1 /*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by NAI Labs, 9 * the Security Research Division of Network Associates, Inc. under 10 * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA 11 * CHATS research program. 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 2. Redistributions in binary form must reproduce the above copyright 19 * notice, this list of conditions and the following disclaimer in the 20 * documentation and/or other materials provided with the distribution. 21 * 3. The names of the authors may not be used to endorse or promote 22 * products derived from this software without specific prior written 23 * permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 * 37 * $FreeBSD$ 38 */ 39 /* 40 * Developed by the TrustedBSD Project. 41 * "BSD Extended" MAC policy, allowing the administrator to impose 42 * mandatory rules regarding users and some system objects. 43 * 44 * XXX: Much locking support required here. 45 */ 46 47 #include <sys/types.h> 48 #include <sys/param.h> 49 #include <sys/acl.h> 50 #include <sys/conf.h> 51 #include <sys/kernel.h> 52 #include <sys/mac.h> 53 #include <sys/malloc.h> 54 #include <sys/mount.h> 55 #include <sys/proc.h> 56 #include <sys/systm.h> 57 #include <sys/sysproto.h> 58 #include <sys/sysent.h> 59 #include <sys/vnode.h> 60 #include <sys/file.h> 61 #include <sys/socket.h> 62 #include <sys/socketvar.h> 63 #include <sys/sysctl.h> 64 65 #include <net/bpfdesc.h> 66 #include <net/if.h> 67 #include <net/if_types.h> 68 #include <net/if_var.h> 69 70 #include <vm/vm.h> 71 72 #include <sys/mac_policy.h> 73 74 #include <security/mac_bsdextended/mac_bsdextended.h> 75 76 SYSCTL_DECL(_security_mac); 77 78 SYSCTL_NODE(_security_mac, OID_AUTO, bsdextended, CTLFLAG_RW, 0, 79 "TrustedBSD extended BSD MAC policy controls"); 80 81 static int mac_bsdextended_enabled = 1; 82 SYSCTL_INT(_security_mac_bsdextended, OID_AUTO, enabled, CTLFLAG_RW, 83 &mac_bsdextended_enabled, 0, "Enforce extended BSD policy"); 84 TUNABLE_INT("security.mac.bsdextended.enabled", &mac_bsdextended_enabled); 85 86 MALLOC_DEFINE(M_MACBSDEXTENDED, "mac_bsdextended", "BSD Extended MAC rule"); 87 88 #define MAC_BSDEXTENDED_MAXRULES 250 89 static struct mac_bsdextended_rule *rules[MAC_BSDEXTENDED_MAXRULES]; 90 static int rule_count = 0; 91 static int rule_slots = 0; 92 93 SYSCTL_INT(_security_mac_bsdextended, OID_AUTO, rule_count, CTLFLAG_RD, 94 &rule_count, 0, "Number of defined rules\n"); 95 SYSCTL_INT(_security_mac_bsdextended, OID_AUTO, rule_slots, CTLFLAG_RD, 96 &rule_slots, 0, "Number of used rule slots\n"); 97 98 static int mac_bsdextended_debugging; 99 SYSCTL_INT(_security_mac_bsdextended, OID_AUTO, debugging, CTLFLAG_RW, 100 &mac_bsdextended_debugging, 0, "Enable debugging on failure"); 101 102 static int 103 mac_bsdextended_rule_valid(struct mac_bsdextended_rule *rule) 104 { 105 106 if ((rule->mbr_subject.mbi_flags | MBI_BITS) != MBI_BITS) 107 return (EINVAL); 108 109 if ((rule->mbr_object.mbi_flags | MBI_BITS) != MBI_BITS) 110 return (EINVAL); 111 112 if ((rule->mbr_mode | VALLPERM) != VALLPERM) 113 return (EINVAL); 114 115 return (0); 116 } 117 118 static int 119 sysctl_rule(SYSCTL_HANDLER_ARGS) 120 { 121 struct mac_bsdextended_rule temprule, *ruleptr; 122 u_int namelen; 123 int error, index, *name; 124 125 name = (int *)arg1; 126 namelen = arg2; 127 128 /* printf("bsdextended sysctl handler (namelen %d)\n", namelen); */ 