PERFORCE change 101003 for review

Sat Jul 8 13:27:42 UTC 2006

http://perforce.freebsd.org/chv.cgi?CH=101003

Change 101003 by rwatson at rwatson_zoo on 2006/07/08 13:26:47

	Resort.

Affected files ...

.. //depot/projects/trustedbsd/mac2/sys/security/mac_lomac/mac_lomac.c#4 edit

Differences ...

==== //depot/projects/trustedbsd/mac2/sys/security/mac_lomac/mac_lomac.c#4 (text+ko) ====

@@ -2084,30 +2084,6 @@
 }
 
 static int
-mac_lomac_vnode_check_unlink(struct ucred *cred, struct vnode *dvp,
-    struct label *dlabel, struct vnode *vp, struct label *label,
-    struct componentname *cnp)
-{
-	struct mac_lomac *subj, *obj;
-
-	if (!mac_lomac_enabled)
-		return (0);
-
-	subj = SLOT(cred->cr_label);
-	obj = SLOT(dlabel);
-
-	if (!mac_lomac_subject_dominate(subj, obj))
-		return (EACCES);
-
-	obj = SLOT(label);
-
-	if (!mac_lomac_subject_dominate(subj, obj))
-		return (EACCES);
-
-	return (0);
-}
-
-static int
 mac_lomac_vnode_check_deleteacl(struct ucred *cred, struct vnode *vp,
     struct label *label, acl_type_t type)
 {
@@ -2492,6 +2468,30 @@
 }
 
 static int
+mac_lomac_vnode_check_unlink(struct ucred *cred, struct vnode *dvp,
+    struct label *dlabel, struct vnode *vp, struct label *label,
+    struct componentname *cnp)
+{
+	struct mac_lomac *subj, *obj;
+
+	if (!mac_lomac_enabled)
+		return (0);
+
+	subj = SLOT(cred->cr_label);
+	obj = SLOT(dlabel);
+
+	if (!mac_lomac_subject_dominate(subj, obj))
+		return (EACCES);
+
+	obj = SLOT(label);
+
+	if (!mac_lomac_subject_dominate(subj, obj))
+		return (EACCES);
+
+	return (0);
+}
+
+static int
 mac_lomac_vnode_check_write(struct ucred *active_cred,
     struct ucred *file_cred, struct vnode *vp, struct label *label)
 {
@@ -2666,7 +2666,6 @@
 	.mpo_system_check_sysctl = mac_lomac_system_check_sysctl,
 	.mpo_vnode_check_access = mac_lomac_vnode_check_open,
 	.mpo_vnode_check_create = mac_lomac_vnode_check_create,
-	.mpo_vnode_check_unlink = mac_lomac_vnode_check_unlink,
 	.mpo_vnode_check_deleteacl = mac_lomac_vnode_check_deleteacl,
 	.mpo_vnode_check_link = mac_lomac_vnode_check_link,
 	.mpo_vnode_check_mmap = mac_lomac_vnode_check_mmap,
@@ -2683,6 +2682,7 @@
 	.mpo_vnode_check_setmode = mac_lomac_vnode_check_setmode,
 	.mpo_vnode_check_setowner = mac_lomac_vnode_check_setowner,
 	.mpo_vnode_check_setutimes = mac_lomac_vnode_check_setutimes,
+	.mpo_vnode_check_unlink = mac_lomac_vnode_check_unlink,
 	.mpo_vnode_check_write = mac_lomac_vnode_check_write,
 	.mpo_thread_userret = mac_lomac_thread_userret,
 };
