Date: Mon, 29 Jul 2002 07:24:35 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 15122 for review Message-ID: <200207291424.g6TEOYeE072091@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15122 Change 15122 by rwatson@rwatson_paprika on 2002/07/29 07:24:09 Re-sort the entry points to more closely match the canonical order in mac_policy.h. Affected files ... .. //depot/projects/trustedbsd/mac/sys/sys/mac.h#133 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#133 (text+ko) ==== @@ -248,8 +248,6 @@ void mac_destroy_mbuf(struct mbuf *); void mac_destroy_mount(struct mount *); void mac_destroy_vnode(struct vnode *); -void mac_relabel_vnode(struct ucred *cred, struct vnode *vp, - struct label *newlabel); /* Non-authorizational event hooks. */ void mac_execve_transition(struct ucred *old, struct ucred *new, @@ -258,10 +256,23 @@ /* Authorizational event hooks. */ int mac_check_bpfdesc_receive(struct bpf_d *bpf_d, struct ifnet *ifnet); +int mac_check_cred_visible(struct ucred *u1, struct ucred *u2); +int mac_check_ifnet_transmit(struct ifnet *ifnet, struct mbuf *m); int mac_check_mount_stat(struct ucred *cred, struct mount *mp); int mac_check_pipe_op(struct ucred *cred, struct pipe *pipe, int op); int mac_check_pipe_ioctl(struct ucred *cred, struct pipe *pipe, unsigned long cmd, void *data); +int mac_check_proc_debug(struct ucred *cred, struct proc *proc); +int mac_check_proc_sched(struct ucred *cred, struct proc *proc); +int mac_check_proc_signal(struct ucred *cred, struct proc *proc, + int signum); +int mac_check_socket_bind(struct ucred *cred, struct socket *so, + struct sockaddr *sockaddr); +int mac_check_socket_connect(struct ucred *cred, struct socket *so, + struct sockaddr *sockaddr); +int mac_check_socket_listen(struct ucred *cred, struct socket *so); +int mac_check_socket_receive(struct socket *so, struct mbuf *m); +int mac_check_socket_visible(struct ucred *cred, struct socket *so); int mac_check_vnode_access(struct ucred *cred, struct vnode *vp, int flags); int mac_check_vnode_chdir(struct ucred *cred, struct vnode *dvp); @@ -363,26 +374,11 @@ int mac_fragment_matches_ipq(struct mbuf *fragment, struct ipq *ipq); void mac_update_ipq_from_fragment(struct mbuf *fragment, struct ipq *ipq); -int mac_check_ifnet_transmit(struct ifnet *ifnet, struct mbuf *m); - -int mac_check_socket_bind(struct ucred *cred, struct socket *so, - struct sockaddr *sockaddr); -int mac_check_socket_connect(struct ucred *cred, struct socket *so, - struct sockaddr *sockaddr); -int mac_check_socket_listen(struct ucred *cred, struct socket *so); -int mac_check_socket_receive(struct socket *so, struct mbuf *m); - -/* Hooks for the proc-based "can"-checks. */ -int mac_check_cred_visible(struct ucred *u1, struct ucred *u2); -int mac_check_proc_debug(struct ucred *cred, struct proc *proc); -int mac_check_proc_sched(struct ucred *cred, struct proc *proc); -int mac_check_proc_signal(struct ucred *cred, struct proc *proc, - int signum); -int mac_check_socket_visible(struct ucred *cred, struct socket *so); - /* Calls to help various file systems implement labeling using EAs. */ struct vop_refreshlabel_args; struct vop_setlabel_args; +void mac_relabel_vnode(struct ucred *cred, struct vnode *vp, + struct label *newlabel); int vop_stdcreatevnode_ea(struct vnode *dvp, struct vnode *tvp, struct ucred *cred); int vop_stdrefreshlabel_ea(struct vop_refreshlabel_args *ap); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207291424.g6TEOYeE072091>