summaryrefslogtreecommitdiffstats
path: root/sys/security
diff options
context:
space:
mode:
authorrwatson <rwatson@FreeBSD.org>2006-12-22 23:34:47 +0000
committerrwatson <rwatson@FreeBSD.org>2006-12-22 23:34:47 +0000
commitae9ef079952f9706d7848342f1e29b3be6818292 (patch)
tree5bd953ffcfacedca36999324a1d2c241c6ad3c78 /sys/security
parentcc03250b2a0b9cd6f0882e37ae32483af84b9142 (diff)
downloadFreeBSD-src-ae9ef079952f9706d7848342f1e29b3be6818292.zip
FreeBSD-src-ae9ef079952f9706d7848342f1e29b3be6818292.tar.gz
Move src/sys/sys/mac_policy.h, the kernel interface between the MAC
Framework and security modules, to src/sys/security/mac/mac_policy.h, completing the removal of kernel-only MAC Framework include files from src/sys/sys. Update the MAC Framework and MAC policy modules. Delete the old mac_policy.h. Third party policy modules will need similar updating. Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/security')
-rw-r--r--sys/security/mac/mac_framework.c3
-rw-r--r--sys/security/mac/mac_inet.c3
-rw-r--r--sys/security/mac/mac_net.c3
-rw-r--r--sys/security/mac/mac_pipe.c3
-rw-r--r--sys/security/mac/mac_posix_sem.c3
-rw-r--r--sys/security/mac/mac_priv.c2
-rw-r--r--sys/security/mac/mac_process.c3
-rw-r--r--sys/security/mac/mac_socket.c3
-rw-r--r--sys/security/mac/mac_syscalls.c3
-rw-r--r--sys/security/mac/mac_system.c3
-rw-r--r--sys/security/mac/mac_sysv_msg.c3
-rw-r--r--sys/security/mac/mac_sysv_sem.c3
-rw-r--r--sys/security/mac/mac_sysv_shm.c3
-rw-r--r--sys/security/mac/mac_vfs.c3
-rw-r--r--sys/security/mac_biba/mac_biba.c3
-rw-r--r--sys/security/mac_bsdextended/mac_bsdextended.c3
-rw-r--r--sys/security/mac_ifoff/mac_ifoff.c2
-rw-r--r--sys/security/mac_lomac/mac_lomac.c3
-rw-r--r--sys/security/mac_mls/mac_mls.c3
-rw-r--r--sys/security/mac_none/mac_none.c2
-rw-r--r--sys/security/mac_partition/mac_partition.c3
-rw-r--r--sys/security/mac_portacl/mac_portacl.c2
-rw-r--r--sys/security/mac_seeotheruids/mac_seeotheruids.c2
-rw-r--r--sys/security/mac_stub/mac_stub.c2
-rw-r--r--sys/security/mac_test/mac_test.c2
25 files changed, 25 insertions, 43 deletions
diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c
index a18b853..d5963d1 100644
--- a/sys/security/mac/mac_framework.c
+++ b/sys/security/mac/mac_framework.c
@@ -80,8 +80,6 @@ __FBSDID("$FreeBSD$");
#include <vm/vm_map.h>
#include <vm/vm_object.h>
-#include <sys/mac_policy.h>
-
#include <fs/devfs/devfs.h>
#include <net/bpfdesc.h>
@@ -93,6 +91,7 @@ __FBSDID("$FreeBSD$");
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
#ifdef MAC
diff --git a/sys/security/mac/mac_inet.c b/sys/security/mac/mac_inet.c
index d946bb9..c0b1c98 100644
--- a/sys/security/mac/mac_inet.c
+++ b/sys/security/mac/mac_inet.c
@@ -55,8 +55,6 @@ __FBSDID("$FreeBSD$");
#include <sys/socketvar.h>
#include <sys/sysctl.h>
-#include <sys/mac_policy.h>
-
#include <net/if.h>
#include <net/if_var.h>
@@ -66,6 +64,7 @@ __FBSDID("$FreeBSD$");
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
static struct label *
mac_inpcb_label_alloc(int flag)
diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c
index 95ad63b..e275a67 100644
--- a/sys/security/mac/mac_net.c
+++ b/sys/security/mac/mac_net.c
@@ -56,14 +56,13 @@ __FBSDID("$FreeBSD$");
#include <sys/socketvar.h>
#include <sys/sysctl.h>
-#include <sys/mac_policy.h>
-
#include <net/bpfdesc.h>
#include <net/if.h>
#include <net/if_var.h>
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
/*
* XXXRW: struct ifnet locking is incomplete in the network code, so we use
diff --git a/sys/security/mac/mac_pipe.c b/sys/security/mac/mac_pipe.c
index 44755ad..02860a4 100644
--- a/sys/security/mac/mac_pipe.c
+++ b/sys/security/mac/mac_pipe.c
@@ -47,10 +47,9 @@ __FBSDID("$FreeBSD$");
#include <sys/pipe.h>
#include <sys/sysctl.h>
-#include <sys/mac_policy.h>
-
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
struct label *
mac_pipe_label_alloc(void)
diff --git a/sys/security/mac/mac_posix_sem.c b/sys/security/mac/mac_posix_sem.c
index d730364..ba4d191 100644
--- a/sys/security/mac/mac_posix_sem.c
+++ b/sys/security/mac/mac_posix_sem.c
@@ -44,10 +44,9 @@ __FBSDID("$FreeBSD$");
#include <sys/systm.h>
#include <sys/sysctl.h>
-#include <sys/mac_policy.h>
-
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
static struct label *
mac_posix_sem_label_alloc(void)
diff --git a/sys/security/mac/mac_priv.c b/sys/security/mac/mac_priv.c
index 9832e33..45a8c81 100644
--- a/sys/security/mac/mac_priv.c
+++ b/sys/security/mac/mac_priv.c
@@ -38,10 +38,10 @@
#include <sys/param.h>
#include <sys/priv.h>
#include <sys/module.h>
-#include <sys/mac_policy.h>
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
/*
* The MAC Framework interacts with kernel privilege checks in two ways: it
diff --git a/sys/security/mac/mac_process.c b/sys/security/mac/mac_process.c
index 43c564e..f9c8e2e 100644
--- a/sys/security/mac/mac_process.c
+++ b/sys/security/mac/mac_process.c
@@ -62,10 +62,9 @@ __FBSDID("$FreeBSD$");
#include <vm/vm_map.h>
#include <vm/vm_object.h>
-#include <sys/mac_policy.h>
-
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
static int mac_mmap_revocation = 1;
SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation, CTLFLAG_RW,
diff --git a/sys/security/mac/mac_socket.c b/sys/security/mac/mac_socket.c
index 2898519..1f12ea6 100644
--- a/sys/security/mac/mac_socket.c
+++ b/sys/security/mac/mac_socket.c
@@ -59,8 +59,6 @@ __FBSDID("$FreeBSD$");
#include <sys/socketvar.h>
#include <sys/sysctl.h>
-#include <sys/mac_policy.h>
-
#include <net/bpfdesc.h>
#include <net/if.h>
#include <net/if_var.h>
@@ -71,6 +69,7 @@ __FBSDID("$FreeBSD$");
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
/*
* Currently, sockets hold two labels: the label of the socket itself, and a
diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c
index a18b853..d5963d1 100644
--- a/sys/security/mac/mac_syscalls.c
+++ b/sys/security/mac/mac_syscalls.c
@@ -80,8 +80,6 @@ __FBSDID("$FreeBSD$");
#include <vm/vm_map.h>
#include <vm/vm_object.h>
-#include <sys/mac_policy.h>
-
#include <fs/devfs/devfs.h>
#include <net/bpfdesc.h>
