diff options
Diffstat (limited to 'sys/security/mac_test/mac_test.c')
| -rw-r--r-- | sys/security/mac_test/mac_test.c | 1599 |
1 files changed, 802 insertions, 797 deletions
diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index 4947cdc49c42..c7eaaad1f606 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -1,6 +1,7 @@ /*- * Copyright (c) 1999-2002, 2007 Robert N. M. Watson * Copyright (c) 2001-2005 McAfee, Inc. + * Copyright (c) 2006 SPARTA, Inc. * All rights reserved. * * This software was developed by Robert Watson for the TrustedBSD Project. @@ -10,6 +11,9 @@ * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA * CHATS research program. * + * This software was enhanced by SPARTA ISSO under SPAWAR contract + * N66001-04-C-6019 ("SEFOS"). + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -146,287 +150,287 @@ SYSCTL_NODE(_security_mac_test, OID_AUTO, counter, CTLFLAG_RW, 0, /* * Label operations. */ -COUNTER_DECL(init_bpfdesc_label); +COUNTER_DECL(bpfdesc_init_label); static void -mac_test_init_bpfdesc_label(struct label *label) +mac_test_bpfdesc_init_label(struct label *label) { LABEL_INIT(label, MAGIC_BPF); - COUNTER_INC(init_bpfdesc_label); + COUNTER_INC(bpfdesc_init_label); } -COUNTER_DECL(init_cred_label); +COUNTER_DECL(cred_init_label); static void -mac_test_init_cred_label(struct label *label) +mac_test_cred_init_label(struct label *label) { LABEL_INIT(label, MAGIC_CRED); - COUNTER_INC(init_cred_label); + COUNTER_INC(cred_init_label); } -COUNTER_DECL(init_devfs_label); +COUNTER_DECL(devfs_init_label); static void -mac_test_init_devfs_label(struct label *label) +mac_test_devfs_init_label(struct label *label) { LABEL_INIT(label, MAGIC_DEVFS); - COUNTER_INC(init_devfs_label); + COUNTER_INC(devfs_init_label); } -COUNTER_DECL(init_ifnet_label); +COUNTER_DECL(ifnet_init_label); static void -mac_test_init_ifnet_label(struct label *label) +mac_test_ifnet_init_label(struct label *label) { LABEL_INIT(label, MAGIC_IFNET); - COUNTER_INC(init_ifnet_label); + COUNTER_INC(ifnet_init_label); } -COUNTER_DECL(init_inpcb_label); +COUNTER_DECL(inpcb_init_label); static int -mac_test_init_inpcb_label(struct label *label, int flag) +mac_test_inpcb_init_label(struct label *label, int flag) { if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, - "mac_test_init_inpcb_label() at %s:%d", __FILE__, + "mac_test_inpcb_init_label() at %s:%d", __FILE__, __LINE__); LABEL_INIT(label, MAGIC_INPCB); - COUNTER_INC(init_inpcb_label); + COUNTER_INC(inpcb_init_label); return (0); } -COUNTER_DECL(init_sysv_msg_label); +COUNTER_DECL(sysvmsg_init_label); static void -mac_test_init_sysv_msgmsg_label(struct label *label) +mac_test_sysvmsg_init_label(struct label *label) { LABEL_INIT(label, MAGIC_SYSV_MSG); - COUNTER_INC(init_sysv_msg_label); + COUNTER_INC(sysvmsg_init_label); } -COUNTER_DECL(init_sysv_msq_label); +COUNTER_DECL(sysvmsq_init_label); static void -mac_test_init_sysv_msgqueue_label(struct label *label) +mac_test_sysvmsq_init_label(struct label *label) { LABEL_INIT(label, MAGIC_SYSV_MSQ); - COUNTER_INC(init_sysv_msq_label); + COUNTER_INC(sysvmsq_init_label); } -COUNTER_DECL(init_sysv_sem_label); +COUNTER_DECL(sysvsem_init_label); static void -mac_test_init_sysv_sem_label(struct label *label) +mac_test_sysvsem_init_label(struct label *label) { LABEL_INIT(label, MAGIC_SYSV_SEM); - COUNTER_INC(init_sysv_sem_label); + COUNTER_INC(sysvsem_init_label); } -COUNTER_DECL(init_sysv_shm_label); +COUNTER_DECL(sysvshm_init_label); static void -mac_test_init_sysv_shm_label(struct label *label) +mac_test_sysvshm_init_label(struct label *label) { LABEL_INIT(label, MAGIC_SYSV_SHM); - COUNTER_INC(init_sysv_shm_label); + COUNTER_INC(sysvshm_init_label); } -COUNTER_DECL(init_ipq_label); +COUNTER_DECL(ipq_init_label); static int -mac_test_init_ipq_label(struct label *label, int flag) +mac_test_ipq_init_label(struct label *label, int flag) { if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, - "mac_test_init_ipq_label() at %s:%d", __FILE__, + "mac_test_ipq_init_label() at %s:%d", __FILE__, __LINE__); LABEL_INIT(label, MAGIC_IPQ); - COUNTER_INC(init_ipq_label); + COUNTER_INC(ipq_init_label); return (0); } -COUNTER_DECL(init_mbuf_label); +COUNTER_DECL(mbuf_init_label); static int -mac_test_init_mbuf_label(struct label *label, int flag) +mac_test_mbuf_init_label(struct label *label, int flag) { if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, - "mac_test_init_mbuf_label() at %s:%d", __FILE__, + "mac_test_mbuf_init_label() at %s:%d", __FILE__, __LINE__); LABEL_INIT(label, MAGIC_MBUF); - COUNTER_INC(init_mbuf_label); + COUNTER_INC(mbuf_init_label); return (0); } -COUNTER_DECL(init_mount_label); +COUNTER_DECL(mount_init_label); static void -mac_test_init_mount_label(struct label *label) +mac_test_mount_init_label(struct label *label) { LABEL_INIT(label, MAGIC_MOUNT); - COUNTER_INC(init_mount_label); + COUNTER_INC(mount_init_label); } -COUNTER_DECL(init_socket_label); +COUNTER_DECL(socket_init_label); static int -mac_test_init_socket_label(struct label *label, int flag) +mac_test_socket_init_label(struct label *label, int flag) { if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, - "mac_test_init_socket_label() at %s:%d", __FILE__, + "mac_test_socket_init_label() at %s:%d", __FILE__, __LINE__); LABEL_INIT(label, MAGIC_SOCKET); - COUNTER_INC(init_socket_label); + COUNTER_INC(socket_init_label); return (0); } -COUNTER_DECL(init_socket_peer_label); +COUNTER_DECL(socketpeer_init_label); static int -mac_test_init_socket_peer_label(struct label *label, int flag) +mac_test_socketpeer_init_label(struct label *label, int flag) { if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, - "mac_test_init_socket_peer_label() at %s:%d", __FILE__, + "mac_test_socketpeer_init_label() at %s:%d", __FILE__, __LINE__); LABEL_INIT(label, MAGIC_SOCKET); - COUNTER_INC(init_socket_peer_label); + COUNTER_INC(socketpeer_init_label); return (0); } -COUNTER_DECL(init_pipe_label); +COUNTER_DECL(pipe_init_label); static void -mac_test_init_pipe_label(struct label *label) +mac_test_pipe_init_label(struct label *label) { LABEL_INIT(label, MAGIC_PIPE); - COUNTER_INC(init_pipe_label); + COUNTER_INC(pipe_init_label); } -COUNTER_DECL(init_posix_sem_label); +COUNTER_DECL(posixsem_init_label); static void -mac_test_init_posix_sem_label(struct label *label) +mac_test_posixsem_init_label(struct label *label) { LABEL_INIT(label, MAGIC_POSIX_SEM); - COUNTER_INC(init_posix_sem_label); + COUNTER_INC(posixsem_init_label); } -COUNTER_DECL(init_proc_label); +COUNTER_DECL(proc_init_label); static void -mac_test_init_proc_label(struct label *label) +mac_test_proc_init_label(struct label *label) { LABEL_INIT(label, MAGIC_PROC); - COUNTER_INC(init_proc_label); + COUNTER_INC(proc_init_label); } -COUNTER_DECL(init_vnode_label); +COUNTER_DECL(vnode_init_label); static void -mac_test_init_vnode_label(struct label *label) +mac_test_vnode_init_label(struct label *label) { LABEL_INIT(label, MAGIC_VNODE); - COUNTER_INC(init_vnode_label); + COUNTER_INC(vnode_init_label); } -COUNTER_DECL(destroy_bpfdesc_label); +COUNTER_DECL(bpfdesc_destroy_label); static void -mac_test_destroy_bpfdesc_label(struct label *label) +mac_test_bpfdesc_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_BPF); - COUNTER_INC(destroy_bpfdesc_label); + COUNTER_INC(bpfdesc_destroy_label); } -COUNTER_DECL(destroy_cred_label); +COUNTER_DECL(cred_destroy_label); static void -mac_test_destroy_cred_label(struct label *label) +mac_test_cred_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_CRED); - COUNTER_INC(destroy_cred_label); + COUNTER_INC(cred_destroy_label); } -COUNTER_DECL(destroy_devfs_label); +COUNTER_DECL(devfs_destroy_label); static void -mac_test_destroy_devfs_label(struct label *label) +mac_test_devfs_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_DEVFS); - COUNTER_INC(destroy_devfs_label); + COUNTER_INC(devfs_destroy_label); } -COUNTER_DECL(destroy_ifnet_label); +COUNTER_DECL(ifnet_destroy_label); static void -mac_test_destroy_ifnet_label(struct label *label) +mac_test_ifnet_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_IFNET); - COUNTER_INC(destroy_ifnet_label); + COUNTER_INC(ifnet_destroy_label); } -COUNTER_DECL(destroy_inpcb_label); +COUNTER_DECL(inpcb_destroy_label); static void -mac_test_destroy_inpcb_label(struct label *label) +mac_test_inpcb_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_INPCB); - COUNTER_INC(destroy_inpcb_label); + COUNTER_INC(inpcb_destroy_label); } -COUNTER_DECL(destroy_sysv_msg_label); +COUNTER_DECL(sysvmsg_destroy_label); static void -mac_test_destroy_sysv_msgmsg_label(struct label *label) +mac_test_sysvmsg_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_SYSV_MSG); - COUNTER_INC(destroy_sysv_msg_label); + COUNTER_INC(sysvmsg_destroy_label); } -COUNTER_DECL(destroy_sysv_msq_label); +COUNTER_DECL(sysvmsq_destroy_label); static void -mac_test_destroy_sysv_msgqueue_label(struct label *label) +mac_test_sysvmsq_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_SYSV_MSQ); - COUNTER_INC(destroy_sysv_msq_label); + COUNTER_INC(sysvmsq_destroy_label); } -COUNTER_DECL(destroy_sysv_sem_label); +COUNTER_DECL(sysvsem_destroy_label); static void -mac_test_destroy_sysv_sem_label(struct label *label) +mac_test_sysvsem_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_SYSV_SEM); - COUNTER_INC(destroy_sysv_sem_label); + COUNTER_INC(sysvsem_destroy_label); } -COUNTER_DECL(destroy_sysv_shm_label); +COUNTER_DECL(sysvshm_destroy_label); static void -mac_test_destroy_sysv_shm_label(struct label *label) +mac_test_sysvshm_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_SYSV_SHM); - COUNTER_INC(destroy_sysv_shm_label); + COUNTER_INC(sysvshm_destroy_label); } -COUNTER_DECL(destroy_ipq_label); +COUNTER_DECL(ipq_destroy_label); static void -mac_test_destroy_ipq_label(struct label *label) +mac_test_ipq_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_IPQ); - COUNTER_INC(destroy_ipq_label); + COUNTER_INC(ipq_destroy_label); } -COUNTER_DECL(destroy_mbuf_label); +COUNTER_DECL(mbuf_destroy_label); static void -mac_test_destroy_mbuf_label(struct label *label) +mac_test_mbuf_destroy_label(struct label *label) { /* @@ -438,130 +442,130 @@ mac_test_destroy_mbuf_label(struct label *label) return; LABEL_DESTROY(label, MAGIC_MBUF); - COUNTER_INC(destroy_mbuf_label); + COUNTER_INC(mbuf_destroy_label); } -COUNTER_DECL(destroy_mount_label); +COUNTER_DECL(mount_destroy_label); static void -mac_test_destroy_mount_label(struct label *label) +mac_test_mount_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_MOUNT); - COUNTER_INC(destroy_mount_label); + COUNTER_INC(mount_destroy_label); } -COUNTER_DECL(destroy_socket_label); +COUNTER_DECL(socket_destroy_label); static void -mac_test_destroy_socket_label(struct label *label) +mac_test_socket_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_SOCKET); - COUNTER_INC(destroy_socket_label); + COUNTER_INC(socket_destroy_label); } -COUNTER_DECL(destroy_socket_peer_label); +COUNTER_DECL(socketpeer_destroy_label); static void -mac_test_destroy_socket_peer_label(struct label *label) +mac_test_socketpeer_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_SOCKET); - COUNTER_INC(destroy_socket_peer_label); + COUNTER_INC(socketpeer_destroy_label); } -COUNTER_DECL(destroy_pipe_label); +COUNTER_DECL(pipe_destroy_label); static void -mac_test_destroy_pipe_label(struct label *label) +mac_test_pipe_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_PIPE); - COUNTER_INC(destroy_pipe_label); + COUNTER_INC(pipe_destroy_label); } -COUNTER_DECL(destroy_posix_sem_label); +COUNTER_DECL(posixsem_destroy_label); static void -mac_test_destroy_posix_sem_label(struct label *label) +mac_test_posixsem_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_POSIX_SEM); - COUNTER_INC(destroy_posix_sem_label); + COUNTER_INC(posixsem_destroy_label); } -COUNTER_DECL(destroy_proc_label); +COUNTER_DECL(proc_destroy_label); static void -mac_test_destroy_proc_label(struct label *label) +mac_test_proc_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_PROC); - COUNTER_INC(destroy_proc_label); + COUNTER_INC(proc_destroy_label); } -COUNTER_DECL(destroy_vnode_label); +COUNTER_DECL(vnode_destroy_label); static void -mac_test_destroy_vnode_label(struct label *label) +mac_test_vnode_destroy_label(struct label *label) { LABEL_DESTROY(label, MAGIC_VNODE); - COUNTER_INC(destroy_vnode_label); + COUNTER_INC(vnode_destroy_label); } -COUNTER_DECL(copy_cred_label); +COUNTER_DECL(cred_copy_label); static