1d8a7b7a3SRobert Watson /*- 29b6dd12eSRobert Watson * Copyright (c) 1999-2002, 2007-2011 Robert N. M. Watson 3ba53d9c9SRobert Watson * Copyright (c) 2001-2005 McAfee, Inc. 430d239bcSRobert Watson * Copyright (c) 2005-2006 SPARTA, Inc. 56356dba0SRobert Watson * Copyright (c) 2008 Apple Inc. 6d8a7b7a3SRobert Watson * All rights reserved. 7d8a7b7a3SRobert Watson * 8d8a7b7a3SRobert Watson * This software was developed by Robert Watson for the TrustedBSD Project. 9d8a7b7a3SRobert Watson * 10ba53d9c9SRobert Watson * This software was developed for the FreeBSD Project in part by McAfee 11ba53d9c9SRobert Watson * Research, the Security Research Division of McAfee, Inc. under 12ba53d9c9SRobert Watson * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA 13ba53d9c9SRobert Watson * CHATS research program. 14d8a7b7a3SRobert Watson * 156758f88eSRobert Watson * This software was enhanced by SPARTA ISSO under SPAWAR contract 166758f88eSRobert Watson * N66001-04-C-6019 ("SEFOS"). 176758f88eSRobert Watson * 186f6174a7SRobert Watson * This software was developed at the University of Cambridge Computer 196f6174a7SRobert Watson * Laboratory with support from a grant from Google, Inc. 206f6174a7SRobert Watson * 21d8a7b7a3SRobert Watson * Redistribution and use in source and binary forms, with or without 22d8a7b7a3SRobert Watson * modification, are permitted provided that the following conditions 23d8a7b7a3SRobert Watson * are met: 24d8a7b7a3SRobert Watson * 1. Redistributions of source code must retain the above copyright 25d8a7b7a3SRobert Watson * notice, this list of conditions and the following disclaimer. 26d8a7b7a3SRobert Watson * 2. Redistributions in binary form must reproduce the above copyright 27d8a7b7a3SRobert Watson * notice, this list of conditions and the following disclaimer in the 28d8a7b7a3SRobert Watson * documentation and/or other materials provided with the distribution. 29d8a7b7a3SRobert Watson * 30d8a7b7a3SRobert Watson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 31d8a7b7a3SRobert Watson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 32d8a7b7a3SRobert Watson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 33d8a7b7a3SRobert Watson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 34d8a7b7a3SRobert Watson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 35d8a7b7a3SRobert Watson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 36d8a7b7a3SRobert Watson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 37d8a7b7a3SRobert Watson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 38d8a7b7a3SRobert Watson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 39d8a7b7a3SRobert Watson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 40d8a7b7a3SRobert Watson * SUCH DAMAGE. 41d8a7b7a3SRobert Watson * 42d8a7b7a3SRobert Watson * $FreeBSD$ 43d8a7b7a3SRobert Watson */ 44d8a7b7a3SRobert Watson 45d8a7b7a3SRobert Watson /* 46d8a7b7a3SRobert Watson * Developed by the TrustedBSD Project. 471c3f91cdSRobert Watson * 481c3f91cdSRobert Watson * Stub module that implements a NOOP for most (if not all) MAC Framework 491c3f91cdSRobert Watson * policy entry points. 50d8a7b7a3SRobert Watson */ 51d8a7b7a3SRobert Watson 52d8a7b7a3SRobert Watson #include <sys/types.h> 53d8a7b7a3SRobert Watson #include <sys/param.h> 54d8a7b7a3SRobert Watson #include <sys/acl.h> 55d8a7b7a3SRobert Watson #include <sys/conf.h> 56763bbd2fSRobert Watson #include <sys/extattr.h> 57*2449b9e5SMitchell Horne #include <sys/kdb.h> 58d8a7b7a3SRobert Watson #include <sys/kernel.h> 596aeb05d7STom Rhodes #include <sys/ksem.h> 60d8a7b7a3SRobert Watson #include <sys/mount.h> 61d8a7b7a3SRobert Watson #include <sys/proc.h> 62d8a7b7a3SRobert Watson #include <sys/systm.h> 63d8a7b7a3SRobert Watson #include <sys/sysproto.h> 64d8a7b7a3SRobert Watson #include <sys/sysent.h> 65d8a7b7a3SRobert Watson #include <sys/vnode.h> 66d8a7b7a3SRobert Watson #include <sys/file.h> 67d8a7b7a3SRobert Watson #include <sys/socket.h> 68d8a7b7a3SRobert Watson #include <sys/socketvar.h> 69d8a7b7a3SRobert Watson #include <sys/pipe.h> 7036422989SPoul-Henning Kamp #include <sys/sx.h> 71d8a7b7a3SRobert Watson #include <sys/sysctl.h> 72ba53d9c9SRobert Watson #include <sys/msg.h> 73ba53d9c9SRobert Watson #include <sys/sem.h> 74ba53d9c9SRobert Watson #include <sys/shm.h> 75d8a7b7a3SRobert Watson 76*2449b9e5SMitchell Horne #include <ddb/ddb.h> 77*2449b9e5SMitchell Horne 78d8a7b7a3SRobert Watson #include <fs/devfs/devfs.h> 79d8a7b7a3SRobert Watson 80d8a7b7a3SRobert Watson #include <net/bpfdesc.h> 81d8a7b7a3SRobert Watson #include <net/if.h> 82d8a7b7a3SRobert Watson #include <net/if_types.h> 83d8a7b7a3SRobert Watson #include <net/if_var.h> 84d8a7b7a3SRobert Watson 85d8a7b7a3SRobert Watson #include <netinet/in.h> 86a557af22SRobert Watson #include <netinet/in_pcb.h> 87d8a7b7a3SRobert Watson #include <netinet/ip_var.h> 88d8a7b7a3SRobert Watson 89d8a7b7a3SRobert Watson #include <vm/vm.h> 90d8a7b7a3SRobert Watson 910efd6615SRobert Watson #include <security/mac/mac_policy.h> 92d8a7b7a3SRobert Watson 93d8a7b7a3SRobert Watson SYSCTL_DECL(_security_mac); 94d8a7b7a3SRobert Watson 957029da5cSPawel Biernacki static SYSCTL_NODE(_security_mac, OID_AUTO, stub, 967029da5cSPawel Biernacki CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 971c3f91cdSRobert Watson "TrustedBSD mac_stub policy controls"); 98d8a7b7a3SRobert Watson 991c3f91cdSRobert Watson static int stub_enabled = 1; 1001c3f91cdSRobert Watson SYSCTL_INT(_security_mac_stub, OID_AUTO, enabled, CTLFLAG_RW, 1011c3f91cdSRobert Watson &stub_enabled, 0, "Enforce mac_stub policy"); 102d8a7b7a3SRobert Watson 103d8a7b7a3SRobert Watson /* 104d8a7b7a3SRobert Watson * Policy module operations. 105d8a7b7a3SRobert Watson */ 106d8a7b7a3SRobert Watson static void 1071c3f91cdSRobert Watson stub_destroy(struct mac_policy_conf *conf) 108d8a7b7a3SRobert Watson { 109d8a7b7a3SRobert Watson 110d8a7b7a3SRobert Watson } 111d8a7b7a3SRobert Watson 112d8a7b7a3SRobert Watson static void 1131c3f91cdSRobert Watson stub_init(struct mac_policy_conf *conf) 114d8a7b7a3SRobert Watson { 115d8a7b7a3SRobert Watson 116d8a7b7a3SRobert Watson } 117d8a7b7a3SRobert Watson 1188a97ecf6SRobert Watson static int 1191c3f91cdSRobert Watson stub_syscall(struct thread *td, int call, void *arg) 1208a97ecf6SRobert Watson { 1218a97ecf6SRobert Watson 1228a97ecf6SRobert Watson return (0); 1238a97ecf6SRobert Watson } 1248a97ecf6SRobert Watson 125d8a7b7a3SRobert Watson /* 126d8a7b7a3SRobert Watson * Label operations. 127d8a7b7a3SRobert Watson */ 128d8a7b7a3SRobert Watson static void 1291c3f91cdSRobert Watson stub_init_label(struct label *label) 130d8a7b7a3SRobert Watson { 131d8a7b7a3SRobert Watson 132d8a7b7a3SRobert Watson } 133d8a7b7a3SRobert Watson 134d8a7b7a3SRobert Watson static int 1351c3f91cdSRobert Watson stub_init_label_waitcheck(struct label *label, int flag) 136d8a7b7a3SRobert Watson { 137d8a7b7a3SRobert Watson 138d8a7b7a3SRobert Watson return (0); 139d8a7b7a3SRobert Watson } 140d8a7b7a3SRobert Watson 141d8a7b7a3SRobert Watson static void 1421c3f91cdSRobert Watson stub_destroy_label(struct label *label) 143d8a7b7a3SRobert Watson { 144d8a7b7a3SRobert Watson 145d8a7b7a3SRobert Watson } 146d8a7b7a3SRobert Watson 1470196273bSRobert Watson static void 1480196273bSRobert Watson stub_copy_label(struct label *src, struct label *dest) 1490196273bSRobert Watson { 1500196273bSRobert Watson 1510196273bSRobert Watson } 1520196273bSRobert Watson 153d8a7b7a3SRobert Watson static int 1541c3f91cdSRobert Watson stub_externalize_label(struct label *label, char *element_name, 155f51e5803SRobert Watson struct sbuf *sb, int *claimed) 156d8a7b7a3SRobert Watson { 157d8a7b7a3SRobert Watson 158d8a7b7a3SRobert Watson return (0); 159d8a7b7a3SRobert Watson } 160d8a7b7a3SRobert Watson 161d8a7b7a3SRobert Watson static int 1621c3f91cdSRobert Watson stub_internalize_label(struct label *label, char *element_name, 16324e8d0d0SRobert Watson char *element_data, int *claimed) 164d8a7b7a3SRobert Watson { 165d8a7b7a3SRobert Watson 166d8a7b7a3SRobert Watson return (0); 167d8a7b7a3SRobert Watson } 168d8a7b7a3SRobert Watson 169d8a7b7a3SRobert Watson /* 170eb320b0eSRobert Watson * Object-specific entry point imeplementations are sorted alphabetically by 171eb320b0eSRobert Watson * object type name and then by operation. 172d8a7b7a3SRobert Watson */ 173763bbd2fSRobert Watson static int 174eb320b0eSRobert Watson stub_bpfdesc_check_receive(struct bpf_d *d, struct label *dlabel, 175eb320b0eSRobert Watson struct ifnet *ifp, struct label *ifplabel) 176763bbd2fSRobert Watson { 177763bbd2fSRobert Watson 178763bbd2fSRobert Watson return (0); 179763bbd2fSRobert Watson } 180763bbd2fSRobert Watson 181763bbd2fSRobert Watson static void 182eb320b0eSRobert Watson stub_bpfdesc_create(struct ucred *cred, struct bpf_d *d, 183eb320b0eSRobert Watson struct label *dlabel) 184eb320b0eSRobert Watson { 185eb320b0eSRobert Watson 186eb320b0eSRobert Watson } 187eb320b0eSRobert Watson 188eb320b0eSRobert Watson static void 189eb320b0eSRobert Watson stub_bpfdesc_create_mbuf(struct bpf_d *d, struct label *dlabel, 190eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 191eb320b0eSRobert Watson { 192eb320b0eSRobert Watson 193eb320b0eSRobert Watson } 194eb320b0eSRobert Watson 195212ab0cfSRobert Watson static void 196212ab0cfSRobert Watson stub_cred_associate_nfsd(struct ucred *cred) 197212ab0cfSRobert Watson { 198212ab0cfSRobert Watson 199212ab0cfSRobert Watson } 200212ab0cfSRobert Watson 201eb320b0eSRobert Watson static int 202eb320b0eSRobert Watson stub_cred_check_relabel(struct ucred *cred, struct label *newlabel) 203eb320b0eSRobert Watson { 204eb320b0eSRobert Watson 205eb320b0eSRobert Watson return (0); 206eb320b0eSRobert Watson } 207eb320b0eSRobert Watson 208eb320b0eSRobert Watson static int 2096f6174a7SRobert Watson stub_cred_check_setaudit(struct ucred *cred, struct auditinfo *ai) 2106f6174a7SRobert Watson { 2116f6174a7SRobert Watson 2126f6174a7SRobert Watson return (0); 2136f6174a7SRobert Watson } 2146f6174a7SRobert Watson 2156f6174a7SRobert Watson static int 2166f6174a7SRobert Watson stub_cred_check_setaudit_addr(struct ucred *cred, struct auditinfo_addr *aia) 2176f6174a7SRobert Watson { 2186f6174a7SRobert Watson 2196f6174a7SRobert Watson return (0); 2206f6174a7SRobert Watson } 2216f6174a7SRobert Watson 2226f6174a7SRobert Watson static int 2236f6174a7SRobert Watson stub_cred_check_setauid(struct ucred *cred, uid_t auid) 2246f6174a7SRobert Watson { 2256f6174a7SRobert Watson 2266f6174a7SRobert Watson return (0); 2276f6174a7SRobert Watson } 2286f6174a7SRobert Watson 2296f6174a7SRobert Watson static int 2306f6174a7SRobert Watson stub_cred_check_setegid(struct ucred *cred, gid_t egid) 2316f6174a7SRobert Watson { 2326f6174a7SRobert Watson 2336f6174a7SRobert Watson return (0); 2346f6174a7SRobert Watson } 2356f6174a7SRobert Watson 2366f6174a7SRobert Watson static int 2376f6174a7SRobert Watson stub_cred_check_seteuid(struct ucred *cred, uid_t euid) 2386f6174a7SRobert Watson { 2396f6174a7SRobert Watson 2406f6174a7SRobert Watson return (0); 2416f6174a7SRobert Watson } 2426f6174a7SRobert Watson 2436f6174a7SRobert Watson static int 2446f6174a7SRobert Watson stub_cred_check_setgid(struct ucred *cred, gid_t gid) 2456f6174a7SRobert Watson { 2466f6174a7SRobert Watson 2476f6174a7SRobert Watson return (0); 2486f6174a7SRobert Watson } 2496f6174a7SRobert Watson 2506f6174a7SRobert Watson static int 2516f6174a7SRobert Watson stub_cred_check_setgroups(struct ucred *cred, int ngroups, 2526f6174a7SRobert Watson gid_t *gidset) 2536f6174a7SRobert