PERFORCE change 20693 for review

[Robert Watson]

http://perforce.freebsd.org/chv.cgi?CH=20693

Change 20693 by rwatson at rwatson_tislabs on 2002/11/05 08:31:28

	Improve focus on consistent alphabetization and sorting.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#349 edit
.. //depot/projects/trustedbsd/mac/sys/sys/imgact.h#17 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#210 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#349 (text+ko) ====

@@ -1275,7 +1275,51 @@
 	return (error);
 }
 
+int
+mac_execve_enter(struct image_params *imgp, struct mac *mac_p,
+    struct label *execlabelstorage)
+{
+	struct mac mac;
+	char *buffer;
+	int error;
+
+	if (mac_p == NULL)
+		return (0);
+
+	error = copyin(mac_p, &mac, sizeof(mac));
+	if (error)
+		return (error);
+
+	error = mac_check_structmac_consistent(&mac);
+	if (error)
+		return (error);
+
+	buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
+	error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL);
+	if (error) {
+		free(buffer, M_MACTEMP);
+		return (error);
+	}
+
+	mac_init_cred_label(execlabelstorage);
+	error = mac_internalize_cred_label(execlabelstorage, buffer);
+	free(buffer, M_MACTEMP);
+	if (error) {
+		mac_destroy_cred_label(execlabelstorage);
+		return (error);
+	}
+	imgp->execlabel = execlabelstorage;
+	return (0);
+}
+
 void
+mac_execve_exit(struct image_params *imgp)
+{
+	if (imgp->execlabel != NULL)
+		mac_destroy_cred_label(imgp->execlabel);
+}
+
+void
 mac_execve_transition(struct ucred *old, struct ucred *new, struct vnode *vp,
     struct label *shelllabel, struct image_params *imgp)
 {
@@ -1295,7 +1339,7 @@
 {
 	int result;
 
-	ASSERT_VOP_LOCKED(vp, "mac_execve_transition");
+	ASSERT_VOP_LOCKED(vp, "mac_execve_will_transition");
 
 	if (!mac_enforce_process && !mac_enforce_fs)
 		return (0);
@@ -3495,50 +3539,6 @@
 	return (error);
 }
 
-int
-mac_execve_enter(struct image_params *imgp, struct mac *mac_p,
-    struct label *execlabelstorage)
-{
-	struct mac mac;
-	char *buffer;
-	int error;
-
-	if (mac_p == NULL)
-		return (0);
-
-	error = copyin(mac_p, &mac, sizeof(mac));
-	if (error)
-		return (error);
-
-	error = mac_check_structmac_consistent(&mac);
-	if (error)
-		return (error);
-
-	buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK);
-	error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL);
-	if (error) {
-		free(buffer, M_MACTEMP);
-		return (error);
-	}
-
-	mac_init_cred_label(execlabelstorage);
-	error = mac_internalize_cred_label(execlabelstorage, buffer);
-	free(buffer, M_MACTEMP);
-	if (error) {
-		mac_destroy_cred_label(execlabelstorage);
-		return (error);
-	}
-	imgp->execlabel = execlabelstorage;
-	return (0);
-}
-
-void
-mac_execve_exit(struct image_params *imgp)
-{
-	if (imgp->execlabel != NULL)
-		mac_destroy_cred_label(imgp->execlabel);
-}
-
 SYSINIT(mac, SI_SUB_MAC, SI_ORDER_FIRST, mac_init, NULL);
 SYSINIT(mac_late, SI_SUB_MAC_LATE, SI_ORDER_FIRST, mac_late_init, NULL);
 

==== //depot/projects/trustedbsd/mac/sys/sys/imgact.h#17 (text+ko) ====

@@ -38,10 +38,10 @@
 
 #define MAXSHELLCMDLEN	128
 
+struct label;
 struct sysentvec;
 struct thread;
 struct vm_object;
-struct label;
 
 struct image_params {
 	struct proc *proc;	/* our process struct */

==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#210 (text+ko) ====

@@ -221,13 +221,13 @@
  * Labeling event operations: processes.
  */
 void	mac_create_cred(struct ucred *cred_parent, struct ucred *cred_child);
+int	mac_execve_enter(struct image_params *imgp, struct mac *mac_p,
+	    struct label *execlabel);
 void	mac_execve_transition(struct ucred *old, struct ucred *new,
 	    struct vnode *vp, struct label *shelllabel,
 	    struct image_params *imgp);
 int	mac_execve_will_transition(struct ucred *old, struct vnode *vp,
 	    struct label *shelllabel, struct image_params *imgp);
-int	mac_execve_enter(struct image_params *imgp, struct mac *mac_p,
-	    struct label *execlabel);
 void	mac_execve_exit(struct image_params *imgp);
 void	mac_create_proc0(struct ucred *cred);
 void	mac_create_proc1(struct ucred *cred);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message