Date: Tue, 3 Oct 2006 15:03:57 GMT From: Todd Miller <millert@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 107183 for review Message-ID: <200610031503.k93F3v7c025390@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=107183 Change 107183 by millert@millert_macbook on 2006/10/03 15:03:26 #ifdef out entrypoints for now where we are missing bits in refpolicy. Affected files ... .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#19 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#19 (text+ko) ==== @@ -1527,6 +1527,7 @@ return (mount_has_perm(cred, mp, FILESYSTEM__GETATTR, NULL)); } +#ifdef FILESYSTEM__SETATTR static int sebsd_mount_check_setattr(struct ucred *cred, struct mount *mp, struct label *mntlabel, struct vfs_attr *vfa) @@ -1534,6 +1535,7 @@ return (mount_has_perm(cred, mp, FILESYSTEM__SETATTR, NULL)); } +#endif static int sebsd_mount_check_remount(struct ucred *cred, struct mount *mp, @@ -1559,6 +1561,7 @@ return (pipe_has_perm(cred, pipe, FIFO_FILE__IOCTL)); } +#ifdef FIFO_FILE__POLL static int sebsd_pipe_check_kqfilter(struct ucred *cred, struct knote *kn, struct pipe *pipe, struct label *pipelabel) @@ -1566,6 +1569,7 @@ return (pipe_has_perm(cred, pipe, FIFO_FILE__POLL)); } +#endif static int sebsd_pipe_check_read(struct ucred *cred, struct pipe *pipe, @@ -1607,6 +1611,7 @@ return (rc); } +#ifdef FIFO_FILE__POLL static int sebsd_pipe_check_select(struct ucred *cred, struct pipe *pipe, struct label *pipelabel, int which) @@ -1614,6 +1619,7 @@ return (pipe_has_perm(cred, pipe, FIFO_FILE__POLL)); } +#endif static int sebsd_pipe_check_stat(struct ucred *cred, struct pipe *pipe, @@ -2179,6 +2185,7 @@ return (vnode_has_perm(cred, vp, FILE__GETATTR)); } +#if defined(FILE__POLL) && defined(FILE__GETATTR) static int sebsd_vnode_check_kqfilter(struct ucred *cred, struct ucred *file_cred, struct knote *kn, struct vnode *vp, struct label *label) @@ -2194,6 +2201,7 @@ return (0); } } +#endif static int sebsd_vnode_check_link(struct ucred *cred, struct vnode *dvp, @@ -2439,6 +2447,7 @@ return (0); } +#ifdef FILE__POLL static int sebsd_vnode_check_select(struct ucred *cred, struct vnode *vp, struct label *label, int which) @@ -2446,6 +2455,7 @@ return (vnode_has_perm(cred, vp, FILE__POLL)); } +#endif #ifdef HAS_ACLS static int @@ -2457,6 +2467,7 @@ } #endif +#ifdef FILE__SETATTR static int sebsd_vnode_check_setattrlist(struct ucred *cred, struct vnode *vp, struct label *vlabel, struct attrlist *alist) @@ -2464,6 +2475,7 @@ return (vnode_has_perm(cred, vp, FILE__SETATTR)); } +#endif static int sebsd_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, @@ -2710,6 +2722,7 @@ } #endif +#ifdef SOCKET__POLL static int sebsd_socket_check_kqfilter(struct ucred *cred, struct knote *kn, struct xsocket *xso, struct label *socklabel) @@ -2717,6 +2730,7 @@ return (socket_has_perm(cred, socklabel, SOCKET__POLL)); } +#endif static int sebsd_socket_check_listen(struct ucred *cred, struct xsocket *xso, @@ -2760,6 +2774,7 @@ return (0); } +#ifdef SOCKET__POLL static int sebsd_socket_check_select(struct ucred *cred, struct xsocket *xso, struct label *socklabel, int which) @@ -2767,6 +2782,7 @@ return (socket_has_perm(cred, socklabel, SOCKET__POLL)); } +#endif static int sebsd_socket_check_send(struct ucred *cred, struct xsocket *xso, @@ -3136,6 +3152,7 @@ return (ipc_has_perm(cred, msglabel, MSG__RECEIVE)); } +#ifdef MSG__DESTROY static int sebsd_sysvmsq_check_msgrmid(struct