Date: Wed, 3 Jul 2002 21:26:37 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 13783 for review Message-ID: <200207040426.g644QbRE050707@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=13783 Change 13783 by rwatson@rwatson_tislabs on 2002/07/03 21:26:09 Teach mac_bsdextended to speak the mac_cred_check_access_vnode() entry point. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#31 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#31 (text+ko) ==== @@ -280,6 +280,22 @@ } static int +mac_bsdextended_cred_check_access_vnode(struct ucred *cred, struct vnode *vp, + struct mac *label, mode_t flags) +{ + struct vattr vap; + int error; + + if (!mac_bsdextended_enabled) + return (0); + + error = VOP_GETATTR(vp, &vap, cred, curthread); + if (error) + return (error); + return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, flags)); +} + +static int mac_bsdextended_cred_check_chdir_vnode(struct ucred *cred, struct vnode *dvp, struct mac *dlabel) { @@ -680,6 +696,8 @@ (macop_t)mac_bsdextended_cred_check_see_socket }, { MAC_CRED_CHECK_DEBUG_PROC, (macop_t)mac_bsdextended_cred_check_debug_proc }, + { MAC_CRED_CHECK_ACCESS_VNODE, + (macop_t)mac_bsdextended_cred_check_access_vnode }, { MAC_CRED_CHECK_CHDIR_VNODE, (macop_t)mac_bsdextended_cred_check_chdir_vnode }, { MAC_CRED_CHECK_CREATE_VNODE, To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207040426.g644QbRE050707>