| mac_policy.h (172953) | mac_policy.h (172957) |
|---|---|
| 1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2005-2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * | 1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2005-2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * |
| 38 * $FreeBSD: head/sys/security/mac/mac_policy.h 172953 2007-10-25 07:49:47Z rwatson $ | 38 * $FreeBSD: head/sys/security/mac/mac_policy.h 172957 2007-10-25 12:34:14Z rwatson $ |
| 39 */ 40/* 41 * Kernel interface for MAC policy modules. 42 */ 43#ifndef _SYS_SECURITY_MAC_MAC_POLICY_H_ 44#define _SYS_SECURITY_MAC_MAC_POLICY_H_ 45 46#ifndef _KERNEL --- 555 unchanged lines hidden (view full) --- 602 struct label *vplabel); 603typedef int (*mpo_vnode_check_unlink_t)(struct ucred *cred, 604 struct vnode *dvp, struct label *dvplabel, 605 struct vnode *vp, struct label *vplabel, 606 struct componentname *cnp); 607typedef int (*mpo_vnode_check_write_t)(struct ucred *active_cred, 608 struct ucred *file_cred, struct vnode *vp, 609 struct label *vplabel); | 39 */ 40/* 41 * Kernel interface for MAC policy modules. 42 */ 43#ifndef _SYS_SECURITY_MAC_MAC_POLICY_H_ 44#define _SYS_SECURITY_MAC_MAC_POLICY_H_ 45 46#ifndef _KERNEL --- 555 unchanged lines hidden (view full) --- 602 struct label *vplabel); 603typedef int (*mpo_vnode_check_unlink_t)(struct ucred *cred, 604 struct vnode *dvp, struct label *dvplabel, 605 struct vnode *vp, struct label *vplabel, 606 struct componentname *cnp); 607typedef int (*mpo_vnode_check_write_t)(struct ucred *active_cred, 608 struct ucred *file_cred, struct vnode *vp, 609 struct label *vplabel); |
| 610typedef void (*mpo_associate_nfsd_label_t)(struct ucred *cred); | 610typedef void (*mpo_proc_associate_nfsd_t)(struct ucred *cred); |
| 611typedef int (*mpo_priv_check_t)(struct ucred *cred, int priv); 612typedef int (*mpo_priv_grant_t)(struct ucred *cred, int priv); 613 614struct mac_policy_ops { 615 /* 616 * Policy module operations. 617 */ 618 mpo_destroy_t mpo_destroy; --- 141 unchanged lines hidden (view full) --- 760 761 /* 762 * Labeling event operations: processes. 763 */ 764 mpo_vnode_execve_transition_t mpo_vnode_execve_transition; 765 mpo_vnode_execve_will_transition_t mpo_vnode_execve_will_transition; 766 mpo_proc_create_swapper_t mpo_proc_create_swapper; 767 mpo_proc_create_init_t mpo_proc_create_init; | 611typedef int (*mpo_priv_check_t)(struct ucred *cred, int priv); 612typedef int (*mpo_priv_grant_t)(struct ucred *cred, int priv); 613 614struct mac_policy_ops { 615 /* 616 * Policy module operations. 617 */ 618 mpo_destroy_t mpo_destroy; --- 141 unchanged lines hidden (view full) --- 760 761 /* 762 * Labeling event operations: processes. 763 */ 764 mpo_vnode_execve_transition_t mpo_vnode_execve_transition; 765 mpo_vnode_execve_will_transition_t mpo_vnode_execve_will_transition; 766 mpo_proc_create_swapper_t mpo_proc_create_swapper; 767 mpo_proc_create_init_t mpo_proc_create_init; |
| 768 mpo_proc_associate_nfsd_t mpo_proc_associate_nfsd; |
|
| 768 mpo_cred_relabel_t mpo_cred_relabel; 769 mpo_placeholder_t _mpo_placeholder6; 770 mpo_thread_userret_t mpo_thread_userret; 771 772 /* 773 * Access control checks. 774 */ 775 mpo_bpfdesc_check_receive_t mpo_bpfdesc_check_receive; --- 117 unchanged lines hidden (view full) --- 893 mpo_vnode_check_setextattr_t mpo_vnode_check_setextattr; 894 mpo_vnode_check_setflags_t mpo_vnode_check_setflags; 895 mpo_vnode_check_setmode_t mpo_vnode_check_setmode; 896 mpo_vnode_check_setowner_t mpo_vnode_check_setowner; 897 mpo_vnode_check_setutimes_t mpo_vnode_check_setutimes; 898 mpo_vnode_check_stat_t mpo_vnode_check_stat; 899 mpo_vnode_check_unlink_t mpo_vnode_check_unlink; 900 mpo_vnode_check_write_t mpo_vnode_check_write; | 769 mpo_cred_relabel_t mpo_cred_relabel; 770 mpo_placeholder_t _mpo_placeholder6; 771 mpo_thread_userret_t mpo_thread_userret; 772 773 /* 774 * Access control checks. 775 */ 776 mpo_bpfdesc_check_receive_t mpo_bpfdesc_check_receive; --- 117 unchanged lines hidden (view full) --- 894 mpo_vnode_check_setextattr_t mpo_vnode_check_setextattr; 895 mpo_vnode_check_setflags_t mpo_vnode_check_setflags; 896 mpo_vnode_check_setmode_t mpo_vnode_check_setmode; 897 mpo_vnode_check_setowner_t mpo_vnode_check_setowner; 898 mpo_vnode_check_setutimes_t mpo_vnode_check_setutimes; 899 mpo_vnode_check_stat_t mpo_vnode_check_stat; 900 mpo_vnode_check_unlink_t mpo_vnode_check_unlink; 901 mpo_vnode_check_write_t mpo_vnode_check_write; |
| 901 mpo_associate_nfsd_label_t mpo_associate_nfsd_label; | |
| 902 mpo_mbuf_create_from_firewall_t mpo_mbuf_create_from_firewall; 903 mpo_init_syncache_label_t mpo_init_syncache_label; 904 mpo_destroy_syncache_label_t mpo_destroy_syncache_label; 905 mpo_init_syncache_from_inpcb_t mpo_init_syncache_from_inpcb; 906 mpo_create_mbuf_from_syncache_t mpo_create_mbuf_from_syncache; 907 mpo_priv_check_t mpo_priv_check; 908 mpo_priv_grant_t mpo_priv_grant; 909}; --- 72 unchanged lines hidden --- | 902 mpo_mbuf_create_from_firewall_t mpo_mbuf_create_from_firewall; 903 mpo_init_syncache_label_t mpo_init_syncache_label; 904 mpo_destroy_syncache_label_t mpo_destroy_syncache_label; 905 mpo_init_syncache_from_inpcb_t mpo_init_syncache_from_inpcb; 906 mpo_create_mbuf_from_syncache_t mpo_create_mbuf_from_syncache; 907 mpo_priv_check_t mpo_priv_check; 908 mpo_priv_grant_t mpo_priv_grant; 909}; --- 72 unchanged lines hidden --- |