| mac_policy.h (172990) | mac_policy.h (173018) |
|---|---|
| 1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2005-2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * | 1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2005-2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * |
| 38 * $FreeBSD: head/sys/security/mac/mac_policy.h 172990 2007-10-25 22:45:25Z rwatson $ | 38 * $FreeBSD: head/sys/security/mac/mac_policy.h 173018 2007-10-26 13:18:38Z rwatson $ |
| 39 */ 40/* 41 * Kernel interface for MAC policy modules. 42 */ 43#ifndef _SYS_SECURITY_MAC_MAC_POLICY_H_ 44#define _SYS_SECURITY_MAC_MAC_POLICY_H_ 45 46#ifndef _KERNEL --- 169 unchanged lines hidden (view full) --- 216typedef int (*mpo_kenv_check_unset_t)(struct ucred *cred, char *name); 217 218typedef int (*mpo_kld_check_load_t)(struct ucred *cred, struct vnode *vp, 219 struct label *vplabel); 220typedef int (*mpo_kld_check_stat_t)(struct ucred *cred); 221 222typedef void (*mpo_mbuf_copy_label_t)(struct label *src, 223 struct label *dest); | 39 */ 40/* 41 * Kernel interface for MAC policy modules. 42 */ 43#ifndef _SYS_SECURITY_MAC_MAC_POLICY_H_ 44#define _SYS_SECURITY_MAC_MAC_POLICY_H_ 45 46#ifndef _KERNEL --- 169 unchanged lines hidden (view full) --- 216typedef int (*mpo_kenv_check_unset_t)(struct ucred *cred, char *name); 217 218typedef int (*mpo_kld_check_load_t)(struct ucred *cred, struct vnode *vp, 219 struct label *vplabel); 220typedef int (*mpo_kld_check_stat_t)(struct ucred *cred); 221 222typedef void (*mpo_mbuf_copy_label_t)(struct label *src, 223 struct label *dest); |
| 224typedef void (*mpo_mbuf_create_from_firewall_t)(struct mbuf *m, 225 struct label *label); 226typedef void (*mpo_create_mbuf_linklayer_t)(struct ifnet *ifp, | 224typedef void (*mpo_mbuf_create_linklayer_t)(struct ifnet *ifp, |
| 227 struct label *ifplabel, struct mbuf *m, 228 struct label *mlabel); 229typedef void (*mpo_mbuf_create_multicast_encap_t)(struct mbuf *m, 230 struct label *mlabel, struct ifnet *ifp, 231 struct label *ifplabel, struct mbuf *mnew, 232 struct label *mnewlabel); 233typedef void (*mpo_mbuf_create_netlayer_t)(struct mbuf *m, 234 struct label *mlabel, struct mbuf *mnew, 235 struct label *mnewlabel); 236typedef void (*mpo_mbuf_destroy_label_t)(struct label *label); 237typedef int (*mpo_mbuf_init_label_t)(struct label *label, int flag); 238 239typedef int (*mpo_mount_check_stat_t)(struct ucred *cred, 240 struct mount *mp, struct label *mplabel); 241typedef void (*mpo_mount_create_t)(struct ucred *cred, struct mount *mp, 242 struct label *mplabel); 243typedef void (*mpo_mount_destroy_label_t)(struct label *label); 244typedef void (*mpo_mount_init_label_t)(struct label *label); 245 | 225 struct label *ifplabel, struct mbuf *m, 226 struct label *mlabel); 227typedef void (*mpo_mbuf_create_multicast_encap_t)(struct mbuf *m, 228 struct label *mlabel, struct ifnet *ifp, 229 struct label *ifplabel, struct mbuf *mnew, 230 struct label *mnewlabel); 231typedef void (*mpo_mbuf_create_netlayer_t)(struct mbuf *m, 232 struct label *mlabel, struct mbuf *mnew, 233 struct label *mnewlabel); 234typedef void (*mpo_mbuf_destroy_label_t)(struct label *label); 235typedef int (*mpo_mbuf_init_label_t)(struct label *label, int flag); 236 237typedef int (*mpo_mount_check_stat_t)(struct ucred *cred, 238 struct mount *mp, struct label *mplabel); 239typedef void (*mpo_mount_create_t)(struct ucred *cred, struct mount *mp, 240 struct label *mplabel); 241typedef void (*mpo_mount_destroy_label_t)(struct label *label); 242typedef void (*mpo_mount_init_label_t)(struct label *label); 243 |
