1564f8f0fSRobert Watson /*- 22087a58cSRobert Watson * Copyright (c) 1999-2002, 2008-2009 Robert N. M. Watson 3564f8f0fSRobert Watson * Copyright (c) 2001 Ilmar S. Habibulin 4564f8f0fSRobert Watson * Copyright (c) 2001-2003 Networks Associates Technology, Inc. 5564f8f0fSRobert Watson * Copyright (c) 2005 Samy Al Bahra 6564f8f0fSRobert Watson * Copyright (c) 2006 SPARTA, Inc. 7564f8f0fSRobert Watson * Copyright (c) 2008 Apple Inc. 8564f8f0fSRobert Watson * All rights reserved. 9564f8f0fSRobert Watson * 10564f8f0fSRobert Watson * This software was developed by Robert Watson and Ilmar Habibulin for the 11564f8f0fSRobert Watson * TrustedBSD Project. 12564f8f0fSRobert Watson * 13564f8f0fSRobert Watson * This software was developed for the FreeBSD Project in part by Network 14564f8f0fSRobert Watson * Associates Laboratories, the Security Research Division of Network 15564f8f0fSRobert Watson * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 16564f8f0fSRobert Watson * as part of the DARPA CHATS research program. 17564f8f0fSRobert Watson * 18564f8f0fSRobert Watson * This software was enhanced by SPARTA ISSO under SPAWAR contract 19564f8f0fSRobert Watson * N66001-04-C-6019 ("SEFOS"). 20564f8f0fSRobert Watson * 212087a58cSRobert Watson * This software was developed at the University of Cambridge Computer 222087a58cSRobert Watson * Laboratory with support from a grant from Google, Inc. 232087a58cSRobert Watson * 24564f8f0fSRobert Watson * Redistribution and use in source and binary forms, with or without 25564f8f0fSRobert Watson * modification, are permitted provided that the following conditions 26564f8f0fSRobert Watson * are met: 27564f8f0fSRobert Watson * 1. Redistributions of source code must retain the above copyright 28564f8f0fSRobert Watson * notice, this list of conditions and the following disclaimer. 29564f8f0fSRobert Watson * 2. Redistributions in binary form must reproduce the above copyright 30564f8f0fSRobert Watson * notice, this list of conditions and the following disclaimer in the 31564f8f0fSRobert Watson * documentation and/or other materials provided with the distribution. 32564f8f0fSRobert Watson * 33564f8f0fSRobert Watson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 34564f8f0fSRobert Watson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 35564f8f0fSRobert Watson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 36564f8f0fSRobert Watson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 37564f8f0fSRobert Watson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 38564f8f0fSRobert Watson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 39564f8f0fSRobert Watson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 40564f8f0fSRobert Watson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 41564f8f0fSRobert Watson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 42564f8f0fSRobert Watson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 43564f8f0fSRobert Watson * SUCH DAMAGE. 