Watson { 2546f6174a7SRobert Watson 2556f6174a7SRobert Watson return (0); 2566f6174a7SRobert Watson } 2576f6174a7SRobert Watson 2586f6174a7SRobert Watson static int 2596f6174a7SRobert Watson stub_cred_check_setregid(struct ucred *cred, gid_t rgid, gid_t egid) 2606f6174a7SRobert Watson { 2616f6174a7SRobert Watson 2626f6174a7SRobert Watson return (0); 2636f6174a7SRobert Watson } 2646f6174a7SRobert Watson 2656f6174a7SRobert Watson static int 2666f6174a7SRobert Watson stub_cred_check_setresgid(struct ucred *cred, gid_t rgid, gid_t egid, 2676f6174a7SRobert Watson gid_t sgid) 2686f6174a7SRobert Watson { 2696f6174a7SRobert Watson 2706f6174a7SRobert Watson return (0); 2716f6174a7SRobert Watson } 2726f6174a7SRobert Watson 2736f6174a7SRobert Watson static int 2746f6174a7SRobert Watson stub_cred_check_setresuid(struct ucred *cred, uid_t ruid, uid_t euid, 2756f6174a7SRobert Watson uid_t suid) 2766f6174a7SRobert Watson { 2776f6174a7SRobert Watson 2786f6174a7SRobert Watson return (0); 2796f6174a7SRobert Watson } 2806f6174a7SRobert Watson 2816f6174a7SRobert Watson static int 2826f6174a7SRobert Watson stub_cred_check_setreuid(struct ucred *cred, uid_t ruid, uid_t euid) 2836f6174a7SRobert Watson { 2846f6174a7SRobert Watson 2856f6174a7SRobert Watson return (0); 2866f6174a7SRobert Watson } 2876f6174a7SRobert Watson 2886f6174a7SRobert Watson static int 2896f6174a7SRobert Watson stub_cred_check_setuid(struct ucred *cred, uid_t uid) 2906f6174a7SRobert Watson { 2916f6174a7SRobert Watson 2926f6174a7SRobert Watson return (0); 2936f6174a7SRobert Watson } 2946f6174a7SRobert Watson 2956f6174a7SRobert Watson static int 296eb320b0eSRobert Watson stub_cred_check_visible(struct ucred *cr1, struct ucred *cr2) 297eb320b0eSRobert Watson { 298eb320b0eSRobert Watson 299eb320b0eSRobert Watson return (0); 300eb320b0eSRobert Watson } 301eb320b0eSRobert Watson 302eb320b0eSRobert Watson static void 303212ab0cfSRobert Watson stub_cred_create_init(struct ucred *cred) 304212ab0cfSRobert Watson { 305212ab0cfSRobert Watson 306212ab0cfSRobert Watson } 307212ab0cfSRobert Watson 308212ab0cfSRobert Watson static void 309212ab0cfSRobert Watson stub_cred_create_swapper(struct ucred *cred) 310212ab0cfSRobert Watson { 311212ab0cfSRobert Watson 312212ab0cfSRobert Watson } 313212ab0cfSRobert Watson 314212ab0cfSRobert Watson static void 315eb320b0eSRobert Watson stub_cred_relabel(struct ucred *cred, struct label *newlabel) 316763bbd2fSRobert Watson { 317763bbd2fSRobert Watson 318763bbd2fSRobert Watson } 319763bbd2fSRobert Watson 320*2449b9e5SMitchell Horne static int 321*2449b9e5SMitchell Horne stub_ddb_command_exec(struct db_command *cmd, db_expr_t addr, bool have_addr, 322*2449b9e5SMitchell Horne db_expr_t count, char *modif) 323*2449b9e5SMitchell Horne { 324*2449b9e5SMitchell Horne 325*2449b9e5SMitchell Horne return (0); 326*2449b9e5SMitchell Horne } 327*2449b9e5SMitchell Horne 328*2449b9e5SMitchell Horne static int 329*2449b9e5SMitchell Horne stub_ddb_command_register(struct db_command_table *table, 330*2449b9e5SMitchell Horne struct db_command *cmd) 331*2449b9e5SMitchell Horne { 332*2449b9e5SMitchell Horne 333*2449b9e5SMitchell Horne return (0); 334*2449b9e5SMitchell Horne } 335*2449b9e5SMitchell Horne 336763bbd2fSRobert Watson static void 33730d239bcSRobert Watson stub_devfs_create_device(struct ucred *cred, struct mount *mp, 33878007886SRobert Watson struct cdev *dev, struct devfs_dirent *de, struct label *delabel) 339eea8ea31SRobert Watson { 340eea8ea31SRobert Watson 341eea8ea31SRobert Watson } 342eea8ea31SRobert Watson 343eea8ea31SRobert Watson static void 34430d239bcSRobert Watson stub_devfs_create_directory(struct mount *mp, char *dirname, 34578007886SRobert Watson int dirnamelen, struct devfs_dirent *de, struct label *delabel) 346990b4b2dSRobert Watson { 347990b4b2dSRobert Watson 348990b4b2dSRobert Watson } 349990b4b2dSRobert Watson 350990b4b2dSRobert Watson static void 35130d239bcSRobert Watson stub_devfs_create_symlink(struct ucred *cred, struct mount *mp, 352990b4b2dSRobert Watson struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de, 353990b4b2dSRobert Watson struct label *delabel) 354d8a7b7a3SRobert Watson { 355d8a7b7a3SRobert Watson 356d8a7b7a3SRobert Watson } 357d8a7b7a3SRobert Watson 358d8a7b7a3SRobert Watson static void 35930d239bcSRobert Watson stub_devfs_update(struct mount *mp, struct devfs_dirent *de, 36078007886SRobert Watson struct label *delabel, struct vnode *vp, struct label *vplabel) 361d8a7b7a3SRobert Watson { 362d8a7b7a3SRobert Watson 363d8a7b7a3SRobert Watson } 364d8a7b7a3SRobert Watson 365d8a7b7a3SRobert Watson static void 366eb320b0eSRobert Watson stub_devfs_vnode_associate(struct mount *mp, struct label *mplabel, 367eb320b0eSRobert Watson struct devfs_dirent *de, struct label *delabel, struct vnode *vp, 368eb320b0eSRobert Watson struct label *vplabel) 369d8a7b7a3SRobert Watson { 370d8a7b7a3SRobert Watson 371d8a7b7a3SRobert Watson } 372d8a7b7a3SRobert Watson 373d8a7b7a3SRobert Watson static int 37430d239bcSRobert Watson stub_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifp, 37578007886SRobert Watson struct label *ifplabel, struct label *newlabel) 376d8a7b7a3SRobert Watson { 377d8a7b7a3SRobert Watson 378d8a7b7a3SRobert Watson return (0); 379d8a7b7a3SRobert Watson } 380d8a7b7a3SRobert Watson 381d8a7b7a3SRobert Watson static int 38230d239bcSRobert Watson stub_ifnet_check_transmit(struct ifnet *ifp, struct label *ifplabel, 38378007886SRobert Watson struct mbuf *m, struct label *mlabel) 384d8a7b7a3SRobert Watson { 385d8a7b7a3SRobert Watson 386d8a7b7a3SRobert Watson return (0); 387d8a7b7a3SRobert Watson } 388d8a7b7a3SRobert Watson 389eb320b0eSRobert Watson static void 390eb320b0eSRobert Watson stub_ifnet_create(struct ifnet *ifp, struct label *ifplabel) 391eb320b0eSRobert Watson { 392eb320b0eSRobert Watson 393eb320b0eSRobert Watson } 394eb320b0eSRobert Watson 395eb320b0eSRobert Watson static void 396eb320b0eSRobert Watson stub_ifnet_create_mbuf(struct ifnet *ifp, struct label *ifplabel, 397eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 398eb320b0eSRobert Watson { 399eb320b0eSRobert Watson 400eb320b0eSRobert Watson } 401eb320b0eSRobert Watson 402eb320b0eSRobert Watson static void 403eb320b0eSRobert Watson stub_ifnet_relabel(struct ucred *cred, struct ifnet *ifp, 404eb320b0eSRobert Watson struct label *ifplabel, struct label *newlabel) 405eb320b0eSRobert Watson { 406eb320b0eSRobert Watson 407eb320b0eSRobert Watson } 408eb320b0eSRobert Watson 409d8a7b7a3SRobert Watson static int 41030d239bcSRobert Watson stub_inpcb_check_deliver(struct inpcb *inp, struct label *inplabel, 411a557af22SRobert Watson struct mbuf *m, struct label *mlabel) 412a557af22SRobert Watson { 413a557af22SRobert Watson 414a557af22SRobert Watson return (0); 415a557af22SRobert Watson } 416a557af22SRobert Watson 417eb320b0eSRobert Watson static void 418eb320b0eSRobert Watson stub_inpcb_create(struct socket *so, struct label *solabel, 419eb320b0eSRobert Watson struct inpcb *inp, struct label *inplabel) 420ba53d9c9SRobert Watson { 421ba53d9c9SRobert Watson 422eb320b0eSRobert Watson } 423eb320b0eSRobert Watson 424eb320b0eSRobert Watson static void 425eb320b0eSRobert Watson stub_inpcb_create_mbuf(struct inpcb *inp, struct label *inplabel, 426eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 427eb320b0eSRobert Watson { 428eb320b0eSRobert Watson 429eb320b0eSRobert Watson } 430eb320b0eSRobert Watson 431eb320b0eSRobert Watson static void 432eb320b0eSRobert Watson stub_inpcb_sosetlabel(struct socket *so, struct label *solabel, 433eb320b0eSRobert Watson struct inpcb *inp, struct label *inplabel) 434eb320b0eSRobert Watson { 435eb320b0eSRobert Watson 4363de40469SRobert Watson SOCK_LOCK_ASSERT(so); 4373de40469SRobert Watson 438eb320b0eSRobert Watson } 439eb320b0eSRobert Watson 440eb320b0eSRobert Watson static void 441048e1287SRobert Watson stub_ip6q_create(struct mbuf *m, struct label *mlabel, struct ip6q *q6, 442048e1287SRobert Watson struct label *q6label) 443048e1287SRobert Watson { 444048e1287SRobert Watson 445048e1287SRobert Watson } 446048e1287SRobert Watson 447048e1287SRobert Watson static int 448048e1287SRobert Watson stub_ip6q_match(struct mbuf *m, struct label *mlabel, struct ip6q *q6, 449048e1287SRobert Watson struct label *q6label) 450048e1287SRobert Watson { 451048e1287SRobert Watson 452048e1287SRobert Watson return (1); 453048e1287SRobert Watson } 454048e1287SRobert Watson 455048e1287SRobert Watson static void 456048e1287SRobert Watson stub_ip6q_reassemble(struct ip6q *q6, struct label *q6label, struct mbuf *m, 457048e1287SRobert Watson struct label *mlabel) 458048e1287SRobert Watson { 459048e1287SRobert Watson 460048e1287SRobert Watson } 461048e1287SRobert Watson 462048e1287SRobert Watson static void 463048e1287SRobert Watson stub_ip6q_update(struct mbuf *m, struct label *mlabel, struct ip6q *q6, 464048e1287SRobert Watson struct label *q6label) 465048e1287SRobert Watson { 466048e1287SRobert Watson 467048e1287SRobert Watson } 468048e1287SRobert Watson 469048e1287SRobert Watson static void 47037f44cb4SRobert Watson stub_ipq_create(struct mbuf *m, struct label *mlabel, struct ipq *q, 47137f44cb4SRobert Watson struct label *qlabel) 472eb320b0eSRobert Watson { 473eb320b0eSRobert Watson 474ba53d9c9SRobert Watson } 475ba53d9c9SRobert Watson 476ba53d9c9SRobert Watson static int 47737f44cb4SRobert Watson stub_ipq_match(struct mbuf *m, struct label *mlabel, struct ipq *q, 47837f44cb4SRobert Watson struct label *qlabel) 479ba53d9c9SRobert Watson { 480ba53d9c9SRobert Watson 481eb320b0eSRobert Watson return (1); 482ba53d9c9SRobert Watson } 483ba53d9c9SRobert Watson 484eb320b0eSRobert Watson static void 48537f44cb4SRobert Watson stub_ipq_reassemble(struct ipq *q, struct label *qlabel, struct mbuf *m, 48637f44cb4SRobert Watson struct label *mlabel) 487ba53d9c9SRobert Watson { 488ba53d9c9SRobert Watson 489ba53d9c9SRobert Watson } 490ba53d9c9SRobert Watson 491eb320b0eSRobert Watson static void 49237f44cb4SRobert Watson stub_ipq_update(struct mbuf *m, struct label *mlabel, struct ipq *q, 49337f44cb4SRobert Watson struct label *qlabel) 494ba53d9c9SRobert Watson { 495ba53d9c9SRobert Watson 496ba53d9c9SRobert Watson } 497ba53d9c9SRobert Watson 498ba53d9c9SRobert Watson static int 499*2449b9e5SMitchell Horne stub_kdb_check_backend(struct kdb_dbbe *be) 500*2449b9e5SMitchell Horne { 501*2449b9e5SMitchell Horne 502*2449b9e5SMitchell Horne return (0); 503*2449b9e5SMitchell Horne } 504*2449b9e5SMitchell Horne 505*2449b9e5SMitchell Horne static int 50630d239bcSRobert Watson stub_kenv_check_dump(struct ucred *cred) 50709de2dc2SRobert Watson { 50809de2dc2SRobert Watson 50909de2dc2SRobert Watson return (0); 51009de2dc2SRobert Watson } 51109de2dc2SRobert Watson 51209de2dc2SRobert Watson static int 51330d239bcSRobert Watson stub_kenv_check_get(struct ucred *cred, char *name) 51409de2dc2SRobert Watson { 51509de2dc2SRobert Watson 51609de2dc2SRobert Watson return (0); 51709de2dc2SRobert Watson } 51809de2dc2SRobert Watson 51909de2dc2SRobert Watson static int 52030d239bcSRobert Watson stub_kenv_check_set(struct ucred *cred, char *name, char *value) 52109de2dc2SRobert Watson { 52209de2dc2SRobert Watson 52309de2dc2SRobert Watson return (0); 52409de2dc2SRobert Watson } 52509de2dc2SRobert Watson 52609de2dc2SRobert Watson static int 52730d239bcSRobert Watson stub_kenv_check_unset(struct ucred *cred, char *name) 52809de2dc2SRobert Watson { 52909de2dc2SRobert Watson 53009de2dc2SRobert Watson return (0); 53109de2dc2SRobert Watson } 53209de2dc2SRobert Watson 53309de2dc2SRobert