1d8a7b7a3SRobert Watson /*- 2f6a41092SRobert Watson * Copyright (c) 1999-2002 Robert N. M. Watson 3ba53d9c9SRobert Watson * Copyright (c) 2001-2005 McAfee, Inc. 46758f88eSRobert Watson * Copyright (c) 2005 SPARTA, Inc. 5d8a7b7a3SRobert Watson * All rights reserved. 6d8a7b7a3SRobert Watson * 7d8a7b7a3SRobert Watson * This software was developed by Robert Watson for the TrustedBSD Project. 8d8a7b7a3SRobert Watson * 9ba53d9c9SRobert Watson * This software was developed for the FreeBSD Project in part by McAfee 10ba53d9c9SRobert Watson * Research, the Security Research Division of McAfee, Inc. under 11ba53d9c9SRobert Watson * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA 12ba53d9c9SRobert Watson * CHATS research program. 13d8a7b7a3SRobert Watson * 146758f88eSRobert Watson * This software was enhanced by SPARTA ISSO under SPAWAR contract 156758f88eSRobert Watson * N66001-04-C-6019 ("SEFOS"). 166758f88eSRobert Watson * 17d8a7b7a3SRobert Watson * Redistribution and use in source and binary forms, with or without 18d8a7b7a3SRobert Watson * modification, are permitted provided that the following conditions 19d8a7b7a3SRobert Watson * are met: 20d8a7b7a3SRobert Watson * 1. Redistributions of source code must retain the above copyright 21d8a7b7a3SRobert Watson * notice, this list of conditions and the following disclaimer. 22d8a7b7a3SRobert Watson * 2. Redistributions in binary form must reproduce the above copyright 23d8a7b7a3SRobert Watson * notice, this list of conditions and the following disclaimer in the 24d8a7b7a3SRobert Watson * documentation and/or other materials provided with the distribution. 25d8a7b7a3SRobert Watson * 26d8a7b7a3SRobert Watson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 27d8a7b7a3SRobert Watson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28d8a7b7a3SRobert Watson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29d8a7b7a3SRobert Watson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 30d8a7b7a3SRobert Watson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31d8a7b7a3SRobert Watson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32d8a7b7a3SRobert Watson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33d8a7b7a3SRobert Watson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34d8a7b7a3SRobert Watson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35d8a7b7a3SRobert Watson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36d8a7b7a3SRobert Watson * SUCH DAMAGE. 37d8a7b7a3SRobert Watson * 38d8a7b7a3SRobert Watson * $FreeBSD$ 39d8a7b7a3SRobert Watson */ 40d8a7b7a3SRobert Watson 41d8a7b7a3SRobert Watson /* 42d8a7b7a3SRobert Watson * Developed by the TrustedBSD Project. 431c3f91cdSRobert Watson * 441c3f91cdSRobert Watson * Stub module that implements a NOOP for most (if not all) MAC Framework 451c3f91cdSRobert Watson * policy entry points. 46d8a7b7a3SRobert Watson */ 47d8a7b7a3SRobert Watson 48d8a7b7a3SRobert Watson #include <sys/types.h> 49d8a7b7a3SRobert Watson #include <sys/param.h> 50d8a7b7a3SRobert Watson #include <sys/acl.h> 51d8a7b7a3SRobert Watson #include <sys/conf.h> 52763bbd2fSRobert Watson #include <sys/extattr.h> 53d8a7b7a3SRobert Watson #include <sys/kernel.h> 546aeb05d7STom Rhodes #include <sys/ksem.h> 55d8a7b7a3SRobert Watson #include <sys/mac.h> 56d8a7b7a3SRobert Watson #include <sys/mount.h> 57d8a7b7a3SRobert Watson #include <sys/proc.h> 58d8a7b7a3SRobert Watson #include <sys/systm.h> 59d8a7b7a3SRobert Watson #include <sys/sysproto.h> 60d8a7b7a3SRobert Watson #include <sys/sysent.h> 61d8a7b7a3SRobert Watson #include <sys/vnode.h> 62d8a7b7a3SRobert Watson #include <sys/file.h> 63d8a7b7a3SRobert Watson #include <sys/socket.h> 64d8a7b7a3SRobert Watson #include <sys/socketvar.h> 65d8a7b7a3SRobert Watson #include <sys/pipe.h> 6636422989SPoul-Henning Kamp #include <sys/sx.h> 67d8a7b7a3SRobert Watson #include <sys/sysctl.h> 68ba53d9c9SRobert Watson #include <sys/msg.h> 69ba53d9c9SRobert Watson #include <sys/sem.h> 70ba53d9c9SRobert Watson #include <sys/shm.h> 71d8a7b7a3SRobert Watson 72d8a7b7a3SRobert Watson #include <fs/devfs/devfs.h> 73d8a7b7a3SRobert Watson 74d8a7b7a3SRobert Watson #include <net/bpfdesc.h> 75d8a7b7a3SRobert Watson #include <net/if.h> 76d8a7b7a3SRobert Watson #include <net/if_types.h> 77d8a7b7a3SRobert Watson #include <net/if_var.h> 78d8a7b7a3SRobert Watson 79d8a7b7a3SRobert Watson #include <netinet/in.h> 80a557af22SRobert Watson #include <netinet/in_pcb.h> 81d8a7b7a3SRobert Watson #include <netinet/ip_var.h> 82d8a7b7a3SRobert Watson 83d8a7b7a3SRobert Watson #include <vm/vm.h> 84d8a7b7a3SRobert Watson 850efd6615SRobert Watson #include <security/mac/mac_policy.h> 86d8a7b7a3SRobert Watson 87d8a7b7a3SRobert Watson SYSCTL_DECL(_security_mac); 88d8a7b7a3SRobert Watson 891c3f91cdSRobert Watson SYSCTL_NODE(_security_mac, OID_AUTO, stub, CTLFLAG_RW, 0, 901c3f91cdSRobert Watson "TrustedBSD mac_stub policy controls"); 91d8a7b7a3SRobert Watson 921c3f91cdSRobert Watson static int stub_enabled = 1; 931c3f91cdSRobert Watson SYSCTL_INT(_security_mac_stub, OID_AUTO, enabled, CTLFLAG_RW, 941c3f91cdSRobert Watson &stub_enabled, 0, "Enforce mac_stub policy"); 95d8a7b7a3SRobert Watson 96d8a7b7a3SRobert Watson /* 97d8a7b7a3SRobert Watson * Policy module operations. 98d8a7b7a3SRobert Watson */ 99d8a7b7a3SRobert Watson static void 1001c3f91cdSRobert Watson stub_destroy(struct mac_policy_conf *conf) 101d8a7b7a3SRobert Watson { 102d8a7b7a3SRobert Watson 103d8a7b7a3SRobert Watson } 104d8a7b7a3SRobert Watson 105d8a7b7a3SRobert Watson static void 1061c3f91cdSRobert Watson stub_init(struct mac_policy_conf *conf) 107d8a7b7a3SRobert Watson { 108d8a7b7a3SRobert Watson 109d8a7b7a3SRobert Watson } 110d8a7b7a3SRobert Watson 1118a97ecf6SRobert Watson static int 1121c3f91cdSRobert Watson stub_syscall(struct thread *td, int call, void *arg) 1138a97ecf6SRobert Watson { 1148a97ecf6SRobert Watson 1158a97ecf6SRobert Watson return (0); 1168a97ecf6SRobert Watson } 1178a97ecf6SRobert Watson 118d8a7b7a3SRobert Watson /* 119d8a7b7a3SRobert Watson * Label operations. 120d8a7b7a3SRobert Watson */ 121d8a7b7a3SRobert Watson static void 1221c3f91cdSRobert Watson stub_init_label(struct label *label) 123d8a7b7a3SRobert Watson { 124d8a7b7a3SRobert Watson 125d8a7b7a3SRobert Watson } 126d8a7b7a3SRobert Watson 127d8a7b7a3SRobert Watson static int 1281c3f91cdSRobert Watson stub_init_label_waitcheck(struct label *label, int flag) 129d8a7b7a3SRobert Watson { 130d8a7b7a3SRobert Watson 131d8a7b7a3SRobert Watson return (0); 132d8a7b7a3SRobert Watson } 133d8a7b7a3SRobert Watson 134d8a7b7a3SRobert Watson static void 1351c3f91cdSRobert Watson stub_destroy_label(struct label *label) 136d8a7b7a3SRobert Watson { 137d8a7b7a3SRobert Watson 138d8a7b7a3SRobert Watson } 139d8a7b7a3SRobert Watson 1400196273bSRobert Watson static void 1410196273bSRobert Watson stub_copy_label(struct label *src, struct label *dest) 1420196273bSRobert Watson { 1430196273bSRobert Watson 1440196273bSRobert Watson } 1450196273bSRobert Watson 146d8a7b7a3SRobert Watson static int 1471c3f91cdSRobert Watson stub_externalize_label(struct label *label, char *element_name, 148f51e5803SRobert Watson struct sbuf *sb, int *claimed) 149d8a7b7a3SRobert Watson { 150d8a7b7a3SRobert Watson 151d8a7b7a3SRobert Watson return (0); 152d8a7b7a3SRobert Watson } 153d8a7b7a3SRobert Watson 154d8a7b7a3SRobert Watson static int 1551c3f91cdSRobert Watson stub_internalize_label(struct label *label, char *element_name, 15624e8d0d0SRobert Watson char *element_data, int *claimed) 157d8a7b7a3SRobert Watson { 158d8a7b7a3SRobert Watson 159d8a7b7a3SRobert Watson return (0); 160d8a7b7a3SRobert Watson } 161d8a7b7a3SRobert Watson 162d8a7b7a3SRobert Watson /* 163d8a7b7a3SRobert Watson * Labeling event operations: file system objects, and things that look 164d8a7b7a3SRobert Watson * a lot like file system objects. 165d8a7b7a3SRobert Watson */ 166d8a7b7a3SRobert Watson static void 1671c3f91cdSRobert Watson stub_associate_vnode_devfs(struct mount *mp, struct label *fslabel, 168763bbd2fSRobert Watson struct devfs_dirent *de, struct label *delabel, struct vnode *vp, 169763bbd2fSRobert Watson struct label *vlabel) 170763bbd2fSRobert Watson { 171763bbd2fSRobert Watson 172763bbd2fSRobert Watson } 173763bbd2fSRobert Watson 174763bbd2fSRobert Watson static int 1751c3f91cdSRobert Watson stub_associate_vnode_extattr(struct mount *mp, struct label *fslabel, 176763bbd2fSRobert Watson struct vnode *vp, struct label *vlabel) 177763bbd2fSRobert Watson { 178763bbd2fSRobert Watson 179763bbd2fSRobert Watson return (0); 180763bbd2fSRobert Watson } 181763bbd2fSRobert Watson 182763bbd2fSRobert Watson static void 1831c3f91cdSRobert Watson stub_associate_vnode_singlelabel(struct mount *mp, 184763bbd2fSRobert Watson struct label *fslabel, struct vnode *vp, struct label *vlabel) 185763bbd2fSRobert Watson { 186763bbd2fSRobert Watson 187763bbd2fSRobert Watson } 188763bbd2fSRobert Watson 189763bbd2fSRobert Watson static void 19017870c06SChristian S.J. Peron stub_associate_nfsd_label(struct ucred *cred) 19117870c06SChristian S.J. Peron { 19217870c06SChristian S.J. Peron 19317870c06SChristian S.J. Peron } 19417870c06SChristian S.J. Peron 19517870c06SChristian S.J. Peron static void 196d26dd2d9SRobert Watson stub_create_devfs_device(struct ucred *cred, struct mount *mp, 197d26dd2d9SRobert Watson struct cdev *dev, struct devfs_dirent *devfs_dirent, struct label *label) 198eea8ea31SRobert Watson { 199eea8ea31SRobert Watson 200eea8ea31SRobert Watson } 201eea8ea31SRobert Watson 202eea8ea31SRobert Watson static void 2031c3f91cdSRobert Watson stub_create_devfs_directory(struct mount *mp, char *dirname, 204990b4b2dSRobert Watson int dirnamelen, struct devfs_dirent *devfs_dirent, struct label *label) 205990b4b2dSRobert Watson { 206990b4b2dSRobert Watson 207990b4b2dSRobert Watson } 208990b4b2dSRobert Watson 209990b4b2dSRobert Watson static void 2101c3f91cdSRobert Watson