cvs commit: src/sys/sys _label.h src/sys/security/mac
mac_framework.h mac_internal.h mac_label.c mac_policy.h
src/sys/security/mac_biba mac_biba.c src/sys/security/mac_lomac
mac_lomac.c src/sys/security/mac_mls mac_mls.c ...
Robert Watson
rwatson at FreeBSD.org
Tue Feb 6 14:19:25 UTC 2007
rwatson 2007-02-06 14:19:25 UTC
FreeBSD src repository
Modified files:
sys/security/mac mac_framework.h mac_internal.h
mac_label.c mac_policy.h
sys/security/mac_biba mac_biba.c
sys/security/mac_lomac mac_lomac.c
sys/security/mac_mls mac_mls.c
sys/security/mac_partition mac_partition.c
sys/security/mac_test mac_test.c
Removed files:
sys/sys _label.h
Log:
Introduce accessor functions mac_label_get() and mac_label_set() to replace
LABEL_TO_SLOT() macro used by policy modules to query and set label data
in struct label. Instead of using a union, store an intptr_t, simplifying
the API.
Update policies: in most cases this required only small tweaks to current
wrapper macros. In two cases, a single wrapper macros had to be split into
separate get and set macros.
Move struct label definition from _label.h to mac_internal.h and remove
_label.h. With this change, policies may now treat struct label * as
opaque, allowing us to change the layout of struct label without breaking
the policy module ABI. For example, we could make the maximum number of
policies with labels modifiable at boot-time rather than just at
compile-time.
Obtained from: TrustedBSD Project
Revision Changes Path
1.78 +1 -2 src/sys/security/mac/mac_framework.h
1.121 +18 -1 src/sys/security/mac/mac_internal.h
1.8 +24 -0 src/sys/security/mac/mac_label.c
1.86 +3 -7 src/sys/security/mac/mac_policy.h
1.99 +3 -3 src/sys/security/mac_biba/mac_biba.c
1.45 +4 -4 src/sys/security/mac_lomac/mac_lomac.c
1.82 +2 -2 src/sys/security/mac_mls/mac_mls.c
1.15 +11 -10 src/sys/security/mac_partition/mac_partition.c
1.67 +41 -40 src/sys/security/mac_test/mac_test.c
1.8 +0 -65 src/sys/sys/_label.h (dead)
More information about the cvs-src
mailing list