@@ -93,6 +91,7 @@ __FBSDID("$FreeBSD$");
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
#ifdef MAC
diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c
index b6ad192..6c95d3b 100644
--- a/sys/security/mac/mac_system.c
+++ b/sys/security/mac/mac_system.c
@@ -45,10 +45,9 @@ __FBSDID("$FreeBSD$");
#include <sys/vnode.h>
#include <sys/sysctl.h>
-#include <sys/mac_policy.h>
-
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
/*
* XXXRW: Some of these checks now duplicate privilege checks. However,
diff --git a/sys/security/mac/mac_sysv_msg.c b/sys/security/mac/mac_sysv_msg.c
index 6792b11..5044157 100644
--- a/sys/security/mac/mac_sysv_msg.c
+++ b/sys/security/mac/mac_sysv_msg.c
@@ -49,10 +49,9 @@ __FBSDID("$FreeBSD$");
#include <sys/sysctl.h>
#include <sys/msg.h>
-#include <sys/mac_policy.h>
-
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
static struct label *
mac_sysv_msgmsg_label_alloc(void)
diff --git a/sys/security/mac/mac_sysv_sem.c b/sys/security/mac/mac_sysv_sem.c
index 726ea8d..8e981a7 100644
--- a/sys/security/mac/mac_sysv_sem.c
+++ b/sys/security/mac/mac_sysv_sem.c
@@ -49,10 +49,9 @@ __FBSDID("$FreeBSD$");
#include <sys/sysctl.h>
#include <sys/sem.h>
-#include <sys/mac_policy.h>
-
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
static struct label *
mac_sysv_sem_label_alloc(void)
diff --git a/sys/security/mac/mac_sysv_shm.c b/sys/security/mac/mac_sysv_shm.c
index 3f91916..66940c9 100644
--- a/sys/security/mac/mac_sysv_shm.c
+++ b/sys/security/mac/mac_sysv_shm.c
@@ -49,10 +49,9 @@ __FBSDID("$FreeBSD$");
#include <sys/sysctl.h>
#include <sys/shm.h>
-#include <sys/mac_policy.h>
-
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
static struct label *
mac_sysv_shm_label_alloc(void)
diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c
index b5901f9..c026aa8 100644
--- a/sys/security/mac/mac_vfs.c
+++ b/sys/security/mac/mac_vfs.c
@@ -66,12 +66,11 @@ __FBSDID("$FreeBSD$");
#include <vm/vm_map.h>
#include <vm/vm_object.h>
-#include <sys/mac_policy.h>
-
#include <fs/devfs/devfs.h>
#include <security/mac/mac_framework.h>
#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
/*
* Warn about EA transactions only the first time they happen. No locking on
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
index 5aa404c..490b660 100644
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -81,8 +81,7 @@
#include <vm/uma.h>
#include <vm/vm.h>
-#include <sys/mac_policy.h>
-
+#include <security/mac/mac_policy.h>
#include <security/mac_biba/mac_biba.h>
SYSCTL_DECL(_security_mac);
diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c
index c32c514..8ed58d2 100644
--- a/sys/security/mac_bsdextended/mac_bsdextended.c
+++ b/sys/security/mac_bsdextended/mac_bsdextended.c
@@ -72,8 +72,7 @@
#include <vm/vm.h>
-#include <sys/mac_policy.h>
-
+#include <security/mac/mac_policy.h>
#include <security/mac_bsdextended/mac_bsdextended.h>
static struct mtx mac_bsdextended_mtx;
diff --git a/sys/security/mac_ifoff/mac_ifoff.c b/sys/security/mac_ifoff/mac_ifoff.c
