1d8a7b7a3SRobert Watson /*- 29b6dd12eSRobert Watson * Copyright (c) 1999-2002, 2007-2011 Robert N. M. Watson 3ba53d9c9SRobert Watson * Copyright (c) 2001-2005 McAfee, Inc. 430d239bcSRobert Watson * Copyright (c) 2005-2006 SPARTA, Inc. 56356dba0SRobert Watson * Copyright (c) 2008 Apple Inc. 6d8a7b7a3SRobert Watson * All rights reserved. 7d8a7b7a3SRobert Watson * 8d8a7b7a3SRobert Watson * This software was developed by Robert Watson for the TrustedBSD Project. 9d8a7b7a3SRobert Watson * 10ba53d9c9SRobert Watson * This software was developed for the FreeBSD Project in part by McAfee 11ba53d9c9SRobert Watson * Research, the Security Research Division of McAfee, Inc. under 12ba53d9c9SRobert Watson * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA 13ba53d9c9SRobert Watson * CHATS research program. 14d8a7b7a3SRobert Watson * 156758f88eSRobert Watson * This software was enhanced by SPARTA ISSO under SPAWAR contract 166758f88eSRobert Watson * N66001-04-C-6019 ("SEFOS"). 176758f88eSRobert Watson * 186f6174a7SRobert Watson * This software was developed at the University of Cambridge Computer 196f6174a7SRobert Watson * Laboratory with support from a grant from Google, Inc. 206f6174a7SRobert Watson * 21d8a7b7a3SRobert Watson * Redistribution and use in source and binary forms, with or without 22d8a7b7a3SRobert Watson * modification, are permitted provided that the following conditions 23d8a7b7a3SRobert Watson * are met: 24d8a7b7a3SRobert Watson * 1. Redistributions of source code must retain the above copyright 25d8a7b7a3SRobert Watson * notice, this list of conditions and the following disclaimer. 26d8a7b7a3SRobert Watson * 2. Redistributions in binary form must reproduce the above copyright 27d8a7b7a3SRobert Watson * notice, this list of conditions and the following disclaimer in the 28d8a7b7a3SRobert Watson * documentation and/or other materials provided with the distribution. 29d8a7b7a3SRobert Watson * 30d8a7b7a3SRobert Watson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 31d8a7b7a3SRobert Watson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 32d8a7b7a3SRobert Watson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 33d8a7b7a3SRobert Watson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 34d8a7b7a3SRobert Watson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 35d8a7b7a3SRobert Watson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 36d8a7b7a3SRobert Watson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 37d8a7b7a3SRobert Watson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 38d8a7b7a3SRobert Watson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 39d8a7b7a3SRobert Watson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 40d8a7b7a3SRobert Watson * SUCH DAMAGE. 41d8a7b7a3SRobert Watson */ 42d8a7b7a3SRobert Watson 43d8a7b7a3SRobert Watson /* 44d8a7b7a3SRobert Watson * Developed by the TrustedBSD Project. 451c3f91cdSRobert Watson * 461c3f91cdSRobert Watson * Stub module that implements a NOOP for most (if not all) MAC Framework 471c3f91cdSRobert Watson * policy entry points. 48d8a7b7a3SRobert Watson */ 49d8a7b7a3SRobert Watson 50d8a7b7a3SRobert Watson #include <sys/types.h> 51d8a7b7a3SRobert Watson #include <sys/param.h> 52d8a7b7a3SRobert Watson #include <sys/acl.h> 53d8a7b7a3SRobert Watson #include <sys/conf.h> 54763bbd2fSRobert Watson #include <sys/extattr.h> 552449b9e5SMitchell Horne #include <sys/kdb.h> 56d8a7b7a3SRobert Watson #include <sys/kernel.h> 576aeb05d7STom Rhodes #include <sys/ksem.h> 58d8a7b7a3SRobert Watson #include <sys/mount.h> 59d8a7b7a3SRobert Watson #include <sys/proc.h> 60d8a7b7a3SRobert Watson #include <sys/systm.h> 61d8a7b7a3SRobert Watson #include <sys/sysproto.h> 62d8a7b7a3SRobert Watson #include <sys/sysent.h> 63d8a7b7a3SRobert Watson #include <sys/vnode.h> 64d8a7b7a3SRobert Watson #include <sys/file.h> 65d8a7b7a3SRobert Watson #include <sys/socket.h> 66d8a7b7a3SRobert Watson #include <sys/socketvar.h> 67d8a7b7a3SRobert Watson #include <sys/pipe.h> 6836422989SPoul-Henning Kamp #include <sys/sx.h> 69d8a7b7a3SRobert Watson #include <sys/sysctl.h> 70ba53d9c9SRobert Watson #include <sys/msg.h> 71ba53d9c9SRobert Watson #include <sys/sem.h> 72ba53d9c9SRobert Watson #include <sys/shm.h> 73d8a7b7a3SRobert Watson 742449b9e5SMitchell Horne #include <ddb/ddb.h> 752449b9e5SMitchell Horne 76d8a7b7a3SRobert Watson #include <fs/devfs/devfs.h> 77d8a7b7a3SRobert Watson 78d8a7b7a3SRobert Watson #include <net/bpfdesc.h> 79d8a7b7a3SRobert Watson #include <net/if.h> 80d8a7b7a3SRobert Watson #include <net/if_types.h> 81d8a7b7a3SRobert Watson #include <net/if_var.h> 82d8a7b7a3SRobert Watson 83d8a7b7a3SRobert Watson #include <netinet/in.h> 84a557af22SRobert Watson #include <netinet/in_pcb.h> 85d8a7b7a3SRobert Watson #include <netinet/ip_var.h> 86d8a7b7a3SRobert Watson 87d8a7b7a3SRobert Watson #include <vm/vm.h> 88d8a7b7a3SRobert Watson 890efd6615SRobert Watson #include <security/mac/mac_policy.h> 90d8a7b7a3SRobert Watson 917029da5cSPawel Biernacki static SYSCTL_NODE(_security_mac, OID_AUTO, stub, 927029da5cSPawel Biernacki CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 931c3f91cdSRobert Watson "TrustedBSD mac_stub policy controls"); 94d8a7b7a3SRobert Watson 951c3f91cdSRobert Watson static int stub_enabled = 1; 961c3f91cdSRobert Watson SYSCTL_INT(_security_mac_stub, OID_AUTO, enabled, CTLFLAG_RW, 971c3f91cdSRobert Watson &stub_enabled, 0, "Enforce mac_stub policy"); 98d8a7b7a3SRobert Watson 99d8a7b7a3SRobert Watson /* 100d8a7b7a3SRobert Watson * Policy module operations. 101d8a7b7a3SRobert Watson */ 102d8a7b7a3SRobert Watson static void 1031c3f91cdSRobert Watson stub_destroy(struct mac_policy_conf *conf) 104d8a7b7a3SRobert Watson { 105d8a7b7a3SRobert Watson 106d8a7b7a3SRobert Watson } 107d8a7b7a3SRobert Watson 108d8a7b7a3SRobert Watson static void 1091c3f91cdSRobert Watson stub_init(struct mac_policy_conf *conf) 110d8a7b7a3SRobert Watson { 111d8a7b7a3SRobert Watson 112d8a7b7a3SRobert Watson } 113d8a7b7a3SRobert Watson 1148a97ecf6SRobert Watson static int 1151c3f91cdSRobert Watson stub_syscall(struct thread *td, int call, void *arg) 1168a97ecf6SRobert Watson { 1178a97ecf6SRobert Watson 1188a97ecf6SRobert Watson return (0); 1198a97ecf6SRobert Watson } 1208a97ecf6SRobert Watson 121d8a7b7a3SRobert Watson /* 122d8a7b7a3SRobert Watson * Label operations. 123d8a7b7a3SRobert Watson */ 124d8a7b7a3SRobert Watson static void 1251c3f91cdSRobert Watson stub_init_label(struct label *label) 126d8a7b7a3SRobert Watson { 127d8a7b7a3SRobert Watson 128d8a7b7a3SRobert Watson } 129d8a7b7a3SRobert Watson 130d8a7b7a3SRobert Watson static int 1311c3f91cdSRobert Watson stub_init_label_waitcheck(struct label *label, int flag) 132d8a7b7a3SRobert Watson { 133d8a7b7a3SRobert Watson 134d8a7b7a3SRobert Watson return (0); 135d8a7b7a3SRobert Watson } 136d8a7b7a3SRobert Watson 137d8a7b7a3SRobert Watson static void 1381c3f91cdSRobert Watson stub_destroy_label(struct label *label) 139d8a7b7a3SRobert Watson { 140d8a7b7a3SRobert Watson 141d8a7b7a3SRobert Watson } 142d8a7b7a3SRobert Watson 1430196273bSRobert Watson static void 1440196273bSRobert Watson stub_copy_label(struct label *src, struct label *dest) 1450196273bSRobert Watson { 1460196273bSRobert Watson 1470196273bSRobert Watson } 1480196273bSRobert Watson 149d8a7b7a3SRobert Watson static int 1501c3f91cdSRobert Watson stub_externalize_label(struct label *label, char *element_name, 151f51e5803SRobert Watson struct sbuf *sb, int *claimed) 152d8a7b7a3SRobert Watson { 153d8a7b7a3SRobert Watson 154d8a7b7a3SRobert Watson return (0); 155d8a7b7a3SRobert Watson } 156d8a7b7a3SRobert Watson 157d8a7b7a3SRobert Watson static int 1581c3f91cdSRobert Watson stub_internalize_label(struct label *label, char *element_name, 15924e8d0d0SRobert Watson char *element_data, int *claimed) 160d8a7b7a3SRobert Watson { 161d8a7b7a3SRobert Watson 162d8a7b7a3SRobert Watson return (0); 163d8a7b7a3SRobert Watson } 164d8a7b7a3SRobert Watson 165d8a7b7a3SRobert Watson /* 166eb320b0eSRobert Watson * Object-specific entry point imeplementations are sorted alphabetically by 167eb320b0eSRobert Watson * object type name and then by operation. 168d8a7b7a3SRobert Watson */ 169763bbd2fSRobert Watson static int 170eb320b0eSRobert Watson stub_bpfdesc_check_receive(struct bpf_d *d, struct label *dlabel, 171eb320b0eSRobert Watson struct ifnet *ifp, struct label *ifplabel) 172763bbd2fSRobert Watson { 173763bbd2fSRobert Watson 174763bbd2fSRobert Watson return (0); 175763bbd2fSRobert Watson } 176763bbd2fSRobert Watson 177763bbd2fSRobert Watson static void 178eb320b0eSRobert Watson stub_bpfdesc_create(struct ucred *cred, struct bpf_d *d, 179eb320b0eSRobert Watson struct label *dlabel) 180eb320b0eSRobert Watson { 181eb320b0eSRobert Watson 182eb320b0eSRobert Watson } 183eb320b0eSRobert Watson 184eb320b0eSRobert Watson static void 185eb320b0eSRobert Watson stub_bpfdesc_create_mbuf(struct bpf_d *d, struct label *dlabel, 186eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 187eb320b0eSRobert Watson { 188eb320b0eSRobert Watson 189eb320b0eSRobert Watson } 190eb320b0eSRobert Watson 191212ab0cfSRobert Watson static void 192212ab0cfSRobert Watson stub_cred_associate_nfsd(struct ucred *cred) 193212ab0cfSRobert Watson { 194212ab0cfSRobert Watson 195212ab0cfSRobert Watson } 196212ab0cfSRobert Watson 197eb320b0eSRobert Watson static int 198eb320b0eSRobert Watson stub_cred_check_relabel(struct ucred *cred, struct label *newlabel) 199eb320b0eSRobert Watson { 200eb320b0eSRobert Watson 201eb320b0eSRobert Watson return (0); 202eb320b0eSRobert Watson } 203eb320b0eSRobert Watson 204eb320b0eSRobert Watson static int 2056f6174a7SRobert Watson stub_cred_check_setaudit(struct ucred *cred, struct auditinfo *ai) 2066f6174a7SRobert Watson { 2076f6174a7SRobert Watson 2086f6174a7SRobert Watson return (0); 2096f6174a7SRobert Watson } 2106f6174a7SRobert Watson 2116f6174a7SRobert Watson static int 2126f6174a7SRobert Watson stub_cred_check_setaudit_addr(struct ucred *cred, struct auditinfo_addr *aia) 2136f6174a7SRobert Watson { 2146f6174a7SRobert Watson 2156f6174a7SRobert Watson return (0); 2166f6174a7SRobert Watson } 2176f6174a7SRobert Watson 2186f6174a7SRobert Watson static int 2196f6174a7SRobert Watson stub_cred_check_setauid(struct ucred *cred, uid_t auid) 2206f6174a7SRobert Watson { 2216f6174a7SRobert Watson 2226f6174a7SRobert Watson return (0); 2236f6174a7SRobert Watson } 2246f6174a7SRobert Watson 225*ddb3eb4eSOlivier Certner static void 226*ddb3eb4eSOlivier Certner stub_cred_setcred_enter(void) 227*ddb3eb4eSOlivier Certner { 228*ddb3eb4eSOlivier Certner } 229*ddb3eb4eSOlivier Certner 230*ddb3eb4eSOlivier Certner static int 231*ddb3eb4eSOlivier Certner stub_cred_check_setcred(u_int flags, const struct ucred *old_cred, 232*ddb3eb4eSOlivier Certner struct ucred *new_cred) 233*ddb3eb4eSOlivier Certner { 234*ddb3eb4eSOlivier Certner return (0); 235*ddb3eb4eSOlivier Certner } 236*ddb3eb4eSOlivier Certner 237*ddb3eb4eSOlivier Certner static void 238*ddb3eb4eSOlivier Certner stub_cred_setcred_exit(void) 239*ddb3eb4eSOlivier Certner { 240*ddb3eb4eSOlivier Certner } 241*ddb3eb4eSOlivier Certner 2426f6174a7SRobert Watson static int 2436f6174a7SRobert Watson stub_cred_check_setegid(struct ucred *cred, gid_t egid) 2446f6174a7SRobert Watson { 2456f6174a7SRobert Watson 2466f6174a7SRobert Watson return (0); 2476f6174a7SRobert Watson } 2486f6174a7SRobert Watson 2496f6174a7SRobert Watson static int 2506f6174a7SRobert Watson stub_cred_check_seteuid(struct ucred *cred, uid_t euid) 2516f6174a7SRobert Watson { 2526f6174a7SRobert Watson 2536f6174a7SRobert Watson return (0); 2546f6174a7SRobert Watson } 2556f6174a7SRobert