summaryrefslogtreecommitdiffstats
path: root/sys/security/mac_biba/mac_biba.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/security/mac_biba/mac_biba.c')
-rw-r--r--sys/security/mac_biba/mac_biba.c60
1 files changed, 48 insertions, 12 deletions
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
index fc2baa9..d96c4e1 100644
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -1268,17 +1268,6 @@ biba_inpcb_create_mbuf(struct inpcb *inp, struct label *inplabel,
}
static void
-biba_mbuf_create_linklayer(struct ifnet *ifp, struct label *ifplabel,
- struct mbuf *m, struct label *mlabel)
-{
- struct mac_biba *dest;
-
- dest = SLOT(mlabel);
-
- biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL);
-}
-
-static void
biba_bpfdesc_create_mbuf(struct bpf_d *d, struct label *dlabel,
struct mbuf *m, struct label *mlabel)
{
@@ -1372,6 +1361,28 @@ biba_inpcb_sosetlabel(struct socket *so, struct label *solabel,
}
static void
+biba_netatalk_aarp_send(struct ifnet *ifp, struct label *ifplabel,
+ struct mbuf *m, struct label *mlabel)
+{
+ struct mac_biba *dest;
+
+ dest = SLOT(mlabel);
+
+ biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL);
+}
+
+static void
+biba_netinet_arp_send(struct ifnet *ifp, struct label *ifplabel,
+ struct mbuf *m, struct label *mlabel)
+{
+ struct mac_biba *dest;
+
+ dest = SLOT(mlabel);
+
+ biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL);
+}
+
+static void
biba_netinet_firewall_send(struct mbuf *m, struct label *mlabel)
{
struct mac_biba *dest;
@@ -1382,6 +1393,28 @@ biba_netinet_firewall_send(struct mbuf *m, struct label *mlabel)
biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL);
}
+static void
+biba_netinet_igmp_send(struct ifnet *ifp, struct label *ifplabel,
+ struct mbuf *m, struct label *mlabel)
+{
+ struct mac_biba *dest;
+
+ dest = SLOT(mlabel);
+
+ biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL);
+}
+
+static void
+biba_netinet6_nd6_send(struct ifnet *ifp, struct label *ifplabel,
+ struct mbuf *m, struct label *mlabel)
+{
+ struct mac_biba *dest;
+
+ dest = SLOT(mlabel);
+
+ biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL);
+}
+
/*
* Labeling event operations: processes.
*/
@@ -3320,7 +3353,6 @@ static struct mac_policy_ops mac_biba_ops =
.mpo_sysvshm_create = biba_sysvshm_create,
.mpo_ipq_create = biba_ipq_create,
.mpo_inpcb_create_mbuf = biba_inpcb_create_mbuf,
- .mpo_mbuf_create_linklayer = biba_mbuf_create_linklayer,
.mpo_bpfdesc_create_mbuf = biba_bpfdesc_create_mbuf,
.mpo_ifnet_create_mbuf = biba_ifnet_create_mbuf,
.mpo_mbuf_create_multicast_encap = biba_mbuf_create_multicast_encap,
@@ -3412,7 +3444,11 @@ static struct mac_policy_ops mac_biba_ops =
.mpo_vnode_check_stat = biba_vnode_check_stat,
.mpo_vnode_check_unlink = biba_vnode_check_unlink,
.mpo_vnode_check_write = biba_vnode_check_write,
+ .mpo_netatalk_aarp_send = biba_netatalk_aarp_send,
+ .mpo_netinet_arp_send = biba_netinet_arp_send,
.mpo_netinet_firewall_send = biba_netinet_firewall_send,
+ .mpo_netinet_igmp_send = biba_netinet_igmp_send,
+ .mpo_netinet6_nd6_send = biba_netinet6_nd6_send,
.mpo_priv_check = biba_priv_check,
};
OpenPOWER on IntegriCloud