1 /*- 2 * Copyright (c) 1999-2002, 2007-2008 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2005-2006 SPARTA, Inc. 5 * Copyright (c) 2008 Apple Inc. 6 * All rights reserved. 7 * 8 * This software was developed by Robert Watson for the TrustedBSD Project. 9 * 10 * This software was developed for the FreeBSD Project in part by Network 11 * Associates Laboratories, the Security Research Division of Network 12 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 13 * as part of the DARPA CHATS research program. 14 * 15 * This software was enhanced by SPARTA ISSO under SPAWAR contract 16 * N66001-04-C-6019 ("SEFOS"). 17 * 18 * Redistribution and use in source and binary forms, with or without 19 * modification, are permitted provided that the following conditions 20 * are met: 21 * 1. Redistributions of source code must retain the above copyright 22 * notice, this list of conditions and the following disclaimer. 23 * 2. Redistributions in binary form must reproduce the above copyright 24 * notice, this list of conditions and the following disclaimer in the 25 * documentation and/or other materials provided with the distribution. 26 * 27 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 28 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 29 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 30 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * 39 * $FreeBSD$ 40 */ 41 /* 42 * Kernel interface for MAC policy modules. 43 */ 44 #ifndef _SECURITY_MAC_MAC_POLICY_H_ 45 #define _SECURITY_MAC_MAC_POLICY_H_ 46 47 #ifndef _KERNEL 48 #error "no user-serviceable parts inside" 49 #endif 50 51 /*- 52 * Pluggable access control policy definition structure. 53 * 54 * List of operations that are performed as part of the implementation of a 55 * MAC policy. Policy implementors declare operations with a mac_policy_ops 56 * structure, and using the MAC_POLICY_SET() macro. If an entry point is not 57 * declared, then then the policy will be ignored during evaluation of that 58 * event or check. 59 * 60 * Operations are sorted first by general class of operation, then 61 * alphabetically. 62 */ 63 #include <sys/acl.h> /* XXX acl_type_t */ 64 65 struct acl; 66 struct auditinfo; 67 struct auditinfo_addr; 68 struct bpf_d; 69 struct cdev; 70 struct componentname; 71 struct devfs_dirent; 72 struct ifnet; 73 struct image_params; 74 struct inpcb; 75 struct ip6q; 76 struct ipq; 77 struct ksem; 78 struct label; 79 struct mac_policy_conf; 80 struct mbuf; 81 struct mount; 82 struct msg; 83 struct msqid_kernel; 84 struct pipepair; 85 struct proc; 86 struct sbuf; 87 struct semid_kernel; 88 struct shmfd; 89 struct shmid_kernel; 90 struct sockaddr; 91 struct socket; 92 struct sysctl_oid; 93 struct sysctl_req; 94 struct thread; 95 struct ucred; 96 struct uio; 97 struct vattr; 98 struct vnode; 99 100 /* 101 * Policy module operations. 102 */ 103 typedef void (*mpo_destroy_t)(struct mac_policy_conf *mpc); 104 typedef void (*mpo_init_t)(struct mac_policy_conf *mpc); 105 106 /* 107 * General policy-directed security system call so that policies may 108 * implement new services without reserving explicit system call numbers. 109 */ 110 typedef int (*mpo_syscall_t)(struct thread *td, int call, void *arg); 111 112 /* 113 * Place-holder function pointers for ABI-compatibility purposes. 114 */ 115 typedef void (*mpo_placeholder_t)(void); 116 117 /* 118 * Operations sorted alphabetically by primary object type and then method. 119 */ 120 typedef int (*mpo_bpfdesc_check_receive_t)(struct bpf_d *d, 121 struct label *dlabel, struct ifnet *ifp, 122 struct label *ifplabel); 123 typedef void (*mpo_bpfdesc_create_t)(struct ucred *cred, 124 struct bpf_d *d, struct label *dlabel); 125 typedef void (*mpo_bpfdesc_create_mbuf_t)(struct bpf_d *d, 126 struct label *dlabel, struct mbuf *m, 127 struct label *mlabel); 128 typedef void (*mpo_bpfdesc_destroy_label_t)(struct label *label); 129 typedef void (*mpo_bpfdesc_init_label_t)(struct label *label); 130 131 typedef void (*mpo_cred_associate_nfsd_t)(struct ucred *cred); 132 typedef int (*mpo_cred_check_relabel_t)(struct ucred *cred, 133 struct label *newlabel); 134 typedef int (*mpo_cred_check_visible_t)(struct ucred *cr1, 135 struct ucred *cr2); 136 typedef void (*mpo_cred_copy_label_t)(struct label *src, 137 struct label *dest); 138 typedef void (*mpo_cred_create_init_t)(struct ucred *cred); 139 typedef void (*mpo_cred_create_swapper_t)(struct ucred *cred); 140 typedef void (*mpo_cred_destroy_label_t)(struct label *label); 141 typedef int (*mpo_cred_externalize_label_t)(struct label *label, 142 char *element_name, struct sbuf *sb, int *claimed); 143 typedef void (*mpo_cred_init_label_t)(struct label *label); 144 typedef int (*mpo_cred_internalize_label_t)(struct label *label, 145 char *element_name, char *element_data, int *claimed); 146 typedef void (*mpo_cred_relabel_t)(struct ucred *cred, 147 struct label *newlabel); 148 149 typedef void (*mpo_devfs_create_device_t)(struct ucred *cred, 150 struct mount *mp, struct cdev *dev, 151 struct devfs_dirent *de, struct label *delabel); 152 typedef void (*mpo_devfs_create_directory_t)(struct mount *mp, 153 char *dirname, int dirnamelen, struct devfs_dirent *de, 154 struct label *delabel); 155 typedef void (*mpo_devfs_create_symlink_t)(struct ucred *cred, 156 struct mount *mp, struct devfs_dirent *dd, 157 struct label *ddlabel, struct devfs_dirent *de, 158 struct label *delabel); 159 typedef void (*mpo_devfs_destroy_label_t)(struct label *label); 160 typedef void (*mpo_devfs_init_label_t)(struct label *label); 161 typedef void (*mpo_devfs_update_t)(struct mount *mp, 162 struct devfs_dirent *de, struct label *delabel, 163 struct vnode *vp, struct label *vplabel); 164 typedef void (*mpo_devfs_vnode_associate_t)(struct mount *mp, 165 struct label *mplabel, struct devfs_dirent *de, 166 struct label *delabel, struct vnode *vp, 167 struct label *vplabel); 168 169 typedef int (*mpo_ifnet_check_relabel_t)(struct ucred *cred, 170 struct ifnet *ifp, struct label *ifplabel, 171 struct label *newlabel); 172 typedef int (*mpo_ifnet_check_transmit_t)(struct ifnet *ifp, 173 struct label *ifplabel, struct mbuf *m, 174 struct label *mlabel); 175 typedef void (*mpo_ifnet_copy_label_t)(struct label *src, 176 struct label *dest); 177 typedef void (*mpo_ifnet_create_t)(struct ifnet *ifp, 178 struct label *ifplabel); 179 typedef void (*mpo_ifnet_create_mbuf_t)(struct ifnet *ifp, 180 struct label *ifplabel, struct mbuf *m, 181 struct label *mlabel); 182 typedef void (*mpo_ifnet_destroy_label_t)(struct label *label); 183 typedef int (*mpo_ifnet_externalize_label_t)(struct label *label, 184 char *element_name, struct sbuf *sb, int *claimed); 185 typedef void (*mpo_ifnet_init_label_t)(struct label *label); 186 typedef int (*mpo_ifnet_internalize_label_t)(struct label *label, 187 char *element_name, char *element_data, int *claimed); 188 typedef void (*mpo_ifnet_relabel_t)(struct ucred *cred, struct ifnet *ifp, 189 struct label *ifplabel, struct label *newlabel); 190 191 typedef int (*mpo_inpcb_check_deliver_t)(struct inpcb *inp, 192 struct label *inplabel, struct mbuf *m, 193 struct label *mlabel); 194 typedef int (*mpo_inpcb_check_visible_t)(struct ucred *cred, 195 struct inpcb *inp, struct label *inplabel); 196 typedef void (*mpo_inpcb_create_t)(struct socket *so, 197 struct label *solabel, struct inpcb *inp, 198 struct label *inplabel); 199 typedef void (*mpo_inpcb_create_mbuf_t)(struct inpcb *inp, 200 struct label *inplabel, struct mbuf *m, 201 struct label *mlabel); 202 typedef void (*mpo_inpcb_destroy_label_t)(struct label *label); 203 typedef int (*mpo_inpcb_init_label_t)(struct label *label, int flag); 204 typedef void (*mpo_inpcb_sosetlabel_t)(struct socket *so, 205 struct label *label, struct inpcb *inp, 206 struct label *inplabel); 207 208 typedef void (*mpo_ip6q_create_t)(struct mbuf *m, struct label *mlabel, 209 struct ip6q *q6, struct label *q6label); 210 typedef void (*mpo_ip6q_destroy_label_t)(struct label *label); 211 typedef int (*mpo_ip6q_init_label_t)(struct label *label, int flag); 212 typedef int (*mpo_ip6q_match_t)(struct mbuf *m, struct label *mlabel, 213 struct ip6q *q6, struct label *q6label); 214 typedef void (*mpo_ip6q_reassemble)(struct ip6q *q6, struct label *q6label, 215 struct mbuf *m, struct label *mlabel); 216 typedef void (*mpo_ip6q_update_t)(struct mbuf *m, struct label *mlabel, 217 struct ip6q *q6, struct label *q6label); 218 219 typedef void (*mpo_ipq_create_t)(struct mbuf *m, struct label *mlabel, 220 struct ipq *q, struct label *qlabel); 221 typedef void (*mpo_ipq_destroy_label_t)(struct label *label); 222 typedef int (*mpo_ipq_init_label_t)(struct label *label, int flag); 223 typedef int (*mpo_ipq_match_t)(struct mbuf *m, struct label *mlabel, 224 struct ipq *q, struct label *qlabel); 225 typedef void (*mpo_ipq_reassemble)(struct ipq *q, struct label *qlabel, 226 struct mbuf *m, struct label *mlabel); 227 typedef void (*mpo_ipq_update_t)(struct mbuf *m, struct label *mlabel, 228 struct ipq *q, struct label *qlabel); 229 230 typedef int (*mpo_kenv_check_dump_t)(struct ucred *cred); 231 typedef int (*mpo_kenv_check_get_t)(struct ucred *cred, char *name); 232 typedef int (*mpo_kenv_check_set_t)(struct ucred *cred, char *name, 233 char *value); 234 typedef int (*mpo_kenv_check_unset_t)(struct ucred *cred, char *name); 235 236 typedef int (*mpo_kld_check_load_t)(struct ucred *cred, struct vnode *vp, 237 struct label *vplabel); 238 typedef int (*mpo_kld_check_stat_t)(struct ucred *cred); 239 240 typedef void (*mpo_mbuf_copy_label_t)(struct label *src, 241 struct label *dest); 242 typedef void (*mpo_mbuf_destroy_label_t)(struct label *label); 243 typedef int (*mpo_mbuf_init_label_t)(struct label *label, int flag); 244 245 typedef int (*mpo_mount_check_stat_t)(struct ucred *cred, 246 struct mount *mp, struct label *mplabel); 247 typedef void (*mpo_mount_create_t)(struct ucred *cred, struct mount *mp, 248 struct label *mplabel); 249 typedef void (*mpo_mount_destroy_label_t)(struct label *label); 250 typedef void (*mpo_mount_init_label_t)(struct label *label); 251 252 typedef void (*mpo_netatalk_aarp_send_t)(struct ifnet *ifp, 253 struct label *ifplabel, struct mbuf *m, 254 struct label *mlabel); 255 256 typedef void (*mpo_netinet_arp_send_t)(struct ifnet *ifp, 257 struct label *ifplabel, struct mbuf *m, 258 struct label *mlabel); 259 typedef void (*mpo_netinet_firewall_reply_t)(struct mbuf *mrecv, 260 struct label *mrecvlabel, struct mbuf *msend, 261 struct label *msendlabel); 262 typedef void (*mpo_netinet_firewall_send_t)(struct mbuf *m, 263 struct label *mlabel); 264 typedef void (*mpo_netinet_fragment_t)(struct mbuf *m, 265 struct label *mlabel, struct mbuf *frag, 266 struct label *fraglabel); 267 typedef void (*mpo_netinet_icmp_reply_t)(struct mbuf *mrecv, 268 struct label *mrecvlabel, struct mbuf *msend, 269 struct label *msendlabel); 270 typedef void (*mpo_netinet_icmp_replyinplace_t)(struct mbuf *m, 271 struct label *mlabel); 272 typedef void (*mpo_netinet_igmp_send_t)(struct ifnet *ifp, 273 struct label *ifplabel, struct mbuf *m, 274 struct label *mlabel); 275 typedef void (*mpo_netinet_tcp_reply_t)(struct mbuf *m, 276 struct label *mlabel); 277 278 typedef void (*mpo_netinet6_nd6_send_t)(struct ifnet *ifp, 279 struct label *ifplabel, struct mbuf *m, 280 struct label *mlabel); 281 282 typedef int (*mpo_pipe_check_ioctl_t)(struct ucred *cred, 283 struct pipepair *pp, struct label *pplabel, 284 unsigned long cmd, void *data); 285 typedef int (*mpo_pipe_check_poll_t)(struct ucred *cred, 286 struct pipepair *pp, struct label *pplabel); 287 typedef int (*mpo_pipe_check_read_t)(struct ucred *cred, 288 struct pipepair *pp, struct label *pplabel); 289 typedef int (*mpo_pipe_check_relabel_t)(struct ucred *cred, 290 struct pipepair *pp, struct label *pplabel, 291 struct label *newlabel); 292 typedef int (*mpo_pipe_check_stat_t)(struct ucred *cred, 293 struct pipepair *pp, struct label *pplabel); 294 typedef int (*mpo_pipe_check_write_t)(struct ucred *cred, 295 struct pipepair *pp, struct label *pplabel); 296 typedef void (*mpo_pipe_copy_label_t)(struct label *src, 297 struct label *dest); 298 typedef void (*mpo_pipe_create_t)(struct ucred *cred, struct pipepair *pp, 299 struct label *pplabel); 300 typedef void (*mpo_pipe_destroy_label_t)(struct label *label); 301 typedef int (*mpo_pipe_externalize_label_t)(struct label *label, 302 char *element_name, struct sbuf *sb, int *claimed); 303 typedef void (*mpo_pipe_init_label_t)(struct label *label); 304 typedef int (*mpo_pipe_internalize_label_t)(struct label *label, 305 char *element_name, char *element_data, int *claimed); 306 typedef void (*mpo_pipe_relabel_t)(struct ucred *cred, struct pipepair *pp, 307 struct label *oldlabel, struct label *newlabel); 308 309 typedef int (*mpo_posixsem_check_getvalue_t)(struct ucred *active_cred, 310 struct ucred *file_cred, struct ksem *ks, 311 struct label *kslabel); 312 typedef int (*mpo_posixsem_check_open_t)(struct ucred *cred, 313 struct ksem *ks, struct label *kslabel); 314 typedef int (*mpo_posixsem_check_post_t)(struct ucred *active_cred, 315 struct ucred *file_cred, struct ksem *ks, 316 struct label *kslabel); 317 typedef int (*mpo_posixsem_check_stat_t)(struct ucred *active_cred, 318 struct ucred *file_cred, struct ksem *ks, 319 struct label *kslabel); 320 typedef int (*mpo_posixsem_check_unlink_t)(struct ucred *cred, 321 struct ksem *ks, struct label *kslabel); 322 typedef int (*mpo_posixsem_check_wait_t)(struct ucred *active_cred, 323 struct ucred *file_cred, struct ksem *ks, 324 struct label *kslabel); 325 typedef void (*mpo_posixsem_create_t)(struct ucred *cred, 326 struct ksem *ks, struct label *kslabel); 327 typedef void (*mpo_posixsem_destroy_label_t)(struct label *label); 328 typedef void (*mpo_posixsem_init_label_t)(struct label *label); 329 330 typedef int (*mpo_posixshm_check_mmap_t)(struct ucred *cred, 331 struct shmfd *shmfd, struct label *shmlabel, int prot, 332 int flags); 333 typedef int (*mpo_posixshm_check_open_t)(struct ucred *cred, 334 struct shmfd *shmfd, struct label *shmlabel); 335 typedef int (*mpo_posixshm_check_stat_t)(struct ucred *active_cred, 336 struct ucred *file_cred, struct shmfd *shmfd, 337 struct label *shmlabel); 338 typedef int (*mpo_posixshm_check_truncate_t)(struct ucred *active_cred, 339 struct ucred *file_cred, struct shmfd *shmfd, 340 struct label *shmlabel); 341 typedef int (*mpo_posixshm_check_unlink_t)(struct ucred *cred, 342 struct shmfd *shmfd, struct label *shmlabel); 343 typedef void (*mpo_posixshm_create_t)(struct ucred *cred, 344 struct shmfd *shmfd, struct label *shmlabel); 345 typedef void (*mpo_posixshm_destroy_label_t)(struct label *label); 346 typedef void (*mpo_posixshm_init_label_t)(struct label *label); 347 348 typedef int (*mpo_priv_check_t)(struct ucred *cred, int priv); 349 typedef int (*mpo_priv_grant_t)(struct ucred *cred, int priv); 350 351 typedef int (*mpo_proc_check_debug_t)(struct ucred *cred, 352 struct proc *p); 353 typedef int (*mpo_proc_check_sched_t)(struct ucred *cred, 354 struct proc *p); 355 typedef int (*mpo_proc_check_setaudit_t)(struct ucred *cred, 356 struct auditinfo *ai); 357 typedef int (*mpo_proc_check_setaudit_addr_t)(struct ucred *cred, 358 struct auditinfo_addr *aia); 359 typedef int (*mpo_proc_check_setauid_t)(struct ucred *cred, uid_t auid); 360 typedef int (*mpo_proc_check_setegid_t)(struct ucred *cred, gid_t egid); 361 typedef int (*mpo_proc_check_seteuid_t)(struct ucred *cred, uid_t euid); 362 typedef int (*mpo_proc_check_setgid_t)(struct ucred *cred, gid_t gid); 363 typedef int (*mpo_proc_check_setgroups_t)(struct ucred *cred, int ngroups, 364 gid_t *gidset); 365 typedef int (*mpo_proc_check_setregid_t)(struct ucred *cred, gid_t rgid, 366 gid_t egid); 367 typedef int (*mpo_proc_check_setresgid_t)(struct ucred *cred, gid_t rgid, 368 gid_t egid, gid_t sgid); 369 typedef int (*mpo_proc_check_setresuid_t)(struct ucred *cred, uid_t ruid, 370 uid_t euid, uid_t suid); 371 typedef int (*mpo_proc_check_setreuid_t)(struct ucred *cred, uid_t ruid, 372 uid_t euid); 373 typedef int (*mpo_proc_check_setuid_t)(struct ucred *cred, uid_t uid); 374 typedef int (*mpo_proc_check_signal_t)(struct ucred *cred, 375 struct proc *proc, int signum); 376 typedef int (*mpo_proc_check_wait_t)(struct ucred *cred, 377 struct proc *proc); 378 typedef void (*mpo_proc_destroy_label_t)(struct label *label); 379 typedef void (*mpo_proc_init_label_t)(struct label *label); 380 381 typedef int (*mpo_socket_check_accept_t)(struct ucred *cred, 382 struct socket *so, struct label *solabel); 383 typedef int (*mpo_socket_check_bind_t)(struct ucred *cred, 384 struct socket *so, struct label *solabel, 385 struct sockaddr *sa); 386 typedef int (*mpo_socket_check_connect_t)(struct ucred *cred, 387 struct socket *so, struct label *solabel, 388 struct sockaddr *sa); 389 typedef int (*mpo_socket_check_create_t)(struct ucred *cred, int domain, 390 int type, int protocol); 391 typedef int (*mpo_socket_check_deliver_t)(struct socket *so, 392 struct label *solabel, struct mbuf *m, 393 struct label *mlabel); 394 typedef int (*mpo_socket_check_listen_t)(struct ucred *cred, 395 struct socket *so, struct label *solabel); 396 typedef int (*mpo_socket_check_poll_t)(struct ucred *cred, 397 struct socket *so, struct label *solabel); 398 typedef int (*mpo_socket_check_receive_t)(struct ucred *cred, 399 struct socket *so, struct label *solabel); 400 typedef int (*mpo_socket_check_relabel_t)(struct ucred *cred, 401 struct socket *so, struct label *solabel, 402 struct label *newlabel); 403 typedef int (*mpo_socket_check_send_t)(struct ucred *cred, 404 struct socket *so, struct label *solabel); 405 typedef int (*mpo_socket_check_stat_t)(struct ucred *cred, 406 struct socket *so, struct label *solabel); 407 typedef int (*mpo_socket_check_visible_t)(struct ucred *cred, 408 struct socket *so, struct label *solabel); 409 typedef void (*mpo_socket_copy_label_t)(struct label *src, 