]> git.saurik.com Git - apple/xnu.git/blame - security/mac_vfs.c
projects / apple / xnu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xnu-4903.270.47.tar.gz
[apple/xnu.git] / security / mac_vfs.c
CommitLineData
2d21ac55 1/*
39037602 2 * Copyright (c) 2007-2016 Apple Inc. All rights reserved.
2d21ac55
A		 3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
0a7de745 5 *
2d21ac55
A		 6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
0a7de745 14 *
2d21ac55
A		 15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
0a7de745 17 *
2d21ac55
A		 18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
0a7de745 25 *
2d21ac55
A		 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28/*-
29 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
30 * Copyright (c) 2001 Ilmar S. Habibulin
31 * Copyright (c) 2001, 2002, 2003, 2004 Networks Associates Technology, Inc.
32 * Copyright (c) 2005 SPARTA, Inc.
33 *
34 * This software was developed by Robert Watson and Ilmar Habibulin for the
35 * TrustedBSD Project.
36 *
37 * This software was developed for the FreeBSD Project in part by Network
38 * Associates Laboratories, the Security Research Division of Network
39 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
40 * as part of the DARPA CHATS research program.
41 *
42 * Redistribution and use in source and binary forms, with or without
43 * modification, are permitted provided that the following conditions
44 * are met:
45 * 1. Redistributions of source code must retain the above copyright
46 * notice, this list of conditions and the following disclaimer.
47 * 2. Redistributions in binary form must reproduce the above copyright
48 * notice, this list of conditions and the following disclaimer in the
49 * documentation and/or other materials provided with the distribution.
50 *
51 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
52 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
53 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
54 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
55 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
56 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
57 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
59 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
60 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
61 * SUCH DAMAGE.
62 *
63 */
64
39037602
A		 65#include <kern/kalloc.h>
66
2d21ac55
A		 67#include <sys/param.h>
68#include <sys/systm.h>
69#include <sys/kernel.h>
70#include <sys/proc.h>
71#include <sys/kauth.h>
72
73#include <sys/file_internal.h>
74#include <sys/imgact.h>
75#include <sys/namei.h>
76#include <sys/mount_internal.h>
77#include <sys/pipe.h>
78#include <sys/posix_sem.h>
79#include <sys/posix_shm.h>
39037602 80#include <sys/reason.h>
2d21ac55
A		 81#include <sys/uio_internal.h>
82#include <sys/vnode_internal.h>
83
84#include <miscfs/devfs/devfsdefs.h>
b0d623f7 85#include <miscfs/devfs/fdesc.h>
2d21ac55
A		 86
87#include <security/mac_internal.h>
88
89/* convert {R,W,X}_OK values to V{READ,WRITE,EXEC} */
0a7de745 90#define ACCESS_MODE_TO_VNODE_MASK(m) (m << 6)
2d21ac55
A		 91
92static struct label *
93mac_devfsdirent_label_alloc(void)
94{
95 struct label *label;
96
97 label = mac_labelzone_alloc(MAC_WAITOK);
0a7de745
A		 98 if (label == NULL) {
99 return NULL;
100 }
2d21ac55 101 MAC_PERFORM(devfs_label_init, label);
0a7de745 102 return label;
2d21ac55
A		 103}
104
105void
106mac_devfs_label_init(struct devnode *de)
107{
2d21ac55
A		 108 de->dn_label = mac_devfsdirent_label_alloc();
109}
110
111static struct label *
112mac_mount_label_alloc(void)
113{
114 struct label *label;
115
116 label = mac_labelzone_alloc(MAC_WAITOK);
0a7de745
A		 117 if (label == NULL) {
118 return NULL;
119 }
2d21ac55 120 MAC_PERFORM(mount_label_init, label);
0a7de745 121 return label;
2d21ac55
A		 122}
123
124void
125mac_mount_label_init(struct mount *mp)
126{
2d21ac55
A		 127 mp->mnt_mntlabel = mac_mount_label_alloc();
128}
129
130struct label *
131mac_vnode_label_alloc(void)
132{
133 struct label *label;
134
135 label = mac_labelzone_alloc(MAC_WAITOK);
0a7de745
A		 136 if (label == NULL) {
137 return NULL;
138 }
2d21ac55 139 MAC_PERFORM(vnode_label_init, label);
0a7de745 140 return label;
2d21ac55
A		 141}
142
143void
144mac_vnode_label_init(vnode_t vp)
145{
2d21ac55
A		 146 vp->v_label = mac_vnode_label_alloc();
147}
148
b0d623f7
A		 149int
150mac_vnode_label_init_needed(vnode_t vp)
151{
0a7de745 152 return mac_label_vnodes != 0 && vp->v_label == NULL;
b0d623f7
A		 153}
154
0a7de745 155/*
2d21ac55
A		 156 * vnode labels are allocated at the same time as vnodes, but vnodes are never
157 * freed. Instead, we want to remove any sensitive information before putting
158 * them on the free list for reuse.
0a7de745 159 */
2d21ac55
A		 160void
161mac_vnode_label_recycle(vnode_t vp)
162{
2d21ac55
A		 163 MAC_PERFORM(vnode_label_recycle, vp->v_label);
164}
165
166static void
167mac_devfs_label_free(struct label *label)
168{
169 MAC_PERFORM(devfs_label_destroy, label);
170 mac_labelzone_free(label);
171}
172
173void
174mac_devfs_label_destroy(struct devnode *de)
175{
176 if (de->dn_label != NULL) {
177 mac_devfs_label_free(de->dn_label);
178 de->dn_label = NULL;
179 }
180}
181
182static void
183mac_mount_label_free(struct label *label)
184{
2d21ac55
A		 185 MAC_PERFORM(mount_label_destroy, label);
186 mac_labelzone_free(label);
187}
188
189void
190mac_mount_label_destroy(struct mount *mp)
191{
2d21ac55
A		 192 if (mp->mnt_mntlabel != NULL) {
193 mac_mount_label_free(mp->mnt_mntlabel);
194 mp->mnt_mntlabel = NULL;
195 }
196}
197
198void
199mac_vnode_label_free(struct label *label)
200{
2d21ac55
A		 201 MAC_PERFORM(vnode_label_destroy, label);
202 mac_labelzone_free(label);
203}
204
205#ifndef __APPLE__
206void
207mac_vnode_label_destroy(struct vnode *vp)
208{
b0d623f7
A		 209 if (vp->v_label != NULL) {
210 mac_vnode_label_free(vp->v_label);
211 vp->v_label = NULL;
212 }
2d21ac55
A		 213}
214#endif
215
216void
217mac_vnode_label_copy(struct label *src, struct label *dest)
218{
b0d623f7
A		 219 if (src == NULL) {
220 MAC_PERFORM(vnode_label_init, dest);
221 } else {
222 MAC_PERFORM(vnode_label_copy, src, dest);
223 }
2d21ac55
A		 224}
225
226int
227mac_vnode_label_externalize_audit(struct vnode *vp, struct mac *mac)
228{
229 int error;
230
231 /* It is assumed that any necessary vnode locking is done on entry */
232 error = MAC_EXTERNALIZE_AUDIT(vnode, vp->v_label,
233 mac->m_string, mac->m_buflen);
234
0a7de745 235 return error;
2d21ac55
A		 236}
237
238int
239mac_vnode_label_externalize(struct label *label, char *elements,
240 char *outbuf, size_t outbuflen, int flags __unused)
241{
242 int error;
243
244 error = MAC_EXTERNALIZE(vnode, label, elements, outbuf, outbuflen);
245
0a7de745 246 return error;
2d21ac55
A		 247}
248
249int
250mac_vnode_label_internalize(struct label *label, char *string)
251{
252 int error;
253
254 error = MAC_INTERNALIZE(vnode, label, string);
255
0a7de745 256 return error;
2d21ac55
A		 257}
258
259int
260mac_mount_label_internalize(struct label *label, char *string)
261{
262 int error;
263
264 error = MAC_INTERNALIZE(mount, label, string);
265
0a7de745 266 return error;
2d21ac55
A		 267}
268
269int
270mac_mount_label_externalize(struct label *label, char *elements,
271 char *outbuf, size_t outbuflen)
272{
273 int error;
274
275 error = MAC_EXTERNALIZE(mount, label, elements, outbuf, outbuflen);
276
0a7de745 277 return error;
2d21ac55
A		 278}
279
280void
281mac_devfs_label_copy(struct label *src, struct label *dest)
282{
3e170ce0 283#if SECURITY_MAC_CHECK_ENFORCE
39037602 284 /* 21167099 - only check if we allow write */
0a7de745 285 if (!mac_device_enforce) {
39037602 286 return;
0a7de745 287 }
3e170ce0 288#endif
2d21ac55
A		 289
290 MAC_PERFORM(devfs_label_copy, src, dest);
291}
292
293void
294mac_devfs_label_update(struct mount *mp, struct devnode *de,
295 struct vnode *vp)
296{
3e170ce0 297#if SECURITY_MAC_CHECK_ENFORCE
39037602 298 /* 21167099 - only check if we allow write */
0a7de745 299 if (!mac_device_enforce) {
39037602 300 return;
0a7de745 301 }
3e170ce0 302#endif
2d21ac55
A		 303
304 MAC_PERFORM(devfs_label_update, mp, de, de->dn_label, vp,
305 vp->v_label);
306}
307
308int
309mac_vnode_label_associate(struct mount *mp, struct vnode *vp, vfs_context_t ctx)
310{
311 struct devnode *dnp;
312 struct fdescnode *fnp;
313 int error = 0;
314
3e170ce0 315#if SECURITY_MAC_CHECK_ENFORCE
39037602 316 /* 21167099 - only check if we allow write */
0a7de745
A		 317 if (!mac_vnode_enforce) {
318 return error;
319 }
3e170ce0 320#endif
2d21ac55
A		 321
322 /* XXX: should not inspect v_tag in kernel! */
323 switch (vp->v_tag) {
324 case VT_DEVFS:
325 dnp = VTODN(vp);
326 mac_vnode_label_associate_devfs(mp, dnp, vp);
327 break;
328 case VT_FDESC:
329 fnp = VTOFDESC(vp);
330 error = mac_vnode_label_associate_fdesc(mp, fnp, vp, ctx);
331 break;
332 default:
333 error = mac_vnode_label_associate_extattr(mp, vp);
334 break;
335 }
336
0a7de745 337 return error;
2d21ac55
A		 338}
339
340void
341mac_vnode_label_associate_devfs(struct mount *mp, struct devnode *de,
342 struct vnode *vp)
343{
3e170ce0 344#if SECURITY_MAC_CHECK_ENFORCE
39037602 345 /* 21167099 - only check if we allow write */
0a7de745 346 if (!mac_device_enforce) {
39037602 347 return;
0a7de745 348 }
3e170ce0 349#endif
2d21ac55
A		 350
351 MAC_PERFORM(vnode_label_associate_devfs,
352 mp, mp ? mp->mnt_mntlabel : NULL,
353 de, de->dn_label,
354 vp, vp->v_label);
355}
356
357int
358mac_vnode_label_associate_extattr(struct mount *mp, struct vnode *vp)
359{
360 int error;
361
362 MAC_CHECK(vnode_label_associate_extattr, mp, mp->mnt_mntlabel, vp,
363 vp->v_label);
364
0a7de745 365 return error;
2d21ac55
A		 366}
367
368void
369mac_vnode_label_associate_singlelabel(struct mount *mp, struct vnode *vp)
370{
3e170ce0 371#if SECURITY_MAC_CHECK_ENFORCE
39037602 372 /* 21167099 - only check if we allow write */
0a7de745 373 if (!mac_vnode_enforce) {
39037602 374 return;
0a7de745 375 }
3e170ce0 376#endif
0a7de745 377 if (!mac_label_vnodes) {
