 static int 791 stub_check_pipe_read(struct ucred *cred, struct pipepair *pp, 792 struct label *pipelabel) 793 { 794 795 return (0); 796 } 797 798 static int 799 stub_check_pipe_relabel(struct ucred *cred, struct pipepair *pp, 800 struct label *pipelabel, struct label *newlabel) 801 { 802 803 return (0); 804 } 805 806 static int 807 stub_check_pipe_stat(struct ucred *cred, struct pipepair *pp, 808 struct label *pipelabel) 809 { 810 811 return (0); 812 } 813 814 static int 815 stub_check_pipe_write(struct ucred *cred, struct pipepair *pp, 816 struct label *pipelabel) 817 { 818 819 return (0); 820 } 821 822 static int 823 stub_check_posix_sem_destroy(struct ucred *cred, struct ksem *ksemptr, 824 struct label *ks_label) 825 { 826 827 return (0); 828 } 829 830 static int 831 stub_check_posix_sem_getvalue(struct ucred *cred, struct ksem *ksemptr, 832 struct label *ks_label) 833 { 834 835 return (0); 836 } 837 838 static int 839 stub_check_posix_sem_open(struct ucred *cred, struct ksem *ksemptr, 840 struct label *ks_label) 841 { 842 843 return (0); 844 } 845 846 static int 847 stub_check_posix_sem_post(struct ucred *cred, struct ksem *ksemptr, 848 struct label *ks_label) 849 { 850 851 return (0); 852 } 853 854 static int 855 stub_check_posix_sem_unlink(struct ucred *cred, struct ksem *ksemptr, 856 struct label *ks_label) 857 { 858 859 return (0); 860 } 861 862 static int 863 stub_check_posix_sem_wait(struct ucred *cred, struct ksem *ksemptr, 864 struct label *ks_label) 865 { 866 867 return (0); 868 } 869 870 static int 871 stub_check_proc_debug(struct ucred *cred, struct proc *proc) 872 { 873 874 return (0); 875 } 876 877 static int 878 stub_check_proc_sched(struct ucred *cred, struct proc *proc) 879 { 880 881 return (0); 882 } 883 884 static int 885 stub_check_proc_signal(struct ucred *cred, struct proc *proc, int signum) 886 { 887 888 return (0); 889 } 890 891 static int 892 stub_check_proc_wait(struct ucred *cred, struct proc *proc) 893 { 894 895 return (0); 896 } 897 898 static int 899 stub_check_proc_setuid(struct ucred *cred, uid_t uid) 900 { 901 902 return (0); 903 } 904 905 static int 906 stub_check_proc_seteuid(struct ucred *cred, uid_t euid) 907 { 908 909 return (0); 910 } 911 912 static int 913 stub_check_proc_setgid(struct ucred *cred, gid_t gid) 914 { 915 916 return (0); 917 } 918 919 static int 920 stub_check_proc_setegid(struct ucred *cred, gid_t egid) 921 { 922 923 return (0); 924 } 925 926 static int 927 stub_check_proc_setgroups(struct ucred *cred, int ngroups, 928 gid_t *gidset) 929 { 930 931 return (0); 932 } 933 934 static int 935 stub_check_proc_setreuid(struct ucred *cred, uid_t ruid, uid_t euid) 936 { 937 938 return (0); 939 } 940 941 static int 942 stub_check_proc_setregid(struct ucred *cred, gid_t rgid, gid_t egid) 943 { 944 945 return (0); 946 } 947 948 static int 949 stub_check_proc_setresuid(struct ucred *cred, uid_t ruid, uid_t euid, 950 uid_t suid) 951 { 952 953 return (0); 954 } 955 956 static int 957 stub_check_proc_setresgid(struct ucred *cred, gid_t rgid, gid_t egid, 958 gid_t sgid) 959 { 960 961 return (0); 962 } 963 964 static int 965 stub_check_socket_accept(struct ucred *cred, struct socket *socket, 966 struct label *socketlabel) 967 { 968 969 return (0); 970 } 971 972 static int 973 stub_check_socket_bind(struct ucred *cred, struct socket *socket, 974 struct label *socketlabel, struct sockaddr *sockaddr) 975 { 976 977 return (0); 978 } 979 980 static int 981 stub_check_socket_connect(struct ucred *cred, struct socket *socket, 982 struct label *socketlabel, struct sockaddr *sockaddr) 983 { 984 985 return (0); 986 } 987 988 static int 989 stub_check_socket_create(struct ucred *cred, int domain, int type, 990 int protocol) 991 { 992 993 return (0); 994 } 995 996 static int 997 stub_check_socket_deliver(struct socket *so, struct label *socketlabel, 998 struct mbuf *m, struct label *mbuflabel) 999 { 1000 1001 return (0); 1002 } 1003 1004 static int 1005 stub_check_socket_listen(struct ucred *cred, struct socket *so, 1006 struct label *socketlabel) 1007 { 1008 1009 return (0); 1010 } 1011 1012 static int 1013 stub_check_socket_poll(struct ucred *cred, struct socket *so, 1014 struct label *socketlabel) 1015 { 1016 1017 return (0); 1018 } 1019 1020 static int 1021 stub_check_socket_receive(struct ucred *cred, struct socket *so, 1022 struct label *socketlabel) 1023 { 1024 1025 return (0); 1026 } 1027 1028 static int 1029 stub_check_socket_relabel(struct ucred *cred, struct socket *socket, 1030 struct label *socketlabel, struct label *newlabel) 1031 { 1032 1033 return (0); 1034 } 1035 static int 1036 stub_check_socket_send(struct ucred *cred, struct socket *so, 1037 struct label *socketlabel) 1038 { 1039 1040 return (0); 1041 } 1042 1043 static int 1044 stub_check_socket_stat(struct ucred *cred, struct socket *so, 1045 struct label *socketlabel) 1046 { 1047 1048 return (0); 1049 } 1050 1051 static int 1052 stub_check_socket_visible(struct ucred *cred, struct socket *socket, 1053 struct label *socketlabel) 1054 { 1055 1056 return (0); 1057 } 1058 1059 static int 1060 stub_check_sysarch_ioperm(struct ucred *cred) 1061 { 1062 1063 return (0); 1064 } 1065 1066 static int 1067 stub_check_system_acct(struct ucred *cred, struct vnode *vp, 1068 struct label *vlabel) 1069 { 1070 1071 return (0); 1072 } 1073 1074 static int 1075 stub_check_system_reboot(struct ucred *cred, int how) 1076 { 1077 1078 return (0); 1079 } 1080 1081 static int 1082 stub_check_system_settime(struct ucred *cred) 1083 { 1084 1085 return (0); 1086 } 1087 1088 static int 1089 stub_check_system_swapon(struct ucred *cred, struct vnode *vp, 1090 struct label *label) 1091 { 1092 1093 return (0); 1094 } 1095 1096 static int 1097 stub_check_system_swapoff(struct ucred *cred, struct vnode *vp, 1098 struct label *label) 1099 { 1100 1101 return (0); 1102 } 1103 1104 static int 1105 stub_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp, 1106 void *arg1, int arg2, struct sysctl_req *req) 1107 { 1108 1109 return (0); 1110 } 1111 1112 static int 1113 stub_check_vnode_access(struct ucred *cred, struct vnode *vp, 1114 struct label *label, int acc_mode) 1115 { 1116 1117 return (0); 1118 } 1119 1120 static int 1121 stub_check_vnode_chdir(struct ucred *cred, struct vnode *dvp, 1122 struct label *dlabel) 1123 { 1124 1125 return (0); 1126 } 1127 1128 static int 1129 stub_check_vnode_chroot(struct ucred *cred, struct vnode *dvp, 1130 struct label *dlabel) 1131 { 1132 1133 return (0); 1134 } 1135 1136 static int 1137 stub_check_vnode_create(struct ucred *cred, struct vnode *dvp, 1138 struct label *dlabel, struct componentname *cnp, struct vattr *vap) 1139 { 1140 1141 return (0); 1142 } 1143 1144 static int 1145 stub_check_vnode_delete(struct