mac_net.c (107271) | mac_net.c (107698) |
---|---|
1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 19 unchanged lines hidden (view full) --- 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * | 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 19 unchanged lines hidden (view full) --- 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * |
36 * $FreeBSD: head/sys/security/mac/mac_net.c 107271 2002-11-26 17:11:57Z rwatson $ | 36 * $FreeBSD: head/sys/security/mac/mac_net.c 107698 2002-12-09 03:44:28Z rwatson $ |
37 */ 38/* 39 * Developed by the TrustedBSD Project. 40 * 41 * Framework for extensible kernel access control. Kernel and userland 42 * interface to the framework, policy registration and composition. 43 */ 44 --- 1146 unchanged lines hidden (view full) --- 1191void 1192mac_create_cred(struct ucred *parent_cred, struct ucred *child_cred) 1193{ 1194 1195 MAC_PERFORM(create_cred, parent_cred, child_cred); 1196} 1197 1198void | 37 */ 38/* 39 * Developed by the TrustedBSD Project. 40 * 41 * Framework for extensible kernel access control. Kernel and userland 42 * interface to the framework, policy registration and composition. 43 */ 44 --- 1146 unchanged lines hidden (view full) --- 1191void 1192mac_create_cred(struct ucred *parent_cred, struct ucred *child_cred) 1193{ 1194 1195 MAC_PERFORM(create_cred, parent_cred, child_cred); 1196} 1197 1198void |
1199mac_update_devfsdirent(struct devfs_dirent *de, struct vnode *vp) | 1199mac_update_devfsdirent(struct mount *mp, struct devfs_dirent *de, 1200 struct vnode *vp) |
1200{ 1201 | 1201{ 1202 |
1202 MAC_PERFORM(update_devfsdirent, de, &de->de_label, vp, &vp->v_label); | 1203 MAC_PERFORM(update_devfsdirent, mp, de, &de->de_label, vp, 1204 &vp->v_label); |
1203} 1204 1205void 1206mac_associate_vnode_devfs(struct mount *mp, struct devfs_dirent *de, 1207 struct vnode *vp) 1208{ 1209 1210 MAC_PERFORM(associate_vnode_devfs, mp, &mp->mnt_fslabel, de, --- 1585 unchanged lines hidden (view full) --- 2796 2797 MAC_PERFORM(relabel_ifnet, cred, ifnet, &ifnet->if_label, &intlabel); 2798 2799 mac_destroy_ifnet_label(&intlabel); 2800 return (0); 2801} 2802 2803void | 1205} 1206 1207void 1208mac_associate_vnode_devfs(struct mount *mp, struct devfs_dirent *de, 1209 struct vnode *vp) 1210{ 1211 1212 MAC_PERFORM(associate_vnode_devfs, mp, &mp->mnt_fslabel, de, --- 1585 unchanged lines hidden (view full) --- 2798 2799 MAC_PERFORM(relabel_ifnet, cred, ifnet, &ifnet->if_label, &intlabel); 2800 2801 mac_destroy_ifnet_label(&intlabel); 2802 return (0); 2803} 2804 2805void |
2804mac_create_devfs_device(dev_t dev, struct devfs_dirent *de) | 2806mac_create_devfs_device(struct mount *mp, dev_t dev, struct devfs_dirent *de) |
2805{ 2806 | 2807{ 2808 |
2807 MAC_PERFORM(create_devfs_device, dev, de, &de->de_label); | 2809 MAC_PERFORM(create_devfs_device, mp, dev, de, &de->de_label); |
2808} 2809 2810void | 2810} 2811 2812void |
2811mac_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd, 2812 struct devfs_dirent *de) | 2813mac_create_devfs_symlink(struct ucred *cred, struct mount *mp, 2814 struct devfs_dirent *dd, struct devfs_dirent *de) |
2813{ 2814 | 2815{ 2816 |
2815 MAC_PERFORM(create_devfs_symlink, cred, dd, &dd->de_label, de, | 2817 MAC_PERFORM(create_devfs_symlink, cred, mp, dd, &dd->de_label, de, |
2816 &de->de_label); 2817} 2818 2819void | 2818 &de->de_label); 2819} 2820 2821void |
2820mac_create_devfs_directory(char *dirname, int dirnamelen, | 2822mac_create_devfs_directory(struct mount *mp, char *dirname, int dirnamelen, |
2821 struct devfs_dirent *de) 2822{ 2823 | 2823 struct devfs_dirent *de) 2824{ 2825 |
2824 MAC_PERFORM(create_devfs_directory, dirname, dirnamelen, de, | 2826 MAC_PERFORM(create_devfs_directory, mp, dirname, dirnamelen, de, |
2825 &de->de_label); 2826} 2827 2828int 2829mac_setsockopt_label_set(struct ucred *cred, struct socket *so, 2830 struct mac *mac) 2831{ 2832 struct label intlabel; --- 847 unchanged lines hidden --- | 2827 &de->de_label); 2828} 2829 2830int 2831mac_setsockopt_label_set(struct ucred *cred, struct socket *so, 2832 struct mac *mac) 2833{ 2834 struct label intlabel; --- 847 unchanged lines hidden --- |