PERFORCE change 15265 for review
Robert Watson
rwatson at freebsd.org
Wed Jul 31 02:29:29 GMT 2002
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15265
Change 15265 by rwatson at rwatson_tislabs on 2002/07/30 19:29:03
Trickle IFC MAC changes back into the MAC tree.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/kern/init_main.c#26 integrate
.. //depot/projects/trustedbsd/mac/sys/kern/kern_prot.c#28 integrate
.. //depot/projects/trustedbsd/mac/sys/kern/subr_mbuf.c#17 integrate
.. //depot/projects/trustedbsd/mac/sys/kern/uipc_mbuf.c#11 integrate
.. //depot/projects/trustedbsd/mac/sys/kern/vfs_mount.c#4 integrate
.. //depot/projects/trustedbsd/mac/sys/kern/vfs_subr.c#30 integrate
.. //depot/projects/trustedbsd/mac/sys/kern/vfs_syscalls.c#68 integrate
Differences ...
==== //depot/projects/trustedbsd/mac/sys/kern/init_main.c#26 (text+ko) ====
@@ -39,7 +39,7 @@
* SUCH DAMAGE.
*
* @(#)init_main.c 8.9 (Berkeley) 1/21/94
- * $FreeBSD: src/sys/kern/init_main.c,v 1.200 2002/07/31 00:39:19 rwatson Exp $
+ * $FreeBSD: src/sys/kern/init_main.c,v 1.201 2002/07/31 01:11:29 rwatson Exp $
*/
#include "opt_init_path.h"
@@ -522,7 +522,7 @@
VOP_UNLOCK(rootvnode, 0, td);
#ifdef MAC
mac_create_root_mount(td->td_ucred, TAILQ_FIRST(&mountlist));
-#endif /* MAC */
+#endif
if (devfs_present) {
/*
==== //depot/projects/trustedbsd/mac/sys/kern/kern_prot.c#28 (text+ko) ====
@@ -37,7 +37,7 @@
* SUCH DAMAGE.
*
* @(#)kern_prot.c 8.6 (Berkeley) 1/21/94
- * $FreeBSD: src/sys/kern/kern_prot.c,v 1.162 2002/07/31 00:39:19 rwatson Exp $
+ * $FreeBSD: src/sys/kern/kern_prot.c,v 1.163 2002/07/31 00:48:24 rwatson Exp $
*/
/*
@@ -1424,6 +1424,10 @@
error = prison_check(cred, proc->p_ucred);
if (error)
return (error);
+#ifdef MAC
+ if ((error = mac_check_proc_signal(cred, proc, signum)))
+ return (error);
+#endif
error = cr_seeotheruids(cred, proc->p_ucred);
if (error)
return (error);
@@ -1591,6 +1595,10 @@
return (0);
if ((error = prison_check(td->td_ucred, p->p_ucred)))
return (error);
+#ifdef MAC
+ if ((error = mac_check_proc_debug(td->td_ucred, p)))
+ return (error);
+#endif
if ((error = cr_seeotheruids(td->td_ucred, p->p_ucred)))
return (error);
@@ -1671,13 +1679,13 @@
error = prison_check(cred, so->so_cred);
if (error)
return (ENOENT);
- if (cr_seeotheruids(cred, so->so_cred))
- return (ENOENT);
#ifdef MAC
error = mac_check_socket_visible(cred, so);
if (error)
return (error);
#endif
+ if (cr_seeotheruids(cred, so->so_cred))
+ return (ENOENT);
return (0);
}
==== //depot/projects/trustedbsd/mac/sys/kern/subr_mbuf.c#17 (text+ko) ====
@@ -25,16 +25,17 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/kern/subr_mbuf.c,v 1.24 2002/07/30 21:06:27 bmilekic Exp $
+ * $FreeBSD: src/sys/kern/subr_mbuf.c,v 1.25 2002/07/31 01:42:19 rwatson Exp $
*/
+#include "opt_mac.h"
#include "opt_param.h"
-#include "opt_mac.h"
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/mac.h>
#include <sys/malloc.h>
+#include <sys/mac.h>
#include <sys/mbuf.h>
#include <sys/lock.h>
#include <sys/mutex.h>
==== //depot/projects/trustedbsd/mac/sys/kern/uipc_mbuf.c#11 (text+ko) ====
@@ -31,17 +31,19 @@
* SUCH DAMAGE.