Watson 2566f6174a7SRobert Watson static int 2576f6174a7SRobert Watson stub_cred_check_setgid(struct ucred *cred, gid_t gid) 2586f6174a7SRobert Watson { 2596f6174a7SRobert Watson 2606f6174a7SRobert Watson return (0); 2616f6174a7SRobert Watson } 2626f6174a7SRobert Watson 2636f6174a7SRobert Watson static int 2646f6174a7SRobert Watson stub_cred_check_setgroups(struct ucred *cred, int ngroups, 2656f6174a7SRobert Watson gid_t *gidset) 2666f6174a7SRobert Watson { 2676f6174a7SRobert Watson 2686f6174a7SRobert Watson return (0); 2696f6174a7SRobert Watson } 2706f6174a7SRobert Watson 2716f6174a7SRobert Watson static int 2726f6174a7SRobert Watson stub_cred_check_setregid(struct ucred *cred, gid_t rgid, gid_t egid) 2736f6174a7SRobert Watson { 2746f6174a7SRobert Watson 2756f6174a7SRobert Watson return (0); 2766f6174a7SRobert Watson } 2776f6174a7SRobert Watson 2786f6174a7SRobert Watson static int 2796f6174a7SRobert Watson stub_cred_check_setresgid(struct ucred *cred, gid_t rgid, gid_t egid, 2806f6174a7SRobert Watson gid_t sgid) 2816f6174a7SRobert Watson { 2826f6174a7SRobert Watson 2836f6174a7SRobert Watson return (0); 2846f6174a7SRobert Watson } 2856f6174a7SRobert Watson 2866f6174a7SRobert Watson static int 2876f6174a7SRobert Watson stub_cred_check_setresuid(struct ucred *cred, uid_t ruid, uid_t euid, 2886f6174a7SRobert Watson uid_t suid) 2896f6174a7SRobert Watson { 2906f6174a7SRobert Watson 2916f6174a7SRobert Watson return (0); 2926f6174a7SRobert Watson } 2936f6174a7SRobert Watson 2946f6174a7SRobert Watson static int 2956f6174a7SRobert Watson stub_cred_check_setreuid(struct ucred *cred, uid_t ruid, uid_t euid) 2966f6174a7SRobert Watson { 2976f6174a7SRobert Watson 2986f6174a7SRobert Watson return (0); 2996f6174a7SRobert Watson } 3006f6174a7SRobert Watson 3016f6174a7SRobert Watson static int 3026f6174a7SRobert Watson stub_cred_check_setuid(struct ucred *cred, uid_t uid) 3036f6174a7SRobert Watson { 3046f6174a7SRobert Watson 3056f6174a7SRobert Watson return (0); 3066f6174a7SRobert Watson } 3076f6174a7SRobert Watson 3086f6174a7SRobert Watson static int 309eb320b0eSRobert Watson stub_cred_check_visible(struct ucred *cr1, struct ucred *cr2) 310eb320b0eSRobert Watson { 311eb320b0eSRobert Watson 312eb320b0eSRobert Watson return (0); 313eb320b0eSRobert Watson } 314eb320b0eSRobert Watson 315eb320b0eSRobert Watson static void 316212ab0cfSRobert Watson stub_cred_create_init(struct ucred *cred) 317212ab0cfSRobert Watson { 318212ab0cfSRobert Watson 319212ab0cfSRobert Watson } 320212ab0cfSRobert Watson 321212ab0cfSRobert Watson static void 322212ab0cfSRobert Watson stub_cred_create_swapper(struct ucred *cred) 323212ab0cfSRobert Watson { 324212ab0cfSRobert Watson 325212ab0cfSRobert Watson } 326212ab0cfSRobert Watson 327212ab0cfSRobert Watson static void 328eb320b0eSRobert Watson stub_cred_relabel(struct ucred *cred, struct label *newlabel) 329763bbd2fSRobert Watson { 330763bbd2fSRobert Watson 331763bbd2fSRobert Watson } 332763bbd2fSRobert Watson 3332449b9e5SMitchell Horne static int 3342449b9e5SMitchell Horne stub_ddb_command_exec(struct db_command *cmd, db_expr_t addr, bool have_addr, 3352449b9e5SMitchell Horne db_expr_t count, char *modif) 3362449b9e5SMitchell Horne { 3372449b9e5SMitchell Horne 3382449b9e5SMitchell Horne return (0); 3392449b9e5SMitchell Horne } 3402449b9e5SMitchell Horne 3412449b9e5SMitchell Horne static int 3422449b9e5SMitchell Horne stub_ddb_command_register(struct db_command_table *table, 3432449b9e5SMitchell Horne struct db_command *cmd) 3442449b9e5SMitchell Horne { 3452449b9e5SMitchell Horne 3462449b9e5SMitchell Horne return (0); 3472449b9e5SMitchell Horne } 3482449b9e5SMitchell Horne 349763bbd2fSRobert Watson static void 35030d239bcSRobert Watson stub_devfs_create_device(struct ucred *cred, struct mount *mp, 35178007886SRobert Watson struct cdev *dev, struct devfs_dirent *de, struct label *delabel) 352eea8ea31SRobert Watson { 353eea8ea31SRobert Watson 354eea8ea31SRobert Watson } 355eea8ea31SRobert Watson 356eea8ea31SRobert Watson static void 35730d239bcSRobert Watson stub_devfs_create_directory(struct mount *mp, char *dirname, 35878007886SRobert Watson int dirnamelen, struct devfs_dirent *de, struct label *delabel) 359990b4b2dSRobert Watson { 360990b4b2dSRobert Watson 361990b4b2dSRobert Watson } 362990b4b2dSRobert Watson 363990b4b2dSRobert Watson static void 36430d239bcSRobert Watson stub_devfs_create_symlink(struct ucred *cred, struct mount *mp, 365990b4b2dSRobert Watson struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de, 366990b4b2dSRobert Watson struct label *delabel) 367d8a7b7a3SRobert Watson { 368d8a7b7a3SRobert Watson 369d8a7b7a3SRobert Watson } 370d8a7b7a3SRobert Watson 371d8a7b7a3SRobert Watson static void 37230d239bcSRobert Watson stub_devfs_update(struct mount *mp, struct devfs_dirent *de, 37378007886SRobert Watson struct label *delabel, struct vnode *vp, struct label *vplabel) 374d8a7b7a3SRobert Watson { 375d8a7b7a3SRobert Watson 376d8a7b7a3SRobert Watson } 377d8a7b7a3SRobert Watson 378d8a7b7a3SRobert Watson static void 379eb320b0eSRobert Watson stub_devfs_vnode_associate(struct mount *mp, struct label *mplabel, 380eb320b0eSRobert Watson struct devfs_dirent *de, struct label *delabel, struct vnode *vp, 381eb320b0eSRobert Watson struct label *vplabel) 382d8a7b7a3SRobert Watson { 383d8a7b7a3SRobert Watson 384d8a7b7a3SRobert Watson } 385d8a7b7a3SRobert Watson 386d8a7b7a3SRobert Watson static int 38730d239bcSRobert Watson stub_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifp, 38878007886SRobert Watson struct label *ifplabel, struct label *newlabel) 389d8a7b7a3SRobert Watson { 390d8a7b7a3SRobert Watson 391d8a7b7a3SRobert Watson return (0); 392d8a7b7a3SRobert Watson } 393d8a7b7a3SRobert Watson 394d8a7b7a3SRobert Watson static int 39530d239bcSRobert Watson stub_ifnet_check_transmit(struct ifnet *ifp, struct label *ifplabel, 39678007886SRobert Watson struct mbuf *m, struct label *mlabel) 397d8a7b7a3SRobert Watson { 398d8a7b7a3SRobert Watson 399d8a7b7a3SRobert Watson return (0); 400d8a7b7a3SRobert Watson } 401d8a7b7a3SRobert Watson 402eb320b0eSRobert Watson static void 403eb320b0eSRobert Watson stub_ifnet_create(struct ifnet *ifp, struct label *ifplabel) 404eb320b0eSRobert Watson { 405eb320b0eSRobert Watson 406eb320b0eSRobert Watson } 407eb320b0eSRobert Watson 408eb320b0eSRobert Watson static void 409eb320b0eSRobert Watson stub_ifnet_create_mbuf(struct ifnet *ifp, struct label *ifplabel, 410eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 411eb320b0eSRobert Watson { 412eb320b0eSRobert Watson 413eb320b0eSRobert Watson } 414eb320b0eSRobert Watson 415eb320b0eSRobert Watson static void 416eb320b0eSRobert Watson stub_ifnet_relabel(struct ucred *cred, struct ifnet *ifp, 417eb320b0eSRobert Watson struct label *ifplabel, struct label *newlabel) 418eb320b0eSRobert Watson { 419eb320b0eSRobert Watson 420eb320b0eSRobert Watson } 421eb320b0eSRobert Watson 422d8a7b7a3SRobert Watson static int 42330d239bcSRobert Watson stub_inpcb_check_deliver(struct inpcb *inp, struct label *inplabel, 424a557af22SRobert Watson struct mbuf *m, struct label *mlabel) 425a557af22SRobert Watson { 426a557af22SRobert Watson 427a557af22SRobert Watson return (0); 428a557af22SRobert Watson } 429a557af22SRobert Watson 430eb320b0eSRobert Watson static void 431eb320b0eSRobert Watson stub_inpcb_create(struct socket *so, struct label *solabel, 432eb320b0eSRobert Watson struct inpcb *inp, struct label *inplabel) 433ba53d9c9SRobert Watson { 434ba53d9c9SRobert Watson 435eb320b0eSRobert Watson } 436eb320b0eSRobert Watson 437eb320b0eSRobert Watson static void 438eb320b0eSRobert Watson stub_inpcb_create_mbuf(struct inpcb *inp, struct label *inplabel, 439eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 440eb320b0eSRobert Watson { 441eb320b0eSRobert Watson 442eb320b0eSRobert Watson } 443eb320b0eSRobert Watson 444eb320b0eSRobert Watson static void 445eb320b0eSRobert Watson stub_inpcb_sosetlabel(struct socket *so, struct label *solabel, 446eb320b0eSRobert Watson struct inpcb *inp, struct label *inplabel) 447eb320b0eSRobert Watson { 448eb320b0eSRobert Watson 4493de40469SRobert Watson SOCK_LOCK_ASSERT(so); 4503de40469SRobert Watson 451eb320b0eSRobert Watson } 452eb320b0eSRobert Watson 453eb320b0eSRobert Watson static void 454048e1287SRobert Watson stub_ip6q_create(struct mbuf *m, struct label *mlabel, struct ip6q *q6, 455048e1287SRobert Watson struct label *q6label) 456048e1287SRobert Watson { 457048e1287SRobert Watson 458048e1287SRobert Watson } 459048e1287SRobert Watson 460048e1287SRobert Watson static int 461048e1287SRobert Watson stub_ip6q_match(struct mbuf *m, struct label *mlabel, struct ip6q *q6, 462048e1287SRobert Watson struct label *q6label) 463048e1287SRobert Watson { 464048e1287SRobert Watson 465048e1287SRobert Watson return (1); 466048e1287SRobert Watson } 467048e1287SRobert Watson 468048e1287SRobert Watson static void 469048e1287SRobert Watson stub_ip6q_reassemble(struct ip6q *q6, struct label *q6label, struct mbuf *m, 470048e1287SRobert Watson struct label *mlabel) 471048e1287SRobert Watson { 472048e1287SRobert Watson 473048e1287SRobert Watson } 474048e1287SRobert Watson 475048e1287SRobert Watson static void 476048e1287SRobert Watson stub_ip6q_update(struct mbuf *m, struct label *mlabel, struct ip6q *q6, 477048e1287SRobert Watson struct label *q6label) 478048e1287SRobert Watson { 479048e1287SRobert Watson 480048e1287SRobert Watson } 481048e1287SRobert Watson 482048e1287SRobert Watson static void 48337f44cb4SRobert Watson stub_ipq_create(struct mbuf *m, struct label *mlabel, struct ipq *q, 48437f44cb4SRobert Watson struct label *qlabel) 485eb320b0eSRobert Watson { 486eb320b0eSRobert Watson 487ba53d9c9SRobert Watson } 488ba53d9c9SRobert Watson 489ba53d9c9SRobert Watson static int 49037f44cb4SRobert Watson stub_ipq_match(struct mbuf *m, struct label *mlabel, struct ipq *q, 49137f44cb4SRobert Watson struct label *qlabel) 492ba53d9c9SRobert Watson { 493ba53d9c9SRobert Watson 494eb320b0eSRobert Watson return (1); 495ba53d9c9SRobert Watson } 496ba53d9c9SRobert Watson 497eb320b0eSRobert Watson static void 49837f44cb4SRobert Watson stub_ipq_reassemble(struct ipq *q, struct label *qlabel, struct mbuf *m, 49937f44cb4SRobert Watson struct label *mlabel) 500ba53d9c9SRobert Watson { 501ba53d9c9SRobert Watson 502ba53d9c9SRobert Watson } 503ba53d9c9SRobert Watson 504eb320b0eSRobert Watson static void 50537f44cb4SRobert Watson stub_ipq_update(struct mbuf *m, struct label *mlabel, struct ipq *q, 50637f44cb4SRobert Watson struct label *qlabel) 507ba53d9c9SRobert Watson { 508ba53d9c9SRobert Watson 509ba53d9c9SRobert Watson } 510ba53d9c9SRobert Watson 511ba53d9c9SRobert Watson static int 5122449b9e5SMitchell Horne stub_kdb_check_backend(struct kdb_dbbe *be) 5132449b9e5SMitchell Horne { 5142449b9e5SMitchell Horne 5152449b9e5SMitchell Horne return (0); 5162449b9e5SMitchell Horne } 5172449b9e5SMitchell Horne 5182449b9e5SMitchell Horne static int 51930d239bcSRobert Watson stub_kenv_check_dump(struct ucred *cred) 52009de2dc2SRobert Watson { 52109de2dc2SRobert Watson 52209de2dc2SRobert Watson return (0); 52309de2dc2SRobert Watson } 52409de2dc2SRobert Watson 52509de2dc2SRobert Watson static int 52630d239bcSRobert Watson stub_kenv_check_get(struct ucred *cred, char *name) 52709de2dc2SRobert Watson { 52809de2dc2SRobert Watson 52909de2dc2SRobert Watson return (0); 53009de2dc2SRobert Watson } 53109de2dc2SRobert Watson 53209de2dc2SRobert Watson static int 53330d239bcSRobert Watson stub_kenv_check_set(struct ucred *cred, char *name, char *value) 53409de2dc2SRobert Watson { 53509de2dc2SRobert Watson 53609de2dc2SRobert Watson return (0); 53709de2dc2SRobert