The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/security/mac_test/mac_test.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
    3  * Copyright (c) 2001, 2002 Networks Associates Technology, Inc.
    4  * All rights reserved.
    5  *
    6  * This software was developed by Robert Watson for the TrustedBSD Project.
    7  *
    8  * This software was developed for the FreeBSD Project in part by Network
    9  * Associates Laboratories, the Security Research Division of Network
   10  * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
   11  * as part of the DARPA CHATS research program.
   12  *
   13  * Redistribution and use in source and binary forms, with or without
   14  * modification, are permitted provided that the following conditions
   15  * are met:
   16  * 1. Redistributions of source code must retain the above copyright
   17  *    notice, this list of conditions and the following disclaimer.
   18  * 2. Redistributions in binary form must reproduce the above copyright
   19  *    notice, this list of conditions and the following disclaimer in the
   20  *    documentation and/or other materials provided with the distribution.
   21  *
   22  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
   23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   32  * SUCH DAMAGE.
   33  *
   34  * $FreeBSD: releng/5.0/sys/security/mac_test/mac_test.c 107731 2002-12-10 16:20:34Z rwatson $
   35  */
   36 
   37 /*
   38  * Developed by the TrustedBSD Project.
   39  * Generic mandatory access module that does nothing.
   40  */
   41 
   42 #include <sys/types.h>
   43 #include <sys/param.h>
   44 #include <sys/acl.h>
   45 #include <sys/conf.h>
   46 #include <sys/extattr.h>
   47 #include <sys/kernel.h>
   48 #include <sys/mac.h>
   49 #include <sys/mount.h>
   50 #include <sys/proc.h>
   51 #include <sys/systm.h>
   52 #include <sys/sysproto.h>
   53 #include <sys/sysent.h>
   54 #include <sys/vnode.h>
   55 #include <sys/file.h>
   56 #include <sys/socket.h>
   57 #include <sys/socketvar.h>
   58 #include <sys/sysctl.h>
   59 
   60 #include <fs/devfs/devfs.h>
   61 
   62 #include <net/bpfdesc.h>
   63 #include <net/if.h>
   64 #include <net/if_types.h>
   65 #include <net/if_var.h>
   66 
   67 #include <vm/vm.h>
   68 
   69 #include <sys/mac_policy.h>
   70 
   71 SYSCTL_DECL(_security_mac);
   72 
   73 SYSCTL_NODE(_security_mac, OID_AUTO, test, CTLFLAG_RW, 0,
   74     "TrustedBSD mac_test policy controls");
   75 
   76 static int      mac_test_enabled = 1;
   77 SYSCTL_INT(_security_mac_test, OID_AUTO, enabled, CTLFLAG_RW,
   78     &mac_test_enabled, 0, "Enforce test policy");
   79 
   80 #define BPFMAGIC        0xfe1ad1b6
   81 #define DEVFSMAGIC      0x9ee79c32
   82 #define IFNETMAGIC      0xc218b120
   83 #define IPQMAGIC        0x206188ef
   84 #define MBUFMAGIC       0xbbefa5bb
   85 #define MOUNTMAGIC      0xc7c46e47
   86 #define SOCKETMAGIC     0x9199c6cd
   87 #define PIPEMAGIC       0xdc6c9919
   88 #define CREDMAGIC       0x9a5a4987
   89 #define VNODEMAGIC      0x1a67a45c
   90 #define EXMAGIC         0x849ba1fd
   91 
   92 #define SLOT(x) LABEL_TO_SLOT((x), test_slot).l_long
   93 static int      test_slot;
   94 SYSCTL_INT(_security_mac_test, OID_AUTO, slot, CTLFLAG_RD,
   95     &test_slot, 0, "Slot allocated by framework");
   96 
   97 static int      init_count_bpfdesc;
   98 SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_bpfdesc, CTLFLAG_RD,
   99     &init_count_bpfdesc, 0, "bpfdesc init calls");
  100 static int      init_count_cred;
  101 SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_cred, CTLFLAG_RD,
  102     &init_count_cred, 0, "cred init calls");
  103 static int      init_count_devfsdirent;
  104 SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_devfsdirent, CTLFLAG_RD,
  105     &init_count_devfsdirent, 0, "devfsdirent init calls");
  106 static int      init_count_ifnet;
  107 SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_ifnet, CTLFLAG_RD,
  108     &init_count_ifnet, 0, "ifnet init calls");
  109 static int      init_count_ipq;
  110 SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_ipq, CTLFLAG_RD,
  111     &init_count_ipq, 0, "ipq init calls");
  112 static int      init_count_mbuf;
  113 SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_mbuf, CTLFLAG_RD,
  114     &init_count_mbuf, 0, "mbuf init calls");
  115 static int      init_count_mount;
  116 SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_mount, CTLFLAG_RD,
  117     &init_count_mount, 0, "mount init calls");
  118 static int      init_count_mount_fslabel;
  119 SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_mount_fslabel, CTLFLAG_RD,
  120     &init_count_mount_fslabel, 0, "mount_fslabel init calls");
  121 static int      init_count_socket;
  122 SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_socket, CTLFLAG_RD,
  123     &init_count_socket, 0, "socket init calls");
  124 static int      init_count_socket_peerlabel;
  125 SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_socket_peerlabel,
  126     CTLFLAG_RD, &init_count_socket_peerlabel, 0,
  127     "socket_peerlabel init calls");
  128 static int      init_count_pipe;
  129 SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_pipe, CTLFLAG_RD,
  130     &init_count_pipe, 0, "pipe init calls");
  131 static int      init_count_vnode;
  132 SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_vnode, CTLFLAG_RD,
  133     &init_count_vnode, 0, "vnode init calls");
  134 
  135 static int      destroy_count_bpfdesc;
  136 SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_bpfdesc, CTLFLAG_RD,
  137     &destroy_count_bpfdesc, 0, "bpfdesc destroy calls");
  138 static int      destroy_count_cred;
  139 SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_cred, CTLFLAG_RD,
  140     &destroy_count_cred, 0, "cred destroy calls");
  141 static int      destroy_count_devfsdirent;
  142 SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_devfsdirent, CTLFLAG_RD,
