PERFORCE change 18364 for review

Adam Migus amigus at freebsd.org
Mon Sep 30 06:48:41 GMT 2002 

http://people.freebsd.org/~peter/p4db/chv.cgi?CH=18364

Change 18364 by amigus at amigus_ganymede on 2002/09/29 23:47:48

	Integ the removal of macctl now to avoid pain later since we
	can now do everything we need to with sysctl and mac_syscall.
	Teaked the max text label length while there.  The change to 8k
	will happen when we start allocating buffers dynamically in the
	text functions.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/kern/init_sysent.c#33 integrate
.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#282 integrate
.. //depot/projects/trustedbsd/mac/sys/kern/syscalls.c#33 integrate
.. //depot/projects/trustedbsd/mac/sys/kern/syscalls.master#29 integrate
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#165 integrate
.. //depot/projects/trustedbsd/mac/sys/sys/syscall.h#33 integrate
.. //depot/projects/trustedbsd/mac/sys/sys/sysproto.h#34 integrate

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/init_sysent.c#33 (text+ko) ====

@@ -424,10 +424,9 @@
 	{ SYF_MPSAFE | AS(sendfile_args), (sy_call_t *)sendfile },	/* 393 = sendfile */
 	{ SYF_MPSAFE | AS(mac_syscall_args), (sy_call_t *)mac_syscall },	/* 394 = mac_syscall */
 	{ SYF_MPSAFE | AS(__mac_get_pid_args), (sy_call_t *)__mac_get_pid },	/* 395 = __mac_get_pid */
-	{ SYF_MPSAFE | AS(macctl_args), (sy_call_t *)macctl },	/* 396 = macctl */
-	{ SYF_MPSAFE | AS(__mac_get_link_args), (sy_call_t *)__mac_get_link },	/* 397 = __mac_get_link */
-	{ SYF_MPSAFE | AS(__mac_set_link_args), (sy_call_t *)__mac_set_link },	/* 398 = __mac_set_link */
-	{ AS(extattr_set_link_args), (sy_call_t *)extattr_set_link },	/* 399 = extattr_set_link */
-	{ AS(extattr_get_link_args), (sy_call_t *)extattr_get_link },	/* 400 = extattr_get_link */
-	{ AS(extattr_delete_link_args), (sy_call_t *)extattr_delete_link },	/* 401 = extattr_delete_link */
+	{ SYF_MPSAFE | AS(__mac_get_link_args), (sy_call_t *)__mac_get_link },	/* 396 = __mac_get_link */
+	{ SYF_MPSAFE | AS(__mac_set_link_args), (sy_call_t *)__mac_set_link },	/* 397 = __mac_set_link */
+	{ AS(extattr_set_link_args), (sy_call_t *)extattr_set_link },	/* 398 = extattr_set_link */
+	{ AS(extattr_get_link_args), (sy_call_t *)extattr_get_link },	/* 499 = extattr_get_link */
+	{ AS(extattr_delete_link_args), (sy_call_t *)extattr_delete_link },	/* 400 = extattr_delete_link */
 };