2d21ac55 378 return;
0a7de745 379 }
2d21ac55
A		 380
381 MAC_PERFORM(vnode_label_associate_singlelabel, mp,
382 mp ? mp->mnt_mntlabel : NULL, vp, vp->v_label);
383}
384
385int
386mac_vnode_notify_create(vfs_context_t ctx, struct mount *mp,
387 struct vnode *dvp, struct vnode *vp, struct componentname *cnp)
388{
389 kauth_cred_t cred;
390 int error;
391
3e170ce0 392#if SECURITY_MAC_CHECK_ENFORCE
39037602 393 /* 21167099 - only check if we allow write */
0a7de745
A		 394 if (!mac_vnode_enforce) {
395 return 0;
396 }
3e170ce0 397#endif
2d21ac55 398 cred = vfs_context_ucred(ctx);
0a7de745
A		 399 if (!mac_cred_check_enforce(cred)) {
400 return 0;
401 }
2d21ac55
A		 402 MAC_CHECK(vnode_notify_create, cred, mp, mp->mnt_mntlabel,
403 dvp, dvp->v_label, vp, vp->v_label, cnp);
404
0a7de745 405 return error;
2d21ac55
A		 406}
407
6d2010ae
A		 408void
409mac_vnode_notify_rename(vfs_context_t ctx, struct vnode *vp,
410 struct vnode *dvp, struct componentname *cnp)
411{
412 kauth_cred_t cred;
413
3e170ce0 414#if SECURITY_MAC_CHECK_ENFORCE
39037602 415 /* 21167099 - only check if we allow write */
0a7de745 416 if (!mac_vnode_enforce) {
39037602 417 return;
0a7de745 418 }
3e170ce0 419#endif
6d2010ae 420 cred = vfs_context_ucred(ctx);
0a7de745 421 if (!mac_cred_check_enforce(cred)) {
5ba3f43e 422 return;
0a7de745 423 }
6d2010ae
A		 424 MAC_PERFORM(vnode_notify_rename, cred, vp, vp->v_label,
425 dvp, dvp->v_label, cnp);
426}
427
4b17d6b6
A		 428void
429mac_vnode_notify_open(vfs_context_t ctx, struct vnode *vp, int acc_flags)
430{
431 kauth_cred_t cred;
432
3e170ce0 433#if SECURITY_MAC_CHECK_ENFORCE
39037602 434 /* 21167099 - only check if we allow write */
0a7de745 435 if (!mac_vnode_enforce) {
39037602 436 return;
0a7de745 437 }
3e170ce0 438#endif
4b17d6b6 439 cred = vfs_context_ucred(ctx);
0a7de745 440 if (!mac_cred_check_enforce(cred)) {
5ba3f43e 441 return;
0a7de745 442 }
4b17d6b6
A		 443 MAC_PERFORM(vnode_notify_open, cred, vp, vp->v_label, acc_flags);
444}
445
39236c6e
A		 446void
447mac_vnode_notify_link(vfs_context_t ctx, struct vnode *vp,
0a7de745 448 struct vnode *dvp, struct componentname *cnp)
39236c6e
A		 449{
450 kauth_cred_t cred;
451
3e170ce0 452#if SECURITY_MAC_CHECK_ENFORCE
39037602 453 /* 21167099 - only check if we allow write */
0a7de745 454 if (!mac_vnode_enforce) {
39037602 455 return;
0a7de745 456 }
3e170ce0 457#endif
39236c6e 458 cred = vfs_context_ucred(ctx);
0a7de745 459 if (!mac_cred_check_enforce(cred)) {
5ba3f43e 460 return;
0a7de745 461 }
39236c6e
A		 462 MAC_PERFORM(vnode_notify_link, cred, dvp, dvp->v_label, vp, vp->v_label, cnp);
463}
464
39037602
A		 465void
466mac_vnode_notify_deleteextattr(vfs_context_t ctx, struct vnode *vp, const char *name)
467{
468 kauth_cred_t cred;
469
470#if SECURITY_MAC_CHECK_ENFORCE
471 /* 21167099 - only check if we allow write */
0a7de745 472 if (!mac_vnode_enforce) {
39037602 473 return;
0a7de745 474 }
39037602 475#endif
39037602 476 cred = vfs_context_ucred(ctx);
0a7de745 477 if (!mac_cred_check_enforce(cred)) {
5ba3f43e 478 return;
0a7de745 479 }
39037602
A		 480 MAC_PERFORM(vnode_notify_deleteextattr, cred, vp, vp->v_label, name);
481}
482
483void
484mac_vnode_notify_setacl(vfs_context_t ctx, struct vnode *vp, struct kauth_acl *acl)
485{
486 kauth_cred_t cred;
487
488#if SECURITY_MAC_CHECK_ENFORCE
489 /* 21167099 - only check if we allow write */
0a7de745 490 if (!mac_vnode_enforce) {
39037602 491 return;
0a7de745 492 }
39037602 493#endif
39037602 494 cred = vfs_context_ucred(ctx);
0a7de745 495 if (!mac_cred_check_enforce(cred)) {
5ba3f43e 496 return;
0a7de745 497 }
39037602
A		 498 MAC_PERFORM(vnode_notify_setacl, cred, vp, vp->v_label, acl);
499}
500
501void
502mac_vnode_notify_setattrlist(vfs_context_t ctx, struct vnode *vp, struct attrlist *alist)
503{
504 kauth_cred_t cred;
505
506#if SECURITY_MAC_CHECK_ENFORCE
507 /* 21167099 - only check if we allow write */
0a7de745 508 if (!mac_vnode_enforce) {
39037602 509 return;
0a7de745 510 }
39037602 511#endif
39037602 512 cred = vfs_context_ucred(ctx);
0a7de745 513 if (!mac_cred_check_enforce(cred)) {
5ba3f43e 514 return;
0a7de745 515 }
39037602
A		 516 MAC_PERFORM(vnode_notify_setattrlist, cred, vp, vp->v_label, alist);
517}
518
519void
520mac_vnode_notify_setextattr(vfs_context_t ctx, struct vnode *vp, const char *name, struct uio *uio)
521{
522 kauth_cred_t cred;
523
524#if SECURITY_MAC_CHECK_ENFORCE
525 /* 21167099 - only check if we allow write */
0a7de745 526 if (!mac_vnode_enforce) {
39037602 527 return;
0a7de745 528 }
39037602 529#endif
39037602 530 cred = vfs_context_ucred(ctx);
0a7de745 531 if (!mac_cred_check_enforce(cred)) {
5ba3f43e 532 return;
0a7de745 533 }
39037602
A		 534 MAC_PERFORM(vnode_notify_setextattr, cred, vp, vp->v_label, name, uio);
535}
536
537void
538mac_vnode_notify_setflags(vfs_context_t ctx, struct vnode *vp, u_long flags)
539{
540 kauth_cred_t cred;
541
542#if SECURITY_MAC_CHECK_ENFORCE
543 /* 21167099 - only check if we allow write */
0a7de745 544 if (!mac_vnode_enforce) {
39037602 545 return;
0a7de745 546 }
39037602 547#endif
39037602 548 cred = vfs_context_ucred(ctx);
0a7de745 549 if (!mac_cred_check_enforce(cred)) {
5ba3f43e 550 return;
0a7de745 551 }
39037602
A		 552 MAC_PERFORM(vnode_notify_setflags, cred, vp, vp->v_label, flags);
553}
554
555void
556mac_vnode_notify_setmode(vfs_context_t ctx, struct vnode *vp, mode_t mode)
557{
558 kauth_cred_t cred;
559
560#if SECURITY_MAC_CHECK_ENFORCE
561 /* 21167099 - only check if we allow write */
0a7de745 562 if (!mac_vnode_enforce) {
39037602 563 return;
0a7de745 564 }
39037602 565#endif
39037602 566 cred = vfs_context_ucred(ctx);
0a7de745 567 if (!mac_cred_check_enforce(cred)) {
5ba3f43e 568 return;
0a7de745 569 }
39037602
A		 570 MAC_PERFORM(vnode_notify_setmode, cred, vp, vp->v_label, mode);
571}
572
573void
574mac_vnode_notify_setowner(vfs_context_t ctx, struct vnode *vp, uid_t uid, gid_t gid)
575{
576 kauth_cred_t cred;
577
578#if SECURITY_MAC_CHECK_ENFORCE
579 /* 21167099 - only check if we allow write */
0a7de745 580 if (!mac_vnode_enforce) {
39037602 581 return;
0a7de745 582 }
39037602 583#endif
39037602 584 cred = vfs_context_ucred(ctx);
0a7de745 585 if (!mac_cred_check_enforce(cred)) {
5ba3f43e 586 return;
0a7de745 587 }
39037602
A		 588 MAC_PERFORM(vnode_notify_setowner, cred, vp, vp->v_label, uid, gid);
589}
590
591void
592mac_vnode_notify_setutimes(vfs_context_t ctx, struct vnode *vp, struct timespec atime, struct timespec mtime)
593{
594 kauth_cred_t cred;
595
596#if SECURITY_MAC_CHECK_ENFORCE
597 /* 21167099 - only check if we allow write */
0a7de745 598 if (!mac_vnode_enforce) {
39037602 599 return;
0a7de745 600 }
39037602 601#endif
39037602 602 cred = vfs_context_ucred(ctx);
0a7de745 603 if (!mac_cred_check_enforce(cred)) {
5ba3f43e 604 return;
0a7de745 605 }
39037602
A		 606 MAC_PERFORM(vnode_notify_setutimes, cred, vp, vp->v_label, atime, mtime);
607}
608
609void
610mac_vnode_notify_truncate(vfs_context_t ctx, kauth_cred_t file_cred, struct vnode *vp)
611{
612 kauth_cred_t cred;
613
614#if SECURITY_MAC_CHECK_ENFORCE
615 /* 21167099 - only check if we allow write */
0a7de745 616 if (!mac_vnode_enforce) {
39037602 617 return;
0a7de745 618 }
39037602 619#endif
39037602 620 cred = vfs_context_ucred(ctx);
0a7de745 621 if (!mac_cred_check_enforce(cred)) {
5ba3f43e 622 return;
0a7de745 623 }
39037602
A		 624 MAC_PERFORM(vnode_notify_truncate, cred, file_cred, vp, vp->v_label);
625}
626
2d21ac55
A		 627/*
628 * Extended attribute 'name' was updated via
629 * vn_setxattr() or vn_removexattr(). Allow the
630 * policy to update the vnode label.
631 */
632void
633mac_vnode_label_update_extattr(struct mount *mp, struct vnode *vp,
634 const char *name)
635{
636 int error = 0;
637
3e170ce0 638#if SECURITY_MAC_CHECK_ENFORCE
39037602 639 /* 21167099 - only check if we allow write */
0a7de745 640 if (!mac_vnode_enforce) {
39037602 641 return;
0a7de745 642 }
3e170ce0 643#endif
0a7de745 644 if (!mac_label_vnodes) {
2d21ac55 645 return;
0a7de745 646 }
2d21ac55
A		 647
648 MAC_PERFORM(vnode_label_update_extattr, mp, mp->mnt_mntlabel, vp,
0a7de745
A		 649 vp->v_label, name);
650 if (error == 0) {
2d21ac55 651 return;
0a7de745 652 }
2d21ac55
A		 653
654 vnode_lock(vp);
655 vnode_relabel(vp);
656 vnode_unlock(vp);
657 return;
658}
659
660static int
661mac_vnode_label_store(vfs_context_t ctx, struct vnode *vp,
662 struct label *intlabel)
663{
664 kauth_cred_t cred;
665 int error;
666
3e170ce0 667#if SECURITY_MAC_CHECK_ENFORCE
39037602 668 /* 21167099 - only check if we allow write */
0a7de745 669 if (!mac_vnode_enforce) {
39037602 670 return 0;
0a7de745 671 }
3e170ce0 672#endif
0a7de745 673 if (!mac_label_vnodes) {
2d21ac55 674 return 0;
0a7de745 675 }
2d21ac55
A		 676
677 cred = vfs_context_ucred(ctx);
0a7de745
A		 678 if (!mac_cred_check_enforce(cred)) {
679 return 0;
680 }
2d21ac55
A		 681 MAC_CHECK(vnode_label_store, cred, vp, vp->v_label, intlabel);
682
0a7de745 683 return error;
2d21ac55
A		 684}
685
fe8ab488
A		 686void
687mac_cred_label_update_execve(vfs_context_t ctx, kauth_cred_t new, struct vnode *vp, off_t offset,
0a7de745
A		 688 struct vnode *scriptvp, struct label *scriptvnodelabel, struct label *execl, u_int *csflags,
689 void *macextensions, int *disjoint, int *labelupdateerror)
2d21ac55
A		 690{
691 kauth_cred_t cred;
fe8ab488
A		 692 *disjoint = 0;
693 int error;
6d2010ae 694 posix_cred_t pcred = posix_cred_get(new);
2d21ac55 695
3e170ce0 696#if SECURITY_MAC_CHECK_ENFORCE
39037602 697 /* 21167099 - only check if we allow write */
0a7de745 698 if (!mac_proc_enforce || !mac_vnode_enforce) {
39037602 699 return;
0a7de745 700 }
3e170ce0 701#endif
2d21ac55
A		 702
703 /* mark the new cred to indicate "matching" includes the label */
6d2010ae 704 pcred->cr_flags |= CRF_MAC_ENFORCE;
2d21ac55
A		 705
706 cred = vfs_context_ucred(ctx);
39236c6e
A		 707
708 /*
fe8ab488 709 * NB: Cannot use MAC_CHECK macro because we need a sequence point after
39236c6e
A		 710 * calling exec_spawnattr_getmacpolicyinfo() and before passing the
711 * spawnattrlen as an argument to the hook.