44564f8f0fSRobert Watson */ 45564f8f0fSRobert Watson 46564f8f0fSRobert Watson #include <sys/cdefs.h> 47564f8f0fSRobert Watson #include "opt_mac.h" 48564f8f0fSRobert Watson 49564f8f0fSRobert Watson #include <sys/param.h> 50564f8f0fSRobert Watson #include <sys/condvar.h> 51564f8f0fSRobert Watson #include <sys/imgact.h> 52564f8f0fSRobert Watson #include <sys/kernel.h> 53564f8f0fSRobert Watson #include <sys/lock.h> 54564f8f0fSRobert Watson #include <sys/malloc.h> 55564f8f0fSRobert Watson #include <sys/mutex.h> 56564f8f0fSRobert Watson #include <sys/mac.h> 57564f8f0fSRobert Watson #include <sys/proc.h> 58564f8f0fSRobert Watson #include <sys/sbuf.h> 592087a58cSRobert Watson #include <sys/sdt.h> 60564f8f0fSRobert Watson #include <sys/systm.h> 61564f8f0fSRobert Watson #include <sys/vnode.h> 62564f8f0fSRobert Watson #include <sys/mount.h> 63564f8f0fSRobert Watson #include <sys/file.h> 64564f8f0fSRobert Watson #include <sys/namei.h> 65564f8f0fSRobert Watson #include <sys/sysctl.h> 66564f8f0fSRobert Watson 67564f8f0fSRobert Watson #include <vm/vm.h> 68564f8f0fSRobert Watson #include <vm/pmap.h> 69564f8f0fSRobert Watson #include <vm/vm_map.h> 70564f8f0fSRobert Watson #include <vm/vm_object.h> 71564f8f0fSRobert Watson 72564f8f0fSRobert Watson #include <security/mac/mac_framework.h> 73564f8f0fSRobert Watson #include <security/mac/mac_internal.h> 74564f8f0fSRobert Watson #include <security/mac/mac_policy.h> 75564f8f0fSRobert Watson 76564f8f0fSRobert Watson struct label * 77564f8f0fSRobert Watson mac_cred_label_alloc(void) 78564f8f0fSRobert Watson { 79564f8f0fSRobert Watson struct label *label; 80564f8f0fSRobert Watson 81564f8f0fSRobert Watson label = mac_labelzone_alloc(M_WAITOK); 82fa765671SRobert Watson MAC_POLICY_PERFORM(cred_init_label, label); 83564f8f0fSRobert Watson return (label); 84564f8f0fSRobert Watson } 85564f8f0fSRobert Watson 86564f8f0fSRobert Watson void 87564f8f0fSRobert Watson mac_cred_init(struct ucred *cred) 88564f8f0fSRobert Watson { 89564f8f0fSRobert Watson 90564f8f0fSRobert Watson if (mac_labeled & MPC_OBJECT_CRED) 91564f8f0fSRobert Watson cred->cr_label = mac_cred_label_alloc(); 92564f8f0fSRobert Watson else 93564f8f0fSRobert Watson cred->cr_label = NULL; 94564f8f0fSRobert Watson } 95564f8f0fSRobert Watson 96564f8f0fSRobert Watson void 97564f8f0fSRobert Watson mac_cred_label_free(struct label *label) 98564f8f0fSRobert Watson { 99564f8f0fSRobert Watson 100fa765671SRobert Watson MAC_POLICY_PERFORM_NOSLEEP(cred_destroy_label, label); 101564f8f0fSRobert Watson mac_labelzone_free(label); 102564f8f0fSRobert Watson } 103564f8f0fSRobert Watson 104564f8f0fSRobert Watson void 105564f8f0fSRobert Watson mac_cred_destroy(struct ucred *cred) 106564f8f0fSRobert Watson { 107564f8f0fSRobert Watson 108564f8f0fSRobert Watson if (cred->cr_label != NULL) { 109564f8f0fSRobert Watson mac_cred_label_free(cred->cr_label); 110564f8f0fSRobert Watson cred->cr_label = NULL; 111564f8f0fSRobert Watson } 112564f8f0fSRobert Watson } 113564f8f0fSRobert Watson 114564f8f0fSRobert Watson /* 115564f8f0fSRobert Watson * When a thread becomes an NFS server daemon, its credential may need to be 116564f8f0fSRobert Watson * updated to reflect this so that policies can recognize when file system 117564f8f0fSRobert Watson * operations originate from the network. 118564f8f0fSRobert Watson * 119564f8f0fSRobert Watson * At some point, it would be desirable if the credential used for each NFS 120564f8f0fSRobert Watson * RPC could be set based on the RPC context (i.e., source system, etc) to 121564f8f0fSRobert Watson * provide more fine-grained access control. 