PERFORCE change 27370 for review

Robert Watson rwatson at freebsd.org
Tue Mar 25 19:58:19 GMT 2003 

http://perforce.freebsd.org/chv.cgi?CH=27370

Change 27370 by rwatson at rwatson_tislabs on 2003/03/25 11:57:55

	Move the IP Fragment Reassembly Queue interfaces to the class
	of entry points that accepts a malloc() flags argument to
	determine whether or not blocking is permitted (and hence
	whether or not failure is permitted).  Move us towards
	addressing some more netisr Witness warnings from th
	advent of network stack locking.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#377 edit
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_input.c#27 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#200 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#55 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#159 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#118 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#95 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#231 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#183 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#377 (text+ko) ====

@@ -697,15 +697,23 @@
 	mac_init_ifnet_label(&ifp->if_label);
 }
 
-void
-mac_init_ipq(struct ipq *ipq)
+int
+mac_init_ipq(struct ipq *ipq, int flag)
 {
+	int error;
 
 	mac_init_label(&ipq->ipq_label);
-	MAC_PERFORM(init_ipq_label, &ipq->ipq_label);
+
+	MAC_CHECK(init_ipq_label, &ipq->ipq_label, flag);
+	if (error) {
+		MAC_PERFORM(destroy_ipq_label, &ipq->ipq_label);
+		mac_destroy_label(&ipq->ipq_label);
+	}
 #ifdef MAC_DEBUG
-	atomic_add_int(&nmacipqs, 1);
+	if (error == 0)
+		atomic_add_int(&nmacipqs, 1);
 #endif
+	return (error);
 }
 
 int

==== //depot/projects/trustedbsd/mac/sys/netinet/ip_input.c#27 (text+ko) ====

@@ -983,7 +983,10 @@
 			goto dropfrag;
 		fp = mtod(t, struct ipq *);
 #ifdef MAC
-		mac_init_ipq(fp);
+		if (mac_init_ipq(fp, M_NOWAIT) != 0) {
+			m_free(t);
+			goto dropfrag;
+		}
 		mac_create_ipq(m, fp);
 #endif
 		TAILQ_INSERT_HEAD(head, fp, ipq_list);

==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#200 (text+ko) ====

@@ -2640,7 +2640,7 @@
 	.mpo_init_cred_label = mac_biba_init_label,
 	.mpo_init_devfsdirent_label = mac_biba_init_label,
 	.mpo_init_ifnet_label = mac_biba_init_label,
-	.mpo_init_ipq_label = mac_biba_init_label,
+	.mpo_init_ipq_label = mac_biba_init_label_waitcheck,
 	.mpo_init_mbuf_label = mac_biba_init_label_waitcheck,
 	.mpo_init_mount_label = mac_biba_init_label,
 	.mpo_init_mount_fs_label = mac_biba_init_label,

==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#55 (text+ko) ====

@@ -2645,7 +2645,7 @@
 	.mpo_init_cred_label = mac_lomac_init_label,
 	.mpo_init_devfsdirent_label = mac_lomac_init_label,
 	.mpo_init_ifnet_label = mac_lomac_init_label,
-	.mpo_init_ipq_label = mac_lomac_init_label,
+	.mpo_init_ipq_label = mac_lomac_init_label_waitcheck,
 	.mpo_init_mbuf_label = mac_lomac_init_label_waitcheck,
 	.mpo_init_mount_label = mac_lomac_init_label,
 	.mpo_init_mount_fs_label = mac_lomac_init_label,

==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#159 (text+ko) ====

@@ -2413,7 +2413,7 @@
 	.mpo_init_cred_label = mac_mls_init_label,
 	.mpo_init_devfsdirent_label = mac_mls_init_label,
 	.mpo_init_ifnet_label = mac_mls_init_label,
-	.mpo_init_ipq_label = mac_mls_init_label,
+	.mpo_init_ipq_label = mac_mls_init_label_waitcheck,
 	.mpo_init_mbuf_label = mac_mls_init_label_waitcheck,
 	.mpo_init_mount_label = mac_mls_init_label,
 	.mpo_init_mount_fs_label = mac_mls_init_label,

==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#118 (text+ko) ====

@@ -976,7 +976,7 @@
 	.mpo_init_cred_label = mac_none_init_label,
 	.mpo_init_devfsdirent_label = mac_none_init_label,
 	.mpo_init_ifnet_label = mac_none_init_label,
-	.mpo_init_ipq_label = mac_none_init_label,
+	.mpo_init_ipq_label = mac_none_init_label_waitcheck,
 	.mpo_init_mbuf_label = mac_none_init_label_waitcheck,
 	.mpo_init_mount_label = mac_none_init_label,
 	.mpo_init_mount_fs_label = mac_none_init_label,

==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#95 (text+ko) ====

@@ -242,12 +242,13 @@
 	atomic_add_int(&init_count_ifnet, 1);
 }
 
-static void
-mac_test_init_ipq_label(struct label *label)
+static int
+mac_test_init_ipq_label(struct label *label, int flag)
 {
 
 	SLOT(label) = IPQMAGIC;
 	atomic_add_int(&init_count_ipq, 1);
+	return (0);
 }
 
 static int

==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#231 (text+ko) ====

@@ -133,7 +133,7 @@
 void	mac_init_cred(struct ucred *);
 void	mac_init_devfsdirent(struct devfs_dirent *);
 void	mac_init_ifnet(struct ifnet *);
-void	mac_init_ipq(struct ipq *);
+int	mac_init_ipq(struct ipq *, int flag);
 int	mac_init_socket(struct socket *, int flag);
 void	mac_init_pipe(struct pipe *);
 int	mac_init_mbuf(struct mbuf *m, int flag);

==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#183 (text+ko) ====

@@ -73,7 +73,7 @@
 	void	(*mpo_init_cred_label)(struct label *label);
 	void	(*mpo_init_devfsdirent_label)(struct label *label);
 	void	(*mpo_init_ifnet_label)(struct label *label);
-	void	(*mpo_init_ipq_label)(struct label *label);
+	int	(*mpo_init_ipq_label)(struct label *label, int flag);
 	int	(*mpo_init_mbuf_label)(struct label *label, int flag);
 	void	(*mpo_init_mount_label)(struct label *label);
 	void	(*mpo_init_mount_fs_label)(struct label *label);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list