ucred *cred, struct vnode *dvp, 1146 struct label *dlabel, struct vnode *vp, struct label *label, 1147 struct componentname *cnp) 1148 { 1149 1150 return (0); 1151 } 1152 1153 static int 1154 stub_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, 1155 struct label *label, acl_type_t type) 1156 { 1157 1158 return (0); 1159 } 1160 1161 static int 1162 stub_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp, 1163 struct label *label, int attrnamespace, const char *name) 1164 { 1165 1166 return (0); 1167 } 1168 1169 static int 1170 stub_check_vnode_exec(struct ucred *cred, struct vnode *vp, 1171 struct label *label, struct image_params *imgp, 1172 struct label *execlabel) 1173 { 1174 1175 return (0); 1176 } 1177 1178 static int 1179 stub_check_vnode_getacl(struct ucred *cred, struct vnode *vp, 1180 struct label *label, acl_type_t type) 1181 { 1182 1183 return (0); 1184 } 1185 1186 static int 1187 stub_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, 1188 struct label *label, int attrnamespace, const char *name, struct uio *uio) 1189 { 1190 1191 return (0); 1192 } 1193 1194 static int 1195 stub_check_vnode_link(struct ucred *cred, struct vnode *dvp, 1196 struct label *dlabel, struct vnode *vp, struct label *label, 1197 struct componentname *cnp) 1198 { 1199 1200 return (0); 1201 } 1202 1203 static int 1204 stub_check_vnode_listextattr(struct ucred *cred, struct vnode *vp, 1205 struct label *label, int attrnamespace) 1206 { 1207 1208 return (0); 1209 } 1210 1211 static int 1212 stub_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, 1213 struct label *dlabel, struct componentname *cnp) 1214 { 1215 1216 return (0); 1217 } 1218 1219 static int 1220 stub_check_vnode_mmap(struct ucred *cred, struct vnode *vp, 1221 struct label *label, int prot, int flags) 1222 { 1223 1224 return (0); 1225 } 1226 1227 static int 1228 stub_check_vnode_open(struct ucred *cred, struct vnode *vp, 1229 struct label *filelabel, int acc_mode) 1230 { 1231 1232 return (0); 1233 } 1234 1235 static int 1236 stub_check_vnode_poll(struct ucred *active_cred, struct ucred *file_cred, 1237 struct vnode *vp, struct label *label) 1238 { 1239 1240 return (0); 1241 } 1242 1243 static int 1244 stub_check_vnode_read(struct ucred *active_cred, struct ucred *file_cred, 1245 struct vnode *vp, struct label *label) 1246 { 1247 1248 return (0); 1249 } 1250 1251 static int 1252 stub_check_vnode_readdir(struct ucred *cred, struct vnode *vp, 1253 struct label *dlabel) 1254 { 1255 1256 return (0); 1257 } 1258 1259 static int 1260 stub_check_vnode_readlink(struct ucred *cred, struct vnode *vp, 1261 struct label *vnodelabel) 1262 { 1263 1264 return (0); 1265 } 1266 1267 static int 1268 stub_check_vnode_relabel(struct ucred *cred, struct vnode *vp, 1269 struct label *vnodelabel, struct label *newlabel) 1270 { 1271 1272 return (0); 1273 } 1274 1275 static int 1276 stub_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp, 1277 struct label *dlabel, struct vnode *vp, struct label *label, 1278 struct componentname *cnp) 1279 { 1280 1281 return (0); 1282 } 1283 1284 static int 1285 stub_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp, 1286 struct label *dlabel, struct vnode *vp, struct label *label, int samedir, 1287 struct componentname *cnp) 1288 { 1289 1290 return (0); 1291 } 1292 1293 static int 1294 stub_check_vnode_revoke(struct