PERFORCE change 39279 for review
Hrishikesh Dandekar
hdandeka at FreeBSD.org
Tue Oct 7 00:34:34 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=39279
Change 39279 by hdandeka at hdandeka_yash on 2003/10/06 17:33:41
Integrate the mac_create_ipc_msgmsg related changes from the mac branch.
Affected files ...
.. //depot/projects/trustedbsd/sebsd/sys/kern/kern_mac.c#11 integrate
.. //depot/projects/trustedbsd/sebsd/sys/kern/sysv_msg.c#6 integrate
.. //depot/projects/trustedbsd/sebsd/sys/security/mac_biba/mac_biba.c#6 integrate
.. //depot/projects/trustedbsd/sebsd/sys/security/mac_lomac/mac_lomac.c#6 integrate
.. //depot/projects/trustedbsd/sebsd/sys/security/mac_mls/mac_mls.c#6 integrate
.. //depot/projects/trustedbsd/sebsd/sys/security/mac_stub/mac_stub.c#5 integrate
.. //depot/projects/trustedbsd/sebsd/sys/security/mac_test/mac_test.c#6 integrate
.. //depot/projects/trustedbsd/sebsd/sys/sys/mac.h#8 integrate
.. //depot/projects/trustedbsd/sebsd/sys/sys/mac_policy.h#8 integrate
Differences ...
==== //depot/projects/trustedbsd/sebsd/sys/kern/kern_mac.c#11 (text+ko) ====
@@ -40,7 +40,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/kern_mac.c,v 1.97 2003/08/21 18:21:22 rwatson Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/kern_mac.c,v 1.99 2003/09/29 18:35:17 rwatson Exp $");
#include "opt_mac.h"
#include "opt_devfs.h"
@@ -1350,7 +1350,8 @@
mac_check_structmac_consistent(struct mac *mac)
{
- if (mac->m_buflen > MAC_MAX_LABEL_BUF_LEN)
+ if (mac->m_buflen < 0 ||
+ mac->m_buflen > MAC_MAX_LABEL_BUF_LEN)
return (EINVAL);
return (0);
@@ -2521,10 +2522,12 @@
}
void
-mac_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr)
+mac_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr,
+ struct msg *msgptr)
{
- MAC_PERFORM(create_ipc_msgmsg, cred, msgptr, &msgptr->label);
+ MAC_PERFORM(create_ipc_msgmsg, cred, msqkptr, &msqkptr->label,
+ msgptr, &msgptr->label);
}
void
==== //depot/projects/trustedbsd/sebsd/sys/kern/sysv_msg.c#6 (text+ko) ====
@@ -18,7 +18,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/sysv_msg.c,v 1.49 2003/06/11 00:56:57 obrien Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/sysv_msg.c,v 1.50 2003/08/07 16:42:27 nectar Exp $");
#include "opt_sysvipc.h"
#include "opt_mac.h"
@@ -349,7 +349,7 @@
struct thread *td;
/* XXX actually varargs. */
struct msgsys_args /* {
- u_int which;
+ int which;
int a2;
int a3;
int a4;
@@ -361,7 +361,8 @@
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
return (ENOSYS);
- if (uap->which >= sizeof(msgcalls)/sizeof(msgcalls[0]))
+ if (uap->which < 0 ||
+ uap->which >= sizeof(msgcalls)/sizeof(msgcalls[0]))
return (EINVAL);
error = (*msgcalls[uap->which])(td, &uap->a2);
return (error);
@@ -890,7 +891,7 @@
msghdr->msg_spot = -1;
msghdr->msg_ts = msgsz;
#ifdef MAC
- mac_create_ipc_msgmsg(td->td_ucred,msghdr);
+ mac_create_ipc_msgmsg(td->td_ucred, msqkptr, msghdr);
/*
* XXX: Should the mac_check_ipc_msgmsq check follow here immediately ?
* Or, should it be checked just before the msg is enqueued in the msgq
==== //depot/projects/trustedbsd/sebsd/sys/security/mac_biba/mac_biba.c#6 (text+ko) ====
@@ -1172,11 +1172,12 @@
*/
static void
-mac_biba_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr,
- struct label *msglabel)
+mac_biba_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr,
+ struct label *msqlabel, struct msg *msgptr, struct label *msglabel)
{
struct mac_biba *source, *dest;
+ /* Ignore the msgq label */
source = SLOT(&cred->cr_label);
dest = SLOT(msglabel);
==== //depot/projects/trustedbsd/sebsd/sys/security/mac_lomac/mac_lomac.c#6 (text+ko) ====
@@ -1244,11 +1244,12 @@
* Labeling event operations: System V IPC objects.
