Date: Tue, 14 Jan 2003 00:48:11 -0800 (PST) From: Chris Costello <chris@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 23728 for review Message-ID: <200301140848.h0E8mB6C091182@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=23728 Change 23728 by chris@chris_holly on 2003/01/14 00:47:34 Complete the file system objects and IPC objects' labeling event operations sections. Affected files ... .. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/developers-handbook/mac/chapter.sgml#29 edit Differences ... ==== //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/developers-handbook/mac/chapter.sgml#29 (text+ko) ==== @@ -1918,6 +1918,55 @@ file system is mounted, regenerated, or a new device is made available.</para> </sect4> + + <sect4 id="mac-mpo-create-devfs-directory"> + <title><function>&mac.mpo;_create_devfs_directory</function></title> + + <funcsynopsis> + <funcprototype> + <funcdef>void + <function>&mac.mpo;_create_devfs_directory</function></funcdef> + + <paramdef>char *<parameter>dirname</parameter></paramdef> + <paramdef>int <parameter>dirnamelen</parameter></paramdef> + <paramdef>struct devfs_dirent + *<parameter>devfs_dirent</parameter></paramdef> + <paramdef>struct label + *<parameter>label</parameter></paramdef> + </funcprototype> + </funcsynopsis> + + <informaltable> + <tgroup cols="3"> + &mac.thead; + + <tbody> + <row> + <entry><parameter>dirname</parameter></entry> + <entry>Name of directory being created</entry> + </row> + + <row> + <entry><parameter>namelen</parameter></entry> + <entry>Length of string + <parameter>dirname</parameter></entry> + </row> + + <row> + <entry><parameter>devfs_dirent</parameter></entry> + <entry>Devfs directory entry for directory being + created.</entry> + </row> + </tbody> + </tgroup> + </informaltable> + + <para>Fill out the label on a devfs_dirent being created for + the passed directory. This call will be made when the device + file system is mounted, regenerated, or a new device + requiring a specific directory hierarchy is made + available.</para> + </sect4> <sect4 id="mac-mpo-create-devfs-symlink"> <title><function>&mac.mpo;_create_devfs_symlink</function></title> @@ -1986,55 +2035,91 @@ a newly created &man.devfs.5; symbolic link entry.</para> </sect4> - <sect4 id="mac-mpo-create-devfs-directory"> - <title><function>&mac.mpo;_create_devfs_directory</function></title> - + <sect4 id="mac-mpo-create-vnode-extattr"> + <title><function>&mac.mpo;_create_vnode_extattr</function></title> + <funcsynopsis> <funcprototype> - <funcdef>void - <function>&mac.mpo;_create_devfs_directory</function></funcdef> - - <paramdef>char *<parameter>dirname</parameter></paramdef> - <paramdef>int <parameter>dirnamelen</parameter></paramdef> - <paramdef>struct devfs_dirent - *<parameter>devfs_dirent</parameter></paramdef> + <funcdef>int + <function>&mac.mpo;_create_vnode_extattr</function></funcdef> + + <paramdef>struct ucred + *<parameter>cred</parameter></paramdef> + <paramdef>struct mount + *<parameter>mp</parameter></paramdef> + <paramdef>struct label + *<parameter>fslabel</parameter></paramdef> + <paramdef>struct vnode + *<parameter>dvp</parameter></paramdef> + <paramdef>struct label + *<parameter>dlabel</parameter></paramdef> + <paramdef>struct vnode + *<parameter>vp</parameter></paramdef> <paramdef>struct label - *<parameter>label</parameter></paramdef> + *<parameter>vlabel</parameter></paramdef> + <paramdef>struct componentname + *<parameter>cnp</parameter></paramdef> </funcprototype> </funcsynopsis> - + <informaltable> <tgroup cols="3"> &mac.thead; - + <tbody> <row> - <entry><parameter>dirname</parameter></entry> - <entry>Name of directory being created</entry> + <entry><parameter>cred</parameter></entry> + <entry>Subject credential</entry> + </row> + + <row> + <entry><parameter>mount</parameter></entry> + <entry>File