==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#282 (text+ko) ====

@@ -4189,98 +4189,6 @@
 	return (error);
 }
 
-/*
- * MPSAFE
- */
-int
-macctl(struct thread *td, struct macctl_args *uap)
-{
-	struct mac_policy_conf *mpc;
-	char _policy[MAC_MAX_POLICY_NAME];
-	size_t _arglen, inretlen, outretlen;
-	u_int iretval, _op;
-	void *_arg, *vpretval;
-	int error;
-
-	inretlen = outretlen = 0;
-	_arg = vpretval = mpc = NULL;
-	iretval = 0;
-
-	_arglen = SCARG(uap, arglen);
-
-	if (_arglen > MACCTL_MAX_ARG_LENGTH)
-		return (EINVAL);
-	
-	_op = SCARG(uap, op);
-
-	error = copyin(SCARG(uap, retlen), &inretlen, sizeof(inretlen));
-	if (error)
-		return (error);
-
-	if (SCARG(uap, arg) != NULL && _arglen != 0) {
-		_arg = malloc(_arglen, M_MACTEMP, M_WAITOK | M_ZERO);
-		error = copyin(SCARG(uap, arg), _arg, _arglen);
-		if (error)
-			goto out;
-	}
-
-	error = copyinstr(SCARG(uap, policy), _policy, sizeof(_policy), NULL);
-	if (error)
-		goto out;
-
-	MAC_POLICY_LIST_BUSY();
-	LIST_FOREACH(mpc, &mac_policy_list, mpc_list) {
-		if (strcmp(mpc->mpc_name, _policy) == 0) {
-			break;
-		}
-	}
-
-	switch (_op) {
-	case MACCTL_OP_POLICY_PRESENT:
-		if (mpc)
-			iretval = 1;
-		else
-			iretval = 0;
-		vpretval = &iretval;
-		outretlen = sizeof(iretval);
-		break;
-	case MACCTL_OP_POLICY_FULLNAME:
-		if (mpc != NULL) {
-			vpretval = (void *)mpc->mpc_fullname;
-			outretlen = strlen(mpc->mpc_fullname) + 1;
-		}
-		else {
-			error = EINVAL;
-			goto busyout;
-		}
-		break;
-	}
-
-	if (vpretval == NULL) {
-		if (_arg == NULL)
-			error = EINVAL;
-		goto busyout;
-	}
-
-	if (inretlen < outretlen) {
-		error = EOVERFLOW;
-		goto busyout;
-	}	
-
-	error = copyout(&outretlen, SCARG(uap, retlen), sizeof(outretlen));
-	if (error)
-		goto busyout;
-	error = copyout(vpretval, SCARG(uap, ret), outretlen);
-
-busyout:
-	MAC_POLICY_LIST_UNBUSY();
-out:
-	if (_arg)
-		free (_arg, M_MACTEMP);
-
-	return (error);
-}
-
 SYSINIT(mac, SI_SUB_MAC, SI_ORDER_FIRST, mac_init, NULL);
 SYSINIT(mac_late, SI_SUB_MAC_LATE, SI_ORDER_FIRST, mac_late_init, NULL);
 
@@ -4342,11 +4250,4 @@
 	return (ENOSYS);
 }
 
-int
-macctl(struct thread *td, struct macctl_args *uap)
-{
-
-	return (ENOSYS);
-}
-
 #endif /* !MAC */

==== //depot/projects/trustedbsd/mac/sys/kern/syscalls.c#33 (text+ko) ====

@@ -403,10 +403,9 @@
 	"sendfile",			/* 393 = sendfile */
 	"mac_syscall",			/* 394 = mac_syscall */
 	"__mac_get_pid",			/* 395 = __mac_get_pid */
-	"macctl",			/* 396 = macctl */
-	"__mac_get_link",			/* 397 = __mac_get_link */
-	"__mac_set_link",			/* 398 = __mac_set_link */
-	"extattr_set_link",			/* 399 = extattr_set_link */
-	"extattr_get_link",			/* 400 = extattr_get_link */
-	"extattr_delete_link",			/* 401 = extattr_delete_link */
+	"__mac_get_link",			/* 396 = __mac_get_link */
+	"__mac_set_link",			/* 397 = __mac_set_link */
+	"extattr_set_link",			/* 398 = extattr_set_link */
+	"extattr_get_link",			/* 399 = extattr_get_link */
+	"extattr_delete_link",			/* 400 = extattr_delete_link */
 };

==== //depot/projects/trustedbsd/mac/sys/kern/syscalls.master#29 (text+ko) ====

@@ -570,17 +570,15 @@
 394	MSTD	BSD	{ int mac_syscall(const char *policy, int call, \
 				void *arg); }
 395	MSTD	BSD	{ int __mac_get_pid(pid_t pid, struct mac *mac_p); }
-396	MSTD	BSD	{ int macctl(char *policy, u_int op, void *arg, \
-				u_int arglen, void *ret, u_int *retlen); }
-397	MSTD	BSD	{ int __mac_get_link(const char *path_p, \
+396	MSTD	BSD	{ int __mac_get_link(const char *path_p, \
 			    struct mac *mac_p); }
-398	MSTD	BSD	{ int __mac_set_link(const char *path_p, \
+397	MSTD	BSD	{ int __mac_set_link(const char *path_p, \
 			    struct mac *mac_p); }
-399	STD	BSD	{ int extattr_set_link(const char *path, \
+398	STD	BSD	{ int extattr_set_link(const char *path, \
 			    int attrnamespace, const char *attrname, \
 			    void *data, size_t nbytes); }
-400	STD	BSD	{ ssize_t extattr_get_link(const char *path, \
+399	STD	BSD	{ ssize_t extattr_get_link(const char *path, \
 			    int attrnamespace, const char *attrname, \
 			    void *data, size_t nbytes); }
-401	STD	BSD	{ int extattr_delete_link(const char *path, \
+400	STD	BSD	{ int extattr_delete_link(const char *path, \
 			    int attrnamespace, const char *attrname); }

