mac_socket.c - OpenGrok cross reference for /freebsd-src/sys/security/mac/mac

Lines Matching full:label
78  * Currently, sockets hold two labels: the label of the socket itself, and a
79  * peer label, which may be used by policies to hold a copy of the label of
82  * Possibly, this peer label should be maintained at the protocol layer
84  * the label consistently.  For example, it might be copied live from a
92  * lock over some entry points in order to enforce atomicity (such as label
100 struct label *
103 	struct label *label;
106 	label = mac_labelzone_alloc(flag);
107 	if (label == NULL)
111 		MAC_POLICY_CHECK(socket_init_label, label, flag);
113 		MAC_POLICY_CHECK_NOSLEEP(socket_init_label, label, flag);
115 		MAC_POLICY_PERFORM_NOSLEEP(socket_destroy_label, label);
116 		mac_labelzone_free(label);
119 	return (label);
122 static struct label *
125 	struct label *label;
128 	label = mac_labelzone_alloc(flag);
129 	if (label == NULL)
133 		MAC_POLICY_CHECK(socketpeer_init_label, label, flag);
135 		MAC_POLICY_CHECK_NOSLEEP(socketpeer_init_label, label, flag);
137 		MAC_POLICY_PERFORM_NOSLEEP(socketpeer_destroy_label, label);
138 		mac_labelzone_free(label);
141 	return (label);
166 mac_socket_label_free(struct label *label)
169 	MAC_POLICY_PERFORM_NOSLEEP(socket_destroy_label, label);
170 	mac_labelzone_free(label);
174 mac_socketpeer_label_free(struct label *label)
177 	MAC_POLICY_PERFORM_NOSLEEP(socketpeer_destroy_label, label);
178 	mac_labelzone_free(label);
196 mac_socket_copy_label(struct label *src, struct label *dest)
203 mac_socket_externalize_label(struct label *label, char *elements,
208 	MAC_POLICY_EXTERNALIZE(socket, label, elements, outbuf, outbuflen);
214 mac_socketpeer_externalize_label(struct label *label, char *elements,
219 	MAC_POLICY_EXTERNALIZE(socketpeer, label, elements, outbuf,
226 mac_socket_internalize_label(struct label *label, char *string)
230 	MAC_POLICY_INTERNALIZE(socket, label, string);
252     struct label *newlabel)
264 	struct label *label;
269 	label = mac_mbuf_to_label(m);
271 	MAC_POLICY_PERFORM_NOSLEEP(socketpeer_set_from_mbuf, m, label, so,
289 	struct label *label;
294 	label = mac_mbuf_to_label(m);
297 	    label);
369 	struct label *label;
375 	label = mac_mbuf_to_label(m);
378 	    label);
429     "struct socket *", "struct label *");
433     struct label *newlabel)
491     struct label *label)
504 	error = mac_socket_check_relabel(cred, so, label);
510 	mac_socket_relabel(cred, so, label);
515 	 * such as if it needs to propagate changes to a cached pcb label
516 	 * from the socket, notify it of the label change while holding the
529 	struct label *intlabel;
564 	struct label *intlabel;
603 	struct label *intlabel;