ucred *cred, struct msg *msgptr, struct label *msglabel) @@ -3143,6 +3160,7 @@ return (ipc_has_perm(cred, msglabel, MSG__DESTROY)); } +#endif static int sebsd_sysvmsq_check_msqget(struct ucred *cred, struct msqid_kernel *msqkptr, @@ -3561,11 +3579,11 @@ .mpo_socket_check_connect = sebsd_socket_check_connect, .mpo_socket_check_create = sebsd_socket_check_create, // .mpo_socket_check_deliver = sebsd_socket_check_deliver, - .mpo_socket_check_kqfilter = sebsd_socket_check_kqfilter, +// .mpo_socket_check_kqfilter = sebsd_socket_check_kqfilter, .mpo_socket_check_listen = sebsd_socket_check_listen, .mpo_socket_check_receive = sebsd_socket_check_receive, .mpo_socket_check_setlabel = sebsd_socket_check_setlabel, - .mpo_socket_check_select = sebsd_socket_check_select, +// .mpo_socket_check_select = sebsd_socket_check_select, .mpo_socket_check_send = sebsd_socket_check_send, .mpo_socket_check_stat = sebsd_socket_check_stat, .mpo_system_check_acct = sebsd_system_check_acct, @@ -3592,7 +3610,7 @@ .mpo_vnode_check_deleteextattr = NOT_IMPLEMENTED, #endif .mpo_vnode_check_getattrlist = sebsd_vnode_check_getattrlist, - .mpo_vnode_check_kqfilter = sebsd_vnode_check_kqfilter, +// .mpo_vnode_check_kqfilter = sebsd_vnode_check_kqfilter, .mpo_vnode_check_link = sebsd_vnode_check_link, .mpo_vnode_check_lookup = sebsd_vnode_check_lookup, .mpo_vnode_check_mmap = sebsd_vnode_check_mmap, @@ -3605,8 +3623,8 @@ .mpo_vnode_check_rename_from = sebsd_vnode_check_rename_from, .mpo_vnode_check_rename_to = sebsd_vnode_check_rename_to, .mpo_vnode_check_revoke = sebsd_vnode_check_revoke, - .mpo_vnode_check_select = sebsd_vnode_check_select, - .mpo_vnode_check_setattrlist = sebsd_vnode_check_setattrlist, +// .mpo_vnode_check_select = sebsd_vnode_check_select, +// .mpo_vnode_check_setattrlist = sebsd_vnode_check_setattrlist, .mpo_vnode_check_getextattr = sebsd_vnode_check_getextattr, .mpo_vnode_check_setextattr = sebsd_vnode_check_setextattr, .mpo_vnode_check_setflags = sebsd_vnode_check_setflags, @@ -3616,10 +3634,10 @@ .mpo_vnode_check_stat = sebsd_vnode_check_stat, .mpo_vnode_check_write = sebsd_vnode_check_write, .mpo_pipe_check_ioctl = sebsd_pipe_check_ioctl, - .mpo_pipe_check_kqfilter = sebsd_pipe_check_kqfilter, +// .mpo_pipe_check_kqfilter = sebsd_pipe_check_kqfilter, .mpo_pipe_check_read = sebsd_pipe_check_read, .mpo_pipe_check_setlabel = sebsd_pipe_check_setlabel, - .mpo_pipe_check_select = sebsd_pipe_check_select, +// .mpo_pipe_check_select = sebsd_pipe_check_select, .mpo_pipe_check_stat = sebsd_pipe_check_stat, .mpo_pipe_check_write = sebsd_pipe_check_write, @@ -3635,7 +3653,7 @@ .mpo_mount_check_remount = sebsd_mount_check_remount, .mpo_mount_check_stat = sebsd_mount_check_stat, .mpo_mount_check_getattr = sebsd_mount_check_getattr, - .mpo_mount_check_setattr = sebsd_mount_check_setattr, +// .mpo_mount_check_setattr = sebsd_mount_check_setattr, .mpo_vnode_write_extattr = sebsd_vnode_write_extattr, @@ -3660,7 +3678,7 @@ .mpo_sysvmsq_check_enqueue = sebsd_sysvmsq_check_enqueue, .mpo_sysvmsq_check_msgrcv = sebsd_sysvmsq_check_msgrcv, - .mpo_sysvmsq_check_msgrmid = sebsd_sysvmsq_check_msgrmid, +// .mpo_sysvmsq_check_msgrmid = sebsd_sysvmsq_check_msgrmid, .mpo_sysvmsq_check_msqget = sebsd_sysvmsq_check_msqget, .mpo_sysvmsq_check_msqsnd = sebsd_sysvmsq_check_msqsnd, .mpo_sysvmsq_check_msqrcv = sebsd_sysvmsq_check_msqrcv,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200610031503.k93F3v7c025390>