Changeset View
Changeset View
Standalone View
Standalone View
sys/security/mac/mac_syscalls.c
| Show First 20 Lines • Show All 247 Lines • ▼ Show 20 Lines | sys___mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) | ||||
| elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); | elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); | ||||
| error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); | error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); | ||||
| if (error) { | if (error) { | ||||
| free(elements, M_MACTEMP); | free(elements, M_MACTEMP); | ||||
| return (error); | return (error); | ||||
| } | } | ||||
| buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); | buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); | ||||
| error = fget(td, uap->fd, cap_rights_init(&rights, CAP_MAC_GET), &fp); | error = fget(td, uap->fd, cap_rights_init_one(&rights, CAP_MAC_GET), | ||||
| &fp); | |||||
| if (error) | if (error) | ||||
| goto out; | goto out; | ||||
| switch (fp->f_type) { | switch (fp->f_type) { | ||||
| case DTYPE_FIFO: | case DTYPE_FIFO: | ||||
| case DTYPE_VNODE: | case DTYPE_VNODE: | ||||
| if (!(mac_labeled & MPC_OBJECT_VNODE)) { | if (!(mac_labeled & MPC_OBJECT_VNODE)) { | ||||
| error = EINVAL; | error = EINVAL; | ||||
| ▲ Show 20 Lines • Show All 141 Lines • ▼ Show 20 Lines | sys___mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap) | ||||
| buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); | buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); | ||||
| error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); | error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); | ||||
| if (error) { | if (error) { | ||||
| free(buffer, M_MACTEMP); | free(buffer, M_MACTEMP); | ||||
| return (error); | return (error); | ||||
| } | } | ||||
| error = fget(td, uap->fd, cap_rights_init(&rights, CAP_MAC_SET), &fp); | error = fget(td, uap->fd, cap_rights_init_one(&rights, CAP_MAC_SET), | ||||
| &fp); | |||||
| if (error) | if (error) | ||||
| goto out; | goto out; | ||||
| switch (fp->f_type) { | switch (fp->f_type) { | ||||
| case DTYPE_FIFO: | case DTYPE_FIFO: | ||||
| case DTYPE_VNODE: | case DTYPE_VNODE: | ||||
| if (!(mac_labeled & MPC_OBJECT_VNODE)) { | if (!(mac_labeled & MPC_OBJECT_VNODE)) { | ||||
| error = EINVAL; | error = EINVAL; | ||||
| ▲ Show 20 Lines • Show All 239 Lines • Show Last 20 Lines | |||||