In the kernel-only portionss of System V IPC objects (messages,

message queues, shared memory segments, and semaphores), add a struct label pointer, which will hold the MAC labels for the objects. As a result of recent work to separate kernel and user space ABIs, this should not break the ABI for applications using System V IPC, but will require a rebuild of the ipcs monitoring tool. Submitted by: Dandekar Hrishikesh <rishi_dandekar at sbcglobal dot net> Obtained from: TrustedBSD Project Sponsored by: DARPA, SPAWAR, McAfee Research
2004-11-17 13:12:06 +00:00 · 2004-11-17 13:12:06 +00:00 · 9fdfeb56f4
commit 9fdfeb56f4
parent bbe546d283
3 changed files with 4 additions and 0 deletions
--- a/sys/sys/msg.h
+++ b/sys/sys/msg.h
@ -107,6 +107,7 @@ struct msg {
 				/* 0 -> free header */
 	u_short	msg_ts;		/* size of this message */
 	short	msg_spot;	/* location of start of msg in buffer */
+	struct	label *label;	/* MAC Framework label */
 };

 /*
@ -141,6 +142,7 @@ struct msqid_kernel {
 	/*
 	 * Kernel-private components of the message queue.
 	 */
+	struct	label *label;	/* MAC label */
 };

 #else /* !_KERNEL */
--- a/sys/sys/sem.h
+++ b/sys/sys/sem.h
@ -89,6 +89,7 @@ extern struct seminfo	seminfo;
 */
 struct semid_kernel {
 	struct	semid_ds u;
+	struct	label *label;	/* MAC framework label */
 };

 /* internal "mode" bits */
--- a/sys/sys/shm.h
+++ b/sys/sys/shm.h
@ -90,6 +90,7 @@ struct shminfo {
 */
 struct shmid_kernel {
 	struct shmid_ds u;
+	struct label *label;	/* MAC label */
 };

 extern struct shminfo	shminfo;