diff options
author | rwatson <rwatson@FreeBSD.org> | 2002-08-12 01:45:40 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2002-08-12 01:45:40 +0000 |
commit | dfade9f9a8019534b69f152501f9583fa0ce2a79 (patch) | |
tree | 3dc3eedadb422fb2dd6e0008a1b599aae604b4cb /sys/i386/ibcs2 | |
parent | a4eb7ce808d8aa9bcb0b39d62536b680d6e3fc62 (diff) | |
download | FreeBSD-src-dfade9f9a8019534b69f152501f9583fa0ce2a79.zip FreeBSD-src-dfade9f9a8019534b69f152501f9583fa0ce2a79.tar.gz |
Add necessary instrumentation to IBCS2 emulation support for mandatory
access control: as with SVR4, very few changes required since almost
all services are implemented by wrapping existing native FreeBSD
system calls. Only readdir() calls need additional instrumentation.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Diffstat (limited to 'sys/i386/ibcs2')
-rw-r--r-- | sys/i386/ibcs2/ibcs2_misc.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/sys/i386/ibcs2/ibcs2_misc.c b/sys/i386/ibcs2/ibcs2_misc.c index 7274ea7..5892ef7 100644 --- a/sys/i386/ibcs2/ibcs2_misc.c +++ b/sys/i386/ibcs2/ibcs2_misc.c @@ -54,6 +54,8 @@ * IBCS2 system calls that are implemented differently in BSD are * handled here. */ +#include "opt_mac.h" + #include <sys/param.h> #include <sys/systm.h> #include <sys/dirent.h> @@ -61,6 +63,7 @@ #include <sys/filedesc.h> #include <sys/kernel.h> #include <sys/lock.h> +#include <sys/mac.h> #include <sys/malloc.h> #include <sys/file.h> /* Must come after sys/malloc.h */ #include <sys/mutex.h> @@ -348,6 +351,12 @@ again: cookies = NULL; } +#ifdef MAC + error = mac_check_vnode_readdir(td->td_ucred, vp); + if (error) + goto out; +#endif + /* * First we read into the malloc'ed buffer, then * we massage it into user space, one record at a time. @@ -503,6 +512,12 @@ again: cookies = NULL; } +#ifdef MAC + error = mac_check_vnode_readdir(td->td_ucred, vp); + if (error) + goto out; +#endif + /* * First we read into the malloc'ed buffer, then * we massage it into user space, one record at a time. |