  143     &destroy_count_devfsdirent, 0, "devfsdirent destroy calls");
  144 static int      destroy_count_ifnet;
  145 SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_ifnet, CTLFLAG_RD,
  146     &destroy_count_ifnet, 0, "ifnet destroy calls");
  147 static int      destroy_count_ipq;
  148 SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_ipq, CTLFLAG_RD,
  149     &destroy_count_ipq, 0, "ipq destroy calls");
  150 static int      destroy_count_mbuf;
  151 SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_mbuf, CTLFLAG_RD,
  152     &destroy_count_mbuf, 0, "mbuf destroy calls");
  153 static int      destroy_count_mount;
  154 SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_mount, CTLFLAG_RD,
  155     &destroy_count_mount, 0, "mount destroy calls");
  156 static int      destroy_count_mount_fslabel;
  157 SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_mount_fslabel,
  158     CTLFLAG_RD, &destroy_count_mount_fslabel, 0,
  159     "mount_fslabel destroy calls");
  160 static int      destroy_count_socket;
  161 SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_socket, CTLFLAG_RD,
  162     &destroy_count_socket, 0, "socket destroy calls");
  163 static int      destroy_count_socket_peerlabel;
  164 SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_socket_peerlabel,
  165     CTLFLAG_RD, &destroy_count_socket_peerlabel, 0,
  166     "socket_peerlabel destroy calls");
  167 static int      destroy_count_pipe;
  168 SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_pipe, CTLFLAG_RD,
  169     &destroy_count_pipe, 0, "pipe destroy calls");
  170 static int      destroy_count_vnode;
  171 SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_vnode, CTLFLAG_RD,
  172     &destroy_count_vnode, 0, "vnode destroy calls");
  173 
  174 static int externalize_count;
  175 SYSCTL_INT(_security_mac_test, OID_AUTO, externalize_count, CTLFLAG_RD,
  176     &externalize_count, 0, "Subject/object externalize calls");
  177 static int internalize_count;
  178 SYSCTL_INT(_security_mac_test, OID_AUTO, internalize_count, CTLFLAG_RD,
  179     &internalize_count, 0, "Subject/object internalize calls");
  180 
  181 /*
  182  * Policy module operations.
  183  */
  184 static void
  185 mac_test_destroy(struct mac_policy_conf *conf)
  186 {
  187 
  188 }
  189 
  190 static void
  191 mac_test_init(struct mac_policy_conf *conf)
  192 {
  193 
  194 }
  195 
  196 static int
  197 mac_test_syscall(struct thread *td, int call, void *arg)
  198 {
  199 
  200         return (0);
  201 }
  202 
  203 /*
  204  * Label operations.
  205  */
  206 static void
  207 mac_test_init_bpfdesc_label(struct label *label)
  208 {
  209 
  210         SLOT(label) = BPFMAGIC;
  211         atomic_add_int(&init_count_bpfdesc, 1);
  212 }
  213 
  214 static void
  215 mac_test_init_cred_label(struct label *label)
  216 {
  217 
  218         SLOT(label) = CREDMAGIC;
  219         atomic_add_int(&init_count_cred, 1);
  220 }
  221 
  222 static void
  223 mac_test_init_devfsdirent_label(struct label *label)
  224 {
  225 
  226         SLOT(label) = DEVFSMAGIC;
  227         atomic_add_int(&init_count_devfsdirent, 1);
  228 }
  229 
  230 static void
  231 mac_test_init_ifnet_label(struct label *label)
  232 {
  233 
  234         SLOT(label) = IFNETMAGIC;
  235         atomic_add_int(&init_count_ifnet, 1);
  236 }
  237 
  238 static void
  239 mac_test_init_ipq_label(struct label *label)
  240 {
  241 
  242         SLOT(label) = IPQMAGIC;
  243         atomic_add_int(&init_count_ipq, 1);
  244 }
  245 
  246 static int
  247 mac_test_init_mbuf_label(struct label *label, int flag)
  248 {
  249 
  250         SLOT(label) = MBUFMAGIC;
  251         atomic_add_int(&init_count_mbuf, 1);
  252         return (0);
  253 }
  254 
  255 static void
  256 mac_test_init_mount_label(struct label *label)
  257 {
  258 
  259         SLOT(label) = MOUNTMAGIC;
  260         atomic_add_int(&init_count_mount, 1);
  261 }
  262 
  263 static void
  264 mac_test_init_mount_fs_label(struct label *label)
  265 {
  266 
  267         SLOT(label) = MOUNTMAGIC;
  268         atomic_add_int(&init_count_mount_fslabel, 1);
  269 }
  270 
  271 static int
  272 mac_test_init_socket_label(struct label *label, int flag)
  273 {
  274 
  275         SLOT(label) = SOCKETMAGIC;
  276         atomic_add_int(&init_count_socket, 1);
  277         return (0);
  278 }
  279 
  280 static int
  281 mac_test_init_socket_peer_label(struct label *label, int flag)
  282 {
  283 
  284         SLOT(label) = SOCKETMAGIC;
  285         atomic_add_int(&init_count_socket_peerlabel, 1);
  286         return (0);
  287 }
  288 
  289 static void
  290 mac_test_init_pipe_label(struct label *label)
  291 {
  292 
  293         SLOT(label) = PIPEMAGIC;
  294         atomic_add_int(&init_count_pipe, 1);
  295 }
  296 
  297 static void
  298 mac_test_init_vnode_label(struct label *label)
  299 {
  300 
  301         SLOT(label) = VNODEMAGIC;
  302         atomic_add_int(&init_count_vnode, 1);
  303 }
  304 
  305 static void
  306 mac_test_destroy_bpfdesc_label(struct label *label)
  307 {
  308 
  309         if (SLOT(label) == BPFMAGIC || SLOT(label) == 0) {
  310                 atomic_add_int(&destroy_count_bpfdesc, 1);
  311                 SLOT(label) = EXMAGIC;
  312         } else if (SLOT(label) == EXMAGIC) {
  313                 Debugger("mac_test_destroy_bpfdesc: dup destroy");
  314         } else {
  315                 Debugger("mac_test_destroy_bpfdesc: corrupted label");
  316         }
  317 }
  318 
  319 static void
  320 mac_test_destroy_cred_label(struct label *label)
  321 {
  322 
  323         if (SLOT(label) == CREDMAGIC || SLOT(label) == 0) {
  324                 atomic_add_int(&destroy_count_cred, 1);
  325                 SLOT(label) = EXMAGIC;
  326         } else if (SLOT(label) == EXMAGIC) {
  327                 Debugger("mac_test_destroy_cred: dup destroy");
  328         } else {
