1d8a7b7a3SRobert Watson /*- 29b6dd12eSRobert Watson * Copyright (c) 1999-2002, 2007-2011 Robert N. M. Watson 3ba53d9c9SRobert Watson * Copyright (c) 2001-2005 McAfee, Inc. 430d239bcSRobert Watson * Copyright (c) 2005-2006 SPARTA, Inc. 56356dba0SRobert Watson * Copyright (c) 2008 Apple Inc. 6d8a7b7a3SRobert Watson * All rights reserved. 7d8a7b7a3SRobert Watson * 8d8a7b7a3SRobert Watson * This software was developed by Robert Watson for the TrustedBSD Project. 9d8a7b7a3SRobert Watson * 10ba53d9c9SRobert Watson * This software was developed for the FreeBSD Project in part by McAfee 11ba53d9c9SRobert Watson * Research, the Security Research Division of McAfee, Inc. under 12ba53d9c9SRobert Watson * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA 13ba53d9c9SRobert Watson * CHATS research program. 14d8a7b7a3SRobert Watson * 156758f88eSRobert Watson * This software was enhanced by SPARTA ISSO under SPAWAR contract 166758f88eSRobert Watson * N66001-04-C-6019 ("SEFOS"). 176758f88eSRobert Watson * 186f6174a7SRobert Watson * This software was developed at the University of Cambridge Computer 196f6174a7SRobert Watson * Laboratory with support from a grant from Google, Inc. 206f6174a7SRobert Watson * 21d8a7b7a3SRobert Watson * Redistribution and use in source and binary forms, with or without 22d8a7b7a3SRobert Watson * modification, are permitted provided that the following conditions 23d8a7b7a3SRobert Watson * are met: 24d8a7b7a3SRobert Watson * 1. Redistributions of source code must retain the above copyright 25d8a7b7a3SRobert Watson * notice, this list of conditions and the following disclaimer. 26d8a7b7a3SRobert Watson * 2. Redistributions in binary form must reproduce the above copyright 27d8a7b7a3SRobert Watson * notice, this list of conditions and the following disclaimer in the 28d8a7b7a3SRobert Watson * documentation and/or other materials provided with the distribution. 29d8a7b7a3SRobert Watson * 30d8a7b7a3SRobert Watson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 31d8a7b7a3SRobert Watson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 32d8a7b7a3SRobert Watson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 33d8a7b7a3SRobert Watson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 34d8a7b7a3SRobert Watson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 35d8a7b7a3SRobert Watson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 36d8a7b7a3SRobert Watson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 37d8a7b7a3SRobert Watson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 38d8a7b7a3SRobert Watson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 39d8a7b7a3SRobert Watson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 40d8a7b7a3SRobert Watson * SUCH DAMAGE. 41d8a7b7a3SRobert Watson * 42d8a7b7a3SRobert Watson * $FreeBSD$ 43d8a7b7a3SRobert Watson */ 44d8a7b7a3SRobert Watson 45d8a7b7a3SRobert Watson /* 46d8a7b7a3SRobert Watson * Developed by the TrustedBSD Project. 471c3f91cdSRobert Watson * 481c3f91cdSRobert Watson * Stub module that implements a NOOP for most (if not all) MAC Framework 491c3f91cdSRobert Watson * policy entry points. 50d8a7b7a3SRobert Watson */ 51d8a7b7a3SRobert Watson 52d8a7b7a3SRobert Watson #include <sys/types.h> 53d8a7b7a3SRobert Watson #include <sys/param.h> 54d8a7b7a3SRobert Watson #include <sys/acl.h> 55d8a7b7a3SRobert Watson #include <sys/conf.h> 56763bbd2fSRobert Watson #include <sys/extattr.h> 57d8a7b7a3SRobert Watson #include <sys/kernel.h> 586aeb05d7STom Rhodes #include <sys/ksem.h> 59d8a7b7a3SRobert Watson #include <sys/mount.h> 60d8a7b7a3SRobert Watson #include <sys/proc.h> 61d8a7b7a3SRobert Watson #include <sys/systm.h> 62d8a7b7a3SRobert Watson #include <sys/sysproto.h> 63d8a7b7a3SRobert Watson #include <sys/sysent.h> 64d8a7b7a3SRobert Watson #include <sys/vnode.h> 65d8a7b7a3SRobert Watson #include <sys/file.h> 66d8a7b7a3SRobert Watson #include <sys/socket.h> 67d8a7b7a3SRobert Watson #include <sys/socketvar.h> 68d8a7b7a3SRobert Watson #include <sys/pipe.h> 6936422989SPoul-Henning Kamp #include <sys/sx.h> 70d8a7b7a3SRobert Watson #include <sys/sysctl.h> 71ba53d9c9SRobert Watson #include <sys/msg.h> 72ba53d9c9SRobert Watson #include <sys/sem.h> 73ba53d9c9SRobert Watson #include <sys/shm.h> 74d8a7b7a3SRobert Watson 75d8a7b7a3SRobert Watson #include <fs/devfs/devfs.h> 76d8a7b7a3SRobert Watson 77d8a7b7a3SRobert Watson #include <net/bpfdesc.h> 78d8a7b7a3SRobert Watson #include <net/if.h> 79d8a7b7a3SRobert Watson #include <net/if_types.h> 80d8a7b7a3SRobert Watson #include <net/if_var.h> 81d8a7b7a3SRobert Watson 82d8a7b7a3SRobert Watson #include <netinet/in.h> 83a557af22SRobert Watson #include <netinet/in_pcb.h> 84d8a7b7a3SRobert Watson #include <netinet/ip_var.h> 85d8a7b7a3SRobert Watson 86d8a7b7a3SRobert Watson #include <vm/vm.h> 87d8a7b7a3SRobert Watson 880efd6615SRobert Watson #include <security/mac/mac_policy.h> 89d8a7b7a3SRobert Watson 90d8a7b7a3SRobert Watson SYSCTL_DECL(_security_mac); 91d8a7b7a3SRobert Watson 92*7029da5cSPawel Biernacki static SYSCTL_NODE(_security_mac, OID_AUTO, stub, 93*7029da5cSPawel Biernacki CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 941c3f91cdSRobert Watson "TrustedBSD mac_stub policy controls"); 95d8a7b7a3SRobert Watson 961c3f91cdSRobert Watson static int stub_enabled = 1; 971c3f91cdSRobert Watson SYSCTL_INT(_security_mac_stub, OID_AUTO, enabled, CTLFLAG_RW, 981c3f91cdSRobert Watson &stub_enabled, 0, "Enforce mac_stub policy"); 99d8a7b7a3SRobert Watson 100d8a7b7a3SRobert Watson /* 101d8a7b7a3SRobert Watson * Policy module operations. 102d8a7b7a3SRobert Watson */ 103d8a7b7a3SRobert Watson static void 1041c3f91cdSRobert Watson stub_destroy(struct mac_policy_conf *conf) 105d8a7b7a3SRobert Watson { 106d8a7b7a3SRobert Watson 107d8a7b7a3SRobert Watson } 108d8a7b7a3SRobert Watson 109d8a7b7a3SRobert Watson static void 1101c3f91cdSRobert Watson stub_init(struct mac_policy_conf *conf) 111d8a7b7a3SRobert Watson { 112d8a7b7a3SRobert Watson 113d8a7b7a3SRobert Watson } 114d8a7b7a3SRobert Watson 1158a97ecf6SRobert Watson static int 1161c3f91cdSRobert Watson stub_syscall(struct thread *td, int call, void *arg) 1178a97ecf6SRobert Watson { 1188a97ecf6SRobert Watson 1198a97ecf6SRobert Watson return (0); 1208a97ecf6SRobert Watson } 1218a97ecf6SRobert Watson 122d8a7b7a3SRobert Watson /* 123d8a7b7a3SRobert Watson * Label operations. 124d8a7b7a3SRobert Watson */ 125d8a7b7a3SRobert Watson static void 1261c3f91cdSRobert Watson stub_init_label(struct label *label) 127d8a7b7a3SRobert Watson { 128d8a7b7a3SRobert Watson 129d8a7b7a3SRobert Watson } 130d8a7b7a3SRobert Watson 131d8a7b7a3SRobert Watson static int 1321c3f91cdSRobert Watson stub_init_label_waitcheck(struct label *label, int flag) 133d8a7b7a3SRobert Watson { 134d8a7b7a3SRobert Watson 135d8a7b7a3SRobert Watson return (0); 136d8a7b7a3SRobert Watson } 137d8a7b7a3SRobert Watson 138d8a7b7a3SRobert Watson static void 1391c3f91cdSRobert Watson stub_destroy_label(struct label *label) 140d8a7b7a3SRobert Watson { 141d8a7b7a3SRobert Watson 142d8a7b7a3SRobert Watson } 143d8a7b7a3SRobert Watson 1440196273bSRobert Watson static void 1450196273bSRobert Watson stub_copy_label(struct label *src, struct label *dest) 1460196273bSRobert Watson { 1470196273bSRobert Watson 1480196273bSRobert Watson } 1490196273bSRobert Watson 150d8a7b7a3SRobert Watson static int 1511c3f91cdSRobert Watson stub_externalize_label(struct label *label, char *element_name, 152f51e5803SRobert Watson struct sbuf *sb, int *claimed) 153d8a7b7a3SRobert Watson { 154d8a7b7a3SRobert Watson 155d8a7b7a3SRobert Watson return (0); 156d8a7b7a3SRobert Watson } 157d8a7b7a3SRobert Watson 158d8a7b7a3SRobert Watson static int 1591c3f91cdSRobert Watson stub_internalize_label(struct label *label, char *element_name, 16024e8d0d0SRobert Watson char *element_data, int *claimed) 161d8a7b7a3SRobert Watson { 162d8a7b7a3SRobert Watson 163d8a7b7a3SRobert Watson return (0); 164d8a7b7a3SRobert Watson } 165d8a7b7a3SRobert Watson 166d8a7b7a3SRobert Watson /* 167eb320b0eSRobert Watson * Object-specific entry point imeplementations are sorted alphabetically by 168eb320b0eSRobert Watson * object type name and then by operation. 169d8a7b7a3SRobert Watson */ 170763bbd2fSRobert Watson static int 171eb320b0eSRobert Watson stub_bpfdesc_check_receive(struct bpf_d *d, struct label *dlabel, 172eb320b0eSRobert Watson struct ifnet *ifp, struct label *ifplabel) 173763bbd2fSRobert Watson { 174763bbd2fSRobert Watson 175763bbd2fSRobert Watson return (0); 176763bbd2fSRobert Watson } 177763bbd2fSRobert Watson 178763bbd2fSRobert Watson static void 179eb320b0eSRobert Watson stub_bpfdesc_create(struct ucred *cred, struct bpf_d *d, 180eb320b0eSRobert Watson struct label *dlabel) 181eb320b0eSRobert Watson { 182eb320b0eSRobert Watson 183eb320b0eSRobert Watson } 184eb320b0eSRobert Watson 185eb320b0eSRobert Watson static void 186eb320b0eSRobert Watson stub_bpfdesc_create_mbuf(struct bpf_d *d, struct label *dlabel, 187eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 188eb320b0eSRobert Watson { 189eb320b0eSRobert Watson 190eb320b0eSRobert Watson } 191eb320b0eSRobert Watson 192212ab0cfSRobert Watson static void 193212ab0cfSRobert Watson stub_cred_associate_nfsd(struct ucred *cred) 194212ab0cfSRobert Watson { 195212ab0cfSRobert Watson 196212ab0cfSRobert Watson } 197212ab0cfSRobert Watson 198eb320b0eSRobert Watson static int 199eb320b0eSRobert Watson stub_cred_check_relabel(struct ucred *cred, struct label *newlabel) 200eb320b0eSRobert Watson { 201eb320b0eSRobert Watson 202eb320b0eSRobert Watson return (0); 203eb320b0eSRobert Watson } 204eb320b0eSRobert Watson 205eb320b0eSRobert Watson static int 2066f6174a7SRobert Watson stub_cred_check_setaudit(struct ucred *cred, struct auditinfo *ai) 2076f6174a7SRobert Watson { 2086f6174a7SRobert Watson 2096f6174a7SRobert Watson return (0); 2106f6174a7SRobert Watson } 2116f6174a7SRobert Watson 2126f6174a7SRobert Watson static int 2136f6174a7SRobert Watson stub_cred_check_setaudit_addr(struct ucred *cred, struct auditinfo_addr *aia) 2146f6174a7SRobert Watson { 2156f6174a7SRobert Watson 2166f6174a7SRobert Watson return (0); 2176f6174a7SRobert Watson } 2186f6174a7SRobert Watson 2196f6174a7SRobert Watson static int 2206f6174a7SRobert Watson stub_cred_check_setauid(struct ucred *cred, uid_t auid) 2216f6174a7SRobert Watson { 2226f6174a7SRobert Watson 2236f6174a7SRobert Watson return (0); 2246f6174a7SRobert Watson } 2256f6174a7SRobert Watson 2266f6174a7SRobert Watson static int 2276f6174a7SRobert Watson stub_cred_check_setegid(struct ucred *cred, gid_t egid) 2286f6174a7SRobert Watson { 2296f6174a7SRobert Watson 2306f6174a7SRobert Watson return (0); 2316f6174a7SRobert Watson } 2326f6174a7SRobert Watson 2336f6174a7SRobert Watson static int 2346f6174a7SRobert Watson stub_cred_check_seteuid(struct ucred *cred, uid_t euid) 2356f6174a7SRobert Watson { 2366f6174a7SRobert Watson 2376f6174a7SRobert Watson return (0); 2386f6174a7SRobert Watson } 2396f6174a7SRobert Watson 2406f6174a7SRobert Watson static int 2416f6174a7SRobert Watson stub_cred_check_setgid(struct ucred *cred, gid_t gid) 2426f6174a7SRobert Watson { 2436f6174a7SRobert Watson 2446f6174a7SRobert Watson return (0); 2456f6174a7SRobert Watson } 2466f6174a7SRobert Watson 2476f6174a7SRobert Watson static int 2486f6174a7SRobert Watson stub_cred_check_setgroups(struct ucred *cred, int ngroups, 2496f6174a7SRobert Watson gid_t *gidset) 2506f6174a7SRobert Watson { 2516f6174a7SRobert Watson 2526f6174a7SRobert Watson return (0); 2536f6174a7SRobert Watson } 2546f6174a7SRobert Watson 2556f6174a7SRobert Watson static int 2566f6174a7SRobert Watson stub_cred_check_setregid(struct ucred *cred, gid_t rgid, gid_t egid) 2576f6174a7SRobert Watson { 2586f6174a7SRobert Watson 2596f6174a7SRobert Watson return (0); 2606f6174a7SRobert Watson } 2616f6174a7SRobert Watson 2626f6174a7SRobert Watson static int 2636f6174a7SRobert Watson stub_cred_check_setresgid(struct ucred *cred, gid_t rgid, gid_t egid, 2646f6174a7SRobert Watson gid_t sgid) 2656f6174a7SRobert Watson { 2666f6174a7SRobert Watson 2676f6174a7SRobert Watson return (0); 2686f6174a7SRobert Watson } 2696f6174a7SRobert Watson 2706f6174a7SRobert Watson static int 2716f6174a7SRobert Watson stub_cred_check_setresuid(struct ucred *cred, uid_t ruid, uid_t euid, 2726f6174a7SRobert Watson uid_t suid) 2736f6174a7SRobert Watson { 2746f6174a7SRobert Watson 2756f6174a7SRobert Watson return (0); 2766f6174a7SRobert Watson } 2776f6174a7SRobert Watson 2786f6174a7SRobert Watson static int 2796f6174a7SRobert Watson stub_cred_check_setreuid(struct ucred *cred, uid_t ruid, uid_t euid) 2806f6174a7SRobert Watson { 2816f6174a7SRobert Watson 2826f6174a7SRobert Watson return (0); 2836f6174a7SRobert Watson } 2846f6174a7SRobert Watson 2856f6174a7SRobert Watson static int 2866f6174a7SRobert Watson stub_cred_check_setuid(struct ucred *cred, uid_t uid) 2876f6174a7SRobert Watson { 2886f6174a7SRobert Watson 2896f6174a7SRobert Watson return (0); 2906f6174a7SRobert Watson } 2916f6174a7SRobert Watson 2926f6174a7SRobert Watson static int 293eb320b0eSRobert Watson stub_cred_check_visible(struct ucred *cr1, struct ucred *cr2) 294eb320b0eSRobert Watson { 295eb320b0eSRobert Watson 296eb320b0eSRobert Watson return (0); 297eb320b0eSRobert Watson } 298eb320b0eSRobert Watson 299eb320b0eSRobert Watson static void 300212ab0cfSRobert Watson stub_cred_create_init(struct ucred *cred) 301212ab0cfSRobert Watson { 302212ab0cfSRobert Watson 303212ab0cfSRobert Watson } 304212ab0cfSRobert Watson 305212ab0cfSRobert Watson static void 306212ab0cfSRobert Watson stub_cred_create_swapper(struct ucred *cred) 307212ab0cfSRobert Watson { 308212ab0cfSRobert Watson 309212ab0cfSRobert Watson } 310212ab0cfSRobert Watson 311212ab0cfSRobert Watson static void 312eb320b0eSRobert Watson stub_cred_relabel(struct ucred *cred, struct label *newlabel) 313763bbd2fSRobert Watson { 314763bbd2fSRobert Watson 315763bbd2fSRobert Watson } 316763bbd2fSRobert Watson 317763bbd2fSRobert Watson static void 31830d239bcSRobert Watson stub_devfs_create_device(struct ucred *cred, struct mount *mp, 31978007886SRobert Watson struct cdev *dev, struct devfs_dirent *de, struct label *delabel) 320eea8ea31SRobert Watson { 321eea8ea31SRobert Watson 322eea8ea31SRobert Watson } 323eea8ea31SRobert Watson 324eea8ea31SRobert Watson static void 32530d239bcSRobert Watson stub_devfs_create_directory(struct mount *mp, char *dirname, 32678007886SRobert Watson int dirnamelen, struct devfs_dirent *de, struct label *delabel) 327990b4b2dSRobert Watson { 328990b4b2dSRobert Watson 329990b4b2dSRobert Watson } 330990b4b2dSRobert Watson 331990b4b2dSRobert Watson static void 33230d239bcSRobert Watson stub_devfs_create_symlink(struct ucred *cred, struct mount *mp, 333990b4b2dSRobert Watson struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de, 334990b4b2dSRobert Watson struct label *delabel) 335d8a7b7a3SRobert Watson { 336d8a7b7a3SRobert Watson 337d8a7b7a3SRobert Watson } 338d8a7b7a3SRobert Watson 339d8a7b7a3SRobert Watson static void 34030d239bcSRobert Watson stub_devfs_update(struct mount *mp, struct devfs_dirent *de, 34178007886SRobert Watson struct label *delabel, struct vnode *vp, struct label *vplabel) 342d8a7b7a3SRobert Watson { 343d8a7b7a3SRobert Watson 344d8a7b7a3SRobert Watson } 345d8a7b7a3SRobert Watson 346d8a7b7a3SRobert Watson static void 347eb320b0eSRobert Watson stub_devfs_vnode_associate(struct mount *mp, struct label *mplabel, 348eb320b0eSRobert Watson struct devfs_dirent *de, struct label *delabel, struct vnode *vp, 349eb320b0eSRobert Watson struct label *vplabel) 350d8a7b7a3SRobert Watson { 351d8a7b7a3SRobert Watson 352d8a7b7a3SRobert Watson } 353d8a7b7a3SRobert Watson 354d8a7b7a3SRobert Watson static int 35530d239bcSRobert Watson stub_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifp, 35678007886SRobert Watson struct label *ifplabel, struct label *newlabel) 357d8a7b7a3SRobert Watson { 358d8a7b7a3SRobert Watson 359d8a7b7a3SRobert Watson return (0); 360d8a7b7a3SRobert Watson } 361d8a7b7a3SRobert Watson 362d8a7b7a3SRobert Watson static int 36330d239bcSRobert Watson stub_ifnet_check_transmit(struct ifnet *ifp, struct label *ifplabel, 36478007886SRobert Watson struct mbuf *m, struct label *mlabel) 365d8a7b7a3SRobert Watson { 366d8a7b7a3SRobert Watson 367d8a7b7a3SRobert Watson return (0); 368d8a7b7a3SRobert Watson } 369d8a7b7a3SRobert Watson 370eb320b0eSRobert Watson static void 371eb320b0eSRobert Watson stub_ifnet_create(struct ifnet *ifp, struct label *ifplabel) 372eb320b0eSRobert Watson { 373eb320b0eSRobert Watson 374eb320b0eSRobert Watson } 375eb320b0eSRobert Watson 376eb320b0eSRobert Watson static void 377eb320b0eSRobert Watson stub_ifnet_create_mbuf(struct ifnet *ifp, struct label *ifplabel, 378eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 379eb320b0eSRobert Watson { 380eb320b0eSRobert Watson 381eb320b0eSRobert Watson } 382eb320b0eSRobert Watson 383eb320b0eSRobert Watson static void 384eb320b0eSRobert Watson stub_ifnet_relabel(struct ucred *cred, struct ifnet *ifp, 385eb320b0eSRobert Watson struct label *ifplabel, struct label *newlabel) 386eb320b0eSRobert Watson { 387eb320b0eSRobert Watson 388eb320b0eSRobert Watson } 389eb320b0eSRobert Watson 390d8a7b7a3SRobert Watson static int 39130d239bcSRobert Watson stub_inpcb_check_deliver(struct inpcb *inp, struct label *inplabel, 392a557af22SRobert Watson struct mbuf *m, struct label *mlabel) 393a557af22SRobert Watson { 394a557af22SRobert Watson 395a557af22SRobert Watson return (0); 396a557af22SRobert Watson } 397a557af22SRobert Watson 398eb320b0eSRobert Watson static void 399eb320b0eSRobert Watson stub_inpcb_create(struct socket *so, struct label *solabel, 400eb320b0eSRobert Watson struct inpcb *inp, struct label *inplabel) 401ba53d9c9SRobert Watson { 402ba53d9c9SRobert Watson 403eb320b0eSRobert Watson } 404eb320b0eSRobert Watson 405eb320b0eSRobert Watson static void 406eb320b0eSRobert Watson stub_inpcb_create_mbuf(struct inpcb *inp, struct label *inplabel, 407eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 408eb320b0eSRobert Watson { 409eb320b0eSRobert Watson 410eb320b0eSRobert Watson } 411eb320b0eSRobert Watson 412eb320b0eSRobert Watson static void 413eb320b0eSRobert Watson stub_inpcb_sosetlabel(struct socket *so, struct label *solabel, 414eb320b0eSRobert Watson struct inpcb *inp, struct label *inplabel) 415eb320b0eSRobert Watson { 416eb320b0eSRobert Watson 4173de40469SRobert Watson SOCK_LOCK_ASSERT(so); 4183de40469SRobert Watson 419eb320b0eSRobert Watson } 420eb320b0eSRobert Watson 421eb320b0eSRobert Watson static void 422048e1287SRobert Watson stub_ip6q_create(struct mbuf *m, struct label *mlabel, struct ip6q *q6, 423048e1287SRobert Watson struct label *q6label) 424048e1287SRobert Watson { 425048e1287SRobert Watson 426048e1287SRobert Watson } 427048e1287SRobert Watson 428048e1287SRobert Watson static int 429048e1287SRobert Watson stub_ip6q_match(struct mbuf *m, struct label *mlabel, struct ip6q *q6, 430048e1287SRobert Watson struct label *q6label) 431048e1287SRobert Watson { 432048e1287SRobert Watson 433048e1287SRobert Watson return (1); 434048e1287SRobert Watson } 435048e1287SRobert Watson 436048e1287SRobert Watson static void 437048e1287SRobert Watson stub_ip6q_reassemble(struct ip6q *q6, struct label *q6label, struct mbuf *m, 438048e1287SRobert Watson struct label *mlabel) 439048e1287SRobert Watson { 440048e1287SRobert Watson 441048e1287SRobert Watson } 442048e1287SRobert Watson 443048e1287SRobert Watson static void 444048e1287SRobert Watson stub_ip6q_update(struct mbuf *m, struct label *mlabel, struct ip6q *q6, 445048e1287SRobert Watson struct label *q6label) 446048e1287SRobert Watson { 447048e1287SRobert Watson 448048e1287SRobert Watson } 449048e1287SRobert Watson 450048e1287SRobert Watson static void 45137f44cb4SRobert Watson stub_ipq_create(struct mbuf *m, struct label *mlabel, struct ipq *q, 45237f44cb4SRobert Watson struct label *qlabel) 453eb320b0eSRobert Watson { 454eb320b0eSRobert Watson 455ba53d9c9SRobert Watson } 456ba53d9c9SRobert Watson 457ba53d9c9SRobert Watson static int 45837f44cb4SRobert Watson stub_ipq_match(struct mbuf *m, struct label *mlabel, struct ipq *q, 45937f44cb4SRobert Watson struct label *qlabel) 460ba53d9c9SRobert Watson { 461ba53d9c9SRobert Watson 462eb320b0eSRobert Watson return (1); 463ba53d9c9SRobert Watson } 464ba53d9c9SRobert Watson 465eb320b0eSRobert Watson static void 46637f44cb4SRobert Watson stub_ipq_reassemble(struct ipq *q, struct label *qlabel, struct mbuf *m, 46737f44cb4SRobert Watson struct label *mlabel) 468ba53d9c9SRobert Watson { 469ba53d9c9SRobert Watson 470ba53d9c9SRobert Watson } 471ba53d9c9SRobert Watson 472eb320b0eSRobert Watson static void 47337f44cb4SRobert Watson stub_ipq_update(struct mbuf *m, struct label *mlabel, struct ipq *q, 47437f44cb4SRobert Watson struct label *qlabel) 475ba53d9c9SRobert Watson { 476ba53d9c9SRobert Watson 477ba53d9c9SRobert Watson } 478ba53d9c9SRobert Watson 479ba53d9c9SRobert Watson static int 48030d239bcSRobert Watson stub_kenv_check_dump(struct ucred *cred) 48109de2dc2SRobert Watson { 48209de2dc2SRobert Watson 48309de2dc2SRobert Watson return (0); 48409de2dc2SRobert Watson } 48509de2dc2SRobert Watson 48609de2dc2SRobert Watson static int 48730d239bcSRobert Watson stub_kenv_check_get(struct ucred *cred, char *name) 48809de2dc2SRobert Watson { 48909de2dc2SRobert Watson 49009de2dc2SRobert Watson return (0); 49109de2dc2SRobert Watson } 49209de2dc2SRobert Watson 49309de2dc2SRobert Watson static int 49430d239bcSRobert Watson stub_kenv_check_set(struct ucred *cred, char *name, char *value) 49509de2dc2SRobert Watson { 49609de2dc2SRobert Watson 49709de2dc2SRobert Watson return (0); 49809de2dc2SRobert Watson } 49909de2dc2SRobert Watson 50009de2dc2SRobert Watson static int 50130d239bcSRobert Watson stub_kenv_check_unset(struct ucred *cred, char *name) 50209de2dc2SRobert Watson { 50309de2dc2SRobert Watson 50409de2dc2SRobert Watson return (0); 50509de2dc2SRobert Watson } 50609de2dc2SRobert Watson 50709de2dc2SRobert Watson static int 50830d239bcSRobert Watson stub_kld_check_load(struct ucred *cred, struct vnode *vp, 50978007886SRobert Watson struct label *vplabel) 51009de2dc2SRobert Watson { 51109de2dc2SRobert Watson 51209de2dc2SRobert Watson return (0); 51309de2dc2SRobert Watson } 51409de2dc2SRobert Watson 51509de2dc2SRobert Watson static int 51630d239bcSRobert Watson stub_kld_check_stat(struct ucred *cred) 51709de2dc2SRobert Watson { 51809de2dc2SRobert Watson 51909de2dc2SRobert Watson return (0); 52009de2dc2SRobert Watson } 52109de2dc2SRobert Watson 52209de2dc2SRobert Watson static int 52330d239bcSRobert Watson stub_mount_check_stat(struct ucred *cred, struct mount *mp, 52478007886SRobert Watson struct label *mplabel) 525d8a7b7a3SRobert Watson { 526d8a7b7a3SRobert Watson 527d8a7b7a3SRobert