| mac_vfs.c (107105) | mac_vfs.c (107271) |
|---|---|
| 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 19 unchanged lines hidden (view full) --- 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * | 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 19 unchanged lines hidden (view full) --- 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * |
| 36 * $FreeBSD: head/sys/security/mac/mac_vfs.c 107105 2002-11-20 15:41:25Z rwatson $ | 36 * $FreeBSD: head/sys/security/mac/mac_vfs.c 107271 2002-11-26 17:11:57Z rwatson $ |
| 37 */ 38/* 39 * Developed by the TrustedBSD Project. 40 * 41 * Framework for extensible kernel access control. Kernel and userland 42 * interface to the framework, policy registration and composition. 43 */ 44 --- 1806 unchanged lines hidden (view full) --- 1851} 1852 1853/* 1854 * When relabeling a process, call out to the policies for the maximum 1855 * permission allowed for each object type we know about in its 1856 * memory space, and revoke access (in the least surprising ways we 1857 * know) when necessary. The process lock is not held here. 1858 */ | 37 */ 38/* 39 * Developed by the TrustedBSD Project. 40 * 41 * Framework for extensible kernel access control. Kernel and userland 42 * interface to the framework, policy registration and composition. 43 */ 44 --- 1806 unchanged lines hidden (view full) --- 1851} 1852 1853/* 1854 * When relabeling a process, call out to the policies for the maximum 1855 * permission allowed for each object type we know about in its 1856 * memory space, and revoke access (in the least surprising ways we 1857 * know) when necessary. The process lock is not held here. 1858 */ |
| 1859static void | 1859void |
| 1860mac_cred_mmapped_drop_perms(struct thread *td, struct ucred *cred) 1861{ 1862 1863 /* XXX freeze all other threads */ 1864 mac_cred_mmapped_drop_perms_recurse(td, cred, 1865 &td->td_proc->p_vmspace->vm_map); 1866 /* XXX allow other threads to continue */ 1867} --- 1812 unchanged lines hidden --- | 1860mac_cred_mmapped_drop_perms(struct thread *td, struct ucred *cred) 1861{ 1862 1863 /* XXX freeze all other threads */ 1864 mac_cred_mmapped_drop_perms_recurse(td, cred, 1865 &td->td_proc->p_vmspace->vm_map); 1866 /* XXX allow other threads to continue */ 1867} --- 1812 unchanged lines hidden --- |