  329                 Debugger("mac_test_destroy_cred: corrupted label");
  330         }
  331 }
  332 
  333 static void
  334 mac_test_destroy_devfsdirent_label(struct label *label)
  335 {
  336 
  337         if (SLOT(label) == DEVFSMAGIC || SLOT(label) == 0) {
  338                 atomic_add_int(&destroy_count_devfsdirent, 1);
  339                 SLOT(label) = EXMAGIC;
  340         } else if (SLOT(label) == EXMAGIC) {
  341                 Debugger("mac_test_destroy_devfsdirent: dup destroy");
  342         } else {
  343                 Debugger("mac_test_destroy_devfsdirent: corrupted label");
  344         }
  345 }
  346 
  347 static void
  348 mac_test_destroy_ifnet_label(struct label *label)
  349 {
  350 
  351         if (SLOT(label) == IFNETMAGIC || SLOT(label) == 0) {
  352                 atomic_add_int(&destroy_count_ifnet, 1);
  353                 SLOT(label) = EXMAGIC;
  354         } else if (SLOT(label) == EXMAGIC) {
  355                 Debugger("mac_test_destroy_ifnet: dup destroy");
  356         } else {
  357                 Debugger("mac_test_destroy_ifnet: corrupted label");
  358         }
  359 }
  360 
  361 static void
  362 mac_test_destroy_ipq_label(struct label *label)
  363 {
  364 
  365         if (SLOT(label) == IPQMAGIC || SLOT(label) == 0) {
  366                 atomic_add_int(&destroy_count_ipq, 1);
  367                 SLOT(label) = EXMAGIC;
  368         } else if (SLOT(label) == EXMAGIC) {
  369                 Debugger("mac_test_destroy_ipq: dup destroy");
  370         } else {
  371                 Debugger("mac_test_destroy_ipq: corrupted label");
  372         }
  373 }
  374 
  375 static void
  376 mac_test_destroy_mbuf_label(struct label *label)
  377 {
  378 
  379         if (SLOT(label) == MBUFMAGIC || SLOT(label) == 0) {
  380                 atomic_add_int(&destroy_count_mbuf, 1);
  381                 SLOT(label) = EXMAGIC;
  382         } else if (SLOT(label) == EXMAGIC) {
  383                 Debugger("mac_test_destroy_mbuf: dup destroy");
  384         } else {
  385                 Debugger("mac_test_destroy_mbuf: corrupted label");
  386         }
  387 }
  388 
  389 static void
  390 mac_test_destroy_mount_label(struct label *label)
  391 {
  392 
  393         if ((SLOT(label) == MOUNTMAGIC || SLOT(label) == 0)) {
  394                 atomic_add_int(&destroy_count_mount, 1);
  395                 SLOT(label) = EXMAGIC;
  396         } else if (SLOT(label) == EXMAGIC) {
  397                 Debugger("mac_test_destroy_mount: dup destroy");
  398         } else {
  399                 Debugger("mac_test_destroy_mount: corrupted label");
  400         }
  401 }
  402 
  403 static void
  404 mac_test_destroy_mount_fs_label(struct label *label)
  405 {
  406 
  407         if ((SLOT(label) == MOUNTMAGIC || SLOT(label) == 0)) {
  408                 atomic_add_int(&destroy_count_mount_fslabel, 1);
  409                 SLOT(label) = EXMAGIC;
  410         } else if (SLOT(label) == EXMAGIC) {
  411                 Debugger("mac_test_destroy_mount_fslabel: dup destroy");
  412         } else {
  413                 Debugger("mac_test_destroy_mount_fslabel: corrupted label");
  414         }
  415 }
  416 
  417 static void
  418 mac_test_destroy_socket_label(struct label *label)
  419 {
  420 
  421         if ((SLOT(label) == SOCKETMAGIC || SLOT(label) == 0)) {
  422                 atomic_add_int(&destroy_count_socket, 1);
  423                 SLOT(label) = EXMAGIC;
  424         } else if (SLOT(label) == EXMAGIC) {
  425                 Debugger("mac_test_destroy_socket: dup destroy");
  426         } else {
  427                 Debugger("mac_test_destroy_socket: corrupted label");
  428         }
  429 }
  430 
  431 static void
  432 mac_test_destroy_socket_peer_label(struct label *label)
  433 {
  434 
  435         if ((SLOT(label) == SOCKETMAGIC || SLOT(label) == 0)) {
  436                 atomic_add_int(&destroy_count_socket_peerlabel, 1);
  437                 SLOT(label) = EXMAGIC;
  438         } else if (SLOT(label) == EXMAGIC) {
  439                 Debugger("mac_test_destroy_socket_peerlabel: dup destroy");
  440         } else {
  441                 Debugger("mac_test_destroy_socket_peerlabel: corrupted label");
  442         }
  443 }
  444 
  445 static void
  446 mac_test_destroy_pipe_label(struct label *label)
  447 {
  448 
  449         if ((SLOT(label) == PIPEMAGIC || SLOT(label) == 0)) {
  450                 atomic_add_int(&destroy_count_pipe, 1);
  451                 SLOT(label) = EXMAGIC;
  452         } else if (SLOT(label) == EXMAGIC) {
  453                 Debugger("mac_test_destroy_pipe: dup destroy");
  454         } else {
  455                 Debugger("mac_test_destroy_pipe: corrupted label");
  456         }
  457 }
  458 
  459 static void
  460 mac_test_destroy_vnode_label(struct label *label)
  461 {
  462 
  463         if (SLOT(label) == VNODEMAGIC || SLOT(label) == 0) {
  464                 atomic_add_int(&destroy_count_vnode, 1);
  465                 SLOT(label) = EXMAGIC;
  466         } else if (SLOT(label) == EXMAGIC) {
  467                 Debugger("mac_test_destroy_vnode: dup destroy");
  468         } else {
  469                 Debugger("mac_test_destroy_vnode: corrupted label");
  470         }
  471 }
  472 
  473 static int
  474 mac_test_externalize_label(struct label *label, char *element_name,
  475     char *element_data, size_t size, size_t *len, int *claimed)
  476 {
  477 
  478         atomic_add_int(&externalize_count, 1);
  479 
  480         return (0);
  481 }
  482 
  483 static int
  484 mac_test_internalize_label(struct label *label, char *element_name,
  485     char *element_data, int *claimed)
  486 {
  487 
  488         atomic_add_int(&internalize_count, 1);
  489 
  490         return (0);
  491 }
  492 
  493 /*
  494  * Labeling event operations: file system objects, and things that look
  495  * a lot like file system objects.
