diff options
| author | Robert Watson <rwatson@FreeBSD.org> | 2006-12-22 23:34:47 +0000 |
|---|---|---|
| committer | Robert Watson <rwatson@FreeBSD.org> | 2006-12-22 23:34:47 +0000 |
| commit | 0efd6615cd5f39b67cec82a7034e655f3b5801e3 (patch) | |
| tree | 5bd953ffcfacedca36999324a1d2c241c6ad3c78 /sys/security | |
| parent | 04b5b3b0be11ae6688ceca82a3e7675e8a701b39 (diff) | |
Move src/sys/sys/mac_policy.h, the kernel interface between the MAC
Framework and security modules, to src/sys/security/mac/mac_policy.h,
completing the removal of kernel-only MAC Framework include files from
src/sys/sys. Update the MAC Framework and MAC policy modules. Delete
the old mac_policy.h.
Third party policy modules will need similar updating.
Obtained from: TrustedBSD Project
Notes
Notes:
svn path=/head/; revision=165469
Diffstat (limited to 'sys/security')
25 files changed, 25 insertions, 43 deletions
diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c index a18b853f662e..d5963d1d1bf6 100644 --- a/sys/security/mac/mac_framework.c +++ b/sys/security/mac/mac_framework.c @@ -80,8 +80,6 @@ __FBSDID("$FreeBSD$"); #include <vm/vm_map.h> #include <vm/vm_object.h> -#include <sys/mac_policy.h> - #include <fs/devfs/devfs.h> #include <net/bpfdesc.h> @@ -93,6 +91,7 @@ __FBSDID("$FreeBSD$"); #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> #ifdef MAC diff --git a/sys/security/mac/mac_inet.c b/sys/security/mac/mac_inet.c index d946bb91bb2e..c0b1c9840d03 100644 --- a/sys/security/mac/mac_inet.c +++ b/sys/security/mac/mac_inet.c @@ -55,8 +55,6 @@ __FBSDID("$FreeBSD$"); #include <sys/socketvar.h> #include <sys/sysctl.h> -#include <sys/mac_policy.h> - #include <net/if.h> #include <net/if_var.h> @@ -66,6 +64,7 @@ __FBSDID("$FreeBSD$"); #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> static struct label * mac_inpcb_label_alloc(int flag) diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c index 95ad63b10172..e275a6705112 100644 --- a/sys/security/mac/mac_net.c +++ b/sys/security/mac/mac_net.c @@ -56,14 +56,13 @@ __FBSDID("$FreeBSD$"); #include <sys/socketvar.h> #include <sys/sysctl.h> -#include <sys/mac_policy.h> - #include <net/bpfdesc.h> #include <net/if.h> #include <net/if_var.h> #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> /* * XXXRW: struct ifnet locking is incomplete in the network code, so we use diff --git a/sys/security/mac/mac_pipe.c b/sys/security/mac/mac_pipe.c index 44755adfb015..02860a4d4e7a 100644 --- a/sys/security/mac/mac_pipe.c +++ b/sys/security/mac/mac_pipe.c @@ -47,10 +47,9 @@ __FBSDID("$FreeBSD$"); #include <sys/pipe.h> #include <sys/sysctl.h> -#include <sys/mac_policy.h> - #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> struct label * mac_pipe_label_alloc(void) diff --git a/sys/security/mac/mac_posix_sem.c b/sys/security/mac/mac_posix_sem.c index d7303645e83d..ba4d191e2108 100644 --- a/sys/security/mac/mac_posix_sem.c +++ b/sys/security/mac/mac_posix_sem.c @@ -44,10 +44,9 @@ __FBSDID("$FreeBSD$"); #include <sys/systm.h> #include <sys/sysctl.h> -#include <sys/mac_policy.h> - #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> static struct label * mac_posix_sem_label_alloc(void) diff --git a/sys/security/mac/mac_priv.c b/sys/security/mac/mac_priv.c index 9832e33a3fef..45a8c8129c7e 100644 --- a/sys/security/mac/mac_priv.c +++ b/sys/security/mac/mac_priv.c @@ -38,10 +38,10 @@ #include <sys/param.h> #include <sys/priv.h> #include <sys/module.h> -#include <sys/mac_policy.h> #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> /* * The MAC Framework interacts with kernel privilege checks in two ways: it diff --git a/sys/security/mac/mac_process.c b/sys/security/mac/mac_process.c index 