diff options
author | rwatson <rwatson@FreeBSD.org> | 2002-10-27 07:03:29 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2002-10-27 07:03:29 +0000 |
commit | be98961ae9a436687b5316053ddc75281a568984 (patch) | |
tree | 68db4a6fce87a1271d7012e61fc2ce77d4d94f2d /sys | |
parent | 8cd9e638192b755dfb25a68d8cef5abe0c9e00be (diff) | |
download | FreeBSD-src-be98961ae9a436687b5316053ddc75281a568984.zip FreeBSD-src-be98961ae9a436687b5316053ddc75281a568984.tar.gz |
Hook up mac_check_system_reboot(), a MAC Framework entry point that
permits MAC modules to augment system security decisions regarding
the reboot() system call, if MAC is compiled into the kernel.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Diffstat (limited to 'sys')
-rw-r--r-- | sys/kern/kern_mac.c | 23 | ||||
-rw-r--r-- | sys/kern/kern_shutdown.c | 15 | ||||
-rw-r--r-- | sys/security/mac/mac_framework.c | 23 | ||||
-rw-r--r-- | sys/security/mac/mac_framework.h | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_internal.h | 23 | ||||
-rw-r--r-- | sys/security/mac/mac_net.c | 23 | ||||
-rw-r--r-- | sys/security/mac/mac_pipe.c | 23 | ||||
-rw-r--r-- | sys/security/mac/mac_policy.h | 2 | ||||
-rw-r--r-- | sys/security/mac/mac_process.c | 23 | ||||
-rw-r--r-- | sys/security/mac/mac_syscalls.c | 23 | ||||
-rw-r--r-- | sys/security/mac/mac_system.c | 23 | ||||
-rw-r--r-- | sys/security/mac/mac_vfs.c | 23 | ||||
-rw-r--r-- | sys/sys/mac.h | 1 | ||||
-rw-r--r-- | sys/sys/mac_policy.h | 2 |
14 files changed, 225 insertions, 3 deletions
diff --git a/sys/kern/kern_mac.c b/sys/kern/kern_mac.c index b757be6..00ecd04 100644 --- a/sys/kern/kern_mac.c +++ b/sys/kern/kern_mac.c @@ -141,6 +141,11 @@ SYSCTL_INT(_security_mac, OID_AUTO, enforce_process, CTLFLAG_RW, &mac_enforce_process, 0, "Enforce MAC policy on inter-process operations"); TUNABLE_INT("security.mac.enforce_process", &mac_enforce_process); +static int mac_enforce_reboot = 1; +SYSCTL_INT(_security_mac, OID_AUTO, enforce_reboot, CTLFLAG_RW, + &mac_enforce_reboot, 0, "Enforce MAC policy for reboot operations"); +TUNABLE_INT("security.mac.enforce_reboot", &mac_enforce_reboot); + static int mac_enforce_socket = 1; SYSCTL_INT(_security_mac, OID_AUTO, enforce_socket, CTLFLAG_RW, &mac_enforce_socket, 0, "Enforce MAC policy on socket operations"); @@ -899,6 +904,10 @@ mac_policy_register(struct mac_policy_conf *mpc) mpc->mpc_ops->mpo_check_socket_visible = mpe->mpe_function; break; + case MAC_CHECK_SYSTEM_REBOOT: + mpc->mpc_ops->mpo_check_system_reboot = + mpe->mpe_function; + break; case MAC_CHECK_SYSTEM_SWAPON: mpc->mpc_ops->mpo_check_system_swapon = mpe->mpe_function; @@ -2997,6 +3006,20 @@ mac_check_socket_visible(struct ucred *cred, struct socket *socket) } int +mac_check_system_reboot(struct ucred *cred, int howto) +{ + int error; + + ASSERT_VOP_LOCKED(vp, "mac_check_system_reboot"); + + if (!mac_enforce_reboot) + return (0); + + MAC_CHECK(check_system_reboot, cred, howto); + return (error); +} + +int mac_check_system_swapon(struct ucred *cred, struct vnode *vp) { int error; diff --git a/sys/kern/kern_shutdown.c b/sys/kern/kern_shutdown.c index 16eaae6..c89c8fd 100644 --- a/sys/kern/kern_shutdown.c +++ b/sys/kern/kern_shutdown.c @@ -43,6 +43,7 @@ #include "opt_ddb_trace.h" #include "opt_ddb_unattended.h" #include "opt_hw_wdog.h" +#include "opt_mac.h" #include "opt_panic.h" #include "opt_show_busybufs.h" @@ -56,6 +57,7 @@ #include <sys/eventhandler.h> #include <sys/kernel.h> #include <sys/kthread.h> +#include <sys/mac.h> #include <sys/malloc.h> #include <sys/mount.h> #include <sys/proc.h> @@ -159,10 +161,17 @@ reboot(struct thread *td, struct reboot_args *uap) { int error; - mtx_lock(&Giant); - if ((error = suser(td)) == 0) + error = 0; +#ifdef MAC + error = mac_check_system_reboot(td->td_ucred, uap->opt); +#endif + if (error == 0) + error = suser(td); + if (error == 0) { + mtx_lock(&Giant); boot(uap->opt); - mtx_unlock(&Giant); + mtx_unlock(&Giant); + } return (error); } diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c index b757be6..00ecd04 100644 --- a/sys/security/mac/mac_framework.c +++ b/sys/security/mac/mac_framework.c @@ -141,6 +141,11 @@ SYSCTL_INT(_security_mac, OID_AUTO, enforce_process, CTLFLAG_RW, &mac_enforce_process, 0, "Enforce MAC policy on inter-process operations"); TUNABLE_INT("security.mac.enforce_process", &mac_enforce_process); +static int mac_enforce_reboot = 1; +SYSCTL_INT(_security_mac, OID_AUTO, enforce_reboot, CTLFLAG_RW, + &mac_enforce_reboot, 0, "Enforce MAC policy for reboot operations"); +TUNABLE_INT("security.mac.enforce_reboot", &mac_enforce_reboot); + static int mac_enforce_socket = 1; SYSCTL_INT(_security_mac, OID_AUTO, enforce_socket, CTLFLAG_RW, &mac_enforce_socket, 0, "Enforce MAC policy on socket operations"); @@ -899,6 +904,10 @@ mac_policy_register(struct mac_policy_conf *mpc) mpc->mpc_ops->mpo_check_socket_visible = mpe->mpe_function; break; + case MAC_CHECK_SYSTEM_REBOOT: + mpc->mpc_ops->mpo_check_system_reboot = + mpe->mpe_function; + break; case MAC_CHECK_SYSTEM_SWAPON: mpc->mpc_ops->mpo_check_system_swapon = mpe->mpe_function; @@ -2997,6 +3006,20 @@ mac_check_socket_visible(struct ucred *cred, struct socket *socket) } int +mac_check_system_reboot(struct ucred *cred, int howto) +{ + int error; + + ASSERT_VOP_LOCKED(vp, "mac_check_system_reboot"); + + if (!mac_enforce_reboot) + return (0); + + MAC_CHECK(check_system_reboot, cred, howto); + return (error); +} + +int mac_check_system_swapon(struct ucred *cred, struct vnode *vp) { int error; diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h index a0c3ebe..e43139d 100644 --- a/sys/security/mac/mac_framework.h +++ b/sys/security/mac/mac_framework.h @@ -297,6 +297,7 @@ int mac_check_socket_listen(struct ucred *cred, struct socket *so); int mac_check_socket_receive(struct ucred *cred, struct socket *so); int mac_check_socket_send(struct ucred *cred, struct socket *so); int mac_check_socket_visible(struct ucred *cred, struct socket *so); +int mac_check_system_reboot(struct ucred *cred, int howto); int mac_check_system_swapon(struct ucred *cred, struct vnode *vp); int mac_check_vnode_access(struct ucred *cred, struct vnode *vp, int flags); diff --git a/sys/security/mac/mac_internal.h b/sys/security/mac/mac_internal.h index b757be6..00ecd04 100644 --- a/sys/security/mac/mac_internal.h +++ b/sys/security/mac/mac_internal.h @@ -141,6 +141,11 @@ SYSCTL_INT(_security_mac, OID_AUTO, enforce_process, CTLFLAG_RW, &mac_enforce_process, 0, "Enforce MAC policy on inter-process operations"); TUNABLE_INT("security.mac.enforce_process", &mac_enforce_process); +static int mac_enforce_reboot = 1; +SYSCTL_INT(_security_mac, OID_AUTO, enforce_reboot, CTLFLAG_RW, + &mac_enforce_reboot, 0, "Enforce MAC policy for reboot operations"); +TUNABLE_INT("security.mac.enforce_reboot", &mac_enforce_reboot); + static int mac_enforce_socket = 1; SYSCTL_INT(_security_mac, OID_AUTO, enforce_socket, CTLFLAG_RW, &mac_enforce_socket, 0, "Enforce MAC policy on socket operations"); @@ -899,6 +904,10 @@ mac_policy_register(struct mac_policy_conf *mpc) mpc->mpc_ops->mpo_check_socket_visible = mpe->mpe_function; break; + case MAC_CHECK_SYSTEM_REBOOT: + mpc->mpc_ops->mpo_check_system_reboot = + mpe->mpe_function; + break; case MAC_CHECK_SYSTEM_SWAPON: mpc->mpc_ops->mpo_check_system_swapon = mpe->mpe_function; @@ -2997,6 +3006,20 @@ mac_check_socket_visible(struct ucred *cred, struct socket *socket) } int +mac_check_system_reboot(struct ucred *cred, int howto) +{ + int error; + + ASSERT_VOP_LOCKED(vp, "mac_check_system_reboot"); + + if (!mac_enforce_reboot) + return (0); + + MAC_CHECK(check_system_reboot, cred, howto); + return (error); +} + +int mac_check_system_swapon(struct ucred *cred, struct vnode *vp) { int error; diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c index b757be6..00ecd04 100644 --- a/sys/security/mac/mac_net.c +++ b/sys/security/mac/mac_net.c @@ -141,6 +141,11 @@ SYSCTL_INT(_security_mac, OID_AUTO, enforce_process, CTLFLAG_RW, &mac_enforce_process, 0, "Enforce MAC policy on inter-process operations"); TUNABLE_INT("security.mac.enforce_process", &mac_enforce_process); +static int mac_enforce_reboot = 1; +SYSCTL_INT(_security_mac, OID_AUTO, enforce_reboot, CTLFLAG_RW, + &mac_enforce_reboot, 0, "Enforce MAC policy for reboot operations"); +TUNABLE_INT("security.mac.enforce_reboot", &mac_enforce_reboot); + static int mac_enforce_socket = 1; SYSCTL_INT(_security_mac, OID_AUTO, enforce_socket, CTLFLAG_RW, &mac_enforce_socket, 0, "Enforce MAC policy on socket operations"); @@ -899,6 +904,10 @@ mac_policy_register(struct mac_policy_conf *mpc) mpc->mpc_ops->mpo_check_socket_visible = mpe->mpe_function; break; + case MAC_CHECK_SYSTEM_REBOOT: + mpc->mpc_ops->mpo_check_system_reboot = + mpe->mpe_function; + break; case MAC_CHECK_SYSTEM_SWAPON: mpc->mpc_ops->mpo_check_system_swapon = mpe->mpe_function; @@ -2997,6 +3006,20 @@ mac_check_socket_visible(struct ucred *cred, struct socket *socket) } int +mac_check_system_reboot(struct ucred *cred, int howto) +{ + int error; + + ASSERT_VOP_LOCKED(vp, "mac_check_system_reboot"); + + if (!mac_enforce_reboot) + return (0); + + MAC_CHECK(check_system_reboot, cred, howto); + return (error); +} + +int mac_check_system_swapon(struct ucred *cred, struct vnode *vp) { int error; diff --git a/sys/security/mac/mac_pipe.c b/sys/security/mac/mac_pipe.c index b757be6..00ecd04 100644 --- a/sys/security/mac/mac_pipe.c +++ b/sys/security/mac/mac_pipe.c @@ -141,6 +141,11 @@ SYSCTL_INT(_security_mac, OID_AUTO, enforce_process, CTLFLAG_RW, &mac_enforce_process, 0, "Enforce MAC policy on