1d8a7b7a3SRobert Watson /*- 218717f69SRobert Watson * Copyright (c) 1999-2002, 2007 Robert N. M. Watson 3ba53d9c9SRobert Watson * Copyright (c) 2001-2005 McAfee, Inc. 46758f88eSRobert Watson * Copyright (c) 2005 SPARTA, Inc. 5d8a7b7a3SRobert Watson * All rights reserved. 6d8a7b7a3SRobert Watson * 7d8a7b7a3SRobert Watson * This software was developed by Robert Watson for the TrustedBSD Project. 8d8a7b7a3SRobert Watson * 9ba53d9c9SRobert Watson * This software was developed for the FreeBSD Project in part by McAfee 10ba53d9c9SRobert Watson * Research, the Security Research Division of McAfee, Inc. under 11ba53d9c9SRobert Watson * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA 12ba53d9c9SRobert Watson * CHATS research program. 13d8a7b7a3SRobert Watson * 146758f88eSRobert Watson * This software was enhanced by SPARTA ISSO under SPAWAR contract 156758f88eSRobert Watson * N66001-04-C-6019 ("SEFOS"). 166758f88eSRobert Watson * 17d8a7b7a3SRobert Watson * Redistribution and use in source and binary forms, with or without 18d8a7b7a3SRobert Watson * modification, are permitted provided that the following conditions 19d8a7b7a3SRobert Watson * are met: 20d8a7b7a3SRobert Watson * 1. Redistributions of source code must retain the above copyright 21d8a7b7a3SRobert Watson * notice, this list of conditions and the following disclaimer. 22d8a7b7a3SRobert Watson * 2. Redistributions in binary form must reproduce the above copyright 23d8a7b7a3SRobert Watson * notice, this list of conditions and the following disclaimer in the 24d8a7b7a3SRobert Watson * documentation and/or other materials provided with the distribution. 25d8a7b7a3SRobert Watson * 26d8a7b7a3SRobert Watson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 27d8a7b7a3SRobert Watson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28d8a7b7a3SRobert Watson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29d8a7b7a3SRobert Watson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 30d8a7b7a3SRobert Watson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31d8a7b7a3SRobert Watson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32d8a7b7a3SRobert Watson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33d8a7b7a3SRobert Watson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34d8a7b7a3SRobert Watson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35d8a7b7a3SRobert Watson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36d8a7b7a3SRobert Watson * SUCH DAMAGE. 37d8a7b7a3SRobert Watson * 38d8a7b7a3SRobert Watson * $FreeBSD$ 39d8a7b7a3SRobert Watson */ 40d8a7b7a3SRobert Watson 41d8a7b7a3SRobert Watson /* 42d8a7b7a3SRobert Watson * Developed by the TrustedBSD Project. 431c3f91cdSRobert Watson * 441c3f91cdSRobert Watson * Stub module that implements a NOOP for most (if not all) MAC Framework 451c3f91cdSRobert Watson * policy entry points. 46d8a7b7a3SRobert Watson */ 47d8a7b7a3SRobert Watson 48d8a7b7a3SRobert Watson #include <sys/types.h> 49d8a7b7a3SRobert Watson #include <sys/param.h> 50d8a7b7a3SRobert Watson #include <sys/acl.h> 51d8a7b7a3SRobert Watson #include <sys/conf.h> 52763bbd2fSRobert Watson #include <sys/extattr.h> 53d8a7b7a3SRobert Watson #include <sys/kernel.h> 546aeb05d7STom Rhodes #include <sys/ksem.h> 55d8a7b7a3SRobert Watson #include <sys/mount.h> 56d8a7b7a3SRobert Watson #include <sys/proc.h> 57d8a7b7a3SRobert Watson #include <sys/systm.h> 58d8a7b7a3SRobert Watson #include <sys/sysproto.h> 59d8a7b7a3SRobert Watson #include <sys/sysent.h> 60d8a7b7a3SRobert Watson #include <sys/vnode.h> 61d8a7b7a3SRobert Watson #include <sys/file.h> 62d8a7b7a3SRobert Watson #include <sys/socket.h> 63d8a7b7a3SRobert Watson #include <sys/socketvar.h> 64d8a7b7a3SRobert Watson #include <sys/pipe.h> 6536422989SPoul-Henning Kamp #include <sys/sx.h> 66d8a7b7a3SRobert Watson #include <sys/sysctl.h> 67ba53d9c9SRobert Watson #include <sys/msg.h> 68ba53d9c9SRobert Watson #include <sys/sem.h> 69ba53d9c9SRobert Watson #include <sys/shm.h> 70d8a7b7a3SRobert Watson 71d8a7b7a3SRobert Watson #include <fs/devfs/devfs.h> 72d8a7b7a3SRobert Watson 73d8a7b7a3SRobert Watson #include <net/bpfdesc.h> 74d8a7b7a3SRobert Watson #include <net/if.h> 75d8a7b7a3SRobert Watson #include <net/if_types.h> 76d8a7b7a3SRobert Watson #include <net/if_var.h> 77d8a7b7a3SRobert Watson 78d8a7b7a3SRobert Watson #include <netinet/in.h> 79a557af22SRobert Watson #include <netinet/in_pcb.h> 80d8a7b7a3SRobert Watson #include <netinet/ip_var.h> 81d8a7b7a3SRobert Watson 82d8a7b7a3SRobert Watson #include <vm/vm.h> 83d8a7b7a3SRobert Watson 840efd6615SRobert Watson #include <security/mac/mac_policy.h> 85d8a7b7a3SRobert Watson 86d8a7b7a3SRobert Watson SYSCTL_DECL(_security_mac); 87d8a7b7a3SRobert Watson 881c3f91cdSRobert Watson SYSCTL_NODE(_security_mac, OID_AUTO, stub, CTLFLAG_RW, 0, 891c3f91cdSRobert Watson "TrustedBSD mac_stub policy controls"); 90d8a7b7a3SRobert Watson 911c3f91cdSRobert Watson static int stub_enabled = 1; 921c3f91cdSRobert Watson SYSCTL_INT(_security_mac_stub, OID_AUTO, enabled, CTLFLAG_RW, 931c3f91cdSRobert Watson &stub_enabled, 0, "Enforce mac_stub policy"); 94d8a7b7a3SRobert Watson 95d8a7b7a3SRobert Watson /* 96d8a7b7a3SRobert Watson * Policy module operations. 97d8a7b7a3SRobert Watson */ 98d8a7b7a3SRobert Watson static void 991c3f91cdSRobert Watson stub_destroy(struct mac_policy_conf *conf) 100d8a7b7a3SRobert Watson { 101d8a7b7a3SRobert Watson 102d8a7b7a3SRobert Watson } 103d8a7b7a3SRobert Watson 104d8a7b7a3SRobert Watson static void 1051c3f91cdSRobert Watson stub_init(struct mac_policy_conf *conf) 106d8a7b7a3SRobert Watson { 107d8a7b7a3SRobert Watson 108d8a7b7a3SRobert Watson } 109d8a7b7a3SRobert Watson 1108a97ecf6SRobert Watson static int 1111c3f91cdSRobert Watson stub_syscall(struct thread *td, int call, void *arg) 1128a97ecf6SRobert Watson { 1138a97ecf6SRobert Watson 1148a97ecf6SRobert Watson return (0); 1158a97ecf6SRobert Watson } 1168a97ecf6SRobert Watson 117d8a7b7a3SRobert Watson /* 118d8a7b7a3SRobert Watson * Label operations. 119d8a7b7a3SRobert Watson */ 120d8a7b7a3SRobert Watson static void 1211c3f91cdSRobert Watson stub_init_label(struct label *label) 122d8a7b7a3SRobert Watson { 123d8a7b7a3SRobert Watson 124d8a7b7a3SRobert Watson } 125d8a7b7a3SRobert Watson 126d8a7b7a3SRobert Watson static int 1271c3f91cdSRobert Watson stub_init_label_waitcheck(struct label *label, int flag) 128d8a7b7a3SRobert Watson { 129d8a7b7a3SRobert Watson 130d8a7b7a3SRobert Watson return (0); 131d8a7b7a3SRobert Watson } 132d8a7b7a3SRobert Watson 133d8a7b7a3SRobert Watson static void 1341c3f91cdSRobert Watson stub_destroy_label(struct label *label) 135d8a7b7a3SRobert Watson { 136d8a7b7a3SRobert Watson 137d8a7b7a3SRobert Watson } 138d8a7b7a3SRobert Watson 1390196273bSRobert Watson static void 1400196273bSRobert Watson stub_copy_label(struct label *src, struct label *dest) 1410196273bSRobert Watson { 1420196273bSRobert Watson 1430196273bSRobert Watson } 1440196273bSRobert Watson 145d8a7b7a3SRobert Watson static int 1461c3f91cdSRobert Watson stub_externalize_label(struct label *label, char *element_name, 147f51e5803SRobert Watson struct sbuf *sb, int *claimed) 148d8a7b7a3SRobert Watson { 149d8a7b7a3SRobert Watson 150d8a7b7a3SRobert Watson return (0); 151d8a7b7a3SRobert Watson } 152d8a7b7a3SRobert Watson 153d8a7b7a3SRobert Watson static int 1541c3f91cdSRobert Watson stub_internalize_label(struct label *label, char *element_name, 15524e8d0d0SRobert Watson char *element_data, int *claimed) 156d8a7b7a3SRobert Watson { 157d8a7b7a3SRobert Watson 158d8a7b7a3SRobert Watson return (0); 159d8a7b7a3SRobert Watson } 160d8a7b7a3SRobert Watson 161d8a7b7a3SRobert Watson /* 162d8a7b7a3SRobert Watson * Labeling event operations: file system objects, and things that look 163d8a7b7a3SRobert Watson * a lot like file system objects. 164d8a7b7a3SRobert Watson */ 165d8a7b7a3SRobert Watson static void 16678007886SRobert Watson stub_associate_vnode_devfs(struct mount *mp, struct label *mplabel, 167763bbd2fSRobert Watson struct devfs_dirent *de, struct label *delabel, struct vnode *vp, 16878007886SRobert Watson struct label *vplabel) 169763bbd2fSRobert Watson { 170763bbd2fSRobert Watson 171763bbd2fSRobert Watson } 172763bbd2fSRobert Watson 173763bbd2fSRobert Watson static int 17478007886SRobert Watson stub_associate_vnode_extattr(struct mount *mp, struct label *mplabel, 17578007886SRobert Watson struct vnode *vp, struct label *vplabel) 176763bbd2fSRobert Watson { 177763bbd2fSRobert Watson 178763bbd2fSRobert Watson return (0); 179763bbd2fSRobert Watson } 180763bbd2fSRobert Watson 181763bbd2fSRobert Watson static void 1821c3f91cdSRobert Watson stub_associate_vnode_singlelabel(struct mount *mp, 18378007886SRobert Watson struct label *mplabel, struct vnode *vp, struct label *vplabel) 184763bbd2fSRobert Watson { 185763bbd2fSRobert Watson 186763bbd2fSRobert Watson } 187763bbd2fSRobert Watson 188763bbd2fSRobert Watson static void 18917870c06SChristian S.J. Peron stub_associate_nfsd_label(struct ucred *cred) 19017870c06SChristian S.J. Peron { 19117870c06SChristian S.J. Peron 19217870c06SChristian S.J. Peron } 19317870c06SChristian S.J. Peron 19417870c06SChristian S.J. Peron static void 195d26dd2d9SRobert Watson stub_create_devfs_device(struct ucred *cred, struct mount *mp, 19678007886SRobert Watson struct cdev *dev, struct devfs_dirent *de, struct label *delabel) 197eea8ea31SRobert Watson { 198eea8ea31SRobert Watson 199eea8ea31SRobert Watson } 200eea8ea31SRobert Watson 201eea8ea31SRobert Watson static void 2021c3f91cdSRobert Watson stub_create_devfs_directory(struct mount *mp, char *dirname, 20378007886SRobert Watson int dirnamelen, struct devfs_dirent *de, struct label *delabel) 204990b4b2dSRobert Watson { 205990b4b2dSRobert Watson 206990b4b2dSRobert Watson } 207990b4b2dSRobert Watson 208990b4b2dSRobert Watson static void 2091c3f91cdSRobert Watson