#ifndef _SECURITY_MAC_INTERNAL_H_
#define _SECURITY_MAC_INTERNAL_H_
+#ifndef PRIVATE
+#warning "MAC policy is not KPI, see Technical Q&A QA1574, this header will be removed in next version"
+#endif
+
#include <string.h>
#include <sys/param.h>
#include <sys/queue.h>
* at all in the system.
*/
extern unsigned int mac_device_enforce;
-extern unsigned int mac_file_enforce;
-extern unsigned int mac_iokit_enforce;
extern unsigned int mac_pipe_enforce;
extern unsigned int mac_posixsem_enforce;
extern unsigned int mac_posixshm_enforce;
extern unsigned int mac_vm_enforce;
extern unsigned int mac_vnode_enforce;
-#if CONFIG_MACF_MACH
-extern unsigned int mac_port_enforce;
-extern unsigned int mac_task_enforce;
-#endif
-
#if CONFIG_MACF_NET
extern unsigned int mac_label_mbufs;
#endif
extern unsigned int mac_label_vnodes;
-static int mac_proc_check_enforce(proc_t p, int enforce_flag);
+static int mac_proc_check_enforce(proc_t p, int enforce_flags);
static __inline__ int mac_proc_check_enforce(proc_t p, int enforce_flags)
{
#if CONFIG_MACF
return ((p->p_mac_enforce & enforce_flags) != 0);
#else
+#pragma unused(p,enforce_flags)
return 0;
#endif
}
static __inline__ void mac_context_set_enforce(vfs_context_t ctx, int enforce_flags)
{
+#if CONFIG_MACF
proc_t proc = vfs_context_proc(ctx);
if (proc == NULL)
return;
mac_proc_set_enforce(proc, enforce_flags);
+#else
+#pragma unused(ctx,enforce_flags)
+#endif
}
projects / apple / xnu.git / blobdiff