  496  */
  497 static void
  498 mac_test_associate_vnode_devfs(struct mount *mp, struct label *fslabel,
  499     struct devfs_dirent *de, struct label *delabel, struct vnode *vp,
  500     struct label *vlabel)
  501 {
  502 
  503 }
  504 
  505 static int
  506 mac_test_associate_vnode_extattr(struct mount *mp, struct label *fslabel,
  507     struct vnode *vp, struct label *vlabel)
  508 {
  509 
  510         return (0);
  511 }
  512 
  513 static void
  514 mac_test_associate_vnode_singlelabel(struct mount *mp,
  515     struct label *fslabel, struct vnode *vp, struct label *vlabel)
  516 {
  517 
  518 }
  519 
  520 static void
  521 mac_test_create_devfs_device(struct mount *mp, dev_t dev,
  522     struct devfs_dirent *devfs_dirent, struct label *label)
  523 {
  524 
  525 }
  526 
  527 static void
  528 mac_test_create_devfs_directory(struct mount *mp, char *dirname,
  529     int dirnamelen, struct devfs_dirent *devfs_dirent, struct label *label)
  530 {
  531 
  532 }
  533 
  534 static void
  535 mac_test_create_devfs_symlink(struct ucred *cred, struct mount *mp,
  536     struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de,
  537     struct label *delabel)
  538 {
  539 
  540 }
  541 
  542 static int
  543 mac_test_create_vnode_extattr(struct ucred *cred, struct mount *mp,
  544     struct label *fslabel, struct vnode *dvp, struct label *dlabel,
  545     struct vnode *vp, struct label *vlabel, struct componentname *cnp)
  546 {
  547 
  548         return (0);
  549 }
  550 
  551 static void
  552 mac_test_create_mount(struct ucred *cred, struct mount *mp,
  553     struct label *mntlabel, struct label *fslabel)
  554 {
  555 
  556 }
  557 
  558 static void
  559 mac_test_create_root_mount(struct ucred *cred, struct mount *mp,
  560     struct label *mntlabel, struct label *fslabel)
  561 {
  562 
  563 }
  564 
  565 static void
  566 mac_test_relabel_vnode(struct ucred *cred, struct vnode *vp,
  567     struct label *vnodelabel, struct label *label)
  568 {
  569 
  570 }
  571 
  572 static int
  573 mac_test_setlabel_vnode_extattr(struct ucred *cred, struct vnode *vp,
  574     struct label *vlabel, struct label *intlabel)
  575 {
  576 
  577         return (0);
  578 }
  579 
  580 static void
  581 mac_test_update_devfsdirent(struct mount *mp,
  582     struct devfs_dirent *devfs_dirent, struct label *direntlabel,
  583     struct vnode *vp, struct label *vnodelabel)
  584 {
  585 
  586 }
  587 
  588 /*
  589  * Labeling event operations: IPC object.
  590  */
  591 static void
  592 mac_test_create_mbuf_from_socket(struct socket *so, struct label *socketlabel,
  593     struct mbuf *m, struct label *mbuflabel)
  594 {
  595 
  596 }
  597 
  598 static void
  599 mac_test_create_socket(struct ucred *cred, struct socket *socket,
  600    struct label *socketlabel)
  601 {
  602 
  603 }
  604 
  605 static void
  606 mac_test_create_pipe(struct ucred *cred, struct pipe *pipe,
  607    struct label *pipelabel)
  608 {
  609 
  610 }
  611 
  612 static void
  613 mac_test_create_socket_from_socket(struct socket *oldsocket,
  614     struct label *oldsocketlabel, struct socket *newsocket,
  615     struct label *newsocketlabel)
  616 {
  617 
  618 }
  619 
  620 static void
  621 mac_test_relabel_socket(struct ucred *cred, struct socket *socket,
  622     struct label *socketlabel, struct label *newlabel)
  623 {
  624 
  625 }
  626 
  627 static void
  628 mac_test_relabel_pipe(struct ucred *cred, struct pipe *pipe,
  629     struct label *pipelabel, struct label *newlabel)
  630 {
  631 
  632 }
  633 
  634 static void
  635 mac_test_set_socket_peer_from_mbuf(struct mbuf *mbuf, struct label *mbuflabel,
  636     struct socket *socket, struct label *socketpeerlabel)
  637 {
  638 
  639 }
  640 
  641 /*
  642  * Labeling event operations: network objects.
  643  */
  644 static void
  645 mac_test_set_socket_peer_from_socket(struct socket *oldsocket,
  646     struct label *oldsocketlabel, struct socket *newsocket,
  647     struct label *newsocketpeerlabel)
  648 {
  649 
  650 }
  651 
  652 static void
  653 mac_test_create_bpfdesc(struct ucred *cred, struct bpf_d *bpf_d,
  654     struct label *bpflabel)
  655 {
  656 
  657 }
  658 
  659 static void
  660 mac_test_create_datagram_from_ipq(struct ipq *ipq, struct label *ipqlabel,
  661     struct mbuf *datagram, struct label *datagramlabel)
  662 {
  663 
  664 }
  665 
  666 static void
  667 mac_test_create_fragment(struct mbuf *datagram, struct label *datagramlabel,
  668     struct mbuf *fragment, struct label *fragmentlabel)
  669 {
  670 
  671 }
  672 
  673 static void
  674 mac_test_create_ifnet(struct ifnet *ifnet, struct label *ifnetlabel)
  675 {
  676 
  677 }
  678 
  679 static void
  680 mac_test_create_ipq(struct mbuf *fragment, struct label *fragmentlabel,
  681     struct ipq *ipq, struct label *ipqlabel)
  682 {
  683 
  684 }
  685 
  686 static void
  687 mac_test_create_mbuf_from_mbuf(struct mbuf *oldmbuf,
  688     struct label *oldmbuflabel, struct mbuf *newmbuf,
  689     struct label *newmbuflabel)
  690 {
  691 
  692 }
  693 
  694 static void
  695 mac_test_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel,
  696     struct mbuf *mbuf, struct label *mbuflabel)
  697 {
  698 
  699 }
  700 
  701 static void
  702 mac_test_create_mbuf_from_bpfdesc(struct bpf_d *bpf_d, struct label *bpflabel,
  703     struct mbuf *mbuf, struct label *mbuflabel)
  704 {
  705 
  706 }
  707 
  708 static void
  709 mac_test_create_mbuf_from_ifnet(struct ifnet *ifnet, struct label *ifnetlabel,
  710     struct mbuf *m, struct label *mbuflabel)
  711 {
  712 
  713 }
  714 
  715 static void
  716 mac_test_create_mbuf_multicast_encap(struct mbuf *oldmbuf,
  717     struct label *oldmbuflabel, struct ifnet *ifnet, struct label *ifnetlabel,
  718     struct mbuf *newmbuf, struct label *newmbuflabel)
  719 {
  720 
  721 }
  722 
  723 static void
  724 mac_test_create_mbuf_netlayer(struct mbuf *oldmbuf,
  725     struct label *oldmbuflabel, struct mbuf *newmbuf,
  726     struct label *newmbuflabel)
  727 {
  728 
  729 }
  730 
  731 static int
  732 mac_test_fragment_match(struct mbuf *fragment, struct label *fragmentlabel,
  733     struct ipq *ipq, struct label *ipqlabel)
  734 {
  735 
  736         return (1);
  737 }
  738 
  739 static void
  740 mac_test_relabel_ifnet(struct ucred *cred, struct ifnet *ifnet,
  741     struct label *ifnetlabel, struct label *newlabel)
  742 {
  743 
  744 }
  745 
  746 static void
  747 mac_test_update_ipq(struct mbuf *fragment, struct label *fragmentlabel,
  748     struct ipq *ipq, struct label *ipqlabel)
  749 {
  750 
  751 }
  752 
  753 /*
  754  * Labeling event operations: processes.