129 130 if (namelen != 1) 131 return (EINVAL); 132 133 index = name[0]; 134 if (index < 0 || index > rule_slots + 1) 135 return (ENOENT); 136 if (rule_slots >= MAC_BSDEXTENDED_MAXRULES) 137 return (ENOENT); 138 139 if (req->oldptr) { 140 if (rules[index] == NULL) 141 return (ENOENT); 142 143 error = SYSCTL_OUT(req, rules[index], sizeof(*rules[index])); 144 if (error) 145 return (error); 146 } 147 148 if (req->newptr) { 149 if (req->newlen == 0) { 150 /* printf("deletion\n"); */ 151 ruleptr = rules[index]; 152 if (ruleptr == NULL) 153 return (ENOENT); 154 rule_count--; 155 rules[index] = NULL; 156 FREE(ruleptr, M_MACBSDEXTENDED); 157 return(0); 158 } 159 error = SYSCTL_IN(req, &temprule, sizeof(temprule)); 160 if (error) 161 return (error); 162 163 error = mac_bsdextended_rule_valid(&temprule); 164 if (error) 165 return (error); 166 167 if (rules[index] == NULL) { 168 /* printf("addition\n"); */ 169 MALLOC(ruleptr, struct mac_bsdextended_rule *, 170 sizeof(*ruleptr), M_MACBSDEXTENDED, M_WAITOK | 171 M_ZERO); 172 *ruleptr = temprule; 173 rules[index] = ruleptr; 174 if (index+1 > rule_slots) 175 rule_slots = index+1; 176 rule_count++; 177 } else { 178 /* printf("replacement\n"); */ 179 *rules[index] = temprule; 180 } 181 } 182 183 return (0); 184 } 185 186 SYSCTL_NODE(_security_mac_bsdextended, OID_AUTO, rules, 187 CTLFLAG_RW, sysctl_rule, "BSD extended MAC rules"); 188 189 static void 190 mac_bsdextended_init(struct mac_policy_conf *mpc) 191 { 192 193 /* Initialize ruleset lock. */ 194 /* Register dynamic sysctl's for rules. */ 195 } 196 197 static void 198 mac_bsdextended_destroy(struct mac_policy_conf *mpc) 199 { 200 201 /* Tear down sysctls. */ 202 /* Destroy ruleset lock. */ 203 } 204 205 static int 206 mac_bsdextended_rulecheck(struct mac_bsdextended_rule *rule, 207 struct ucred *cred, uid_t object_uid, gid_t object_gid, mode_t acc_mode) 208 { 209 int match; 210 211 /* 212 * Is there a subject match? 213 */ 214 if (rule->mbr_subject.mbi_flags & MBI_UID_DEFINED) { 215 match = (rule->mbr_subject.mbi_uid == cred->cr_uid || 216 rule->mbr_subject.mbi_uid == cred->cr_ruid || 217 rule->mbr_subject.mbi_uid == cred->cr_svuid); 218 219 if (rule->mbr_subject.mbi_flags & MBI_NEGATED) 220 match = !match; 221 222 if (!match) 223 return (0); 224 } 225 226 if (rule->mbr_subject.mbi_flags & MBI_GID_DEFINED) { 227 match = (groupmember(rule->mbr_subject.mbi_gid, cred) || 228 rule->mbr_subject.mbi_gid == cred->cr_rgid || 229 rule->mbr_subject.mbi_gid == cred->cr_svgid); 230 231 if (rule->mbr_subject.mbi_flags & MBI_NEGATED) 232 match = !match; 233 234 if (!match) 235 return (0); 236 } 237 238 /* 239 * Is there an object match? 240 */ 241 if (rule->mbr_object.mbi_flags & MBI_UID_DEFINED) { 242 match = (rule->mbr_object.mbi_uid == object_uid); 243 244 if (rule->mbr_object.mbi_flags & MBI_NEGATED) 245 match = !match; 246 247 if (!match) 248 return (0); 249 } 250 251 if (rule->mbr_object.mbi_flags & MBI_GID_DEFINED) { 252 match = (rule->mbr_object.mbi_gid == object_gid); 253 254 if (rule->mbr_object.mbi_flags & MBI_NEGATED) 255 match = !match; 256 257 if (!match) 258 return (0); 259 } 260 261 /* 262 * Is the access permitted? 