X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/813fb2f63a553c957e917ede5f119b021d6ce391..d26ffc64f583ab2d29df48f13518685602bc8832:/security/mac_framework.h

diff --git a/security/mac_framework.h b/security/mac_framework.h
index ef711a32b..81a4839c8 100644
--- a/security/mac_framework.h
+++ b/security/mac_framework.h
@@ -341,7 +341,6 @@ void	mac_posixshm_label_init(struct pshminfo *pshm);
 int	mac_priv_check(kauth_cred_t cred, int priv);
 int	mac_priv_grant(kauth_cred_t cred, int priv);
 int	mac_proc_check_debug(proc_t proc1, proc_t proc2);
-int	mac_proc_check_cpumon(proc_t curp);
 int	mac_proc_check_proc_info(proc_t curp, proc_t target, int callnum, int flavor);
 int	mac_proc_check_get_cs_info(proc_t curp, proc_t target, unsigned int op);
 int	mac_proc_check_set_cs_info(proc_t curp, proc_t target, unsigned int op);
@@ -369,7 +368,7 @@ int     mac_proc_check_setlcid(proc_t proc1, proc_t proc2,
 int	mac_proc_check_signal(proc_t proc1, proc_t proc2,
 	    int signum);
 int	mac_proc_check_wait(proc_t proc1, proc_t proc2);
-void	mac_proc_set_enforce(proc_t p, int enforce_flags);
+void	mac_proc_notify_exit(proc_t proc);
 int	mac_setsockopt_label(kauth_cred_t cred, struct socket *so,
 	    struct mac *extmac);
 int     mac_socket_check_accept(kauth_cred_t cred, struct socket *so);
@@ -381,6 +380,8 @@ int	mac_socket_check_connect(kauth_cred_t cred, struct socket *so,
 int	mac_socket_check_create(kauth_cred_t cred, int domain,
 	    int type, int protocol);
 int	mac_socket_check_deliver(struct socket *so, struct mbuf *m);
+int	mac_socket_check_ioctl(kauth_cred_t cred, struct socket *so,
+	    unsigned int cmd);
 int	mac_socket_check_kqfilter(kauth_cred_t cred, struct knote *kn,
 	    struct socket *so);
 int	mac_socket_check_listen(kauth_cred_t cred, struct socket *so);
@@ -502,6 +503,8 @@ int	mac_vnode_check_link(vfs_context_t ctx, struct vnode *dvp,
 int	mac_vnode_check_listextattr(vfs_context_t ctx, struct vnode *vp);
 int	mac_vnode_check_lookup(vfs_context_t ctx, struct vnode *dvp,
 	    struct componentname *cnp);
+int	mac_vnode_check_lookup_preflight(vfs_context_t ctx, struct vnode *dvp,
+	    const char *path, size_t pathlen);
 int	mac_vnode_check_open(vfs_context_t ctx, struct vnode *vp,
 	    int acc_mode);
 int	mac_vnode_check_read(vfs_context_t ctx,
@@ -531,11 +534,13 @@ int	mac_vnode_check_setowner(vfs_context_t ctx, struct vnode *vp,
 int	mac_vnode_check_setutimes(vfs_context_t ctx, struct vnode *vp,
 	    struct timespec atime, struct timespec mtime);
 int	mac_vnode_check_signature(struct vnode *vp,
-		struct cs_blob *cs_blob, struct image_params *imgp,
-		unsigned int *cs_flags,
-		int flags);
+	    struct cs_blob *cs_blob, struct image_params *imgp,
+	    unsigned int *cs_flags, unsigned int *signer_type,
+	    int flags);
 int	mac_vnode_check_stat(vfs_context_t ctx,
 	    kauth_cred_t file_cred, struct vnode *vp);
+int	mac_vnode_check_trigger_resolve(vfs_context_t ctx, struct vnode *dvp,
+	    struct componentname *cnp);
 int	mac_vnode_check_truncate(vfs_context_t ctx,
 	    kauth_cred_t file_cred, struct vnode *vp);
 int	mac_vnode_check_uipc_bind(vfs_context_t ctx, struct vnode *dvp,
@@ -591,6 +596,8 @@ void	mac_pty_notify_close(proc_t p, struct tty *tp, dev_t dev, struct label *lab
 int	mac_kext_check_load(kauth_cred_t cred, const char *identifier);
 int	mac_kext_check_unload(kauth_cred_t cred, const char *identifier);
 int	mac_kext_check_query(kauth_cred_t cred);
+int	mac_skywalk_flow_check_connect(proc_t p, void *flow, const struct sockaddr *addr, int type, int protocol);
+int	mac_skywalk_flow_check_listen(proc_t p, void *flow, const struct sockaddr *addr, int type, int protocol);
 
 void psem_label_associate(struct fileproc *fp, struct vnode *vp, struct vfs_context *ctx);
 void pshm_label_associate(struct fileproc *fp, struct vnode *vp, struct vfs_context *ctx);