Watson static int 53430d239bcSRobert Watson stub_kld_check_load(struct ucred *cred, struct vnode *vp, 53578007886SRobert Watson struct label *vplabel) 53609de2dc2SRobert Watson { 53709de2dc2SRobert Watson 53809de2dc2SRobert Watson return (0); 53909de2dc2SRobert Watson } 54009de2dc2SRobert Watson 54109de2dc2SRobert Watson static int 54230d239bcSRobert Watson stub_kld_check_stat(struct ucred *cred) 54309de2dc2SRobert Watson { 54409de2dc2SRobert Watson 54509de2dc2SRobert Watson return (0); 54609de2dc2SRobert Watson } 54709de2dc2SRobert Watson 54809de2dc2SRobert Watson static int 54930d239bcSRobert Watson stub_mount_check_stat(struct ucred *cred, struct mount *mp, 55078007886SRobert Watson struct label *mplabel) 551d8a7b7a3SRobert Watson { 552d8a7b7a3SRobert Watson 553d8a7b7a3SRobert Watson return (0); 554d8a7b7a3SRobert Watson } 555d8a7b7a3SRobert Watson 556eb320b0eSRobert Watson static void 557eb320b0eSRobert Watson stub_mount_create(struct ucred *cred, struct mount *mp, 558eb320b0eSRobert Watson struct label *mplabel) 559eb320b0eSRobert Watson { 560eb320b0eSRobert Watson 561eb320b0eSRobert Watson } 562eb320b0eSRobert Watson 563eb320b0eSRobert Watson static void 564eb320b0eSRobert Watson stub_netinet_arp_send(struct ifnet *ifp, struct label *iflpabel, 565eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 566eb320b0eSRobert Watson { 567eb320b0eSRobert Watson 568eb320b0eSRobert Watson } 569eb320b0eSRobert Watson 570eb320b0eSRobert Watson static void 571eb320b0eSRobert Watson stub_netinet_firewall_reply(struct mbuf *mrecv, struct label *mrecvlabel, 572eb320b0eSRobert Watson struct mbuf *msend, struct label *msendlabel) 573eb320b0eSRobert Watson { 574eb320b0eSRobert Watson 575eb320b0eSRobert Watson } 576eb320b0eSRobert Watson 577eb320b0eSRobert Watson static void 578eb320b0eSRobert Watson stub_netinet_firewall_send(struct mbuf *m, struct label *mlabel) 579eb320b0eSRobert Watson { 580eb320b0eSRobert Watson 581eb320b0eSRobert Watson } 582eb320b0eSRobert Watson 583eb320b0eSRobert Watson static void 584eb320b0eSRobert Watson stub_netinet_fragment(struct mbuf *m, struct label *mlabel, struct mbuf *frag, 585eb320b0eSRobert Watson struct label *fraglabel) 586eb320b0eSRobert Watson { 587eb320b0eSRobert Watson 588eb320b0eSRobert Watson } 589eb320b0eSRobert Watson 590eb320b0eSRobert Watson static void 591eb320b0eSRobert Watson stub_netinet_icmp_reply(struct mbuf *mrecv, struct label *mrecvlabel, 592eb320b0eSRobert Watson struct mbuf *msend, struct label *msendlabel) 593eb320b0eSRobert Watson { 594eb320b0eSRobert Watson 595eb320b0eSRobert Watson } 596eb320b0eSRobert Watson 597eb320b0eSRobert Watson static void 598eb320b0eSRobert Watson stub_netinet_icmp_replyinplace(struct mbuf *m, struct label *mlabel) 599eb320b0eSRobert Watson { 600eb320b0eSRobert Watson 601eb320b0eSRobert Watson } 602eb320b0eSRobert Watson 603eb320b0eSRobert Watson static void 604eb320b0eSRobert Watson stub_netinet_igmp_send(struct ifnet *ifp, struct label *iflpabel, 605eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 606eb320b0eSRobert Watson { 607eb320b0eSRobert Watson 608eb320b0eSRobert Watson } 609eb320b0eSRobert Watson 610eb320b0eSRobert Watson static void 611eb320b0eSRobert Watson stub_netinet_tcp_reply(struct mbuf *m, struct label *mlabel) 612eb320b0eSRobert Watson { 613eb320b0eSRobert Watson 614eb320b0eSRobert Watson } 615eb320b0eSRobert Watson 616eb320b0eSRobert Watson static void 617eb320b0eSRobert Watson stub_netinet6_nd6_send(struct ifnet *ifp, struct label *iflpabel, 618eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 619eb320b0eSRobert Watson { 620eb320b0eSRobert Watson 621eb320b0eSRobert Watson } 622eb320b0eSRobert Watson 623d8a7b7a3SRobert Watson static int 62430d239bcSRobert Watson stub_pipe_check_ioctl(struct ucred *cred, struct pipepair *pp, 62578007886SRobert Watson struct label *pplabel, unsigned long cmd, void /* caddr_t */ *data) 626d8a7b7a3SRobert Watson { 627d8a7b7a3SRobert Watson 628d8a7b7a3SRobert Watson return (0); 629d8a7b7a3SRobert Watson } 630d8a7b7a3SRobert Watson 631d8a7b7a3SRobert Watson static int 63230d239bcSRobert Watson stub_pipe_check_poll(struct ucred *cred, struct pipepair *pp, 63378007886SRobert Watson struct label *pplabel) 634c024c3eeSRobert Watson { 635c024c3eeSRobert Watson 636c024c3eeSRobert Watson return (0); 637c024c3eeSRobert Watson } 638c024c3eeSRobert Watson 639c024c3eeSRobert Watson static int 64030d239bcSRobert Watson stub_pipe_check_read(struct ucred *cred, struct pipepair *pp, 64178007886SRobert Watson struct label *pplabel) 642d8a7b7a3SRobert Watson { 643d8a7b7a3SRobert Watson 644d8a7b7a3SRobert Watson return (0); 645d8a7b7a3SRobert Watson } 646d8a7b7a3SRobert Watson 647d8a7b7a3SRobert Watson static int 64830d239bcSRobert Watson stub_pipe_check_relabel(struct ucred *cred, struct pipepair *pp, 64978007886SRobert Watson struct label *pplabel, struct label *newlabel) 650d8a7b7a3SRobert Watson { 651d8a7b7a3SRobert Watson 652d8a7b7a3SRobert Watson return (0); 653d8a7b7a3SRobert Watson } 654d8a7b7a3SRobert Watson 655d8a7b7a3SRobert Watson static int 65630d239bcSRobert Watson stub_pipe_check_stat(struct ucred *cred, struct pipepair *pp, 65778007886SRobert Watson struct label *pplabel) 658c024c3eeSRobert Watson { 659c024c3eeSRobert Watson 660c024c3eeSRobert Watson return (0); 661c024c3eeSRobert Watson } 662c024c3eeSRobert Watson 663c024c3eeSRobert Watson static int 66430d239bcSRobert Watson stub_pipe_check_write(struct ucred *cred, struct pipepair *pp, 66578007886SRobert Watson struct label *pplabel) 666c024c3eeSRobert Watson { 667c024c3eeSRobert Watson 668c024c3eeSRobert Watson return (0); 669c024c3eeSRobert Watson } 670c024c3eeSRobert Watson 671eb320b0eSRobert Watson static void 672eb320b0eSRobert Watson stub_pipe_create(struct ucred *cred, struct pipepair *pp, 673eb320b0eSRobert Watson struct label *pplabel) 674eb320b0eSRobert Watson { 675eb320b0eSRobert Watson 676eb320b0eSRobert Watson } 677eb320b0eSRobert Watson 678eb320b0eSRobert Watson static void 679eb320b0eSRobert Watson stub_pipe_relabel(struct ucred *cred, struct pipepair *pp, 680eb320b0eSRobert Watson struct label *pplabel, struct label *newlabel) 681eb320b0eSRobert Watson { 682eb320b0eSRobert Watson 683eb320b0eSRobert Watson } 684eb320b0eSRobert Watson 685c024c3eeSRobert Watson static int 6866bc1e9cdSJohn Baldwin stub_posixsem_check_getvalue(struct ucred *active_cred, struct ucred *file_cred, 6876bc1e9cdSJohn Baldwin struct ksem *ks, struct label *kslabel) 68852648411SRobert Watson { 68952648411SRobert Watson 69052648411SRobert Watson return (0); 69152648411SRobert Watson } 69252648411SRobert Watson 69352648411SRobert Watson static int 69430d239bcSRobert Watson stub_posixsem_check_open(struct ucred *cred, struct ksem *ks, 695fe09513eSRobert Watson struct label *kslabel) 69652648411SRobert Watson { 69752648411SRobert Watson 69852648411SRobert Watson return (0); 69952648411SRobert Watson } 70052648411SRobert Watson 70152648411SRobert Watson static int 7026bc1e9cdSJohn Baldwin stub_posixsem_check_post(struct ucred *active_cred, struct ucred *file_cred, 7036bc1e9cdSJohn Baldwin struct ksem *ks, struct label *kslabel) 7046bc1e9cdSJohn Baldwin { 7056bc1e9cdSJohn Baldwin 7066bc1e9cdSJohn Baldwin return (0); 7076bc1e9cdSJohn Baldwin } 7086bc1e9cdSJohn Baldwin 7096bc1e9cdSJohn Baldwin static int 7109c00bb91SKonstantin Belousov stub_posixsem_check_setmode(struct ucred *cred, struct ksem *ks, 7119c00bb91SKonstantin Belousov struct label *kslabel, mode_t mode) 7129c00bb91SKonstantin Belousov { 7139c00bb91SKonstantin Belousov 7149c00bb91SKonstantin Belousov return (0); 7159c00bb91SKonstantin Belousov } 7169c00bb91SKonstantin Belousov 7179c00bb91SKonstantin Belousov static int 7189c00bb91SKonstantin Belousov stub_posixsem_check_setowner(struct ucred *cred, struct ksem *ks, 7199c00bb91SKonstantin Belousov struct label *kslabel, uid_t uid, gid_t gid) 7209c00bb91SKonstantin Belousov { 7219c00bb91SKonstantin Belousov 7229c00bb91SKonstantin Belousov return (0); 7239c00bb91SKonstantin Belousov } 7249c00bb91SKonstantin Belousov 7259c00bb91SKonstantin Belousov static int 7266bc1e9cdSJohn Baldwin stub_posixsem_check_stat(struct ucred *active_cred, struct ucred *file_cred, 7276bc1e9cdSJohn Baldwin struct ksem *ks, struct label *kslabel) 72852648411SRobert Watson { 72952648411SRobert Watson 73052648411SRobert Watson return (0); 73152648411SRobert Watson } 73252648411SRobert Watson 73352648411SRobert Watson static int 73430d239bcSRobert Watson stub_posixsem_check_unlink(struct ucred *cred, struct ksem *ks, 735fe09513eSRobert Watson struct label *kslabel) 73652648411SRobert Watson { 73752648411SRobert Watson 73852648411SRobert Watson return (0); 73952648411SRobert Watson } 74052648411SRobert Watson 74152648411SRobert Watson static int 7426bc1e9cdSJohn Baldwin stub_posixsem_check_wait(struct ucred *active_cred, struct ucred *file_cred, 7436bc1e9cdSJohn Baldwin struct ksem *ks, struct label *kslabel) 74452648411SRobert Watson { 74552648411SRobert Watson 74652648411SRobert Watson return (0); 74752648411SRobert Watson } 74852648411SRobert Watson 749eb320b0eSRobert Watson static void 750eb320b0eSRobert Watson stub_posixsem_create(struct ucred *cred, struct ksem *ks, 751eb320b0eSRobert Watson struct label *kslabel) 752eb320b0eSRobert Watson { 753eb320b0eSRobert Watson 754eb320b0eSRobert Watson } 755eb320b0eSRobert Watson 756eb320b0eSRobert Watson static int 7579b6dd12eSRobert Watson stub_posixshm_check_create(struct ucred *cred, const char *path) 7589b6dd12eSRobert Watson { 7599b6dd12eSRobert Watson 7609b6dd12eSRobert Watson return (0); 7619b6dd12eSRobert Watson } 7629b6dd12eSRobert Watson 7639b6dd12eSRobert Watson static int 7648e38aeffSJohn Baldwin stub_posixshm_check_mmap(struct ucred *cred, struct shmfd *shmfd, 7658e38aeffSJohn Baldwin struct label *shmlabel, int prot, int flags) 7668e38aeffSJohn Baldwin { 7678e38aeffSJohn Baldwin 7688e38aeffSJohn Baldwin return (0); 7698e38aeffSJohn Baldwin } 7708e38aeffSJohn Baldwin 7718e38aeffSJohn Baldwin static int 7728e38aeffSJohn Baldwin stub_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd, 7739b6dd12eSRobert Watson struct label *shmlabel, accmode_t accmode) 7748e38aeffSJohn Baldwin { 7758e38aeffSJohn Baldwin 7768e38aeffSJohn Baldwin return (0); 7778e38aeffSJohn Baldwin } 7788e38aeffSJohn Baldwin 7798e38aeffSJohn Baldwin static int 780940cb0e2SKonstantin Belousov stub_posixshm_check_read(struct ucred *active_cred, struct ucred *file_cred, 781940cb0e2SKonstantin Belousov struct shmfd *shm, struct label *shmlabel) 782940cb0e2SKonstantin Belousov { 783940cb0e2SKonstantin Belousov 784940cb0e2SKonstantin Belousov return (0); 785940cb0e2SKonstantin Belousov } 786940cb0e2SKonstantin Belousov 787940cb0e2SKonstantin Belousov static int 7889c00bb91SKonstantin Belousov stub_posixshm_check_setmode(struct ucred *cred, struct shmfd *shmfd, 7899c00bb91SKonstantin Belousov struct label *shmlabel, mode_t mode) 7909c00bb91SKonstantin Belousov { 7919c00bb91SKonstantin Belousov 7929c00bb91SKonstantin Belousov return (0); 7939c00bb91SKonstantin Belousov } 7949c00bb91SKonstantin Belousov 7959c00bb91SKonstantin Belousov static int 7969c00bb91SKonstantin Belousov stub_posixshm_check_setowner(struct ucred *cred, struct shmfd *shmfd, 7979c00bb91SKonstantin Belousov struct label *shmlabel, uid_t uid, gid_t gid) 7989c00bb91SKonstantin Belousov { 7999c00bb91SKonstantin Belousov 8009c00bb91SKonstantin Belousov return (0); 8019c00bb91SKonstantin Belousov } 8029c00bb91SKonstantin Belousov 8039c00bb91SKonstantin Belousov static int 