Watson return (0); 528d8a7b7a3SRobert Watson } 529d8a7b7a3SRobert Watson 530eb320b0eSRobert Watson static void 531eb320b0eSRobert Watson stub_mount_create(struct ucred *cred, struct mount *mp, 532eb320b0eSRobert Watson struct label *mplabel) 533eb320b0eSRobert Watson { 534eb320b0eSRobert Watson 535eb320b0eSRobert Watson } 536eb320b0eSRobert Watson 537eb320b0eSRobert Watson static void 538eb320b0eSRobert Watson stub_netinet_arp_send(struct ifnet *ifp, struct label *iflpabel, 539eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 540eb320b0eSRobert Watson { 541eb320b0eSRobert Watson 542eb320b0eSRobert Watson } 543eb320b0eSRobert Watson 544eb320b0eSRobert Watson static void 545eb320b0eSRobert Watson stub_netinet_firewall_reply(struct mbuf *mrecv, struct label *mrecvlabel, 546eb320b0eSRobert Watson struct mbuf *msend, struct label *msendlabel) 547eb320b0eSRobert Watson { 548eb320b0eSRobert Watson 549eb320b0eSRobert Watson } 550eb320b0eSRobert Watson 551eb320b0eSRobert Watson static void 552eb320b0eSRobert Watson stub_netinet_firewall_send(struct mbuf *m, struct label *mlabel) 553eb320b0eSRobert Watson { 554eb320b0eSRobert Watson 555eb320b0eSRobert Watson } 556eb320b0eSRobert Watson 557eb320b0eSRobert Watson static void 558eb320b0eSRobert Watson stub_netinet_fragment(struct mbuf *m, struct label *mlabel, struct mbuf *frag, 559eb320b0eSRobert Watson struct label *fraglabel) 560eb320b0eSRobert Watson { 561eb320b0eSRobert Watson 562eb320b0eSRobert Watson } 563eb320b0eSRobert Watson 564eb320b0eSRobert Watson static void 565eb320b0eSRobert Watson stub_netinet_icmp_reply(struct mbuf *mrecv, struct label *mrecvlabel, 566eb320b0eSRobert Watson struct mbuf *msend, struct label *msendlabel) 567eb320b0eSRobert Watson { 568eb320b0eSRobert Watson 569eb320b0eSRobert Watson } 570eb320b0eSRobert Watson 571eb320b0eSRobert Watson static void 572eb320b0eSRobert Watson stub_netinet_icmp_replyinplace(struct mbuf *m, struct label *mlabel) 573eb320b0eSRobert Watson { 574eb320b0eSRobert Watson 575eb320b0eSRobert Watson } 576eb320b0eSRobert Watson 577eb320b0eSRobert Watson static void 578eb320b0eSRobert Watson stub_netinet_igmp_send(struct ifnet *ifp, struct label *iflpabel, 579eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 580eb320b0eSRobert Watson { 581eb320b0eSRobert Watson 582eb320b0eSRobert Watson } 583eb320b0eSRobert Watson 584eb320b0eSRobert Watson static void 585eb320b0eSRobert Watson stub_netinet_tcp_reply(struct mbuf *m, struct label *mlabel) 586eb320b0eSRobert Watson { 587eb320b0eSRobert Watson 588eb320b0eSRobert Watson } 589eb320b0eSRobert Watson 590eb320b0eSRobert Watson static void 591eb320b0eSRobert Watson stub_netinet6_nd6_send(struct ifnet *ifp, struct label *iflpabel, 592eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 593eb320b0eSRobert Watson { 594eb320b0eSRobert Watson 595eb320b0eSRobert Watson } 596eb320b0eSRobert Watson 597d8a7b7a3SRobert Watson static int 59830d239bcSRobert Watson stub_pipe_check_ioctl(struct ucred *cred, struct pipepair *pp, 59978007886SRobert Watson struct label *pplabel, unsigned long cmd, void /* caddr_t */ *data) 600d8a7b7a3SRobert Watson { 601d8a7b7a3SRobert Watson 602d8a7b7a3SRobert Watson return (0); 603d8a7b7a3SRobert Watson } 604d8a7b7a3SRobert Watson 605d8a7b7a3SRobert Watson static int 60630d239bcSRobert Watson stub_pipe_check_poll(struct ucred *cred, struct pipepair *pp, 60778007886SRobert Watson struct label *pplabel) 608c024c3eeSRobert Watson { 609c024c3eeSRobert Watson 610c024c3eeSRobert Watson return (0); 611c024c3eeSRobert Watson } 612c024c3eeSRobert Watson 613c024c3eeSRobert Watson static int 61430d239bcSRobert Watson stub_pipe_check_read(struct ucred *cred, struct pipepair *pp, 61578007886SRobert Watson struct label *pplabel) 616d8a7b7a3SRobert Watson { 617d8a7b7a3SRobert Watson 618d8a7b7a3SRobert Watson return (0); 619d8a7b7a3SRobert Watson } 620d8a7b7a3SRobert Watson 621d8a7b7a3SRobert Watson static int 62230d239bcSRobert Watson stub_pipe_check_relabel(struct ucred *cred, struct pipepair *pp, 62378007886SRobert Watson struct label *pplabel, struct label *newlabel) 624d8a7b7a3SRobert Watson { 625d8a7b7a3SRobert Watson 626d8a7b7a3SRobert Watson return (0); 627d8a7b7a3SRobert Watson } 628d8a7b7a3SRobert Watson 629d8a7b7a3SRobert Watson static int 63030d239bcSRobert Watson stub_pipe_check_stat(struct ucred *cred, struct pipepair *pp, 63178007886SRobert Watson struct label *pplabel) 632c024c3eeSRobert Watson { 633c024c3eeSRobert Watson 634c024c3eeSRobert Watson return (0); 635c024c3eeSRobert Watson } 636c024c3eeSRobert Watson 637c024c3eeSRobert Watson static int 63830d239bcSRobert Watson stub_pipe_check_write(struct ucred *cred, struct pipepair *pp, 63978007886SRobert Watson struct label *pplabel) 640c024c3eeSRobert Watson { 641c024c3eeSRobert Watson 642c024c3eeSRobert Watson return (0); 643c024c3eeSRobert Watson } 644c024c3eeSRobert Watson 645eb320b0eSRobert Watson static void 646eb320b0eSRobert Watson stub_pipe_create(struct ucred *cred, struct pipepair *pp, 647eb320b0eSRobert Watson struct label *pplabel) 648eb320b0eSRobert Watson { 649eb320b0eSRobert Watson 650eb320b0eSRobert Watson } 651eb320b0eSRobert Watson 652eb320b0eSRobert Watson static void 653eb320b0eSRobert Watson stub_pipe_relabel(struct ucred *cred, struct pipepair *pp, 654eb320b0eSRobert Watson struct label *pplabel, struct label *newlabel) 655eb320b0eSRobert Watson { 656eb320b0eSRobert Watson 657eb320b0eSRobert Watson } 658eb320b0eSRobert Watson 659c024c3eeSRobert Watson static int 6606bc1e9cdSJohn Baldwin stub_posixsem_check_getvalue(struct ucred *active_cred, struct ucred *file_cred, 6616bc1e9cdSJohn Baldwin struct ksem *ks, struct label *kslabel) 66252648411SRobert Watson { 66352648411SRobert Watson 66452648411SRobert Watson return (0); 66552648411SRobert Watson } 66652648411SRobert Watson 66752648411SRobert Watson static int 66830d239bcSRobert Watson stub_posixsem_check_open(struct ucred *cred, struct ksem *ks, 669fe09513eSRobert Watson struct label *kslabel) 67052648411SRobert Watson { 67152648411SRobert Watson 67252648411SRobert Watson return (0); 67352648411SRobert Watson } 67452648411SRobert Watson 67552648411SRobert Watson static int 6766bc1e9cdSJohn Baldwin stub_posixsem_check_post(struct ucred *active_cred, struct ucred *file_cred, 6776bc1e9cdSJohn Baldwin struct ksem *ks, struct label *kslabel) 6786bc1e9cdSJohn Baldwin { 6796bc1e9cdSJohn Baldwin 6806bc1e9cdSJohn Baldwin return (0); 6816bc1e9cdSJohn Baldwin } 6826bc1e9cdSJohn Baldwin 6836bc1e9cdSJohn Baldwin static int 6849c00bb91SKonstantin Belousov stub_posixsem_check_setmode(struct ucred *cred, struct ksem *ks, 6859c00bb91SKonstantin Belousov struct label *kslabel, mode_t mode) 6869c00bb91SKonstantin Belousov { 6879c00bb91SKonstantin Belousov 6889c00bb91SKonstantin Belousov return (0); 6899c00bb91SKonstantin Belousov } 6909c00bb91SKonstantin Belousov 6919c00bb91SKonstantin Belousov static int 6929c00bb91SKonstantin Belousov stub_posixsem_check_setowner(struct ucred *cred, struct ksem *ks, 6939c00bb91SKonstantin Belousov struct label *kslabel, uid_t uid, gid_t gid) 6949c00bb91SKonstantin Belousov { 6959c00bb91SKonstantin Belousov 6969c00bb91SKonstantin Belousov return (0); 6979c00bb91SKonstantin Belousov } 6989c00bb91SKonstantin Belousov 6999c00bb91SKonstantin Belousov static int 7006bc1e9cdSJohn Baldwin stub_posixsem_check_stat(struct ucred *active_cred, struct ucred *file_cred, 7016bc1e9cdSJohn Baldwin struct ksem *ks, struct label *kslabel) 70252648411SRobert Watson { 70352648411SRobert Watson 70452648411SRobert Watson return (0); 70552648411SRobert Watson } 70652648411SRobert Watson 70752648411SRobert Watson static int 70830d239bcSRobert Watson stub_posixsem_check_unlink(struct ucred *cred, struct ksem *ks, 709fe09513eSRobert Watson struct label *kslabel) 71052648411SRobert Watson { 71152648411SRobert Watson 71252648411SRobert Watson return (0); 71352648411SRobert Watson } 71452648411SRobert Watson 71552648411SRobert Watson static int 7166bc1e9cdSJohn Baldwin stub_posixsem_check_wait(struct ucred *active_cred, struct ucred *file_cred, 7176bc1e9cdSJohn Baldwin struct ksem *ks, struct label *kslabel) 71852648411SRobert Watson { 71952648411SRobert Watson 72052648411SRobert Watson return (0); 72152648411SRobert Watson } 72252648411SRobert Watson 723eb320b0eSRobert Watson static void 724eb320b0eSRobert Watson stub_posixsem_create(struct ucred *cred, struct ksem *ks, 725eb320b0eSRobert Watson struct label *kslabel) 726eb320b0eSRobert Watson { 727eb320b0eSRobert Watson 728eb320b0eSRobert Watson } 729eb320b0eSRobert Watson 730eb320b0eSRobert Watson static int 7319b6dd12eSRobert Watson stub_posixshm_check_create(struct ucred *cred, const char *path) 7329b6dd12eSRobert Watson { 7339b6dd12eSRobert Watson 7349b6dd12eSRobert Watson return (0); 7359b6dd12eSRobert Watson } 7369b6dd12eSRobert Watson 7379b6dd12eSRobert Watson static int 7388e38aeffSJohn Baldwin stub_posixshm_check_mmap(struct ucred *cred, struct shmfd *shmfd, 7398e38aeffSJohn Baldwin struct label *shmlabel, int prot, int flags) 7408e38aeffSJohn Baldwin { 7418e38aeffSJohn Baldwin 7428e38aeffSJohn Baldwin return (0); 7438e38aeffSJohn Baldwin } 7448e38aeffSJohn Baldwin 7458e38aeffSJohn Baldwin static int 7468e38aeffSJohn Baldwin stub_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd, 7479b6dd12eSRobert Watson struct label *shmlabel, accmode_t accmode) 7488e38aeffSJohn Baldwin { 7498e38aeffSJohn Baldwin 7508e38aeffSJohn Baldwin return (0); 7518e38aeffSJohn Baldwin } 7528e38aeffSJohn Baldwin 7538e38aeffSJohn Baldwin static int 754940cb0e2SKonstantin Belousov stub_posixshm_check_read(struct ucred *active_cred, struct ucred *file_cred, 755940cb0e2SKonstantin Belousov struct shmfd *shm, struct label *shmlabel) 756940cb0e2SKonstantin Belousov { 757940cb0e2SKonstantin Belousov 758940cb0e2SKonstantin Belousov return (0); 759940cb0e2SKonstantin Belousov } 760940cb0e2SKonstantin Belousov 761940cb0e2SKonstantin Belousov static int 7629c00bb91SKonstantin Belousov stub_posixshm_check_setmode(struct ucred *cred, struct shmfd *shmfd, 7639c00bb91SKonstantin Belousov struct label *shmlabel, mode_t mode) 7649c00bb91SKonstantin Belousov { 7659c00bb91SKonstantin Belousov 7669c00bb91SKonstantin Belousov return (0); 7679c00bb91SKonstantin Belousov } 7689c00bb91SKonstantin Belousov 7699c00bb91SKonstantin Belousov static int 7709c00bb91SKonstantin Belousov stub_posixshm_check_setowner(struct ucred *cred, struct shmfd *shmfd, 7719c00bb91SKonstantin Belousov struct label *shmlabel, uid_t uid, gid_t gid) 7729c00bb91SKonstantin Belousov { 7739c00bb91SKonstantin Belousov 7749c00bb91SKonstantin Belousov return (0); 7759c00bb91SKonstantin Belousov } 7769c00bb91SKonstantin Belousov 7779c00bb91SKonstantin Belousov static int 7788e38aeffSJohn Baldwin stub_posixshm_check_stat(struct ucred *active_cred, struct ucred *file_cred, 7798e38aeffSJohn Baldwin struct shmfd *shmfd, struct label *shmlabel) 7808e38aeffSJohn Baldwin { 7818e38aeffSJohn Baldwin 7828e38aeffSJohn Baldwin return (0); 7838e38aeffSJohn Baldwin } 7848e38aeffSJohn Baldwin 7858e38aeffSJohn Baldwin static int 7868e38aeffSJohn Baldwin stub_posixshm_check_truncate(struct ucred *active_cred, 7878e38aeffSJohn Baldwin struct ucred *file_cred, struct shmfd *shmfd, struct label *shmlabel) 7888e38aeffSJohn Baldwin { 7898e38aeffSJohn Baldwin 7908e38aeffSJohn Baldwin return (0); 7918e38aeffSJohn