diff options
| author | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2013-11-06 16:20:21 +0100 |
|---|---|---|
| committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2013-11-11 10:08:08 +0100 |
| commit | 66659ff1ad6831b0ea7425fa6ecd8a8687523658 (patch) | |
| tree | 48e22b475fa8854128e0861a33fed6f78c8094b5 /freebsd/sys/security | |
| parent | Define __GLOBL1() and __GLOBL() (diff) | |
| download | rtems-libbsd-66659ff1ad6831b0ea7425fa6ecd8a8687523658.tar.bz2 | |
Update to FreeBSD 9.2
Diffstat (limited to 'freebsd/sys/security')
| -rw-r--r-- | freebsd/sys/security/audit/audit.h | 23 | ||||
| -rw-r--r-- | freebsd/sys/security/mac/mac_framework.h | 14 |
2 files changed, 27 insertions, 10 deletions
diff --git a/freebsd/sys/security/audit/audit.h b/freebsd/sys/security/audit/audit.h index f66f33a4..69f6c328 100644 --- a/freebsd/sys/security/audit/audit.h +++ b/freebsd/sys/security/audit/audit.h @@ -99,8 +99,8 @@ void audit_arg_sockaddr(struct thread *td, struct sockaddr *sa); void audit_arg_auid(uid_t auid); void audit_arg_auditinfo(struct auditinfo *au_info); void audit_arg_auditinfo_addr(struct auditinfo_addr *au_info); -void audit_arg_upath1(struct thread *td, char *upath); -void audit_arg_upath2(struct thread *td, char *upath); +void audit_arg_upath1(struct thread *td, int dirfd, char *upath); +void audit_arg_upath2(struct thread *td, int dirfd, char *upath); void audit_arg_vnode1(struct vnode *vp); void audit_arg_vnode2(struct vnode *vp); void audit_arg_text(char *text); @@ -114,6 +114,7 @@ void audit_arg_auditon(union auditon_udata *udata); void audit_arg_file(struct proc *p, struct file *fp); void audit_arg_argv(char *argv, int argc, int length); void audit_arg_envv(char *envv, int envc, int length); +void audit_arg_rights(cap_rights_t rights); void audit_sysclose(struct thread *td, int fd); void audit_cred_copy(struct ucred *src, struct ucred *dest); void audit_cred_destroy(struct ucred *cred); @@ -235,6 +236,11 @@ void audit_thread_free(struct thread *td); audit_arg_rgid((rgid)); \ } while (0) +#define AUDIT_ARG_RIGHTS(rights) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_rights((rights)); \ +} while (0) + #define AUDIT_ARG_RUID(ruid) do { \ if (AUDITING_TD(curthread)) \ audit_arg_ruid((ruid)); \ @@ -270,14 +276,14 @@ void audit_thread_free(struct thread *td); audit_arg_uid((uid)); \ } while (0) -#define AUDIT_ARG_UPATH1(td, upath) do { \ +#define AUDIT_ARG_UPATH1(td, dirfd, upath) do { \ if (AUDITING_TD(curthread)) \ - audit_arg_upath1((td), (upath)); \ + audit_arg_upath1((td), (dirfd), (upath)); \ } while (0) -#define AUDIT_ARG_UPATH2(td, upath) do { \ +#define AUDIT_ARG_UPATH2(td, dirfd, upath) do { \ if (AUDITING_TD(curthread)) \ - audit_arg_upath2((td), (upath)); \ + audit_arg_upath2((td), (dirfd), (upath)); \ } while (0) #define AUDIT_ARG_VALUE(value) do { \ @@ -342,6 +348,7 @@ void audit_thread_free(struct thread *td); #define AUDIT_ARG_PID(pid) #define AUDIT_ARG_PROCESS(p) #define AUDIT_ARG_RGID(rgid) +#define AUDIT_ARG_RIGHTS(rights) #define AUDIT_ARG_RUID(ruid) #define AUDIT_ARG_SIGNUM(signum) #define AUDIT_ARG_SGID(sgid) @@ -349,8 +356,8 @@ void audit_thread_free(struct thread *td); #define AUDIT_ARG_SUID(suid) #define AUDIT_ARG_TEXT(text) #define AUDIT_ARG_UID(uid) -#define AUDIT_ARG_UPATH1(td, upath) -#define AUDIT_ARG_UPATH2(td, upath) +#define AUDIT_ARG_UPATH1(td, dirfd, upath) +#define AUDIT_ARG_UPATH2(td, dirfd, upath) #define AUDIT_ARG_VALUE(value) #define AUDIT_ARG_VNODE1(vp) #define AUDIT_ARG_VNODE2(vp) diff --git a/freebsd/sys/security/mac/mac_framework.h b/freebsd/sys/security/mac/mac_framework.h index 70fb7c99..e5e27063 100644 --- a/freebsd/sys/security/mac/mac_framework.h +++ b/freebsd/sys/security/mac/mac_framework.h @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1999-2002, 2007-2009 Robert N. M. Watson + * Copyright (c) 1999-2002, 2007-2011 Robert N. M. Watson * Copyright (c) 2001-2005 Networks Associates Technology, Inc. * Copyright (c) 2005-2006 SPARTA, Inc. * All rights reserved. @@ -225,6 +225,10 @@ int mac_posixsem_check_getvalue(struct ucred *active_cred, int mac_posixsem_check_open(struct ucred *cred, struct ksem *ks); int mac_posixsem_check_post(struct ucred *active_cred, struct ucred *file_cred, struct ksem *ks); +int mac_posixsem_check_setmode(struct ucred *cred, struct ksem *ks, + mode_t mode); +int mac_posixsem_check_setowner(struct ucred *cred, struct ksem *ks, + uid_t uid, gid_t gid); int mac_posixsem_check_stat(struct ucred *active_cred, struct ucred *file_cred, struct ksem *ks); int mac_posixsem_check_unlink(struct ucred *cred, struct ksem *ks); @@ -234,9 +238,15 @@ void mac_posixsem_create(struct ucred *cred, struct ksem *ks); void mac_posixsem_destroy(struct ksem *); void mac_posixsem_init(struct ksem *); +int mac_posixshm_check_create(struct ucred *cred, const char *path); int mac_posixshm_check_mmap(struct ucred *cred, struct shmfd *shmfd, int prot, int flags); -int mac_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd); +int mac_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd, + accmode_t accmode); +int mac_posixshm_check_setmode(struct ucred *cred, struct shmfd *shmfd, + mode_t mode); +int mac_posixshm_check_setowner(struct ucred *cred, struct shmfd *shmfd, + uid_t uid, gid_t gid); int mac_posixshm_check_stat(struct ucred *active_cred, struct ucred *file_cred, struct shmfd *shmfd); int mac_posixshm_check_truncate(struct ucred *active_cred, |