Lines Matching full:label
78 * Currently, sockets hold two labels: the label of the socket itself, and a
79 * peer label, which may be used by policies to hold a copy of the label of
82 * Possibly, this peer label should be maintained at the protocol layer
84 * the label consistently. For example, it might be copied live from a
92 * lock over some entry points in order to enforce atomicity (such as label
100 struct label *
103 struct label *label; in mac_socket_label_alloc() local
106 label = mac_labelzone_alloc(flag); in mac_socket_label_alloc()
107 if (label == NULL) in mac_socket_label_alloc()
111 MAC_POLICY_CHECK(socket_init_label, label, flag); in mac_socket_label_alloc()
113 MAC_POLICY_CHECK_NOSLEEP(socket_init_label, label, flag); in mac_socket_label_alloc()
115 MAC_POLICY_PERFORM_NOSLEEP(socket_destroy_label, label); in mac_socket_label_alloc()
116 mac_labelzone_free(label); in mac_socket_label_alloc()
119 return (label); in mac_socket_label_alloc()
122 static struct label *
125 struct label *label; in mac_socketpeer_label_alloc() local
128 label = mac_labelzone_alloc(flag); in mac_socketpeer_label_alloc()
129 if (label == NULL) in mac_socketpeer_label_alloc()
133 MAC_POLICY_CHECK(socketpeer_init_label, label, flag); in mac_socketpeer_label_alloc()
135 MAC_POLICY_CHECK_NOSLEEP(socketpeer_init_label, label, flag); in mac_socketpeer_label_alloc()
137 MAC_POLICY_PERFORM_NOSLEEP(socketpeer_destroy_label, label); in mac_socketpeer_label_alloc()
138 mac_labelzone_free(label); in mac_socketpeer_label_alloc()
141 return (label); in mac_socketpeer_label_alloc()
166 mac_socket_label_free(struct label *label) in mac_socket_label_free() argument
169 MAC_POLICY_PERFORM_NOSLEEP(socket_destroy_label, label); in mac_socket_label_free()
170 mac_labelzone_free(label); in mac_socket_label_free()
174 mac_socketpeer_label_free(struct label *label) in mac_socketpeer_label_free() argument
177 MAC_POLICY_PERFORM_NOSLEEP(socketpeer_destroy_label, label); in mac_socketpeer_label_free()
178 mac_labelzone_free(label); in mac_socketpeer_label_free()
196 mac_socket_copy_label(struct label *src, struct label *dest) in mac_socket_copy_label()
203 mac_socket_externalize_label(struct label *label, char *elements, in mac_socket_externalize_label() argument
208 MAC_POLICY_EXTERNALIZE(socket, label, elements, outbuf, outbuflen); in mac_socket_externalize_label()
214 mac_socketpeer_externalize_label(struct label *label, char *elements, in mac_socketpeer_externalize_label() argument
219 MAC_POLICY_EXTERNALIZE(socketpeer, label, elements, outbuf, in mac_socketpeer_externalize_label()
226 mac_socket_internalize_label(struct label *label, char *string) in mac_socket_internalize_label() argument
230 MAC_POLICY_INTERNALIZE(socket, label, string); in mac_socket_internalize_label()
252 struct label *newlabel) in mac_socket_relabel()
264 struct label *label; in mac_socketpeer_set_from_mbuf() local
269 label = mac_mbuf_to_label(m); in mac_socketpeer_set_from_mbuf()
271 MAC_POLICY_PERFORM_NOSLEEP(socketpeer_set_from_mbuf, m, label, so, in mac_socketpeer_set_from_mbuf()
289 struct label *label; in mac_socket_create_mbuf() local
294 label = mac_mbuf_to_label(m); in mac_socket_create_mbuf()
297 label); in mac_socket_create_mbuf()
369 struct label *label; in mac_socket_check_deliver() local
375 label = mac_mbuf_to_label(m); in mac_socket_check_deliver()
378 label); in mac_socket_check_deliver()
429 "struct socket *", "struct label *");
433 struct label *newlabel) in mac_socket_check_relabel()
491 struct label *label) in mac_socket_label_set() argument
504 error = mac_socket_check_relabel(cred, so, label); in mac_socket_label_set()
510 mac_socket_relabel(cred, so, label); in mac_socket_label_set()
515 * such as if it needs to propagate changes to a cached pcb label in mac_socket_label_set()
516 * from the socket, notify it of the label change while holding the in mac_socket_label_set()
529 struct label *intlabel; in mac_setsockopt_label()
564 struct label *intlabel; in mac_getsockopt_label()
603 struct label *intlabel; in mac_getsockopt_peerlabel()