  755  */
  756 static void
  757 mac_test_create_cred(struct ucred *cred_parent, struct ucred *cred_child)
  758 {
  759 
  760 }
  761 
  762 static void
  763 mac_test_execve_transition(struct ucred *old, struct ucred *new,
  764     struct vnode *vp, struct label *filelabel,
  765     struct label *interpvnodelabel, struct image_params *imgp,
  766     struct label *execlabel)
  767 {
  768 
  769 }
  770 
  771 static int
  772 mac_test_execve_will_transition(struct ucred *old, struct vnode *vp,
  773     struct label *filelabel, struct label *interpvnodelabel,
  774     struct image_params *imgp, struct label *execlabel)
  775 {
  776 
  777         return (0);
  778 }
  779 
  780 static void
  781 mac_test_create_proc0(struct ucred *cred)
  782 {
  783 
  784 }
  785 
  786 static void
  787 mac_test_create_proc1(struct ucred *cred)
  788 {
  789 
  790 }
  791 
  792 static void
  793 mac_test_relabel_cred(struct ucred *cred, struct label *newlabel)
  794 {
  795 
  796 }
  797 
  798 /*
  799  * Access control checks.
  800  */
  801 static int
  802 mac_test_check_bpfdesc_receive(struct bpf_d *bpf_d, struct label *bpflabel,
  803     struct ifnet *ifnet, struct label *ifnetlabel)
  804 {
  805 
  806         return (0);
  807 }
  808 
  809 static int
  810 mac_test_check_cred_relabel(struct ucred *cred, struct label *newlabel)
  811 {
  812 
  813         return (0);
  814 }
  815 
  816 static int
  817 mac_test_check_cred_visible(struct ucred *u1, struct ucred *u2)
  818 {
  819 
  820         return (0);
  821 }
  822 
  823 static int
  824 mac_test_check_ifnet_relabel(struct ucred *cred, struct ifnet *ifnet,
  825     struct label *ifnetlabel, struct label *newlabel)
  826 {
  827 
  828         return (0);
  829 }
  830 
  831 static int
  832 mac_test_check_ifnet_transmit(struct ifnet *ifnet, struct label *ifnetlabel,
  833     struct mbuf *m, struct label *mbuflabel)
  834 {
  835 
  836         return (0);
  837 }
  838 
  839 static int
  840 mac_test_check_mount_stat(struct ucred *cred, struct mount *mp,
  841     struct label *mntlabel)
  842 {
  843 
  844         return (0);
  845 }
  846 
  847 static int
  848 mac_test_check_pipe_ioctl(struct ucred *cred, struct pipe *pipe,
  849     struct label *pipelabel, unsigned long cmd, void /* caddr_t */ *data)
  850 {
  851 
  852         return (0);
  853 }
  854 
  855 static int
  856 mac_test_check_pipe_poll(struct ucred *cred, struct pipe *pipe,
  857     struct label *pipelabel)
  858 {
  859 
  860         return (0);
  861 }
  862 
  863 static int
  864 mac_test_check_pipe_read(struct ucred *cred, struct pipe *pipe,
  865     struct label *pipelabel)
  866 {
  867 
  868         return (0);
  869 }
  870 
  871 static int
  872 mac_test_check_pipe_relabel(struct ucred *cred, struct pipe *pipe,
  873     struct label *pipelabel, struct label *newlabel)
  874 {
  875 
  876         return (0);
  877 }
  878 
  879 static int
  880 mac_test_check_pipe_stat(struct ucred *cred, struct pipe *pipe,
  881     struct label *pipelabel)
  882 {
  883 
  884         return (0);
  885 }
  886 
  887 static int
  888 mac_test_check_pipe_write(struct ucred *cred, struct pipe *pipe,
  889     struct label *pipelabel)
  890 {
  891 
  892         return (0);
  893 }
  894 
  895 static int
  896 mac_test_check_proc_debug(struct ucred *cred, struct proc *proc)
  897 {
  898 
  899         return (0);
  900 }
  901 
  902 static int
  903 mac_test_check_proc_sched(struct ucred *cred, struct proc *proc)
  904 {
  905 
  906         return (0);
  907 }
  908 
  909 static int
  910 mac_test_check_proc_signal(struct ucred *cred, struct proc *proc, int signum)
  911 {
  912 
  913         return (0);
  914 }
  915 
  916 static int
  917 mac_test_check_socket_bind(struct ucred *cred, struct socket *socket,
  918     struct label *socketlabel, struct sockaddr *sockaddr)
  919 {
  920 
  921         return (0);
  922 }
  923 
  924 static int
  925 mac_test_check_socket_connect(struct ucred *cred, struct socket *socket,
  926     struct label *socketlabel, struct sockaddr *sockaddr)
  927 {
  928 
  929         return (0);
  930 }
  931 
  932 static int
  933 mac_test_check_socket_deliver(struct socket *socket, struct label *socketlabel,
  934     struct mbuf *m, struct label *mbuflabel)
  935 {
  936 
  937         return (0);
  938 }
  939 
  940 static int
  941 mac_test_check_socket_listen(struct ucred *cred, struct socket *socket,
  942     struct label *socketlabel)
  943 {
  944 
  945         return (0);
  946 }
  947 
  948 static int
  949 mac_test_check_socket_visible(struct ucred *cred, struct socket *socket,
  950     struct label *socketlabel)
  951 {
  952 
  953         return (0);
  954 }
  955 
  956 static int
  957 mac_test_check_socket_relabel(struct ucred *cred, struct socket *socket,
  958     struct label *socketlabel, struct label *newlabel)
  959 {
  960 
  961         return (0);
  962 }
  963 
  964 static int
  965 mac_test_check_vnode_access(struct ucred *cred, struct vnode *vp,
  966     struct label *label, int acc_mode)