inter-process operations"); TUNABLE_INT("security.mac.enforce_process", &mac_enforce_process); +static int mac_enforce_reboot = 1; +SYSCTL_INT(_security_mac, OID_AUTO, enforce_reboot, CTLFLAG_RW, + &mac_enforce_reboot, 0, "Enforce MAC policy for reboot operations"); +TUNABLE_INT("security.mac.enforce_reboot", &mac_enforce_reboot); + static int mac_enforce_socket = 1; SYSCTL_INT(_security_mac, OID_AUTO, enforce_socket, CTLFLAG_RW, &mac_enforce_socket, 0, "Enforce MAC policy on socket operations"); @@ -899,6 +904,10 @@ mac_policy_register(struct mac_policy_conf *mpc) mpc->mpc_ops->mpo_check_socket_visible = mpe->mpe_function; break; + case MAC_CHECK_SYSTEM_REBOOT: + mpc->mpc_ops->mpo_check_system_reboot = + mpe->mpe_function; + break; case MAC_CHECK_SYSTEM_SWAPON: mpc->mpc_ops->mpo_check_system_swapon = mpe->mpe_function; @@ -2997,6 +3006,20 @@ mac_check_socket_visible(struct ucred *cred, struct socket *socket) } int +mac_check_system_reboot(struct ucred *cred, int howto) +{ + int error; + + ASSERT_VOP_LOCKED(vp, "mac_check_system_reboot"); + + if (!mac_enforce_reboot) + return (0); + + MAC_CHECK(check_system_reboot, cred, howto); + return (error); +} + +int mac_check_system_swapon(struct ucred *cred, struct vnode *vp) { int error; diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h index 72da14f..d92bcf7 100644 --- a/sys/security/mac/mac_policy.h +++ b/sys/security/mac/mac_policy.h @@ -310,6 +310,7 @@ struct mac_policy_ops { struct socket *so, struct label *socketlabel); int (*mpo_check_socket_visible)(struct ucred *cred, struct socket *so, struct label *socketlabel); + int (*mpo_check_system_reboot)(struct ucred *cred, int howto); int (*mpo_check_system_swapon)(struct ucred *cred, struct vnode *vp, struct label *label); int (*mpo_check_vnode_access)(struct ucred *cred, @@ -502,6 +503,7 @@ enum mac_op_constant { MAC_CHECK_SOCKET_RELABEL, MAC_CHECK_SOCKET_SEND, MAC_CHECK_SOCKET_VISIBLE, + MAC_CHECK_SYSTEM_REBOOT, MAC_CHECK_SYSTEM_SWAPON, MAC_CHECK_VNODE_ACCESS, MAC_CHECK_VNODE_CHDIR, diff --git a/sys/security/mac/mac_process.c b/sys/security/mac/mac_process.c index b757be6..00ecd04 100644 --- a/sys/security/mac/mac_process.c +++ b/sys/security/mac/mac_process.c @@ -141,6 +141,11 @@ SYSCTL_INT(_security_mac, OID_AUTO, enforce_process, CTLFLAG_RW, &mac_enforce_process, 0, "Enforce MAC policy on inter-process operations"); TUNABLE_INT("security.mac.enforce_process", &mac_enforce_process); +static int mac_enforce_reboot = 1; +SYSCTL_INT(_security_mac, OID_AUTO, enforce_reboot, CTLFLAG_RW, + &mac_enforce_reboot, 0, "Enforce MAC policy for reboot operations"); +TUNABLE_INT("security.mac.enforce_reboot", &mac_enforce_reboot); + static int mac_enforce_socket = 1; SYSCTL_INT(_security_mac, OID_AUTO, enforce_socket, CTLFLAG_RW, &mac_enforce_socket, 0, "Enforce MAC policy on socket operations"); @@ -899,6 +904,10 @@ mac_policy_register(struct mac_policy_conf *mpc) mpc->mpc_ops->mpo_check_socket_visible = mpe->mpe_function; break; + case MAC_CHECK_SYSTEM_REBOOT: + mpc->mpc_ops->mpo_check_system_reboot = + mpe->mpe_function; + break; case MAC_CHECK_SYSTEM_SWAPON: mpc->mpc_ops->mpo_check_system_swapon = mpe->mpe_function; @@ -2997,6 +3006,20 @@ mac_check_socket_visible(struct ucred *cred, struct socket *socket) } int +mac_check_system_reboot(struct ucred *cred, int howto) +{ + int error; + + ASSERT_VOP_LOCKED(vp, "mac_check_system_reboot"); + + if (!mac_enforce_reboot) + return (0); + + MAC_CHECK(check_system_reboot, cred, howto); + return (error); +} + +int mac_check_system_swapon(struct ucred *cred, struct vnode *vp) { int error; diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c index b757be6..00ecd04 100644 --- a/sys/security/mac/mac_syscalls.c +++ b/sys/security/mac/mac_syscalls.c @@ -141,6 +141,11 @@ SYSCTL_INT(_security_mac, OID_AUTO, enforce_process, CTLFLAG_RW, &mac_enforce_process, 0, "Enforce MAC policy on inter-process operations"); TUNABLE_INT("security.mac.enforce_process", &mac_enforce_process); +static int mac_enforce_reboot = 1; +SYSCTL_INT(_security_mac, OID_AUTO, enforce_reboot, CTLFLAG_RW, + &mac_enforce_reboot, 0, "Enforce MAC policy for reboot operations"); +TUNABLE_INT("security.mac.enforce_reboot", &mac_enforce_reboot); + static int mac_enforce_socket = 1; SYSCTL_INT(_security_mac, OID_AUTO, enforce_socket, CTLFLAG_RW, &mac_enforce_socket, 0, "Enforce MAC policy on socket operations"); @@ -899,6 +904,10 @@ mac_policy_register(struct mac_policy_conf *mpc) mpc->mpc_ops->mpo_check_socket_visible = mpe->mpe_function; break; + case MAC_CHECK_SYSTEM_REBOOT: + mpc->mpc_ops->mpo_check_system_reboot = + mpe->mpe_function; + break; case MAC_CHECK_SYSTEM_SWAPON: mpc->mpc_ops->mpo_check_system_swapon = mpe->mpe_function; @@ -2997,6 +3006,20 @@ mac_check_socket_visible(struct ucred *cred, struct socket *socket) } int +mac_check_system_reboot(struct ucred *cred, int howto) +{ + int error; + + ASSERT_VOP_LOCKED(vp, "mac_check_system_reboot"); + + if (!mac_enforce_reboot) + return (0); + + MAC_CHECK(check_system_reboot, cred, howto); + return (error); +} + +int mac_check_system_swapon(struct ucred *cred, struct vnode *vp) { int error; diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c index b757be6..00ecd04 100644 --- a/sys/security/mac/mac_system.c +++ b/sys/security/mac/mac_system.c @@ -141,6 +141,11 @@ SYSCTL_INT(_security_mac, OID_AUTO, enforce_process, CTLFLAG_RW, &mac_enforce_process, 0, "Enforce MAC policy on inter-process operations"); TUNABLE_INT("security.mac.enforce_process", &mac_enforce_process); +static int mac_enforce_reboot = 1; +SYSCTL_INT(_security_mac, OID_AUTO, enforce_reboot, CTLFLAG_RW, + &mac_enforce_reboot, 0, "Enforce MAC policy for reboot operations"); +TUNABLE_INT("security.mac.enforce_reboot", &mac_enforce_reboot); + static int mac_enforce_socket = 1; SYSCTL_INT(_security_mac, OID_AUTO, enforce_socket, CTLFLAG_RW, &mac_enforce_socket, 0, "Enforce MAC policy on socket operations"); @@ -899,6 +904,10 @@ mac_policy_register(struct mac_policy_conf *mpc) mpc->mpc_ops->mpo_check_socket_visible = mpe->mpe_function; break; + case MAC_CHECK_SYSTEM_REBOOT: + mpc->mpc_ops->mpo_check_system_reboot = + mpe->mpe_function; + break; case MAC_CHECK_SYSTEM_SWAPON: mpc->mpc_ops->mpo_check_system_swapon = mpe->mpe_function; @@ -2997,6 +3006,20 @@ mac_check_socket_visible(struct ucred *cred, struct socket *socket) } int +mac_check_system_reboot(struct