Baldwin } 7928e38aeffSJohn Baldwin 7938e38aeffSJohn Baldwin static int 7948e38aeffSJohn Baldwin stub_posixshm_check_unlink(struct ucred *cred, struct shmfd *shmfd, 7958e38aeffSJohn Baldwin struct label *shmlabel) 7968e38aeffSJohn Baldwin { 7978e38aeffSJohn Baldwin 7988e38aeffSJohn Baldwin return (0); 7998e38aeffSJohn Baldwin } 8008e38aeffSJohn Baldwin 801940cb0e2SKonstantin Belousov static int 802940cb0e2SKonstantin Belousov stub_posixshm_check_write(struct ucred *active_cred, struct ucred *file_cred, 803940cb0e2SKonstantin Belousov struct shmfd *shm, struct label *shmlabel) 804940cb0e2SKonstantin Belousov { 805940cb0e2SKonstantin Belousov 806940cb0e2SKonstantin Belousov return (0); 807940cb0e2SKonstantin Belousov } 808940cb0e2SKonstantin Belousov 8098e38aeffSJohn Baldwin static void 8108e38aeffSJohn Baldwin stub_posixshm_create(struct ucred *cred, struct shmfd *shmfd, 8118e38aeffSJohn Baldwin struct label *shmlabel) 8128e38aeffSJohn Baldwin { 8138e38aeffSJohn Baldwin 8148e38aeffSJohn Baldwin } 8158e38aeffSJohn Baldwin 8168e38aeffSJohn Baldwin static int 817eb320b0eSRobert Watson stub_priv_check(struct ucred *cred, int priv) 818eb320b0eSRobert Watson { 819eb320b0eSRobert Watson 820eb320b0eSRobert Watson return (0); 821eb320b0eSRobert Watson } 822eb320b0eSRobert Watson 823eb320b0eSRobert Watson static int 824eb320b0eSRobert Watson stub_priv_grant(struct ucred *cred, int priv) 825eb320b0eSRobert Watson { 826eb320b0eSRobert Watson 827eb320b0eSRobert Watson return (EPERM); 828eb320b0eSRobert Watson } 829eb320b0eSRobert Watson 83052648411SRobert Watson static int 83130d239bcSRobert Watson stub_proc_check_debug(struct ucred *cred, struct proc *p) 832d8a7b7a3SRobert Watson { 833d8a7b7a3SRobert Watson 834d8a7b7a3SRobert Watson return (0); 835d8a7b7a3SRobert Watson } 836d8a7b7a3SRobert Watson 837d8a7b7a3SRobert Watson static int 83830d239bcSRobert Watson stub_proc_check_sched(struct ucred *cred, struct proc *p) 839d8a7b7a3SRobert Watson { 840d8a7b7a3SRobert Watson 841d8a7b7a3SRobert Watson return (0); 842d8a7b7a3SRobert Watson } 843d8a7b7a3SRobert Watson 844d8a7b7a3SRobert Watson static int 845eb320b0eSRobert Watson stub_proc_check_signal(struct ucred *cred, struct proc *p, int signum) 846eb320b0eSRobert Watson { 847eb320b0eSRobert Watson 848eb320b0eSRobert Watson return (0); 849eb320b0eSRobert Watson } 850eb320b0eSRobert Watson 851eb320b0eSRobert Watson static int 852eb320b0eSRobert Watson stub_proc_check_wait(struct ucred *cred, struct proc *p) 853eb320b0eSRobert Watson { 854eb320b0eSRobert Watson 855eb320b0eSRobert Watson return (0); 856eb320b0eSRobert Watson } 857eb320b0eSRobert Watson 858eb320b0eSRobert Watson static int 85930d239bcSRobert Watson stub_socket_check_accept(struct ucred *cred, struct socket *so, 86078007886SRobert Watson struct label *solabel) 8617f53207bSRobert Watson { 8627f53207bSRobert Watson 8633de40469SRobert Watson #if 0 8643de40469SRobert Watson SOCK_LOCK(so); 8653de40469SRobert Watson SOCK_UNLOCK(so); 8663de40469SRobert Watson #endif 8673de40469SRobert Watson 8687f53207bSRobert Watson return (0); 8697f53207bSRobert Watson } 8707f53207bSRobert Watson 8717f53207bSRobert Watson static int 87230d239bcSRobert Watson stub_socket_check_bind(struct ucred *cred, struct socket *so, 87378007886SRobert Watson struct label *solabel, struct sockaddr *sa) 874d8a7b7a3SRobert Watson { 875d8a7b7a3SRobert Watson 8763de40469SRobert Watson #if 0 8773de40469SRobert Watson SOCK_LOCK(so); 8783de40469SRobert Watson SOCK_UNLOCK(so); 8793de40469SRobert Watson #endif 8803de40469SRobert Watson 881d8a7b7a3SRobert Watson return (0); 882d8a7b7a3SRobert Watson } 883d8a7b7a3SRobert Watson 884d8a7b7a3SRobert Watson static int 88530d239bcSRobert Watson stub_socket_check_connect(struct ucred *cred, struct socket *so, 88678007886SRobert Watson struct label *solabel, struct sockaddr *sa) 887d8a7b7a3SRobert Watson { 888d8a7b7a3SRobert Watson 8893de40469SRobert Watson #if 0 8903de40469SRobert Watson SOCK_LOCK(so); 8913de40469SRobert Watson SOCK_UNLOCK(so); 8923de40469SRobert Watson #endif 8933de40469SRobert Watson 894d8a7b7a3SRobert Watson return (0); 895d8a7b7a3SRobert Watson } 896d8a7b7a3SRobert Watson 897d8a7b7a3SRobert Watson static int 89830d239bcSRobert Watson stub_socket_check_create(struct ucred *cred, int domain, int type, int proto) 8996758f88eSRobert Watson { 9006758f88eSRobert Watson 9016758f88eSRobert Watson return (0); 9026758f88eSRobert Watson } 9036758f88eSRobert Watson 9046758f88eSRobert Watson static int 90530d239bcSRobert Watson stub_socket_check_deliver(struct socket *so, struct label *solabel, 90678007886SRobert Watson struct mbuf *m, struct label *mlabel) 907d8a7b7a3SRobert Watson { 908d8a7b7a3SRobert Watson 9093de40469SRobert Watson #if 0 9103de40469SRobert Watson SOCK_LOCK(so); 9113de40469SRobert Watson SOCK_UNLOCK(so); 9123de40469SRobert Watson #endif 9133de40469SRobert Watson 914d8a7b7a3SRobert Watson return (0); 915d8a7b7a3SRobert Watson } 916d8a7b7a3SRobert Watson 917d8a7b7a3SRobert Watson static int 91830d239bcSRobert Watson stub_socket_check_listen(struct ucred *cred, struct socket *so, 91978007886SRobert Watson struct label *solabel) 920d8a7b7a3SRobert Watson { 921d8a7b7a3SRobert Watson 9223de40469SRobert Watson #if 0 9233de40469SRobert Watson SOCK_LOCK(so); 9243de40469SRobert Watson SOCK_UNLOCK(so); 9253de40469SRobert Watson #endif 9263de40469SRobert Watson 927d8a7b7a3SRobert Watson return (0); 928d8a7b7a3SRobert Watson } 929d8a7b7a3SRobert Watson 930d8a7b7a3SRobert Watson static int 93130d239bcSRobert Watson stub_socket_check_poll(struct ucred *cred, struct socket *so, 93278007886SRobert Watson struct label *solabel) 9337f53207bSRobert Watson { 9347f53207bSRobert Watson 9353de40469SRobert Watson #if 0 9363de40469SRobert Watson SOCK_LOCK(so); 9373de40469SRobert Watson SOCK_UNLOCK(so); 9383de40469SRobert Watson #endif 9393de40469SRobert Watson 9407f53207bSRobert Watson return (0); 9417f53207bSRobert Watson } 9427f53207bSRobert Watson 9437f53207bSRobert Watson static int 94430d239bcSRobert Watson stub_socket_check_receive(struct ucred *cred, struct socket *so, 94578007886SRobert Watson struct label *solabel) 9467f53207bSRobert Watson { 9477f53207bSRobert Watson 9483de40469SRobert Watson #if 0 9493de40469SRobert Watson SOCK_LOCK(so); 9503de40469SRobert Watson SOCK_UNLOCK(so); 9513de40469SRobert Watson #endif 9523de40469SRobert Watson 9537f53207bSRobert Watson return (0); 9547f53207bSRobert Watson } 9557f53207bSRobert Watson 9567f53207bSRobert Watson static int 95730d239bcSRobert Watson stub_socket_check_relabel(struct ucred *cred, struct socket *so, 95878007886SRobert Watson struct label *solabel, struct label *newlabel) 959d8a7b7a3SRobert Watson { 960d8a7b7a3SRobert Watson 9613de40469SRobert Watson SOCK_LOCK_ASSERT(so); 9623de40469SRobert Watson 963d8a7b7a3SRobert Watson return (0); 964d8a7b7a3SRobert Watson } 9657f53207bSRobert Watson static int 96630d239bcSRobert Watson stub_socket_check_send(struct ucred *cred, struct socket *so, 96778007886SRobert Watson struct label *solabel) 9687f53207bSRobert Watson { 9697f53207bSRobert Watson 9703de40469SRobert Watson #if 0 9713de40469SRobert Watson SOCK_LOCK(so); 9723de40469SRobert Watson SOCK_UNLOCK(so); 9733de40469SRobert Watson #endif 9743de40469SRobert Watson 9757f53207bSRobert Watson return (0); 9767f53207bSRobert Watson } 9777f53207bSRobert Watson 9787f53207bSRobert Watson static int 97930d239bcSRobert Watson stub_socket_check_stat(struct ucred *cred, struct socket *so, 98078007886SRobert Watson struct label *solabel) 9817f53207bSRobert Watson { 9827f53207bSRobert Watson 9833de40469SRobert Watson #if 0 9843de40469SRobert Watson SOCK_LOCK(so); 9853de40469SRobert Watson SOCK_UNLOCK(so); 9863de40469SRobert Watson #endif 9873de40469SRobert Watson 9887f53207bSRobert Watson return (0); 9897f53207bSRobert Watson } 990d8a7b7a3SRobert Watson 991d8a7b7a3SRobert Watson static int 9927fb179baSBjoern A. Zeeb stub_inpcb_check_visible(struct ucred *cred, struct inpcb *inp, 9937fb179baSBjoern A. Zeeb struct label *inplabel) 9947fb179baSBjoern A. Zeeb { 9957fb179baSBjoern A. Zeeb 9967fb179baSBjoern A. Zeeb return (0); 9977fb179baSBjoern A. Zeeb } 9987fb179baSBjoern A. Zeeb 9997fb179baSBjoern A. Zeeb static int 100030d239bcSRobert Watson stub_socket_check_visible(struct ucred *cred, struct socket *so, 100178007886SRobert Watson struct label *solabel) 1002d8a7b7a3SRobert Watson { 1003d8a7b7a3SRobert Watson 10043de40469SRobert Watson #if 0 10053de40469SRobert Watson SOCK_LOCK(so); 10063de40469SRobert Watson SOCK_UNLOCK(so); 10073de40469SRobert Watson #endif 10083de40469SRobert Watson 1009d8a7b7a3SRobert Watson return (0); 1010d8a7b7a3SRobert Watson } 1011d8a7b7a3SRobert Watson 1012eb320b0eSRobert Watson static void 1013eb320b0eSRobert Watson stub_socket_create(struct ucred *cred, struct socket *so, 1014eb320b0eSRobert Watson struct label *solabel) 1015eb320b0eSRobert Watson { 1016eb320b0eSRobert Watson 1017eb320b0eSRobert Watson } 1018eb320b0eSRobert Watson 1019eb320b0eSRobert Watson static void 1020eb320b0eSRobert Watson stub_socket_create_mbuf(struct socket *so, struct label *solabel, 1021eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 1022eb320b0eSRobert Watson { 1023eb320b0eSRobert Watson 10243de40469SRobert Watson #if 0 10253de40469SRobert Watson SOCK_LOCK(so); 10263de40469SRobert Watson SOCK_UNLOCK(so); 10273de40469SRobert Watson #endif 1028eb320b0eSRobert Watson } 1029eb320b0eSRobert Watson 1030eb320b0eSRobert Watson static void 1031eb320b0eSRobert Watson stub_socket_newconn(struct socket *oldso, struct label *oldsolabel, 1032eb320b0eSRobert Watson struct socket *newso, struct label *newsolabel) 1033eb320b0eSRobert Watson { 1034eb320b0eSRobert Watson 10353de40469SRobert Watson #if 0 10363de40469SRobert Watson SOCK_LOCK(oldso); 10373de40469SRobert Watson SOCK_UNLOCK(oldso); 10383de40469SRobert Watson #endif 10393de40469SRobert Watson #if 0 10403de40469SRobert Watson SOCK_LOCK(newso); 10413de40469SRobert Watson SOCK_UNLOCK(newso); 10423de40469SRobert Watson #endif 1043eb320b0eSRobert Watson } 1044eb320b0eSRobert Watson 1045eb320b0eSRobert Watson static void 1046eb320b0eSRobert Watson stub_socket_relabel(struct ucred *cred, struct socket *so, 1047eb320b0eSRobert Watson struct label *solabel, struct label *newlabel) 1048eb320b0eSRobert Watson { 1049eb320b0eSRobert Watson 10503de40469SRobert Watson SOCK_LOCK_ASSERT(so); 1051eb320b0eSRobert Watson } 1052eb320b0eSRobert Watson 1053eb320b0eSRobert Watson static void 1054eb320b0eSRobert Watson stub_socketpeer_set_from_mbuf(struct mbuf *m, struct label *mlabel, 1055eb320b0eSRobert Watson struct socket *so, struct label *sopeerlabel) 1056eb320b0eSRobert Watson { 1057eb320b0eSRobert Watson 10583de40469SRobert Watson #if 0 10593de40469SRobert Watson SOCK_LOCK(so); 10603de40469SRobert Watson SOCK_UNLOCK(so); 10613de40469SRobert Watson #endif 1062eb320b0eSRobert Watson } 1063eb320b0eSRobert Watson 1064eb320b0eSRobert Watson static void 1065eb320b0eSRobert Watson stub_socketpeer_set_from_socket(struct socket *oldso, 1066eb320b0eSRobert Watson struct label *oldsolabel, struct socket *newso, 1067eb320b0eSRobert Watson struct label *newsopeerlabel) 1068eb320b0eSRobert Watson { 1069eb320b0eSRobert Watson 10703de40469SRobert Watson #if 0 10713de40469SRobert Watson SOCK_LOCK(oldso); 10723de40469SRobert Watson SOCK_UNLOCK(oldso); 10733de40469SRobert Watson #endif 