PERFORCE change 85932 for review
Todd Miller
millert at FreeBSD.org
Thu Oct 27 10:03:19 PDT 2005
http://perforce.freebsd.org/chv.cgi?CH=85932
Change 85932 by millert at millert_ibook on 2005/10/27 17:03:01
Fix the most egregious style nits. Other, more minor, ones remain.
Affected files ...
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#14 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#14 (text+ko) ====
@@ -480,29 +480,29 @@
static void
sebsd_destroy_cred_label(struct label *label)
{
- sebsd_free (SLOT(label));
- SLOT(label) = NULL;
+ sebsd_free (SLOT(label));
+ SLOT(label) = NULL;
}
static void
sebsd_destroy_vnode_label(struct label *label)
{
- sebsd_free (SLOT(label));
- SLOT(label) = NULL;
+ sebsd_free (SLOT(label));
+ SLOT(label) = NULL;
}
static void
sebsd_destroy_mount_label(struct label *label)
{
- sebsd_free (SLOT(label));
- SLOT(label) = NULL;
+ sebsd_free (SLOT(label));
+ SLOT(label) = NULL;
}
static void
sebsd_destroy_mount_fs_label(struct label *label)
{
- sebsd_free (SLOT(label));
- SLOT(label) = NULL;
+ sebsd_free (SLOT(label));
+ SLOT(label) = NULL;
}
#if 0
@@ -573,6 +573,7 @@
* currently uses a backing file pre-allocated with fixed-size
* attributes.
*/
+ struct vattr va;
char context[256];
u_int32_t context_len;
struct proc *p = current_proc();
@@ -614,13 +615,13 @@
}
#endif
- if (p == NULL || vp == NULL || vp->v_op == NULL || vp->v_tag != VT_HFS || vp->v_data == NULL)
- goto dosclass;
+ if (p == NULL || vp == NULL || vp->v_op == NULL ||
+ vp->v_tag != VT_HFS || vp->v_data == NULL)
+ goto dosclass;
- struct vattr va;
error = VOP_GETATTR (vp, &va, p->p_ucred, p);
if (error)
- goto dosclass;
+ goto dosclass;
error = security_context_to_sid(context, strlen(context), &vsec->sid);
if (error) {
@@ -632,16 +633,15 @@
dosclass:
/* TBD: */
vsec->sclass = vnode_type_to_security_class(vp->v_type);
- if (vsec->sclass == 0) {
+ if (vsec->sclass == 0)
printf("sebsd_update_vnode_from_extattr:: sclass is 0\n");
- }
return (0);
}
static void
sebsd_associate_vnode_singlelabel(struct mount *mp, struct label *fslabel,
- struct vnode *vp, struct label *vlabel)
+ struct vnode *vp, struct label *vlabel)
{
struct mount_fs_security_struct *sbsec;
struct vnode_security_struct *vsec;
@@ -650,14 +650,12 @@
vsec = SLOT(vlabel);
vsec->sclass = vnode_type_to_security_class(vp->v_type);
- if (sbsec == NULL)
- {
- if (vp->v_mount != NULL)
- printf ("create_vnode: no mount label for mnt=%s\n",
- vp->v_mount->mnt_stat.f_mntonname);
- }
- else
- vsec->sid = sbsec->sid;
+ if (sbsec == NULL) {
+ if (vp->v_mount != NULL)
+ printf ("create_vnode: no mount label for mnt=%s\n",
+ vp->v_mount->mnt_stat.f_mntonname);
+ } else
+ vsec->sid = sbsec->sid;
}
static void
@@ -676,16 +674,14 @@
/* Default to using the attributes from the parent process */
task->osid = parent->osid;
task->sid = parent->sid;
-
- return;
}
static void
-sebsd_create_task (struct task *parent, struct task *child, struct label *pl,
- struct label *chl, struct label *chpl)
+sebsd_create_task(struct task *parent, struct task *child, struct label *pl,
+ struct label *chl, struct label *chpl)
{
- sebsd_create_credlabels (pl, chl);
