diff options
| author | rwatson <rwatson@FreeBSD.org> | 2002-07-30 22:33:28 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2002-07-30 22:33:28 +0000 |
| commit | c2d93c730d48486845f01491c3d2917a36ac9a86 (patch) | |
| tree | d3ee6d45eaa9110a27c6973190ec69aba53a29ba /sys/sys/pipe.h | |
| parent | eabed23bc71b76aac0fe135aa284ebebc72debcb (diff) | |
| download | FreeBSD-src-c2d93c730d48486845f01491c3d2917a36ac9a86.zip FreeBSD-src-c2d93c730d48486845f01491c3d2917a36ac9a86.tar.gz | |
Introduce support for Mandatory Access Control and extensible
kernel access control.
Label pipe IPC objects, permitting security information to be
maintained at the granularity of the pipe object. The label is
shared between the two pipe endpoints in the style of the
pipe mutex, and is maintained using similar conventions. The
label is protected by the pipe mutex.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Diffstat (limited to 'sys/sys/pipe.h')
| -rw-r--r-- | sys/sys/pipe.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/sys/sys/pipe.h b/sys/sys/pipe.h index f226396..6b501d6 100644 --- a/sys/sys/pipe.h +++ b/sys/sys/pipe.h @@ -28,6 +28,7 @@ #include <sys/time.h> /* for struct timespec */ #include <sys/selinfo.h> /* for struct selinfo */ #include <vm/vm.h> /* for vm_page_t */ +#include <sys/mac.h> /* for struct label */ #include <machine/param.h> /* for PAGE_SIZE */ #endif @@ -106,6 +107,7 @@ struct pipe { struct pipe *pipe_peer; /* link with other direction */ u_int pipe_state; /* pipe status info */ int pipe_busy; /* busy flag, mostly to handle rundown sanely */ + struct label *pipe_label; /* pipe MAC label - shared */ struct mtx *pipe_mtxp; /* shared mutex between both pipes */ }; |