Watson } 53809de2dc2SRobert Watson 53909de2dc2SRobert Watson static int 54030d239bcSRobert Watson stub_kenv_check_unset(struct ucred *cred, char *name) 54109de2dc2SRobert Watson { 54209de2dc2SRobert Watson 54309de2dc2SRobert Watson return (0); 54409de2dc2SRobert Watson } 54509de2dc2SRobert Watson 54609de2dc2SRobert Watson static int 54730d239bcSRobert Watson stub_kld_check_load(struct ucred *cred, struct vnode *vp, 54878007886SRobert Watson struct label *vplabel) 54909de2dc2SRobert Watson { 55009de2dc2SRobert Watson 55109de2dc2SRobert Watson return (0); 55209de2dc2SRobert Watson } 55309de2dc2SRobert Watson 55409de2dc2SRobert Watson static int 55530d239bcSRobert Watson stub_kld_check_stat(struct ucred *cred) 55609de2dc2SRobert Watson { 55709de2dc2SRobert Watson 55809de2dc2SRobert Watson return (0); 55909de2dc2SRobert Watson } 56009de2dc2SRobert Watson 56109de2dc2SRobert Watson static int 56230d239bcSRobert Watson stub_mount_check_stat(struct ucred *cred, struct mount *mp, 56378007886SRobert Watson struct label *mplabel) 564d8a7b7a3SRobert Watson { 565d8a7b7a3SRobert Watson 566d8a7b7a3SRobert Watson return (0); 567d8a7b7a3SRobert Watson } 568d8a7b7a3SRobert Watson 569eb320b0eSRobert Watson static void 570eb320b0eSRobert Watson stub_mount_create(struct ucred *cred, struct mount *mp, 571eb320b0eSRobert Watson struct label *mplabel) 572eb320b0eSRobert Watson { 573eb320b0eSRobert Watson 574eb320b0eSRobert Watson } 575eb320b0eSRobert Watson 576eb320b0eSRobert Watson static void 577eb320b0eSRobert Watson stub_netinet_arp_send(struct ifnet *ifp, struct label *iflpabel, 578eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 579eb320b0eSRobert Watson { 580eb320b0eSRobert Watson 581eb320b0eSRobert Watson } 582eb320b0eSRobert Watson 583eb320b0eSRobert Watson static void 584eb320b0eSRobert Watson stub_netinet_firewall_reply(struct mbuf *mrecv, struct label *mrecvlabel, 585eb320b0eSRobert Watson struct mbuf *msend, struct label *msendlabel) 586eb320b0eSRobert Watson { 587eb320b0eSRobert Watson 588eb320b0eSRobert Watson } 589eb320b0eSRobert Watson 590eb320b0eSRobert Watson static void 591eb320b0eSRobert Watson stub_netinet_firewall_send(struct mbuf *m, struct label *mlabel) 592eb320b0eSRobert Watson { 593eb320b0eSRobert Watson 594eb320b0eSRobert Watson } 595eb320b0eSRobert Watson 596eb320b0eSRobert Watson static void 597eb320b0eSRobert Watson stub_netinet_fragment(struct mbuf *m, struct label *mlabel, struct mbuf *frag, 598eb320b0eSRobert Watson struct label *fraglabel) 599eb320b0eSRobert Watson { 600eb320b0eSRobert Watson 601eb320b0eSRobert Watson } 602eb320b0eSRobert Watson 603eb320b0eSRobert Watson static void 604eb320b0eSRobert Watson stub_netinet_icmp_reply(struct mbuf *mrecv, struct label *mrecvlabel, 605eb320b0eSRobert Watson struct mbuf *msend, struct label *msendlabel) 606eb320b0eSRobert Watson { 607eb320b0eSRobert Watson 608eb320b0eSRobert Watson } 609eb320b0eSRobert Watson 610eb320b0eSRobert Watson static void 611eb320b0eSRobert Watson stub_netinet_icmp_replyinplace(struct mbuf *m, struct label *mlabel) 612eb320b0eSRobert Watson { 613eb320b0eSRobert Watson 614eb320b0eSRobert Watson } 615eb320b0eSRobert Watson 616eb320b0eSRobert Watson static void 617eb320b0eSRobert Watson stub_netinet_igmp_send(struct ifnet *ifp, struct label *iflpabel, 618eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 619eb320b0eSRobert Watson { 620eb320b0eSRobert Watson 621eb320b0eSRobert Watson } 622eb320b0eSRobert Watson 623eb320b0eSRobert Watson static void 624eb320b0eSRobert Watson stub_netinet_tcp_reply(struct mbuf *m, struct label *mlabel) 625eb320b0eSRobert Watson { 626eb320b0eSRobert Watson 627eb320b0eSRobert Watson } 628eb320b0eSRobert Watson 629eb320b0eSRobert Watson static void 630eb320b0eSRobert Watson stub_netinet6_nd6_send(struct ifnet *ifp, struct label *iflpabel, 631eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 632eb320b0eSRobert Watson { 633eb320b0eSRobert Watson 634eb320b0eSRobert Watson } 635eb320b0eSRobert Watson 636d8a7b7a3SRobert Watson static int 63730d239bcSRobert Watson stub_pipe_check_ioctl(struct ucred *cred, struct pipepair *pp, 63878007886SRobert Watson struct label *pplabel, unsigned long cmd, void /* caddr_t */ *data) 639d8a7b7a3SRobert Watson { 640d8a7b7a3SRobert Watson 641d8a7b7a3SRobert Watson return (0); 642d8a7b7a3SRobert Watson } 643d8a7b7a3SRobert Watson 644d8a7b7a3SRobert Watson static int 64530d239bcSRobert Watson stub_pipe_check_poll(struct ucred *cred, struct pipepair *pp, 64678007886SRobert Watson struct label *pplabel) 647c024c3eeSRobert Watson { 648c024c3eeSRobert Watson 649c024c3eeSRobert Watson return (0); 650c024c3eeSRobert Watson } 651c024c3eeSRobert Watson 652c024c3eeSRobert Watson static int 65330d239bcSRobert Watson stub_pipe_check_read(struct ucred *cred, struct pipepair *pp, 65478007886SRobert Watson struct label *pplabel) 655d8a7b7a3SRobert Watson { 656d8a7b7a3SRobert Watson 657d8a7b7a3SRobert Watson return (0); 658d8a7b7a3SRobert Watson } 659d8a7b7a3SRobert Watson 660d8a7b7a3SRobert Watson static int 66130d239bcSRobert Watson stub_pipe_check_relabel(struct ucred *cred, struct pipepair *pp, 66278007886SRobert Watson struct label *pplabel, struct label *newlabel) 663d8a7b7a3SRobert Watson { 664d8a7b7a3SRobert Watson 665d8a7b7a3SRobert Watson return (0); 666d8a7b7a3SRobert Watson } 667d8a7b7a3SRobert Watson 668d8a7b7a3SRobert Watson static int 66930d239bcSRobert Watson stub_pipe_check_stat(struct ucred *cred, struct pipepair *pp, 67078007886SRobert Watson struct label *pplabel) 671c024c3eeSRobert Watson { 672c024c3eeSRobert Watson 673c024c3eeSRobert Watson return (0); 674c024c3eeSRobert Watson } 675c024c3eeSRobert Watson 676c024c3eeSRobert Watson static int 67730d239bcSRobert Watson stub_pipe_check_write(struct ucred *cred, struct pipepair *pp, 67878007886SRobert Watson struct label *pplabel) 679c024c3eeSRobert Watson { 680c024c3eeSRobert Watson 681c024c3eeSRobert Watson return (0); 682c024c3eeSRobert Watson } 683c024c3eeSRobert Watson 684eb320b0eSRobert Watson static void 685eb320b0eSRobert Watson stub_pipe_create(struct ucred *cred, struct pipepair *pp, 686eb320b0eSRobert Watson struct label *pplabel) 687eb320b0eSRobert Watson { 688eb320b0eSRobert Watson 689eb320b0eSRobert Watson } 690eb320b0eSRobert Watson 691eb320b0eSRobert Watson static void 692eb320b0eSRobert Watson stub_pipe_relabel(struct ucred *cred, struct pipepair *pp, 693eb320b0eSRobert Watson struct label *pplabel, struct label *newlabel) 694eb320b0eSRobert Watson { 695eb320b0eSRobert Watson 696eb320b0eSRobert Watson } 697eb320b0eSRobert Watson 698c024c3eeSRobert Watson static int 6996bc1e9cdSJohn Baldwin stub_posixsem_check_getvalue(struct ucred *active_cred, struct ucred *file_cred, 7006bc1e9cdSJohn Baldwin struct ksem *ks, struct label *kslabel) 70152648411SRobert Watson { 70252648411SRobert Watson 70352648411SRobert Watson return (0); 70452648411SRobert Watson } 70552648411SRobert Watson 70652648411SRobert Watson static int 70730d239bcSRobert Watson stub_posixsem_check_open(struct ucred *cred, struct ksem *ks, 708fe09513eSRobert Watson struct label *kslabel) 70952648411SRobert Watson { 71052648411SRobert Watson 71152648411SRobert Watson return (0); 71252648411SRobert Watson } 71352648411SRobert Watson 71452648411SRobert Watson static int 7156bc1e9cdSJohn Baldwin stub_posixsem_check_post(struct ucred *active_cred, struct ucred *file_cred, 7166bc1e9cdSJohn Baldwin struct ksem *ks, struct label *kslabel) 7176bc1e9cdSJohn Baldwin { 7186bc1e9cdSJohn Baldwin 7196bc1e9cdSJohn Baldwin return (0); 7206bc1e9cdSJohn Baldwin } 7216bc1e9cdSJohn Baldwin 7226bc1e9cdSJohn Baldwin static int 7239c00bb91SKonstantin Belousov stub_posixsem_check_setmode(struct ucred *cred, struct ksem *ks, 7249c00bb91SKonstantin Belousov struct label *kslabel, mode_t mode) 7259c00bb91SKonstantin Belousov { 7269c00bb91SKonstantin Belousov 7279c00bb91SKonstantin Belousov return (0); 7289c00bb91SKonstantin Belousov } 7299c00bb91SKonstantin Belousov 7309c00bb91SKonstantin Belousov static int 7319c00bb91SKonstantin Belousov stub_posixsem_check_setowner(struct ucred *cred, struct ksem *ks, 7329c00bb91SKonstantin Belousov struct label *kslabel, uid_t uid, gid_t gid) 7339c00bb91SKonstantin Belousov { 7349c00bb91SKonstantin Belousov 7359c00bb91SKonstantin Belousov return (0); 7369c00bb91SKonstantin Belousov } 7379c00bb91SKonstantin Belousov 7389c00bb91SKonstantin Belousov static int 7396bc1e9cdSJohn Baldwin stub_posixsem_check_stat(struct ucred *active_cred, struct ucred *file_cred, 7406bc1e9cdSJohn Baldwin struct ksem *ks, struct label *kslabel) 74152648411SRobert Watson { 74252648411SRobert Watson 74352648411SRobert Watson return (0); 74452648411SRobert Watson } 74552648411SRobert Watson 74652648411SRobert Watson static int 74730d239bcSRobert Watson stub_posixsem_check_unlink(struct ucred *cred, struct ksem *ks, 748fe09513eSRobert Watson struct label *kslabel) 74952648411SRobert Watson { 75052648411SRobert Watson 75152648411SRobert Watson return (0); 75252648411SRobert Watson } 75352648411SRobert Watson 75452648411SRobert Watson static int 7556bc1e9cdSJohn Baldwin stub_posixsem_check_wait(struct ucred *active_cred, struct ucred *file_cred, 7566bc1e9cdSJohn Baldwin struct ksem *ks, struct label *kslabel) 75752648411SRobert Watson { 75852648411SRobert Watson 75952648411SRobert Watson return (0); 76052648411SRobert Watson } 76152648411SRobert Watson 762eb320b0eSRobert Watson static void 763eb320b0eSRobert Watson stub_posixsem_create(struct ucred *cred, struct ksem *ks, 764eb320b0eSRobert Watson struct label *kslabel) 765eb320b0eSRobert Watson { 766eb320b0eSRobert Watson 767eb320b0eSRobert Watson } 768eb320b0eSRobert Watson 769eb320b0eSRobert Watson static int 7709b6dd12eSRobert Watson stub_posixshm_check_create(struct ucred *cred, const char *path) 7719b6dd12eSRobert Watson { 7729b6dd12eSRobert Watson 7739b6dd12eSRobert Watson return (0); 7749b6dd12eSRobert Watson } 7759b6dd12eSRobert Watson 7769b6dd12eSRobert Watson static int 7778e38aeffSJohn Baldwin stub_posixshm_check_mmap(struct ucred *cred, struct shmfd *shmfd, 7788e38aeffSJohn Baldwin struct label *shmlabel, int prot, int flags) 7798e38aeffSJohn Baldwin { 7808e38aeffSJohn Baldwin 7818e38aeffSJohn Baldwin return (0); 7828e38aeffSJohn Baldwin } 7838e38aeffSJohn Baldwin 7848e38aeffSJohn Baldwin static int 7858e38aeffSJohn Baldwin stub_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd, 7869b6dd12eSRobert Watson struct label *shmlabel, accmode_t accmode) 7878e38aeffSJohn Baldwin { 7888e38aeffSJohn Baldwin 7898e38aeffSJohn Baldwin return (0); 7908e38aeffSJohn Baldwin } 7918e38aeffSJohn Baldwin 7928e38aeffSJohn Baldwin static int 793940cb0e2SKonstantin Belousov stub_posixshm_check_read(struct ucred *active_cred, struct ucred *file_cred, 794940cb0e2SKonstantin Belousov struct shmfd *shm, struct label *shmlabel) 795940cb0e2SKonstantin Belousov { 796940cb0e2SKonstantin Belousov 797940cb0e2SKonstantin Belousov return (0); 798940cb0e2SKonstantin Belousov } 799940cb0e2SKonstantin Belousov 800940cb0e2SKonstantin Belousov static int 8019c00bb91SKonstantin Belousov stub_posixshm_check_setmode(struct ucred *cred, struct shmfd *shmfd, 8029c00bb91SKonstantin Belousov struct label *shmlabel, mode_t mode) 8039c00bb91SKonstantin Belousov { 8049c00bb91SKonstantin Belousov 8059c00bb91SKonstantin Belousov return (0); 8069c00bb91SKonstantin Belousov } 8079c00bb91SKonstantin Belousov 8089c00bb91SKonstantin Belousov static int 8099c00bb91SKonstantin Belousov stub_posixshm_check_setowner(struct ucred *cred, struct shmfd *shmfd, 8109c00bb91SKonstantin Belousov struct label *shmlabel, uid_t uid, gid_t