122564f8f0fSRobert Watson */ 123564f8f0fSRobert Watson void 124564f8f0fSRobert Watson mac_cred_associate_nfsd(struct ucred *cred) 125564f8f0fSRobert Watson { 126564f8f0fSRobert Watson 127fa765671SRobert Watson MAC_POLICY_PERFORM_NOSLEEP(cred_associate_nfsd, cred); 128564f8f0fSRobert Watson } 129564f8f0fSRobert Watson 130564f8f0fSRobert Watson /* 131564f8f0fSRobert Watson * Initialize MAC label for the first kernel process, from which other kernel 132564f8f0fSRobert Watson * processes and threads are spawned. 133564f8f0fSRobert Watson */ 134564f8f0fSRobert Watson void 135564f8f0fSRobert Watson mac_cred_create_swapper(struct ucred *cred) 136564f8f0fSRobert Watson { 137564f8f0fSRobert Watson 138fa765671SRobert Watson MAC_POLICY_PERFORM_NOSLEEP(cred_create_swapper, cred); 139564f8f0fSRobert Watson } 140564f8f0fSRobert Watson 141564f8f0fSRobert Watson /* 142564f8f0fSRobert Watson * Initialize MAC label for the first userland process, from which other 143564f8f0fSRobert Watson * userland processes and threads are spawned. 144564f8f0fSRobert Watson */ 145564f8f0fSRobert Watson void 146564f8f0fSRobert Watson mac_cred_create_init(struct ucred *cred) 147564f8f0fSRobert Watson { 148564f8f0fSRobert Watson 149fa765671SRobert Watson MAC_POLICY_PERFORM_NOSLEEP(cred_create_init, cred); 150564f8f0fSRobert Watson } 151564f8f0fSRobert Watson 152564f8f0fSRobert Watson int 153564f8f0fSRobert Watson mac_cred_externalize_label(struct label *label, char *elements, 154564f8f0fSRobert Watson char *outbuf, size_t outbuflen) 155564f8f0fSRobert Watson { 156564f8f0fSRobert Watson int error; 157564f8f0fSRobert Watson 158fa765671SRobert Watson MAC_POLICY_EXTERNALIZE(cred, label, elements, outbuf, outbuflen); 159564f8f0fSRobert Watson 160564f8f0fSRobert Watson return (error); 161564f8f0fSRobert Watson } 162564f8f0fSRobert Watson 163564f8f0fSRobert Watson int 164564f8f0fSRobert Watson mac_cred_internalize_label(struct label *label, char *string) 165564f8f0fSRobert Watson { 166564f8f0fSRobert Watson int error; 167564f8f0fSRobert Watson 168fa765671SRobert Watson MAC_POLICY_INTERNALIZE(cred, label, string); 169564f8f0fSRobert Watson 170564f8f0fSRobert Watson return (error); 171564f8f0fSRobert Watson } 172564f8f0fSRobert Watson 173564f8f0fSRobert Watson /* 174564f8f0fSRobert Watson * When a new process is created, its label must be initialized. Generally, 175bc5ade0dSPedro F. Giffuni * this involves inheritance from the parent process, modulo possible deltas. 176564f8f0fSRobert Watson * This function allows that processing to take place. 177564f8f0fSRobert Watson */ 178564f8f0fSRobert Watson void 179564f8f0fSRobert Watson mac_cred_copy(struct ucred *src, struct ucred *dest) 180564f8f0fSRobert Watson { 181564f8f0fSRobert Watson 182fa765671SRobert Watson MAC_POLICY_PERFORM_NOSLEEP(cred_copy_label, src->cr_label, 183fa765671SRobert Watson dest->cr_label); 184564f8f0fSRobert Watson } 185564f8f0fSRobert Watson 186564f8f0fSRobert Watson /* 187564f8f0fSRobert Watson * When the subject's label changes, it may require revocation of privilege 188564f8f0fSRobert Watson * to mapped objects. This can't be done on-the-fly later with a unified 189564f8f0fSRobert Watson * buffer cache. 