  967 {
  968 
  969         return (0);
  970 }
  971 
  972 static int
  973 mac_test_check_vnode_chdir(struct ucred *cred, struct vnode *dvp,
  974     struct label *dlabel)
  975 {
  976 
  977         return (0);
  978 }
  979 
  980 static int
  981 mac_test_check_vnode_chroot(struct ucred *cred, struct vnode *dvp,
  982     struct label *dlabel)
  983 {
  984 
  985         return (0);
  986 }
  987 
  988 static int
  989 mac_test_check_vnode_create(struct ucred *cred, struct vnode *dvp,
  990     struct label *dlabel, struct componentname *cnp, struct vattr *vap)
  991 {
  992 
  993         return (0);
  994 }
  995 
  996 static int
  997 mac_test_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
  998     struct label *dlabel, struct vnode *vp, struct label *label,
  999     struct componentname *cnp)
 1000 {
 1001 
 1002         return (0);
 1003 }
 1004 
 1005 static int
 1006 mac_test_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
 1007     struct label *label, acl_type_t type)
 1008 {
 1009 
 1010         return (0);
 1011 }
 1012 
 1013 static int
 1014 mac_test_check_vnode_exec(struct ucred *cred, struct vnode *vp,
 1015     struct label *label, struct image_params *imgp,
 1016     struct label *execlabel)
 1017 {
 1018 
 1019         return (0);
 1020 }
 1021 
 1022 static int
 1023 mac_test_check_vnode_getacl(struct ucred *cred, struct vnode *vp,
 1024     struct label *label, acl_type_t type)
 1025 {
 1026 
 1027         return (0);
 1028 }
 1029 
 1030 static int
 1031 mac_test_check_vnode_getextattr(struct ucred *cred, struct vnode *vp,
 1032     struct label *label, int attrnamespace, const char *name, struct uio *uio)
 1033 {
 1034 
 1035         return (0);
 1036 }
 1037 
 1038 static int
 1039 mac_test_check_vnode_link(struct ucred *cred, struct vnode *dvp,
 1040     struct label *dlabel, struct vnode *vp, struct label *label,
 1041     struct componentname *cnp)
 1042 {
 1043 
 1044         return (0);
 1045 }
 1046 
 1047 static int
 1048 mac_test_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, 
 1049     struct label *dlabel, struct componentname *cnp)
 1050 {
 1051 
 1052         return (0);
 1053 }
 1054 
 1055 static int
 1056 mac_test_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
 1057     struct label *label, int prot)
 1058 {
 1059 
 1060         return (0);
 1061 }
 1062 
 1063 static int
 1064 mac_test_check_vnode_mprotect(struct ucred *cred, struct vnode *vp,
 1065     struct label *label, int prot)
 1066 {
 1067 
 1068         return (0);
 1069 }
 1070 
 1071 static int
 1072 mac_test_check_vnode_open(struct ucred *cred, struct vnode *vp,
 1073     struct label *filelabel, int acc_mode)
 1074 {
 1075 
 1076         return (0);
 1077 }
 1078 
 1079 static int
 1080 mac_test_check_vnode_poll(struct ucred *active_cred, struct ucred *file_cred,
 1081     struct vnode *vp, struct label *label)
 1082 {
 1083 
 1084         return (0);
 1085 }
 1086 
 1087 static int
 1088 mac_test_check_vnode_read(struct ucred *active_cred, struct ucred *file_cred,
 1089     struct vnode *vp, struct label *label)
 1090 {
 1091 
 1092         return (0);
 1093 }
 1094 
 1095 static int
 1096 mac_test_check_vnode_readdir(struct ucred *cred, struct vnode *dvp,
 1097     struct label *dlabel)
 1098 {
 1099 
 1100         return (0);
 1101 }
 1102 
 1103 static int
 1104 mac_test_check_vnode_readlink(struct ucred *cred, struct vnode *vp,
 1105     struct label *vnodelabel)
 1106 {
 1107 
 1108         return (0);
 1109 }
 1110 
 1111 static int
 1112 mac_test_check_vnode_relabel(struct ucred *cred, struct vnode *vp,
 1113     struct label *vnodelabel, struct label *newlabel)
 1114 {
 1115 
 1116         return (0);
 1117 }
 1118 
 1119 static int
 1120 mac_test_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp,
 1121     struct label *dlabel, struct vnode *vp, struct label *label,
 1122     struct componentname *cnp)
 1123 {
 1124 
 1125         return (0);
 1126 }
 1127 
 1128 static int
 1129 mac_test_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp,
 1130     struct label *dlabel, struct vnode *vp, struct label *label, int samedir,
 1131     struct componentname *cnp)
 1132 {
 1133 
 1134         return (0);
 1135 }
 1136 
 1137 static int
 1138 mac_test_check_vnode_revoke(struct ucred *cred, struct vnode *vp,
 1139     struct label *label)
 1140 {
 1141 
 1142         return (0);
 1143 }
 1144 
 1145 static int
 1146 mac_test_check_vnode_setacl(struct ucred *cred, struct vnode *vp,
 1147     struct label *label, acl_type_t type, struct acl *acl)
 1148 {
 1149 
 1150         return (0);
 1151 }
 1152 
 1153 static int
 1154 mac_test_check_vnode_setextattr(struct ucred *cred, struct vnode *vp,
 1155     struct label *label, int attrnamespace, const char *name, struct uio *uio)
 1156 {
 1157 
 1158         return (0);
 1159 }
 1160 
 1161 static int
 1162 mac_test_check_vnode_setflags(struct ucred *cred, struct vnode *vp,
 1163     struct label *label, u_long flags)
 1164 {
 1165 
 1166         return (0);
 1167 }
 1168 
 1169 static int
