PERFORCE change 20491 for review

Thu Oct 31 20:51:53 GMT 2002

http://perforce.freebsd.org/chv.cgi?CH=20491

Change 20491 by green at green_laptop_2 on 2002/10/31 12:51:02

	* Fix reversed sense of "privileged" checks.
	* Remove case of lock order reversal in thread_userret code.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#32 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#32 (text+ko) ====

@@ -1996,7 +1996,7 @@
 	subj = SLOT(&cred->cr_label);
 	obj = SLOT(label);
 
-	if (!mac_lomac_subject_privileged(subj))
+	if (mac_lomac_subject_privileged(subj))
 		return (EPERM);
 
 	if (!mac_lomac_high_single(obj))
@@ -2032,7 +2032,7 @@
 			return (EACCES);
 #endif
 
-		if (!mac_lomac_subject_privileged(subj))
+		if (mac_lomac_subject_privileged(subj))
 			return (EPERM);
 	}
 
@@ -2514,9 +2514,11 @@
 	struct proc *p = td->td_proc;
 	struct mac_lomac_proc *subj = PSLOT(&p->p_label);
 	struct ucred *newcred, *oldcred;
+	int dodrop;
 
 	mtx_lock(&subj->mtx);
 	if (subj->mac_lomac.ml_flags & MAC_LOMAC_FLAG_UPDATE) {
+		dodrop = 0;
 		mtx_unlock(&subj->mtx);
 		newcred = crget();
 		/*
@@ -2525,23 +2527,27 @@
 		 * user of subj->mtx wouldn't be holding Giant.
 		 */
 		mtx_lock(&Giant);
+		PROC_LOCK(p);
 		mtx_lock(&subj->mtx);
 		/*
 		 * Check if we lost the race while allocating the cred.
 		 */
-		if ((subj->mac_lomac.ml_flags & MAC_LOMAC_FLAG_UPDATE) == 0)
+		if ((subj->mac_lomac.ml_flags & MAC_LOMAC_FLAG_UPDATE) == 0) {
+			crfree(newcred);
 			goto out;
-		PROC_LOCK(p);
+		}
 		oldcred = p->p_ucred;
 		crcopy(newcred, oldcred);
 		crhold(newcred);
 		mac_lomac_copy(&subj->mac_lomac, SLOT(&newcred->cr_label));
 		p->p_ucred = newcred;
 		crfree(oldcred);
-		PROC_UNLOCK(p);
-		mac_cred_mmapped_drop_perms(curthread, newcred);
+		dodrop = 1;
 	out:
 		mtx_unlock(&subj->mtx);
+		PROC_UNLOCK(p);
+		if (dodrop)
+			mac_cred_mmapped_drop_perms(curthread, newcred);
 		mtx_unlock(&Giant);
 	} else {
 		mtx_unlock(&subj->mtx);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

