Introduce support for Mandatory Access Control and extensible

kernel access control. Teach devfs how to respond to pathconf() _POSIX_MAC_PRESENT queries, allowing it to indicate to user processes that individual vnode labels are available. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
2026-06-09 08:43:19 -04:00 · 2002-08-02 03:12:40 +00:00 · 2002-08-02 03:12:40 +00:00 · 67d722ed73
commit 67d722ed73
parent ef1e7a2656
1 changed files with 11 additions and 0 deletions
--- a/sys/fs/devfs/devfs_vnops.c
+++ b/sys/fs/devfs/devfs_vnops.c
@ -509,6 +509,17 @@ devfs_pathconf(ap)
 	case _PC_PATH_MAX:
 		*ap->a_retval = PATH_MAX;
 		return (0);
+	case _POSIX_MAC_PRESENT:
+#ifdef MAC
+		/*
+		 * If MAC is enabled, devfs automatically supports
+		 * trivial non-persistant label storage.
+		 */
+		*ap->a_retval = 1;
+#else
+		*ap->a_retval = 0;
+#endif /* MAC */
+		return (0);
 	default:
 		return (vop_stdpathconf(ap));
 	}