263 */ 264 if ((rule->mbr_mode & acc_mode) != acc_mode) { 265 if (mac_bsdextended_debugging) 266 printf("mac_bsdextended: %d:%d request %d on %d:%d" 267 " fails\n", cred->cr_ruid, cred->cr_rgid, 268 acc_mode, object_uid, object_gid); 269 return (EACCES); 270 } 271 272 return (0); 273 } 274 275 static int 276 mac_bsdextended_check(struct ucred *cred, uid_t object_uid, gid_t object_gid, 277 mode_t acc_mode) 278 { 279 int error, i; 280 281 for (i = 0; i < rule_slots; i++) { 282 if (rules[i] == NULL) 283 continue; 284 285 error = mac_bsdextended_rulecheck(rules[i], cred, object_uid, 286 object_gid, acc_mode); 287 if (error) 288 return (error); 289 } 290 291 return (0); 292 } 293 294 static int 295 mac_bsdextended_check_vnode_access(struct ucred *cred, struct vnode *vp, 296 struct label *label, mode_t flags) 297 { 298 struct vattr vap; 299 int error; 300 301 if (!mac_bsdextended_enabled) 302 return (0); 303 304 error = VOP_GETATTR(vp, &vap, cred, curthread); 305 if (error) 306 return (error); 307 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, flags)); 308 } 309 310 static int 311 mac_bsdextended_check_vnode_chdir(struct ucred *cred, struct vnode *dvp, 312 struct label *dlabel) 313 { 314 struct vattr vap; 315 int error; 316 317 if (!mac_bsdextended_enabled) 318 return (0); 319 320 error = VOP_GETATTR(dvp, &vap, cred, curthread); 321 if (error) 322 return (error); 323 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VEXEC)); 324 } 325 326 static int 327 mac_bsdextended_check_vnode_chroot(struct ucred *cred, struct vnode *dvp, 328 struct label *dlabel) 329 { 330 struct vattr vap; 331 int error; 332 333 if (!mac_bsdextended_enabled) 334 return (0); 335 336 error = VOP_GETATTR(dvp, &vap, cred, curthread); 337 if (error) 338 return (error); 339 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VEXEC)); 340 } 341 342 static int 343 mac_bsdextended_check_create_vnode(struct ucred *cred, struct vnode *dvp, 344 struct label *dlabel, struct componentname *cnp, struct vattr *vap) 345 { 346 struct vattr dvap; 347 int error; 348 349 if (!mac_bsdextended_enabled) 350 return (0); 351 352 error = VOP_GETATTR(dvp, &dvap, cred, curthread); 353 if (error) 354 return (error); 355 return (mac_bsdextended_check(cred, dvap.va_uid, dvap.va_gid, VWRITE)); 356 } 357 358 static int 359 mac_bsdextended_check_vnode_delete(struct ucred *cred, struct vnode *dvp, 360 struct label *dlabel, struct vnode *vp, struct label *label, 361 struct componentname *cnp) 362 { 363 struct vattr vap; 364 int error; 365 366 if (!mac_bsdextended_enabled) 367 return (0); 368 369 error = VOP_GETATTR(dvp, &vap, cred, curthread); 370 if (error) 371 return (error); 372 error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE); 373 if (error) 374 return (error); 375 376 error = VOP_GETATTR(vp, &vap, cred, curthread); 377 if (error) 378 return (error); 379 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE)); 380 } 381 382 static int 383 mac_bsdextended_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, 384 struct label *label, acl_type_t type) 385 { 386 struct vattr vap; 387 int error; 388 389 if (!mac_bsdextended_enabled) 390 return (0); 391 392 error = VOP_GETATTR(vp, &vap, cred, curthread); 393 if (error) 394 return (error); 395 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 396 } 397 398 static int 399 mac_bsdextended_check_vnode_exec(struct ucred *cred, struct vnode *vp, 400 struct label *label) 401 { 402 struct vattr vap; 403 int error; 404 405 if (!mac_bsdextended_enabled) 406 return (0); 407 408 error = VOP_GETATTR(vp, &vap, cred, curthread); 409 if (error) 410 return (error); 411 