summaryrefslogtreecommitdiffstats
path: root/sys/security/mac/mac_cred.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/security/mac/mac_cred.c')
-rw-r--r--sys/security/mac/mac_cred.c126
1 files changed, 126 insertions, 0 deletions
diff --git a/sys/security/mac/mac_cred.c b/sys/security/mac/mac_cred.c
index 8cac7b3..41c6e66 100644
--- a/sys/security/mac/mac_cred.c
+++ b/sys/security/mac/mac_cred.c
@@ -211,6 +211,132 @@ mac_cred_check_relabel(struct ucred *cred, struct label *newlabel)
return (error);
}
+MAC_CHECK_PROBE_DEFINE2(cred_check_setuid, "struct ucred *", "uid_t");
+
+int
+mac_cred_check_setuid(struct ucred *cred, uid_t uid)
+{
+ int error;
+
+ MAC_CHECK(cred_check_setuid, cred, uid);
+ MAC_CHECK_PROBE2(cred_check_setuid, error, cred, uid);
+
+ return (error);
+}
+
+MAC_CHECK_PROBE_DEFINE2(cred_check_seteuid, "struct ucred *", "uid_t");
+
+int
+mac_cred_check_seteuid(struct ucred *cred, uid_t euid)
+{
+ int error;
+
+ MAC_CHECK(cred_check_seteuid, cred, euid);
+ MAC_CHECK_PROBE2(cred_check_seteuid, error, cred, euid);
+
+ return (error);
+}
+
+MAC_CHECK_PROBE_DEFINE2(cred_check_setgid, "struct ucred *", "gid_t");
+
+int
+mac_cred_check_setgid(struct ucred *cred, gid_t gid)
+{
+ int error;
+
+ MAC_CHECK(cred_check_setgid, cred, gid);
+ MAC_CHECK_PROBE2(cred_check_setgid, error, cred, gid);
+
+ return (error);
+}
+
+MAC_CHECK_PROBE_DEFINE2(cred_check_setegid, "struct ucred *", "gid_t");
+
+int
+mac_cred_check_setegid(struct ucred *cred, gid_t egid)
+{
+ int error;
+
+ MAC_CHECK(cred_check_setegid, cred, egid);
+ MAC_CHECK_PROBE2(cred_check_setegid, error, cred, egid);
+
+ return (error);
+}
+
+MAC_CHECK_PROBE_DEFINE3(cred_check_setgroups, "struct ucred *", "int",
+ "gid_t *");
+
+int
+mac_cred_check_setgroups(struct ucred *cred, int ngroups, gid_t *gidset)
+{
+ int error;
+
+ MAC_CHECK(cred_check_setgroups, cred, ngroups, gidset);
+ MAC_CHECK_PROBE3(cred_check_setgroups, error, cred, ngroups, gidset);
+
+ return (error);
+}
+
+MAC_CHECK_PROBE_DEFINE3(cred_check_setreuid, "struct ucred *", "uid_t",
+ "uid_t");
+
+int
+mac_cred_check_setreuid(struct ucred *cred, uid_t ruid, uid_t euid)
+{
+ int error;
+
+ MAC_CHECK(cred_check_setreuid, cred, ruid, euid);
+ MAC_CHECK_PROBE3(cred_check_setreuid, error, cred, ruid, euid);
+
+ return (error);
+}
+
+MAC_CHECK_PROBE_DEFINE3(cred_check_setregid, "struct ucred *", "gid_t",
+ "gid_t");
+
+int
+mac_cred_check_setregid(struct ucred *cred, gid_t rgid, gid_t egid)
+{
+ int error;
+
+ MAC_CHECK(cred_check_setregid, cred, rgid, egid);
+ MAC_CHECK_PROBE3(cred_check_setregid, error, cred, rgid, egid);
+
+ return (error);
+}
+
+MAC_CHECK_PROBE_DEFINE4(cred_check_setresuid, "struct ucred *", "uid_t",
+ "uid_t", "uid_t");
+
+int
+mac_cred_check_setresuid(struct ucred *cred, uid_t ruid, uid_t euid,
+ uid_t suid)
+{
+ int error;
+
+ MAC_CHECK(cred_check_setresuid, cred, ruid, euid, suid);
+ MAC_CHECK_PROBE4(cred_check_setresuid, error, cred, ruid, euid,
+ suid);
+
+ return (error);
+}
+
+MAC_CHECK_PROBE_DEFINE4(cred_check_setresgid, "struct ucred *", "gid_t",
+ "gid_t", "gid_t");
+
+int
+mac_cred_check_setresgid(struct ucred *cred, gid_t rgid, gid_t egid,
+ gid_t sgid)
+{
+ int error;
+
+ MAC_CHECK(cred_check_setresgid, cred, rgid, egid, sgid);
+ MAC_CHECK_PROBE4(cred_check_setresgid, error, cred, rgid, egid,
+ sgid);
+
+ return (error);
+}
+
MAC_CHECK_PROBE_DEFINE2(cred_check_visible, "struct ucred *",
"struct ucred *");
OpenPOWER on IntegriCloud