summaryrefslogtreecommitdiffstats
path: root/sys/security
diff options
context:
space:
mode:
Diffstat (limited to 'sys/security')
-rw-r--r--sys/security/mac_biba/mac_biba.c25
-rw-r--r--sys/security/mac_lomac/mac_lomac.c25
-rw-r--r--sys/security/mac_mls/mac_mls.c25
3 files changed, 75 insertions, 0 deletions
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
index cfafc6c..5aa404c 100644
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -3040,6 +3040,27 @@ mac_biba_associate_nfsd_label(struct ucred *cred)
MAC_BIBA_TYPE_HIGH, 0, NULL);
}
+static void
+mac_biba_init_syncache_from_inpcb(struct label *label, struct inpcb *inp)
+{
+ struct mac_biba *source, *dest;
+
+ source = SLOT(inp->inp_label);
+ dest = SLOT(label);
+ mac_biba_copy_effective(source, dest);
+}
+
+static void
+mac_biba_create_mbuf_from_syncache(struct label *sc_label, struct mbuf *m,
+ struct label *mbuf_label)
+{
+ struct mac_biba *source, *dest;
+
+ source = SLOT(sc_label);
+ dest = SLOT(mbuf_label);
+ mac_biba_copy_effective(source, dest);
+}
+
static struct mac_policy_ops mac_biba_ops =
{
.mpo_init = mac_biba_init,
@@ -3048,6 +3069,7 @@ static struct mac_policy_ops mac_biba_ops =
.mpo_init_devfsdirent_label = mac_biba_init_label,
.mpo_init_ifnet_label = mac_biba_init_label,
.mpo_init_inpcb_label = mac_biba_init_label_waitcheck,
+ .mpo_init_syncache_label = mac_biba_init_label_waitcheck,
.mpo_init_sysv_msgmsg_label = mac_biba_init_label,
.mpo_init_sysv_msgqueue_label = mac_biba_init_label,
.mpo_init_sysv_sem_label = mac_biba_init_label,
@@ -3060,12 +3082,14 @@ static struct mac_policy_ops mac_biba_ops =
.mpo_init_posix_sem_label = mac_biba_init_label,
.mpo_init_socket_label = mac_biba_init_label_waitcheck,
.mpo_init_socket_peer_label = mac_biba_init_label_waitcheck,
+ .mpo_init_syncache_from_inpcb = mac_biba_init_syncache_from_inpcb,
.mpo_init_vnode_label = mac_biba_init_label,
.mpo_destroy_bpfdesc_label = mac_biba_destroy_label,
.mpo_destroy_cred_label = mac_biba_destroy_label,
.mpo_destroy_devfsdirent_label = mac_biba_destroy_label,
.mpo_destroy_ifnet_label = mac_biba_destroy_label,
.mpo_destroy_inpcb_label = mac_biba_destroy_label,
+ .mpo_destroy_syncache_label = mac_biba_destroy_label,
.mpo_destroy_sysv_msgmsg_label = mac_biba_destroy_label,
.mpo_destroy_sysv_msgqueue_label = mac_biba_destroy_label,
.mpo_destroy_sysv_sem_label = mac_biba_destroy_label,
@@ -3108,6 +3132,7 @@ static struct mac_policy_ops mac_biba_ops =
.mpo_create_vnode_extattr = mac_biba_create_vnode_extattr,
.mpo_setlabel_vnode_extattr = mac_biba_setlabel_vnode_extattr,
.mpo_create_mbuf_from_socket = mac_biba_create_mbuf_from_socket,
+ .mpo_create_mbuf_from_syncache = mac_biba_create_mbuf_from_syncache,
.mpo_create_pipe = mac_biba_create_pipe,
.mpo_create_posix_sem = mac_biba_create_posix_sem,
.mpo_create_socket = mac_biba_create_socket,
diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c
index 7ca6e77..3364b78 100644
--- a/sys/security/mac_lomac/mac_lomac.c
+++ b/sys/security/mac_lomac/mac_lomac.c
@@ -1448,6 +1448,27 @@ mac_lomac_inpcb_sosetlabel(struct socket *so, struct label *solabel,
}
static void
+mac_lomac_init_syncache_from_inpcb(struct label *label, struct inpcb *inp)
+{
+ struct mac_lomac *source, *dest;
+
+ source = SLOT(inp->inp_label);
+ dest = SLOT(label);
+ mac_lomac_copy(source, dest);
+}
+
+static void
+mac_lomac_create_mbuf_from_syncache(struct label *sc_label, struct mbuf *m,
+ struct label *mbuf_label)
+{
+ struct mac_lomac *source, *dest;
+
+ source = SLOT(sc_label);
+ dest = SLOT(mbuf_label);
+ mac_lomac_copy(source, dest);
+}
+
+static void
mac_lomac_create_mbuf_from_firewall(struct mbuf *m, struct label *label)
{
struct mac_lomac *dest;
@@ -2574,6 +2595,7 @@ static struct mac_policy_ops mac_lomac_ops =
.mpo_init_cred_label = mac_lomac_init_label,
.mpo_init_devfsdirent_label = mac_lomac_init_label,
.mpo_init_ifnet_label = mac_lomac_init_label,
+ .mpo_init_syncache_label = mac_lomac_init_label_waitcheck,
.mpo_init_inpcb_label = mac_lomac_init_label_waitcheck,
.mpo_init_ipq_label = mac_lomac_init_label_waitcheck,
