diff options
author | rwatson <rwatson@FreeBSD.org> | 2007-02-06 10:59:23 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2007-02-06 10:59:23 +0000 |
commit | d945a8c499f7a946267bab0c92a55751d4503713 (patch) | |
tree | 7d45598262a6e6d6f025d75a3fb731c64945fe8b /sys/security | |
parent | 5ebe8e29b1943eed8144200f709bc884004706f4 (diff) | |
download | FreeBSD-src-d945a8c499f7a946267bab0c92a55751d4503713.zip FreeBSD-src-d945a8c499f7a946267bab0c92a55751d4503713.tar.gz |
Continue 7-CURRENT MAC Framework rearrangement and cleanup:
Don't perform a nested include of _label.h in mac.h, as mac.h now
describes only the user API to MAC, and _label.h defines the in-kernel
representation of MAC labels.
Remove mac.h includes from policies and MAC framework components that do
not use userspace MAC API definitions.
Add _KERNEL inclusion checks to mac_internal.h and mac_policy.h, as these
are kernel-only include files
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/security')
-rw-r--r-- | sys/security/mac/mac_inet.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_internal.h | 4 | ||||
-rw-r--r-- | sys/security/mac/mac_label.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_pipe.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_policy.h | 6 | ||||
-rw-r--r-- | sys/security/mac/mac_posix_sem.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_system.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_sysv_msg.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_sysv_sem.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_sysv_shm.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_vfs.c | 1 | ||||
-rw-r--r-- | sys/security/mac_biba/mac_biba.c | 1 | ||||
-rw-r--r-- | sys/security/mac_bsdextended/mac_bsdextended.c | 1 | ||||
-rw-r--r-- | sys/security/mac_ifoff/mac_ifoff.c | 1 | ||||
-rw-r--r-- | sys/security/mac_mls/mac_mls.c | 1 | ||||
-rw-r--r-- | sys/security/mac_none/mac_none.c | 1 | ||||
-rw-r--r-- | sys/security/mac_partition/mac_partition.c | 1 | ||||
-rw-r--r-- | sys/security/mac_portacl/mac_portacl.c | 1 | ||||
-rw-r--r-- | sys/security/mac_seeotheruids/mac_seeotheruids.c | 1 | ||||
-rw-r--r-- | sys/security/mac_stub/mac_stub.c | 1 | ||||
-rw-r--r-- | sys/security/mac_test/mac_test.c | 1 |
21 files changed, 10 insertions, 19 deletions
diff --git a/sys/security/mac/mac_inet.c b/sys/security/mac/mac_inet.c index fe06dca..b1d8df2 100644 --- a/sys/security/mac/mac_inet.c +++ b/sys/security/mac/mac_inet.c @@ -44,7 +44,6 @@ __FBSDID("$FreeBSD$"); #include <sys/lock.h> #include <sys/malloc.h> #include <sys/mutex.h> -#include <sys/mac.h> #include <sys/sbuf.h> #include <sys/systm.h> #include <sys/mount.h> diff --git a/sys/security/mac/mac_internal.h b/sys/security/mac/mac_internal.h index 791dc67..a16ac6b 100644 --- a/sys/security/mac/mac_internal.h +++ b/sys/security/mac/mac_internal.h @@ -43,6 +43,10 @@ #ifndef _SYS_SECURITY_MAC_MAC_INTERNAL_H_ #define _SYS_SECURITY_MAC_MAC_INTERNAL_H_ +#ifndef _KERNEL +#error "no user-serviceable parts inside" +#endif + /* * MAC Framework sysctl namespace. */ diff --git a/sys/security/mac/mac_label.c b/sys/security/mac/mac_label.c index 619df35..977efc7 100644 --- a/sys/security/mac/mac_label.c +++ b/sys/security/mac/mac_label.c @@ -35,7 +35,6 @@ __FBSDID("$FreeBSD$"); #include "opt_mac.h" #include <sys/param.h> -#include <sys/mac.h> #include <sys/sysctl.h> #include <sys/systm.h> diff --git a/sys/security/mac/mac_pipe.c b/sys/security/mac/mac_pipe.c index 02860a4..88d181e 100644 --- a/sys/security/mac/mac_pipe.c +++ b/sys/security/mac/mac_pipe.c @@ -40,7 +40,6 @@ __FBSDID("$FreeBSD$"); #include <sys/malloc.h> #include <sys/module.h> #include <sys/mutex.h> -#include <sys/mac.h> #include <sys/sbuf.h> #include <sys/systm.h> #include <sys/vnode.h> diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h index d5dd9eb..750218f 100644 --- a/sys/security/mac/mac_policy.h +++ b/sys/security/mac/mac_policy.h @@ -43,6 +43,12 @@ #ifndef _SYS_SECURITY_MAC_MAC_POLICY_H_ #define _SYS_SECURITY_MAC_MAC_POLICY_H_ +#ifndef _KERNEL +#error "no user-serviceable parts inside" +#endif + +#include <sys/_label.h> + /*- * Pluggable access control policy definition structure. * diff --git a/sys/security/mac/mac_posix_sem.c b/sys/security/mac/mac_posix_sem.c index ba4d191..a00a30e 100644 --- a/sys/security/mac/mac_posix_sem.c +++ b/sys/security/mac/mac_posix_sem.c @@ -39,7 +39,6 @@ __FBSDID("$FreeBSD$"); #include <sys/kernel.h> #include <sys/ksem.h> #include <sys/malloc.h> -#include <sys/mac.h> #include <sys/module.h> #include <sys/systm.h> #include <sys/sysctl.h> diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c index 6c95d3b..32a9b79 100644 --- a/sys/security/mac/mac_system.c +++ b/sys/security/mac/mac_system.c @@ -40,7 +40,6 @@ __FBSDID("$FreeBSD$"); #include <sys/malloc.h> #include <sys/module.h> #include <sys/mutex.h> -#include <sys/mac.h> #include <sys/systm.h> #include <sys/vnode.h> #include <sys/sysctl.h> diff --git a/sys/security/mac/mac_sysv_msg.c b/sys/security/mac/mac_sysv_msg.c index 5044157..054614b 100644 --- a/sys/security/mac/mac_sysv_msg.c +++ b/sys/security/mac/mac_sysv_msg.c @@ -39,7 +39,6 @@ __FBSDID("$FreeBSD$"); #include <sys/lock.h> #include <sys/malloc.h> #include <sys/mutex.h> -#include <sys/mac.h> #include <sys/sbuf.h> #include <sys/systm.h> #include <sys/vnode.h> diff --git a/sys/security/mac/mac_sysv_sem.c b/sys/security/mac/mac_sysv_sem.c index 8e981a7..e77331e 100644 --- a/sys/security/mac/mac_sysv_sem.c +++ b/sys/security/mac/mac_sysv_sem.c @@ -39,7 +39,6 @@ __FBSDID("$FreeBSD$"); #include <sys/lock.h> #include <sys/malloc.h> #include <sys/mutex.h> -#include <sys/mac.h> #include <sys/sbuf.h> #include <sys/systm.h> #include <sys/vnode.h> diff --git a/sys/security/mac/mac_sysv_shm.c b/sys/security/mac/mac_sysv_shm.c index 66940c9..6cabeb4 100644 --- a/sys/security/mac/mac_sysv_shm.c +++ b/sys/security/mac/mac_sysv_shm.c @@ -39,7 +39,6 @@ __FBSDID("$FreeBSD$"); #include <sys/lock.h> #include <sys/malloc.h> #include <sys/mutex.h> -#include <sys/mac.h> #include <sys/sbuf.h> #include <sys/systm.h> #include <sys/vnode.h> diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c index 038ac80..9196779 100644 --- a/sys/security/mac/mac_vfs.c +++ b/sys/security/mac/mac_vfs.c @@ -51,7 +51,6 @@ __FBSDID("$FreeBSD$"); #include <sys/lock.h> #include <sys/malloc.h> #include <sys/mutex.h> -#include <sys/mac.h> #include <sys/proc.h> #include <sys/sbuf.h> #include <sys/systm.h> diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c index 490b660..21e2096 100644 --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -46,7 +46,6 @@ #include <sys/extattr.h> #include <sys/kernel.h> #include <sys/ksem.h> -#include <sys/mac.h> #include <sys/malloc.h> #include <sys/mman.h> #include <sys/mount.h> diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c index 8ed58d2..2ebf9b8 100644 --- a/sys/security/mac_bsdextended/mac_bsdextended.c +++ b/sys/security/mac_bsdextended/mac_bsdextended.c @@ -49,7 +49,6 @@ #include <sys/kernel.h> #include <sys/jail.h> #include <sys/lock.h> -#include <sys/mac.h> #include <sys/malloc.h> #include <sys/mount.h> #include <sys/mutex.h> diff --git a/sys/security/mac_ifoff/mac_ifoff.c b/sys/security/mac_ifoff/mac_ifoff.c index 4814db2a..6658fcc 100644 --- a/sys/security/mac_ifoff/mac_ifoff.c +++ b/sys/security/mac_ifoff/mac_ifoff.c @@ -45,7 +45,6 @@ #include <sys/param.h> #include <sys/conf.h> #include <sys/kernel.h> -#include <sys/mac.h> #include <sys/mount.h> #include <sys/proc.h> #include <sys/systm.h> diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c index daa4e24..2e3ca26 100644 --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -46,7 +46,6 @@ #include <sys/extattr.h> #include <sys/kernel.h> #include <sys/ksem.h> -#include <sys/mac.h> #include <sys/mman.h> #include <sys/malloc.h> #include <sys/mount.h> diff --git a/sys/security/mac_none/mac_none.c b/sys/security/mac_none/mac_none.c index 922a021..76a4bec 100644 --- a/sys/security/mac_none/mac_none.c +++ b/sys/security/mac_none/mac_none.c @@ -48,7 +48,6 @@ #include <sys/conf.h> #include <sys/extattr.h> #include <sys/kernel.h> -#include <sys/mac.h> #include <sys/mount.h> #include <sys/proc.h> #include <sys/systm.h> diff --git a/sys/security/mac_partition/mac_partition.c b/sys/security/mac_partition/mac_partition.c index 75d62b1..1b282e8 100644 --- a/sys/security/mac_partition/mac_partition.c +++ b/sys/security/mac_partition/mac_partition.c @@ -43,7 +43,6 @@ #include <sys/param.h> #include <sys/conf.h> #include <sys/kernel.h> -#include <sys/mac.h> #include <sys/mount.h> #include <sys/priv.h> #include <sys/proc.h> diff --git a/sys/security/mac_portacl/mac_portacl.c b/sys/security/mac_portacl/mac_portacl.c index 4277ad5..713b314 100644 --- a/sys/security/mac_portacl/mac_portacl.c +++ b/sys/security/mac_portacl/mac_portacl.c @@ -62,7 +62,6 @@ #include <sys/kernel.h> #include <sys/libkern.h> #include <sys/lock.h> -#include <sys/mac.h> #include <sys/malloc.h> #include <sys/mount.h> #include <sys/mutex.h> diff --git a/sys/security/mac_seeotheruids/mac_seeotheruids.c b/sys/security/mac_seeotheruids/mac_seeotheruids.c index 39d60db..62ccd61 100644 --- a/sys/security/mac_seeotheruids/mac_seeotheruids.c +++ b/sys/security/mac_seeotheruids/mac_seeotheruids.c @@ -44,7 +44,6 @@ #include <sys/param.h> #include <sys/conf.h> #include <sys/kernel.h> -#include <sys/mac.h> #include <sys/mount.h> #include <sys/priv.h> #include <sys/proc.h> diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c index af84561..e80da0402 100644 --- a/sys/security/mac_stub/mac_stub.c +++ b/sys/security/mac_stub/mac_stub.c @@ -52,7 +52,6 @@ #include <sys/extattr.h> #include <sys/kernel.h> #include <sys/ksem.h> -#include <sys/mac.h> #include <sys/mount.h> #include <sys/proc.h> #include <sys/systm.h> diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index b0bd07e..803b882 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -47,7 +47,6 @@ #include <sys/extattr.h> #include <sys/kernel.h> #include <sys/ksem.h> -#include <sys/mac.h> #include <sys/malloc.h> #include <sys/mount.h> #include <sys/proc.h> |