From 55fb7830520c5330c895203b195c130904b2dfc3 Mon Sep 17 00:00:00 2001 From: Robert Watson Date: Tue, 30 Jul 2002 22:43:20 +0000 Subject: [PATCH] Introduce support for Mandatory Access Control and extensible kernel access control. Replace 'void *' with 'struct mac *' now that mac.h is in the base tree. The current POSIX.1e-derived userland MAC interface is schedule for replacement, but will act as a functional placeholder until the replacement is done. These system calls allow userland processes to get and set labels on both the current process, as well as file system objects and file descriptor backed objects. --- sys/kern/syscalls.master | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/sys/kern/syscalls.master b/sys/kern/syscalls.master index 64aa65b9273d..3c6eee1f5a1a 100644 --- a/sys/kern/syscalls.master +++ b/sys/kern/syscalls.master @@ -553,12 +553,14 @@ int new_grp_flag); } 382 STD BSD { int thread_wakeup(struct thread_mailbox *tmbx); } 383 MSTD BSD { int kse_yield(void); } -384 MSTD BSD { int __mac_get_proc(void *dummy); } -385 MSTD BSD { int __mac_set_proc(void *dummy); } -386 MSTD BSD { int __mac_get_fd(int fd, void *dummy); } -387 MSTD BSD { int __mac_get_file(const char *path_p, void *dummy); } -388 MSTD BSD { int __mac_set_fd(int fd, void *dummy); } -389 MSTD BSD { int __mac_set_file(const char *path_p, void *dummy); } +384 MSTD BSD { int __mac_get_proc(struct mac *mac_p); } +385 MSTD BSD { int __mac_set_proc(struct mac *mac_p); } +386 MSTD BSD { int __mac_get_fd(int fd, struct mac *mac_p); } +387 MSTD BSD { int __mac_get_file(const char *path_p, \ + struct mac *mac_p); } +388 MSTD BSD { int __mac_set_fd(int fd, struct mac *mac_p); } +389 MSTD BSD { int __mac_set_file(const char *path_p, \ + struct mac *mac_p); } 390 STD BSD { int kenv(int what, const char *name, char *value, \ int len); } 391 STD BSD { int lchflags(const char *path, int flags); }