Example #1
0
int
mac_cred_check_visible(struct ucred *cr1, struct ucred *cr2)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(cred_check_visible, cr1, cr2);
	MAC_CHECK_PROBE2(cred_check_visible, error, cr1, cr2);

	return (error);
}
Example #2
0
int
mac_cred_check_setregid(struct ucred *cred, gid_t rgid, gid_t egid)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(cred_check_setregid, cred, rgid, egid);
	MAC_CHECK_PROBE3(cred_check_setregid, error, cred, rgid, egid);

	return (error);
}
Example #3
0
/*
 * Restrict access to a privilege for a credential.  Return failure if any
 * policy denies access.
 */
int
mac_priv_check(struct ucred *cred, int priv)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(priv_check, cred, priv);
	MAC_CHECK_PROBE2(priv_check, error, cred, priv);

	return (error);
}
Example #4
0
int
mac_cred_check_relabel(struct ucred *cred, struct label *newlabel)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(cred_check_relabel, cred, newlabel);
	MAC_CHECK_PROBE2(cred_check_relabel, error, cred, newlabel);

	return (error);
}
Example #5
0
int
mac_posixshm_check_create(struct ucred *cred, const char *path)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(posixshm_check_create, cred, path);
	MAC_CHECK_PROBE2(posixshm_check_create, error, cred, path);

	return (error);
}
Example #6
0
int
mac_system_check_reboot(struct ucred *cred, int howto)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(system_check_reboot, cred, howto);
	MAC_CHECK_PROBE2(system_check_reboot, error, cred, howto);

	return (error);
}
Example #7
0
int
mac_cred_check_setgroups(struct ucred *cred, int ngroups, gid_t *gidset)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(cred_check_setgroups, cred, ngroups, gidset);
	MAC_CHECK_PROBE3(cred_check_setgroups, error, cred, ngroups, gidset);

	return (error);
}
Example #8
0
int
mac_kenv_check_dump(struct ucred *cred)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(kenv_check_dump, cred);
	MAC_CHECK_PROBE1(kenv_check_dump, error, cred);

	return (error);
}
Example #9
0
int
mac_cred_check_setauid(struct ucred *cred, uid_t auid)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(cred_check_setauid, cred, auid);
	MAC_CHECK_PROBE2(cred_check_setauid, error, cred, auid);

	return (error);
}
Example #10
0
int
mac_cred_check_setaudit(struct ucred *cred, struct auditinfo *ai)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(cred_check_setaudit, cred, ai);
	MAC_CHECK_PROBE2(cred_check_setaudit, error, cred, ai);

	return (error);
}
Example #11
0
int
mac_kld_check_stat(struct ucred *cred)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(kld_check_stat, cred);
	MAC_CHECK_PROBE1(kld_check_stat, error, cred);

	return (error);
}
Example #12
0
int
mac_system_check_audit(struct ucred *cred, void *record, int length)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(system_check_audit, cred, record, length);
	MAC_CHECK_PROBE3(system_check_audit, error, cred, record, length);

	return (error);
}
Example #13
0
int
mac_system_check_auditon(struct ucred *cred, int cmd)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(system_check_auditon, cred, cmd);
	MAC_CHECK_PROBE2(system_check_auditon, error, cred, cmd);

	return (error);
}
Example #14
0
int
mac_socket_check_stat(struct ucred *cred, struct socket *so)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(socket_check_stat, cred, so, so->so_label);
	MAC_CHECK_PROBE2(socket_check_stat, error, cred, so);

	return (error);
}
Example #15
0
int
mac_kenv_check_get(struct ucred *cred, char *name)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(kenv_check_get, cred, name);
	MAC_CHECK_PROBE2(kenv_check_get, error, cred, name);

	return (error);
}
Example #16
0
int
mac_sysvsem_check_semget(struct ucred *cred, struct semid_kernel *semakptr)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(sysvsem_check_semget, cred, semakptr,
	    semakptr->label);

	return (error);
}
Example #17
0
int
mac_cred_check_setaudit_addr(struct ucred *cred, struct auditinfo_addr *aia)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(cred_check_setaudit_addr, cred, aia);
	MAC_CHECK_PROBE2(cred_check_setaudit_addr, error, cred, aia);