712 */
713 {
714 struct mac_policy_conf *mpc;
715 u_int i;
716
fe8ab488 717 error = 0;
0a7de745 718 for (i = 0; i < mac_policy_list.staticmax; i++) {
39236c6e 719 mpc = mac_policy_list.entries[i].mpc;
0a7de745 720 if (mpc == NULL) {
39236c6e 721 continue;
0a7de745 722 }
39236c6e
A		 723
724 mpo_cred_label_update_execve_t *hook = mpc->mpc_ops->mpo_cred_label_update_execve;
0a7de745 725 if (hook == NULL) {
39236c6e 726 continue;
0a7de745 727 }
39236c6e
A		 728
729 size_t spawnattrlen = 0;
730 void *spawnattr = exec_spawnattr_getmacpolicyinfo(macextensions, mpc->mpc_name, &spawnattrlen);
731
fe8ab488 732 error = mac_error_select(hook(cred, new, vfs_context_proc(ctx), vp, offset, scriptvp,
0a7de745
A		 733 vp->v_label, scriptvnodelabel, execl, csflags, spawnattr, spawnattrlen, disjoint),
734 error);
39236c6e 735 }
0a7de745 736 if (mac_policy_list_conditional_busy() != 0) {
39236c6e
A		 737 for (; i <= mac_policy_list.maxindex; i++) {
738 mpc = mac_policy_list.entries[i].mpc;
0a7de745 739 if (mpc == NULL) {
39236c6e 740 continue;
0a7de745 741 }
39236c6e
A		 742
743 mpo_cred_label_update_execve_t *hook = mpc->mpc_ops->mpo_cred_label_update_execve;
0a7de745 744 if (hook == NULL) {
39236c6e 745 continue;
0a7de745 746 }
39236c6e
A		 747
748 size_t spawnattrlen = 0;
749 void *spawnattr = exec_spawnattr_getmacpolicyinfo(macextensions, mpc->mpc_name, &spawnattrlen);
750
fe8ab488 751 error = mac_error_select(hook(cred, new, vfs_context_proc(ctx), vp, offset, scriptvp,
0a7de745
A		 752 vp->v_label, scriptvnodelabel, execl, csflags, spawnattr, spawnattrlen, disjoint),
753 error);
39236c6e
A		 754 }
755 mac_policy_list_unbusy();
756 }
757 }
fe8ab488 758 *labelupdateerror = error;
2d21ac55
A		 759}
760
761int
fe8ab488 762mac_cred_check_label_update_execve(vfs_context_t ctx, struct vnode *vp, off_t offset,
0a7de745
A		 763 struct vnode *scriptvp, struct label *scriptvnodelabel, struct label *execlabel,
764 struct proc *p, void *macextensions)
2d21ac55
A		 765{
766 kauth_cred_t cred;
767 int result = 0;
768
3e170ce0 769#if SECURITY_MAC_CHECK_ENFORCE
39037602 770 /* 21167099 - only check if we allow write */
0a7de745 771 if (!mac_proc_enforce || !mac_vnode_enforce) {
39037602 772 return result;
0a7de745 773 }
3e170ce0 774#endif
2d21ac55
A		 775
776 cred = vfs_context_ucred(ctx);
39236c6e
A		 777
778 /*
779 * NB: Cannot use MAC_BOOLEAN macro because we need a sequence point after
780 * calling exec_spawnattr_getmacpolicyinfo() and before passing the
781 * spawnattrlen as an argument to the hook.
782 */
783 {
784 struct mac_policy_conf *mpc;
785 u_int i;
786
0a7de745 787 for (i = 0; i < mac_policy_list.staticmax; i++) {
39236c6e 788 mpc = mac_policy_list.entries[i].mpc;
0a7de745 789 if (mpc == NULL) {
39236c6e 790 continue;
0a7de745 791 }
39236c6e
A		 792
793 mpo_cred_check_label_update_execve_t *hook = mpc->mpc_ops->mpo_cred_check_label_update_execve;
0a7de745 794 if (hook == NULL) {
39236c6e 795 continue;
0a7de745 796 }
39236c6e
A		 797
798 size_t spawnattrlen = 0;
799 void *spawnattr = exec_spawnattr_getmacpolicyinfo(macextensions, mpc->mpc_name, &spawnattrlen);
800
fe8ab488 801 result = result || hook(cred, vp, offset, scriptvp, vp->v_label, scriptvnodelabel, execlabel, p, spawnattr, spawnattrlen);
39236c6e 802 }
0a7de745 803 if (mac_policy_list_conditional_busy() != 0) {
39236c6e
A		 804 for (; i <= mac_policy_list.maxindex; i++) {
805 mpc = mac_policy_list.entries[i].mpc;
0a7de745 806 if (mpc == NULL) {
39236c6e 807 continue;
0a7de745 808 }
39236c6e
A		 809
810 mpo_cred_check_label_update_execve_t *hook = mpc->mpc_ops->mpo_cred_check_label_update_execve;
0a7de745 811 if (hook == NULL) {
39236c6e 812 continue;
0a7de745 813 }
39236c6e
A		 814
815 size_t spawnattrlen = 0;
816 void *spawnattr = exec_spawnattr_getmacpolicyinfo(macextensions, mpc->mpc_name, &spawnattrlen);
817
fe8ab488 818 result = result || hook(cred, vp, offset, scriptvp, vp->v_label, scriptvnodelabel, execlabel, p, spawnattr, spawnattrlen);
39236c6e
A		 819 }
820 mac_policy_list_unbusy();
821 }
822 }
2d21ac55 823
0a7de745 824 return result;
2d21ac55
A		 825}
826
827int
828mac_vnode_check_access(vfs_context_t ctx, struct vnode *vp,
829 int acc_mode)
830{
831 kauth_cred_t cred;
832 int error;
833 int mask;
834
3e170ce0 835#if SECURITY_MAC_CHECK_ENFORCE
39037602 836 /* 21167099 - only check if we allow write */
0a7de745 837 if (!mac_vnode_enforce) {
39037602 838 return 0;
0a7de745 839 }
3e170ce0 840#endif
2d21ac55 841 cred = vfs_context_ucred(ctx);
0a7de745
A		 842 if (!mac_cred_check_enforce(cred)) {
843 return 0;
844 }
2d21ac55
A		 845 /* Convert {R,W,X}_OK values to V{READ,WRITE,EXEC} for entry points */
846 mask = ACCESS_MODE_TO_VNODE_MASK(acc_mode);
847 MAC_CHECK(vnode_check_access, cred, vp, vp->v_label, mask);
0a7de745
A		 848 return error;
849}
2d21ac55
A		 850
851int
852mac_vnode_check_chdir(vfs_context_t ctx, struct vnode *dvp)
853{
854 kauth_cred_t cred;
855 int error;
856
3e170ce0 857#if SECURITY_MAC_CHECK_ENFORCE
39037602 858 /* 21167099 - only check if we allow write */
0a7de745 859 if (!mac_vnode_enforce) {
39037602 860 return 0;
0a7de745 861 }
3e170ce0 862#endif
2d21ac55 863 cred = vfs_context_ucred(ctx);
0a7de745
A		 864 if (!mac_cred_check_enforce(cred)) {
865 return 0;
866 }
2d21ac55 867 MAC_CHECK(vnode_check_chdir, cred, dvp, dvp->v_label);
0a7de745 868 return error;
2d21ac55
A		 869}
870
871int
872mac_vnode_check_chroot(vfs_context_t ctx, struct vnode *dvp,
873 struct componentname *cnp)
874{
875 kauth_cred_t cred;
876 int error;
877
3e170ce0 878#if SECURITY_MAC_CHECK_ENFORCE
39037602 879 /* 21167099 - only check if we allow write */
0a7de745 880 if (!mac_vnode_enforce) {
39037602 881 return 0;
0a7de745 882 }
3e170ce0 883#endif
2d21ac55 884 cred = vfs_context_ucred(ctx);
0a7de745
A		 885 if (!mac_cred_check_enforce(cred)) {
886 return 0;
887 }
2d21ac55 888 MAC_CHECK(vnode_check_chroot, cred, dvp, dvp->v_label, cnp);
0a7de745 889 return error;
2d21ac55
A		 890}
891
39037602
A		 892int
893mac_vnode_check_clone(vfs_context_t ctx, struct vnode *dvp,
894 struct vnode *vp, struct componentname *cnp)
895{
896 kauth_cred_t cred;
897 int error;
898
899#if SECURITY_MAC_CHECK_ENFORCE
900 /* 21167099 - only check if we allow write */
0a7de745 901 if (!mac_vnode_enforce) {
39037602 902 return 0;
0a7de745 903 }
39037602 904#endif
39037602 905 cred = vfs_context_ucred(ctx);
0a7de745
A		 906 if (!mac_cred_check_enforce(cred)) {
907 return 0;
908 }
39037602
A		 909 MAC_CHECK(vnode_check_clone, cred, dvp, dvp->v_label, vp,
910 vp->v_label, cnp);
0a7de745 911 return error;
39037602 912}
2d21ac55
A		 913int
914mac_vnode_check_create(vfs_context_t ctx, struct vnode *dvp,
915 struct componentname *cnp, struct vnode_attr *vap)
916{
917 kauth_cred_t cred;
918 int error;
919
3e170ce0 920#if SECURITY_MAC_CHECK_ENFORCE
39037602 921 /* 21167099 - only check if we allow write */
0a7de745 922 if (!mac_vnode_enforce) {
39037602 923 return 0;
0a7de745 924 }
3e170ce0 925#endif
2d21ac55 926 cred = vfs_context_ucred(ctx);
0a7de745
A		 927 if (!mac_cred_check_enforce(cred)) {
928 return 0;
929 }
2d21ac55 930 MAC_CHECK(vnode_check_create, cred, dvp, dvp->v_label, cnp, vap);
0a7de745 931 return error;
2d21ac55
A		 932}
933
934int
935mac_vnode_check_unlink(vfs_context_t ctx, struct vnode *dvp, struct vnode *vp,
936 struct componentname *cnp)
937{
938 kauth_cred_t cred;
939 int error;
940
3e170ce0 941#if SECURITY_MAC_CHECK_ENFORCE
39037602 942 /* 21167099 - only check if we allow write */
0a7de745 943 if (!mac_vnode_enforce) {
39037602 944 return 0;
0a7de745 945 }
3e170ce0 946#endif
2d21ac55 947 cred = vfs_context_ucred(ctx);
0a7de745
A		 948 if (!mac_cred_check_enforce(cred)) {
949 return 0;
950 }
2d21ac55
A		 951 MAC_CHECK(vnode_check_unlink, cred, dvp, dvp->v_label, vp,
952 vp->v_label, cnp);
0a7de745 953 return error;
2d21ac55
A		 954}
955#if 0
956int
957mac_vnode_check_deleteacl(vfs_context_t ctx, struct vnode *vp,
958 acl_type_t type)
959{
960 kauth_cred_t cred;
961 int error;
962
3e170ce0 963#if SECURITY_MAC_CHECK_ENFORCE
39037602 964 /* 21167099 - only check if we allow write */
0a7de745 965 if (!mac_vnode_enforce) {
39037602 966 return 0;
0a7de745 967 }
3e170ce0 968#endif
2d21ac55 969 cred = vfs_context_ucred(ctx);
0a7de745
A		 970 if (!mac_cred_check_enforce(cred)) {
971 return 0;
972 }
2d21ac55 973 MAC_CHECK(vnode_check_deleteacl, cred, vp, vp->v_label, type);
0a7de745 974 return error;
2d21ac55
A		 975}
976#endif
977
978int
979mac_vnode_check_deleteextattr(vfs_context_t ctx, struct vnode *vp,
980 const char *name)
981{
982 kauth_cred_t cred;