- sebsd_create_credlabels (pl, chpl);
+ sebsd_create_credlabels(pl, chl);
+ sebsd_create_credlabels(pl, chpl);
}
static void
@@ -702,15 +698,15 @@
}
static void
-sebsd_copy_cred_to_task (struct label *cred, struct label *task)
+sebsd_copy_cred_to_task(struct label *cred, struct label *task)
{
- struct task_security_struct *cl, *tl;
+ struct task_security_struct *cl, *tl;
- cl = SLOT(cred);
- tl = SLOT(task);
+ cl = SLOT(cred);
+ tl = SLOT(task);
- tl->osid = cl->osid;
- tl->sid = cl->sid;
+ tl->osid = cl->osid;
+ tl->sid = cl->sid;
}
@@ -728,13 +724,11 @@
task = SLOT(cred_child->cr_label);
if (parent == task)
- panic ("parent child equal");
+ panic ("parent child equal");
/* Default to using the attributes from the parent process */
task->osid = parent->osid;
task->sid = parent->sid;
-
- return;
}
static void
@@ -752,19 +746,22 @@
static void
sebsd_create_port (struct label *it, struct label *st, struct label *port)
{
- struct task_security_struct *its, *sts, *psec;
- int rc;
+ struct task_security_struct *its, *sts, *psec;
+ int error;
- its = SLOT (it);
- sts = SLOT (st);
- psec = SLOT (port);
+ its = SLOT(it);
+ sts = SLOT(st);
+ psec = SLOT(port);
- rc = security_change_sid (its->sid, sts->sid, SECCLASS_MACH_PORT, &psec->sid);
+ error = security_change_sid(its->sid, sts->sid, SECCLASS_MACH_PORT,
+ &psec->sid);
- /* default - label ports the same as owner process.
- This is consistent with other IPC objects. */
- if (rc)
- psec->sid = sts->sid;
+ /*
+ * On error label ports the same as owner process.
+ * This is consistent with other IPC objects.
+ */
+ if (error)
+ psec->sid = sts->sid;
}
static void
@@ -772,7 +769,7 @@
{
struct task_security_struct *psec;
- psec = SLOT (port);
+ psec = SLOT(port);
psec->sid = SECINITSID_KERNEL;
}
@@ -820,16 +817,13 @@
/* Default to the filesystem SID. */
dirent->sid = SECINITSID_DEVFS;
dirent->task_sid = SECINITSID_KERNEL;
- dirent->sclass =
- devfs_type_to_security_class(devfs_dirent->dn_type);
+ dirent->sclass = devfs_type_to_security_class(devfs_dirent->dn_type);
/* Obtain a SID based on the fstype, path, and class. */
path = sebsd_malloc(strlen(fullpath) + 2, M_ZERO | M_WAITOK);
path[0] = '/';
strcpy(&path[1], fullpath);
- rc = security_genfs_sid("devfs", path, dirent->sclass,
- &newsid);
-
+ rc = security_genfs_sid("devfs", path, dirent->sclass, &newsid);
if (rc == 0)
dirent->sid = newsid;
@@ -838,11 +832,11 @@
if (cr != NULL) {
struct task_security_struct *task = SLOT(cr->cr_label);
- /* XXX: uses the type specified by genfs instead of the parent directory
- like it should! */
- int error = security_transition_sid(task->sid, dirent->sid, dirent->sclass,
- &newsid);
- if (error == 0)
+ /* XXX: uses the type specified by genfs instead of the parent
+ directory like it should! */
+ rc = security_transition_sid(task->sid, dirent->sid,
+ dirent->sclass, &newsid);
+ if (rc == 0)
dirent->sid = newsid;
}
@@ -853,7 +847,7 @@
"dirent=%d\n", path,
rc, dirent->sclass, newsid, dirent->sid);
}
- sebsd_free (path);
+ sebsd_free(path);
}
#if 0
@@ -997,7 +991,7 @@
* which the filesystem will use if not a "multilabel" type.
