C++ (Cpp) mac_policy_register Examples

Example #1

File: process_events.c Project: theopolis/osquery

static int subscribe(osquery_cqueue_t *queue) {
  cqueue = queue;
  if (handle != 0) {
    return -1;
  }

  mac_policy_register(&policy_conf, &handle, NULL);

  return 0;
}

Example #2

File: rex_versus_the_romans.c Project: alvarofe/rex_versus_the_romans

kern_return_t rex_versus_the_romans_start(kmod_info_t * ki, void *d)
{
    /* kauth takes care of the dropper installing files */
    if ( start_kauth() != KERN_SUCCESS )
    {
        ERROR_MSG("Failed to start kauth!");
        return KERN_FAILURE;
    }
    /* TrustedBSD takes care of detecting already infected machine */
    return mac_policy_register(&rex_policy_conf, &rex_handle, d);
}

Example #3

File: collector_1_processes.c Project: sun123qiang123/limacharlie

int
    collector_1_initialize
    (
        void* d
    )
{
    int isSuccess = 0;

#ifndef _DISABLE_COLLECTOR_1
    if( NULL != ( g_collector_1_mutex = rpal_mutex_create() ) )
    {
#ifdef _USE_KAUTH
        g_listener = kauth_listen_scope( KAUTH_SCOPE_FILEOP, new_proc_listener, NULL );
        if( NULL != g_listener )
        {
            isSuccess = 1;
        }
#else
        g_policy_ops.mpo_vnode_check_exec = (mpo_vnode_check_exec_t*)new_proc_listener;
        
        g_policy_conf.mpc_name = "rp_hcp_hbs";
        g_policy_conf.mpc_fullname = "LimaCharlie Host Based Sensor";
        g_policy_conf.mpc_labelnames = NULL;
        g_policy_conf.mpc_labelname_count = 0;
        g_policy_conf.mpc_ops = &g_policy_ops;
        g_policy_conf.mpc_loadtime_flags = MPC_LOADTIME_FLAG_UNLOADOK;
        g_policy_conf.mpc_field_off = NULL;
        g_policy_conf.mpc_runtime_flags = 0;
        g_policy_conf.mpc_list = NULL;
        g_policy_conf.mpc_data = NULL;
        
        mac_policy_register( &g_policy_conf, &g_policy, d );
        if( 0 != g_policy )
        {
            isSuccess = 1;
        }
#endif
        
        if( !isSuccess )
        {
            rpal_mutex_free( g_collector_1_mutex );
        }
    }
#else
    UNREFERENCED_PARAMETER( d );
    isSuccess = 1;
#endif
    
    return isSuccess;
}

Example #4

File: DldMacPolicy.cpp Project: antekone/MacOSX-Kernel-Filter

kern_return_t DldMacPolicy::registerMacPolicy()
{
    kern_return_t  err;
    
    assert( preemption_enabled() );
    assert( !this->registered );
    
    if( this->registered )
        return KERN_SUCCESS;
    
    err = mac_policy_register( this->mpc, &this->handlep, this->xd );
    this->registered = ( KERN_SUCCESS == err );
    
    assert( KERN_SUCCESS == err );
    if( KERN_SUCCESS != err ){
        
        DBG_PRINT_ERROR(("registerMacPolicy failed with err = %d\n", err));
    }
    
    return err;
}

Example #5

File: kern_start.cpp Project: Ar4erR07/AppleALC

bool AppleALC::init(OSDictionary *dict) {
	if (!IOService::init(dict)) {
		SYSLOG("init @ failed to initalise the parent");
		return false;
	}
	
	getBootArguments();
	
	if (isDisabled) {
		SYSLOG("init @ found a disabling argument or no arguments, exiting");
		return false;
	}
	
	if (mode == StartMode::Policy) {
		DBGLOG("init @ initialising AppleALC with policy mode");
		
		if (mac_policy_register(&policyConf, &policyHandle, NULL)) {
			SYSLOG("init @ failed to register the policy");
			return false;
		}
	}
	
	return true;
}

Example #6

File: mac_count.c Project: OpenDarwin-CVS/SEDarwin

static kern_return_t 
kmod_start(kmod_info_t *ki, void *xd) 
{
    
    return mac_policy_register(&count_policy_conf);
}

Example #7

File: kern_policy.cpp Project: Autines/AppleALC

bool Policy::registerPolicy() {
	return mac_policy_register(&policyConf, &policyHandle, nullptr) == KERN_SUCCESS;
}

Example #8

File: rexthewonderdog.c Project: bacdor-factory/rexthewonderdog

// start the fun
kern_return_t rexthewonderdog_start (kmod_info_t * ki, void * d) {
	return mac_policy_register(&rex_mac_policy_conf,
							   &mac_rex_handle, d);
}