PERFORCE change 110131 for review
Todd Miller
millert at FreeBSD.org
Thu Nov 16 21:34:38 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=110131
Change 110131 by millert at millert_macbook on 2006/11/16 21:33:52
Implement mpo_file_check_fcntl
Affected files ...
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#46 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#46 (text+ko) ====
@@ -3146,6 +3146,35 @@
}
static int
+sebsd_file_check_fcntl(struct ucred *cred, struct fileglob *fg,
+ struct label *fglabel, int cmd, user_long_t arg)
+{
+ u_int32_t av = 0;
+
+ switch (cmd) {
+ case F_DUPFD:
+ case F_SETLK:
+ case F_SETLKW:
+ case F_GETLK:
+ case F_SETSIZE:
+ /* These are handled by their own entry points */
+ return (0);
+ case F_SETFL:
+ if (arg & O_APPEND)
+ av = FILE__WRITE;
+ break;
+ case F_PREALLOCATE:
+ av = FILE__WRITE;
+ break;
+ default:
+ /* Everything else just checks FD__USE */
+ break;
+ }
+
+ return (file_has_perm(cred, fg, fglabel, av));
+}
+
+static int
sebsd_file_check_get_offset(struct ucred *cred, struct fileglob *fg,
struct label *fglabel)
{
@@ -3517,6 +3546,7 @@
.mpo_devfs_label_update = sebsd_devfs_update,
.mpo_file_check_change_offset = sebsd_file_check_change_offset,
.mpo_file_check_dup = sebsd_file_check_dup,
+ .mpo_file_check_fcntl = sebsd_file_check_fcntl,
.mpo_file_check_get_offset = sebsd_file_check_get_offset,
.mpo_file_check_inherit = sebsd_file_check_receive,
.mpo_file_check_ioctl = sebsd_file_check_ioctl,
More information about the trustedbsd-cvs
mailing list