*/
rc = security_fs_use(mp->mnt_vfc->vfc_name, &behavior, &sbsec->sid);
- if (rc) {
+ if (rc != 0) {
printf("sebsd_create_mount: security_fs_use(%s) returned %d\n",
mp->mnt_vfc->vfc_name, rc);
behavior = SECURITY_FS_USE_NONE;
@@ -1121,8 +1115,7 @@
vsec->sclass = tclass;
/* store label in vnode */
- error = security_sid_to_context(vsec->sid, &context,
- &context_len);
+ error = security_sid_to_context(vsec->sid, &context, &context_len);
if (error)
return (error);
@@ -1137,10 +1130,10 @@
#ifdef CAPABILITIES
static int
-sebsd_check_cap (struct ucred *cred, cap_value_t capv)
+sebsd_check_cap(struct ucred *cred, cap_value_t capv)
{
- return cred_has_capability (cred, capv);
+ return cred_has_capability(cred, capv);
}
#endif
@@ -1158,17 +1151,17 @@
tsec = SLOT(cred->cr_label);
if (nsec == NULL)
- return 0;
+ return 0;
rc = avc_has_perm_ref_audit(tsec->sid, tsec->sid, SECCLASS_PROCESS,
FILE__RELABELFROM, NULL, NULL);
if (rc)
- return (rc);
+ return (rc);
rc = avc_has_perm_audit(tsec->sid, nsec->sid, SECCLASS_PROCESS,
FILE__RELABELTO, NULL);
if (rc)
- return (rc);
+ return (rc);
/*
if (nsec != NULL && nsec->sid != tsec->sid)
@@ -1178,35 +1171,37 @@
}
static int
-sebsd_check_port_relabel(struct label *task, struct label *oldlabel, struct label *newlabel)
+sebsd_check_port_relabel(struct label *task, struct label *oldlabel,
+ struct label *newlabel)
{
- struct task_security_struct *tsec, *olds, *news;
- int rc;
+ struct task_security_struct *tsec, *olds, *news;
+ int rc;
- news = SLOT(newlabel);
- olds = SLOT(oldlabel);
- tsec = SLOT(task);
+ news = SLOT(newlabel);
+ olds = SLOT(oldlabel);
+ tsec = SLOT(task);
- rc = avc_has_perm_ref_audit (tsec->sid, olds->sid, SECCLASS_MACH_PORT,
- MACH_PORT__RELABELFROM, NULL, NULL);
- if (rc)
- return (rc);
+ rc = avc_has_perm_ref_audit(tsec->sid, olds->sid, SECCLASS_MACH_PORT,
+ MACH_PORT__RELABELFROM, NULL, NULL);
+ if (rc)
+ return (rc);
- rc = avc_has_perm_audit(tsec->sid, news->sid, SECCLASS_MACH_PORT,
- MACH_PORT__RELABELTO, NULL);
- if (rc)
- return (rc);
+ rc = avc_has_perm_audit(tsec->sid, news->sid, SECCLASS_MACH_PORT,
+ MACH_PORT__RELABELTO, NULL);
+ if (rc)
+ return (rc);
- return 0;
+ return 0;
}
#define CHECK_SIMPLE_PERM(func,class,perm) \
-static int sebsd_check_##func (struct label *task, struct label *port) \
+static int sebsd_check_##func(struct label *task, struct label *port) \
{ \
- struct task_security_struct *tsec, *psec; \
- psec = SLOT(port); \
- tsec = SLOT(task); \
- return avc_has_perm_ref_audit (tsec->sid, psec->sid, class, perm, NULL, NULL); \
+ struct task_security_struct *tsec, *psec; \
+ psec = SLOT(port); \
+ tsec = SLOT(task); \
+ return avc_has_perm_ref_audit (tsec->sid, psec->sid, class, \
+ perm, NULL, NULL); \
}
CHECK_SIMPLE_PERM(msg_send,SECCLASS_MACH_PORT,MACH_PORT__SEND);
@@ -1217,47 +1212,48 @@
extern struct policydb policydb;
static int
-sebsd_check_service_access (struct label *subj, struct label *obj,
- const char *s, const char * pn)
+sebsd_check_service_access(struct label *subj, struct label *obj,