10743de40469SRobert Watson #if 0 10753de40469SRobert Watson SOCK_LOCK(newso); 10763de40469SRobert Watson SOCK_UNLOCK(newso); 10773de40469SRobert Watson #endif 1078eb320b0eSRobert Watson } 1079eb320b0eSRobert Watson 1080eb320b0eSRobert Watson static void 1081eb320b0eSRobert Watson stub_syncache_create(struct label *label, struct inpcb *inp) 1082eb320b0eSRobert Watson { 1083eb320b0eSRobert Watson 1084eb320b0eSRobert Watson } 1085eb320b0eSRobert Watson 1086eb320b0eSRobert Watson static void 1087eb320b0eSRobert Watson stub_syncache_create_mbuf(struct label *sc_label, struct mbuf *m, 1088eb320b0eSRobert Watson struct label *mlabel) 1089eb320b0eSRobert Watson { 1090eb320b0eSRobert Watson 1091eb320b0eSRobert Watson } 1092eb320b0eSRobert Watson 1093d8a7b7a3SRobert Watson static int 109430d239bcSRobert Watson stub_system_check_acct(struct ucred *cred, struct vnode *vp, 109578007886SRobert Watson struct label *vplabel) 109609de2dc2SRobert Watson { 109709de2dc2SRobert Watson 109809de2dc2SRobert Watson return (0); 109909de2dc2SRobert Watson } 110009de2dc2SRobert Watson 110109de2dc2SRobert Watson static int 110230d239bcSRobert Watson stub_system_check_audit(struct ucred *cred, void *record, int length) 110318717f69SRobert Watson { 110418717f69SRobert Watson 110518717f69SRobert Watson return (0); 110618717f69SRobert Watson } 110718717f69SRobert Watson 110818717f69SRobert Watson static int 110930d239bcSRobert Watson stub_system_check_auditctl(struct ucred *cred, struct vnode *vp, 111078007886SRobert Watson struct label *vplabel) 111118717f69SRobert Watson { 111218717f69SRobert Watson 111318717f69SRobert Watson return (0); 111418717f69SRobert Watson } 111518717f69SRobert Watson 111618717f69SRobert Watson static int 111730d239bcSRobert Watson stub_system_check_auditon(struct ucred *cred, int cmd) 111818717f69SRobert Watson { 111918717f69SRobert Watson 112018717f69SRobert Watson return (0); 112118717f69SRobert Watson } 112218717f69SRobert Watson 112318717f69SRobert Watson static int 112430d239bcSRobert Watson stub_system_check_reboot(struct ucred *cred, int how) 1125927f6069SRobert Watson { 1126927f6069SRobert Watson 1127927f6069SRobert Watson return (0); 1128927f6069SRobert Watson } 1129927f6069SRobert Watson 1130927f6069SRobert Watson static int 113130d239bcSRobert Watson stub_system_check_swapoff(struct ucred *cred, struct vnode *vp, 113278007886SRobert Watson struct label *vplabel) 1133927f6069SRobert Watson { 1134927f6069SRobert Watson 1135927f6069SRobert Watson return (0); 1136927f6069SRobert Watson } 1137927f6069SRobert Watson 1138927f6069SRobert Watson static int 113930d239bcSRobert Watson stub_system_check_swapon(struct ucred *cred, struct vnode *vp, 114078007886SRobert Watson struct label *vplabel) 114109de2dc2SRobert Watson { 114209de2dc2SRobert Watson 114309de2dc2SRobert Watson return (0); 114409de2dc2SRobert Watson } 114509de2dc2SRobert Watson 114609de2dc2SRobert Watson static int 114730d239bcSRobert Watson stub_system_check_sysctl(struct ucred *cred, struct sysctl_oid *oidp, 114863dba32bSPawel Jakub Dawidek void *arg1, int arg2, struct sysctl_req *req) 1149927f6069SRobert Watson { 1150927f6069SRobert Watson 1151927f6069SRobert Watson return (0); 1152927f6069SRobert Watson } 1153927f6069SRobert Watson 1154eb320b0eSRobert Watson static void 1155eb320b0eSRobert Watson stub_sysvmsg_cleanup(struct label *msglabel) 1156eb320b0eSRobert Watson { 1157eb320b0eSRobert Watson 1158eb320b0eSRobert Watson } 1159eb320b0eSRobert Watson 1160eb320b0eSRobert Watson static void 1161eb320b0eSRobert Watson stub_sysvmsg_create(struct ucred *cred, struct msqid_kernel *msqkptr, 1162eb320b0eSRobert Watson struct label *msqlabel, struct msg *msgptr, struct label *msglabel) 1163eb320b0eSRobert Watson { 1164eb320b0eSRobert Watson 1165eb320b0eSRobert Watson } 1166eb320b0eSRobert Watson 1167eb320b0eSRobert Watson static int 1168eb320b0eSRobert Watson stub_sysvmsq_check_msgmsq(struct ucred *cred, struct msg *msgptr, 1169eb320b0eSRobert Watson struct label *msglabel, struct msqid_kernel *msqkptr, 1170eb320b0eSRobert Watson struct label *msqklabel) 1171eb320b0eSRobert Watson { 1172eb320b0eSRobert Watson 1173eb320b0eSRobert Watson return (0); 1174eb320b0eSRobert Watson } 1175eb320b0eSRobert Watson 1176eb320b0eSRobert Watson static int 1177eb320b0eSRobert Watson stub_sysvmsq_check_msgrcv(struct ucred *cred, struct msg *msgptr, 1178eb320b0eSRobert Watson struct label *msglabel) 1179eb320b0eSRobert Watson { 1180eb320b0eSRobert Watson 1181eb320b0eSRobert Watson return (0); 1182eb320b0eSRobert Watson } 1183eb320b0eSRobert Watson 1184eb320b0eSRobert Watson 1185eb320b0eSRobert Watson static int 1186eb320b0eSRobert Watson stub_sysvmsq_check_msgrmid(struct ucred *cred, struct msg *msgptr, 1187eb320b0eSRobert Watson struct label *msglabel) 1188eb320b0eSRobert Watson { 1189eb320b0eSRobert Watson 1190eb320b0eSRobert Watson return (0); 1191eb320b0eSRobert Watson } 1192eb320b0eSRobert Watson 1193eb320b0eSRobert Watson 1194eb320b0eSRobert Watson static int 1195eb320b0eSRobert Watson stub_sysvmsq_check_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, 1196eb320b0eSRobert Watson struct label *msqklabel) 1197eb320b0eSRobert Watson { 1198eb320b0eSRobert Watson 1199eb320b0eSRobert Watson return (0); 1200eb320b0eSRobert Watson } 1201eb320b0eSRobert Watson 1202eb320b0eSRobert Watson 1203eb320b0eSRobert Watson static int 1204eb320b0eSRobert Watson stub_sysvmsq_check_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, 1205eb320b0eSRobert Watson struct label *msqklabel) 1206eb320b0eSRobert Watson { 1207eb320b0eSRobert Watson 1208eb320b0eSRobert Watson return (0); 1209eb320b0eSRobert Watson } 1210eb320b0eSRobert Watson 1211eb320b0eSRobert Watson static int 1212eb320b0eSRobert Watson stub_sysvmsq_check_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, 1213eb320b0eSRobert Watson struct label *msqklabel) 1214eb320b0eSRobert Watson { 1215eb320b0eSRobert Watson 1216eb320b0eSRobert Watson return (0); 1217eb320b0eSRobert Watson } 1218eb320b0eSRobert Watson 1219eb320b0eSRobert Watson 1220eb320b0eSRobert Watson static int 1221eb320b0eSRobert Watson stub_sysvmsq_check_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, 1222eb320b0eSRobert Watson struct label *msqklabel, int cmd) 1223eb320b0eSRobert Watson { 1224eb320b0eSRobert Watson 1225eb320b0eSRobert Watson return (0); 1226eb320b0eSRobert Watson } 1227eb320b0eSRobert Watson 1228eb320b0eSRobert Watson 1229eb320b0eSRobert Watson static void 1230eb320b0eSRobert Watson stub_sysvmsq_cleanup(struct label *msqlabel) 1231eb320b0eSRobert Watson { 1232eb320b0eSRobert Watson 1233eb320b0eSRobert Watson } 1234eb320b0eSRobert Watson 1235eb320b0eSRobert Watson static void 1236eb320b0eSRobert Watson stub_sysvmsq_create(struct ucred *cred, struct msqid_kernel *msqkptr, 1237eb320b0eSRobert Watson struct label *msqlabel) 1238eb320b0eSRobert Watson { 1239eb320b0eSRobert Watson 1240eb320b0eSRobert Watson } 1241eb320b0eSRobert Watson 1242eb320b0eSRobert Watson static int 1243eb320b0eSRobert Watson stub_sysvsem_check_semctl(struct ucred *cred, struct semid_kernel *semakptr, 1244eb320b0eSRobert Watson struct label *semaklabel, int cmd) 1245eb320b0eSRobert Watson { 1246eb320b0eSRobert Watson 1247eb320b0eSRobert Watson return (0); 1248eb320b0eSRobert Watson } 1249eb320b0eSRobert Watson 1250eb320b0eSRobert Watson static int 1251eb320b0eSRobert Watson stub_sysvsem_check_semget(struct ucred *cred, struct semid_kernel *semakptr, 1252eb320b0eSRobert Watson struct label *semaklabel) 1253eb320b0eSRobert Watson { 1254eb320b0eSRobert Watson 1255eb320b0eSRobert Watson return (0); 1256eb320b0eSRobert Watson } 1257eb320b0eSRobert Watson 1258eb320b0eSRobert Watson 1259eb320b0eSRobert Watson static int 1260eb320b0eSRobert Watson stub_sysvsem_check_semop(struct ucred *cred, struct semid_kernel *semakptr, 1261eb320b0eSRobert Watson struct label *semaklabel, size_t accesstype) 1262eb320b0eSRobert Watson { 1263eb320b0eSRobert Watson 1264eb320b0eSRobert Watson return (0); 1265eb320b0eSRobert Watson } 1266eb320b0eSRobert Watson 1267eb320b0eSRobert Watson static void 1268eb320b0eSRobert Watson stub_sysvsem_cleanup(struct label *semalabel) 1269eb320b0eSRobert Watson { 1270eb320b0eSRobert Watson 1271eb320b0eSRobert Watson } 1272eb320b0eSRobert Watson 1273eb320b0eSRobert Watson static void 1274eb320b0eSRobert Watson stub_sysvsem_create(struct ucred *cred, struct semid_kernel *semakptr, 1275eb320b0eSRobert Watson struct label *semalabel) 1276eb320b0eSRobert Watson { 1277eb320b0eSRobert Watson 1278eb320b0eSRobert Watson } 1279eb320b0eSRobert Watson 1280eb320b0eSRobert Watson static int 1281eb320b0eSRobert Watson stub_sysvshm_check_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr, 1282eb320b0eSRobert Watson struct label *shmseglabel, int shmflg) 1283eb320b0eSRobert Watson { 1284eb320b0eSRobert Watson 1285eb320b0eSRobert Watson return (0); 1286eb320b0eSRobert Watson } 1287eb320b0eSRobert Watson 1288eb320b0eSRobert Watson static int 1289eb320b0eSRobert Watson stub_sysvshm_check_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr, 1290eb320b0eSRobert Watson struct label *shmseglabel, int cmd) 1291eb320b0eSRobert Watson { 1292eb320b0eSRobert Watson 1293eb320b0eSRobert Watson return (0); 1294eb320b0eSRobert Watson } 1295eb320b0eSRobert Watson 1296eb320b0eSRobert Watson static int 1297eb320b0eSRobert Watson stub_sysvshm_check_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr, 1298eb320b0eSRobert Watson struct label *shmseglabel) 1299eb320b0eSRobert Watson { 1300eb320b0eSRobert Watson 1301eb320b0eSRobert Watson return (0); 1302eb320b0eSRobert Watson } 1303eb320b0eSRobert Watson 1304eb320b0eSRobert Watson 1305eb320b0eSRobert Watson static int 1306eb320b0eSRobert Watson stub_sysvshm_check_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr, 1307eb320b0eSRobert Watson struct label *shmseglabel, int shmflg) 1308eb320b0eSRobert Watson { 1309eb320b0eSRobert Watson 1310eb320b0eSRobert Watson return (0); 1311eb320b0eSRobert Watson } 1312eb320b0eSRobert Watson 1313eb320b0eSRobert Watson static void 1314eb320b0eSRobert Watson stub_sysvshm_cleanup(struct label *shmlabel) 1315eb320b0eSRobert Watson { 1316eb320b0eSRobert Watson 1317eb320b0eSRobert Watson } 1318eb320b0eSRobert Watson 1319eb320b0eSRobert Watson static void 1320eb320b0eSRobert Watson stub_sysvshm_create(struct ucred *cred, struct shmid_kernel *shmsegptr, 1321eb320b0eSRobert Watson struct label *shmalabel) 1322eb320b0eSRobert Watson { 1323eb320b0eSRobert Watson 1324eb320b0eSRobert Watson } 1325eb320b0eSRobert Watson 1326eb320b0eSRobert Watson static void 1327eb320b0eSRobert Watson stub_thread_userret(struct thread *td) 1328eb320b0eSRobert Watson { 1329eb320b0eSRobert Watson 1330eb320b0eSRobert Watson } 1331eb320b0eSRobert Watson 1332eb320b0eSRobert Watson static int 1333eb320b0eSRobert Watson stub_vnode_associate_extattr(struct mount *mp, struct label *mplabel, 1334eb320b0eSRobert Watson struct vnode *vp, struct label *vplabel) 1335eb320b0eSRobert Watson { 1336eb320b0eSRobert Watson 1337eb320b0eSRobert Watson return (0); 1338eb320b0eSRobert Watson } 1339eb320b0eSRobert Watson 1340eb320b0eSRobert Watson static void 1341eb320b0eSRobert Watson stub_vnode_associate_singlelabel(struct mount *mp, struct label *mplabel, 1342eb320b0eSRobert Watson struct vnode *vp, struct label *vplabel) 1343eb320b0eSRobert Watson { 1344eb320b0eSRobert Watson 