diff options
| author | Robert Watson <rwatson@FreeBSD.org> | 2005-10-05 10:31:05 +0000 |
|---|---|---|
| committer | Robert Watson <rwatson@FreeBSD.org> | 2005-10-05 10:31:05 +0000 |
| commit | 85822579e31e6c6ba3cf0f8eb5d15a6e32798d9c (patch) | |
| tree | d3c1d490e04419181fa9baf99babbdacefa13af4 | |
| parent | cecc5554d0577d49e9747eaf0373d1194fdd042e (diff) | |
Notes
| -rw-r--r-- | sys/kern/init_main.c | 4 | ||||
| -rw-r--r-- | sys/security/mac/mac_vfs.c | 8 | ||||
| -rw-r--r-- | sys/security/mac_biba/mac_biba.c | 14 | ||||
| -rw-r--r-- | sys/security/mac_lomac/mac_lomac.c | 14 | ||||
| -rw-r--r-- | sys/security/mac_mls/mac_mls.c | 14 | ||||
| -rw-r--r-- | sys/security/mac_stub/mac_stub.c | 8 | ||||
| -rw-r--r-- | sys/security/mac_test/mac_test.c | 11 | ||||
| -rw-r--r-- | sys/sys/mac.h | 1 | ||||
| -rw-r--r-- | sys/sys/mac_policy.h | 2 |
9 files changed, 0 insertions, 76 deletions
diff --git a/sys/kern/init_main.c b/sys/kern/init_main.c index fd8ae7a7b905..7e2396d51ced 100644 --- a/sys/kern/init_main.c +++ b/sys/kern/init_main.c @@ -533,10 +533,6 @@ start_init(void *dummy) vfs_mountroot(); -#ifdef MAC - mac_create_root_mount(td->td_ucred, TAILQ_FIRST(&mountlist)); -#endif - /* * Need just enough stack to hold the faked-up "execve()" arguments. */ diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c index 647697b0055c..59aa61bc792d 100644 --- a/sys/security/mac/mac_vfs.c +++ b/sys/security/mac/mac_vfs.c @@ -921,14 +921,6 @@ mac_create_mount(struct ucred *cred, struct mount *mp) mp->mnt_fslabel); } -void -mac_create_root_mount(struct ucred *cred, struct mount *mp) -{ - - MAC_PERFORM(create_root_mount, cred, mp, mp->mnt_mntlabel, - mp->mnt_fslabel); -} - int mac_check_mount_stat(struct ucred *cred, struct mount *mount) { diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c index 93b7eabd130c..6735c2593fd7 100644 --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -839,19 +839,6 @@ mac_biba_create_mount(struct ucred *cred, struct mount *mp, } static void -mac_biba_create_root_mount(struct ucred *cred, struct mount *mp, - struct label *mntlabel, struct label *fslabel) -{ - struct mac_biba *mac_biba; - - /* Always mount root as high integrity. */ - mac_biba = SLOT(fslabel); - mac_biba_set_effective(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL); - mac_biba = SLOT(mntlabel); - mac_biba_set_effective(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL); -} - -static void mac_biba_relabel_vnode(struct ucred *cred, struct vnode *vp, struct label *vnodelabel, struct label *label) { @@ -3087,7 +3074,6 @@ static struct mac_policy_ops mac_biba_ops = .mpo_create_devfs_directory = mac_biba_create_devfs_directory, .mpo_create_devfs_symlink = mac_biba_create_devfs_symlink, .mpo_create_mount = mac_biba_create_mount, - .mpo_create_root_mount = mac_biba_create_root_mount, .mpo_relabel_vnode = mac_biba_relabel_vnode, .mpo_update_devfsdirent = mac_biba_update_devfsdirent, .mpo_associate_vnode_devfs = mac_biba_associate_vnode_devfs, diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c index 3dd36339726d..bcffa92135ce 100644 --- a/sys/security/mac_lomac/mac_lomac.c +++ b/sys/security/mac_lomac/mac_lomac.c @@ -960,19 +960,6 @@ mac_lomac_create_mount(struct ucred *cred, struct mount *mp, } static void -mac_lomac_create_root_mount(struct ucred *cred, struct mount *mp, - struct label *mntlabel, struct label *fslabel) -{ - struct mac_lomac *mac_lomac; - - /* Always mount root as high integrity. */ - mac_lomac = SLOT(fslabel); - mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0); - mac_lomac = SLOT(mntlabel); - mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0); -} - -static void mac_lomac_relabel_vnode(struct ucred *cred, struct vnode *vp, struct label *vnodelabel, struct label *label) { @@ -2618,7 +2605,6 @@ static struct mac_policy_ops mac_lomac_ops = .mpo_create_devfs_directory = mac_lomac_create_devfs_directory, .mpo_create_devfs_symlink = mac_lomac_create_devfs_symlink, .mpo_create_mount = mac_lomac_create_mount, - .mpo_create_root_mount = mac_lomac_create_root_mount, .mpo_relabel_vnode = mac_lomac_relabel_vnode, .mpo_update_devfsdirent = mac_lomac_update_devfsdirent, .mpo_associate_vnode_devfs = mac_lomac_associate_vnode_devfs, diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c index