static struct proc *
mac_task_get_proc(struct task *task)
{
- if (task == current_task())
+ if (task == current_task()) {
return proc_self();
+ }
/*
* Tasks don't really hold a reference on a proc unless the
struct proc *p = proc_find(pid);
if (p != NULL) {
- if (proc_task(p) == task)
+ if (proc_task(p) == task) {
return p;
+ }
proc_rele(p);
}
return NULL;
int error;
struct proc *p = mac_task_get_proc(task);
- if (p == NULL)
+ if (p == NULL) {
return ESRCH;
+ }
struct ucred *cred = kauth_cred_get();
MAC_CHECK(proc_check_expose_task, cred, p);
proc_rele(p);
- return (error);
+ return error;
}
int
int error;
struct proc *p = mac_task_get_proc(task);
- if (p == NULL)
+ if (p == NULL) {
return ESRCH;
+ }
kauth_cred_t cred = kauth_cred_proc_ref(p);
MAC_CHECK(proc_check_set_host_special_port, cred, id, port);
kauth_cred_unref(&cred);
proc_rele(p);
- return (error);
+ return error;
}
int
int error;
struct proc *p = mac_task_get_proc(task);
- if (p == NULL)
+ if (p == NULL) {
return ESRCH;
+ }
kauth_cred_t cred = kauth_cred_proc_ref(p);
MAC_CHECK(proc_check_set_host_exception_port, cred, exception);
kauth_cred_unref(&cred);
proc_rele(p);
- return (error);
+ return error;
}
int
int exception;
struct proc *p = mac_task_get_proc(task);
- if (p == NULL)
+ if (p == NULL) {
return ESRCH;
+ }
kauth_cred_t cred = kauth_cred_proc_ref(p);
for (exception = FIRST_EXCEPTION; exception < EXC_TYPES_COUNT; exception++) {
if (exception_mask & (1 << exception)) {
MAC_CHECK(proc_check_set_host_exception_port, cred, exception);
- if (error)
+ if (error) {
break;
+ }
}
}
kauth_cred_unref(&cred);
proc_rele(p);
- return (error);
+ return error;
}
void
mac_thread_userret(struct thread *td)
{
-
MAC_PERFORM(thread_userret, td);
}
// Policy initialization of the label, typically performs allocations as well.
// (Unless the policy's full data really fits into a pointer size.)
MAC_PERFORM(exc_action_label_init, label);
-
+
return label;
}
int
mac_exc_update_action_label(struct exception_action *action,
- struct label *newlabel) {
+ struct label *newlabel)
+{
int error;
-
+
MAC_CHECK(exc_action_label_update, action, action->label, newlabel);
-
- return (error);
+
+ return error;
}
int
mac_exc_inherit_action_label(struct exception_action *parent,
- struct exception_action *child) {
+ struct exception_action *child)
+{
return mac_exc_update_action_label(child, parent->label);
}
-int mac_exc_update_task_crash_label(struct task *task, struct label *label) {
+int
+mac_exc_update_task_crash_label(struct task *task, struct label *label)
+{
int error;
assert(task != kernel_task);
struct label *crash_label = get_task_crash_label(task);
MAC_CHECK(exc_action_label_update, NULL, crash_label, label);
-
- return (error);
+
+ return error;
}
// Process label creation, may sleep.
mac_exc_free_label(bsd_label);
}
- return (error);
+ return error;
}
projects / apple / xnu.git / blobdiff