PERFORCE change 19357 for review

Tue Oct 15 22:43:05 GMT 2002

http://perforce.freebsd.org/chv.cgi?CH=19357

Change 19357 by green at green_laptop_2 on 2002/10/15 15:42:19

	Fix the merge-o's.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/kern/vfs_syscalls.c#90 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/vfs_syscalls.c#90 (text+ko) ====

@@ -897,6 +897,11 @@
 			return (error);
 		goto restart;
 	}
+#ifdef MAC
+	if (error == 0 && !whiteout)
+		error = mac_check_vnode_create(td->td_ucred, nd.ni_dvp,
+		    &nd.ni_cnd, &vattr);
+#endif /* MAC */
 	if (!error) {
 		VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
 		if (whiteout)
@@ -969,10 +974,19 @@
 	FILEDESC_LOCK(td->td_proc->p_fd);
 	vattr.va_mode = (mode & ALLPERMS) & ~td->td_proc->p_fd->fd_cmask;
 	FILEDESC_UNLOCK(td->td_proc->p_fd);
+#ifdef MAC
+	error = mac_check_vnode_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
+	    &vattr);
+	if (error)
+		goto out;
+#endif /* MAC */
 	VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
 	error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
 	if (error == 0)
 		vput(nd.ni_vp);
+#ifdef MAC
+out:
+#endif /* MAC */
 	NDFREE(&nd, NDF_ONLY_PNBUF);
 	vput(nd.ni_dvp);
 	vn_finished_write(mp);
@@ -1111,11 +1125,21 @@
 	FILEDESC_LOCK(td->td_proc->p_fd);
 	vattr.va_mode = ACCESSPERMS &~ td->td_proc->p_fd->fd_cmask;
 	FILEDESC_UNLOCK(td->td_proc->p_fd);
+#ifdef MAC
+	vattr.va_type = VLNK;
+	error = mac_check_vnode_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
+	    &vattr);
+	if (error)
+		goto out2;
+#endif /* MAC */
 	VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
 	error = VOP_SYMLINK(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr, syspath);
-	NDFREE(&nd, NDF_ONLY_PNBUF);
 	if (error == 0)
 		vput(nd.ni_vp);
+#ifdef MAC
+out2:
+#endif /* MAC */
+	NDFREE(&nd, NDF_ONLY_PNBUF);
 	vput(nd.ni_dvp);
 	vn_finished_write(mp);
 	ASSERT_VOP_UNLOCKED(nd.ni_dvp, "symlink");
@@ -1163,6 +1187,7 @@
 			return (error);
 		goto restart;
 	}
+	/* XXXMAC: need a permission check here */
 	VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
 	error = VOP_WHITEOUT(nd.ni_dvp, &nd.ni_cnd, DELETE);
 	NDFREE(&nd, NDF_ONLY_PNBUF);
@@ -1231,8 +1256,17 @@
 				return (error);
 			goto restart;
 		}
+#ifdef MAC
+		error = mac_check_vnode_delete(td->td_ucred, nd.ni_dvp, vp,
+		    &nd.ni_cnd);
+		if (error)
+			goto out;
+#endif /* MAC */
 		VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
 		error = VOP_REMOVE(nd.ni_dvp, vp, &nd.ni_cnd);
+#ifdef MAC
+out:
+#endif /* MAC */
 		vn_finished_write(mp);
 	}
 	NDFREE(&nd, NDF_ONLY_PNBUF);
@@ -2715,10 +2749,26 @@
 	int error;
 
 	bwillwrite();
+#ifdef MAC
+	NDINIT(&fromnd, DELETE, LOCKPARENT | LOCKLEAF | SAVESTART, pathseg,
+	    from, td);
+#else /* MAC */
 	NDINIT(&fromnd, DELETE, WANTPARENT | SAVESTART, pathseg, from, td);
+#endif /* MAC */
 	if ((error = namei(&fromnd)) != 0)
 		return (error);
 	fvp = fromnd.ni_vp;
+#ifdef MAC
+	error = mac_check_vnode_rename_from(td->td_ucred, fromnd.ni_dvp, fvp,
+	    &fromnd.ni_cnd);
+	if (error) {
+		NDFREE(&fromnd, NDF_ONLY_PNBUF);
+		vrele(fromnd.ni_dvp);
+		vrele(fvp);
+		goto out1;
+	}
+	NDFREE(&fromnd, NDF_ONLY_UNLOCK);
+#endif /* MAC */
 	if ((error = vn_start_write(fvp, &mp, V_WAIT | PCATCH)) != 0) {
 		NDFREE(&fromnd, NDF_ONLY_PNBUF);
 		vrele(fromnd.ni_dvp);
@@ -2757,6 +2807,11 @@
 	 */
 	if (fvp == tvp)
 		error = -1;
+#ifdef MAC
+	else
+		error = mac_check_vnode_rename_to(td->td_ucred, tdvp,
+		    tond.ni_vp, fromnd.ni_dvp == tdvp, &tond.ni_cnd);
+#endif /* MAC */
 out:
 	if (!error) {
 		VOP_LEASE(tdvp, td, td->td_ucred, LEASE_WRITE);
@@ -2860,8 +2915,17 @@
 	FILEDESC_LOCK(td->td_proc->p_fd);
 	vattr.va_mode = (mode & ACCESSPERMS) &~ td->td_proc->p_fd->fd_cmask;
 	FILEDESC_UNLOCK(td->td_proc->p_fd);
+#ifdef MAC
+	error = mac_check_vnode_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
+	    &vattr);
+	if (error)
+		goto out;
+#endif /* MAC */
 	VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
 	error = VOP_MKDIR(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
+#ifdef MAC
+out:
+#endif /* MAC */
 	NDFREE(&nd, NDF_ONLY_PNBUF);
 	vput(nd.ni_dvp);
 	if (!error)
@@ -2924,6 +2988,12 @@
 		error = EBUSY;
 		goto out;
 	}
+#ifdef MAC
+	error = mac_check_vnode_delete(td->td_ucred, nd.ni_dvp, vp,
+	    &nd.ni_cnd);
+	if (error)
+		goto out;
+#endif
 	if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
 		NDFREE(&nd, NDF_ONLY_PNBUF);
 		if (nd.ni_dvp == vp)
@@ -3835,7 +3905,9 @@
 	cnt -= auio.uio_resid;
 	td->td_retval[0] = cnt;
 
+#ifdef MAC
 done:
+#endif
 	VOP_UNLOCK(vp, 0, td);
 	vn_finished_write(mp);
 	return (error);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

