Date: Fri, 1 Dec 2006 16:02:32 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 110811 for review Message-ID: <200612011602.kB1G2Woh009860@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=110811 Change 110811 by rwatson@rwatson_zoo on 2006/12/01 16:01:52 In the new world order, MAC Framework entry point functions are declared in mac_framework.h. Move the new audit entry points there from mac.h where they previously existed. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.h#2 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.h#2 (text+ko) ==== @@ -52,6 +52,7 @@ #include <sys/_label.h> +struct auditinfo; struct bpf_d; struct cdev; struct componentname; @@ -411,6 +412,18 @@ int mac_priv_grant(struct ucred *cred, int priv); /* + * XXXRW: Audit checks should be above, but list them here to make a more + * sensible diff for now. + */ +int mac_check_system_audit(struct ucred *cred, void *record, int length); +int mac_check_system_auditon(struct ucred *cred, int cmd); +int mac_check_system_auditctl(struct ucred *cred, struct vnode *vp); +int mac_check_proc_getauid(struct ucred *cred); +int mac_check_proc_setauid(struct ucred *cred, uid_t auid); +int mac_check_proc_getaudit(struct ucred *cred); +int mac_check_proc_setaudit(struct ucred *cred, struct auditinfo *ai); + +/* * Calls to help various file systems implement labeling functionality * using their existing EA implementation. */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200612011602.kB1G2Woh009860>