stub_create_devfs_symlink(struct ucred *cred, struct mount *mp, 211990b4b2dSRobert Watson struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de, 212990b4b2dSRobert Watson struct label *delabel) 213d8a7b7a3SRobert Watson { 214d8a7b7a3SRobert Watson 215d8a7b7a3SRobert Watson } 216d8a7b7a3SRobert Watson 217763bbd2fSRobert Watson static int 2181c3f91cdSRobert Watson stub_create_vnode_extattr(struct ucred *cred, struct mount *mp, 219763bbd2fSRobert Watson struct label *fslabel, struct vnode *dvp, struct label *dlabel, 220763bbd2fSRobert Watson struct vnode *vp, struct label *vlabel, struct componentname *cnp) 221d8a7b7a3SRobert Watson { 222d8a7b7a3SRobert Watson 223763bbd2fSRobert Watson return (0); 224d8a7b7a3SRobert Watson } 225d8a7b7a3SRobert Watson 226d8a7b7a3SRobert Watson static void 2271c3f91cdSRobert Watson stub_create_mount(struct ucred *cred, struct mount *mp, 228d8a7b7a3SRobert Watson struct label *mntlabel, struct label *fslabel) 229d8a7b7a3SRobert Watson { 230d8a7b7a3SRobert Watson 231d8a7b7a3SRobert Watson } 232d8a7b7a3SRobert Watson 233d8a7b7a3SRobert Watson static void 2341c3f91cdSRobert Watson stub_relabel_vnode(struct ucred *cred, struct vnode *vp, 235d8a7b7a3SRobert Watson struct label *vnodelabel, struct label *label) 236d8a7b7a3SRobert Watson { 237d8a7b7a3SRobert Watson 238d8a7b7a3SRobert Watson } 239d8a7b7a3SRobert Watson 240d8a7b7a3SRobert Watson static int 2411c3f91cdSRobert Watson stub_setlabel_vnode_extattr(struct ucred *cred, struct vnode *vp, 242763bbd2fSRobert Watson struct label *vlabel, struct label *intlabel) 243d8a7b7a3SRobert Watson { 244d8a7b7a3SRobert Watson 245d8a7b7a3SRobert Watson return (0); 246d8a7b7a3SRobert Watson } 247d8a7b7a3SRobert Watson 248d8a7b7a3SRobert Watson static void 2491c3f91cdSRobert Watson stub_update_devfsdirent(struct mount *mp, 250990b4b2dSRobert Watson struct devfs_dirent *devfs_dirent, struct label *direntlabel, 251990b4b2dSRobert Watson struct vnode *vp, struct label *vnodelabel) 252d8a7b7a3SRobert Watson { 253d8a7b7a3SRobert Watson 254d8a7b7a3SRobert Watson } 255d8a7b7a3SRobert Watson 256d8a7b7a3SRobert Watson /* 257d8a7b7a3SRobert Watson * Labeling event operations: IPC object. 258d8a7b7a3SRobert Watson */ 259d8a7b7a3SRobert Watson static void 2601c3f91cdSRobert Watson stub_create_mbuf_from_socket(struct socket *so, struct label *socketlabel, 261d8a7b7a3SRobert Watson struct mbuf *m, struct label *mbuflabel) 262d8a7b7a3SRobert Watson { 263d8a7b7a3SRobert Watson 264d8a7b7a3SRobert Watson } 265d8a7b7a3SRobert Watson 266d8a7b7a3SRobert Watson static void 2671c3f91cdSRobert Watson stub_create_socket(struct ucred *cred, struct socket *socket, 268d8a7b7a3SRobert Watson struct label *socketlabel) 269d8a7b7a3SRobert Watson { 270d8a7b7a3SRobert Watson 271d8a7b7a3SRobert Watson } 272d8a7b7a3SRobert Watson 273d8a7b7a3SRobert Watson static void 27491c2dc94SRobert Watson stub_create_pipe(struct ucred *cred, struct pipepair *pp, 275d8a7b7a3SRobert Watson struct label *pipelabel) 276d8a7b7a3SRobert Watson { 277d8a7b7a3SRobert Watson 278d8a7b7a3SRobert Watson } 279d8a7b7a3SRobert Watson 280d8a7b7a3SRobert Watson static void 28152648411SRobert Watson stub_create_posix_sem(struct ucred *cred, struct ksem *ksemptr, 28252648411SRobert Watson struct label *ks_label) 28352648411SRobert Watson { 28452648411SRobert Watson 28552648411SRobert Watson } 28652648411SRobert Watson 28752648411SRobert Watson static void 2881c3f91cdSRobert Watson stub_create_socket_from_socket(struct socket *oldsocket, 289d8a7b7a3SRobert Watson struct label *oldsocketlabel, struct socket *newsocket, 290d8a7b7a3SRobert Watson struct label *newsocketlabel) 291d8a7b7a3SRobert Watson { 292d8a7b7a3SRobert Watson 293d8a7b7a3SRobert Watson } 294d8a7b7a3SRobert Watson 295d8a7b7a3SRobert Watson static void 2961c3f91cdSRobert Watson stub_relabel_socket(struct ucred *cred, struct socket *socket, 297d8a7b7a3SRobert Watson struct label *socketlabel, struct label *newlabel) 298d8a7b7a3SRobert Watson { 299d8a7b7a3SRobert Watson 300d8a7b7a3SRobert Watson } 301d8a7b7a3SRobert Watson 302d8a7b7a3SRobert Watson static void 30391c2dc94SRobert Watson stub_relabel_pipe(struct ucred *cred, struct pipepair *pp, 304d8a7b7a3SRobert Watson struct label *pipelabel, struct label *newlabel) 305d8a7b7a3SRobert Watson { 306d8a7b7a3SRobert Watson 307d8a7b7a3SRobert Watson } 308d8a7b7a3SRobert Watson 309d8a7b7a3SRobert Watson static void 3101c3f91cdSRobert Watson stub_set_socket_peer_from_mbuf(struct mbuf *mbuf, struct label *mbuflabel, 311d8a7b7a3SRobert Watson struct socket *socket, struct label *socketpeerlabel) 312d8a7b7a3SRobert Watson { 313d8a7b7a3SRobert Watson 314d8a7b7a3SRobert Watson } 315d8a7b7a3SRobert Watson 316d8a7b7a3SRobert Watson static void 3171c3f91cdSRobert Watson stub_set_socket_peer_from_socket(struct socket *oldsocket, 318d8a7b7a3SRobert Watson struct label *oldsocketlabel, struct socket *newsocket, 319d8a7b7a3SRobert Watson struct label *newsocketpeerlabel) 320d8a7b7a3SRobert Watson { 321d8a7b7a3SRobert Watson 322d8a7b7a3SRobert Watson } 323d8a7b7a3SRobert Watson 324d8a7b7a3SRobert Watson /* 325d8a7b7a3SRobert Watson * Labeling event operations: network objects. 326d8a7b7a3SRobert Watson */ 327d8a7b7a3SRobert Watson static void 3281c3f91cdSRobert Watson stub_create_bpfdesc(struct ucred *cred, struct bpf_d *bpf_d, 329d8a7b7a3SRobert Watson struct label *bpflabel) 330d8a7b7a3SRobert Watson { 331d8a7b7a3SRobert Watson 332d8a7b7a3SRobert Watson } 333d8a7b7a3SRobert Watson 334d8a7b7a3SRobert Watson static void 3351c3f91cdSRobert Watson stub_create_datagram_from_ipq(struct ipq *ipq, struct label *ipqlabel, 336d8a7b7a3SRobert Watson struct mbuf *datagram, struct label *datagramlabel) 337d8a7b7a3SRobert Watson { 338d8a7b7a3SRobert Watson 339d8a7b7a3SRobert Watson } 340d8a7b7a3SRobert Watson 341d8a7b7a3SRobert Watson static void 3421c3f91cdSRobert Watson stub_create_fragment(struct mbuf *datagram, struct label *datagramlabel, 343d8a7b7a3SRobert Watson struct mbuf *fragment, struct label *fragmentlabel) 344d8a7b7a3SRobert Watson { 345d8a7b7a3SRobert Watson 346d8a7b7a3SRobert Watson } 347d8a7b7a3SRobert Watson 348d8a7b7a3SRobert Watson static void 3491c3f91cdSRobert Watson stub_create_ifnet(struct ifnet *ifnet, struct label *ifnetlabel) 350d8a7b7a3SRobert Watson { 351d8a7b7a3SRobert Watson 352d8a7b7a3SRobert Watson } 353d8a7b7a3SRobert Watson 354d8a7b7a3SRobert Watson static void 355a557af22SRobert Watson stub_create_inpcb_from_socket(struct socket *so, struct label *solabel, 356a557af22SRobert Watson struct inpcb *inp, struct label *inplabel) 357a557af22SRobert Watson { 358a557af22SRobert Watson 359a557af22SRobert Watson } 360a557af22SRobert Watson 361a557af22SRobert Watson static void 36217870c06SChristian S.J. Peron stub_init_syncache_from_inpcb(struct label *label, struct inpcb *inp) 36317870c06SChristian S.J. Peron { 36417870c06SChristian S.J. Peron 36517870c06SChristian S.J. Peron } 36617870c06SChristian S.J. Peron 36717870c06SChristian S.J. Peron static void 368ba53d9c9SRobert Watson stub_create_sysv_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr, 369ba53d9c9SRobert Watson struct label *msqlabel, struct msg *msgptr, struct label *msglabel) 370ba53d9c9SRobert Watson { 371ba53d9c9SRobert Watson 372ba53d9c9SRobert Watson } 373ba53d9c9SRobert Watson 374ba53d9c9SRobert Watson static void 375ba53d9c9SRobert Watson stub_create_sysv_msgqueue(struct ucred *cred, struct msqid_kernel *msqkptr, 376ba53d9c9SRobert Watson struct label *msqlabel) 377ba53d9c9SRobert Watson { 378ba53d9c9SRobert Watson 379ba53d9c9SRobert Watson } 380ba53d9c9SRobert Watson 381ba53d9c9SRobert Watson static void 3823831e7d7SRobert Watson stub_create_sysv_sem(struct ucred *cred, struct semid_kernel *semakptr, 383ba53d9c9SRobert Watson struct label *semalabel) 384ba53d9c9SRobert Watson { 385ba53d9c9SRobert Watson 386ba53d9c9SRobert Watson } 387ba53d9c9SRobert Watson 388ba53d9c9SRobert Watson static void 389ba53d9c9SRobert Watson stub_create_sysv_shm(struct ucred *cred, struct shmid_kernel *shmsegptr, 390ba53d9c9SRobert Watson struct label *shmalabel) 391ba53d9c9SRobert Watson { 392ba53d9c9SRobert Watson 393ba53d9c9SRobert Watson } 394ba53d9c9SRobert Watson 395ba53d9c9SRobert Watson static void 3961c3f91cdSRobert Watson stub_create_ipq(struct mbuf *fragment, struct label *fragmentlabel, 397d8a7b7a3SRobert Watson struct ipq *ipq, struct label *ipqlabel) 398d8a7b7a3SRobert Watson { 399d8a7b7a3SRobert Watson 400d8a7b7a3SRobert Watson } 401d8a7b7a3SRobert Watson 402d8a7b7a3SRobert Watson static void 4032d92ec98SRobert Watson stub_create_mbuf_from_inpcb(struct inpcb *inp, struct label *inplabel, 4042d92ec98SRobert Watson struct mbuf *m, struct label *mlabel) 4052d92ec98SRobert Watson { 4062d92ec98SRobert Watson 4072d92ec98SRobert Watson } 4082d92ec98SRobert Watson 4092d92ec98SRobert Watson static void 41017870c06SChristian S.J. Peron stub_create_mbuf_from_syncache(struct label *sc_label, struct mbuf *m, 41117870c06SChristian S.J. Peron 41217870c06SChristian S.J. Peron struct label *mbuf_label) 41317870c06SChristian S.J. Peron { 41417870c06SChristian S.J. Peron 41517870c06SChristian S.J. Peron } 41617870c06SChristian S.J. Peron 41717870c06SChristian S.J. Peron static void 4181c3f91cdSRobert Watson stub_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel, 419d8a7b7a3SRobert Watson struct mbuf *mbuf, struct label *mbuflabel) 420d8a7b7a3SRobert Watson { 421d8a7b7a3SRobert Watson 422d8a7b7a3SRobert Watson } 423d8a7b7a3SRobert Watson 424d8a7b7a3SRobert Watson static void 4251c3f91cdSRobert Watson stub_create_mbuf_from_bpfdesc(struct bpf_d *bpf_d, struct label *bpflabel, 426d8a7b7a3SRobert Watson struct mbuf *mbuf, struct label *mbuflabel) 427d8a7b7a3SRobert Watson { 428d8a7b7a3SRobert Watson 429d8a7b7a3SRobert Watson } 430d8a7b7a3SRobert Watson 431d8a7b7a3SRobert Watson static void 4321c3f91cdSRobert Watson