diff options
author | rwatson <rwatson@FreeBSD.org> | 2007-10-26 21:16:34 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2007-10-26 21:16:34 +0000 |
commit | 5c16f69bcc2f851eeab235633b2ead29453a90a5 (patch) | |
tree | 459d77aa50eaf07b49e275b6a85024453dfcc145 /sys/security/mac | |
parent | a7b201ee6db690a943f72f7aa1bd186bc167fe2e (diff) | |
download | FreeBSD-src-5c16f69bcc2f851eeab235633b2ead29453a90a5.zip FreeBSD-src-5c16f69bcc2f851eeab235633b2ead29453a90a5.tar.gz |
Update comment following MAC Framework entry point renaming and
reorganization.
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/security/mac')
-rw-r--r-- | sys/security/mac/mac_framework.h | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h index b0971d8..80b8b33 100644 --- a/sys/security/mac/mac_framework.h +++ b/sys/security/mac/mac_framework.h @@ -88,7 +88,12 @@ struct vop_setlabel_args; #include <sys/acl.h> /* XXX acl_type_t */ /* - * Kernel functions to manage and evaluate labels. + * Entry points to the TrustedBSD MAC Framework from the remainder of the + * kernel: entry points are named based on a principle object type and an + * action relating to it. They are sorted alphabetically first by object + * type and then action. In some situations, the principle object type is + * obvious, and in other cases, less so as multiple objects may be inolved + * in the operation. */ int mac_bpfdesc_check_receive(struct bpf_d *d, struct ifnet *ifp); void mac_bpfdesc_create(struct ucred *cred, struct bpf_d *d); |