190564f8f0fSRobert Watson */ 191564f8f0fSRobert Watson void 192564f8f0fSRobert Watson mac_cred_relabel(struct ucred *cred, struct label *newlabel) 193564f8f0fSRobert Watson { 194564f8f0fSRobert Watson 195fa765671SRobert Watson MAC_POLICY_PERFORM_NOSLEEP(cred_relabel, cred, newlabel); 196564f8f0fSRobert Watson } 197564f8f0fSRobert Watson 1982087a58cSRobert Watson MAC_CHECK_PROBE_DEFINE2(cred_check_relabel, "struct ucred *", 1992087a58cSRobert Watson "struct label *"); 2002087a58cSRobert Watson 201564f8f0fSRobert Watson int 202564f8f0fSRobert Watson mac_cred_check_relabel(struct ucred *cred, struct label *newlabel) 203564f8f0fSRobert Watson { 204564f8f0fSRobert Watson int error; 205564f8f0fSRobert Watson 206fa765671SRobert Watson MAC_POLICY_CHECK_NOSLEEP(cred_check_relabel, cred, newlabel); 2072087a58cSRobert Watson MAC_CHECK_PROBE2(cred_check_relabel, error, cred, newlabel); 208564f8f0fSRobert Watson 209564f8f0fSRobert Watson return (error); 210564f8f0fSRobert Watson } 211564f8f0fSRobert Watson 212*ddb3eb4eSOlivier Certner /* 213*ddb3eb4eSOlivier Certner * Entry hook for setcred(). 214*ddb3eb4eSOlivier Certner * 215*ddb3eb4eSOlivier Certner * Called with no lock held by setcred() so that MAC modules may allocate memory 216*ddb3eb4eSOlivier Certner * in preparation for checking privileges. A call to this hook is always 217*ddb3eb4eSOlivier Certner * followed by a matching call to mac_cred_setcred_exit(). Between these two, 218*ddb3eb4eSOlivier Certner * setcred() may or may not call mac_cred_check_setcred(). 219*ddb3eb4eSOlivier Certner */ 220*ddb3eb4eSOlivier Certner void 221*ddb3eb4eSOlivier Certner mac_cred_setcred_enter(void) 222*ddb3eb4eSOlivier Certner { 223*ddb3eb4eSOlivier Certner MAC_POLICY_PERFORM_NOSLEEP(cred_setcred_enter); 224*ddb3eb4eSOlivier Certner } 225*ddb3eb4eSOlivier Certner 226*ddb3eb4eSOlivier Certner MAC_CHECK_PROBE_DEFINE3(cred_check_setcred, "unsigned int", "struct ucred *", 227*ddb3eb4eSOlivier Certner "struct ucred *"); 228*ddb3eb4eSOlivier Certner 229*ddb3eb4eSOlivier Certner /* 230*ddb3eb4eSOlivier Certner * Check hook for setcred(). 231*ddb3eb4eSOlivier Certner * 232*ddb3eb4eSOlivier Certner * When called, the current process' lock is held. It thus cannot perform 233*ddb3eb4eSOlivier Certner * memory allocations, which must be done in advance in 234*ddb3eb4eSOlivier Certner * mac_cred_setcred_enter(). It *MUST NOT* tamper with the process' lock. 235*ddb3eb4eSOlivier Certner */ 236*ddb3eb4eSOlivier Certner int 237*ddb3eb4eSOlivier Certner mac_cred_check_setcred(u_int flags, const struct ucred *old_cred, 238*ddb3eb4eSOlivier Certner struct ucred *new_cred) 239*ddb3eb4eSOlivier Certner { 240*ddb3eb4eSOlivier Certner int error; 241*ddb3eb4eSOlivier Certner 242*ddb3eb4eSOlivier Certner MAC_POLICY_CHECK_NOSLEEP(cred_check_setcred, flags, old_cred, new_cred); 243*ddb3eb4eSOlivier Certner MAC_CHECK_PROBE3(cred_check_setcred, error, flags, old_cred, new_cred); 244*ddb3eb4eSOlivier Certner 245*ddb3eb4eSOlivier Certner return (error); 246*ddb3eb4eSOlivier Certner } 247*ddb3eb4eSOlivier Certner 248*ddb3eb4eSOlivier Certner /* 249*ddb3eb4eSOlivier Certner * Exit hook for setcred(). 250*ddb3eb4eSOlivier Certner * 251*ddb3eb4eSOlivier Certner * Called with no lock held, exactly once per call to mac_cred_setcred_enter(). 