security/mac_task.c

   1 /*
   2  * Copyright (c) 2007 Apple Inc. All rights reserved.
   3  *
   4  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. The rights granted to you under the License
  10  * may not be used to create, or enable the creation or redistribution of,
  11  * unlawful or unlicensed copies of an Apple operating system, or to
  12  * circumvent, violate, or enable the circumvention or violation of, any
  13  * terms of an Apple operating system software license agreement.
  14  *
  15  * Please obtain a copy of the License at
  16  * http://www.opensource.apple.com/apsl/ and read it before using this file.
  17  *
  18  * The Original Code and all software distributed under the License are
  19  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  20  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  21  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  22  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  23  * Please see the License for the specific language governing rights and
  24  * limitations under the License.
  25  *
  26  * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
  27  */
  28
  29 /*-
  30  * Copyright (c) 2003, 2004 Networks Associates Technology, Inc.
  31  * Copyright (c) 2005 SPARTA, Inc.
  32  *
  33  * This software was developed for the FreeBSD Project in part by Network
  34  * Associates Laboratories, the Security Research Division of Network
  35  * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
  36  * as part of the DARPA CHATS research program.
  37  *
  38  * Redistribution and use in source and binary forms, with or without
  39  * modification, are permitted provided that the following conditions
  40  * are met:
  41  * 1. Redistributions of source code must retain the above copyright
  42  *    notice, this list of conditions and the following disclaimer.
  43  * 2. Redistributions in binary form must reproduce the above copyright
  44  *    notice, this list of conditions and the following disclaimer in the
  45  *    documentation and/or other materials provided with the distribution.
  46  *
  47  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  48  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  49  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  50  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  51  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  52  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  53  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  54  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  55  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  56  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  57  * SUCH DAMAGE.
  58  *
  59  */
  60
  61 #include <security/mac_internal.h>
  62 #include <security/mac_mach_internal.h>
  63
  64 void
  65 mac_task_label_init(struct label *label)
  66 {
  67
  68         mac_label_init(label);
  69         if (mac_late == 0) {
  70                 mac_label_journal_add(label, MLJ_TYPE_TASK);
  71                 mac_label_journal(label, MLJ_TASK_OP_INIT);
  72         }
  73         MAC_PERFORM(task_label_init, label);
  74 }
  75
  76 void
  77 mac_task_label_update(struct label *cred, struct label *task)
  78 {
  79
  80         MAC_PERFORM(task_label_update, cred, task);
  81 }
  82
  83 void
  84 mac_task_label_copy(struct label *src, struct label *dest)
  85 {
  86
  87         MAC_PERFORM(task_label_copy, src, dest);
  88 }
  89
  90 void
  91 mac_task_label_destroy(struct label *label)
  92 {
  93
  94         MAC_PERFORM(task_label_destroy, label);
  95         if (mac_late == 0)
  96                 mac_label_journal_remove(label);
  97         mac_label_destroy(label);
  98 }
  99
 100 void
 101 mac_task_label_associate(struct task *parent, struct task *child, struct label *pl,
 102     struct label *chl, struct label *chportl)
 103 {
 104
 105         MAC_PERFORM(task_label_associate, parent, child, pl, chl, chportl);
 106 }
 107
 108 void
 109 mac_task_label_associate_kernel(struct task *t, struct label *tl, struct label *tportl)
 110 {
 111
 112         if (mac_late == 0)
 113                 mac_label_journal(tl, MLJ_TASK_OP_CREATE_K);
 114         MAC_PERFORM(task_label_associate_kernel, t, tl, tportl);
 115 }
 116
 117 int
 118 mac_task_label_externalize(struct label *label, char *elements,
 119     char *outbuf, size_t outbuflen, int flags __unused)
 120 {
 121         int error = 0;
 122
 123         error = MAC_EXTERNALIZE(task, label, elements, outbuf, outbuflen);
 124
 125         return (error);
 126 }
 127
 128 int
 129 mac_task_label_internalize(struct label *label, char *string)
 130 {
 131         int error;
 132
 133         error = MAC_INTERNALIZE(task, label, string);
 134
 135         return (error);
 136 }