410 struct label *dest); 411 typedef void (*mpo_socket_create_t)(struct ucred *cred, struct socket *so, 412 struct label *solabel); 413 typedef void (*mpo_socket_create_mbuf_t)(struct socket *so, 414 struct label *solabel, struct mbuf *m, 415 struct label *mlabel); 416 typedef void (*mpo_socket_destroy_label_t)(struct label *label); 417 typedef int (*mpo_socket_externalize_label_t)(struct label *label, 418 char *element_name, struct sbuf *sb, int *claimed); 419 typedef int (*mpo_socket_init_label_t)(struct label *label, int flag); 420 typedef int (*mpo_socket_internalize_label_t)(struct label *label, 421 char *element_name, char *element_data, int *claimed); 422 typedef void (*mpo_socket_newconn_t)(struct socket *oldso, 423 struct label *oldsolabel, struct socket *newso, 424 struct label *newsolabel); 425 typedef void (*mpo_socket_relabel_t)(struct ucred *cred, struct socket *so, 426 struct label *oldlabel, struct label *newlabel); 427 428 typedef void (*mpo_socketpeer_destroy_label_t)(struct label *label); 429 typedef int (*mpo_socketpeer_externalize_label_t)(struct label *label, 430 char *element_name, struct sbuf *sb, int *claimed); 431 typedef int (*mpo_socketpeer_init_label_t)(struct label *label, 432 int flag); 433 typedef void (*mpo_socketpeer_set_from_mbuf_t)(struct mbuf *m, 434 struct label *mlabel, struct socket *so, 435 struct label *sopeerlabel); 436 typedef void (*mpo_socketpeer_set_from_socket_t)(struct socket *oldso, 437 struct label *oldsolabel, struct socket *newso, 438 struct label *newsopeerlabel); 439 440 typedef void (*mpo_syncache_create_t)(struct label *label, 441 struct inpcb *inp); 442 typedef void (*mpo_syncache_create_mbuf_t)(struct label *sc_label, 443 struct mbuf *m, struct label *mlabel); 444 typedef void (*mpo_syncache_destroy_label_t)(struct label *label); 445 typedef int (*mpo_syncache_init_label_t)(struct label *label, int flag); 446 447 typedef int (*mpo_system_check_acct_t)(struct ucred *cred, 448 struct vnode *vp, struct label *vplabel); 449 typedef int (*mpo_system_check_audit_t)(struct ucred *cred, void *record, 450 int length); 451 typedef int (*mpo_system_check_auditctl_t)(struct ucred *cred, 452 struct vnode *vp, struct label *vplabel); 453 typedef int (*mpo_system_check_auditon_t)(struct ucred *cred, int cmd); 454 typedef int (*mpo_system_check_reboot_t)(struct ucred *cred, int howto); 455 typedef int (*mpo_system_check_swapon_t)(struct ucred *cred, 456 struct vnode *vp, struct label *vplabel); 457 typedef int (*mpo_system_check_swapoff_t)(struct ucred *cred, 458 struct vnode *vp, struct label *vplabel); 459 typedef int (*mpo_system_check_sysctl_t)(struct ucred *cred, 460 struct sysctl_oid *oidp, void *arg1, int arg2, 461 struct sysctl_req *req); 462 463 typedef void (*mpo_sysvmsg_cleanup_t)(struct label *msglabel); 464 typedef void (*mpo_sysvmsg_create_t)(struct ucred *cred, 465 struct msqid_kernel *msqkptr, struct label *msqlabel, 466 struct msg *msgptr, struct label *msglabel); 467 typedef void (*mpo_sysvmsg_destroy_label_t)(struct label *label); 468 typedef void (*mpo_sysvmsg_init_label_t)(struct label *label); 469 470 typedef int (*mpo_sysvmsq_check_msgmsq_t)(struct ucred *cred, 471 struct msg *msgptr, struct label *msglabel, 472 struct msqid_kernel *msqkptr, struct label *msqklabel); 473 typedef int (*mpo_sysvmsq_check_msgrcv_t)(struct ucred *cred, 474 struct msg *msgptr, struct label *msglabel); 475 typedef int (*mpo_sysvmsq_check_msgrmid_t)(struct ucred *cred, 476 struct msg *msgptr, struct label *msglabel); 477 typedef int (*mpo_sysvmsq_check_msqget_t)(struct ucred *cred, 478 struct msqid_kernel *msqkptr, struct label *msqklabel); 479 typedef int (*mpo_sysvmsq_check_msqctl_t)(struct ucred *cred, 480 struct msqid_kernel *msqkptr, struct label *msqklabel, 481 int cmd); 482 typedef int (*mpo_sysvmsq_check_msqrcv_t)(struct ucred *cred, 483 struct msqid_kernel *msqkptr, struct label *msqklabel); 484 typedef int (*mpo_sysvmsq_check_msqsnd_t)(struct ucred *cred, 485 struct msqid_kernel *msqkptr, struct label *msqklabel); 486 typedef void (*mpo_sysvmsq_cleanup_t)(struct label *msqlabel); 487 typedef void (*mpo_sysvmsq_create_t)(struct ucred *cred, 488 struct msqid_kernel *msqkptr, struct label *msqlabel); 489 typedef void (*mpo_sysvmsq_destroy_label_t)(struct label *label); 490 typedef void (*mpo_sysvmsq_init_label_t)(struct label *label); 491 492 typedef int (*mpo_sysvsem_check_semctl_t)(struct ucred *cred, 493 struct semid_kernel *semakptr, struct label *semaklabel, 494 int cmd); 495 typedef int (*mpo_sysvsem_check_semget_t)(struct ucred *cred, 496 struct semid_kernel *semakptr, struct label *semaklabel); 497 typedef int (*mpo_sysvsem_check_semop_t)(struct ucred *cred, 498 struct semid_kernel *semakptr, struct label *semaklabel, 499 size_t accesstype); 500 typedef void (*mpo_sysvsem_cleanup_t)(struct label *semalabel); 501 typedef void (*mpo_sysvsem_create_t)(struct ucred *cred, 502 struct semid_kernel *semakptr, struct label *semalabel); 503 typedef void (*mpo_sysvsem_destroy_label_t)(struct label *label); 504 typedef void (*mpo_sysvsem_init_label_t)(struct label *label); 505 506 typedef int (*mpo_sysvshm_check_shmat_t)(struct ucred *cred, 507 struct shmid_kernel *shmsegptr, 508 struct label *shmseglabel, int shmflg); 509 typedef int (*mpo_sysvshm_check_shmctl_t)(struct ucred *cred, 510 struct shmid_kernel *shmsegptr, 511 struct label *shmseglabel, int cmd); 512 typedef int (*mpo_sysvshm_check_shmdt_t)(struct ucred *cred, 513 struct shmid_kernel *shmsegptr, 514 struct label *shmseglabel); 515 typedef int (*mpo_sysvshm_check_shmget_t)(struct ucred *cred, 516 struct shmid_kernel *shmsegptr, 517 struct label *shmseglabel, int shmflg); 518 typedef void (*mpo_sysvshm_cleanup_t)(struct label *shmlabel); 519 typedef void (*mpo_sysvshm_create_t)(struct ucred *cred, 520 struct shmid_kernel *shmsegptr, struct label *shmlabel); 521 typedef void (*mpo_sysvshm_destroy_label_t)(struct label *label); 522 typedef void (*mpo_sysvshm_init_label_t)(struct label *label); 523 524 typedef void (*mpo_thread_userret_t)(struct thread *thread); 525 526 typedef int (*mpo_vnode_associate_extattr_t)(struct mount *mp, 527 struct label *mplabel, struct vnode *vp, 528 struct label *vplabel); 529 typedef void (*mpo_vnode_associate_singlelabel_t)(struct mount *mp, 530 struct label *mplabel, struct vnode *vp, 531 struct label *vplabel); 532 typedef int (*mpo_vnode_check_access_t)(struct ucred *cred, 533 struct vnode *vp, struct label *vplabel, int acc_mode); 534 typedef int (*mpo_vnode_check_chdir_t)(struct ucred *cred, 535 struct vnode *dvp, struct label *dvplabel); 536 typedef int (*mpo_vnode_check_chroot_t)(struct ucred *cred, 537 struct vnode *dvp, struct label *dvplabel); 538 typedef int (*mpo_vnode_check_create_t)(struct ucred *cred, 539 struct vnode *dvp, struct label *dvplabel, 540 struct componentname *cnp, struct vattr *vap); 541 typedef int (*mpo_vnode_check_deleteacl_t)(struct ucred *cred, 542 struct vnode *vp, struct label *vplabel, 543 acl_type_t type); 544 typedef int (*mpo_vnode_check_deleteextattr_t)(struct ucred *cred, 545 struct vnode *vp, struct label *vplabel, 546 int attrnamespace, const char *name); 547 typedef int (*mpo_vnode_check_exec_t)(struct ucred *cred, 548 struct vnode *vp, struct label *vplabel, 549 struct image_params *imgp, struct label *execlabel); 550 typedef int (*mpo_vnode_check_getacl_t)(struct ucred *cred, 551 struct vnode *vp, struct label *vplabel, 552 acl_type_t type); 553 typedef int (*mpo_vnode_check_getextattr_t)(struct ucred *cred, 554 struct vnode *vp, struct label *vplabel, 555 int attrnamespace, const char *name, struct uio *uio); 556 typedef int (*mpo_vnode_check_link_t)(struct ucred *cred, 557 struct vnode *dvp, struct label *dvplabel, 558 struct vnode *vp, struct label *vplabel, 559 struct componentname *cnp); 560 typedef int (*mpo_vnode_check_listextattr_t)(struct ucred *cred, 561 struct vnode *vp, struct label *vplabel, 562 int attrnamespace); 563 typedef int (*mpo_vnode_check_lookup_t)(struct ucred *cred, 564 struct vnode *dvp, struct label *dvplabel, 565 struct componentname *cnp); 566 typedef int (*mpo_vnode_check_mmap_t)(struct ucred *cred, 567 struct vnode *vp, struct label *label, int prot, 568 int flags); 569 typedef void (*mpo_vnode_check_mmap_downgrade_t)(struct ucred *cred, 570 struct vnode *vp, struct label *vplabel, int *prot); 571 typedef int (*mpo_vnode_check_mprotect_t)(struct ucred *cred, 572 struct vnode *vp, struct label *vplabel, int prot); 573 typedef int (*mpo_vnode_check_open_t)(struct ucred *cred, 574 struct vnode *vp, struct label *vplabel, int acc_mode); 575 typedef int (*mpo_vnode_check_poll_t)(struct ucred *active_cred, 576 struct ucred *file_cred, struct vnode *vp, 577 struct label *vplabel); 578 typedef int (*mpo_vnode_check_read_t)(struct ucred *active_cred, 579 struct ucred *file_cred, struct vnode *vp, 580 struct label *vplabel); 581 typedef int (*mpo_vnode_check_readdir_t)(struct ucred *cred, 582 struct vnode *dvp, struct label *dvplabel); 583 typedef int (*mpo_vnode_check_readlink_t)(struct ucred *cred, 584 struct vnode *vp, struct label *vplabel); 585 typedef int (*mpo_vnode_check_relabel_t)(struct ucred *cred, 586 struct vnode *vp, struct label *vplabel, 587 struct label *newlabel); 588 typedef int (*mpo_vnode_check_rename_from_t)(struct ucred *cred, 589 struct vnode *dvp, struct label *dvplabel, 590 struct vnode *vp, struct label *vplabel, 591 struct componentname *cnp); 592 typedef int (*mpo_vnode_check_rename_to_t)(struct ucred *cred, 593 struct vnode *dvp, struct label *dvplabel, 594 struct vnode *vp, struct label *vplabel, int samedir, 595 struct componentname *cnp); 596 typedef int (*mpo_vnode_check_revoke_t)(struct ucred *cred, 597 struct vnode *vp, struct label *vplabel); 598 typedef int (*mpo_vnode_check_setacl_t)(struct ucred *cred, 599 struct vnode *vp, struct label *vplabel, acl_type_t type, 600 struct acl *acl); 601 typedef int (*mpo_vnode_check_setextattr_t)(struct ucred *cred, 602 struct vnode *vp, struct label *vplabel, 603 int attrnamespace, const char *name, struct uio *uio); 604 typedef int (*mpo_vnode_check_setflags_t)(struct ucred *cred, 605 struct vnode *vp, struct label *vplabel, u_long flags); 606 typedef int (*mpo_vnode_check_setmode_t)(struct ucred *cred, 607 struct vnode *vp, struct label *vplabel, mode_t mode); 608 typedef int (*mpo_vnode_check_setowner_t)(struct ucred *cred, 609 struct vnode *vp, struct label *vplabel, uid_t uid, 610 gid_t gid); 611 typedef int (*mpo_vnode_check_setutimes_t)(struct ucred *cred, 612 struct vnode *vp, struct label *vplabel, 613 struct timespec atime, struct timespec mtime); 614 typedef int (*mpo_vnode_check_stat_t)(struct ucred *active_cred, 615 struct ucred *file_cred, struct vnode *vp, 616 struct label *vplabel); 617 typedef int (*mpo_vnode_check_unlink_t)(struct ucred *cred, 618 struct vnode *dvp, struct label *dvplabel, 619 struct vnode *vp, struct label *vplabel, 620 struct componentname *cnp); 621 typedef int (*mpo_vnode_check_write_t)(struct ucred *active_cred, 622 struct ucred *file_cred, struct vnode *vp, 623 struct label *vplabel); 624 typedef void (*mpo_vnode_copy_label_t)(struct label *src, 625 struct label *dest); 626 typedef int (*mpo_vnode_create_extattr_t)(struct ucred *cred, 627 struct mount *mp, struct label *mplabel, 628 struct vnode *dvp, struct label *dvplabel, 629 struct vnode *vp, struct label *vplabel, 630 struct componentname *cnp); 631 typedef void (*mpo_vnode_destroy_label_t)(struct label *label); 632 typedef void (*mpo_vnode_execve_transition_t)(struct ucred *old, 633 struct ucred *new, struct vnode *vp, 634 struct label *vplabel, struct label *interpvplabel, 635 struct image_params *imgp, struct label *execlabel); 636 typedef int (*mpo_vnode_execve_will_transition_t)(struct ucred *old, 637 struct vnode *vp, struct label *vplabel, 638 struct label *interpvplabel, struct image_params *imgp, 639 struct label *execlabel); 640 typedef int (*mpo_vnode_externalize_label_t)(struct label *label, 641 char *element_name, struct sbuf *sb, int *claimed); 642 typedef void (*mpo_vnode_init_label_t)(struct label *label); 643 typedef int (*mpo_vnode_internalize_label_t)(struct label *label, 644 char *element_name, char *element_data, int *claimed); 645 typedef void (*mpo_vnode_relabel_t)(struct ucred *cred, struct vnode *vp, 646 struct label *vplabel, struct label *label); 647 typedef int (*mpo_vnode_setlabel_extattr_t)(struct ucred *cred, 648 struct vnode *vp, struct label *vplabel, 649 struct label *intlabel); 650 651 struct mac_policy_ops { 652 /* 653 * Policy module operations. 