diff options
| author | Robert Watson <rwatson@FreeBSD.org> | 2007-10-25 12:34:14 +0000 |
|---|---|---|
| committer | Robert Watson <rwatson@FreeBSD.org> | 2007-10-25 12:34:14 +0000 |
| commit | eb2cd5e1df2de9af1c4510a396ab702d3e04719c (patch) | |
| tree | 09ab2e34d1c0854e04e44916dd25df475c7a1a35 /sys/security/mac_mls | |
| parent | 3f1a7a9086a59e93615bb9e5f6163372cee4d669 (diff) | |
| download | src-eb2cd5e1df2de9af1c4510a396ab702d3e04719c.tar.gz src-eb2cd5e1df2de9af1c4510a396ab702d3e04719c.zip | |
Rename mac_associate_nfsd_label() to mac_proc_associate_nfsd(), and move
from mac_vfs.c to mac_process.c to join other functions that setup up
process labels for specific purposes. Unlike the two proc create calls,
this call is intended to run after creation when a process registers as
the NFS daemon, so remains an _associate_ call..
Obtained from: TrustedBSD Project
Notes
Notes:
svn path=/head/; revision=172957
Diffstat (limited to 'sys/security/mac_mls')
| -rw-r--r-- | sys/security/mac_mls/mac_mls.c | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c index cfca2afb608d..5bb539493b8c 100644 --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -1355,6 +1355,17 @@ mls_proc_create_init(struct ucred *cred) } static void +mls_proc_associate_nfsd(struct ucred *cred) +{ + struct mac_mls *label; + + label = SLOT(cred->cr_label); + mls_set_effective(label, MAC_MLS_TYPE_LOW, 0, NULL); + mls_set_range(label, MAC_MLS_TYPE_LOW, 0, NULL, MAC_MLS_TYPE_HIGH, 0, + NULL); +} + +static void mls_cred_relabel(struct ucred *cred, struct label *newlabel) { struct mac_mls *source, *dest; @@ -2847,17 +2858,6 @@ mls_vnode_check_write(struct ucred *active_cred, struct ucred *file_cred, return (0); } -static void -mls_associate_nfsd_label(struct ucred *cred) -{ - struct mac_mls *label; - - label = SLOT(cred->cr_label); - mls_set_effective(label, MAC_MLS_TYPE_LOW, 0, NULL); - mls_set_range(label, MAC_MLS_TYPE_LOW, 0, NULL, MAC_MLS_TYPE_HIGH, 0, - NULL); -} - static struct mac_policy_ops mls_ops = { .mpo_init = mls_init, @@ -2958,6 +2958,7 @@ static struct mac_policy_ops mls_ops = .mpo_inpcb_sosetlabel = mls_inpcb_sosetlabel, .mpo_proc_create_swapper = mls_proc_create_swapper, .mpo_proc_create_init = mls_proc_create_init, + .mpo_proc_associate_nfsd = mls_proc_associate_nfsd, .mpo_cred_relabel = mls_cred_relabel, .mpo_sysvmsg_cleanup = mls_sysvmsg_cleanup, .mpo_sysvmsq_cleanup = mls_sysvmsq_cleanup, @@ -3034,7 +3035,6 @@ static struct mac_policy_ops mls_ops = .mpo_vnode_check_stat = mls_vnode_check_stat, .mpo_vnode_check_unlink = mls_vnode_check_unlink, .mpo_vnode_check_write = mls_vnode_check_write, - .mpo_associate_nfsd_label = mls_associate_nfsd_label, .mpo_mbuf_create_from_firewall = mls_mbuf_create_from_firewall, }; |