983 int error;
984
3e170ce0 985#if SECURITY_MAC_CHECK_ENFORCE
39037602 986 /* 21167099 - only check if we allow write */
0a7de745 987 if (!mac_vnode_enforce) {
39037602 988 return 0;
0a7de745 989 }
3e170ce0 990#endif
2d21ac55 991 cred = vfs_context_ucred(ctx);
0a7de745
A		 992 if (!mac_cred_check_enforce(cred)) {
993 return 0;
994 }
2d21ac55 995 MAC_CHECK(vnode_check_deleteextattr, cred, vp, vp->v_label, name);
0a7de745 996 return error;
2d21ac55
A		 997}
998int
999mac_vnode_check_exchangedata(vfs_context_t ctx,
1000 struct vnode *v1, struct vnode *v2)
1001{
1002 kauth_cred_t cred;
1003 int error;
1004
3e170ce0 1005#if SECURITY_MAC_CHECK_ENFORCE
39037602 1006 /* 21167099 - only check if we allow write */
0a7de745 1007 if (!mac_vnode_enforce) {
39037602 1008 return 0;
0a7de745 1009 }
3e170ce0 1010#endif
2d21ac55 1011 cred = vfs_context_ucred(ctx);
0a7de745
A		 1012 if (!mac_cred_check_enforce(cred)) {
1013 return 0;
1014 }
1015 MAC_CHECK(vnode_check_exchangedata, cred, v1, v1->v_label,
2d21ac55
A		 1016 v2, v2->v_label);
1017
0a7de745 1018 return error;
2d21ac55
A		 1019}
1020
1021#if 0
1022int
1023mac_vnode_check_getacl(vfs_context_t ctx, struct vnode *vp, acl_type_t type)
1024{
1025 kauth_cred_t cred;
1026 int error;
1027
3e170ce0 1028#if SECURITY_MAC_CHECK_ENFORCE
39037602 1029 /* 21167099 - only check if we allow write */
0a7de745 1030 if (!mac_vnode_enforce) {
39037602 1031 return 0;
0a7de745 1032 }
3e170ce0 1033#endif
2d21ac55 1034 cred = vfs_context_ucred(ctx);
0a7de745
A		 1035 if (!mac_cred_check_enforce(cred)) {
1036 return 0;
1037 }
2d21ac55 1038 MAC_CHECK(vnode_check_getacl, cred, vp, vp->v_label, type);
0a7de745 1039 return error;
2d21ac55
A		 1040}
1041#endif
1042
743345f9
A		 1043int
1044mac_vnode_check_getattr(vfs_context_t ctx, struct ucred *file_cred,
1045 struct vnode *vp, struct vnode_attr *va)
1046{
1047 kauth_cred_t cred;
1048 int error;
1049
1050#if SECURITY_MAC_CHECK_ENFORCE
1051 /* 21167099 - only check if we allow write */
0a7de745 1052 if (!mac_vnode_enforce) {
743345f9 1053 return 0;
0a7de745 1054 }
743345f9 1055#endif
743345f9 1056 cred = vfs_context_ucred(ctx);
0a7de745
A		 1057 if (!mac_cred_check_enforce(cred)) {
1058 return 0;
1059 }
743345f9 1060 MAC_CHECK(vnode_check_getattr, cred, file_cred, vp, vp->v_label, va);
0a7de745 1061 return error;
743345f9
A		 1062}
1063
2d21ac55
A		 1064int
1065mac_vnode_check_getattrlist(vfs_context_t ctx, struct vnode *vp,
1066 struct attrlist *alist)
1067{
1068 kauth_cred_t cred;
1069 int error;
1070
3e170ce0 1071#if SECURITY_MAC_CHECK_ENFORCE
39037602 1072 /* 21167099 - only check if we allow write */
0a7de745 1073 if (!mac_vnode_enforce) {
39037602 1074 return 0;
0a7de745 1075 }
3e170ce0 1076#endif
2d21ac55 1077 cred = vfs_context_ucred(ctx);
0a7de745
A		 1078 if (!mac_cred_check_enforce(cred)) {
1079 return 0;
1080 }
2d21ac55
A		 1081 MAC_CHECK(vnode_check_getattrlist, cred, vp, vp->v_label, alist);
1082
1083 /* Falsify results instead of returning error? */
0a7de745 1084 return error;
2d21ac55
A		 1085}
1086
1087int
1088mac_vnode_check_exec(vfs_context_t ctx, struct vnode *vp,
1089 struct image_params *imgp)
1090{
1091 kauth_cred_t cred;
39236c6e 1092 int error = 0;
2d21ac55 1093
3e170ce0 1094#if SECURITY_MAC_CHECK_ENFORCE
39037602 1095 /* 21167099 - only check if we allow write */
0a7de745 1096 if (!mac_proc_enforce || !mac_vnode_enforce) {
39037602 1097 return 0;
0a7de745 1098 }
3e170ce0 1099#endif
2d21ac55
A		 1100
1101 cred = vfs_context_ucred(ctx);
39236c6e
A		 1102
1103 /*
1104 * NB: Cannot use MAC_CHECK macro because we need a sequence point after
1105 * calling exec_spawnattr_getmacpolicyinfo() and before passing the
1106 * spawnattrlen as an argument to the hook.
1107 */
1108 {
1109 struct mac_policy_conf *mpc;
1110 u_int i;
1111
0a7de745 1112 for (i = 0; i < mac_policy_list.staticmax; i++) {
39236c6e 1113 mpc = mac_policy_list.entries[i].mpc;
0a7de745 1114 if (mpc == NULL) {
39236c6e 1115 continue;
0a7de745 1116 }
39236c6e
A		 1117
1118 mpo_vnode_check_exec_t *hook = mpc->mpc_ops->mpo_vnode_check_exec;
0a7de745 1119 if (hook == NULL) {
39236c6e 1120 continue;
0a7de745 1121 }
39236c6e
A		 1122
1123 size_t spawnattrlen = 0;
fe8ab488 1124 void *spawnattr = exec_spawnattr_getmacpolicyinfo(imgp->ip_px_smpx, mpc->mpc_name, &spawnattrlen);
39236c6e
A		 1125
1126 error = mac_error_select(
0a7de745
A		 1127 hook(cred,
1128 vp, imgp->ip_scriptvp, vp->v_label, imgp->ip_scriptlabelp,
1129 imgp->ip_execlabelp, &imgp->ip_ndp->ni_cnd, &imgp->ip_csflags,
1130 spawnattr, spawnattrlen), error);
39236c6e 1131 }
0a7de745 1132 if (mac_policy_list_conditional_busy() != 0) {
39236c6e
A		 1133 for (; i <= mac_policy_list.maxindex; i++) {
1134 mpc = mac_policy_list.entries[i].mpc;
0a7de745 1135 if (mpc == NULL) {
39236c6e 1136 continue;
0a7de745 1137 }
39236c6e
A		 1138
1139 mpo_vnode_check_exec_t *hook = mpc->mpc_ops->mpo_vnode_check_exec;
0a7de745 1140 if (hook == NULL) {
39236c6e 1141 continue;
0a7de745 1142 }
39236c6e
A		 1143
1144 size_t spawnattrlen = 0;
fe8ab488 1145 void *spawnattr = exec_spawnattr_getmacpolicyinfo(imgp->ip_px_smpx, mpc->mpc_name, &spawnattrlen);
39236c6e
A		 1146
1147 error = mac_error_select(
0a7de745
A		 1148 hook(cred,
1149 vp, imgp->ip_scriptvp, vp->v_label, imgp->ip_scriptlabelp,
1150 imgp->ip_execlabelp, &imgp->ip_ndp->ni_cnd, &imgp->ip_csflags,
1151 spawnattr, spawnattrlen), error);
39236c6e
A		 1152 }
1153 mac_policy_list_unbusy();
1154 }
1155 }
1156
0a7de745 1157 return error;
2d21ac55
A		 1158}
1159
6d2010ae
A		 1160int
1161mac_vnode_check_fsgetpath(vfs_context_t ctx, struct vnode *vp)
1162{
1163 kauth_cred_t cred;
1164 int error;
1165
3e170ce0 1166#if SECURITY_MAC_CHECK_ENFORCE
39037602 1167 /* 21167099 - only check if we allow write */
0a7de745 1168 if (!mac_vnode_enforce) {
39037602 1169 return 0;
0a7de745 1170 }
3e170ce0 1171#endif
6d2010ae 1172 cred = vfs_context_ucred(ctx);
0a7de745
A		 1173 if (!mac_cred_check_enforce(cred)) {
1174 return 0;
1175 }
6d2010ae 1176 MAC_CHECK(vnode_check_fsgetpath, cred, vp, vp->v_label);
0a7de745 1177 return error;
6d2010ae
A		 1178}
1179
593a1d5f 1180int
39037602 1181mac_vnode_check_signature(struct vnode *vp, struct cs_blob *cs_blob,
0a7de745
A		 1182 struct image_params *imgp,
1183 unsigned int *cs_flags, unsigned int *signer_type,
1184 int flags)
39037602 1185{
0a7de745
A		 1186 int error;
1187 char *fatal_failure_desc = NULL;
1188 size_t fatal_failure_desc_len = 0;
39037602 1189
0a7de745
A		 1190 char *vn_path = NULL;
1191 vm_size_t vn_pathlen = MAXPATHLEN;
1192 cpu_type_t cpu_type = (imgp == NULL) ? CPU_TYPE_ANY : imgp->ip_origcputype;
39037602
A		 1193
1194
1195#if SECURITY_MAC_CHECK_ENFORCE
0a7de745
A		 1196 /* 21167099 - only check if we allow write */
1197 if (!mac_proc_enforce || !mac_vnode_enforce) {
1198 return 0;
1199 }
39037602
A		 1200#endif
1201
0a7de745
A		 1202 MAC_CHECK(vnode_check_signature, vp, vp->v_label, cpu_type, cs_blob,
1203 cs_flags, signer_type, flags, &fatal_failure_desc, &fatal_failure_desc_len);
39037602 1204
0a7de745
A		 1205 if (fatal_failure_desc_len) {
1206 // A fatal code signature validation failure occured, formulate a crash
1207 // reason.
39037602 1208
0a7de745 1209 char const *path = NULL;
39037602 1210
0a7de745
A		 1211 vn_path = (char *)kalloc(MAXPATHLEN);
1212 if (vn_path != NULL) {
1213 if (vn_getpath(vp, vn_path, (int*)&vn_pathlen) == 0) {
1214 path = vn_path;
1215 } else {
1216 path = "(get vnode path failed)";
1217 }
1218 } else {
1219 path = "(path alloc failed)";
1220 }
1221
1222 if (error == 0) {
1223 panic("mac_vnode_check_signature: MAC hook returned no error, "
1224 "but status is claimed to be fatal? "
1225 "path: '%s', fatal_failure_desc_len: %ld, fatal_failure_desc:\n%s\n",
1226 path, fatal_failure_desc_len, fatal_failure_desc);
1227 }
1228
1229 printf("mac_vnode_check_signature: %s: code signature validation failed fatally: %s",
1230 path, fatal_failure_desc);
1231
1232 if (imgp == NULL) {
1233 goto out;
1234 }
39037602 1235
0a7de745
A		 1236 os_reason_t reason = os_reason_create(OS_REASON_CODESIGNING,
1237 CODESIGNING_EXIT_REASON_TASKGATED_INVALID_SIG);
1238
1239 if (reason == OS_REASON_NULL) {
1240 printf("mac_vnode_check_signature: %s: failure to allocate exit reason for validation failure: %s\n",
1241 path, fatal_failure_desc);
1242 goto out;
1243 }
1244
1245 imgp->ip_cs_error = reason;
1246 reason->osr_flags = (OS_REASON_FLAG_GENERATE_CRASH_REPORT |
1247 OS_REASON_FLAG_CONSISTENT_FAILURE);
1248
1249 if (fatal_failure_desc == NULL) {
1250 // This may happen if allocation for the buffer failed.