stub_create_mbuf_from_ifnet(struct ifnet *ifnet, struct label *ifnetlabel, 433d8a7b7a3SRobert Watson struct mbuf *m, struct label *mbuflabel) 434d8a7b7a3SRobert Watson { 435d8a7b7a3SRobert Watson 436d8a7b7a3SRobert Watson } 437d8a7b7a3SRobert Watson 438d8a7b7a3SRobert Watson static void 4391c3f91cdSRobert Watson stub_create_mbuf_multicast_encap(struct mbuf *oldmbuf, 440d8a7b7a3SRobert Watson struct label *oldmbuflabel, struct ifnet *ifnet, struct label *ifnetlabel, 441d8a7b7a3SRobert Watson struct mbuf *newmbuf, struct label *newmbuflabel) 442d8a7b7a3SRobert Watson { 443d8a7b7a3SRobert Watson 444d8a7b7a3SRobert Watson } 445d8a7b7a3SRobert Watson 446d8a7b7a3SRobert Watson static void 4471c3f91cdSRobert Watson stub_create_mbuf_netlayer(struct mbuf *oldmbuf, 448d8a7b7a3SRobert Watson struct label *oldmbuflabel, struct mbuf *newmbuf, struct label *newmbuflabel) 449d8a7b7a3SRobert Watson { 450d8a7b7a3SRobert Watson 451d8a7b7a3SRobert Watson } 452d8a7b7a3SRobert Watson 45317870c06SChristian S.J. Peron static void 45417870c06SChristian S.J. Peron stub_create_mbuf_from_firewall(struct mbuf *m, struct label *label) 45517870c06SChristian S.J. Peron { 45617870c06SChristian S.J. Peron 45717870c06SChristian S.J. Peron } 45817870c06SChristian S.J. Peron 459d8a7b7a3SRobert Watson static int 4601c3f91cdSRobert Watson stub_fragment_match(struct mbuf *fragment, struct label *fragmentlabel, 461d8a7b7a3SRobert Watson struct ipq *ipq, struct label *ipqlabel) 462d8a7b7a3SRobert Watson { 463d8a7b7a3SRobert Watson 464d8a7b7a3SRobert Watson return (1); 465d8a7b7a3SRobert Watson } 466d8a7b7a3SRobert Watson 467d8a7b7a3SRobert Watson static void 46864f00af8SRobert Watson stub_reflect_mbuf_icmp(struct mbuf *m, struct label *mlabel) 46964f00af8SRobert Watson { 47064f00af8SRobert Watson 47164f00af8SRobert Watson } 47264f00af8SRobert Watson 47364f00af8SRobert Watson static void 47464f00af8SRobert Watson stub_reflect_mbuf_tcp(struct mbuf *m, struct label *mlabel) 47564f00af8SRobert Watson { 47664f00af8SRobert Watson 47764f00af8SRobert Watson } 47864f00af8SRobert Watson 47964f00af8SRobert Watson static void 4801c3f91cdSRobert Watson stub_relabel_ifnet(struct ucred *cred, struct ifnet *ifnet, 481d8a7b7a3SRobert Watson struct label *ifnetlabel, struct label *newlabel) 482d8a7b7a3SRobert Watson { 483d8a7b7a3SRobert Watson 484d8a7b7a3SRobert Watson } 485d8a7b7a3SRobert Watson 486d8a7b7a3SRobert Watson static void 4871c3f91cdSRobert Watson stub_update_ipq(struct mbuf *fragment, struct label *fragmentlabel, 488d8a7b7a3SRobert Watson struct ipq *ipq, struct label *ipqlabel) 489d8a7b7a3SRobert Watson { 490d8a7b7a3SRobert Watson 491d8a7b7a3SRobert Watson } 492d8a7b7a3SRobert Watson 493a557af22SRobert Watson static void 494a557af22SRobert Watson stub_inpcb_sosetlabel(struct socket *so, struct label *solabel, 495a557af22SRobert Watson struct inpcb *inp, struct label *inplabel) 496a557af22SRobert Watson { 497a557af22SRobert Watson 498a557af22SRobert Watson } 499a557af22SRobert Watson 500d8a7b7a3SRobert Watson /* 501d8a7b7a3SRobert Watson * Labeling event operations: processes. 502d8a7b7a3SRobert Watson */ 503d8a7b7a3SRobert Watson static void 5041c3f91cdSRobert Watson stub_execve_transition(struct ucred *old, struct ucred *new, 505939b97cbSRobert Watson struct vnode *vp, struct label *vnodelabel, 506ef5def59SRobert Watson struct label *interpvnodelabel, struct image_params *imgp, 507ef5def59SRobert Watson struct label *execlabel) 508d8a7b7a3SRobert Watson { 509d8a7b7a3SRobert Watson 510d8a7b7a3SRobert Watson } 511d8a7b7a3SRobert Watson 512d8a7b7a3SRobert Watson static int 5131c3f91cdSRobert Watson stub_execve_will_transition(struct ucred *old, struct vnode *vp, 514939b97cbSRobert Watson struct label *vnodelabel, struct label *interpvnodelabel, 515ef5def59SRobert Watson struct image_params *imgp, struct label *execlabel) 516d8a7b7a3SRobert Watson { 517d8a7b7a3SRobert Watson 518d8a7b7a3SRobert Watson return (0); 519d8a7b7a3SRobert Watson } 520d8a7b7a3SRobert Watson 521d8a7b7a3SRobert Watson static void 5221c3f91cdSRobert Watson stub_create_proc0(struct ucred *cred) 523d8a7b7a3SRobert Watson { 524d8a7b7a3SRobert Watson 525d8a7b7a3SRobert Watson } 526d8a7b7a3SRobert Watson 527d8a7b7a3SRobert Watson static void 5281c3f91cdSRobert Watson stub_create_proc1(struct ucred *cred) 529d8a7b7a3SRobert Watson { 530d8a7b7a3SRobert Watson 531d8a7b7a3SRobert Watson } 532d8a7b7a3SRobert Watson 533d8a7b7a3SRobert Watson static void 5341c3f91cdSRobert Watson stub_relabel_cred(struct ucred *cred, struct label *newlabel) 535d8a7b7a3SRobert Watson { 536d8a7b7a3SRobert Watson 537d8a7b7a3SRobert Watson } 538d8a7b7a3SRobert Watson 53909de2dc2SRobert Watson static void 5401c3f91cdSRobert Watson stub_thread_userret(struct thread *td) 54109de2dc2SRobert Watson { 54209de2dc2SRobert Watson 54309de2dc2SRobert Watson } 54409de2dc2SRobert Watson 545d8a7b7a3SRobert Watson /* 546ba53d9c9SRobert Watson * Label cleanup/flush operations 547ba53d9c9SRobert Watson */ 548ba53d9c9SRobert Watson static void 549ba53d9c9SRobert Watson stub_cleanup_sysv_msgmsg(struct label *msglabel) 550ba53d9c9SRobert Watson { 551ba53d9c9SRobert Watson 552ba53d9c9SRobert Watson } 553ba53d9c9SRobert Watson 554ba53d9c9SRobert Watson static void 555ba53d9c9SRobert Watson stub_cleanup_sysv_msgqueue(struct label *msqlabel) 556ba53d9c9SRobert Watson { 557ba53d9c9SRobert Watson 558ba53d9c9SRobert Watson } 559ba53d9c9SRobert Watson 560ba53d9c9SRobert Watson static void 5613831e7d7SRobert Watson stub_cleanup_sysv_sem(struct label *semalabel) 562ba53d9c9SRobert Watson { 563ba53d9c9SRobert Watson 564ba53d9c9SRobert Watson } 565ba53d9c9SRobert Watson 566ba53d9c9SRobert Watson static void 567ba53d9c9SRobert Watson stub_cleanup_sysv_shm(struct label *shmlabel) 568ba53d9c9SRobert Watson { 569ba53d9c9SRobert Watson 570ba53d9c9SRobert Watson } 571ba53d9c9SRobert Watson 572ba53d9c9SRobert Watson /* 573d8a7b7a3SRobert Watson * Access control checks. 574d8a7b7a3SRobert Watson */ 575d8a7b7a3SRobert Watson static int 5761c3f91cdSRobert Watson stub_check_bpfdesc_receive(struct bpf_d *bpf_d, struct label *bpflabel, 577d8a7b7a3SRobert Watson struct ifnet *ifnet, struct label *ifnet_label) 578d8a7b7a3SRobert Watson { 579d8a7b7a3SRobert Watson 580d8a7b7a3SRobert Watson return (0); 581d8a7b7a3SRobert Watson } 582d8a7b7a3SRobert Watson 583d8a7b7a3SRobert Watson static int 5841c3f91cdSRobert Watson stub_check_cred_relabel(struct ucred *cred, struct label *newlabel) 585d8a7b7a3SRobert Watson { 586d8a7b7a3SRobert Watson 587d8a7b7a3SRobert Watson return (0); 588d8a7b7a3SRobert Watson } 589d8a7b7a3SRobert Watson 590d8a7b7a3SRobert Watson static int 5911c3f91cdSRobert Watson stub_check_cred_visible(struct ucred *u1, struct ucred *u2) 592d8a7b7a3SRobert Watson { 593d8a7b7a3SRobert Watson 594d8a7b7a3SRobert Watson return (0); 595d8a7b7a3SRobert Watson } 596d8a7b7a3SRobert Watson 597d8a7b7a3SRobert Watson static int 5981c3f91cdSRobert Watson stub_check_ifnet_relabel(struct ucred *cred, struct ifnet *ifnet, 5991979061bSRobert Watson struct label *ifnetlabel, struct label *newlabel) 600d8a7b7a3SRobert Watson { 601d8a7b7a3SRobert Watson 602d8a7b7a3SRobert Watson return (0); 603d8a7b7a3SRobert Watson } 604d8a7b7a3SRobert Watson 605d8a7b7a3SRobert Watson static int 6061c3f91cdSRobert Watson stub_check_ifnet_transmit(struct ifnet *ifnet, struct label *ifnetlabel, 607d8a7b7a3SRobert Watson struct mbuf *m, struct label *mbuflabel) 608d8a7b7a3SRobert Watson { 609d8a7b7a3SRobert Watson 610d8a7b7a3SRobert Watson return (0); 611d8a7b7a3SRobert Watson } 612d8a7b7a3SRobert Watson 613d8a7b7a3SRobert Watson static int 614a557af22SRobert Watson stub_check_inpcb_deliver(struct inpcb *inp, struct label *inplabel, 615a557af22SRobert Watson struct mbuf *m, struct label *mlabel) 616a557af22SRobert Watson { 617a557af22SRobert Watson 618a557af22SRobert Watson return (0); 619a557af22SRobert Watson } 620a557af22SRobert Watson 621a557af22SRobert Watson static int 622ba53d9c9SRobert Watson stub_check_sysv_msgmsq(struct ucred *cred, struct msg *msgptr, 623ba53d9c9SRobert Watson struct label *msglabel, struct msqid_kernel *msqkptr, 624ba53d9c9SRobert Watson struct label *msqklabel) 625ba53d9c9SRobert Watson { 626ba53d9c9SRobert Watson 627ba53d9c9SRobert Watson return (0); 628ba53d9c9SRobert Watson } 629ba53d9c9SRobert Watson 630ba53d9c9SRobert Watson static int 631ba53d9c9SRobert Watson stub_check_sysv_msgrcv(struct ucred *cred, struct msg *msgptr, 632ba53d9c9SRobert Watson struct label *msglabel) 633ba53d9c9SRobert Watson { 634ba53d9c9SRobert Watson 635ba53d9c9SRobert Watson return (0); 636ba53d9c9SRobert Watson } 637ba53d9c9SRobert Watson 638ba53d9c9SRobert Watson 639ba53d9c9SRobert Watson static int 640ba53d9c9SRobert Watson stub_check_sysv_msgrmid(struct ucred *cred, struct msg *msgptr, 641ba53d9c9SRobert Watson struct label *msglabel) 642ba53d9c9SRobert Watson { 643ba53d9c9SRobert Watson 644ba53d9c9SRobert Watson return (0); 645ba53d9c9SRobert Watson } 646ba53d9c9SRobert Watson 647ba53d9c9SRobert Watson 648ba53d9c9SRobert Watson static int 649ba53d9c9SRobert Watson stub_check_sysv_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, 650ba53d9c9SRobert Watson struct label *msqklabel) 651ba53d9c9SRobert Watson { 652ba53d9c9SRobert Watson 653ba53d9c9SRobert Watson return (0); 654ba53d9c9SRobert Watson } 655ba53d9c9SRobert Watson 656ba53d9c9SRobert Watson 657ba53d9c9SRobert Watson static int 658ba53d9c9SRobert Watson stub_check_sysv_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, 659ba53d9c9SRobert Watson struct label *msqklabel) 660ba53d9c9SRobert Watson { 661ba53d9c9SRobert Watson 662ba53d9c9SRobert Watson return (0); 663ba53d9c9SRobert Watson } 664ba53d9c9SRobert Watson 665ba53d9c9SRobert Watson static int 666ba53d9c9SRobert Watson stub_check_sysv_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, 667ba53d9c9SRobert Watson struct label *msqklabel) 668ba53d9c9SRobert Watson { 669ba53d9c9SRobert Watson 670ba53d9c9SRobert Watson return (0); 671ba53d9c9SRobert Watson } 672ba53d9c9SRobert Watson 673ba53d9c9SRobert Watson 674ba53d9c9SRobert Watson static int 675ba53d9c9SRobert Watson stub_check_sysv_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, 676ba53d9c9SRobert Watson struct label *msqklabel, int cmd) 677ba53d9c9SRobert Watson { 678ba53d9c9SRobert Watson 679ba53d9c9SRobert Watson return (0); 680ba53d9c9SRobert Watson } 681ba53d9c9SRobert Watson 682ba53d9c9SRobert Watson 683ba53d9c9SRobert Watson static int 684ba53d9c9SRobert Watson stub_check_sysv_semctl(struct ucred *cred, struct semid_kernel *semakptr, 685ba53d9c9SRobert Watson struct label *semaklabel, int cmd) 686ba53d9c9SRobert Watson { 687ba53d9c9SRobert Watson 688ba53d9c9SRobert Watson return (0); 689ba53d9c9SRobert Watson } 690ba53d9c9SRobert Watson 691ba53d9c9SRobert Watson static int 692ba53d9c9SRobert Watson stub_check_sysv_semget(struct ucred *cred, struct semid_kernel *semakptr, 693ba53d9c9SRobert Watson struct label *semaklabel) 694ba53d9c9SRobert Watson { 695ba53d9c9SRobert Watson 696ba53d9c9SRobert Watson return (0); 697ba53d9c9SRobert Watson } 698ba53d9c9SRobert Watson 699ba53d9c9SRobert Watson 700ba53d9c9SRobert Watson static int 701ba53d9c9SRobert Watson stub_check_sysv_semop(struct ucred *cred, struct semid_kernel *semakptr, 702ba53d9c9SRobert Watson struct label *semaklabel, size_t accesstype) 703ba53d9c9SRobert Watson { 704ba53d9c9SRobert Watson 705ba53d9c9SRobert Watson return (0); 706ba53d9c9SRobert Watson } 707ba53d9c9SRobert Watson 708ba53d9c9SRobert Watson static int 709ba53d9c9SRobert Watson stub_check_sysv_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr, 710ba53d9c9SRobert Watson struct label *shmseglabel, int shmflg) 711ba53d9c9SRobert Watson { 712ba53d9c9SRobert Watson 713ba53d9c9SRobert Watson return (0); 714ba53d9c9SRobert Watson } 715ba53d9c9SRobert Watson 716ba53d9c9SRobert Watson static int 717ba53d9c9SRobert Watson stub_check_sysv_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr, 718ba53d9c9SRobert Watson struct label *shmseglabel, int cmd) 719ba53d9c9SRobert Watson { 720ba53d9c9SRobert Watson 721ba53d9c9SRobert Watson return (0); 722ba53d9c9SRobert Watson } 723ba53d9c9SRobert Watson 724ba53d9c9SRobert Watson static int 725ba53d9c9SRobert Watson stub_check_sysv_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr, 726ba53d9c9SRobert Watson struct label *shmseglabel) 727ba53d9c9SRobert Watson { 728ba53d9c9SRobert Watson 729ba53d9c9SRobert Watson return (0); 730ba53d9c9SRobert Watson } 731ba53d9c9SRobert Watson 732ba53d9c9SRobert Watson 733ba53d9c9SRobert Watson static int 734ba53d9c9SRobert Watson stub_check_sysv_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr, 735ba53d9c9SRobert Watson struct label *shmseglabel, int shmflg) 736ba53d9c9SRobert Watson { 737ba53d9c9SRobert Watson 738ba53d9c9SRobert Watson return (0); 739ba53d9c9SRobert Watson } 740ba53d9c9SRobert Watson 741ba53d9c9SRobert Watson static int 7421c3f91cdSRobert Watson stub_check_kenv_dump(struct ucred *cred) 74309de2dc2SRobert Watson { 74409de2dc2SRobert Watson 74509de2dc2SRobert Watson return (0); 74609de2dc2SRobert Watson } 74709de2dc2SRobert Watson 74809de2dc2SRobert Watson static int 7491c3f91cdSRobert Watson stub_check_kenv_get(struct ucred *cred, char *name) 75009de2dc2SRobert Watson { 75109de2dc2SRobert Watson 75209de2dc2SRobert Watson return (0); 75309de2dc2SRobert Watson } 75409de2dc2SRobert Watson 75509de2dc2SRobert Watson static int 7561c3f91cdSRobert Watson stub_check_kenv_set(struct ucred *cred, char *name, char *value) 75709de2dc2SRobert Watson { 75809de2dc2SRobert Watson 75909de2dc2SRobert Watson return (0); 76009de2dc2SRobert Watson } 76109de2dc2SRobert Watson 76209de2dc2SRobert Watson static int 7631c3f91cdSRobert Watson stub_check_kenv_unset(struct ucred *cred, char *name) 76409de2dc2SRobert Watson { 76509de2dc2SRobert Watson 76609de2dc2SRobert Watson return (0); 76709de2dc2SRobert Watson } 76809de2dc2SRobert Watson 76909de2dc2SRobert Watson static int 7701c3f91cdSRobert Watson stub_check_kld_load(struct ucred *cred, struct vnode *vp, 77109de2dc2SRobert Watson struct label *vlabel) 77209de2dc2SRobert Watson { 77309de2dc2SRobert Watson 77409de2dc2SRobert Watson return (0); 77509de2dc2SRobert Watson } 77609de2dc2SRobert Watson 77709de2dc2SRobert Watson static int 7781c3f91cdSRobert Watson stub_check_kld_stat(struct ucred *cred) 77909de2dc2SRobert Watson { 78009de2dc2SRobert Watson 78109de2dc2SRobert Watson return (0); 78209de2dc2SRobert Watson } 78309de2dc2SRobert Watson 78409de2dc2SRobert Watson static int 7851c3f91cdSRobert Watson stub_check_kld_unload(struct ucred *cred) 78609de2dc2SRobert Watson { 78709de2dc2SRobert Watson 78809de2dc2SRobert Watson return (0); 78909de2dc2SRobert Watson } 79009de2dc2SRobert Watson 79109de2dc2SRobert Watson static int 7921c3f91cdSRobert Watson stub_check_mount_stat(struct ucred *cred, struct mount *mp, 793d8a7b7a3SRobert Watson struct label *mntlabel) 794d8a7b7a3SRobert Watson { 795d8a7b7a3SRobert Watson 796d8a7b7a3SRobert Watson return (0); 797d8a7b7a3SRobert Watson } 798d8a7b7a3SRobert Watson 799d8a7b7a3SRobert Watson static int 80091c2dc94SRobert Watson stub_check_pipe_ioctl(struct ucred *cred, struct pipepair *pp, 801d8a7b7a3SRobert Watson struct label *pipelabel, unsigned long cmd, void /* caddr_t */ *data) 802d8a7b7a3SRobert Watson { 803d8a7b7a3SRobert Watson 804d8a7b7a3SRobert Watson return (0); 805d8a7b7a3SRobert Watson } 806d8a7b7a3SRobert Watson 807d8a7b7a3SRobert Watson static int 80891c2dc94SRobert Watson stub_check_pipe_poll(struct ucred *cred, struct pipepair *pp, 809c024c3eeSRobert Watson struct label *pipelabel) 810c024c3eeSRobert Watson { 811c024c3eeSRobert Watson 812c024c3eeSRobert Watson return (0); 813c024c3eeSRobert Watson } 814c024c3eeSRobert Watson 815c024c3eeSRobert Watson static int 81691c2dc94SRobert Watson stub_check_pipe_read(struct ucred *cred, struct pipepair *pp, 817c024c3eeSRobert Watson struct label *pipelabel) 818d8a7b7a3SRobert Watson { 819d8a7b7a3SRobert Watson 820d8a7b7a3SRobert Watson return (0); 821d8a7b7a3SRobert Watson } 822d8a7b7a3SRobert Watson 823d8a7b7a3SRobert Watson static int 82491c2dc94SRobert Watson stub_check_pipe_relabel(struct ucred *cred, struct pipepair *pp, 825d8a7b7a3SRobert Watson struct label *pipelabel, struct label *newlabel) 826d8a7b7a3SRobert Watson { 827d8a7b7a3SRobert Watson 828d8a7b7a3SRobert Watson return (0); 829d8a7b7a3SRobert Watson } 830d8a7b7a3SRobert Watson 831d8a7b7a3SRobert Watson static int 83291c2dc94SRobert Watson stub_check_pipe_stat(struct ucred *cred, struct pipepair *pp, 833c024c3eeSRobert Watson struct label *pipelabel) 834c024c3eeSRobert Watson { 835c024c3eeSRobert Watson 836c024c3eeSRobert Watson return (0); 837c024c3eeSRobert Watson } 838c024c3eeSRobert Watson 839c024c3eeSRobert Watson static int 84091c2dc94SRobert Watson stub_check_pipe_write(struct ucred *cred, struct pipepair *pp, 841c024c3eeSRobert Watson struct label *pipelabel) 842c024c3eeSRobert Watson { 843c024c3eeSRobert Watson 844c024c3eeSRobert Watson return (0); 845c024c3eeSRobert Watson } 846c024c3eeSRobert Watson 847c024c3eeSRobert Watson static int 84852648411SRobert Watson stub_check_posix_sem_destroy(struct ucred *cred, struct ksem *ksemptr, 84952648411SRobert Watson struct label *ks_label) 85052648411SRobert Watson { 85152648411SRobert Watson 85252648411SRobert Watson return (0); 85352648411SRobert Watson } 85452648411SRobert Watson 85552648411SRobert Watson static int 85652648411SRobert Watson stub_check_posix_sem_getvalue(struct ucred *cred, struct ksem *ksemptr, 85752648411SRobert Watson struct label *ks_label) 85852648411SRobert Watson { 85952648411SRobert Watson 86052648411SRobert Watson return (0); 86152648411SRobert Watson } 86252648411SRobert Watson 86352648411SRobert Watson static int 86452648411SRobert Watson stub_check_posix_sem_open(struct ucred *cred, struct ksem *ksemptr, 86552648411SRobert Watson struct label *ks_label) 86652648411SRobert Watson { 86752648411SRobert Watson 86852648411SRobert Watson return (0); 86952648411SRobert Watson } 87052648411SRobert Watson 87152648411SRobert Watson static int 87252648411SRobert Watson stub_check_posix_sem_post(struct ucred *cred, struct ksem *ksemptr, 87352648411SRobert Watson struct label *ks_label) 87452648411SRobert Watson { 87552648411SRobert Watson 87652648411SRobert Watson return (0); 87752648411SRobert Watson } 87852648411SRobert Watson 87952648411SRobert Watson static int 88052648411SRobert Watson stub_check_posix_sem_unlink(struct ucred *cred, struct ksem *ksemptr, 88152648411SRobert Watson struct label *ks_label) 88252648411SRobert Watson { 88352648411SRobert Watson 88452648411SRobert Watson return (0); 88552648411SRobert Watson } 88652648411SRobert Watson 88752648411SRobert Watson static int 88852648411SRobert Watson stub_check_posix_sem_wait(struct ucred *cred, struct ksem *ksemptr, 88952648411SRobert Watson struct label *ks_label) 89052648411SRobert Watson { 89152648411SRobert Watson 89252648411SRobert Watson return (0); 89352648411SRobert Watson } 89452648411SRobert Watson 89552648411SRobert Watson static int 8961c3f91cdSRobert Watson stub_check_proc_debug(struct ucred *cred, struct proc *proc) 897d8a7b7a3SRobert Watson { 898d8a7b7a3SRobert Watson 899d8a7b7a3SRobert Watson return (0); 900d8a7b7a3SRobert Watson } 901d8a7b7a3SRobert Watson 902d8a7b7a3SRobert Watson static int 9031c3f91cdSRobert Watson stub_check_proc_sched(struct ucred *cred, struct proc *proc) 904d8a7b7a3SRobert Watson { 905d8a7b7a3SRobert Watson 906d8a7b7a3SRobert Watson return (0); 907d8a7b7a3SRobert Watson } 908d8a7b7a3SRobert Watson 909d8a7b7a3SRobert Watson static int 9101c3f91cdSRobert Watson stub_check_proc_signal(struct ucred *cred, struct proc *proc, int signum) 911d8a7b7a3SRobert Watson { 