+ const char *s, const char * pn)
{
- struct task_security_struct *tsec, *psec;
- struct class_datum *cld;
- struct perm_datum *p;
+ struct task_security_struct *tsec, *psec;
+ struct class_datum *cld;
+ struct perm_datum *p;
+
+ psec = SLOT(obj);
+ tsec = SLOT(subj);
- psec = SLOT(obj);
- tsec = SLOT(subj);
+ cld = hashtab_search (policydb.p_classes.table, s);
+ if (cld == NULL)
+ return EINVAL;
- cld = hashtab_search (policydb.p_classes.table, s);
- if (cld == NULL)
- return EINVAL;
-
- p = hashtab_search (cld->permissions.table, pn);
- if (p == NULL && cld->comdatum)
- p = hashtab_search (cld->comdatum->permissions.table, pn);
- if (p == NULL)
- return EINVAL;
+ p = hashtab_search (cld->permissions.table, pn);
+ if (p == NULL && cld->comdatum)
+ p = hashtab_search (cld->comdatum->permissions.table, pn);
+ if (p == NULL)
+ return EINVAL;
- return avc_has_perm_ref_audit (tsec->sid, psec->sid, cld->value, 1 << (p->value-1),
- NULL, NULL);
+ return avc_has_perm_ref_audit(tsec->sid, psec->sid, cld->value,
+ 1 << (p->value-1), NULL, NULL);
}
static int
sebsd_request_label (struct label *subj, struct label *obj, const char *s,
struct label *out)
{
- struct task_security_struct *tsec, *psec, *osec;
- struct class_datum *cld;
- struct perm_datum *p;
+ struct task_security_struct *tsec, *psec, *osec;
+ struct class_datum *cld;
+ struct perm_datum *p;
- psec = SLOT(obj);
- tsec = SLOT(subj);
- osec = SLOT(out);
+ psec = SLOT(obj);
+ tsec = SLOT(subj);
+ osec = SLOT(out);
- cld = hashtab_search (policydb.p_classes.table, s);
- if (cld == NULL)
- return EINVAL;
+ cld = hashtab_search (policydb.p_classes.table, s);
+ if (cld == NULL)
+ return EINVAL;
- return security_change_sid (tsec->sid, psec->sid, cld->value, &osec->sid);
+ return security_change_sid(tsec->sid, psec->sid, cld->value,
+ &osec->sid);
}
extern int selinux_enforcing;
@@ -1271,7 +1267,7 @@
psec = SLOT(obj);
tsec = SLOT(subj);
- return sebsd_check_ipc_method1 (tsec->sid,psec->sid, msgid);
+ return sebsd_check_ipc_method1(tsec->sid,psec->sid, msgid);
}
static int
@@ -1322,8 +1318,8 @@
}
static int
-sebsd_check_remount(struct ucred *cred, struct mount *mp, struct label *mntlabel,
- struct label *mount_arg_label)
+sebsd_check_remount(struct ucred *cred, struct mount *mp,
+ struct label *mntlabel, struct label *mount_arg_label)
{
/* cannot change labels on filesystems */
@@ -1391,7 +1387,7 @@
FIFO_FILE__RELABELTO, NULL, NULL);
/*
- * TBD: SELinux also check filesystem associate permission:
+ * TBD: SELinux also checks filesystem associate permission:
return avc_has_perm_audit(newsid,
sbsec->sid,
SECCLASS_FILESYSTEM,
@@ -1728,13 +1724,12 @@
if (dvp->v_mount) {
/* XXX: mpo_check_vnode_create should probably pass the mntlabel */
- sbsec = SLOT (dvp->v_mount->mnt_mntlabel);
- if (sbsec == NULL)
- {
- printf ("create_vnode: no mount label for mnt=%s\n",
+ sbsec = SLOT(dvp->v_mount->mnt_mntlabel);
+ if (sbsec == NULL) {
+ printf ("create_vnode: no mount label for mnt=%s\n",
dvp->v_mount->mnt_stat.f_mntonname);