gid) 8119c00bb91SKonstantin Belousov { 8129c00bb91SKonstantin Belousov 8139c00bb91SKonstantin Belousov return (0); 8149c00bb91SKonstantin Belousov } 8159c00bb91SKonstantin Belousov 8169c00bb91SKonstantin Belousov static int 8178e38aeffSJohn Baldwin stub_posixshm_check_stat(struct ucred *active_cred, struct ucred *file_cred, 8188e38aeffSJohn Baldwin struct shmfd *shmfd, struct label *shmlabel) 8198e38aeffSJohn Baldwin { 8208e38aeffSJohn Baldwin 8218e38aeffSJohn Baldwin return (0); 8228e38aeffSJohn Baldwin } 8238e38aeffSJohn Baldwin 8248e38aeffSJohn Baldwin static int 8258e38aeffSJohn Baldwin stub_posixshm_check_truncate(struct ucred *active_cred, 8268e38aeffSJohn Baldwin struct ucred *file_cred, struct shmfd *shmfd, struct label *shmlabel) 8278e38aeffSJohn Baldwin { 8288e38aeffSJohn Baldwin 8298e38aeffSJohn Baldwin return (0); 8308e38aeffSJohn Baldwin } 8318e38aeffSJohn Baldwin 8328e38aeffSJohn Baldwin static int 8338e38aeffSJohn Baldwin stub_posixshm_check_unlink(struct ucred *cred, struct shmfd *shmfd, 8348e38aeffSJohn Baldwin struct label *shmlabel) 8358e38aeffSJohn Baldwin { 8368e38aeffSJohn Baldwin 8378e38aeffSJohn Baldwin return (0); 8388e38aeffSJohn Baldwin } 8398e38aeffSJohn Baldwin 840940cb0e2SKonstantin Belousov static int 841940cb0e2SKonstantin Belousov stub_posixshm_check_write(struct ucred *active_cred, struct ucred *file_cred, 842940cb0e2SKonstantin Belousov struct shmfd *shm, struct label *shmlabel) 843940cb0e2SKonstantin Belousov { 844940cb0e2SKonstantin Belousov 845940cb0e2SKonstantin Belousov return (0); 846940cb0e2SKonstantin Belousov } 847940cb0e2SKonstantin Belousov 8488e38aeffSJohn Baldwin static void 8498e38aeffSJohn Baldwin stub_posixshm_create(struct ucred *cred, struct shmfd *shmfd, 8508e38aeffSJohn Baldwin struct label *shmlabel) 8518e38aeffSJohn Baldwin { 8528e38aeffSJohn Baldwin 8538e38aeffSJohn Baldwin } 8548e38aeffSJohn Baldwin 8558e38aeffSJohn Baldwin static int 856eb320b0eSRobert Watson stub_priv_check(struct ucred *cred, int priv) 857eb320b0eSRobert Watson { 858eb320b0eSRobert Watson 859eb320b0eSRobert Watson return (0); 860eb320b0eSRobert Watson } 861eb320b0eSRobert Watson 862eb320b0eSRobert Watson static int 863eb320b0eSRobert Watson stub_priv_grant(struct ucred *cred, int priv) 864eb320b0eSRobert Watson { 865eb320b0eSRobert Watson 866eb320b0eSRobert Watson return (EPERM); 867eb320b0eSRobert Watson } 868eb320b0eSRobert Watson 86952648411SRobert Watson static int 87030d239bcSRobert Watson stub_proc_check_debug(struct ucred *cred, struct proc *p) 871d8a7b7a3SRobert Watson { 872d8a7b7a3SRobert Watson 873d8a7b7a3SRobert Watson return (0); 874d8a7b7a3SRobert Watson } 875d8a7b7a3SRobert Watson 876d8a7b7a3SRobert Watson static int 87730d239bcSRobert Watson stub_proc_check_sched(struct ucred *cred, struct proc *p) 878d8a7b7a3SRobert Watson { 879d8a7b7a3SRobert Watson 880d8a7b7a3SRobert Watson return (0); 881d8a7b7a3SRobert Watson } 882d8a7b7a3SRobert Watson 883d8a7b7a3SRobert Watson static int 884eb320b0eSRobert Watson stub_proc_check_signal(struct ucred *cred, struct proc *p, int signum) 885eb320b0eSRobert Watson { 886eb320b0eSRobert Watson 887eb320b0eSRobert Watson return (0); 888eb320b0eSRobert Watson } 889eb320b0eSRobert Watson 890eb320b0eSRobert Watson static int 891eb320b0eSRobert Watson stub_proc_check_wait(struct ucred *cred, struct proc *p) 892eb320b0eSRobert Watson { 893eb320b0eSRobert Watson 894eb320b0eSRobert Watson return (0); 895eb320b0eSRobert Watson } 896eb320b0eSRobert Watson 897eb320b0eSRobert Watson static int 89830d239bcSRobert Watson stub_socket_check_accept(struct ucred *cred, struct socket *so, 89978007886SRobert Watson struct label *solabel) 9007f53207bSRobert Watson { 9017f53207bSRobert Watson 9023de40469SRobert Watson #if 0 9033de40469SRobert Watson SOCK_LOCK(so); 9043de40469SRobert Watson SOCK_UNLOCK(so); 9053de40469SRobert Watson #endif 9063de40469SRobert Watson 9077f53207bSRobert Watson return (0); 9087f53207bSRobert Watson } 9097f53207bSRobert Watson 9107f53207bSRobert Watson static int 91130d239bcSRobert Watson stub_socket_check_bind(struct ucred *cred, struct socket *so, 91278007886SRobert Watson struct label *solabel, struct sockaddr *sa) 913d8a7b7a3SRobert Watson { 914d8a7b7a3SRobert Watson 9153de40469SRobert Watson #if 0 9163de40469SRobert Watson SOCK_LOCK(so); 9173de40469SRobert Watson SOCK_UNLOCK(so); 9183de40469SRobert Watson #endif 9193de40469SRobert Watson 920d8a7b7a3SRobert Watson return (0); 921d8a7b7a3SRobert Watson } 922d8a7b7a3SRobert Watson 923d8a7b7a3SRobert Watson static int 92430d239bcSRobert Watson stub_socket_check_connect(struct ucred *cred, struct socket *so, 92578007886SRobert Watson struct label *solabel, struct sockaddr *sa) 926d8a7b7a3SRobert Watson { 927d8a7b7a3SRobert Watson 9283de40469SRobert Watson #if 0 9293de40469SRobert Watson SOCK_LOCK(so); 9303de40469SRobert Watson SOCK_UNLOCK(so); 9313de40469SRobert Watson #endif 9323de40469SRobert Watson 933d8a7b7a3SRobert Watson return (0); 934d8a7b7a3SRobert Watson } 935d8a7b7a3SRobert Watson 936d8a7b7a3SRobert Watson static int 93730d239bcSRobert Watson stub_socket_check_create(struct ucred *cred, int domain, int type, int proto) 9386758f88eSRobert Watson { 9396758f88eSRobert Watson 9406758f88eSRobert Watson return (0); 9416758f88eSRobert Watson } 9426758f88eSRobert Watson 9436758f88eSRobert Watson static int 94430d239bcSRobert Watson stub_socket_check_deliver(struct socket *so, struct label *solabel, 94578007886SRobert Watson struct mbuf *m, struct label *mlabel) 946d8a7b7a3SRobert Watson { 947d8a7b7a3SRobert Watson 9483de40469SRobert Watson #if 0 9493de40469SRobert Watson SOCK_LOCK(so); 9503de40469SRobert Watson SOCK_UNLOCK(so); 9513de40469SRobert Watson #endif 9523de40469SRobert Watson 953d8a7b7a3SRobert Watson return (0); 954d8a7b7a3SRobert Watson } 955d8a7b7a3SRobert Watson 956d8a7b7a3SRobert Watson static int 95730d239bcSRobert Watson stub_socket_check_listen(struct ucred *cred, struct socket *so, 95878007886SRobert Watson struct label *solabel) 959d8a7b7a3SRobert Watson { 960d8a7b7a3SRobert Watson 9613de40469SRobert Watson #if 0 9623de40469SRobert Watson SOCK_LOCK(so); 9633de40469SRobert Watson SOCK_UNLOCK(so); 9643de40469SRobert Watson #endif 9653de40469SRobert Watson 966d8a7b7a3SRobert Watson return (0); 967d8a7b7a3SRobert Watson } 968d8a7b7a3SRobert Watson 969d8a7b7a3SRobert Watson static int 97030d239bcSRobert Watson stub_socket_check_poll(struct ucred *cred, struct socket *so, 97178007886SRobert Watson struct label *solabel) 9727f53207bSRobert Watson { 9737f53207bSRobert Watson 9743de40469SRobert Watson #if 0 9753de40469SRobert Watson SOCK_LOCK(so); 9763de40469SRobert Watson SOCK_UNLOCK(so); 9773de40469SRobert Watson #endif 9783de40469SRobert Watson 9797f53207bSRobert Watson return (0); 9807f53207bSRobert Watson } 9817f53207bSRobert Watson 9827f53207bSRobert Watson static int 98330d239bcSRobert Watson stub_socket_check_receive(struct ucred *cred, struct socket *so, 98478007886SRobert Watson struct label *solabel) 9857f53207bSRobert Watson { 9867f53207bSRobert Watson 9873de40469SRobert Watson #if 0 9883de40469SRobert Watson SOCK_LOCK(so); 9893de40469SRobert Watson SOCK_UNLOCK(so); 9903de40469SRobert Watson #endif 9913de40469SRobert Watson 9927f53207bSRobert Watson return (0); 9937f53207bSRobert Watson } 9947f53207bSRobert Watson 9957f53207bSRobert Watson static int 99630d239bcSRobert Watson stub_socket_check_relabel(struct ucred *cred, struct socket *so, 99778007886SRobert Watson struct label *solabel, struct label *newlabel) 998d8a7b7a3SRobert Watson { 999d8a7b7a3SRobert Watson 10003de40469SRobert Watson SOCK_LOCK_ASSERT(so); 10013de40469SRobert Watson 1002d8a7b7a3SRobert Watson return (0); 1003d8a7b7a3SRobert Watson } 10047f53207bSRobert Watson static int 100530d239bcSRobert Watson stub_socket_check_send(struct ucred *cred, struct socket *so, 100678007886SRobert Watson struct label *solabel) 10077f53207bSRobert Watson { 10087f53207bSRobert Watson 10093de40469SRobert Watson #if 0 10103de40469SRobert Watson SOCK_LOCK(so); 10113de40469SRobert Watson SOCK_UNLOCK(so); 10123de40469SRobert Watson #endif 10133de40469SRobert Watson 10147f53207bSRobert Watson return (0); 10157f53207bSRobert Watson } 10167f53207bSRobert Watson 10177f53207bSRobert Watson static int 101830d239bcSRobert Watson stub_socket_check_stat(struct ucred *cred, struct socket *so, 101978007886SRobert Watson struct label *solabel) 10207f53207bSRobert Watson { 10217f53207bSRobert Watson 10223de40469SRobert Watson #if 0 10233de40469SRobert Watson SOCK_LOCK(so); 10243de40469SRobert Watson SOCK_UNLOCK(so); 10253de40469SRobert Watson #endif 10263de40469SRobert Watson 10277f53207bSRobert Watson return (0); 10287f53207bSRobert Watson } 1029d8a7b7a3SRobert Watson 1030d8a7b7a3SRobert Watson static int 10317fb179baSBjoern A. Zeeb stub_inpcb_check_visible(struct ucred *cred, struct inpcb *inp, 10327fb179baSBjoern A. Zeeb struct label *inplabel) 10337fb179baSBjoern A. Zeeb { 10347fb179baSBjoern A. Zeeb 10357fb179baSBjoern A. Zeeb return (0); 10367fb179baSBjoern A. Zeeb } 10377fb179baSBjoern A. Zeeb 10387fb179baSBjoern A. Zeeb static int 103930d239bcSRobert Watson stub_socket_check_visible(struct ucred *cred, struct socket *so, 104078007886SRobert Watson struct label *solabel) 1041d8a7b7a3SRobert Watson { 1042d8a7b7a3SRobert Watson 10433de40469SRobert Watson #if 0 10443de40469SRobert Watson SOCK_LOCK(so); 10453de40469SRobert Watson SOCK_UNLOCK(so); 10463de40469SRobert Watson #endif 10473de40469SRobert Watson 1048d8a7b7a3SRobert Watson return (0); 1049d8a7b7a3SRobert Watson } 1050d8a7b7a3SRobert Watson 1051eb320b0eSRobert Watson static void 1052eb320b0eSRobert Watson stub_socket_create(struct ucred *cred, struct socket *so, 1053eb320b0eSRobert Watson struct label *solabel) 1054eb320b0eSRobert Watson { 1055eb320b0eSRobert Watson 1056eb320b0eSRobert Watson } 1057eb320b0eSRobert Watson 1058eb320b0eSRobert Watson static void 1059eb320b0eSRobert Watson stub_socket_create_mbuf(struct socket *so, struct label *solabel, 1060eb320b0eSRobert Watson struct mbuf *m, struct label *mlabel) 1061eb320b0eSRobert Watson { 1062eb320b0eSRobert Watson 10633de40469SRobert Watson #if 0 10643de40469SRobert Watson SOCK_LOCK(so); 10653de40469SRobert Watson SOCK_UNLOCK(so); 10663de40469SRobert Watson #endif 1067eb320b0eSRobert Watson } 1068eb320b0eSRobert Watson 1069eb320b0eSRobert Watson static void 1070eb320b0eSRobert Watson stub_socket_newconn(struct socket *oldso, struct label *oldsolabel, 1071eb320b0eSRobert Watson struct socket *newso, struct label *newsolabel) 1072eb320b0eSRobert Watson { 1073eb320b0eSRobert Watson 10743de40469SRobert Watson #if 0 10753de40469SRobert Watson SOCK_LOCK(oldso); 10763de40469SRobert Watson SOCK_UNLOCK(oldso); 10773de40469SRobert Watson #endif 10783de40469SRobert Watson #if 0 10793de40469SRobert Watson SOCK_LOCK(newso); 10803de40469SRobert Watson SOCK_UNLOCK(newso); 10813de40469SRobert Watson #endif 1082eb320b0eSRobert Watson } 1083eb320b0eSRobert Watson 1084eb320b0eSRobert Watson static void 1085eb320b0eSRobert Watson stub_socket_relabel(struct ucred *cred, struct socket *so, 1086eb320b0eSRobert Watson struct label *solabel, struct label *newlabel) 1087eb320b0eSRobert Watson { 1088eb320b0eSRobert Watson 10893de40469SRobert Watson SOCK_LOCK_ASSERT(so); 1090eb320b0eSRobert Watson } 1091eb320b0eSRobert Watson 1092eb320b0eSRobert Watson static void 1093eb320b0eSRobert Watson stub_socketpeer_set_from_mbuf(struct mbuf *m, struct label *mlabel, 1094eb320b0eSRobert Watson struct socket *so, struct label *sopeerlabel) 1095eb320b0eSRobert Watson { 1096eb320b0eSRobert Watson 10973de40469SRobert Watson #if 