d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Introduce support for Mandatory Access Control and extensible

Browse Source 
kernel access control.

Introduce two ioctls, SIOCGIFMAC, SIOCSIFMAC, which permit user
processes to manage the MAC labels on network interfaces.  Note
that this is part of the user process API/ABI that will be revised
prior to 5.0-RELEASE.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
This commit is contained in:
Robert Watson 2002-08-01 21:15:53 +00:00
parent 64c2d84570
commit 8f293a63ce
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
sys/net/if.c
View File

@ -1250,6 +1250,12 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td)
ifr->ifr_curcap = ifp->if_capenable;
break;
#ifdef MAC
case SIOCGIFMAC:
error = mac_ioctl_ifnet_get(td->td_proc->p_ucred, ifr, ifp);
break;
#endif
case SIOCGIFMETRIC:
ifr->ifr_metric = ifp->if_metric;
break;
@ -1296,6 +1302,12 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td)
(void) (*ifp->if_ioctl)(ifp, cmd, data);
break;
#ifdef MAC
case SIOCSIFMAC:
error = mac_ioctl_ifnet_set(td->td_proc->p_ucred, ifr, ifp);
break;
#endif
case SIOCSIFMETRIC:
error = suser(td);
if (error)