| mac_cred.c (104528) | mac_cred.c (104529) |
|---|---|
| 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 22 unchanged lines hidden (view full) --- 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * | 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 22 unchanged lines hidden (view full) --- 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * |
| 39 * $FreeBSD: head/sys/security/mac/mac_process.c 104528 2002-10-05 17:44:49Z rwatson $ | 39 * $FreeBSD: head/sys/security/mac/mac_process.c 104529 2002-10-05 18:11:36Z rwatson $ |
| 40 */ 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * Framework for extensible kernel access control. Kernel and userland 45 * interface to the framework, policy registration and composition. 46 */ 47 --- 746 unchanged lines hidden (view full) --- 794 case MAC_CHECK_VNODE_GETACL: 795 mpc->mpc_ops->mpo_check_vnode_getacl = 796 mpe->mpe_function; 797 break; 798 case MAC_CHECK_VNODE_GETEXTATTR: 799 mpc->mpc_ops->mpo_check_vnode_getextattr = 800 mpe->mpe_function; 801 break; | 40 */ 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * Framework for extensible kernel access control. Kernel and userland 45 * interface to the framework, policy registration and composition. 46 */ 47 --- 746 unchanged lines hidden (view full) --- 794 case MAC_CHECK_VNODE_GETACL: 795 mpc->mpc_ops->mpo_check_vnode_getacl = 796 mpe->mpe_function; 797 break; 798 case MAC_CHECK_VNODE_GETEXTATTR: 799 mpc->mpc_ops->mpo_check_vnode_getextattr = 800 mpe->mpe_function; 801 break; |
| 802 case MAC_CHECK_VNODE_LINK: 803 mpc->mpc_ops->mpo_check_vnode_link = 804 mpe->mpe_function; 805 break; |
|
| 802 case MAC_CHECK_VNODE_LOOKUP: 803 mpc->mpc_ops->mpo_check_vnode_lookup = 804 mpe->mpe_function; 805 break; 806 case MAC_CHECK_VNODE_MMAP_PERMS: 807 mpc->mpc_ops->mpo_check_vnode_mmap_perms = 808 mpe->mpe_function; 809 break; --- 1017 unchanged lines hidden (view full) --- 1827 return (error); 1828 1829 MAC_CHECK(check_vnode_getextattr, cred, vp, &vp->v_label, 1830 attrnamespace, name, uio); 1831 return (error); 1832} 1833 1834int | 806 case MAC_CHECK_VNODE_LOOKUP: 807 mpc->mpc_ops->mpo_check_vnode_lookup = 808 mpe->mpe_function; 809 break; 810 case MAC_CHECK_VNODE_MMAP_PERMS: 811 mpc->mpc_ops->mpo_check_vnode_mmap_perms = 812 mpe->mpe_function; 813 break; --- 1017 unchanged lines hidden (view full) --- 1831 return (error); 1832 1833 MAC_CHECK(check_vnode_getextattr, cred, vp, &vp->v_label, 1834 attrnamespace, name, uio); 1835 return (error); 1836} 1837 1838int |
| 1839mac_check_vnode_link(struct ucred *cred, struct vnode *dvp, 1840 struct vnode *vp, struct componentname *cnp) 1841{ 1842 1843 int error; 1844 1845 ASSERT_VOP_LOCKED(dvp, "mac_check_vnode_link"); 1846 ASSERT_VOP_LOCKED(vp, "mac_check_vnode_link"); 1847 1848 if (!mac_enforce_fs) 1849 return (0); 1850 1851 error = vn_refreshlabel(dvp, cred); 1852 if (error) 1853 return (error); 1854 1855 error = vn_refreshlabel(vp, cred); 1856 if (error) 1857 return (error); 1858 1859 MAC_CHECK(check_vnode_link, cred, dvp, &dvp->v_label, vp, 1860 &vp->v_label, cnp); 1861 return (error); 1862} 1863 1864int |
|
| 1835mac_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, 1836 struct componentname *cnp) 1837{ 1838 int error; 1839 1840 ASSERT_VOP_LOCKED(dvp, "mac_check_vnode_lookup"); 1841 1842 if (!mac_enforce_fs) --- 1590 unchanged lines hidden --- | 1865mac_check_vnode_lookup(struct ucred *cred, struct vnode *dvp, 1866 struct componentname *cnp) 1867{ 1868 int error; 1869 1870 ASSERT_VOP_LOCKED(dvp, "mac_check_vnode_lookup"); 1871 1872 if (!mac_enforce_fs) --- 1590 unchanged lines hidden --- |