summaryrefslogtreecommitdiffstats
path: root/sys/security/mac/mac_policy.h
diff options
context:
space:
mode:
Diffstat (limited to 'sys/security/mac/mac_policy.h')
-rw-r--r--sys/security/mac/mac_policy.h12
1 files changed, 9 insertions, 3 deletions
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h
index 5463fa9..9bc28ad 100644
--- a/sys/security/mac/mac_policy.h
+++ b/sys/security/mac/mac_policy.h
@@ -286,10 +286,12 @@ struct mac_policy_ops {
struct componentname *cnp);
vm_prot_t (*mpo_check_vnode_mmap_perms)(struct ucred *cred,
struct vnode *vp, struct label *label, int newmapping);
- int (*mpo_check_vnode_op)(struct ucred *cred, struct vnode *vp,
- struct label *label, int op);
int (*mpo_check_vnode_open)(struct ucred *cred, struct vnode *vp,
struct label *label, mode_t acc_mode);
+ int (*mpo_check_vnode_poll)(struct ucred *cred, struct vnode *vp,
+ struct label *label);
+ int (*mpo_check_vnode_read)(struct ucred *cred, struct vnode *vp,
+ struct label *label);
int (*mpo_check_vnode_readdir)(struct ucred *cred,
struct vnode *dvp, struct label *dlabel);
int (*mpo_check_vnode_readlink)(struct ucred *cred,
@@ -324,6 +326,8 @@ struct mac_policy_ops {
struct timespec atime, struct timespec mtime);
int (*mpo_check_vnode_stat)(struct ucred *cred, struct vnode *vp,
struct label *label);
+ int (*mpo_check_vnode_write)(struct ucred *cred, struct vnode *vp,
+ struct label *label);
};
typedef const void *macop_t;
@@ -426,8 +430,9 @@ enum mac_op_constant {
MAC_CHECK_VNODE_GETEXTATTR,
MAC_CHECK_VNODE_LOOKUP,
MAC_CHECK_VNODE_MMAP_PERMS,
- MAC_CHECK_VNODE_OP,
MAC_CHECK_VNODE_OPEN,
+ MAC_CHECK_VNODE_POLL,
+ MAC_CHECK_VNODE_READ,
MAC_CHECK_VNODE_READDIR,
MAC_CHECK_VNODE_READLINK,
MAC_CHECK_VNODE_RELABEL,
@@ -441,6 +446,7 @@ enum mac_op_constant {
MAC_CHECK_VNODE_SETOWNER,
MAC_CHECK_VNODE_SETUTIMES,
MAC_CHECK_VNODE_STAT,
+ MAC_CHECK_VNODE_WRITE,
};
struct mac_policy_op_entry {
OpenPOWER on IntegriCloud