1eca8a663SRobert Watson /*- 239cfa591SRobert Watson * Copyright (c) 2003-2004 Networks Associates Technology, Inc. 3eca8a663SRobert Watson * All rights reserved. 4eca8a663SRobert Watson * 5eca8a663SRobert Watson * This software was developed for the FreeBSD Project in part by Network 6eca8a663SRobert Watson * Associates Laboratories, the Security Research Division of Network 7eca8a663SRobert Watson * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 8eca8a663SRobert Watson * as part of the DARPA CHATS research program. 9eca8a663SRobert Watson * 10eca8a663SRobert Watson * Redistribution and use in source and binary forms, with or without 11eca8a663SRobert Watson * modification, are permitted provided that the following conditions 12eca8a663SRobert Watson * are met: 13eca8a663SRobert Watson * 1. Redistributions of source code must retain the above copyright 14eca8a663SRobert Watson * notice, this list of conditions and the following disclaimer. 15eca8a663SRobert Watson * 2. Redistributions in binary form must reproduce the above copyright 16eca8a663SRobert Watson * notice, this list of conditions and the following disclaimer in the 17eca8a663SRobert Watson * documentation and/or other materials provided with the distribution. 18eca8a663SRobert Watson * 19eca8a663SRobert Watson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20eca8a663SRobert Watson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21eca8a663SRobert Watson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22eca8a663SRobert Watson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23eca8a663SRobert Watson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24eca8a663SRobert Watson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25eca8a663SRobert Watson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26eca8a663SRobert Watson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27eca8a663SRobert Watson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28eca8a663SRobert Watson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29eca8a663SRobert Watson * SUCH DAMAGE. 30eca8a663SRobert Watson */ 31eca8a663SRobert Watson 32eca8a663SRobert Watson #include <sys/cdefs.h> 33eca8a663SRobert Watson __FBSDID("$FreeBSD$"); 34eca8a663SRobert Watson 35eca8a663SRobert Watson #include "opt_mac.h" 36eca8a663SRobert Watson 37eca8a663SRobert Watson #include <sys/param.h> 38eca8a663SRobert Watson #include <sys/mac.h> 39eca8a663SRobert Watson #include <sys/sysctl.h> 40eca8a663SRobert Watson #include <sys/systm.h> 41eca8a663SRobert Watson 42eca8a663SRobert Watson #include <vm/uma.h> 43eca8a663SRobert Watson 44aed55708SRobert Watson #include <security/mac/mac_framework.h> 45eca8a663SRobert Watson #include <security/mac/mac_internal.h> 46eca8a663SRobert Watson 47eca8a663SRobert Watson uma_zone_t zone_label; 48eca8a663SRobert Watson 49b23f72e9SBrian Feldman static int mac_labelzone_ctor(void *mem, int size, void *arg, int flags); 50eca8a663SRobert Watson static void mac_labelzone_dtor(void *mem, int size, void *arg); 51eca8a663SRobert Watson 52eca8a663SRobert Watson void 53eca8a663SRobert Watson mac_labelzone_init(void) 54eca8a663SRobert Watson { 55eca8a663SRobert Watson 56eca8a663SRobert Watson zone_label = uma_zcreate("MAC labels", sizeof(struct label), 57eca8a663SRobert Watson mac_labelzone_ctor, mac_labelzone_dtor, NULL, NULL, 58eca8a663SRobert Watson UMA_ALIGN_PTR, 0); 59eca8a663SRobert Watson } 60eca8a663SRobert Watson 61b23f72e9SBrian Feldman static int 62b23f72e9SBrian Feldman mac_labelzone_ctor(void *mem, int size, void *arg, int flags) 63eca8a663SRobert Watson { 64eca8a663SRobert Watson struct label *label; 65eca8a663SRobert Watson 66eca8a663SRobert Watson KASSERT(size == sizeof(*label), ("mac_labelzone_ctor: wrong size\n")); 67eca8a663SRobert Watson label = mem; 68eca8a663SRobert Watson bzero(label, sizeof(*label)); 69eca8a663SRobert Watson label->l_flags = MAC_FLAG_INITIALIZED; 70b23f72e9SBrian Feldman return (0); 71eca8a663SRobert Watson } 72eca8a663SRobert Watson 73eca8a663SRobert Watson static void 74eca8a663SRobert Watson mac_labelzone_dtor(void *mem, int size, void *arg) 75eca8a663SRobert Watson { 76eca8a663SRobert Watson struct label *label; 77eca8a663SRobert Watson 78eca8a663SRobert Watson KASSERT(size == sizeof(*label), ("mac_labelzone_dtor: wrong size\n")); 79eca8a663SRobert Watson label = mem; 8039cfa591SRobert Watson KASSERT(label->l_flags & MAC_FLAG_INITIALIZED, 8139cfa591SRobert Watson ("mac_labelzone_dtor: label not initialized")); 82eca8a663SRobert Watson #ifdef DIAGNOSTIC 83eca8a663SRobert Watson bzero(label, sizeof(*label)); 84eca8a663SRobert Watson #else 85eca8a663SRobert Watson label->l_flags &= ~MAC_FLAG_INITIALIZED; 86eca8a663SRobert Watson #endif 87eca8a663SRobert Watson } 88eca8a663SRobert Watson 89eca8a663SRobert Watson struct label * 90eca8a663SRobert Watson mac_labelzone_alloc(int flags) 91eca8a663SRobert Watson { 92eca8a663SRobert Watson 93eca8a663SRobert Watson return (uma_zalloc(zone_label, flags)); 94eca8a663SRobert Watson } 95eca8a663SRobert Watson 96eca8a663SRobert Watson void 97eca8a663SRobert Watson mac_labelzone_free(struct label *label) 98eca8a663SRobert Watson { 99eca8a663SRobert Watson 100eca8a663SRobert Watson uma_zfree(zone_label, label); 101eca8a663SRobert Watson } 102