ucred *cred, struct vnode *vp, 1295 struct label *label) 1296 { 1297 1298 return (0); 1299 } 1300 1301 static int 1302 stub_check_vnode_setacl(struct ucred *cred, struct vnode *vp, 1303 struct label *label, acl_type_t type, struct acl *acl) 1304 { 1305 1306 return (0); 1307 } 1308 1309 static int 1310 stub_check_vnode_setextattr(struct ucred *cred, struct vnode *vp, 1311 struct label *label, int attrnamespace, const char *name, struct uio *uio) 1312 { 1313 1314 return (0); 1315 } 1316 1317 static int 1318 stub_check_vnode_setflags(struct ucred *cred, struct vnode *vp, 1319 struct label *label, u_long flags) 1320 { 1321 1322 return (0); 1323 } 1324 1325 static int 1326 stub_check_vnode_setmode(struct ucred *cred, struct vnode *vp, 1327 struct label *label, mode_t mode) 1328 { 1329 1330 return (0); 1331 } 1332 1333 static int 1334 stub_check_vnode_setowner(struct ucred *cred, struct vnode *vp, 1335 struct label *label, uid_t uid, gid_t gid) 1336 { 1337 1338 return (0); 1339 } 1340 1341 static int 1342 stub_check_vnode_setutimes(struct ucred *cred, struct vnode *vp, 1343 struct label *label, struct timespec atime, struct timespec mtime) 1344 { 1345 1346 return (0); 1347 } 1348 1349 static int 1350 stub_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred, 1351 struct vnode *vp, struct label *label) 1352 { 1353 1354 return (0); 1355 } 1356 1357 static int 1358 stub_check_vnode_write(struct ucred *active_cred, 1359 struct ucred *file_cred, struct vnode *vp, struct label *label) 1360 { 1361 1362 return (0); 1363 } 1364 1365 static struct mac_policy_ops mac_stub_ops = 1366 { 1367 .mpo_destroy = stub_destroy, 1368 .mpo_init = stub_init, 1369 .mpo_syscall = stub_syscall, 1370 .mpo_init_bpfdesc_label = stub_init_label, 1371 .mpo_init_cred_label = stub_init_label, 1372 .mpo_init_devfsdirent_label = stub_init_label, 1373 .mpo_init_ifnet_label = stub_init_label, 1374 .mpo_init_inpcb_label = stub_init_label_waitcheck, 1375 .mpo_init_sysv_msgmsg_label = stub_init_label, 1376 .mpo_init_sysv_msgqueue_label = stub_init_label, 1377 .mpo_init_sysv_sem_label = stub_init_label, 1378 .mpo_init_sysv_shm_label = stub_init_label, 1379 .mpo_init_ipq_label = stub_init_label_waitcheck, 1380 .mpo_init_mbuf_label = stub_init_label_waitcheck, 1381 .mpo_init_mount_label = stub_init_label, 1382 .mpo_init_mount_fs_label = stub_init_label, 1383 .mpo_init_pipe_label = stub_init_label, 1384 .mpo_init_posix_sem_label = stub_init_label, 1385 .mpo_init_socket_label = stub_init_label_waitcheck, 1386 .mpo_init_socket_peer_label = stub_init_label_waitcheck, 1387 .mpo_init_vnode_label = stub_init_label, 1388 .mpo_destroy_bpfdesc_label = stub_destroy_label, 1389 .mpo_destroy_cred_label = stub_destroy_label, 1390 .mpo_destroy_devfsdirent_label = stub_destroy_label, 1391 .mpo_destroy_ifnet_label = stub_destroy_label, 1392 .mpo_destroy_inpcb_label = stub_destroy_label, 1393 .mpo_destroy_sysv_msgmsg_label = stub_destroy_label, 1394 .mpo_destroy_sysv_msgqueue_label = stub_destroy_label, 1395 .mpo_destroy_sysv_sem_label = stub_destroy_label, 1396 .mpo_destroy_sysv_shm_label = stub_destroy_label, 1397 .mpo_destroy_ipq_label = stub_destroy_label, 1398 .mpo_destroy_mbuf_label = stub_destroy_label, 1399 .mpo_destroy_mount_label = stub_destroy_label, 1400 .mpo_destroy_mount_fs_label = stub_destroy_label, 1401 .mpo_destroy_pipe_label = stub_destroy_label, 