654 */ 655 mpo_destroy_t mpo_destroy; 656 mpo_init_t mpo_init; 657 658 /* 659 * General policy-directed security system call so that policies may 660 * implement new services without reserving explicit system call 661 * numbers. 662 */ 663 mpo_syscall_t mpo_syscall; 664 665 /* 666 * Label operations. Initialize label storage, destroy label 667 * storage, recycle for re-use without init/destroy, copy a label to 668 * initialized storage, and externalize/internalize from/to 669 * initialized storage. 670 */ 671 mpo_bpfdesc_check_receive_t mpo_bpfdesc_check_receive; 672 mpo_bpfdesc_create_t mpo_bpfdesc_create; 673 mpo_bpfdesc_create_mbuf_t mpo_bpfdesc_create_mbuf; 674 mpo_bpfdesc_destroy_label_t mpo_bpfdesc_destroy_label; 675 mpo_bpfdesc_init_label_t mpo_bpfdesc_init_label; 676 677 mpo_cred_associate_nfsd_t mpo_cred_associate_nfsd; 678 mpo_cred_check_relabel_t mpo_cred_check_relabel; 679 mpo_cred_check_visible_t mpo_cred_check_visible; 680 mpo_cred_copy_label_t mpo_cred_copy_label; 681 mpo_cred_create_swapper_t mpo_cred_create_swapper; 682 mpo_cred_create_init_t mpo_cred_create_init; 683 mpo_cred_destroy_label_t mpo_cred_destroy_label; 684 mpo_cred_externalize_label_t mpo_cred_externalize_label; 685 mpo_cred_init_label_t mpo_cred_init_label; 686 mpo_cred_internalize_label_t mpo_cred_internalize_label; 687 mpo_cred_relabel_t mpo_cred_relabel; 688 689 mpo_devfs_create_device_t mpo_devfs_create_device; 690 mpo_devfs_create_directory_t mpo_devfs_create_directory; 691 mpo_devfs_create_symlink_t mpo_devfs_create_symlink; 692 mpo_devfs_destroy_label_t mpo_devfs_destroy_label; 693 mpo_devfs_init_label_t mpo_devfs_init_label; 694 mpo_devfs_update_t mpo_devfs_update; 695 mpo_devfs_vnode_associate_t mpo_devfs_vnode_associate; 696 697 mpo_ifnet_check_relabel_t mpo_ifnet_check_relabel; 698 mpo_ifnet_check_transmit_t mpo_ifnet_check_transmit; 699 mpo_ifnet_copy_label_t mpo_ifnet_copy_label; 700 mpo_ifnet_create_t mpo_ifnet_create; 701 mpo_ifnet_create_mbuf_t mpo_ifnet_create_mbuf; 702 mpo_ifnet_destroy_label_t mpo_ifnet_destroy_label; 703 mpo_ifnet_externalize_label_t mpo_ifnet_externalize_label; 704 mpo_ifnet_init_label_t mpo_ifnet_init_label; 705 mpo_ifnet_internalize_label_t mpo_ifnet_internalize_label; 706 mpo_ifnet_relabel_t mpo_ifnet_relabel; 707 708 mpo_inpcb_check_deliver_t mpo_inpcb_check_deliver; 709 mpo_inpcb_check_visible_t mpo_inpcb_check_visible; 710 mpo_inpcb_create_t mpo_inpcb_create; 711 mpo_inpcb_create_mbuf_t mpo_inpcb_create_mbuf; 712 mpo_inpcb_destroy_label_t mpo_inpcb_destroy_label; 713 mpo_inpcb_init_label_t mpo_inpcb_init_label; 714 mpo_inpcb_sosetlabel_t mpo_inpcb_sosetlabel; 715 716 mpo_ip6q_create_t mpo_ip6q_create; 717 mpo_ip6q_destroy_label_t mpo_ip6q_destroy_label; 718 mpo_ip6q_init_label_t mpo_ip6q_init_label; 719 mpo_ip6q_match_t mpo_ip6q_match; 720 mpo_ip6q_reassemble mpo_ip6q_reassemble; 721 mpo_ip6q_update_t mpo_ip6q_update; 722 723 mpo_ipq_create_t mpo_ipq_create; 724 mpo_ipq_destroy_label_t mpo_ipq_destroy_label; 725 mpo_ipq_init_label_t mpo_ipq_init_label; 726 mpo_ipq_match_t mpo_ipq_match; 727 mpo_ipq_reassemble mpo_ipq_reassemble; 728 mpo_ipq_update_t mpo_ipq_update; 729 730 mpo_kenv_check_dump_t mpo_kenv_check_dump; 731 mpo_kenv_check_get_t mpo_kenv_check_get; 732 mpo_kenv_check_set_t mpo_kenv_check_set; 733 mpo_kenv_check_unset_t mpo_kenv_check_unset; 734 735 mpo_kld_check_load_t mpo_kld_check_load; 736 mpo_kld_check_stat_t mpo_kld_check_stat; 737 738 mpo_mbuf_copy_label_t mpo_mbuf_copy_label; 739 mpo_mbuf_destroy_label_t mpo_mbuf_destroy_label; 740 mpo_mbuf_init_label_t mpo_mbuf_init_label; 741 742 mpo_mount_check_stat_t mpo_mount_check_stat; 743 mpo_mount_create_t mpo_mount_create; 744 mpo_mount_destroy_label_t mpo_mount_destroy_label; 745 mpo_mount_init_label_t mpo_mount_init_label; 746 747 mpo_netatalk_aarp_send_t mpo_netatalk_aarp_send; 748 749 mpo_netinet_arp_send_t mpo_netinet_arp_send; 750 mpo_netinet_firewall_reply_t mpo_netinet_firewall_reply; 751 mpo_netinet_firewall_send_t mpo_netinet_firewall_send; 752 mpo_netinet_fragment_t mpo_netinet_fragment; 753 mpo_netinet_icmp_reply_t mpo_netinet_icmp_reply; 754 mpo_netinet_icmp_replyinplace_t mpo_netinet_icmp_replyinplace; 755 mpo_netinet_igmp_send_t mpo_netinet_igmp_send; 756 mpo_netinet_tcp_reply_t mpo_netinet_tcp_reply; 757 758 mpo_netinet6_nd6_send_t mpo_netinet6_nd6_send; 759 760 mpo_pipe_check_ioctl_t mpo_pipe_check_ioctl; 761 mpo_pipe_check_poll_t mpo_pipe_check_poll; 762 mpo_pipe_check_read_t mpo_pipe_check_read; 763 mpo_pipe_check_relabel_t mpo_pipe_check_relabel; 764 mpo_pipe_check_stat_t mpo_pipe_check_stat; 765 mpo_pipe_check_write_t mpo_pipe_check_write; 766 mpo_pipe_copy_label_t mpo_pipe_copy_label; 767 mpo_pipe_create_t mpo_pipe_create; 768 mpo_pipe_destroy_label_t mpo_pipe_destroy_label; 769 mpo_pipe_externalize_label_t mpo_pipe_externalize_label; 770 mpo_pipe_init_label_t mpo_pipe_init_label; 771 mpo_pipe_internalize_label_t mpo_pipe_internalize_label; 772 mpo_pipe_relabel_t mpo_pipe_relabel; 773 774 mpo_posixsem_check_getvalue_t mpo_posixsem_check_getvalue; 775 mpo_posixsem_check_open_t mpo_posixsem_check_open; 776 mpo_posixsem_check_post_t mpo_posixsem_check_post; 777 mpo_posixsem_check_stat_t mpo_posixsem_check_stat; 778 mpo_posixsem_check_unlink_t mpo_posixsem_check_unlink; 779 mpo_posixsem_check_wait_t mpo_posixsem_check_wait; 780 mpo_posixsem_create_t mpo_posixsem_create; 781 mpo_posixsem_destroy_label_t