diff options
| author | rwatson <rwatson@FreeBSD.org> | 2002-10-05 18:56:25 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2002-10-05 18:56:25 +0000 |
| commit | d8184bd58c56d69ab3d97850be3182e782ce6bc2 (patch) | |
| tree | 52c5772e15b452e1932db38f0b0047c8e892514e | |
| parent | 2d5202be2d5815ea1ff17e3ed0d3c91a84e65301 (diff) | |
| download | FreeBSD-src-d8184bd58c56d69ab3d97850be3182e782ce6bc2.zip FreeBSD-src-d8184bd58c56d69ab3d97850be3182e782ce6bc2.tar.gz | |
Implement mac_create_devfs_symlink() for policies that interact with
vnode labels. Sync from MAC tree.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
| -rw-r--r-- | sys/security/mac_biba/mac_biba.c | 14 | ||||
| -rw-r--r-- | sys/security/mac_mls/mac_mls.c | 14 | ||||
| -rw-r--r-- | sys/security/mac_none/mac_none.c | 9 | ||||
| -rw-r--r-- | sys/security/mac_stub/mac_stub.c | 9 | ||||
| -rw-r--r-- | sys/security/mac_test/mac_test.c | 9 |
5 files changed, 55 insertions, 0 deletions
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c index eb1345f..53d492d 100644 --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -477,6 +477,18 @@ mac_biba_create_devfs_directory(char *dirname, int dirnamelen, } static void +mac_biba_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd, + struct label *ddlabel, struct devfs_dirent *de, struct label *delabel) +{ + struct mac_biba *source, *dest; + + source = SLOT(&cred->cr_label); + dest = SLOT(delabel); + + mac_biba_copy_single(source, dest); +} + +static void mac_biba_create_devfs_vnode(struct devfs_dirent *devfs_dirent, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel) { @@ -1983,6 +1995,8 @@ static struct mac_policy_op_entry mac_biba_ops[] = (macop_t)mac_biba_create_devfs_device }, { MAC_CREATE_DEVFS_DIRECTORY, (macop_t)mac_biba_create_devfs_directory }, + { MAC_CREATE_DEVFS_SYMLINK, + (macop_t)mac_biba_create_devfs_symlink }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_biba_create_devfs_vnode }, { MAC_CREATE_VNODE, diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c index 4adc3f5..57aacd3 100644 --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -469,6 +469,18 @@ mac_mls_create_devfs_directory(char *dirname, int dirnamelen, } static void +mac_mls_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd, + struct label *ddlabel, struct devfs_dirent *de, struct label *delabel) +{ + struct mac_mls *source, *dest; + + source = SLOT(&cred->cr_label); + dest = SLOT(delabel); + + mac_mls_copy_single(source, dest); +} + +static void mac_mls_create_devfs_vnode(struct devfs_dirent *devfs_dirent, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel) { @@ -1945,6 +1957,8 @@ static struct mac_policy_op_entry mac_mls_ops[] = (macop_t)mac_mls_create_devfs_device }, { MAC_CREATE_DEVFS_DIRECTORY, (macop_t)mac_mls_create_devfs_directory }, + { MAC_CREATE_DEVFS_SYMLINK, + (macop_t)mac_mls_create_devfs_symlink }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_mls_create_devfs_vnode }, { MAC_CREATE_VNODE, diff --git a/sys/security/mac_none/mac_none.c b/sys/security/mac_none/mac_none.c index 4bda24e..3029e03 100644 --- a/sys/security/mac_none/mac_none.c +++ b/sys/security/mac_none/mac_none.c @@ -153,6 +153,13 @@ mac_none_create_devfs_device(dev_t dev, struct devfs_dirent *devfs_dirent, } static void +mac_none_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd, + struct label *ddlabel, struct devfs_dirent *de, struct label *delabel) +{ + +} + +static void mac_none_create_devfs_directory(char *dirname, int dirnamelen, struct devfs_dirent *devfs_dirent, struct label *label) { @@ -892,6 +899,8 @@ static struct mac_policy_op_entry mac_none_ops[] = (macop_t)mac_none_create_devfs_device }, { MAC_CREATE_DEVFS_DIRECTORY, (macop_t)mac_none_create_devfs_directory }, + { MAC_CREATE_DEVFS_SYMLINK, + (macop_t)mac_none_create_devfs_symlink }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_none_create_devfs_vnode }, { MAC_CREATE_VNODE, diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c index 4bda24e..3029e03 100644 --- a/sys/security/mac_stub/mac_stub.c +++ b/sys/security/mac_stub/mac_stub.c @@ -153,6 +153,13 @@ mac_none_create_devfs_device(dev_t dev, struct devfs_dirent *devfs_dirent, } static void +mac_none_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd, + struct label *ddlabel, struct devfs_dirent *de, struct label *delabel) +{ + +} + +static void mac_none_create_devfs_directory(char *dirname, int dirnamelen, struct devfs_dirent *devfs_dirent, struct label *label) { @@ -892,6 +899,8 @@ static struct mac_policy_op_entry mac_none_ops[] = (macop_t)mac_none_create_devfs_device }, { MAC_CREATE_DEVFS_DIRECTORY, (macop_t)mac_none_create_devfs_directory }, + { MAC_CREATE_DEVFS_SYMLINK, + (macop_t)mac_none_create_devfs_symlink }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_none_create_devfs_vnode }, { MAC_CREATE_VNODE, diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index bff758a..6727aa7 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -536,6 +536,13 @@ mac_test_create_devfs_directory(char *dirname, int dirnamelen, } static void +mac_test_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd, + struct label *ddlabel, struct devfs_dirent *de, struct label *delabel) +{ + +} + +static void mac_test_create_devfs_vnode(struct devfs_dirent *devfs_dirent, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel) { @@ -1268,6 +1275,8 @@ static struct mac_policy_op_entry mac_test_ops[] = (macop_t)mac_test_create_devfs_device }, { MAC_CREATE_DEVFS_DIRECTORY, (macop_t)mac_test_create_devfs_directory }, + { MAC_CREATE_DEVFS_SYMLINK, + (macop_t)mac_test_create_devfs_symlink }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_test_create_devfs_vnode }, { MAC_CREATE_VNODE, |