bc69a77942a1..76e2cdaa485f 100644 --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -808,19 +808,6 @@ mac_mls_create_mount(struct ucred *cred, struct mount *mp, } static void -mac_mls_create_root_mount(struct ucred *cred, struct mount *mp, - struct label *mntlabel, struct label *fslabel) -{ - struct mac_mls *mac_mls; - - /* Always mount root as high integrity. */ - mac_mls = SLOT(fslabel); - mac_mls_set_effective(mac_mls, MAC_MLS_TYPE_LOW, 0, NULL); - mac_mls = SLOT(mntlabel); - mac_mls_set_effective(mac_mls, MAC_MLS_TYPE_LOW, 0, NULL); -} - -static void mac_mls_relabel_vnode(struct ucred *cred, struct vnode *vp, struct label *vnodelabel, struct label *label) { @@ -2861,7 +2848,6 @@ static struct mac_policy_ops mac_mls_ops = .mpo_create_devfs_directory = mac_mls_create_devfs_directory, .mpo_create_devfs_symlink = mac_mls_create_devfs_symlink, .mpo_create_mount = mac_mls_create_mount, - .mpo_create_root_mount = mac_mls_create_root_mount, .mpo_relabel_vnode = mac_mls_relabel_vnode, .mpo_update_devfsdirent = mac_mls_update_devfsdirent, .mpo_associate_vnode_devfs = mac_mls_associate_vnode_devfs, diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c index fc667ce42008..36b10ea6cf62 100644 --- a/sys/security/mac_stub/mac_stub.c +++ b/sys/security/mac_stub/mac_stub.c @@ -226,13 +226,6 @@ stub_create_mount(struct ucred *cred, struct mount *mp, } static void -stub_create_root_mount(struct ucred *cred, struct mount *mp, - struct label *mntlabel, struct label *fslabel) -{ - -} - -static void stub_relabel_vnode(struct ucred *cred, struct vnode *vp, struct label *vnodelabel, struct label *label) { @@ -1439,7 +1432,6 @@ static struct mac_policy_ops mac_stub_ops = .mpo_create_sysv_shm = stub_create_sysv_shm, .mpo_create_vnode_extattr = stub_create_vnode_extattr, .mpo_create_mount = stub_create_mount, - .mpo_create_root_mount = stub_create_root_mount, .mpo_relabel_vnode = stub_relabel_vnode, .mpo_setlabel_vnode_extattr = stub_setlabel_vnode_extattr, .mpo_update_devfsdirent = stub_update_devfsdirent, diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index cdc5c798f468..921e641f7e91 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -919,16 +919,6 @@ mac_test_create_mount(struct ucred *cred, struct mount *mp, } static void -mac_test_create_root_mount(struct ucred *cred, struct mount *mp, - struct label *mntlabel, struct label *fslabel) -{ - - ASSERT_CRED_LABEL(cred->cr_label); - ASSERT_MOUNT_LABEL(mntlabel); - ASSERT_MOUNT_LABEL(fslabel); -} - -static void mac_test_relabel_vnode(struct ucred *cred, struct vnode *vp, struct label *vnodelabel, struct label *label) { @@ -2473,7 +2463,6 @@ static struct mac_policy_ops mac_test_ops = .mpo_create_devfs_symlink = mac_test_create_devfs_symlink, .mpo_create_vnode_extattr = mac_test_create_vnode_extattr, .mpo_create_mount = mac_test_create_mount, - .mpo_create_root_mount = mac_test_create_root_mount, .mpo_relabel_vnode = mac_test_relabel_vnode, .mpo_setlabel_vnode_extattr = mac_test_setlabel_vnode_extattr, .mpo_update_devfsdirent = mac_test_update_devfsdirent, diff --git a/sys/sys/mac.h b/sys/sys/mac.h index e21edec84eec..65d879dca1a2 100644 --- a/sys/sys/mac.h +++ b/sys/sys/mac.h @@ -209,7 +209,6 @@ void mac_create_devfs_symlink(struct ucred *cred, struct mount *mp, int mac_create_vnode_extattr(struct ucred *cred, struct mount *mp, struct vnode *dvp, struct vnode *vp, struct componentname *cnp); void mac_create_mount(struct ucred *cred, struct mount *mp); -void mac_create_root_mount(struct ucred *cred, struct mount *mp); void mac_relabel_vnode(struct ucred *cred, struct vnode *vp, struct label *newlabel); void mac_update_devfsdirent(struct mount *mp, struct devfs_dirent *de, diff --git a/sys/sys/mac_policy.h b/sys/sys/mac_policy.h index ba3c7cc00099..24e3b4139b27 100644 --- a/sys/sys/mac_policy.h +++ b/sys/sys/mac_policy.h @@ -217,8 +217,6 @@ struct mac_policy_ops { struct componentname *cnp); void (*mpo_create_mount)(struct ucred *cred, struct mount *mp, struct label *mntlabel, struct label *fslabel); - void (*mpo_create_root_mount)(struct ucred *cred, struct mount *mp, - struct label *mountlabel, struct label *fslabel); void (*mpo_relabel_vnode)(struct ucred *cred, struct vnode *vp, struct label *vnodelabel, struct label *label); int (*mpo_setlabel_vnode_extattr)(struct ucred *cred, |