1251 printf("mac_vnode_check_signature: %s: fatal failure is missing its description.\n", path);
1252 } else {
1253 mach_vm_address_t data_addr = 0;
1254
1255 int reason_error = 0;
1256 int kcdata_error = 0;
1257
1258 if ((reason_error = os_reason_alloc_buffer_noblock(reason, kcdata_estimate_required_buffer_size
1259 (1, fatal_failure_desc_len))) == 0 &&
1260 (kcdata_error = kcdata_get_memory_addr(&reason->osr_kcd_descriptor,
1261 EXIT_REASON_USER_DESC, fatal_failure_desc_len,
1262 &data_addr)) == KERN_SUCCESS) {
1263 kern_return_t mc_error = kcdata_memcpy(&reason->osr_kcd_descriptor, (mach_vm_address_t)data_addr,
1264 fatal_failure_desc, fatal_failure_desc_len);
1265
1266 if (mc_error != KERN_SUCCESS) {
1267 printf("mac_vnode_check_signature: %s: failed to copy reason string "
1268 "(kcdata_memcpy error: %d, length: %ld)\n",
1269 path, mc_error, fatal_failure_desc_len);
1270 }
1271 } else {
1272 printf("mac_vnode_check_signature: %s: failed to allocate space for reason string "
1273 "(os_reason_alloc_buffer error: %d, kcdata error: %d, length: %ld)\n",
1274 path, reason_error, kcdata_error, fatal_failure_desc_len);
1275 }
1276 }
1277 }
39037602
A		 1278
1279out:
0a7de745
A		 1280 if (vn_path) {
1281 kfree(vn_path, MAXPATHLEN);
1282 }
39037602 1283
0a7de745
A		 1284 if (fatal_failure_desc_len > 0 && fatal_failure_desc != NULL) {
1285 kfree(fatal_failure_desc, fatal_failure_desc_len);
1286 }
39037602 1287
0a7de745 1288 return error;
593a1d5f
A		 1289}
1290
2d21ac55
A		 1291#if 0
1292int
1293mac_vnode_check_getacl(vfs_context_t ctx, struct vnode *vp, acl_type_t type)
1294{
1295 kauth_cred_t cred;
1296 int error;
1297
3e170ce0 1298#if SECURITY_MAC_CHECK_ENFORCE
39037602 1299 /* 21167099 - only check if we allow write */
0a7de745 1300 if (!mac_vnode_enforce) {
39037602 1301 return 0;
0a7de745 1302 }
3e170ce0 1303#endif
2d21ac55 1304 cred = vfs_context_ucred(ctx);
0a7de745
A		 1305 if (!mac_cred_check_enforce(cred)) {
1306 return 0;
1307 }
2d21ac55 1308 MAC_CHECK(vnode_check_getacl, cred, vp, vp->v_label, type);
0a7de745 1309 return error;
2d21ac55
A		 1310}
1311#endif
1312
1313int
1314mac_vnode_check_getextattr(vfs_context_t ctx, struct vnode *vp,
1315 const char *name, struct uio *uio)
1316{
1317 kauth_cred_t cred;
1318 int error;
1319
3e170ce0 1320#if SECURITY_MAC_CHECK_ENFORCE
39037602 1321 /* 21167099 - only check if we allow write */
0a7de745 1322 if (!mac_vnode_enforce) {
39037602 1323 return 0;
0a7de745 1324 }
3e170ce0 1325#endif
2d21ac55 1326 cred = vfs_context_ucred(ctx);
0a7de745
A		 1327 if (!mac_cred_check_enforce(cred)) {
1328 return 0;
1329 }
2d21ac55
A		 1330 MAC_CHECK(vnode_check_getextattr, cred, vp, vp->v_label,
1331 name, uio);
0a7de745 1332 return error;
2d21ac55
A		 1333}
1334
1335int
1336mac_vnode_check_ioctl(vfs_context_t ctx, struct vnode *vp, u_int cmd)
1337{
1338 kauth_cred_t cred;
1339 int error;
1340
3e170ce0 1341#if SECURITY_MAC_CHECK_ENFORCE
39037602 1342 /* 21167099 - only check if we allow write */
0a7de745 1343 if (!mac_vnode_enforce) {
39037602 1344 return 0;
0a7de745 1345 }
3e170ce0 1346#endif
2d21ac55 1347 cred = vfs_context_ucred(ctx);
0a7de745
A		 1348 if (!mac_cred_check_enforce(cred)) {
1349 return 0;
1350 }
2d21ac55 1351 MAC_CHECK(vnode_check_ioctl, cred, vp, vp->v_label, cmd);
0a7de745 1352 return error;
2d21ac55
A		 1353}
1354
1355int
1356mac_vnode_check_kqfilter(vfs_context_t ctx, kauth_cred_t file_cred,
1357 struct knote *kn, struct vnode *vp)
1358{
1359 kauth_cred_t cred;
1360 int error;
1361
3e170ce0 1362#if SECURITY_MAC_CHECK_ENFORCE
39037602 1363 /* 21167099 - only check if we allow write */
0a7de745 1364 if (!mac_vnode_enforce) {
39037602 1365 return 0;
0a7de745 1366 }
3e170ce0 1367#endif
2d21ac55 1368 cred = vfs_context_ucred(ctx);
0a7de745
A		 1369 if (!mac_cred_check_enforce(cred)) {
1370 return 0;
1371 }
2d21ac55
A		 1372 MAC_CHECK(vnode_check_kqfilter, cred, file_cred, kn, vp,
1373 vp->v_label);
1374
0a7de745 1375 return error;
2d21ac55
A		 1376}
1377
1378int
1379mac_vnode_check_link(vfs_context_t ctx, struct vnode *dvp,
1380 struct vnode *vp, struct componentname *cnp)
1381{
1382 kauth_cred_t cred;
1383 int error;
1384
3e170ce0 1385#if SECURITY_MAC_CHECK_ENFORCE
39037602 1386 /* 21167099 - only check if we allow write */
0a7de745 1387 if (!mac_vnode_enforce) {
39037602 1388 return 0;
0a7de745 1389 }
3e170ce0 1390#endif
2d21ac55 1391 cred = vfs_context_ucred(ctx);
0a7de745
A		 1392 if (!mac_cred_check_enforce(cred)) {
1393 return 0;
1394 }
2d21ac55
A		 1395 MAC_CHECK(vnode_check_link, cred, dvp, dvp->v_label, vp,
1396 vp->v_label, cnp);
0a7de745 1397 return error;
2d21ac55
A		 1398}
1399
1400int
1401mac_vnode_check_listextattr(vfs_context_t ctx, struct vnode *vp)
1402{
1403 kauth_cred_t cred;
1404 int error;
1405
3e170ce0 1406#if SECURITY_MAC_CHECK_ENFORCE
39037602 1407 /* 21167099 - only check if we allow write */
0a7de745 1408 if (!mac_vnode_enforce) {
39037602 1409 return 0;
0a7de745 1410 }
3e170ce0 1411#endif
2d21ac55 1412 cred = vfs_context_ucred(ctx);
0a7de745
A		 1413 if (!mac_cred_check_enforce(cred)) {
1414 return 0;
1415 }
2d21ac55 1416 MAC_CHECK(vnode_check_listextattr, cred, vp, vp->v_label);
0a7de745 1417 return error;
2d21ac55
A		 1418}
1419
5ba3f43e
A		 1420int
1421mac_vnode_check_lookup_preflight(vfs_context_t ctx, struct vnode *dvp,
1422 const char *path, size_t pathlen)
1423{
1424 kauth_cred_t cred;
1425 int error;
1426
1427#if SECURITY_MAC_CHECK_ENFORCE
1428 /* 21167099 - only check if we allow write */
0a7de745 1429 if (!mac_vnode_enforce) {
5ba3f43e 1430 return 0;
0a7de745 1431 }
5ba3f43e
A		 1432#endif
1433 cred = vfs_context_ucred(ctx);
0a7de745
A		 1434 if (!mac_cred_check_enforce(cred)) {
1435 return 0;
1436 }
5ba3f43e 1437 MAC_CHECK(vnode_check_lookup_preflight, cred, dvp, dvp->v_label, path, pathlen);
0a7de745 1438 return error;
5ba3f43e
A		 1439}
1440
2d21ac55
A		 1441int
1442mac_vnode_check_lookup(vfs_context_t ctx, struct vnode *dvp,
1443 struct componentname *cnp)
1444{
1445 kauth_cred_t cred;
1446 int error;
1447
3e170ce0 1448#if SECURITY_MAC_CHECK_ENFORCE
39037602 1449 /* 21167099 - only check if we allow write */
0a7de745 1450 if (!mac_vnode_enforce) {
39037602 1451 return 0;
0a7de745 1452 }
3e170ce0 1453#endif
2d21ac55 1454 cred = vfs_context_ucred(ctx);
0a7de745
A		 1455 if (!mac_cred_check_enforce(cred)) {
1456 return 0;
1457 }
2d21ac55 1458 MAC_CHECK(vnode_check_lookup, cred, dvp, dvp->v_label, cnp);
0a7de745 1459 return error;
2d21ac55
A		 1460}
1461
1462int
1463mac_vnode_check_open(vfs_context_t ctx, struct vnode *vp, int acc_mode)
1464{
1465 kauth_cred_t cred;
1466 int error;
1467
3e170ce0 1468#if SECURITY_MAC_CHECK_ENFORCE
39037602 1469 /* 21167099 - only check if we allow write */
0a7de745 1470 if (!mac_vnode_enforce) {
39037602 1471 return 0;
0a7de745 1472 }
3e170ce0 1473#endif
2d21ac55 1474 cred = vfs_context_ucred(ctx);
0a7de745
A		 1475 if (!mac_cred_check_enforce(cred)) {
1476 return 0;
1477 }
2d21ac55 1478 MAC_CHECK(vnode_check_open, cred, vp, vp->v_label, acc_mode);
0a7de745 1479 return error;
2d21ac55
A		 1480}
1481
1482int
1483mac_vnode_check_read(vfs_context_t ctx, struct ucred *file_cred,
1484 struct vnode *vp)
1485{
1486 kauth_cred_t cred;
1487 int error;
1488
3e170ce0 1489#if SECURITY_MAC_CHECK_ENFORCE
39037602 1490 /* 21167099 - only check if we allow write */
0a7de745 1491 if (!mac_vnode_enforce) {
39037602 1492 return 0;
0a7de745 1493 }
3e170ce0 1494#endif
2d21ac55 1495 cred = vfs_context_ucred(ctx);
0a7de745
A		 1496 if (!mac_cred_check_enforce(cred)) {
1497 return 0;
1498 }
2d21ac55
A		 1499 MAC_CHECK(vnode_check_read, cred, file_cred, vp,
1500 vp->v_label);
1501
0a7de745 1502 return error;
2d21ac55
A		 1503}
1504
1505int
1506mac_vnode_check_readdir(vfs_context_t ctx, struct vnode *dvp)
1507{
1508 kauth_cred_t cred;
1509 int error;
1510
3e170ce0 1511#if SECURITY_MAC_CHECK_ENFORCE
39037602 1512 /* 21167099 - only check if we allow write */
0a7de745 1513 if (!mac_vnode_enforce) {
39037602 1514 return 0;
0a7de745 1515 }
3e170ce0 1516#endif
2d21ac55 1517 cred = vfs_context_ucred(ctx);
0a7de745
A		 1518 if (!mac_cred_check_enforce(cred)) {
1519 return 0;
1520 }
2d21ac55 1521 MAC_CHECK(vnode_check_readdir, cred, dvp, dvp->v_label);
0a7de745 1522 return error;
2d21ac55
A		 1523}
1524
1525int
1526mac_vnode_check_readlink(vfs_context_t ctx, struct vnode *vp)
1527{
1528 kauth_cred_t cred;
1529 int error;
1530
3e170ce0 1531#if SECURITY_MAC_CHECK_ENFORCE
39037602 1532 /* 21167099 - only check if we allow write */
0a7de745 1533 if (!mac_vnode_enforce) {
39037602 1534 return 0;
0a7de745 1535 }
3e170ce0 1536#endif
2d21ac55 1537 cred = vfs_context_ucred(ctx);
0a7de745
A		 1538 if (!mac_cred_check_enforce(cred)) {
1539 return 0;
1540 }
2d21ac55 1541 MAC_CHECK(vnode_check_readlink, cred, vp, vp->v_label);
0a7de745 1542 return error;
2d21ac55
A		 1543}
1544
1545int
1546mac_vnode_check_label_update(vfs_context_t ctx, struct vnode *vp,
1547 struct label *newlabel)
1548{
1549 kauth_cred_t cred;
