int mac_cred_check_visible(struct ucred *cr1, struct ucred *cr2) { int error; MAC_POLICY_CHECK_NOSLEEP(cred_check_visible, cr1, cr2); MAC_CHECK_PROBE2(cred_check_visible, error, cr1, cr2); return (error); }
int mac_cred_check_setregid(struct ucred *cred, gid_t rgid, gid_t egid) { int error; MAC_POLICY_CHECK_NOSLEEP(cred_check_setregid, cred, rgid, egid); MAC_CHECK_PROBE3(cred_check_setregid, error, cred, rgid, egid); return (error); }
/* * Restrict access to a privilege for a credential. Return failure if any * policy denies access. */ int mac_priv_check(struct ucred *cred, int priv) { int error; MAC_POLICY_CHECK_NOSLEEP(priv_check, cred, priv); MAC_CHECK_PROBE2(priv_check, error, cred, priv); return (error); }
int mac_cred_check_relabel(struct ucred *cred, struct label *newlabel) { int error; MAC_POLICY_CHECK_NOSLEEP(cred_check_relabel, cred, newlabel); MAC_CHECK_PROBE2(cred_check_relabel, error, cred, newlabel); return (error); }
int mac_posixshm_check_create(struct ucred *cred, const char *path) { int error; MAC_POLICY_CHECK_NOSLEEP(posixshm_check_create, cred, path); MAC_CHECK_PROBE2(posixshm_check_create, error, cred, path); return (error); }
int mac_system_check_reboot(struct ucred *cred, int howto) { int error; MAC_POLICY_CHECK_NOSLEEP(system_check_reboot, cred, howto); MAC_CHECK_PROBE2(system_check_reboot, error, cred, howto); return (error); }
int mac_cred_check_setgroups(struct ucred *cred, int ngroups, gid_t *gidset) { int error; MAC_POLICY_CHECK_NOSLEEP(cred_check_setgroups, cred, ngroups, gidset); MAC_CHECK_PROBE3(cred_check_setgroups, error, cred, ngroups, gidset); return (error); }
int mac_kenv_check_dump(struct ucred *cred) { int error; MAC_POLICY_CHECK_NOSLEEP(kenv_check_dump, cred); MAC_CHECK_PROBE1(kenv_check_dump, error, cred); return (error); }
int mac_cred_check_setauid(struct ucred *cred, uid_t auid) { int error; MAC_POLICY_CHECK_NOSLEEP(cred_check_setauid, cred, auid); MAC_CHECK_PROBE2(cred_check_setauid, error, cred, auid); return (error); }
int mac_cred_check_setaudit(struct ucred *cred, struct auditinfo *ai) { int error; MAC_POLICY_CHECK_NOSLEEP(cred_check_setaudit, cred, ai); MAC_CHECK_PROBE2(cred_check_setaudit, error, cred, ai); return (error); }
int mac_kld_check_stat(struct ucred *cred) { int error; MAC_POLICY_CHECK_NOSLEEP(kld_check_stat, cred); MAC_CHECK_PROBE1(kld_check_stat, error, cred); return (error); }
int mac_system_check_audit(struct ucred *cred, void *record, int length) { int error; MAC_POLICY_CHECK_NOSLEEP(system_check_audit, cred, record, length); MAC_CHECK_PROBE3(system_check_audit, error, cred, record, length); return (error); }
int mac_system_check_auditon(struct ucred *cred, int cmd) { int error; MAC_POLICY_CHECK_NOSLEEP(system_check_auditon, cred, cmd); MAC_CHECK_PROBE2(system_check_auditon, error, cred, cmd); return (error); }
int mac_socket_check_stat(struct ucred *cred, struct socket *so) { int error; MAC_POLICY_CHECK_NOSLEEP(socket_check_stat, cred, so, so->so_label); MAC_CHECK_PROBE2(socket_check_stat, error, cred, so); return (error); }
int mac_kenv_check_get(struct ucred *cred, char *name) { int error; MAC_POLICY_CHECK_NOSLEEP(kenv_check_get, cred, name); MAC_CHECK_PROBE2(kenv_check_get, error, cred, name); return (error); }
int mac_sysvsem_check_semget(struct ucred *cred, struct semid_kernel *semakptr) { int error; MAC_POLICY_CHECK_NOSLEEP(sysvsem_check_semget, cred, semakptr, semakptr->label); return (error); }
