From 67d722ed736f30d6adaa963c824bf719069f2fad Mon Sep 17 00:00:00 2001
From: Robert Watson <rwatson@FreeBSD.org>
Date: Fri, 2 Aug 2002 03:12:40 +0000
Subject: [PATCH] Introduce support for Mandatory Access Control and extensible
 kernel access control.

Teach devfs how to respond to pathconf() _POSIX_MAC_PRESENT queries,
allowing it to indicate to user processes that individual vnode labels
are available.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
---
 sys/fs/devfs/devfs_vnops.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/sys/fs/devfs/devfs_vnops.c b/sys/fs/devfs/devfs_vnops.c
index 1b403d7c072..9ac37452657 100644
--- a/sys/fs/devfs/devfs_vnops.c
+++ b/sys/fs/devfs/devfs_vnops.c
@@ -509,6 +509,17 @@ devfs_pathconf(ap)
 	case _PC_PATH_MAX:
 		*ap->a_retval = PATH_MAX;
 		return (0);
+	case _POSIX_MAC_PRESENT:
+#ifdef MAC
+		/*
+		 * If MAC is enabled, devfs automatically supports
+		 * trivial non-persistant label storage.
+		 */
+		*ap->a_retval = 1;
+#else
+		*ap->a_retval = 0;
+#endif /* MAC */
+		return (0);
 	default:
 		return (vop_stdpathconf(ap));
 	}