8048e38aeffSJohn Baldwin stub_posixshm_check_stat(struct ucred *active_cred, struct ucred *file_cred, 8058e38aeffSJohn Baldwin struct shmfd *shmfd, struct label *shmlabel) 8068e38aeffSJohn Baldwin { 8078e38aeffSJohn Baldwin 8088e38aeffSJohn Baldwin return (0); 8098e38aeffSJohn Baldwin } 8108e38aeffSJohn Baldwin 8118e38aeffSJohn Baldwin static int 8128e38aeffSJohn Baldwin stub_posixshm_check_truncate(struct ucred *active_cred, 8138e38aeffSJohn Baldwin struct ucred *file_cred, struct shmfd *shmfd, struct label *shmlabel) 8148e38aeffSJohn Baldwin { 8158e38aeffSJohn Baldwin 8168e38aeffSJohn Baldwin return (0); 8178e38aeffSJohn Baldwin } 8188e38aeffSJohn Baldwin 8198e38aeffSJohn Baldwin static int 8208e38aeffSJohn Baldwin stub_posixshm_check_unlink(struct ucred *cred, struct shmfd *shmfd, 8218e38aeffSJohn Baldwin struct label *shmlabel) 8228e38aeffSJohn Baldwin { 8238e38aeffSJohn Baldwin 8248e38aeffSJohn Baldwin return (0); 8258e38aeffSJohn Baldwin } 8268e38aeffSJohn Baldwin 827940cb0e2SKonstantin Belousov static int 828940cb0e2SKonstantin Belousov stub_posixshm_check_write(struct ucred *active_cred, struct ucred *file_cred, 829940cb0e2SKonstantin Belousov struct shmfd *shm, struct label *shmlabel) 830940cb0e2SKonstantin Belousov { 831940cb0e2SKonstantin Belousov 832940cb0e2SKonstantin Belousov return (0); 833940cb0e2SKonstantin Belousov } 834940cb0e2SKonstantin Belousov 8358e38aeffSJohn Baldwin static void 8368e38aeffSJohn Baldwin stub_posixshm_create(struct ucred *cred, struct shmfd *shmfd, 8378e38aeffSJohn Baldwin struct label *shmlabel) 8388e38aeffSJohn Baldwin { 8398e38aeffSJohn Baldwin 8408e38aeffSJohn Baldwin } 8418e38aeffSJohn Baldwin 8428e38aeffSJohn Baldwin static int 843eb320b0eSRobert Watson stub_priv_check(struct ucred *cred, int priv) 844eb320b0eSRobert Watson { 845eb320b0eSRobert Watson 846eb320b0eSRobert Watson return (0); 847eb320b0eSRobert Watson } 848eb320b0eSRobert Watson 849eb320b0eSRobert Watson static int 850eb320b0eSRobert Watson stub_priv_grant(struct ucred *cred, int priv) 851eb320b0eSRobert Watson { 852eb320b0eSRobert Watson 853eb320b0eSRobert Watson return (EPERM); 854eb320b0eSRobert Watson } 855eb320b0eSRobert Watson 85652648411SRobert Watson static int 85730d239bcSRobert Watson stub_proc_check_debug(struct ucred *cred, struct proc *p) 858d8a7b7a3SRobert Watson { 859d8a7b7a3SRobert Watson 860d8a7b7a3SRobert Watson return (0); 861d8a7b7a3SRobert Watson } 862d8a7b7a3SRobert Watson 863d8a7b7a3SRobert Watson static int 86430d239bcSRobert Watson stub_proc_check_sched(struct ucred *cred, struct proc *p) 865d8a7b7a3SRobert Watson { 866d8a7b7a3SRobert Watson 867d8a7b7a3SRobert Watson return (0); 868d8a7b7a3SRobert Watson } 869d8a7b7a3SRobert Watson 870d8a7b7a3SRobert Watson static int 871eb320b0eSRobert Watson stub_proc_check_signal(struct ucred *cred, struct proc *p, int signum) 872eb320b0eSRobert Watson { 873eb320b0eSRobert Watson 874eb320b0eSRobert Watson return (0); 875eb320b0eSRobert Watson } 876eb320b0eSRobert Watson 877eb320b0eSRobert Watson static int 878eb320b0eSRobert Watson stub_proc_check_wait(struct ucred *cred, struct proc *p) 879eb320b0eSRobert Watson { 880eb320b0eSRobert Watson 881eb320b0eSRobert Watson return (0); 882eb320b0eSRobert Watson } 883eb320b0eSRobert Watson 884eb320b0eSRobert Watson static int 88530d239bcSRobert Watson stub_socket_check_accept(struct ucred *cred, struct socket *so, 88678007886SRobert Watson struct label *solabel) 8877f53207bSRobert Watson { 8887f53207bSRobert Watson 8893de40469SRobert Watson #if 0 8903de40469SRobert Watson SOCK_LOCK(so); 8913de40469SRobert Watson SOCK_UNLOCK(so); 8923de40469SRobert Watson #endif 8933de40469SRobert Watson 8947f53207bSRobert Watson return (0); 8957f53207bSRobert Watson } 8967f53207bSRobert Watson 8977f53207bSRobert Watson static int 89830d239bcSRobert Watson stub_socket_check_bind(struct ucred *cred, struct socket *so, 89978007886SRobert Watson struct label *solabel, struct sockaddr *sa) 900d8a7b7a3SRobert Watson { 901d8a7b7a3SRobert Watson 9023de40469SRobert Watson #if 0 9033de40469SRobert Watson SOCK_LOCK(so); 9043de40469SRobert Watson SOCK_UNLOCK(so); 9053de40469SRobert Watson #endif 9063de40469SRobert Watson 907d8a7b7a3SRobert Watson return (0); 908d8a7b7a3SRobert Watson } 909d8a7b7a3SRobert Watson 910d8a7b7a3SRobert Watson static int 91130d239bcSRobert Watson stub_socket_check_connect(struct ucred *cred, struct socket *so, 91278007886SRobert Watson struct label *solabel, struct sockaddr *sa) 913d8a7b7a3SRobert Watson { 914d8a7b7a3SRobert Watson 9153de40469SRobert Watson #if 0 9163de40469SRobert Watson SOCK_LOCK(so); 9173de40469SRobert Watson SOCK_UNLOCK(so); 9183de40469SRobert Watson #endif 9193de40469SRobert Watson 920d8a7b7a3SRobert Watson return (0); 921d8a7b7a3SRobert Watson } 922d8a7b7a3SRobert Watson 923d8a7b7a3SRobert Watson static int 92430d239bcSRobert Watson stub_socket_check_create(struct ucred *cred, int domain, int type, int proto) 9256758f88eSRobert Watson { 9266758f88eSRobert Watson 9276758f88eSRobert Watson return (0); 9286758f88eSRobert Watson } 9296758f88eSRobert Watson 9306758f88eSRobert Watson static int 93130d239bcSRobert Watson stub_socket_check_deliver(struct socket *so, struct label *solabel, 93278007886SRobert Watson struct mbuf *m, struct label *mlabel) 933d8a7b7a3SRobert Watson { 934d8a7b7a3SRobert Watson 9353de40469SRobert Watson #if 0 9363de40469SRobert Watson SOCK_LOCK(so); 9373de40469SRobert Watson SOCK_UNLOCK(so); 9383de40469SRobert Watson #endif 9393de40469SRobert Watson 940d8a7b7a3SRobert Watson return (0); 941d8a7b7a3SRobert Watson } 942d8a7b7a3SRobert Watson 943d8a7b7a3SRobert Watson static int 94430d239bcSRobert Watson stub_socket_check_listen(struct ucred *cred, struct socket *so, 94578007886SRobert Watson struct label *solabel) 946d8a7b7a3SRobert Watson { 947d8a7b7a3SRobert Watson 9483de40469SRobert Watson #if 0 9493de40469SRobert Watson SOCK_LOCK(so); 9503de40469SRobert Watson SOCK_UNLOCK(so); 9513de40469SRobert Watson #endif 9523de40469SRobert Watson 953d8a7b7a3SRobert Watson return (0); 954d8a7b7a3SRobert Watson } 955d8a7b7a3SRobert Watson 956d8a7b7a3SRobert Watson static int 95730d239bcSRobert Watson stub_socket_check_poll(struct ucred *cred, struct socket *so, 95878007886SRobert Watson struct label *solabel) 9597f53207bSRobert Watson { 9607f53207bSRobert Watson 9613de40469SRobert Watson #if 0 9623de40469SRobert Watson SOCK_LOCK(so); 9633de40469SRobert Watson SOCK_UNLOCK(so); 9643de40469SRobert Watson #endif 9653de40469SRobert Watson 9667f53207bSRobert Watson return (0); 9677f53207bSRobert Watson } 9687f53207bSRobert Watson 9697f53207bSRobert Watson static int 97030d239bcSRobert Watson stub_socket_check_receive(struct ucred *cred, struct socket *so, 97178007886SRobert Watson struct label *solabel) 9727f53207bSRobert Watson { 9737f53207bSRobert Watson 9743de40469SRobert Watson #if 0 9753de40469SRobert Watson SOCK_LOCK(so); 9763de40469SRobert Watson SOCK_UNLOCK(so); 9773de40469SRobert Watson #endif 9783de40469SRobert Watson 9797f53207bSRobert Watson return (0); 9807f53207bSRobert Watson } 9817f53207bSRobert Watson 9827f53207bSRobert Watson static int 98330d239bcSRobert Watson stub_socket_check_relabel(struct ucred *cred, struct socket *so, 98478007886SRobert Watson struct label *solabel, struct label *newlabel) 985d8a7b7a3SRobert Watson { 986d8a7b7a3SRobert Watson 9873de40469SRobert Watson SOCK_LOCK_ASSERT(so); 9883de40469SRobert Watson 989d8a7b7a3SRobert Watson return (0); 990d8a7b7a3SRobert Watson } 9917f53207bSRobert Watson static int 99230d239bcSRobert Watson stub_socket_check_send(struct ucred *cred, struct socket *so, 99378007886SRobert Watson struct label *solabel) 9947f53207bSRobert Watson { 9957f53207bSRobert Watson 9963de40469SRobert Watson #if 0 9973de40469SRobert Watson SOCK_LOCK(so); 9983de40469SRobert Watson SOCK_UNLOCK(so); 9993de40469SRobert Watson #endif 10003de40469SRobert Watson 10017f53207bSRobert Watson return (0); 10027f53207bSRobert Watson } 10037f53207bSRobert Watson 10047f53207bSRobert Watson static int 100530d239bcSRobert Watson stub_socket_check_stat(struct ucred *cred, struct socket *so, 100678007886SRobert Watson struct label *solabel) 10077f53207bSRobert Watson { 10087f53207bSRobert Watson 10093de40469SRobert Watson #if 0 10103de40469SRobert Watson SOCK_LOCK(so); 10113de40469SRobert Watson SOCK_UNLOCK(so); 10123de40469SRobert Watson #endif 10133de40469SRobert Watson 10147f53207bSRobert Watson return (0); 10157f53207bSRobert Watson } 1016d8a7b7a3SRobert Watson 1017d8a7b7a3SRobert Watson static int 10187fb179baSBjoern A. Zeeb stub_inpcb_check_visible(struct ucred *cred, struct inpcb *inp, 10197fb179baSBjoern A. Zeeb struct label *inplabel) 10207fb179baSBjoern A. Zeeb { 10217fb179baSBjoern A. Zeeb 10227fb179baSBjoern A. Zeeb return (0); 10237fb179baSBjoern A. Zeeb } 10247fb179baSBjoern A. Zeeb 10257fb179baSBjoern A. Zeeb static int 102630d239bcSRobert Watson stub_socket_check_visible(struct ucred *cred, struct socket *so, 102778007886SRobert Watson struct label *solabel) 1028d8a7b7a3SRobert Watson { 1029d8a7b7a3SRobert Watson 10303de40469SRobert Watson #if 0 10313de40469SRobert Watson SOCK_LOCK(so); 10323de40469SRobert Watson SOCK_UNLOCK(so); 10333de40469SRobert Watson #endif 10343de40469SRobert Watson 1035d8a7b7a3SRobert Watson return (0); 1036d8a7b7a3SRobert Watson } 1037d8a7b7a3SRobert Watson 1038eb320b0eSRobert Watson static void 1039eb320b0eSRobert Watson stub_socket_create(struct ucred *cred, struct socket *so, 1040eb320b0eSRobert Watson struct label *solabel) 1041eb320b0eSRobert Watson { 1042eb320b0eSRobert Watson 1043eb320b0eSRobert Watson } 1044eb320b0eSRobert Watson 1045eb320b0eSRobert Watson static void 1046eb320b0eSRobert Watson stub_socket_create_mbuf(struct socket *so, struct label *solabel, 1047eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 1048eb320b0eSRobert Watson { 1049eb320b0eSRobert Watson 10503de40469SRobert Watson #if 0 10513de40469SRobert Watson SOCK_LOCK(so); 10523de40469SRobert Watson SOCK_UNLOCK(so); 10533de40469SRobert Watson #endif 1054eb320b0eSRobert Watson } 1055eb320b0eSRobert Watson 1056eb320b0eSRobert Watson static void 1057eb320b0eSRobert Watson stub_socket_newconn(struct socket *oldso, struct label *oldsolabel, 1058eb320b0eSRobert Watson struct socket *newso, struct label *newsolabel) 1059eb320b0eSRobert Watson { 1060eb320b0eSRobert Watson 10613de40469SRobert Watson #if 0 10623de40469SRobert Watson SOCK_LOCK(oldso); 10633de40469SRobert Watson SOCK_UNLOCK(oldso); 10643de40469SRobert Watson #endif 10653de40469SRobert Watson #if 0 10663de40469SRobert Watson SOCK_LOCK(newso); 10673de40469SRobert Watson SOCK_UNLOCK(newso); 10683de40469SRobert Watson #endif 1069eb320b0eSRobert Watson } 1070eb320b0eSRobert Watson 1071eb320b0eSRobert Watson static void 1072eb320b0eSRobert Watson stub_socket_relabel(struct ucred *cred, struct socket *so, 1073eb320b0eSRobert Watson struct label *solabel, struct label *newlabel) 1074eb320b0eSRobert Watson { 1075eb320b0eSRobert Watson 10763de40469SRobert Watson SOCK_LOCK_ASSERT(so); 1077eb320b0eSRobert Watson } 1078eb320b0eSRobert Watson 1079eb320b0eSRobert Watson static void 1080eb320b0eSRobert Watson stub_socketpeer_set_from_mbuf(struct mbuf *m, struct label *mlabel, 1081eb320b0eSRobert Watson struct socket *so, struct label *sopeerlabel) 1082eb320b0eSRobert Watson { 1083eb320b0eSRobert Watson 10843de40469SRobert Watson #if 0 10853de40469SRobert Watson SOCK_LOCK(so); 10863de40469SRobert Watson SOCK_UNLOCK(so); 10873de40469SRobert Watson #endif 1088eb320b0eSRobert