* Copyright (c) 2007 Apple Inc. All rights reserved.
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
- *
+ *
* This file contains Original Code and/or Modifications of Original Code
* as defined in and that are subject to the Apple Public Source License
* Version 2.0 (the 'License'). You may not use this file except in
* unlawful or unlicensed copies of an Apple operating system, or to
* circumvent, violate, or enable the circumvention or violation of, any
* terms of an Apple operating system software license agreement.
- *
+ *
* Please obtain a copy of the License at
* http://www.opensource.apple.com/apsl/ and read it before using this file.
- *
+ *
* The Original Code and all software distributed under the License are
* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
* Please see the License for the specific language governing rights and
* limitations under the License.
- *
+ *
* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
*/
/*-
struct label *label;
label = mac_labelzone_alloc(MAC_WAITOK);
- if (label == NULL)
- return (NULL);
+ if (label == NULL) {
+ return NULL;
+ }
MAC_PERFORM(posixsem_label_init, label);
- return (label);
+ return label;
}
void
mac_posixsem_label_init(struct pseminfo *psem)
{
-
psem->psem_label = mac_posixsem_label_alloc();
}
static void
mac_posixsem_label_free(struct label *label)
{
-
MAC_PERFORM(posixsem_label_destroy, label);
mac_labelzone_free(label);
}
void
mac_posixsem_label_destroy(struct pseminfo *psem)
{
-
mac_posixsem_label_free(psem->psem_label);
psem->psem_label = NULL;
}
mac_posixsem_label_associate(kauth_cred_t cred, struct pseminfo *psem,
const char *name)
{
-
MAC_PERFORM(posixsem_label_associate, cred, psem, psem->psem_label, name);
}
void
-mac_posixsem_vnode_label_associate(kauth_cred_t cred,
- struct pseminfo *psem, struct label *plabel,
- vnode_t vp, struct label *vlabel)
+mac_posixsem_vnode_label_associate(kauth_cred_t cred,
+ struct pseminfo *psem, struct label *plabel,
+ vnode_t vp, struct label *vlabel)
{
MAC_PERFORM(vnode_label_associate_posixsem, cred,
- psem, plabel, vp, vlabel);
+ psem, plabel, vp, vlabel);
}
int
{
int error;
- if (!mac_posixsem_enforce)
- return (0);
+#if SECURITY_MAC_CHECK_ENFORCE
+ /* 21167099 - only check if we allow write */
+ if (!mac_posixsem_enforce) {
+ return 0;
+ }
+#endif
MAC_CHECK(posixsem_check_create, cred, name);
- return (error);
+ return error;
}
int
{
int error;
- if (!mac_posixsem_enforce)
- return (0);
+#if SECURITY_MAC_CHECK_ENFORCE
+ /* 21167099 - only check if we allow write */
+ if (!mac_posixsem_enforce) {
+ return 0;
+ }
+#endif
MAC_CHECK(posixsem_check_open, cred, psem,
psem->psem_label);
- return (error);
+ return error;
}
int
{
int error;
- if (!mac_posixsem_enforce)
- return (0);
+#if SECURITY_MAC_CHECK_ENFORCE
+ /* 21167099 - only check if we allow write */
+ if (!mac_posixsem_enforce) {
+ return 0;
+ }
+#endif
MAC_CHECK(posixsem_check_post, cred, psem, psem->psem_label);
- return (error);
+ return error;
}
int
{
int error;
- if (!mac_posixsem_enforce)
- return (0);
+#if SECURITY_MAC_CHECK_ENFORCE
+ /* 21167099 - only check if we allow write */
+ if (!mac_posixsem_enforce) {
+ return 0;
+ }
+#endif
MAC_CHECK(posixsem_check_unlink, cred, psem, psem->psem_label, name);
- return (error);
+ return error;
}
int
{
int error;
- if (!mac_posixsem_enforce)
- return (0);
+#if SECURITY_MAC_CHECK_ENFORCE
+ /* 21167099 - only check if we allow write */
+ if (!mac_posixsem_enforce) {
+ return 0;
+ }
+#endif
MAC_CHECK(posixsem_check_wait, cred, psem, psem->psem_label);
- return (error);
+ return error;
}
projects / apple / xnu.git / blobdiff