void -mac_test_copy_cred_label(struct label *src, struct label *dest) +mac_test_cred_copy_label(struct label *src, struct label *dest) { LABEL_CHECK(src, MAGIC_CRED); LABEL_CHECK(dest, MAGIC_CRED); - COUNTER_INC(copy_cred_label); + COUNTER_INC(cred_copy_label); } -COUNTER_DECL(copy_ifnet_label); +COUNTER_DECL(ifnet_copy_label); static void -mac_test_copy_ifnet_label(struct label *src, struct label *dest) +mac_test_ifnet_copy_label(struct label *src, struct label *dest) { LABEL_CHECK(src, MAGIC_IFNET); LABEL_CHECK(dest, MAGIC_IFNET); - COUNTER_INC(copy_ifnet_label); + COUNTER_INC(ifnet_copy_label); } -COUNTER_DECL(copy_mbuf_label); +COUNTER_DECL(mbuf_copy_label); static void -mac_test_copy_mbuf_label(struct label *src, struct label *dest) +mac_test_mbuf_copy_label(struct label *src, struct label *dest) { LABEL_CHECK(src, MAGIC_MBUF); LABEL_CHECK(dest, MAGIC_MBUF); - COUNTER_INC(copy_mbuf_label); + COUNTER_INC(mbuf_copy_label); } -COUNTER_DECL(copy_pipe_label); +COUNTER_DECL(pipe_copy_label); static void -mac_test_copy_pipe_label(struct label *src, struct label *dest) +mac_test_pipe_copy_label(struct label *src, struct label *dest) { LABEL_CHECK(src, MAGIC_PIPE); LABEL_CHECK(dest, MAGIC_PIPE); - COUNTER_INC(copy_pipe_label); + COUNTER_INC(pipe_copy_label); } -COUNTER_DECL(copy_socket_label); +COUNTER_DECL(socket_copy_label); static void -mac_test_copy_socket_label(struct label *src, struct label *dest) +mac_test_socket_copy_label(struct label *src, struct label *dest) { LABEL_CHECK(src, MAGIC_SOCKET); LABEL_CHECK(dest, MAGIC_SOCKET); - COUNTER_INC(copy_socket_label); + COUNTER_INC(socket_copy_label); } -COUNTER_DECL(copy_vnode_label); +COUNTER_DECL(vnode_copy_label); static void -mac_test_copy_vnode_label(struct label *src, struct label *dest) +mac_test_vnode_copy_label(struct label *src, struct label *dest) { LABEL_CHECK(src, MAGIC_VNODE); LABEL_CHECK(dest, MAGIC_VNODE); - COUNTER_INC(copy_vnode_label); + COUNTER_INC(vnode_copy_label); } COUNTER_DECL(externalize_label); @@ -592,9 +596,9 @@ mac_test_internalize_label(struct label *label, char *element_name, * Labeling event operations: file system objects, and things that look * a lot like file system objects. */ -COUNTER_DECL(associate_vnode_devfs); +COUNTER_DECL(devfs_vnode_associate); static void -mac_test_associate_vnode_devfs(struct mount *mp, struct label *mplabel, +mac_test_devfs_vnode_associate(struct mount *mp, struct label *mplabel, struct devfs_dirent *de, struct label *delabel, struct vnode *vp, struct label *vplabel) { @@ -602,58 +606,58 @@ mac_test_associate_vnode_devfs(struct mount *mp, struct label *mplabel, LABEL_CHECK(mplabel, MAGIC_MOUNT); LABEL_CHECK(delabel, MAGIC_DEVFS); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(associate_vnode_devfs); + COUNTER_INC(devfs_vnode_associate); } -COUNTER_DECL(associate_vnode_extattr); +COUNTER_DECL(vnode_associate_extattr); static int -mac_test_associate_vnode_extattr(struct mount *mp, struct label *mplabel, +mac_test_vnode_associate_extattr(struct mount *mp, struct label *mplabel, struct vnode *vp, struct label *vplabel) { LABEL_CHECK(mplabel, MAGIC_MOUNT); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(associate_vnode_extattr); + COUNTER_INC(vnode_associate_extattr); return (0); } -COUNTER_DECL(associate_vnode_singlelabel); +COUNTER_DECL(vnode_associate_singlelabel); static void -mac_test_associate_vnode_singlelabel(struct mount *mp, struct label *mplabel, +mac_test_vnode_associate_singlelabel(struct mount *mp, struct label *mplabel, struct vnode *vp, struct label *vplabel) { LABEL_CHECK(mplabel, MAGIC_MOUNT); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(associate_vnode_singlelabel); + COUNTER_INC(vnode_associate_singlelabel); } -COUNTER_DECL(create_devfs_device); +COUNTER_DECL(devfs_create_device); static void -mac_test_create_devfs_device(struct ucred *cred, struct mount *mp, +mac_test_devfs_create_device(struct ucred *cred, struct mount *mp, struct cdev *dev, struct devfs_dirent *de, struct label *delabel) { if (cred != NULL) LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(delabel, MAGIC_DEVFS); - COUNTER_INC(create_devfs_device); + COUNTER_INC(devfs_create_device); } -COUNTER_DECL(create_devfs_directory); +COUNTER_DECL(devfs_create_directory); static void -mac_test_create_devfs_directory(struct mount *mp, char *dirname, +mac_test_devfs_create_directory(struct mount *mp, char *dirname, int dirnamelen, struct devfs_dirent *de, struct label *delabel) { LABEL_CHECK(delabel, MAGIC_DEVFS); - COUNTER_INC(create_devfs_directory); + COUNTER_INC(devfs_create_directory); } -COUNTER_DECL(create_devfs_symlink); +COUNTER_DECL(devfs_create_symlink); static void -mac_test_create_devfs_symlink(struct ucred *cred, struct mount *mp, +mac_test_devfs_create_symlink(struct ucred *cred, struct mount *mp, struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de, struct label *delabel) { @@ -661,12 +665,12 @@ mac_test_create_devfs_symlink(struct ucred *cred, struct mount *mp, LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(ddlabel, MAGIC_DEVFS); LABEL_CHECK(delabel, MAGIC_DEVFS); - COUNTER_INC(create_devfs_symlink); + COUNTER_INC(devfs_create_symlink); } -COUNTER_DECL(create_vnode_extattr); +COUNTER_DECL(vnode_create_extattr); static int -mac_test_create_vnode_extattr(struct ucred *cred, struct mount *mp, +mac_test_vnode_create_extattr(struct ucred *cred, struct mount *mp, struct label *mplabel, struct vnode *dvp, struct label *dvplabel, struct vnode *vp, struct label *vplabel, struct componentname *cnp) { @@ -674,281 +678,281 @@ mac_test_create_vnode_extattr(struct ucred *cred, struct mount *mp, LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(mplabel, MAGIC_MOUNT); LABEL_CHECK(dvplabel, MAGIC_VNODE); - COUNTER_INC(create_vnode_extattr); + COUNTER_INC(vnode_create_extattr); return (0); } -COUNTER_DECL(create_mount); +COUNTER_DECL(mount_create); static void -mac_test_create_mount(struct ucred *cred, struct mount *mp, +mac_test_mount_create(struct ucred *cred, struct mount *mp, struct label *mplabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(mplabel, MAGIC_MOUNT); - COUNTER_INC(create_mount); + COUNTER_INC(mount_create); } -COUNTER_DECL(relabel_vnode); +COUNTER_DECL(vnode_relabel); static void -mac_test_relabel_vnode(struct ucred *cred, struct vnode *vp, +mac_test_vnode_relabel(struct ucred *cred, struct vnode *vp, struct label *vplabel, struct label *label) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); LABEL_CHECK(label, MAGIC_VNODE); - COUNTER_INC(relabel_vnode); + COUNTER_INC(vnode_relabel); } -COUNTER_DECL(setlabel_vnode_extattr); +COUNTER_DECL(vnode_setlabel_extattr); static int -mac_test_setlabel_vnode_extattr(struct ucred *cred, struct vnode *vp, +mac_test_vnode_setlabel_extattr(struct ucred *cred, struct vnode *vp, struct label *vplabel, struct label *intlabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); LABEL_CHECK(intlabel, MAGIC_VNODE); - COUNTER_INC(setlabel_vnode_extattr); + COUNTER_INC(vnode_setlabel_extattr); return (0); } -COUNTER_DECL(update_devfs); +COUNTER_DECL(devfs_update); static void -mac_test_update_devfs(struct mount *mp, struct devfs_dirent *devfs_dirent, +mac_test_devfs_update(struct mount *mp, struct devfs_dirent *devfs_dirent, struct label *direntlabel, struct vnode *vp, struct label *vplabel) { LABEL_CHECK(direntlabel, MAGIC_DEVFS); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(update_devfs); + COUNTER_INC(devfs_update); } /* * Labeling event operations: IPC object. */ -COUNTER_DECL(create_mbuf_from_socket); +COUNTER_DECL(socket_create_mbuf); static void -mac_test_create_mbuf_from_socket(struct socket *so, struct label *socketlabel, +mac_test_socket_create_mbuf(struct socket *so, struct label *socketlabel, struct mbuf *m, struct label *mbuflabel) { LABEL_CHECK(socketlabel, MAGIC_SOCKET); LABEL_CHECK(mbuflabel, MAGIC_MBUF); - COUNTER_INC(create_mbuf_from_socket); + COUNTER_INC(socket_create_mbuf); } -COUNTER_DECL(create_socket); +COUNTER_DECL(socket_create); static void -mac_test_create_socket(struct ucred *cred, struct socket *socket, +mac_test_socket_create(struct ucred *cred, struct socket *socket, struct label *socketlabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(socketlabel, MAGIC_SOCKET); - COUNTER_INC(create_socket); + COUNTER_INC(socket_create); } -COUNTER_DECL(create_pipe); +COUNTER_DECL(pipe_create); static void -mac_test_create_pipe(struct ucred *cred, struct pipepair *pp, +mac_test_pipe_create(struct ucred *cred, struct pipepair *pp, struct label *pipelabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); - COUNTER_INC(create_pipe); + COUNTER_INC(pipe_create); } -COUNTER_DECL(create_posix_sem); +COUNTER_DECL(posixsem_create); static void -mac_test_create_posix_sem(struct ucred *cred, struct ksem *ks, +mac_test_posixsem_create(struct ucred *cred, struct ksem *ks, struct label *kslabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(kslabel, MAGIC_POSIX_SEM); - COUNTER_INC(create_posix_sem); + COUNTER_INC(posixsem_create); } -COUNTER_DECL(create_socket_from_socket); +COUNTER_DECL(socket_newconn); static void -mac_test_create_socket_from_socket(struct socket *oldsocket, +mac_test_socket_newconn(struct socket *oldsocket, struct label *oldsocketlabel, struct socket *newsocket, struct label *newsocketlabel) { LABEL_CHECK(oldsocketlabel, MAGIC_SOCKET); LABEL_CHECK(newsocketlabel, MAGIC_SOCKET); - COUNTER_INC(create_socket_from_socket); + COUNTER_INC(socket_newconn); } -COUNTER_DECL(relabel_socket); +COUNTER_DECL(socket_relabel); static void -mac_test_relabel_socket(struct ucred *cred, struct socket *socket, +mac_test_socket_relabel(struct ucred *cred, struct socket *socket, struct label *socketlabel, struct label *newlabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(newlabel, MAGIC_SOCKET); - COUNTER_INC(relabel_socket); + COUNTER_INC(socket_relabel); } -COUNTER_DECL(relabel_pipe); +COUNTER_DECL(pipe_relabel); static void -mac_test_relabel_pipe(struct ucred *cred, struct pipepair *pp, +mac_test_pipe_relabel(struct ucred *cred, struct pipepair *pp, struct label *pipelabel, struct label *newlabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); LABEL_CHECK(newlabel, MAGIC_PIPE); - COUNTER_INC(relabel_pipe); + COUNTER_INC(pipe_relabel); } -COUNTER_DECL(set_socket_peer_from_mbuf); +COUNTER_DECL(socketpeer_set_from_mbuf); static void -mac_test_set_socket_peer_from_mbuf(struct mbuf *mbuf, struct label *mbuflabel, +mac_test_socketpeer_set_from_mbuf(struct mbuf *mbuf, struct label *mbuflabel, struct socket *socket, struct label *socketpeerlabel) { LABEL_CHECK(mbuflabel, MAGIC_MBUF); LABEL_CHECK(socketpeerlabel, MAGIC_SOCKET); - COUNTER_INC(set_socket_peer_from_mbuf); + COUNTER_INC(socketpeer_set_from_mbuf); } /* * Labeling event operations: network objects. */ -COUNTER_DECL(set_socket_peer_from_socket); +COUNTER_DECL(socketpeer_set_from_socket); static void -mac_test_set_socket_peer_from_socket(struct socket *oldsocket, +mac_test_socketpeer_set_from_socket(struct socket *oldsocket, struct label *oldsocketlabel, struct socket *newsocket, struct label *newsocketpeerlabel) { LABEL_CHECK(oldsocketlabel, MAGIC_SOCKET); LABEL_CHECK(newsocketpeerlabel, MAGIC_SOCKET); - COUNTER_INC(set_socket_peer_from_socket); + COUNTER_INC(socketpeer_set_from_socket); } -COUNTER_DECL(create_bpfdesc); +COUNTER_DECL(bpfdesc_create); static void -mac_test_create_bpfdesc(struct ucred *cred, struct bpf_d *bpf_d, +mac_test_bpfdesc_create(struct ucred *cred, struct bpf_d *bpf_d, struct label *bpflabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(bpflabel, MAGIC_BPF); - COUNTER_INC(create_bpfdesc); + COUNTER_INC(bpfdesc_create); } -COUNTER_DECL(create_datagram_from_ipq); +COUNTER_DECL(ipq_reassemble); static void -mac_test_create_datagram_from_ipq(struct ipq *ipq, struct label *ipqlabel, +mac_test_ipq_reassemble(struct ipq *ipq, struct label *ipqlabel, struct mbuf *datagram, struct label *datagramlabel) { LABEL_CHECK(ipqlabel, MAGIC_IPQ); LABEL_CHECK(datagramlabel, MAGIC_MBUF); - COUNTER_INC(create_datagram_from_ipq); + COUNTER_INC(ipq_reassemble); } -COUNTER_DECL(create_fragment); +COUNTER_DECL(netinet_fragment); static void -mac_test_create_fragment(struct mbuf *datagram, struct label *datagramlabel, +mac_test_netinet_fragment(struct mbuf *datagram, struct label *datagramlabel, struct mbuf *fragment, struct label *fragmentlabel) { LABEL_CHECK(datagramlabel, MAGIC_MBUF); LABEL_CHECK(fragmentlabel, MAGIC_MBUF); - COUNTER_INC(create_fragment); + COUNTER_INC(netinet_fragment); } -COUNTER_DECL(create_ifnet); +COUNTER_DECL(ifnet_create); static void -mac_test_create_ifnet(struct ifnet *ifnet, struct label *ifnetlabel) +mac_test_ifnet_create(struct ifnet *ifnet, struct label *ifnetlabel) { LABEL_CHECK(ifnetlabel, MAGIC_IFNET); - COUNTER_INC(create_ifnet); + COUNTER_INC(ifnet_create); } -COUNTER_DECL(create_inpcb_from_socket); +COUNTER_DECL(inpcb_create); static void -mac_test_create_inpcb_from_socket(struct socket *so, struct label *solabel, +mac_test_inpcb_create(struct socket *so, struct label *solabel, struct inpcb *inp, struct label *inplabel) { LABEL_CHECK(solabel, MAGIC_SOCKET); LABEL_CHECK(inplabel, MAGIC_INPCB); - COUNTER_INC(create_inpcb_from_socket); + COUNTER_INC(inpcb_create); } -COUNTER_DECL(create_sysv_msgmsg); +COUNTER_DECL(sysvmsg_create); static void -mac_test_create_sysv_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr, +mac_test_sysvmsg_create(struct ucred *cred, struct msqid_kernel *msqkptr, struct label *msqlabel, struct msg *msgptr, struct label *msglabel) { LABEL_CHECK(msglabel, MAGIC_SYSV_MSG); LABEL_CHECK(msqlabel, MAGIC_SYSV_MSQ); - COUNTER_INC(create_sysv_msgmsg); + COUNTER_INC(sysvmsg_create); } -COUNTER_DECL(create_sysv_msgqueue); +COUNTER_DECL(sysvmsq_create); static void -mac_test_create_sysv_msgqueue(struct ucred *cred, +mac_test_sysvmsq_create(struct ucred *cred, struct msqid_kernel *msqkptr, struct label *msqlabel) { LABEL_CHECK(msqlabel, MAGIC_SYSV_MSQ); - COUNTER_INC(create_sysv_msgqueue); + COUNTER_INC(sysvmsq_create); } -COUNTER_DECL(create_sysv_sem); +COUNTER_DECL(sysvsem_create); static void -mac_test_create_sysv_sem(struct ucred *cred, struct semid_kernel *semakptr, +mac_test_sysvsem_create(struct ucred *cred, struct semid_kernel *semakptr, struct label *semalabel) { LABEL_CHECK(semalabel, MAGIC_SYSV_SEM); - COUNTER_INC(create_sysv_sem); + COUNTER_INC(sysvsem_create); } -COUNTER_DECL(create_sysv_shm); +COUNTER_DECL(sysvshm_create); static void -mac_test_create_sysv_shm(struct ucred *cred, struct shmid_kernel *shmsegptr, +mac_test_sysvshm_create(struct ucred *cred, struct shmid_kernel *shmsegptr, struct label *shmlabel) { LABEL_CHECK(shmlabel, MAGIC_SYSV_SHM); - COUNTER_INC(create_sysv_shm); + COUNTER_INC(sysvshm_create); } -COUNTER_DECL(create_ipq); +COUNTER_DECL(ipq_create); static void -mac_test_create_ipq(struct mbuf *fragment, struct label *fragmentlabel, +mac_test_ipq_create(struct mbuf *fragment, struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) { LABEL_CHECK(fragmentlabel, MAGIC_MBUF); LABEL_CHECK(ipqlabel, MAGIC_IPQ); - COUNTER_INC(create_ipq); + COUNTER_INC(ipq_create); } -COUNTER_DECL(create_mbuf_from_inpcb); +COUNTER_DECL(inpcb_create_mbuf); static void -mac_test_create_mbuf_from_inpcb(struct inpcb *inp, struct label *inplabel, +mac_test_inpcb_create_mbuf(struct inpcb *inp, struct label *inplabel, struct mbuf *m, struct label *mlabel) { LABEL_CHECK(inplabel, MAGIC_INPCB); LABEL_CHECK(mlabel, MAGIC_MBUF); - COUNTER_INC(create_mbuf_from_inpcb); + COUNTER_INC(inpcb_create_mbuf); } COUNTER_DECL(create_mbuf_linklayer); @@ -962,31 +966,31 @@ mac_test_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel, COUNTER_INC(create_mbuf_linklayer); } -COUNTER_DECL(create_mbuf_from_bpfdesc); +COUNTER_DECL(bpfdesc_create_mbuf); static void -mac_test_create_mbuf_from_bpfdesc(struct bpf_d *bpf_d, struct label *bpflabel, +mac_test_bpfdesc_create_mbuf(struct bpf_d *bpf_d, struct label *bpflabel, struct mbuf *mbuf, struct label *mbuflabel) { LABEL_CHECK(bpflabel, MAGIC_BPF); LABEL_CHECK(mbuflabel, MAGIC_MBUF); - COUNTER_INC(create_mbuf_from_bpfdesc); + COUNTER_INC(bpfdesc_create_mbuf); } -COUNTER_DECL(create_mbuf_from_ifnet); +COUNTER_DECL(ifnet_create_mbuf); static void -mac_test_create_mbuf_from_ifnet(struct ifnet *ifnet, struct label *ifnetlabel, +mac_test_ifnet_create_mbuf(struct ifnet *ifnet, struct label *ifnetlabel, struct mbuf *m, struct label *mbuflabel) { LABEL_CHECK(ifnetlabel, MAGIC_IFNET); LABEL_CHECK(mbuflabel, MAGIC_MBUF); - COUNTER_INC(create_mbuf_from_ifnet); + COUNTER_INC(ifnet_create_mbuf); } -COUNTER_DECL(create_mbuf_multicast_encap); +COUNTER_DECL(mbuf_create_multicast_encap); static void -mac_test_create_mbuf_multicast_encap(struct mbuf *oldmbuf, +mac_test_mbuf_create_multicast_encap(struct mbuf *oldmbuf, struct label *oldmbuflabel, struct ifnet *ifnet, struct label *ifnetlabel, struct mbuf *newmbuf, struct label *newmbuflabel) { @@ -994,73 +998,73 @@ mac_test_create_mbuf_multicast_encap(struct mbuf *oldmbuf, LABEL_CHECK(oldmbuflabel, MAGIC_MBUF); LABEL_CHECK(ifnetlabel, MAGIC_IFNET); LABEL_CHECK(newmbuflabel, MAGIC_MBUF); - COUNTER_INC(create_mbuf_multicast_encap); + COUNTER_INC(mbuf_create_multicast_encap); } -COUNTER_DECL(create_mbuf_netlayer); +COUNTER_DECL(mbuf_create_netlayer); static void -mac_test_create_mbuf_netlayer(struct mbuf *oldmbuf, +mac_test_mbuf_create_netlayer(struct mbuf *oldmbuf, struct label *oldmbuflabel, struct mbuf *newmbuf, struct label *newmbuflabel) { LABEL_CHECK(oldmbuflabel, MAGIC_MBUF); LABEL_CHECK(newmbuflabel, MAGIC_MBUF); - COUNTER_INC(create_mbuf_netlayer); + COUNTER_INC(mbuf_create_netlayer); } -COUNTER_DECL(fragment_match); +COUNTER_DECL(ipq_match); static int -mac_test_fragment_match(struct mbuf *fragment, struct label *fragmentlabel, +mac_test_ipq_match(struct mbuf *fragment, struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) { LABEL_CHECK(fragmentlabel, MAGIC_MBUF); LABEL_CHECK(ipqlabel, MAGIC_IPQ); - COUNTER_INC(fragment_match); + COUNTER_INC(ipq_match); return (1); } -COUNTER_DECL(reflect_mbuf_icmp); +COUNTER_DECL(netinet_icmp_reply); static void -mac_test_reflect_mbuf_icmp(struct mbuf *m, struct label *mlabel) +mac_test_netinet_icmp_reply(struct mbuf *m, struct label *mlabel) { LABEL_CHECK(mlabel, MAGIC_MBUF); - COUNTER_INC(reflect_mbuf_icmp); + COUNTER_INC(netinet_icmp_reply); } -COUNTER_DECL(reflect_mbuf_tcp); +COUNTER_DECL(netinet_tcp_reply); static void -mac_test_reflect_mbuf_tcp(struct mbuf *m, struct label *mlabel) +mac_test_netinet_tcp_reply(struct mbuf *m, struct label *mlabel) { LABEL_CHECK(mlabel, MAGIC_MBUF); - COUNTER_INC(reflect_mbuf_tcp); + COUNTER_INC(netinet_tcp_reply); } -COUNTER_DECL(relabel_ifnet); +COUNTER_DECL(ifnet_relabel); static void -mac_test_relabel_ifnet(struct ucred *cred, struct ifnet *ifnet, +mac_test_ifnet_relabel(struct ucred *cred, struct ifnet *ifnet, struct label *ifnetlabel, struct label *newlabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(ifnetlabel, MAGIC_IFNET); LABEL_CHECK(newlabel, MAGIC_IFNET); - COUNTER_INC(relabel_ifnet); + COUNTER_INC(ifnet_relabel); } -COUNTER_DECL(update_ipq); +COUNTER_DECL(ipq_update); static void -mac_test_update_ipq(struct mbuf *fragment, struct label *fragmentlabel, +mac_test_ipq_update(struct mbuf *fragment, struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) { LABEL_CHECK(fragmentlabel, MAGIC_MBUF); LABEL_CHECK(ipqlabel, MAGIC_IPQ); - COUNTER_INC(update_ipq); + COUNTER_INC(ipq_update); } COUNTER_DECL(inpcb_sosetlabel); @@ -1077,9 +1081,9 @@ mac_test_inpcb_sosetlabel(struct socket *so, struct label *solabel, /* * Labeling event operations: processes. */ -COUNTER_DECL(execve_transition); +COUNTER_DECL(vnode_execve_transition); static void -mac_test_execve_transition(struct ucred *old, struct ucred *new, +mac_test_vnode_execve_transition(struct ucred *old, struct ucred *new, struct vnode *vp, struct label *filelabel, struct label *interpvplabel, struct image_params *imgp, struct label *execlabel) @@ -1090,12 +1094,12 @@ mac_test_execve_transition(struct ucred *old, struct ucred *new, LABEL_CHECK(filelabel, MAGIC_VNODE); LABEL_CHECK(interpvplabel, MAGIC_VNODE); LABEL_CHECK(execlabel, MAGIC_CRED); - COUNTER_INC(execve_transition); + COUNTER_INC(vnode_execve_transition); } -COUNTER_DECL(execve_will_transition); +COUNTER_DECL(vnode_execve_will_transition); static int -mac_test_execve_will_transition(struct ucred *old, struct vnode *vp, +mac_test_vnode_execve_will_transition(struct ucred *old, struct vnode *vp, struct label *filelabel, struct label *interpvplabel, struct image_params *imgp, struct label *execlabel) { @@ -1104,37 +1108,37 @@ mac_test_execve_will_transition(struct ucred *old, struct vnode *vp, LABEL_CHECK(filelabel, MAGIC_VNODE); LABEL_CHECK(interpvplabel, MAGIC_VNODE); LABEL_CHECK(execlabel, MAGIC_CRED); - COUNTER_INC(execve_will_transition); + COUNTER_INC(vnode_execve_will_transition); return (0); } -COUNTER_DECL(create_proc0); +COUNTER_DECL(proc_create_swapper); static void -mac_test_create_proc0(struct ucred *cred) +mac_test_proc_create_swapper(struct ucred *cred) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(create_proc0); + COUNTER_INC(proc_create_swapper); } -COUNTER_DECL(create_proc1); +COUNTER_DECL(proc_create_init); static void -mac_test_create_proc1(struct ucred *cred) +mac_test_proc_create_init(struct ucred *cred) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(create_proc1); + COUNTER_INC(proc_create_init); } -COUNTER_DECL(relabel_cred); +COUNTER_DECL(cred_relabel); static void -mac_test_relabel_cred(struct ucred *cred, struct label *newlabel) +mac_test_cred_relabel(struct ucred *cred, struct label *newlabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(newlabel, MAGIC_CRED); - COUNTER_INC(relabel_cred); + COUNTER_INC(cred_relabel); } COUNTER_DECL(thread_userret); @@ -1148,125 +1152,125 @@ mac_test_thread_userret(struct thread *td) /* * Label cleanup/flush operations */ -COUNTER_DECL(cleanup_sysv_msgmsg); +COUNTER_DECL(sysvmsg_cleanup); static void -mac_test_cleanup_sysv_msgmsg(struct label *msglabel) +mac_test_sysvmsg_cleanup(struct label *msglabel) { LABEL_CHECK(msglabel, MAGIC_SYSV_MSG); - COUNTER_INC(cleanup_sysv_msgmsg); + COUNTER_INC(sysvmsg_cleanup); } -COUNTER_DECL(cleanup_sysv_msgqueue); +COUNTER_DECL(sysvmsq_cleanup); static void -mac_test_cleanup_sysv_msgqueue(struct label *msqlabel) +mac_test_sysvmsq_cleanup(struct label *msqlabel) { LABEL_CHECK(msqlabel, MAGIC_SYSV_MSQ); - COUNTER_INC(cleanup_sysv_msgqueue); + COUNTER_INC(sysvmsq_cleanup); } -COUNTER_DECL(cleanup_sysv_sem); +COUNTER_DECL(sysvsem_cleanup); static void -mac_test_cleanup_sysv_sem(struct label *semalabel) +mac_test_sysvsem_cleanup(struct label *semalabel) { LABEL_CHECK(semalabel, MAGIC_SYSV_SEM); - COUNTER_INC(cleanup_sysv_sem); + COUNTER_INC(sysvsem_cleanup); } -COUNTER_DECL(cleanup_sysv_shm); +COUNTER_DECL(sysvshm_cleanup); static void -mac_test_cleanup_sysv_shm(struct label *shmlabel) +mac_test_sysvshm_cleanup(struct label *shmlabel) { LABEL_CHECK(shmlabel, MAGIC_SYSV_SHM); - COUNTER_INC(cleanup_sysv_shm); + COUNTER_INC(sysvshm_cleanup); } /* * Access control checks. */ -COUNTER_DECL(check_bpfdesc_receive); +COUNTER_DECL(bpfdesc_check_receive); static int -mac_test_check_bpfdesc_receive(struct bpf_d *bpf_d, struct label *bpflabel, +mac_test_bpfdesc_check_receive(struct bpf_d *bpf_d, struct label *bpflabel, struct ifnet *ifnet, struct label *ifnetlabel) { LABEL_CHECK(bpflabel, MAGIC_BPF); LABEL_CHECK(ifnetlabel, MAGIC_IFNET); - COUNTER_INC(check_bpfdesc_receive); + COUNTER_INC(bpfdesc_check_receive); return (0); } -COUNTER_DECL(check_cred_relabel); +COUNTER_DECL(cred_check_relabel); static int -mac_test_check_cred_relabel(struct ucred *cred, struct label *newlabel) +mac_test_cred_check_relabel(struct ucred *cred, struct label *newlabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(newlabel, MAGIC_CRED); - COUNTER_INC(check_cred_relabel); + COUNTER_INC(cred_check_relabel); return (0); } -COUNTER_DECL(check_cred_visible); +COUNTER_DECL(cred_check_visible); static int -mac_test_check_cred_visible(struct ucred *u1, struct ucred *u2) +mac_test_cred_check_visible(struct ucred *u1, struct ucred *u2) { LABEL_CHECK(u1->cr_label, MAGIC_CRED); LABEL_CHECK(u2->cr_label, MAGIC_CRED); - COUNTER_INC(check_cred_visible); + COUNTER_INC(cred_check_visible); return (0); } -COUNTER_DECL(check_ifnet_relabel); +COUNTER_DECL(ifnet_check_relabel); static int -mac_test_check_ifnet_relabel(struct ucred *cred, struct ifnet *ifnet, +mac_test_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifnet, struct label *ifnetlabel, struct label *newlabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(ifnetlabel, MAGIC_IFNET); LABEL_CHECK(newlabel, MAGIC_IFNET); - COUNTER_INC(check_ifnet_relabel); + COUNTER_INC(ifnet_check_relabel); return (0); } -COUNTER_DECL(check_ifnet_transmit); +COUNTER_DECL(ifnet_check_transmit); static int -mac_test_check_ifnet_transmit(struct ifnet *ifnet, struct label *ifnetlabel, +mac_test_ifnet_check_transmit(struct ifnet *ifnet, struct label *ifnetlabel, struct mbuf *m, struct label *mbuflabel) { LABEL_CHECK(ifnetlabel, MAGIC_IFNET); LABEL_CHECK(mbuflabel, MAGIC_MBUF); - COUNTER_INC(check_ifnet_transmit); + COUNTER_INC(ifnet_check_transmit); return (0); } -COUNTER_DECL(check_inpcb_deliver); +COUNTER_DECL(inpcb_check_deliver); static int -mac_test_check_inpcb_deliver(struct inpcb *inp, struct label *inplabel, +mac_test_inpcb_check_deliver(struct inpcb *inp, struct label *inplabel, struct mbuf *m, struct label *mlabel) { LABEL_CHECK(inplabel, MAGIC_INPCB); LABEL_CHECK(mlabel, MAGIC_MBUF); - COUNTER_INC(check_inpcb_deliver); + COUNTER_INC(inpcb_check_deliver); return (0); } -COUNTER_DECL(check_sysv_msgmsq); +COUNTER_DECL(sysvmsq_check_msgmsq); static int -mac_test_check_sysv_msgmsq(struct ucred *cred, struct msg *msgptr, +mac_test_sysvmsq_check_msgmsq(struct ucred *cred, struct msg *msgptr, struct label *msglabel, struct msqid_kernel *msqkptr, struct label *msqklabel) { @@ -1274,859 +1278,859 @@ mac_test_check_sysv_msgmsq(struct ucred *cred, struct msg *msgptr, LABEL_CHECK(msqklabel, MAGIC_SYSV_MSQ); LABEL_CHECK(msglabel, MAGIC_SYSV_MSG); LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_sysv_msgmsq); + COUNTER_INC(sysvmsq_check_msgmsq); return (0); } -COUNTER_DECL(check_sysv_msgrcv); +COUNTER_DECL(sysvmsq_check_msgrcv); static int -mac_test_check_sysv_msgrcv(struct ucred *cred, struct msg *msgptr, +mac_test_sysvmsq_check_msgrcv(struct ucred *cred, struct msg *msgptr, struct label *msglabel) { LABEL_CHECK(msglabel, MAGIC_SYSV_MSG); LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_sysv_msgrcv); + COUNTER_INC(sysvmsq_check_msgrcv); return (0); } -COUNTER_DECL(check_sysv_msgrmid); +COUNTER_DECL(sysvmsq_check_msgrmid); static int -mac_test_check_sysv_msgrmid(struct ucred *cred, struct msg *msgptr, +mac_test_sysvmsq_check_msgrmid(struct ucred *cred, struct msg *msgptr, struct label *msglabel) { LABEL_CHECK(msglabel, MAGIC_SYSV_MSG); LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_sysv_msgrmid); + COUNTER_INC(sysvmsq_check_msgrmid); return (0); } -COUNTER_DECL(check_sysv_msqget); +COUNTER_DECL(sysvmsq_check_msqget); static int -mac_test_check_sysv_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, - struct label *msqklabel) +mac_test_sysvmsq_check_msqget(struct ucred *cred, + struct msqid_kernel *msqkptr, struct label *msqklabel) { LABEL_CHECK(msqklabel, MAGIC_SYSV_MSQ); LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_sysv_msqget); + COUNTER_INC(sysvmsq_check_msqget); return (0); } -COUNTER_DECL(check_sysv_msqsnd); +COUNTER_DECL(sysvmsq_check_msqsnd); static int -mac_test_check_sysv_msqsnd(struct ucred *cred, struct msqid_kernel *msqkptr, - struct label *msqklabel) +mac_test_sysvmsq_check_msqsnd(struct ucred *cred, + struct msqid_kernel *msqkptr, struct label *msqklabel) { LABEL_CHECK(msqklabel, MAGIC_SYSV_MSQ); LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_sysv_msqsnd); + COUNTER_INC(sysvmsq_check_msqsnd); return (0); } -COUNTER_DECL(check_sysv_msqrcv); +COUNTER_DECL(sysvmsq_check_msqrcv); static int -mac_test_check_sysv_msqrcv(struct ucred *cred, struct msqid_kernel *msqkptr, - struct label *msqklabel) +mac_test_sysvmsq_check_msqrcv(struct ucred *cred, + struct msqid_kernel *msqkptr, struct label *msqklabel) { LABEL_CHECK(msqklabel, MAGIC_SYSV_MSQ); LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_sysv_msqrcv); + COUNTER_INC(sysvmsq_check_msqrcv); return (0); } -COUNTER_DECL(check_sysv_msqctl); +COUNTER_DECL(sysvmsq_check_msqctl); static int -mac_test_check_sysv_msqctl(struct ucred *cred, struct msqid_kernel *msqkptr, - struct label *msqklabel, int cmd) +mac_test_sysvmsq_check_msqctl(struct ucred *cred, + struct msqid_kernel *msqkptr, struct label *msqklabel, int cmd) { LABEL_CHECK(msqklabel, MAGIC_SYSV_MSQ); LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_sysv_msqctl); + COUNTER_INC(sysvmsq_check_msqctl); return (0); } -COUNTER_DECL(check_sysv_semctl); +COUNTER_DECL(sysvsem_check_semctl); static int -mac_test_check_sysv_semctl(struct ucred *cred, struct semid_kernel *semakptr, - struct label *semaklabel, int cmd) +mac_test_sysvsem_check_semctl(struct ucred *cred, + struct semid_kernel *semakptr, struct label *semaklabel, int cmd) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(semaklabel, MAGIC_SYSV_SEM); - COUNTER_INC(check_sysv_semctl); + COUNTER_INC(sysvsem_check_semctl); return (0); } -COUNTER_DECL(check_sysv_semget); +COUNTER_DECL(sysvsem_check_semget); static int -mac_test_check_sysv_semget(struct ucred *cred, struct semid_kernel *semakptr, - struct label *semaklabel) +mac_test_sysvsem_check_semget(struct ucred *cred, + struct semid_kernel *semakptr, struct label *semaklabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(semaklabel, MAGIC_SYSV_SEM); - COUNTER_INC(check_sysv_semget); + COUNTER_INC(sysvsem_check_semget); return (0); } -COUNTER_DECL(check_sysv_semop); +COUNTER_DECL(sysvsem_check_semop); static int -mac_test_check_sysv_semop(struct ucred *cred, struct semid_kernel *semakptr, - struct label *semaklabel, size_t accesstype) +mac_test_sysvsem_check_semop(struct ucred *cred, + struct semid_kernel *semakptr, struct label *semaklabel, size_t accesstype) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(semaklabel, MAGIC_SYSV_SEM); - COUNTER_INC(check_sysv_semop); + COUNTER_INC(sysvsem_check_semop); return (0); } -COUNTER_DECL(check_sysv_shmat); +COUNTER_DECL(sysvshm_check_shmat); static int -mac_test_check_sysv_shmat(struct ucred *cred, struct shmid_kernel *shmsegptr, - struct label *shmseglabel, int shmflg) +mac_test_sysvshm_check_shmat(struct ucred *cred, + struct shmid_kernel *shmsegptr, struct label *shmseglabel, int shmflg) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(shmseglabel, MAGIC_SYSV_SHM); - COUNTER_INC(check_sysv_shmat); + COUNTER_INC(sysvshm_check_shmat); return (0); } -COUNTER_DECL(check_sysv_shmctl); +COUNTER_DECL(sysvshm_check_shmctl); static int -mac_test_check_sysv_shmctl(struct ucred *cred, struct shmid_kernel *shmsegptr, - struct label *shmseglabel, int cmd) +mac_test_sysvshm_check_shmctl(struct ucred *cred, + struct shmid_kernel *shmsegptr, struct label *shmseglabel, int cmd) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(shmseglabel, MAGIC_SYSV_SHM); - COUNTER_INC(check_sysv_shmctl); + COUNTER_INC(sysvshm_check_shmctl); return (0); } -COUNTER_DECL(check_sysv_shmdt); +COUNTER_DECL(sysvshm_check_shmdt); static int -mac_test_check_sysv_shmdt(struct ucred *cred, struct shmid_kernel *shmsegptr, - struct label *shmseglabel) +mac_test_sysvshm_check_shmdt(struct ucred *cred, + struct shmid_kernel *shmsegptr, struct label *shmseglabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(shmseglabel, MAGIC_SYSV_SHM); - COUNTER_INC(check_sysv_shmdt); + COUNTER_INC(sysvshm_check_shmdt); return (0); } -COUNTER_DECL(check_sysv_shmget); +COUNTER_DECL(sysvshm_check_shmget); static int -mac_test_check_sysv_shmget(struct ucred *cred, struct shmid_kernel *shmsegptr, - struct label *shmseglabel, int shmflg) +mac_test_sysvshm_check_shmget(struct ucred *cred, + struct shmid_kernel *shmsegptr, struct label *shmseglabel, int shmflg) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(shmseglabel, MAGIC_SYSV_SHM); - COUNTER_INC(check_sysv_shmget); + COUNTER_INC(sysvshm_check_shmget); return (0); } -COUNTER_DECL(check_kenv_dump); +COUNTER_DECL(kenv_check_dump); static int -mac_test_check_kenv_dump(struct ucred *cred) +mac_test_kenv_check_dump(struct ucred *cred) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_kenv_dump); + COUNTER_INC(kenv_check_dump); return (0); } -COUNTER_DECL(check_kenv_get); +COUNTER_DECL(kenv_check_get); static int -mac_test_check_kenv_get(struct ucred *cred, char *name) +mac_test_kenv_check_get(struct ucred *cred, char *name) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_kenv_get); + COUNTER_INC(kenv_check_get); return (0); } -COUNTER_DECL(check_kenv_set); +COUNTER_DECL(kenv_check_set); static int -mac_test_check_kenv_set(struct ucred *cred, char *name, char *value) +mac_test_kenv_check_set(struct ucred *cred, char *name, char *value) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_kenv_set); + COUNTER_INC(kenv_check_set); return (0); } -COUNTER_DECL(check_kenv_unset); +COUNTER_DECL(kenv_check_unset); static int -mac_test_check_kenv_unset(struct ucred *cred, char *name) +mac_test_kenv_check_unset(struct ucred *cred, char *name) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_kenv_unset); + COUNTER_INC(kenv_check_unset); return (0); } -COUNTER_DECL(check_kld_load); +COUNTER_DECL(kld_check_load); static int -mac_test_check_kld_load(struct ucred *cred, struct vnode *vp, +mac_test_kld_check_load(struct ucred *cred, struct vnode *vp, struct label *label) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(label, MAGIC_VNODE); - COUNTER_INC(check_kld_load); + COUNTER_INC(kld_check_load); return (0); } -COUNTER_DECL(check_kld_stat); +COUNTER_DECL(kld_check_stat); static int -mac_test_check_kld_stat(struct ucred *cred) +mac_test_kld_check_stat(struct ucred *cred) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_kld_stat); + COUNTER_INC(kld_check_stat); return (0); } -COUNTER_DECL(check_mount_stat); +COUNTER_DECL(mount_check_stat); static int -mac_test_check_mount_stat(struct ucred *cred, struct mount *mp, +mac_test_mount_check_stat(struct ucred *cred, struct mount *mp, struct label *mplabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(mplabel, MAGIC_MOUNT); - COUNTER_INC(check_mount_stat); + COUNTER_INC(mount_check_stat); return (0); } -COUNTER_DECL(check_pipe_ioctl); +COUNTER_DECL(pipe_check_ioctl); static int -mac_test_check_pipe_ioctl(struct ucred *cred, struct pipepair *pp, +mac_test_pipe_check_ioctl(struct ucred *cred, struct pipepair *pp, struct label *pipelabel, unsigned long cmd, void /* caddr_t */ *data) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); - COUNTER_INC(check_pipe_ioctl); + COUNTER_INC(pipe_check_ioctl); return (0); } -COUNTER_DECL(check_pipe_poll); +COUNTER_DECL(pipe_check_poll); static int -mac_test_check_pipe_poll(struct ucred *cred, struct pipepair *pp, +mac_test_pipe_check_poll(struct ucred *cred, struct pipepair *pp, struct label *pipelabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); - COUNTER_INC(check_pipe_poll); + COUNTER_INC(pipe_check_poll); return (0); } -COUNTER_DECL(check_pipe_read); +COUNTER_DECL(pipe_check_read); static int -mac_test_check_pipe_read(struct ucred *cred, struct pipepair *pp, +mac_test_pipe_check_read(struct ucred *cred, struct pipepair *pp, struct label *pipelabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); - COUNTER_INC(check_pipe_read); + COUNTER_INC(pipe_check_read); return (0); } -COUNTER_DECL(check_pipe_relabel); +COUNTER_DECL(pipe_check_relabel); static int -mac_test_check_pipe_relabel(struct ucred *cred, struct pipepair *pp, +mac_test_pipe_check_relabel(struct ucred *cred, struct pipepair *pp, struct label *pipelabel, struct label *newlabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); LABEL_CHECK(newlabel, MAGIC_PIPE); - COUNTER_INC(check_pipe_relabel); + COUNTER_INC(pipe_check_relabel); return (0); } -COUNTER_DECL(check_pipe_stat); +COUNTER_DECL(pipe_check_stat); static int -mac_test_check_pipe_stat(struct ucred *cred, struct pipepair *pp, +mac_test_pipe_check_stat(struct ucred *cred, struct pipepair *pp, struct label *pipelabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); - COUNTER_INC(check_pipe_stat); + COUNTER_INC(pipe_check_stat); return (0); } -COUNTER_DECL(check_pipe_write); +COUNTER_DECL(pipe_check_write); static int -mac_test_check_pipe_write(struct ucred *cred, struct pipepair *pp, +mac_test_pipe_check_write(struct ucred *cred, struct pipepair *pp, struct label *pipelabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); - COUNTER_INC(check_pipe_write); + COUNTER_INC(pipe_check_write); return (0); } -COUNTER_DECL(check_posix_sem); +COUNTER_DECL(posixsem_check); static int -mac_test_check_posix_sem(struct ucred *cred, struct ksem *ks, +mac_test_posixsem_check(struct ucred *cred, struct ksem *ks, struct label *kslabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(kslabel, MAGIC_POSIX_SEM); - COUNTER_INC(check_posix_sem); + COUNTER_INC(posixsem_check); return (0); } -COUNTER_DECL(check_proc_debug); +COUNTER_DECL(proc_check_debug); static int -mac_test_check_proc_debug(struct ucred *cred, struct proc *p) +mac_test_proc_check_debug(struct ucred *cred, struct proc *p) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_debug); + COUNTER_INC(proc_check_debug); return (0); } -COUNTER_DECL(check_proc_sched); +COUNTER_DECL(proc_check_sched); static int -mac_test_check_proc_sched(struct ucred *cred, struct proc *p) +mac_test_proc_check_sched(struct ucred *cred, struct proc *p) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_sched); + COUNTER_INC(proc_check_sched); return (0); } -COUNTER_DECL(check_proc_signal); +COUNTER_DECL(proc_check_signal); static int -mac_test_check_proc_signal(struct ucred *cred, struct proc *p, int signum) +mac_test_proc_check_signal(struct ucred *cred, struct proc *p, int signum) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_signal); + COUNTER_INC(proc_check_signal); return (0); } -COUNTER_DECL(check_proc_setaudit); +COUNTER_DECL(proc_check_setaudit); static int -mac_test_check_proc_setaudit(struct ucred *cred, struct auditinfo *ai) +mac_test_proc_check_setaudit(struct ucred *cred, struct auditinfo *ai) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_setaudit); + COUNTER_INC(proc_check_setaudit); return (0); } -COUNTER_DECL(check_proc_setaudit_addr); +COUNTER_DECL(proc_check_setaudit_addr); static int -mac_test_check_proc_setaudit_addr(struct ucred *cred, +mac_test_proc_check_setaudit_addr(struct ucred *cred, struct auditinfo_addr *aia) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_setaudit_addr); + COUNTER_INC(proc_check_setaudit_addr); return (0); } -COUNTER_DECL(check_proc_setauid); +COUNTER_DECL(proc_check_setauid); static int -mac_test_check_proc_setauid(struct ucred *cred, uid_t auid) +mac_test_proc_check_setauid(struct ucred *cred, uid_t auid) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_setauid); + COUNTER_INC(proc_check_setauid); return (0); } -COUNTER_DECL(check_proc_setuid); +COUNTER_DECL(proc_check_setuid); static int -mac_test_check_proc_setuid(struct ucred *cred, uid_t uid) +mac_test_proc_check_setuid(struct ucred *cred, uid_t uid) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_setuid); + COUNTER_INC(proc_check_setuid); return (0); } -COUNTER_DECL(check_proc_euid); +COUNTER_DECL(proc_check_euid); static int -mac_test_check_proc_seteuid(struct ucred *cred, uid_t euid) +mac_test_proc_check_seteuid(struct ucred *cred, uid_t euid) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_euid); + COUNTER_INC(proc_check_euid); return (0); } -COUNTER_DECL(check_proc_setgid); +COUNTER_DECL(proc_check_setgid); static int -mac_test_check_proc_setgid(struct ucred *cred, gid_t gid) +mac_test_proc_check_setgid(struct ucred *cred, gid_t gid) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_setgid); + COUNTER_INC(proc_check_setgid); return (0); } -COUNTER_DECL(check_proc_setegid); +COUNTER_DECL(proc_check_setegid); static int -mac_test_check_proc_setegid(struct ucred *cred, gid_t egid) +mac_test_proc_check_setegid(struct ucred *cred, gid_t egid) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_setegid); + COUNTER_INC(proc_check_setegid); return (0); } -COUNTER_DECL(check_proc_setgroups); +COUNTER_DECL(proc_check_setgroups); static int -mac_test_check_proc_setgroups(struct ucred *cred, int ngroups, +mac_test_proc_check_setgroups(struct ucred *cred, int ngroups, gid_t *gidset) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_setgroups); + COUNTER_INC(proc_check_setgroups); return (0); } -COUNTER_DECL(check_proc_setreuid); +COUNTER_DECL(proc_check_setreuid); static int -mac_test_check_proc_setreuid(struct ucred *cred, uid_t ruid, uid_t euid) +mac_test_proc_check_setreuid(struct ucred *cred, uid_t ruid, uid_t euid) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_setreuid); + COUNTER_INC(proc_check_setreuid); return (0); } -COUNTER_DECL(check_proc_setregid); +COUNTER_DECL(proc_check_setregid); static int -mac_test_check_proc_setregid(struct ucred *cred, gid_t rgid, gid_t egid) +mac_test_proc_check_setregid(struct ucred *cred, gid_t rgid, gid_t egid) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_setregid); + COUNTER_INC(proc_check_setregid); return (0); } -COUNTER_DECL(check_proc_setresuid); +COUNTER_DECL(proc_check_setresuid); static int -mac_test_check_proc_setresuid(struct ucred *cred, uid_t ruid, uid_t euid, +mac_test_proc_check_setresuid(struct ucred *cred, uid_t ruid, uid_t euid, uid_t suid) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_setresuid); + COUNTER_INC(proc_check_setresuid); return (0); } -COUNTER_DECL(check_proc_setresgid); +COUNTER_DECL(proc_check_setresgid); static int -mac_test_check_proc_setresgid(struct ucred *cred, gid_t rgid, gid_t egid, +mac_test_proc_check_setresgid(struct ucred *cred, gid_t rgid, gid_t egid, gid_t sgid) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_setresgid); + COUNTER_INC(proc_check_setresgid); return (0); } -COUNTER_DECL(check_proc_wait); +COUNTER_DECL(proc_check_wait); static int -mac_test_check_proc_wait(struct ucred *cred, struct proc *p) +mac_test_proc_check_wait(struct ucred *cred, struct proc *p) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED); - COUNTER_INC(check_proc_wait); + COUNTER_INC(proc_check_wait); return (0); } -COUNTER_DECL(check_socket_accept); +COUNTER_DECL(socket_check_accept); static int -mac_test_check_socket_accept(struct ucred *cred, struct socket *so, +mac_test_socket_check_accept(struct ucred *cred, struct socket *so, struct label *solabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); - COUNTER_INC(check_socket_accept); + COUNTER_INC(socket_check_accept); return (0); } -COUNTER_DECL(check_socket_bind); +COUNTER_DECL(socket_check_bind); static int -mac_test_check_socket_bind(struct ucred *cred, struct socket *so, +mac_test_socket_check_bind(struct ucred *cred, struct socket *so, struct label *solabel, struct sockaddr *sa) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); - COUNTER_INC(check_socket_bind); + COUNTER_INC(socket_check_bind); return (0); } -COUNTER_DECL(check_socket_connect); +COUNTER_DECL(socket_check_connect); static int -mac_test_check_socket_connect(struct ucred *cred, struct socket *so, +mac_test_socket_check_connect(struct ucred *cred, struct socket *so, struct label *solabel, struct sockaddr *sa) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); - COUNTER_INC(check_socket_connect); + COUNTER_INC(socket_check_connect); return (0); } -COUNTER_DECL(check_socket_deliver); +COUNTER_DECL(socket_check_deliver); static int -mac_test_check_socket_deliver(struct socket *so, struct label *solabel, +mac_test_socket_check_deliver(struct socket *so, struct label *solabel, struct mbuf *m, struct label *mlabel) { LABEL_CHECK(solabel, MAGIC_SOCKET); LABEL_CHECK(mlabel, MAGIC_MBUF); - COUNTER_INC(check_socket_deliver); + COUNTER_INC(socket_check_deliver); return (0); } -COUNTER_DECL(check_socket_listen); +COUNTER_DECL(socket_check_listen); static int -mac_test_check_socket_listen(struct ucred *cred, struct socket *so, +mac_test_socket_check_listen(struct ucred *cred, struct socket *so, struct label *solabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); - COUNTER_INC(check_socket_listen); + COUNTER_INC(socket_check_listen); return (0); } -COUNTER_DECL(check_socket_poll); +COUNTER_DECL(socket_check_poll); static int -mac_test_check_socket_poll(struct ucred *cred, struct socket *so, +mac_test_socket_check_poll(struct ucred *cred, struct socket *so, struct label *solabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); - COUNTER_INC(check_socket_poll); + COUNTER_INC(socket_check_poll); return (0); } -COUNTER_DECL(check_socket_receive); +COUNTER_DECL(socket_check_receive); static int -mac_test_check_socket_receive(struct ucred *cred, struct socket *so, +mac_test_socket_check_receive(struct ucred *cred, struct socket *so, struct label *solabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); - COUNTER_INC(check_socket_receive); + COUNTER_INC(socket_check_receive); return (0); } -COUNTER_DECL(check_socket_relabel); +COUNTER_DECL(socket_check_relabel); static int -mac_test_check_socket_relabel(struct ucred *cred, struct socket *so, +mac_test_socket_check_relabel(struct ucred *cred, struct socket *so, struct label *solabel, struct label *newlabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); LABEL_CHECK(newlabel, MAGIC_SOCKET); - COUNTER_INC(check_socket_relabel); + COUNTER_INC(socket_check_relabel); return (0); } -COUNTER_DECL(check_socket_send); +COUNTER_DECL(socket_check_send); static int -mac_test_check_socket_send(struct ucred *cred, struct socket *so, +mac_test_socket_check_send(struct ucred *cred, struct socket *so, struct label *solabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); - COUNTER_INC(check_socket_send); + COUNTER_INC(socket_check_send); return (0); } -COUNTER_DECL(check_socket_stat); +COUNTER_DECL(socket_check_stat); static int -mac_test_check_socket_stat(struct ucred *cred, struct socket *so, +mac_test_socket_check_stat(struct ucred *cred, struct socket *so, struct label *solabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); - COUNTER_INC(check_socket_stat); + COUNTER_INC(socket_check_stat); return (0); } -COUNTER_DECL(check_socket_visible); +COUNTER_DECL(socket_check_visible); static int -mac_test_check_socket_visible(struct ucred *cred, struct socket *so, +mac_test_socket_check_visible(struct ucred *cred, struct socket *so, struct label *solabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); - COUNTER_INC(check_socket_visible); + COUNTER_INC(socket_check_visible); return (0); } -COUNTER_DECL(check_system_acct); +COUNTER_DECL(system_check_acct); static int -mac_test_check_system_acct(struct ucred *cred, struct vnode *vp, +mac_test_system_check_acct(struct ucred *cred, struct vnode *vp, struct label *vplabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_system_acct); + COUNTER_INC(system_check_acct); return (0); } -COUNTER_DECL(check_system_audit); +COUNTER_DECL(system_check_audit); static int -mac_test_check_system_audit(struct ucred *cred, void *record, int length) +mac_test_system_check_audit(struct ucred *cred, void *record, int length) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_system_audit); + COUNTER_INC(system_check_audit); return (0); } -COUNTER_DECL(check_system_auditctl); +COUNTER_DECL(system_check_auditctl); static int -mac_test_check_system_auditctl(struct ucred *cred, struct vnode *vp, +mac_test_system_check_auditctl(struct ucred *cred, struct vnode *vp, struct label *vplabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_system_auditctl); + COUNTER_INC(system_check_auditctl); return (0); } -COUNTER_DECL(check_system_auditon); +COUNTER_DECL(system_check_auditon); static int -mac_test_check_system_auditon(struct ucred *cred, int cmd) +mac_test_system_check_auditon(struct ucred *cred, int cmd) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_system_auditon); + COUNTER_INC(system_check_auditon); return (0); } -COUNTER_DECL(check_system_reboot); +COUNTER_DECL(system_check_reboot); static int -mac_test_check_system_reboot(struct ucred *cred, int how) +mac_test_system_check_reboot(struct ucred *cred, int how) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_system_reboot); + COUNTER_INC(system_check_reboot); return (0); } -COUNTER_DECL(check_system_swapoff); +COUNTER_DECL(system_check_swapoff); static int -mac_test_check_system_swapoff(struct ucred *cred, struct vnode *vp, +mac_test_system_check_swapoff(struct ucred *cred, struct vnode *vp, struct label *vplabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_system_swapoff); + COUNTER_INC(system_check_swapoff); return (0); } -COUNTER_DECL(check_system_swapon); +COUNTER_DECL(system_check_swapon); static int -mac_test_check_system_swapon(struct ucred *cred, struct vnode *vp, +mac_test_system_check_swapon(struct ucred *cred, struct vnode *vp, struct label *vplabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_system_swapon); + COUNTER_INC(system_check_swapon); return (0); } -COUNTER_DECL(check_system_sysctl); +COUNTER_DECL(system_check_sysctl); static int -mac_test_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp, +mac_test_system_check_sysctl(struct ucred *cred, struct sysctl_oid *oidp, void *arg1, int arg2, struct sysctl_req *req) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); - COUNTER_INC(check_system_sysctl); + COUNTER_INC(system_check_sysctl); return (0); } -COUNTER_DECL(check_vnode_access); +COUNTER_DECL(vnode_check_access); static int -mac_test_check_vnode_access(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_access(struct ucred *cred, struct vnode *vp, struct label *vplabel, int acc_mode) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_access); + COUNTER_INC(vnode_check_access); return (0); } -COUNTER_DECL(check_vnode_chdir); +COUNTER_DECL(vnode_check_chdir); static int -mac_test_check_vnode_chdir(struct ucred *cred, struct vnode *dvp, +mac_test_vnode_check_chdir(struct ucred *cred, struct vnode *dvp, struct label *dvplabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(dvplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_chdir); + COUNTER_INC(vnode_check_chdir); return (0); } -COUNTER_DECL(check_vnode_chroot); +COUNTER_DECL(vnode_check_chroot); static int -mac_test_check_vnode_chroot(struct ucred *cred, struct vnode *dvp, +mac_test_vnode_check_chroot(struct ucred *cred, struct vnode *dvp, struct label *dvplabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(dvplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_chroot); + COUNTER_INC(vnode_check_chroot); return (0); } -COUNTER_DECL(check_vnode_create); +COUNTER_DECL(vnode_check_create); static int -mac_test_check_vnode_create(struct ucred *cred, struct vnode *dvp, +mac_test_vnode_check_create(struct ucred *cred, struct vnode *dvp, struct label *dvplabel, struct componentname *cnp, struct vattr *vap) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(dvplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_create); + COUNTER_INC(vnode_check_create); return (0); } -COUNTER_DECL(check_vnode_deleteacl); +COUNTER_DECL(vnode_check_deleteacl); static int -mac_test_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_deleteacl(struct ucred *cred, struct vnode *vp, struct label *vplabel, acl_type_t type) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_deleteacl); + COUNTER_INC(vnode_check_deleteacl); return (0); } -COUNTER_DECL(check_vnode_deleteextattr); +COUNTER_DECL(vnode_check_deleteextattr); static int -mac_test_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_deleteextattr(struct ucred *cred, struct vnode *vp, struct label *vplabel, int attrnamespace, const char *name) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_deleteextattr); + COUNTER_INC(vnode_check_deleteextattr); return (0); } -COUNTER_DECL(check_vnode_exec); +COUNTER_DECL(vnode_check_exec); static int -mac_test_check_vnode_exec(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_exec(struct ucred *cred, struct vnode *vp, struct label *vplabel, struct image_params *imgp, struct label *execlabel) { @@ -2134,41 +2138,41 @@ mac_test_check_vnode_exec(struct ucred *cred, struct vnode *vp, LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); LABEL_CHECK(execlabel, MAGIC_CRED); - COUNTER_INC(check_vnode_exec); + COUNTER_INC(vnode_check_exec); return (0); } -COUNTER_DECL(check_vnode_getacl); +COUNTER_DECL(vnode_check_getacl); static int -mac_test_check_vnode_getacl(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_getacl(struct ucred *cred, struct vnode *vp, struct label *vplabel, acl_type_t type) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_getacl); + COUNTER_INC(vnode_check_getacl); return (0); } -COUNTER_DECL(check_vnode_getextattr); +COUNTER_DECL(vnode_check_getextattr); static int -mac_test_check_vnode_getextattr(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_getextattr(struct ucred *cred, struct vnode *vp, struct label *vplabel, int attrnamespace, const char *name, struct uio *uio) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_getextattr); + COUNTER_INC(vnode_check_getextattr); return (0); } -COUNTER_DECL(check_vnode_link); +COUNTER_DECL(vnode_check_link); static int -mac_test_check_vnode_link(struct ucred *cred, struct vnode *dvp, +mac_test_vnode_check_link(struct ucred *cred, struct vnode *dvp, struct label *dvplabel, struct vnode *vp, struct label *vplabel, struct componentname *cnp) { @@ -2176,66 +2180,66 @@ mac_test_check_vnode_link(struct ucred *cred, struct vnode *dvp, LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(dvplabel, MAGIC_VNODE); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_link); + COUNTER_INC(vnode_check_link); return (0); } -COUNTER_DECL(check_vnode_listextattr); +COUNTER_DECL(vnode_check_listextattr); static int -mac_test_check_vnode_listextattr(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_listextattr(struct ucred *cred, struct vnode *vp, struct label *vplabel, int attrnamespace) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_listextattr); + COUNTER_INC(vnode_check_listextattr); return (0); } -COUNTER_DECL(check_vnode_lookup); +COUNTER_DECL(vnode_check_lookup); static int -mac_test_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, +mac_test_vnode_check_lookup(struct ucred *cred, struct vnode *dvp, struct label *dvplabel, struct componentname *cnp) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(dvplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_lookup); + COUNTER_INC(vnode_check_lookup); return (0); } -COUNTER_DECL(check_vnode_mmap); +COUNTER_DECL(vnode_check_mmap); static int -mac_test_check_vnode_mmap(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_mmap(struct ucred *cred, struct vnode *vp, struct label *vplabel, int prot, int flags) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_mmap); + COUNTER_INC(vnode_check_mmap); return (0); } -COUNTER_DECL(check_vnode_open); +COUNTER_DECL(vnode_check_open); static int -mac_test_check_vnode_open(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_open(struct ucred *cred, struct vnode *vp, struct label *vplabel, int acc_mode) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_open); + COUNTER_INC(vnode_check_open); return (0); } -COUNTER_DECL(check_vnode_poll); +COUNTER_DECL(vnode_check_poll); static int -mac_test_check_vnode_poll(struct ucred *active_cred, struct ucred *file_cred, +mac_test_vnode_check_poll(struct ucred *active_cred, struct ucred *file_cred, struct vnode *vp, struct label *vplabel) { @@ -2243,14 +2247,14 @@ mac_test_check_vnode_poll(struct ucred *active_cred, struct ucred *file_cred, if (file_cred != NULL) LABEL_CHECK(file_cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_poll); + COUNTER_INC(vnode_check_poll); return (0); } -COUNTER_DECL(check_vnode_read); +COUNTER_DECL(vnode_check_read); static int -mac_test_check_vnode_read(struct ucred *active_cred, struct ucred *file_cred, +mac_test_vnode_check_read(struct ucred *active_cred, struct ucred *file_cred, struct vnode *vp, struct label *vplabel) { @@ -2258,54 +2262,54 @@ mac_test_check_vnode_read(struct ucred *active_cred, struct ucred *file_cred, if (file_cred != NULL) LABEL_CHECK(file_cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_read); + COUNTER_INC(vnode_check_read); return (0); } -COUNTER_DECL(check_vnode_readdir); +COUNTER_DECL(vnode_check_readdir); static int -mac_test_check_vnode_readdir(struct ucred *cred, struct vnode *dvp, +mac_test_vnode_check_readdir(struct ucred *cred, struct vnode *dvp, struct label *dvplabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(dvplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_readdir); + COUNTER_INC(vnode_check_readdir); return (0); } -COUNTER_DECL(check_vnode_readlink); +COUNTER_DECL(vnode_check_readlink); static int -mac_test_check_vnode_readlink(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_readlink(struct ucred *cred, struct vnode *vp, struct label *vplabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_readlink); + COUNTER_INC(vnode_check_readlink); return (0); } -COUNTER_DECL(check_vnode_relabel); +COUNTER_DECL(vnode_check_relabel); static int -mac_test_check_vnode_relabel(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_relabel(struct ucred *cred, struct vnode *vp, struct label *vplabel, struct label *newlabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); LABEL_CHECK(newlabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_relabel); + COUNTER_INC(vnode_check_relabel); return (0); } -COUNTER_DECL(check_vnode_rename_from); +COUNTER_DECL(vnode_check_rename_from); static int -mac_test_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp, +mac_test_vnode_check_rename_from(struct ucred *cred, struct vnode *dvp, struct label *dvplabel, struct vnode *vp, struct label *vplabel, struct componentname *cnp) { @@ -2313,14 +2317,14 @@ mac_test_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp, LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(dvplabel, MAGIC_VNODE); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_rename_from); + COUNTER_INC(vnode_check_rename_from); return (0); } -COUNTER_DECL(check_vnode_rename_to); +COUNTER_DECL(vnode_check_rename_to); static int -mac_test_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp, +mac_test_vnode_check_rename_to(struct ucred *cred, struct vnode *dvp, struct label *dvplabel, struct vnode *vp, struct label *vplabel, int samedir, struct componentname *cnp) { @@ -2328,106 +2332,106 @@ mac_test_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp, LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(dvplabel, MAGIC_VNODE); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_rename_to); + COUNTER_INC(vnode_check_rename_to); return (0); } -COUNTER_DECL(check_vnode_revoke); +COUNTER_DECL(vnode_check_revoke); static int -mac_test_check_vnode_revoke(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_revoke(struct ucred *cred, struct vnode *vp, struct label *vplabel) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_revoke); + COUNTER_INC(vnode_check_revoke); return (0); } -COUNTER_DECL(check_vnode_setacl); +COUNTER_DECL(vnode_check_setacl); static int -mac_test_check_vnode_setacl(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_setacl(struct ucred *cred, struct vnode *vp, struct label *vplabel, acl_type_t type, struct acl *acl) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_setacl); + COUNTER_INC(vnode_check_setacl); return (0); } -COUNTER_DECL(check_vnode_setextattr); +COUNTER_DECL(vnode_check_setextattr); static int -mac_test_check_vnode_setextattr(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, struct label *vplabel, int attrnamespace, const char *name, struct uio *uio) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_setextattr); + COUNTER_INC(vnode_check_setextattr); return (0); } -COUNTER_DECL(check_vnode_setflags); +COUNTER_DECL(vnode_check_setflags); static int -mac_test_check_vnode_setflags(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_setflags(struct ucred *cred, struct vnode *vp, struct label *vplabel, u_long flags) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_setflags); + COUNTER_INC(vnode_check_setflags); return (0); } -COUNTER_DECL(check_vnode_setmode); +COUNTER_DECL(vnode_check_setmode); static int -mac_test_check_vnode_setmode(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_setmode(struct ucred *cred, struct vnode *vp, struct label *vplabel, mode_t mode) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_setmode); + COUNTER_INC(vnode_check_setmode); return (0); } -COUNTER_DECL(check_vnode_setowner); +COUNTER_DECL(vnode_check_setowner); static int -mac_test_check_vnode_setowner(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_setowner(struct ucred *cred, struct vnode *vp, struct label *vplabel, uid_t uid, gid_t gid) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_setowner); + COUNTER_INC(vnode_check_setowner); return (0); } -COUNTER_DECL(check_vnode_setutimes); +COUNTER_DECL(vnode_check_setutimes); static int -mac_test_check_vnode_setutimes(struct ucred *cred, struct vnode *vp, +mac_test_vnode_check_setutimes(struct ucred *cred, struct vnode *vp, struct label *vplabel, struct timespec atime, struct timespec mtime) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_setutimes); + COUNTER_INC(vnode_check_setutimes); return (0); } -COUNTER_DECL(check_vnode_stat); +COUNTER_DECL(vnode_check_stat); static int -mac_test_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred, +mac_test_vnode_check_stat(struct ucred *active_cred, struct ucred *file_cred, struct vnode *vp, struct label *vplabel) { @@ -2435,14 +2439,14 @@ mac_test_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred, if (file_cred != NULL) LABEL_CHECK(file_cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_stat); + COUNTER_INC(vnode_check_stat); return (0); } -COUNTER_DECL(check_vnode_unlink); +COUNTER_DECL(vnode_check_unlink); static int -mac_test_check_vnode_unlink(struct ucred *cred, struct vnode *dvp, +mac_test_vnode_check_unlink(struct ucred *cred, struct vnode *dvp, struct label *dvplabel, struct vnode *vp, struct label *vplabel, struct componentname *cnp) { @@ -2450,14 +2454,14 @@ mac_test_check_vnode_unlink(struct ucred *cred, struct vnode *dvp, LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(dvplabel, MAGIC_VNODE); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_unlink); + COUNTER_INC(vnode_check_unlink); return (0); } -COUNTER_DECL(check_vnode_write); +COUNTER_DECL(vnode_check_write); static int -mac_test_check_vnode_write(struct ucred *active_cred, +mac_test_vnode_check_write(struct ucred *active_cred, struct ucred *file_cred, struct vnode *vp, struct label *vplabel) { @@ -2465,224 +2469,225 @@ mac_test_check_vnode_write(struct ucred *active_cred, if (file_cred != NULL) LABEL_CHECK(file_cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); - COUNTER_INC(check_vnode_write); + COUNTER_INC(vnode_check_write); return (0); } static struct mac_policy_ops mac_test_ops = { - .mpo_init_bpfdesc_label = mac_test_init_bpfdesc_label, - .mpo_init_cred_label = mac_test_init_cred_label, - .mpo_init_devfs_label = mac_test_init_devfs_label, - .mpo_init_ifnet_label = mac_test_init_ifnet_label, - .mpo_init_sysv_msgmsg_label = mac_test_init_sysv_msgmsg_label, - .mpo_init_sysv_msgqueue_label = mac_test_init_sysv_msgqueue_label, - .mpo_init_sysv_sem_label = mac_test_init_sysv_sem_label, - .mpo_init_sysv_shm_label = mac_test_init_sysv_shm_label, - .mpo_init_inpcb_label = mac_test_init_inpcb_label, - .mpo_init_ipq_label = mac_test_init_ipq_label, - .mpo_init_mbuf_label = mac_test_init_mbuf_label, - .mpo_init_mount_label = mac_test_init_mount_label, - .mpo_init_pipe_label = mac_test_init_pipe_label, - .mpo_init_posix_sem_label = mac_test_init_posix_sem_label, - .mpo_init_proc_label = mac_test_init_proc_label, - .mpo_init_socket_label = mac_test_init_socket_label, - .mpo_init_socket_peer_label = mac_test_init_socket_peer_label, - .mpo_init_vnode_label = mac_test_init_vnode_label, - .mpo_destroy_bpfdesc_label = mac_test_destroy_bpfdesc_label, - .mpo_destroy_cred_label = mac_test_destroy_cred_label, - .mpo_destroy_devfs_label = mac_test_destroy_devfs_label, - .mpo_destroy_ifnet_label = mac_test_destroy_ifnet_label, - .mpo_destroy_sysv_msgmsg_label = mac_test_destroy_sysv_msgmsg_label, - .mpo_destroy_sysv_msgqueue_label = - mac_test_destroy_sysv_msgqueue_label, - .mpo_destroy_sysv_sem_label = mac_test_destroy_sysv_sem_label, - .mpo_destroy_sysv_shm_label = mac_test_destroy_sysv_shm_label, - .mpo_destroy_inpcb_label = mac_test_destroy_inpcb_label, - .mpo_destroy_ipq_label = mac_test_destroy_ipq_label, - .mpo_destroy_mbuf_label = mac_test_destroy_mbuf_label, - .mpo_destroy_mount_label = mac_test_destroy_mount_label, - .mpo_destroy_pipe_label = mac_test_destroy_pipe_label, - .mpo_destroy_posix_sem_label = mac_test_destroy_posix_sem_label, - .mpo_destroy_proc_label = mac_test_destroy_proc_label, - .mpo_destroy_socket_label = mac_test_destroy_socket_label, - .mpo_destroy_socket_peer_label = mac_test_destroy_socket_peer_label, - .mpo_destroy_vnode_label = mac_test_destroy_vnode_label, - .mpo_copy_cred_label = mac_test_copy_cred_label, - .mpo_copy_ifnet_label = mac_test_copy_ifnet_label, - .mpo_copy_mbuf_label = mac_test_copy_mbuf_label, - .mpo_copy_pipe_label = mac_test_copy_pipe_label, - .mpo_copy_socket_label = mac_test_copy_socket_label, - .mpo_copy_vnode_label = mac_test_copy_vnode_label, - .mpo_externalize_cred_label = mac_test_externalize_label, - .mpo_externalize_ifnet_label = mac_test_externalize_label, - .mpo_externalize_pipe_label = mac_test_externalize_label, - .mpo_externalize_socket_label = mac_test_externalize_label, - .mpo_externalize_socket_peer_label = mac_test_externalize_label, - .mpo_externalize_vnode_label = mac_test_externalize_label, - .mpo_internalize_cred_label = mac_test_internalize_label, - .mpo_internalize_ifnet_label = mac_test_internalize_label, - .mpo_internalize_pipe_label = mac_test_internalize_label, - .mpo_internalize_socket_label = mac_test_internalize_label, - .mpo_internalize_vnode_label = mac_test_internalize_label, - .mpo_associate_vnode_devfs = mac_test_associate_vnode_devfs, - .mpo_associate_vnode_extattr = mac_test_associate_vnode_extattr, - .mpo_associate_vnode_singlelabel = mac_test_associate_vnode_singlelabel, - .mpo_create_devfs_device = mac_test_create_devfs_device, - .mpo_create_devfs_directory = mac_test_create_devfs_directory, - .mpo_create_devfs_symlink = mac_test_create_devfs_symlink, - .mpo_create_vnode_extattr = mac_test_create_vnode_extattr, - .mpo_create_mount = mac_test_create_mount, - .mpo_relabel_vnode = mac_test_relabel_vnode, - .mpo_setlabel_vnode_extattr = mac_test_setlabel_vnode_extattr, - .mpo_update_devfs = mac_test_update_devfs, - .mpo_create_mbuf_from_socket = mac_test_create_mbuf_from_socket, - .mpo_create_pipe = mac_test_create_pipe, - .mpo_create_posix_sem = mac_test_create_posix_sem, - .mpo_create_socket = mac_test_create_socket, - .mpo_create_socket_from_socket = mac_test_create_socket_from_socket, - .mpo_relabel_pipe = mac_test_relabel_pipe, - .mpo_relabel_socket = mac_test_relabel_socket, - .mpo_set_socket_peer_from_mbuf = mac_test_set_socket_peer_from_mbuf, - .mpo_set_socket_peer_from_socket = mac_test_set_socket_peer_from_socket, - .mpo_create_bpfdesc = mac_test_create_bpfdesc, - .mpo_create_ifnet = mac_test_create_ifnet, - .mpo_create_inpcb_from_socket = mac_test_create_inpcb_from_socket, - .mpo_create_sysv_msgmsg = mac_test_create_sysv_msgmsg, - .mpo_create_sysv_msgqueue = mac_test_create_sysv_msgqueue, - .mpo_create_sysv_sem = mac_test_create_sysv_sem, - .mpo_create_sysv_shm = mac_test_create_sysv_shm, - .mpo_create_datagram_from_ipq = mac_test_create_datagram_from_ipq, - .mpo_create_fragment = mac_test_create_fragment, - .mpo_create_ipq = mac_test_create_ipq, - .mpo_create_mbuf_from_inpcb = mac_test_create_mbuf_from_inpcb, + .mpo_bpfdesc_init_label = mac_test_bpfdesc_init_label, + .mpo_cred_init_label = mac_test_cred_init_label, + .mpo_devfs_init_label = mac_test_devfs_init_label, + .mpo_ifnet_init_label = mac_test_ifnet_init_label, + .mpo_sysvmsg_init_label = mac_test_sysvmsg_init_label, + .mpo_sysvmsq_init_label = mac_test_sysvmsq_init_label, + .mpo_sysvsem_init_label = mac_test_sysvsem_init_label, + .mpo_sysvshm_init_label = mac_test_sysvshm_init_label, + .mpo_inpcb_init_label = mac_test_inpcb_init_label, + .mpo_ipq_init_label = mac_test_ipq_init_label, + .mpo_mbuf_init_label = mac_test_mbuf_init_label, + .mpo_mount_init_label = mac_test_mount_init_label, + .mpo_pipe_init_label = mac_test_pipe_init_label, + .mpo_posixsem_init_label = mac_test_posixsem_init_label, + .mpo_proc_init_label = mac_test_proc_init_label, + .mpo_socket_init_label = mac_test_socket_init_label, + .mpo_socketpeer_init_label = mac_test_socketpeer_init_label, + .mpo_vnode_init_label = mac_test_vnode_init_label, + .mpo_bpfdesc_destroy_label = mac_test_bpfdesc_destroy_label, + .mpo_cred_destroy_label = mac_test_cred_destroy_label, + .mpo_devfs_destroy_label = mac_test_devfs_destroy_label, + .mpo_ifnet_destroy_label = mac_test_ifnet_destroy_label, + .mpo_sysvmsg_destroy_label = mac_test_sysvmsg_destroy_label, + .mpo_sysvmsq_destroy_label = + mac_test_sysvmsq_destroy_label, + .mpo_sysvsem_destroy_label = mac_test_sysvsem_destroy_label, + .mpo_sysvshm_destroy_label = mac_test_sysvshm_destroy_label, + .mpo_inpcb_destroy_label = mac_test_inpcb_destroy_label, + .mpo_ipq_destroy_label = mac_test_ipq_destroy_label, + .mpo_mbuf_destroy_label = mac_test_mbuf_destroy_label, + .mpo_mount_destroy_label = mac_test_mount_destroy_label, + .mpo_pipe_destroy_label = mac_test_pipe_destroy_label, + .mpo_posixsem_destroy_label = mac_test_posixsem_destroy_label, + .mpo_proc_destroy_label = mac_test_proc_destroy_label, + .mpo_socket_destroy_label = mac_test_socket_destroy_label, + .mpo_socketpeer_destroy_label = mac_test_socketpeer_destroy_label, + .mpo_vnode_destroy_label = mac_test_vnode_destroy_label, + .mpo_cred_copy_label = mac_test_cred_copy_label, + .mpo_ifnet_copy_label = mac_test_ifnet_copy_label, + .mpo_mbuf_copy_label = mac_test_mbuf_copy_label, + .mpo_pipe_copy_label = mac_test_pipe_copy_label, + .mpo_socket_copy_label = mac_test_socket_copy_label, + .mpo_vnode_copy_label = mac_test_vnode_copy_label, + .mpo_cred_externalize_label = mac_test_externalize_label, + .mpo_ifnet_externalize_label = mac_test_externalize_label, + .mpo_pipe_externalize_label = mac_test_externalize_label, + .mpo_socket_externalize_label = mac_test_externalize_label, + .mpo_socketpeer_externalize_label = mac_test_externalize_label, + .mpo_vnode_externalize_label = mac_test_externalize_label, + .mpo_cred_internalize_label = mac_test_internalize_label, + .mpo_ifnet_internalize_label = mac_test_internalize_label, + .mpo_pipe_internalize_label = mac_test_internalize_label, + .mpo_socket_internalize_label = mac_test_internalize_label, + .mpo_vnode_internalize_label = mac_test_internalize_label, + .mpo_devfs_vnode_associate = mac_test_devfs_vnode_associate, + .mpo_vnode_associate_extattr = mac_test_vnode_associate_extattr, + .mpo_vnode_associate_singlelabel = mac_test_vnode_associate_singlelabel, + .mpo_devfs_create_device = mac_test_devfs_create_device, + .mpo_devfs_create_directory = mac_test_devfs_create_directory, + .mpo_devfs_create_symlink = mac_test_devfs_create_symlink, + .mpo_vnode_create_extattr = mac_test_vnode_create_extattr, + .mpo_mount_create = mac_test_mount_create, + .mpo_vnode_relabel = mac_test_vnode_relabel, + .mpo_vnode_setlabel_extattr = mac_test_vnode_setlabel_extattr, + .mpo_devfs_update = mac_test_devfs_update, + .mpo_socket_create_mbuf = mac_test_socket_create_mbuf, + .mpo_pipe_create = mac_test_pipe_create, + .mpo_posixsem_create = mac_test_posixsem_create, + .mpo_socket_create = mac_test_socket_create, + .mpo_socket_newconn = mac_test_socket_newconn, + .mpo_pipe_relabel = mac_test_pipe_relabel, + .mpo_socket_relabel = mac_test_socket_relabel, + .mpo_socketpeer_set_from_mbuf = mac_test_socketpeer_set_from_mbuf, + .mpo_socketpeer_set_from_socket = mac_test_socketpeer_set_from_socket, + .mpo_bpfdesc_create = mac_test_bpfdesc_create, + .mpo_ifnet_create = mac_test_ifnet_create, + .mpo_inpcb_create = mac_test_inpcb_create, + .mpo_sysvmsg_create = mac_test_sysvmsg_create, + .mpo_sysvmsq_create = mac_test_sysvmsq_create, + .mpo_sysvsem_create = mac_test_sysvsem_create, + .mpo_sysvshm_create = mac_test_sysvshm_create, + .mpo_ipq_reassemble = mac_test_ipq_reassemble, + .mpo_netinet_fragment = mac_test_netinet_fragment, + .mpo_ipq_create = mac_test_ipq_create, + .mpo_inpcb_create_mbuf = mac_test_inpcb_create_mbuf, .mpo_create_mbuf_linklayer = mac_test_create_mbuf_linklayer, - .mpo_create_mbuf_from_bpfdesc = mac_test_create_mbuf_from_bpfdesc, - .mpo_create_mbuf_from_ifnet = mac_test_create_mbuf_from_ifnet, - .mpo_create_mbuf_multicast_encap = mac_test_create_mbuf_multicast_encap, - .mpo_create_mbuf_netlayer = mac_test_create_mbuf_netlayer, - .mpo_fragment_match = mac_test_fragment_match, - .mpo_reflect_mbuf_icmp = mac_test_reflect_mbuf_icmp, - .mpo_reflect_mbuf_tcp = mac_test_reflect_mbuf_tcp, - .mpo_relabel_ifnet = mac_test_relabel_ifnet, - .mpo_update_ipq = mac_test_update_ipq, + .mpo_bpfdesc_create_mbuf = mac_test_bpfdesc_create_mbuf, + .mpo_ifnet_create_mbuf = mac_test_ifnet_create_mbuf, + .mpo_mbuf_create_multicast_encap = mac_test_mbuf_create_multicast_encap, + .mpo_mbuf_create_netlayer = mac_test_mbuf_create_netlayer, + .mpo_ipq_match = mac_test_ipq_match, + .mpo_netinet_icmp_reply = mac_test_netinet_icmp_reply, + .mpo_netinet_tcp_reply = mac_test_netinet_tcp_reply, + .mpo_ifnet_relabel = mac_test_ifnet_relabel, + .mpo_ipq_update = mac_test_ipq_update, .mpo_inpcb_sosetlabel = mac_test_inpcb_sosetlabel, - .mpo_execve_transition = mac_test_execve_transition, - .mpo_execve_will_transition = mac_test_execve_will_transition, - .mpo_create_proc0 = mac_test_create_proc0, - .mpo_create_proc1 = mac_test_create_proc1, - .mpo_relabel_cred = mac_test_relabel_cred, + .mpo_vnode_execve_transition = mac_test_vnode_execve_transition, + .mpo_vnode_execve_will_transition = + mac_test_vnode_execve_will_transition, + .mpo_proc_create_swapper = mac_test_proc_create_swapper, + .mpo_proc_create_init = mac_test_proc_create_init, + .mpo_cred_relabel = mac_test_cred_relabel, .mpo_thread_userret = mac_test_thread_userret, - .mpo_cleanup_sysv_msgmsg = mac_test_cleanup_sysv_msgmsg, - .mpo_cleanup_sysv_msgqueue = mac_test_cleanup_sysv_msgqueue, - .mpo_cleanup_sysv_sem = mac_test_cleanup_sysv_sem, - .mpo_cleanup_sysv_shm = mac_test_cleanup_sysv_shm, - .mpo_check_bpfdesc_receive = mac_test_check_bpfdesc_receive, - .mpo_check_cred_relabel = mac_test_check_cred_relabel, - .mpo_check_cred_visible = mac_test_check_cred_visible, - .mpo_check_ifnet_relabel = mac_test_check_ifnet_relabel, - .mpo_check_ifnet_transmit = mac_test_check_ifnet_transmit, - .mpo_check_inpcb_deliver = mac_test_check_inpcb_deliver, - .mpo_check_sysv_msgmsq = mac_test_check_sysv_msgmsq, - .mpo_check_sysv_msgrcv = mac_test_check_sysv_msgrcv, - .mpo_check_sysv_msgrmid = mac_test_check_sysv_msgrmid, - .mpo_check_sysv_msqget = mac_test_check_sysv_msqget, - .mpo_check_sysv_msqsnd = mac_test_check_sysv_msqsnd, - .mpo_check_sysv_msqrcv = mac_test_check_sysv_msqrcv, - .mpo_check_sysv_msqctl = mac_test_check_sysv_msqctl, - .mpo_check_sysv_semctl = mac_test_check_sysv_semctl, - .mpo_check_sysv_semget = mac_test_check_sysv_semget, - .mpo_check_sysv_semop = mac_test_check_sysv_semop, - .mpo_check_sysv_shmat = mac_test_check_sysv_shmat, - .mpo_check_sysv_shmctl = mac_test_check_sysv_shmctl, - .mpo_check_sysv_shmdt = mac_test_check_sysv_shmdt, - .mpo_check_sysv_shmget = mac_test_check_sysv_shmget, - .mpo_check_kenv_dump = mac_test_check_kenv_dump, - .mpo_check_kenv_get = mac_test_check_kenv_get, - .mpo_check_kenv_set = mac_test_check_kenv_set, - .mpo_check_kenv_unset = mac_test_check_kenv_unset, - .mpo_check_kld_load = mac_test_check_kld_load, - .mpo_check_kld_stat = mac_test_check_kld_stat, - .mpo_check_mount_stat = mac_test_check_mount_stat, - .mpo_check_pipe_ioctl = mac_test_check_pipe_ioctl, - .mpo_check_pipe_poll = mac_test_check_pipe_poll, - .mpo_check_pipe_read = mac_test_check_pipe_read, - .mpo_check_pipe_relabel = mac_test_check_pipe_relabel, - .mpo_check_pipe_stat = mac_test_check_pipe_stat, - .mpo_check_pipe_write = mac_test_check_pipe_write, - .mpo_check_posix_sem_destroy = mac_test_check_posix_sem, - .mpo_check_posix_sem_getvalue = mac_test_check_posix_sem, - .mpo_check_posix_sem_open = mac_test_check_posix_sem, - .mpo_check_posix_sem_post = mac_test_check_posix_sem, - .mpo_check_posix_sem_unlink = mac_test_check_posix_sem, - .mpo_check_posix_sem_wait = mac_test_check_posix_sem, - .mpo_check_proc_debug = mac_test_check_proc_debug, - .mpo_check_proc_sched = mac_test_check_proc_sched, - .mpo_check_proc_setaudit = mac_test_check_proc_setaudit, - .mpo_check_proc_setaudit_addr = mac_test_check_proc_setaudit_addr, - .mpo_check_proc_setauid = mac_test_check_proc_setauid, - .mpo_check_proc_setuid = mac_test_check_proc_setuid, - .mpo_check_proc_seteuid = mac_test_check_proc_seteuid, - .mpo_check_proc_setgid = mac_test_check_proc_setgid, - .mpo_check_proc_setegid = mac_test_check_proc_setegid, - .mpo_check_proc_setgroups = mac_test_check_proc_setgroups, - .mpo_check_proc_setreuid = mac_test_check_proc_setreuid, - .mpo_check_proc_setregid = mac_test_check_proc_setregid, - .mpo_check_proc_setresuid = mac_test_check_proc_setresuid, - .mpo_check_proc_setresgid = mac_test_check_proc_setresgid, - .mpo_check_proc_signal = mac_test_check_proc_signal, - .mpo_check_proc_wait = mac_test_check_proc_wait, - .mpo_check_socket_accept = mac_test_check_socket_accept, - .mpo_check_socket_bind = mac_test_check_socket_bind, - .mpo_check_socket_connect = mac_test_check_socket_connect, - .mpo_check_socket_deliver = mac_test_check_socket_deliver, - .mpo_check_socket_listen = mac_test_check_socket_listen, - .mpo_check_socket_poll = mac_test_check_socket_poll, - .mpo_check_socket_receive = mac_test_check_socket_receive, - .mpo_check_socket_relabel = mac_test_check_socket_relabel, - .mpo_check_socket_send = mac_test_check_socket_send, - .mpo_check_socket_stat = mac_test_check_socket_stat, - .mpo_check_socket_visible = mac_test_check_socket_visible, - .mpo_check_system_acct = mac_test_check_system_acct, - .mpo_check_system_audit = mac_test_check_system_audit, - .mpo_check_system_auditctl = mac_test_check_system_auditctl, - .mpo_check_system_auditon = mac_test_check_system_auditon, - .mpo_check_system_reboot = mac_test_check_system_reboot, - .mpo_check_system_swapoff = mac_test_check_system_swapoff, - .mpo_check_system_swapon = mac_test_check_system_swapon, - .mpo_check_system_sysctl = mac_test_check_system_sysctl, - .mpo_check_vnode_access = mac_test_check_vnode_access, - .mpo_check_vnode_chdir = mac_test_check_vnode_chdir, - .mpo_check_vnode_chroot = mac_test_check_vnode_chroot, - .mpo_check_vnode_create = mac_test_check_vnode_create, - .mpo_check_vnode_deleteacl = mac_test_check_vnode_deleteacl, - .mpo_check_vnode_deleteextattr = mac_test_check_vnode_deleteextattr, - .mpo_check_vnode_exec = mac_test_check_vnode_exec, - .mpo_check_vnode_getacl = mac_test_check_vnode_getacl, - .mpo_check_vnode_getextattr = mac_test_check_vnode_getextattr, - .mpo_check_vnode_link = mac_test_check_vnode_link, - .mpo_check_vnode_listextattr = mac_test_check_vnode_listextattr, - .mpo_check_vnode_lookup = mac_test_check_vnode_lookup, - .mpo_check_vnode_mmap = mac_test_check_vnode_mmap, - .mpo_check_vnode_open = mac_test_check_vnode_open, - .mpo_check_vnode_poll = mac_test_check_vnode_poll, - .mpo_check_vnode_read = mac_test_check_vnode_read, - .mpo_check_vnode_readdir = mac_test_check_vnode_readdir, - .mpo_check_vnode_readlink = mac_test_check_vnode_readlink, - .mpo_check_vnode_relabel = mac_test_check_vnode_relabel, - .mpo_check_vnode_rename_from = mac_test_check_vnode_rename_from, - .mpo_check_vnode_rename_to = mac_test_check_vnode_rename_to, - .mpo_check_vnode_revoke = mac_test_check_vnode_revoke, - .mpo_check_vnode_setacl = mac_test_check_vnode_setacl, - .mpo_check_vnode_setextattr = mac_test_check_vnode_setextattr, - .mpo_check_vnode_setflags = mac_test_check_vnode_setflags, - .mpo_check_vnode_setmode = mac_test_check_vnode_setmode, - .mpo_check_vnode_setowner = mac_test_check_vnode_setowner, - .mpo_check_vnode_setutimes = mac_test_check_vnode_setutimes, - .mpo_check_vnode_stat = mac_test_check_vnode_stat, - .mpo_check_vnode_unlink = mac_test_check_vnode_unlink, - .mpo_check_vnode_write = mac_test_check_vnode_write, + .mpo_sysvmsg_cleanup = mac_test_sysvmsg_cleanup, + .mpo_sysvmsq_cleanup = mac_test_sysvmsq_cleanup, + .mpo_sysvsem_cleanup = mac_test_sysvsem_cleanup, + .mpo_sysvshm_cleanup = mac_test_sysvshm_cleanup, + .mpo_bpfdesc_check_receive = mac_test_bpfdesc_check_receive, + .mpo_cred_check_relabel = mac_test_cred_check_relabel, + .mpo_cred_check_visible = mac_test_cred_check_visible, + .mpo_ifnet_check_relabel = mac_test_ifnet_check_relabel, + .mpo_ifnet_check_transmit = mac_test_ifnet_check_transmit, + .mpo_inpcb_check_deliver = mac_test_inpcb_check_deliver, + .mpo_sysvmsq_check_msgmsq = mac_test_sysvmsq_check_msgmsq, + .mpo_sysvmsq_check_msgrcv = mac_test_sysvmsq_check_msgrcv, + .mpo_sysvmsq_check_msgrmid = mac_test_sysvmsq_check_msgrmid, + .mpo_sysvmsq_check_msqget = mac_test_sysvmsq_check_msqget, + .mpo_sysvmsq_check_msqsnd = mac_test_sysvmsq_check_msqsnd, + .mpo_sysvmsq_check_msqrcv = mac_test_sysvmsq_check_msqrcv, + .mpo_sysvmsq_check_msqctl = mac_test_sysvmsq_check_msqctl, + .mpo_sysvsem_check_semctl = mac_test_sysvsem_check_semctl, + .mpo_sysvsem_check_semget = mac_test_sysvsem_check_semget, + .mpo_sysvsem_check_semop = mac_test_sysvsem_check_semop, + .mpo_sysvshm_check_shmat = mac_test_sysvshm_check_shmat, + .mpo_sysvshm_check_shmctl = mac_test_sysvshm_check_shmctl, + .mpo_sysvshm_check_shmdt = mac_test_sysvshm_check_shmdt, + .mpo_sysvshm_check_shmget = mac_test_sysvshm_check_shmget, + .mpo_kenv_check_dump = mac_test_kenv_check_dump, + .mpo_kenv_check_get = mac_test_kenv_check_get, + .mpo_kenv_check_set = mac_test_kenv_check_set, + .mpo_kenv_check_unset = mac_test_kenv_check_unset, + .mpo_kld_check_load = mac_test_kld_check_load, + .mpo_kld_check_stat = mac_test_kld_check_stat, + .mpo_mount_check_stat = mac_test_mount_check_stat, + .mpo_pipe_check_ioctl = mac_test_pipe_check_ioctl, + .mpo_pipe_check_poll = mac_test_pipe_check_poll, + .mpo_pipe_check_read = mac_test_pipe_check_read, + .mpo_pipe_check_relabel = mac_test_pipe_check_relabel, + .mpo_pipe_check_stat = mac_test_pipe_check_stat, + .mpo_pipe_check_write = mac_test_pipe_check_write, + .mpo_posixsem_check_destroy = mac_test_posixsem_check, + .mpo_posixsem_check_getvalue = mac_test_posixsem_check, + .mpo_posixsem_check_open = mac_test_posixsem_check, + .mpo_posixsem_check_post = mac_test_posixsem_check, + .mpo_posixsem_check_unlink = mac_test_posixsem_check, + .mpo_posixsem_check_wait = mac_test_posixsem_check, + .mpo_proc_check_debug = mac_test_proc_check_debug, + .mpo_proc_check_sched = mac_test_proc_check_sched, + .mpo_proc_check_setaudit = mac_test_proc_check_setaudit, + .mpo_proc_check_setaudit_addr = mac_test_proc_check_setaudit_addr, + .mpo_proc_check_setauid = mac_test_proc_check_setauid, + .mpo_proc_check_setuid = mac_test_proc_check_setuid, + .mpo_proc_check_seteuid = mac_test_proc_check_seteuid, + .mpo_proc_check_setgid = mac_test_proc_check_setgid, + .mpo_proc_check_setegid = mac_test_proc_check_setegid, + .mpo_proc_check_setgroups = mac_test_proc_check_setgroups, + .mpo_proc_check_setreuid = mac_test_proc_check_setreuid, + .mpo_proc_check_setregid = mac_test_proc_check_setregid, + .mpo_proc_check_setresuid = mac_test_proc_check_setresuid, + .mpo_proc_check_setresgid = mac_test_proc_check_setresgid, + .mpo_proc_check_signal = mac_test_proc_check_signal, + .mpo_proc_check_wait = mac_test_proc_check_wait, + .mpo_socket_check_accept = mac_test_socket_check_accept, + .mpo_socket_check_bind = mac_test_socket_check_bind, + .mpo_socket_check_connect = mac_test_socket_check_connect, + .mpo_socket_check_deliver = mac_test_socket_check_deliver, + .mpo_socket_check_listen = mac_test_socket_check_listen, + .mpo_socket_check_poll = mac_test_socket_check_poll, + .mpo_socket_check_receive = mac_test_socket_check_receive, + .mpo_socket_check_relabel = mac_test_socket_check_relabel, + .mpo_socket_check_send = mac_test_socket_check_send, + .mpo_socket_check_stat = mac_test_socket_check_stat, + .mpo_socket_check_visible = mac_test_socket_check_visible, + .mpo_system_check_acct = mac_test_system_check_acct, + .mpo_system_check_audit = mac_test_system_check_audit, + .mpo_system_check_auditctl = mac_test_system_check_auditctl, + .mpo_system_check_auditon = mac_test_system_check_auditon, + .mpo_system_check_reboot = mac_test_system_check_reboot, + .mpo_system_check_swapoff = mac_test_system_check_swapoff, + .mpo_system_check_swapon = mac_test_system_check_swapon, + .mpo_system_check_sysctl = mac_test_system_check_sysctl, + .mpo_vnode_check_access = mac_test_vnode_check_access, + .mpo_vnode_check_chdir = mac_test_vnode_check_chdir, + .mpo_vnode_check_chroot = mac_test_vnode_check_chroot, + .mpo_vnode_check_create = mac_test_vnode_check_create, + .mpo_vnode_check_deleteacl = mac_test_vnode_check_deleteacl, + .mpo_vnode_check_deleteextattr = mac_test_vnode_check_deleteextattr, + .mpo_vnode_check_exec = mac_test_vnode_check_exec, + .mpo_vnode_check_getacl = mac_test_vnode_check_getacl, + .mpo_vnode_check_getextattr = mac_test_vnode_check_getextattr, + .mpo_vnode_check_link = mac_test_vnode_check_link, + .mpo_vnode_check_listextattr = mac_test_vnode_check_listextattr, + .mpo_vnode_check_lookup = mac_test_vnode_check_lookup, + .mpo_vnode_check_mmap = mac_test_vnode_check_mmap, + .mpo_vnode_check_open = mac_test_vnode_check_open, + .mpo_vnode_check_poll = mac_test_vnode_check_poll, + .mpo_vnode_check_read = mac_test_vnode_check_read, + .mpo_vnode_check_readdir = mac_test_vnode_check_readdir, + .mpo_vnode_check_readlink = mac_test_vnode_check_readlink, + .mpo_vnode_check_relabel = mac_test_vnode_check_relabel, + .mpo_vnode_check_rename_from = mac_test_vnode_check_rename_from, + .mpo_vnode_check_rename_to = mac_test_vnode_check_rename_to, + .mpo_vnode_check_revoke = mac_test_vnode_check_revoke, + .mpo_vnode_check_setacl = mac_test_vnode_check_setacl, + .mpo_vnode_check_setextattr = mac_test_vnode_check_setextattr, + .mpo_vnode_check_setflags = mac_test_vnode_check_setflags, + .mpo_vnode_check_setmode = mac_test_vnode_check_setmode, + .mpo_vnode_check_setowner = mac_test_vnode_check_setowner, + .mpo_vnode_check_setutimes = mac_test_vnode_check_setutimes, + .mpo_vnode_check_stat = mac_test_vnode_check_stat, + .mpo_vnode_check_unlink = mac_test_vnode_check_unlink, + .mpo_vnode_check_write = mac_test_vnode_check_write, }; MAC_POLICY_SET(&mac_test_ops, mac_test, "TrustedBSD MAC/Test", |