Watson } 1089eb320b0eSRobert Watson 1090eb320b0eSRobert Watson static void 1091eb320b0eSRobert Watson stub_socketpeer_set_from_socket(struct socket *oldso, 1092eb320b0eSRobert Watson struct label *oldsolabel, struct socket *newso, 1093eb320b0eSRobert Watson struct label *newsopeerlabel) 1094eb320b0eSRobert Watson { 1095eb320b0eSRobert Watson 10963de40469SRobert Watson #if 0 10973de40469SRobert Watson SOCK_LOCK(oldso); 10983de40469SRobert Watson SOCK_UNLOCK(oldso); 10993de40469SRobert Watson #endif 11003de40469SRobert Watson #if 0 11013de40469SRobert Watson SOCK_LOCK(newso); 11023de40469SRobert Watson SOCK_UNLOCK(newso); 11033de40469SRobert Watson #endif 1104eb320b0eSRobert Watson } 1105eb320b0eSRobert Watson 1106eb320b0eSRobert Watson static void 1107eb320b0eSRobert Watson stub_syncache_create(struct label *label, struct inpcb *inp) 1108eb320b0eSRobert Watson { 1109eb320b0eSRobert Watson 1110eb320b0eSRobert Watson } 1111eb320b0eSRobert Watson 1112eb320b0eSRobert Watson static void 1113eb320b0eSRobert Watson stub_syncache_create_mbuf(struct label *sc_label, struct mbuf *m, 1114eb320b0eSRobert Watson struct label *mlabel) 1115eb320b0eSRobert Watson { 1116eb320b0eSRobert Watson 1117eb320b0eSRobert Watson } 1118eb320b0eSRobert Watson 1119d8a7b7a3SRobert Watson static int 112030d239bcSRobert Watson stub_system_check_acct(struct ucred *cred, struct vnode *vp, 112178007886SRobert Watson struct label *vplabel) 112209de2dc2SRobert Watson { 112309de2dc2SRobert Watson 112409de2dc2SRobert Watson return (0); 112509de2dc2SRobert Watson } 112609de2dc2SRobert Watson 112709de2dc2SRobert Watson static int 112830d239bcSRobert Watson stub_system_check_audit(struct ucred *cred, void *record, int length) 112918717f69SRobert Watson { 113018717f69SRobert Watson 113118717f69SRobert Watson return (0); 113218717f69SRobert Watson } 113318717f69SRobert Watson 113418717f69SRobert Watson static int 113530d239bcSRobert Watson stub_system_check_auditctl(struct ucred *cred, struct vnode *vp, 113678007886SRobert Watson struct label *vplabel) 113718717f69SRobert Watson { 113818717f69SRobert Watson 113918717f69SRobert Watson return (0); 114018717f69SRobert Watson } 114118717f69SRobert Watson 114218717f69SRobert Watson static int 114330d239bcSRobert Watson stub_system_check_auditon(struct ucred *cred, int cmd) 114418717f69SRobert Watson { 114518717f69SRobert Watson 114618717f69SRobert Watson return (0); 114718717f69SRobert Watson } 114818717f69SRobert Watson 114918717f69SRobert Watson static int 115030d239bcSRobert Watson stub_system_check_reboot(struct ucred *cred, int how) 1151927f6069SRobert Watson { 1152927f6069SRobert Watson 1153927f6069SRobert Watson return (0); 1154927f6069SRobert Watson } 1155927f6069SRobert Watson 1156927f6069SRobert Watson static int 115730d239bcSRobert Watson stub_system_check_swapoff(struct ucred *cred, struct vnode *vp, 115878007886SRobert Watson struct label *vplabel) 1159927f6069SRobert Watson { 1160927f6069SRobert Watson 1161927f6069SRobert Watson return (0); 1162927f6069SRobert Watson } 1163927f6069SRobert Watson 1164927f6069SRobert Watson static int 116530d239bcSRobert Watson stub_system_check_swapon(struct ucred *cred, struct vnode *vp, 116678007886SRobert Watson struct label *vplabel) 116709de2dc2SRobert Watson { 116809de2dc2SRobert Watson 116909de2dc2SRobert Watson return (0); 117009de2dc2SRobert Watson } 117109de2dc2SRobert Watson 117209de2dc2SRobert Watson static int 117330d239bcSRobert Watson stub_system_check_sysctl(struct ucred *cred, struct sysctl_oid *oidp, 117463dba32bSPawel Jakub Dawidek void *arg1, int arg2, struct sysctl_req *req) 1175927f6069SRobert Watson { 1176927f6069SRobert Watson 1177927f6069SRobert Watson return (0); 1178927f6069SRobert Watson } 1179927f6069SRobert Watson 1180eb320b0eSRobert Watson static void 1181eb320b0eSRobert Watson stub_sysvmsg_cleanup(struct label *msglabel) 1182eb320b0eSRobert Watson { 1183eb320b0eSRobert Watson 1184eb320b0eSRobert Watson } 1185eb320b0eSRobert Watson 1186eb320b0eSRobert Watson static void 1187eb320b0eSRobert Watson stub_sysvmsg_create(struct ucred *cred, struct msqid_kernel *msqkptr, 1188eb320b0eSRobert Watson struct label *msqlabel, struct msg *msgptr, struct label *msglabel) 1189eb320b0eSRobert Watson { 1190eb320b0eSRobert Watson 1191eb320b0eSRobert Watson } 1192eb320b0eSRobert Watson 1193eb320b0eSRobert Watson static int 1194eb320b0eSRobert Watson stub_sysvmsq_check_msgmsq(struct ucred *cred, struct msg *msgptr, 1195eb320b0eSRobert Watson struct label *msglabel, struct msqid_kernel *msqkptr, 1196eb320b0eSRobert Watson struct label *msqklabel) 1197eb320b0eSRobert Watson { 1198eb320b0eSRobert Watson 1199eb320b0eSRobert Watson return (0); 1200eb320b0eSRobert Watson } 1201eb320b0eSRobert Watson 1202eb320b0eSRobert Watson static int 1203eb320b0eSRobert Watson stub_sysvmsq_check_msgrcv(struct ucred *cred, struct msg *msgptr, 1204eb320b0eSRobert Watson struct label *msglabel) 1205eb320b0eSRobert Watson { 1206eb320b0eSRobert Watson 1207eb320b0eSRobert Watson return (0); 1208eb320b0eSRobert Watson } 1209eb320b0eSRobert Watson 1210eb320b0eSRobert Watson static int 1211eb320b0eSRobert Watson stub_sysvmsq_check_msgrmid(struct ucred *cred, struct msg *msgptr, 1212eb320b0eSRobert Watson struct label *msglabel) 1213eb320b0eSRobert Watson { 1214eb320b0eSRobert Watson 1215eb320b0eSRobert Watson return (0); 1216eb320b0eSRobert Watson } 1217eb320b0eSRobert Watson 1218eb320b0eSRobert Watson static int 1219eb320b0eSRobert Watson stub_sysvmsq_check_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, 1220eb320b0eSRobert Watson struct label *msqklabel) 1221eb320b0eSRobert Watson { 1222eb320b0eSRobert Watson 1223eb320b0eSRobert Watson return (0); 1224eb320b0eSRobert Watson } 1225eb320b0eSRobert Watson 1226eb320b0eSRobert Watson static int 1227eb320b0eSRobert Watson stub_sysvmsq_check_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, 1228eb320b0eSRobert Watson struct label *msqklabel) 1229eb320b0eSRobert Watson { 1230eb320b0eSRobert Watson 1231eb320b0eSRobert Watson return (0); 1232eb320b0eSRobert Watson } 1233eb320b0eSRobert Watson 1234eb320b0eSRobert Watson static int 1235eb320b0eSRobert Watson stub_sysvmsq_check_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, 1236eb320b0eSRobert Watson struct label *msqklabel) 1237eb320b0eSRobert Watson { 1238eb320b0eSRobert Watson 1239eb320b0eSRobert Watson return (0); 1240eb320b0eSRobert Watson } 1241eb320b0eSRobert Watson 1242eb320b0eSRobert Watson static int 1243eb320b0eSRobert Watson stub_sysvmsq_check_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, 1244eb320b0eSRobert Watson struct label *msqklabel, int cmd) 1245eb320b0eSRobert Watson { 1246eb320b0eSRobert Watson 1247eb320b0eSRobert Watson return (0); 1248eb320b0eSRobert Watson } 1249eb320b0eSRobert Watson 1250eb320b0eSRobert Watson static void 1251eb320b0eSRobert Watson stub_sysvmsq_cleanup(struct label *msqlabel) 1252eb320b0eSRobert Watson { 1253eb320b0eSRobert Watson 1254eb320b0eSRobert Watson } 1255eb320b0eSRobert Watson 1256eb320b0eSRobert Watson static void 1257eb320b0eSRobert Watson stub_sysvmsq_create(struct ucred *cred, struct msqid_kernel *msqkptr, 1258eb320b0eSRobert Watson struct label *msqlabel) 1259eb320b0eSRobert Watson { 1260eb320b0eSRobert Watson 1261eb320b0eSRobert Watson } 1262eb320b0eSRobert Watson 1263eb320b0eSRobert Watson static int 1264eb320b0eSRobert Watson stub_sysvsem_check_semctl(struct ucred *cred, struct semid_kernel *semakptr, 1265eb320b0eSRobert Watson struct label *semaklabel, int cmd) 1266eb320b0eSRobert Watson { 1267eb320b0eSRobert Watson 1268eb320b0eSRobert Watson return (0); 1269eb320b0eSRobert Watson } 1270eb320b0eSRobert Watson 1271eb320b0eSRobert Watson static int 1272eb320b0eSRobert Watson stub_sysvsem_check_semget(struct ucred *cred, struct semid_kernel *semakptr, 1273eb320b0eSRobert Watson struct label *semaklabel) 1274eb320b0eSRobert Watson { 1275eb320b0eSRobert Watson 1276eb320b0eSRobert Watson return (0); 1277eb320b0eSRobert Watson } 1278eb320b0eSRobert Watson 1279eb320b0eSRobert Watson static int 1280eb320b0eSRobert Watson stub_sysvsem_check_semop(struct ucred *cred, struct semid_kernel *semakptr, 1281eb320b0eSRobert Watson struct label *semaklabel, size_t accesstype) 1282eb320b0eSRobert Watson { 1283eb320b0eSRobert Watson 1284eb320b0eSRobert Watson return (0); 1285eb320b0eSRobert Watson } 1286eb320b0eSRobert Watson 1287eb320b0eSRobert Watson static void 1288eb320b0eSRobert Watson stub_sysvsem_cleanup(struct label *semalabel) 1289eb320b0eSRobert Watson { 1290eb320b0eSRobert Watson 1291eb320b0eSRobert Watson } 1292eb320b0eSRobert Watson 1293eb320b0eSRobert Watson static void 1294eb320b0eSRobert Watson stub_sysvsem_create(struct ucred *cred, struct semid_kernel *semakptr, 1295eb320b0eSRobert Watson struct label *semalabel) 1296eb320b0eSRobert Watson { 1297eb320b0eSRobert Watson 1298eb320b0eSRobert Watson } 1299eb320b0eSRobert Watson 1300eb320b0eSRobert Watson static int 1301eb320b0eSRobert Watson stub_sysvshm_check_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr, 1302eb320b0eSRobert Watson struct label *shmseglabel, int shmflg) 1303eb320b0eSRobert Watson { 1304eb320b0eSRobert Watson 1305eb320b0eSRobert Watson return (0); 1306eb320b0eSRobert Watson } 1307eb320b0eSRobert Watson 1308eb320b0eSRobert Watson static int 1309eb320b0eSRobert Watson stub_sysvshm_check_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr, 1310eb320b0eSRobert Watson struct label *shmseglabel, int cmd) 1311eb320b0eSRobert Watson { 1312eb320b0eSRobert Watson 1313eb320b0eSRobert Watson return (0); 1314eb320b0eSRobert Watson } 1315eb320b0eSRobert Watson 1316eb320b0eSRobert Watson static int 1317eb320b0eSRobert Watson stub_sysvshm_check_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr, 1318eb320b0eSRobert Watson struct label *shmseglabel) 1319eb320b0eSRobert Watson { 1320eb320b0eSRobert Watson 1321eb320b0eSRobert Watson return (0); 1322eb320b0eSRobert Watson } 1323eb320b0eSRobert Watson 1324eb320b0eSRobert Watson static int 1325eb320b0eSRobert Watson stub_sysvshm_check_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr, 1326eb320b0eSRobert Watson struct label *shmseglabel, int shmflg) 1327eb320b0eSRobert Watson { 1328eb320b0eSRobert Watson 1329eb320b0eSRobert Watson return (0); 1330eb320b0eSRobert Watson } 1331eb320b0eSRobert Watson 1332eb320b0eSRobert Watson static void 1333eb320b0eSRobert Watson stub_sysvshm_cleanup(struct label *shmlabel) 1334eb320b0eSRobert Watson { 1335eb320b0eSRobert Watson 1336eb320b0eSRobert Watson } 1337eb320b0eSRobert Watson 1338eb320b0eSRobert Watson static void 1339eb320b0eSRobert Watson stub_sysvshm_create(struct ucred *cred, struct shmid_kernel *shmsegptr, 1340eb320b0eSRobert Watson struct label *shmalabel) 1341eb320b0eSRobert Watson { 1342eb320b0eSRobert Watson 1343eb320b0eSRobert Watson } 1344eb320b0eSRobert Watson 1345eb320b0eSRobert Watson static void 1346eb320b0eSRobert Watson stub_thread_userret(struct thread *td) 1347eb320b0eSRobert Watson { 1348eb320b0eSRobert Watson 1349eb320b0eSRobert Watson } 1350eb320b0eSRobert Watson 1351eb320b0eSRobert Watson static int 1352eb320b0eSRobert Watson stub_vnode_associate_extattr(struct mount *mp, struct label *mplabel, 1353eb320b0eSRobert Watson struct vnode *vp, struct label *vplabel) 1354eb320b0eSRobert Watson { 1355eb320b0eSRobert Watson 1356eb320b0eSRobert Watson return (0); 1357eb320b0eSRobert Watson } 1358eb320b0eSRobert Watson 1359eb320b0eSRobert Watson static void 1360eb320b0eSRobert Watson stub_vnode_associate_singlelabel(struct mount *mp, struct label *mplabel, 1361eb320b0eSRobert Watson struct vnode *vp, struct label *vplabel) 1362eb320b0eSRobert Watson { 1363eb320b0eSRobert Watson 1364eb320b0eSRobert Watson } 1365eb320b0eSRobert Watson 1366d8a7b7a3SRobert Watson static int 13675077415aSRobert Watson stub_vnode_check_access(struct ucred *cred, struct vnode *vp, 1368178da2a9SEdward Tomasz Napierala struct label *vplabel, accmode_t accmode) 13695077415aSRobert Watson { 13705077415aSRobert Watson 13715077415aSRobert Watson return (0); 13725077415aSRobert Watson } 13735077415aSRobert Watson 13745077415aSRobert Watson static int 13755077415aSRobert Watson stub_vnode_check_chdir(struct ucred *cred, struct vnode *dvp, 13765077415aSRobert Watson struct label *dvplabel) 13775077415aSRobert Watson { 13785077415aSRobert Watson 13795077415aSRobert Watson return (0); 13805077415aSRobert Watson } 13815077415aSRobert Watson 13825077415aSRobert Watson static int 13835077415aSRobert Watson stub_vnode_check_chroot(struct ucred *cred, struct vnode *dvp, 13845077415aSRobert Watson struct label *dvplabel) 13855077415aSRobert Watson { 13865077415aSRobert Watson 13875077415aSRobert Watson return (0); 13885077415aSRobert Watson } 13895077415aSRobert Watson 13905077415aSRobert Watson static int 13915077415aSRobert Watson stub_vnode_check_create(struct ucred *cred, struct vnode *dvp, 13925077415aSRobert Watson struct label *dvplabel, struct componentname *cnp, struct vattr *vap) 13935077415aSRobert Watson { 13945077415aSRobert Watson 13955077415aSRobert Watson return (0); 13965077415aSRobert Watson } 13975077415aSRobert Watson 13985077415aSRobert Watson static int 139930d239bcSRobert Watson stub_vnode_check_deleteacl(struct ucred *cred, struct vnode *vp, 140078007886SRobert Watson struct label *vplabel, acl_type_t type) 1401d8a7b7a3SRobert Watson { 1402d8a7b7a3SRobert Watson 1403d8a7b7a3SRobert Watson return (0); 1404d8a7b7a3SRobert Watson } 1405d8a7b7a3SRobert Watson 1406d8a7b7a3SRobert Watson static int 140730d239bcSRobert Watson stub_vnode_check_deleteextattr(struct ucred *cred, struct vnode *vp, 140878007886SRobert Watson struct label *vplabel, int attrnamespace, const char *name) 140964f00af8SRobert Watson { 141064f00af8SRobert Watson 141164f00af8SRobert Watson return (0); 141264f00af8SRobert Watson } 141364f00af8SRobert Watson 141464f00af8SRobert Watson static int 141530d239bcSRobert Watson stub_vnode_check_exec(struct ucred *cred, struct vnode *vp, 141678007886SRobert Watson struct label *vplabel, struct image_params *imgp, 1417ef5def59SRobert Watson struct label *execlabel) 1418d8a7b7a3SRobert Watson { 1419d8a7b7a3SRobert Watson 1420d8a7b7a3SRobert Watson return (0); 1421d8a7b7a3SRobert Watson } 1422d8a7b7a3SRobert Watson 1423d8a7b7a3SRobert Watson static int 142430d239bcSRobert Watson stub_vnode_check_getacl(struct ucred *cred, struct vnode *vp, 142578007886SRobert Watson struct label *vplabel, acl_type_t type) 1426d8a7b7a3SRobert Watson { 1427d8a7b7a3SRobert Watson 1428d8a7b7a3SRobert Watson return (0); 1429d8a7b7a3SRobert Watson } 1430d8a7b7a3SRobert Watson 1431d8a7b7a3SRobert Watson static int 143230d239bcSRobert Watson stub_vnode_check_getextattr(struct ucred *cred, struct vnode *vp, 1433fefd0ac8SRobert Watson struct label *vplabel, int attrnamespace, const char *name) 1434d8a7b7a3SRobert Watson { 1435d8a7b7a3SRobert Watson 1436d8a7b7a3SRobert Watson return (0); 1437d8a7b7a3SRobert Watson } 1438d8a7b7a3SRobert Watson 1439d8a7b7a3SRobert Watson static int 144030d239bcSRobert Watson stub_vnode_check_link(struct ucred *cred, struct vnode *dvp, 144178007886SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 1442c27b50f5SRobert Watson struct componentname *cnp) 1443c27b50f5SRobert Watson { 1444c27b50f5SRobert Watson 1445c27b50f5SRobert Watson return (0); 1446c27b50f5SRobert Watson } 1447c27b50f5SRobert Watson 1448c27b50f5SRobert Watson static int 144930d239bcSRobert Watson stub_vnode_check_listextattr(struct ucred *cred, struct vnode *vp, 145078007886SRobert Watson struct label *vplabel, int attrnamespace) 145164f00af8SRobert Watson { 145264f00af8SRobert Watson 145364f00af8SRobert Watson return (0); 145464f00af8SRobert Watson } 145564f00af8SRobert Watson 145664f00af8SRobert Watson static int 145730d239bcSRobert Watson stub_vnode_check_lookup(struct ucred *cred, struct vnode *dvp, 145878007886SRobert Watson struct label *dvplabel, struct componentname *cnp) 1459d8a7b7a3SRobert Watson { 1460d8a7b7a3SRobert Watson 1461d8a7b7a3SRobert Watson return (0); 1462d8a7b7a3SRobert Watson } 1463d8a7b7a3SRobert Watson 1464d8a7b7a3SRobert Watson static int 146530d239bcSRobert Watson stub_vnode_check_mmap(struct ucred *cred, struct vnode *vp, 146678007886SRobert Watson struct label *vplabel, int prot, int flags) 1467e183f80eSRobert Watson { 1468e183f80eSRobert Watson 1469e183f80eSRobert Watson return (0); 1470e183f80eSRobert Watson } 1471e183f80eSRobert Watson 147217870c06SChristian S.J. Peron static void 147330d239bcSRobert Watson stub_vnode_check_mmap_downgrade(struct ucred *cred, struct vnode *vp, 147478007886SRobert Watson struct label *vplabel, int *prot) 147517870c06SChristian S.J. Peron { 147617870c06SChristian S.J. Peron 147717870c06SChristian S.J. Peron } 147817870c06SChristian S.J. Peron 147917870c06SChristian S.J. Peron static int 148030d239bcSRobert Watson stub_vnode_check_mprotect(struct ucred *cred, struct vnode *vp, 148178007886SRobert Watson struct label *vplabel, int prot) 148217870c06SChristian S.J. Peron { 148317870c06SChristian S.J. Peron 148417870c06SChristian S.J. Peron return (0); 148517870c06SChristian S.J. Peron } 148617870c06SChristian S.J. Peron 1487e183f80eSRobert Watson static int 148830d239bcSRobert Watson stub_vnode_check_open(struct ucred *cred, struct vnode *vp, 148915bc6b2bSEdward Tomasz Napierala struct label *vplabel, accmode_t accmode) 1490d8a7b7a3SRobert Watson { 1491d8a7b7a3SRobert Watson 1492d8a7b7a3SRobert Watson return (0); 1493d8a7b7a3SRobert Watson } 1494d8a7b7a3SRobert Watson 1495d8a7b7a3SRobert Watson static int 149630d239bcSRobert Watson stub_vnode_check_poll(struct ucred *active_cred, struct ucred *file_cred, 149778007886SRobert Watson struct vnode *vp, struct label *vplabel) 14987f724f8bSRobert Watson { 14997f724f8bSRobert Watson 15007f724f8bSRobert Watson return (0); 15017f724f8bSRobert Watson } 15027f724f8bSRobert Watson 15037f724f8bSRobert Watson static int 150430d239bcSRobert Watson stub_vnode_check_read(struct ucred *active_cred, struct ucred *file_cred, 150578007886SRobert Watson struct vnode *vp, struct label *vplabel) 15067f724f8bSRobert Watson { 15077f724f8bSRobert Watson 15087f724f8bSRobert Watson return (0); 15097f724f8bSRobert Watson } 15107f724f8bSRobert Watson 15117f724f8bSRobert Watson static int 151230d239bcSRobert Watson stub_vnode_check_readdir(struct ucred *cred, struct vnode *vp, 151378007886SRobert Watson struct label *dvplabel) 1514d8a7b7a3SRobert Watson { 1515d8a7b7a3SRobert Watson 1516d8a7b7a3SRobert Watson return (0); 1517d8a7b7a3SRobert Watson } 1518d8a7b7a3SRobert Watson 1519d8a7b7a3SRobert Watson static int 152030d239bcSRobert Watson stub_vnode_check_readlink(struct ucred *cred, struct vnode *vp, 152178007886SRobert Watson struct label *vplabel) 1522d8a7b7a3SRobert Watson { 1523d8a7b7a3SRobert Watson 1524d8a7b7a3SRobert Watson return (0); 1525d8a7b7a3SRobert Watson } 1526d8a7b7a3SRobert Watson 1527d8a7b7a3SRobert Watson static int 152830d239bcSRobert Watson stub_vnode_check_relabel(struct ucred *cred, struct vnode *vp, 152978007886SRobert Watson struct label *vplabel, struct label *newlabel) 1530d8a7b7a3SRobert Watson { 1531d8a7b7a3SRobert Watson 1532d8a7b7a3SRobert Watson return (0); 1533d8a7b7a3SRobert Watson } 1534d8a7b7a3SRobert Watson 1535d8a7b7a3SRobert Watson static int 153630d239bcSRobert Watson stub_vnode_check_rename_from(struct ucred *cred, struct vnode *dvp, 153778007886SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 1538d8a7b7a3SRobert Watson struct componentname *cnp) 1539d8a7b7a3SRobert Watson { 1540d8a7b7a3SRobert Watson 1541d8a7b7a3SRobert Watson return (0); 1542d8a7b7a3SRobert Watson } 1543d8a7b7a3SRobert Watson 1544d8a7b7a3SRobert Watson static int 154530d239bcSRobert Watson stub_vnode_check_rename_to(struct ucred *cred, struct vnode *dvp, 154678007886SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 154778007886SRobert Watson int samedir, struct componentname *cnp) 1548d8a7b7a3SRobert Watson { 1549d8a7b7a3SRobert Watson 1550d8a7b7a3SRobert Watson return (0); 1551d8a7b7a3SRobert Watson } 1552d8a7b7a3SRobert Watson 1553d8a7b7a3SRobert Watson static int 155430d239bcSRobert Watson stub_vnode_check_revoke(struct ucred *cred, struct vnode *vp, 155578007886SRobert Watson struct label *vplabel) 1556d8a7b7a3SRobert Watson { 1557d8a7b7a3SRobert Watson 1558d8a7b7a3SRobert Watson return (0); 1559d8a7b7a3SRobert Watson } 1560d8a7b7a3SRobert Watson 1561d8a7b7a3SRobert Watson static int 156230d239bcSRobert Watson stub_vnode_check_setacl(struct ucred *cred, struct vnode *vp, 156378007886SRobert Watson struct label *vplabel, acl_type_t type, struct acl *acl) 1564d8a7b7a3SRobert Watson { 1565d8a7b7a3SRobert Watson 1566d8a7b7a3SRobert Watson return (0); 1567d8a7b7a3SRobert Watson } 1568d8a7b7a3SRobert Watson 1569d8a7b7a3SRobert Watson static int 157030d239bcSRobert Watson stub_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, 1571fefd0ac8SRobert Watson struct label *vplabel, int attrnamespace, const char *name) 1572d8a7b7a3SRobert Watson { 1573d8a7b7a3SRobert Watson 1574d8a7b7a3SRobert Watson return (0); 1575d8a7b7a3SRobert Watson } 1576d8a7b7a3SRobert Watson 1577d8a7b7a3SRobert Watson static int 157830d239bcSRobert Watson stub_vnode_check_setflags(struct ucred *cred, struct vnode *vp, 157978007886SRobert Watson struct label *vplabel, u_long flags) 1580d8a7b7a3SRobert Watson { 1581d8a7b7a3SRobert Watson 1582d8a7b7a3SRobert Watson return (0); 1583d8a7b7a3SRobert Watson } 1584d8a7b7a3SRobert Watson 1585d8a7b7a3SRobert Watson static int 158630d239bcSRobert Watson stub_vnode_check_setmode(struct ucred *cred, struct vnode *vp, 158778007886SRobert Watson struct label *vplabel, mode_t mode) 1588d8a7b7a3SRobert Watson { 1589d8a7b7a3SRobert Watson 1590d8a7b7a3SRobert Watson return (0); 1591d8a7b7a3SRobert Watson } 1592d8a7b7a3SRobert Watson 1593d8a7b7a3SRobert Watson static int 159430d239bcSRobert Watson stub_vnode_check_setowner(struct ucred *cred, struct vnode *vp, 159578007886SRobert Watson struct label *vplabel, uid_t uid, gid_t gid) 1596d8a7b7a3SRobert Watson { 1597d8a7b7a3SRobert Watson 1598d8a7b7a3SRobert Watson return (0); 1599d8a7b7a3SRobert Watson } 1600d8a7b7a3SRobert Watson 1601d8a7b7a3SRobert Watson static int 160230d239bcSRobert Watson stub_vnode_check_setutimes(struct ucred *cred, struct vnode *vp, 160378007886SRobert Watson struct label *vplabel, struct timespec atime, struct timespec mtime) 1604d8a7b7a3SRobert Watson { 1605d8a7b7a3SRobert Watson 1606d8a7b7a3SRobert Watson return (0); 1607d8a7b7a3SRobert Watson } 1608d8a7b7a3SRobert Watson 1609d8a7b7a3SRobert Watson static int 161030d239bcSRobert Watson stub_vnode_check_stat(struct ucred *active_cred, struct ucred *file_cred, 161178007886SRobert Watson struct vnode *vp, struct label *vplabel) 1612d8a7b7a3SRobert Watson { 1613d8a7b7a3SRobert Watson 1614d8a7b7a3SRobert Watson return (0); 1615d8a7b7a3SRobert Watson } 1616d8a7b7a3SRobert Watson 16177f724f8bSRobert Watson static int 161830d239bcSRobert Watson stub_vnode_check_unlink(struct ucred *cred, struct vnode *dvp, 161945e0f3d6SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 