43c564e81449..f9c8e2eb04fb 100644 --- a/sys/security/mac/mac_process.c +++ b/sys/security/mac/mac_process.c @@ -62,10 +62,9 @@ __FBSDID("$FreeBSD$"); #include <vm/vm_map.h> #include <vm/vm_object.h> -#include <sys/mac_policy.h> - #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> static int mac_mmap_revocation = 1; SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation, CTLFLAG_RW, diff --git a/sys/security/mac/mac_socket.c b/sys/security/mac/mac_socket.c index 28985197e4e3..1f12ea695f08 100644 --- a/sys/security/mac/mac_socket.c +++ b/sys/security/mac/mac_socket.c @@ -59,8 +59,6 @@ __FBSDID("$FreeBSD$"); #include <sys/socketvar.h> #include <sys/sysctl.h> -#include <sys/mac_policy.h> - #include <net/bpfdesc.h> #include <net/if.h> #include <net/if_var.h> @@ -71,6 +69,7 @@ __FBSDID("$FreeBSD$"); #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> /* * Currently, sockets hold two labels: the label of the socket itself, and a diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c index a18b853f662e..d5963d1d1bf6 100644 --- a/sys/security/mac/mac_syscalls.c +++ b/sys/security/mac/mac_syscalls.c @@ -80,8 +80,6 @@ __FBSDID("$FreeBSD$"); #include <vm/vm_map.h> #include <vm/vm_object.h> -#include <sys/mac_policy.h> - #include <fs/devfs/devfs.h> #include <net/bpfdesc.h> @@ -93,6 +91,7 @@ __FBSDID("$FreeBSD$"); #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> #ifdef MAC diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c index b6ad19264f26..6c95d3b6ce01 100644 --- a/sys/security/mac/mac_system.c +++ b/sys/security/mac/mac_system.c @@ -45,10 +45,9 @@ __FBSDID("$FreeBSD$"); #include <sys/vnode.h> #include <sys/sysctl.h> -#include <sys/mac_policy.h> - #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> /* * XXXRW: Some of these checks now duplicate privilege checks. However, diff --git a/sys/security/mac/mac_sysv_msg.c b/sys/security/mac/mac_sysv_msg.c index 6792b11b9c5e..5044157890dc 100644 --- a/sys/security/mac/mac_sysv_msg.c +++ b/sys/security/mac/mac_sysv_msg.c @@ -49,10 +49,9 @@ __FBSDID("$FreeBSD$"); #include <sys/sysctl.h> #include <sys/msg.h> -#include <sys/mac_policy.h> - #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> static struct label * mac_sysv_msgmsg_label_alloc(void) diff --git a/sys/security/mac/mac_sysv_sem.c b/sys/security/mac/mac_sysv_sem.c index 726ea8d26681..8e981a7dfc78 100644 --- a/sys/security/mac/mac_sysv_sem.c +++ b/sys/security/mac/mac_sysv_sem.c @@ -49,10 +49,9 @@ __FBSDID("$FreeBSD$"); #include <sys/sysctl.h> #include <sys/sem.h> -#include <sys/mac_policy.h> - #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> static struct label * mac_sysv_sem_label_alloc(void) diff --git a/sys/security/mac/mac_sysv_shm.c b/sys/security/mac/mac_sysv_shm.c index 3f919169a9eb..66940c9150e3 100644 --- a/sys/security/mac/mac_sysv_shm.c +++ b/sys/security/mac/mac_sysv_shm.c @@ -49,10 +49,9 @@ __FBSDID("$FreeBSD$"); #include <sys/sysctl.h> #include <sys/shm.h> -#include <sys/mac_policy.h> - #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> static struct label * mac_sysv_shm_label_alloc(void) diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c index b5901f9fbd3c..c026aa88f2b1 100644 --- a/sys/security/mac/mac_vfs.c +++ b/sys/security/mac/mac_vfs.c @@ -66,12 +66,11 @@ __FBSDID("$FreeBSD$"); #include <vm/vm_map.h> #include <vm/vm_object.h> -#include <sys/mac_policy.h> - #include <fs/devfs/devfs.h> #include <security/mac/mac_framework.h> #include <security/mac/mac_internal.h> +#include <security/mac/mac_policy.h> /* * Warn about EA transactions only the first time they happen. No locking on diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c index 5aa404c48b7f..490b66042451 