- return 0;
- }
+ return 0;
+ }
rc = avc_has_perm_audit(newsid, sbsec->sid, SECCLASS_FILESYSTEM,
FILESYSTEM__ASSOCIATE, &ad);
if (rc)
@@ -1815,7 +1810,7 @@
file = SLOT(label);
if (execlabel == NULL) {
rc = security_transition_sid(task->sid, file->sid,
- SECCLASS_PROCESS, &newsid);
+ SECCLASS_PROCESS, &newsid);
if (rc)
return EACCES;
} else {
@@ -1923,8 +1918,8 @@
sebsd_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct componentname *cnp)
{
- if (dvp->v_type != VDIR)
- return ENOTDIR;
+ if (dvp->v_type != VDIR)
+ return ENOTDIR;
/* TBD: DIR__READ as well? */
return (vnode_has_perm(cred, dvp, DIR__SEARCH, NULL));
@@ -1935,18 +1930,19 @@
struct label *filelabel, int fmode)
{
int acc_mode = 0;
+
if (fmode & O_TRUNC)
- acc_mode |= VWRITE;
+ acc_mode |= VWRITE;
if (fmode & FWRITE)
- acc_mode |= VWRITE;
+ acc_mode |= VWRITE;
if (fmode & FREAD)
- acc_mode |= VREAD;
+ acc_mode |= VREAD;
if (!acc_mode)
return 0;
return (vnode_has_perm(cred, vp, file_mask_to_av(vp->v_type, acc_mode),
- NULL));
+ NULL));
}
static int
@@ -2016,7 +2012,7 @@
if (vp->v_mount) {
/* XXX: mpo_check_vnode_relabel should probably pass the mntlabel */
- sbsec = SLOT (vp->v_mount->mnt_mntlabel);
+ sbsec = SLOT(vp->v_mount->mnt_mntlabel);
rc = avc_has_perm_audit (new->sid, sbsec->sid, SECCLASS_FILESYSTEM,
FILESYSTEM__ASSOCIATE, &ad);
if (rc)
@@ -2202,7 +2198,6 @@
return vnode_has_perm(cred, vp, FILE__GETATTR, NULL);
}
-
/*
* TBD: LSM/SELinux doesn't have a nfsd hook
*/
@@ -2213,7 +2208,6 @@
return (0);
}
-
static int
sebsd_check_system_swapon(struct ucred *cred, struct vnode *vp,
struct label *vnodelabel)
@@ -2239,7 +2233,7 @@
size_t newlen)
{
- return (0);
+ return (0);
}
static int
@@ -2587,118 +2581,118 @@
extern int sebsd_syscall(struct proc *p, int call, void *args);
static struct mac_policy_ops sebsd_ops = {
- .mpo_init = sebsd_init,
- .mpo_init_bsd = sebsd_init_bsd,
- .mpo_init_cred_label = sebsd_init_cred_label,
- .mpo_init_task_label = sebsd_init_cred_label,
- .mpo_init_port_label = sebsd_init_cred_label,
- .mpo_init_vnode_label = sebsd_init_vnode_label,
- .mpo_init_devfsdirent_label = sebsd_init_devfs_label,
+ .mpo_init = sebsd_init,
+ .mpo_init_bsd = sebsd_init_bsd,
+ .mpo_init_cred_label = sebsd_init_cred_label,
+ .mpo_init_task_label = sebsd_init_cred_label,
+ .mpo_init_port_label = sebsd_init_cred_label,
+ .mpo_init_vnode_label = sebsd_init_vnode_label,
+ .mpo_init_devfsdirent_label = sebsd_init_devfs_label,
- .mpo_destroy = sebsd_destroy,
- .mpo_destroy_cred_label = sebsd_destroy_cred_label,
- .mpo_destroy_task_label = sebsd_destroy_cred_label,
- .mpo_destroy_port_label = sebsd_destroy_cred_label,
- .mpo_destroy_vnode_label = sebsd_destroy_vnode_label,
- .mpo_destroy_devfsdirent_label = sebsd_destroy_vnode_label,
+ .mpo_destroy = sebsd_destroy,
+ .mpo_destroy_cred_label = sebsd_destroy_cred_label,
+ .mpo_destroy_task_label = sebsd_destroy_cred_label,
+ .mpo_destroy_port_label = sebsd_destroy_cred_label,
+ .mpo_destroy_vnode_label = sebsd_destroy_vnode_label,
