diff options
author | Robert Watson <rwatson@FreeBSD.org> | 2002-08-02 20:33:05 +0000 |
---|---|---|
committer | Robert Watson <rwatson@FreeBSD.org> | 2002-08-02 20:33:05 +0000 |
commit | 01e990be896435b353485b6fa96f55ecbba2500c (patch) | |
tree | a79794f9a42683a3ada9e9f3a5f495d74f91c011 /sys | |
parent | 00f9e8b421562763c010b8eb9f95abce79362225 (diff) | |
download | src-01e990be896435b353485b6fa96f55ecbba2500c.tar.gz src-01e990be896435b353485b6fa96f55ecbba2500c.zip |
Improve ordering of MAC entry points in mac_policy_op structure.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Notes
Notes:
svn path=/head/; revision=101238
Diffstat (limited to 'sys')
-rw-r--r-- | sys/security/mac/mac_policy.h | 12 | ||||
-rw-r--r-- | sys/sys/mac_policy.h | 12 |
2 files changed, 12 insertions, 12 deletions
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h index d2d88333301b..f38c017a6adb 100644 --- a/sys/security/mac/mac_policy.h +++ b/sys/security/mac/mac_policy.h @@ -284,6 +284,10 @@ struct mac_policy_ops { int (*mpo_check_vnode_lookup)(struct ucred *cred, struct vnode *dvp, struct label *dlabel, struct componentname *cnp); + vm_prot_t (*mpo_check_vnode_mmap_perms)(struct ucred *cred, + struct vnode *vp, struct label *label, int newmapping); + int (*mpo_check_vnode_op)(struct ucred *cred, struct vnode *vp, + struct label *label, int op); int (*mpo_check_vnode_open)(struct ucred *cred, struct vnode *vp, struct label *label, mode_t acc_mode); int (*mpo_check_vnode_readdir)(struct ucred *cred, @@ -320,10 +324,6 @@ struct mac_policy_ops { struct timespec atime, struct timespec mtime); int (*mpo_check_vnode_stat)(struct ucred *cred, struct vnode *vp, struct label *label); - vm_prot_t (*mpo_check_vnode_mmap_perms)(struct ucred *cred, - struct vnode *vp, struct label *label, int newmapping); - int (*mpo_check_vnode_op)(struct ucred *cred, struct vnode *vp, - struct label *label, int op); }; typedef const void *macop_t; @@ -425,6 +425,8 @@ enum mac_op_constant { MAC_CHECK_VNODE_GETACL, MAC_CHECK_VNODE_GETEXTATTR, MAC_CHECK_VNODE_LOOKUP, + MAC_CHECK_VNODE_MMAP_PERMS, + MAC_CHECK_VNODE_OP, MAC_CHECK_VNODE_OPEN, MAC_CHECK_VNODE_READDIR, MAC_CHECK_VNODE_READLINK, @@ -439,8 +441,6 @@ enum mac_op_constant { MAC_CHECK_VNODE_SETOWNER, MAC_CHECK_VNODE_SETUTIMES, MAC_CHECK_VNODE_STAT, - MAC_CHECK_VNODE_MMAP_PERMS, - MAC_CHECK_VNODE_OP, }; struct mac_policy_op_entry { diff --git a/sys/sys/mac_policy.h b/sys/sys/mac_policy.h index d2d88333301b..f38c017a6adb 100644 --- a/sys/sys/mac_policy.h +++ b/sys/sys/mac_policy.h @@ -284,6 +284,10 @@ struct mac_policy_ops { int (*mpo_check_vnode_lookup)(struct ucred *cred, struct vnode *dvp, struct label *dlabel, struct componentname *cnp); + vm_prot_t (*mpo_check_vnode_mmap_perms)(struct ucred *cred, + struct vnode *vp, struct label *label, int newmapping); + int (*mpo_check_vnode_op)(struct ucred *cred, struct vnode *vp, + struct label *label, int op); int (*mpo_check_vnode_open)(struct ucred *cred, struct vnode *vp, struct label *label, mode_t acc_mode); int (*mpo_check_vnode_readdir)(struct ucred *cred, @@ -320,10 +324,6 @@ struct mac_policy_ops { struct timespec atime, struct timespec mtime); int (*mpo_check_vnode_stat)(struct ucred *cred, struct vnode *vp, struct label *label); - vm_prot_t (*mpo_check_vnode_mmap_perms)(struct ucred *cred, - struct vnode *vp, struct label *label, int newmapping); - int (*mpo_check_vnode_op)(struct ucred *cred, struct vnode *vp, - struct label *label, int op); }; typedef const void *macop_t; @@ -425,6 +425,8 @@ enum mac_op_constant { MAC_CHECK_VNODE_GETACL, MAC_CHECK_VNODE_GETEXTATTR, MAC_CHECK_VNODE_LOOKUP, + MAC_CHECK_VNODE_MMAP_PERMS, + MAC_CHECK_VNODE_OP, MAC_CHECK_VNODE_OPEN, MAC_CHECK_VNODE_READDIR, MAC_CHECK_VNODE_READLINK, @@ -439,8 +441,6 @@ enum mac_op_constant { MAC_CHECK_VNODE_SETOWNER, MAC_CHECK_VNODE_SETUTIMES, MAC_CHECK_VNODE_STAT, - MAC_CHECK_VNODE_MMAP_PERMS, - MAC_CHECK_VNODE_OP, }; struct mac_policy_op_entry { |