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, 412 VREAD|VEXEC)); 413 } 414 415 static int 416 mac_bsdextended_check_vnode_getacl(struct ucred *cred, struct vnode *vp, 417 struct label *label, acl_type_t type) 418 { 419 struct vattr vap; 420 int error; 421 422 if (!mac_bsdextended_enabled) 423 return (0); 424 425 error = VOP_GETATTR(vp, &vap, cred, curthread); 426 if (error) 427 return (error); 428 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VSTAT)); 429 } 430 431 static int 432 mac_bsdextended_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, 433 struct label *label, int attrnamespace, const char *name, struct uio *uio) 434 { 435 struct vattr vap; 436 int error; 437 438 if (!mac_bsdextended_enabled) 439 return (0); 440 441 error = VOP_GETATTR(vp, &vap, cred, curthread); 442 if (error) 443 return (error); 444 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VREAD)); 445 } 446 447 static int 448 mac_bsdextended_check_vnode_link(struct ucred *cred, struct vnode *dvp, 449 struct label *dlabel, struct vnode *vp, struct label *label, 450 struct componentname *cnp) 451 { 452 struct vattr vap; 453 int error; 454 455 if (!mac_bsdextended_enabled) 456 return (0); 457 458 error = VOP_GETATTR(dvp, &vap, cred, curthread); 459 if (error) 460 return (error); 461 error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE); 462 if (error) 463 return (error); 464 465 error = VOP_GETATTR(vp, &vap, cred, curthread); 466 if (error) 467 return (error); 468 error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE); 469 if (error) 470 return (error); 471 return (0); 472 } 473 474 static int 475 mac_bsdextended_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, 476 struct label *dlabel, struct componentname *cnp) 477 { 478 struct vattr vap; 479 int error; 480 481 if (!mac_bsdextended_enabled) 482 return (0); 483 484 error = VOP_GETATTR(dvp, &vap, cred, curthread); 485 if (error) 486 return (error); 487 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VEXEC)); 488 } 489 490 static int 491 mac_bsdextended_check_vnode_open(struct ucred *cred, struct vnode *vp, 492 struct label *filelabel, mode_t acc_mode) 493 { 494 struct vattr vap; 495 int error; 496 497 if (!mac_bsdextended_enabled) 498 return (0); 499 500 error = VOP_GETATTR(vp, &vap, cred, curthread); 501 if (error) 502 return (error); 503 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, acc_mode)); 504 } 505 506 static int 507 mac_bsdextended_check_vnode_readdir(struct ucred *cred, struct vnode *dvp, 508 struct label *dlabel) 509 { 510 struct vattr vap; 511 int error; 512 513 if (!mac_bsdextended_enabled) 514 return (0); 515 516 error = VOP_GETATTR(dvp, &vap, cred, curthread); 517 if (error) 518 return (error); 519 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VREAD)); 520 } 521 522 static int 523 mac_bsdextended_check_vnode_readdlink(struct ucred *cred, struct vnode *vp, 524 struct label *label) 525 { 526 struct vattr vap; 527 int error; 528 529 if (!mac_bsdextended_enabled) 530 return (0); 531 532 error = VOP_GETATTR(vp, &vap, cred, curthread); 533 if (error) 534 return (error); 535 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VREAD)); 536 } 537 538 static int 539 mac_bsdextended_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp, 540 struct label *dlabel, struct vnode *vp, struct label *label, 541 struct componentname *cnp) 542 { 543 struct