PERFORCE change 56908 for review
Robert Watson
rwatson at FreeBSD.org
Fri Jul 9 17:38:55 GMT 2004
http://perforce.freebsd.org/chv.cgi?CH=56908
Change 56908 by rwatson at rwatson_tislabs on 2004/07/09 17:38:28
Extend comment on label management interfaces.
Move cleanup operations up to near init/destroy since they serve
a similar function.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#213 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#213 (text+ko) ====
@@ -90,7 +90,10 @@
int (*mpo_syscall)(struct thread *td, int call, void *arg);
/*
- * Label operations.
+ * Label operations. Initialize label storage, destroy label
+ * storage, recycle for re-use without init/destroy, copy a label
+ * to initialized storage, and externalize/internalize from/to
+ * initialized storage.
*/
void (*mpo_init_bpfdesc_label)(struct label *label);
void (*mpo_init_cred_label)(struct label *label);
@@ -130,6 +133,10 @@
void (*mpo_destroy_posix_ksem_label)(struct label *label);
void (*mpo_destroy_proc_label)(struct label *label);
void (*mpo_destroy_vnode_label)(struct label *label);
+ void (*mpo_cleanup_ipc_msgmsg)(struct label *msglabel);
+ void (*mpo_cleanup_ipc_msgqueue)(struct label *msqlabel);
+ void (*mpo_cleanup_ipc_sema)(struct label *semalabel);
+ void (*mpo_cleanup_ipc_shm)(struct label *shmlabel);
void (*mpo_copy_cred_label)(struct label *src,
struct label *dest);
void (*mpo_copy_mbuf_label)(struct label *src,
@@ -327,20 +334,6 @@
struct label *newlabel);
void (*mpo_thread_userret)(struct thread *thread);
- /*
- * Label cleanup operation: This is the inverse complement for the
- * mac_create and associate type of hooks. This hook lets the policy
- * module(s) perform a cleanup/flushing operation on the label
- * associated with the objects, without freeing up the space allocated.
- * This hook is useful in cases where it is desirable to remove any
- * labeling reference when recycling any object to a pool.
- * This hook does not replace the mac_destroy hooks.
- */
- void (*mpo_cleanup_ipc_msgmsg)(struct label *msglabel);
- void (*mpo_cleanup_ipc_msgqueue)(struct label *msqlabel);
- void (*mpo_cleanup_ipc_sema)(struct label *semalabel);
- void (*mpo_cleanup_ipc_shm)(struct label *shmlabel);
-
/*
* Access control checks.
*/
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list