| mac_framework.h (184407) | mac_framework.h (184412) |
|---|---|
| 1/*- 2 * Copyright (c) 1999-2002, 2007-2008 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2005-2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * | 1/*- 2 * Copyright (c) 1999-2002, 2007-2008 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2005-2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * |
| 38 * $FreeBSD: head/sys/security/mac/mac_framework.h 184407 2008-10-28 11:33:06Z rwatson $ | 38 * $FreeBSD: head/sys/security/mac/mac_framework.h 184412 2008-10-28 12:49:07Z rwatson $ |
| 39 */ 40 41/* 42 * Kernel interface for Mandatory Access Control -- how kernel services 43 * interact with the TrustedBSD MAC Framework. 44 */ 45 46#ifndef _SECURITY_MAC_MAC_FRAMEWORK_H_ --- 207 unchanged lines hidden (view full) --- 254 uid_t ruid, uid_t euid); 255int mac_proc_check_setuid(struct proc *p, struct ucred *cred, 256 uid_t uid); 257int mac_proc_check_signal(struct ucred *cred, struct proc *p, 258 int signum); 259int mac_proc_check_wait(struct ucred *cred, struct proc *p); 260void mac_proc_destroy(struct proc *); 261void mac_proc_init(struct proc *); | 39 */ 40 41/* 42 * Kernel interface for Mandatory Access Control -- how kernel services 43 * interact with the TrustedBSD MAC Framework. 44 */ 45 46#ifndef _SECURITY_MAC_MAC_FRAMEWORK_H_ --- 207 unchanged lines hidden (view full) --- 254 uid_t ruid, uid_t euid); 255int mac_proc_check_setuid(struct proc *p, struct ucred *cred, 256 uid_t uid); 257int mac_proc_check_signal(struct ucred *cred, struct proc *p, 258 int signum); 259int mac_proc_check_wait(struct ucred *cred, struct proc *p); 260void mac_proc_destroy(struct proc *); 261void mac_proc_init(struct proc *); |
| 262void mac_proc_vm_revoke(struct thread *td); |
|
| 262int mac_execve_enter(struct image_params *imgp, struct mac *mac_p); 263void mac_execve_exit(struct image_params *imgp); 264void mac_execve_interpreter_enter(struct vnode *interpvp, 265 struct label **interplabel); 266void mac_execve_interpreter_exit(struct label *interpvplabel); 267 268int mac_socket_check_accept(struct ucred *cred, struct socket *so); 269int mac_socket_check_bind(struct ucred *cred, struct socket *so, --- 159 unchanged lines hidden (view full) --- 429 struct ucred *newcred, struct vnode *vp, 430 struct label *interpvplabel, struct image_params *imgp); 431int mac_vnode_execve_will_transition(struct ucred *cred, 432 struct vnode *vp, struct label *interpvplabel, 433 struct image_params *imgp); 434void mac_vnode_relabel(struct ucred *cred, struct vnode *vp, 435 struct label *newlabel); 436 | 263int mac_execve_enter(struct image_params *imgp, struct mac *mac_p); 264void mac_execve_exit(struct image_params *imgp); 265void mac_execve_interpreter_enter(struct vnode *interpvp, 266 struct label **interplabel); 267void mac_execve_interpreter_exit(struct label *interpvplabel); 268 269int mac_socket_check_accept(struct ucred *cred, struct socket *so); 270int mac_socket_check_bind(struct ucred *cred, struct socket *so, --- 159 unchanged lines hidden (view full) --- 430 struct ucred *newcred, struct vnode *vp, 431 struct label *interpvplabel, struct image_params *imgp); 432int mac_vnode_execve_will_transition(struct ucred *cred, 433 struct vnode *vp, struct label *interpvplabel, 434 struct image_params *imgp); 435void mac_vnode_relabel(struct ucred *cred, struct vnode *vp, 436 struct label *newlabel); 437 |
| 437void mac_cred_mmapped_drop_perms(struct thread *td, struct ucred *cred); 438 | |
| 439/* 440 * Calls to help various file systems implement labeling functionality using 441 * their existing EA implementation. 442 */ 443int vop_stdsetlabel_ea(struct vop_setlabel_args *ap); 444 445#endif /* !_SECURITY_MAC_MAC_FRAMEWORK_H_ */ | 438/* 439 * Calls to help various file systems implement labeling functionality using 440 * their existing EA implementation. 441 */ 442int vop_stdsetlabel_ea(struct vop_setlabel_args *ap); 443 444#endif /* !_SECURITY_MAC_MAC_FRAMEWORK_H_ */ |