diff options
author | rwatson <rwatson@FreeBSD.org> | 2008-10-28 12:49:07 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2008-10-28 12:49:07 +0000 |
commit | bc6713490924420312442a3f3fc4ef1fe4b8e400 (patch) | |
tree | 11292438318e6e58424564a501423b69ab5ca6bb /sys/security/mac/mac_framework.h | |
parent | b9b0d2c54ca54660de39e9aa6f9bfd4c9653adb3 (diff) | |
download | FreeBSD-src-bc6713490924420312442a3f3fc4ef1fe4b8e400.zip FreeBSD-src-bc6713490924420312442a3f3fc4ef1fe4b8e400.tar.gz |
Rename mac_cred_mmapped_drop_perms(), which revokes access to virtual
memory mappings when the MAC label on a process changes, to
mac_proc_vm_revoke(),
It now also acquires its own credential reference directly from the
affected process rather than accepting one passed by the the caller,
simplifying the API and consumer code.
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/security/mac/mac_framework.h')
-rw-r--r-- | sys/security/mac/mac_framework.h | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h index 411fddb..4cb5262 100644 --- a/sys/security/mac/mac_framework.h +++ b/sys/security/mac/mac_framework.h @@ -259,6 +259,7 @@ int mac_proc_check_signal(struct ucred *cred, struct proc *p, int mac_proc_check_wait(struct ucred *cred, struct proc *p); void mac_proc_destroy(struct proc *); void mac_proc_init(struct proc *); +void mac_proc_vm_revoke(struct thread *td); int mac_execve_enter(struct image_params *imgp, struct mac *mac_p); void mac_execve_exit(struct image_params *imgp); void mac_execve_interpreter_enter(struct vnode *interpvp, @@ -434,8 +435,6 @@ int mac_vnode_execve_will_transition(struct ucred *cred, void mac_vnode_relabel(struct ucred *cred, struct vnode *vp, struct label *newlabel); -void mac_cred_mmapped_drop_perms(struct thread *td, struct ucred *cred); - /* * Calls to help various file systems implement labeling functionality using * their existing EA implementation. |