| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | /* $NetBSD: policy.c,v 1.7 2018/05/28 21:05:09 chs Exp $ */ | | 1 | /* $NetBSD: policy.c,v 1.7.4.1 2020/08/28 18:17:13 martin Exp $ */ |
2 | | | 2 | |
3 | /*- | | 3 | /*- |
4 | * Copyright (c) 2009 The NetBSD Foundation, Inc. | | 4 | * Copyright (c) 2009 The NetBSD Foundation, Inc. |
5 | * All rights reserved. | | 5 | * All rights reserved. |
6 | * | | 6 | * |
7 | * This code is derived from software contributed to The NetBSD Foundation | | 7 | * This code is derived from software contributed to The NetBSD Foundation |
8 | * by Andrew Doran. | | 8 | * by Andrew Doran. |
9 | * | | 9 | * |
10 | * Redistribution and use in source and binary forms, with or without | | 10 | * Redistribution and use in source and binary forms, with or without |
11 | * modification, are permitted provided that the following conditions | | 11 | * modification, are permitted provided that the following conditions |
12 | * are met: | | 12 | * are met: |
13 | * 1. Redistributions of source code must retain the above copyright | | 13 | * 1. Redistributions of source code must retain the above copyright |
14 | * notice, this list of conditions and the following disclaimer. | | 14 | * notice, this list of conditions and the following disclaimer. |
| @@ -109,27 +109,27 @@ secpolicy_sys_config(cred_t *cred, int c | | | @@ -109,27 +109,27 @@ secpolicy_sys_config(cred_t *cred, int c |
109 | | | 109 | |
110 | int | | 110 | int |
111 | secpolicy_zinject(cred_t *cred) | | 111 | secpolicy_zinject(cred_t *cred) |
112 | { | | 112 | { |
113 | | | 113 | |
114 | return kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL); | | 114 | return kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL); |
115 | } | | 115 | } |
116 | | | 116 | |
117 | int | | 117 | int |
118 | secpolicy_fs_mount(cred_t *cred, vnode_t *mvp, struct mount *vfsp) | | 118 | secpolicy_fs_mount(cred_t *cred, vnode_t *mvp, struct mount *vfsp) |
119 | { | | 119 | { |
120 | | | 120 | |
121 | return kauth_authorize_system(cred, KAUTH_SYSTEM_MOUNT, | | 121 | return kauth_authorize_system(cred, KAUTH_SYSTEM_MOUNT, |
122 | KAUTH_REQ_SYSTEM_MOUNT_NEW, vfsp, NULL, NULL); | | 122 | KAUTH_REQ_SYSTEM_MOUNT_NEW, mvp, KAUTH_ARG(vfsp->mnt_flag), NULL); |
123 | } | | 123 | } |
124 | | | 124 | |
125 | int | | 125 | int |
126 | secpolicy_fs_unmount(cred_t *cred, struct mount *vfsp) | | 126 | secpolicy_fs_unmount(cred_t *cred, struct mount *vfsp) |
127 | { | | 127 | { |
128 | | | 128 | |
129 | return kauth_authorize_system(cred, KAUTH_SYSTEM_MOUNT, | | 129 | return kauth_authorize_system(cred, KAUTH_SYSTEM_MOUNT, |
130 | KAUTH_REQ_SYSTEM_MOUNT_UNMOUNT, vfsp, NULL, NULL); | | 130 | KAUTH_REQ_SYSTEM_MOUNT_UNMOUNT, vfsp, NULL, NULL); |
131 | } | | 131 | } |
132 | | | 132 | |
133 | int | | 133 | int |
134 | secpolicy_fs_owner(struct mount *mp, cred_t *cr) | | 134 | secpolicy_fs_owner(struct mount *mp, cred_t *cr) |
135 | { | | 135 | { |