PERFORCE change 41568 for review

Robert Watson rwatson at FreeBSD.org
Thu Nov 6 05:59:37 GMT 2003 

http://perforce.freebsd.org/chv.cgi?CH=41568

Change 41568 by rwatson at rwatson_paprika on 2003/11/05 21:59:19

	Add mac_label.c, which encapsulates a UMA zone for MAC label
	allocation.  Currently, MAC labels observably increase the
	size of some important data structures even when MAC is
	disabled, which is undesirable.  Also, this means that the
	size of a MAC label is a compile-time constant.  By moving
	towards run-time allocation of MAC label storage, we can reduce
	the non-MAC overhead, make MAC label size a boot-time
	constant, as well as reap some of the benefits of a slab
	allocator (over time).  This commit does not hook up the
	zone allocated MAC labels to any object types.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/conf/files#96 edit
.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#422 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac/mac_internal.h#11 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/conf/files#96 (text+ko) ====

@@ -1596,6 +1596,7 @@
 posix4/p1003_1b.c	standard
 posix4/posix4_mib.c	standard
 kern/uipc_sem.c		optional p1003_1b_semaphores
+security/mac/mac_label.c	optional mac
 security/mac/mac_net.c		optional mac
 security/mac/mac_pipe.c		optional mac
 security/mac/mac_posix_sem.c	optional mac

==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#422 (text+ko) ====

@@ -270,6 +270,7 @@
 
 	LIST_INIT(&mac_static_policy_list);
 	LIST_INIT(&mac_policy_list);
+	mac_labelzone_init();
 
 #ifndef MAC_STATIC
 	mtx_init(&mac_policy_mtx, "mac_policy_mtx", NULL, MTX_DEF);

==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_internal.h#11 (text+ko) ====

@@ -89,6 +89,10 @@
 int	mac_policy_list_conditional_busy(void);
 void	mac_policy_list_unbusy(void);
 
+struct label	*mac_labelzone_alloc(int flags);
+void		 mac_labelzone_free(struct label *label);
+void		 mac_labelzone_init(void);
+
 void	mac_init_label(struct label *label);
 void	mac_destroy_label(struct label *label);
 int	mac_check_structmac_consistent(struct mac *mac);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list