 1170 mac_test_check_vnode_setmode(struct ucred *cred, struct vnode *vp,
 1171     struct label *label, mode_t mode)
 1172 {
 1173 
 1174         return (0);
 1175 }
 1176 
 1177 static int
 1178 mac_test_check_vnode_setowner(struct ucred *cred, struct vnode *vp,
 1179     struct label *label, uid_t uid, gid_t gid)
 1180 {
 1181 
 1182         return (0);
 1183 }
 1184 
 1185 static int
 1186 mac_test_check_vnode_setutimes(struct ucred *cred, struct vnode *vp,
 1187     struct label *label, struct timespec atime, struct timespec mtime)
 1188 {
 1189 
 1190         return (0);
 1191 }
 1192 
 1193 static int
 1194 mac_test_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred,
 1195     struct vnode *vp, struct label *label)
 1196 {
 1197 
 1198         return (0);
 1199 }
 1200 
 1201 static int
 1202 mac_test_check_vnode_write(struct ucred *active_cred,
 1203     struct ucred *file_cred, struct vnode *vp, struct label *label)
 1204 {
 1205 
 1206         return (0);
 1207 }
 1208 
 1209 static struct mac_policy_ops mac_test_ops =
 1210 {
 1211         .mpo_destroy = mac_test_destroy,
 1212         .mpo_init = mac_test_init,
 1213         .mpo_syscall = mac_test_syscall,
 1214         .mpo_init_bpfdesc_label = mac_test_init_bpfdesc_label,
 1215         .mpo_init_cred_label = mac_test_init_cred_label,
 1216         .mpo_init_devfsdirent_label = mac_test_init_devfsdirent_label,
 1217         .mpo_init_ifnet_label = mac_test_init_ifnet_label,
 1218         .mpo_init_ipq_label = mac_test_init_ipq_label,
 1219         .mpo_init_mbuf_label = mac_test_init_mbuf_label,
 1220         .mpo_init_mount_label = mac_test_init_mount_label,
 1221         .mpo_init_mount_fs_label = mac_test_init_mount_fs_label,
 1222         .mpo_init_pipe_label = mac_test_init_pipe_label,
 1223         .mpo_init_socket_label = mac_test_init_socket_label,
 1224         .mpo_init_socket_peer_label = mac_test_init_socket_peer_label,
 1225         .mpo_init_vnode_label = mac_test_init_vnode_label,
 1226         .mpo_destroy_bpfdesc_label = mac_test_destroy_bpfdesc_label,
 1227         .mpo_destroy_cred_label = mac_test_destroy_cred_label,
 1228         .mpo_destroy_devfsdirent_label = mac_test_destroy_devfsdirent_label,
 1229         .mpo_destroy_ifnet_label = mac_test_destroy_ifnet_label,
 1230         .mpo_destroy_ipq_label = mac_test_destroy_ipq_label,
 1231         .mpo_destroy_mbuf_label = mac_test_destroy_mbuf_label,
 1232         .mpo_destroy_mount_label = mac_test_destroy_mount_label,
 1233         .mpo_destroy_mount_fs_label = mac_test_destroy_mount_fs_label,
 1234         .mpo_destroy_pipe_label = mac_test_destroy_pipe_label,
 1235         .mpo_destroy_socket_label = mac_test_destroy_socket_label,
 1236         .mpo_destroy_socket_peer_label = mac_test_destroy_socket_peer_label,
 1237         .mpo_destroy_vnode_label = mac_test_destroy_vnode_label,
 1238         .mpo_externalize_cred_label = mac_test_externalize_label,
 1239         .mpo_externalize_ifnet_label = mac_test_externalize_label,
 1240         .mpo_externalize_pipe_label = mac_test_externalize_label,
 1241         .mpo_externalize_socket_label = mac_test_externalize_label,
 1242         .mpo_externalize_socket_peer_label = mac_test_externalize_label,
 1243         .mpo_externalize_vnode_label = mac_test_externalize_label,
 1244         .mpo_internalize_cred_label = mac_test_internalize_label,
 1245         .mpo_internalize_ifnet_label = mac_test_internalize_label,
 1246         .mpo_internalize_pipe_label = mac_test_internalize_label,
 1247         .mpo_internalize_socket_label = mac_test_internalize_label,
 1248         .mpo_internalize_vnode_label = mac_test_internalize_label,
 1249         .mpo_associate_vnode_devfs = mac_test_associate_vnode_devfs,
 1250         .mpo_associate_vnode_extattr = mac_test_associate_vnode_extattr,
 1251         .mpo_associate_vnode_singlelabel = mac_test_associate_vnode_singlelabel,
 1252         .mpo_create_devfs_device = mac_test_create_devfs_device,
 1253         .mpo_create_devfs_directory = mac_test_create_devfs_directory,
 1254         .mpo_create_devfs_symlink = mac_test_create_devfs_symlink,
 1255         .mpo_create_vnode_extattr = mac_test_create_vnode_extattr,
 1256         .mpo_create_mount = mac_test_create_mount,
 1257         .mpo_create_root_mount = mac_test_create_root_mount,
 1258         .mpo_relabel_vnode = mac_test_relabel_vnode,
 1259         .mpo_setlabel_vnode_extattr = mac_test_setlabel_vnode_extattr,
 1260         .mpo_update_devfsdirent = mac_test_update_devfsdirent,
 1261         .mpo_create_mbuf_from_socket = mac_test_create_mbuf_from_socket,
 1262         .mpo_create_pipe = mac_test_create_pipe,
 1263         .mpo_create_socket = mac_test_create_socket,
 1264         .mpo_create_socket_from_socket = mac_test_create_socket_from_socket,
 1265         .mpo_relabel_pipe = mac_test_relabel_pipe,
 1266         .mpo_relabel_socket = mac_test_relabel_socket,
 1267         .mpo_set_socket_peer_from_mbuf = mac_test_set_socket_peer_from_mbuf,
 1268         .mpo_set_socket_peer_from_socket = mac_test_set_socket_peer_from_socket,
