PERFORCE change 18290 for review
Robert Watson
rwatson at freebsd.org
Sat Sep 28 19:35:29 GMT 2002
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=18290
Change 18290 by rwatson at rwatson_tislabs on 2002/09/28 12:34:57
Slightly restructure internalize/externalize routines to return
immediately if there's no match, rather than not returning until
the end, visually simplifying the functions. No functional change.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#116 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#96 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_partition/mac_partition.c#14 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#116 (text+ko) ====
@@ -516,68 +516,68 @@
size_t len, left;
int error;
- if (strcmp(MAC_BIBA_LABEL_NAME, element->me_name) == 0) {
- (*claimed)++;
+ if (strcmp(MAC_BIBA_LABEL_NAME, element->me_name) != 0)
+ return (0);
- mac_biba = SLOT(label);
+ (*claimed)++;
- bzero(string, sizeof(string));
- curptr = string;
- left = MAC_MAX_LABEL_ELEMENT_DATALEN;
+ mac_biba = SLOT(label);
- if (mac_biba->mb_flags & MAC_BIBA_FLAG_SINGLE) {
- len = mac_biba_element_to_string(curptr, left,
- &mac_biba->mb_single);
- if (len >= left)
- return (EINVAL);
- left -= len;
- curptr += len;
- }
+ bzero(string, sizeof(string));
+ curptr = string;
+ left = MAC_MAX_LABEL_ELEMENT_DATALEN;
- if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) {
- len = snprintf(curptr, left, "(");
- if (len >= left)
- return (EINVAL);
- left -= len;
+ if (mac_biba->mb_flags & MAC_BIBA_FLAG_SINGLE) {
+ len = mac_biba_element_to_string(curptr, left,
+ &mac_biba->mb_single);
+ if (len >= left)
+ return (EINVAL);
+ left -= len;
curptr += len;
+ }
- len = mac_biba_element_to_string(curptr, left,
- &mac_biba->mb_rangelow);
- if (len >= left)
- return (EINVAL);
- left -= len;
- curptr += len;
+ if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) {
+ len = snprintf(curptr, left, "(");
+ if (len >= left)
+ return (EINVAL);
+ left -= len;
+ curptr += len;
- len = snprintf(curptr, left, "-");
- if (len >= left)
- return (EINVAL);
- left -= len;
- curptr += len;
+ len = mac_biba_element_to_string(curptr, left,
+ &mac_biba->mb_rangelow);
+ if (len >= left)
+ return (EINVAL);
+ left -= len;
+ curptr += len;
- len = mac_biba_element_to_string(curptr, left,
- &mac_biba->mb_rangehigh);
- if (len >= left)
- return (EINVAL);
- left -= len;
- curptr += len;
+ len = snprintf(curptr, left, "-");
+ if (len >= left)
+ return (EINVAL);
+ left -= len;
+ curptr += len;
- len = snprintf(curptr, left, ")");
- if (len >= left)
- return (EINVAL);
- left -= len;
- curptr += len;
- }
+ len = mac_biba_element_to_string(curptr, left,
+ &mac_biba->mb_rangehigh);
+ if (len >= left)
+ return (EINVAL);
+ left -= len;
+ curptr += len;
- if (strlen(string)+1 > element->me_databuflen)
+ len = snprintf(curptr, left, ")");
+ if (len >= left)
return (EINVAL);
+ left -= len;
+ curptr += len;
+ }
- error = copyout(string, element->me_data, strlen(string)+1);
- if (error)
- return (error);
+ if (strlen(string)+1 > element->me_databuflen)
+ return (EINVAL);
- element->me_datalen = strlen(string)+1;
- }
+ error = copyout(string, element->me_data, strlen(string)+1);
+ if (error)
+ return (error);
+ element->me_datalen = strlen(string)+1;
return (0);
}
@@ -636,77 +636,78 @@
char *range, *rangeend, *rangehigh, *rangelow, *single;
int error;
- if (strcmp(MAC_BIBA_LABEL_NAME, element->me_name) == 0) {
- (*claimed)++;
+ if (strcmp(MAC_BIBA_LABEL_NAME, element->me_name) != 0)
+ return (0);
- error = copyin(element->me_data, &string, element->me_datalen);
- if (error)
- return (error);
+ (*claimed)++;