index c80d3dd..4814db2a 100644
--- a/sys/security/mac_ifoff/mac_ifoff.c
+++ b/sys/security/mac_ifoff/mac_ifoff.c
@@ -64,7 +64,7 @@
#include <vm/vm.h>
-#include <sys/mac_policy.h>
+#include <security/mac/mac_policy.h>
SYSCTL_DECL(_security_mac);
diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c
index 3364b78..73a0226 100644
--- a/sys/security/mac_lomac/mac_lomac.c
+++ b/sys/security/mac_lomac/mac_lomac.c
@@ -77,8 +77,7 @@
#include <vm/vm.h>
-#include <sys/mac_policy.h>
-
+#include <security/mac/mac_policy.h>
#include <security/mac/mac_framework.h>
#include <security/mac_lomac/mac_lomac.h>
diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c
index 2c4a67c..daa4e24 100644
--- a/sys/security/mac_mls/mac_mls.c
+++ b/sys/security/mac_mls/mac_mls.c
@@ -81,8 +81,7 @@
#include <vm/uma.h>
#include <vm/vm.h>
-#include <sys/mac_policy.h>
-
+#include <security/mac/mac_policy.h>
#include <security/mac_mls/mac_mls.h>
SYSCTL_DECL(_security_mac);
diff --git a/sys/security/mac_none/mac_none.c b/sys/security/mac_none/mac_none.c
index d36d429..922a021 100644
--- a/sys/security/mac_none/mac_none.c
+++ b/sys/security/mac_none/mac_none.c
@@ -74,7 +74,7 @@
#include <vm/vm.h>
-#include <sys/mac_policy.h>
+#include <security/mac/mac_policy.h>
SYSCTL_DECL(_security_mac);
diff --git a/sys/security/mac_partition/mac_partition.c b/sys/security/mac_partition/mac_partition.c
index 5ce8d20..75d62b1 100644
--- a/sys/security/mac_partition/mac_partition.c
+++ b/sys/security/mac_partition/mac_partition.c
@@ -67,8 +67,7 @@
#include <vm/vm.h>
-#include <sys/mac_policy.h>
-
+#include <security/mac/mac_policy.h>
#include <security/mac_partition/mac_partition.h>
SYSCTL_DECL(_security_mac);
diff --git a/sys/security/mac_portacl/mac_portacl.c b/sys/security/mac_portacl/mac_portacl.c
index 5218531..4277ad5 100644
--- a/sys/security/mac_portacl/mac_portacl.c
+++ b/sys/security/mac_portacl/mac_portacl.c
@@ -84,7 +84,7 @@
#include <vm/vm.h>
-#include <sys/mac_policy.h>
+#include <security/mac/mac_policy.h>
SYSCTL_DECL(_security_mac);
diff --git a/sys/security/mac_seeotheruids/mac_seeotheruids.c b/sys/security/mac_seeotheruids/mac_seeotheruids.c
index f8c02d2..39d60db 100644
--- a/sys/security/mac_seeotheruids/mac_seeotheruids.c
+++ b/sys/security/mac_seeotheruids/mac_seeotheruids.c
@@ -64,7 +64,7 @@
#include <vm/vm.h>
-#include <sys/mac_policy.h>
+#include <security/mac/mac_policy.h>
SYSCTL_DECL(_security_mac);
diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c
index dee29e3..02da8f5 100644
--- a/sys/security/mac_stub/mac_stub.c
+++ b/sys/security/mac_stub/mac_stub.c
@@ -82,7 +82,7 @@
#include <vm/vm.h>
-#include <sys/mac_policy.h>
+#include <security/mac/mac_policy.h>
SYSCTL_DECL(_security_mac);
diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c
index d968ec9..b0bd07e 100644
--- a/sys/security/mac_test/mac_test.c
+++ b/sys/security/mac_test/mac_test.c
@@ -73,7 +73,7 @@
#include <vm/vm.h>
-#include <sys/mac_policy.h>
+#include <security/mac/mac_policy.h>
SYSCTL_DECL(_security_mac);
OpenPOWER on IntegriCloud