PERFORCE change 35049 for review

Robert Watson rwatson at FreeBSD.org
Sat Jul 26 19:09:22 GMT 2003 

http://perforce.freebsd.org/chv.cgi?CH=35049

Change 35049 by rwatson at rwatson_tislabs on 2003/07/26 12:09:20

	Since we're in the throes of moving towards explicit system
	calls and VOP's for each of the EA operations, and avoiding
	API overloading, introduce new MAC Framework and MAC Policy
	APIs to check for delete and list operations.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#239 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#192 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#239 (text+ko) ====

@@ -285,6 +285,8 @@
 	    struct vnode *vp, struct componentname *cnp);
 int	mac_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
 	    acl_type_t type);
+int	mac_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp,
+	    int attrnamespace, const char *name);
 int	mac_check_vnode_exec(struct ucred *cred, struct vnode *vp,
 	    struct image_params *imgp);
 int	mac_check_vnode_getacl(struct ucred *cred, struct vnode *vp,
@@ -293,6 +295,8 @@
 	    int attrnamespace, const char *name, struct uio *uio);
 int	mac_check_vnode_link(struct ucred *cred, struct vnode *dvp,
 	    struct vnode *vp, struct componentname *cnp);
+int	mac_check_vnode_listextattr(struct ucred *cred, struct vnode *vp,
+	    int attrnamespace);
 int	mac_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
  	    struct componentname *cnp);
 int	mac_check_vnode_mmap(struct ucred *cred, struct vnode *vp,

==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#192 (text+ko) ====

@@ -368,6 +368,9 @@
 		    struct componentname *cnp);
 	int	(*mpo_check_vnode_deleteacl)(struct ucred *cred,
 		    struct vnode *vp, struct label *label, acl_type_t type);
+	int	(*mpo_check_vnode_deleteextattr)(struct ucred *cred,
+		    struct vnode *vp, struct label *label, int attrnamespace,
+		    const char *name);
 	int	(*mpo_check_vnode_exec)(struct ucred *cred, struct vnode *vp,
 		    struct label *label, struct image_params *imgp,
 		    struct label *execlabel);
@@ -379,6 +382,8 @@
 	int	(*mpo_check_vnode_link)(struct ucred *cred, struct vnode *dvp,
 		    struct label *dlabel, struct vnode *vp,
 		    struct label *label, struct componentname *cnp);
+	int	(*mpo_check_vnode_listextattr)(struct ucred *cred,
+		    struct vnode *vp, struct label *label, int attrnamespace);
 	int	(*mpo_check_vnode_lookup)(struct ucred *cred,
 		    struct vnode *dvp, struct label *dlabel,
 		    struct componentname *cnp);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list