 1269         .mpo_create_bpfdesc = mac_test_create_bpfdesc,
 1270         .mpo_create_ifnet = mac_test_create_ifnet,
 1271         .mpo_create_datagram_from_ipq = mac_test_create_datagram_from_ipq,
 1272         .mpo_create_fragment = mac_test_create_fragment,
 1273         .mpo_create_ipq = mac_test_create_ipq,
 1274         .mpo_create_mbuf_from_mbuf = mac_test_create_mbuf_from_mbuf,
 1275         .mpo_create_mbuf_linklayer = mac_test_create_mbuf_linklayer,
 1276         .mpo_create_mbuf_from_bpfdesc = mac_test_create_mbuf_from_bpfdesc,
 1277         .mpo_create_mbuf_from_ifnet = mac_test_create_mbuf_from_ifnet,
 1278         .mpo_create_mbuf_multicast_encap = mac_test_create_mbuf_multicast_encap,
 1279         .mpo_create_mbuf_netlayer = mac_test_create_mbuf_netlayer,
 1280         .mpo_fragment_match = mac_test_fragment_match,
 1281         .mpo_relabel_ifnet = mac_test_relabel_ifnet,
 1282         .mpo_update_ipq = mac_test_update_ipq,
 1283         .mpo_create_cred = mac_test_create_cred,
 1284         .mpo_execve_transition = mac_test_execve_transition,
 1285         .mpo_execve_will_transition = mac_test_execve_will_transition,
 1286         .mpo_create_proc0 = mac_test_create_proc0,
 1287         .mpo_create_proc1 = mac_test_create_proc1,
 1288         .mpo_relabel_cred = mac_test_relabel_cred,
 1289         .mpo_check_bpfdesc_receive = mac_test_check_bpfdesc_receive,
 1290         .mpo_check_cred_relabel = mac_test_check_cred_relabel,
 1291         .mpo_check_cred_visible = mac_test_check_cred_visible,
 1292         .mpo_check_ifnet_relabel = mac_test_check_ifnet_relabel,
 1293         .mpo_check_ifnet_transmit = mac_test_check_ifnet_transmit,
 1294         .mpo_check_mount_stat = mac_test_check_mount_stat,
 1295         .mpo_check_pipe_ioctl = mac_test_check_pipe_ioctl,
 1296         .mpo_check_pipe_poll = mac_test_check_pipe_poll,
 1297         .mpo_check_pipe_read = mac_test_check_pipe_read,
 1298         .mpo_check_pipe_relabel = mac_test_check_pipe_relabel,
 1299         .mpo_check_pipe_stat = mac_test_check_pipe_stat,
 1300         .mpo_check_pipe_write = mac_test_check_pipe_write,
 1301         .mpo_check_proc_debug = mac_test_check_proc_debug,
 1302         .mpo_check_proc_sched = mac_test_check_proc_sched,
 1303         .mpo_check_proc_signal = mac_test_check_proc_signal,
 1304         .mpo_check_socket_bind = mac_test_check_socket_bind,
 1305         .mpo_check_socket_connect = mac_test_check_socket_connect,
 1306         .mpo_check_socket_deliver = mac_test_check_socket_deliver,
 1307         .mpo_check_socket_listen = mac_test_check_socket_listen,
 1308         .mpo_check_socket_relabel = mac_test_check_socket_relabel,
 1309         .mpo_check_socket_visible = mac_test_check_socket_visible,
 1310         .mpo_check_vnode_access = mac_test_check_vnode_access,
 1311         .mpo_check_vnode_chdir = mac_test_check_vnode_chdir,
 1312         .mpo_check_vnode_chroot = mac_test_check_vnode_chroot,
 1313         .mpo_check_vnode_create = mac_test_check_vnode_create,
 1314         .mpo_check_vnode_delete = mac_test_check_vnode_delete,
 1315         .mpo_check_vnode_deleteacl = mac_test_check_vnode_deleteacl,
 1316         .mpo_check_vnode_exec = mac_test_check_vnode_exec,
 1317         .mpo_check_vnode_getacl = mac_test_check_vnode_getacl,
 1318         .mpo_check_vnode_getextattr = mac_test_check_vnode_getextattr,
 1319         .mpo_check_vnode_link = mac_test_check_vnode_link,
 1320         .mpo_check_vnode_lookup = mac_test_check_vnode_lookup,
 1321         .mpo_check_vnode_mmap = mac_test_check_vnode_mmap,
 1322         .mpo_check_vnode_mprotect = mac_test_check_vnode_mprotect,
 1323         .mpo_check_vnode_open = mac_test_check_vnode_open,
 1324         .mpo_check_vnode_poll = mac_test_check_vnode_poll,
 1325         .mpo_check_vnode_read = mac_test_check_vnode_read,
 1326         .mpo_check_vnode_readdir = mac_test_check_vnode_readdir,
 1327         .mpo_check_vnode_readlink = mac_test_check_vnode_readlink,
 1328         .mpo_check_vnode_relabel = mac_test_check_vnode_relabel,
 1329         .mpo_check_vnode_rename_from = mac_test_check_vnode_rename_from,
 1330         .mpo_check_vnode_rename_to = mac_test_check_vnode_rename_to,
 1331         .mpo_check_vnode_revoke = mac_test_check_vnode_revoke,
 1332         .mpo_check_vnode_setacl = mac_test_check_vnode_setacl,
 1333         .mpo_check_vnode_setextattr = mac_test_check_vnode_setextattr,
 1334         .mpo_check_vnode_setflags = mac_test_check_vnode_setflags,
 1335         .mpo_check_vnode_setmode = mac_test_check_vnode_setmode,
 1336         .mpo_check_vnode_setowner = mac_test_check_vnode_setowner,
 1337         .mpo_check_vnode_setutimes = mac_test_check_vnode_setutimes,
 1338         .mpo_check_vnode_stat = mac_test_check_vnode_stat,
 1339         .mpo_check_vnode_write = mac_test_check_vnode_write,
 1340 };
 1341 
 1342 MAC_POLICY_SET(&mac_test_ops, trustedbsd_mac_test, "TrustedBSD MAC/Test",
 1343     MPC_LOADTIME_FLAG_UNLOADOK, &test_slot);

Cache object: afa99e6a51c829f3a333eb09de85bdbf


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.