stub_create_devfs_symlink(struct ucred *cred, struct mount *mp, 210990b4b2dSRobert Watson struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de, 211990b4b2dSRobert Watson struct label *delabel) 212d8a7b7a3SRobert Watson { 213d8a7b7a3SRobert Watson 214d8a7b7a3SRobert Watson } 215d8a7b7a3SRobert Watson 216763bbd2fSRobert Watson static int 2171c3f91cdSRobert Watson stub_create_vnode_extattr(struct ucred *cred, struct mount *mp, 21878007886SRobert Watson struct label *mntlabel, struct vnode *dvp, struct label *dvplabel, 21978007886SRobert Watson struct vnode *vp, struct label *vplabel, struct componentname *cnp) 220d8a7b7a3SRobert Watson { 221d8a7b7a3SRobert Watson 222763bbd2fSRobert Watson return (0); 223d8a7b7a3SRobert Watson } 224d8a7b7a3SRobert Watson 225d8a7b7a3SRobert Watson static void 2261c3f91cdSRobert Watson stub_create_mount(struct ucred *cred, struct mount *mp, 22778007886SRobert Watson struct label *mplabel) 228d8a7b7a3SRobert Watson { 229d8a7b7a3SRobert Watson 230d8a7b7a3SRobert Watson } 231d8a7b7a3SRobert Watson 232d8a7b7a3SRobert Watson static void 2331c3f91cdSRobert Watson stub_relabel_vnode(struct ucred *cred, struct vnode *vp, 23478007886SRobert Watson struct label *vplabel, struct label *label) 235d8a7b7a3SRobert Watson { 236d8a7b7a3SRobert Watson 237d8a7b7a3SRobert Watson } 238d8a7b7a3SRobert Watson 239d8a7b7a3SRobert Watson static int 2401c3f91cdSRobert Watson stub_setlabel_vnode_extattr(struct ucred *cred, struct vnode *vp, 24178007886SRobert Watson struct label *vplabel, struct label *intlabel) 242d8a7b7a3SRobert Watson { 243d8a7b7a3SRobert Watson 244d8a7b7a3SRobert Watson return (0); 245d8a7b7a3SRobert Watson } 246d8a7b7a3SRobert Watson 247d8a7b7a3SRobert Watson static void 24878007886SRobert Watson stub_update_devfsdirent(struct mount *mp, struct devfs_dirent *de, 24978007886SRobert Watson struct label *delabel, struct vnode *vp, struct label *vplabel) 250d8a7b7a3SRobert Watson { 251d8a7b7a3SRobert Watson 252d8a7b7a3SRobert Watson } 253d8a7b7a3SRobert Watson 254d8a7b7a3SRobert Watson /* 255d8a7b7a3SRobert Watson * Labeling event operations: IPC object. 256d8a7b7a3SRobert Watson */ 257d8a7b7a3SRobert Watson static void 25878007886SRobert Watson stub_create_mbuf_from_socket(struct socket *so, struct label *solabel, 25978007886SRobert Watson struct mbuf *m, struct label *mlabel) 260d8a7b7a3SRobert Watson { 261d8a7b7a3SRobert Watson 262d8a7b7a3SRobert Watson } 263d8a7b7a3SRobert Watson 264d8a7b7a3SRobert Watson static void 26578007886SRobert Watson stub_create_socket(struct ucred *cred, struct socket *so, 26678007886SRobert Watson struct label *solabel) 267d8a7b7a3SRobert Watson { 268d8a7b7a3SRobert Watson 269d8a7b7a3SRobert Watson } 270d8a7b7a3SRobert Watson 271d8a7b7a3SRobert Watson static void 27291c2dc94SRobert Watson stub_create_pipe(struct ucred *cred, struct pipepair *pp, 27378007886SRobert Watson struct label *pplabel) 274d8a7b7a3SRobert Watson { 275d8a7b7a3SRobert Watson 276d8a7b7a3SRobert Watson } 277d8a7b7a3SRobert Watson 278d8a7b7a3SRobert Watson static void 27952648411SRobert Watson stub_create_posix_sem(struct ucred *cred, struct ksem *ksemptr, 28052648411SRobert Watson struct label *ks_label) 28152648411SRobert Watson { 28252648411SRobert Watson 28352648411SRobert Watson } 28452648411SRobert Watson 28552648411SRobert Watson static void 28678007886SRobert Watson stub_create_socket_from_socket(struct socket *oldso, 28778007886SRobert Watson struct label *oldsolabel, struct socket *newso, struct label *newsolabel) 288d8a7b7a3SRobert Watson { 289d8a7b7a3SRobert Watson 290d8a7b7a3SRobert Watson } 291d8a7b7a3SRobert Watson 292d8a7b7a3SRobert Watson static void 29378007886SRobert Watson stub_relabel_socket(struct ucred *cred, struct socket *so, 29478007886SRobert Watson struct label *solabel, struct label *newlabel) 295d8a7b7a3SRobert Watson { 296d8a7b7a3SRobert Watson 297d8a7b7a3SRobert Watson } 298d8a7b7a3SRobert Watson 299d8a7b7a3SRobert Watson static void 30091c2dc94SRobert Watson stub_relabel_pipe(struct ucred *cred, struct pipepair *pp, 30178007886SRobert Watson struct label *pplabel, struct label *newlabel) 302d8a7b7a3SRobert Watson { 303d8a7b7a3SRobert Watson 304d8a7b7a3SRobert Watson } 305d8a7b7a3SRobert Watson 306d8a7b7a3SRobert Watson static void 30778007886SRobert Watson stub_set_socket_peer_from_mbuf(struct mbuf *m, struct label *mlabel, 30878007886SRobert Watson struct socket *so, struct label *sopeerlabel) 309d8a7b7a3SRobert Watson { 310d8a7b7a3SRobert Watson 311d8a7b7a3SRobert Watson } 312d8a7b7a3SRobert Watson 313d8a7b7a3SRobert Watson static void 31478007886SRobert Watson stub_set_socket_peer_from_socket(struct socket *oldso, 31578007886SRobert Watson struct label *oldsolabel, struct socket *newso, 31678007886SRobert Watson struct label *newsopeerlabel) 317d8a7b7a3SRobert Watson { 318d8a7b7a3SRobert Watson 319d8a7b7a3SRobert Watson } 320d8a7b7a3SRobert Watson 321d8a7b7a3SRobert Watson /* 322d8a7b7a3SRobert Watson * Labeling event operations: network objects. 323d8a7b7a3SRobert Watson */ 324d8a7b7a3SRobert Watson static void 32578007886SRobert Watson stub_create_bpfdesc(struct ucred *cred, struct bpf_d *d, 32678007886SRobert Watson struct label *dlabel) 327d8a7b7a3SRobert Watson { 328d8a7b7a3SRobert Watson 329d8a7b7a3SRobert Watson } 330d8a7b7a3SRobert Watson 331d8a7b7a3SRobert Watson static void 3321c3f91cdSRobert Watson stub_create_datagram_from_ipq(struct ipq *ipq, struct label *ipqlabel, 33378007886SRobert Watson struct mbuf *m, struct label *mlabel) 334d8a7b7a3SRobert Watson { 335d8a7b7a3SRobert Watson 336d8a7b7a3SRobert Watson } 337d8a7b7a3SRobert Watson 338d8a7b7a3SRobert Watson static void 33978007886SRobert Watson stub_create_fragment(struct mbuf *m, struct label *mlabel, struct mbuf *frag, 34078007886SRobert Watson struct label *fraglabel) 341d8a7b7a3SRobert Watson { 342d8a7b7a3SRobert Watson 343d8a7b7a3SRobert Watson } 344d8a7b7a3SRobert Watson 345d8a7b7a3SRobert Watson static void 34678007886SRobert Watson stub_create_ifnet(struct ifnet *ifp, struct label *ifplabel) 347d8a7b7a3SRobert Watson { 348d8a7b7a3SRobert Watson 349d8a7b7a3SRobert Watson } 350d8a7b7a3SRobert Watson 351d8a7b7a3SRobert Watson static void 352a557af22SRobert Watson stub_create_inpcb_from_socket(struct socket *so, struct label *solabel, 353a557af22SRobert Watson struct inpcb *inp, struct label *inplabel) 354a557af22SRobert Watson { 355a557af22SRobert Watson 356a557af22SRobert Watson } 357a557af22SRobert Watson 358a557af22SRobert Watson static void 35917870c06SChristian S.J. Peron stub_init_syncache_from_inpcb(struct label *label, struct inpcb *inp) 36017870c06SChristian S.J. Peron { 36117870c06SChristian S.J. Peron 36217870c06SChristian S.J. Peron } 36317870c06SChristian S.J. Peron 36417870c06SChristian S.J. Peron static void 365ba53d9c9SRobert Watson stub_create_sysv_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr, 366ba53d9c9SRobert Watson struct label *msqlabel, struct msg *msgptr, struct label *msglabel) 367ba53d9c9SRobert Watson { 368ba53d9c9SRobert Watson 369ba53d9c9SRobert Watson } 370ba53d9c9SRobert Watson 371ba53d9c9SRobert Watson static void 372ba53d9c9SRobert Watson stub_create_sysv_msgqueue(struct ucred *cred, struct msqid_kernel *msqkptr, 373ba53d9c9SRobert Watson struct label *msqlabel) 374ba53d9c9SRobert Watson { 375ba53d9c9SRobert Watson 376ba53d9c9SRobert Watson } 377ba53d9c9SRobert Watson 378ba53d9c9SRobert Watson static void 3793831e7d7SRobert Watson stub_create_sysv_sem(struct ucred *cred, struct semid_kernel *semakptr, 380ba53d9c9SRobert Watson struct label *semalabel) 381ba53d9c9SRobert Watson { 382ba53d9c9SRobert Watson 383ba53d9c9SRobert Watson } 384ba53d9c9SRobert Watson 385ba53d9c9SRobert Watson static void 386ba53d9c9SRobert Watson stub_create_sysv_shm(struct ucred *cred, struct shmid_kernel *shmsegptr, 387ba53d9c9SRobert Watson struct label *shmalabel) 388ba53d9c9SRobert Watson { 389ba53d9c9SRobert Watson 390ba53d9c9SRobert Watson } 391ba53d9c9SRobert Watson 392ba53d9c9SRobert Watson static void 39378007886SRobert Watson stub_create_ipq(struct mbuf *m, struct label *mlabel, struct ipq *ipq, 39478007886SRobert Watson struct label *ipqlabel) 395d8a7b7a3SRobert Watson { 396d8a7b7a3SRobert Watson 397d8a7b7a3SRobert Watson } 398d8a7b7a3SRobert Watson 399d8a7b7a3SRobert Watson static void 4002d92ec98SRobert Watson stub_create_mbuf_from_inpcb(struct inpcb *inp, struct label *inplabel, 4012d92ec98SRobert Watson struct mbuf *m, struct label *mlabel) 4022d92ec98SRobert Watson { 4032d92ec98SRobert Watson 4042d92ec98SRobert Watson } 4052d92ec98SRobert Watson 4062d92ec98SRobert Watson static void 40717870c06SChristian S.J. Peron stub_create_mbuf_from_syncache(struct label *sc_label, struct mbuf *m, 40878007886SRobert Watson struct label *mlabel) 40917870c06SChristian S.J. Peron { 41017870c06SChristian S.J. Peron 41117870c06SChristian S.J. Peron } 41217870c06SChristian S.J. Peron 41317870c06SChristian S.J. Peron static void 4141c3f91cdSRobert Watson stub_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel, 41578007886SRobert Watson struct mbuf *m, struct label *mlabel) 416d8a7b7a3SRobert Watson { 417d8a7b7a3SRobert Watson 418d8a7b7a3SRobert Watson } 419d8a7b7a3SRobert Watson 420d8a7b7a3SRobert Watson static void 42178007886SRobert Watson stub_create_mbuf_from_bpfdesc(struct bpf_d *d, struct label *dlabel, 42278007886SRobert Watson struct mbuf *m, struct label *mlabel) 423d8a7b7a3SRobert Watson { 424d8a7b7a3SRobert Watson 425d8a7b7a3SRobert Watson } 426d8a7b7a3SRobert Watson 427d8a7b7a3SRobert Watson static void 42878007886SRobert Watson stub_create_mbuf_from_ifnet(struct ifnet *ifp, struct label *ifplabel, 42978007886SRobert Watson struct mbuf *m, struct label *mlabel) 430d8a7b7a3SRobert Watson { 431d8a7b7a3SRobert Watson 432d8a7b7a3SRobert Watson } 433d8a7b7a3SRobert Watson 434d8a7b7a3SRobert