diff options
author | rwatson <rwatson@FreeBSD.org> | 2002-08-19 16:43:25 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2002-08-19 16:43:25 +0000 |
commit | 1a7cd1a210c4be2ec85df8513276938c23be1b95 (patch) | |
tree | b56250ebc97ff756401e26512847769076ec6e53 /sys/kern/tty_tty.c | |
parent | 25617b8fc0dd0452d39b8873c1df9d7fc6fbbf9c (diff) | |
download | FreeBSD-src-1a7cd1a210c4be2ec85df8513276938c23be1b95.zip FreeBSD-src-1a7cd1a210c4be2ec85df8513276938c23be1b95.tar.gz |
Break out mac_check_vnode_op() into three seperate checks:
mac_check_vnode_poll(), mac_check_vnode_read(), mac_check_vnode_write().
This improves the consistency with other existing vnode checks, and
allows policies to avoid implementing switch statements to determine
what operations they do and do not want to authorize.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Diffstat (limited to 'sys/kern/tty_tty.c')
-rw-r--r-- | sys/kern/tty_tty.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sys/kern/tty_tty.c b/sys/kern/tty_tty.c index f70f585..86132d9 100644 --- a/sys/kern/tty_tty.c +++ b/sys/kern/tty_tty.c @@ -131,7 +131,7 @@ cttyread(dev, uio, flag) vn_lock(ttyvp, LK_EXCLUSIVE | LK_RETRY, td); #ifdef MAC /* XXX: Shouldn't the cred below be td->td_ucred not NOCRED? */ - error = mac_check_vnode_op(td->td_ucred, ttyvp, MAC_OP_VNODE_READ); + error = mac_check_vnode_read(td->td_ucred, ttyvp); if (error == 0) #endif error = VOP_READ(ttyvp, uio, flag, NOCRED); @@ -166,7 +166,7 @@ cttywrite(dev, uio, flag) vn_lock(ttyvp, LK_EXCLUSIVE | LK_RETRY, td); #ifdef MAC /* XXX: shouldn't the cred below be td->td_ucred not NOCRED? */ - error = mac_check_vnode_op(td->td_ucred, ttyvp, MAC_OP_VNODE_WRITE); + error = mac_check_vnode_write(td->td_ucred, ttyvp); if (error == 0) #endif error = VOP_WRITE(ttyvp, uio, flag, NOCRED); @@ -236,7 +236,7 @@ cttypoll(dev, events, td) return (seltrue(dev, events, td)); #ifdef MAC vn_lock(ttyvp, LK_EXCLUSIVE | LK_RETRY, td); - error = mac_check_vnode_op(td->td_ucred, ttyvp, MAC_OP_VNODE_POLL); + error = mac_check_vnode_poll(td->td_ucred, ttyvp); VOP_UNLOCK(ttyvp, 0, td); if (error) return (error); |