Date: Fri, 22 Aug 2003 10:25:24 -0700 (PDT) From: Andrew Reisse <areisse@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 36682 for review Message-ID: <200308221725.h7MHPOhb027030@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=36682 Change 36682 by areisse@areisse_tislabs on 2003/08/22 10:24:30 Fixed wrong common permission numbering in 36674. Added generated files whose source changed in 36674. Affected files ... .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/av_inherit.h#3 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/av_perm_to_string.h#3 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/av_permissions.h#4 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/class_to_string.h#3 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/common_perm_to_string.h#3 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/initial_sid_to_string.h#3 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/flask/mkaccess_vector.sh#4 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/av_inherit.h#3 (text+ko) ==== @@ -9,26 +9,26 @@ } av_inherit_t; static av_inherit_t av_inherit[] = { - { SECCLASS_DIR, common_file_perm_to_string, 0x00100000UL }, - { SECCLASS_FILE, common_file_perm_to_string, 0x00100000UL }, - { SECCLASS_LNK_FILE, common_file_perm_to_string, 0x00100000UL }, - { SECCLASS_CHR_FILE, common_file_perm_to_string, 0x00100000UL }, - { SECCLASS_BLK_FILE, common_file_perm_to_string, 0x00100000UL }, - { SECCLASS_SOCK_FILE, common_file_perm_to_string, 0x00100000UL }, - { SECCLASS_FIFO_FILE, common_file_perm_to_string, 0x00100000UL }, - { SECCLASS_SOCKET, common_socket_perm_to_string, 0x01000000UL }, - { SECCLASS_TCP_SOCKET, common_socket_perm_to_string, 0x01000000UL }, - { SECCLASS_UDP_SOCKET, common_socket_perm_to_string, 0x01000000UL }, - { SECCLASS_RAWIP_SOCKET, common_socket_perm_to_string, 0x01000000UL }, - { SECCLASS_NETLINK_SOCKET, common_socket_perm_to_string, 0x01000000UL }, - { SECCLASS_PACKET_SOCKET, common_socket_perm_to_string, 0x01000000UL }, - { SECCLASS_KEY_SOCKET, common_socket_perm_to_string, 0x01000000UL }, - { SECCLASS_UNIX_STREAM_SOCKET, common_socket_perm_to_string, 0x01000000UL }, - { SECCLASS_UNIX_DGRAM_SOCKET, common_socket_perm_to_string, 0x01000000UL }, - { SECCLASS_IPC, common_ipc_perm_to_string, 0x00000200UL }, - { SECCLASS_SEM, common_ipc_perm_to_string, 0x00000200UL }, - { SECCLASS_MSGQ, common_ipc_perm_to_string, 0x00000200UL }, - { SECCLASS_SHM, common_ipc_perm_to_string, 0x00000200UL }, + { SECCLASS_DIR, common_file_perm_to_string, 0x0000000000100000UL }, + { SECCLASS_FILE, common_file_perm_to_string, 0x0000000000100000UL }, + { SECCLASS_LNK_FILE, common_file_perm_to_string, 0x0000000000100000UL }, + { SECCLASS_CHR_FILE, common_file_perm_to_string, 0x0000000000100000UL }, + { SECCLASS_BLK_FILE, common_file_perm_to_string, 0x0000000000100000UL }, + { SECCLASS_SOCK_FILE, common_file_perm_to_string, 0x0000000000100000UL }, + { SECCLASS_FIFO_FILE, common_file_perm_to_string, 0x0000000000100000UL }, + { SECCLASS_SOCKET, common_socket_perm_to_string, 0x0000000001000000UL }, + { SECCLASS_TCP_SOCKET, common_socket_perm_to_string, 0x0000000001000000UL }, + { SECCLASS_UDP_SOCKET, common_socket_perm_to_string, 0x0000000001000000UL }, + { SECCLASS_RAWIP_SOCKET, common_socket_perm_to_string, 0x0000000001000000UL }, + { SECCLASS_NETLINK_SOCKET, common_socket_perm_to_string, 0x0000000001000000UL }, + { SECCLASS_PACKET_SOCKET, common_socket_perm_to_string, 0x0000000001000000UL }, + { SECCLASS_KEY_SOCKET, common_socket_perm_to_string, 0x0000000001000000UL }, + { SECCLASS_UNIX_STREAM_SOCKET, common_socket_perm_to_string, 0x0000000001000000UL }, + { SECCLASS_UNIX_DGRAM_SOCKET, common_socket_perm_to_string, 0x0000000001000000UL }, + { SECCLASS_IPC, common_ipc_perm_to_string, 0x0000000000000200UL }, + { SECCLASS_SEM, common_ipc_perm_to_string, 0x0000000000000200UL }, + { SECCLASS_MSGQ, common_ipc_perm_to_string, 0x0000000000000200UL }, + { SECCLASS_SHM, common_ipc_perm_to_string, 0x0000000000000200UL }, }; #define AV_INHERIT_SIZE (sizeof(av_inherit)/sizeof(av_inherit_t)) ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/av_perm_to_string.h#3 (text+ko) ==== @@ -91,14 +91,29 @@ { SECCLASS_SYSTEM, SYSTEM__SYSLOG_MOD, "syslog_mod" }, { SECCLASS_SYSTEM, SYSTEM__SYSLOG_CONSOLE, "syslog_console" }, { SECCLASS_CAPABILITY, CAPABILITY__CHOWN, "chown" }, - { SECCLASS_CAPABILITY, CAPABILITY__DAC_OVERRIDE, "dac_override" }, + { SECCLASS_CAPABILITY, CAPABILITY__DAC_EXECUTE, "dac_execute" }, + { SECCLASS_CAPABILITY, CAPABILITY__DAC_WRITE, "dac_write" }, { SECCLASS_CAPABILITY, CAPABILITY__DAC_READ_SEARCH, "dac_read_search" }, { SECCLASS_CAPABILITY, CAPABILITY__FOWNER, "fowner" }, { SECCLASS_CAPABILITY, CAPABILITY__FSETID, "fsetid" }, { SECCLASS_CAPABILITY, CAPABILITY__KILL, "kill" }, + { SECCLASS_CAPABILITY, CAPABILITY__LINK_DIR, "link_dir" }, + { SECCLASS_CAPABILITY, CAPABILITY__SETFCAP, "setfcap" }, { SECCLASS_CAPABILITY, CAPABILITY__SETGID, "setgid" }, { SECCLASS_CAPABILITY, CAPABILITY__SETUID, "setuid" }, + { SECCLASS_CAPABILITY, CAPABILITY__MAC_DOWNGRADE, "mac_downgrade" }, + { SECCLASS_CAPABILITY, CAPABILITY__MAC_READ, "mac_read" }, + { SECCLASS_CAPABILITY, CAPABILITY__MAC_RELABEL_SUBJ, "mac_relabel_subj" }, + { SECCLASS_CAPABILITY, CAPABILITY__MAC_UPGRADE, "mac_upgrade" }, + { SECCLASS_CAPABILITY, CAPABILITY__MAC_WRITE, "mac_write" }, + { SECCLASS_CAPABILITY, CAPABILITY__INF_NOFLOAT_OBJ, "inf_nofloat_obj" }, + { SECCLASS_CAPABILITY, CAPABILITY__INF_NOFLOAT_SUBJ, "inf_nofloat_subj" }, + { SECCLASS_CAPABILITY, CAPABILITY__INF_RELABEL_OBJ, "inf_relabel_obj" }, + { SECCLASS_CAPABILITY, CAPABILITY__INF_RELABEL_SUBJ, "inf_relabel_subj" }, + { SECCLASS_CAPABILITY, CAPABILITY__AUDIT_CONTROL, "audit_control" }, + { SECCLASS_CAPABILITY, CAPABILITY__AUDIT_WRITE, "audit_write" }, { SECCLASS_CAPABILITY, CAPABILITY__SETPCAP, "setpcap" }, + { SECCLASS_CAPABILITY, CAPABILITY__XXX_INVALID1, "xxx_invalid1" }, { SECCLASS_CAPABILITY, CAPABILITY__LINUX_IMMUTABLE, "linux_immutable" }, { SECCLASS_CAPABILITY, CAPABILITY__NET_BIND_SERVICE, "net_bind_service" }, { SECCLASS_CAPABILITY, CAPABILITY__NET_BROADCAST, "net_broadcast" }, ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/av_permissions.h#4 (text+ko) ==== ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/class_to_string.h#3 (text+ko) ==== ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/common_perm_to_string.h#3 (text+ko) ==== ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/initial_sid_to_string.h#3 (text+ko) ==== ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/flask/mkaccess_vector.sh#4 (text+ko) ==== @@ -136,7 +136,8 @@ } printf("\n") > outfile; - printf(" { SECCLASS_%s, common_%s_perm_to_string, 0x%08xUL },\n", toupper(tclass), inherits, permission) > inheritfile; + printf(" { SECCLASS_%s, common_%s_perm_to_string, 0x%08x%08xUL },\n", toupper(tclass), inherits, + permission>32 ? 2^(permission-33) : 0, permission<33 ? 2^(permission-1) : 0) > inheritfile; nextstate = "CLASS_OR_CLASS-OPENBRACKET"; next;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200308221725.h7MHPOhb027030>