mac_process.c (104300) | mac_process.c (104338) |
---|---|
1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 22 unchanged lines hidden (view full) --- 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * | 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 22 unchanged lines hidden (view full) --- 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * |
39 * $FreeBSD: head/sys/security/mac/mac_process.c 104300 2002-10-01 15:24:35Z phk $ | 39 * $FreeBSD: head/sys/security/mac/mac_process.c 104338 2002-10-02 02:42:38Z rwatson $ |
40 */ 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * Framework for extensible kernel access control. Kernel and userland 45 * interface to the framework, policy registration and composition. 46 */ 47 --- 599 unchanged lines hidden (view full) --- 647 break; 648 case MAC_CREATE_PROC1: 649 mpc->mpc_ops->mpo_create_proc1 = mpe->mpe_function; 650 break; 651 case MAC_RELABEL_CRED: 652 mpc->mpc_ops->mpo_relabel_cred = 653 mpe->mpe_function; 654 break; | 40 */ 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * Framework for extensible kernel access control. Kernel and userland 45 * interface to the framework, policy registration and composition. 46 */ 47 --- 599 unchanged lines hidden (view full) --- 647 break; 648 case MAC_CREATE_PROC1: 649 mpc->mpc_ops->mpo_create_proc1 = mpe->mpe_function; 650 break; 651 case MAC_RELABEL_CRED: 652 mpc->mpc_ops->mpo_relabel_cred = 653 mpe->mpe_function; 654 break; |
655 case MAC_THREAD_USERRET: 656 mpc->mpc_ops->mpo_thread_userret = 657 mpe->mpe_function; 658 break; |
|
655 case MAC_CHECK_BPFDESC_RECEIVE: 656 mpc->mpc_ops->mpo_check_bpfdesc_receive = 657 mpe->mpe_function; 658 break; 659 case MAC_CHECK_CRED_RELABEL: 660 mpc->mpc_ops->mpo_check_cred_relabel = 661 mpe->mpe_function; 662 break; --- 913 unchanged lines hidden (view full) --- 1576 */ 1577void 1578mac_create_proc1(struct ucred *cred) 1579{ 1580 1581 MAC_PERFORM(create_proc1, cred); 1582} 1583 | 659 case MAC_CHECK_BPFDESC_RECEIVE: 660 mpc->mpc_ops->mpo_check_bpfdesc_receive = 661 mpe->mpe_function; 662 break; 663 case MAC_CHECK_CRED_RELABEL: 664 mpc->mpc_ops->mpo_check_cred_relabel = 665 mpe->mpe_function; 666 break; --- 913 unchanged lines hidden (view full) --- 1580 */ 1581void 1582mac_create_proc1(struct ucred *cred) 1583{ 1584 1585 MAC_PERFORM(create_proc1, cred); 1586} 1587 |
1588void 1589mac_thread_userret(struct thread *td) 1590{ 1591 1592 MAC_PERFORM(thread_userret, td); 1593} 1594 |
|
1584/* 1585 * When a new process is created, its label must be initialized. Generally, 1586 * this involves inheritence from the parent process, modulo possible 1587 * deltas. This function allows that processing to take place. 1588 */ 1589void 1590mac_create_cred(struct ucred *parent_cred, struct ucred *child_cred) 1591{ --- 1775 unchanged lines hidden --- | 1595/* 1596 * When a new process is created, its label must be initialized. Generally, 1597 * this involves inheritence from the parent process, modulo possible 1598 * deltas. This function allows that processing to take place. 1599 */ 1600void 1601mac_create_cred(struct ucred *parent_cred, struct ucred *child_cred) 1602{ --- 1775 unchanged lines hidden --- |