summaryrefslogtreecommitdiffstats
path: root/sys/security/mac/mac_system.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/security/mac/mac_system.c')
-rw-r--r--sys/security/mac/mac_system.c56
1 files changed, 30 insertions, 26 deletions
diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c
index 380466e..588e019 100644
--- a/sys/security/mac/mac_system.c
+++ b/sys/security/mac/mac_system.c
@@ -1,5 +1,6 @@
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
+ * Copyright (c) 2006 SPARTA, Inc.
* Copyright (c) 2007 Robert N. M. Watson
* All rights reserved.
*
@@ -11,6 +12,9 @@
* Portions of this software were developed by Robert Watson for the
* TrustedBSD Project.
*
+ * This software was enhanced by SPARTA ISSO under SPAWAR contract
+ * N66001-04-C-6019 ("SEFOS").
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -63,116 +67,116 @@ __FBSDID("$FreeBSD$");
#include <security/mac/mac_policy.h>
int
-mac_check_kenv_dump(struct ucred *cred)
+mac_kenv_check_dump(struct ucred *cred)
{
int error;
- MAC_CHECK(check_kenv_dump, cred);
+ MAC_CHECK(kenv_check_dump, cred);
return (error);
}
int
-mac_check_kenv_get(struct ucred *cred, char *name)
+mac_kenv_check_get(struct ucred *cred, char *name)
{
int error;
- MAC_CHECK(check_kenv_get, cred, name);
+ MAC_CHECK(kenv_check_get, cred, name);
return (error);
}
int
-mac_check_kenv_set(struct ucred *cred, char *name, char *value)
+mac_kenv_check_set(struct ucred *cred, char *name, char *value)
{
int error;
- MAC_CHECK(check_kenv_set, cred, name, value);
+ MAC_CHECK(kenv_check_set, cred, name, value);
return (error);
}
int
-mac_check_kenv_unset(struct ucred *cred, char *name)
+mac_kenv_check_unset(struct ucred *cred, char *name)
{
int error;
- MAC_CHECK(check_kenv_unset, cred, name);
+ MAC_CHECK(kenv_check_unset, cred, name);
return (error);
}
int
-mac_check_kld_load(struct ucred *cred, struct vnode *vp)
+mac_kld_check_load(struct ucred *cred, struct vnode *vp)
{
int error;
- ASSERT_VOP_LOCKED(vp, "mac_check_kld_load");
+ ASSERT_VOP_LOCKED(vp, "mac_kld_check_load");
- MAC_CHECK(check_kld_load, cred, vp, vp->v_label);
+ MAC_CHECK(kld_check_load, cred, vp, vp->v_label);
return (error);
}
int
-mac_check_kld_stat(struct ucred *cred)
+mac_kld_check_stat(struct ucred *cred)
{
int error;
- MAC_CHECK(check_kld_stat, cred);
+ MAC_CHECK(kld_check_stat, cred);
return (error);
}
int
-mac_check_system_acct(struct ucred *cred, struct vnode *vp)
+mac_system_check_acct(struct ucred *cred, struct vnode *vp)
{
int error;
if (vp != NULL) {
- ASSERT_VOP_LOCKED(vp, "mac_check_system_acct");
+ ASSERT_VOP_LOCKED(vp, "mac_system_check_acct");
}
- MAC_CHECK(check_system_acct, cred, vp,
+ MAC_CHECK(system_check_acct, cred, vp,
vp != NULL ? vp->v_label : NULL);
return (error);
}
int
-mac_check_system_reboot(struct ucred *cred, int howto)
+mac_system_check_reboot(struct ucred *cred, int howto)
{
int error;
- MAC_CHECK(check_system_reboot, cred, howto);
+ MAC_CHECK(system_check_reboot, cred, howto);
return (error);
}
int
-mac_check_system_swapon(struct ucred *cred, struct vnode *vp)
+mac_system_check_swapon(struct ucred *cred, struct vnode *vp)
{
int error;
- ASSERT_VOP_LOCKED(vp, "mac_check_system_swapon");
+ ASSERT_VOP_LOCKED(vp, "mac_system_check_swapon");
- MAC_CHECK(check_system_swapon, cred, vp, vp->v_label);
+ MAC_CHECK(system_check_swapon, cred, vp, vp->v_label);
return (error);
}
int
-mac_check_system_swapoff(struct ucred *cred, struct vnode *vp)
+mac_system_check_swapoff(struct ucred *cred, struct vnode *vp)
{
int error;
- ASSERT_VOP_LOCKED(vp, "mac_check_system_swapoff");
+ ASSERT_VOP_LOCKED(vp, "mac_system_check_swapoff");
- MAC_CHECK(check_system_swapoff, cred, vp, vp->v_label);
+ MAC_CHECK(system_check_swapoff, cred, vp, vp->v_label);
return (error);
}
int
-mac_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
+mac_system_check_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
void *arg1, int arg2, struct sysctl_req *req)
{
int error;
@@ -181,7 +185,7 @@ mac_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
* XXXMAC: We would very much like to assert the SYSCTL_LOCK here,
* but since it's not exported from kern_sysctl.c, we can't.
*/
- MAC_CHECK(check_system_sysctl, cred, oidp, arg1, arg2, req);
+ MAC_CHECK(system_check_sysctl, cred, oidp, arg1, arg2, req);
return (error);
}
OpenPOWER on IntegriCloud