0 10983de40469SRobert Watson SOCK_LOCK(so); 10993de40469SRobert Watson SOCK_UNLOCK(so); 11003de40469SRobert Watson #endif 1101eb320b0eSRobert Watson } 1102eb320b0eSRobert Watson 1103eb320b0eSRobert Watson static void 1104eb320b0eSRobert Watson stub_socketpeer_set_from_socket(struct socket *oldso, 1105eb320b0eSRobert Watson struct label *oldsolabel, struct socket *newso, 1106eb320b0eSRobert Watson struct label *newsopeerlabel) 1107eb320b0eSRobert Watson { 1108eb320b0eSRobert Watson 11093de40469SRobert Watson #if 0 11103de40469SRobert Watson SOCK_LOCK(oldso); 11113de40469SRobert Watson SOCK_UNLOCK(oldso); 11123de40469SRobert Watson #endif 11133de40469SRobert Watson #if 0 11143de40469SRobert Watson SOCK_LOCK(newso); 11153de40469SRobert Watson SOCK_UNLOCK(newso); 11163de40469SRobert Watson #endif 1117eb320b0eSRobert Watson } 1118eb320b0eSRobert Watson 1119eb320b0eSRobert Watson static void 1120eb320b0eSRobert Watson stub_syncache_create(struct label *label, struct inpcb *inp) 1121eb320b0eSRobert Watson { 1122eb320b0eSRobert Watson 1123eb320b0eSRobert Watson } 1124eb320b0eSRobert Watson 1125eb320b0eSRobert Watson static void 1126eb320b0eSRobert Watson stub_syncache_create_mbuf(struct label *sc_label, struct mbuf *m, 1127eb320b0eSRobert Watson struct label *mlabel) 1128eb320b0eSRobert Watson { 1129eb320b0eSRobert Watson 1130eb320b0eSRobert Watson } 1131eb320b0eSRobert Watson 1132d8a7b7a3SRobert Watson static int 113330d239bcSRobert Watson stub_system_check_acct(struct ucred *cred, struct vnode *vp, 113478007886SRobert Watson struct label *vplabel) 113509de2dc2SRobert Watson { 113609de2dc2SRobert Watson 113709de2dc2SRobert Watson return (0); 113809de2dc2SRobert Watson } 113909de2dc2SRobert Watson 114009de2dc2SRobert Watson static int 114130d239bcSRobert Watson stub_system_check_audit(struct ucred *cred, void *record, int length) 114218717f69SRobert Watson { 114318717f69SRobert Watson 114418717f69SRobert Watson return (0); 114518717f69SRobert Watson } 114618717f69SRobert Watson 114718717f69SRobert Watson static int 114830d239bcSRobert Watson stub_system_check_auditctl(struct ucred *cred, struct vnode *vp, 114978007886SRobert Watson struct label *vplabel) 115018717f69SRobert Watson { 115118717f69SRobert Watson 115218717f69SRobert Watson return (0); 115318717f69SRobert Watson } 115418717f69SRobert Watson 115518717f69SRobert Watson static int 115630d239bcSRobert Watson stub_system_check_auditon(struct ucred *cred, int cmd) 115718717f69SRobert Watson { 115818717f69SRobert Watson 115918717f69SRobert Watson return (0); 116018717f69SRobert Watson } 116118717f69SRobert Watson 116218717f69SRobert Watson static int 116330d239bcSRobert Watson stub_system_check_reboot(struct ucred *cred, int how) 1164927f6069SRobert Watson { 1165927f6069SRobert Watson 1166927f6069SRobert Watson return (0); 1167927f6069SRobert Watson } 1168927f6069SRobert Watson 1169927f6069SRobert Watson static int 117030d239bcSRobert Watson stub_system_check_swapoff(struct ucred *cred, struct vnode *vp, 117178007886SRobert Watson struct label *vplabel) 1172927f6069SRobert Watson { 1173927f6069SRobert Watson 1174927f6069SRobert Watson return (0); 1175927f6069SRobert Watson } 1176927f6069SRobert Watson 1177927f6069SRobert Watson static int 117830d239bcSRobert Watson stub_system_check_swapon(struct ucred *cred, struct vnode *vp, 117978007886SRobert Watson struct label *vplabel) 118009de2dc2SRobert Watson { 118109de2dc2SRobert Watson 118209de2dc2SRobert Watson return (0); 118309de2dc2SRobert Watson } 118409de2dc2SRobert Watson 118509de2dc2SRobert Watson static int 118630d239bcSRobert Watson stub_system_check_sysctl(struct ucred *cred, struct sysctl_oid *oidp, 118763dba32bSPawel Jakub Dawidek void *arg1, int arg2, struct sysctl_req *req) 1188927f6069SRobert Watson { 1189927f6069SRobert Watson 1190927f6069SRobert Watson return (0); 1191927f6069SRobert Watson } 1192927f6069SRobert Watson 1193eb320b0eSRobert Watson static void 1194eb320b0eSRobert Watson stub_sysvmsg_cleanup(struct label *msglabel) 1195eb320b0eSRobert Watson { 1196eb320b0eSRobert Watson 1197eb320b0eSRobert Watson } 1198eb320b0eSRobert Watson 1199eb320b0eSRobert Watson static void 1200eb320b0eSRobert Watson stub_sysvmsg_create(struct ucred *cred, struct msqid_kernel *msqkptr, 1201eb320b0eSRobert Watson struct label *msqlabel, struct msg *msgptr, struct label *msglabel) 1202eb320b0eSRobert Watson { 1203eb320b0eSRobert Watson 1204eb320b0eSRobert Watson } 1205eb320b0eSRobert Watson 1206eb320b0eSRobert Watson static int 1207eb320b0eSRobert Watson stub_sysvmsq_check_msgmsq(struct ucred *cred, struct msg *msgptr, 1208eb320b0eSRobert Watson struct label *msglabel, struct msqid_kernel *msqkptr, 1209eb320b0eSRobert Watson struct label *msqklabel) 1210eb320b0eSRobert Watson { 1211eb320b0eSRobert Watson 1212eb320b0eSRobert Watson return (0); 1213eb320b0eSRobert Watson } 1214eb320b0eSRobert Watson 1215eb320b0eSRobert Watson static int 1216eb320b0eSRobert Watson stub_sysvmsq_check_msgrcv(struct ucred *cred, struct msg *msgptr, 1217eb320b0eSRobert Watson struct label *msglabel) 1218eb320b0eSRobert Watson { 1219eb320b0eSRobert Watson 1220eb320b0eSRobert Watson return (0); 1221eb320b0eSRobert Watson } 1222eb320b0eSRobert Watson 1223eb320b0eSRobert Watson static int 1224eb320b0eSRobert Watson stub_sysvmsq_check_msgrmid(struct ucred *cred, struct msg *msgptr, 1225eb320b0eSRobert Watson struct label *msglabel) 1226eb320b0eSRobert Watson { 1227eb320b0eSRobert Watson 1228eb320b0eSRobert Watson return (0); 1229eb320b0eSRobert Watson } 1230eb320b0eSRobert Watson 1231eb320b0eSRobert Watson static int 1232eb320b0eSRobert Watson stub_sysvmsq_check_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, 1233eb320b0eSRobert Watson struct label *msqklabel) 1234eb320b0eSRobert Watson { 1235eb320b0eSRobert Watson 1236eb320b0eSRobert Watson return (0); 1237eb320b0eSRobert Watson } 1238eb320b0eSRobert Watson 1239eb320b0eSRobert Watson static int 1240eb320b0eSRobert Watson stub_sysvmsq_check_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, 1241eb320b0eSRobert Watson struct label *msqklabel) 1242eb320b0eSRobert Watson { 1243eb320b0eSRobert Watson 1244eb320b0eSRobert Watson return (0); 1245eb320b0eSRobert Watson } 1246eb320b0eSRobert Watson 1247eb320b0eSRobert Watson static int 1248eb320b0eSRobert Watson stub_sysvmsq_check_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, 1249eb320b0eSRobert Watson struct label *msqklabel) 1250eb320b0eSRobert Watson { 1251eb320b0eSRobert Watson 1252eb320b0eSRobert Watson return (0); 1253eb320b0eSRobert Watson } 1254eb320b0eSRobert Watson 1255eb320b0eSRobert Watson static int 1256eb320b0eSRobert Watson stub_sysvmsq_check_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, 1257eb320b0eSRobert Watson struct label *msqklabel, int cmd) 1258eb320b0eSRobert Watson { 1259eb320b0eSRobert Watson 1260eb320b0eSRobert Watson return (0); 1261eb320b0eSRobert Watson } 1262eb320b0eSRobert Watson 1263eb320b0eSRobert Watson static void 1264eb320b0eSRobert Watson stub_sysvmsq_cleanup(struct label *msqlabel) 1265eb320b0eSRobert Watson { 1266eb320b0eSRobert Watson 1267eb320b0eSRobert Watson } 1268eb320b0eSRobert Watson 1269eb320b0eSRobert Watson static void 1270eb320b0eSRobert Watson stub_sysvmsq_create(struct ucred *cred, struct msqid_kernel *msqkptr, 1271eb320b0eSRobert Watson struct label *msqlabel) 1272eb320b0eSRobert Watson { 1273eb320b0eSRobert Watson 1274eb320b0eSRobert Watson } 1275eb320b0eSRobert Watson 1276eb320b0eSRobert Watson static int 1277eb320b0eSRobert Watson stub_sysvsem_check_semctl(struct ucred *cred, struct semid_kernel *semakptr, 1278eb320b0eSRobert Watson struct label *semaklabel, int cmd) 1279eb320b0eSRobert Watson { 1280eb320b0eSRobert Watson 1281eb320b0eSRobert Watson return (0); 1282eb320b0eSRobert Watson } 1283eb320b0eSRobert Watson 1284eb320b0eSRobert Watson static int 1285eb320b0eSRobert Watson stub_sysvsem_check_semget(struct ucred *cred, struct semid_kernel *semakptr, 1286eb320b0eSRobert Watson struct label *semaklabel) 1287eb320b0eSRobert Watson { 1288eb320b0eSRobert Watson 1289eb320b0eSRobert Watson return (0); 1290eb320b0eSRobert Watson } 1291eb320b0eSRobert Watson 1292eb320b0eSRobert Watson static int 1293eb320b0eSRobert Watson stub_sysvsem_check_semop(struct ucred *cred, struct semid_kernel *semakptr, 1294eb320b0eSRobert Watson struct label *semaklabel, size_t accesstype) 1295eb320b0eSRobert Watson { 1296eb320b0eSRobert Watson 1297eb320b0eSRobert Watson return (0); 1298eb320b0eSRobert Watson } 1299eb320b0eSRobert Watson 1300eb320b0eSRobert Watson static void 1301eb320b0eSRobert Watson stub_sysvsem_cleanup(struct label *semalabel) 1302eb320b0eSRobert Watson { 1303eb320b0eSRobert Watson 1304eb320b0eSRobert Watson } 1305eb320b0eSRobert Watson 1306eb320b0eSRobert Watson static void 1307eb320b0eSRobert Watson stub_sysvsem_create(struct ucred *cred, struct semid_kernel *semakptr, 1308eb320b0eSRobert Watson struct label *semalabel) 1309eb320b0eSRobert Watson { 1310eb320b0eSRobert Watson 1311eb320b0eSRobert Watson } 1312eb320b0eSRobert Watson 1313eb320b0eSRobert Watson static int 1314eb320b0eSRobert Watson stub_sysvshm_check_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr, 1315eb320b0eSRobert Watson struct label *shmseglabel, int shmflg) 1316eb320b0eSRobert Watson { 1317eb320b0eSRobert Watson 1318eb320b0eSRobert Watson return (0); 1319eb320b0eSRobert Watson } 1320eb320b0eSRobert Watson 1321eb320b0eSRobert Watson static int 1322eb320b0eSRobert Watson stub_sysvshm_check_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr, 1323eb320b0eSRobert Watson struct label *shmseglabel, int cmd) 1324eb320b0eSRobert Watson { 1325eb320b0eSRobert Watson 1326eb320b0eSRobert Watson return (0); 1327eb320b0eSRobert Watson } 1328eb320b0eSRobert Watson 1329eb320b0eSRobert Watson static int 1330eb320b0eSRobert Watson stub_sysvshm_check_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr, 1331eb320b0eSRobert Watson struct label *shmseglabel) 1332eb320b0eSRobert Watson { 1333eb320b0eSRobert Watson 1334eb320b0eSRobert Watson return (0); 1335eb320b0eSRobert Watson } 1336eb320b0eSRobert Watson 1337eb320b0eSRobert Watson static int 1338eb320b0eSRobert Watson stub_sysvshm_check_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr, 1339eb320b0eSRobert Watson struct label *shmseglabel, int shmflg) 1340eb320b0eSRobert Watson { 1341eb320b0eSRobert Watson 1342eb320b0eSRobert Watson return (0); 1343eb320b0eSRobert Watson } 1344eb320b0eSRobert Watson 1345eb320b0eSRobert Watson static void 1346eb320b0eSRobert Watson stub_sysvshm_cleanup(struct label *shmlabel) 1347eb320b0eSRobert Watson { 1348eb320b0eSRobert Watson 1349eb320b0eSRobert Watson } 1350eb320b0eSRobert Watson 1351eb320b0eSRobert Watson static void 1352eb320b0eSRobert Watson stub_sysvshm_create(struct ucred *cred, struct shmid_kernel *shmsegptr, 1353eb320b0eSRobert Watson struct label *shmalabel) 1354eb320b0eSRobert Watson { 1355eb320b0eSRobert Watson 1356eb320b0eSRobert Watson } 1357eb320b0eSRobert Watson 1358eb320b0eSRobert Watson static void 1359eb320b0eSRobert Watson stub_thread_userret(struct thread *td) 1360eb320b0eSRobert Watson { 1361eb320b0eSRobert Watson 1362eb320b0eSRobert Watson } 1363eb320b0eSRobert Watson 1364eb320b0eSRobert Watson static int 1365eb320b0eSRobert Watson stub_vnode_associate_extattr(struct mount *mp, struct label *mplabel, 1366eb320b0eSRobert Watson struct vnode *vp, struct label *vplabel) 1367eb320b0eSRobert Watson { 1368eb320b0eSRobert Watson 1369eb320b0eSRobert Watson return (0); 1370eb320b0eSRobert Watson } 1371eb320b0eSRobert Watson 1372eb320b0eSRobert Watson static void 1373eb320b0eSRobert Watson