- if (!strvalid(string, MAC_MAX_LABEL_ELEMENT_DATALEN))
- return (EINVAL);
+ error = copyin(element->me_data, &string, element->me_datalen);
+ if (error)
+ return (error);
- /* Do we have a range? */
- single = string;
- range = index(string, '(');
- if (range == single)
- single = NULL;
- rangelow = rangehigh = NULL;
- if (range != NULL) {
- /* Nul terminate the end of the single string. */
- *range = '\0';
- range++;
- rangelow = range;
- rangehigh = index(rangelow, '-');
- if (rangehigh == NULL)
- return (EINVAL);
- rangehigh++;
- if (*rangelow == '\0' || *rangehigh == '\0')
- return (EINVAL);
- rangeend = index(rangehigh, ')');
- if (rangeend == NULL)
- return (EINVAL);
- if (*(rangeend + 1) != '\0')
- return (EINVAL);
- /* Nul terminate the ends of the ranges. */
- *(rangehigh - 1) = '\0';
- *rangeend = '\0';
- }
- KASSERT((rangelow != NULL && rangehigh != NULL) ||
- (rangelow == NULL && rangehigh == NULL),
- ("mac_biba_internalize_label: range mismatch"));
+ if (!strvalid(string, MAC_MAX_LABEL_ELEMENT_DATALEN))
+ return (EINVAL);
- printf("Biba: single: %s, range low: %s, range high: %s\n",
- single, rangelow, rangehigh);
+ /* Do we have a range? */
+ single = string;
+ range = index(string, '(');
+ if (range == single)
+ single = NULL;
+ rangelow = rangehigh = NULL;
+ if (range != NULL) {
+ /* Nul terminate the end of the single string. */
+ *range = '\0';
+ range++;
+ rangelow = range;
+ rangehigh = index(rangelow, '-');
+ if (rangehigh == NULL)
+ return (EINVAL);
+ rangehigh++;
+ if (*rangelow == '\0' || *rangehigh == '\0')
+ return (EINVAL);
+ rangeend = index(rangehigh, ')');
+ if (rangeend == NULL)
+ return (EINVAL);
+ if (*(rangeend + 1) != '\0')
+ return (EINVAL);
+ /* Nul terminate the ends of the ranges. */
+ *(rangehigh - 1) = '\0';
+ *rangeend = '\0';
+ }
+ KASSERT((rangelow != NULL && rangehigh != NULL) ||
+ (rangelow == NULL && rangehigh == NULL),
+ ("mac_biba_internalize_label: range mismatch"));
- bzero(&mac_biba_temp, sizeof(mac_biba_temp));
- if (single != NULL) {
- error = mac_biba_parse_element(
- &mac_biba_temp.mb_single, single);
- if (error)
- return (error);
- mac_biba_temp.mb_flags |= MAC_BIBA_FLAG_SINGLE;
- }
+ printf("Biba: single: %s, range low: %s, range high: %s\n",
+ single, rangelow, rangehigh);
- if (rangelow != NULL) {
- error = mac_biba_parse_element(
- &mac_biba_temp.mb_rangelow, rangelow);
- if (error)
- return (error);
- error == mac_biba_parse_element(
- &mac_biba_temp.mb_rangehigh, rangehigh);
- if (error)
- return (error);
- mac_biba_temp.mb_flags |= MAC_BIBA_FLAG_RANGE;
- }
+ bzero(&mac_biba_temp, sizeof(mac_biba_temp));
+ if (single != NULL) {
+ error = mac_biba_parse_element(&mac_biba_temp.mb_single,
+ single);
+ if (error)
+ return (error);
+ mac_biba_temp.mb_flags |= MAC_BIBA_FLAG_SINGLE;
+ }
- error = mac_biba_valid(&mac_biba_temp);
+ if (rangelow != NULL) {
+ error = mac_biba_parse_element(&mac_biba_temp.mb_rangelow,
+ rangelow);
+ if (error)
+ return (error);
+ error == mac_biba_parse_element(&mac_biba_temp.mb_rangehigh,
+ rangehigh);
if (error)
return (error);
+ mac_biba_temp.mb_flags |= MAC_BIBA_FLAG_RANGE;
+ }
- mac_biba = SLOT(label);
- *mac_biba = mac_biba_temp;
- }
+ error = mac_biba_valid(&mac_biba_temp);
+ if (error)
+ return (error);
+
+ mac_biba = SLOT(label);
+ *mac_biba = mac_biba_temp;
return (0);
}
==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#96 (text+ko) ====
@@ -505,68 +505,68 @@
size_t left, len;
int error;
- if (strcmp(MAC_MLS_LABEL_NAME, element->me_name) == 0) {
- (*claimed)++;
+ if (strcmp(MAC_MLS_LABEL_NAME, element->me_name) != 0)
+ return (0);
- mac_mls = SLOT(label);
+ (*claimed)++;
- bzero(string, sizeof(string));
- curptr = string;
