Continue 7-CURRENT MAC Framework rearrangement and cleanup:

Don't perform a nested include of _label.h in mac.h, as mac.h now describes only the user API to MAC, and _label.h defines the in-kernel representation of MAC labels. Remove mac.h includes from policies and MAC framework components that do not use userspace MAC API definitions. Add _KERNEL inclusion checks to mac_internal.h and mac_policy.h, as these are kernel-only include files Obtained from: TrustedBSD Project
author: rwatson <rwatson@FreeBSD.org> 2007-02-06 10:59:23 +0000
committer: rwatson <rwatson@FreeBSD.org> 2007-02-06 10:59:23 +0000
commit: d945a8c499f7a946267bab0c92a55751d4503713 (patch)
tree: 7d45598262a6e6d6f025d75a3fb731c64945fe8b /sys/security
parent: 5ebe8e29b1943eed8144200f709bc884004706f4 (diff)
download: FreeBSD-src-d945a8c499f7a946267bab0c92a55751d4503713.zip
FreeBSD-src-d945a8c499f7a946267bab0c92a55751d4503713.tar.gz
21 files changed, 10 insertions, 19 deletions
diff --git a/sys/security/mac/mac_inet.c b/sys/security/mac/mac_inet.c
index fe06dca..b1d8df2 100644
--- a/sys/security/mac/mac_inet.c
+++ b/sys/security/mac/mac_inet.c
@@ -44,7 +44,6 @@ __FBSDID("$FreeBSD$");
 #include <sys/lock.h>
 #include <sys/malloc.h>
 #include <sys/mutex.h>
-#include <sys/mac.h>
 #include <sys/sbuf.h>
 #include <sys/systm.h>
 #include <sys/mount.h>
diff --git a/sys/security/mac/mac_internal.h b/sys/security/mac/mac_internal.h
index 791dc67..a16ac6b 100644
--- a/sys/security/mac/mac_internal.h
+++ b/sys/security/mac/mac_internal.h
@@ -43,6 +43,10 @@
 #ifndef _SYS_SECURITY_MAC_MAC_INTERNAL_H_
 #define	_SYS_SECURITY_MAC_MAC_INTERNAL_H_
 
+#ifndef _KERNEL
+#error "no user-serviceable parts inside"
+#endif
+
 /*
  * MAC Framework sysctl namespace.
  */
diff --git a/sys/security/mac/mac_label.c b/sys/security/mac/mac_label.c
index 619df35..977efc7 100644
--- a/sys/security/mac/mac_label.c
+++ b/sys/security/mac/mac_label.c
@@ -35,7 +35,6 @@ __FBSDID("$FreeBSD$");
 #include "opt_mac.h"
 
 #include <sys/param.h>
-#include <sys/mac.h>
 #include <sys/sysctl.h>
 #include <sys/systm.h>
 
diff --git a/sys/security/mac/mac_pipe.c b/sys/security/mac/mac_pipe.c
index 02860a4..88d181e 100644
--- a/sys/security/mac/mac_pipe.c
+++ b/sys/security/mac/mac_pipe.c
@@ -40,7 +40,6 @@ __FBSDID("$FreeBSD$");
 #include <sys/malloc.h>
 #include <sys/module.h>
 #include <sys/mutex.h>
-#include <sys/mac.h>
 #include <sys/sbuf.h>
 #include <sys/systm.h>
 #include <sys/vnode.h>
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h
index d5dd9eb..750218f 100644
--- a/sys/security/mac/mac_policy.h
+++ b/sys/security/mac/mac_policy.h
@@ -43,6 +43,12 @@
 #ifndef _SYS_SECURITY_MAC_MAC_POLICY_H_
 #define	_SYS_SECURITY_MAC_MAC_POLICY_H_
 