Watson static void 43578007886SRobert Watson stub_create_mbuf_multicast_encap(struct mbuf *m, struct label *mlabel, 43678007886SRobert Watson struct ifnet *ifp, struct label *ifplabel, struct mbuf *mnew, 43778007886SRobert Watson struct label *mnewlabel) 438d8a7b7a3SRobert Watson { 439d8a7b7a3SRobert Watson 440d8a7b7a3SRobert Watson } 441d8a7b7a3SRobert Watson 442d8a7b7a3SRobert Watson static void 44378007886SRobert Watson stub_create_mbuf_netlayer(struct mbuf *m, struct label *mlabel, 44478007886SRobert Watson struct mbuf *mnew, struct label *mnewlabel) 445d8a7b7a3SRobert Watson { 446d8a7b7a3SRobert Watson 447d8a7b7a3SRobert Watson } 448d8a7b7a3SRobert Watson 44917870c06SChristian S.J. Peron static void 45078007886SRobert Watson stub_create_mbuf_from_firewall(struct mbuf *m, struct label *mlabel) 45117870c06SChristian S.J. Peron { 45217870c06SChristian S.J. Peron 45317870c06SChristian S.J. Peron } 45417870c06SChristian S.J. Peron 455d8a7b7a3SRobert Watson static int 45678007886SRobert Watson stub_fragment_match(struct mbuf *m, struct label *mlabel, struct ipq *ipq, 45778007886SRobert Watson struct label *ipqlabel) 458d8a7b7a3SRobert Watson { 459d8a7b7a3SRobert Watson 460d8a7b7a3SRobert Watson return (1); 461d8a7b7a3SRobert Watson } 462d8a7b7a3SRobert Watson 463d8a7b7a3SRobert Watson static void 46464f00af8SRobert Watson stub_reflect_mbuf_icmp(struct mbuf *m, struct label *mlabel) 46564f00af8SRobert Watson { 46664f00af8SRobert Watson 46764f00af8SRobert Watson } 46864f00af8SRobert Watson 46964f00af8SRobert Watson static void 47064f00af8SRobert Watson stub_reflect_mbuf_tcp(struct mbuf *m, struct label *mlabel) 47164f00af8SRobert Watson { 47264f00af8SRobert Watson 47364f00af8SRobert Watson } 47464f00af8SRobert Watson 47564f00af8SRobert Watson static void 47678007886SRobert Watson stub_relabel_ifnet(struct ucred *cred, struct ifnet *ifp, 47778007886SRobert Watson struct label *ifplabel, struct label *newlabel) 478d8a7b7a3SRobert Watson { 479d8a7b7a3SRobert Watson 480d8a7b7a3SRobert Watson } 481d8a7b7a3SRobert Watson 482d8a7b7a3SRobert Watson static void 48378007886SRobert Watson stub_update_ipq(struct mbuf *m, struct label *mlabel, struct ipq *ipq, 48478007886SRobert Watson struct label *ipqlabel) 485d8a7b7a3SRobert Watson { 486d8a7b7a3SRobert Watson 487d8a7b7a3SRobert Watson } 488d8a7b7a3SRobert Watson 489a557af22SRobert Watson static void 490a557af22SRobert Watson stub_inpcb_sosetlabel(struct socket *so, struct label *solabel, 491a557af22SRobert Watson struct inpcb *inp, struct label *inplabel) 492a557af22SRobert Watson { 493a557af22SRobert Watson 494a557af22SRobert Watson } 495a557af22SRobert Watson 496d8a7b7a3SRobert Watson /* 497d8a7b7a3SRobert Watson * Labeling event operations: processes. 498d8a7b7a3SRobert Watson */ 499d8a7b7a3SRobert Watson static void 5001c3f91cdSRobert Watson stub_execve_transition(struct ucred *old, struct ucred *new, 50178007886SRobert Watson struct vnode *vp, struct label *vplabel, struct label *interpvnodelabel, 50278007886SRobert Watson struct image_params *imgp, struct label *execlabel) 503d8a7b7a3SRobert Watson { 504d8a7b7a3SRobert Watson 505d8a7b7a3SRobert Watson } 506d8a7b7a3SRobert Watson 507d8a7b7a3SRobert Watson static int 5081c3f91cdSRobert Watson stub_execve_will_transition(struct ucred *old, struct vnode *vp, 50978007886SRobert Watson struct label *vplabel, struct label *interpvnodelabel, 510ef5def59SRobert Watson struct image_params *imgp, struct label *execlabel) 511d8a7b7a3SRobert Watson { 512d8a7b7a3SRobert Watson 513d8a7b7a3SRobert Watson return (0); 514d8a7b7a3SRobert Watson } 515d8a7b7a3SRobert Watson 516d8a7b7a3SRobert Watson static void 5171c3f91cdSRobert Watson stub_create_proc0(struct ucred *cred) 518d8a7b7a3SRobert Watson { 519d8a7b7a3SRobert Watson 520d8a7b7a3SRobert Watson } 521d8a7b7a3SRobert Watson 522d8a7b7a3SRobert Watson static void 5231c3f91cdSRobert Watson stub_create_proc1(struct ucred *cred) 524d8a7b7a3SRobert Watson { 525d8a7b7a3SRobert Watson 526d8a7b7a3SRobert Watson } 527d8a7b7a3SRobert Watson 528d8a7b7a3SRobert Watson static void 5291c3f91cdSRobert Watson stub_relabel_cred(struct ucred *cred, struct label *newlabel) 530d8a7b7a3SRobert Watson { 531d8a7b7a3SRobert Watson 532d8a7b7a3SRobert Watson } 533d8a7b7a3SRobert Watson 53409de2dc2SRobert Watson static void 5351c3f91cdSRobert Watson stub_thread_userret(struct thread *td) 53609de2dc2SRobert Watson { 53709de2dc2SRobert Watson 53809de2dc2SRobert Watson } 53909de2dc2SRobert Watson 540d8a7b7a3SRobert Watson /* 541ba53d9c9SRobert Watson * Label cleanup/flush operations 542ba53d9c9SRobert Watson */ 543ba53d9c9SRobert Watson static void 544ba53d9c9SRobert Watson stub_cleanup_sysv_msgmsg(struct label *msglabel) 545ba53d9c9SRobert Watson { 546ba53d9c9SRobert Watson 547ba53d9c9SRobert Watson } 548ba53d9c9SRobert Watson 549ba53d9c9SRobert Watson static void 550ba53d9c9SRobert Watson stub_cleanup_sysv_msgqueue(struct label *msqlabel) 551ba53d9c9SRobert Watson { 552ba53d9c9SRobert Watson 553ba53d9c9SRobert Watson } 554ba53d9c9SRobert Watson 555ba53d9c9SRobert Watson static void 5563831e7d7SRobert Watson stub_cleanup_sysv_sem(struct label *semalabel) 557ba53d9c9SRobert Watson { 558ba53d9c9SRobert Watson 559ba53d9c9SRobert Watson } 560ba53d9c9SRobert Watson 561ba53d9c9SRobert Watson static void 562ba53d9c9SRobert Watson stub_cleanup_sysv_shm(struct label *shmlabel) 563ba53d9c9SRobert Watson { 564ba53d9c9SRobert Watson 565ba53d9c9SRobert Watson } 566ba53d9c9SRobert Watson 567ba53d9c9SRobert Watson /* 568d8a7b7a3SRobert Watson * Access control checks. 569d8a7b7a3SRobert Watson */ 570d8a7b7a3SRobert Watson static int 57178007886SRobert Watson stub_check_bpfdesc_receive(struct bpf_d *d, struct label *dlabel, 57278007886SRobert Watson struct ifnet *ifp, struct label *ifplabel) 573d8a7b7a3SRobert Watson { 574d8a7b7a3SRobert Watson 575d8a7b7a3SRobert Watson return (0); 576d8a7b7a3SRobert Watson } 577d8a7b7a3SRobert Watson 578d8a7b7a3SRobert Watson static int 5791c3f91cdSRobert Watson stub_check_cred_relabel(struct ucred *cred, struct label *newlabel) 580d8a7b7a3SRobert Watson { 581d8a7b7a3SRobert Watson 582d8a7b7a3SRobert Watson return (0); 583d8a7b7a3SRobert Watson } 584d8a7b7a3SRobert Watson 585d8a7b7a3SRobert Watson static int 58678007886SRobert Watson stub_check_cred_visible(struct ucred *cr1, struct ucred *cr2) 587d8a7b7a3SRobert Watson { 588d8a7b7a3SRobert Watson 589d8a7b7a3SRobert Watson return (0); 590d8a7b7a3SRobert Watson } 591d8a7b7a3SRobert Watson 592d8a7b7a3SRobert Watson static int 59378007886SRobert Watson stub_check_ifnet_relabel(struct ucred *cred, struct ifnet *ifp, 59478007886SRobert Watson struct label *ifplabel, struct label *newlabel) 595d8a7b7a3SRobert Watson { 596d8a7b7a3SRobert Watson 597d8a7b7a3SRobert Watson return (0); 598d8a7b7a3SRobert Watson } 599d8a7b7a3SRobert Watson 600d8a7b7a3SRobert Watson static int 60178007886SRobert Watson stub_check_ifnet_transmit(struct ifnet *ifp, struct label *ifplabel, 60278007886SRobert Watson struct mbuf *m, struct label *mlabel) 603d8a7b7a3SRobert Watson { 604d8a7b7a3SRobert Watson 605d8a7b7a3SRobert Watson return (0); 606d8a7b7a3SRobert Watson } 607d8a7b7a3SRobert Watson 608d8a7b7a3SRobert Watson static int 609a557af22SRobert Watson stub_check_inpcb_deliver(struct inpcb *inp, struct label *inplabel, 610a557af22SRobert Watson struct mbuf *m, struct label *mlabel) 611a557af22SRobert Watson { 612a557af22SRobert Watson 613a557af22SRobert Watson return (0); 614a557af22SRobert Watson } 615a557af22SRobert Watson 616a557af22SRobert Watson static int 617ba53d9c9SRobert Watson stub_check_sysv_msgmsq(struct ucred *cred, struct msg *msgptr, 618ba53d9c9SRobert Watson struct label *msglabel, struct msqid_kernel *msqkptr, 619ba53d9c9SRobert Watson struct label *msqklabel) 620ba53d9c9SRobert Watson { 621ba53d9c9SRobert Watson 622ba53d9c9SRobert Watson return (0); 623ba53d9c9SRobert Watson } 624ba53d9c9SRobert Watson 625ba53d9c9SRobert Watson static int 626ba53d9c9SRobert Watson stub_check_sysv_msgrcv(struct ucred *cred, struct msg *msgptr, 627ba53d9c9SRobert Watson struct label *msglabel) 628ba53d9c9SRobert Watson { 629ba53d9c9SRobert Watson 630ba53d9c9SRobert Watson return (0); 631ba53d9c9SRobert Watson } 632ba53d9c9SRobert Watson 633ba53d9c9SRobert Watson 634ba53d9c9SRobert Watson static int 635ba53d9c9SRobert Watson stub_check_sysv_msgrmid(struct ucred *cred, struct msg *msgptr, 636ba53d9c9SRobert Watson struct label *msglabel) 637ba53d9c9SRobert Watson { 638ba53d9c9SRobert Watson 639ba53d9c9SRobert Watson return (0); 640ba53d9c9SRobert Watson } 641ba53d9c9SRobert Watson 642ba53d9c9SRobert Watson 643ba53d9c9SRobert Watson static int 644ba53d9c9SRobert Watson stub_check_sysv_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, 645ba53d9c9SRobert Watson struct label *msqklabel) 646ba53d9c9SRobert Watson { 647ba53d9c9SRobert Watson 648ba53d9c9SRobert Watson return (0); 649ba53d9c9SRobert Watson } 650ba53d9c9SRobert Watson 651ba53d9c9SRobert Watson 652ba53d9c9SRobert Watson static int 653ba53d9c9SRobert Watson stub_check_sysv_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, 654ba53d9c9SRobert Watson struct label *msqklabel) 655ba53d9c9SRobert Watson { 656ba53d9c9SRobert Watson 657ba53d9c9SRobert Watson return (0); 658ba53d9c9SRobert Watson } 659ba53d9c9SRobert Watson 660ba53d9c9SRobert Watson static int 661ba53d9c9SRobert Watson stub_check_sysv_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, 662ba53d9c9SRobert Watson struct label *msqklabel) 663ba53d9c9SRobert Watson { 664ba53d9c9SRobert Watson 665ba53d9c9SRobert Watson return (0); 666ba53d9c9SRobert Watson } 667ba53d9c9SRobert Watson 668ba53d9c9SRobert Watson 669ba53d9c9SRobert Watson static int 670ba53d9c9SRobert Watson stub_check_sysv_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, 671ba53d9c9SRobert Watson struct