- left = MAC_MAX_LABEL_ELEMENT_DATALEN;
+ mac_mls = SLOT(label);
- if (mac_mls->mm_flags & MAC_MLS_FLAG_SINGLE) {
- len = mac_mls_element_to_string(curptr, left,
- &mac_mls->mm_single);
- if (len >= left)
- return (EINVAL);
- left -= len;
- curptr += len;
- }
+ bzero(string, sizeof(string));
+ curptr = string;
+ left = MAC_MAX_LABEL_ELEMENT_DATALEN;
- if (mac_mls->mm_flags & MAC_MLS_FLAG_RANGE) {
- len = snprintf(curptr, left, "(");
- if (len >= left)
- return (EINVAL);
- left -= len;
- curptr += len;
+ if (mac_mls->mm_flags & MAC_MLS_FLAG_SINGLE) {
+ len = mac_mls_element_to_string(curptr, left,
+ &mac_mls->mm_single);
+ if (len >= left)
+ return (EINVAL);
+ left -= len;
+ curptr += len;
+ }
- len = mac_mls_element_to_string(curptr, left,
- &mac_mls->mm_rangelow);
- if (len >= left)
- return (EINVAL);
- left -= len;
- curptr += len;
+ if (mac_mls->mm_flags & MAC_MLS_FLAG_RANGE) {
+ len = snprintf(curptr, left, "(");
+ if (len >= left)
+ return (EINVAL);
+ left -= len;
+ curptr += len;
- len = snprintf(curptr, left, "-");
- if (len >= left)
- return (EINVAL);
- left -= len;
- curptr += len;
+ len = mac_mls_element_to_string(curptr, left,
+ &mac_mls->mm_rangelow);
+ if (len >= left)
+ return (EINVAL);
+ left -= len;
+ curptr += len;
- len = mac_mls_element_to_string(curptr, left,
- &mac_mls->mm_rangehigh);
- if (len >= left)
- return (EINVAL);
- left -= len;
- curptr += len;
+ len = snprintf(curptr, left, "-");
+ if (len >= left)
+ return (EINVAL);
+ left -= len;
+ curptr += len;
- len = snprintf(curptr, left, ")");
- if (len >= left)
- return (EINVAL);
- left -= len;
- curptr += len;
- }
+ len = mac_mls_element_to_string(curptr, left,
+ &mac_mls->mm_rangehigh);
+ if (len >= left)
+ return (EINVAL);
+ left -= len;
+ curptr += len;
- if (strlen(string)+1 > element->me_databuflen)
+ len = snprintf(curptr, left, ")");
+ if (len >= left)
return (EINVAL);
+ left -= len;
+ curptr += len;
+ }
- error = copyout(string, element->me_data, strlen(string)+1);
- if (error)
- return (error);
+ if (strlen(string)+1 > element->me_databuflen)
+ return (EINVAL);
- element->me_datalen = strlen(string)+1;
- }
+ error = copyout(string, element->me_data, strlen(string)+1);
+ if (error)
+ return (error);
+ element->me_datalen = strlen(string)+1;
return (0);
}
@@ -625,77 +625,78 @@
char *range, *rangeend, *rangehigh, *rangelow, *single;
int error;
- if (strcmp(MAC_MLS_LABEL_NAME, element->me_name) == 0) {
- (*claimed)++;
+ if (strcmp(MAC_MLS_LABEL_NAME, element->me_name) != 0)
+ return (0);
- error = copyin(element->me_data, &string, element->me_datalen);
- if (error)
- return (error);
+ (*claimed)++;
- if (!strvalid(string, MAC_MAX_LABEL_ELEMENT_DATALEN))
- return (EINVAL);
+ error = copyin(element->me_data, &string, element->me_datalen);
+ if (error)
+ return (error);
- /* Do we have a range? */
- single = string;
- range = index(string, '(');
- if (range == single)
- single = NULL;
- rangelow = rangehigh = NULL;
- if (range != NULL) {
- /* Nul terminate the end of the single string. */
- *range = '\0';
- range++;
- rangelow = range;
- rangehigh = index(rangelow, '-');
- if (rangehigh == NULL)
- return (EINVAL);
- rangehigh++;
- if (*rangelow == '\0' || *rangehigh == '\0')
- return (EINVAL);
- rangeend = index(rangehigh, ')');
- if (rangeend == NULL)
- return (EINVAL);
- if (*(rangeend + 1) != '\0')
- return (EINVAL);
- /* Nul terminate the ends of the ranges. */
- *(rangehigh - 1) = '\0';
- *rangeend = '\0';
- }
- KASSERT((rangelow != NULL && rangehigh != NULL) ||
- (rangelow == NULL && rangehigh == NULL),
- ("mac_biba_internalize_label: range mismatch"));
+ if (!strvalid(string, MAC_MAX_LABEL_ELEMENT_DATALEN))
