diff options
| author | rwatson <rwatson@FreeBSD.org> | 2008-10-28 11:33:06 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2008-10-28 11:33:06 +0000 |
| commit | a2129bd144d95f5685e28f05aec7ce6f4efa6b04 (patch) | |
| tree | c420c1b771a2ef873bf25185956726906057b6fe /sys/security/mac_lomac | |
| parent | bbf1e3cc5ba01988dfb88601dbd3cc26ea619ad5 (diff) | |
| download | FreeBSD-src-a2129bd144d95f5685e28f05aec7ce6f4efa6b04.zip FreeBSD-src-a2129bd144d95f5685e28f05aec7ce6f4efa6b04.tar.gz | |
Rename three MAC entry points from _proc_ to _cred_ to reflect the fact
that they operate directly on credentials: mac_proc_create_swapper(),
mac_proc_create_init(), and mac_proc_associate_nfsd(). Update policies.
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/security/mac_lomac')
| -rw-r--r-- | sys/security/mac_lomac/mac_lomac.c | 49 |
1 files changed, 25 insertions, 24 deletions
diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c index 50a8f8d..2dc4389 100644 --- a/sys/security/mac_lomac/mac_lomac.c +++ b/sys/security/mac_lomac/mac_lomac.c @@ -993,6 +993,29 @@ lomac_cred_check_visible(struct ucred *cr1, struct ucred *cr2) return (0); } + +static void +lomac_cred_create_init(struct ucred *cred) +{ + struct mac_lomac *dest; + + dest = SLOT(cred->cr_label); + + lomac_set_single(dest, MAC_LOMAC_TYPE_HIGH, 0); + lomac_set_range(dest, MAC_LOMAC_TYPE_LOW, 0, MAC_LOMAC_TYPE_HIGH, 0); +} + +static void +lomac_cred_create_swapper(struct ucred *cred) +{ + struct mac_lomac *dest; + + dest = SLOT(cred->cr_label); + + lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0); + lomac_set_range(dest, MAC_LOMAC_TYPE_LOW, 0, MAC_LOMAC_TYPE_HIGH, 0); +} + static void lomac_cred_relabel(struct ucred *cred, struct label *newlabel) { @@ -1885,28 +1908,6 @@ lomac_proc_check_signal(struct ucred *cred, struct proc *p, int signum) } static void -lomac_proc_create_init(struct ucred *cred) -{ - struct mac_lomac *dest; - - dest = SLOT(cred->cr_label); - - lomac_set_single(dest, MAC_LOMAC_TYPE_HIGH, 0); - lomac_set_range(dest, MAC_LOMAC_TYPE_LOW, 0, MAC_LOMAC_TYPE_HIGH, 0); -} - -static void -lomac_proc_create_swapper(struct ucred *cred) -{ - struct mac_lomac *dest; - - dest = SLOT(cred->cr_label); - - lomac_set_single(dest, MAC_LOMAC_TYPE_EQUAL, 0); - lomac_set_range(dest, MAC_LOMAC_TYPE_LOW, 0, MAC_LOMAC_TYPE_HIGH, 0); -} - -static void lomac_proc_destroy_label(struct label *label) { @@ -2894,6 +2895,8 @@ static struct mac_policy_ops lomac_ops = .mpo_cred_check_relabel = lomac_cred_check_relabel, .mpo_cred_check_visible = lomac_cred_check_visible, .mpo_cred_copy_label = lomac_copy_label, + .mpo_cred_create_swapper = lomac_cred_create_swapper, + .mpo_cred_create_init = lomac_cred_create_init, .mpo_cred_destroy_label = lomac_destroy_label, .mpo_cred_externalize_label = lomac_externalize_label, .mpo_cred_init_label = lomac_init_label, @@ -2983,8 +2986,6 @@ static struct mac_policy_ops lomac_ops = .mpo_proc_check_debug = lomac_proc_check_debug, .mpo_proc_check_sched = lomac_proc_check_sched, .mpo_proc_check_signal = lomac_proc_check_signal, - .mpo_proc_create_swapper = lomac_proc_create_swapper, - .mpo_proc_create_init = lomac_proc_create_init, .mpo_proc_destroy_label = lomac_proc_destroy_label, .mpo_proc_init_label = lomac_proc_init_label, |