100644 --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -81,8 +81,7 @@ #include <vm/uma.h> #include <vm/vm.h> -#include <sys/mac_policy.h> - +#include <security/mac/mac_policy.h> #include <security/mac_biba/mac_biba.h> SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c index c32c5146c342..8ed58d20f16e 100644 --- a/sys/security/mac_bsdextended/mac_bsdextended.c +++ b/sys/security/mac_bsdextended/mac_bsdextended.c @@ -72,8 +72,7 @@ #include <vm/vm.h> -#include <sys/mac_policy.h> - +#include <security/mac/mac_policy.h> #include <security/mac_bsdextended/mac_bsdextended.h> static struct mtx mac_bsdextended_mtx; diff --git a/sys/security/mac_ifoff/mac_ifoff.c b/sys/security/mac_ifoff/mac_ifoff.c index c80d3dd84941..4814db2ad889 100644 --- a/sys/security/mac_ifoff/mac_ifoff.c +++ b/sys/security/mac_ifoff/mac_ifoff.c @@ -64,7 +64,7 @@ #include <vm/vm.h> -#include <sys/mac_policy.h> +#include <security/mac/mac_policy.h> SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c index 3364b785b4f1..73a02269cca3 100644 --- a/sys/security/mac_lomac/mac_lomac.c +++ b/sys/security/mac_lomac/mac_lomac.c @@ -77,8 +77,7 @@ #include <vm/vm.h> -#include <sys/mac_policy.h> - +#include <security/mac/mac_policy.h> #include <security/mac/mac_framework.h> #include <security/mac_lomac/mac_lomac.h> diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c index 2c4a67cae9c5..daa4e24eb087 100644 --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -81,8 +81,7 @@ #include <vm/uma.h> #include <vm/vm.h> -#include <sys/mac_policy.h> - +#include <security/mac/mac_policy.h> #include <security/mac_mls/mac_mls.h> SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_none/mac_none.c b/sys/security/mac_none/mac_none.c index d36d4296f223..922a021ae514 100644 --- a/sys/security/mac_none/mac_none.c +++ b/sys/security/mac_none/mac_none.c @@ -74,7 +74,7 @@ #include <vm/vm.h> -#include <sys/mac_policy.h> +#include <security/mac/mac_policy.h> SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_partition/mac_partition.c b/sys/security/mac_partition/mac_partition.c index 5ce8d20d1821..75d62b11b17f 100644 --- a/sys/security/mac_partition/mac_partition.c +++ b/sys/security/mac_partition/mac_partition.c @@ -67,8 +67,7 @@ #include <vm/vm.h> -#include <sys/mac_policy.h> - +#include <security/mac/mac_policy.h> #include <security/mac_partition/mac_partition.h> SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_portacl/mac_portacl.c b/sys/security/mac_portacl/mac_portacl.c index 5218531cbed0..4277ad5319c2 100644 --- a/sys/security/mac_portacl/mac_portacl.c +++ b/sys/security/mac_portacl/mac_portacl.c @@ -84,7 +84,7 @@ #include <vm/vm.h> -#include <sys/mac_policy.h> +#include <security/mac/mac_policy.h> SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_seeotheruids/mac_seeotheruids.c b/sys/security/mac_seeotheruids/mac_seeotheruids.c index f8c02d2611f0..39d60db987ad 100644 --- a/sys/security/mac_seeotheruids/mac_seeotheruids.c +++ b/sys/security/mac_seeotheruids/mac_seeotheruids.c @@ -64,7 +64,7 @@ #include <vm/vm.h> -#include <sys/mac_policy.h> +#include <security/mac/mac_policy.h> SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c index dee29e324c4b..02da8f56261f 100644 --- a/sys/security/mac_stub/mac_stub.c +++ b/sys/security/mac_stub/mac_stub.c @@ -82,7 +82,7 @@ #include <vm/vm.h> -#include <sys/mac_policy.h> +#include <security/mac/mac_policy.h> SYSCTL_DECL(_security_mac); diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index d968ec93c7fc..b0bd07eaffd4 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -73,7 +73,7 @@ #include <vm/vm.h> -#include <sys/mac_policy.h> +#include <security/mac/mac_policy.h> SYSCTL_DECL(_security_mac); |