From owner-cvs-all  Mon Aug 19  9:43:32 2002
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id CD28B37B401; Mon, 19 Aug 2002 09:43:25 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 7F26B43E4A; Mon, 19 Aug 2002 09:43:25 -0700 (PDT)
	(envelope-from rwatson@FreeBSD.org)
Received: from freefall.freebsd.org (rwatson@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g7JGhPJU089029;
	Mon, 19 Aug 2002 09:43:25 -0700 (PDT)
	(envelope-from rwatson@freefall.freebsd.org)
Received: (from rwatson@localhost)
	by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g7JGhPZ0089028;
	Mon, 19 Aug 2002 09:43:25 -0700 (PDT)
Message-Id: <200208191643.g7JGhPZ0089028@freefall.freebsd.org>
From: Robert Watson <rwatson@FreeBSD.org>
Date: Mon, 19 Aug 2002 09:43:25 -0700 (PDT)
To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: src/sys/kern kern_ktrace.c kern_mac.c tty_tty.c
         vfs_syscalls.c vfs_vnops.c src/sys/security/mac_biba mac_biba.c
         src/sys/security/mac_mls mac_mls.c src/sys/security/mac_none
         mac_none.c src/sys/security/mac_test mac_test.c src/sys/sys mac.h ...
X-FreeBSD-CVS-Branch: HEAD
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

rwatson     2002/08/19 09:43:25 PDT

  Modified files:
    sys/kern             kern_ktrace.c kern_mac.c tty_tty.c 
                         vfs_syscalls.c vfs_vnops.c 
    sys/security/mac_biba mac_biba.c 
    sys/security/mac_mls mac_mls.c 
    sys/security/mac_none mac_none.c 
    sys/security/mac_test mac_test.c 
    sys/sys              mac.h mac_policy.h 
  Log:
  Break out mac_check_vnode_op() into three seperate checks:
  mac_check_vnode_poll(), mac_check_vnode_read(), mac_check_vnode_write().
  This improves the consistency with other existing vnode checks, and
  allows policies to avoid implementing switch statements to determine
  what operations they do and do not want to authorize.
  
  Obtained from:  TrustedBSD Project
  Sponsored by:   DARPA, NAI Labs
  
  Revision  Changes    Path
  1.71      +1 -1      src/sys/kern/kern_ktrace.c
  1.11      +57 -10    src/sys/kern/kern_mac.c
  1.43      +3 -3      src/sys/kern/tty_tty.c
  1.282     +4 -8      src/sys/kern/vfs_syscalls.c
  1.164     +5 -7      src/sys/kern/vfs_vnops.c
  1.3       +60 -32    src/sys/security/mac_biba/mac_biba.c
  1.3       +60 -32    src/sys/security/mac_mls/mac_mls.c
  1.3       +30 -0     src/sys/security/mac_none/mac_none.c
  1.3       +30 -0     src/sys/security/mac_test/mac_test.c
  1.5       +3 -1      src/sys/sys/mac.h
  1.6       +9 -3      src/sys/sys/mac_policy.h

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message