| mac_policy.h (163788) | mac_policy.h (164033) |
|---|---|
| 1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2005-2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * | 1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001-2005 Networks Associates Technology, Inc. 4 * Copyright (c) 2005-2006 SPARTA, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson for the TrustedBSD Project. 8 * --- 21 unchanged lines hidden (view full) --- 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * |
| 38 * $FreeBSD: head/sys/security/mac/mac_policy.h 163788 2006-10-30 15:20:49Z rwatson $ | 38 * $FreeBSD: head/sys/security/mac/mac_policy.h 164033 2006-11-06 13:42:10Z rwatson $ |
| 39 */ 40/* 41 * Kernel interface for MAC policy modules. 42 */ 43#ifndef _SYS_MAC_POLICY_H_ 44#define _SYS_MAC_POLICY_H_ 45 46/*- --- 544 unchanged lines hidden (view full) --- 591 struct timespec atime, struct timespec mtime); 592typedef int (*mpo_check_vnode_stat_t)(struct ucred *active_cred, 593 struct ucred *file_cred, struct vnode *vp, 594 struct label *label); 595typedef int (*mpo_check_vnode_write_t)(struct ucred *active_cred, 596 struct ucred *file_cred, struct vnode *vp, 597 struct label *label); 598typedef void (*mpo_associate_nfsd_label_t)(struct ucred *cred); | 39 */ 40/* 41 * Kernel interface for MAC policy modules. 42 */ 43#ifndef _SYS_MAC_POLICY_H_ 44#define _SYS_MAC_POLICY_H_ 45 46/*- --- 544 unchanged lines hidden (view full) --- 591 struct timespec atime, struct timespec mtime); 592typedef int (*mpo_check_vnode_stat_t)(struct ucred *active_cred, 593 struct ucred *file_cred, struct vnode *vp, 594 struct label *label); 595typedef int (*mpo_check_vnode_write_t)(struct ucred *active_cred, 596 struct ucred *file_cred, struct vnode *vp, 597 struct label *label); 598typedef void (*mpo_associate_nfsd_label_t)(struct ucred *cred); |
| 599typedef int (*mpo_priv_check_t)(struct ucred *cred, int priv); 600typedef int (*mpo_priv_grant_t)(struct ucred *cred, int priv); |
|
| 599 600struct mac_policy_ops { 601 /* 602 * Policy module operations. 603 */ 604 mpo_destroy_t mpo_destroy; 605 mpo_init_t mpo_init; 606 --- 274 unchanged lines hidden (view full) --- 881 mpo_check_vnode_setflags_t mpo_check_vnode_setflags; 882 mpo_check_vnode_setmode_t mpo_check_vnode_setmode; 883 mpo_check_vnode_setowner_t mpo_check_vnode_setowner; 884 mpo_check_vnode_setutimes_t mpo_check_vnode_setutimes; 885 mpo_check_vnode_stat_t mpo_check_vnode_stat; 886 mpo_check_vnode_write_t mpo_check_vnode_write; 887 mpo_associate_nfsd_label_t mpo_associate_nfsd_label; 888 mpo_create_mbuf_from_firewall_t mpo_create_mbuf_from_firewall; | 601 602struct mac_policy_ops { 603 /* 604 * Policy module operations. 605 */ 606 mpo_destroy_t mpo_destroy; 607 mpo_init_t mpo_init; 608 --- 274 unchanged lines hidden (view full) --- 883 mpo_check_vnode_setflags_t mpo_check_vnode_setflags; 884 mpo_check_vnode_setmode_t mpo_check_vnode_setmode; 885 mpo_check_vnode_setowner_t mpo_check_vnode_setowner; 886 mpo_check_vnode_setutimes_t mpo_check_vnode_setutimes; 887 mpo_check_vnode_stat_t mpo_check_vnode_stat; 888 mpo_check_vnode_write_t mpo_check_vnode_write; 889 mpo_associate_nfsd_label_t mpo_associate_nfsd_label; 890 mpo_create_mbuf_from_firewall_t mpo_create_mbuf_from_firewall; |
| 891 mpo_priv_check_t mpo_priv_check; 892 mpo_priv_grant_t mpo_priv_grant; |
|
| 889}; 890 891/* 892 * struct mac_policy_conf is the registration structure for policies, and is 893 * provided to the MAC Framework using MAC_POLICY_SET() to invoke a SYSINIT 894 * to register the policy. In general, the fields are immutable, with the 895 * exception of the "security field", run-time flags, and policy list entry, 896 * which are managed by the MAC Framework. Be careful when modifying this --- 43 unchanged lines hidden --- | 893}; 894 895/* 896 * struct mac_policy_conf is the registration structure for policies, and is 897 * provided to the MAC Framework using MAC_POLICY_SET() to invoke a SYSINIT 898 * to register the policy. In general, the fields are immutable, with the 899 * exception of the "security field", run-time flags, and policy list entry, 900 * which are managed by the MAC Framework. Be careful when modifying this --- 43 unchanged lines hidden --- |