1550 int error;
1551
3e170ce0 1552#if SECURITY_MAC_CHECK_ENFORCE
39037602 1553 /* 21167099 - only check if we allow write */
0a7de745 1554 if (!mac_vnode_enforce) {
39037602 1555 return 0;
0a7de745 1556 }
3e170ce0 1557#endif
2d21ac55 1558 cred = vfs_context_ucred(ctx);
0a7de745
A		 1559 if (!mac_cred_check_enforce(cred)) {
1560 return 0;
1561 }
2d21ac55
A		 1562 MAC_CHECK(vnode_check_label_update, cred, vp, vp->v_label, newlabel);
1563
0a7de745 1564 return error;
2d21ac55
A		 1565}
1566
1567int
fe8ab488
A		 1568mac_vnode_check_rename(vfs_context_t ctx, struct vnode *dvp,
1569 struct vnode *vp, struct componentname *cnp, struct vnode *tdvp,
1570 struct vnode *tvp, struct componentname *tcnp)
2d21ac55
A		 1571{
1572 kauth_cred_t cred;
1573 int error;
1574
3e170ce0 1575#if SECURITY_MAC_CHECK_ENFORCE
39037602 1576 /* 21167099 - only check if we allow write */
0a7de745 1577 if (!mac_vnode_enforce) {
39037602 1578 return 0;
0a7de745 1579 }
3e170ce0 1580#endif
2d21ac55 1581 cred = vfs_context_ucred(ctx);
0a7de745
A		 1582 if (!mac_cred_check_enforce(cred)) {
1583 return 0;
1584 }
fe8ab488 1585
2d21ac55
A		 1586 MAC_CHECK(vnode_check_rename_from, cred, dvp, dvp->v_label, vp,
1587 vp->v_label, cnp);
0a7de745
A		 1588 if (error) {
1589 return error;
1590 }
2d21ac55 1591
fe8ab488
A		 1592 MAC_CHECK(vnode_check_rename_to, cred, tdvp, tdvp->v_label, tvp,
1593 tvp != NULL ? tvp->v_label : NULL, dvp == tdvp, tcnp);
0a7de745
A		 1594 if (error) {
1595 return error;
1596 }
2d21ac55 1597
fe8ab488
A		 1598 MAC_CHECK(vnode_check_rename, cred, dvp, dvp->v_label, vp,
1599 vp->v_label, cnp, tdvp, tdvp->v_label, tvp,
1600 tvp != NULL ? tvp->v_label : NULL, tcnp);
0a7de745 1601 return error;
2d21ac55
A		 1602}
1603
1604int
1605mac_vnode_check_revoke(vfs_context_t ctx, struct vnode *vp)
1606{
1607 kauth_cred_t cred;
1608 int error;
1609
3e170ce0 1610#if SECURITY_MAC_CHECK_ENFORCE
39037602 1611 /* 21167099 - only check if we allow write */
0a7de745 1612 if (!mac_vnode_enforce) {
39037602 1613 return 0;
0a7de745 1614 }
3e170ce0 1615#endif
2d21ac55 1616 cred = vfs_context_ucred(ctx);
0a7de745
A		 1617 if (!mac_cred_check_enforce(cred)) {
1618 return 0;
1619 }
2d21ac55 1620 MAC_CHECK(vnode_check_revoke, cred, vp, vp->v_label);
0a7de745 1621 return error;
2d21ac55
A		 1622}
1623
6d2010ae
A		 1624int
1625mac_vnode_check_searchfs(vfs_context_t ctx, struct vnode *vp, struct attrlist *alist)
1626{
1627 kauth_cred_t cred;
1628 int error;
1629
3e170ce0 1630#if SECURITY_MAC_CHECK_ENFORCE
39037602 1631 /* 21167099 - only check if we allow write */
0a7de745 1632 if (!mac_vnode_enforce) {
39037602 1633 return 0;
0a7de745 1634 }
3e170ce0 1635#endif
6d2010ae 1636 cred = vfs_context_ucred(ctx);
0a7de745
A		 1637 if (!mac_cred_check_enforce(cred)) {
1638 return 0;
1639 }
6d2010ae 1640 MAC_CHECK(vnode_check_searchfs, cred, vp, vp->v_label, alist);
0a7de745 1641 return error;
6d2010ae
A		 1642}
1643
2d21ac55
A		 1644int
1645mac_vnode_check_select(vfs_context_t ctx, struct vnode *vp, int which)
1646{
1647 kauth_cred_t cred;
1648 int error;
1649
3e170ce0 1650#if SECURITY_MAC_CHECK_ENFORCE
39037602 1651 /* 21167099 - only check if we allow write */
0a7de745 1652 if (!mac_vnode_enforce) {
39037602 1653 return 0;
0a7de745 1654 }
3e170ce0 1655#endif
2d21ac55 1656 cred = vfs_context_ucred(ctx);
0a7de745
A		 1657 if (!mac_cred_check_enforce(cred)) {
1658 return 0;
1659 }
2d21ac55 1660 MAC_CHECK(vnode_check_select, cred, vp, vp->v_label, which);
0a7de745 1661 return error;
2d21ac55
A		 1662}
1663
2d21ac55 1664int
39037602
A		 1665mac_vnode_check_setacl(vfs_context_t ctx, struct vnode *vp,
1666 struct kauth_acl *acl)
2d21ac55
A		 1667{
1668 kauth_cred_t cred;
1669 int error;
1670
3e170ce0 1671#if SECURITY_MAC_CHECK_ENFORCE
39037602 1672 /* 21167099 - only check if we allow write */
0a7de745 1673 if (!mac_vnode_enforce) {
39037602 1674 return 0;
0a7de745 1675 }
3e170ce0 1676#endif
2d21ac55 1677 cred = vfs_context_ucred(ctx);
0a7de745
A		 1678 if (!mac_cred_check_enforce(cred)) {
1679 return 0;
1680 }
39037602 1681 MAC_CHECK(vnode_check_setacl, cred, vp, vp->v_label, acl);
0a7de745 1682 return error;
2d21ac55 1683}
2d21ac55
A		 1684
1685int
1686mac_vnode_check_setattrlist(vfs_context_t ctx, struct vnode *vp,
1687 struct attrlist *alist)
1688{
1689 kauth_cred_t cred;
1690 int error;
1691
3e170ce0 1692#if SECURITY_MAC_CHECK_ENFORCE
39037602 1693 /* 21167099 - only check if we allow write */
0a7de745 1694 if (!mac_vnode_enforce) {
39037602 1695 return 0;
0a7de745 1696 }
3e170ce0 1697#endif
2d21ac55 1698 cred = vfs_context_ucred(ctx);
0a7de745
A		 1699 if (!mac_cred_check_enforce(cred)) {
1700 return 0;
1701 }
2d21ac55 1702 MAC_CHECK(vnode_check_setattrlist, cred, vp, vp->v_label, alist);
0a7de745 1703 return error;
2d21ac55
A		 1704}
1705
1706int
1707mac_vnode_check_setextattr(vfs_context_t ctx, struct vnode *vp,
1708 const char *name, struct uio *uio)
1709{
1710 kauth_cred_t cred;
1711 int error;
1712
3e170ce0 1713#if SECURITY_MAC_CHECK_ENFORCE
39037602 1714 /* 21167099 - only check if we allow write */
0a7de745 1715 if (!mac_vnode_enforce) {
39037602 1716 return 0;
0a7de745 1717 }
3e170ce0 1718#endif
2d21ac55 1719 cred = vfs_context_ucred(ctx);
0a7de745
A		 1720 if (!mac_cred_check_enforce(cred)) {
1721 return 0;
1722 }
2d21ac55
A		 1723 MAC_CHECK(vnode_check_setextattr, cred, vp, vp->v_label,
1724 name, uio);
0a7de745 1725 return error;
2d21ac55
A		 1726}
1727
1728int
1729mac_vnode_check_setflags(vfs_context_t ctx, struct vnode *vp, u_long flags)
1730{
1731 kauth_cred_t cred;
1732 int error;
1733
3e170ce0 1734#if SECURITY_MAC_CHECK_ENFORCE
39037602 1735 /* 21167099 - only check if we allow write */
0a7de745 1736 if (!mac_vnode_enforce) {
39037602 1737 return 0;
0a7de745 1738 }
3e170ce0 1739#endif
2d21ac55 1740 cred = vfs_context_ucred(ctx);
0a7de745
A		 1741 if (!mac_cred_check_enforce(cred)) {
1742 return 0;
1743 }
2d21ac55 1744 MAC_CHECK(vnode_check_setflags, cred, vp, vp->v_label, flags);
0a7de745 1745 return error;
2d21ac55
A		 1746}
1747
1748int
1749mac_vnode_check_setmode(vfs_context_t ctx, struct vnode *vp, mode_t mode)
1750{
1751 kauth_cred_t cred;
1752 int error;
1753
3e170ce0 1754#if SECURITY_MAC_CHECK_ENFORCE
39037602 1755 /* 21167099 - only check if we allow write */
0a7de745 1756 if (!mac_vnode_enforce) {
39037602 1757 return 0;
0a7de745 1758 }
3e170ce0 1759#endif
2d21ac55 1760 cred = vfs_context_ucred(ctx);
0a7de745
A		 1761 if (!mac_cred_check_enforce(cred)) {
1762 return 0;
1763 }
2d21ac55 1764 MAC_CHECK(vnode_check_setmode, cred, vp, vp->v_label, mode);
0a7de745 1765 return error;
2d21ac55
A		 1766}
1767
1768int
1769mac_vnode_check_setowner(vfs_context_t ctx, struct vnode *vp, uid_t uid,
1770 gid_t gid)
1771{
1772 kauth_cred_t cred;
1773 int error;
1774
3e170ce0 1775#if SECURITY_MAC_CHECK_ENFORCE
39037602 1776 /* 21167099 - only check if we allow write */
0a7de745 1777 if (!mac_vnode_enforce) {
39037602 1778 return 0;
0a7de745 1779 }
3e170ce0 1780#endif
2d21ac55 1781 cred = vfs_context_ucred(ctx);
0a7de745
A		 1782 if (!mac_cred_check_enforce(cred)) {
1783 return 0;
1784 }
2d21ac55 1785 MAC_CHECK(vnode_check_setowner, cred, vp, vp->v_label, uid, gid);
0a7de745 1786 return error;
2d21ac55
A		 1787}
1788
1789int
1790mac_vnode_check_setutimes(vfs_context_t ctx, struct vnode *vp,
1791 struct timespec atime, struct timespec mtime)
1792{
1793 kauth_cred_t cred;
1794 int error;
1795
3e170ce0 1796#if SECURITY_MAC_CHECK_ENFORCE
39037602 1797 /* 21167099 - only check if we allow write */
0a7de745 1798 if (!mac_vnode_enforce) {
39037602 1799 return 0;
0a7de745 1800 }
3e170ce0 1801#endif
2d21ac55 1802 cred = vfs_context_ucred(ctx);
0a7de745
A		 1803 if (!mac_cred_check_enforce(cred)) {
1804 return 0;
1805 }
2d21ac55
A		 1806 MAC_CHECK(vnode_check_setutimes, cred, vp, vp->v_label, atime,
1807 mtime);
0a7de745 1808 return error;
2d21ac55
A		 1809}
1810
1811int
1812mac_vnode_check_stat(vfs_context_t ctx, struct ucred *file_cred,
1813 struct vnode *vp)
1814{
1815 kauth_cred_t cred;
1816 int error;
1817
3e170ce0 1818#if SECURITY_MAC_CHECK_ENFORCE
39037602 1819 /* 21167099 - only check if we allow write */
0a7de745 1820 if (!mac_vnode_enforce) {
39037602 1821 return 0;
0a7de745 1822 }
3e170ce0 1823#endif
2d21ac55 1824 cred = vfs_context_ucred(ctx);
0a7de745
A		 1825 if (!mac_cred_check_enforce(cred)) {
1826 return 0;
1827 }
2d21ac55
A		 1828 MAC_CHECK(vnode_check_stat, cred, file_cred, vp,
1829 vp->v_label);
0a7de745 1830 return error;
2d21ac55
A		 1831}
1832
527f9951
A		 1833int
1834mac_vnode_check_trigger_resolve(vfs_context_t ctx, struct vnode *dvp,
1835 struct componentname *cnp)
1836{
1837 kauth_cred_t cred;
1838 int error;
1839
1840#if SECURITY_MAC_CHECK_ENFORCE
1841 /* 21167099 - only check if we allow write */
0a7de745 1842 if (!mac_vnode_enforce) {
527f9951 1843 return 0;
0a7de745 1844 }
527f9951
A		 1845#endif
1846 cred = vfs_context_ucred(ctx);
0a7de745
A		 1847 if (!mac_cred_check_enforce(cred)) {
1848 return 0;
1849 }