stub_vnode_associate_singlelabel(struct mount *mp, struct label *mplabel, 1374eb320b0eSRobert Watson struct vnode *vp, struct label *vplabel) 1375eb320b0eSRobert Watson { 1376eb320b0eSRobert Watson 1377eb320b0eSRobert Watson } 1378eb320b0eSRobert Watson 1379d8a7b7a3SRobert Watson static int 13805077415aSRobert Watson stub_vnode_check_access(struct ucred *cred, struct vnode *vp, 1381178da2a9SEdward Tomasz Napierala struct label *vplabel, accmode_t accmode) 13825077415aSRobert Watson { 13835077415aSRobert Watson 13845077415aSRobert Watson return (0); 13855077415aSRobert Watson } 13865077415aSRobert Watson 13875077415aSRobert Watson static int 13885077415aSRobert Watson stub_vnode_check_chdir(struct ucred *cred, struct vnode *dvp, 13895077415aSRobert Watson struct label *dvplabel) 13905077415aSRobert Watson { 13915077415aSRobert Watson 13925077415aSRobert Watson return (0); 13935077415aSRobert Watson } 13945077415aSRobert Watson 13955077415aSRobert Watson static int 13965077415aSRobert Watson stub_vnode_check_chroot(struct ucred *cred, struct vnode *dvp, 13975077415aSRobert Watson struct label *dvplabel) 13985077415aSRobert Watson { 13995077415aSRobert Watson 14005077415aSRobert Watson return (0); 14015077415aSRobert Watson } 14025077415aSRobert Watson 14035077415aSRobert Watson static int 14045077415aSRobert Watson stub_vnode_check_create(struct ucred *cred, struct vnode *dvp, 14055077415aSRobert Watson struct label *dvplabel, struct componentname *cnp, struct vattr *vap) 14065077415aSRobert Watson { 14075077415aSRobert Watson 14085077415aSRobert Watson return (0); 14095077415aSRobert Watson } 14105077415aSRobert Watson 14115077415aSRobert Watson static int 141230d239bcSRobert Watson stub_vnode_check_deleteacl(struct ucred *cred, struct vnode *vp, 141378007886SRobert Watson struct label *vplabel, acl_type_t type) 1414d8a7b7a3SRobert Watson { 1415d8a7b7a3SRobert Watson 1416d8a7b7a3SRobert Watson return (0); 1417d8a7b7a3SRobert Watson } 1418d8a7b7a3SRobert Watson 1419d8a7b7a3SRobert Watson static int 142030d239bcSRobert Watson stub_vnode_check_deleteextattr(struct ucred *cred, struct vnode *vp, 142178007886SRobert Watson struct label *vplabel, int attrnamespace, const char *name) 142264f00af8SRobert Watson { 142364f00af8SRobert Watson 142464f00af8SRobert Watson return (0); 142564f00af8SRobert Watson } 142664f00af8SRobert Watson 142764f00af8SRobert Watson static int 142830d239bcSRobert Watson stub_vnode_check_exec(struct ucred *cred, struct vnode *vp, 142978007886SRobert Watson struct label *vplabel, struct image_params *imgp, 1430ef5def59SRobert Watson struct label *execlabel) 1431d8a7b7a3SRobert Watson { 1432d8a7b7a3SRobert Watson 1433d8a7b7a3SRobert Watson return (0); 1434d8a7b7a3SRobert Watson } 1435d8a7b7a3SRobert Watson 1436d8a7b7a3SRobert Watson static int 143730d239bcSRobert Watson stub_vnode_check_getacl(struct ucred *cred, struct vnode *vp, 143878007886SRobert Watson struct label *vplabel, acl_type_t type) 1439d8a7b7a3SRobert Watson { 1440d8a7b7a3SRobert Watson 1441d8a7b7a3SRobert Watson return (0); 1442d8a7b7a3SRobert Watson } 1443d8a7b7a3SRobert Watson 1444d8a7b7a3SRobert Watson static int 144530d239bcSRobert Watson stub_vnode_check_getextattr(struct ucred *cred, struct vnode *vp, 1446fefd0ac8SRobert Watson struct label *vplabel, int attrnamespace, const char *name) 1447d8a7b7a3SRobert Watson { 1448d8a7b7a3SRobert Watson 1449d8a7b7a3SRobert Watson return (0); 1450d8a7b7a3SRobert Watson } 1451d8a7b7a3SRobert Watson 1452d8a7b7a3SRobert Watson static int 145330d239bcSRobert Watson stub_vnode_check_link(struct ucred *cred, struct vnode *dvp, 145478007886SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 1455c27b50f5SRobert Watson struct componentname *cnp) 1456c27b50f5SRobert Watson { 1457c27b50f5SRobert Watson 1458c27b50f5SRobert Watson return (0); 1459c27b50f5SRobert Watson } 1460c27b50f5SRobert Watson 1461c27b50f5SRobert Watson static int 146230d239bcSRobert Watson stub_vnode_check_listextattr(struct ucred *cred, struct vnode *vp, 146378007886SRobert Watson struct label *vplabel, int attrnamespace) 146464f00af8SRobert Watson { 146564f00af8SRobert Watson 146664f00af8SRobert Watson return (0); 146764f00af8SRobert Watson } 146864f00af8SRobert Watson 146964f00af8SRobert Watson static int 147030d239bcSRobert Watson stub_vnode_check_lookup(struct ucred *cred, struct vnode *dvp, 147178007886SRobert Watson struct label *dvplabel, struct componentname *cnp) 1472d8a7b7a3SRobert Watson { 1473d8a7b7a3SRobert Watson 1474d8a7b7a3SRobert Watson return (0); 1475d8a7b7a3SRobert Watson } 1476d8a7b7a3SRobert Watson 1477d8a7b7a3SRobert Watson static int 147830d239bcSRobert Watson stub_vnode_check_mmap(struct ucred *cred, struct vnode *vp, 147978007886SRobert Watson struct label *vplabel, int prot, int flags) 1480e183f80eSRobert Watson { 1481e183f80eSRobert Watson 1482e183f80eSRobert Watson return (0); 1483e183f80eSRobert Watson } 1484e183f80eSRobert Watson 148517870c06SChristian S.J. Peron static void 148630d239bcSRobert Watson stub_vnode_check_mmap_downgrade(struct ucred *cred, struct vnode *vp, 148778007886SRobert Watson struct label *vplabel, int *prot) 148817870c06SChristian S.J. Peron { 148917870c06SChristian S.J. Peron 149017870c06SChristian S.J. Peron } 149117870c06SChristian S.J. Peron 149217870c06SChristian S.J. Peron static int 149330d239bcSRobert Watson stub_vnode_check_mprotect(struct ucred *cred, struct vnode *vp, 149478007886SRobert Watson struct label *vplabel, int prot) 149517870c06SChristian S.J. Peron { 149617870c06SChristian S.J. Peron 149717870c06SChristian S.J. Peron return (0); 149817870c06SChristian S.J. Peron } 149917870c06SChristian S.J. Peron 1500e183f80eSRobert Watson static int 150130d239bcSRobert Watson stub_vnode_check_open(struct ucred *cred, struct vnode *vp, 150215bc6b2bSEdward Tomasz Napierala struct label *vplabel, accmode_t accmode) 1503d8a7b7a3SRobert Watson { 1504d8a7b7a3SRobert Watson 1505d8a7b7a3SRobert Watson return (0); 1506d8a7b7a3SRobert Watson } 1507d8a7b7a3SRobert Watson 1508d8a7b7a3SRobert Watson static int 150930d239bcSRobert Watson stub_vnode_check_poll(struct ucred *active_cred, struct ucred *file_cred, 151078007886SRobert Watson struct vnode *vp, struct label *vplabel) 15117f724f8bSRobert Watson { 15127f724f8bSRobert Watson 15137f724f8bSRobert Watson return (0); 15147f724f8bSRobert Watson } 15157f724f8bSRobert Watson 15167f724f8bSRobert Watson static int 151730d239bcSRobert Watson stub_vnode_check_read(struct ucred *active_cred, struct ucred *file_cred, 151878007886SRobert Watson struct vnode *vp, struct label *vplabel) 15197f724f8bSRobert Watson { 15207f724f8bSRobert Watson 15217f724f8bSRobert Watson return (0); 15227f724f8bSRobert Watson } 15237f724f8bSRobert Watson 15247f724f8bSRobert Watson static int 152530d239bcSRobert Watson stub_vnode_check_readdir(struct ucred *cred, struct vnode *vp, 152678007886SRobert Watson struct label *dvplabel) 1527d8a7b7a3SRobert Watson { 1528d8a7b7a3SRobert Watson 1529d8a7b7a3SRobert Watson return (0); 1530d8a7b7a3SRobert Watson } 1531d8a7b7a3SRobert Watson 1532d8a7b7a3SRobert Watson static int 153330d239bcSRobert Watson stub_vnode_check_readlink(struct ucred *cred, struct vnode *vp, 153478007886SRobert Watson struct label *vplabel) 1535d8a7b7a3SRobert Watson { 1536d8a7b7a3SRobert Watson 1537d8a7b7a3SRobert Watson return (0); 1538d8a7b7a3SRobert Watson } 1539d8a7b7a3SRobert Watson 1540d8a7b7a3SRobert Watson static int 154130d239bcSRobert Watson stub_vnode_check_relabel(struct ucred *cred, struct vnode *vp, 154278007886SRobert Watson struct label *vplabel, struct label *newlabel) 1543d8a7b7a3SRobert Watson { 1544d8a7b7a3SRobert Watson 1545d8a7b7a3SRobert Watson return (0); 1546d8a7b7a3SRobert Watson } 1547d8a7b7a3SRobert Watson 1548d8a7b7a3SRobert Watson static int 154930d239bcSRobert Watson stub_vnode_check_rename_from(struct ucred *cred, struct vnode *dvp, 155078007886SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 1551d8a7b7a3SRobert Watson struct componentname *cnp) 1552d8a7b7a3SRobert Watson { 1553d8a7b7a3SRobert Watson 1554d8a7b7a3SRobert Watson return (0); 1555d8a7b7a3SRobert Watson } 1556d8a7b7a3SRobert Watson 1557d8a7b7a3SRobert Watson static int 155830d239bcSRobert Watson stub_vnode_check_rename_to(struct ucred *cred, struct vnode *dvp, 155978007886SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 156078007886SRobert Watson int samedir, struct componentname *cnp) 1561d8a7b7a3SRobert Watson { 1562d8a7b7a3SRobert Watson 1563d8a7b7a3SRobert Watson return (0); 1564d8a7b7a3SRobert Watson } 1565d8a7b7a3SRobert Watson 1566d8a7b7a3SRobert Watson static int 156730d239bcSRobert Watson stub_vnode_check_revoke(struct ucred *cred, struct vnode *vp, 156878007886SRobert Watson struct label *vplabel) 1569d8a7b7a3SRobert Watson { 1570d8a7b7a3SRobert Watson 1571d8a7b7a3SRobert Watson return (0); 1572d8a7b7a3SRobert Watson } 1573d8a7b7a3SRobert Watson 1574d8a7b7a3SRobert Watson static int 157530d239bcSRobert Watson stub_vnode_check_setacl(struct ucred *cred, struct vnode *vp, 157678007886SRobert Watson struct label *vplabel, acl_type_t type, struct acl *acl) 1577d8a7b7a3SRobert Watson { 1578d8a7b7a3SRobert Watson 1579d8a7b7a3SRobert Watson return (0); 1580d8a7b7a3SRobert Watson } 1581d8a7b7a3SRobert Watson 1582d8a7b7a3SRobert Watson static int 158330d239bcSRobert Watson stub_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, 1584fefd0ac8SRobert Watson struct label *vplabel, int attrnamespace, const char *name) 1585d8a7b7a3SRobert Watson { 1586d8a7b7a3SRobert Watson 1587d8a7b7a3SRobert Watson return (0); 1588d8a7b7a3SRobert Watson } 1589d8a7b7a3SRobert Watson 1590d8a7b7a3SRobert Watson static int 159130d239bcSRobert Watson stub_vnode_check_setflags(struct ucred *cred, struct vnode *vp, 159278007886SRobert Watson struct label *vplabel, u_long flags) 1593d8a7b7a3SRobert Watson { 1594d8a7b7a3SRobert Watson 1595d8a7b7a3SRobert Watson return (0); 1596d8a7b7a3SRobert Watson } 1597d8a7b7a3SRobert Watson 1598d8a7b7a3SRobert Watson static int 159930d239bcSRobert Watson stub_vnode_check_setmode(struct ucred *cred, struct vnode *vp, 160078007886SRobert Watson struct label *vplabel, mode_t mode) 1601d8a7b7a3SRobert Watson { 1602d8a7b7a3SRobert Watson 1603d8a7b7a3SRobert Watson return (0); 1604d8a7b7a3SRobert Watson } 1605d8a7b7a3SRobert Watson 1606d8a7b7a3SRobert Watson static int 160730d239bcSRobert Watson stub_vnode_check_setowner(struct ucred *cred, struct vnode *vp, 160878007886SRobert Watson struct label *vplabel, uid_t uid, gid_t gid) 1609d8a7b7a3SRobert Watson { 1610d8a7b7a3SRobert Watson 1611d8a7b7a3SRobert Watson return (0); 1612d8a7b7a3SRobert Watson } 1613d8a7b7a3SRobert Watson 1614d8a7b7a3SRobert Watson static int 161530d239bcSRobert Watson stub_vnode_check_setutimes(struct ucred *cred, struct vnode *vp, 161678007886SRobert Watson struct label *vplabel, struct timespec atime, struct timespec mtime) 1617d8a7b7a3SRobert Watson { 1618d8a7b7a3SRobert Watson 1619d8a7b7a3SRobert Watson return (0); 1620d8a7b7a3SRobert Watson } 1621d8a7b7a3SRobert Watson 1622d8a7b7a3SRobert Watson static int 162330d239bcSRobert Watson stub_vnode_check_stat(struct ucred *active_cred, struct ucred *file_cred, 162478007886SRobert Watson struct vnode *vp, struct label *vplabel) 1625d8a7b7a3SRobert Watson { 1626d8a7b7a3SRobert Watson 1627d8a7b7a3SRobert Watson return (0); 1628d8a7b7a3SRobert Watson } 1629d8a7b7a3SRobert Watson 16307f724f8bSRobert Watson static int 163130d239bcSRobert Watson stub_vnode_check_unlink(struct ucred *cred, struct vnode *dvp, 163245e0f3d6SRobert Watson struct label *dvplabel, struct vnode *vp, struct label *vplabel, 