Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/sys/security/mac_grantbylabel/mac_grantbylabel.h
39564 views
1
/*

2
 * SPDX-License-Identifier: BSD-2-Clause

3
 *

4
 * Copyright (c) 2018-2023, Juniper Networks, Inc.

5
 * All rights reserved.

6
 *

7
 * Redistribution and use in source and binary forms, with or without

8
 * modification, are permitted provided that the following conditions

9
 * are met:

10
 * 1. Redistributions of source code must retain the above copyright

11
 *    notice, this list of conditions and the following disclaimer.

12
 * 2. Redistributions in binary form must reproduce the above copyright

13
 *    notice, this list of conditions and the following disclaimer in the

14
 *    documentation and/or other materials provided with the distribution.

15
 *

16
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR

17
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES

18
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.

19
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,

20
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,

21
 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

22
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED

23
 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,

24
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

25
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

26
 * SUCH DAMAGE.

27
 */

28


29
#ifndef	_SECURITY_MAC_GRANTBYLABEL_H

30
#define	_SECURITY_MAC_GRANTBYLABEL_H

31


32
#include <security/mac_veriexec/mac_veriexec.h>

33


34
#define	MAC_GRANTBYLABEL_NAME	"mac_grantbylabel"

35


36
/* the bits we use to represent tokens */

37
#define GBL_EMPTY	(1<<0)

38
#define GBL_BIND	(1<<1)

39
#define GBL_IPC		(1<<2)

40
#define GBL_NET		(1<<3)

41
#define GBL_PROC	(1<<4)

42
#define GBL_RTSOCK	(1<<5)

43
#define GBL_SYSCTL	(1<<6)

44
#define GBL_VACCESS	(1<<7)

45
#define GBL_VERIEXEC	(1<<8)

46
#define GBL_KMEM	(1<<9)

47
#define GBL_MAX		9

48


49
/* this should suffice for now */

50
typedef uint32_t	gbl_label_t;

51


52
#define MAC_GRANTBYLABEL_FETCH_GBL	1

53
#define MAC_GRANTBYLABEL_FETCH_PID_GBL	2

54


55
struct mac_grantbylabel_fetch_gbl_args {

56
	union {

57
		int	fd;

58
		pid_t	pid;

59
	} u;

60
	gbl_label_t	gbl;

61
};

62


63
#endif

64


65