mac_framework.h (100998) | mac_framework.h (101826) |
---|---|
1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by NAI Labs, --- 20 unchanged lines hidden (view full) --- 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 * | 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 4 * All rights reserved. 5 * 6 * This software was developed by Robert Watson for the TrustedBSD Project. 7 * 8 * This software was developed for the FreeBSD Project in part by NAI Labs, --- 20 unchanged lines hidden (view full) --- 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 * |
37 * $FreeBSD: head/sys/security/mac/mac_framework.h 100998 2002-07-31 00:03:26Z rwatson $ | 37 * $FreeBSD: head/sys/security/mac/mac_framework.h 101826 2002-08-13 15:54:28Z rwatson $ |
38 */ 39/* 40 * Userland/kernel interface for Mandatory Access Control. 41 * 42 * The POSIX.1e implementation page may be reached at: 43 * http://www.trustedbsd.org/ 44 */ 45#ifndef _SYS_MAC_H 46#define _SYS_MAC_H 47 | 38 */ 39/* 40 * Userland/kernel interface for Mandatory Access Control. 41 * 42 * The POSIX.1e implementation page may be reached at: 43 * http://www.trustedbsd.org/ 44 */ 45#ifndef _SYS_MAC_H 46#define _SYS_MAC_H 47 |
48#include <sys/_label.h> 49 |
|
48#ifndef _POSIX_MAC 49#define _POSIX_MAC 50#endif 51 52/* 53 * XXXMAC: The single MAC extended attribute will be deprecated once 54 * compound EA writes on a single target file can be performed cleanly 55 * with UFS2. --- 116 unchanged lines hidden (view full) --- 172int __mac_get_fd(int _fd, struct mac *_mac_p); 173int __mac_get_file(const char *_path_p, struct mac *_mac_p); 174int __mac_get_proc(struct mac *_mac_p); 175int __mac_set_fd(int fd, struct mac *_mac_p); 176int __mac_set_file(const char *_path_p, struct mac *_mac_p); 177int __mac_set_proc(struct mac *_mac_p); 178 179#else /* _KERNEL */ | 50#ifndef _POSIX_MAC 51#define _POSIX_MAC 52#endif 53 54/* 55 * XXXMAC: The single MAC extended attribute will be deprecated once 56 * compound EA writes on a single target file can be performed cleanly 57 * with UFS2. --- 116 unchanged lines hidden (view full) --- 174int __mac_get_fd(int _fd, struct mac *_mac_p); 175int __mac_get_file(const char *_path_p, struct mac *_mac_p); 176int __mac_get_proc(struct mac *_mac_p); 177int __mac_set_fd(int fd, struct mac *_mac_p); 178int __mac_set_file(const char *_path_p, struct mac *_mac_p); 179int __mac_set_proc(struct mac *_mac_p); 180 181#else /* _KERNEL */ |
180#endif /* _KERNEL */ | |
181 182/* | 182 183/* |
183 * XXXMAC: This shouldn't be exported to userland, but is because of ucred.h 184 * and various other messes. 185 */ 186 187#define MAC_MAX_POLICIES 4 188 189struct label { 190 int l_flags; 191 union { 192 void *l_ptr; 193 long l_long; 194 } l_perpolicy[MAC_MAX_POLICIES]; 195}; 196 197#ifdef _KERNEL 198 199/* | |
200 * MAC entry point operations 201 */ 202enum mac_ep_ops { 203 MAC_OP_VNODE_READ, 204 MAC_OP_VNODE_WRITE, 205 MAC_OP_VNODE_POLL, 206 MAC_OP_PIPE_READ, 207 MAC_OP_PIPE_WRITE, --- 200 unchanged lines hidden --- | 184 * MAC entry point operations 185 */ 186enum mac_ep_ops { 187 MAC_OP_VNODE_READ, 188 MAC_OP_VNODE_WRITE, 189 MAC_OP_VNODE_POLL, 190 MAC_OP_PIPE_READ, 191 MAC_OP_PIPE_WRITE, --- 200 unchanged lines hidden --- |