1345eb320b0eSRobert Watson } 1346eb320b0eSRobert Watson 1347d8a7b7a3SRobert Watson static int 13485077415aSRobert Watson stub_vnode_check_access(struct ucred *cred, struct vnode *vp, 1349178da2a9SEdward Tomasz Napierala struct label *vplabel, accmode_t accmode) 13505077415aSRobert Watson { 13515077415aSRobert Watson 13525077415aSRobert Watson return (0); 13535077415aSRobert Watson } 13545077415aSRobert Watson 13555077415aSRobert Watson static int 13565077415aSRobert Watson stub_vnode_check_chdir(struct ucred *cred, struct vnode *dvp, 13575077415aSRobert Watson struct label *dvplabel) 13585077415aSRobert Watson { 13595077415aSRobert Watson 13605077415aSRobert Watson return (0); 13615077415aSRobert Watson } 13625077415aSRobert Watson 13635077415aSRobert Watson static int 13645077415aSRobert Watson stub_vnode_check_chroot(struct ucred *cred, struct vnode *dvp, 13655077415aSRobert Watson struct label *dvplabel) 13665077415aSRobert Watson { 13675077415aSRobert Watson 13685077415aSRobert Watson return (0); 13695077415aSRobert Watson } 13705077415aSRobert Watson 13715077415aSRobert Watson static int 13725077415aSRobert Watson stub_vnode_check_create(struct ucred *cred, struct vnode *dvp, 13735077415aSRobert Watson struct label *dvplabel, struct componentname *cnp, struct vattr *vap) 13745077415aSRobert Watson { 13755077415aSRobert Watson 13765077415aSRobert Watson return (0); 13775077415aSRobert Watson } 13785077415aSRobert Watson 13795077415aSRobert Watson static int 138030d239bcSRobert Watson stub_vnode_check_deleteacl(struct ucred *cred, struct vnode *vp, 138178007886SRobert Watson struct label *vplabel, acl_type_t type) 1382d8a7b7a3SRobert Watson { 1383d8a7b7a3SRobert Watson 1384d8a7b7a3SRobert Watson return (0); 1385d8a7b7a3SRobert Watson } 1386d8a7b7a3SRobert Watson 1387d8a7b7a3SRobert Watson static int 138830d239bcSRobert Watson stub_vnode_check_deleteextattr(struct ucred *cred, struct vnode *vp, 138978007886SRobert Watson struct label *vplabel, int attrnamespace, const char *name) 139064f00af8SRobert Watson { 139164f00af8SRobert Watson 139264f00af8SRobert Watson return (0); 139364f00af8SRobert Watson } 139464f00af8SRobert Watson 139564f00af8SRobert Watson static int 139630d239bcSRobert Watson stub_vnode_check_exec(struct ucred *cred, struct vnode *vp, 139778007886SRobert Watson struct label *vplabel, struct image_params *imgp, 1398ef5def59SRobert Watson struct label *execlabel) 1399d8a7b7a3SRobert Watson { 1400d8a7b7a3SRobert Watson 1401d8a7b7a3SRobert Watson return (0); 1402d8a7b7a3SRobert Watson } 1403d8a7b7a3SRobert Watson 1404d8a7b7a3SRobert Watson static int 140530d239bcSRobert Watson stub_vnode_check_getacl(struct ucred *cred, struct vnode *vp, 140678007886SRobert Watson struct label *vplabel, acl_type_t type) 1407d8a7b7a3SRobert Watson { 1408d8a7b7a3SRobert Watson 1409d8a7b7a3SRobert Watson return (0); 1410d8a7b7a3SRobert Watson } 1411d8a7b7a3SRobert Watson 1412d8a7b7a3SRobert Watson static int 141330d239bcSRobert Watson stub_vnode_check_getextattr(struct ucred *cred, struct vnode *vp, 1414fefd0ac8SRobert Watson struct label *vplabel, int attrnamespace, const char *name) 1415d8a7b7a3SRobert Watson { 1416d8a7b7a3SRobert Watson 1417d8a7b7a3SRobert Watson return (0); 1418d8a7b7a3SRobert Watson } 1419d8a7b7a3SRobert Watson 1420d8a7b7a3SRobert Watson static int 142130d239bcSRobert Watson stub_vnode_check_link(struct ucred *cred, struct vnode *dvp, 142278007886SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 1423c27b50f5SRobert Watson struct componentname *cnp) 1424c27b50f5SRobert Watson { 1425c27b50f5SRobert Watson 1426c27b50f5SRobert Watson return (0); 1427c27b50f5SRobert Watson } 1428c27b50f5SRobert Watson 1429c27b50f5SRobert Watson static int 143030d239bcSRobert Watson stub_vnode_check_listextattr(struct ucred *cred, struct vnode *vp, 143178007886SRobert Watson struct label *vplabel, int attrnamespace) 143264f00af8SRobert Watson { 143364f00af8SRobert Watson 143464f00af8SRobert Watson return (0); 143564f00af8SRobert Watson } 143664f00af8SRobert Watson 143764f00af8SRobert Watson static int 143830d239bcSRobert Watson stub_vnode_check_lookup(struct ucred *cred, struct vnode *dvp, 143978007886SRobert Watson struct label *dvplabel, struct componentname *cnp) 1440d8a7b7a3SRobert Watson { 1441d8a7b7a3SRobert Watson 1442d8a7b7a3SRobert Watson return (0); 1443d8a7b7a3SRobert Watson } 1444d8a7b7a3SRobert Watson 1445d8a7b7a3SRobert Watson static int 144630d239bcSRobert Watson stub_vnode_check_mmap(struct ucred *cred, struct vnode *vp, 144778007886SRobert Watson struct label *vplabel, int prot, int flags) 1448e183f80eSRobert Watson { 1449e183f80eSRobert Watson 1450e183f80eSRobert Watson return (0); 1451e183f80eSRobert Watson } 1452e183f80eSRobert Watson 145317870c06SChristian S.J. Peron static void 145430d239bcSRobert Watson stub_vnode_check_mmap_downgrade(struct ucred *cred, struct vnode *vp, 145578007886SRobert Watson struct label *vplabel, int *prot) 145617870c06SChristian S.J. Peron { 145717870c06SChristian S.J. Peron 145817870c06SChristian S.J. Peron } 145917870c06SChristian S.J. Peron 146017870c06SChristian S.J. Peron static int 146130d239bcSRobert Watson stub_vnode_check_mprotect(struct ucred *cred, struct vnode *vp, 146278007886SRobert Watson struct label *vplabel, int prot) 146317870c06SChristian S.J. Peron { 146417870c06SChristian S.J. Peron 146517870c06SChristian S.J. Peron return (0); 146617870c06SChristian S.J. Peron } 146717870c06SChristian S.J. Peron 1468e183f80eSRobert Watson static int 146930d239bcSRobert Watson stub_vnode_check_open(struct ucred *cred, struct vnode *vp, 147015bc6b2bSEdward Tomasz Napierala struct label *vplabel, accmode_t accmode) 1471d8a7b7a3SRobert Watson { 1472d8a7b7a3SRobert Watson 1473d8a7b7a3SRobert Watson return (0); 1474d8a7b7a3SRobert Watson } 1475d8a7b7a3SRobert Watson 1476d8a7b7a3SRobert Watson static int 147730d239bcSRobert Watson stub_vnode_check_poll(struct ucred *active_cred, struct ucred *file_cred, 147878007886SRobert Watson struct vnode *vp, struct label *vplabel) 14797f724f8bSRobert Watson { 14807f724f8bSRobert Watson 14817f724f8bSRobert Watson return (0); 14827f724f8bSRobert Watson } 14837f724f8bSRobert Watson 14847f724f8bSRobert Watson static int 148530d239bcSRobert Watson stub_vnode_check_read(struct ucred *active_cred, struct ucred *file_cred, 148678007886SRobert Watson struct vnode *vp, struct label *vplabel) 14877f724f8bSRobert Watson { 14887f724f8bSRobert Watson 14897f724f8bSRobert Watson return (0); 14907f724f8bSRobert Watson } 14917f724f8bSRobert Watson 14927f724f8bSRobert Watson static int 149330d239bcSRobert Watson stub_vnode_check_readdir(struct ucred *cred, struct vnode *vp, 149478007886SRobert Watson struct label *dvplabel) 1495d8a7b7a3SRobert Watson { 1496d8a7b7a3SRobert Watson 1497d8a7b7a3SRobert Watson return (0); 1498d8a7b7a3SRobert Watson } 1499d8a7b7a3SRobert Watson 1500d8a7b7a3SRobert Watson static int 150130d239bcSRobert Watson stub_vnode_check_readlink(struct ucred *cred, struct vnode *vp, 150278007886SRobert Watson struct label *vplabel) 1503d8a7b7a3SRobert Watson { 1504d8a7b7a3SRobert Watson 1505d8a7b7a3SRobert Watson return (0); 1506d8a7b7a3SRobert Watson } 1507d8a7b7a3SRobert Watson 1508d8a7b7a3SRobert Watson static int 150930d239bcSRobert Watson stub_vnode_check_relabel(struct ucred *cred, struct vnode *vp, 151078007886SRobert Watson struct label *vplabel, struct label *newlabel) 1511d8a7b7a3SRobert Watson { 1512d8a7b7a3SRobert Watson 1513d8a7b7a3SRobert Watson return (0); 1514d8a7b7a3SRobert Watson } 1515d8a7b7a3SRobert Watson 1516d8a7b7a3SRobert Watson static int 151730d239bcSRobert Watson stub_vnode_check_rename_from(struct ucred *cred, struct vnode *dvp, 151878007886SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 1519d8a7b7a3SRobert Watson struct componentname *cnp) 1520d8a7b7a3SRobert Watson { 1521d8a7b7a3SRobert Watson 1522d8a7b7a3SRobert Watson return (0); 1523d8a7b7a3SRobert Watson } 1524d8a7b7a3SRobert Watson 1525d8a7b7a3SRobert Watson static int 152630d239bcSRobert Watson stub_vnode_check_rename_to(struct ucred *cred, struct vnode *dvp, 152778007886SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 152878007886SRobert Watson int samedir, struct componentname *cnp) 1529d8a7b7a3SRobert Watson { 1530d8a7b7a3SRobert Watson 1531d8a7b7a3SRobert Watson return (0); 1532d8a7b7a3SRobert Watson } 1533d8a7b7a3SRobert Watson 1534d8a7b7a3SRobert Watson static int 153530d239bcSRobert Watson stub_vnode_check_revoke(struct ucred *cred, struct vnode *vp, 153678007886SRobert Watson struct label *vplabel) 1537d8a7b7a3SRobert Watson { 1538d8a7b7a3SRobert Watson 1539d8a7b7a3SRobert Watson return (0); 1540d8a7b7a3SRobert Watson } 1541d8a7b7a3SRobert Watson 1542d8a7b7a3SRobert Watson static int 154330d239bcSRobert Watson stub_vnode_check_setacl(struct ucred *cred, struct vnode *vp, 154478007886SRobert Watson struct label *vplabel, acl_type_t type, struct acl *acl) 1545d8a7b7a3SRobert Watson { 1546d8a7b7a3SRobert Watson 1547d8a7b7a3SRobert Watson return (0); 1548d8a7b7a3SRobert Watson } 1549d8a7b7a3SRobert Watson 1550d8a7b7a3SRobert Watson static int 155130d239bcSRobert Watson stub_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, 1552fefd0ac8SRobert Watson struct label *vplabel, int attrnamespace, const char *name) 1553d8a7b7a3SRobert Watson { 1554d8a7b7a3SRobert Watson 1555d8a7b7a3SRobert Watson return (0); 1556d8a7b7a3SRobert Watson } 1557d8a7b7a3SRobert Watson 1558d8a7b7a3SRobert Watson static int 155930d239bcSRobert Watson stub_vnode_check_setflags(struct ucred *cred, struct vnode *vp, 156078007886SRobert Watson struct label *vplabel, u_long flags) 1561d8a7b7a3SRobert Watson { 1562d8a7b7a3SRobert Watson 1563d8a7b7a3SRobert Watson return (0); 1564d8a7b7a3SRobert Watson } 1565d8a7b7a3SRobert Watson 1566d8a7b7a3SRobert Watson static int 156730d239bcSRobert Watson stub_vnode_check_setmode(struct ucred *cred, struct vnode *vp, 156878007886SRobert Watson struct label *vplabel, mode_t mode) 1569d8a7b7a3SRobert Watson { 1570d8a7b7a3SRobert Watson 1571d8a7b7a3SRobert Watson return (0); 1572d8a7b7a3SRobert Watson } 1573d8a7b7a3SRobert Watson 1574d8a7b7a3SRobert Watson static int 157530d239bcSRobert Watson stub_vnode_check_setowner(struct ucred *cred, struct vnode *vp, 157678007886SRobert Watson struct label *vplabel, uid_t uid, gid_t gid) 1577d8a7b7a3SRobert Watson { 1578d8a7b7a3SRobert Watson 1579d8a7b7a3SRobert Watson return (0); 1580d8a7b7a3SRobert Watson } 1581d8a7b7a3SRobert Watson 1582d8a7b7a3SRobert Watson static int 158330d239bcSRobert Watson stub_vnode_check_setutimes(struct ucred *cred, struct vnode *vp, 158478007886SRobert Watson struct label *vplabel, struct timespec atime, struct timespec mtime) 1585d8a7b7a3SRobert Watson { 1586d8a7b7a3SRobert Watson 1587d8a7b7a3SRobert Watson return (0); 1588d8a7b7a3SRobert Watson } 1589d8a7b7a3SRobert Watson 1590d8a7b7a3SRobert Watson static int 159130d239bcSRobert Watson stub_vnode_check_stat(struct ucred *active_cred, struct ucred *file_cred, 159278007886SRobert Watson struct vnode *vp, struct label *vplabel) 1593d8a7b7a3SRobert Watson { 1594d8a7b7a3SRobert Watson 1595d8a7b7a3SRobert Watson return (0); 1596d8a7b7a3SRobert Watson } 1597d8a7b7a3SRobert Watson 15987f724f8bSRobert Watson static int 159930d239bcSRobert Watson stub_vnode_check_unlink(struct ucred *cred, struct vnode *dvp, 160045e0f3d6SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 