*
* @(#)uipc_mbuf.c 8.2 (Berkeley) 1/4/94
- * $FreeBSD: src/sys/kern/uipc_mbuf.c,v 1.95 2002/07/30 18:28:58 rwatson Exp $
+ * $FreeBSD: src/sys/kern/uipc_mbuf.c,v 1.96 2002/07/31 01:51:34 rwatson Exp $
*/
#include "opt_mac.h"
#include "opt_param.h"
+
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/mac.h>
#include <sys/malloc.h>
+#include <sys/mac.h>
#include <sys/mbuf.h>
#include <sys/sysctl.h>
#include <sys/domain.h>
@@ -81,11 +83,15 @@
mac_destroy_mbuf(to);
#endif
#endif
+#ifdef MAC
+ if (to->m_flags & M_PKTHDR)
+ mac_destroy_mbuf(to);
+#endif
to->m_data = to->m_pktdat;
to->m_flags = from->m_flags & M_COPYFLAGS;
to->m_pkthdr = from->m_pkthdr;
#ifdef MAC
- mac_init_mbuf(to, 1);
+ mac_init_mbuf(to, 1); /* XXXMAC no way to fail */
mac_create_mbuf_from_mbuf(from, to);
#endif
from->m_pkthdr.aux = NULL;
@@ -108,6 +114,9 @@
}
if (m->m_flags & M_PKTHDR) {
M_COPY_PKTHDR(mn, m);
+#ifdef MAC
+ mac_destroy_mbuf(m);
+#endif
m->m_flags &= ~M_PKTHDR;
#ifdef MAC
mac_destroy_mbuf(m);
==== //depot/projects/trustedbsd/mac/sys/kern/vfs_mount.c#4 (text+ko) ====
@@ -61,7 +61,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/kern/vfs_mount.c,v 1.78 2002/07/29 06:26:55 jeff Exp $
+ * $FreeBSD: src/sys/kern/vfs_mount.c,v 1.79 2002/07/31 01:11:29 rwatson Exp $
*/
#include <sys/param.h>
@@ -70,6 +70,7 @@
#include <sys/kernel.h>
#include <sys/linker.h>
#include <sys/malloc.h>
+#include <sys/mac.h>
#include <sys/mount.h>
#include <sys/mutex.h>
#include <sys/namei.h>
==== //depot/projects/trustedbsd/mac/sys/kern/vfs_subr.c#30 (text+ko) ====
@@ -36,7 +36,7 @@
* SUCH DAMAGE.
*
* @(#)vfs_subr.c 8.31 (Berkeley) 5/26/95
- * $FreeBSD: src/sys/kern/vfs_subr.c,v 1.382 2002/07/29 06:26:55 jeff Exp $
+ * $FreeBSD: src/sys/kern/vfs_subr.c,v 1.384 2002/07/31 02:05:12 rwatson Exp $
*/
/*
@@ -56,6 +56,7 @@
#include <sys/kthread.h>
#include <sys/mac.h>
#include <sys/malloc.h>
+#include <sys/mac.h>
#include <sys/mount.h>
#include <sys/namei.h>
#include <sys/stat.h>
@@ -805,7 +806,7 @@
vp->v_pollinfo = NULL;
#ifdef MAC
mac_destroy_vnode(vp);
-#endif /* MAC */
+#endif
vp->v_flag = 0;
vp->v_lastw = 0;
vp->v_lasta = 0;
@@ -836,6 +837,9 @@
mac_init_vnode(vp);
#endif
lockinit(&vp->v_lock, PVFS, "vnlock", VLKTIMEOUT, LK_NOPAUSE);
+#ifdef MAC
+ mac_init_vnode(vp);
+#endif
insmntque(vp, mp);
*vpp = vp;
vp->v_usecount = 1;
==== //depot/projects/trustedbsd/mac/sys/kern/vfs_syscalls.c#68 (text+ko) ====
@@ -36,7 +36,7 @@
* SUCH DAMAGE.
*
* @(#)vfs_syscalls.c 8.13 (Berkeley) 4/15/94
- * $FreeBSD: src/sys/kern/vfs_syscalls.c,v 1.272 2002/07/30 18:48:25 rwatson Exp $
+ * $FreeBSD: src/sys/kern/vfs_syscalls.c,v 1.273 2002/07/31 01:27:33 rwatson Exp $
*/
/* For 4.3 integer FS ID compatibility */
@@ -50,6 +50,7 @@
#include <sys/sysent.h>
#include <sys/mac.h>
#include <sys/malloc.h>
+#include <sys/mac.h>
#include <sys/mount.h>
#include <sys/mutex.h>
#include <sys/sysproto.h>
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list