From 19777f08023deb4d6171525896812b717dd9c968 Mon Sep 17 00:00:00 2001
From: rwatson <rwatson@FreeBSD.org>
Date: Tue, 6 Feb 2007 14:19:25 +0000
Subject: Introduce accessor functions mac_label_get() and mac_label_set() to
 replace LABEL_TO_SLOT() macro used by policy modules to query and set label
 data in struct label.  Instead of using a union, store an intptr_t,
 simplifying the API.

Update policies: in most cases this required only small tweaks to current
wrapper macros.  In two cases, a single wrapper macros had to be split into
separate get and set macros.

Move struct label definition from _label.h to mac_internal.h and remove
_label.h.  With this change, policies may now treat struct label * as
opaque, allowing us to change the layout of struct label without breaking
the policy module ABI.  For example, we could make the maximum number of
policies with labels modifiable at boot-time rather than just at
compile-time.

Obtained from:	TrustedBSD Project
---
 sys/security/mac/mac_framework.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'sys/security/mac/mac_framework.h')

diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h
index 9f3ee33..4a95476 100644
--- a/sys/security/mac/mac_framework.h
+++ b/sys/security/mac/mac_framework.h
@@ -50,8 +50,6 @@
 #error "no user-serviceable parts inside"
 #endif
 
-#include <sys/_label.h>
-
 struct bpf_d;
 struct cdev;
 struct componentname;
@@ -62,6 +60,7 @@ struct image_params;
 struct inpcb;
 struct ipq;
 struct ksem;
+struct label;
 struct m_tag;
 struct mac;
 struct mbuf;
-- 
cgit v1.1