162045e0f3d6SRobert Watson struct componentname *cnp) 162145e0f3d6SRobert Watson { 162245e0f3d6SRobert Watson 162345e0f3d6SRobert Watson return (0); 162445e0f3d6SRobert Watson } 162545e0f3d6SRobert Watson 162645e0f3d6SRobert Watson static int 162730d239bcSRobert Watson stub_vnode_check_write(struct ucred *active_cred, struct ucred *file_cred, 162878007886SRobert Watson struct vnode *vp, struct label *vplabel) 16297f724f8bSRobert Watson { 16307f724f8bSRobert Watson 16317f724f8bSRobert Watson return (0); 16327f724f8bSRobert Watson } 16337f724f8bSRobert Watson 1634403b781eSRobert Watson static int 1635eb320b0eSRobert Watson stub_vnode_create_extattr(struct ucred *cred, struct mount *mp, 1636eb320b0eSRobert Watson struct label *mntlabel, struct vnode *dvp, struct label *dvplabel, 1637eb320b0eSRobert Watson struct vnode *vp, struct label *vplabel, struct componentname *cnp) 1638403b781eSRobert Watson { 1639403b781eSRobert Watson 1640403b781eSRobert Watson return (0); 1641403b781eSRobert Watson } 1642403b781eSRobert Watson 1643eb320b0eSRobert Watson static void 1644eb320b0eSRobert Watson stub_vnode_execve_transition(struct ucred *old, struct ucred *new, 1645eb320b0eSRobert Watson struct vnode *vp, struct label *vplabel, struct label *interpvplabel, 1646eb320b0eSRobert Watson struct image_params *imgp, struct label *execlabel) 1647403b781eSRobert Watson { 1648403b781eSRobert Watson 1649403b781eSRobert Watson } 1650403b781eSRobert Watson 1651eb320b0eSRobert Watson static int 1652eb320b0eSRobert Watson stub_vnode_execve_will_transition(struct ucred *old, struct vnode *vp, 1653eb320b0eSRobert Watson struct label *vplabel, struct label *interpvplabel, 1654eb320b0eSRobert Watson struct image_params *imgp, struct label *execlabel) 1655eb320b0eSRobert Watson { 1656eb320b0eSRobert Watson 1657eb320b0eSRobert Watson return (0); 1658eb320b0eSRobert Watson } 1659eb320b0eSRobert Watson 1660eb320b0eSRobert Watson static void 1661eb320b0eSRobert Watson stub_vnode_relabel(struct ucred *cred, struct vnode *vp, 1662eb320b0eSRobert Watson struct label *vplabel, struct label *label) 1663eb320b0eSRobert Watson { 1664eb320b0eSRobert Watson 1665eb320b0eSRobert Watson } 1666eb320b0eSRobert Watson 1667eb320b0eSRobert Watson static int 1668eb320b0eSRobert Watson stub_vnode_setlabel_extattr(struct ucred *cred, struct vnode *vp, 1669eb320b0eSRobert Watson struct label *vplabel, struct label *intlabel) 1670eb320b0eSRobert Watson { 1671eb320b0eSRobert Watson 1672eb320b0eSRobert Watson return (0); 1673eb320b0eSRobert Watson } 1674eb320b0eSRobert Watson 1675eb320b0eSRobert Watson /* 1676eb320b0eSRobert Watson * Register functions with MAC Framework policy entry points. 1677eb320b0eSRobert Watson */ 16783f1a7a90SRobert Watson static struct mac_policy_ops stub_ops = 1679d8a7b7a3SRobert Watson { 16801c3f91cdSRobert Watson .mpo_destroy = stub_destroy, 16811c3f91cdSRobert Watson .mpo_init = stub_init, 16821c3f91cdSRobert Watson .mpo_syscall = stub_syscall, 1683eb320b0eSRobert Watson 1684eb320b0eSRobert Watson .mpo_bpfdesc_check_receive = stub_bpfdesc_check_receive, 1685eb320b0eSRobert Watson .mpo_bpfdesc_create = stub_bpfdesc_create, 1686eb320b0eSRobert Watson .mpo_bpfdesc_create_mbuf = stub_bpfdesc_create_mbuf, 168730d239bcSRobert Watson .mpo_bpfdesc_destroy_label = stub_destroy_label, 1688eb320b0eSRobert Watson .mpo_bpfdesc_init_label = stub_init_label, 1689eb320b0eSRobert Watson 1690212ab0cfSRobert Watson .mpo_cred_associate_nfsd = stub_cred_associate_nfsd, 1691eb320b0eSRobert Watson .mpo_cred_check_relabel = stub_cred_check_relabel, 16926f6174a7SRobert Watson .mpo_cred_check_setaudit = stub_cred_check_setaudit, 16936f6174a7SRobert Watson .mpo_cred_check_setaudit_addr = stub_cred_check_setaudit_addr, 16946f6174a7SRobert Watson .mpo_cred_check_setauid = stub_cred_check_setauid, 16956f6174a7SRobert Watson .mpo_cred_check_setegid = stub_cred_check_setegid, 16966f6174a7SRobert Watson .mpo_cred_check_seteuid = stub_cred_check_seteuid, 16976f6174a7SRobert Watson .mpo_cred_check_setgid = stub_cred_check_setgid, 16986f6174a7SRobert Watson .mpo_cred_check_setgroups = stub_cred_check_setgroups, 16996f6174a7SRobert Watson .mpo_cred_check_setregid = stub_cred_check_setregid, 17006f6174a7SRobert Watson .mpo_cred_check_setresgid = stub_cred_check_setresgid, 17016f6174a7SRobert Watson .mpo_cred_check_setresuid = stub_cred_check_setresuid, 17026f6174a7SRobert Watson .mpo_cred_check_setreuid = stub_cred_check_setreuid, 17036f6174a7SRobert Watson .mpo_cred_check_setuid = stub_cred_check_setuid, 1704eb320b0eSRobert Watson .mpo_cred_check_visible = stub_cred_check_visible, 170530d239bcSRobert Watson .mpo_cred_copy_label = stub_copy_label, 1706212ab0cfSRobert Watson .mpo_cred_create_init = stub_cred_create_init, 1707212ab0cfSRobert Watson .mpo_cred_create_swapper = stub_cred_create_swapper, 1708eb320b0eSRobert Watson .mpo_cred_destroy_label = stub_destroy_label, 170930d239bcSRobert Watson .mpo_cred_externalize_label = stub_externalize_label, 1710eb320b0eSRobert Watson .mpo_cred_init_label = stub_init_label, 171130d239bcSRobert Watson .mpo_cred_internalize_label = stub_internalize_label, 1712eb320b0eSRobert Watson .mpo_cred_relabel= stub_cred_relabel, 1713eb320b0eSRobert Watson 1714*2449b9e5SMitchell Horne .mpo_ddb_command_exec = stub_ddb_command_exec, 1715*2449b9e5SMitchell Horne .mpo_ddb_command_register = stub_ddb_command_register, 1716*2449b9e5SMitchell Horne 171730d239bcSRobert Watson .mpo_devfs_create_device = stub_devfs_create_device, 171830d239bcSRobert Watson .mpo_devfs_create_directory = stub_devfs_create_directory, 171930d239bcSRobert Watson .mpo_devfs_create_symlink = stub_devfs_create_symlink, 1720eb320b0eSRobert Watson .mpo_devfs_destroy_label = stub_destroy_label, 1721eb320b0eSRobert Watson .mpo_devfs_init_label = stub_init_label, 172230d239bcSRobert Watson .mpo_devfs_update = stub_devfs_update, 1723eb320b0eSRobert Watson .mpo_devfs_vnode_associate = stub_devfs_vnode_associate, 1724eb320b0eSRobert Watson 172530d239bcSRobert Watson .mpo_ifnet_check_relabel = stub_ifnet_check_relabel, 172630d239bcSRobert Watson .mpo_ifnet_check_transmit = stub_ifnet_check_transmit, 1727eb320b0eSRobert Watson .mpo_ifnet_copy_label = stub_copy_label, 1728eb320b0eSRobert Watson .mpo_ifnet_create = stub_ifnet_create, 1729eb320b0eSRobert Watson .mpo_ifnet_create_mbuf = stub_ifnet_create_mbuf, 1730eb320b0eSRobert Watson .mpo_ifnet_destroy_label = stub_destroy_label, 1731eb320b0eSRobert Watson .mpo_ifnet_externalize_label = stub_externalize_label, 1732eb320b0eSRobert Watson .mpo_ifnet_init_label = stub_init_label, 1733eb320b0eSRobert Watson .mpo_ifnet_internalize_label = stub_internalize_label, 1734eb320b0eSRobert Watson .mpo_ifnet_relabel = stub_ifnet_relabel, 1735eb320b0eSRobert Watson 173630d239bcSRobert Watson .mpo_inpcb_check_deliver = stub_inpcb_check_deliver, 17377fb179baSBjoern A. Zeeb .mpo_inpcb_check_visible = stub_inpcb_check_visible, 1738eb320b0eSRobert Watson .mpo_inpcb_create = stub_inpcb_create, 1739eb320b0eSRobert Watson .mpo_inpcb_create_mbuf = stub_inpcb_create_mbuf, 1740eb320b0eSRobert Watson .mpo_inpcb_destroy_label = stub_destroy_label, 1741eb320b0eSRobert Watson .mpo_inpcb_init_label = stub_init_label_waitcheck, 1742eb320b0eSRobert Watson .mpo_inpcb_sosetlabel = stub_inpcb_sosetlabel, 1743eb320b0eSRobert Watson 1744048e1287SRobert Watson .mpo_ip6q_create = stub_ip6q_create, 1745048e1287SRobert Watson .mpo_ip6q_destroy_label = stub_destroy_label, 1746048e1287SRobert Watson .mpo_ip6q_init_label = stub_init_label_waitcheck, 1747048e1287SRobert Watson .mpo_ip6q_match = stub_ip6q_match, 1748048e1287SRobert Watson .mpo_ip6q_update = stub_ip6q_update, 1749048e1287SRobert Watson .mpo_ip6q_reassemble = stub_ip6q_reassemble, 1750048e1287SRobert Watson 1751eb320b0eSRobert Watson .mpo_ipq_create = stub_ipq_create, 1752eb320b0eSRobert Watson .mpo_ipq_destroy_label = stub_destroy_label, 1753eb320b0eSRobert Watson .mpo_ipq_init_label = stub_init_label_waitcheck, 1754eb320b0eSRobert Watson .mpo_ipq_match = stub_ipq_match, 1755eb320b0eSRobert Watson .mpo_ipq_update = stub_ipq_update, 1756eb320b0eSRobert Watson .mpo_ipq_reassemble = stub_ipq_reassemble, 1757eb320b0eSRobert Watson 1758*2449b9e5SMitchell Horne .mpo_kdb_check_backend = stub_kdb_check_backend, 1759*2449b9e5SMitchell Horne 176030d239bcSRobert Watson .mpo_kenv_check_dump = stub_kenv_check_dump, 176130d239bcSRobert Watson .mpo_kenv_check_get = stub_kenv_check_get, 176230d239bcSRobert Watson .mpo_kenv_check_set = stub_kenv_check_set, 176330d239bcSRobert Watson .mpo_kenv_check_unset = stub_kenv_check_unset, 1764eb320b0eSRobert Watson 176530d239bcSRobert Watson .mpo_kld_check_load = stub_kld_check_load, 176630d239bcSRobert Watson .mpo_kld_check_stat = stub_kld_check_stat, 1767eb320b0eSRobert Watson 1768eb320b0eSRobert Watson .mpo_mbuf_copy_label = stub_copy_label, 1769eb320b0eSRobert Watson .mpo_mbuf_destroy_label = stub_destroy_label, 1770eb320b0eSRobert Watson .mpo_mbuf_init_label = stub_init_label_waitcheck, 1771eb320b0eSRobert Watson 177230d239bcSRobert Watson .mpo_mount_check_stat = stub_mount_check_stat, 1773eb320b0eSRobert Watson .mpo_mount_create = stub_mount_create, 1774eb320b0eSRobert Watson .mpo_mount_destroy_label = stub_destroy_label, 1775eb320b0eSRobert Watson .mpo_mount_init_label = stub_init_label, 1776eb320b0eSRobert Watson 1777eb320b0eSRobert Watson .mpo_netinet_arp_send = stub_netinet_arp_send, 1778eb320b0eSRobert Watson .mpo_netinet_firewall_reply = stub_netinet_firewall_reply, 1779eb320b0eSRobert Watson .mpo_netinet_firewall_send = stub_netinet_firewall_send, 1780eb320b0eSRobert Watson .mpo_netinet_fragment = stub_netinet_fragment, 1781eb320b0eSRobert Watson .mpo_netinet_icmp_reply = stub_netinet_icmp_reply, 1782eb320b0eSRobert Watson .mpo_netinet_icmp_replyinplace = stub_netinet_icmp_replyinplace, 1783eb320b0eSRobert Watson .mpo_netinet_tcp_reply = stub_netinet_tcp_reply, 1784eb320b0eSRobert Watson .mpo_netinet_igmp_send = stub_netinet_igmp_send, 1785eb320b0eSRobert Watson 1786eb320b0eSRobert Watson .mpo_netinet6_nd6_send = stub_netinet6_nd6_send, 1787eb320b0eSRobert Watson 178830d239bcSRobert Watson .mpo_pipe_check_ioctl = stub_pipe_check_ioctl, 178930d239bcSRobert Watson .mpo_pipe_check_poll = stub_pipe_check_poll, 179030d239bcSRobert Watson .mpo_pipe_check_read = stub_pipe_check_read, 179130d239bcSRobert Watson .mpo_pipe_check_relabel = stub_pipe_check_relabel, 179230d239bcSRobert Watson .mpo_pipe_check_stat = stub_pipe_check_stat, 179330d239bcSRobert Watson .mpo_pipe_check_write = stub_pipe_check_write, 1794eb320b0eSRobert Watson .mpo_pipe_copy_label = stub_copy_label, 1795eb320b0eSRobert Watson .mpo_pipe_create = stub_pipe_create, 1796eb320b0eSRobert Watson .mpo_pipe_destroy_label = stub_destroy_label, 1797eb320b0eSRobert Watson .mpo_pipe_externalize_label = stub_externalize_label, 1798eb320b0eSRobert Watson .mpo_pipe_init_label = stub_init_label, 1799eb320b0eSRobert Watson .mpo_pipe_internalize_label = stub_internalize_label, 1800eb320b0eSRobert Watson .mpo_pipe_relabel = stub_pipe_relabel, 1801eb320b0eSRobert Watson 180230d239bcSRobert Watson .mpo_posixsem_check_getvalue = stub_posixsem_check_getvalue, 180330d239bcSRobert Watson .mpo_posixsem_check_open = stub_posixsem_check_open, 180430d239bcSRobert Watson .mpo_posixsem_check_post = stub_posixsem_check_post, 18059c00bb91SKonstantin Belousov .mpo_posixsem_check_setmode = stub_posixsem_check_setmode, 18069c00bb91SKonstantin Belousov .mpo_posixsem_check_setowner = stub_posixsem_check_setowner, 