1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-25 11:37:56 +00:00

Introduce IO_NOMACCHECK, a flag that will be passed to vn_rdwr() to

indicate that the calling code has already performed necessary MAC
checks (if any) for this operation.  This flag will help resolve
layering problems that existing because vn_rdwr() is called both
on behalf of user processes directly (such as in system calls of
various sorts, during core dumps, etc), as well as deep in the file
system code on behalf of the file system (such as in UFS, ext2fs,
etc).  Code that is acting on behalf of a kernel service rather
than explicitly on behalf of a user process will specify this flag.
By default, MAC checks will be performed (and generally should
be performed).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
This commit is contained in:
Robert Watson 2002-08-12 01:54:10 +00:00
parent 22f1120fb6
commit 62c0c26325
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=101711

View File

@ -284,6 +284,7 @@ struct vattr {
#define IO_NOWDRAIN 0x0200 /* do not block on wdrain */
#define IO_EXT 0x0400 /* operate on external attributes */
#define IO_NORMAL 0x0800 /* operate on regular data */
#define IO_NOMACCHECK 0x1000 /* MAC checks unnecessary */
/*
* Modes. Some values same as Ixxx entries from inode.h for now.