163345e0f3d6SRobert Watson struct componentname *cnp) 163445e0f3d6SRobert Watson { 163545e0f3d6SRobert Watson 163645e0f3d6SRobert Watson return (0); 163745e0f3d6SRobert Watson } 163845e0f3d6SRobert Watson 163945e0f3d6SRobert Watson static int 164030d239bcSRobert Watson stub_vnode_check_write(struct ucred *active_cred, struct ucred *file_cred, 164178007886SRobert Watson struct vnode *vp, struct label *vplabel) 16427f724f8bSRobert Watson { 16437f724f8bSRobert Watson 16447f724f8bSRobert Watson return (0); 16457f724f8bSRobert Watson } 16467f724f8bSRobert Watson 1647403b781eSRobert Watson static int 1648eb320b0eSRobert Watson stub_vnode_create_extattr(struct ucred *cred, struct mount *mp, 1649eb320b0eSRobert Watson struct label *mntlabel, struct vnode *dvp, struct label *dvplabel, 1650eb320b0eSRobert Watson struct vnode *vp, struct label *vplabel, struct componentname *cnp) 1651403b781eSRobert Watson { 1652403b781eSRobert Watson 1653403b781eSRobert Watson return (0); 1654403b781eSRobert Watson } 1655403b781eSRobert Watson 1656eb320b0eSRobert Watson static void 1657eb320b0eSRobert Watson stub_vnode_execve_transition(struct ucred *old, struct ucred *new, 1658eb320b0eSRobert Watson struct vnode *vp, struct label *vplabel, struct label *interpvplabel, 1659eb320b0eSRobert Watson struct image_params *imgp, struct label *execlabel) 1660403b781eSRobert Watson { 1661403b781eSRobert Watson 1662403b781eSRobert Watson } 1663403b781eSRobert Watson 1664eb320b0eSRobert Watson static int 1665eb320b0eSRobert Watson stub_vnode_execve_will_transition(struct ucred *old, struct vnode *vp, 1666eb320b0eSRobert Watson struct label *vplabel, struct label *interpvplabel, 1667eb320b0eSRobert Watson struct image_params *imgp, struct label *execlabel) 1668eb320b0eSRobert Watson { 1669eb320b0eSRobert Watson 1670eb320b0eSRobert Watson return (0); 1671eb320b0eSRobert Watson } 1672eb320b0eSRobert Watson 1673eb320b0eSRobert Watson static void 1674eb320b0eSRobert Watson stub_vnode_relabel(struct ucred *cred, struct vnode *vp, 1675eb320b0eSRobert Watson struct label *vplabel, struct label *label) 1676eb320b0eSRobert Watson { 1677eb320b0eSRobert Watson 1678eb320b0eSRobert Watson } 1679eb320b0eSRobert Watson 1680eb320b0eSRobert Watson static int 1681eb320b0eSRobert Watson stub_vnode_setlabel_extattr(struct ucred *cred, struct vnode *vp, 1682eb320b0eSRobert Watson struct label *vplabel, struct label *intlabel) 1683eb320b0eSRobert Watson { 1684eb320b0eSRobert Watson 1685eb320b0eSRobert Watson return (0); 1686eb320b0eSRobert Watson } 1687eb320b0eSRobert Watson 1688eb320b0eSRobert Watson /* 1689eb320b0eSRobert Watson * Register functions with MAC Framework policy entry points. 1690eb320b0eSRobert Watson */ 16913f1a7a90SRobert Watson static struct mac_policy_ops stub_ops = 1692d8a7b7a3SRobert Watson { 16931c3f91cdSRobert Watson .mpo_destroy = stub_destroy, 16941c3f91cdSRobert Watson .mpo_init = stub_init, 16951c3f91cdSRobert Watson .mpo_syscall = stub_syscall, 1696eb320b0eSRobert Watson 1697eb320b0eSRobert Watson .mpo_bpfdesc_check_receive = stub_bpfdesc_check_receive, 1698eb320b0eSRobert Watson .mpo_bpfdesc_create = stub_bpfdesc_create, 1699eb320b0eSRobert Watson .mpo_bpfdesc_create_mbuf = stub_bpfdesc_create_mbuf, 170030d239bcSRobert Watson .mpo_bpfdesc_destroy_label = stub_destroy_label, 1701eb320b0eSRobert Watson .mpo_bpfdesc_init_label = stub_init_label, 1702eb320b0eSRobert Watson 1703212ab0cfSRobert Watson .mpo_cred_associate_nfsd = stub_cred_associate_nfsd, 1704eb320b0eSRobert Watson .mpo_cred_check_relabel = stub_cred_check_relabel, 17056f6174a7SRobert Watson .mpo_cred_check_setaudit = stub_cred_check_setaudit, 17066f6174a7SRobert Watson .mpo_cred_check_setaudit_addr = stub_cred_check_setaudit_addr, 17076f6174a7SRobert Watson .mpo_cred_check_setauid = stub_cred_check_setauid, 1708*ddb3eb4eSOlivier Certner .mpo_cred_setcred_enter = stub_cred_setcred_enter, 1709*ddb3eb4eSOlivier Certner .mpo_cred_check_setcred = stub_cred_check_setcred, 1710*ddb3eb4eSOlivier Certner .mpo_cred_setcred_exit = stub_cred_setcred_exit, 17116f6174a7SRobert Watson .mpo_cred_check_setegid = stub_cred_check_setegid, 17126f6174a7SRobert Watson .mpo_cred_check_seteuid = stub_cred_check_seteuid, 17136f6174a7SRobert Watson .mpo_cred_check_setgid = stub_cred_check_setgid, 17146f6174a7SRobert Watson .mpo_cred_check_setgroups = stub_cred_check_setgroups, 17156f6174a7SRobert Watson .mpo_cred_check_setregid = stub_cred_check_setregid, 17166f6174a7SRobert Watson .mpo_cred_check_setresgid = stub_cred_check_setresgid, 17176f6174a7SRobert Watson .mpo_cred_check_setresuid = stub_cred_check_setresuid, 17186f6174a7SRobert Watson .mpo_cred_check_setreuid = stub_cred_check_setreuid, 17196f6174a7SRobert Watson .mpo_cred_check_setuid = stub_cred_check_setuid, 1720eb320b0eSRobert Watson .mpo_cred_check_visible = stub_cred_check_visible, 172130d239bcSRobert Watson .mpo_cred_copy_label = stub_copy_label, 1722212ab0cfSRobert Watson .mpo_cred_create_init = stub_cred_create_init, 1723212ab0cfSRobert Watson .mpo_cred_create_swapper = stub_cred_create_swapper, 1724eb320b0eSRobert Watson .mpo_cred_destroy_label = stub_destroy_label, 172530d239bcSRobert Watson .mpo_cred_externalize_label = stub_externalize_label, 1726eb320b0eSRobert Watson .mpo_cred_init_label = stub_init_label, 172730d239bcSRobert Watson .mpo_cred_internalize_label = stub_internalize_label, 1728eb320b0eSRobert Watson .mpo_cred_relabel= stub_cred_relabel, 1729eb320b0eSRobert Watson 17302449b9e5SMitchell Horne .mpo_ddb_command_exec = stub_ddb_command_exec, 17312449b9e5SMitchell Horne .mpo_ddb_command_register = stub_ddb_command_register, 17322449b9e5SMitchell Horne 173330d239bcSRobert Watson .mpo_devfs_create_device = stub_devfs_create_device, 173430d239bcSRobert Watson .mpo_devfs_create_directory = stub_devfs_create_directory, 173530d239bcSRobert Watson .mpo_devfs_create_symlink = stub_devfs_create_symlink, 1736eb320b0eSRobert Watson .mpo_devfs_destroy_label = stub_destroy_label, 1737eb320b0eSRobert Watson .mpo_devfs_init_label = stub_init_label, 173830d239bcSRobert Watson .mpo_devfs_update = stub_devfs_update, 1739eb320b0eSRobert Watson .mpo_devfs_vnode_associate = stub_devfs_vnode_associate, 1740eb320b0eSRobert Watson 174130d239bcSRobert Watson .mpo_ifnet_check_relabel = stub_ifnet_check_relabel, 174230d239bcSRobert Watson .mpo_ifnet_check_transmit = stub_ifnet_check_transmit, 1743eb320b0eSRobert Watson .mpo_ifnet_copy_label = stub_copy_label, 1744eb320b0eSRobert Watson .mpo_ifnet_create = stub_ifnet_create, 1745eb320b0eSRobert Watson .mpo_ifnet_create_mbuf = stub_ifnet_create_mbuf, 1746eb320b0eSRobert Watson .mpo_ifnet_destroy_label = stub_destroy_label, 1747eb320b0eSRobert Watson .mpo_ifnet_externalize_label = stub_externalize_label, 1748eb320b0eSRobert Watson .mpo_ifnet_init_label = stub_init_label, 1749eb320b0eSRobert Watson .mpo_ifnet_internalize_label = stub_internalize_label, 1750eb320b0eSRobert Watson .mpo_ifnet_relabel = stub_ifnet_relabel, 1751eb320b0eSRobert Watson 175230d239bcSRobert Watson .mpo_inpcb_check_deliver = stub_inpcb_check_deliver, 17537fb179baSBjoern A. Zeeb .mpo_inpcb_check_visible = stub_inpcb_check_visible, 1754eb320b0eSRobert Watson .mpo_inpcb_create = stub_inpcb_create, 1755eb320b0eSRobert Watson .mpo_inpcb_create_mbuf = stub_inpcb_create_mbuf, 1756eb320b0eSRobert Watson .mpo_inpcb_destroy_label = stub_destroy_label, 1757eb320b0eSRobert Watson .mpo_inpcb_init_label = stub_init_label_waitcheck, 1758eb320b0eSRobert Watson .mpo_inpcb_sosetlabel = stub_inpcb_sosetlabel, 1759eb320b0eSRobert Watson 1760048e1287SRobert Watson .mpo_ip6q_create = stub_ip6q_create, 1761048e1287SRobert Watson .mpo_ip6q_destroy_label = stub_destroy_label, 1762048e1287SRobert Watson .mpo_ip6q_init_label = stub_init_label_waitcheck, 1763048e1287SRobert Watson .mpo_ip6q_match = stub_ip6q_match, 1764048e1287SRobert Watson .mpo_ip6q_update = stub_ip6q_update, 1765048e1287SRobert Watson .mpo_ip6q_reassemble = stub_ip6q_reassemble, 1766048e1287SRobert Watson 1767eb320b0eSRobert Watson .mpo_ipq_create = stub_ipq_create, 1768eb320b0eSRobert Watson .mpo_ipq_destroy_label = stub_destroy_label, 1769eb320b0eSRobert Watson .mpo_ipq_init_label = stub_init_label_waitcheck, 1770eb320b0eSRobert Watson .mpo_ipq_match = stub_ipq_match, 1771eb320b0eSRobert Watson .mpo_ipq_update = stub_ipq_update, 1772eb320b0eSRobert Watson .mpo_ipq_reassemble = stub_ipq_reassemble, 1773eb320b0eSRobert Watson 17742449b9e5SMitchell Horne .mpo_kdb_check_backend = stub_kdb_check_backend, 17752449b9e5SMitchell Horne 177630d239bcSRobert Watson .mpo_kenv_check_dump = stub_kenv_check_dump, 177730d239bcSRobert Watson .mpo_kenv_check_get = stub_kenv_check_get, 177830d239bcSRobert Watson .mpo_kenv_check_set = stub_kenv_check_set, 177930d239bcSRobert Watson .mpo_kenv_check_unset = stub_kenv_check_unset, 1780eb320b0eSRobert Watson 178130d239bcSRobert Watson .mpo_kld_check_load = stub_kld_check_load, 178230d239bcSRobert Watson .mpo_kld_check_stat = stub_kld_check_stat, 1783eb320b0eSRobert Watson 1784eb320b0eSRobert Watson .mpo_mbuf_copy_label = stub_copy_label, 1785eb320b0eSRobert Watson .mpo_mbuf_destroy_label = stub_destroy_label, 1786eb320b0eSRobert Watson .mpo_mbuf_init_label = stub_init_label_waitcheck, 1787eb320b0eSRobert Watson 178830d239bcSRobert Watson .mpo_mount_check_stat = stub_mount_check_stat, 1789eb320b0eSRobert Watson .mpo_mount_create = stub_mount_create, 1790eb320b0eSRobert Watson .mpo_mount_destroy_label = stub_destroy_label, 1791eb320b0eSRobert Watson .mpo_mount_init_label = stub_init_label, 1792eb320b0eSRobert Watson 1793eb320b0eSRobert Watson .mpo_netinet_arp_send = stub_netinet_arp_send, 1794eb320b0eSRobert Watson .mpo_netinet_firewall_reply = stub_netinet_firewall_reply, 1795eb320b0eSRobert Watson .mpo_netinet_firewall_send = stub_netinet_firewall_send, 1796eb320b0eSRobert Watson .mpo_netinet_fragment = stub_netinet_fragment, 1797eb320b0eSRobert Watson .mpo_netinet_icmp_reply = stub_netinet_icmp_reply, 1798eb320b0eSRobert Watson .mpo_netinet_icmp_replyinplace = stub_netinet_icmp_replyinplace, 1799eb320b0eSRobert Watson .mpo_netinet_tcp_reply = stub_netinet_tcp_reply, 1800eb320b0eSRobert Watson .mpo_netinet_igmp_send = stub_netinet_igmp_send, 1801eb320b0eSRobert Watson 1802eb320b0eSRobert Watson .mpo_netinet6_nd6_send = stub_netinet6_nd6_send, 1803eb320b0eSRobert Watson 180430d239bcSRobert Watson .mpo_pipe_check_ioctl = stub_pipe_check_ioctl, 180530d239bcSRobert Watson .mpo_pipe_check_poll = stub_pipe_check_poll, 180630d239bcSRobert Watson .mpo_pipe_check_read = stub_pipe_check_read, 180730d239bcSRobert Watson .mpo_pipe_check_relabel = stub_pipe_check_relabel, 180830d239bcSRobert Watson .mpo_pipe_check_stat = stub_pipe_check_stat, 180930d239bcSRobert Watson .mpo_pipe_check_write = stub_pipe_check_write, 1810eb320b0eSRobert Watson .mpo_pipe_copy_label = stub_copy_label, 1811eb320b0eSRobert Watson .mpo_pipe_create = stub_pipe_create, 1812eb320b0eSRobert Watson .mpo_pipe_destroy_label = stub_destroy_label, 1813eb320b0eSRobert Watson .mpo_pipe_externalize_label = stub_externalize_label, 1814eb320b0eSRobert Watson .mpo_pipe_init_label = stub_init_label, 1815eb320b0eSRobert Watson .mpo_pipe_internalize_label = stub_internalize_label, 1816eb320b0eSRobert Watson .mpo_pipe_relabel = stub_pipe_relabel, 1817eb320b0eSRobert Watson 181830d239bcSRobert Watson .mpo_posixsem_check_getvalue = stub_posixsem_check_getvalue, 181930d239bcSRobert Watson .mpo_posixsem_check_open = stub_posixsem_check_open, 182030d239bcSRobert Watson .mpo_posixsem_check_post = stub_posixsem_check_post, 18219c00bb91SKonstantin Belousov .mpo_posixsem_check_setmode = stub_posixsem_check_setmode, 