label *msqklabel, int cmd) 672ba53d9c9SRobert Watson { 673ba53d9c9SRobert Watson 674ba53d9c9SRobert Watson return (0); 675ba53d9c9SRobert Watson } 676ba53d9c9SRobert Watson 677ba53d9c9SRobert Watson 678ba53d9c9SRobert Watson static int 679ba53d9c9SRobert Watson stub_check_sysv_semctl(struct ucred *cred, struct semid_kernel *semakptr, 680ba53d9c9SRobert Watson struct label *semaklabel, int cmd) 681ba53d9c9SRobert Watson { 682ba53d9c9SRobert Watson 683ba53d9c9SRobert Watson return (0); 684ba53d9c9SRobert Watson } 685ba53d9c9SRobert Watson 686ba53d9c9SRobert Watson static int 687ba53d9c9SRobert Watson stub_check_sysv_semget(struct ucred *cred, struct semid_kernel *semakptr, 688ba53d9c9SRobert Watson struct label *semaklabel) 689ba53d9c9SRobert Watson { 690ba53d9c9SRobert Watson 691ba53d9c9SRobert Watson return (0); 692ba53d9c9SRobert Watson } 693ba53d9c9SRobert Watson 694ba53d9c9SRobert Watson 695ba53d9c9SRobert Watson static int 696ba53d9c9SRobert Watson stub_check_sysv_semop(struct ucred *cred, struct semid_kernel *semakptr, 697ba53d9c9SRobert Watson struct label *semaklabel, size_t accesstype) 698ba53d9c9SRobert Watson { 699ba53d9c9SRobert Watson 700ba53d9c9SRobert Watson return (0); 701ba53d9c9SRobert Watson } 702ba53d9c9SRobert Watson 703ba53d9c9SRobert Watson static int 704ba53d9c9SRobert Watson stub_check_sysv_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr, 705ba53d9c9SRobert Watson struct label *shmseglabel, int shmflg) 706ba53d9c9SRobert Watson { 707ba53d9c9SRobert Watson 708ba53d9c9SRobert Watson return (0); 709ba53d9c9SRobert Watson } 710ba53d9c9SRobert Watson 711ba53d9c9SRobert Watson static int 712ba53d9c9SRobert Watson stub_check_sysv_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr, 713ba53d9c9SRobert Watson struct label *shmseglabel, int cmd) 714ba53d9c9SRobert Watson { 715ba53d9c9SRobert Watson 716ba53d9c9SRobert Watson return (0); 717ba53d9c9SRobert Watson } 718ba53d9c9SRobert Watson 719ba53d9c9SRobert Watson static int 720ba53d9c9SRobert Watson stub_check_sysv_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr, 721ba53d9c9SRobert Watson struct label *shmseglabel) 722ba53d9c9SRobert Watson { 723ba53d9c9SRobert Watson 724ba53d9c9SRobert Watson return (0); 725ba53d9c9SRobert Watson } 726ba53d9c9SRobert Watson 727ba53d9c9SRobert Watson 728ba53d9c9SRobert Watson static int 729ba53d9c9SRobert Watson stub_check_sysv_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr, 730ba53d9c9SRobert Watson struct label *shmseglabel, int shmflg) 731ba53d9c9SRobert Watson { 732ba53d9c9SRobert Watson 733ba53d9c9SRobert Watson return (0); 734ba53d9c9SRobert Watson } 735ba53d9c9SRobert Watson 736ba53d9c9SRobert Watson static int 7371c3f91cdSRobert Watson stub_check_kenv_dump(struct ucred *cred) 73809de2dc2SRobert Watson { 73909de2dc2SRobert Watson 74009de2dc2SRobert Watson return (0); 74109de2dc2SRobert Watson } 74209de2dc2SRobert Watson 74309de2dc2SRobert Watson static int 7441c3f91cdSRobert Watson stub_check_kenv_get(struct ucred *cred, char *name) 74509de2dc2SRobert Watson { 74609de2dc2SRobert Watson 74709de2dc2SRobert Watson return (0); 74809de2dc2SRobert Watson } 74909de2dc2SRobert Watson 75009de2dc2SRobert Watson static int 7511c3f91cdSRobert Watson stub_check_kenv_set(struct ucred *cred, char *name, char *value) 75209de2dc2SRobert Watson { 75309de2dc2SRobert Watson 75409de2dc2SRobert Watson return (0); 75509de2dc2SRobert Watson } 75609de2dc2SRobert Watson 75709de2dc2SRobert Watson static int 7581c3f91cdSRobert Watson stub_check_kenv_unset(struct ucred *cred, char *name) 75909de2dc2SRobert Watson { 76009de2dc2SRobert Watson 76109de2dc2SRobert Watson return (0); 76209de2dc2SRobert Watson } 76309de2dc2SRobert Watson 76409de2dc2SRobert Watson static int 7651c3f91cdSRobert Watson stub_check_kld_load(struct ucred *cred, struct vnode *vp, 76678007886SRobert Watson struct label *vplabel) 76709de2dc2SRobert Watson { 76809de2dc2SRobert Watson 76909de2dc2SRobert Watson return (0); 77009de2dc2SRobert Watson } 77109de2dc2SRobert Watson 77209de2dc2SRobert Watson static int 7731c3f91cdSRobert Watson stub_check_kld_stat(struct ucred *cred) 77409de2dc2SRobert Watson { 77509de2dc2SRobert Watson 77609de2dc2SRobert Watson return (0); 77709de2dc2SRobert Watson } 77809de2dc2SRobert Watson 77909de2dc2SRobert Watson static int 7801c3f91cdSRobert Watson stub_check_mount_stat(struct ucred *cred, struct mount *mp, 78178007886SRobert Watson struct label *mplabel) 782d8a7b7a3SRobert Watson { 783d8a7b7a3SRobert Watson 784d8a7b7a3SRobert Watson return (0); 785d8a7b7a3SRobert Watson } 786d8a7b7a3SRobert Watson 787d8a7b7a3SRobert Watson static int 78891c2dc94SRobert Watson stub_check_pipe_ioctl(struct ucred *cred, struct pipepair *pp, 78978007886SRobert Watson struct label *pplabel, unsigned long cmd, void /* caddr_t */ *data) 790d8a7b7a3SRobert Watson { 791d8a7b7a3SRobert Watson 792d8a7b7a3SRobert Watson return (0); 793d8a7b7a3SRobert Watson } 794d8a7b7a3SRobert Watson 795d8a7b7a3SRobert Watson static int 79691c2dc94SRobert Watson stub_check_pipe_poll(struct ucred *cred, struct pipepair *pp, 79778007886SRobert Watson struct label *pplabel) 798c024c3eeSRobert Watson { 799c024c3eeSRobert Watson 800c024c3eeSRobert Watson return (0); 801c024c3eeSRobert Watson } 802c024c3eeSRobert Watson 803c024c3eeSRobert Watson static int 80491c2dc94SRobert Watson stub_check_pipe_read(struct ucred *cred, struct pipepair *pp, 80578007886SRobert Watson struct label *pplabel) 806d8a7b7a3SRobert Watson { 807d8a7b7a3SRobert Watson 808d8a7b7a3SRobert Watson return (0); 809d8a7b7a3SRobert Watson } 810d8a7b7a3SRobert Watson 811d8a7b7a3SRobert Watson static int 81291c2dc94SRobert Watson stub_check_pipe_relabel(struct ucred *cred, struct pipepair *pp, 81378007886SRobert Watson struct label *pplabel, struct label *newlabel) 814d8a7b7a3SRobert Watson { 815d8a7b7a3SRobert Watson 816d8a7b7a3SRobert Watson return (0); 817d8a7b7a3SRobert Watson } 818d8a7b7a3SRobert Watson 819d8a7b7a3SRobert Watson static int 82091c2dc94SRobert Watson stub_check_pipe_stat(struct ucred *cred, struct pipepair *pp, 82178007886SRobert Watson struct label *pplabel) 822c024c3eeSRobert Watson { 823c024c3eeSRobert Watson 824c024c3eeSRobert Watson return (0); 825c024c3eeSRobert Watson } 826c024c3eeSRobert Watson 827c024c3eeSRobert Watson static int 82891c2dc94SRobert Watson stub_check_pipe_write(struct ucred *cred, struct pipepair *pp, 82978007886SRobert Watson struct label *pplabel) 830c024c3eeSRobert Watson { 831c024c3eeSRobert Watson 832c024c3eeSRobert Watson return (0); 833c024c3eeSRobert Watson } 834c024c3eeSRobert Watson 835c024c3eeSRobert Watson static int 83652648411SRobert Watson stub_check_posix_sem_destroy(struct ucred *cred, struct ksem *ksemptr, 83752648411SRobert Watson struct label *ks_label) 83852648411SRobert Watson { 83952648411SRobert Watson 84052648411SRobert Watson return (0); 84152648411SRobert Watson } 84252648411SRobert Watson 84352648411SRobert Watson static int 84452648411SRobert Watson stub_check_posix_sem_getvalue(struct ucred *cred, struct ksem *ksemptr, 84552648411SRobert Watson struct label *ks_label) 84652648411SRobert Watson { 84752648411SRobert Watson 84852648411SRobert Watson return (0); 84952648411SRobert Watson } 85052648411SRobert Watson 85152648411SRobert Watson static int 85252648411SRobert Watson stub_check_posix_sem_open(struct ucred *cred, struct ksem *ksemptr, 85352648411SRobert Watson struct label *ks_label) 85452648411SRobert Watson { 85552648411SRobert Watson 85652648411SRobert Watson return (0); 85752648411SRobert Watson } 85852648411SRobert Watson 85952648411SRobert Watson static int 86052648411SRobert Watson stub_check_posix_sem_post(struct ucred *cred, struct ksem *ksemptr, 86152648411SRobert Watson struct label *ks_label) 86252648411SRobert Watson { 86352648411SRobert Watson 86452648411SRobert Watson return (0); 86552648411SRobert Watson } 86652648411SRobert Watson 86752648411SRobert Watson static int 86852648411SRobert Watson stub_check_posix_sem_unlink(struct ucred *cred, struct ksem *ksemptr, 86952648411SRobert Watson struct label *ks_label) 87052648411SRobert Watson { 87152648411SRobert Watson 87252648411SRobert Watson return (0); 87352648411SRobert Watson } 87452648411SRobert Watson 87552648411SRobert Watson static int 87652648411SRobert Watson stub_check_posix_sem_wait(struct ucred *cred, struct ksem *ksemptr, 87752648411SRobert Watson struct label *ks_label) 87852648411SRobert Watson { 87952648411SRobert Watson 88052648411SRobert Watson return (0); 88152648411SRobert Watson } 88252648411SRobert Watson 88352648411SRobert Watson static int 88478007886SRobert Watson stub_check_proc_debug(struct ucred *cred, struct proc *p) 885d8a7b7a3SRobert Watson { 886d8a7b7a3SRobert Watson 887d8a7b7a3SRobert Watson return (0); 888d8a7b7a3SRobert Watson } 889d8a7b7a3SRobert Watson 890d8a7b7a3SRobert Watson static int 89178007886SRobert Watson stub_check_proc_sched(struct ucred *cred, struct proc *p) 892d8a7b7a3SRobert Watson { 893d8a7b7a3SRobert Watson 894d8a7b7a3SRobert Watson return (0); 895d8a7b7a3SRobert Watson } 896d8a7b7a3SRobert Watson 897d8a7b7a3SRobert Watson static int 89878007886SRobert Watson stub_check_proc_signal(struct ucred *cred, struct proc *p, int signum) 899d8a7b7a3SRobert Watson { 900d8a7b7a3SRobert Watson 901d8a7b7a3SRobert Watson return (0); 902d8a7b7a3SRobert Watson } 903d8a7b7a3SRobert Watson 904d8a7b7a3SRobert Watson static int 90578007886SRobert Watson stub_check_proc_wait(struct ucred *cred, struct proc *p) 906babe9a2bSRobert Watson { 907babe9a2bSRobert Watson 908babe9a2bSRobert Watson return (0); 909babe9a2bSRobert Watson } 910babe9a2bSRobert Watson 911babe9a2bSRobert Watson static int 91218717f69SRobert Watson stub_check_proc_setaudit(struct ucred *cred, struct auditinfo *ai) 91318717f69SRobert Watson { 91418717f69SRobert Watson 91518717f69SRobert