mpo_posixsem_destroy_label; 782 mpo_posixsem_init_label_t mpo_posixsem_init_label; 783 784 mpo_posixshm_check_mmap_t mpo_posixshm_check_mmap; 785 mpo_posixshm_check_open_t mpo_posixshm_check_open; 786 mpo_posixshm_check_stat_t mpo_posixshm_check_stat; 787 mpo_posixshm_check_truncate_t mpo_posixshm_check_truncate; 788 mpo_posixshm_check_unlink_t mpo_posixshm_check_unlink; 789 mpo_posixshm_create_t mpo_posixshm_create; 790 mpo_posixshm_destroy_label_t mpo_posixshm_destroy_label; 791 mpo_posixshm_init_label_t mpo_posixshm_init_label; 792 793 mpo_priv_check_t mpo_priv_check; 794 mpo_priv_grant_t mpo_priv_grant; 795 796 mpo_proc_check_debug_t mpo_proc_check_debug; 797 mpo_proc_check_sched_t mpo_proc_check_sched; 798 mpo_proc_check_setaudit_t mpo_proc_check_setaudit; 799 mpo_proc_check_setaudit_addr_t mpo_proc_check_setaudit_addr; 800 mpo_proc_check_setauid_t mpo_proc_check_setauid; 801 mpo_proc_check_setuid_t mpo_proc_check_setuid; 802 mpo_proc_check_seteuid_t mpo_proc_check_seteuid; 803 mpo_proc_check_setgid_t mpo_proc_check_setgid; 804 mpo_proc_check_setegid_t mpo_proc_check_setegid; 805 mpo_proc_check_setgroups_t mpo_proc_check_setgroups; 806 mpo_proc_check_setreuid_t mpo_proc_check_setreuid; 807 mpo_proc_check_setregid_t mpo_proc_check_setregid; 808 mpo_proc_check_setresuid_t mpo_proc_check_setresuid; 809 mpo_proc_check_setresgid_t mpo_proc_check_setresgid; 810 mpo_proc_check_signal_t mpo_proc_check_signal; 811 mpo_proc_check_wait_t mpo_proc_check_wait; 812 mpo_proc_destroy_label_t mpo_proc_destroy_label; 813 mpo_proc_init_label_t mpo_proc_init_label; 814 815 mpo_socket_check_accept_t mpo_socket_check_accept; 816 mpo_socket_check_bind_t mpo_socket_check_bind; 817 mpo_socket_check_connect_t mpo_socket_check_connect; 818 mpo_socket_check_create_t mpo_socket_check_create; 819 mpo_socket_check_deliver_t mpo_socket_check_deliver; 820 mpo_socket_check_listen_t mpo_socket_check_listen; 821 mpo_socket_check_poll_t mpo_socket_check_poll; 822 mpo_socket_check_receive_t mpo_socket_check_receive; 823 mpo_socket_check_relabel_t mpo_socket_check_relabel; 824 mpo_socket_check_send_t mpo_socket_check_send; 825 mpo_socket_check_stat_t mpo_socket_check_stat; 826 mpo_socket_check_visible_t mpo_socket_check_visible; 827 mpo_socket_copy_label_t mpo_socket_copy_label; 828 mpo_socket_create_t mpo_socket_create; 829 mpo_socket_create_mbuf_t mpo_socket_create_mbuf; 830 mpo_socket_destroy_label_t mpo_socket_destroy_label; 831 mpo_socket_externalize_label_t mpo_socket_externalize_label; 832 mpo_socket_init_label_t mpo_socket_init_label; 833 mpo_socket_internalize_label_t mpo_socket_internalize_label; 834 mpo_socket_newconn_t mpo_socket_newconn; 835 mpo_socket_relabel_t mpo_socket_relabel; 836 837 mpo_socketpeer_destroy_label_t mpo_socketpeer_destroy_label; 838 mpo_socketpeer_externalize_label_t mpo_socketpeer_externalize_label; 839 mpo_socketpeer_init_label_t mpo_socketpeer_init_label; 840 mpo_socketpeer_set_from_mbuf_t mpo_socketpeer_set_from_mbuf; 841 mpo_socketpeer_set_from_socket_t mpo_socketpeer_set_from_socket; 842 843 mpo_syncache_init_label_t mpo_syncache_init_label; 844 mpo_syncache_destroy_label_t mpo_syncache_destroy_label; 845 mpo_syncache_create_t mpo_syncache_create; 846 mpo_syncache_create_mbuf_t mpo_syncache_create_mbuf; 847 848 mpo_system_check_acct_t mpo_system_check_acct; 849 mpo_system_check_audit_t mpo_system_check_audit; 850 mpo_system_check_auditctl_t mpo_system_check_auditctl; 851 mpo_system_check_auditon_t mpo_system_check_auditon; 852 mpo_system_check_reboot_t mpo_system_check_reboot; 853 mpo_system_check_swapon_t mpo_system_check_swapon; 854 mpo_system_check_swapoff_t mpo_system_check_swapoff; 855 mpo_system_check_sysctl_t mpo_system_check_sysctl; 856 857 mpo_sysvmsg_cleanup_t mpo_sysvmsg_cleanup; 858 mpo_sysvmsg_create_t mpo_sysvmsg_create; 859 mpo_sysvmsg_destroy_label_t mpo_sysvmsg_destroy_label; 860 mpo_sysvmsg_init_label_t mpo_sysvmsg_init_label; 861 862 mpo_sysvmsq_check_msgmsq_t mpo_sysvmsq_check_msgmsq; 863 mpo_sysvmsq_check_msgrcv_t mpo_sysvmsq_check_msgrcv; 864 mpo_sysvmsq_check_msgrmid_t mpo_sysvmsq_check_msgrmid; 865 mpo_sysvmsq_check_msqctl_t mpo_sysvmsq_check_msqctl; 866 mpo_sysvmsq_check_msqget_t mpo_sysvmsq_check_msqget; 867 mpo_sysvmsq_check_msqrcv_t mpo_sysvmsq_check_msqrcv; 868 mpo_sysvmsq_check_msqsnd_t mpo_sysvmsq_check_msqsnd; 869 mpo_sysvmsq_cleanup_t mpo_sysvmsq_cleanup; 870 mpo_sysvmsq_create_t mpo_sysvmsq_create; 871 mpo_sysvmsq_destroy_label_t mpo_sysvmsq_destroy_label; 872 mpo_sysvmsq_init_label_t mpo_sysvmsq_init_label; 873 874 mpo_sysvsem_check_semctl_t mpo_sysvsem_check_semctl; 875 mpo_sysvsem_check_semget_t mpo_sysvsem_check_semget; 876 mpo_sysvsem_check_semop_t mpo_sysvsem_check_semop; 877 mpo_sysvsem_cleanup_t mpo_sysvsem_cleanup; 878 mpo_sysvsem_create_t mpo_sysvsem_create; 879 mpo_sysvsem_destroy_label_t mpo_sysvsem_destroy_label; 880 mpo_sysvsem_init_label_t mpo_sysvsem_init_label; 881 882 mpo_sysvshm_check_shmat_t mpo_sysvshm_check_shmat; 883 mpo_sysvshm_check_shmctl_t mpo_sysvshm_check_shmctl; 884 mpo_sysvshm_check_shmdt_t mpo_sysvshm_check_shmdt; 885 mpo_sysvshm_check_shmget_t mpo_sysvshm_check_shmget; 886 mpo_sysvshm_cleanup_t mpo_sysvshm_cleanup; 887 mpo_sysvshm_create_t mpo_sysvshm_create; 888 mpo_sysvshm_destroy_label_t mpo_sysvshm_destroy_label; 889 mpo_sysvshm_init_label_t mpo_sysvshm_init_label; 890 891 mpo_thread_userret_t mpo_thread_userret; 892 893 mpo_vnode_check_access_t mpo_vnode_check_access; 894 mpo_vnode_check_chdir_t mpo_vnode_check_chdir; 895 mpo_vnode_check_chroot_t mpo_vnode_check_chroot; 896 mpo_vnode_check_create_t mpo_vnode_check_create; 897 mpo_vnode_check_deleteacl_t mpo_vnode_check_deleteacl; 898 mpo_vnode_check_deleteextattr_t mpo_vnode_check_deleteextattr; 899 mpo_vnode_check_exec_t mpo_vnode_check_exec; 900 mpo_vnode_check_getacl_t mpo_vnode_check_getacl; 901 mpo_vnode_check_getextattr_t mpo_vnode_check_getextattr; 902 mpo_vnode_check_link_t mpo_vnode_check_link; 903 mpo_vnode_check_listextattr_t mpo_vnode_check_listextattr; 