==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#165 (text+ko) ====

@@ -69,7 +69,7 @@
  * include files once the revised user interface is available.
  */
 #define	MAC_MAX_LABEL_ELEMENT_NAME	32
-#define	MAC_MAX_LABEL_ELEMENT_DATALEN	128
+#define	MAC_MAX_LABEL_ELEMENT_DATALEN	4096	/* XXX: Will be 8192 soon */
 struct mac_element {
 	char	 me_name[MAC_MAX_LABEL_ELEMENT_NAME];
 	void	*me_data;
@@ -92,13 +92,6 @@
  */
 #define	MAC_MAX_POLICY_NAME	32
 
-#define MACCTL_MAX_ARG_LENGTH	4096
-
-enum macctl_ops {
-	MACCTL_OP_POLICY_PRESENT,
-	MACCTL_OP_POLICY_FULLNAME
-};
-
 #ifndef _KERNEL
 
 /*
@@ -173,9 +166,12 @@
 	struct mac_biba_element	mb_rangelow, mb_rangehigh;
 };
 
+#define	MAC_MLS_MAX_COMPARTMENTS	256
+
 struct mac_mls_element {
 	u_short	mme_type;
 	u_short	mme_level;
+	u_char	mme_compartments[MAC_MLS_MAX_COMPARTMENTS >> 3];
 };
 
 struct mac_mls {

==== //depot/projects/trustedbsd/mac/sys/sys/syscall.h#33 (text+ko) ====

@@ -309,10 +309,9 @@
 #define	SYS_sendfile	393
 #define	SYS_mac_syscall	394
 #define	SYS___mac_get_pid	395
-#define	SYS_macctl	396
-#define	SYS___mac_get_link	397
-#define	SYS___mac_set_link	398
-#define	SYS_extattr_set_link	399
-#define	SYS_extattr_get_link	400
-#define	SYS_extattr_delete_link	401
-#define	SYS_MAXSYSCALL	402
+#define	SYS___mac_get_link	396
+#define	SYS___mac_set_link	397
+#define	SYS_extattr_set_link	398
+#define	SYS_extattr_get_link	399
+#define	SYS_extattr_delete_link	400
+#define	SYS_MAXSYSCALL	401

==== //depot/projects/trustedbsd/mac/sys/sys/sysproto.h#34 (text+ko) ====

@@ -1129,14 +1129,6 @@
 	char pid_l_[PADL_(pid_t)]; pid_t pid; char pid_r_[PADR_(pid_t)];
 	char mac_p_l_[PADL_(struct mac *)]; struct mac * mac_p; char mac_p_r_[PADR_(struct mac *)];
 };
-struct macctl_args {
-	char policy_l_[PADL_(char *)]; char * policy; char policy_r_[PADR_(char *)];
-	char op_l_[PADL_(u_int)]; u_int op; char op_r_[PADR_(u_int)];
-	char arg_l_[PADL_(void *)]; void * arg; char arg_r_[PADR_(void *)];
-	char arglen_l_[PADL_(u_int)]; u_int arglen; char arglen_r_[PADR_(u_int)];
-	char ret_l_[PADL_(void *)]; void * ret; char ret_r_[PADR_(void *)];
-	char retlen_l_[PADL_(u_int *)]; u_int * retlen; char retlen_r_[PADR_(u_int *)];
-};
 struct __mac_get_link_args {
 	char path_p_l_[PADL_(const char *)]; const char * path_p; char path_p_r_[PADR_(const char *)];
 	char mac_p_l_[PADL_(struct mac *)]; struct mac * mac_p; char mac_p_r_[PADR_(struct mac *)];
@@ -1418,7 +1410,6 @@
 int	sendfile(struct thread *, struct sendfile_args *);
 int	mac_syscall(struct thread *, struct mac_syscall_args *);
 int	__mac_get_pid(struct thread *, struct __mac_get_pid_args *);
-int	macctl(struct thread *, struct macctl_args *);
 int	__mac_get_link(struct thread *, struct __mac_get_link_args *);
 int	__mac_set_link(struct thread *, struct __mac_set_link_args *);
 int	extattr_set_link(struct thread *, struct extattr_set_link_args *);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list