+#ifndef _KERNEL
+#error "no user-serviceable parts inside"
+#endif
+
+#include <sys/_label.h>
+
 /*-
  * Pluggable access control policy definition structure.
  *
diff --git a/sys/security/mac/mac_posix_sem.c b/sys/security/mac/mac_posix_sem.c
index ba4d191..a00a30e 100644
--- a/sys/security/mac/mac_posix_sem.c
+++ b/sys/security/mac/mac_posix_sem.c
@@ -39,7 +39,6 @@ __FBSDID("$FreeBSD$");
 #include <sys/kernel.h>
 #include <sys/ksem.h>
 #include <sys/malloc.h>
-#include <sys/mac.h>
 #include <sys/module.h>
 #include <sys/systm.h>
 #include <sys/sysctl.h>
diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c
index 6c95d3b..32a9b79 100644
--- a/sys/security/mac/mac_system.c
+++ b/sys/security/mac/mac_system.c
@@ -40,7 +40,6 @@ __FBSDID("$FreeBSD$");
 #include <sys/malloc.h>
 #include <sys/module.h>
 #include <sys/mutex.h>
-#include <sys/mac.h>
 #include <sys/systm.h>
 #include <sys/vnode.h>
 #include <sys/sysctl.h>
diff --git a/sys/security/mac/mac_sysv_msg.c b/sys/security/mac/mac_sysv_msg.c
index 5044157..054614b 100644
--- a/sys/security/mac/mac_sysv_msg.c
+++ b/sys/security/mac/mac_sysv_msg.c
@@ -39,7 +39,6 @@ __FBSDID("$FreeBSD$");
 #include <sys/lock.h>
 #include <sys/malloc.h>
 #include <sys/mutex.h>
-#include <sys/mac.h>
 #include <sys/sbuf.h>
 #include <sys/systm.h>
 #include <sys/vnode.h>
diff --git a/sys/security/mac/mac_sysv_sem.c b/sys/security/mac/mac_sysv_sem.c
index 8e981a7..e77331e 100644
--- a/sys/security/mac/mac_sysv_sem.c
+++ b/sys/security/mac/mac_sysv_sem.c
@@ -39,7 +39,6 @@ __FBSDID("$FreeBSD$");
 #include <sys/lock.h>
 #include <sys/malloc.h>
 #include <sys/mutex.h>
-#include <sys/mac.h>
 #include <sys/sbuf.h>
 #include <sys/systm.h>
 #include <sys/vnode.h>
diff --git a/sys/security/mac/mac_sysv_shm.c b/sys/security/mac/mac_sysv_shm.c
index 66940c9..6cabeb4 100644
--- a/sys/security/mac/mac_sysv_shm.c
+++ b/sys/security/mac/mac_sysv_shm.c
@@ -39,7 +39,6 @@ __FBSDID("$FreeBSD$");
 #include <sys/lock.h>
 #include <sys/malloc.h>
 #include <sys/mutex.h>
-#include <sys/mac.h>
 #include <sys/sbuf.h>
 #include <sys/systm.h>
 #include <sys/vnode.h>
diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c
index 038ac80..9196779 100644
--- a/sys/security/mac/mac_vfs.c
+++ b/sys/security/mac/mac_vfs.c
@@ -51,7 +51,6 @@ __FBSDID("$FreeBSD$");
 #include <sys/lock.h>
 #include <sys/malloc.h>
 #include <sys/mutex.h>
-#include <sys/mac.h>
 #include <sys/proc.h>
 #include <sys/sbuf.h>
 #include <sys/systm.h>
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
index 490b660..21e2096 100644
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -46,7 +46,6 @@
 #include <sys/extattr.h>
 #include <sys/kernel.h>
 #include <sys/ksem.h>
-#include <sys/mac.h>
 #include <sys/malloc.h>
 #include <sys/mman.h>
 #include <sys/mount.h>
diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c
index 8ed58d2..2ebf9b8 100644
--- a/sys/security/mac_bsdextended/mac_bsdextended.c
+++ b/sys/security/mac_bsdextended/mac_bsdextended.c
@@ -49,7 +49,6 @@
 #include <sys/kernel.h>
 #include <sys/jail.h>
 #include <sys/lock.h>
-#include <sys/mac.h>
 #include <sys/malloc.h>
 #include <sys/mount.h>
 #include <sys/mutex.h>
diff --git a/sys/security/mac_ifoff/mac_ifoff.c b/sys/security/mac_ifoff/mac_ifoff.c
index 4814db2a..6658fcc 100644
--- a/sys/security/mac_ifoff/mac_ifoff.c
