diff options
author | trasz <trasz@FreeBSD.org> | 2008-10-28 13:44:11 +0000 |
---|---|---|
committer | trasz <trasz@FreeBSD.org> | 2008-10-28 13:44:11 +0000 |
commit | 0ad8692247694171bf2d3f963f24b15f5223a0de (patch) | |
tree | cb5d9bbe34cd6eae2c3dd212bdfdfd85569424dd /sys/security/mac | |
parent | bc6713490924420312442a3f3fc4ef1fe4b8e400 (diff) | |
download | FreeBSD-src-0ad8692247694171bf2d3f963f24b15f5223a0de.zip FreeBSD-src-0ad8692247694171bf2d3f963f24b15f5223a0de.tar.gz |
Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessary
to add more V* constants, and the variables changed by this patch were often
being assigned to mode_t variables, which is 16 bit.
Approved by: rwatson (mentor)
Diffstat (limited to 'sys/security/mac')
-rw-r--r-- | sys/security/mac/mac_framework.h | 5 | ||||
-rw-r--r-- | sys/security/mac/mac_policy.h | 7 | ||||
-rw-r--r-- | sys/security/mac/mac_vfs.c | 8 |
3 files changed, 12 insertions, 8 deletions
diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h index 4cb5262..4da4af9 100644 --- a/sys/security/mac/mac_framework.h +++ b/sys/security/mac/mac_framework.h @@ -88,6 +88,7 @@ struct vnode; struct vop_setlabel_args; #include <sys/acl.h> /* XXX acl_type_t */ +#include <sys/types.h> /* accmode_t */ /* * Entry points to the TrustedBSD MAC Framework from the remainder of the @@ -365,7 +366,7 @@ void mac_thread_userret(struct thread *td); int mac_vnode_associate_extattr(struct mount *mp, struct vnode *vp); void mac_vnode_associate_singlelabel(struct mount *mp, struct vnode *vp); int mac_vnode_check_access(struct ucred *cred, struct vnode *vp, - int acc_mode); + accmode_t accmode); int mac_vnode_check_chdir(struct ucred *cred, struct vnode *dvp); int mac_vnode_check_chroot(struct ucred *cred, struct vnode *dvp); int mac_vnode_check_create(struct ucred *cred, struct vnode *dvp, @@ -391,7 +392,7 @@ int mac_vnode_check_mmap(struct ucred *cred, struct vnode *vp, int prot, int mac_vnode_check_mprotect(struct ucred *cred, struct vnode *vp, int prot); int mac_vnode_check_open(struct ucred *cred, struct vnode *vp, - int acc_mode); + accmode_t accmode); int mac_vnode_check_poll(struct ucred *active_cred, struct ucred *file_cred, struct vnode *vp); int mac_vnode_check_read(struct ucred *active_cred, diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h index 0188a38..ecf68a6 100644 --- a/sys/security/mac/mac_policy.h +++ b/sys/security/mac/mac_policy.h @@ -61,6 +61,7 @@ * alphabetically. */ #include <sys/acl.h> /* XXX acl_type_t */ +#include <sys/types.h> /* XXX accmode_t */ struct acl; struct auditinfo; @@ -530,7 +531,8 @@ typedef void (*mpo_vnode_associate_singlelabel_t)(struct mount *mp, struct label *mplabel, struct vnode *vp, struct label *vplabel); typedef int (*mpo_vnode_check_access_t)(struct ucred *cred, - struct vnode *vp, struct label *vplabel, int acc_mode); + struct vnode *vp, struct label *vplabel, + accmode_t accmode); typedef int (*mpo_vnode_check_chdir_t)(struct ucred *cred, struct vnode *dvp, struct label *dvplabel); typedef int (*mpo_vnode_check_chroot_t)(struct ucred *cred, @@ -571,7 +573,8 @@ typedef void (*mpo_vnode_check_mmap_downgrade_t)(struct ucred *cred, typedef int (*mpo_vnode_check_mprotect_t)(struct ucred *cred, struct vnode *vp, struct label *vplabel, int prot); typedef int (*mpo_vnode_check_open_t)(struct ucred *cred, - struct vnode *vp, struct label *vplabel, int acc_mode); + struct vnode *vp, struct label *vplabel, + accmode_t accmode); typedef int (*mpo_vnode_check_poll_t)(struct ucred *active_cred, struct ucred *file_cred, struct vnode *vp, struct label *vplabel); diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c index 8a31f95..42da76c 100644 --- a/sys/security/mac/mac_vfs.c +++ b/sys/security/mac/mac_vfs.c @@ -362,13 +362,13 @@ mac_vnode_execve_will_transition(struct ucred *old, struct vnode *vp, } int -mac_vnode_check_access(struct ucred *cred, struct vnode *vp, int acc_mode) +mac_vnode_check_access(struct ucred *cred, struct vnode *vp, accmode_t accmode) { int error; ASSERT_VOP_LOCKED(vp, "mac_vnode_check_access"); - MAC_CHECK(vnode_check_access, cred, vp, vp->v_label, acc_mode); + MAC_CHECK(vnode_check_access, cred, vp, vp->v_label, accmode); return (error); } @@ -546,13 +546,13 @@ mac_vnode_check_mprotect(struct ucred *cred, struct vnode *vp, int prot) } int -mac_vnode_check_open(struct ucred *cred, struct vnode *vp, int acc_mode) +mac_vnode_check_open(struct ucred *cred, struct vnode *vp, accmode_t accmode) { int error; ASSERT_VOP_LOCKED(vp, "mac_vnode_check_open"); - MAC_CHECK(vnode_check_open, cred, vp, vp->v_label, acc_mode); + MAC_CHECK(vnode_check_open, cred, vp, vp->v_label, accmode); return (error); } |