Modify mac_bsdextended policy so that it defines its own vnode access

right bits rather than piggy-backing on the V* rights defined in
vnode.h.  The mac_bsdextended bits are given the same values as the V*
bits to make the new kernel module binary compatible with the old
version of libugidfw that uses V* bits.  This avoids leaking kernel
API/ABI to user management tools, and in particular should remove the
need for libugidfw to include vnode.h.

Requested by:	phk

1 files changed, 15 insertions, 0 deletions

diff --git a/sys/security/mac_bsdextended/mac_bsdextended.h b/sys/security/mac_bsdextended/mac_bsdextended.h
index 7798a11..d41fe63 100644
--- a/sys/security/mac_bsdextended/mac_bsdextended.h
+++ b/sys/security/mac_bsdextended/mac_bsdextended.h
@@ -42,6 +42,21 @@
 #define	MBI_NEGATED	0x00000004	/* negate uid/gid matches */
 #define	MBI_BITS	(MBI_UID_DEFINED | MBI_GID_DEFINED | MBI_NEGATED)
 
+/*
+ * Rights that can be represented in mbr_mode.  These have the same values
+ * as the V* rights in vnode.h, but in order to avoid sharing user and
+ * kernel constants, we define them here.  That will also improve ABI
+ * stability if the in-kernel values change.
+ */
+#define	MBI_EXEC	000100
+#define	MBI_WRITE	000200
+#define	MBI_READ	000400
+#define	MBI_ADMIN	010000
+#define	MBI_STAT	020000
+#define	MBI_APPEND	040000
+#define	MBI_ALLPERM	(MBI_EXEC | MBI_WRITE | MBI_READ | MBI_ADMIN | \
+			    MBI_STAT | MBI_APPEND)
+
 struct mac_bsdextended_identity {
 	int	mbi_flags;
 	uid_t	mbi_uid;