vattr vap; 544 int error; 545 546 if (!mac_bsdextended_enabled) 547 return (0); 548 549 error = VOP_GETATTR(dvp, &vap, cred, curthread); 550 if (error) 551 return (error); 552 error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE); 553 if (error) 554 return (error); 555 error = VOP_GETATTR(vp, &vap, cred, curthread); 556 if (error) 557 return (error); 558 error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE); 559 560 return (error); 561 } 562 563 static int 564 mac_bsdextended_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp, 565 struct label *dlabel, struct vnode *vp, struct label *label, int samedir, 566 struct componentname *cnp) 567 { 568 struct vattr vap; 569 int error; 570 571 if (!mac_bsdextended_enabled) 572 return (0); 573 574 error = VOP_GETATTR(dvp, &vap, cred, curthread); 575 if (error) 576 return (error); 577 error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE); 578 if (error) 579 return (error); 580 581 if (vp != NULL) { 582 error = VOP_GETATTR(vp, &vap, cred, curthread); 583 if (error) 584 return (error); 585 error = mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, 586 VWRITE); 587 } 588 589 return (error); 590 } 591 592 static int 593 mac_bsdextended_check_vnode_revoke(struct ucred *cred, struct vnode *vp, 594 struct label *label) 595 { 596 struct vattr vap; 597 int error; 598 599 if (!mac_bsdextended_enabled) 600 return (0); 601 602 error = VOP_GETATTR(vp, &vap, cred, curthread); 603 if (error) 604 return (error); 605 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 606 } 607 608 static int 609 mac_bsdextended_check_setacl_vnode(struct ucred *cred, struct vnode *vp, 610 struct label *label, acl_type_t type, struct acl *acl) 611 { 612 struct vattr vap; 613 int error; 614 615 if (!mac_bsdextended_enabled) 616 return (0); 617 618 error = VOP_GETATTR(vp, &vap, cred, curthread); 619 if (error) 620 return (error); 621 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 622 } 623 624 static int 625 mac_bsdextended_check_vnode_setextattr(struct ucred *cred, struct vnode *vp, 626 struct label *label, int attrnamespace, const char *name, struct uio *uio) 627 { 628 struct vattr vap; 629 int error; 630 631 if (!mac_bsdextended_enabled) 632 return (0); 633 634 error = VOP_GETATTR(vp, &vap, cred, curthread); 635 if (error) 636 return (error); 637 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VWRITE)); 638 } 639 640 static int 641 mac_bsdextended_check_vnode_setflags(struct ucred *cred, struct vnode *vp, 642 struct label *label, u_long flags) 643 { 644 struct vattr vap; 645 int error; 646 647 if (!mac_bsdextended_enabled) 648 return (0); 649 650 error = VOP_GETATTR(vp, &vap, cred, curthread); 651 if (error) 652 return (error); 653 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 654 } 655 656 static int 657 mac_bsdextended_check_vnode_setmode(struct ucred *cred, struct vnode *vp, 658 struct label *label, mode_t mode) 659 { 660 struct vattr vap; 661 int error; 662 663 if (!mac_bsdextended_enabled) 664 return (0); 665 666 error = VOP_GETATTR(vp, &vap, cred, curthread); 667 if (error) 668 return (error); 669 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 670 } 671 672 static int 673 mac_bsdextended_check_vnode_setowner(struct ucred *cred, struct vnode *vp, 674 struct label *label, uid_t uid, gid_t gid) 675 { 676 struct vattr vap; 677 int error; 678 679 if (!mac_bsdextended_enabled) 