ucred *cred, int howto) +{ + int error; + + ASSERT_VOP_LOCKED(vp, "mac_check_system_reboot"); + + if (!mac_enforce_reboot) + return (0); + + MAC_CHECK(check_system_reboot, cred, howto); + return (error); +} + +int mac_check_system_swapon(struct ucred *cred, struct vnode *vp) { int error; diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c index b757be6..00ecd04 100644 --- a/sys/security/mac/mac_vfs.c +++ b/sys/security/mac/mac_vfs.c @@ -141,6 +141,11 @@ SYSCTL_INT(_security_mac, OID_AUTO, enforce_process, CTLFLAG_RW, &mac_enforce_process, 0, "Enforce MAC policy on inter-process operations"); TUNABLE_INT("security.mac.enforce_process", &mac_enforce_process); +static int mac_enforce_reboot = 1; +SYSCTL_INT(_security_mac, OID_AUTO, enforce_reboot, CTLFLAG_RW, + &mac_enforce_reboot, 0, "Enforce MAC policy for reboot operations"); +TUNABLE_INT("security.mac.enforce_reboot", &mac_enforce_reboot); + static int mac_enforce_socket = 1; SYSCTL_INT(_security_mac, OID_AUTO, enforce_socket, CTLFLAG_RW, &mac_enforce_socket, 0, "Enforce MAC policy on socket operations"); @@ -899,6 +904,10 @@ mac_policy_register(struct mac_policy_conf *mpc) mpc->mpc_ops->mpo_check_socket_visible = mpe->mpe_function; break; + case MAC_CHECK_SYSTEM_REBOOT: + mpc->mpc_ops->mpo_check_system_reboot = + mpe->mpe_function; + break; case MAC_CHECK_SYSTEM_SWAPON: mpc->mpc_ops->mpo_check_system_swapon = mpe->mpe_function; @@ -2997,6 +3006,20 @@ mac_check_socket_visible(struct ucred *cred, struct socket *socket) } int +mac_check_system_reboot(struct ucred *cred, int howto) +{ + int error; + + ASSERT_VOP_LOCKED(vp, "mac_check_system_reboot"); + + if (!mac_enforce_reboot) + return (0); + + MAC_CHECK(check_system_reboot, cred, howto); + return (error); +} + +int mac_check_system_swapon(struct ucred *cred, struct vnode *vp) { int error; diff --git a/sys/sys/mac.h b/sys/sys/mac.h index a0c3ebe..e43139d 100644 --- a/sys/sys/mac.h +++ b/sys/sys/mac.h @@ -297,6 +297,7 @@ int mac_check_socket_listen(struct ucred *cred, struct socket *so); int mac_check_socket_receive(struct ucred *cred, struct socket *so); int mac_check_socket_send(struct ucred *cred, struct socket *so); int mac_check_socket_visible(struct ucred *cred, struct socket *so); +int mac_check_system_reboot(struct ucred *cred, int howto); int mac_check_system_swapon(struct ucred *cred, struct vnode *vp); int mac_check_vnode_access(struct ucred *cred, struct vnode *vp, int flags); diff --git a/sys/sys/mac_policy.h b/sys/sys/mac_policy.h index 72da14f..d92bcf7 100644 --- a/sys/sys/mac_policy.h +++ b/sys/sys/mac_policy.h @@ -310,6 +310,7 @@ struct mac_policy_ops { struct socket *so, struct label *socketlabel); int (*mpo_check_socket_visible)(struct ucred *cred, struct socket *so, struct label *socketlabel); + int (*mpo_check_system_reboot)(struct ucred *cred, int howto); int (*mpo_check_system_swapon)(struct ucred *cred, struct vnode *vp, struct label *label); int (*mpo_check_vnode_access)(struct ucred *cred, @@ -502,6 +503,7 @@ enum mac_op_constant { MAC_CHECK_SOCKET_RELABEL, MAC_CHECK_SOCKET_SEND, MAC_CHECK_SOCKET_VISIBLE, + MAC_CHECK_SYSTEM_REBOOT, MAC_CHECK_SYSTEM_SWAPON, MAC_CHECK_VNODE_ACCESS, MAC_CHECK_VNODE_CHDIR, |