+ .mpo_destroy_devfsdirent_label = sebsd_destroy_vnode_label,
- .mpo_copy_cred_to_task = sebsd_copy_cred_to_task,
- .mpo_copy_vnode_label = sebsd_copy_vnode_label,
- .mpo_copy_devfs_label = sebsd_copy_vnode_label,
- .mpo_copy_port_label = sebsd_copy_port_label,
- .mpo_update_port_from_cred_label = sebsd_update_port_from_cred_label,
+ .mpo_copy_cred_to_task = sebsd_copy_cred_to_task,
+ .mpo_copy_vnode_label = sebsd_copy_vnode_label,
+ .mpo_copy_devfs_label = sebsd_copy_vnode_label,
+ .mpo_copy_port_label = sebsd_copy_port_label,
+ .mpo_update_port_from_cred_label = sebsd_update_port_from_cred_label,
- .mpo_internalize_cred_label = sebsd_internalize_cred_label,
- .mpo_externalize_cred_label = sebsd_externalize_cred_label,
- .mpo_externalize_cred_audit_label = sebsd_externalize_cred_label,
+ .mpo_internalize_cred_label = sebsd_internalize_cred_label,
+ .mpo_externalize_cred_label = sebsd_externalize_cred_label,
+ .mpo_externalize_cred_audit_label = sebsd_externalize_cred_label,
- .mpo_internalize_vnode_label = sebsd_internalize_vnode_label,
- .mpo_externalize_vnode_label = sebsd_externalize_vnode_label,
- .mpo_externalize_vnode_audit_label = sebsd_externalize_vnode_label,
+ .mpo_internalize_vnode_label = sebsd_internalize_vnode_label,
+ .mpo_externalize_vnode_label = sebsd_externalize_vnode_label,
+ .mpo_externalize_vnode_audit_label = sebsd_externalize_vnode_label,
- .mpo_relabel_cred = sebsd_relabel_cred,
- .mpo_relabel_vnode = sebsd_relabel_vnode,
+ .mpo_relabel_cred = sebsd_relabel_cred,
+ .mpo_relabel_vnode = sebsd_relabel_vnode,
- /* Create Labels */
+ /* Create Labels */
- .mpo_create_cred = sebsd_create_cred,
- .mpo_create_task = sebsd_create_task,
- .mpo_create_kernel_task = sebsd_create_kernel_task,
- .mpo_create_devfs_device = sebsd_create_devfs_device,
- .mpo_create_proc0 = sebsd_create_proc0,
- .mpo_create_proc1 = sebsd_create_proc1,
- .mpo_create_vnode_extattr = sebsd_create_vnode_extattr,
- .mpo_create_port = sebsd_create_port,
+ .mpo_create_cred = sebsd_create_cred,
+ .mpo_create_task = sebsd_create_task,
+ .mpo_create_kernel_task = sebsd_create_kernel_task,
+ .mpo_create_devfs_device = sebsd_create_devfs_device,
+ .mpo_create_proc0 = sebsd_create_proc0,
+ .mpo_create_proc1 = sebsd_create_proc1,
+ .mpo_create_vnode_extattr = sebsd_create_vnode_extattr,
+ .mpo_create_port = sebsd_create_port,
- .mpo_associate_vnode_singlelabel = sebsd_associate_vnode_singlelabel,
- .mpo_associate_vnode_extattr = sebsd_associate_vnode_extattr,
- .mpo_associate_vnode_devfs = sebsd_associate_vnode_devfs,
+ .mpo_associate_vnode_singlelabel = sebsd_associate_vnode_singlelabel,
+ .mpo_associate_vnode_extattr = sebsd_associate_vnode_extattr,
+ .mpo_associate_vnode_devfs = sebsd_associate_vnode_devfs,
- .mpo_request_object_label = sebsd_request_label,
+ .mpo_request_object_label = sebsd_request_label,
- /* Transition */
- .mpo_execve_will_transition = sebsd_execve_will_transition,
- .mpo_execve_transition = sebsd_execve_transition,
+ /* Transition */
