73 /* label token prefix */
85  * @brief parse label into bitmask
92 gbl_parse_label(const char *label)  in gbl_parse_label()  argument
97 	if (!(label && *label))  in gbl_parse_label()
100 	for (cp = strstr(label, GBL_PREFIX); cp; cp = strstr(cp, GBL_PREFIX)) {  in gbl_parse_label()
102 		if (cp > label && cp[-1] != ',') {  in gbl_parse_label()
162  * Lookup the label if not already set in v_label
170 	const char *label;  in gbl_get_vlabel()  local
178 			label = mac_veriexec_metadata_get_file_label(va.va_fsid,  in gbl_get_vlabel()
180 			if (label) {  in gbl_get_vlabel()
182 				    "label=%s dev=%ju, file %ju.%lu",  in gbl_get_vlabel()
183 				    label,  in gbl_get_vlabel()
187 				gbl = gbl_parse_label(label);  in gbl_get_vlabel()
190 				MAC_GRANTBYLABEL_DBG(2, "no label dev=%ju, file %ju.%lu",  in gbl_get_vlabel()
205  * Otherwise see if the current process has a label
211 	gbl_label_t label;  in mac_grantbylabel_priv_grant()  local
234 	label = (gbl_label_t)(SLOT(curproc->p_textvp->v_label) |  in mac_grantbylabel_priv_grant()
239 	 * via process label.  in mac_grantbylabel_priv_grant()
244 		if (label & GBL_IPC)  in mac_grantbylabel_priv_grant()
250 		if (label & GBL_KMEM)  in mac_grantbylabel_priv_grant()
256 		if (label & GBL_BIND)  in mac_grantbylabel_priv_grant()
268 		if (label & GBL_NET)  in mac_grantbylabel_priv_grant()
273 		if (label & GBL_RTSOCK)  in mac_grantbylabel_priv_grant()
278 		if (label & GBL_PROC)  in mac_grantbylabel_priv_grant()
282 		if (label & GBL_SYSCTL)  in mac_grantbylabel_priv_grant()
287 		if (label & GBL_KMEM)  in mac_grantbylabel_priv_grant()
296 		if (label & GBL_VACCESS)  in mac_grantbylabel_priv_grant()
303 		 * We need to check parent label for this one.  in mac_grantbylabel_priv_grant()
306 		label = (gbl_label_t)SLOT(curproc->p_pptr->p_textvp->v_label);  in mac_grantbylabel_priv_grant()
307 		if (label & GBL_VERIEXEC) {  in mac_grantbylabel_priv_grant()
322 		label = (gbl_label_t)SLOT(curproc->p_label);  in mac_grantbylabel_priv_grant()
323 		if (label & GBL_VERIEXEC)  in mac_grantbylabel_priv_grant()
330 	    "pid=%d priv=%d, label=%#o rc=%d",  in mac_grantbylabel_priv_grant()
331 	    curproc->p_pid, priv, label, rc);  in mac_grantbylabel_priv_grant()
338  * If proc->p_textvp does not yet have a label,
340  * and set label (if any) else set.
341  * If there is no label set it to GBL_EMPTY.
428 mac_grantbylabel_proc_init_label(struct label *label)  in mac_grantbylabel_proc_init_label()  argument
431 	SLOT_SET(label, 0);		/* not yet set! */  in mac_grantbylabel_proc_init_label()
435 mac_grantbylabel_vnode_init_label(struct label *label)  in mac_grantbylabel_vnode_init_label()  argument
438 	SLOT_SET(label, 0);		/* not yet set! */  in mac_grantbylabel_vnode_init_label()
446     struct vnode *vp __unused, struct label *label __unused,  in mac_grantbylabel_vnode_check_exec()
447     struct image_params *imgp, struct label *execlabel __unused)  in mac_grantbylabel_vnode_check_exec()
456 		MAC_GRANTBYLABEL_DBG(1, "vnode_check_exec label=%#o", gbl);  in mac_grantbylabel_vnode_check_exec()
463 mac_grantbylabel_copy_label(struct label *src, struct label *dest)  in mac_grantbylabel_copy_label()
473     struct vnode *vp, struct label *vplabel,  in mac_grantbylabel_vnode_execve_will_transition()
474     struct label *interpvplabel, struct image_params *imgp,  in mac_grantbylabel_vnode_execve_will_transition()
475     struct label *execlabel)  in mac_grantbylabel_vnode_execve_will_transition()
484 		MAC_GRANTBYLABEL_DBG(1, "execve_will_transition label=%#o", gbl);  in mac_grantbylabel_vnode_execve_will_transition()