| 244typedef void (*mpo_netinet_firewall_send_t)(struct mbuf *m, 245 struct label *mlabel); |
|
| 246typedef void (*mpo_netinet_fragment_t)(struct mbuf *m, 247 struct label *mlabel, struct mbuf *frag, 248 struct label *fraglabel); 249typedef void (*mpo_netinet_icmp_reply_t)(struct mbuf *m, 250 struct label *mlabel); 251typedef void (*mpo_netinet_tcp_reply_t)(struct mbuf *m, 252 struct label *mlabel); 253 --- 419 unchanged lines hidden (view full) --- 673 mpo_kenv_check_get_t mpo_kenv_check_get; 674 mpo_kenv_check_set_t mpo_kenv_check_set; 675 mpo_kenv_check_unset_t mpo_kenv_check_unset; 676 677 mpo_kld_check_load_t mpo_kld_check_load; 678 mpo_kld_check_stat_t mpo_kld_check_stat; 679 680 mpo_mbuf_copy_label_t mpo_mbuf_copy_label; | 246typedef void (*mpo_netinet_fragment_t)(struct mbuf *m, 247 struct label *mlabel, struct mbuf *frag, 248 struct label *fraglabel); 249typedef void (*mpo_netinet_icmp_reply_t)(struct mbuf *m, 250 struct label *mlabel); 251typedef void (*mpo_netinet_tcp_reply_t)(struct mbuf *m, 252 struct label *mlabel); 253 --- 419 unchanged lines hidden (view full) --- 673 mpo_kenv_check_get_t mpo_kenv_check_get; 674 mpo_kenv_check_set_t mpo_kenv_check_set; 675 mpo_kenv_check_unset_t mpo_kenv_check_unset; 676 677 mpo_kld_check_load_t mpo_kld_check_load; 678 mpo_kld_check_stat_t mpo_kld_check_stat; 679 680 mpo_mbuf_copy_label_t mpo_mbuf_copy_label; |
| 681 mpo_mbuf_create_from_firewall_t mpo_mbuf_create_from_firewall; 682 mpo_create_mbuf_linklayer_t mpo_create_mbuf_linklayer; | 681 mpo_mbuf_create_linklayer_t mpo_mbuf_create_linklayer; |
| 683 mpo_mbuf_create_multicast_encap_t mpo_mbuf_create_multicast_encap; 684 mpo_mbuf_create_netlayer_t mpo_mbuf_create_netlayer; 685 mpo_mbuf_destroy_label_t mpo_mbuf_destroy_label; 686 mpo_mbuf_init_label_t mpo_mbuf_init_label; 687 688 mpo_mount_check_stat_t mpo_mount_check_stat; 689 mpo_mount_create_t mpo_mount_create; 690 mpo_mount_destroy_label_t mpo_mount_destroy_label; 691 mpo_mount_init_label_t mpo_mount_init_label; 692 | 682 mpo_mbuf_create_multicast_encap_t mpo_mbuf_create_multicast_encap; 683 mpo_mbuf_create_netlayer_t mpo_mbuf_create_netlayer; 684 mpo_mbuf_destroy_label_t mpo_mbuf_destroy_label; 685 mpo_mbuf_init_label_t mpo_mbuf_init_label; 686 687 mpo_mount_check_stat_t mpo_mount_check_stat; 688 mpo_mount_create_t mpo_mount_create; 689 mpo_mount_destroy_label_t mpo_mount_destroy_label; 690 mpo_mount_init_label_t mpo_mount_init_label; 691 |
| 692 mpo_netinet_firewall_send_t mpo_netinet_firewall_send; |
|
| 693 mpo_netinet_fragment_t mpo_netinet_fragment; 694 mpo_netinet_icmp_reply_t mpo_netinet_icmp_reply; 695 mpo_netinet_tcp_reply_t mpo_netinet_tcp_reply; 696 697 mpo_pipe_check_ioctl_t mpo_pipe_check_ioctl; 698 mpo_pipe_check_poll_t mpo_pipe_check_poll; 699 mpo_pipe_check_read_t mpo_pipe_check_read; 700 mpo_pipe_check_relabel_t mpo_pipe_check_relabel; --- 241 unchanged lines hidden --- | 693 mpo_netinet_fragment_t mpo_netinet_fragment; 694 mpo_netinet_icmp_reply_t mpo_netinet_icmp_reply; 695 mpo_netinet_tcp_reply_t mpo_netinet_tcp_reply; 696 697 mpo_pipe_check_ioctl_t mpo_pipe_check_ioctl; 698 mpo_pipe_check_poll_t mpo_pipe_check_poll; 699 mpo_pipe_check_read_t mpo_pipe_check_read; 700 mpo_pipe_check_relabel_t mpo_pipe_check_relabel; --- 241 unchanged lines hidden --- |