912d8a7b7a3SRobert Watson 913d8a7b7a3SRobert Watson return (0); 914d8a7b7a3SRobert Watson } 915d8a7b7a3SRobert Watson 916d8a7b7a3SRobert Watson static int 917babe9a2bSRobert Watson stub_check_proc_wait(struct ucred *cred, struct proc *proc) 918babe9a2bSRobert Watson { 919babe9a2bSRobert Watson 920babe9a2bSRobert Watson return (0); 921babe9a2bSRobert Watson } 922babe9a2bSRobert Watson 923babe9a2bSRobert Watson static int 924030a28b3SRobert Watson stub_check_proc_setuid(struct ucred *cred, uid_t uid) 925030a28b3SRobert Watson { 926030a28b3SRobert Watson 927030a28b3SRobert Watson return (0); 928030a28b3SRobert Watson } 929030a28b3SRobert Watson 930030a28b3SRobert Watson static int 931030a28b3SRobert Watson stub_check_proc_seteuid(struct ucred *cred, uid_t euid) 932030a28b3SRobert Watson { 933030a28b3SRobert Watson 934030a28b3SRobert Watson return (0); 935030a28b3SRobert Watson } 936030a28b3SRobert Watson 937030a28b3SRobert Watson static int 938030a28b3SRobert Watson stub_check_proc_setgid(struct ucred *cred, gid_t gid) 939030a28b3SRobert Watson { 940030a28b3SRobert Watson 941030a28b3SRobert Watson return (0); 942030a28b3SRobert Watson } 943030a28b3SRobert Watson 944030a28b3SRobert Watson static int 945030a28b3SRobert Watson stub_check_proc_setegid(struct ucred *cred, gid_t egid) 946030a28b3SRobert Watson { 947030a28b3SRobert Watson 948030a28b3SRobert Watson return (0); 949030a28b3SRobert Watson } 950030a28b3SRobert Watson 951030a28b3SRobert Watson static int 952030a28b3SRobert Watson stub_check_proc_setgroups(struct ucred *cred, int ngroups, 953030a28b3SRobert Watson gid_t *gidset) 954030a28b3SRobert Watson { 955030a28b3SRobert Watson 956030a28b3SRobert Watson return (0); 957030a28b3SRobert Watson } 958030a28b3SRobert Watson 959030a28b3SRobert Watson static int 960030a28b3SRobert Watson stub_check_proc_setreuid(struct ucred *cred, uid_t ruid, uid_t euid) 961030a28b3SRobert Watson { 962030a28b3SRobert Watson 963030a28b3SRobert Watson return (0); 964030a28b3SRobert Watson } 965030a28b3SRobert Watson 966030a28b3SRobert Watson static int 967030a28b3SRobert Watson stub_check_proc_setregid(struct ucred *cred, gid_t rgid, gid_t egid) 968030a28b3SRobert Watson { 969030a28b3SRobert Watson 970030a28b3SRobert Watson return (0); 971030a28b3SRobert Watson } 972030a28b3SRobert Watson 973030a28b3SRobert Watson static int 974030a28b3SRobert Watson stub_check_proc_setresuid(struct ucred *cred, uid_t ruid, uid_t euid, 975030a28b3SRobert Watson uid_t suid) 976030a28b3SRobert Watson { 977030a28b3SRobert Watson 978030a28b3SRobert Watson return (0); 979030a28b3SRobert Watson } 980030a28b3SRobert Watson 981030a28b3SRobert Watson static int 982030a28b3SRobert Watson stub_check_proc_setresgid(struct ucred *cred, gid_t rgid, gid_t egid, 983030a28b3SRobert Watson gid_t sgid) 984030a28b3SRobert Watson { 985030a28b3SRobert Watson 986030a28b3SRobert Watson return (0); 987030a28b3SRobert Watson } 988030a28b3SRobert Watson 989030a28b3SRobert Watson static int 9907f53207bSRobert Watson stub_check_socket_accept(struct ucred *cred, struct socket *socket, 9917f53207bSRobert Watson struct label *socketlabel) 9927f53207bSRobert Watson { 9937f53207bSRobert Watson 9947f53207bSRobert Watson return (0); 9957f53207bSRobert Watson } 9967f53207bSRobert Watson 9977f53207bSRobert Watson static int 9981c3f91cdSRobert Watson stub_check_socket_bind(struct ucred *cred, struct socket *socket, 999d8a7b7a3SRobert Watson struct label *socketlabel, struct sockaddr *sockaddr) 1000d8a7b7a3SRobert Watson { 1001d8a7b7a3SRobert Watson 1002d8a7b7a3SRobert Watson return (0); 1003d8a7b7a3SRobert Watson } 1004d8a7b7a3SRobert Watson 1005d8a7b7a3SRobert Watson static int 10061c3f91cdSRobert Watson stub_check_socket_connect(struct ucred *cred, struct socket *socket, 1007d8a7b7a3SRobert Watson struct label *socketlabel, struct sockaddr *sockaddr) 1008d8a7b7a3SRobert Watson { 1009d8a7b7a3SRobert Watson 1010d8a7b7a3SRobert Watson return (0); 1011d8a7b7a3SRobert Watson } 1012d8a7b7a3SRobert Watson 1013d8a7b7a3SRobert Watson static int 10146758f88eSRobert Watson stub_check_socket_create(struct ucred *cred, int domain, int type, 10156758f88eSRobert Watson int protocol) 10166758f88eSRobert Watson { 10176758f88eSRobert Watson 10186758f88eSRobert Watson return (0); 10196758f88eSRobert Watson } 10206758f88eSRobert Watson 10216758f88eSRobert Watson static int 10221c3f91cdSRobert Watson stub_check_socket_deliver(struct socket *so, struct label *socketlabel, 1023fb95b5d3SRobert Watson struct mbuf *m, struct label *mbuflabel) 1024d8a7b7a3SRobert Watson { 1025d8a7b7a3SRobert Watson 1026d8a7b7a3SRobert Watson return (0); 1027d8a7b7a3SRobert Watson } 1028d8a7b7a3SRobert Watson 1029d8a7b7a3SRobert Watson static int 10301c3f91cdSRobert Watson stub_check_socket_listen(struct ucred *cred, struct socket *so, 1031fb95b5d3SRobert Watson struct label *socketlabel) 1032d8a7b7a3SRobert Watson { 1033d8a7b7a3SRobert Watson 1034d8a7b7a3SRobert Watson return (0); 1035d8a7b7a3SRobert Watson } 1036d8a7b7a3SRobert Watson 1037d8a7b7a3SRobert Watson static int 10387f53207bSRobert Watson stub_check_socket_poll(struct ucred *cred, struct socket *so, 10397f53207bSRobert Watson struct label *socketlabel) 10407f53207bSRobert Watson { 10417f53207bSRobert Watson 10427f53207bSRobert Watson return (0); 10437f53207bSRobert Watson } 10447f53207bSRobert Watson 10457f53207bSRobert Watson static int 10467f53207bSRobert Watson stub_check_socket_receive(struct ucred *cred, struct socket *so, 10477f53207bSRobert Watson struct label *socketlabel) 10487f53207bSRobert Watson { 10497f53207bSRobert Watson 10507f53207bSRobert Watson return (0); 10517f53207bSRobert Watson } 10527f53207bSRobert Watson 10537f53207bSRobert Watson static int 10541c3f91cdSRobert Watson stub_check_socket_relabel(struct ucred *cred, struct socket *socket, 1055d8a7b7a3SRobert Watson struct label *socketlabel, struct label *newlabel) 1056d8a7b7a3SRobert Watson { 1057d8a7b7a3SRobert Watson 1058d8a7b7a3SRobert Watson return (0); 1059d8a7b7a3SRobert Watson } 10607f53207bSRobert Watson static int 10617f53207bSRobert Watson stub_check_socket_send(struct ucred *cred, struct socket *so, 10627f53207bSRobert Watson struct label *socketlabel) 10637f53207bSRobert Watson { 10647f53207bSRobert Watson 10657f53207bSRobert Watson return (0); 10667f53207bSRobert Watson } 10677f53207bSRobert Watson 10687f53207bSRobert Watson static int 10697f53207bSRobert Watson stub_check_socket_stat(struct ucred *cred, struct socket *so, 10707f53207bSRobert Watson struct label *socketlabel) 10717f53207bSRobert Watson { 10727f53207bSRobert Watson 10737f53207bSRobert Watson return (0); 10747f53207bSRobert Watson } 1075d8a7b7a3SRobert Watson 1076d8a7b7a3SRobert Watson static int 10771c3f91cdSRobert Watson stub_check_socket_visible(struct ucred *cred, struct socket *socket, 1078d8a7b7a3SRobert Watson struct label *socketlabel) 1079d8a7b7a3SRobert Watson { 1080d8a7b7a3SRobert Watson 1081d8a7b7a3SRobert Watson return (0); 1082d8a7b7a3SRobert Watson } 1083d8a7b7a3SRobert Watson 1084d8a7b7a3SRobert Watson static int 10851c3f91cdSRobert Watson stub_check_sysarch_ioperm(struct ucred *cred) 108609de2dc2SRobert Watson { 108709de2dc2SRobert Watson 108809de2dc2SRobert Watson return (0); 108909de2dc2SRobert Watson } 109009de2dc2SRobert Watson 109109de2dc2SRobert Watson static int 10921c3f91cdSRobert Watson stub_check_system_acct(struct ucred *cred, struct vnode *vp, 109309de2dc2SRobert Watson struct label *vlabel) 109409de2dc2SRobert Watson { 109509de2dc2SRobert Watson 109609de2dc2SRobert Watson return (0); 109709de2dc2SRobert Watson } 109809de2dc2SRobert Watson 109909de2dc2SRobert Watson static int 110017870c06SChristian S.J. Peron stub_check_system_nfsd(struct ucred *cred) 110117870c06SChristian S.J. Peron { 110217870c06SChristian S.J. Peron 110317870c06SChristian S.J. Peron return (0); 110417870c06SChristian S.J. Peron } 110517870c06SChristian S.J. Peron 110617870c06SChristian S.J. Peron static int 11071c3f91cdSRobert Watson stub_check_system_reboot(struct ucred *cred, int how) 1108927f6069SRobert Watson { 1109927f6069SRobert Watson 1110927f6069SRobert Watson return (0); 1111927f6069SRobert Watson } 1112927f6069SRobert Watson 1113927f6069SRobert Watson static int 11141c3f91cdSRobert Watson stub_check_system_settime(struct ucred *cred) 111509de2dc2SRobert Watson { 111609de2dc2SRobert Watson 111709de2dc2SRobert Watson return (0); 111809de2dc2SRobert Watson } 111909de2dc2SRobert Watson 112009de2dc2SRobert Watson static int 11211c3f91cdSRobert Watson stub_check_system_swapon(struct ucred *cred, struct vnode *vp, 1122927f6069SRobert Watson struct label *label) 1123927f6069SRobert Watson { 1124927f6069SRobert Watson 1125927f6069SRobert Watson return (0); 1126927f6069SRobert Watson } 1127927f6069SRobert Watson 1128927f6069SRobert Watson static int 11291c3f91cdSRobert Watson stub_check_system_swapoff(struct ucred *cred, struct vnode *vp, 113009de2dc2SRobert Watson struct label *label) 113109de2dc2SRobert Watson { 113209de2dc2SRobert Watson 113309de2dc2SRobert Watson return (0); 113409de2dc2SRobert Watson } 113509de2dc2SRobert Watson 113609de2dc2SRobert Watson static int 113763dba32bSPawel Jakub Dawidek stub_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp, 113863dba32bSPawel Jakub Dawidek void *arg1, int arg2, struct sysctl_req *req) 1139927f6069SRobert Watson { 1140927f6069SRobert Watson 1141927f6069SRobert Watson return (0); 1142927f6069SRobert Watson } 1143927f6069SRobert Watson 1144927f6069SRobert Watson static int 11451c3f91cdSRobert Watson stub_check_vnode_access(struct ucred *cred, struct vnode *vp, 1146b914de36SRobert Watson struct label *label, int acc_mode) 1147d8a7b7a3SRobert Watson { 1148d8a7b7a3SRobert Watson 1149d8a7b7a3SRobert Watson return (0); 1150d8a7b7a3SRobert Watson } 1151d8a7b7a3SRobert Watson 1152d8a7b7a3SRobert Watson static int 11531c3f91cdSRobert Watson