From 3ce5d5484cfbe7bd6f19b66612d0a5582f13fab0 Mon Sep 17 00:00:00 2001
From: rwatson <rwatson@FreeBSD.org>
Date: Thu, 1 Aug 2002 01:33:12 +0000
Subject: Introduce support for Mandatory Access Control and extensible kernel
 access control.

Modify pseudofs so that it can support synthetic file systems with
the multilabel flag set.  In particular, implement vop_refreshlabel()
as pn_refreshlabel().  Implement pfs_refreshlabel() to invoke this,
and have it fall back to the mount label if the file system does
not implement pn_refreshlabel() for the node.  Otherwise, permit
the file system to determine how the service is provided.

Approved by:	des
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
---
 sys/fs/pseudofs/pseudofs.h | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'sys/fs/pseudofs/pseudofs.h')

diff --git a/sys/fs/pseudofs/pseudofs.h b/sys/fs/pseudofs/pseudofs.h
index 69044d0..05882bf 100644
--- a/sys/fs/pseudofs/pseudofs.h
+++ b/sys/fs/pseudofs/pseudofs.h
@@ -145,6 +145,15 @@ struct ucred;
 typedef int (*pfs_getextattr_t)(PFS_GETEXTATTR_ARGS);
 
 /*
+ * Getlabel callback
+ */
+#define	PFS_REFRESHLABEL_ARGS \
+	struct thread *td, struct proc *p, struct vnode *vp, \
+	struct pfs_node *pn, struct ucred *cred
+struct mac;
+typedef int (*pfs_refreshlabel_t)(PFS_REFRESHLABEL_ARGS);
+
+/*
  * Last-close callback
  */
 #define PFS_CLOSE_ARGS \
@@ -185,6 +194,7 @@ struct pfs_node {
 	pfs_attr_t		 pn_attr;
 	pfs_vis_t		 pn_vis;
 	pfs_getextattr_t	 pn_getextattr;
+	pfs_refreshlabel_t	 pn_refreshlabel;
 	void			*pn_data;
 	int			 pn_flags;
 
-- 
cgit v1.1