system mount point</entry> + </row> + + <row> + <entry><parameter>label</parameter></entry> + <entry>File system label</entry> + </row> + + <row> + <entry><parameter>dvp</parameter></entry> + <entry>Parent directory vnode</entry> + </row> + + <row> + <entry><parameter>dlabel</parameter></entry> + <entry>Label associated with + <parameter>dvp</parameter></entry> + </row> + + <row> + <entry><parameter>vp</parameter></entry> + <entry>Newly created vnode</entry> </row> - + <row> - <entry><parameter>namelen</parameter></entry> - <entry>Length of string - <parameter>dirname</parameter></entry> + <entry><parameter>vlabel</parameter></entry> + <entry>Policy label associated with + <parameter>vp</parameter></entry> </row> - + <row> - <entry><parameter>devfs_dirent</parameter></entry> - <entry>Devfs directory entry for directory being - created.</entry> + <entry><parameter>cnp</parameter></entry> + <entry>Component name for + <parameter>vp</parameter></entry> </row> </tbody> </tgroup> </informaltable> - - <para>Fill out the label on a devfs_dirent being created for - the passed directory. This call will be made when the device - file system is mounted, regenerated, or a new device - requiring a specific directory hierarchy is made - available.</para> + + <para>Write out the label for <parameter>vp</parameter> to + the appropriate extended attribute. If the write + succeeds, fill in <parameter>vlabel</parameter> with the + label, and return <returnvalue>0</returnvalue>. Otherwise, + return an appropriate error.</para> </sect4> - + <sect4 id="mac-mpo-create-mount"> <title><function>&mac.mpo;_create_mount</function></title> @@ -2127,92 +2212,59 @@ &mac.mpo;_create_mount;.</para> </sect4> - <sect4 id="mac-mpo-create-vnode-extattr"> - <title><function>&mac.mpo;_create_vnode_extattr</function></title> - + <sect4 id="mac-mpo-relabel-vnode"> + <title><function>&mac.mpo;_relabel_vnode</function></title> + <funcsynopsis> <funcprototype> - <funcdef>int - <function>&mac.mpo;_create_vnode_extattr</function></funcdef> - + <funcdef>void + <function>&mac.mpo;_relabel_vnode</function></funcdef> + <paramdef>struct ucred *<parameter>cred</parameter></paramdef> - <paramdef>struct mount - *<parameter>mp</parameter></paramdef> - <paramdef>struct label - *<parameter>fslabel</parameter></paramdef> <paramdef>struct vnode - *<parameter>dvp</parameter></paramdef> + *<parameter>vp</parameter></paramdef> <paramdef>struct label - *<parameter>dlabel</parameter></paramdef> - <paramdef>struct vnode - *<parameter>vp</parameter></paramdef> + *<parameter>vnodelabel</parameter></paramdef> <paramdef>struct label - *<parameter>vlabel</parameter></paramdef> - <paramdef>struct componentname - *<parameter>cnp</parameter></paramdef> + *<parameter>newlabel</parameter></paramdef> </funcprototype> </funcsynopsis> - + <informaltable> <tgroup cols="3"> &mac.thead; - + <tbody> <row> <entry><parameter>cred</parameter></entry> <entry>Subject credential</entry> </row> - - <row> - <entry><parameter>mount</parameter></entry> - <entry>File system mount point</entry> - </row> - + <row> - <entry><parameter>label</parameter></entry> - <entry>File system label</entry> - </row> - - <row> - <entry><parameter>dvp</parameter></entry> - <entry>Parent directory vnode</entry> - </row> - - <row> - <entry><parameter>dlabel</parameter></entry> - <entry>Label associated with - <parameter>dvp</parameter></entry> - </row> - - <row> <entry><parameter>vp</parameter></entry> - <entry>Newly created vnode</entry> + <entry>vnode to relabel</entry> </row> - + <row> - <entry><parameter>vlabel</parameter></entry> - <entry>Policy label associated with + <entry><parameter>vnodelabel</parameter></entry> + <entry>Existing policy label for <parameter>vp</parameter></entry> </row> - + <row> - <entry><parameter>cnp</parameter></entry> - <entry>Component name for - <parameter>vp</parameter></entry> + <entry><parameter>newlabel</parameter></entry> + <entry>New, possibly partial label to replace + <parameter>vnodelabel</parameter></entry> </row> </tbody> </tgroup> </informaltable> - - <para>Write out the label for <parameter>vp</parameter> to - the appropriate extended attribute. If the write - succeeds, fill in <parameter>vlabel</parameter> with the - label, and return <returnvalue>0</returnvalue>. Otherwise, - return an appropriate error.