Watson return (0); 91618717f69SRobert Watson } 91718717f69SRobert Watson 91818717f69SRobert Watson static int 91918717f69SRobert Watson stub_check_proc_setauid(struct ucred *cred, uid_t auid) 92018717f69SRobert Watson { 92118717f69SRobert Watson 92218717f69SRobert Watson return (0); 92318717f69SRobert Watson } 92418717f69SRobert Watson 92518717f69SRobert Watson static int 926030a28b3SRobert Watson stub_check_proc_setuid(struct ucred *cred, uid_t uid) 927030a28b3SRobert Watson { 928030a28b3SRobert Watson 929030a28b3SRobert Watson return (0); 930030a28b3SRobert Watson } 931030a28b3SRobert Watson 932030a28b3SRobert Watson static int 933030a28b3SRobert Watson stub_check_proc_seteuid(struct ucred *cred, uid_t euid) 934030a28b3SRobert Watson { 935030a28b3SRobert Watson 936030a28b3SRobert Watson return (0); 937030a28b3SRobert Watson } 938030a28b3SRobert Watson 939030a28b3SRobert Watson static int 940030a28b3SRobert Watson stub_check_proc_setgid(struct ucred *cred, gid_t gid) 941030a28b3SRobert Watson { 942030a28b3SRobert Watson 943030a28b3SRobert Watson return (0); 944030a28b3SRobert Watson } 945030a28b3SRobert Watson 946030a28b3SRobert Watson static int 947030a28b3SRobert Watson stub_check_proc_setegid(struct ucred *cred, gid_t egid) 948030a28b3SRobert Watson { 949030a28b3SRobert Watson 950030a28b3SRobert Watson return (0); 951030a28b3SRobert Watson } 952030a28b3SRobert Watson 953030a28b3SRobert Watson static int 954030a28b3SRobert Watson stub_check_proc_setgroups(struct ucred *cred, int ngroups, 955030a28b3SRobert Watson gid_t *gidset) 956030a28b3SRobert Watson { 957030a28b3SRobert Watson 958030a28b3SRobert Watson return (0); 959030a28b3SRobert Watson } 960030a28b3SRobert Watson 961030a28b3SRobert Watson static int 962030a28b3SRobert Watson stub_check_proc_setreuid(struct ucred *cred, uid_t ruid, uid_t euid) 963030a28b3SRobert Watson { 964030a28b3SRobert Watson 965030a28b3SRobert Watson return (0); 966030a28b3SRobert Watson } 967030a28b3SRobert Watson 968030a28b3SRobert Watson static int 969030a28b3SRobert Watson stub_check_proc_setregid(struct ucred *cred, gid_t rgid, gid_t egid) 970030a28b3SRobert Watson { 971030a28b3SRobert Watson 972030a28b3SRobert Watson return (0); 973030a28b3SRobert Watson } 974030a28b3SRobert Watson 975030a28b3SRobert Watson static int 976030a28b3SRobert Watson stub_check_proc_setresuid(struct ucred *cred, uid_t ruid, uid_t euid, 977030a28b3SRobert Watson uid_t suid) 978030a28b3SRobert Watson { 979030a28b3SRobert Watson 980030a28b3SRobert Watson return (0); 981030a28b3SRobert Watson } 982030a28b3SRobert Watson 983030a28b3SRobert Watson static int 984030a28b3SRobert Watson stub_check_proc_setresgid(struct ucred *cred, gid_t rgid, gid_t egid, 985030a28b3SRobert Watson gid_t sgid) 986030a28b3SRobert Watson { 987030a28b3SRobert Watson 988030a28b3SRobert Watson return (0); 989030a28b3SRobert Watson } 990030a28b3SRobert Watson 991030a28b3SRobert Watson static int 99278007886SRobert Watson stub_check_socket_accept(struct ucred *cred, struct socket *so, 99378007886SRobert Watson struct label *solabel) 9947f53207bSRobert Watson { 9957f53207bSRobert Watson 9967f53207bSRobert Watson return (0); 9977f53207bSRobert Watson } 9987f53207bSRobert Watson 9997f53207bSRobert Watson static int 100078007886SRobert Watson stub_check_socket_bind(struct ucred *cred, struct socket *so, 100178007886SRobert Watson struct label *solabel, struct sockaddr *sa) 1002d8a7b7a3SRobert Watson { 1003d8a7b7a3SRobert Watson 1004d8a7b7a3SRobert Watson return (0); 1005d8a7b7a3SRobert Watson } 1006d8a7b7a3SRobert Watson 1007d8a7b7a3SRobert Watson static int 100878007886SRobert Watson stub_check_socket_connect(struct ucred *cred, struct socket *so, 100978007886SRobert Watson struct label *solabel, struct sockaddr *sa) 1010d8a7b7a3SRobert Watson { 1011d8a7b7a3SRobert Watson 1012d8a7b7a3SRobert Watson return (0); 1013d8a7b7a3SRobert Watson } 1014d8a7b7a3SRobert Watson 1015d8a7b7a3SRobert Watson static int 101678007886SRobert Watson stub_check_socket_create(struct ucred *cred, int domain, int type, int proto) 10176758f88eSRobert Watson { 10186758f88eSRobert Watson 10196758f88eSRobert Watson return (0); 10206758f88eSRobert Watson } 10216758f88eSRobert Watson 10226758f88eSRobert Watson static int 102378007886SRobert Watson stub_check_socket_deliver(struct socket *so, struct label *solabel, 102478007886SRobert Watson struct mbuf *m, struct label *mlabel) 1025d8a7b7a3SRobert Watson { 1026d8a7b7a3SRobert Watson 1027d8a7b7a3SRobert Watson return (0); 1028d8a7b7a3SRobert Watson } 1029d8a7b7a3SRobert Watson 1030d8a7b7a3SRobert Watson static int 10311c3f91cdSRobert Watson stub_check_socket_listen(struct ucred *cred, struct socket *so, 103278007886SRobert Watson struct label *solabel) 1033d8a7b7a3SRobert Watson { 1034d8a7b7a3SRobert Watson 1035d8a7b7a3SRobert Watson return (0); 1036d8a7b7a3SRobert Watson } 1037d8a7b7a3SRobert Watson 1038d8a7b7a3SRobert Watson static int 10397f53207bSRobert Watson stub_check_socket_poll(struct ucred *cred, struct socket *so, 104078007886SRobert Watson struct label *solabel) 10417f53207bSRobert Watson { 10427f53207bSRobert Watson 10437f53207bSRobert Watson return (0); 10447f53207bSRobert Watson } 10457f53207bSRobert Watson 10467f53207bSRobert Watson static int 10477f53207bSRobert Watson stub_check_socket_receive(struct ucred *cred, struct socket *so, 104878007886SRobert Watson struct label *solabel) 10497f53207bSRobert Watson { 10507f53207bSRobert Watson 10517f53207bSRobert Watson return (0); 10527f53207bSRobert Watson } 10537f53207bSRobert Watson 10547f53207bSRobert Watson static int 105578007886SRobert Watson stub_check_socket_relabel(struct ucred *cred, struct socket *so, 105678007886SRobert Watson struct label *solabel, struct label *newlabel) 1057d8a7b7a3SRobert Watson { 1058d8a7b7a3SRobert Watson 1059d8a7b7a3SRobert Watson return (0); 1060d8a7b7a3SRobert Watson } 10617f53207bSRobert Watson static int 10627f53207bSRobert Watson stub_check_socket_send(struct ucred *cred, struct socket *so, 106378007886SRobert Watson struct label *solabel) 10647f53207bSRobert Watson { 10657f53207bSRobert Watson 10667f53207bSRobert Watson return (0); 10677f53207bSRobert Watson } 10687f53207bSRobert Watson 10697f53207bSRobert Watson static int 10707f53207bSRobert Watson stub_check_socket_stat(struct ucred *cred, struct socket *so, 107178007886SRobert Watson struct label *solabel) 10727f53207bSRobert Watson { 10737f53207bSRobert Watson 10747f53207bSRobert Watson return (0); 10757f53207bSRobert Watson } 1076d8a7b7a3SRobert Watson 1077d8a7b7a3SRobert Watson static int 107878007886SRobert Watson stub_check_socket_visible(struct ucred *cred, struct socket *so, 107978007886SRobert Watson struct label *solabel) 1080d8a7b7a3SRobert Watson { 1081d8a7b7a3SRobert Watson 1082d8a7b7a3SRobert Watson return (0); 1083d8a7b7a3SRobert Watson } 1084d8a7b7a3SRobert Watson 1085d8a7b7a3SRobert Watson static int 10861c3f91cdSRobert Watson stub_check_system_acct(struct ucred *cred, struct vnode *vp, 108778007886SRobert Watson struct label *vplabel) 108809de2dc2SRobert Watson { 108909de2dc2SRobert Watson 109009de2dc2SRobert Watson return (0); 109109de2dc2SRobert Watson } 109209de2dc2SRobert Watson 109309de2dc2SRobert Watson static int 109418717f69SRobert Watson stub_check_system_audit(struct ucred *cred, void *record, int length) 109518717f69SRobert Watson { 109618717f69SRobert Watson 109718717f69SRobert Watson return (0); 109818717f69SRobert Watson } 109918717f69SRobert Watson 110018717f69SRobert Watson static int 110118717f69SRobert Watson stub_check_system_auditctl(struct ucred *cred, struct vnode *vp, 110278007886SRobert Watson struct label *vplabel) 110318717f69SRobert Watson { 110418717f69SRobert Watson 110518717f69SRobert Watson return (0); 110618717f69SRobert Watson } 110718717f69SRobert Watson 110818717f69SRobert Watson static int 110918717f69SRobert Watson stub_check_system_auditon(struct ucred *cred, int cmd) 111018717f69SRobert Watson { 111118717f69SRobert Watson 111218717f69SRobert Watson return (0); 111318717f69SRobert Watson } 111418717f69SRobert Watson 111518717f69SRobert Watson static int 11161c3f91cdSRobert Watson stub_check_system_reboot(struct ucred *cred, int how) 1117927f6069SRobert Watson { 1118927f6069SRobert Watson 1119927f6069SRobert Watson return (0); 1120927f6069SRobert Watson } 1121927f6069SRobert Watson 1122927f6069SRobert Watson static int 112318717f69SRobert Watson stub_check_system_swapoff(struct ucred *cred, struct vnode *vp, 112478007886SRobert Watson struct label *vplabel) 1125927f6069SRobert Watson { 1126927f6069SRobert Watson 1127927f6069SRobert Watson return (0); 1128927f6069SRobert Watson } 1129927f6069SRobert Watson 1130927f6069SRobert Watson static int 113118717f69SRobert Watson stub_check_system_swapon(struct ucred *cred, struct vnode *vp, 113278007886SRobert Watson struct label *vplabel) 113309de2dc2SRobert Watson { 113409de2dc2SRobert Watson 113509de2dc2SRobert Watson return (0); 113609de2dc2SRobert Watson } 113709de2dc2SRobert Watson 113809de2dc2SRobert Watson static int 113963dba32bSPawel Jakub Dawidek stub_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp, 114063dba32bSPawel Jakub Dawidek void *arg1, int arg2, struct sysctl_req *req) 1141927f6069SRobert Watson { 1142927f6069SRobert Watson 1143927f6069SRobert Watson return (0); 1144927f6069SRobert Watson } 1145927f6069SRobert Watson 1146927f6069SRobert Watson static int 11471c3f91cdSRobert Watson stub_check_vnode_access(struct ucred *cred, struct vnode *vp, 114878007886SRobert Watson struct label *vplabel, int acc_mode) 1149d8a7b7a3SRobert Watson { 1150d8a7b7a3SRobert Watson 1151d8a7b7a3SRobert Watson return (0); 1152d8a7b7a3SRobert Watson } 1153d8a7b7a3SRobert Watson 1154d8a7b7a3SRobert Watson static int 11551c3f91cdSRobert Watson stub_check_vnode_chdir(struct ucred *cred, struct vnode *dvp, 115678007886SRobert Watson struct label *dvplabel) 1157d8a7b7a3SRobert Watson { 1158d8a7b7a3SRobert Watson 1159d8a7b7a3SRobert Watson return (0); 1160d8a7b7a3SRobert Watson } 1161d8a7b7a3SRobert Watson 1162d8a7b7a3SRobert Watson static int 11631c3f91cdSRobert Watson stub_check_vnode_chroot(struct ucred *cred, struct vnode *dvp, 116478007886SRobert Watson struct label *dvplabel) 1165d8a7b7a3SRobert Watson { 1166d8a7b7a3SRobert Watson 1167d8a7b7a3SRobert Watson return (0); 1168d8a7b7a3SRobert Watson } 1169d8a7b7a3SRobert Watson 1170d8a7b7a3SRobert Watson static int 11711c3f91cdSRobert Watson stub_check_vnode_create(struct ucred *cred, struct vnode *dvp, 117278007886SRobert Watson struct label *dvplabel, struct componentname *cnp, struct vattr *vap) 1173d8a7b7a3SRobert Watson { 1174d8a7b7a3SRobert Watson 1175d8a7b7a3SRobert Watson return (0); 1176d8a7b7a3SRobert Watson } 1177d8a7b7a3SRobert Watson 1178d8a7b7a3SRobert Watson static int 11791c3f91cdSRobert Watson stub_check_vnode_delete(struct ucred *cred, struct vnode *dvp, 118078007886SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 1181d8a7b7a3SRobert Watson struct componentname *cnp) 1182d8a7b7a3SRobert Watson { 1183d8a7b7a3SRobert Watson 1184d8a7b7a3SRobert Watson return (0); 1185d8a7b7a3SRobert Watson } 1186d8a7b7a3SRobert Watson 1187d8a7b7a3SRobert Watson static int 11881c3f91cdSRobert Watson stub_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, 118978007886SRobert Watson struct label *vplabel, acl_type_t type) 1190d8a7b7a3SRobert Watson { 1191d8a7b7a3SRobert Watson 1192d8a7b7a3SRobert Watson return (0); 1193d8a7b7a3SRobert Watson } 1194d8a7b7a3SRobert Watson 1195d8a7b7a3SRobert Watson static int 119664f00af8SRobert Watson stub_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp, 119778007886SRobert Watson struct label *vplabel, int attrnamespace, const char *name) 119864f00af8SRobert Watson { 119964f00af8SRobert Watson 120064f00af8SRobert Watson return (0); 120164f00af8SRobert Watson } 120264f00af8SRobert Watson 120364f00af8SRobert Watson static int 12041c3f91cdSRobert Watson stub_check_vnode_exec(struct ucred *cred, struct vnode *vp, 120578007886SRobert Watson struct label *vplabel, struct image_params *imgp, 1206ef5def59SRobert Watson struct label *execlabel) 1207d8a7b7a3SRobert Watson { 1208d8a7b7a3SRobert Watson 1209d8a7b7a3SRobert Watson return (0); 1210d8a7b7a3SRobert Watson } 1211d8a7b7a3SRobert Watson 1212d8a7b7a3SRobert Watson static int 12131c3f91cdSRobert Watson stub_check_vnode_getacl(struct ucred *cred, struct vnode *vp, 121478007886SRobert Watson struct label *vplabel, acl_type_t type) 1215d8a7b7a3SRobert Watson { 1216d8a7b7a3SRobert Watson 1217d8a7b7a3SRobert Watson return (0); 1218d8a7b7a3SRobert Watson } 1219d8a7b7a3SRobert Watson 1220d8a7b7a3SRobert Watson static int 12211c3f91cdSRobert Watson stub_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, 122278007886SRobert Watson struct label *vplabel, int attrnamespace, const char *name, 122378007886SRobert Watson struct uio *uio) 1224d8a7b7a3SRobert Watson { 1225d8a7b7a3SRobert Watson 1226d8a7b7a3SRobert Watson return (0); 1227d8a7b7a3SRobert Watson } 1228d8a7b7a3SRobert Watson 1229d8a7b7a3SRobert Watson static int 12301c3f91cdSRobert Watson stub_check_vnode_link(struct ucred *cred, struct vnode *dvp, 123178007886SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 1232c27b50f5SRobert Watson struct componentname *cnp) 1233c27b50f5SRobert Watson { 1234c27b50f5SRobert Watson 1235c27b50f5SRobert Watson return (0); 1236c27b50f5SRobert Watson } 1237c27b50f5SRobert Watson 1238c27b50f5SRobert Watson static int 123964f00af8SRobert Watson stub_check_vnode_listextattr(struct ucred *cred, struct vnode *vp, 124078007886SRobert Watson struct label *vplabel, int attrnamespace) 124164f00af8SRobert Watson { 124264f00af8SRobert Watson 124364f00af8SRobert Watson return (0); 124464f00af8SRobert Watson } 124564f00af8SRobert Watson 124664f00af8SRobert Watson static int 12471c3f91cdSRobert Watson stub_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, 124878007886SRobert Watson struct label *dvplabel, struct componentname *cnp) 1249d8a7b7a3SRobert Watson { 1250d8a7b7a3SRobert Watson 1251d8a7b7a3SRobert Watson return (0); 1252d8a7b7a3SRobert Watson } 1253d8a7b7a3SRobert Watson 1254d8a7b7a3SRobert Watson static int 12551c3f91cdSRobert Watson stub_check_vnode_mmap(struct ucred *cred, struct vnode *vp, 125678007886SRobert Watson struct label *vplabel, int prot, int flags) 1257e183f80eSRobert Watson { 1258e183f80eSRobert Watson 1259e183f80eSRobert Watson return (0); 1260e183f80eSRobert Watson } 1261e183f80eSRobert Watson 126217870c06SChristian S.J. Peron static void 126378007886SRobert Watson stub_check_vnode_mmap_downgrade(struct ucred *cred, struct vnode *vp, 126478007886SRobert Watson struct label *vplabel, int *prot) 126517870c06SChristian S.J. Peron { 126617870c06SChristian S.J. Peron 126717870c06SChristian S.J. Peron } 126817870c06SChristian S.J. Peron 126917870c06SChristian S.J. Peron static int 127078007886SRobert Watson stub_check_vnode_mprotect(struct ucred *cred, struct vnode *vp, 127178007886SRobert Watson struct label *vplabel, int prot) 127217870c06SChristian S.J. Peron { 127317870c06SChristian S.J. Peron 127417870c06SChristian S.J. Peron return (0); 127517870c06SChristian S.J. Peron } 127617870c06SChristian S.J. Peron 1277e183f80eSRobert Watson static int 12781c3f91cdSRobert Watson stub_check_vnode_open(struct ucred *cred, struct vnode *vp, 127978007886SRobert Watson struct label *vplabel, int acc_mode) 1280d8a7b7a3SRobert Watson { 1281d8a7b7a3SRobert Watson 1282d8a7b7a3SRobert Watson return (0); 1283d8a7b7a3SRobert Watson } 1284d8a7b7a3SRobert Watson 1285d8a7b7a3SRobert Watson static int 12861c3f91cdSRobert Watson stub_check_vnode_poll(struct ucred *active_cred, struct ucred *file_cred, 128778007886SRobert Watson struct vnode *vp, struct label *vplabel) 12887f724f8bSRobert Watson { 12897f724f8bSRobert Watson 12907f724f8bSRobert Watson return (0); 12917f724f8bSRobert Watson } 12927f724f8bSRobert Watson 12937f724f8bSRobert Watson static int 12941c3f91cdSRobert Watson stub_check_vnode_read(struct ucred *active_cred, struct ucred *file_cred, 129578007886SRobert Watson struct vnode *vp, struct label *vplabel) 12967f724f8bSRobert Watson { 12977f724f8bSRobert Watson 12987f724f8bSRobert Watson return (0); 12997f724f8bSRobert Watson } 13007f724f8bSRobert Watson 13017f724f8bSRobert Watson static int 13021c3f91cdSRobert Watson stub_check_vnode_readdir(struct ucred *cred, struct vnode *vp, 130378007886SRobert Watson struct label *dvplabel) 1304d8a7b7a3SRobert Watson { 1305d8a7b7a3SRobert Watson 1306d8a7b7a3SRobert Watson return (0); 1307d8a7b7a3SRobert Watson } 1308d8a7b7a3SRobert Watson 1309d8a7b7a3SRobert Watson static int 13101c3f91cdSRobert Watson stub_check_vnode_readlink(struct ucred *cred, struct vnode *vp, 131178007886SRobert Watson struct label *vplabel) 1312d8a7b7a3SRobert Watson { 1313d8a7b7a3SRobert Watson 1314d8a7b7a3SRobert Watson return (0); 1315d8a7b7a3SRobert Watson } 1316d8a7b7a3SRobert Watson 1317d8a7b7a3SRobert Watson static int 13181c3f91cdSRobert Watson stub_check_vnode_relabel(struct ucred *cred, struct vnode *vp, 131978007886SRobert Watson struct label *vplabel, struct label *newlabel) 1320d8a7b7a3SRobert Watson { 1321d8a7b7a3SRobert Watson 1322d8a7b7a3SRobert Watson return (0); 1323d8a7b7a3SRobert Watson } 1324d8a7b7a3SRobert Watson 1325d8a7b7a3SRobert Watson static int 13261c3f91cdSRobert Watson stub_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp, 132778007886SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 1328d8a7b7a3SRobert Watson struct componentname *cnp) 1329d8a7b7a3SRobert Watson { 1330d8a7b7a3SRobert Watson 1331d8a7b7a3SRobert Watson return (0); 1332d8a7b7a3SRobert Watson } 1333d8a7b7a3SRobert Watson 1334d8a7b7a3SRobert Watson static int 13351c3f91cdSRobert Watson stub_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp, 133678007886SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 133778007886SRobert Watson int samedir, struct componentname *cnp) 1338d8a7b7a3SRobert Watson { 1339d8a7b7a3SRobert Watson 1340d8a7b7a3SRobert Watson return (0); 1341d8a7b7a3SRobert Watson } 1342d8a7b7a3SRobert Watson 1343d8a7b7a3SRobert Watson static int 13441c3f91cdSRobert Watson stub_check_vnode_revoke(struct ucred *cred, struct vnode *vp, 134578007886SRobert Watson struct label *vplabel) 1346d8a7b7a3SRobert Watson { 1347d8a7b7a3SRobert Watson 1348d8a7b7a3SRobert Watson return (0); 1349d8a7b7a3SRobert Watson } 1350d8a7b7a3SRobert Watson 1351d8a7b7a3SRobert Watson static int 13521c3f91cdSRobert Watson stub_check_vnode_setacl(struct ucred *cred, struct vnode *vp, 135378007886SRobert Watson struct label *vplabel, acl_type_t type, struct acl *acl) 1354d8a7b7a3SRobert Watson { 1355d8a7b7a3SRobert Watson 1356d8a7b7a3SRobert Watson return (0); 1357d8a7b7a3SRobert Watson } 1358d8a7b7a3SRobert Watson 1359d8a7b7a3SRobert Watson static int 13601c3f91cdSRobert Watson stub_check_vnode_setextattr(struct ucred *cred, struct vnode *vp, 136178007886SRobert Watson struct label *vplabel, int attrnamespace, const char *name, 136278007886SRobert Watson struct uio *uio) 1363d8a7b7a3SRobert Watson { 1364d8a7b7a3SRobert Watson 1365d8a7b7a3SRobert Watson return (0); 1366d8a7b7a3SRobert Watson } 1367d8a7b7a3SRobert Watson 1368d8a7b7a3SRobert Watson static int 13691c3f91cdSRobert Watson stub_check_vnode_setflags(struct ucred *cred, struct vnode *vp, 137078007886SRobert Watson struct label *vplabel, u_long flags) 1371d8a7b7a3SRobert Watson { 1372d8a7b7a3SRobert Watson 1373d8a7b7a3SRobert Watson return (0); 1374d8a7b7a3SRobert Watson } 1375d8a7b7a3SRobert Watson 1376d8a7b7a3SRobert Watson static int 13771c3f91cdSRobert Watson stub_check_vnode_setmode(struct ucred *cred, struct vnode *vp, 