mirror of
https://git.FreeBSD.org/src.git
synced 2025-01-03 12:35:02 +00:00
Rename mac_check_socket_receive() to mac_check_socket_deliver() so that
we can use the names _receive() and _send() for the receive() and send() checks. Rename related constants, policy implementations, etc. PR: Submitted by: Reviewed by: Approved by: Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs MFC after:
This commit is contained in:
parent
c9776a935f
commit
d61198e422
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=101933
@ -693,12 +693,12 @@ mac_policy_register(struct mac_policy_conf *mpc)
|
||||
mpc->mpc_ops->mpo_check_socket_connect =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
case MAC_CHECK_SOCKET_DELIVER:
|
||||
mpc->mpc_ops->mpo_check_socket_deliver =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RECEIVE:
|
||||
mpc->mpc_ops->mpo_check_socket_receive =
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RELABEL:
|
||||
@ -2533,6 +2533,20 @@ mac_check_socket_connect(struct ucred *cred, struct socket *socket,
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_deliver(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_deliver, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
{
|
||||
@ -2545,20 +2559,6 @@ mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_receive(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_receive, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
static int
|
||||
mac_check_socket_relabel(struct ucred *cred, struct socket *socket,
|
||||
struct label *newlabel)
|
||||
|
@ -693,12 +693,12 @@ mac_policy_register(struct mac_policy_conf *mpc)
|
||||
mpc->mpc_ops->mpo_check_socket_connect =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
case MAC_CHECK_SOCKET_DELIVER:
|
||||
mpc->mpc_ops->mpo_check_socket_deliver =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RECEIVE:
|
||||
mpc->mpc_ops->mpo_check_socket_receive =
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RELABEL:
|
||||
@ -2533,6 +2533,20 @@ mac_check_socket_connect(struct ucred *cred, struct socket *socket,
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_deliver(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_deliver, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
{
|
||||
@ -2545,20 +2559,6 @@ mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_receive(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_receive, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
static int
|
||||
mac_check_socket_relabel(struct ucred *cred, struct socket *socket,
|
||||
struct label *newlabel)
|
||||
|
@ -693,12 +693,12 @@ mac_policy_register(struct mac_policy_conf *mpc)
|
||||
mpc->mpc_ops->mpo_check_socket_connect =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
case MAC_CHECK_SOCKET_DELIVER:
|
||||
mpc->mpc_ops->mpo_check_socket_deliver =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RECEIVE:
|
||||
mpc->mpc_ops->mpo_check_socket_receive =
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RELABEL:
|
||||
@ -2533,6 +2533,20 @@ mac_check_socket_connect(struct ucred *cred, struct socket *socket,
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_deliver(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_deliver, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
{
|
||||
@ -2545,20 +2559,6 @@ mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_receive(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_receive, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
static int
|
||||
mac_check_socket_relabel(struct ucred *cred, struct socket *socket,
|
||||
struct label *newlabel)
|
||||
|
@ -693,12 +693,12 @@ mac_policy_register(struct mac_policy_conf *mpc)
|
||||
mpc->mpc_ops->mpo_check_socket_connect =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
case MAC_CHECK_SOCKET_DELIVER:
|
||||
mpc->mpc_ops->mpo_check_socket_deliver =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RECEIVE:
|
||||
mpc->mpc_ops->mpo_check_socket_receive =
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RELABEL:
|
||||
@ -2533,6 +2533,20 @@ mac_check_socket_connect(struct ucred *cred, struct socket *socket,
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_deliver(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_deliver, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
{
|
||||
@ -2545,20 +2559,6 @@ mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_receive(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_receive, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
static int
|
||||
mac_check_socket_relabel(struct ucred *cred, struct socket *socket,
|
||||
struct label *newlabel)
|
||||
|
@ -693,12 +693,12 @@ mac_policy_register(struct mac_policy_conf *mpc)
|
||||
mpc->mpc_ops->mpo_check_socket_connect =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
case MAC_CHECK_SOCKET_DELIVER:
|
||||
mpc->mpc_ops->mpo_check_socket_deliver =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RECEIVE:
|
||||
mpc->mpc_ops->mpo_check_socket_receive =
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RELABEL:
|
||||