18076bc1e9cdSJohn Baldwin .mpo_posixsem_check_stat = stub_posixsem_check_stat, 180830d239bcSRobert Watson .mpo_posixsem_check_unlink = stub_posixsem_check_unlink, 180930d239bcSRobert Watson .mpo_posixsem_check_wait = stub_posixsem_check_wait, 1810eb320b0eSRobert Watson .mpo_posixsem_create = stub_posixsem_create, 1811eb320b0eSRobert Watson .mpo_posixsem_destroy_label = stub_destroy_label, 1812eb320b0eSRobert Watson .mpo_posixsem_init_label = stub_init_label, 1813eb320b0eSRobert Watson 18149b6dd12eSRobert Watson .mpo_posixshm_check_create = stub_posixshm_check_create, 18158e38aeffSJohn Baldwin .mpo_posixshm_check_mmap = stub_posixshm_check_mmap, 18168e38aeffSJohn Baldwin .mpo_posixshm_check_open = stub_posixshm_check_open, 1817940cb0e2SKonstantin Belousov .mpo_posixshm_check_read = stub_posixshm_check_read, 18189c00bb91SKonstantin Belousov .mpo_posixshm_check_setmode = stub_posixshm_check_setmode, 18199c00bb91SKonstantin Belousov .mpo_posixshm_check_setowner = stub_posixshm_check_setowner, 18208e38aeffSJohn Baldwin .mpo_posixshm_check_stat = stub_posixshm_check_stat, 18218e38aeffSJohn Baldwin .mpo_posixshm_check_truncate = stub_posixshm_check_truncate, 18228e38aeffSJohn Baldwin .mpo_posixshm_check_unlink = stub_posixshm_check_unlink, 1823940cb0e2SKonstantin Belousov .mpo_posixshm_check_write = stub_posixshm_check_write, 18248e38aeffSJohn Baldwin .mpo_posixshm_create = stub_posixshm_create, 18258e38aeffSJohn Baldwin .mpo_posixshm_destroy_label = stub_destroy_label, 18268e38aeffSJohn Baldwin .mpo_posixshm_init_label = stub_init_label, 18278e38aeffSJohn Baldwin 1828eb320b0eSRobert Watson .mpo_priv_check = stub_priv_check, 1829eb320b0eSRobert Watson .mpo_priv_grant = stub_priv_grant, 1830eb320b0eSRobert Watson 183130d239bcSRobert Watson .mpo_proc_check_debug = stub_proc_check_debug, 183230d239bcSRobert Watson .mpo_proc_check_sched = stub_proc_check_sched, 183330d239bcSRobert Watson .mpo_proc_check_signal = stub_proc_check_signal, 183430d239bcSRobert Watson .mpo_proc_check_wait = stub_proc_check_wait, 1835eb320b0eSRobert Watson 183630d239bcSRobert Watson .mpo_socket_check_accept = stub_socket_check_accept, 183730d239bcSRobert Watson .mpo_socket_check_bind = stub_socket_check_bind, 183830d239bcSRobert Watson .mpo_socket_check_connect = stub_socket_check_connect, 183930d239bcSRobert Watson .mpo_socket_check_create = stub_socket_check_create, 184030d239bcSRobert Watson .mpo_socket_check_deliver = stub_socket_check_deliver, 184130d239bcSRobert Watson .mpo_socket_check_listen = stub_socket_check_listen, 184230d239bcSRobert Watson .mpo_socket_check_poll = stub_socket_check_poll, 184330d239bcSRobert Watson .mpo_socket_check_receive = stub_socket_check_receive, 184430d239bcSRobert Watson .mpo_socket_check_relabel = stub_socket_check_relabel, 184530d239bcSRobert Watson .mpo_socket_check_send = stub_socket_check_send, 184630d239bcSRobert Watson .mpo_socket_check_stat = stub_socket_check_stat, 184730d239bcSRobert Watson .mpo_socket_check_visible = stub_socket_check_visible, 1848eb320b0eSRobert Watson .mpo_socket_copy_label = stub_copy_label, 1849eb320b0eSRobert Watson .mpo_socket_create = stub_socket_create, 1850eb320b0eSRobert Watson .mpo_socket_create_mbuf = stub_socket_create_mbuf, 1851eb320b0eSRobert Watson .mpo_socket_destroy_label = stub_destroy_label, 1852eb320b0eSRobert Watson .mpo_socket_externalize_label = stub_externalize_label, 1853eb320b0eSRobert Watson .mpo_socket_init_label = stub_init_label_waitcheck, 1854eb320b0eSRobert Watson .mpo_socket_internalize_label = stub_internalize_label, 1855eb320b0eSRobert Watson .mpo_socket_newconn = stub_socket_newconn, 1856eb320b0eSRobert Watson .mpo_socket_relabel = stub_socket_relabel, 1857eb320b0eSRobert Watson 1858eb320b0eSRobert Watson .mpo_socketpeer_destroy_label = stub_destroy_label, 1859eb320b0eSRobert Watson .mpo_socketpeer_externalize_label = stub_externalize_label, 1860eb320b0eSRobert Watson .mpo_socketpeer_init_label = stub_init_label_waitcheck, 1861eb320b0eSRobert Watson .mpo_socketpeer_set_from_mbuf = stub_socketpeer_set_from_mbuf, 1862eb320b0eSRobert Watson .mpo_socketpeer_set_from_socket = stub_socketpeer_set_from_socket, 1863eb320b0eSRobert Watson 1864eb320b0eSRobert Watson .mpo_syncache_init_label = stub_init_label_waitcheck, 1865eb320b0eSRobert Watson .mpo_syncache_destroy_label = stub_destroy_label, 1866eb320b0eSRobert Watson .mpo_syncache_create = stub_syncache_create, 1867eb320b0eSRobert Watson .mpo_syncache_create_mbuf= stub_syncache_create_mbuf, 1868eb320b0eSRobert Watson 1869eb320b0eSRobert Watson .mpo_sysvmsg_cleanup = stub_sysvmsg_cleanup, 1870eb320b0eSRobert Watson .mpo_sysvmsg_create = stub_sysvmsg_create, 1871eb320b0eSRobert Watson .mpo_sysvmsg_destroy_label = stub_destroy_label, 1872eb320b0eSRobert Watson .mpo_sysvmsg_init_label = stub_init_label, 1873eb320b0eSRobert Watson 1874eb320b0eSRobert Watson .mpo_sysvmsq_check_msgmsq = stub_sysvmsq_check_msgmsq, 1875eb320b0eSRobert Watson .mpo_sysvmsq_check_msgrcv = stub_sysvmsq_check_msgrcv, 1876eb320b0eSRobert Watson .mpo_sysvmsq_check_msgrmid = stub_sysvmsq_check_msgrmid, 1877eb320b0eSRobert Watson .mpo_sysvmsq_check_msqget = stub_sysvmsq_check_msqget, 1878eb320b0eSRobert Watson .mpo_sysvmsq_check_msqsnd = stub_sysvmsq_check_msqsnd, 1879eb320b0eSRobert Watson .mpo_sysvmsq_check_msqrcv = stub_sysvmsq_check_msqrcv, 1880eb320b0eSRobert Watson .mpo_sysvmsq_check_msqctl = stub_sysvmsq_check_msqctl, 1881eb320b0eSRobert Watson .mpo_sysvmsq_cleanup = stub_sysvmsq_cleanup, 1882eb320b0eSRobert Watson .mpo_sysvmsq_create = stub_sysvmsq_create, 1883eb320b0eSRobert Watson .mpo_sysvmsq_destroy_label = stub_destroy_label, 1884eb320b0eSRobert Watson .mpo_sysvmsq_init_label = stub_init_label, 1885eb320b0eSRobert Watson 1886eb320b0eSRobert Watson .mpo_sysvsem_check_semctl = stub_sysvsem_check_semctl, 1887eb320b0eSRobert Watson .mpo_sysvsem_check_semget = stub_sysvsem_check_semget, 1888eb320b0eSRobert Watson .mpo_sysvsem_check_semop = stub_sysvsem_check_semop, 1889eb320b0eSRobert Watson .mpo_sysvsem_cleanup = stub_sysvsem_cleanup, 1890eb320b0eSRobert Watson .mpo_sysvsem_create = stub_sysvsem_create, 1891eb320b0eSRobert Watson .mpo_sysvsem_destroy_label = stub_destroy_label, 1892eb320b0eSRobert Watson .mpo_sysvsem_init_label = stub_init_label, 1893eb320b0eSRobert Watson 1894eb320b0eSRobert Watson .mpo_sysvshm_check_shmat = stub_sysvshm_check_shmat, 1895eb320b0eSRobert Watson .mpo_sysvshm_check_shmctl = stub_sysvshm_check_shmctl, 1896eb320b0eSRobert Watson .mpo_sysvshm_check_shmdt = stub_sysvshm_check_shmdt, 1897eb320b0eSRobert Watson .mpo_sysvshm_check_shmget = stub_sysvshm_check_shmget, 1898eb320b0eSRobert Watson .mpo_sysvshm_cleanup = stub_sysvshm_cleanup, 1899eb320b0eSRobert Watson .mpo_sysvshm_create = stub_sysvshm_create, 1900eb320b0eSRobert Watson .mpo_sysvshm_destroy_label = stub_destroy_label, 1901eb320b0eSRobert Watson .mpo_sysvshm_init_label = stub_init_label, 1902eb320b0eSRobert Watson 190330d239bcSRobert Watson .mpo_system_check_acct = stub_system_check_acct, 190430d239bcSRobert Watson .mpo_system_check_audit = stub_system_check_audit, 190530d239bcSRobert Watson .mpo_system_check_auditctl = stub_system_check_auditctl, 190630d239bcSRobert Watson .mpo_system_check_auditon = stub_system_check_auditon, 190730d239bcSRobert Watson .mpo_system_check_reboot = stub_system_check_reboot, 190830d239bcSRobert Watson .mpo_system_check_swapoff = stub_system_check_swapoff, 190930d239bcSRobert Watson .mpo_system_check_swapon = stub_system_check_swapon, 191030d239bcSRobert Watson .mpo_system_check_sysctl = stub_system_check_sysctl, 1911eb320b0eSRobert Watson 1912eb320b0eSRobert Watson .mpo_thread_userret = stub_thread_userret, 1913eb320b0eSRobert Watson 1914eb320b0eSRobert Watson .mpo_vnode_associate_extattr = stub_vnode_associate_extattr, 1915eb320b0eSRobert Watson .mpo_vnode_associate_singlelabel = stub_vnode_associate_singlelabel, 191630d239bcSRobert Watson .mpo_vnode_check_access = stub_vnode_check_access, 191730d239bcSRobert Watson .mpo_vnode_check_chdir = stub_vnode_check_chdir, 191830d239bcSRobert Watson .mpo_vnode_check_chroot = stub_vnode_check_chroot, 191930d239bcSRobert Watson .mpo_vnode_check_create = stub_vnode_check_create, 192030d239bcSRobert Watson .mpo_vnode_check_deleteacl = stub_vnode_check_deleteacl, 192130d239bcSRobert Watson .mpo_vnode_check_deleteextattr = stub_vnode_check_deleteextattr, 192230d239bcSRobert Watson .mpo_vnode_check_exec = stub_vnode_check_exec, 192330d239bcSRobert Watson .mpo_vnode_check_getacl = stub_vnode_check_getacl, 192430d239bcSRobert Watson .mpo_vnode_check_getextattr = stub_vnode_check_getextattr, 192530d239bcSRobert Watson .mpo_vnode_check_link = stub_vnode_check_link, 192630d239bcSRobert Watson .mpo_vnode_check_listextattr = stub_vnode_check_listextattr, 192730d239bcSRobert Watson .mpo_vnode_check_lookup = stub_vnode_check_lookup, 192830d239bcSRobert Watson .mpo_vnode_check_mmap = stub_vnode_check_mmap, 192930d239bcSRobert Watson .mpo_vnode_check_mmap_downgrade = stub_vnode_check_mmap_downgrade, 193030d239bcSRobert Watson .mpo_vnode_check_mprotect = stub_vnode_check_mprotect, 193130d239bcSRobert Watson .mpo_vnode_check_open = stub_vnode_check_open, 193230d239bcSRobert Watson .mpo_vnode_check_poll = stub_vnode_check_poll, 193330d239bcSRobert Watson .mpo_vnode_check_read = stub_vnode_check_read, 193430d239bcSRobert Watson .mpo_vnode_check_readdir = stub_vnode_check_readdir, 193530d239bcSRobert Watson .mpo_vnode_check_readlink = stub_vnode_check_readlink, 193630d239bcSRobert Watson .mpo_vnode_check_relabel = stub_vnode_check_relabel, 193730d239bcSRobert Watson .mpo_vnode_check_rename_from = stub_vnode_check_rename_from, 193830d239bcSRobert Watson .mpo_vnode_check_rename_to = stub_vnode_check_rename_to, 193930d239bcSRobert Watson .mpo_vnode_check_revoke = stub_vnode_check_revoke, 194030d239bcSRobert Watson .mpo_vnode_check_setacl = stub_vnode_check_setacl, 194130d239bcSRobert Watson .mpo_vnode_check_setextattr = stub_vnode_check_setextattr, 194230d239bcSRobert Watson .mpo_vnode_check_setflags = stub_vnode_check_setflags, 194330d239bcSRobert Watson .mpo_vnode_check_setmode = stub_vnode_check_setmode, 194430d239bcSRobert Watson .mpo_vnode_check_setowner = stub_vnode_check_setowner, 194530d239bcSRobert Watson .mpo_vnode_check_setutimes = stub_vnode_check_setutimes, 194630d239bcSRobert Watson .mpo_vnode_check_stat = stub_vnode_check_stat, 194730d239bcSRobert Watson .mpo_vnode_check_unlink = stub_vnode_check_unlink, 194830d239bcSRobert Watson .mpo_vnode_check_write = stub_vnode_check_write, 1949eb320b0eSRobert Watson .mpo_vnode_copy_label = stub_copy_label, 1950eb320b0eSRobert Watson .mpo_vnode_create_extattr = stub_vnode_create_extattr, 1951eb320b0eSRobert Watson .mpo_vnode_destroy_label = stub_destroy_label, 1952eb320b0eSRobert Watson .mpo_vnode_execve_transition = stub_vnode_execve_transition, 1953eb320b0eSRobert Watson .mpo_vnode_execve_will_transition = stub_vnode_execve_will_transition, 1954eb320b0eSRobert Watson .mpo_vnode_externalize_label = stub_externalize_label, 1955eb320b0eSRobert Watson .mpo_vnode_init_label = stub_init_label, 1956eb320b0eSRobert Watson .mpo_vnode_internalize_label = stub_internalize_label, 1957eb320b0eSRobert Watson .mpo_vnode_relabel = stub_vnode_relabel, 1958eb320b0eSRobert Watson .mpo_vnode_setlabel_extattr = stub_vnode_setlabel_extattr, 1959d8a7b7a3SRobert Watson }; 1960d8a7b7a3SRobert Watson 19613f1a7a90SRobert Watson MAC_POLICY_SET(&stub_ops, mac_stub, "TrustedBSD MAC/Stub", 19629162f64bSRobert Watson MPC_LOADTIME_FLAG_UNLOADOK, NULL); 1963