| mac_vfs.c (102115) | mac_vfs.c (102123) |
|---|---|
| 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 22 unchanged lines hidden (view full) --- 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * | 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 22 unchanged lines hidden (view full) --- 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * |
| 39 * $FreeBSD: head/sys/security/mac/mac_vfs.c 102115 2002-08-19 16:59:37Z rwatson $ | 39 * $FreeBSD: head/sys/security/mac/mac_vfs.c 102123 2002-08-19 17:59:48Z rwatson $ |
| 40 */ 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * Framework for extensible kernel access control. Kernel and userland 45 * interface to the framework, policy registration and composition. 46 */ 47 --- 328 unchanged lines hidden (view full) --- 376 case MAC_DESTROY: 377 mpc->mpc_ops->mpo_destroy = 378 mpe->mpe_function; 379 break; 380 case MAC_INIT: 381 mpc->mpc_ops->mpo_init = 382 mpe->mpe_function; 383 break; | 40 */ 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * Framework for extensible kernel access control. Kernel and userland 45 * interface to the framework, policy registration and composition. 46 */ 47 --- 328 unchanged lines hidden (view full) --- 376 case MAC_DESTROY: 377 mpc->mpc_ops->mpo_destroy = 378 mpe->mpe_function; 379 break; 380 case MAC_INIT: 381 mpc->mpc_ops->mpo_init = 382 mpe->mpe_function; 383 break; |
| 384 case MAC_SYSCALL: 385 mpc->mpc_ops->mpo_syscall = 386 mpe->mpe_function; 387 break; |
|
| 384 case MAC_INIT_BPFDESC: 385 mpc->mpc_ops->mpo_init_bpfdesc = 386 mpe->mpe_function; 387 break; 388 case MAC_INIT_CRED: 389 mpc->mpc_ops->mpo_init_cred = 390 mpe->mpe_function; 391 break; --- 2816 unchanged lines hidden (view full) --- 3208out2: 3209 mac_destroy_temp(&intlabel); 3210 NDFREE(&nd, 0); 3211out: 3212 mtx_unlock(&Giant); 3213 return (error); 3214} 3215 | 388 case MAC_INIT_BPFDESC: 389 mpc->mpc_ops->mpo_init_bpfdesc = 390 mpe->mpe_function; 391 break; 392 case MAC_INIT_CRED: 393 mpc->mpc_ops->mpo_init_cred = 394 mpe->mpe_function; 395 break; --- 2816 unchanged lines hidden (view full) --- 3212out2: 3213 mac_destroy_temp(&intlabel); 3214 NDFREE(&nd, 0); 3215out: 3216 mtx_unlock(&Giant); 3217 return (error); 3218} 3219 |
| 3220int 3221mac_syscall(struct thread *td, struct mac_syscall_args *uap) 3222{ 3223 struct mac_policy_conf *mpc; 3224 char target[MAC_MAX_POLICY_NAME]; 3225 int error; 3226 3227 error = copyinstr(SCARG(uap, policy), target, sizeof(target), NULL); 3228 if (error) 3229 return (error); 3230 3231 error = ENOSYS; 3232 MAC_POLICY_LIST_BUSY(); 3233 LIST_FOREACH(mpc, &mac_policy_list, mpc_list) { 3234 if (strcmp(mpc->mpc_name, target) == 0 && 3235 mpc->mpc_ops->mpo_syscall != NULL) { 3236 error = mpc->mpc_ops->mpo_syscall(td, 3237 SCARG(uap, call), SCARG(uap, arg)); 3238 goto out; 3239 } 3240 } 3241 3242out: 3243 MAC_POLICY_LIST_UNBUSY(); 3244 return (error); 3245} 3246 |
|
| 3216SYSINIT(mac, SI_SUB_MAC, SI_ORDER_FIRST, mac_init, NULL); 3217SYSINIT(mac_late, SI_SUB_MAC_LATE, SI_ORDER_FIRST, mac_late_init, NULL); 3218 3219#else /* !MAC */ 3220 3221int 3222__mac_get_proc(struct thread *td, struct __mac_get_proc_args *uap) 3223{ --- 31 unchanged lines hidden (view full) --- 3255 3256int 3257__mac_set_file(struct thread *td, struct __mac_set_file_args *uap) 3258{ 3259 3260 return (ENOSYS); 3261} 3262 | 3247SYSINIT(mac, SI_SUB_MAC, SI_ORDER_FIRST, mac_init, NULL); 3248SYSINIT(mac_late, SI_SUB_MAC_LATE, SI_ORDER_FIRST, mac_late_init, NULL); 3249 3250#else /* !MAC */ 3251 3252int 3253__mac_get_proc(struct thread *td, struct __mac_get_proc_args *uap) 3254{ --- 31 unchanged lines hidden (view full) --- 3286 3287int 3288__mac_set_file(struct thread *td, struct __mac_set_file_args *uap) 3289{ 3290 3291 return (ENOSYS); 3292} 3293 |
| 3294int 3295mac_syscall(struct thread *td, struct mac_syscall_args *uap) 3296{ 3297 3298 return (ENOSYS); 3299} 3300 |
|
| 3263#endif /* !MAC */ | 3301#endif /* !MAC */ |