PERFORCE change 20077 for review
Robert Watson
rwatson at freebsd.org
Thu Oct 24 20:43:27 GMT 2002
http://perforce.freebsd.org/chv.cgi?CH=20077
Change 20077 by rwatson at rwatson_tislabs on 2002/10/24 13:43:05
A bit better pass at mprotect check -- not quite right yet,
so leave it disabled, since we don't have a good cred.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/vm/vm_map.c#17 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/vm/vm_map.c#17 (text+ko) ====
@@ -1235,6 +1235,13 @@
{
vm_map_entry_t current;
vm_map_entry_t entry;
+#ifdef MAC
+#if 0
+ vm_object_t object;
+ struct vnode *vp;
+ int error;
+#endif
+#endif
vm_map_lock(map);
@@ -1260,19 +1267,17 @@
return (KERN_PROTECTION_FAILURE);
}
#ifdef MAC
- /* XXXMAC: Checks against MAC labels should go here. */
#if 0
/* Find the deepest backing object. */
- vm_object_t object;
- object = vme->object.vm_object;
+ object = current->object.vm_object;
while (object->backing_object != NULL)
object = object->backing_object;
switch (object->type) {
case OBJT_VNODE:
- struct vnode *vp = (struct vnode *)object->handle;
- vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
+ vp = (struct vnode *)object->handle;
+ vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, curthread);
error = mac_check_vnode_mprotect(cred, vp, new_prot);
- VOP_UNLOCK(vp, 0, td);
+ VOP_UNLOCK(vp, 0, curthread);
if (error)
return (KERN_PROTECTION_FAILURE);
break;
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list