17bfd8444SRobert Watson.\"- 27bfd8444SRobert Watson.\" Copyright (c) 2021 Robert N. M. Watson 37bfd8444SRobert Watson.\" All rights reserved. 47bfd8444SRobert Watson.\" 57bfd8444SRobert Watson.\" Redistribution and use in source and binary forms, with or without 67bfd8444SRobert Watson.\" modification, are permitted provided that the following conditions 77bfd8444SRobert Watson.\" are met: 87bfd8444SRobert Watson.\" 1. Redistributions of source code must retain the above copyright 97bfd8444SRobert Watson.\" notice, this list of conditions and the following disclaimer. 107bfd8444SRobert Watson.\" 2. Redistributions in binary form must reproduce the above copyright 117bfd8444SRobert Watson.\" notice, this list of conditions and the following disclaimer in the 127bfd8444SRobert Watson.\" documentation and/or other materials provided with the distribution. 137bfd8444SRobert Watson.\" 147bfd8444SRobert Watson.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 157bfd8444SRobert Watson.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 167bfd8444SRobert Watson.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 177bfd8444SRobert Watson.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 187bfd8444SRobert Watson.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 197bfd8444SRobert Watson.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 207bfd8444SRobert Watson.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 217bfd8444SRobert Watson.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 227bfd8444SRobert Watson.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 237bfd8444SRobert Watson.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 247bfd8444SRobert Watson.\" SUCH DAMAGE. 257bfd8444SRobert Watson.\" 267bfd8444SRobert Watson.Dd February 27, 2021 277bfd8444SRobert Watson.Dt VOP_SETLABEL 9 287bfd8444SRobert Watson.Os 297bfd8444SRobert Watson.Sh NAME 307bfd8444SRobert Watson.Nm VOP_SETLABEL 317bfd8444SRobert Watson.Nd persistently store an updated MAC label on a vnode 327bfd8444SRobert Watson.Sh SYNOPSIS 337bfd8444SRobert Watson.In sys/param.h 347bfd8444SRobert Watson.In sys/vnode.h 357bfd8444SRobert Watson.In security/mac.h 367bfd8444SRobert Watson.Ft int 377bfd8444SRobert Watson.Fn VOP_SETLABEL "struct vnode *vp" "label *label" 387bfd8444SRobert Watson.Sh DESCRIPTION 397bfd8444SRobert WatsonThis vnode call is made by 407bfd8444SRobert Watson.Xr mac 9 417bfd8444SRobert Watsonfile relabeling operation has been authorized, and the filesystem must now be 427bfd8444SRobert Watsonupdated. 437bfd8444SRobert Watson.Ss Single-Label vs. Multi-Label Filesystems 447bfd8444SRobert WatsonFilesystems that do not implement per-file labels -- known as single-label 457bfd8444SRobert Watsonfilesystems -- can simply leave the 467bfd8444SRobert Watson.Xr vnode 9 477bfd8444SRobert Watsonoperation undefined. 487bfd8444SRobert WatsonThese filesystems must not set the 497bfd8444SRobert Watson.Dv MNT_MULTLABEL 507bfd8444SRobert Watsonflag in their 517bfd8444SRobert Watson.Vt struct mount . 527bfd8444SRobert Watson.Pp 537bfd8444SRobert WatsonFilesystems that do implement per-vnode label storage -- known as multi-label 547bfd8444SRobert Watsonfilesystems -- will set the 557bfd8444SRobert Watson.Dv MNT_MULTILABEL 567bfd8444SRobert Watsonflag in their 577bfd8444SRobert Watson.Vt struct mount . 