From 927f6069ac519e9302da3519f917c5e58693e015 Mon Sep 17 00:00:00 2001
From: Robert Watson <rwatson@FreeBSD.org>
Date: Tue, 29 Oct 2002 19:57:28 +0000
Subject: [PATCH] Hook up no-op stubs for reboot, swapon, sysctl entry points.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
---
 sys/security/mac_none/mac_none.c | 29 +++++++++++++++++++++++++++++
 sys/security/mac_stub/mac_stub.c | 29 +++++++++++++++++++++++++++++
 2 files changed, 58 insertions(+)

diff --git a/sys/security/mac_none/mac_none.c b/sys/security/mac_none/mac_none.c
index 913fba2f162d..4bcf21fbaee5 100644
--- a/sys/security/mac_none/mac_none.c
+++ b/sys/security/mac_none/mac_none.c
@@ -616,6 +616,29 @@ mac_none_check_socket_visible(struct ucred *cred, struct socket *socket,
 	return (0);
 }
 
+static int
+mac_none_check_system_reboot(struct ucred *cred, int how)
+{
+
+	return (0);
+}
+
+static int
+mac_none_check_system_swapon(struct ucred *cred, struct vnode *vp,
+    struct label *label)
+{
+
+	return (0);
+}
+
+static int
+mac_none_check_system_sysctl(struct ucred *cred, int *name, u_int namelen,
+    void *old, size_t *oldlenp, int inkernel, void *new, size_t newlen)
+{
+
+	return (0);
+}
+
 static int
 mac_none_check_vnode_access(struct ucred *cred, struct vnode *vp,
     struct label *label, mode_t flags)
@@ -1064,6 +1087,12 @@ static struct mac_policy_op_entry mac_none_ops[] =
 	    (macop_t)mac_none_check_socket_relabel },
 	{ MAC_CHECK_SOCKET_VISIBLE,
 	    (macop_t)mac_none_check_socket_visible },
+	{ MAC_CHECK_SYSTEM_REBOOT,
+	    (macop_t)mac_none_check_system_reboot },
+	{ MAC_CHECK_SYSTEM_SWAPON,
+	    (macop_t)mac_none_check_system_swapon },
+	{ MAC_CHECK_SYSTEM_SYSCTL,
+	    (macop_t)mac_none_check_system_sysctl },
 	{ MAC_CHECK_VNODE_ACCESS,
 	    (macop_t)mac_none_check_vnode_access },
 	{ MAC_CHECK_VNODE_CHDIR,
diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c
index 913fba2f162d..4bcf21fbaee5 100644
--- a/sys/security/mac_stub/mac_stub.c
+++ b/sys/security/mac_stub/mac_stub.c
@@ -616,6 +616,29 @@ mac_none_check_socket_visible(struct ucred *cred, struct socket *socket,
 	return (0);
 }
 
+static int
+mac_none_check_system_reboot(struct ucred *cred, int how)
+{
+
+	return (0);
+}
+
+static int
+mac_none_check_system_swapon(struct ucred *cred, struct vnode *vp,
+    struct label *label)
+{
+
+	return (0);
+}
+
+static int
+mac_none_check_system_sysctl(struct ucred *cred, int *name, u_int namelen,
+    void *old, size_t *oldlenp, int inkernel, void *new, size_t newlen)
+{
+
+	return (0);
+}
+
 static int
 mac_none_check_vnode_access(struct ucred *cred, struct vnode *vp,
     struct label *label, mode_t flags)
@@ -1064,6 +1087,12 @@ static struct mac_policy_op_entry mac_none_ops[] =
 	    (macop_t)mac_none_check_socket_relabel },
 	{ MAC_CHECK_SOCKET_VISIBLE,
 	    (macop_t)mac_none_check_socket_visible },
+	{ MAC_CHECK_SYSTEM_REBOOT,
+	    (macop_t)mac_none_check_system_reboot },
+	{ MAC_CHECK_SYSTEM_SWAPON,
+	    (macop_t)mac_none_check_system_swapon },
+	{ MAC_CHECK_SYSTEM_SYSCTL,
+	    (macop_t)mac_none_check_system_sysctl },
 	{ MAC_CHECK_VNODE_ACCESS,
 	    (macop_t)mac_none_check_vnode_access },
 	{ MAC_CHECK_VNODE_CHDIR,