diff options
| author | rwatson <rwatson@FreeBSD.org> | 2002-08-02 20:33:05 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2002-08-02 20:33:05 +0000 |
| commit | 5d31ba7f616c557de1c58e5ee6f83d533d026ba9 (patch) | |
| tree | a79794f9a42683a3ada9e9f3a5f495d74f91c011 /sys | |
| parent | 86e3f5101f74c9ab6e2082b6159e00042b34b733 (diff) | |
| download | FreeBSD-src-5d31ba7f616c557de1c58e5ee6f83d533d026ba9.zip FreeBSD-src-5d31ba7f616c557de1c58e5ee6f83d533d026ba9.tar.gz | |
Improve ordering of MAC entry points in mac_policy_op structure.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/security/mac/mac_policy.h | 12 | ||||
| -rw-r--r-- | sys/sys/mac_policy.h | 12 |
2 files changed, 12 insertions, 12 deletions
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h index d2d8833..f38c017 100644 --- a/sys/security/mac/mac_policy.h +++ b/sys/security/mac/mac_policy.h @@ -284,6 +284,10 @@ struct mac_policy_ops { int (*mpo_check_vnode_lookup)(struct ucred *cred, struct vnode *dvp, struct label *dlabel, struct componentname *cnp); + vm_prot_t (*mpo_check_vnode_mmap_perms)(struct ucred *cred, + struct vnode *vp, struct label *label, int newmapping); + int (*mpo_check_vnode_op)(struct ucred *cred, struct vnode *vp, + struct label *label, int op); int (*mpo_check_vnode_open)(struct ucred *cred, struct vnode *vp, struct label *label, mode_t acc_mode); int (*mpo_check_vnode_readdir)(struct ucred *cred, @@ -320,10 +324,6 @@ struct mac_policy_ops { struct timespec atime, struct timespec mtime); int (*mpo_check_vnode_stat)(struct ucred *cred, struct vnode *vp, struct label *label); - vm_prot_t (*mpo_check_vnode_mmap_perms)(struct ucred *cred, - struct vnode *vp, struct label *label, int newmapping); - int (*mpo_check_vnode_op)(struct ucred *cred, struct vnode *vp, - struct label *label, int op); }; typedef const void *macop_t; @@ -425,6 +425,8 @@ enum mac_op_constant { MAC_CHECK_VNODE_GETACL, MAC_CHECK_VNODE_GETEXTATTR, MAC_CHECK_VNODE_LOOKUP, + MAC_CHECK_VNODE_MMAP_PERMS, + MAC_CHECK_VNODE_OP, MAC_CHECK_VNODE_OPEN, MAC_CHECK_VNODE_READDIR, MAC_CHECK_VNODE_READLINK, @@ -439,8 +441,6 @@ enum mac_op_constant { MAC_CHECK_VNODE_SETOWNER, MAC_CHECK_VNODE_SETUTIMES, MAC_CHECK_VNODE_STAT, - MAC_CHECK_VNODE_MMAP_PERMS, - MAC_CHECK_VNODE_OP, }; struct mac_policy_op_entry { diff --git a/sys/sys/mac_policy.h b/sys/sys/mac_policy.h index d2d8833..f38c017 100644 --- a/sys/sys/mac_policy.h +++ b/sys/sys/mac_policy.h @@ -284,6 +284,10 @@ struct mac_policy_ops { int (*mpo_check_vnode_lookup)(struct ucred *cred, struct vnode *dvp, struct label *dlabel, struct componentname *cnp); + vm_prot_t (*mpo_check_vnode_mmap_perms)(struct ucred *cred, + struct vnode *vp, struct label *label, int newmapping); + int (*mpo_check_vnode_op)(struct ucred *cred, struct vnode *vp, + struct label *label, int op); int (*mpo_check_vnode_open)(struct ucred *cred, struct vnode *vp, struct label *label, mode_t acc_mode); int (*mpo_check_vnode_readdir)(struct ucred *cred, @@ -320,10 +324,6 @@ struct mac_policy_ops { struct timespec atime, struct timespec mtime); int (*mpo_check_vnode_stat)(struct ucred *cred, struct vnode *vp, struct label *label); - vm_prot_t (*mpo_check_vnode_mmap_perms)(struct ucred *cred, - struct vnode *vp, struct label *label, int newmapping); - int (*mpo_check_vnode_op)(struct ucred *cred, struct vnode *vp, - struct label *label, int op); }; typedef const void *macop_t; @@ -425,6 +425,8 @@ enum mac_op_constant { MAC_CHECK_VNODE_GETACL, MAC_CHECK_VNODE_GETEXTATTR, MAC_CHECK_VNODE_LOOKUP, + MAC_CHECK_VNODE_MMAP_PERMS, + MAC_CHECK_VNODE_OP, MAC_CHECK_VNODE_OPEN, MAC_CHECK_VNODE_READDIR, MAC_CHECK_VNODE_READLINK, @@ -439,8 +441,6 @@ enum mac_op_constant { MAC_CHECK_VNODE_SETOWNER, MAC_CHECK_VNODE_SETUTIMES, MAC_CHECK_VNODE_STAT, - MAC_CHECK_VNODE_MMAP_PERMS, - MAC_CHECK_VNODE_OP, }; struct mac_policy_op_entry { |