137878007886SRobert Watson struct label *vplabel, mode_t mode) 1379d8a7b7a3SRobert Watson { 1380d8a7b7a3SRobert Watson 1381d8a7b7a3SRobert Watson return (0); 1382d8a7b7a3SRobert Watson } 1383d8a7b7a3SRobert Watson 1384d8a7b7a3SRobert Watson static int 13851c3f91cdSRobert Watson stub_check_vnode_setowner(struct ucred *cred, struct vnode *vp, 138678007886SRobert Watson struct label *vplabel, uid_t uid, gid_t gid) 1387d8a7b7a3SRobert Watson { 1388d8a7b7a3SRobert Watson 1389d8a7b7a3SRobert Watson return (0); 1390d8a7b7a3SRobert Watson } 1391d8a7b7a3SRobert Watson 1392d8a7b7a3SRobert Watson static int 13931c3f91cdSRobert Watson stub_check_vnode_setutimes(struct ucred *cred, struct vnode *vp, 139478007886SRobert Watson struct label *vplabel, struct timespec atime, struct timespec mtime) 1395d8a7b7a3SRobert Watson { 1396d8a7b7a3SRobert Watson 1397d8a7b7a3SRobert Watson return (0); 1398d8a7b7a3SRobert Watson } 1399d8a7b7a3SRobert Watson 1400d8a7b7a3SRobert Watson static int 14011c3f91cdSRobert Watson stub_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred, 140278007886SRobert Watson struct vnode *vp, struct label *vplabel) 1403d8a7b7a3SRobert Watson { 1404d8a7b7a3SRobert Watson 1405d8a7b7a3SRobert Watson return (0); 1406d8a7b7a3SRobert Watson } 1407d8a7b7a3SRobert Watson 14087f724f8bSRobert Watson static int 140978007886SRobert Watson stub_check_vnode_write(struct ucred *active_cred, struct ucred *file_cred, 141078007886SRobert Watson struct vnode *vp, struct label *vplabel) 14117f724f8bSRobert Watson { 14127f724f8bSRobert Watson 14137f724f8bSRobert Watson return (0); 14147f724f8bSRobert Watson } 14157f724f8bSRobert Watson 1416403b781eSRobert Watson static int 1417403b781eSRobert Watson stub_priv_check(struct ucred *cred, int priv) 1418403b781eSRobert Watson { 1419403b781eSRobert Watson 1420403b781eSRobert Watson return (0); 1421403b781eSRobert Watson } 1422403b781eSRobert Watson 1423403b781eSRobert Watson static int 1424403b781eSRobert Watson stub_priv_grant(struct ucred *cred, int priv) 1425403b781eSRobert Watson { 1426403b781eSRobert Watson 1427403b781eSRobert Watson return (EPERM); 1428403b781eSRobert Watson } 1429403b781eSRobert Watson 14301c3f91cdSRobert Watson static struct mac_policy_ops mac_stub_ops = 1431d8a7b7a3SRobert Watson { 14321c3f91cdSRobert Watson .mpo_destroy = stub_destroy, 14331c3f91cdSRobert Watson .mpo_init = stub_init, 14341c3f91cdSRobert Watson .mpo_syscall = stub_syscall, 14351c3f91cdSRobert Watson .mpo_init_bpfdesc_label = stub_init_label, 14361c3f91cdSRobert Watson .mpo_init_cred_label = stub_init_label, 14371c3f91cdSRobert Watson .mpo_init_devfsdirent_label = stub_init_label, 14381c3f91cdSRobert Watson .mpo_init_ifnet_label = stub_init_label, 1439a557af22SRobert Watson .mpo_init_inpcb_label = stub_init_label_waitcheck, 1440ba53d9c9SRobert Watson .mpo_init_sysv_msgmsg_label = stub_init_label, 1441ba53d9c9SRobert Watson .mpo_init_sysv_msgqueue_label = stub_init_label, 14423831e7d7SRobert Watson .mpo_init_sysv_sem_label = stub_init_label, 1443ba53d9c9SRobert Watson .mpo_init_sysv_shm_label = stub_init_label, 14441c3f91cdSRobert Watson .mpo_init_ipq_label = stub_init_label_waitcheck, 14451c3f91cdSRobert Watson .mpo_init_mbuf_label = stub_init_label_waitcheck, 14461c3f91cdSRobert Watson .mpo_init_mount_label = stub_init_label, 14471c3f91cdSRobert Watson .mpo_init_pipe_label = stub_init_label, 144852648411SRobert Watson .mpo_init_posix_sem_label = stub_init_label, 14491c3f91cdSRobert Watson .mpo_init_socket_label = stub_init_label_waitcheck, 14501c3f91cdSRobert Watson .mpo_init_socket_peer_label = stub_init_label_waitcheck, 14511c3f91cdSRobert Watson .mpo_init_vnode_label = stub_init_label, 14521c3f91cdSRobert Watson .mpo_destroy_bpfdesc_label = stub_destroy_label, 14531c3f91cdSRobert Watson .mpo_destroy_cred_label = stub_destroy_label, 14541c3f91cdSRobert Watson .mpo_destroy_devfsdirent_label = stub_destroy_label, 14551c3f91cdSRobert Watson .mpo_destroy_ifnet_label = stub_destroy_label, 1456a557af22SRobert Watson .mpo_destroy_inpcb_label = stub_destroy_label, 1457ba53d9c9SRobert Watson .mpo_destroy_sysv_msgmsg_label = stub_destroy_label, 1458ba53d9c9SRobert Watson .mpo_destroy_sysv_msgqueue_label = stub_destroy_label, 14593831e7d7SRobert Watson .mpo_destroy_sysv_sem_label = stub_destroy_label, 1460ba53d9c9SRobert Watson .mpo_destroy_sysv_shm_label = stub_destroy_label, 14611c3f91cdSRobert Watson .mpo_destroy_ipq_label = stub_destroy_label, 14621c3f91cdSRobert Watson .mpo_destroy_mbuf_label = stub_destroy_label, 14631c3f91cdSRobert Watson .mpo_destroy_mount_label = stub_destroy_label, 14641c3f91cdSRobert Watson .mpo_destroy_pipe_label = stub_destroy_label, 146552648411SRobert Watson .mpo_destroy_posix_sem_label = stub_destroy_label, 14661c3f91cdSRobert Watson .mpo_destroy_socket_label = stub_destroy_label, 14671c3f91cdSRobert Watson .mpo_destroy_socket_peer_label = stub_destroy_label, 14681c3f91cdSRobert Watson .mpo_destroy_vnode_label = stub_destroy_label, 146956d9e932SRobert Watson .mpo_copy_cred_label = stub_copy_label, 14702220907bSRobert Watson .mpo_copy_ifnet_label = stub_copy_label, 14710196273bSRobert Watson .mpo_copy_mbuf_label = stub_copy_label, 14720196273bSRobert Watson .mpo_copy_pipe_label = stub_copy_label, 1473b0323ea3SRobert Watson .mpo_copy_socket_label = stub_copy_label, 14740196273bSRobert Watson .mpo_copy_vnode_label = stub_copy_label, 14751c3f91cdSRobert Watson .mpo_externalize_cred_label = stub_externalize_label, 14761c3f91cdSRobert Watson .mpo_externalize_ifnet_label = stub_externalize_label, 14771c3f91cdSRobert Watson .mpo_externalize_pipe_label = stub_externalize_label, 14781c3f91cdSRobert Watson .mpo_externalize_socket_label = stub_externalize_label, 14791c3f91cdSRobert Watson .mpo_externalize_socket_peer_label = stub_externalize_label, 14801c3f91cdSRobert Watson .mpo_externalize_vnode_label = stub_externalize_label, 14811c3f91cdSRobert Watson .mpo_internalize_cred_label = stub_internalize_label, 14821c3f91cdSRobert Watson .mpo_internalize_ifnet_label = stub_internalize_label, 14831c3f91cdSRobert Watson .mpo_internalize_pipe_label = stub_internalize_label, 14841c3f91cdSRobert Watson .mpo_internalize_socket_label = stub_internalize_label, 14851c3f91cdSRobert Watson .mpo_internalize_vnode_label = stub_internalize_label, 14861c3f91cdSRobert Watson .mpo_associate_vnode_devfs = stub_associate_vnode_devfs, 14871c3f91cdSRobert Watson .mpo_associate_vnode_extattr = stub_associate_vnode_extattr, 148817870c06SChristian S.J. Peron .mpo_associate_nfsd_label = stub_associate_nfsd_label, 14891c3f91cdSRobert Watson .mpo_associate_vnode_singlelabel = stub_associate_vnode_singlelabel, 14901c3f91cdSRobert Watson .mpo_create_devfs_device = stub_create_devfs_device, 14911c3f91cdSRobert Watson .mpo_create_devfs_directory = stub_create_devfs_directory, 14921c3f91cdSRobert Watson .mpo_create_devfs_symlink = stub_create_devfs_symlink, 1493ba53d9c9SRobert Watson .mpo_create_sysv_msgmsg = stub_create_sysv_msgmsg, 1494ba53d9c9SRobert Watson .mpo_create_sysv_msgqueue = stub_create_sysv_msgqueue, 14953831e7d7SRobert Watson .mpo_create_sysv_sem = stub_create_sysv_sem, 1496ba53d9c9SRobert Watson .mpo_create_sysv_shm = stub_create_sysv_shm, 14971c3f91cdSRobert Watson .mpo_create_vnode_extattr = stub_create_vnode_extattr, 14981c3f91cdSRobert Watson .mpo_create_mount = stub_create_mount, 14991c3f91cdSRobert Watson .mpo_relabel_vnode = stub_relabel_vnode, 15001c3f91cdSRobert Watson .mpo_setlabel_vnode_extattr = stub_setlabel_vnode_extattr, 15011c3f91cdSRobert Watson .mpo_update_devfsdirent = stub_update_devfsdirent, 15021c3f91cdSRobert Watson .mpo_create_mbuf_from_socket = stub_create_mbuf_from_socket, 15031c3f91cdSRobert Watson .mpo_create_pipe = stub_create_pipe, 150452648411SRobert Watson .mpo_create_posix_sem = stub_create_posix_sem, 15051c3f91cdSRobert Watson .mpo_create_socket = stub_create_socket, 15061c3f91cdSRobert Watson .mpo_create_socket_from_socket = stub_create_socket_from_socket, 15071c3f91cdSRobert Watson .mpo_relabel_pipe = stub_relabel_pipe, 15081c3f91cdSRobert Watson .mpo_relabel_socket = stub_relabel_socket, 15091c3f91cdSRobert Watson .mpo_set_socket_peer_from_mbuf = stub_set_socket_peer_from_mbuf, 15101c3f91cdSRobert Watson .mpo_set_socket_peer_from_socket = stub_set_socket_peer_from_socket, 15111c3f91cdSRobert Watson .mpo_create_bpfdesc = stub_create_bpfdesc, 15121c3f91cdSRobert Watson .mpo_create_ifnet = stub_create_ifnet, 1513a557af22SRobert Watson .mpo_create_inpcb_from_socket = stub_create_inpcb_from_socket, 15141c3f91cdSRobert Watson .mpo_create_ipq = stub_create_ipq, 15151c3f91cdSRobert Watson .mpo_create_datagram_from_ipq = stub_create_datagram_from_ipq, 15161c3f91cdSRobert Watson .mpo_create_fragment = stub_create_fragment, 15172d92ec98SRobert Watson .mpo_create_mbuf_from_inpcb = stub_create_mbuf_from_inpcb, 15181c3f91cdSRobert Watson .mpo_create_mbuf_linklayer = stub_create_mbuf_linklayer, 15191c3f91cdSRobert Watson .mpo_create_mbuf_from_bpfdesc = stub_create_mbuf_from_bpfdesc, 15201c3f91cdSRobert Watson .mpo_create_mbuf_from_ifnet = stub_create_mbuf_from_ifnet, 15211c3f91cdSRobert Watson .mpo_create_mbuf_multicast_encap = stub_create_mbuf_multicast_encap, 15221c3f91cdSRobert Watson .mpo_create_mbuf_netlayer = stub_create_mbuf_netlayer, 152317870c06SChristian S.J. Peron .mpo_create_mbuf_from_firewall = stub_create_mbuf_from_firewall, 15241c3f91cdSRobert Watson .mpo_fragment_match = stub_fragment_match, 152564f00af8SRobert Watson .mpo_reflect_mbuf_icmp = stub_reflect_mbuf_icmp, 152664f00af8SRobert Watson .mpo_reflect_mbuf_tcp = stub_reflect_mbuf_tcp, 15271c3f91cdSRobert Watson .mpo_relabel_ifnet = stub_relabel_ifnet, 15281c3f91cdSRobert Watson .mpo_update_ipq = stub_update_ipq, 1529a557af22SRobert Watson .mpo_inpcb_sosetlabel = stub_inpcb_sosetlabel, 15301c3f91cdSRobert Watson .mpo_execve_transition = stub_execve_transition, 15311c3f91cdSRobert Watson .mpo_execve_will_transition = stub_execve_will_transition, 15321c3f91cdSRobert Watson .mpo_create_proc0 = stub_create_proc0, 15331c3f91cdSRobert Watson .mpo_create_proc1 = stub_create_proc1, 15341c3f91cdSRobert Watson .mpo_relabel_cred = stub_relabel_cred, 15351c3f91cdSRobert Watson .mpo_thread_userret = stub_thread_userret, 1536ba53d9c9SRobert Watson .mpo_cleanup_sysv_msgmsg = stub_cleanup_sysv_msgmsg, 1537ba53d9c9SRobert Watson .mpo_cleanup_sysv_msgqueue = stub_cleanup_sysv_msgqueue, 15383831e7d7SRobert Watson .mpo_cleanup_sysv_sem = stub_cleanup_sysv_sem, 1539ba53d9c9SRobert Watson .mpo_cleanup_sysv_shm = stub_cleanup_sysv_shm, 15401c3f91cdSRobert Watson .mpo_check_bpfdesc_receive = stub_check_bpfdesc_receive, 15411c3f91cdSRobert Watson .mpo_check_cred_relabel = stub_check_cred_relabel, 15421c3f91cdSRobert Watson .mpo_check_cred_visible = stub_check_cred_visible, 15431c3f91cdSRobert Watson .mpo_check_ifnet_relabel = stub_check_ifnet_relabel, 15441c3f91cdSRobert Watson .mpo_check_ifnet_transmit = stub_check_ifnet_transmit, 1545a557af22SRobert Watson .mpo_check_inpcb_deliver = stub_check_inpcb_deliver, 1546ba53d9c9SRobert Watson .mpo_check_sysv_msgmsq = stub_check_sysv_msgmsq, 1547ba53d9c9SRobert Watson .mpo_check_sysv_msgrcv = stub_check_sysv_msgrcv, 1548ba53d9c9SRobert Watson .mpo_check_sysv_msgrmid = stub_check_sysv_msgrmid, 1549ba53d9c9SRobert Watson .mpo_check_sysv_msqget = stub_check_sysv_msqget, 1550ba53d9c9SRobert Watson .mpo_check_sysv_msqsnd = stub_check_sysv_msqsnd, 1551ba53d9c9SRobert Watson .mpo_check_sysv_msqrcv = stub_check_sysv_msqrcv, 1552ba53d9c9SRobert Watson .mpo_check_sysv_msqctl = stub_check_sysv_msqctl, 1553ba53d9c9SRobert Watson .mpo_check_sysv_semctl = stub_check_sysv_semctl, 1554ba53d9c9SRobert Watson .mpo_check_sysv_semget = stub_check_sysv_semget, 1555ba53d9c9SRobert Watson .mpo_check_sysv_semop = stub_check_sysv_semop, 1556ba53d9c9SRobert Watson .mpo_check_sysv_shmat = stub_check_sysv_shmat, 1557ba53d9c9SRobert Watson .mpo_check_sysv_shmctl = stub_check_sysv_shmctl, 1558ba53d9c9SRobert Watson .mpo_check_sysv_shmdt = stub_check_sysv_shmdt, 1559ba53d9c9SRobert Watson .mpo_check_sysv_shmget = stub_check_sysv_shmget, 15601c3f91cdSRobert Watson .mpo_check_kenv_dump = stub_check_kenv_dump, 15611c3f91cdSRobert Watson .mpo_check_kenv_get = stub_check_kenv_get, 15621c3f91cdSRobert Watson .mpo_check_kenv_set = stub_check_kenv_set, 15631c3f91cdSRobert Watson .mpo_check_kenv_unset = stub_check_kenv_unset, 15641c3f91cdSRobert Watson .mpo_check_kld_load = stub_check_kld_load, 15651c3f91cdSRobert Watson .mpo_check_kld_stat = stub_check_kld_stat, 15661c3f91cdSRobert Watson .mpo_check_mount_stat = stub_check_mount_stat, 15671c3f91cdSRobert Watson .mpo_check_pipe_ioctl = stub_check_pipe_ioctl, 15681c3f91cdSRobert Watson .mpo_check_pipe_poll = stub_check_pipe_poll, 15691c3f91cdSRobert Watson .mpo_check_pipe_read = stub_check_pipe_read, 15701c3f91cdSRobert Watson .mpo_check_pipe_relabel = stub_check_pipe_relabel, 15711c3f91cdSRobert Watson .mpo_check_pipe_stat = stub_check_pipe_stat, 15721c3f91cdSRobert Watson .mpo_check_pipe_write = stub_check_pipe_write, 157352648411SRobert Watson .mpo_check_posix_sem_destroy = stub_check_posix_sem_destroy, 157452648411SRobert Watson .mpo_check_posix_sem_getvalue = stub_check_posix_sem_getvalue, 157552648411SRobert Watson .mpo_check_posix_sem_open = stub_check_posix_sem_open, 157652648411SRobert Watson .mpo_check_posix_sem_post = stub_check_posix_sem_post, 157752648411SRobert Watson .mpo_check_posix_sem_unlink = stub_check_posix_sem_unlink, 157852648411SRobert Watson .mpo_check_posix_sem_wait = stub_check_posix_sem_wait, 15791c3f91cdSRobert Watson .mpo_check_proc_debug = stub_check_proc_debug, 15801c3f91cdSRobert Watson .mpo_check_proc_sched = stub_check_proc_sched, 158118717f69SRobert Watson .mpo_check_proc_setaudit = stub_check_proc_setaudit, 158218717f69SRobert Watson .mpo_check_proc_setauid = stub_check_proc_setauid, 1583030a28b3SRobert Watson .mpo_check_proc_setuid = stub_check_proc_setuid, 1584030a28b3SRobert Watson .mpo_check_proc_seteuid = stub_check_proc_seteuid, 1585030a28b3SRobert Watson .mpo_check_proc_setgid = stub_check_proc_setgid, 1586030a28b3SRobert Watson .mpo_check_proc_setegid = stub_check_proc_setegid, 1587030a28b3SRobert Watson .mpo_check_proc_setgroups = stub_check_proc_setgroups, 1588030a28b3SRobert Watson .mpo_check_proc_setreuid = stub_check_proc_setreuid, 1589030a28b3SRobert Watson .mpo_check_proc_setregid = stub_check_proc_setregid, 1590030a28b3SRobert Watson .mpo_check_proc_setresuid = stub_check_proc_setresuid, 1591030a28b3SRobert Watson .mpo_check_proc_setresgid = stub_check_proc_setresgid, 15921c3f91cdSRobert Watson .mpo_check_proc_signal = stub_check_proc_signal, 1593babe9a2bSRobert Watson .mpo_check_proc_wait = stub_check_proc_wait, 15947f53207bSRobert Watson .mpo_check_socket_accept = stub_check_socket_accept, 15951c3f91cdSRobert Watson .mpo_check_socket_bind = stub_check_socket_bind, 15961c3f91cdSRobert Watson .mpo_check_socket_connect = stub_check_socket_connect, 15976758f88eSRobert Watson .mpo_check_socket_create = stub_check_socket_create, 15981c3f91cdSRobert Watson .mpo_check_socket_deliver = stub_check_socket_deliver, 15991c3f91cdSRobert Watson .mpo_check_socket_listen = stub_check_socket_listen, 16007f53207bSRobert Watson .mpo_check_socket_poll = stub_check_socket_poll, 16017f53207bSRobert Watson .mpo_check_socket_receive = stub_check_socket_receive, 16021c3f91cdSRobert Watson .mpo_check_socket_relabel = stub_check_socket_relabel, 16037f53207bSRobert Watson .mpo_check_socket_send = stub_check_socket_send, 16047f53207bSRobert Watson .mpo_check_socket_stat = stub_check_socket_stat, 16051c3f91cdSRobert Watson .mpo_check_socket_visible = stub_check_socket_visible, 16061c3f91cdSRobert Watson .mpo_check_system_acct = stub_check_system_acct, 160718717f69SRobert Watson .mpo_check_system_audit = stub_check_system_audit, 160818717f69SRobert Watson .mpo_check_system_auditctl = stub_check_system_auditctl, 160918717f69SRobert Watson .mpo_check_system_auditon = stub_check_system_auditon, 16101c3f91cdSRobert Watson .mpo_check_system_reboot = stub_check_system_reboot, 16111c3f91cdSRobert Watson .mpo_check_system_swapoff = stub_check_system_swapoff, 161218717f69SRobert Watson .mpo_check_system_swapon = stub_check_system_swapon, 16131c3f91cdSRobert Watson .mpo_check_system_sysctl = stub_check_system_sysctl, 16141c3f91cdSRobert Watson .mpo_check_vnode_access = stub_check_vnode_access, 16151c3f91cdSRobert Watson .mpo_check_vnode_chdir = stub_check_vnode_chdir, 16161c3f91cdSRobert Watson .mpo_check_vnode_chroot = stub_check_vnode_chroot, 16171c3f91cdSRobert Watson .mpo_check_vnode_create = stub_check_vnode_create, 16181c3f91cdSRobert Watson .mpo_check_vnode_delete = stub_check_vnode_delete, 16191c3f91cdSRobert Watson .mpo_check_vnode_deleteacl = stub_check_vnode_deleteacl, 162064f00af8SRobert Watson .mpo_check_vnode_deleteextattr = stub_check_vnode_deleteextattr, 16211c3f91cdSRobert Watson .mpo_check_vnode_exec = stub_check_vnode_exec, 16221c3f91cdSRobert Watson .mpo_check_vnode_getacl = stub_check_vnode_getacl, 16231c3f91cdSRobert Watson .mpo_check_vnode_getextattr = stub_check_vnode_getextattr, 16241c3f91cdSRobert Watson .mpo_check_vnode_link = stub_check_vnode_link, 162564f00af8SRobert Watson .mpo_check_vnode_listextattr = stub_check_vnode_listextattr, 16261c3f91cdSRobert Watson .mpo_check_vnode_lookup = stub_check_vnode_lookup, 16271c3f91cdSRobert Watson .mpo_check_vnode_mmap = stub_check_vnode_mmap, 162817870c06SChristian S.J. Peron .mpo_check_vnode_mmap_downgrade = stub_check_vnode_mmap_downgrade, 162917870c06SChristian S.J. Peron .mpo_check_vnode_mprotect = stub_check_vnode_mprotect, 16301c3f91cdSRobert Watson .mpo_check_vnode_open = stub_check_vnode_open, 16311c3f91cdSRobert Watson .mpo_check_vnode_poll = stub_check_vnode_poll, 16321c3f91cdSRobert Watson .mpo_check_vnode_read = stub_check_vnode_read, 16331c3f91cdSRobert Watson .mpo_check_vnode_readdir = stub_check_vnode_readdir, 16341c3f91cdSRobert Watson .mpo_check_vnode_readlink = stub_check_vnode_readlink, 16351c3f91cdSRobert Watson .mpo_check_vnode_relabel = stub_check_vnode_relabel, 16361c3f91cdSRobert Watson .mpo_check_vnode_rename_from = stub_check_vnode_rename_from, 16371c3f91cdSRobert Watson .mpo_check_vnode_rename_to = stub_check_vnode_rename_to, 16381c3f91cdSRobert Watson .mpo_check_vnode_revoke = stub_check_vnode_revoke, 16391c3f91cdSRobert Watson .mpo_check_vnode_setacl = stub_check_vnode_setacl, 16401c3f91cdSRobert Watson .mpo_check_vnode_setextattr = stub_check_vnode_setextattr, 16411c3f91cdSRobert Watson .mpo_check_vnode_setflags = stub_check_vnode_setflags, 16421c3f91cdSRobert Watson .mpo_check_vnode_setmode = stub_check_vnode_setmode, 16431c3f91cdSRobert Watson .mpo_check_vnode_setowner = stub_check_vnode_setowner, 16441c3f91cdSRobert Watson .mpo_check_vnode_setutimes = stub_check_vnode_setutimes, 16451c3f91cdSRobert Watson .mpo_check_vnode_stat = stub_check_vnode_stat, 16461c3f91cdSRobert Watson .mpo_check_vnode_write = stub_check_vnode_write, 1647403b781eSRobert Watson .mpo_priv_check = stub_priv_check, 1648403b781eSRobert Watson .mpo_priv_grant = stub_priv_grant, 164917870c06SChristian S.J. Peron .mpo_init_syncache_label = stub_init_label_waitcheck, 165017870c06SChristian S.J. Peron .mpo_destroy_syncache_label = stub_destroy_label, 165117870c06SChristian S.J. Peron .mpo_init_syncache_from_inpcb = stub_init_syncache_from_inpcb, 165217870c06SChristian S.J. Peron .mpo_create_mbuf_from_syncache = stub_create_mbuf_from_syncache, 1653d8a7b7a3SRobert Watson }; 1654d8a7b7a3SRobert Watson 16551c3f91cdSRobert Watson MAC_POLICY_SET(&mac_stub_ops, mac_stub, "TrustedBSD MAC/Stub", 1656740348c4SRobert Watson MPC_LOADTIME_FLAG_UNLOADOK, NULL); 1657