Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessary

to add more V* constants, and the variables changed by this patch were often being assigned to mode_t variables, which is 16 bit. Approved by: rwatson (mentor)
author: trasz <trasz@FreeBSD.org> 2008-10-28 13:44:11 +0000
committer: trasz <trasz@FreeBSD.org> 2008-10-28 13:44:11 +0000
commit: 0ad8692247694171bf2d3f963f24b15f5223a0de (patch)
tree: cb5d9bbe34cd6eae2c3dd212bdfdfd85569424dd /sys/security/mac
parent: bc6713490924420312442a3f3fc4ef1fe4b8e400 (diff)
download: FreeBSD-src-0ad8692247694171bf2d3f963f24b15f5223a0de.zip
FreeBSD-src-0ad8692247694171bf2d3f963f24b15f5223a0de.tar.gz
3 files changed, 12 insertions, 8 deletions
diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h
index 4cb5262..4da4af9 100644
--- a/sys/security/mac/mac_framework.h
+++ b/sys/security/mac/mac_framework.h
@@ -88,6 +88,7 @@ struct vnode;
 struct vop_setlabel_args;
 
 #include <sys/acl.h>			/* XXX acl_type_t */
+#include <sys/types.h>			/* accmode_t */
 
 /*
  * Entry points to the TrustedBSD MAC Framework from the remainder of the
@@ -365,7 +366,7 @@ void	mac_thread_userret(struct thread *td);
 int	mac_vnode_associate_extattr(struct mount *mp, struct vnode *vp);
 void	mac_vnode_associate_singlelabel(struct mount *mp, struct vnode *vp);
 int	mac_vnode_check_access(struct ucred *cred, struct vnode *vp,
-	    int acc_mode);
+	    accmode_t accmode);
 int	mac_vnode_check_chdir(struct ucred *cred, struct vnode *dvp);
 int	mac_vnode_check_chroot(struct ucred *cred, struct vnode *dvp);
 int	mac_vnode_check_create(struct ucred *cred, struct vnode *dvp,
@@ -391,7 +392,7 @@ int	mac_vnode_check_mmap(struct ucred *cred, struct vnode *vp, int prot,
 int	mac_vnode_check_mprotect(struct ucred *cred, struct vnode *vp,
 	    int prot);
 int	mac_vnode_check_open(struct ucred *cred, struct vnode *vp,
-	    int acc_mode);
+	    accmode_t accmode);
 int	mac_vnode_check_poll(struct ucred *active_cred,
 	    struct ucred *file_cred, struct vnode *vp);
 int	mac_vnode_check_read(struct ucred *active_cred,
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h
index 0188a38..ecf68a6 100644
--- a/sys/security/mac/mac_policy.h
+++ b/sys/security/mac/mac_policy.h
@@ -61,6 +61,7 @@
  * alphabetically.
  */
 #include <sys/acl.h>	/* XXX acl_type_t */
+#include <sys/types.h>	/* XXX accmode_t */
 
 struct acl;
 struct auditinfo;
@@ -530,7 +531,8 @@ typedef void	(*mpo_vnode_associate_singlelabel_t)(struct mount *mp,
 		    struct label *mplabel, struct vnode *vp,
 		    struct label *vplabel);
 typedef int	(*mpo_vnode_check_access_t)(struct ucred *cred,
-		    struct vnode *vp, struct label *vplabel, int acc_mode);
+		    struct vnode *vp, struct label *vplabel,
+		    accmode_t accmode);
 typedef int	(*mpo_vnode_check_chdir_t)(struct ucred *cred,
 		    struct vnode *dvp, struct label *dvplabel);
 typedef int	(*mpo_vnode_check_chroot_t)(struct ucred *cred,
@@ -571,7 +573,8 @@ typedef void	(*mpo_vnode_check_mmap_downgrade_t)(struct ucred *cred,
 typedef int	(*mpo_vnode_check_mprotect_t)(struct ucred *cred,
 		    struct vnode *vp, struct label *vplabel, int prot);
 typedef int	(*mpo_vnode_check_open_t)(struct ucred *cred,
-		    struct vnode *vp, struct label *vplabel, int acc_mode);
+		    struct vnode *vp, struct label *vplabel,
+		    accmode_t accmode);
 typedef int	(*mpo_vnode_check_poll_t)(struct ucred *active_cred,
 		    struct ucred *file_cred, struct vnode *vp,
 		    struct label *vplabel);
diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c
index 8a31f95..42da76c 100644
--- a/sys/security/mac/mac_vfs.c
+++ b/sys/security/mac/mac_vfs.c
@@ -362,13 +362,13 @@ mac_vnode_execve_will_transition(struct ucred *old, struct vnode *vp,
 }
 
 int
-mac_vnode_check_access(struct ucred *cred, struct vnode *vp, int acc_mode)
+mac_vnode_check_access(struct ucred *cred, struct vnode *vp, accmode_t accmode)
 {
 	int error;
 
 	ASSERT_VOP_LOCKED(vp, "mac_vnode_check_access");
 
-	MAC_CHECK(vnode_check_access, cred, vp, vp->v_label, acc_mode);
+	MAC_CHECK(vnode_check_access, cred, vp, vp->v_label, accmode);
 	return (error);
 }
 
@@ -546,13 +546,13 @@ mac_vnode_check_mprotect(struct ucred *cred, struct vnode *vp, int prot)
 }
 
 int
-mac_vnode_check_open(struct ucred *cred, struct vnode *vp, int acc_mode)
+mac_vnode_check_open(struct ucred *cred, struct vnode *vp, accmode_t accmode)
 {
 	int error;
 
 	ASSERT_VOP_LOCKED(vp, "mac_vnode_check_open");
 
-	MAC_CHECK(vnode_check_open, cred, vp, vp->v_label, acc_mode);
+	MAC_CHECK(vnode_check_open, cred, vp, vp->v_label, accmode);
 	return (error);
 }
author	trasz <trasz@FreeBSD.org>	2008-10-28 13:44:11 +0000
committer	trasz <trasz@FreeBSD.org>	2008-10-28 13:44:11 +0000
commit	0ad8692247694171bf2d3f963f24b15f5223a0de (patch)
tree	cb5d9bbe34cd6eae2c3dd212bdfdfd85569424dd /sys/security/mac
parent	bc6713490924420312442a3f3fc4ef1fe4b8e400 (diff)
download	FreeBSD-src-0ad8692247694171bf2d3f963f24b15f5223a0de.zip FreeBSD-src-0ad8692247694171bf2d3f963f24b15f5223a0de.tar.gz