*/
static void
-mac_lomac_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr,
- struct label *msglabel)
+mac_lomac_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr,
+ struct label *msqlabel, struct msg *msgptr, struct label *msglabel)
{
struct mac_lomac *source, *dest;
+ /* Ignore the msgq label */
source = SLOT(&cred->cr_label);
dest = SLOT(msglabel);
==== //depot/projects/trustedbsd/sebsd/sys/security/mac_mls/mac_mls.c#6 (text+ko) ====
@@ -1140,11 +1140,12 @@
*/
static void
-mac_mls_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr,
- struct label *msglabel)
+mac_mls_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr,
+ struct label *msqlabel, struct msg *msgptr, struct label *msglabel)
{
struct mac_mls *source, *dest;
+ /* Ignore the msgq label */
source = SLOT(&cred->cr_label);
dest = SLOT(msglabel);
==== //depot/projects/trustedbsd/sebsd/sys/security/mac_stub/mac_stub.c#5 (text+ko) ====
@@ -344,8 +344,8 @@
}
static void
-stub_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr,
- struct label *msglabel)
+stub_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr,
+ struct label *msqlabel, struct msg *msgptr, struct label *msglabel)
{
}
==== //depot/projects/trustedbsd/sebsd/sys/security/mac_test/mac_test.c#6 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/security/mac_test/mac_test.c,v 1.30 2003/08/21 17:28:45 rwatson Exp $
+ * $FreeBSD: src/sys/security/mac_test/mac_test.c,v 1.31 2003/08/22 12:32:07 rwatson Exp $
*/
/*
@@ -988,11 +988,12 @@
}
static void
-mac_test_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr,
- struct label *msglabel)
+mac_test_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr,
+ struct label *msqlabel, struct msg *msgptr, struct label *msglabel)
{
ASSERT_SYSVIPCMSG_LABEL(msglabel);
+ ASSERT_SYSVIPCMSQ_LABEL(msqlabel);
}
static void
@@ -2270,7 +2271,7 @@
.mpo_create_mbuf_netlayer = mac_test_create_mbuf_netlayer,
.mpo_fragment_match = mac_test_fragment_match,
.mpo_reflect_mbuf_icmp = mac_test_reflect_mbuf_icmp,
- .mpo_reflect_mbuf_icmp = mac_test_reflect_mbuf_tcp,
+ .mpo_reflect_mbuf_tcp = mac_test_reflect_mbuf_tcp,
.mpo_relabel_ifnet = mac_test_relabel_ifnet,
.mpo_update_ipq = mac_test_update_ipq,
.mpo_update_mbuf_from_cipso = mac_test_update_mbuf_from_cipso,
==== //depot/projects/trustedbsd/sebsd/sys/sys/mac.h#8 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/sys/mac.h,v 1.42 2003/08/21 18:21:22 rwatson Exp $
+ * $FreeBSD: src/sys/sys/mac.h,v 1.45 2003/08/29 02:43:57 rwatson Exp $
*/
/*
* Userland/kernel interface for Mandatory Access Control.
@@ -86,7 +86,7 @@
int mac_get_pid(pid_t _pid, mac_t _label);
int mac_get_proc(mac_t _label);
int mac_is_present(const char *_policyname);
-int mac_prepare(mac_t *_label, char *_elements);
+int mac_prepare(mac_t *_label, const char *_elements);
int mac_prepare_file_label(mac_t *_label);
int mac_prepare_ifnet_label(mac_t *_label);
int mac_prepare_process_label(mac_t *_label);
@@ -219,7 +219,8 @@
/*
* Labeling event operations: System V IPC primitives
*/
-void mac_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr);
+void mac_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr,
+ struct msg *msgptr);
void mac_create_ipc_msgqueue(struct ucred *cred,
struct msqid_kernel *msqkptr);
void mac_create_ipc_sema(struct ucred *cred,
==== //depot/projects/trustedbsd/sebsd/sys/sys/mac_policy.h#8 (text+ko) ====
@@ -226,7 +226,10 @@
/*
* Labeling event operations: System V IPC primitives
*/
- void (*mpo_create_ipc_msgmsg)(struct ucred *cred, struct msg *msgptr,
+ void (*mpo_create_ipc_msgmsg)(struct ucred *cred,
+ struct msqid_kernel *msqkptr,
+ struct label *msqlabel,
+ struct msg *msgptr,
struct label *msglabel);
void (*mpo_create_ipc_msgqueue)(struct ucred *cred,
struct msqid_kernel *msqkptr, struct label *msqlabel);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list