PERFORCE change 15122 for review
Robert Watson
rwatson at freebsd.org
Mon Jul 29 14:24:35 GMT 2002
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15122
Change 15122 by rwatson at rwatson_paprika on 2002/07/29 07:24:09
Re-sort the entry points to more closely match the canonical
order in mac_policy.h.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#133 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#133 (text+ko) ====
@@ -248,8 +248,6 @@
void mac_destroy_mbuf(struct mbuf *);
void mac_destroy_mount(struct mount *);
void mac_destroy_vnode(struct vnode *);
-void mac_relabel_vnode(struct ucred *cred, struct vnode *vp,
- struct label *newlabel);
/* Non-authorizational event hooks. */
void mac_execve_transition(struct ucred *old, struct ucred *new,
@@ -258,10 +256,23 @@
/* Authorizational event hooks. */
int mac_check_bpfdesc_receive(struct bpf_d *bpf_d, struct ifnet *ifnet);
+int mac_check_cred_visible(struct ucred *u1, struct ucred *u2);
+int mac_check_ifnet_transmit(struct ifnet *ifnet, struct mbuf *m);
int mac_check_mount_stat(struct ucred *cred, struct mount *mp);
int mac_check_pipe_op(struct ucred *cred, struct pipe *pipe, int op);
int mac_check_pipe_ioctl(struct ucred *cred, struct pipe *pipe,
unsigned long cmd, void *data);
+int mac_check_proc_debug(struct ucred *cred, struct proc *proc);
+int mac_check_proc_sched(struct ucred *cred, struct proc *proc);
+int mac_check_proc_signal(struct ucred *cred, struct proc *proc,
+ int signum);
+int mac_check_socket_bind(struct ucred *cred, struct socket *so,
+ struct sockaddr *sockaddr);
+int mac_check_socket_connect(struct ucred *cred, struct socket *so,
+ struct sockaddr *sockaddr);
+int mac_check_socket_listen(struct ucred *cred, struct socket *so);
+int mac_check_socket_receive(struct socket *so, struct mbuf *m);
+int mac_check_socket_visible(struct ucred *cred, struct socket *so);
int mac_check_vnode_access(struct ucred *cred, struct vnode *vp,
int flags);
int mac_check_vnode_chdir(struct ucred *cred, struct vnode *dvp);
@@ -363,26 +374,11 @@
int mac_fragment_matches_ipq(struct mbuf *fragment, struct ipq *ipq);
void mac_update_ipq_from_fragment(struct mbuf *fragment, struct ipq *ipq);
-int mac_check_ifnet_transmit(struct ifnet *ifnet, struct mbuf *m);
-
-int mac_check_socket_bind(struct ucred *cred, struct socket *so,
- struct sockaddr *sockaddr);
-int mac_check_socket_connect(struct ucred *cred, struct socket *so,
- struct sockaddr *sockaddr);
-int mac_check_socket_listen(struct ucred *cred, struct socket *so);
-int mac_check_socket_receive(struct socket *so, struct mbuf *m);
-
-/* Hooks for the proc-based "can"-checks. */
-int mac_check_cred_visible(struct ucred *u1, struct ucred *u2);
-int mac_check_proc_debug(struct ucred *cred, struct proc *proc);
-int mac_check_proc_sched(struct ucred *cred, struct proc *proc);
-int mac_check_proc_signal(struct ucred *cred, struct proc *proc,
- int signum);
-int mac_check_socket_visible(struct ucred *cred, struct socket *so);
-
/* Calls to help various file systems implement labeling using EAs. */
struct vop_refreshlabel_args;
struct vop_setlabel_args;
+void mac_relabel_vnode(struct ucred *cred, struct vnode *vp,
+ struct label *newlabel);
int vop_stdcreatevnode_ea(struct vnode *dvp, struct vnode *tvp,
struct ucred *cred);
int vop_stdrefreshlabel_ea(struct vop_refreshlabel_args *ap);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list