587bfd8444SRobert WatsonThe UFS filesystem uses a superblock flag to persisently configure whether a 597bfd8444SRobert Watsonspecific filesystem implements a label for each 607bfd8444SRobert Watson.Xr vnode 9 , 617bfd8444SRobert Watsonand then keys various behaviors on whether that flag is set. 627bfd8444SRobert Watson.Ss Extended Attributes 637bfd8444SRobert WatsonIf the filesystem implements extended attributes, then the MAC Framework's 647bfd8444SRobert Watson.Fn vop_stdsetlabel_ea 657bfd8444SRobert Watsonfunction can be used, and maps operations into a series of 667bfd8444SRobert Watson.Xr VOP_OPENEXTATTR 9 , 677bfd8444SRobert Watson.Xr VOP_WRITEEXTATTR 9 , 687bfd8444SRobert Watsonand 697bfd8444SRobert Watson.Xr VOP_CLOSEEXTATTR 9 . 707bfd8444SRobert Watson.Pp 717bfd8444SRobert WatsonFilesystems will also need to call 727bfd8444SRobert Watson.Fn mac_vnode_create_extattr 737bfd8444SRobert Watsonwhen a new filesystem object is created, so that suitable extended attributes 747bfd8444SRobert Watsoncan be written out, and 757bfd8444SRobert Watson.Fn mac_vnode_associate_extattr 767bfd8444SRobert Watsonwhen a 777bfd8444SRobert Watson.Xr vnode 9 787bfd8444SRobert Watsonis associated with a filesystem object for the first time. 797bfd8444SRobert WatsonThese utility functions use 807bfd8444SRobert Watson.Xr VOP_OPENEXTATTR 9 , 817bfd8444SRobert Watson.Xr VOP_READEXTATTR 9 , 827bfd8444SRobert Watson.Xr VOP_WRITEEXTATTR 9 , 837bfd8444SRobert Watsonand 847bfd8444SRobert Watson.Xr VOP_CLOSEEXTATTR 9 857bfd8444SRobert Watsonas required. 867bfd8444SRobert Watson.Ss Locking and Crash Safety 877bfd8444SRobert WatsonIn all cases, it is important that exclusive 887bfd8444SRobert Watson.Xr vnode 9 897bfd8444SRobert Watsonlocks be held to prevent concurrent access when a MAC label may not yet be 907bfd8444SRobert Watsoninitialized. 917bfd8444SRobert WatsonIt is also important that operations are ordered so that a system crash does 927bfd8444SRobert Watsonnot leave a file improperly labeled. 937bfd8444SRobert WatsonFor example, the extended attribute for a newly created file must be written 947bfd8444SRobert Watsonto disk before the file is linked by its parent directory, so that there is 957bfd8444SRobert Watsonno opportunity for a crash to lead to an unlabeled file. 967bfd8444SRobert Watson.Sh LOCKS 977bfd8444SRobert WatsonThe vnode will be locked on entry and should remain locked on return. 987bfd8444SRobert Watson.Sh RETURN VALUES 997bfd8444SRobert WatsonIf the MAC label is successfully set, then zero is returned. 1007bfd8444SRobert WatsonOtherwise, an appropriate error code is returned. 1017bfd8444SRobert Watson.Sh ERRORS 1027bfd8444SRobert Watson.Bl -tag -width Er 1037bfd8444SRobert Watson.It Bq Er EOPNOTSUPP 1047bfd8444SRobert WatsonThe file system does not support 1057bfd8444SRobert Watson.Fn VOP_SETLABEL . 1067bfd8444SRobert Watson.It Bq Er ENOSPC 1077bfd8444SRobert WatsonThe file system is out of space. 1087bfd8444SRobert Watson.It Bq Er EROFS 1097bfd8444SRobert WatsonThe file system is read-only. 1107bfd8444SRobert Watson.El 1117bfd8444SRobert Watson.Pp 1127bfd8444SRobert WatsonDepending on the underlying implementation of 1137bfd8444SRobert Watson.Fn VOP_SETLABEL , 1147bfd8444SRobert Watsonother errors may also be possible. 1157bfd8444SRobert Watson.Sh SEE ALSO 116*6e1fc011SGraham Percival.Xr mac 9 , 117*6e1fc011SGraham Percival.Xr mount 9 , 118*6e1fc011SGraham Percival.Xr vnode 9 , 1197bfd8444SRobert Watson.Xr VOP_CLOSEEXTATTR 9 , 1207bfd8444SRobert Watson.Xr VOP_OPENEXTATTR 9 , 1217bfd8444SRobert Watson.Xr VOP_READEXTATTR 9 , 122*6e1fc011SGraham Percival.Xr VOP_WRITEXTATTR 9 1237bfd8444SRobert Watson.Sh AUTHORS 1247bfd8444SRobert WatsonThis manual page was written by 1257bfd8444SRobert Watson.An Robert Watson . 126