From 6683b28d78e37e5c4d4f141ab1eee360fb1cbed2 Mon Sep 17 00:00:00 2001 From: Robert Watson Date: Fri, 26 Oct 2007 21:16:34 +0000 Subject: [PATCH] Update comment following MAC Framework entry point renaming and reorganization. Obtained from: TrustedBSD Project --- sys/security/mac/mac_framework.h | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h index b0971d8efc3..80b8b335f22 100644 --- a/sys/security/mac/mac_framework.h +++ b/sys/security/mac/mac_framework.h @@ -88,7 +88,12 @@ struct vop_setlabel_args; #include /* XXX acl_type_t */ /* - * Kernel functions to manage and evaluate labels. + * Entry points to the TrustedBSD MAC Framework from the remainder of the + * kernel: entry points are named based on a principle object type and an + * action relating to it. They are sorted alphabetically first by object + * type and then action. In some situations, the principle object type is + * obvious, and in other cases, less so as multiple objects may be inolved + * in the operation. */ int mac_bpfdesc_check_receive(struct bpf_d *d, struct ifnet *ifp); void mac_bpfdesc_create(struct ucred *cred, struct bpf_d *d);