PERFORCE change 120603 for review
Robert Watson
rwatson at FreeBSD.org
Wed May 30 08:31:21 UTC 2007
http://perforce.freebsd.org/chv.cgi?CH=120603
Change 120603 by rwatson at rwatson_zoo on 2007/05/30 08:31:07
Revert all MAC files in the audit3 branch to their CVS state; pretty
much entirely merge and integration related duplicates.
Affected files ...
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#11 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.c#2 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.h#9 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_inet.c#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_internal.h#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_label.c#6 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_net.c#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_pipe.c#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_policy.h#9 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_posix_sem.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_priv.c#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_process.c#8 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_socket.c#8 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_syscalls.c#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_system.c#8 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_msg.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_sem.c#6 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_shm.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_vfs.c#11 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.c#13 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.h#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.c#13 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.h#4 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_ifoff/mac_ifoff.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.c#12 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.h#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.c#11 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.h#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_none/mac_none.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.c#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.h#2 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_portacl/mac_portacl.c#9 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_seeotheruids/mac_seeotheruids.c#8 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_stub/mac_stub.c#10 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_test/mac_test.c#12 integrate
Differences ...
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#11 (text+ko) ====
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
+ * Copyright (c) 1999-2002 Robert N. M. Watson
* Copyright (c) 2001 Ilmar S. Habibulin
* Copyright (c) 2001-2004 Networks Associates Technology, Inc.
*
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD$
+ * $FreeBSD: src/sys/security/mac/mac_audit.c,v 1.1 2007/04/21 22:08:47 rwatson Exp $
*/
#include <sys/param.h>
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.c#2 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.h#9 (text+ko) ====
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
+ * Copyright (c) 1999-2002 Robert N. M. Watson
* Copyright (c) 2001-2005 Networks Associates Technology, Inc.
* Copyright (c) 2005-2006 SPARTA, Inc.
* All rights reserved.
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_inet.c#7 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_internal.h#7 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_label.c#6 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_net.c#7 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_pipe.c#7 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_policy.h#9 (text+ko) ====
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
+ * Copyright (c) 1999-2002 Robert N. M. Watson
* Copyright (c) 2001-2005 Networks Associates Technology, Inc.
* Copyright (c) 2005-2006 SPARTA, Inc.
* All rights reserved.
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_posix_sem.c#5 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_priv.c#3 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_process.c#8 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_socket.c#8 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_syscalls.c#3 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_system.c#8 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_msg.c#5 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_sem.c#6 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_shm.c#5 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_vfs.c#11 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.c#13 (text+ko) ====
@@ -2483,50 +2483,6 @@
}
static int
-mac_biba_check_system_auditctl(struct ucred *cred, struct vnode *vp,
- struct label *vplabel)
-{
- struct mac_biba *subj, *obj;
- int error;
-
- if (!mac_biba_enabled)
- return (0);
-
- subj = SLOT(cred->cr_label);
-
- error = mac_biba_subject_privileged(subj);
- if (error)
- return (error);
-
- if (vplabel == NULL)
- return (0);
-
- obj = SLOT(vplabel);
- if (!mac_biba_high_effective(obj))
- return (EACCES);
-
- return (0);
-}
-
-static int
-mac_biba_check_system_auditon(struct ucred *cred, int cmd)
-{
- struct mac_biba *subj;
- int error;
-
- if (!mac_biba_enabled)
- return (0);
-
- subj = SLOT(cred->cr_label);
-
- error = mac_biba_subject_privileged(subj);
- if (error)
- return (error);
-
- return (0);
-}
-
-static int
mac_biba_check_system_auditon(struct ucred *cred, int cmd)
{
struct mac_biba *subj;
==== //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.h#3 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.c#13 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.h#4 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_ifoff/mac_ifoff.c#5 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.c#12 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.h#3 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.c#11 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.h#3 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_none/mac_none.c#5 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.c#7 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.h#2 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_portacl/mac_portacl.c#9 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_seeotheruids/mac_seeotheruids.c#8 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/mac_stub/mac_stub.c#10 (text+ko) ====
@@ -923,20 +923,6 @@
}
static int
-stub_check_proc_setaudit(struct ucred *cred, struct auditinfo *ai)
-{
-
- return (0);
-}
-
-static int
-stub_check_proc_setauid(struct ucred *cred, uid_t auid)
-{
-
- return (0);
-}
-
-static int
stub_check_proc_setuid(struct ucred *cred, uid_t uid)
{
@@ -1112,28 +1098,6 @@
}
static int
-stub_check_system_audit(struct ucred *cred, void *record, int length)
-{
-
- return (0);
-}
-
-static int
-stub_check_system_auditctl(struct ucred *cred, struct vnode *vp,
- struct label *vlabel)
-{
-
- return (0);
-}
-
-static int
-stub_check_system_auditon(struct ucred *cred, int cmd)
-{
-
- return (0);
-}
-
-static int
stub_check_system_auditctl(struct ucred *cred, struct vnode *vp,
struct label *vplabel)
{
@@ -1645,7 +1609,6 @@
.mpo_check_system_auditon = stub_check_system_auditon,
.mpo_check_system_reboot = stub_check_system_reboot,
.mpo_check_system_swapoff = stub_check_system_swapoff,
- .mpo_check_system_swapoff = stub_check_system_swapoff,
.mpo_check_system_swapon = stub_check_system_swapon,
.mpo_check_system_sysctl = stub_check_system_sysctl,
.mpo_check_vnode_access = stub_check_vnode_access,
==== //depot/projects/trustedbsd/audit3/sys/security/mac_test/mac_test.c#12 (text+ko) ====
@@ -1957,9 +1957,6 @@
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(check_system_audit);
- if (label != NULL) {
- ASSERT_VNODE_LABEL(label);
- }
return (0);
}
@@ -2001,7 +1998,7 @@
COUNTER_DECL(check_system_swapoff);
static int
-mac_test_check_system_swapon(struct ucred *cred, struct vnode *vp,
+mac_test_check_system_swapoff(struct ucred *cred, struct vnode *vp,
struct label *vplabel)
{
More information about the p4-projects
mailing list