summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sys/kern/init_main.c8
-rw-r--r--sys/kern/kern_prot.c11
2 files changed, 19 insertions, 0 deletions
diff --git a/sys/kern/init_main.c b/sys/kern/init_main.c
index aa87a18..d43d52f 100644
--- a/sys/kern/init_main.c
+++ b/sys/kern/init_main.c
@@ -43,6 +43,7 @@
*/
#include "opt_init_path.h"
+#include "opt_mac.h"
#include <sys/param.h>
#include <sys/kernel.h>
@@ -50,6 +51,7 @@
#include <sys/filedesc.h>
#include <sys/ktr.h>
#include <sys/lock.h>
+#include <sys/mac.h>
#include <sys/mount.h>
#include <sys/mutex.h>
#include <sys/sysctl.h>
@@ -362,6 +364,9 @@ KASSERT((ke->ke_kgrlist.tqe_next != ke), ("linked to self!"));
p->p_ucred->cr_uidinfo = uifind(0);
p->p_ucred->cr_ruidinfo = uifind(0);
p->p_ucred->cr_prison = NULL; /* Don't jail it. */
+#ifdef MAC
+ mac_create_proc0(p->p_ucred);
+#endif
td->td_ucred = crhold(p->p_ucred);
/* Create procsig. */
@@ -657,6 +662,9 @@ create_init(const void *udata __unused)
initproc->p_flag |= P_SYSTEM;
oldcred = initproc->p_ucred;
crcopy(newcred, oldcred);
+#ifdef MAC
+ mac_create_proc1(newcred);
+#endif
initproc->p_ucred = newcred;
PROC_UNLOCK(initproc);
crfree(oldcred);
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 8f85803..d6f07a0 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -45,6 +45,7 @@
*/
#include "opt_compat.h"
+#include "opt_mac.h"
#include <sys/param.h>
#include <sys/systm.h>
@@ -52,6 +53,7 @@
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/malloc.h>
+#include <sys/mac.h>
#include <sys/mutex.h>
#include <sys/sx.h>
#include <sys/proc.h>
@@ -1670,6 +1672,9 @@ crget(void)
MALLOC(cr, struct ucred *, sizeof(*cr), M_CRED, M_WAITOK | M_ZERO);
cr->cr_ref = 1;
cr->cr_mtxp = mtx_pool_find(cr);
+#ifdef MAC
+ mac_init_cred(cr);
+#endif
return (cr);
}
@@ -1714,6 +1719,9 @@ crfree(struct ucred *cr)
*/
if (jailed(cr))
prison_free(cr->cr_prison);
+#ifdef MAC
+ mac_destroy_cred(cr);
+#endif
FREE(cr, M_CRED);
mtx_unlock(&Giant);
} else {
@@ -1750,6 +1758,9 @@ crcopy(struct ucred *dest, struct ucred *src)
uihold(dest->cr_ruidinfo);
if (jailed(dest))
prison_hold(dest->cr_prison);
+#ifdef MAC
+ mac_create_cred(src, dest);
+#endif
}
/*
OpenPOWER on IntegriCloud