From owner-p4-projects  Mon Oct 28 11:39:47 2002
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id D28C337B404; Mon, 28 Oct 2002 11:39:43 -0800 (PST)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 529CB37B401
	for <perforce@freebsd.org>; Mon, 28 Oct 2002 11:39:43 -0800 (PST)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DED4443E3B
	for <perforce@freebsd.org>; Mon, 28 Oct 2002 11:39:42 -0800 (PST)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id g9SJcbmV022839
	for <perforce@freebsd.org>; Mon, 28 Oct 2002 11:38:37 -0800 (PST)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.12.6/8.12.6/Submit) id g9SJcaN8022836
	for perforce@freebsd.org; Mon, 28 Oct 2002 11:38:36 -0800 (PST)
Date: Mon, 28 Oct 2002 11:38:36 -0800 (PST)
Message-Id: <200210281938.g9SJcaN8022836@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
Subject: PERFORCE change 20300 for review
To: Perforce Change Reviews <perforce@freebsd.org>
Sender: owner-p4-projects@FreeBSD.ORG
Precedence: bulk
List-ID: <p4-projects.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20p4-projects>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20p4-projects>
X-Loop: FreeBSD.ORG

http://perforce.freebsd.org/chv.cgi?CH=20300

Change 20300 by rwatson@rwatson_tislabs on 2002/10/28 11:38:32

	struct oldmac is no longer required, so eliminate it.  Enable
	the definitions of relevant structures in mac_biba and mac_mls.
	This eliminates policy-specific structures in the central MAC
	include files and implementation.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.h#11 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.h#12 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#200 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.h#11 (text+ko) ====

@@ -60,8 +60,6 @@
 #define	MAC_BIBA_TYPE_EQUAL	4	/* Equivilent to any
 					 * MAC_BIBA_TYPE_LABEL. */
 
-#if 0
-/* XXXMAC: temporarily disabled because we still need struct oldmac. */
 /*
  * Structures and constants associated with a Biba Integrity policy.
  * mac_biba represents a Biba label, with mb_type determining its properties,
@@ -88,7 +86,6 @@
 	struct mac_biba_element	mb_single;
 	struct mac_biba_element	mb_rangelow, mb_rangehigh;
 };
-#endif
 
 /*
  * Biba compartments bit test/set macros.

==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.h#12 (text+ko) ====

@@ -60,8 +60,6 @@
 #define	MAC_MLS_TYPE_EQUAL	4	/* Equivilent to any
 					 * MAC_MLS_TYPE_LABEL. */
 
-#if 0
-/* XXXMAC: temporarily disabled because we still need struct oldmac */
 /*
  * Structures and constants associated with a Multi-Level Security policy.
  * mac_mls represents an MLS label, with mm_type determining its properties,
@@ -93,7 +91,6 @@
 	struct mac_mls_element	mm_single;
 	struct mac_mls_element	mm_rangelow, mm_rangehigh;
 };
-#endif
 
 /*
  * MLS compartments bit test/set macros.

==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#200 (text+ko) ====

@@ -108,54 +108,7 @@
 int		 mac_syscall(const char *_policyname, int _call, void *_arg);
 int		 mac_to_text(mac_t mac, char **_text);
 
-#endif /* !_KERNEL */
-
-/*
- * XXXMAC: For compatibility until the labels on disk are changed.  We
- * will enable the definitions in various policy include files once
- * these can be disabled.
- */
-
-#define	MAC_BIBA_MAX_COMPARTMENTS	256
-
-struct mac_biba_element {
-	u_short	mbe_type;
-	u_short	mbe_grade;
-	u_char	mbe_compartments[MAC_BIBA_MAX_COMPARTMENTS >> 3];
-};
-
-struct mac_biba {
-	int			mb_flags;
-	struct mac_biba_element	mb_single;
-	struct mac_biba_element	mb_rangelow, mb_rangehigh;
-};
-
-#define	MAC_MLS_MAX_COMPARTMENTS	256
-
-struct mac_mls_element {
-	u_short	mme_type;
-	u_short	mme_level;
-	u_char	mme_compartments[MAC_MLS_MAX_COMPARTMENTS >> 3];
-};
-
-struct mac_mls {
-	int			mm_flags;
-	struct mac_mls_element	mm_single;
-	struct mac_mls_element	mm_rangelow, mm_rangehigh;
-};
-
-struct mac_sebsd {
-	uint32_t	ms_psid;
-};
-
-struct oldmac {
-	int			m_macflags;
-	struct mac_biba		m_biba;
-	struct mac_mls		m_mls;
-	struct mac_sebsd	m_sebsd;
-};
-
-#ifdef _KERNEL
+#else /* !_KERNEL */
 
 /*
  * Kernel functions to manage and evaluate labels.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message