diff options
| author | rwatson <rwatson@FreeBSD.org> | 2002-08-01 21:15:53 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2002-08-01 21:15:53 +0000 |
| commit | c8a80b5f851358ee788a98b9931ce55664cd1cdd (patch) | |
| tree | 09d062cf7b87dffd937e471dde0e03efacd59611 | |
| parent | 7408d5f6aafddc4de0daca3cd6bb3606e3a2844d (diff) | |
| download | FreeBSD-src-c8a80b5f851358ee788a98b9931ce55664cd1cdd.zip FreeBSD-src-c8a80b5f851358ee788a98b9931ce55664cd1cdd.tar.gz | |
Introduce support for Mandatory Access Control and extensible
kernel access control.
Introduce two ioctls, SIOCGIFMAC, SIOCSIFMAC, which permit user
processes to manage the MAC labels on network interfaces. Note
that this is part of the user process API/ABI that will be revised
prior to 5.0-RELEASE.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
| -rw-r--r-- | sys/net/if.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/sys/net/if.c b/sys/net/if.c index e34aecc..1dd37ec 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -1250,6 +1250,12 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td) ifr->ifr_curcap = ifp->if_capenable; break; +#ifdef MAC + case SIOCGIFMAC: + error = mac_ioctl_ifnet_get(td->td_proc->p_ucred, ifr, ifp); + break; +#endif + case SIOCGIFMETRIC: ifr->ifr_metric = ifp->if_metric; break; @@ -1296,6 +1302,12 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td) (void) (*ifp->if_ioctl)(ifp, cmd, data); break; +#ifdef MAC + case SIOCSIFMAC: + error = mac_ioctl_ifnet_set(td->td_proc->p_ucred, ifr, ifp); + break; +#endif + case SIOCSIFMETRIC: error = suser(td); if (error) |
