diff options
author | rwatson <rwatson@FreeBSD.org> | 2007-06-26 14:14:01 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2007-06-26 14:14:01 +0000 |
commit | 4d365126c56c98cc583a57b1f74c056f6bdd0dda (patch) | |
tree | 6ace3718f53e161903fa580eccd02a909bc33998 /sys/security/mac/mac_policy.h | |
parent | 7e74b0e98ce5feca153d6580166a2c1e0b0aad02 (diff) | |
download | FreeBSD-src-4d365126c56c98cc583a57b1f74c056f6bdd0dda.zip FreeBSD-src-4d365126c56c98cc583a57b1f74c056f6bdd0dda.tar.gz |
Add a new MAC framework and policy entry point,
mpo_check_proc_setaudit_addr to be used when controlling use of
setaudit_addr(), rather than mpo_check_proc_setaudit(), which takes a
different argument type.
Reviewed by: csjp
Approved by: re (kensmith)
Diffstat (limited to 'sys/security/mac/mac_policy.h')
-rw-r--r-- | sys/security/mac/mac_policy.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h index efe0118..3728853 100644 --- a/sys/security/mac/mac_policy.h +++ b/sys/security/mac/mac_policy.h @@ -450,6 +450,8 @@ typedef int (*mpo_check_proc_sched_t)(struct ucred *cred, struct proc *p); typedef int (*mpo_check_proc_setaudit_t)(struct ucred *cred, struct auditinfo *ai); +typedef int (*mpo_check_proc_setaudit_addr_t)(struct ucred *cred, + struct auditinfo_addr *aia); typedef int (*mpo_check_proc_setauid_t)(struct ucred *cred, uid_t auid); typedef int (*mpo_check_proc_setuid_t)(struct ucred *cred, uid_t uid); typedef int (*mpo_check_proc_seteuid_t)(struct ucred *cred, uid_t euid); @@ -826,6 +828,7 @@ struct mac_policy_ops { mpo_check_proc_debug_t mpo_check_proc_debug; mpo_check_proc_sched_t mpo_check_proc_sched; mpo_check_proc_setaudit_t mpo_check_proc_setaudit; + mpo_check_proc_setaudit_addr_t mpo_check_proc_setaudit_addr; mpo_check_proc_setauid_t mpo_check_proc_setauid; mpo_check_proc_setuid_t mpo_check_proc_setuid; mpo_check_proc_seteuid_t mpo_check_proc_seteuid; |