+ .mpo_execve_will_transition = sebsd_execve_will_transition,
+ .mpo_execve_transition = sebsd_execve_transition,
- /* Checks */
- .mpo_check_service_access = sebsd_check_service_access,
- .mpo_check_cred_relabel = sebsd_check_cred_relabel,
- .mpo_check_port_relabel = sebsd_check_port_relabel,
+ /* Checks */
+ .mpo_check_service_access = sebsd_check_service_access,
+ .mpo_check_cred_relabel = sebsd_check_cred_relabel,
+ .mpo_check_port_relabel = sebsd_check_port_relabel,
/*
* The sebsd_check_msg_send is known to be broken
*/
-/* .mpo_check_port_send = sebsd_check_msg_send, */
+/* .mpo_check_port_send = sebsd_check_msg_send, */
- .mpo_check_port_make_send = sebsd_check_port_make_send,
- .mpo_check_port_copy_send = sebsd_check_port_copy_send,
- .mpo_check_port_move_receive = sebsd_check_port_move_recv,
- .mpo_check_proc_signal = sebsd_check_proc_signal,
- .mpo_check_vnode_access = sebsd_check_vnode_access,
- .mpo_check_vnode_chdir = sebsd_check_vnode_chdir,
- .mpo_check_vnode_chroot = sebsd_check_vnode_chroot,
- .mpo_check_vnode_create = sebsd_check_vnode_create,
- .mpo_check_vnode_delete = sebsd_check_vnode_delete,
- .mpo_check_vnode_exchangedata = sebsd_check_vnode_exchangedata,
- .mpo_check_vnode_exec = sebsd_check_vnode_exec,
+ .mpo_check_port_make_send = sebsd_check_port_make_send,
+ .mpo_check_port_copy_send = sebsd_check_port_copy_send,
+ .mpo_check_port_move_receive = sebsd_check_port_move_recv,
+ .mpo_check_proc_signal = sebsd_check_proc_signal,
+ .mpo_check_vnode_access = sebsd_check_vnode_access,
+ .mpo_check_vnode_chdir = sebsd_check_vnode_chdir,
+ .mpo_check_vnode_chroot = sebsd_check_vnode_chroot,
+ .mpo_check_vnode_create = sebsd_check_vnode_create,
+ .mpo_check_vnode_delete = sebsd_check_vnode_delete,
+ .mpo_check_vnode_exchangedata = sebsd_check_vnode_exchangedata,
+ .mpo_check_vnode_exec = sebsd_check_vnode_exec,
#ifdef EXTATTR
.mpo_check_vnode_getextattr = sebsd_check_vnode_getextattr,
.mpo_check_vnode_listextattr = NOT_IMPLEMENTED,
.mpo_check_vnode_deleteextattr = NOT_IMPLEMENTED,
#endif
- .mpo_check_vnode_getattrlist = sebsd_check_vnode_getattrlist,
- .mpo_check_vnode_link = sebsd_check_vnode_link,
- .mpo_check_vnode_lookup = sebsd_check_vnode_lookup,
- .mpo_check_vnode_mmap = sebsd_check_vnode_mmap,
- .mpo_check_vnode_open = sebsd_check_vnode_open,
- .mpo_check_vnode_poll = sebsd_check_vnode_poll,
- .mpo_check_vnode_read = sebsd_check_vnode_read,
- .mpo_check_vnode_readdir = sebsd_check_vnode_readdir,
- .mpo_check_vnode_readlink = sebsd_check_vnode_readlink,
- .mpo_check_vnode_relabel = sebsd_check_vnode_relabel,
- .mpo_check_vnode_rename_from = sebsd_check_vnode_rename_from,
- .mpo_check_vnode_rename_to = sebsd_check_vnode_rename_to,
- .mpo_check_vnode_revoke = sebsd_check_vnode_revoke,
- .mpo_check_vnode_setattrlist = sebsd_check_vnode_setattrlist,
+ .mpo_check_vnode_getattrlist = sebsd_check_vnode_getattrlist,
+ .mpo_check_vnode_link = sebsd_check_vnode_link,
+ .mpo_check_vnode_lookup = sebsd_check_vnode_lookup,
+ .mpo_check_vnode_mmap = sebsd_check_vnode_mmap,