680 return (0); 681 682 error = VOP_GETATTR(vp, &vap, cred, curthread); 683 if (error) 684 return (error); 685 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 686 } 687 688 static int 689 mac_bsdextended_check_vnode_setutimes(struct ucred *cred, struct vnode *vp, 690 struct label *label, struct timespec atime, struct timespec utime) 691 { 692 struct vattr vap; 693 int error; 694 695 if (!mac_bsdextended_enabled) 696 return (0); 697 698 error = VOP_GETATTR(vp, &vap, cred, curthread); 699 if (error) 700 return (error); 701 return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VADMIN)); 702 } 703 704 static int 705 mac_bsdextended_check_vnode_stat(struct ucred *active_cred, 706 struct ucred *file_cred, struct vnode *vp, struct label *label) 707 { 708 struct vattr vap; 709 int error; 710 711 if (!mac_bsdextended_enabled) 712 return (0); 713 714 error = VOP_GETATTR(vp, &vap, active_cred, curthread); 715 if (error) 716 return (error); 717 return (mac_bsdextended_check(active_cred, vap.va_uid, vap.va_gid, 718 VSTAT)); 719 } 720 721 static struct mac_policy_op_entry mac_bsdextended_ops[] = 722 { 723 { MAC_DESTROY, 724 (macop_t)mac_bsdextended_destroy }, 725 { MAC_INIT, 726 (macop_t)mac_bsdextended_init }, 727 { MAC_CHECK_VNODE_ACCESS, 728 (macop_t)mac_bsdextended_check_vnode_access }, 729 { MAC_CHECK_VNODE_CHDIR, 730 (macop_t)mac_bsdextended_check_vnode_chdir }, 731 { MAC_CHECK_VNODE_CHROOT, 732 (macop_t)mac_bsdextended_check_vnode_chroot }, 733 { MAC_CHECK_VNODE_CREATE, 734 (macop_t)mac_bsdextended_check_create_vnode }, 735 { MAC_CHECK_VNODE_DELETE, 736 (macop_t)mac_bsdextended_check_vnode_delete }, 737 { MAC_CHECK_VNODE_DELETEACL, 738 (macop_t)mac_bsdextended_check_vnode_deleteacl }, 739 { MAC_CHECK_VNODE_EXEC, 740 (macop_t)mac_bsdextended_check_vnode_exec }, 741 { MAC_CHECK_VNODE_GETACL, 742 (macop_t)mac_bsdextended_check_vnode_getacl }, 743 { MAC_CHECK_VNODE_GETEXTATTR, 744 (macop_t)mac_bsdextended_check_vnode_getextattr }, 745 { MAC_CHECK_VNODE_LINK, 746 (macop_t)mac_bsdextended_check_vnode_link }, 747 { MAC_CHECK_VNODE_LOOKUP, 748 (macop_t)mac_bsdextended_check_vnode_lookup }, 749 { MAC_CHECK_VNODE_OPEN, 750 (macop_t)mac_bsdextended_check_vnode_open }, 751 { MAC_CHECK_VNODE_READDIR, 752 (macop_t)mac_bsdextended_check_vnode_readdir }, 753 { MAC_CHECK_VNODE_READLINK, 754 (macop_t)mac_bsdextended_check_vnode_readdlink }, 755 { MAC_CHECK_VNODE_RENAME_FROM, 756 (macop_t)mac_bsdextended_check_vnode_rename_from }, 757 { MAC_CHECK_VNODE_RENAME_TO, 758 (macop_t)mac_bsdextended_check_vnode_rename_to }, 759 { MAC_CHECK_VNODE_REVOKE, 760 (macop_t)mac_bsdextended_check_vnode_revoke }, 761 { MAC_CHECK_VNODE_SETACL, 762 (macop_t)mac_bsdextended_check_setacl_vnode }, 763 { MAC_CHECK_VNODE_SETEXTATTR, 764 (macop_t)mac_bsdextended_check_vnode_setextattr }, 765 { MAC_CHECK_VNODE_SETFLAGS, 766 (macop_t)mac_bsdextended_check_vnode_setflags }, 767 { MAC_CHECK_VNODE_SETMODE, 768 (macop_t)mac_bsdextended_check_vnode_setmode }, 769 { MAC_CHECK_VNODE_SETOWNER, 770 (macop_t)mac_bsdextended_check_vnode_setowner }, 771 { MAC_CHECK_VNODE_SETUTIMES, 772 (macop_t)mac_bsdextended_check_vnode_setutimes }, 773 { MAC_CHECK_VNODE_STAT, 774 (macop_t)mac_bsdextended_check_vnode_stat }, 775 { MAC_OP_LAST, NULL } 776 }; 777 778 MAC_POLICY_SET(mac_bsdextended_ops, trustedbsd_mac_bsdextended, 779 "TrustedBSD MAC/BSD Extended", MPC_LOADTIME_FLAG_UNLOADOK, NULL); 780