252*ddb3eb4eSOlivier Certner */ 253*ddb3eb4eSOlivier Certner void 254*ddb3eb4eSOlivier Certner mac_cred_setcred_exit(void) 255*ddb3eb4eSOlivier Certner { 256*ddb3eb4eSOlivier Certner MAC_POLICY_PERFORM_NOSLEEP(cred_setcred_exit); 257*ddb3eb4eSOlivier Certner } 258*ddb3eb4eSOlivier Certner 2596f6174a7SRobert Watson MAC_CHECK_PROBE_DEFINE2(cred_check_setuid, "struct ucred *", "uid_t"); 2606f6174a7SRobert Watson 2616f6174a7SRobert Watson int 2626f6174a7SRobert Watson mac_cred_check_setuid(struct ucred *cred, uid_t uid) 2636f6174a7SRobert Watson { 2646f6174a7SRobert Watson int error; 2656f6174a7SRobert Watson 266fa765671SRobert Watson MAC_POLICY_CHECK_NOSLEEP(cred_check_setuid, cred, uid); 2676f6174a7SRobert Watson MAC_CHECK_PROBE2(cred_check_setuid, error, cred, uid); 2686f6174a7SRobert Watson 2696f6174a7SRobert Watson return (error); 2706f6174a7SRobert Watson } 2716f6174a7SRobert Watson 2726f6174a7SRobert Watson MAC_CHECK_PROBE_DEFINE2(cred_check_seteuid, "struct ucred *", "uid_t"); 2736f6174a7SRobert Watson 2746f6174a7SRobert Watson int 2756f6174a7SRobert Watson mac_cred_check_seteuid(struct ucred *cred, uid_t euid) 2766f6174a7SRobert Watson { 2776f6174a7SRobert Watson int error; 2786f6174a7SRobert Watson 279fa765671SRobert Watson MAC_POLICY_CHECK_NOSLEEP(cred_check_seteuid, cred, euid); 2806f6174a7SRobert Watson MAC_CHECK_PROBE2(cred_check_seteuid, error, cred, euid); 2816f6174a7SRobert Watson 2826f6174a7SRobert Watson return (error); 2836f6174a7SRobert Watson } 2846f6174a7SRobert Watson 2856f6174a7SRobert Watson MAC_CHECK_PROBE_DEFINE2(cred_check_setgid, "struct ucred *", "gid_t"); 2866f6174a7SRobert Watson 2876f6174a7SRobert Watson int 2886f6174a7SRobert Watson mac_cred_check_setgid(struct ucred *cred, gid_t gid) 2896f6174a7SRobert Watson { 2906f6174a7SRobert Watson int error; 2916f6174a7SRobert Watson 292fa765671SRobert Watson MAC_POLICY_CHECK_NOSLEEP(cred_check_setgid, cred, gid); 2936f6174a7SRobert Watson MAC_CHECK_PROBE2(cred_check_setgid, error, cred, gid); 2946f6174a7SRobert Watson 2956f6174a7SRobert Watson return (error); 2966f6174a7SRobert Watson } 2976f6174a7SRobert Watson 2986f6174a7SRobert Watson MAC_CHECK_PROBE_DEFINE2(cred_check_setegid, "struct ucred *", "gid_t"); 2996f6174a7SRobert Watson 3006f6174a7SRobert Watson int 3016f6174a7SRobert Watson mac_cred_check_setegid(struct ucred *cred, gid_t egid) 3026f6174a7SRobert Watson { 3036f6174a7SRobert Watson int error; 3046f6174a7SRobert Watson 305fa765671SRobert Watson MAC_POLICY_CHECK_NOSLEEP(cred_check_setegid, cred, egid); 3066f6174a7SRobert Watson MAC_CHECK_PROBE2(cred_check_setegid, error, cred, egid); 3076f6174a7SRobert Watson 3086f6174a7SRobert Watson return (error); 3096f6174a7SRobert Watson } 3106f6174a7SRobert Watson 3116f6174a7SRobert Watson MAC_CHECK_PROBE_DEFINE3(cred_check_setgroups, "struct ucred *", "int", 3126f6174a7SRobert Watson "gid_t *"); 3136f6174a7SRobert Watson 3146f6174a7SRobert Watson int 3156f6174a7SRobert Watson mac_cred_check_setgroups(struct ucred *cred, int ngroups, gid_t *gidset) 3166f6174a7SRobert Watson { 3176f6174a7SRobert Watson int error; 3186f6174a7SRobert Watson 319fa765671SRobert Watson MAC_POLICY_CHECK_NOSLEEP(cred_check_setgroups, cred, ngroups, gidset); 3206f6174a7SRobert Watson MAC_CHECK_PROBE3(cred_check_setgroups, error, cred, ngroups, gidset); 3216f6174a7SRobert Watson 3226f6174a7SRobert Watson return (error); 3236f6174a7SRobert Watson } 3246f6174a7SRobert Watson 3256f6174a7SRobert Watson MAC_CHECK_PROBE_DEFINE3(cred_check_setreuid, "struct ucred *", "uid_t", 3266f6174a7SRobert Watson "uid_t"); 3276f6174a7SRobert Watson 3286f6174a7SRobert Watson