18229c00bb91SKonstantin Belousov .mpo_posixsem_check_setowner = stub_posixsem_check_setowner, 18236bc1e9cdSJohn Baldwin .mpo_posixsem_check_stat = stub_posixsem_check_stat, 182430d239bcSRobert Watson .mpo_posixsem_check_unlink = stub_posixsem_check_unlink, 182530d239bcSRobert Watson .mpo_posixsem_check_wait = stub_posixsem_check_wait, 1826eb320b0eSRobert Watson .mpo_posixsem_create = stub_posixsem_create, 1827eb320b0eSRobert Watson .mpo_posixsem_destroy_label = stub_destroy_label, 1828eb320b0eSRobert Watson .mpo_posixsem_init_label = stub_init_label, 1829eb320b0eSRobert Watson 18309b6dd12eSRobert Watson .mpo_posixshm_check_create = stub_posixshm_check_create, 18318e38aeffSJohn Baldwin .mpo_posixshm_check_mmap = stub_posixshm_check_mmap, 18328e38aeffSJohn Baldwin .mpo_posixshm_check_open = stub_posixshm_check_open, 1833940cb0e2SKonstantin Belousov .mpo_posixshm_check_read = stub_posixshm_check_read, 18349c00bb91SKonstantin Belousov .mpo_posixshm_check_setmode = stub_posixshm_check_setmode, 18359c00bb91SKonstantin Belousov .mpo_posixshm_check_setowner = stub_posixshm_check_setowner, 18368e38aeffSJohn Baldwin .mpo_posixshm_check_stat = stub_posixshm_check_stat, 18378e38aeffSJohn Baldwin .mpo_posixshm_check_truncate = stub_posixshm_check_truncate, 18388e38aeffSJohn Baldwin .mpo_posixshm_check_unlink = stub_posixshm_check_unlink, 1839940cb0e2SKonstantin Belousov .mpo_posixshm_check_write = stub_posixshm_check_write, 18408e38aeffSJohn Baldwin .mpo_posixshm_create = stub_posixshm_create, 18418e38aeffSJohn Baldwin .mpo_posixshm_destroy_label = stub_destroy_label, 18428e38aeffSJohn Baldwin .mpo_posixshm_init_label = stub_init_label, 18438e38aeffSJohn Baldwin 1844eb320b0eSRobert Watson .mpo_priv_check = stub_priv_check, 1845eb320b0eSRobert Watson .mpo_priv_grant = stub_priv_grant, 1846eb320b0eSRobert Watson 184730d239bcSRobert Watson .mpo_proc_check_debug = stub_proc_check_debug, 184830d239bcSRobert Watson .mpo_proc_check_sched = stub_proc_check_sched, 184930d239bcSRobert Watson .mpo_proc_check_signal = stub_proc_check_signal, 185030d239bcSRobert Watson .mpo_proc_check_wait = stub_proc_check_wait, 1851eb320b0eSRobert Watson 185230d239bcSRobert Watson .mpo_socket_check_accept = stub_socket_check_accept, 185330d239bcSRobert Watson .mpo_socket_check_bind = stub_socket_check_bind, 185430d239bcSRobert Watson .mpo_socket_check_connect = stub_socket_check_connect, 185530d239bcSRobert Watson .mpo_socket_check_create = stub_socket_check_create, 185630d239bcSRobert Watson .mpo_socket_check_deliver = stub_socket_check_deliver, 185730d239bcSRobert Watson .mpo_socket_check_listen = stub_socket_check_listen, 185830d239bcSRobert Watson .mpo_socket_check_poll = stub_socket_check_poll, 185930d239bcSRobert Watson .mpo_socket_check_receive = stub_socket_check_receive, 186030d239bcSRobert Watson .mpo_socket_check_relabel = stub_socket_check_relabel, 186130d239bcSRobert Watson .mpo_socket_check_send = stub_socket_check_send, 186230d239bcSRobert Watson .mpo_socket_check_stat = stub_socket_check_stat, 186330d239bcSRobert Watson .mpo_socket_check_visible = stub_socket_check_visible, 1864eb320b0eSRobert Watson .mpo_socket_copy_label = stub_copy_label, 1865eb320b0eSRobert Watson .mpo_socket_create = stub_socket_create, 1866eb320b0eSRobert Watson .mpo_socket_create_mbuf = stub_socket_create_mbuf, 1867eb320b0eSRobert Watson .mpo_socket_destroy_label = stub_destroy_label, 1868eb320b0eSRobert Watson .mpo_socket_externalize_label = stub_externalize_label, 1869eb320b0eSRobert Watson .mpo_socket_init_label = stub_init_label_waitcheck, 1870eb320b0eSRobert Watson .mpo_socket_internalize_label = stub_internalize_label, 1871eb320b0eSRobert Watson .mpo_socket_newconn = stub_socket_newconn, 1872eb320b0eSRobert Watson .mpo_socket_relabel = stub_socket_relabel, 1873eb320b0eSRobert Watson 1874eb320b0eSRobert Watson .mpo_socketpeer_destroy_label = stub_destroy_label, 1875eb320b0eSRobert Watson .mpo_socketpeer_externalize_label = stub_externalize_label, 1876eb320b0eSRobert Watson .mpo_socketpeer_init_label = stub_init_label_waitcheck, 1877eb320b0eSRobert Watson .mpo_socketpeer_set_from_mbuf = stub_socketpeer_set_from_mbuf, 1878eb320b0eSRobert Watson .mpo_socketpeer_set_from_socket = stub_socketpeer_set_from_socket, 1879eb320b0eSRobert Watson 1880eb320b0eSRobert Watson .mpo_syncache_init_label = stub_init_label_waitcheck, 1881eb320b0eSRobert Watson .mpo_syncache_destroy_label = stub_destroy_label, 1882eb320b0eSRobert Watson .mpo_syncache_create = stub_syncache_create, 1883eb320b0eSRobert Watson .mpo_syncache_create_mbuf= stub_syncache_create_mbuf, 1884eb320b0eSRobert Watson 1885eb320b0eSRobert Watson .mpo_sysvmsg_cleanup = stub_sysvmsg_cleanup, 1886eb320b0eSRobert Watson .mpo_sysvmsg_create = stub_sysvmsg_create, 1887eb320b0eSRobert Watson .mpo_sysvmsg_destroy_label = stub_destroy_label, 1888eb320b0eSRobert Watson .mpo_sysvmsg_init_label = stub_init_label, 1889eb320b0eSRobert Watson 1890eb320b0eSRobert Watson .mpo_sysvmsq_check_msgmsq = stub_sysvmsq_check_msgmsq, 1891eb320b0eSRobert Watson .mpo_sysvmsq_check_msgrcv = stub_sysvmsq_check_msgrcv, 1892eb320b0eSRobert Watson .mpo_sysvmsq_check_msgrmid = stub_sysvmsq_check_msgrmid, 1893eb320b0eSRobert Watson .mpo_sysvmsq_check_msqget = stub_sysvmsq_check_msqget, 1894eb320b0eSRobert Watson .mpo_sysvmsq_check_msqsnd = stub_sysvmsq_check_msqsnd, 1895eb320b0eSRobert Watson .mpo_sysvmsq_check_msqrcv = stub_sysvmsq_check_msqrcv, 1896eb320b0eSRobert Watson .mpo_sysvmsq_check_msqctl = stub_sysvmsq_check_msqctl, 1897eb320b0eSRobert Watson .mpo_sysvmsq_cleanup = stub_sysvmsq_cleanup, 1898eb320b0eSRobert Watson .mpo_sysvmsq_create = stub_sysvmsq_create, 1899eb320b0eSRobert Watson .mpo_sysvmsq_destroy_label = stub_destroy_label, 1900eb320b0eSRobert Watson .mpo_sysvmsq_init_label = stub_init_label, 1901eb320b0eSRobert Watson 1902eb320b0eSRobert Watson .mpo_sysvsem_check_semctl = stub_sysvsem_check_semctl, 1903eb320b0eSRobert Watson .mpo_sysvsem_check_semget = stub_sysvsem_check_semget, 1904eb320b0eSRobert Watson .mpo_sysvsem_check_semop = stub_sysvsem_check_semop, 1905eb320b0eSRobert Watson .mpo_sysvsem_cleanup = stub_sysvsem_cleanup, 1906eb320b0eSRobert Watson .mpo_sysvsem_create = stub_sysvsem_create, 1907eb320b0eSRobert Watson .mpo_sysvsem_destroy_label = stub_destroy_label, 1908eb320b0eSRobert Watson .mpo_sysvsem_init_label = stub_init_label, 1909eb320b0eSRobert Watson 1910eb320b0eSRobert Watson .mpo_sysvshm_check_shmat = stub_sysvshm_check_shmat, 1911eb320b0eSRobert Watson .mpo_sysvshm_check_shmctl = stub_sysvshm_check_shmctl, 1912eb320b0eSRobert Watson .mpo_sysvshm_check_shmdt = stub_sysvshm_check_shmdt, 1913eb320b0eSRobert Watson .mpo_sysvshm_check_shmget = stub_sysvshm_check_shmget, 1914eb320b0eSRobert Watson .mpo_sysvshm_cleanup = stub_sysvshm_cleanup, 1915eb320b0eSRobert Watson .mpo_sysvshm_create = stub_sysvshm_create, 1916eb320b0eSRobert Watson .mpo_sysvshm_destroy_label = stub_destroy_label, 1917eb320b0eSRobert Watson .mpo_sysvshm_init_label = stub_init_label, 1918eb320b0eSRobert Watson 191930d239bcSRobert Watson .mpo_system_check_acct = stub_system_check_acct, 192030d239bcSRobert Watson .mpo_system_check_audit = stub_system_check_audit, 192130d239bcSRobert Watson .mpo_system_check_auditctl = stub_system_check_auditctl, 192230d239bcSRobert Watson .mpo_system_check_auditon = stub_system_check_auditon, 192330d239bcSRobert Watson .mpo_system_check_reboot = stub_system_check_reboot, 192430d239bcSRobert Watson .mpo_system_check_swapoff = stub_system_check_swapoff, 192530d239bcSRobert Watson .mpo_system_check_swapon = stub_system_check_swapon, 192630d239bcSRobert Watson .mpo_system_check_sysctl = stub_system_check_sysctl, 1927eb320b0eSRobert Watson 1928eb320b0eSRobert Watson .mpo_thread_userret = stub_thread_userret, 1929eb320b0eSRobert Watson 1930eb320b0eSRobert Watson .mpo_vnode_associate_extattr = stub_vnode_associate_extattr, 1931eb320b0eSRobert Watson .mpo_vnode_associate_singlelabel = stub_vnode_associate_singlelabel, 193230d239bcSRobert Watson .mpo_vnode_check_access = stub_vnode_check_access, 193330d239bcSRobert Watson .mpo_vnode_check_chdir = stub_vnode_check_chdir, 193430d239bcSRobert Watson .mpo_vnode_check_chroot = stub_vnode_check_chroot, 193530d239bcSRobert Watson .mpo_vnode_check_create = stub_vnode_check_create, 193630d239bcSRobert Watson .mpo_vnode_check_deleteacl = stub_vnode_check_deleteacl, 193730d239bcSRobert Watson .mpo_vnode_check_deleteextattr = stub_vnode_check_deleteextattr, 193830d239bcSRobert Watson .mpo_vnode_check_exec = stub_vnode_check_exec, 193930d239bcSRobert Watson .mpo_vnode_check_getacl = stub_vnode_check_getacl, 194030d239bcSRobert Watson .mpo_vnode_check_getextattr = stub_vnode_check_getextattr, 194130d239bcSRobert Watson .mpo_vnode_check_link = stub_vnode_check_link, 194230d239bcSRobert Watson .mpo_vnode_check_listextattr = stub_vnode_check_listextattr, 194330d239bcSRobert Watson .mpo_vnode_check_lookup = stub_vnode_check_lookup, 194430d239bcSRobert Watson .mpo_vnode_check_mmap = stub_vnode_check_mmap, 194530d239bcSRobert Watson .mpo_vnode_check_mmap_downgrade = stub_vnode_check_mmap_downgrade, 194630d239bcSRobert Watson .mpo_vnode_check_mprotect = stub_vnode_check_mprotect, 194730d239bcSRobert Watson .mpo_vnode_check_open = stub_vnode_check_open, 194830d239bcSRobert Watson .mpo_vnode_check_poll = stub_vnode_check_poll, 194930d239bcSRobert Watson .mpo_vnode_check_read = stub_vnode_check_read, 195030d239bcSRobert Watson .mpo_vnode_check_readdir = stub_vnode_check_readdir, 195130d239bcSRobert Watson .mpo_vnode_check_readlink = stub_vnode_check_readlink, 195230d239bcSRobert Watson .mpo_vnode_check_relabel = stub_vnode_check_relabel, 195330d239bcSRobert Watson .mpo_vnode_check_rename_from = stub_vnode_check_rename_from, 195430d239bcSRobert Watson .mpo_vnode_check_rename_to = stub_vnode_check_rename_to, 195530d239bcSRobert Watson .mpo_vnode_check_revoke = stub_vnode_check_revoke, 195630d239bcSRobert Watson .mpo_vnode_check_setacl = stub_vnode_check_setacl, 195730d239bcSRobert Watson .mpo_vnode_check_setextattr = stub_vnode_check_setextattr, 195830d239bcSRobert Watson .mpo_vnode_check_setflags = stub_vnode_check_setflags, 195930d239bcSRobert Watson .mpo_vnode_check_setmode = stub_vnode_check_setmode, 196030d239bcSRobert Watson .mpo_vnode_check_setowner = stub_vnode_check_setowner, 196130d239bcSRobert Watson .mpo_vnode_check_setutimes = stub_vnode_check_setutimes, 196230d239bcSRobert Watson .mpo_vnode_check_stat = stub_vnode_check_stat, 196330d239bcSRobert Watson .mpo_vnode_check_unlink = stub_vnode_check_unlink, 196430d239bcSRobert Watson .mpo_vnode_check_write = stub_vnode_check_write, 1965eb320b0eSRobert Watson .mpo_vnode_copy_label = stub_copy_label, 1966eb320b0eSRobert Watson .mpo_vnode_create_extattr = stub_vnode_create_extattr, 1967eb320b0eSRobert Watson .mpo_vnode_destroy_label = stub_destroy_label, 1968eb320b0eSRobert Watson .mpo_vnode_execve_transition = stub_vnode_execve_transition, 1969eb320b0eSRobert Watson .mpo_vnode_execve_will_transition = stub_vnode_execve_will_transition, 1970eb320b0eSRobert Watson .mpo_vnode_externalize_label = stub_externalize_label, 1971eb320b0eSRobert Watson .mpo_vnode_init_label = stub_init_label, 1972eb320b0eSRobert Watson .mpo_vnode_internalize_label = stub_internalize_label, 1973eb320b0eSRobert Watson .mpo_vnode_relabel = stub_vnode_relabel, 1974eb320b0eSRobert Watson .mpo_vnode_setlabel_extattr = stub_vnode_setlabel_extattr, 1975d8a7b7a3SRobert Watson }; 1976d8a7b7a3SRobert Watson 19773f1a7a90SRobert Watson MAC_POLICY_SET(&stub_ops, mac_stub, "TrustedBSD MAC/Stub", 19789162f64bSRobert Watson MPC_LOADTIME_FLAG_UNLOADOK, NULL); 1979