stub_check_vnode_chdir(struct ucred *cred, struct vnode *dvp, 1154d8a7b7a3SRobert Watson struct label *dlabel) 1155d8a7b7a3SRobert Watson { 1156d8a7b7a3SRobert Watson 1157d8a7b7a3SRobert Watson return (0); 1158d8a7b7a3SRobert Watson } 1159d8a7b7a3SRobert Watson 1160d8a7b7a3SRobert Watson static int 11611c3f91cdSRobert Watson stub_check_vnode_chroot(struct ucred *cred, struct vnode *dvp, 1162d8a7b7a3SRobert Watson struct label *dlabel) 1163d8a7b7a3SRobert Watson { 1164d8a7b7a3SRobert Watson 1165d8a7b7a3SRobert Watson return (0); 1166d8a7b7a3SRobert Watson } 1167d8a7b7a3SRobert Watson 1168d8a7b7a3SRobert Watson static int 11691c3f91cdSRobert Watson stub_check_vnode_create(struct ucred *cred, struct vnode *dvp, 1170d8a7b7a3SRobert Watson struct label *dlabel, struct componentname *cnp, struct vattr *vap) 1171d8a7b7a3SRobert Watson { 1172d8a7b7a3SRobert Watson 1173d8a7b7a3SRobert Watson return (0); 1174d8a7b7a3SRobert Watson } 1175d8a7b7a3SRobert Watson 1176d8a7b7a3SRobert Watson static int 11771c3f91cdSRobert Watson stub_check_vnode_delete(struct ucred *cred, struct vnode *dvp, 1178d8a7b7a3SRobert Watson struct label *dlabel, struct vnode *vp, struct label *label, 1179d8a7b7a3SRobert Watson struct componentname *cnp) 1180d8a7b7a3SRobert Watson { 1181d8a7b7a3SRobert Watson 1182d8a7b7a3SRobert Watson return (0); 1183d8a7b7a3SRobert Watson } 1184d8a7b7a3SRobert Watson 1185d8a7b7a3SRobert Watson static int 11861c3f91cdSRobert Watson stub_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, 1187d8a7b7a3SRobert Watson struct label *label, acl_type_t type) 1188d8a7b7a3SRobert Watson { 1189d8a7b7a3SRobert Watson 1190d8a7b7a3SRobert Watson return (0); 1191d8a7b7a3SRobert Watson } 1192d8a7b7a3SRobert Watson 1193d8a7b7a3SRobert Watson static int 119464f00af8SRobert Watson stub_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp, 119564f00af8SRobert Watson struct label *label, int attrnamespace, const char *name) 119664f00af8SRobert Watson { 119764f00af8SRobert Watson 119864f00af8SRobert Watson return (0); 119964f00af8SRobert Watson } 120064f00af8SRobert Watson 120164f00af8SRobert Watson static int 12021c3f91cdSRobert Watson stub_check_vnode_exec(struct ucred *cred, struct vnode *vp, 1203ef5def59SRobert Watson struct label *label, struct image_params *imgp, 1204ef5def59SRobert Watson struct label *execlabel) 1205d8a7b7a3SRobert Watson { 1206d8a7b7a3SRobert Watson 1207d8a7b7a3SRobert Watson return (0); 1208d8a7b7a3SRobert Watson } 1209d8a7b7a3SRobert Watson 1210d8a7b7a3SRobert Watson static int 12111c3f91cdSRobert Watson stub_check_vnode_getacl(struct ucred *cred, struct vnode *vp, 1212d8a7b7a3SRobert Watson struct label *label, acl_type_t type) 1213d8a7b7a3SRobert Watson { 1214d8a7b7a3SRobert Watson 1215d8a7b7a3SRobert Watson return (0); 1216d8a7b7a3SRobert Watson } 1217d8a7b7a3SRobert Watson 1218d8a7b7a3SRobert Watson static int 12191c3f91cdSRobert Watson stub_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, 1220d8a7b7a3SRobert Watson struct label *label, int attrnamespace, const char *name, struct uio *uio) 1221d8a7b7a3SRobert Watson { 1222d8a7b7a3SRobert Watson 1223d8a7b7a3SRobert Watson return (0); 1224d8a7b7a3SRobert Watson } 1225d8a7b7a3SRobert Watson 1226d8a7b7a3SRobert Watson static int 12271c3f91cdSRobert Watson stub_check_vnode_link(struct ucred *cred, struct vnode *dvp, 1228c27b50f5SRobert Watson struct label *dlabel, struct vnode *vp, struct label *label, 1229c27b50f5SRobert Watson struct componentname *cnp) 1230c27b50f5SRobert Watson { 1231c27b50f5SRobert Watson 1232c27b50f5SRobert Watson return (0); 1233c27b50f5SRobert Watson } 1234c27b50f5SRobert Watson 1235c27b50f5SRobert Watson static int 123664f00af8SRobert Watson stub_check_vnode_listextattr(struct ucred *cred, struct vnode *vp, 123764f00af8SRobert Watson struct label *label, int attrnamespace) 123864f00af8SRobert Watson { 123964f00af8SRobert Watson 124064f00af8SRobert Watson return (0); 124164f00af8SRobert Watson } 124264f00af8SRobert Watson 124364f00af8SRobert Watson static int 12441c3f91cdSRobert Watson stub_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, 1245d8a7b7a3SRobert Watson struct label *dlabel, struct componentname *cnp) 1246d8a7b7a3SRobert Watson { 1247d8a7b7a3SRobert Watson 1248d8a7b7a3SRobert Watson return (0); 1249d8a7b7a3SRobert Watson } 1250d8a7b7a3SRobert Watson 1251d8a7b7a3SRobert Watson static int 12521c3f91cdSRobert Watson stub_check_vnode_mmap(struct ucred *cred, struct vnode *vp, 1253c92163dcSChristian S.J. Peron struct label *label, int prot, int flags) 1254e183f80eSRobert Watson { 1255e183f80eSRobert Watson 1256e183f80eSRobert Watson return (0); 1257e183f80eSRobert Watson } 1258e183f80eSRobert Watson 125917870c06SChristian S.J. Peron static void 126017870c06SChristian S.J. Peron stub_check_vnode_mmap_downgrade(struct ucred *cred, 126117870c06SChristian S.J. Peron struct vnode *vp, struct label *label, int *prot) 126217870c06SChristian S.J. Peron { 126317870c06SChristian S.J. Peron 126417870c06SChristian S.J. Peron } 126517870c06SChristian S.J. Peron 126617870c06SChristian S.J. Peron static int 126717870c06SChristian S.J. Peron stub_check_vnode_mprotect(struct ucred *cred, 126817870c06SChristian S.J. Peron struct vnode *vp, struct label *label, int prot) 126917870c06SChristian S.J. Peron { 127017870c06SChristian S.J. Peron 127117870c06SChristian S.J. Peron return (0); 127217870c06SChristian S.J. Peron } 127317870c06SChristian S.J. Peron 1274e183f80eSRobert Watson static int 12751c3f91cdSRobert Watson stub_check_vnode_open(struct ucred *cred, struct vnode *vp, 1276b914de36SRobert Watson struct label *filelabel, int acc_mode) 1277d8a7b7a3SRobert Watson { 1278d8a7b7a3SRobert Watson 1279d8a7b7a3SRobert Watson return (0); 1280d8a7b7a3SRobert Watson } 1281d8a7b7a3SRobert Watson 1282d8a7b7a3SRobert Watson static int 12831c3f91cdSRobert Watson stub_check_vnode_poll(struct ucred *active_cred, struct ucred *file_cred, 1284177142e4SRobert Watson struct vnode *vp, struct label *label) 12857f724f8bSRobert Watson { 12867f724f8bSRobert Watson 12877f724f8bSRobert Watson return (0); 12887f724f8bSRobert Watson } 12897f724f8bSRobert Watson 12907f724f8bSRobert Watson static int 12911c3f91cdSRobert Watson stub_check_vnode_read(struct ucred *active_cred, struct ucred *file_cred, 1292177142e4SRobert Watson struct vnode *vp, struct label *label) 12937f724f8bSRobert Watson { 12947f724f8bSRobert Watson 12957f724f8bSRobert Watson return (0); 12967f724f8bSRobert Watson } 12977f724f8bSRobert Watson 12987f724f8bSRobert Watson static int 12991c3f91cdSRobert Watson stub_check_vnode_readdir(struct ucred *cred, struct vnode *vp, 1300d8a7b7a3SRobert Watson struct label *dlabel) 1301d8a7b7a3SRobert Watson { 1302d8a7b7a3SRobert Watson 1303d8a7b7a3SRobert Watson return (0); 1304d8a7b7a3SRobert Watson } 1305d8a7b7a3SRobert Watson 1306d8a7b7a3SRobert Watson static int 13071c3f91cdSRobert Watson stub_check_vnode_readlink(struct ucred *cred, struct vnode *vp, 1308d8a7b7a3SRobert Watson struct label *vnodelabel) 1309d8a7b7a3SRobert Watson { 1310d8a7b7a3SRobert Watson 1311d8a7b7a3SRobert Watson return (0); 1312d8a7b7a3SRobert Watson } 1313d8a7b7a3SRobert Watson 1314d8a7b7a3SRobert Watson static int 13151c3f91cdSRobert Watson stub_check_vnode_relabel(struct ucred *cred, struct vnode *vp, 1316d8a7b7a3SRobert Watson struct label *vnodelabel, struct label *newlabel) 1317d8a7b7a3SRobert Watson { 1318d8a7b7a3SRobert Watson 1319d8a7b7a3SRobert Watson return (0); 1320d8a7b7a3SRobert Watson } 1321d8a7b7a3SRobert Watson 1322d8a7b7a3SRobert Watson static int 13231c3f91cdSRobert Watson stub_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp, 1324d8a7b7a3SRobert Watson struct label *dlabel, struct vnode *vp, struct label *label, 1325d8a7b7a3SRobert Watson struct componentname *cnp) 1326d8a7b7a3SRobert Watson { 1327d8a7b7a3SRobert Watson 1328d8a7b7a3SRobert Watson return (0); 1329d8a7b7a3SRobert Watson } 1330d8a7b7a3SRobert Watson 1331d8a7b7a3SRobert Watson static int 13321c3f91cdSRobert Watson stub_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp, 1333d8a7b7a3SRobert Watson struct label *dlabel, struct vnode *vp, struct label *label, int samedir, 1334d8a7b7a3SRobert Watson struct componentname *cnp) 1335d8a7b7a3SRobert Watson { 1336d8a7b7a3SRobert Watson 1337d8a7b7a3SRobert Watson return (0); 1338d8a7b7a3SRobert Watson } 1339d8a7b7a3SRobert Watson 1340d8a7b7a3SRobert Watson static int 13411c3f91cdSRobert Watson stub_check_vnode_revoke(struct ucred *cred, struct vnode *vp, 1342d8a7b7a3SRobert Watson struct label *label) 1343d8a7b7a3SRobert Watson { 1344d8a7b7a3SRobert Watson 1345d8a7b7a3SRobert Watson return (0); 1346d8a7b7a3SRobert Watson } 1347d8a7b7a3SRobert Watson 1348d8a7b7a3SRobert Watson static int 13491c3f91cdSRobert Watson stub_check_vnode_setacl(struct ucred *cred, struct vnode *vp, 1350d8a7b7a3SRobert Watson struct label *label, acl_type_t type, struct acl *acl) 1351d8a7b7a3SRobert Watson { 1352d8a7b7a3SRobert Watson 1353d8a7b7a3SRobert Watson return (0); 1354d8a7b7a3SRobert Watson } 1355d8a7b7a3SRobert Watson 1356d8a7b7a3SRobert Watson static int 13571c3f91cdSRobert Watson stub_check_vnode_setextattr(struct ucred *cred, struct vnode *vp, 1358d8a7b7a3SRobert Watson struct label *label, int attrnamespace, const char *name, struct uio *uio) 1359d8a7b7a3SRobert Watson { 1360d8a7b7a3SRobert Watson 1361d8a7b7a3SRobert Watson return (0); 1362d8a7b7a3SRobert Watson } 1363d8a7b7a3SRobert Watson 1364d8a7b7a3SRobert Watson static int 13651c3f91cdSRobert Watson stub_check_vnode_setflags(struct ucred *cred, struct vnode *vp, 1366d8a7b7a3SRobert Watson struct label *label, u_long flags) 1367d8a7b7a3SRobert Watson { 1368d8a7b7a3SRobert Watson 1369d8a7b7a3SRobert Watson return (0); 1370d8a7b7a3SRobert Watson } 1371d8a7b7a3SRobert Watson 1372d8a7b7a3SRobert Watson static int 13731c3f91cdSRobert Watson stub_check_vnode_setmode(struct