int 3296f6174a7SRobert Watson mac_cred_check_setreuid(struct ucred *cred, uid_t ruid, uid_t euid) 3306f6174a7SRobert Watson { 3316f6174a7SRobert Watson int error; 3326f6174a7SRobert Watson 333fa765671SRobert Watson MAC_POLICY_CHECK_NOSLEEP(cred_check_setreuid, cred, ruid, euid); 3346f6174a7SRobert Watson MAC_CHECK_PROBE3(cred_check_setreuid, error, cred, ruid, euid); 3356f6174a7SRobert Watson 3366f6174a7SRobert Watson return (error); 3376f6174a7SRobert Watson } 3386f6174a7SRobert Watson 3396f6174a7SRobert Watson MAC_CHECK_PROBE_DEFINE3(cred_check_setregid, "struct ucred *", "gid_t", 3406f6174a7SRobert Watson "gid_t"); 3416f6174a7SRobert Watson 3426f6174a7SRobert Watson int 3436f6174a7SRobert Watson mac_cred_check_setregid(struct ucred *cred, gid_t rgid, gid_t egid) 3446f6174a7SRobert Watson { 3456f6174a7SRobert Watson int error; 3466f6174a7SRobert Watson 347fa765671SRobert Watson MAC_POLICY_CHECK_NOSLEEP(cred_check_setregid, cred, rgid, egid); 3486f6174a7SRobert Watson MAC_CHECK_PROBE3(cred_check_setregid, error, cred, rgid, egid); 3496f6174a7SRobert Watson 3506f6174a7SRobert Watson return (error); 3516f6174a7SRobert Watson } 3526f6174a7SRobert Watson 3536f6174a7SRobert Watson MAC_CHECK_PROBE_DEFINE4(cred_check_setresuid, "struct ucred *", "uid_t", 3546f6174a7SRobert Watson "uid_t", "uid_t"); 3556f6174a7SRobert Watson 3566f6174a7SRobert Watson int 3576f6174a7SRobert Watson mac_cred_check_setresuid(struct ucred *cred, uid_t ruid, uid_t euid, 3586f6174a7SRobert Watson uid_t suid) 3596f6174a7SRobert Watson { 3606f6174a7SRobert Watson int error; 3616f6174a7SRobert Watson 362fa765671SRobert Watson MAC_POLICY_CHECK_NOSLEEP(cred_check_setresuid, cred, ruid, euid, suid); 3636f6174a7SRobert Watson MAC_CHECK_PROBE4(cred_check_setresuid, error, cred, ruid, euid, 3646f6174a7SRobert Watson suid); 3656f6174a7SRobert Watson 3666f6174a7SRobert Watson return (error); 3676f6174a7SRobert Watson } 3686f6174a7SRobert Watson 3696f6174a7SRobert Watson MAC_CHECK_PROBE_DEFINE4(cred_check_setresgid, "struct ucred *", "gid_t", 3706f6174a7SRobert Watson "gid_t", "gid_t"); 3716f6174a7SRobert Watson 3726f6174a7SRobert Watson int 3736f6174a7SRobert Watson mac_cred_check_setresgid(struct ucred *cred, gid_t rgid, gid_t egid, 3746f6174a7SRobert Watson gid_t sgid) 3756f6174a7SRobert Watson { 3766f6174a7SRobert Watson int error; 3776f6174a7SRobert Watson 378fa765671SRobert Watson MAC_POLICY_CHECK_NOSLEEP(cred_check_setresgid, cred, rgid, egid, sgid); 3796f6174a7SRobert Watson MAC_CHECK_PROBE4(cred_check_setresgid, error, cred, rgid, egid, 3806f6174a7SRobert Watson sgid); 3816f6174a7SRobert Watson 3826f6174a7SRobert Watson return (error); 3836f6174a7SRobert Watson } 3846f6174a7SRobert Watson 3852087a58cSRobert Watson MAC_CHECK_PROBE_DEFINE2(cred_check_visible, "struct ucred *", 3862087a58cSRobert Watson "struct ucred *"); 3872087a58cSRobert Watson 388564f8f0fSRobert Watson int 389564f8f0fSRobert Watson mac_cred_check_visible(struct ucred *cr1, struct ucred *cr2) 390564f8f0fSRobert Watson { 391564f8f0fSRobert Watson int error; 392564f8f0fSRobert Watson 393fa765671SRobert Watson MAC_POLICY_CHECK_NOSLEEP(cred_check_visible, cr1, cr2); 3942087a58cSRobert Watson MAC_CHECK_PROBE2(cred_check_visible, error, cr1, cr2); 395564f8f0fSRobert Watson 396564f8f0fSRobert Watson return (error); 397564f8f0fSRobert Watson } 398