527f9951 1850 MAC_CHECK(vnode_check_trigger_resolve, cred, dvp, dvp->v_label, cnp);
0a7de745 1851 return error;
527f9951
A		 1852}
1853
2d21ac55
A		 1854int
1855mac_vnode_check_truncate(vfs_context_t ctx, struct ucred *file_cred,
1856 struct vnode *vp)
1857{
1858 kauth_cred_t cred;
1859 int error;
1860
3e170ce0 1861#if SECURITY_MAC_CHECK_ENFORCE
39037602 1862 /* 21167099 - only check if we allow write */
0a7de745 1863 if (!mac_vnode_enforce) {
39037602 1864 return 0;
0a7de745 1865 }
3e170ce0 1866#endif
2d21ac55 1867 cred = vfs_context_ucred(ctx);
0a7de745
A		 1868 if (!mac_cred_check_enforce(cred)) {
1869 return 0;
1870 }
2d21ac55
A		 1871 MAC_CHECK(vnode_check_truncate, cred, file_cred, vp,
1872 vp->v_label);
1873
0a7de745 1874 return error;
2d21ac55
A		 1875}
1876
1877int
1878mac_vnode_check_write(vfs_context_t ctx, struct ucred *file_cred,
1879 struct vnode *vp)
1880{
1881 kauth_cred_t cred;
1882 int error;
1883
3e170ce0 1884#if SECURITY_MAC_CHECK_ENFORCE
39037602 1885 /* 21167099 - only check if we allow write */
0a7de745 1886 if (!mac_vnode_enforce) {
39037602 1887 return 0;
0a7de745 1888 }
3e170ce0 1889#endif
2d21ac55 1890 cred = vfs_context_ucred(ctx);
0a7de745
A		 1891 if (!mac_cred_check_enforce(cred)) {
1892 return 0;
1893 }
2d21ac55
A		 1894 MAC_CHECK(vnode_check_write, cred, file_cred, vp, vp->v_label);
1895
0a7de745 1896 return error;
2d21ac55
A		 1897}
1898
b0d623f7
A		 1899int
1900mac_vnode_check_uipc_bind(vfs_context_t ctx, struct vnode *dvp,
1901 struct componentname *cnp, struct vnode_attr *vap)
1902{
1903 kauth_cred_t cred;
1904 int error;
1905
3e170ce0 1906#if SECURITY_MAC_CHECK_ENFORCE
39037602 1907 /* 21167099 - only check if we allow write */
0a7de745 1908 if (!mac_vnode_enforce) {
39037602 1909 return 0;
0a7de745 1910 }
3e170ce0 1911#endif
b0d623f7 1912 cred = vfs_context_ucred(ctx);
0a7de745
A		 1913 if (!mac_cred_check_enforce(cred)) {
1914 return 0;
1915 }
b0d623f7 1916 MAC_CHECK(vnode_check_uipc_bind, cred, dvp, dvp->v_label, cnp, vap);
0a7de745 1917 return error;
b0d623f7
A		 1918}
1919
1920int
39037602 1921mac_vnode_check_uipc_connect(vfs_context_t ctx, struct vnode *vp, struct socket *so)
b0d623f7
A		 1922{
1923 kauth_cred_t cred;
1924 int error;
1925
3e170ce0 1926#if SECURITY_MAC_CHECK_ENFORCE
39037602 1927 /* 21167099 - only check if we allow write */
0a7de745 1928 if (!mac_vnode_enforce) {
39037602 1929 return 0;
0a7de745 1930 }
3e170ce0 1931#endif
b0d623f7 1932 cred = vfs_context_ucred(ctx);
0a7de745
A		 1933 if (!mac_cred_check_enforce(cred)) {
1934 return 0;
1935 }
39037602 1936 MAC_CHECK(vnode_check_uipc_connect, cred, vp, vp->v_label, (socket_t) so);
0a7de745 1937 return error;
b0d623f7
A		 1938}
1939
2d21ac55
A		 1940void
1941mac_vnode_label_update(vfs_context_t ctx, struct vnode *vp, struct label *newlabel)
1942{
1943 kauth_cred_t cred = vfs_context_ucred(ctx);
b0d623f7
A		 1944 struct label *tmpl = NULL;
1945
0a7de745 1946 if (vp->v_label == NULL) {
b0d623f7 1947 tmpl = mac_vnode_label_alloc();
0a7de745 1948 }
2d21ac55
A		 1949
1950 vnode_lock(vp);
b0d623f7
A		 1951
1952 /* recheck after lock */
1953 if (vp->v_label == NULL) {
1954 vp->v_label = tmpl;
1955 tmpl = NULL;
1956 }
1957
2d21ac55
A		 1958 MAC_PERFORM(vnode_label_update, cred, vp, vp->v_label, newlabel);
1959 vnode_unlock(vp);
b0d623f7 1960
0a7de745 1961 if (tmpl != NULL) {
b0d623f7 1962 mac_vnode_label_free(tmpl);
0a7de745 1963 }
2d21ac55
A		 1964}
1965
39236c6e
A		 1966int
1967mac_vnode_find_sigs(struct proc *p, struct vnode *vp, off_t offset)
1968{
1969 int error;
1970
3e170ce0 1971#if SECURITY_MAC_CHECK_ENFORCE
39037602 1972 /* 21167099 - only check if we allow write */
0a7de745 1973 if (!mac_proc_enforce || !mac_vnode_enforce) {
39037602 1974 return 0;
0a7de745 1975 }
3e170ce0 1976#endif
39236c6e
A		 1977
1978 MAC_CHECK(vnode_find_sigs, p, vp, offset, vp->v_label);
1979
0a7de745 1980 return error;
39236c6e
A		 1981}
1982
2d21ac55
A		 1983void
1984mac_mount_label_associate(vfs_context_t ctx, struct mount *mp)
1985{
1986 kauth_cred_t cred = vfs_context_ucred(ctx);
1987
1988 /* XXX: eventually this logic may be handled by the policy? */
1989
1990 /* We desire MULTILABEL for the root filesystem. */
0a7de745
A		 1991 if ((mp->mnt_flag & MNT_ROOTFS) &&
1992 (strcmp(mp->mnt_vfsstat.f_fstypename, "hfs") == 0)) {
2d21ac55 1993 mp->mnt_flag |= MNT_MULTILABEL;
0a7de745 1994 }
2d21ac55
A		 1995
1996 /* MULTILABEL on DEVFS. */
0a7de745 1997 if (strcmp(mp->mnt_vfsstat.f_fstypename, "devfs") == 0) {
2d21ac55 1998 mp->mnt_flag |= MNT_MULTILABEL;
0a7de745 1999 }
2d21ac55
A		 2000
2001 /* MULTILABEL on FDESC pseudo-filesystem. */
0a7de745 2002 if (strcmp(mp->mnt_vfsstat.f_fstypename, "fdesc") == 0) {
2d21ac55 2003 mp->mnt_flag |= MNT_MULTILABEL;
0a7de745 2004 }
2d21ac55
A		 2005
2006 /* MULTILABEL on all NFS filesystems. */
0a7de745 2007 if (strcmp(mp->mnt_vfsstat.f_fstypename, "nfs") == 0) {
2d21ac55 2008 mp->mnt_flag |= MNT_MULTILABEL;
0a7de745 2009 }
2d21ac55
A		 2010
2011 /* MULTILABEL on all AFP filesystems. */
0a7de745 2012 if (strcmp(mp->mnt_vfsstat.f_fstypename, "afpfs") == 0) {
2d21ac55 2013 mp->mnt_flag |= MNT_MULTILABEL;
0a7de745 2014 }
2d21ac55
A		 2015
2016 if (mp->mnt_vtable != NULL) {
2017 /* Any filesystem that supports native XATTRs. */
0a7de745 2018 if ((mp->mnt_vtable->vfc_vfsflags & VFC_VFSNATIVEXATTR)) {
2d21ac55 2019 mp->mnt_flag |= MNT_MULTILABEL;
0a7de745 2020 }
2d21ac55
A		 2021
2022 /* Filesystem does not support multilabel. */
2023 if ((mp->mnt_vtable->vfc_vfsflags & VFC_VFSNOMACLABEL) &&
0a7de745 2024 (mp->mnt_flag & MNT_MULTILABEL)) {
2d21ac55 2025 mp->mnt_flag &= ~MNT_MULTILABEL;
0a7de745 2026 }
2d21ac55
A		 2027 }
2028
2029 MAC_PERFORM(mount_label_associate, cred, mp, mp->mnt_mntlabel);
316670eb 2030#if DEBUG
2d21ac55 2031 printf("MAC Framework enabling %s support: %s -> %s (%s)\n",
0a7de745
A		 2032 mp->mnt_flag & MNT_MULTILABEL ? "multilabel" : "singlelabel",
2033 mp->mnt_vfsstat.f_mntfromname,
2034 mp->mnt_vfsstat.f_mntonname,
2035 mp->mnt_vfsstat.f_fstypename);
2d21ac55
A		 2036#endif
2037}
2038
2039int
2040mac_mount_check_mount(vfs_context_t ctx, struct vnode *vp,
2041 struct componentname *cnp, const char *vfc_name)
2042{
2043 kauth_cred_t cred;
2044 int error;
2045
3e170ce0 2046#if SECURITY_MAC_CHECK_ENFORCE
39037602 2047 /* 21167099 - only check if we allow write */
0a7de745 2048 if (!mac_vnode_enforce) {
39037602 2049 return 0;
0a7de745 2050 }
3e170ce0 2051#endif
2d21ac55 2052 cred = vfs_context_ucred(ctx);
0a7de745
A		 2053 if (!mac_cred_check_enforce(cred)) {
2054 return 0;
2055 }
2d21ac55
A		 2056 MAC_CHECK(mount_check_mount, cred, vp, vp->v_label, cnp, vfc_name);
2057
0a7de745 2058 return error;
2d21ac55
A		 2059}
2060
39037602
A		 2061int
2062mac_mount_check_snapshot_create(vfs_context_t ctx, struct mount *mp,
2063 const char *name)
2064{
2065 kauth_cred_t cred;
2066 int error;
2067
2068#if SECURITY_MAC_CHECK_ENFORCE
2069 /* 21167099 - only check if we allow write */
0a7de745 2070 if (!mac_vnode_enforce) {
39037602 2071 return 0;
0a7de745 2072 }
39037602 2073#endif
39037602 2074 cred = vfs_context_ucred(ctx);
0a7de745
A		 2075 if (!mac_cred_check_enforce(cred)) {
2076 return 0;
2077 }
39037602 2078 MAC_CHECK(mount_check_snapshot_create, cred, mp, name);
0a7de745 2079 return error;
39037602
A		 2080}
2081
2082int
2083mac_mount_check_snapshot_delete(vfs_context_t ctx, struct mount *mp,
2084 const char *name)
2085{
2086 kauth_cred_t cred;
2087 int error;
2088
2089#if SECURITY_MAC_CHECK_ENFORCE
2090 /* 21167099 - only check if we allow write */
0a7de745 2091 if (!mac_vnode_enforce) {
39037602 2092 return 0;
0a7de745 2093 }
39037602 2094#endif
39037602 2095 cred = vfs_context_ucred(ctx);
0a7de745
A		 2096 if (!mac_cred_check_enforce(cred)) {
2097 return 0;
2098 }
39037602 2099 MAC_CHECK(mount_check_snapshot_delete, cred, mp, name);
0a7de745 2100 return error;
39037602
A		 2101}
2102
813fb2f6
A		 2103int
2104mac_mount_check_snapshot_revert(vfs_context_t ctx, struct mount *mp,
2105 const char *name)
2106{
2107 kauth_cred_t cred;
2108 int error;
2109
2110#if SECURITY_MAC_CHECK_ENFORCE
2111 /* 21167099 - only check if we allow write */
0a7de745 2112 if (!mac_vnode_enforce) {
813fb2f6 2113 return 0;
0a7de745 2114 }
813fb2f6 2115#endif
813fb2f6 2116 cred = vfs_context_ucred(ctx);
0a7de745
A		 2117 if (!mac_cred_check_enforce(cred)) {
2118 return 0;
2119 }
813fb2f6 2120 MAC_CHECK(mount_check_snapshot_revert, cred, mp, name);
0a7de745 2121 return error;
813fb2f6
A		 2122}
2123
2d21ac55
A		 2124int
2125mac_mount_check_remount(vfs_context_t ctx, struct mount *mp)
2126{
2127 kauth_cred_t cred;
2128 int error;
2129
3e170ce0 2130#if SECURITY_MAC_CHECK_ENFORCE
39037602 2131 /* 21167099 - only check if we allow write */
0a7de745 2132 if (!mac_vnode_enforce) {
39037602 2133 return 0;
0a7de745 2134 }
3e170ce0 2135#endif
2d21ac55 2136 cred = vfs_context_ucred(ctx);
0a7de745
A		 2137 if (!mac_cred_check_enforce(cred)) {
2138 return 0;
2139 }
2d21ac55
A		 2140 MAC_CHECK(mount_check_remount, cred, mp, mp->mnt_mntlabel);
