PERFORCE change 14651 for review

Robert Watson rwatson at freebsd.org
Mon Jul 22 00:24:07 GMT 2002 

http://people.freebsd.org/~peter/p4db/chv.cgi?CH=14651

Change 14651 by rwatson at rwatson_curry on 2002/07/21 17:23:29

	When deleting a vnode, provide the componentname to the MAC
	framework and to policies.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#185 edit
.. //depot/projects/trustedbsd/mac/sys/kern/vfs_syscalls.c#58 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#61 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#40 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#49 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#42 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#44 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#12 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#118 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#81 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#185 (text+ko) ====

@@ -1877,7 +1877,7 @@
 
 int
 mac_cred_check_delete_vnode(struct ucred *cred, struct vnode *dvp,
-    struct vnode *vp)
+    struct vnode *vp, struct componentname *cnp)
 {
 	int error;
 
@@ -1895,7 +1895,7 @@
 		return (error);
 
 	MAC_CHECK(cred_check_delete_vnode, cred, dvp, &dvp->v_label, vp,
-	    &vp->v_label);
+	    &vp->v_label, cnp);
 	return (error);
 }
 

==== //depot/projects/trustedbsd/mac/sys/kern/vfs_syscalls.c#58 (text+ko) ====

@@ -2260,7 +2260,7 @@
 	if (!error) {
 #ifdef MAC
 		error = mac_cred_check_delete_vnode(td->td_ucred, nd.ni_dvp,
-		    vp);
+		    vp, &nd.ni_cnd);
 		if (error == 0) {
 #endif
 			VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
@@ -3919,7 +3919,8 @@
 		goto out;
 	}
 #ifdef MAC
-	error = mac_cred_check_delete_vnode(td->td_ucred, nd.ni_dvp, vp);
+	error = mac_cred_check_delete_vnode(td->td_ucred, nd.ni_dvp,
+	    vp, &nd.ni_cnd);
 	if (error)
 		goto out;
 #endif

==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#61 (text+ko) ====

@@ -1375,7 +1375,8 @@
 
 static int
 mac_biba_cred_check_delete_vnode(struct ucred *cred, struct vnode *dvp,
-    struct label *dlabel, struct vnode *vp, struct label *label)
+    struct label *dlabel, struct vnode *vp, struct label *label,
+    struct componentname *cnp)
 {
 	struct mac_biba *subj, *obj;
 

==== //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#40 (text+ko) ====

@@ -354,7 +354,8 @@
 
 static int
 mac_bsdextended_cred_check_delete_vnode(struct ucred *cred, struct vnode *dvp,
-    struct label *dlabel, struct vnode *vp, struct label *label)
+    struct label *dlabel, struct vnode *vp, struct label *label,
+    struct componentname *cnp)
 {
 	struct vattr vap;
 	int error;

==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#49 (text+ko) ====

@@ -1318,7 +1318,8 @@
 
 static int
 mac_mls_cred_check_delete_vnode(struct ucred *cred, struct vnode *dvp,
-    struct label *dlabel, struct vnode *vp, struct label *label)
+    struct label *dlabel, struct vnode *vp, struct label *label,
+    struct componentname *cnp)
 {
 	struct mac_mls *subj, *obj;
 

==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#42 (text+ko) ====

@@ -629,7 +629,8 @@
 
 static int
 mac_none_cred_check_delete_vnode(struct ucred *cred, struct vnode *dvp,
-    struct label *dlabel, struct vnode *vp, struct label *label)
+    struct label *dlabel, struct vnode *vp, struct label *label,
+    struct componentname *cnp)
 {
 
 	return (0);

==== //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#44 (text+ko) ====

@@ -1318,7 +1318,8 @@
 
 static int
 mac_te_cred_check_delete_vnode(struct ucred *cred, struct vnode *dvp,
-    struct label *dlabel, struct vnode *vp, struct label *label)
+    struct label *dlabel, struct vnode *vp, struct label *label,
+    struct componentname *cnp)
 {
 	int error;
 

==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#12 (text+ko) ====

@@ -822,7 +822,8 @@
 
 static int
 mac_test_cred_check_delete_vnode(struct ucred *cred, struct vnode *dvp,
-    struct label *dlabel, struct vnode *vp, struct label *label)
+    struct label *dlabel, struct vnode *vp, struct label *label,
+    struct componentname *cnp)
 {
 
 	return (0);

==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#118 (text+ko) ====

@@ -277,7 +277,7 @@
 	    struct timespec atime, struct timespec mtime);
 int	mac_cred_check_stat_vnode(struct ucred *cred, struct vnode *vp);
 int	mac_cred_check_delete_vnode(struct ucred *cred, struct vnode *dvp,
-	    struct vnode *vp);
+	    struct vnode *vp, struct componentname *cnp);
 int	mac_cred_check_rename_from_vnode(struct ucred *cred, struct vnode *dvp,
 	    struct vnode *vp);
 int	mac_cred_check_rename_to_vnode(struct ucred *cred, struct vnode *dvp,

==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#81 (text+ko) ====

@@ -259,7 +259,7 @@
 		    struct componentname *cnp, struct vattr *vap);
 	int	(*mpo_cred_check_delete_vnode)(struct ucred *cred,
 		    struct vnode *dvp, struct label *dlabel,
-		    struct vnode *vp, void *label);
+		    struct vnode *vp, void *label, struct componentname *cnp);
 	int	(*mpo_cred_check_deleteacl_vnode)(struct ucred *cred,
 		    struct vnode *vp, struct label *label, acl_type_t type);
 	int	(*mpo_cred_check_exec_vnode)(struct ucred *cred,
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list