ucred *cred, struct vnode *vp, 1374d8a7b7a3SRobert Watson struct label *label, mode_t mode) 1375d8a7b7a3SRobert Watson { 1376d8a7b7a3SRobert Watson 1377d8a7b7a3SRobert Watson return (0); 1378d8a7b7a3SRobert Watson } 1379d8a7b7a3SRobert Watson 1380d8a7b7a3SRobert Watson static int 13811c3f91cdSRobert Watson stub_check_vnode_setowner(struct ucred *cred, struct vnode *vp, 1382d8a7b7a3SRobert Watson struct label *label, uid_t uid, gid_t gid) 1383d8a7b7a3SRobert Watson { 1384d8a7b7a3SRobert Watson 1385d8a7b7a3SRobert Watson return (0); 1386d8a7b7a3SRobert Watson } 1387d8a7b7a3SRobert Watson 1388d8a7b7a3SRobert Watson static int 13891c3f91cdSRobert Watson stub_check_vnode_setutimes(struct ucred *cred, struct vnode *vp, 1390d8a7b7a3SRobert Watson struct label *label, struct timespec atime, struct timespec mtime) 1391d8a7b7a3SRobert Watson { 1392d8a7b7a3SRobert Watson 1393d8a7b7a3SRobert Watson return (0); 1394d8a7b7a3SRobert Watson } 1395d8a7b7a3SRobert Watson 1396d8a7b7a3SRobert Watson static int 13971c3f91cdSRobert Watson stub_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred, 1398177142e4SRobert Watson struct vnode *vp, struct label *label) 1399d8a7b7a3SRobert Watson { 1400d8a7b7a3SRobert Watson 1401d8a7b7a3SRobert Watson return (0); 1402d8a7b7a3SRobert Watson } 1403d8a7b7a3SRobert Watson 14047f724f8bSRobert Watson static int 14051c3f91cdSRobert Watson stub_check_vnode_write(struct ucred *active_cred, 1406177142e4SRobert Watson struct ucred *file_cred, struct vnode *vp, struct label *label) 14077f724f8bSRobert Watson { 14087f724f8bSRobert Watson 14097f724f8bSRobert Watson return (0); 14107f724f8bSRobert Watson } 14117f724f8bSRobert Watson 1412403b781eSRobert Watson static int 1413403b781eSRobert Watson stub_priv_check(struct ucred *cred, int priv) 1414403b781eSRobert Watson { 1415403b781eSRobert Watson 1416403b781eSRobert Watson return (0); 1417403b781eSRobert Watson } 1418403b781eSRobert Watson 1419403b781eSRobert Watson static int 1420403b781eSRobert Watson stub_priv_grant(struct ucred *cred, int priv) 1421403b781eSRobert Watson { 1422403b781eSRobert Watson 1423403b781eSRobert Watson return (EPERM); 1424403b781eSRobert Watson } 1425403b781eSRobert Watson 14261c3f91cdSRobert Watson static struct mac_policy_ops mac_stub_ops = 1427d8a7b7a3SRobert Watson { 14281c3f91cdSRobert Watson .mpo_destroy = stub_destroy, 14291c3f91cdSRobert Watson .mpo_init = stub_init, 14301c3f91cdSRobert Watson .mpo_syscall = stub_syscall, 14311c3f91cdSRobert Watson .mpo_init_bpfdesc_label = stub_init_label, 14321c3f91cdSRobert Watson .mpo_init_cred_label = stub_init_label, 14331c3f91cdSRobert Watson .mpo_init_devfsdirent_label = stub_init_label, 14341c3f91cdSRobert Watson .mpo_init_ifnet_label = stub_init_label, 1435a557af22SRobert Watson .mpo_init_inpcb_label = stub_init_label_waitcheck, 1436ba53d9c9SRobert Watson .mpo_init_sysv_msgmsg_label = stub_init_label, 1437ba53d9c9SRobert Watson .mpo_init_sysv_msgqueue_label = stub_init_label, 14383831e7d7SRobert Watson .mpo_init_sysv_sem_label = stub_init_label, 1439ba53d9c9SRobert Watson .mpo_init_sysv_shm_label = stub_init_label, 14401c3f91cdSRobert Watson .mpo_init_ipq_label = stub_init_label_waitcheck, 14411c3f91cdSRobert Watson .mpo_init_mbuf_label = stub_init_label_waitcheck, 14421c3f91cdSRobert Watson .mpo_init_mount_label = stub_init_label, 14431c3f91cdSRobert Watson .mpo_init_mount_fs_label = stub_init_label, 14441c3f91cdSRobert Watson .mpo_init_pipe_label = stub_init_label, 144552648411SRobert Watson .mpo_init_posix_sem_label = stub_init_label, 14461c3f91cdSRobert Watson .mpo_init_socket_label = stub_init_label_waitcheck, 14471c3f91cdSRobert Watson .mpo_init_socket_peer_label = stub_init_label_waitcheck, 14481c3f91cdSRobert Watson .mpo_init_vnode_label = stub_init_label, 14491c3f91cdSRobert Watson .mpo_destroy_bpfdesc_label = stub_destroy_label, 14501c3f91cdSRobert Watson .mpo_destroy_cred_label = stub_destroy_label, 14511c3f91cdSRobert Watson .mpo_destroy_devfsdirent_label = stub_destroy_label, 14521c3f91cdSRobert Watson .mpo_destroy_ifnet_label = stub_destroy_label, 1453a557af22SRobert Watson .mpo_destroy_inpcb_label = stub_destroy_label, 1454ba53d9c9SRobert Watson .mpo_destroy_sysv_msgmsg_label = stub_destroy_label, 1455ba53d9c9SRobert Watson .mpo_destroy_sysv_msgqueue_label = stub_destroy_label, 14563831e7d7SRobert Watson .mpo_destroy_sysv_sem_label = stub_destroy_label, 1457ba53d9c9SRobert Watson .mpo_destroy_sysv_shm_label = stub_destroy_label, 14581c3f91cdSRobert Watson .mpo_destroy_ipq_label = stub_destroy_label, 14591c3f91cdSRobert Watson .mpo_destroy_mbuf_label = stub_destroy_label, 14601c3f91cdSRobert Watson .mpo_destroy_mount_label = stub_destroy_label, 14611c3f91cdSRobert Watson .mpo_destroy_mount_fs_label = stub_destroy_label, 14621c3f91cdSRobert Watson .mpo_destroy_pipe_label = stub_destroy_label, 146352648411SRobert Watson .mpo_destroy_posix_sem_label = stub_destroy_label, 14641c3f91cdSRobert Watson .mpo_destroy_socket_label = stub_destroy_label, 14651c3f91cdSRobert Watson .mpo_destroy_socket_peer_label = stub_destroy_label, 14661c3f91cdSRobert Watson .mpo_destroy_vnode_label = stub_destroy_label, 146756d9e932SRobert Watson .mpo_copy_cred_label = stub_copy_label, 14682220907bSRobert Watson .mpo_copy_ifnet_label = stub_copy_label, 14690196273bSRobert Watson .mpo_copy_mbuf_label = stub_copy_label, 14700196273bSRobert Watson .mpo_copy_pipe_label = stub_copy_label, 1471b0323ea3SRobert Watson .mpo_copy_socket_label = stub_copy_label, 14720196273bSRobert Watson .mpo_copy_vnode_label = stub_copy_label, 14731c3f91cdSRobert Watson .mpo_externalize_cred_label = stub_externalize_label, 14741c3f91cdSRobert Watson .mpo_externalize_ifnet_label = stub_externalize_label, 14751c3f91cdSRobert Watson .mpo_externalize_pipe_label = stub_externalize_label, 14761c3f91cdSRobert Watson .mpo_externalize_socket_label = stub_externalize_label, 14771c3f91cdSRobert Watson .mpo_externalize_socket_peer_label = stub_externalize_label, 14781c3f91cdSRobert Watson .mpo_externalize_vnode_label = stub_externalize_label, 14791c3f91cdSRobert Watson .mpo_internalize_cred_label = stub_internalize_label, 14801c3f91cdSRobert Watson .mpo_internalize_ifnet_label = stub_internalize_label, 14811c3f91cdSRobert Watson .mpo_internalize_pipe_label = stub_internalize_label, 14821c3f91cdSRobert Watson .mpo_internalize_socket_label = stub_internalize_label, 14831c3f91cdSRobert Watson .mpo_internalize_vnode_label = stub_internalize_label, 14841c3f91cdSRobert Watson .mpo_associate_vnode_devfs = stub_associate_vnode_devfs, 14851c3f91cdSRobert Watson .mpo_associate_vnode_extattr = stub_associate_vnode_extattr, 148617870c06SChristian S.J. Peron .mpo_associate_nfsd_label = stub_associate_nfsd_label, 14871c3f91cdSRobert Watson .mpo_associate_vnode_singlelabel = stub_associate_vnode_singlelabel, 14881c3f91cdSRobert Watson .mpo_create_devfs_device = stub_create_devfs_device, 14891c3f91cdSRobert Watson .mpo_create_devfs_directory = stub_create_devfs_directory, 14901c3f91cdSRobert Watson .mpo_create_devfs_symlink = stub_create_devfs_symlink, 1491ba53d9c9SRobert Watson .mpo_create_sysv_msgmsg = stub_create_sysv_msgmsg, 1492ba53d9c9SRobert Watson .mpo_create_sysv_msgqueue = stub_create_sysv_msgqueue, 14933831e7d7SRobert Watson .mpo_create_sysv_sem = stub_create_sysv_sem, 1494ba53d9c9SRobert Watson .mpo_create_sysv_shm = stub_create_sysv_shm, 14951c3f91cdSRobert Watson .mpo_create_vnode_extattr = stub_create_vnode_extattr, 14961c3f91cdSRobert Watson .mpo_create_mount = stub_create_mount, 14971c3f91cdSRobert Watson .mpo_relabel_vnode = stub_relabel_vnode, 14981c3f91cdSRobert Watson .mpo_setlabel_vnode_extattr = stub_setlabel_vnode_extattr, 14991c3f91cdSRobert Watson .mpo_update_devfsdirent = stub_update_devfsdirent, 15001c3f91cdSRobert Watson .mpo_create_mbuf_from_socket = stub_create_mbuf_from_socket, 15011c3f91cdSRobert Watson .mpo_create_pipe = stub_create_pipe, 150252648411SRobert Watson .mpo_create_posix_sem = stub_create_posix_sem, 15031c3f91cdSRobert Watson .mpo_create_socket = stub_create_socket, 15041c3f91cdSRobert Watson .mpo_create_socket_from_socket = stub_create_socket_from_socket, 15051c3f91cdSRobert Watson .mpo_relabel_pipe = stub_relabel_pipe, 15061c3f91cdSRobert Watson .mpo_relabel_socket = stub_relabel_socket, 15071c3f91cdSRobert Watson .mpo_set_socket_peer_from_mbuf = stub_set_socket_peer_from_mbuf, 15081c3f91cdSRobert Watson .mpo_set_socket_peer_from_socket = stub_set_socket_peer_from_socket, 15091c3f91cdSRobert Watson .mpo_create_bpfdesc = stub_create_bpfdesc, 15101c3f91cdSRobert Watson .mpo_create_ifnet = stub_create_ifnet, 1511a557af22SRobert Watson .mpo_create_inpcb_from_socket = stub_create_inpcb_from_socket, 15121c3f91cdSRobert Watson .mpo_create_ipq = stub_create_ipq, 15131c3f91cdSRobert Watson .mpo_create_datagram_from_ipq = stub_create_datagram_from_ipq, 15141c3f91cdSRobert Watson .mpo_create_fragment = stub_create_fragment, 15152d92ec98SRobert Watson .mpo_create_mbuf_from_inpcb = stub_create_mbuf_from_inpcb, 15161c3f91cdSRobert Watson .mpo_create_mbuf_linklayer = stub_create_mbuf_linklayer, 15171c3f91cdSRobert Watson .mpo_create_mbuf_from_bpfdesc = stub_create_mbuf_from_bpfdesc, 15181c3f91cdSRobert Watson .mpo_create_mbuf_from_ifnet = stub_create_mbuf_from_ifnet, 15191c3f91cdSRobert Watson .mpo_create_mbuf_multicast_encap = stub_create_mbuf_multicast_encap, 15201c3f91cdSRobert Watson .mpo_create_mbuf_netlayer = stub_create_mbuf_netlayer, 152117870c06SChristian S.J. Peron .mpo_create_mbuf_from_firewall = stub_create_mbuf_from_firewall, 15221c3f91cdSRobert Watson .mpo_fragment_match = stub_fragment_match, 152364f00af8SRobert Watson .mpo_reflect_mbuf_icmp = stub_reflect_mbuf_icmp, 152464f00af8SRobert Watson .mpo_reflect_mbuf_tcp = stub_reflect_mbuf_tcp, 15251c3f91cdSRobert Watson .mpo_relabel_ifnet = stub_relabel_ifnet, 15261c3f91cdSRobert Watson .mpo_update_ipq = stub_update_ipq, 