1402 .mpo_destroy_posix_sem_label = stub_destroy_label, 1403 .mpo_destroy_socket_label = stub_destroy_label, 1404 .mpo_destroy_socket_peer_label = stub_destroy_label, 1405 .mpo_destroy_vnode_label = stub_destroy_label, 1406 .mpo_copy_cred_label = stub_copy_label, 1407 .mpo_copy_ifnet_label = stub_copy_label, 1408 .mpo_copy_mbuf_label = stub_copy_label, 1409 .mpo_copy_pipe_label = stub_copy_label, 1410 .mpo_copy_socket_label = stub_copy_label, 1411 .mpo_copy_vnode_label = stub_copy_label, 1412 .mpo_externalize_cred_label = stub_externalize_label, 1413 .mpo_externalize_ifnet_label = stub_externalize_label, 1414 .mpo_externalize_pipe_label = stub_externalize_label, 1415 .mpo_externalize_socket_label = stub_externalize_label, 1416 .mpo_externalize_socket_peer_label = stub_externalize_label, 1417 .mpo_externalize_vnode_label = stub_externalize_label, 1418 .mpo_internalize_cred_label = stub_internalize_label, 1419 .mpo_internalize_ifnet_label = stub_internalize_label, 1420 .mpo_internalize_pipe_label = stub_internalize_label, 1421 .mpo_internalize_socket_label = stub_internalize_label, 1422 .mpo_internalize_vnode_label = stub_internalize_label, 1423 .mpo_associate_vnode_devfs = stub_associate_vnode_devfs, 1424 .mpo_associate_vnode_extattr = stub_associate_vnode_extattr, 1425 .mpo_associate_vnode_singlelabel = stub_associate_vnode_singlelabel, 1426 .mpo_create_devfs_device = stub_create_devfs_device, 1427 .mpo_create_devfs_directory = stub_create_devfs_directory, 1428 .mpo_create_devfs_symlink = stub_create_devfs_symlink, 1429 .mpo_create_sysv_msgmsg = stub_create_sysv_msgmsg, 1430 .mpo_create_sysv_msgqueue = stub_create_sysv_msgqueue, 1431 .mpo_create_sysv_sem = stub_create_sysv_sem, 1432 .mpo_create_sysv_shm = stub_create_sysv_shm, 1433 .mpo_create_vnode_extattr = stub_create_vnode_extattr, 1434 .mpo_create_mount = stub_create_mount, 1435 .mpo_relabel_vnode = stub_relabel_vnode, 1436 .mpo_setlabel_vnode_extattr = stub_setlabel_vnode_extattr, 1437 .mpo_update_devfsdirent = stub_update_devfsdirent, 1438 .mpo_create_mbuf_from_socket = stub_create_mbuf_from_socket, 1439 .mpo_create_pipe = stub_create_pipe, 1440 .mpo_create_posix_sem = stub_create_posix_sem, 1441 .mpo_create_socket = stub_create_socket, 1442 .mpo_create_socket_from_socket = stub_create_socket_from_socket, 1443 .mpo_relabel_pipe = stub_relabel_pipe, 1444 .mpo_relabel_socket = stub_relabel_socket, 1445 .mpo_set_socket_peer_from_mbuf = stub_set_socket_peer_from_mbuf, 1446 .mpo_set_socket_peer_from_socket = stub_set_socket_peer_from_socket, 1447 .mpo_create_bpfdesc = stub_create_bpfdesc, 1448 .mpo_create_ifnet = stub_create_ifnet, 1449 .mpo_create_inpcb_from_socket = stub_create_inpcb_from_socket, 1450 .mpo_create_ipq = stub_create_ipq, 1451 .mpo_create_datagram_from_ipq = stub_create_datagram_from_ipq, 1452 .mpo_create_fragment = stub_create_fragment, 1453 .mpo_create_mbuf_from_inpcb = stub_create_mbuf_from_inpcb, 1454 .mpo_create_mbuf_linklayer = stub_create_mbuf_linklayer, 1455 .mpo_create_mbuf_from_bpfdesc = stub_create_mbuf_from_bpfdesc, 1456 .mpo_create_mbuf_from_ifnet = stub_create_mbuf_from_ifnet, 1457 .mpo_create_mbuf_multicast_encap = stub_create_mbuf_multicast_encap, 1458 .mpo_create_mbuf_netlayer = stub_create_mbuf_netlayer, 1459 .mpo_fragment_match = stub_fragment_match, 1460 .mpo_reflect_mbuf_icmp = stub_reflect_mbuf_icmp, 1461 .mpo_reflect_mbuf_tcp = stub_reflect_mbuf_tcp, 1462 .mpo_relabel_ifnet = stub_relabel_ifnet, 1463 .mpo_update_ipq = stub_update_ipq, 1464 .mpo_inpcb_sosetlabel = stub_inpcb_sosetlabel, 1465 .mpo_execve_transition = stub_execve_transition, 1466 .mpo_execve_will_transition = stub_execve_will_transition, 1467 .mpo_create_proc0 = stub_create_proc0, 1468 .mpo_create_proc1 = stub_create_proc1, 1469 .mpo_relabel_cred = stub_relabel_cred, 1470 .mpo_thread_userret = stub_thread_userret, 1471 .mpo_cleanup_sysv_msgmsg = stub_cleanup_sysv_msgmsg, 1472 .mpo_cleanup_sysv_msgqueue = stub_cleanup_sysv_msgqueue, 1473 .mpo_cleanup_sysv_sem = stub_cleanup_sysv_sem, 1474 .mpo_cleanup_sysv_shm = stub_cleanup_sysv_shm, 1475 .mpo_check_bpfdesc_receive = stub_check_bpfdesc_receive, 1476 .mpo_check_cred_relabel = stub_check_cred_relabel, 1477 .mpo_check_cred_visible = stub_check_cred_visible, 1478 .mpo_check_ifnet_relabel = stub_check_ifnet_relabel, 1479 .mpo_check_ifnet_transmit = stub_check_ifnet_transmit, 1480 .mpo_check_inpcb_deliver = stub_check_inpcb_deliver, 1481 .mpo_check_sysv_msgmsq = stub_check_sysv_msgmsq, 1482 .mpo_check_sysv_msgrcv = stub_check_sysv_msgrcv, 1483 .mpo_check_sysv_msgrmid = stub_check_sysv_msgrmid, 1484 .mpo_check_sysv_msqget = stub_check_sysv_msqget, 1485 .mpo_check_sysv_msqsnd = stub_check_sysv_msqsnd, 1486 .mpo_check_sysv_msqrcv = stub_check_sysv_msqrcv, 1487 .mpo_check_sysv_msqctl = stub_check_sysv_msqctl, 1488 .mpo_check_sysv_semctl = stub_check_sysv_semctl, 1489 .mpo_check_sysv_semget = stub_check_sysv_semget, 1490 .mpo_check_sysv_semop = stub_check_sysv_semop, 1491 .mpo_check_sysv_shmat = stub_check_sysv_shmat, 1492 .mpo_check_sysv_shmctl = stub_check_sysv_shmctl, 1493 .mpo_check_sysv_shmdt = stub_check_sysv_shmdt, 1494 .mpo_check_sysv_shmget = stub_check_sysv_shmget, 1495 .mpo_check_kenv_dump = stub_check_kenv_dump, 1496 .mpo_check_kenv_get = stub_check_kenv_get, 1497 .mpo_check_kenv_set = stub_check_kenv_set, 1498 .mpo_check_kenv_unset = stub_check_kenv_unset, 1499 .mpo_check_kld_load = stub_check_kld_load, 1500 .mpo_check_kld_stat = stub_check_kld_stat, 1501 .mpo_check_kld_unload = stub_check_kld_unload, 1502 .mpo_check_mount_stat = stub_check_mount_stat, 1503 .mpo_check_pipe_ioctl = stub_check_pipe_ioctl, 1504 .mpo_check_pipe_poll = stub_check_pipe_poll, 1505 .mpo_check_pipe_read = stub_check_pipe_read, 1506 .mpo_check_pipe_relabel = stub_check_pipe_relabel, 1507 .mpo_check_pipe_stat = stub_check_pipe_stat, 1508 .mpo_check_pipe_write = stub_check_pipe_write, 1509 .mpo_check_posix_sem_destroy = stub_check_posix_sem_destroy, 1510 .mpo_check_posix_sem_getvalue = stub_check_posix_sem_getvalue, 1511 .mpo_check_posix_sem_open = stub_check_posix_sem_open, 1512 .mpo_check_posix_sem_post = stub_check_posix_sem_post, 1513 .mpo_check_posix_sem_unlink = stub_check_posix_sem_unlink, 1514 .mpo_check_posix_sem_wait = stub_check_posix_sem_wait, 1515 .mpo_check_proc_debug = stub_check_proc_debug, 1516 .mpo_check_proc_sched = stub_check_proc_sched, 1517 .mpo_check_proc_setuid = stub_check_proc_setuid, 1518 .mpo_check_proc_seteuid = stub_check_proc_seteuid, 1519 .mpo_check_proc_setgid = stub_check_proc_setgid, 1520 .mpo_check_proc_setegid = stub_check_proc_setegid, 1521 .mpo_check_proc_setgroups = stub_check_proc_setgroups, 1522 .mpo_check_proc_setreuid = stub_check_proc_setreuid, 1523 .mpo_check_proc_setregid = stub_check_proc_setregid, 1524 .mpo_check_proc_setresuid = stub_check_proc_setresuid, 1525 .mpo_check_proc_setresgid = stub_check_proc_setresgid, 1526 .mpo_check_proc_signal = stub_check_proc_signal, 1527 .mpo_check_proc_wait = stub_check_proc_wait, 1528 .mpo_check_socket_accept = stub_check_socket_accept, 1529 .mpo_check_socket_bind = stub_check_socket_bind, 1530 .mpo_check_socket_connect = stub_check_socket_connect, 1531 .mpo_check_socket_create = stub_check_socket_create, 1532 .mpo_check_socket_deliver = stub_check_socket_deliver, 1533 .mpo_check_socket_listen = stub_check_socket_listen, 1534 .mpo_check_socket_poll = stub_check_socket_poll, 1535 .mpo_check_socket_receive = stub_check_socket_receive, 1536 .mpo_check_socket_relabel = stub_check_socket_relabel, 1537 .mpo_check_socket_send = stub_check_socket_send, 1538 .mpo_check_socket_stat = stub_check_socket_stat, 1539 .mpo_check_socket_visible = stub_check_socket_visible, 1540 .mpo_check_sysarch_ioperm = stub_check_sysarch_ioperm, 1541 .mpo_check_system_acct = stub_check_system_acct, 1542 .mpo_check_system_reboot = stub_check_system_reboot, 1543 .mpo_check_system_settime = stub_check_system_settime, 1544 .mpo_check_system_swapon = stub_check_system_swapon, 1545 .mpo_check_system_swapoff = stub_check_system_swapoff, 1546 .mpo_check_system_sysctl = stub_check_system_sysctl, 1547 .mpo_check_vnode_access = stub_check_vnode_access, 1548 .mpo_check_vnode_chdir = stub_check_vnode_chdir, 1549 .mpo_check_vnode_chroot = stub_check_vnode_chroot, 1550 .mpo_check_vnode_create = stub_check_vnode_create, 1551 .mpo_check_vnode_delete = stub_check_vnode_delete, 1552 .mpo_check_vnode_deleteacl = stub_check_vnode_deleteacl, 1553 .mpo_check_vnode_deleteextattr = stub_check_vnode_deleteextattr, 1554 .mpo_check_vnode_exec = stub_check_vnode_exec, 1555 .mpo_check_vnode_getacl = stub_check_vnode_getacl, 1556 .mpo_check_vnode_getextattr = stub_check_vnode_getextattr, 1557 .mpo_check_vnode_link = stub_check_vnode_link, 1558 .mpo_check_vnode_listextattr = stub_check_vnode_listextattr, 1559 .mpo_check_vnode_lookup = stub_check_vnode_lookup, 1560 .mpo_check_vnode_mmap = stub_check_vnode_mmap, 1561 .mpo_check_vnode_open = stub_check_vnode_open, 1562 .mpo_check_vnode_poll = stub_check_vnode_poll, 1563 .mpo_check_vnode_read = stub_check_vnode_read, 1564 .mpo_check_vnode_readdir = stub_check_vnode_readdir, 1565 .mpo_check_vnode_readlink = stub_check_vnode_readlink, 1566 .mpo_check_vnode_relabel = stub_check_vnode_relabel, 1567 .mpo_check_vnode_rename_from = stub_check_vnode_rename_from, 1568 .mpo_check_vnode_rename_to = stub_check_vnode_rename_to, 1569 .mpo_check_vnode_revoke = stub_check_vnode_revoke, 1570 .mpo_check_vnode_setacl = stub_check_vnode_setacl, 1571 .mpo_check_vnode_setextattr = stub_check_vnode_setextattr, 1572 .mpo_check_vnode_setflags = stub_check_vnode_setflags, 1573 .mpo_check_vnode_setmode = stub_check_vnode_setmode, 1574 .mpo_check_vnode_setowner = stub_check_vnode_setowner, 1575 .mpo_check_vnode_setutimes = stub_check_vnode_setutimes, 1576 .mpo_check_vnode_stat = stub_check_vnode_stat, 1577 .mpo_check_vnode_write = stub_check_vnode_write, 1578 }; 1579 1580 MAC_POLICY_SET(&mac_stub_ops, mac_stub, "TrustedBSD MAC/Stub", 1581 MPC_LOADTIME_FLAG_UNLOADOK, NULL);
Cache object: a7418be142029f567001f623d3bc176c
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]