+++ b/sys/security/mac_ifoff/mac_ifoff.c
@@ -45,7 +45,6 @@
 #include <sys/param.h>
 #include <sys/conf.h>
 #include <sys/kernel.h>
-#include <sys/mac.h>
 #include <sys/mount.h>
 #include <sys/proc.h>
 #include <sys/systm.h>
diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c
index daa4e24..2e3ca26 100644
--- a/sys/security/mac_mls/mac_mls.c
+++ b/sys/security/mac_mls/mac_mls.c
@@ -46,7 +46,6 @@
 #include <sys/extattr.h>
 #include <sys/kernel.h>
 #include <sys/ksem.h>
-#include <sys/mac.h>
 #include <sys/mman.h>
 #include <sys/malloc.h>
 #include <sys/mount.h>
diff --git a/sys/security/mac_none/mac_none.c b/sys/security/mac_none/mac_none.c
index 922a021..76a4bec 100644
--- a/sys/security/mac_none/mac_none.c
+++ b/sys/security/mac_none/mac_none.c
@@ -48,7 +48,6 @@
 #include <sys/conf.h>
 #include <sys/extattr.h>
 #include <sys/kernel.h>
-#include <sys/mac.h>
 #include <sys/mount.h>
 #include <sys/proc.h>
 #include <sys/systm.h>
diff --git a/sys/security/mac_partition/mac_partition.c b/sys/security/mac_partition/mac_partition.c
index 75d62b1..1b282e8 100644
--- a/sys/security/mac_partition/mac_partition.c
+++ b/sys/security/mac_partition/mac_partition.c
@@ -43,7 +43,6 @@
 #include <sys/param.h>
 #include <sys/conf.h>
 #include <sys/kernel.h>
-#include <sys/mac.h>
 #include <sys/mount.h>
 #include <sys/priv.h>
 #include <sys/proc.h>
diff --git a/sys/security/mac_portacl/mac_portacl.c b/sys/security/mac_portacl/mac_portacl.c
index 4277ad5..713b314 100644
--- a/sys/security/mac_portacl/mac_portacl.c
+++ b/sys/security/mac_portacl/mac_portacl.c
@@ -62,7 +62,6 @@
 #include <sys/kernel.h>
 #include <sys/libkern.h>
 #include <sys/lock.h>
-#include <sys/mac.h>
 #include <sys/malloc.h>
 #include <sys/mount.h>
 #include <sys/mutex.h>
diff --git a/sys/security/mac_seeotheruids/mac_seeotheruids.c b/sys/security/mac_seeotheruids/mac_seeotheruids.c
index 39d60db..62ccd61 100644
--- a/sys/security/mac_seeotheruids/mac_seeotheruids.c
+++ b/sys/security/mac_seeotheruids/mac_seeotheruids.c
@@ -44,7 +44,6 @@
 #include <sys/param.h>
 #include <sys/conf.h>
 #include <sys/kernel.h>
-#include <sys/mac.h>
 #include <sys/mount.h>
 #include <sys/priv.h>
 #include <sys/proc.h>
diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c
index af84561..e80da0402 100644
--- a/sys/security/mac_stub/mac_stub.c
+++ b/sys/security/mac_stub/mac_stub.c
@@ -52,7 +52,6 @@
 #include <sys/extattr.h>
 #include <sys/kernel.h>
 #include <sys/ksem.h>
-#include <sys/mac.h>
 #include <sys/mount.h>
 #include <sys/proc.h>
 #include <sys/systm.h>
diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c
index b0bd07e..803b882 100644
--- a/sys/security/mac_test/mac_test.c
+++ b/sys/security/mac_test/mac_test.c
@@ -47,7 +47,6 @@
 #include <sys/extattr.h>
 #include <sys/kernel.h>
 #include <sys/ksem.h>
-#include <sys/mac.h>
 #include <sys/malloc.h>
 #include <sys/mount.h>
 #include <sys/proc.h>
author	rwatson <rwatson@FreeBSD.org>	2007-02-06 10:59:23 +0000
committer	rwatson <rwatson@FreeBSD.org>	2007-02-06 10:59:23 +0000
commit	d945a8c499f7a946267bab0c92a55751d4503713 (patch)
tree	7d45598262a6e6d6f025d75a3fb731c64945fe8b /sys/security
parent	5ebe8e29b1943eed8144200f709bc884004706f4 (diff)
download	FreeBSD-src-d945a8c499f7a946267bab0c92a55751d4503713.zip FreeBSD-src-d945a8c499f7a946267bab0c92a55751d4503713.tar.gz