1527a557af22SRobert Watson .mpo_inpcb_sosetlabel = stub_inpcb_sosetlabel, 15281c3f91cdSRobert Watson .mpo_execve_transition = stub_execve_transition, 15291c3f91cdSRobert Watson .mpo_execve_will_transition = stub_execve_will_transition, 15301c3f91cdSRobert Watson .mpo_create_proc0 = stub_create_proc0, 15311c3f91cdSRobert Watson .mpo_create_proc1 = stub_create_proc1, 15321c3f91cdSRobert Watson .mpo_relabel_cred = stub_relabel_cred, 15331c3f91cdSRobert Watson .mpo_thread_userret = stub_thread_userret, 1534ba53d9c9SRobert Watson .mpo_cleanup_sysv_msgmsg = stub_cleanup_sysv_msgmsg, 1535ba53d9c9SRobert Watson .mpo_cleanup_sysv_msgqueue = stub_cleanup_sysv_msgqueue, 15363831e7d7SRobert Watson .mpo_cleanup_sysv_sem = stub_cleanup_sysv_sem, 1537ba53d9c9SRobert Watson .mpo_cleanup_sysv_shm = stub_cleanup_sysv_shm, 15381c3f91cdSRobert Watson .mpo_check_bpfdesc_receive = stub_check_bpfdesc_receive, 15391c3f91cdSRobert Watson .mpo_check_cred_relabel = stub_check_cred_relabel, 15401c3f91cdSRobert Watson .mpo_check_cred_visible = stub_check_cred_visible, 15411c3f91cdSRobert Watson .mpo_check_ifnet_relabel = stub_check_ifnet_relabel, 15421c3f91cdSRobert Watson .mpo_check_ifnet_transmit = stub_check_ifnet_transmit, 1543a557af22SRobert Watson .mpo_check_inpcb_deliver = stub_check_inpcb_deliver, 1544ba53d9c9SRobert Watson .mpo_check_sysv_msgmsq = stub_check_sysv_msgmsq, 1545ba53d9c9SRobert Watson .mpo_check_sysv_msgrcv = stub_check_sysv_msgrcv, 1546ba53d9c9SRobert Watson .mpo_check_sysv_msgrmid = stub_check_sysv_msgrmid, 1547ba53d9c9SRobert Watson .mpo_check_sysv_msqget = stub_check_sysv_msqget, 1548ba53d9c9SRobert Watson .mpo_check_sysv_msqsnd = stub_check_sysv_msqsnd, 1549ba53d9c9SRobert Watson .mpo_check_sysv_msqrcv = stub_check_sysv_msqrcv, 1550ba53d9c9SRobert Watson .mpo_check_sysv_msqctl = stub_check_sysv_msqctl, 1551ba53d9c9SRobert Watson .mpo_check_sysv_semctl = stub_check_sysv_semctl, 1552ba53d9c9SRobert Watson .mpo_check_sysv_semget = stub_check_sysv_semget, 1553ba53d9c9SRobert Watson .mpo_check_sysv_semop = stub_check_sysv_semop, 1554ba53d9c9SRobert Watson .mpo_check_sysv_shmat = stub_check_sysv_shmat, 1555ba53d9c9SRobert Watson .mpo_check_sysv_shmctl = stub_check_sysv_shmctl, 1556ba53d9c9SRobert Watson .mpo_check_sysv_shmdt = stub_check_sysv_shmdt, 1557ba53d9c9SRobert Watson .mpo_check_sysv_shmget = stub_check_sysv_shmget, 15581c3f91cdSRobert Watson .mpo_check_kenv_dump = stub_check_kenv_dump, 15591c3f91cdSRobert Watson .mpo_check_kenv_get = stub_check_kenv_get, 15601c3f91cdSRobert Watson .mpo_check_kenv_set = stub_check_kenv_set, 15611c3f91cdSRobert Watson .mpo_check_kenv_unset = stub_check_kenv_unset, 15621c3f91cdSRobert Watson .mpo_check_kld_load = stub_check_kld_load, 15631c3f91cdSRobert Watson .mpo_check_kld_stat = stub_check_kld_stat, 15641c3f91cdSRobert Watson .mpo_check_kld_unload = stub_check_kld_unload, 15651c3f91cdSRobert Watson .mpo_check_mount_stat = stub_check_mount_stat, 15661c3f91cdSRobert Watson .mpo_check_pipe_ioctl = stub_check_pipe_ioctl, 15671c3f91cdSRobert Watson .mpo_check_pipe_poll = stub_check_pipe_poll, 15681c3f91cdSRobert Watson .mpo_check_pipe_read = stub_check_pipe_read, 15691c3f91cdSRobert Watson .mpo_check_pipe_relabel = stub_check_pipe_relabel, 15701c3f91cdSRobert Watson .mpo_check_pipe_stat = stub_check_pipe_stat, 15711c3f91cdSRobert Watson .mpo_check_pipe_write = stub_check_pipe_write, 157252648411SRobert Watson .mpo_check_posix_sem_destroy = stub_check_posix_sem_destroy, 157352648411SRobert Watson .mpo_check_posix_sem_getvalue = stub_check_posix_sem_getvalue, 157452648411SRobert Watson .mpo_check_posix_sem_open = stub_check_posix_sem_open, 157552648411SRobert Watson .mpo_check_posix_sem_post = stub_check_posix_sem_post, 157652648411SRobert Watson .mpo_check_posix_sem_unlink = stub_check_posix_sem_unlink, 157752648411SRobert Watson .mpo_check_posix_sem_wait = stub_check_posix_sem_wait, 15781c3f91cdSRobert Watson .mpo_check_proc_debug = stub_check_proc_debug, 15791c3f91cdSRobert Watson .mpo_check_proc_sched = stub_check_proc_sched, 1580030a28b3SRobert Watson .mpo_check_proc_setuid = stub_check_proc_setuid, 1581030a28b3SRobert Watson .mpo_check_proc_seteuid = stub_check_proc_seteuid, 1582030a28b3SRobert Watson .mpo_check_proc_setgid = stub_check_proc_setgid, 1583030a28b3SRobert Watson .mpo_check_proc_setegid = stub_check_proc_setegid, 1584030a28b3SRobert Watson .mpo_check_proc_setgroups = stub_check_proc_setgroups, 1585030a28b3SRobert Watson .mpo_check_proc_setreuid = stub_check_proc_setreuid, 1586030a28b3SRobert Watson .mpo_check_proc_setregid = stub_check_proc_setregid, 1587030a28b3SRobert Watson .mpo_check_proc_setresuid = stub_check_proc_setresuid, 1588030a28b3SRobert Watson .mpo_check_proc_setresgid = stub_check_proc_setresgid, 15891c3f91cdSRobert Watson .mpo_check_proc_signal = stub_check_proc_signal, 1590babe9a2bSRobert Watson .mpo_check_proc_wait = stub_check_proc_wait, 15917f53207bSRobert Watson .mpo_check_socket_accept = stub_check_socket_accept, 15921c3f91cdSRobert Watson .mpo_check_socket_bind = stub_check_socket_bind, 15931c3f91cdSRobert Watson .mpo_check_socket_connect = stub_check_socket_connect, 15946758f88eSRobert Watson .mpo_check_socket_create = stub_check_socket_create, 15951c3f91cdSRobert Watson .mpo_check_socket_deliver = stub_check_socket_deliver, 15961c3f91cdSRobert Watson .mpo_check_socket_listen = stub_check_socket_listen, 15977f53207bSRobert Watson .mpo_check_socket_poll = stub_check_socket_poll, 15987f53207bSRobert Watson .mpo_check_socket_receive = stub_check_socket_receive, 15991c3f91cdSRobert Watson .mpo_check_socket_relabel = stub_check_socket_relabel, 16007f53207bSRobert Watson .mpo_check_socket_send = stub_check_socket_send, 16017f53207bSRobert Watson .mpo_check_socket_stat = stub_check_socket_stat, 16021c3f91cdSRobert Watson .mpo_check_socket_visible = stub_check_socket_visible, 16031c3f91cdSRobert Watson .mpo_check_sysarch_ioperm = stub_check_sysarch_ioperm, 16041c3f91cdSRobert Watson .mpo_check_system_acct = stub_check_system_acct, 160517870c06SChristian S.J. Peron .mpo_check_system_nfsd = stub_check_system_nfsd, 16061c3f91cdSRobert Watson .mpo_check_system_reboot = stub_check_system_reboot, 16071c3f91cdSRobert Watson .mpo_check_system_settime = stub_check_system_settime, 16081c3f91cdSRobert Watson .mpo_check_system_swapon = stub_check_system_swapon, 16091c3f91cdSRobert Watson .mpo_check_system_swapoff = stub_check_system_swapoff, 16101c3f91cdSRobert Watson .mpo_check_system_sysctl = stub_check_system_sysctl, 16111c3f91cdSRobert Watson .mpo_check_vnode_access = stub_check_vnode_access, 16121c3f91cdSRobert Watson .mpo_check_vnode_chdir = stub_check_vnode_chdir, 16131c3f91cdSRobert Watson .mpo_check_vnode_chroot = stub_check_vnode_chroot, 16141c3f91cdSRobert Watson .mpo_check_vnode_create = stub_check_vnode_create, 16151c3f91cdSRobert Watson .mpo_check_vnode_delete = stub_check_vnode_delete, 16161c3f91cdSRobert Watson .mpo_check_vnode_deleteacl = stub_check_vnode_deleteacl, 161764f00af8SRobert Watson .mpo_check_vnode_deleteextattr = stub_check_vnode_deleteextattr, 16181c3f91cdSRobert Watson .mpo_check_vnode_exec = stub_check_vnode_exec, 16191c3f91cdSRobert Watson .mpo_check_vnode_getacl = stub_check_vnode_getacl, 16201c3f91cdSRobert Watson .mpo_check_vnode_getextattr = stub_check_vnode_getextattr, 16211c3f91cdSRobert Watson .mpo_check_vnode_link = stub_check_vnode_link, 162264f00af8SRobert Watson .mpo_check_vnode_listextattr = stub_check_vnode_listextattr, 16231c3f91cdSRobert Watson .mpo_check_vnode_lookup = stub_check_vnode_lookup, 16241c3f91cdSRobert Watson .mpo_check_vnode_mmap = stub_check_vnode_mmap, 162517870c06SChristian S.J. Peron .mpo_check_vnode_mmap_downgrade = stub_check_vnode_mmap_downgrade, 162617870c06SChristian S.J. Peron .mpo_check_vnode_mprotect = stub_check_vnode_mprotect, 16271c3f91cdSRobert Watson .mpo_check_vnode_open = stub_check_vnode_open, 16281c3f91cdSRobert Watson .mpo_check_vnode_poll = stub_check_vnode_poll, 16291c3f91cdSRobert Watson .mpo_check_vnode_read = stub_check_vnode_read, 16301c3f91cdSRobert Watson .mpo_check_vnode_readdir = stub_check_vnode_readdir, 16311c3f91cdSRobert Watson .mpo_check_vnode_readlink = stub_check_vnode_readlink, 16321c3f91cdSRobert Watson .mpo_check_vnode_relabel = stub_check_vnode_relabel, 16331c3f91cdSRobert Watson .mpo_check_vnode_rename_from = stub_check_vnode_rename_from, 16341c3f91cdSRobert Watson .mpo_check_vnode_rename_to = stub_check_vnode_rename_to, 16351c3f91cdSRobert Watson .mpo_check_vnode_revoke = stub_check_vnode_revoke, 16361c3f91cdSRobert Watson .mpo_check_vnode_setacl = stub_check_vnode_setacl, 16371c3f91cdSRobert Watson .mpo_check_vnode_setextattr = stub_check_vnode_setextattr, 16381c3f91cdSRobert Watson .mpo_check_vnode_setflags = stub_check_vnode_setflags, 16391c3f91cdSRobert Watson .mpo_check_vnode_setmode = stub_check_vnode_setmode, 16401c3f91cdSRobert Watson .mpo_check_vnode_setowner = stub_check_vnode_setowner, 16411c3f91cdSRobert Watson .mpo_check_vnode_setutimes = stub_check_vnode_setutimes, 16421c3f91cdSRobert Watson .mpo_check_vnode_stat = stub_check_vnode_stat, 16431c3f91cdSRobert Watson .mpo_check_vnode_write = stub_check_vnode_write, 1644403b781eSRobert Watson .mpo_priv_check = stub_priv_check, 1645403b781eSRobert Watson .mpo_priv_grant = stub_priv_grant, 164617870c06SChristian S.J. Peron .mpo_init_syncache_label = stub_init_label_waitcheck, 164717870c06SChristian S.J. Peron .mpo_destroy_syncache_label = stub_destroy_label, 164817870c06SChristian S.J. Peron .mpo_init_syncache_from_inpcb = stub_init_syncache_from_inpcb, 164917870c06SChristian S.J. Peron .mpo_create_mbuf_from_syncache = stub_create_mbuf_from_syncache, 1650d8a7b7a3SRobert Watson }; 1651d8a7b7a3SRobert Watson 16521c3f91cdSRobert Watson MAC_POLICY_SET(&mac_stub_ops, mac_stub, "TrustedBSD MAC/Stub", 1653740348c4SRobert Watson MPC_LOADTIME_FLAG_UNLOADOK, NULL); 1654