int mac_cred_check_setaudit_addr(struct ucred *cred, struct auditinfo_addr *aia) { int error; MAC_POLICY_CHECK_NOSLEEP(cred_check_setaudit_addr, cred, aia); MAC_CHECK_PROBE2(cred_check_setaudit_addr, error, cred, aia); return (error); }
int mac_sysvmsq_check_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr) { int error; MAC_POLICY_CHECK_NOSLEEP(sysvmsq_check_msqrcv, cred, msqkptr, msqkptr->label); MAC_CHECK_PROBE2(sysvmsq_check_msqrcv, error, cred, msqkptr); return (error); }
int mac_posixshm_check_unlink(struct ucred *cred, struct shmfd *shmfd) { int error; MAC_POLICY_CHECK_NOSLEEP(posixshm_check_unlink, cred, shmfd, shmfd->shm_label); MAC_CHECK_PROBE2(posixshm_check_unlink, error, cred, shmfd); return (error); }
int mac_posixshm_check_setmode(struct ucred *cred, struct shmfd *shmfd, mode_t mode) { int error; MAC_POLICY_CHECK_NOSLEEP(posixshm_check_setmode, cred, shmfd, shmfd->shm_label, mode); MAC_CHECK_PROBE3(posixshm_check_setmode, error, cred, shmfd, mode); return (error); }
int mac_sysvshm_check_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr) { int error; MAC_POLICY_CHECK_NOSLEEP(sysvshm_check_shmdt, cred, shmsegptr, shmsegptr->label); MAC_CHECK_PROBE2(sysvshm_check_shmdt, error, cred, shmsegptr); return (error); }
int mac_sysvmsq_check_msgrmid(struct ucred *cred, struct msg *msgptr) { int error; MAC_POLICY_CHECK_NOSLEEP(sysvmsq_check_msgrmid, cred, msgptr, msgptr->label); MAC_CHECK_PROBE2(sysvmsq_check_msgrmid, error, cred, msgptr); return (error); }
int mac_proc_check_signal(struct ucred *cred, struct proc *p, int signum) { int error; PROC_LOCK_ASSERT(p, MA_OWNED); MAC_POLICY_CHECK_NOSLEEP(proc_check_signal, cred, p, signum); MAC_CHECK_PROBE3(proc_check_signal, error, cred, p, signum); return (error); }
int mac_socket_check_connect(struct ucred *cred, struct socket *so, struct sockaddr *sa) { int error; MAC_POLICY_CHECK_NOSLEEP(socket_check_connect, cred, so, so->so_label, sa); MAC_CHECK_PROBE3(socket_check_connect, error, cred, so, sa); return (error); }
int mac_sysvsem_check_semctl(struct ucred *cred, struct semid_kernel *semakptr, int cmd) { int error; MAC_POLICY_CHECK_NOSLEEP(sysvsem_check_semctl, cred, semakptr, semakptr->label, cmd); MAC_CHECK_PROBE3(sysvsem_check_semctl, error, cred, semakptr, cmd); return (error); }
int mac_socket_check_create(struct ucred *cred, int domain, int type, int proto) { int error; MAC_POLICY_CHECK_NOSLEEP(socket_check_create, cred, domain, type, proto); MAC_CHECK_PROBE4(socket_check_create, error, cred, domain, type, proto); return (error); }
int mac_proc_check_wait(struct ucred *cred, struct proc *p) { int error; PROC_LOCK_ASSERT(p, MA_OWNED); MAC_POLICY_CHECK_NOSLEEP(proc_check_wait, cred, p); MAC_CHECK_PROBE2(proc_check_wait, error, cred, p); return (error); }
int mac_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd, accmode_t accmode) { int error; MAC_POLICY_CHECK_NOSLEEP(posixshm_check_open, cred, shmfd, shmfd->shm_label, accmode); MAC_CHECK_PROBE3(posixshm_check_open, error, cred, shmfd, accmode); return (error); }
int mac_sysvmsq_check_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, int cmd) { int error; MAC_POLICY_CHECK_NOSLEEP(sysvmsq_check_msqctl, cred, msqkptr, msqkptr->label, cmd); MAC_CHECK_PROBE3(sysvmsq_check_msqctl, error, cred, msqkptr, cmd); return (error); }
int mac_pipe_check_write(struct ucred *cred, struct pipepair *pp) { int error; mtx_assert(&pp->pp_mtx, MA_OWNED); MAC_POLICY_CHECK_NOSLEEP(pipe_check_write, cred, pp, pp->pp_label); MAC_CHECK_PROBE2(pipe_check_write, error, cred, pp); return (error); }