.mpo_init_mbuf_label = mac_lomac_init_label_waitcheck,
@@ -2584,6 +2606,7 @@ static struct mac_policy_ops mac_lomac_ops =
.mpo_init_socket_label = mac_lomac_init_label_waitcheck,
.mpo_init_socket_peer_label = mac_lomac_init_label_waitcheck,
.mpo_init_vnode_label = mac_lomac_init_label,
+ .mpo_init_syncache_from_inpcb = mac_lomac_init_syncache_from_inpcb,
.mpo_destroy_bpfdesc_label = mac_lomac_destroy_label,
.mpo_destroy_cred_label = mac_lomac_destroy_label,
.mpo_destroy_devfsdirent_label = mac_lomac_destroy_label,
@@ -2595,6 +2618,7 @@ static struct mac_policy_ops mac_lomac_ops =
.mpo_destroy_mount_fs_label = mac_lomac_destroy_label,
.mpo_destroy_pipe_label = mac_lomac_destroy_label,
.mpo_destroy_proc_label = mac_lomac_destroy_proc_label,
+ .mpo_destroy_syncache_label = mac_lomac_destroy_label,
.mpo_destroy_socket_label = mac_lomac_destroy_label,
.mpo_destroy_socket_peer_label = mac_lomac_destroy_label,
.mpo_destroy_vnode_label = mac_lomac_destroy_label,
@@ -2628,6 +2652,7 @@ static struct mac_policy_ops mac_lomac_ops =
.mpo_create_vnode_extattr = mac_lomac_create_vnode_extattr,
.mpo_setlabel_vnode_extattr = mac_lomac_setlabel_vnode_extattr,
.mpo_create_mbuf_from_socket = mac_lomac_create_mbuf_from_socket,
+ .mpo_create_mbuf_from_syncache = mac_lomac_create_mbuf_from_syncache,
.mpo_create_pipe = mac_lomac_create_pipe,
.mpo_create_socket = mac_lomac_create_socket,
.mpo_create_socket_from_socket = mac_lomac_create_socket_from_socket,
diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c
index d02f034..2c4a67c 100644
--- a/sys/security/mac_mls/mac_mls.c
+++ b/sys/security/mac_mls/mac_mls.c
@@ -1315,6 +1315,27 @@ mac_mls_create_mbuf_from_firewall(struct mbuf *m, struct label *mbuflabel)
mac_mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL);
}
+static void
+mac_mls_init_syncache_from_inpcb(struct label *label, struct inpcb *inp)
+{
+ struct mac_mls *source, *dest;
+
+ source = SLOT(inp->inp_label);
+ dest = SLOT(label);
+ mac_mls_copy_effective(source, dest);
+}
+
+static void
+mac_mls_create_mbuf_from_syncache(struct label *sc_label, struct mbuf *m,
+ struct label *mbuf_label)
+{
+ struct mac_mls *source, *dest;
+
+ source = SLOT(sc_label);
+ dest = SLOT(mbuf_label);
+ mac_mls_copy_effective(source, dest);
+}
+
/*
* Labeling event operations: processes.
*/
@@ -2817,6 +2838,7 @@ static struct mac_policy_ops mac_mls_ops =
.mpo_init_devfsdirent_label = mac_mls_init_label,
.mpo_init_ifnet_label = mac_mls_init_label,
.mpo_init_inpcb_label = mac_mls_init_label_waitcheck,
+ .mpo_init_syncache_label = mac_mls_init_label_waitcheck,
.mpo_init_sysv_msgmsg_label = mac_mls_init_label,
.mpo_init_sysv_msgqueue_label = mac_mls_init_label,
.mpo_init_sysv_sem_label = mac_mls_init_label,
@@ -2835,6 +2857,7 @@ static struct mac_policy_ops mac_mls_ops =
.mpo_destroy_devfsdirent_label = mac_mls_destroy_label,
.mpo_destroy_ifnet_label = mac_mls_destroy_label,
.mpo_destroy_inpcb_label = mac_mls_destroy_label,
+ .mpo_destroy_syncache_label = mac_mls_destroy_label,
.mpo_destroy_sysv_msgmsg_label = mac_mls_destroy_label,
.mpo_destroy_sysv_msgqueue_label = mac_mls_destroy_label,
.mpo_destroy_sysv_sem_label = mac_mls_destroy_label,
@@ -2877,6 +2900,7 @@ static struct mac_policy_ops mac_mls_ops =
.mpo_create_vnode_extattr = mac_mls_create_vnode_extattr,
.mpo_setlabel_vnode_extattr = mac_mls_setlabel_vnode_extattr,
.mpo_create_mbuf_from_socket = mac_mls_create_mbuf_from_socket,
+ .mpo_create_mbuf_from_syncache = mac_mls_create_mbuf_from_syncache,
.mpo_create_pipe = mac_mls_create_pipe,
.mpo_create_posix_sem = mac_mls_create_posix_sem,
.mpo_create_socket = mac_mls_create_socket,
@@ -2890,6 +2914,7 @@ static struct mac_policy_ops mac_mls_ops =
.mpo_create_fragment = mac_mls_create_fragment,
.mpo_create_ifnet = mac_mls_create_ifnet,
.mpo_create_inpcb_from_socket = mac_mls_create_inpcb_from_socket,
+ .mpo_init_syncache_from_inpcb = mac_mls_init_syncache_from_inpcb,
.mpo_create_ipq = mac_mls_create_ipq,
.mpo_create_sysv_msgmsg = mac_mls_create_sysv_msgmsg,
.mpo_create_sysv_msgqueue = mac_mls_create_sysv_msgqueue,
OpenPOWER on IntegriCloud