</para> + + <para>Update the label on the passed vnode given the passed + update vnode label and the passed subject credential.</para> </sect4> - <sect4 id="mac-mpo-setlabel-vnode-extattr"> <title><function>&mac.mpo;_setlabel_vnode_extattr</function></title> @@ -2481,8 +2533,60 @@ created.</para> </sect4> + <sect4 id="mac-mpo-create-socket-from-socket"> + <title><function>&mac.mpo;_create_socket_from_socket</function></title> + + <funcsynopsis> + <funcprototype> + <funcdef>void + <function>&mac.mpo;_create_socket_from_socket</function></funcdef> + + <paramdef>struct socket + *<parameter>oldsocket</parameter></paramdef> + <paramdef>struct label + *<parameter>oldsocketlabel</parameter></paramdef> + <paramdef>struct socket + *<parameter>newsocket</parameter></paramdef> + <paramdef>struct label + *<parameter>newsocketlabel</parameter></paramdef> + </funcprototype> + </funcsynopsis> + + <informaltable> + <tgroup cols="3"> + &mac.thead; + + <tbody> + <row> + <entry><parameter>oldsocket</parameter></entry> + <entry>Listening socket</entry> + </row> + <row> + <entry><parameter>oldsocketlabel</parameter></entry> + <entry>Policy label associated with + <parameter>oldsocket</parameter></entry> + </row> + <row> + <entry><parameter>newsocket</parameter></entry> + <entry>New socket</entry> + </row> + + <row> + <entry><parameter>newsocketlabel</parameter></entry> + <entry>Policy label associated with + <parameter>newsocketlabel</parameter></entry> + </row> + </tbody> + </tgroup> + </informaltable> + + <para>Label a socket, <parameter>newsocket</parameter>, + newly &man.accept.2;ed, based on the &man.listen.2; + socket, <parameter>oldsocket</parameter>.</para> + </sect4> + <sect4 id="mac-mpo-relabel-pipe"> <title><function>&mac.mpo;_relabel_pipe</function></title> @@ -7234,59 +7338,6 @@ calls are not permitted to fail (failure should be reported earlier in the relabel check).</para> - <sect3 id="mac-mpo-relabel-vnode"> - <title><function>&mac.mpo;_relabel_vnode</function></title> - - <funcsynopsis> - <funcprototype> - <funcdef>void - <function>&mac.mpo;_relabel_vnode</function></funcdef> - - <paramdef>struct ucred - *<parameter>cred</parameter></paramdef> - <paramdef>struct vnode - *<parameter>vp</parameter></paramdef> - <paramdef>struct label - *<parameter>vnodelabel</parameter></paramdef> - <paramdef>struct label - *<parameter>newlabel</parameter></paramdef> - </funcprototype> - </funcsynopsis> - - <informaltable> - <tgroup cols="3"> - &mac.thead; - - <tbody> - <row> - <entry><parameter>cred</parameter></entry> - <entry>Subject credential</entry> - </row> - - <row> - <entry><parameter>vp</parameter></entry> - <entry>vnode to relabel</entry> - </row> - - <row> - <entry><parameter>vnodelabel</parameter></entry> - <entry>Existing policy label for - <parameter>vp</parameter></entry> - </row> - - <row> - <entry><parameter>newlabel</parameter></entry> - <entry>New, possibly partial label to replace - <parameter>vnodelabel</parameter></entry> - </row> - </tbody> - </tgroup> - </informaltable> - - <para>Update the label on the passed vnode given the passed - update vnode label and the passed subject credential.</para> - </sect3> - <sect3 id="mac-mpo-destroy-vnode"> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200301140848.h0E8mB6C091182>