Date: Tue, 12 Aug 2008 00:27:49 GMT From: "Christian S.J. Peron" <csjp@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 147195 for review Message-ID: <200808120027.m7C0RnQ5006230@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=147195 Change 147195 by csjp@ibm01 on 2008/08/12 00:27:25 Drop a Phoenix Down on to mac_chkexec and revive it from an unconscious state. This allows it to build. More goodies to follow. Submitted by: Samy Al Bahra Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac_chkexec/mac_chkexec.c#19 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac_chkexec/mac_chkexec.c#19 (text+ko) ==== @@ -47,6 +47,7 @@ #include <sys/tree.h> #include <sys/vnode.h> #include <sys/file.h> +#include <sys/fcntl.h> #include <sys/socket.h> #include <sys/socketvar.h> #include <sys/sysctl.h> @@ -60,10 +61,11 @@ #include <vm/vm.h> +#include <crypto/sha1.h> + #include <security/mac/mac_policy.h> -#include <security/mac_chkexec/mac_chkexec.h> +#include "mac_chkexec.h" -#include <crypto/sha1.h> /* * Prototypes @@ -79,12 +81,12 @@ static int mac_chkexec_set_vcsum(struct vnode *, struct mac_vcsum *); static int mac_chkexec_check(struct vnode *, struct ucred *); -static int mac_chkexec_check_vnode_exec(struct ucred *, +static int mac_chkexec_vnode_check_exec(struct ucred *, struct vnode *, struct label *, struct image_params *, struct label *); -static int mac_chkexec_check_vnode_mmap(struct ucred *, +static int mac_chkexec_vnode_check_mmap(struct ucred *, struct vnode *, struct label *, int, int); -static int mac_chkexec_check_kld_load(struct ucred *, +static int mac_chkexec_kld_check_load(struct ucred *, struct vnode *, struct label *); static int mac_chkexec_vpcmp(struct vcache *, struct vcache *); @@ -655,7 +657,7 @@ } static int -mac_chkexec_check_vnode_exec(struct ucred *cred, struct vnode *vp, +mac_chkexec_vnode_check_exec(struct ucred *cred, struct vnode *vp, struct label *label, struct image_params *imgp, struct label *execlabel) { @@ -669,7 +671,7 @@ } static int -mac_chkexec_check_vnode_mmap(struct ucred *cred, struct vnode *vp, +mac_chkexec_vnode_check_mmap(struct ucred *cred, struct vnode *vp, struct label *label, int prot, int flags) { int error; @@ -687,7 +689,7 @@ } static int -mac_chkexec_check_kld_load(struct ucred *cred, struct vnode *vp, +mac_chkexec_kld_check_load(struct ucred *cred, struct vnode *vp, struct label *vlabel) { int error; @@ -706,7 +708,7 @@ * with this inode. */ static int -mac_chkexec_check_vnode_open(struct ucred *cred, struct vnode *vp, +mac_chkexec_vnode_check_open(struct ucred *cred, struct vnode *vp, struct label *vnodelabel, int acc_mode) { @@ -720,7 +722,7 @@ } static int -mac_chkexec_check_vnode_delete(struct ucred *cred, struct vnode *dvp, +mac_chkexec_vnode_check_unlink(struct ucred *cred, struct vnode *dvp, struct label *dlabel, struct vnode *vp, struct label *label, struct componentname *cnp) { @@ -743,7 +745,7 @@ * If the checksums do not match, deny access. */ static int -mac_chkexec_check_vnode_access(struct ucred *cred, struct vnode *vp, +mac_chkexec_vnode_check_access(struct ucred *cred, struct vnode *vp, struct label *label, int acc_mode) { int error; @@ -763,7 +765,7 @@ * with storing the checksums, deny access. */ static int -mac_chkexec_check_vnode_setextattr(struct ucred *cred, struct vnode *vp, +mac_chkexec_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, struct label *vnodelabel, int attrnamespace, const char *name, struct uio *uio) { @@ -781,7 +783,7 @@ } static int -mac_chkexec_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp, +mac_chkexec_vnode_check_deleteextattr(struct ucred *cred, struct vnode *vp, struct label *label, int attrnamespace, const char *name) { @@ -798,7 +800,7 @@ } static int -mac_chkexec_check_vnode_write(struct ucred *cred, struct ucred *fcred, +mac_chkexec_vnode_check_write(struct ucred *cred, struct ucred *fcred, struct vnode *vp, struct label *label) { @@ -866,15 +868,15 @@ { .mpo_init = mac_chkexec_init, .mpo_destroy = mac_chkexec_destroy, - .mpo_check_vnode_exec = mac_chkexec_check_vnode_exec, - .mpo_check_vnode_mmap = mac_chkexec_check_vnode_mmap, - .mpo_check_kld_load = mac_chkexec_check_kld_load, - .mpo_check_vnode_open = mac_chkexec_check_vnode_open, - .mpo_check_vnode_delete = mac_chkexec_check_vnode_delete, - .mpo_check_vnode_access = mac_chkexec_check_vnode_access, - .mpo_check_vnode_deleteextattr = mac_chkexec_check_vnode_deleteextattr, - .mpo_check_vnode_setextattr = mac_chkexec_check_vnode_setextattr, - .mpo_check_vnode_write = mac_chkexec_check_vnode_write, + .mpo_vnode_check_exec = mac_chkexec_vnode_check_exec, + .mpo_vnode_check_mmap = mac_chkexec_vnode_check_mmap, + .mpo_kld_check_load = mac_chkexec_kld_check_load, + .mpo_vnode_check_open = mac_chkexec_vnode_check_open, + .mpo_vnode_check_unlink = mac_chkexec_vnode_check_unlink, + .mpo_vnode_check_access = mac_chkexec_vnode_check_access, + .mpo_vnode_check_deleteextattr = mac_chkexec_vnode_check_deleteextattr, + .mpo_vnode_check_setextattr = mac_chkexec_vnode_check_setextattr, + .mpo_vnode_check_write = mac_chkexec_vnode_check_write, .mpo_syscall = mac_chkexec_syscall, };
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200808120027.m7C0RnQ5006230>