+ return (EINVAL);
- printf("MLS: single: %s, range low: %s, range high: %s\n",
- single, rangelow, rangehigh);
+ /* Do we have a range? */
+ single = string;
+ range = index(string, '(');
+ if (range == single)
+ single = NULL;
+ rangelow = rangehigh = NULL;
+ if (range != NULL) {
+ /* Nul terminate the end of the single string. */
+ *range = '\0';
+ range++;
+ rangelow = range;
+ rangehigh = index(rangelow, '-');
+ if (rangehigh == NULL)
+ return (EINVAL);
+ rangehigh++;
+ if (*rangelow == '\0' || *rangehigh == '\0')
+ return (EINVAL);
+ rangeend = index(rangehigh, ')');
+ if (rangeend == NULL)
+ return (EINVAL);
+ if (*(rangeend + 1) != '\0')
+ return (EINVAL);
+ /* Nul terminate the ends of the ranges. */
+ *(rangehigh - 1) = '\0';
+ *rangeend = '\0';
+ }
+ KASSERT((rangelow != NULL && rangehigh != NULL) ||
+ (rangelow == NULL && rangehigh == NULL),
+ ("mac_biba_internalize_label: range mismatch"));
- bzero(&mac_mls_temp, sizeof(mac_mls_temp));
- if (single != NULL) {
- error = mac_mls_parse_element(
- &mac_mls_temp.mm_single, single);
- if (error)
- return (error);
- mac_mls_temp.mm_flags |= MAC_MLS_FLAG_SINGLE;
- }
+ printf("MLS: single: %s, range low: %s, range high: %s\n",
+ single, rangelow, rangehigh);
- if (rangelow != NULL) {
- error = mac_mls_parse_element(
- &mac_mls_temp.mm_rangelow, rangelow);
- if (error)
- return (error);
- error = mac_mls_parse_element(
- &mac_mls_temp.mm_rangehigh, rangehigh);
- if (error)
- return (error);
- mac_mls_temp.mm_flags |= MAC_MLS_FLAG_RANGE;
- }
+ bzero(&mac_mls_temp, sizeof(mac_mls_temp));
+ if (single != NULL) {
+ error = mac_mls_parse_element(&mac_mls_temp.mm_single,
+ single);
+ if (error)
+ return (error);
+ mac_mls_temp.mm_flags |= MAC_MLS_FLAG_SINGLE;
+ }
- error = mac_mls_valid(&mac_mls_temp);
+ if (rangelow != NULL) {
+ error = mac_mls_parse_element(&mac_mls_temp.mm_rangelow,
+ rangelow);
+ if (error)
+ return (error);
+ error = mac_mls_parse_element(&mac_mls_temp.mm_rangehigh,
+ rangehigh);
if (error)
return (error);
+ mac_mls_temp.mm_flags |= MAC_MLS_FLAG_RANGE;
+ }
- mac_mls = SLOT(label);
- *mac_mls = mac_mls_temp;
- }
+ error = mac_mls_valid(&mac_mls_temp);
+ if (error)
+ return (error);
+
+ mac_mls = SLOT(label);
+ *mac_mls = mac_mls_temp;
return (0);
}
==== //depot/projects/trustedbsd/mac/sys/security/mac_partition/mac_partition.c#14 (text+ko) ====
@@ -109,20 +109,19 @@
{
int error;
- if (strcmp(MAC_PARTITION_LABEL_NAME, element->me_name) == 0) {
- (*claimed)++;
+ if (strcmp(MAC_PARTITION_LABEL_NAME, element->me_name) != 0)
+ return (0);
- if (element->me_databuflen < sizeof(long))
- return (EINVAL);
+ (*claimed)++;
- error = copyout(&SLOT(label), element->me_data,
- sizeof(long));
- if (error)
- return (error);
+ if (element->me_databuflen < sizeof(long))
+ return (EINVAL);
- element->me_datalen = sizeof(long);
- }
+ error = copyout(&SLOT(label), element->me_data, sizeof(long));
+ if (error)
+ return (error);
+ element->me_datalen = sizeof(long);
return (0);
}
@@ -133,20 +132,19 @@
long long_temp;
int error;
- if (strcmp(MAC_PARTITION_LABEL_NAME, element->me_name) == 0) {
- (*claimed)++;
+ if (strcmp(MAC_PARTITION_LABEL_NAME, element->me_name) != 0)
+ return (0);
- if (element->me_datalen != sizeof(long))
- return (EINVAL);
+ (*claimed)++;
- error = copyin(element->me_data, &long_temp,
- sizeof(long_temp));
- if (error)
- return (error);
+ if (element->me_datalen != sizeof(long))
+ return (EINVAL);
- SLOT(label) = long_temp;
- }
+ error = copyin(element->me_data, &long_temp, sizeof(long_temp));
+ if (error)
+ return (error);
+ SLOT(label) = long_temp;
return (0);
}
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list