From ae9ef079952f9706d7848342f1e29b3be6818292 Mon Sep 17 00:00:00 2001 From: rwatson Date: Fri, 22 Dec 2006 23:34:47 +0000 Subject: Move src/sys/sys/mac_policy.h, the kernel interface between the MAC Framework and security modules, to src/sys/security/mac/mac_policy.h, completing the removal of kernel-only MAC Framework include files from src/sys/sys. Update the MAC Framework and MAC policy modules. Delete the old mac_policy.h. Third party policy modules will need similar updating. Obtained from: TrustedBSD Project --- sys/security/mac/mac_framework.c | 3 +-- sys/security/mac/mac_inet.c | 3 +-- sys/security/mac/mac_net.c | 3 +-- sys/security/mac/mac_pipe.c | 3 +-- sys/security/mac/mac_posix_sem.c | 3 +-- sys/security/mac/mac_priv.c | 2 +- sys/security/mac/mac_process.c | 3 +-- sys/security/mac/mac_socket.c | 3 +-- sys/security/mac/mac_syscalls.c | 3 +-- sys/security/mac/mac_system.c | 3 +-- sys/security/mac/mac_sysv_msg.c | 3 +-- sys/security/mac/mac_sysv_sem.c | 3 +-- sys/security/mac/mac_sysv_shm.c | 3 +-- sys/security/mac/mac_vfs.c | 3 +-- sys/security/mac_biba/mac_biba.c | 3 +-- sys/security/mac_bsdextended/mac_bsdextended.c | 3 +-- sys/security/mac_ifoff/mac_ifoff.c | 2 +- sys/security/mac_lomac/mac_lomac.c | 3 +-- sys/security/mac_mls/mac_mls.c | 3 +-- sys/security/mac_none/mac_none.c | 2 +- sys/security/mac_partition/mac_partition.c | 3 +-- sys/security/mac_portacl/mac_portacl.c | 2 +- sys/security/mac_seeotheruids/mac_seeotheruids.c | 2 +- sys/security/mac_stub/mac_stub.c | 2 +- sys/security/mac_test/mac_test.c | 2 +- 25 files changed, 25 insertions(+), 43 deletions(-) (limited to 'sys/security') diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c index a18b853..d5963d1 100644 --- a/sys/security/mac/mac_framework.c +++ b/sys/security/mac/mac_framework.c @@ -80,8 +80,6 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #include #include @@ -93,6 +91,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #ifdef MAC diff --git a/sys/security/mac/mac_inet.c b/sys/security/mac/mac_inet.c index d946bb9..c0b1c98 100644 --- a/sys/security/mac/mac_inet.c +++ b/sys/security/mac/mac_inet.c @@ -55,8 +55,6 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #include #include @@ -66,6 +64,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include static struct label * mac_inpcb_label_alloc(int flag) diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c index 95ad63b..e275a67 100644 --- a/sys/security/mac/mac_net.c +++ b/sys/security/mac/mac_net.c @@ -56,14 +56,13 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #include #include #include #include #include +#include /* * XXXRW: struct ifnet locking is incomplete in the network code, so we use diff --git a/sys/security/mac/mac_pipe.c b/sys/security/mac/mac_pipe.c index 44755ad..02860a4 100644 --- a/sys/security/mac/mac_pipe.c +++ b/sys/security/mac/mac_pipe.c @@ -47,10 +47,9 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #include #include +#include struct label * mac_pipe_label_alloc(void) diff --git a/sys/security/mac/mac_posix_sem.c b/sys/security/mac/mac_posix_sem.c index d730364..ba4d191 100644 --- a/sys/security/mac/mac_posix_sem.c +++ b/sys/security/mac/mac_posix_sem.c @@ -44,10 +44,9 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #include #include +#include static struct label * mac_posix_sem_label_alloc(void) diff --git a/sys/security/mac/mac_priv.c b/sys/security/mac/mac_priv.c index 9832e33..45a8c81 100644 --- a/sys/security/mac/mac_priv.c +++ b/sys/security/mac/mac_priv.c @@ -38,10 +38,10 @@ #include #include #include -#include #include #include +#include /* * The MAC Framework interacts with kernel privilege checks in two ways: it diff --git a/sys/security/mac/mac_process.c b/sys/security/mac/mac_process.c index 43c564e..f9c8e2e 100644 --- a/sys/security/mac/mac_process.c +++ b/sys/security/mac/mac_process.c @@ -62,10 +62,9 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #include #include +#include static int mac_mmap_revocation = 1; SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation, CTLFLAG_RW, diff --git a/sys/security/mac/mac_socket.c b/sys/security/mac/mac_socket.c index 2898519..1f12ea6 100644 --- a/sys/security/mac/mac_socket.c +++ b/sys/security/mac/mac_socket.c @@ -59,8 +59,6 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #include #include #include @@ -71,6 +69,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include /* * Currently, sockets hold two labels: the label of the socket itself, and a diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c index a18b853..d5963d1 100644 --- a/sys/security/mac/mac_syscalls.c +++ b/sys/security/mac/mac_syscalls.c @@ -80,8 +80,6 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #include #include @@ -93,6 +91,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #ifdef MAC diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c index b6ad192..6c95d3b 100644 --- a/sys/security/mac/mac_system.c +++ b/sys/security/mac/mac_system.c @@ -45,10 +45,9 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #include #include +#include /* * XXXRW: Some of these checks now duplicate privilege checks. However, diff --git a/sys/security/mac/mac_sysv_msg.c b/sys/security/mac/mac_sysv_msg.c index 6792b11..5044157 100644 --- a/sys/security/mac/mac_sysv_msg.c +++ b/sys/security/mac/mac_sysv_msg.c @@ -49,10 +49,9 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #include #include +#include static struct label * mac_sysv_msgmsg_label_alloc(void) diff --git a/sys/security/mac/mac_sysv_sem.c b/sys/security/mac/mac_sysv_sem.c index 726ea8d..8e981a7 100644 --- a/sys/security/mac/mac_sysv_sem.c +++ b/sys/security/mac/mac_sysv_sem.c @@ -49,10 +49,9 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #include #include +#include static struct label * mac_sysv_sem_label_alloc(void) diff --git a/sys/security/mac/mac_sysv_shm.c b/sys/security/mac/mac_sysv_shm.c index 3f91916..66940c9 100644 --- a/sys/security/mac/mac_sysv_shm.c +++ b/sys/security/mac/mac_sysv_shm.c @@ -49,10 +49,9 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #include #include +#include static struct label * mac_sysv_shm_label_alloc(void) diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c index b5901f9..c026aa8 100644 --- a/sys/security/mac/mac_vfs.c +++ b/sys/security/mac/mac_vfs.c @@ -66,12 +66,11 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #include #include #include +#include /* * Warn about EA transactions only the first time they happen. No locking on diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c index 5aa404c..490b660 100644 --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -81,8 +81,7 @@ #include #include -#include - +#include #include SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c index c32c514..8ed58d2 100644 --- a/sys/security/mac_bsdextended/mac_bsdextended.c +++ b/sys/security/mac_bsdextended/mac_bsdextended.c @@ -72,8 +72,7 @@ #include -#include - +#include #include static struct mtx mac_bsdextended_mtx; diff --git a/sys/security/mac_ifoff/mac_ifoff.c b/sys/security/mac_ifoff/mac_ifoff.c index c80d3dd..4814db2a 100644 --- a/sys/security/mac_ifoff/mac_ifoff.c +++ b/sys/security/mac_ifoff/mac_ifoff.c @@ -64,7 +64,7 @@ #include -#include +#include SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c index 3364b78..73a0226 100644 --- a/sys/security/mac_lomac/mac_lomac.c +++ b/sys/security/mac_lomac/mac_lomac.c @@ -77,8 +77,7 @@ #include -#include - +#include #include #include diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c index 2c4a67c..daa4e24 100644 --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -81,8 +81,7 @@ #include #include -#include - +#include #include SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_none/mac_none.c b/sys/security/mac_none/mac_none.c index d36d429..922a021 100644 --- a/sys/security/mac_none/mac_none.c +++ b/sys/security/mac_none/mac_none.c @@ -74,7 +74,7 @@ #include -#include +#include SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_partition/mac_partition.c b/sys/security/mac_partition/mac_partition.c index 5ce8d20..75d62b1 100644 --- a/sys/security/mac_partition/mac_partition.c +++ b/sys/security/mac_partition/mac_partition.c @@ -67,8 +67,7 @@ #include -#include - +#include #include SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_portacl/mac_portacl.c b/sys/security/mac_portacl/mac_portacl.c index 5218531..4277ad5 100644 --- a/sys/security/mac_portacl/mac_portacl.c +++ b/sys/security/mac_portacl/mac_portacl.c @@ -84,7 +84,7 @@ #include -#include +#include SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_seeotheruids/mac_seeotheruids.c b/sys/security/mac_seeotheruids/mac_seeotheruids.c index f8c02d2..39d60db 100644 --- a/sys/security/mac_seeotheruids/mac_seeotheruids.c +++ b/sys/security/mac_seeotheruids/mac_seeotheruids.c @@ -64,7 +64,7 @@ #include -#include +#include SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c index dee29e3..02da8f5 100644 --- a/sys/security/mac_stub/mac_stub.c +++ b/sys/security/mac_stub/mac_stub.c @@ -82,7 +82,7 @@ #include -#include +#include SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index d968ec9..b0bd07e 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -73,7 +73,7 @@ #include -#include +#include SYSCTL_DECL(_security_mac); -- cgit v1.1