+ .mpo_check_vnode_open = sebsd_check_vnode_open,
+ .mpo_check_vnode_poll = sebsd_check_vnode_poll,
+ .mpo_check_vnode_read = sebsd_check_vnode_read,
+ .mpo_check_vnode_readdir = sebsd_check_vnode_readdir,
+ .mpo_check_vnode_readlink = sebsd_check_vnode_readlink,
+ .mpo_check_vnode_relabel = sebsd_check_vnode_relabel,
+ .mpo_check_vnode_rename_from = sebsd_check_vnode_rename_from,
+ .mpo_check_vnode_rename_to = sebsd_check_vnode_rename_to,
+ .mpo_check_vnode_revoke = sebsd_check_vnode_revoke,
+ .mpo_check_vnode_setattrlist = sebsd_check_vnode_setattrlist,
#ifdef HAS_EXTATTRS
.mpo_check_vnode_setextattr = sebsd_check_vnode_setextattr,
#endif
- .mpo_check_vnode_setflags = sebsd_check_vnode_setflags,
- .mpo_check_vnode_setmode = sebsd_check_vnode_setmode,
- .mpo_check_vnode_setowner = sebsd_check_vnode_setowner,
- .mpo_check_vnode_setutimes = sebsd_check_vnode_setutimes,
- .mpo_check_vnode_stat = sebsd_check_vnode_stat,
- .mpo_check_vnode_write = sebsd_check_vnode_write,
+ .mpo_check_vnode_setflags = sebsd_check_vnode_setflags,
+ .mpo_check_vnode_setmode = sebsd_check_vnode_setmode,
+ .mpo_check_vnode_setowner = sebsd_check_vnode_setowner,
+ .mpo_check_vnode_setutimes = sebsd_check_vnode_setutimes,
+ .mpo_check_vnode_stat = sebsd_check_vnode_stat,
+ .mpo_check_vnode_write = sebsd_check_vnode_write,
- /* Mount Points */
- .mpo_init_mount_label = sebsd_init_mount_label,
- .mpo_init_mount_fs_label = sebsd_init_mount_fs_label,
- .mpo_create_mount = sebsd_create_mount,
- .mpo_destroy_mount_label = sebsd_destroy_mount_label,
- .mpo_destroy_mount_fs_label = sebsd_destroy_mount_fs_label,
+ /* Mount Points */
+ .mpo_init_mount_label = sebsd_init_mount_label,
+ .mpo_init_mount_fs_label = sebsd_init_mount_fs_label,
+ .mpo_create_mount = sebsd_create_mount,
+ .mpo_destroy_mount_label = sebsd_destroy_mount_label,
+ .mpo_destroy_mount_fs_label = sebsd_destroy_mount_fs_label,
- .mpo_setlabel_vnode_extattr = sebsd_setlabel_vnode_extattr,
+ .mpo_setlabel_vnode_extattr = sebsd_setlabel_vnode_extattr,
/* System V IPC Entry Points */
.mpo_init_sysv_sem_label = sebsd_init_sysv_label,
@@ -2719,9 +2713,9 @@
// .mpo_check_sysv_shmdt = sebsd_check_sysv_shmdt,
.mpo_check_sysv_shmget = sebsd_check_sysv_shmget,
- .mpo_check_ipc_method = sebsd_check_ipc_method,
+ .mpo_check_ipc_method = sebsd_check_ipc_method,
- .mpo_syscall = sebsd_syscall
+ .mpo_syscall = sebsd_syscall
};
@@ -2970,14 +2964,16 @@
};
#ifdef KEXT
-static kern_return_t kmod_start (kmod_info_t *ki, void *xd)
+static kern_return_t
+kmod_start (kmod_info_t *ki, void *xd)
{
- return mac_policy_register (&sebsd_mac_policy_conf);
+ return mac_policy_register(&sebsd_mac_policy_conf);
}
-static kern_return_t kmod_stop (kmod_info_t *ki, void *xd)
+static kern_return_t
+kmod_stop (kmod_info_t *ki, void *xd)
{
- return mac_policy_unregister (&sebsd_mac_policy_conf);
+ return mac_policy_unregister(&sebsd_mac_policy_conf);
}
extern kern_return_t _start(kmod_info_t *ki, void *data);
More information about the p4-projects
mailing list