Date: Tue, 19 Jul 2005 02:16:17 GMT From: Samy Al Bahra <samy@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 80496 for review Message-ID: <200507190216.j6J2GHED007941@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=80496 Change 80496 by samy@samy_home on 2005/07/19 02:15:25 These changes introduce the __MAC_version define that was introduced to improve third-party security policy support as well as introduce the security.mac.version sysctl that will allow the ports system proper integration of our new MAC versioning scheme. Affected files ... .. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#445 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac.h#279 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#445 (text+ko) ==== @@ -102,6 +102,13 @@ SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); +/* + * Export the MAC API version counter. + */ +static int mac_version = __MAC_version; +SYSCTL_INT(_security_mac, OID_AUTO, version, CTLFLAG_RD, + &mac_version, 0, "MAC version"); + #if MAC_MAX_SLOTS > 32 #error "MAC_MAX_SLOTS too large" #endif ==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#279 (text+ko) ==== @@ -54,6 +54,21 @@ #endif /* + * __MAC_version must be incremented with every API or + * ABI change to the MAC framework. Once in a branch, + * changes may not break existing ABI in a forward + * compatible way. + * + * The scheme is: + * <major>XXXX + * + * The major of 99 is reserved as a linear counter for + * MAC changes in -HEAD. + */ +#undef __MAC_version +#define __MAC_version 990000 + +/* * MAC framework-related constants and limits. */ #define MAC_MAX_POLICY_NAME 32
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507190216.j6J2GHED007941>