160145e0f3d6SRobert Watson struct componentname *cnp) 160245e0f3d6SRobert Watson { 160345e0f3d6SRobert Watson 160445e0f3d6SRobert Watson return (0); 160545e0f3d6SRobert Watson } 160645e0f3d6SRobert Watson 160745e0f3d6SRobert Watson static int 160830d239bcSRobert Watson stub_vnode_check_write(struct ucred *active_cred, struct ucred *file_cred, 160978007886SRobert Watson struct vnode *vp, struct label *vplabel) 16107f724f8bSRobert Watson { 16117f724f8bSRobert Watson 16127f724f8bSRobert Watson return (0); 16137f724f8bSRobert Watson } 16147f724f8bSRobert Watson 1615403b781eSRobert Watson static int 1616eb320b0eSRobert Watson stub_vnode_create_extattr(struct ucred *cred, struct mount *mp, 1617eb320b0eSRobert Watson struct label *mntlabel, struct vnode *dvp, struct label *dvplabel, 1618eb320b0eSRobert Watson struct vnode *vp, struct label *vplabel, struct componentname *cnp) 1619403b781eSRobert Watson { 1620403b781eSRobert Watson 1621403b781eSRobert Watson return (0); 1622403b781eSRobert Watson } 1623403b781eSRobert Watson 1624eb320b0eSRobert Watson static void 1625eb320b0eSRobert Watson stub_vnode_execve_transition(struct ucred *old, struct ucred *new, 1626eb320b0eSRobert Watson struct vnode *vp, struct label *vplabel, struct label *interpvplabel, 1627eb320b0eSRobert Watson struct image_params *imgp, struct label *execlabel) 1628403b781eSRobert Watson { 1629403b781eSRobert Watson 1630403b781eSRobert Watson } 1631403b781eSRobert Watson 1632eb320b0eSRobert Watson static int 1633eb320b0eSRobert Watson stub_vnode_execve_will_transition(struct ucred *old, struct vnode *vp, 1634eb320b0eSRobert Watson struct label *vplabel, struct label *interpvplabel, 1635eb320b0eSRobert Watson struct image_params *imgp, struct label *execlabel) 1636eb320b0eSRobert Watson { 1637eb320b0eSRobert Watson 1638eb320b0eSRobert Watson return (0); 1639eb320b0eSRobert Watson } 1640eb320b0eSRobert Watson 1641eb320b0eSRobert Watson static void 1642eb320b0eSRobert Watson stub_vnode_relabel(struct ucred *cred, struct vnode *vp, 1643eb320b0eSRobert Watson struct label *vplabel, struct label *label) 1644eb320b0eSRobert Watson { 1645eb320b0eSRobert Watson 1646eb320b0eSRobert Watson } 1647eb320b0eSRobert Watson 1648eb320b0eSRobert Watson static int 1649eb320b0eSRobert Watson stub_vnode_setlabel_extattr(struct ucred *cred, struct vnode *vp, 1650eb320b0eSRobert Watson struct label *vplabel, struct label *intlabel) 1651eb320b0eSRobert Watson { 1652eb320b0eSRobert Watson 1653eb320b0eSRobert Watson return (0); 1654eb320b0eSRobert Watson } 1655eb320b0eSRobert Watson 1656eb320b0eSRobert Watson /* 1657eb320b0eSRobert Watson * Register functions with MAC Framework policy entry points. 1658eb320b0eSRobert Watson */ 16593f1a7a90SRobert Watson static struct mac_policy_ops stub_ops = 1660d8a7b7a3SRobert Watson { 16611c3f91cdSRobert Watson .mpo_destroy = stub_destroy, 16621c3f91cdSRobert Watson .mpo_init = stub_init, 16631c3f91cdSRobert Watson .mpo_syscall = stub_syscall, 1664eb320b0eSRobert Watson 1665eb320b0eSRobert Watson .mpo_bpfdesc_check_receive = stub_bpfdesc_check_receive, 1666eb320b0eSRobert Watson .mpo_bpfdesc_create = stub_bpfdesc_create, 1667eb320b0eSRobert Watson .mpo_bpfdesc_create_mbuf = stub_bpfdesc_create_mbuf, 166830d239bcSRobert Watson .mpo_bpfdesc_destroy_label = stub_destroy_label, 1669eb320b0eSRobert Watson .mpo_bpfdesc_init_label = stub_init_label, 1670eb320b0eSRobert Watson 1671212ab0cfSRobert Watson .mpo_cred_associate_nfsd = stub_cred_associate_nfsd, 1672eb320b0eSRobert Watson .mpo_cred_check_relabel = stub_cred_check_relabel, 16736f6174a7SRobert Watson .mpo_cred_check_setaudit = stub_cred_check_setaudit, 16746f6174a7SRobert Watson .mpo_cred_check_setaudit_addr = stub_cred_check_setaudit_addr, 16756f6174a7SRobert Watson .mpo_cred_check_setauid = stub_cred_check_setauid, 16766f6174a7SRobert Watson .mpo_cred_check_setegid = stub_cred_check_setegid, 16776f6174a7SRobert Watson .mpo_cred_check_seteuid = stub_cred_check_seteuid, 16786f6174a7SRobert Watson .mpo_cred_check_setgid = stub_cred_check_setgid, 16796f6174a7SRobert Watson .mpo_cred_check_setgroups = stub_cred_check_setgroups, 16806f6174a7SRobert Watson .mpo_cred_check_setregid = stub_cred_check_setregid, 16816f6174a7SRobert Watson .mpo_cred_check_setresgid = stub_cred_check_setresgid, 16826f6174a7SRobert Watson .mpo_cred_check_setresuid = stub_cred_check_setresuid, 16836f6174a7SRobert Watson .mpo_cred_check_setreuid = stub_cred_check_setreuid, 16846f6174a7SRobert Watson .mpo_cred_check_setuid = stub_cred_check_setuid, 1685eb320b0eSRobert Watson .mpo_cred_check_visible = stub_cred_check_visible, 168630d239bcSRobert Watson .mpo_cred_copy_label = stub_copy_label, 1687212ab0cfSRobert Watson .mpo_cred_create_init = stub_cred_create_init, 1688212ab0cfSRobert Watson .mpo_cred_create_swapper = stub_cred_create_swapper, 1689eb320b0eSRobert Watson .mpo_cred_destroy_label = stub_destroy_label, 169030d239bcSRobert Watson .mpo_cred_externalize_label = stub_externalize_label, 1691eb320b0eSRobert Watson .mpo_cred_init_label = stub_init_label, 169230d239bcSRobert Watson .mpo_cred_internalize_label = stub_internalize_label, 1693eb320b0eSRobert Watson .mpo_cred_relabel= stub_cred_relabel, 1694eb320b0eSRobert Watson 169530d239bcSRobert Watson .mpo_devfs_create_device = stub_devfs_create_device, 169630d239bcSRobert Watson .mpo_devfs_create_directory = stub_devfs_create_directory, 169730d239bcSRobert Watson .mpo_devfs_create_symlink = stub_devfs_create_symlink, 1698eb320b0eSRobert Watson .mpo_devfs_destroy_label = stub_destroy_label, 1699eb320b0eSRobert Watson .mpo_devfs_init_label = stub_init_label, 170030d239bcSRobert Watson .mpo_devfs_update = stub_devfs_update, 1701eb320b0eSRobert Watson .mpo_devfs_vnode_associate = stub_devfs_vnode_associate, 1702eb320b0eSRobert Watson 170330d239bcSRobert Watson .mpo_ifnet_check_relabel = stub_ifnet_check_relabel, 170430d239bcSRobert Watson .mpo_ifnet_check_transmit = stub_ifnet_check_transmit, 1705eb320b0eSRobert Watson .mpo_ifnet_copy_label = stub_copy_label, 1706eb320b0eSRobert Watson .mpo_ifnet_create = stub_ifnet_create, 1707eb320b0eSRobert Watson .mpo_ifnet_create_mbuf = stub_ifnet_create_mbuf, 1708eb320b0eSRobert Watson .mpo_ifnet_destroy_label = stub_destroy_label, 1709eb320b0eSRobert Watson .mpo_ifnet_externalize_label = stub_externalize_label, 1710eb320b0eSRobert Watson .mpo_ifnet_init_label = stub_init_label, 1711eb320b0eSRobert Watson .mpo_ifnet_internalize_label = stub_internalize_label, 1712eb320b0eSRobert Watson .mpo_ifnet_relabel = stub_ifnet_relabel, 1713eb320b0eSRobert Watson 171430d239bcSRobert Watson .mpo_inpcb_check_deliver = stub_inpcb_check_deliver, 17157fb179baSBjoern A. Zeeb .mpo_inpcb_check_visible = stub_inpcb_check_visible, 1716eb320b0eSRobert Watson .mpo_inpcb_create = stub_inpcb_create, 1717eb320b0eSRobert Watson .mpo_inpcb_create_mbuf = stub_inpcb_create_mbuf, 1718eb320b0eSRobert Watson .mpo_inpcb_destroy_label = stub_destroy_label, 1719eb320b0eSRobert Watson .mpo_inpcb_init_label = stub_init_label_waitcheck, 1720eb320b0eSRobert Watson .mpo_inpcb_sosetlabel = stub_inpcb_sosetlabel, 1721eb320b0eSRobert Watson 1722048e1287SRobert Watson .mpo_ip6q_create = stub_ip6q_create, 1723048e1287SRobert Watson .mpo_ip6q_destroy_label = stub_destroy_label, 1724048e1287SRobert Watson .mpo_ip6q_init_label = stub_init_label_waitcheck, 1725048e1287SRobert Watson .mpo_ip6q_match = stub_ip6q_match, 1726048e1287SRobert Watson .mpo_ip6q_update = stub_ip6q_update, 1727048e1287SRobert Watson .mpo_ip6q_reassemble = stub_ip6q_reassemble, 1728048e1287SRobert Watson 1729eb320b0eSRobert Watson .mpo_ipq_create = stub_ipq_create, 1730eb320b0eSRobert Watson .mpo_ipq_destroy_label = stub_destroy_label, 1731eb320b0eSRobert Watson .mpo_ipq_init_label = stub_init_label_waitcheck, 1732eb320b0eSRobert Watson .mpo_ipq_match = stub_ipq_match, 1733eb320b0eSRobert Watson .mpo_ipq_update = stub_ipq_update, 1734eb320b0eSRobert Watson .mpo_ipq_reassemble = stub_ipq_reassemble, 1735eb320b0eSRobert Watson 173630d239bcSRobert Watson .mpo_kenv_check_dump = stub_kenv_check_dump, 173730d239bcSRobert Watson .mpo_kenv_check_get = stub_kenv_check_get, 173830d239bcSRobert Watson .mpo_kenv_check_set = stub_kenv_check_set, 173930d239bcSRobert Watson .mpo_kenv_check_unset = stub_kenv_check_unset, 1740eb320b0eSRobert Watson 174130d239bcSRobert Watson .mpo_kld_check_load = stub_kld_check_load, 174230d239bcSRobert Watson .mpo_kld_check_stat = stub_kld_check_stat, 1743eb320b0eSRobert Watson 1744eb320b0eSRobert Watson .mpo_mbuf_copy_label = stub_copy_label, 1745eb320b0eSRobert Watson .mpo_mbuf_destroy_label = stub_destroy_label, 1746eb320b0eSRobert Watson .mpo_mbuf_init_label = stub_init_label_waitcheck, 1747eb320b0eSRobert Watson 174830d239bcSRobert Watson .mpo_mount_check_stat = stub_mount_check_stat, 1749eb320b0eSRobert Watson .mpo_mount_create = stub_mount_create, 1750eb320b0eSRobert Watson .mpo_mount_destroy_label = stub_destroy_label, 1751eb320b0eSRobert Watson .mpo_mount_init_label = stub_init_label, 1752eb320b0eSRobert Watson 1753eb320b0eSRobert Watson .mpo_netinet_arp_send = stub_netinet_arp_send, 1754eb320b0eSRobert Watson .mpo_netinet_firewall_reply = stub_netinet_firewall_reply, 1755eb320b0eSRobert Watson .mpo_netinet_firewall_send = stub_netinet_firewall_send, 1756eb320b0eSRobert Watson .mpo_netinet_fragment = stub_netinet_fragment, 1757eb320b0eSRobert Watson .mpo_netinet_icmp_reply = stub_netinet_icmp_reply, 1758eb320b0eSRobert Watson .mpo_netinet_icmp_replyinplace = stub_netinet_icmp_replyinplace, 1759eb320b0eSRobert Watson .mpo_netinet_tcp_reply = stub_netinet_tcp_reply, 1760eb320b0eSRobert Watson .mpo_netinet_igmp_send = stub_netinet_igmp_send, 1761eb320b0eSRobert Watson 1762eb320b0eSRobert Watson .mpo_netinet6_nd6_send = stub_netinet6_nd6_send, 1763eb320b0eSRobert Watson 176430d239bcSRobert Watson .mpo_pipe_check_ioctl = stub_pipe_check_ioctl, 176530d239bcSRobert Watson .mpo_pipe_check_poll = stub_pipe_check_poll, 176630d239bcSRobert Watson .mpo_pipe_check_read = stub_pipe_check_read, 176730d239bcSRobert Watson .mpo_pipe_check_relabel = stub_pipe_check_relabel, 176830d239bcSRobert Watson .mpo_pipe_check_stat = stub_pipe_check_stat, 176930d239bcSRobert Watson .mpo_pipe_check_write = stub_pipe_check_write, 1770eb320b0eSRobert Watson .mpo_pipe_copy_label = stub_copy_label, 1771eb320b0eSRobert Watson .mpo_pipe_create = stub_pipe_create, 1772eb320b0eSRobert Watson .mpo_pipe_destroy_label = stub_destroy_label, 1773eb320b0eSRobert Watson .mpo_pipe_externalize_label = stub_externalize_label, 1774eb320b0eSRobert Watson .mpo_pipe_init_label = stub_init_label, 1775eb320b0eSRobert Watson .mpo_pipe_internalize_label = stub_internalize_label, 1776eb320b0eSRobert Watson .mpo_pipe_relabel = stub_pipe_relabel, 1777eb320b0eSRobert Watson 177830d239bcSRobert Watson .mpo_posixsem_check_getvalue = stub_posixsem_check_getvalue, 177930d239bcSRobert Watson .mpo_posixsem_check_open = stub_posixsem_check_open, 178030d239bcSRobert Watson .mpo_posixsem_check_post = stub_posixsem_check_post, 17819c00bb91SKonstantin Belousov .mpo_posixsem_check_setmode = stub_posixsem_check_setmode, 17829c00bb91SKonstantin Belousov .mpo_posixsem_check_setowner = stub_posixsem_check_setowner, 17836bc1e9cdSJohn Baldwin .mpo_posixsem_check_stat = stub_posixsem_check_stat, 178430d239bcSRobert Watson .mpo_posixsem_check_unlink = stub_posixsem_check_unlink, 