PERFORCE change 41859 for review
Robert Watson
rwatson at FreeBSD.org
Mon Nov 10 03:52:19 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=41859
Change 41859 by rwatson at rwatson_paprika on 2003/11/09 19:51:22
Use zone-allocated temporary label storage for mac_get_fs()
and lmount(), rather than stack-allocated storage. GC old
interfaces.
Affected files ...
.. //depot/projects/trustedbsd/sebsd/sys/kern/kern_mac.c#19 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/mac/mac_internal.h#8 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/mac/mac_vfs.c#7 edit
Differences ...
==== //depot/projects/trustedbsd/sebsd/sys/kern/kern_mac.c#19 (text+ko) ====
@@ -916,7 +916,7 @@
{
char *elements, *buffer;
struct nameidata nd;
- struct label intlabel;
+ struct label *intlabel;
struct mac mac;
int error;
struct mount *mp;
@@ -946,13 +946,13 @@
mp = nd.ni_vp->v_mount;
- mac_init_mount_label(&intlabel);
- mac_copy_mount_label(mp->mnt_mntlabel, &intlabel);
- error = mac_externalize_mount_label(&intlabel, elements, buffer,
+ intlabel = mac_mount_label_alloc();
+ mac_copy_mount_label(mp->mnt_mntlabel, intlabel);
+ error = mac_externalize_mount_label(intlabel, elements, buffer,
mac.m_buflen, M_WAITOK);
NDFREE(&nd, 0);
- mac_destroy_mount_label(&intlabel);
+ mac_mount_label_free(intlabel);
if (error == 0)
error = copyout(buffer, mac.m_string, strlen(buffer)+1);
@@ -1215,7 +1215,7 @@
char *buffer;
int error;
struct mac mac;
- struct label intlabel;
+ struct label *intlabel;
error = copyin(uap->mac_p, &mac, sizeof(mac));
if (error)
@@ -1232,13 +1232,11 @@
return (error);
}
- mac_init_mount_label(&intlabel);
- error = mac_internalize_mount_label(&intlabel, buffer);
+ intlabel = mac_mount_label_alloc();
+ error = mac_internalize_mount_label(intlabel, buffer);
free(buffer, M_MACTEMP);
- if (error) {
- mac_destroy_mount_label(&intlabel);
- return (error);
- }
+ if (error)
+ goto out;
fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK);
fspath = malloc(MNAMELEN, M_TEMP, M_WAITOK);
@@ -1251,9 +1249,12 @@
if (error == 0)
error = copyinstr(uap->path, fspath, MNAMELEN, NULL);
if (error == 0)
- error = vfs_mount(td, fstype, fspath, uap->flags, uap->data, &intlabel);
+ error = vfs_mount(td, fstype, fspath, uap->flags, uap->data,
+ intlabel);
free(fstype, M_TEMP);
free(fspath, M_TEMP);
+out:
+ mac_mount_label_free(intlabel);
return (error);
}
==== //depot/projects/trustedbsd/sebsd/sys/security/mac/mac_internal.h#8 (text+ko) ====
@@ -103,6 +103,8 @@
* the namespaces, etc, should work for these, so for now, sort by
* object type.
*/
+struct label *mac_mount_label_alloc(void);
+void mac_mount_label_free(struct label *label);
struct label *mac_pipe_label_alloc(void);
void mac_pipe_label_free(struct label *label);
==== //depot/projects/trustedbsd/sebsd/sys/security/mac/mac_vfs.c#7 (text+ko) ====
@@ -118,7 +118,7 @@
de->de_label = mac_devfsdirent_label_alloc();
}
-static struct label *
+struct label *
mac_mount_label_alloc(void)
{
struct label *label;
@@ -141,14 +141,6 @@
}
void
-mac_init_mount_label(struct label *label)
-{
-
- mac_init_label(label);
- MAC_PERFORM(init_mount_label, label);
-}
-
-void
mac_init_mount(struct mount *mp)
{
@@ -191,7 +183,7 @@
de->de_label = NULL;
}
-static void
+void
mac_mount_label_free(struct label *label)
{
@@ -210,14 +202,6 @@
}
void
-mac_destroy_mount_label(struct label *label)
-{
-
- MAC_PERFORM(destroy_mount_label, label);
- mac_destroy_label(label);
-}
-
-void
mac_destroy_mount(struct mount *mp)
{
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list