904 mpo_vnode_check_lookup_t mpo_vnode_check_lookup; 905 mpo_vnode_check_mmap_t mpo_vnode_check_mmap; 906 mpo_vnode_check_mmap_downgrade_t mpo_vnode_check_mmap_downgrade; 907 mpo_vnode_check_mprotect_t mpo_vnode_check_mprotect; 908 mpo_vnode_check_open_t mpo_vnode_check_open; 909 mpo_vnode_check_poll_t mpo_vnode_check_poll; 910 mpo_vnode_check_read_t mpo_vnode_check_read; 911 mpo_vnode_check_readdir_t mpo_vnode_check_readdir; 912 mpo_vnode_check_readlink_t mpo_vnode_check_readlink; 913 mpo_vnode_check_relabel_t mpo_vnode_check_relabel; 914 mpo_vnode_check_rename_from_t mpo_vnode_check_rename_from; 915 mpo_vnode_check_rename_to_t mpo_vnode_check_rename_to; 916 mpo_vnode_check_revoke_t mpo_vnode_check_revoke; 917 mpo_vnode_check_setacl_t mpo_vnode_check_setacl; 918 mpo_vnode_check_setextattr_t mpo_vnode_check_setextattr; 919 mpo_vnode_check_setflags_t mpo_vnode_check_setflags; 920 mpo_vnode_check_setmode_t mpo_vnode_check_setmode; 921 mpo_vnode_check_setowner_t mpo_vnode_check_setowner; 922 mpo_vnode_check_setutimes_t mpo_vnode_check_setutimes; 923 mpo_vnode_check_stat_t mpo_vnode_check_stat; 924 mpo_vnode_check_unlink_t mpo_vnode_check_unlink; 925 mpo_vnode_check_write_t mpo_vnode_check_write; 926 mpo_vnode_associate_extattr_t mpo_vnode_associate_extattr; 927 mpo_vnode_associate_singlelabel_t mpo_vnode_associate_singlelabel; 928 mpo_vnode_destroy_label_t mpo_vnode_destroy_label; 929 mpo_vnode_copy_label_t mpo_vnode_copy_label; 930 mpo_vnode_create_extattr_t mpo_vnode_create_extattr; 931 mpo_vnode_execve_transition_t mpo_vnode_execve_transition; 932 mpo_vnode_execve_will_transition_t mpo_vnode_execve_will_transition; 933 mpo_vnode_externalize_label_t mpo_vnode_externalize_label; 934 mpo_vnode_init_label_t mpo_vnode_init_label; 935 mpo_vnode_internalize_label_t mpo_vnode_internalize_label; 936 mpo_vnode_relabel_t mpo_vnode_relabel; 937 mpo_vnode_setlabel_extattr_t mpo_vnode_setlabel_extattr; 938 }; 939 940 /* 941 * struct mac_policy_conf is the registration structure for policies, and is 942 * provided to the MAC Framework using MAC_POLICY_SET() to invoke a SYSINIT 943 * to register the policy. In general, the fields are immutable, with the 944 * exception of the "security field", run-time flags, and policy list entry, 945 * which are managed by the MAC Framework. Be careful when modifying this 946 * structure, as its layout is statically compiled into all policies. 947 */ 948 struct mac_policy_conf { 949 char *mpc_name; /* policy name */ 950 char *mpc_fullname; /* policy full name */ 951 struct mac_policy_ops *mpc_ops; /* policy operations */ 952 int mpc_loadtime_flags; /* flags */ 953 int *mpc_field_off; /* security field */ 954 int mpc_runtime_flags; /* flags */ 955 int _mpc_spare1; /* Spare. */ 956 uint64_t mpc_labeled; /* Labeled objects. */ 957 uint64_t _mpc_spare2; /* Spare. */ 958 void *_mpc_spare3; /* Spare. */ 959 LIST_ENTRY(mac_policy_conf) mpc_list; /* global list */ 960 }; 961 962 /* Flags for the mpc_loadtime_flags field. */ 963 #define MPC_LOADTIME_FLAG_NOTLATE 0x00000001 964 #define MPC_LOADTIME_FLAG_UNLOADOK 0x00000002 965 966 /* Flags for the mpc_runtime_flags field. */ 967 #define MPC_RUNTIME_FLAG_REGISTERED 0x00000001 968 969 /* 970 * Flags for mpc_labeled declaring which objects should have labels allocated 971 * for them by the MAC Framework. 972 */ 973 #define MPC_OBJECT_CRED 0x0000000000000001 974 #define MPC_OBJECT_PROC 0x0000000000000002 975 #define MPC_OBJECT_VNODE 0x0000000000000004 976 #define MPC_OBJECT_INPCB 0x0000000000000008 977 #define MPC_OBJECT_SOCKET 0x0000000000000010 978 #define MPC_OBJECT_DEVFS 0x0000000000000020 979 #define MPC_OBJECT_MBUF 0x0000000000000040 980 #define MPC_OBJECT_IPQ 0x0000000000000080 981 #define MPC_OBJECT_IFNET 0x0000000000000100 982 #define MPC_OBJECT_BPFDESC 0x0000000000000200 983 #define MPC_OBJECT_PIPE 0x0000000000000400 984 #define MPC_OBJECT_MOUNT 0x0000000000000800 985 #define MPC_OBJECT_POSIXSEM 0x0000000000001000 986 #define MPC_OBJECT_POSIXSHM 0x0000000000002000 987 #define MPC_OBJECT_SYSVMSG 0x0000000000004000 988 #define MPC_OBJECT_SYSVMSQ 0x0000000000008000 989 #define MPC_OBJECT_SYSVSEM 0x0000000000010000 990 #define MPC_OBJECT_SYSVSHM 0x0000000000020000 991 #define MPC_OBJECT_SYNCACHE 0x0000000000040000 992 #define MPC_OBJECT_IP6Q 0x0000000000080000 993 994 /*- 995 * The TrustedBSD MAC Framework has a major version number, MAC_VERSION, 996 * which defines the ABI of the Framework present in the kernel (and depended 997 * on by policy modules compiled against that kernel). Currently, 998 * MAC_POLICY_SET() requires that the kernel and module ABI version numbers 999 * exactly match. The following major versions have been defined to date: 1000 * 1001 * MAC version FreeBSD versions 1002 * 1 5.x 1003 * 2 6.x 1004 * 3 7.x 1005 * 4 8.x 1006 */ 1007 #define MAC_VERSION 4 1008 1009 #define MAC_POLICY_SET(mpops, mpname, mpfullname, mpflags, privdata_wanted, \ 1010 labeled) \ 1011 static struct mac_policy_conf mpname##_mac_policy_conf = { \ 1012 .mpc_name = #mpname, \ 1013 .mpc_fullname = mpfullname, \ 1014 .mpc_ops = mpops, \ 1015 .mpc_loadtime_flags = mpflags, \ 1016 .mpc_field_off = privdata_wanted, \ 1017 .mpc_labeled = labeled, \ 1018 }; \ 1019 static moduledata_t mpname##_mod = { \ 1020 #mpname, \ 1021 mac_policy_modevent, \ 1022 &mpname##_mac_policy_conf \ 1023 }; \ 1024 MODULE_DEPEND(mpname, kernel_mac_support, MAC_VERSION, \ 1025 MAC_VERSION, MAC_VERSION); \ 1026 DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY, \ 1027 SI_ORDER_MIDDLE) 1028 1029 int mac_policy_modevent(module_t mod, int type, void *data); 1030 1031 /* 1032 * Policy interface to map a struct label pointer to per-policy data. 1033 * Typically, policies wrap this in their own accessor macro that casts a 1034 * uintptr_t to a policy-specific data type. 1035 */ 1036 intptr_t mac_label_get(struct label *l, int slot); 1037 void mac_label_set(struct label *l, int slot, intptr_t v); 1038 1039 #endif /* !_SECURITY_MAC_MAC_POLICY_H_ */ 1040