Date: Mon, 28 Oct 2002 11:38:36 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 20300 for review Message-ID: <200210281938.g9SJcaN8022836@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=20300 Change 20300 by rwatson@rwatson_tislabs on 2002/10/28 11:38:32 struct oldmac is no longer required, so eliminate it. Enable the definitions of relevant structures in mac_biba and mac_mls. This eliminates policy-specific structures in the central MAC include files and implementation. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.h#11 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.h#12 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac.h#200 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.h#11 (text+ko) ==== @@ -60,8 +60,6 @@ #define MAC_BIBA_TYPE_EQUAL 4 /* Equivilent to any * MAC_BIBA_TYPE_LABEL. */ -#if 0 -/* XXXMAC: temporarily disabled because we still need struct oldmac. */ /* * Structures and constants associated with a Biba Integrity policy. * mac_biba represents a Biba label, with mb_type determining its properties, @@ -88,7 +86,6 @@ struct mac_biba_element mb_single; struct mac_biba_element mb_rangelow, mb_rangehigh; }; -#endif /* * Biba compartments bit test/set macros. ==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.h#12 (text+ko) ==== @@ -60,8 +60,6 @@ #define MAC_MLS_TYPE_EQUAL 4 /* Equivilent to any * MAC_MLS_TYPE_LABEL. */ -#if 0 -/* XXXMAC: temporarily disabled because we still need struct oldmac */ /* * Structures and constants associated with a Multi-Level Security policy. * mac_mls represents an MLS label, with mm_type determining its properties, @@ -93,7 +91,6 @@ struct mac_mls_element mm_single; struct mac_mls_element mm_rangelow, mm_rangehigh; }; -#endif /* * MLS compartments bit test/set macros. ==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#200 (text+ko) ==== @@ -108,54 +108,7 @@ int mac_syscall(const char *_policyname, int _call, void *_arg); int mac_to_text(mac_t mac, char **_text); -#endif /* !_KERNEL */ - -/* - * XXXMAC: For compatibility until the labels on disk are changed. We - * will enable the definitions in various policy include files once - * these can be disabled. - */ - -#define MAC_BIBA_MAX_COMPARTMENTS 256 - -struct mac_biba_element { - u_short mbe_type; - u_short mbe_grade; - u_char mbe_compartments[MAC_BIBA_MAX_COMPARTMENTS >> 3]; -}; - -struct mac_biba { - int mb_flags; - struct mac_biba_element mb_single; - struct mac_biba_element mb_rangelow, mb_rangehigh; -}; - -#define MAC_MLS_MAX_COMPARTMENTS 256 - -struct mac_mls_element { - u_short mme_type; - u_short mme_level; - u_char mme_compartments[MAC_MLS_MAX_COMPARTMENTS >> 3]; -}; - -struct mac_mls { - int mm_flags; - struct mac_mls_element mm_single; - struct mac_mls_element mm_rangelow, mm_rangehigh; -}; - -struct mac_sebsd { - uint32_t ms_psid; -}; - -struct oldmac { - int m_macflags; - struct mac_biba m_biba; - struct mac_mls m_mls; - struct mac_sebsd m_sebsd; -}; - -#ifdef _KERNEL +#else /* !_KERNEL */ /* * Kernel functions to manage and evaluate labels. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210281938.g9SJcaN8022836>