178530d239bcSRobert Watson .mpo_posixsem_check_wait = stub_posixsem_check_wait, 1786eb320b0eSRobert Watson .mpo_posixsem_create = stub_posixsem_create, 1787eb320b0eSRobert Watson .mpo_posixsem_destroy_label = stub_destroy_label, 1788eb320b0eSRobert Watson .mpo_posixsem_init_label = stub_init_label, 1789eb320b0eSRobert Watson 17909b6dd12eSRobert Watson .mpo_posixshm_check_create = stub_posixshm_check_create, 17918e38aeffSJohn Baldwin .mpo_posixshm_check_mmap = stub_posixshm_check_mmap, 17928e38aeffSJohn Baldwin .mpo_posixshm_check_open = stub_posixshm_check_open, 1793940cb0e2SKonstantin Belousov .mpo_posixshm_check_read = stub_posixshm_check_read, 17949c00bb91SKonstantin Belousov .mpo_posixshm_check_setmode = stub_posixshm_check_setmode, 17959c00bb91SKonstantin Belousov .mpo_posixshm_check_setowner = stub_posixshm_check_setowner, 17968e38aeffSJohn Baldwin .mpo_posixshm_check_stat = stub_posixshm_check_stat, 17978e38aeffSJohn Baldwin .mpo_posixshm_check_truncate = stub_posixshm_check_truncate, 17988e38aeffSJohn Baldwin .mpo_posixshm_check_unlink = stub_posixshm_check_unlink, 1799940cb0e2SKonstantin Belousov .mpo_posixshm_check_write = stub_posixshm_check_write, 18008e38aeffSJohn Baldwin .mpo_posixshm_create = stub_posixshm_create, 18018e38aeffSJohn Baldwin .mpo_posixshm_destroy_label = stub_destroy_label, 18028e38aeffSJohn Baldwin .mpo_posixshm_init_label = stub_init_label, 18038e38aeffSJohn Baldwin 1804eb320b0eSRobert Watson .mpo_priv_check = stub_priv_check, 1805eb320b0eSRobert Watson .mpo_priv_grant = stub_priv_grant, 1806eb320b0eSRobert Watson 180730d239bcSRobert Watson .mpo_proc_check_debug = stub_proc_check_debug, 180830d239bcSRobert Watson .mpo_proc_check_sched = stub_proc_check_sched, 180930d239bcSRobert Watson .mpo_proc_check_signal = stub_proc_check_signal, 181030d239bcSRobert Watson .mpo_proc_check_wait = stub_proc_check_wait, 1811eb320b0eSRobert Watson 181230d239bcSRobert Watson .mpo_socket_check_accept = stub_socket_check_accept, 181330d239bcSRobert Watson .mpo_socket_check_bind = stub_socket_check_bind, 181430d239bcSRobert Watson .mpo_socket_check_connect = stub_socket_check_connect, 181530d239bcSRobert Watson .mpo_socket_check_create = stub_socket_check_create, 181630d239bcSRobert Watson .mpo_socket_check_deliver = stub_socket_check_deliver, 181730d239bcSRobert Watson .mpo_socket_check_listen = stub_socket_check_listen, 181830d239bcSRobert Watson .mpo_socket_check_poll = stub_socket_check_poll, 181930d239bcSRobert Watson .mpo_socket_check_receive = stub_socket_check_receive, 182030d239bcSRobert Watson .mpo_socket_check_relabel = stub_socket_check_relabel, 182130d239bcSRobert Watson .mpo_socket_check_send = stub_socket_check_send, 182230d239bcSRobert Watson .mpo_socket_check_stat = stub_socket_check_stat, 182330d239bcSRobert Watson .mpo_socket_check_visible = stub_socket_check_visible, 1824eb320b0eSRobert Watson .mpo_socket_copy_label = stub_copy_label, 1825eb320b0eSRobert Watson .mpo_socket_create = stub_socket_create, 1826eb320b0eSRobert Watson .mpo_socket_create_mbuf = stub_socket_create_mbuf, 1827eb320b0eSRobert Watson .mpo_socket_destroy_label = stub_destroy_label, 1828eb320b0eSRobert Watson .mpo_socket_externalize_label = stub_externalize_label, 1829eb320b0eSRobert Watson .mpo_socket_init_label = stub_init_label_waitcheck, 1830eb320b0eSRobert Watson .mpo_socket_internalize_label = stub_internalize_label, 1831eb320b0eSRobert Watson .mpo_socket_newconn = stub_socket_newconn, 1832eb320b0eSRobert Watson .mpo_socket_relabel = stub_socket_relabel, 1833eb320b0eSRobert Watson 1834eb320b0eSRobert Watson .mpo_socketpeer_destroy_label = stub_destroy_label, 1835eb320b0eSRobert Watson .mpo_socketpeer_externalize_label = stub_externalize_label, 1836eb320b0eSRobert Watson .mpo_socketpeer_init_label = stub_init_label_waitcheck, 1837eb320b0eSRobert Watson .mpo_socketpeer_set_from_mbuf = stub_socketpeer_set_from_mbuf, 1838eb320b0eSRobert Watson .mpo_socketpeer_set_from_socket = stub_socketpeer_set_from_socket, 1839eb320b0eSRobert Watson 1840eb320b0eSRobert Watson .mpo_syncache_init_label = stub_init_label_waitcheck, 1841eb320b0eSRobert Watson .mpo_syncache_destroy_label = stub_destroy_label, 1842eb320b0eSRobert Watson .mpo_syncache_create = stub_syncache_create, 1843eb320b0eSRobert Watson .mpo_syncache_create_mbuf= stub_syncache_create_mbuf, 1844eb320b0eSRobert Watson 1845eb320b0eSRobert Watson .mpo_sysvmsg_cleanup = stub_sysvmsg_cleanup, 1846eb320b0eSRobert Watson .mpo_sysvmsg_create = stub_sysvmsg_create, 1847eb320b0eSRobert Watson .mpo_sysvmsg_destroy_label = stub_destroy_label, 1848eb320b0eSRobert Watson .mpo_sysvmsg_init_label = stub_init_label, 1849eb320b0eSRobert Watson 1850eb320b0eSRobert Watson .mpo_sysvmsq_check_msgmsq = stub_sysvmsq_check_msgmsq, 1851eb320b0eSRobert Watson .mpo_sysvmsq_check_msgrcv = stub_sysvmsq_check_msgrcv, 1852eb320b0eSRobert Watson .mpo_sysvmsq_check_msgrmid = stub_sysvmsq_check_msgrmid, 1853eb320b0eSRobert Watson .mpo_sysvmsq_check_msqget = stub_sysvmsq_check_msqget, 1854eb320b0eSRobert Watson .mpo_sysvmsq_check_msqsnd = stub_sysvmsq_check_msqsnd, 1855eb320b0eSRobert Watson .mpo_sysvmsq_check_msqrcv = stub_sysvmsq_check_msqrcv, 1856eb320b0eSRobert Watson .mpo_sysvmsq_check_msqctl = stub_sysvmsq_check_msqctl, 1857eb320b0eSRobert Watson .mpo_sysvmsq_cleanup = stub_sysvmsq_cleanup, 1858eb320b0eSRobert Watson .mpo_sysvmsq_create = stub_sysvmsq_create, 1859eb320b0eSRobert Watson .mpo_sysvmsq_destroy_label = stub_destroy_label, 1860eb320b0eSRobert Watson .mpo_sysvmsq_init_label = stub_init_label, 1861eb320b0eSRobert Watson 1862eb320b0eSRobert Watson .mpo_sysvsem_check_semctl = stub_sysvsem_check_semctl, 1863eb320b0eSRobert Watson .mpo_sysvsem_check_semget = stub_sysvsem_check_semget, 1864eb320b0eSRobert Watson .mpo_sysvsem_check_semop = stub_sysvsem_check_semop, 1865eb320b0eSRobert Watson .mpo_sysvsem_cleanup = stub_sysvsem_cleanup, 1866eb320b0eSRobert Watson .mpo_sysvsem_create = stub_sysvsem_create, 1867eb320b0eSRobert Watson .mpo_sysvsem_destroy_label = stub_destroy_label, 1868eb320b0eSRobert Watson .mpo_sysvsem_init_label = stub_init_label, 1869eb320b0eSRobert Watson 1870eb320b0eSRobert Watson .mpo_sysvshm_check_shmat = stub_sysvshm_check_shmat, 1871eb320b0eSRobert Watson .mpo_sysvshm_check_shmctl = stub_sysvshm_check_shmctl, 1872eb320b0eSRobert Watson .mpo_sysvshm_check_shmdt = stub_sysvshm_check_shmdt, 1873eb320b0eSRobert Watson .mpo_sysvshm_check_shmget = stub_sysvshm_check_shmget, 1874eb320b0eSRobert Watson .mpo_sysvshm_cleanup = stub_sysvshm_cleanup, 1875eb320b0eSRobert Watson .mpo_sysvshm_create = stub_sysvshm_create, 1876eb320b0eSRobert Watson .mpo_sysvshm_destroy_label = stub_destroy_label, 1877eb320b0eSRobert Watson .mpo_sysvshm_init_label = stub_init_label, 1878eb320b0eSRobert Watson 187930d239bcSRobert Watson .mpo_system_check_acct = stub_system_check_acct, 188030d239bcSRobert Watson .mpo_system_check_audit = stub_system_check_audit, 188130d239bcSRobert Watson .mpo_system_check_auditctl = stub_system_check_auditctl, 188230d239bcSRobert Watson .mpo_system_check_auditon = stub_system_check_auditon, 188330d239bcSRobert Watson .mpo_system_check_reboot = stub_system_check_reboot, 188430d239bcSRobert Watson .mpo_system_check_swapoff = stub_system_check_swapoff, 188530d239bcSRobert Watson .mpo_system_check_swapon = stub_system_check_swapon, 188630d239bcSRobert Watson .mpo_system_check_sysctl = stub_system_check_sysctl, 1887eb320b0eSRobert Watson 1888eb320b0eSRobert Watson .mpo_thread_userret = stub_thread_userret, 1889eb320b0eSRobert Watson 1890eb320b0eSRobert Watson .mpo_vnode_associate_extattr = stub_vnode_associate_extattr, 1891eb320b0eSRobert Watson .mpo_vnode_associate_singlelabel = stub_vnode_associate_singlelabel, 189230d239bcSRobert Watson .mpo_vnode_check_access = stub_vnode_check_access, 189330d239bcSRobert Watson .mpo_vnode_check_chdir = stub_vnode_check_chdir, 189430d239bcSRobert Watson .mpo_vnode_check_chroot = stub_vnode_check_chroot, 189530d239bcSRobert Watson .mpo_vnode_check_create = stub_vnode_check_create, 189630d239bcSRobert Watson .mpo_vnode_check_deleteacl = stub_vnode_check_deleteacl, 189730d239bcSRobert Watson .mpo_vnode_check_deleteextattr = stub_vnode_check_deleteextattr, 189830d239bcSRobert Watson .mpo_vnode_check_exec = stub_vnode_check_exec, 189930d239bcSRobert Watson .mpo_vnode_check_getacl = stub_vnode_check_getacl, 190030d239bcSRobert Watson .mpo_vnode_check_getextattr = stub_vnode_check_getextattr, 190130d239bcSRobert Watson .mpo_vnode_check_link = stub_vnode_check_link, 190230d239bcSRobert Watson .mpo_vnode_check_listextattr = stub_vnode_check_listextattr, 190330d239bcSRobert Watson .mpo_vnode_check_lookup = stub_vnode_check_lookup, 190430d239bcSRobert Watson .mpo_vnode_check_mmap = stub_vnode_check_mmap, 190530d239bcSRobert Watson .mpo_vnode_check_mmap_downgrade = stub_vnode_check_mmap_downgrade, 190630d239bcSRobert Watson .mpo_vnode_check_mprotect = stub_vnode_check_mprotect, 190730d239bcSRobert Watson .mpo_vnode_check_open = stub_vnode_check_open, 190830d239bcSRobert Watson .mpo_vnode_check_poll = stub_vnode_check_poll, 190930d239bcSRobert Watson .mpo_vnode_check_read = stub_vnode_check_read, 191030d239bcSRobert Watson .mpo_vnode_check_readdir = stub_vnode_check_readdir, 191130d239bcSRobert Watson .mpo_vnode_check_readlink = stub_vnode_check_readlink, 191230d239bcSRobert Watson .mpo_vnode_check_relabel = stub_vnode_check_relabel, 191330d239bcSRobert Watson .mpo_vnode_check_rename_from = stub_vnode_check_rename_from, 191430d239bcSRobert Watson .mpo_vnode_check_rename_to = stub_vnode_check_rename_to, 191530d239bcSRobert Watson .mpo_vnode_check_revoke = stub_vnode_check_revoke, 191630d239bcSRobert Watson .mpo_vnode_check_setacl = stub_vnode_check_setacl, 191730d239bcSRobert Watson .mpo_vnode_check_setextattr = stub_vnode_check_setextattr, 191830d239bcSRobert Watson .mpo_vnode_check_setflags = stub_vnode_check_setflags, 191930d239bcSRobert Watson .mpo_vnode_check_setmode = stub_vnode_check_setmode, 192030d239bcSRobert Watson .mpo_vnode_check_setowner = stub_vnode_check_setowner, 192130d239bcSRobert Watson .mpo_vnode_check_setutimes = stub_vnode_check_setutimes, 192230d239bcSRobert Watson .mpo_vnode_check_stat = stub_vnode_check_stat, 192330d239bcSRobert Watson .mpo_vnode_check_unlink = stub_vnode_check_unlink, 192430d239bcSRobert Watson .mpo_vnode_check_write = stub_vnode_check_write, 1925eb320b0eSRobert Watson .mpo_vnode_copy_label = stub_copy_label, 1926eb320b0eSRobert Watson .mpo_vnode_create_extattr = stub_vnode_create_extattr, 1927eb320b0eSRobert Watson .mpo_vnode_destroy_label = stub_destroy_label, 1928eb320b0eSRobert Watson .mpo_vnode_execve_transition = stub_vnode_execve_transition, 1929eb320b0eSRobert Watson .mpo_vnode_execve_will_transition = stub_vnode_execve_will_transition, 1930eb320b0eSRobert Watson .mpo_vnode_externalize_label = stub_externalize_label, 1931eb320b0eSRobert Watson .mpo_vnode_init_label = stub_init_label, 1932eb320b0eSRobert Watson .mpo_vnode_internalize_label = stub_internalize_label, 1933eb320b0eSRobert Watson .mpo_vnode_relabel = stub_vnode_relabel, 1934eb320b0eSRobert Watson .mpo_vnode_setlabel_extattr = stub_vnode_setlabel_extattr, 1935d8a7b7a3SRobert Watson }; 1936d8a7b7a3SRobert Watson 19373f1a7a90SRobert Watson MAC_POLICY_SET(&stub_ops, mac_stub, "TrustedBSD MAC/Stub", 19389162f64bSRobert Watson MPC_LOADTIME_FLAG_UNLOADOK, NULL); 1939