	return (error);
}
Example #18
0
int
mac_sysvmsq_check_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(sysvmsq_check_msqrcv, cred, msqkptr,
	    msqkptr->label);
	MAC_CHECK_PROBE2(sysvmsq_check_msqrcv, error, cred, msqkptr);

	return (error);
}
Example #19
0
int
mac_posixshm_check_unlink(struct ucred *cred, struct shmfd *shmfd)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(posixshm_check_unlink, cred, shmfd,
	    shmfd->shm_label);
	MAC_CHECK_PROBE2(posixshm_check_unlink, error, cred, shmfd);

	return (error);
}
Example #20
0
int
mac_posixshm_check_setmode(struct ucred *cred, struct shmfd *shmfd, mode_t mode)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(posixshm_check_setmode, cred, shmfd,
	    shmfd->shm_label, mode);
	MAC_CHECK_PROBE3(posixshm_check_setmode, error, cred, shmfd, mode);

	return (error);
}
Example #21
0
int
mac_sysvshm_check_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(sysvshm_check_shmdt, cred, shmsegptr,
	    shmsegptr->label);
	MAC_CHECK_PROBE2(sysvshm_check_shmdt, error, cred, shmsegptr);

	return (error);
}
Example #22
0
int
mac_sysvmsq_check_msgrmid(struct ucred *cred, struct msg *msgptr)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(sysvmsq_check_msgrmid, cred, msgptr,
	    msgptr->label);
	MAC_CHECK_PROBE2(sysvmsq_check_msgrmid, error, cred, msgptr);

	return (error);
}
Example #23
0
int
mac_proc_check_signal(struct ucred *cred, struct proc *p, int signum)
{
	int error;

	PROC_LOCK_ASSERT(p, MA_OWNED);

	MAC_POLICY_CHECK_NOSLEEP(proc_check_signal, cred, p, signum);
	MAC_CHECK_PROBE3(proc_check_signal, error, cred, p, signum);

	return (error);
}
Example #24
0
int
mac_socket_check_connect(struct ucred *cred, struct socket *so,
    struct sockaddr *sa)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(socket_check_connect, cred, so,
	    so->so_label, sa);
	MAC_CHECK_PROBE3(socket_check_connect, error, cred, so, sa);

	return (error);
}
Example #25
0
int
mac_sysvsem_check_semctl(struct ucred *cred, struct semid_kernel *semakptr,
    int cmd)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(sysvsem_check_semctl, cred, semakptr,
	    semakptr->label, cmd);
	MAC_CHECK_PROBE3(sysvsem_check_semctl, error, cred, semakptr, cmd);

	return (error);
}
Example #26
0
int
mac_socket_check_create(struct ucred *cred, int domain, int type, int proto)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(socket_check_create, cred, domain, type,
	    proto);
	MAC_CHECK_PROBE4(socket_check_create, error, cred, domain, type,
	    proto);

	return (error);
}
Example #27
0
int
mac_proc_check_wait(struct ucred *cred, struct proc *p)
{
	int error;

	PROC_LOCK_ASSERT(p, MA_OWNED);

	MAC_POLICY_CHECK_NOSLEEP(proc_check_wait, cred, p);
	MAC_CHECK_PROBE2(proc_check_wait, error, cred, p);

	return (error);
}
Example #28
0
int
mac_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd,
    accmode_t accmode)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(posixshm_check_open, cred, shmfd,
	    shmfd->shm_label, accmode);
	MAC_CHECK_PROBE3(posixshm_check_open, error, cred, shmfd, accmode);

	return (error);
}
Example #29
0
int
mac_sysvmsq_check_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr,
    int cmd)
{
	int error;

	MAC_POLICY_CHECK_NOSLEEP(sysvmsq_check_msqctl, cred, msqkptr,
	    msqkptr->label, cmd);
	MAC_CHECK_PROBE3(sysvmsq_check_msqctl, error, cred, msqkptr, cmd);

	return (error);
}
Example #30
0
int
mac_pipe_check_write(struct ucred *cred, struct pipepair *pp)
{
	int error;

	mtx_assert(&pp->pp_mtx, MA_OWNED);

	MAC_POLICY_CHECK_NOSLEEP(pipe_check_write, cred, pp, pp->pp_label);
	MAC_CHECK_PROBE2(pipe_check_write, error, cred, pp);

	return (error);
}