115626b75a
change to use sbufs instead of C strings. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
110 lines
3.7 KiB
Text
110 lines
3.7 KiB
Text
<!-- $FreeBSD$ -->
|
|
|
|
<!ENTITY mac.mpo "mpo">
|
|
<!ENTITY mac.thead '
|
|
<colspec colname="first" colwidth="0">
|
|
<colspec colwidth="0">
|
|
<colspec colname="last" colwidth="0">
|
|
|
|
<thead>
|
|
<row>
|
|
<entry>Parameter</entry>
|
|
<entry>Description</entry>
|
|
<entry>Locking</entry>
|
|
</row>
|
|
</thead>
|
|
'>
|
|
|
|
<!ENTITY mac.externalize.paramdefs '
|
|
<paramdef>struct label *<parameter>label</parameter></paramdef>
|
|
<paramdef>char *<parameter>element_name</parameter></paramdef>
|
|
<paramdef>struct sbuf *<parameter>sb</parameter></paramdef>
|
|
<paramdef>int <parameter>*claimed</parameter></paramdef>
|
|
'>
|
|
|
|
<!ENTITY mac.externalize.tbody '
|
|
<tbody>
|
|
<row>
|
|
<entry><parameter>label</parameter></entry>
|
|
<entry>Label to be externalized</entry>
|
|
</row>
|
|
|
|
<row>
|
|
<entry><parameter>element_name</parameter>
|
|
<entry>Name of the policy whose label should be externalized</entry>
|
|
</row>
|
|
|
|
<row>
|
|
<entry><parameter>sb</parameter>
|
|
<entry>String buffer to be filled with a text representation of
|
|
label</entry>
|
|
</row>
|
|
|
|
<row>
|
|
<entry><parameter>claimed</parameter></entry>
|
|
<entry>Should be incremented when <parameter>element_data</parameter>
|
|
can be filled in.</entry>
|
|
</row>
|
|
</tbody>
|
|
'>
|
|
|
|
<!ENTITY mac.externalize.para "
|
|
<para>Produce an externalized label based on the label structure passed.
|
|
An externalized label consists of a text representation of the label
|
|
contents that can be used with userland applications and read by the
|
|
user. Currently, all policies' <function>externalize</function> entry
|
|
points will be called, so the implementation should check the contents
|
|
of <parameter>element_name</parameter> before attempting to fill in
|
|
<parameter>sb</parameter>. If
|
|
<parameter>element_name</parameter> does not match the name of your
|
|
policy, simply return <returnvalue>0</returnvalue>. Only return nonzero
|
|
if an error occurs while externalizing the label data. Once the policy
|
|
fills in <parameter>element_data</parameter>, <varname>*claimed</varname>
|
|
should be incremented.</para>
|
|
">
|
|
|
|
<!ENTITY mac.internalize.paramdefs '
|
|
<paramdef>struct label *<parameter>label</parameter></paramdef>
|
|
<paramdef>char *<parameter>element_name</parameter></paramdef>
|
|
<paramdef>char *<parameter>element_data</parameter></paramdef>
|
|
<paramdef>int *<parameter>claimed</parameter></paramdef>
|
|
'>
|
|
|
|
<!ENTITY mac.internalize.tbody '
|
|
<tbody>
|
|
<row>
|
|
<entry><parameter>label</parameter></entry>
|
|
<entry>Label to be filled in</entry>
|
|
</row>
|
|
|
|
<row>
|
|
<entry><parameter>element_name</parameter></entry>
|
|
<entry>Name of the policy whose label should be internalized</entry>
|
|
</row>
|
|
|
|
<row>
|
|
<entry><parameter>element_data</parameter></entry>
|
|
<entry>Text data to be internalized</entry>
|
|
</row>
|
|
|
|
<row>
|
|
<entry><parameter>claimed</parameter></entry>
|
|
<entry>Should be incremented when data can be successfully
|
|
internalized.</entry>
|
|
</row>
|
|
</tbody>
|
|
'>
|
|
|
|
<!ENTITY mac.internalize.para "
|
|
<para>Produce an internal label structure based on externalized label data
|
|
in text format. Currently, all policies' <function>internalize</function>
|
|
entry points are called when internalization is requested, so the
|
|
implementation should compare the contents of
|
|
<parameter>element_name</parameter> to its own name in order to be sure
|
|
it should be internalizing the data in <parameter>element_data</parameter>.
|
|
Just as in the <function>externalize</function> entry points, the entry
|
|
point should return <returnvalue>0</returnvalue> if
|
|
<parameter>element_name</parameter> does not match its own name, or when
|
|
data can successfully be internalized, in which case
|
|
<varname>*claimed</varname> should be incremented.</para>
|
|
">
|