PERFORCE change 41570 for review
Robert Watson
rwatson at FreeBSD.org
Thu Nov 6 06:23:06 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=41570
Change 41570 by rwatson at rwatson_paprika on 2003/11/05 22:22:44
Use MAC label UMA zone for pipe labels, rather than their own
malloc pool. Currently, the zone is used only for labels on
pipes themselves, and we retain the externally visible functions
to initialize and destroy temporary pipe labels used in
kern_mac.c for internalization/externalization. Better
abstraction will migrate that code into mac_pipe.c, or other
objects will also use dynamically allocated labels at some
point.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/security/mac/mac_pipe.c#7 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_pipe.c#7 (text+ko) ====
@@ -61,8 +61,6 @@
&nmacpipes, 0, "number of pipes in use");
#endif
-MALLOC_DEFINE(M_MACPIPELABEL, "macpipelabel", "MAC labels for pipes");
-
void
mac_init_pipe_label(struct label *label)
{
@@ -72,15 +70,23 @@
MAC_DEBUG_COUNTER_INC(&nmacpipes);
}
+static struct label *
+mac_pipe_label_alloc(void)
+{
+ struct label *label;
+
+ label = mac_labelzone_alloc(M_WAITOK);
+ MAC_PERFORM(init_pipe_label, label);
+ MAC_DEBUG_COUNTER_INC(&nmacpipes);
+ return (label);
+}
+
void
mac_init_pipe(struct pipe *pipe)
{
- struct label *label;
- label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK);
- pipe->pipe_label = label;
- pipe->pipe_peer->pipe_label = label;
- mac_init_pipe_label(label);
+ pipe->pipe_label = pipe->pipe_peer->pipe_label =
+ mac_pipe_label_alloc();
}
void
@@ -92,12 +98,20 @@
MAC_DEBUG_COUNTER_DEC(&nmacpipes);
}
+static void
+mac_pipe_label_free(struct label *label)
+{
+
+ MAC_PERFORM(destroy_pipe_label, label);
+ MAC_DEBUG_COUNTER_DEC(&nmacpipes);
+}
+
void
mac_destroy_pipe(struct pipe *pipe)
{
- mac_destroy_pipe_label(pipe->pipe_label);
- free(pipe->pipe_label, M_MACPIPELABEL);
+ mac_pipe_label_free(pipe->pipe_label);
+ pipe->pipe_label = NULL;
}
void
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list