2141
0a7de745 2142 return error;
2d21ac55
A		 2143}
2144
2145int
2146mac_mount_check_umount(vfs_context_t ctx, struct mount *mp)
2147{
2148 kauth_cred_t cred;
2149 int error;
2150
3e170ce0 2151#if SECURITY_MAC_CHECK_ENFORCE
39037602 2152 /* 21167099 - only check if we allow write */
0a7de745 2153 if (!mac_vnode_enforce) {
39037602 2154 return 0;
0a7de745 2155 }
3e170ce0 2156#endif
2d21ac55 2157 cred = vfs_context_ucred(ctx);
0a7de745
A		 2158 if (!mac_cred_check_enforce(cred)) {
2159 return 0;
2160 }
2d21ac55
A		 2161 MAC_CHECK(mount_check_umount, cred, mp, mp->mnt_mntlabel);
2162
0a7de745 2163 return error;
2d21ac55
A		 2164}
2165
2166int
0a7de745 2167mac_mount_check_getattr(vfs_context_t ctx, struct mount *mp,
2d21ac55
A		 2168 struct vfs_attr *vfa)
2169{
2170 kauth_cred_t cred;
2171 int error;
2172
3e170ce0 2173#if SECURITY_MAC_CHECK_ENFORCE
39037602 2174 /* 21167099 - only check if we allow write */
0a7de745 2175 if (!mac_vnode_enforce) {
39037602 2176 return 0;
0a7de745 2177 }
3e170ce0 2178#endif
2d21ac55 2179 cred = vfs_context_ucred(ctx);
0a7de745
A		 2180 if (!mac_cred_check_enforce(cred)) {
2181 return 0;
2182 }
2d21ac55 2183 MAC_CHECK(mount_check_getattr, cred, mp, mp->mnt_mntlabel, vfa);
0a7de745 2184 return error;
2d21ac55
A		 2185}
2186
2187int
0a7de745 2188mac_mount_check_setattr(vfs_context_t ctx, struct mount *mp,
2d21ac55
A		 2189 struct vfs_attr *vfa)
2190{
2191 kauth_cred_t cred;
2192 int error;
2193
3e170ce0 2194#if SECURITY_MAC_CHECK_ENFORCE
39037602 2195 /* 21167099 - only check if we allow write */
0a7de745 2196 if (!mac_vnode_enforce) {
39037602 2197 return 0;
0a7de745 2198 }
3e170ce0 2199#endif
2d21ac55 2200 cred = vfs_context_ucred(ctx);
0a7de745
A		 2201 if (!mac_cred_check_enforce(cred)) {
2202 return 0;
2203 }
2d21ac55 2204 MAC_CHECK(mount_check_setattr, cred, mp, mp->mnt_mntlabel, vfa);
0a7de745 2205 return error;
2d21ac55
A		 2206}
2207
2208int
2209mac_mount_check_stat(vfs_context_t ctx, struct mount *mount)
2210{
2211 kauth_cred_t cred;
2212 int error;
2213
3e170ce0 2214#if SECURITY_MAC_CHECK_ENFORCE
5ba3f43e 2215 /* 21167099 - only check if we allow write */
0a7de745 2216 if (!mac_vnode_enforce) {
5ba3f43e 2217 return 0;
0a7de745 2218 }
3e170ce0 2219#endif
2d21ac55 2220 cred = vfs_context_ucred(ctx);
0a7de745
A		 2221 if (!mac_cred_check_enforce(cred)) {
2222 return 0;
2223 }
2d21ac55
A		 2224 MAC_CHECK(mount_check_stat, cred, mount, mount->mnt_mntlabel);
2225
0a7de745 2226 return error;
2d21ac55
A		 2227}
2228
2229int
2230mac_mount_check_label_update(vfs_context_t ctx, struct mount *mount)
2231{
2232 kauth_cred_t cred;
2233 int error;
2234
3e170ce0 2235#if SECURITY_MAC_CHECK_ENFORCE
5ba3f43e 2236 /* 21167099 - only check if we allow write */
0a7de745 2237 if (!mac_vnode_enforce) {
5ba3f43e 2238 return 0;
0a7de745 2239 }
3e170ce0 2240#endif
2d21ac55 2241 cred = vfs_context_ucred(ctx);
0a7de745
A		 2242 if (!mac_cred_check_enforce(cred)) {
2243 return 0;
2244 }
2d21ac55
A		 2245 MAC_CHECK(mount_check_label_update, cred, mount, mount->mnt_mntlabel);
2246
0a7de745 2247 return error;
2d21ac55
A		 2248}
2249
2250int
2251mac_mount_check_fsctl(vfs_context_t ctx, struct mount *mp, u_int cmd)
2252{
2253 kauth_cred_t cred;
2254 int error;
2255
3e170ce0 2256#if SECURITY_MAC_CHECK_ENFORCE
5ba3f43e 2257 /* 21167099 - only check if we allow write */
0a7de745 2258 if (!mac_vnode_enforce) {
5ba3f43e 2259 return 0;
0a7de745 2260 }
3e170ce0 2261#endif
2d21ac55 2262 cred = vfs_context_ucred(ctx);
0a7de745
A		 2263 if (!mac_cred_check_enforce(cred)) {
2264 return 0;
2265 }
2d21ac55
A		 2266 MAC_CHECK(mount_check_fsctl, cred, mp, mp->mnt_mntlabel, cmd);
2267
0a7de745 2268 return error;
2d21ac55
A		 2269}
2270
2271void
2272mac_devfs_label_associate_device(dev_t dev, struct devnode *de,
2273 const char *fullpath)
2274{
3e170ce0 2275#if SECURITY_MAC_CHECK_ENFORCE
5ba3f43e 2276 /* 21167099 - only check if we allow write */
0a7de745 2277 if (!mac_device_enforce) {
5ba3f43e 2278 return;
0a7de745 2279 }
3e170ce0 2280#endif
2d21ac55
A		 2281
2282 MAC_PERFORM(devfs_label_associate_device, dev, de, de->dn_label,
2283 fullpath);
2284}
2285
2286void
2287mac_devfs_label_associate_directory(const char *dirname, int dirnamelen,
2288 struct devnode *de, const char *fullpath)
2289{
3e170ce0 2290#if SECURITY_MAC_CHECK_ENFORCE
5ba3f43e 2291 /* 21167099 - only check if we allow write */
0a7de745 2292 if (!mac_device_enforce) {
5ba3f43e 2293 return;
0a7de745 2294 }
3e170ce0 2295#endif
2d21ac55
A		 2296
2297 MAC_PERFORM(devfs_label_associate_directory, dirname, dirnamelen, de,
2298 de->dn_label, fullpath);
2299}
2300
2301int
2302vn_setlabel(struct vnode *vp, struct label *intlabel, vfs_context_t context)
2303{
2304 int error;
2305
3e170ce0 2306#if SECURITY_MAC_CHECK_ENFORCE
5ba3f43e 2307 /* 21167099 - only check if we allow write */
0a7de745 2308 if (!mac_vnode_enforce) {
5ba3f43e 2309 return 0;
0a7de745 2310 }
3e170ce0 2311#endif
0a7de745
A		 2312 if (!mac_label_vnodes) {
2313 return 0;
2314 }
2d21ac55
A		 2315
2316 if (vp->v_mount == NULL) {
2317 printf("vn_setlabel: null v_mount\n");
0a7de745 2318 if (vp->v_type != VNON) {
2d21ac55 2319 printf("vn_setlabel: null v_mount with non-VNON\n");
0a7de745
A		 2320 }
2321 return EBADF;
2d21ac55
A		 2322 }
2323
0a7de745
A		 2324 if ((vp->v_mount->mnt_flag & MNT_MULTILABEL) == 0) {
2325 return ENOTSUP;
2326 }
2d21ac55
A		 2327
2328 /*
2329 * Multi-phase commit. First check the policies to confirm the
2330 * change is OK. Then commit via the filesystem. Finally,
2331 * update the actual vnode label. Question: maybe the filesystem
2332 * should update the vnode at the end as part of VNOP_SETLABEL()?
2333 */
2334 error = mac_vnode_check_label_update(context, vp, intlabel);
0a7de745
A		 2335 if (error) {
2336 return error;
2337 }
2d21ac55
A		 2338
2339 error = VNOP_SETLABEL(vp, intlabel, context);
2340 if (error == ENOTSUP) {
2341 error = mac_vnode_label_store(context, vp,
0a7de745 2342 intlabel);
2d21ac55
A		 2343 if (error) {
2344 printf("%s: mac_vnode_label_store failed %d\n",
0a7de745
A		 2345 __func__, error);
2346 return error;
2d21ac55
A		 2347 }
2348 mac_vnode_label_update(context, vp, intlabel);
0a7de745 2349 } else if (error) {
2d21ac55 2350 printf("vn_setlabel: vop setlabel failed %d\n", error);
0a7de745 2351 return error;
2d21ac55
A		 2352 }
2353
0a7de745 2354 return 0;
2d21ac55
A		 2355}
2356
2357int
2358mac_vnode_label_associate_fdesc(struct mount *mp, struct fdescnode *fnp,
2359 struct vnode *vp, vfs_context_t ctx)
2360{
2361 struct fileproc *fp;
39236c6e 2362#if CONFIG_MACF_SOCKET_SUBSET
2d21ac55 2363 struct socket *so;
39236c6e 2364#endif
2d21ac55
A		 2365 struct pipe *cpipe;
2366 struct vnode *fvp;
2367 struct proc *p;
2368 int error;
2369
2370 error = 0;
2371
2372 /*
2373 * If no backing file, let the policy choose which label to use.
2374 */
2375 if (fnp->fd_fd == -1) {
2376 MAC_PERFORM(vnode_label_associate_file, vfs_context_ucred(ctx),
2377 mp, mp->mnt_mntlabel, NULL, NULL, vp, vp->v_label);
0a7de745 2378 return 0;
2d21ac55
A		 2379 }
2380
2381 p = vfs_context_proc(ctx);
2382 error = fp_lookup(p, fnp->fd_fd, &fp, 0);
0a7de745
A		 2383 if (error) {
2384 return error;
2385 }
2d21ac55
A		 2386
2387 if (fp->f_fglob == NULL) {
2388 error = EBADF;
2389 goto out;
2390 }
2391
39236c6e 2392 switch (FILEGLOB_DTYPE(fp->f_fglob)) {
2d21ac55
A		 2393 case DTYPE_VNODE:
2394 fvp = (struct vnode *)fp->f_fglob->fg_data;
0a7de745 2395 if ((error = vnode_getwithref(fvp))) {
2d21ac55 2396 goto out;
0a7de745 2397 }
2d21ac55
A		 2398 MAC_PERFORM(vnode_label_copy, fvp->v_label, vp->v_label);
2399 (void)vnode_put(fvp);
2400 break;
39236c6e 2401#if CONFIG_MACF_SOCKET_SUBSET
2d21ac55
A		 2402 case DTYPE_SOCKET:
2403 so = (struct socket *)fp->f_fglob->fg_data;
2404 socket_lock(so, 1);
2405 MAC_PERFORM(vnode_label_associate_socket,
0a7de745 2406 vfs_context_ucred(ctx), (socket_t)so, so->so_label,
2d21ac55
A		 2407 vp, vp->v_label);
2408 socket_unlock(so, 1);
2409 break;
39236c6e 2410#endif
2d21ac55
A		 2411 case DTYPE_PSXSHM:
2412 pshm_label_associate(fp, vp, ctx);
2413 break;
2414 case DTYPE_PSXSEM:
2415 psem_label_associate(fp, vp, ctx);
2416 break;
2417 case DTYPE_PIPE:
2418 cpipe = (struct pipe *)fp->f_fglob->fg_data;
2419 /* kern/sys_pipe.c:pipe_select() suggests this test. */
2420 if (cpipe == (struct pipe *)-1) {
2421 error = EINVAL;
2422 goto out;
2423 }
2424 PIPE_LOCK(cpipe);
2425 MAC_PERFORM(vnode_label_associate_pipe, vfs_context_ucred(ctx),
2426 cpipe, cpipe->pipe_label, vp, vp->v_label);
2427 PIPE_UNLOCK(cpipe);
2428 break;
2429 case DTYPE_KQUEUE:
2430 case DTYPE_FSEVENTS:
39037602
A		 2431 case DTYPE_ATALK:
2432 case DTYPE_NETPOLICY:
2d21ac55
A		 2433 default:
2434 MAC_PERFORM(vnode_label_associate_file, vfs_context_ucred(ctx),
2435 mp, mp->mnt_mntlabel, fp->f_fglob, fp->f_fglob->fg_label,
2436 vp, vp->v_label);
2437 break;
2438 }
2439out:
2440 fp_drop(p, fnp->fd_fd, fp, 0);
0a7de745 2441 return error;
2d21ac55 2442}
mirror of XNU