@ -2533,6 +2533,20 @@ mac_check_socket_connect(struct ucred *cred, struct socket *socket,
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_deliver(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_deliver, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
{
|
||||
@ -2545,20 +2559,6 @@ mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_receive(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_receive, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
static int
|
||||
mac_check_socket_relabel(struct ucred *cred, struct socket *socket,
|
||||
struct label *newlabel)
|
||||
|
@ -693,12 +693,12 @@ mac_policy_register(struct mac_policy_conf *mpc)
|
||||
mpc->mpc_ops->mpo_check_socket_connect =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
case MAC_CHECK_SOCKET_DELIVER:
|
||||
mpc->mpc_ops->mpo_check_socket_deliver =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RECEIVE:
|
||||
mpc->mpc_ops->mpo_check_socket_receive =
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RELABEL:
|
||||
@ -2533,6 +2533,20 @@ mac_check_socket_connect(struct ucred *cred, struct socket *socket,
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_deliver(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_deliver, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
{
|
||||
@ -2545,20 +2559,6 @@ mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_receive(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_receive, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
static int
|
||||
mac_check_socket_relabel(struct ucred *cred, struct socket *socket,
|
||||
struct label *newlabel)
|
||||
|
@ -693,12 +693,12 @@ mac_policy_register(struct mac_policy_conf *mpc)
|
||||
mpc->mpc_ops->mpo_check_socket_connect =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
case MAC_CHECK_SOCKET_DELIVER:
|
||||
mpc->mpc_ops->mpo_check_socket_deliver =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RECEIVE:
|
||||
mpc->mpc_ops->mpo_check_socket_receive =
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RELABEL:
|
||||
@ -2533,6 +2533,20 @@ mac_check_socket_connect(struct ucred *cred, struct socket *socket,
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_deliver(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_deliver, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
{
|
||||
@ -2545,20 +2559,6 @@ mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_receive(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_receive, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
static int
|
||||
mac_check_socket_relabel(struct ucred *cred, struct socket *socket,
|
||||
struct label *newlabel)
|
||||
|
@ -693,12 +693,12 @@ mac_policy_register(struct mac_policy_conf *mpc)
|
||||
mpc->mpc_ops->mpo_check_socket_connect =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
case MAC_CHECK_SOCKET_DELIVER:
|
||||
mpc->mpc_ops->mpo_check_socket_deliver =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RECEIVE:
|
||||
mpc->mpc_ops->mpo_check_socket_receive =
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RELABEL:
|
||||
@ -2533,6 +2533,20 @@ mac_check_socket_connect(struct ucred *cred, struct socket *socket,
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_deliver(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_deliver, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
{
|
||||
@ -2545,20 +2559,6 @@ mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_receive(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_receive, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
static int
|
||||
mac_check_socket_relabel(struct ucred *cred, struct socket *socket,
|
||||
struct label *newlabel)
|
||||
|
@ -693,12 +693,12 @@ mac_policy_register(struct mac_policy_conf *mpc)
|
||||
mpc->mpc_ops->mpo_check_socket_connect =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
case MAC_CHECK_SOCKET_DELIVER:
|
||||
mpc->mpc_ops->mpo_check_socket_deliver =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RECEIVE:
|
||||
mpc->mpc_ops->mpo_check_socket_receive =
|
||||
case MAC_CHECK_SOCKET_LISTEN:
|
||||
mpc->mpc_ops->mpo_check_socket_listen =
|
||||
mpe->mpe_function;
|
||||
break;
|
||||
case MAC_CHECK_SOCKET_RELABEL:
|
||||
@ -2533,6 +2533,20 @@ mac_check_socket_connect(struct ucred *cred, struct socket *socket,
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_deliver(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_deliver, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
{
|
||||
@ -2545,20 +2559,6 @@ mac_check_socket_listen(struct ucred *cred, struct socket *socket)
|
||||
return (error);
|
||||
}
|
||||
|
||||
int
|
||||
mac_check_socket_receive(struct socket *socket, struct mbuf *mbuf)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!mac_enforce_socket)
|
||||
return (0);
|
||||
|
||||
MAC_CHECK(check_socket_receive, socket, &socket->so_label, mbuf,
|
||||
&mbuf->m_pkthdr.label);
|
||||
|
||||
return (error);
|
||||
}
|
||||
|
||||
static int
|
||||
mac_check_socket_relabel(struct ucred *cred, struct socket *socket,
|
||||
struct label *newlabel)
|
||||
|
Loading…
Reference in New Issue
Block a user