Implement mac_create_devfs_symlink() for policies that interact with
vnode labels. Sync from MAC tree. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
This commit is contained in:
parent
2d5202be2d
commit
d8184bd58c
@ -476,6 +476,18 @@ mac_biba_create_devfs_directory(char *dirname, int dirnamelen,
|
||||
mac_biba_set_single(mac_biba, MAC_BIBA_TYPE_HIGH, 0);
|
||||
}
|
||||
|
||||
static void
|
||||
mac_biba_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd,
|
||||
struct label *ddlabel, struct devfs_dirent *de, struct label *delabel)
|
||||
{
|
||||
struct mac_biba *source, *dest;
|
||||
|
||||
source = SLOT(&cred->cr_label);
|
||||
dest = SLOT(delabel);
|
||||
|
||||
mac_biba_copy_single(source, dest);
|
||||
}
|
||||
|
||||
static void
|
||||
mac_biba_create_devfs_vnode(struct devfs_dirent *devfs_dirent,
|
||||
struct label *direntlabel, struct vnode *vp, struct label *vnodelabel)
|
||||
@ -1983,6 +1995,8 @@ static struct mac_policy_op_entry mac_biba_ops[] =
|
||||
(macop_t)mac_biba_create_devfs_device },
|
||||
{ MAC_CREATE_DEVFS_DIRECTORY,
|
||||
(macop_t)mac_biba_create_devfs_directory },
|
||||
{ MAC_CREATE_DEVFS_SYMLINK,
|
||||
(macop_t)mac_biba_create_devfs_symlink },
|
||||
{ MAC_CREATE_DEVFS_VNODE,
|
||||
(macop_t)mac_biba_create_devfs_vnode },
|
||||
{ MAC_CREATE_VNODE,
|
||||
|
@ -468,6 +468,18 @@ mac_mls_create_devfs_directory(char *dirname, int dirnamelen,
|
||||
mac_mls_set_single(mac_mls, MAC_MLS_TYPE_LOW, 0);
|
||||
}
|
||||
|
||||
static void
|
||||
mac_mls_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd,
|
||||
struct label *ddlabel, struct devfs_dirent *de, struct label *delabel)
|
||||
{
|
||||
struct mac_mls *source, *dest;
|
||||
|
||||
source = SLOT(&cred->cr_label);
|
||||
dest = SLOT(delabel);
|
||||
|
||||
mac_mls_copy_single(source, dest);
|
||||
}
|
||||
|
||||
static void
|
||||
mac_mls_create_devfs_vnode(struct devfs_dirent *devfs_dirent,
|
||||
struct label *direntlabel, struct vnode *vp, struct label *vnodelabel)
|
||||
@ -1945,6 +1957,8 @@ static struct mac_policy_op_entry mac_mls_ops[] =
|
||||
(macop_t)mac_mls_create_devfs_device },
|
||||
{ MAC_CREATE_DEVFS_DIRECTORY,
|
||||
(macop_t)mac_mls_create_devfs_directory },
|
||||
{ MAC_CREATE_DEVFS_SYMLINK,
|
||||
(macop_t)mac_mls_create_devfs_symlink },
|
||||
{ MAC_CREATE_DEVFS_VNODE,
|
||||
(macop_t)mac_mls_create_devfs_vnode },
|
||||
{ MAC_CREATE_VNODE,
|
||||
|
@ -152,6 +152,13 @@ mac_none_create_devfs_device(dev_t dev, struct devfs_dirent *devfs_dirent,
|
||||
|
||||
}
|
||||
|
||||
static void
|
||||
mac_none_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd,
|
||||
struct label *ddlabel, struct devfs_dirent *de, struct label *delabel)
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
static void
|
||||
mac_none_create_devfs_directory(char *dirname, int dirnamelen,
|
||||
struct devfs_dirent *devfs_dirent, struct label *label)
|
||||
@ -892,6 +899,8 @@ static struct mac_policy_op_entry mac_none_ops[] =
|
||||
(macop_t)mac_none_create_devfs_device },
|
||||
{ MAC_CREATE_DEVFS_DIRECTORY,
|
||||
(macop_t)mac_none_create_devfs_directory },
|
||||
{ MAC_CREATE_DEVFS_SYMLINK,
|
||||
(macop_t)mac_none_create_devfs_symlink },
|
||||
{ MAC_CREATE_DEVFS_VNODE,
|
||||
(macop_t)mac_none_create_devfs_vnode },
|
||||
{ MAC_CREATE_VNODE,
|
||||
|
@ -152,6 +152,13 @@ mac_none_create_devfs_device(dev_t dev, struct devfs_dirent *devfs_dirent,
|
||||
|
||||
}
|
||||
|
||||
static void
|
||||
mac_none_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd,
|
||||
struct label *ddlabel, struct devfs_dirent *de, struct label *delabel)
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
static void
|
||||
mac_none_create_devfs_directory(char *dirname, int dirnamelen,
|
||||
struct devfs_dirent *devfs_dirent, struct label *label)
|
||||
@ -892,6 +899,8 @@ static struct mac_policy_op_entry mac_none_ops[] =
|
||||
(macop_t)mac_none_create_devfs_device },
|
||||
{ MAC_CREATE_DEVFS_DIRECTORY,
|
||||
(macop_t)mac_none_create_devfs_directory },
|
||||
{ MAC_CREATE_DEVFS_SYMLINK,
|
||||
(macop_t)mac_none_create_devfs_symlink },
|
||||
{ MAC_CREATE_DEVFS_VNODE,
|
||||
(macop_t)mac_none_create_devfs_vnode },
|
||||
{ MAC_CREATE_VNODE,
|
||||
|
@ -535,6 +535,13 @@ mac_test_create_devfs_directory(char *dirname, int dirnamelen,
|
||||
|
||||
}
|
||||
|
||||
static void
|
||||
mac_test_create_devfs_symlink(struct ucred *cred, struct devfs_dirent *dd,
|
||||
struct label *ddlabel, struct devfs_dirent *de, struct label *delabel)
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
static void
|
||||
mac_test_create_devfs_vnode(struct devfs_dirent *devfs_dirent,
|
||||
struct label *direntlabel, struct vnode *vp, struct label *vnodelabel)
|
||||
@ -1268,6 +1275,8 @@ static struct mac_policy_op_entry mac_test_ops[] =
|
||||
(macop_t)mac_test_create_devfs_device },
|
||||
{ MAC_CREATE_DEVFS_DIRECTORY,
|
||||
(macop_t)mac_test_create_devfs_directory },
|
||||
{ MAC_CREATE_DEVFS_SYMLINK,
|
||||
(macop_t)mac_test_create_devfs_symlink },
|
||||
{ MAC_CREATE_DEVFS_VNODE,
|
||||
(macop_t)mac_test_create_devfs_vnode },
|
||||
{ MAC_CREATE_VNODE,
|
||||
|
Loading…
Reference in New Issue
Block a user