From 939b97cba63e59f0a189a9d7fdc9e00edb967feb Mon Sep 17 00:00:00 2001 From: Robert Watson Date: Tue, 5 Nov 2002 17:52:42 +0000 Subject: [PATCH] Update policy modules for changes in arguments associated with support for label access on the interpreter, not just the shell script. No policies currently present in the system rely on the new labels. --- sys/security/mac_biba/mac_biba.c | 2 +- sys/security/mac_bsdextended/mac_bsdextended.c | 2 +- sys/security/mac_mls/mac_mls.c | 2 +- sys/security/mac_none/mac_none.c | 8 +++++--- sys/security/mac_stub/mac_stub.c | 8 +++++--- sys/security/mac_test/mac_test.c | 8 +++++--- 6 files changed, 18 insertions(+), 12 deletions(-) diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c index c6dff49bce5c..277094139d74 100644 --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -2044,7 +2044,7 @@ mac_biba_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, static int mac_biba_check_vnode_exec(struct ucred *cred, struct vnode *vp, - struct label *label) + struct label *label, struct image_params *imgp) { struct mac_biba *subj, *obj; diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c index 8561ab4f8303..840a45641cd0 100644 --- a/sys/security/mac_bsdextended/mac_bsdextended.c +++ b/sys/security/mac_bsdextended/mac_bsdextended.c @@ -394,7 +394,7 @@ mac_bsdextended_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, static int mac_bsdextended_check_vnode_exec(struct ucred *cred, struct vnode *vp, - struct label *label) + struct label *label, struct image_params *imgp) { struct vattr vap; int error; diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c index 71da5da0c40c..71f03c29aed6 100644 --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -1862,7 +1862,7 @@ mac_mls_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, static int mac_mls_check_vnode_exec(struct ucred *cred, struct vnode *vp, - struct label *label) + struct label *label, struct image_params *imgp) { struct mac_mls *subj, *obj; diff --git a/sys/security/mac_none/mac_none.c b/sys/security/mac_none/mac_none.c index 839b0ec9d89f..127746b67afb 100644 --- a/sys/security/mac_none/mac_none.c +++ b/sys/security/mac_none/mac_none.c @@ -416,14 +416,16 @@ mac_none_create_cred(struct ucred *cred_parent, struct ucred *cred_child) static void mac_none_execve_transition(struct ucred *old, struct ucred *new, - struct vnode *vp, struct label *vnodelabel) + struct vnode *vp, struct label *vnodelabel, + struct label *interpvnodelabel, struct image_params *imgp) { } static int mac_none_execve_will_transition(struct ucred *old, struct vnode *vp, - struct label *vnodelabel) + struct label *vnodelabel, struct label *interpvnodelabel, + struct image_params *imgp) { return (0); @@ -687,7 +689,7 @@ mac_none_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, static int mac_none_check_vnode_exec(struct ucred *cred, struct vnode *vp, - struct label *label) + struct label *label, struct image_params *imgp) { return (0); diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c index 839b0ec9d89f..127746b67afb 100644 --- a/sys/security/mac_stub/mac_stub.c +++ b/sys/security/mac_stub/mac_stub.c @@ -416,14 +416,16 @@ mac_none_create_cred(struct ucred *cred_parent, struct ucred *cred_child) static void mac_none_execve_transition(struct ucred *old, struct ucred *new, - struct vnode *vp, struct label *vnodelabel) + struct vnode *vp, struct label *vnodelabel, + struct label *interpvnodelabel, struct image_params *imgp) { } static int mac_none_execve_will_transition(struct ucred *old, struct vnode *vp, - struct label *vnodelabel) + struct label *vnodelabel, struct label *interpvnodelabel, + struct image_params *imgp) { return (0); @@ -687,7 +689,7 @@ mac_none_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, static int mac_none_check_vnode_exec(struct ucred *cred, struct vnode *vp, - struct label *label) + struct label *label, struct image_params *imgp) { return (0); diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index 7fbac6c2bf23..d630c57d2c77 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -766,14 +766,16 @@ mac_test_create_cred(struct ucred *cred_parent, struct ucred *cred_child) static void mac_test_execve_transition(struct ucred *old, struct ucred *new, - struct vnode *vp, struct label *filelabel) + struct vnode *vp, struct label *filelabel, + struct label *interpvnodelabel, struct image_params *imgp) { } static int mac_test_execve_will_transition(struct ucred *old, struct vnode *vp, - struct label *filelabel) + struct label *filelabel, struct label *interpvnodelabel, + struct image_params *imgp) { return (0); @@ -1014,7 +1016,7 @@ mac_test_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp, static int mac_test_check_vnode_exec(struct ucred *cred, struct vnode *vp, - struct label *label) + struct label *label, struct image_params *imgp) { return (0);