PERFORCE change 47141 for review
Andrew Reisse
areisse at FreeBSD.org
Wed Feb 18 19:52:53 GMT 2004
http://perforce.freebsd.org/chv.cgi?CH=47141
Change 47141 by areisse at areisse_ibook on 2004/02/18 11:52:53
Message trailers contain a label handle reference instead of
a string. Tasks use label handles instead of inline label
structures.
Affected files ...
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_kmsg.c#3 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_kmsg.h#2 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_labelh.c#2 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_labelh.h#2 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_notify.c#2 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_object.c#4 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_object.h#3 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/mach_msg.c#3 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/kern/ipc_tt.c#3 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/kern/task.c#4 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/kern/task.h#3 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/mach/mach_types.defs#3 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/mach/message.h#3 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_kmsg.c#3 (text+ko) ====
@@ -199,6 +199,9 @@
if (kmsg != IKM_NULL) {
ikm_init(kmsg, msg_and_trailer_size);
}
+
+ kmsg->ikm_sender = (ipc_labelh_t)IO_NULL;
+
return(kmsg);
}
@@ -221,6 +224,16 @@
mach_msg_size_t size = kmsg->ikm_size;
ipc_port_t port;
+ if (kmsg->ikm_sender != IO_NULL && io_otype (&kmsg->ikm_sender->lh_object) ==
+ IOT_LABELH) {
+ ipc_object_release (&kmsg->ikm_sender->lh_object);
+ kmsg->ikm_sender = IO_NULL;
+ }
+ else if (kmsg->ikm_sender != IO_NULL && io_otype (&kmsg->ikm_sender->lh_object)
+ != IOT_LABELH)
+ printf ("strange otype in message label: %d\n", io_otype (&kmsg->ikm_sender->lh_object));
+
+
/*
* Check to see if the message is bound to the port. If so,
* mark it not in use. If the port isn't already dead, then
@@ -585,6 +598,16 @@
body = (mach_msg_body_t *) (&kmsg->ikm_header + 1);
ipc_kmsg_clean_body(kmsg, body->msgh_descriptor_count);
}
+
+ if (kmsg->ikm_sender != IO_NULL && io_otype (&kmsg->ikm_sender->lh_object) ==
+ IOT_LABELH) {
+ ipc_object_release (&kmsg->ikm_sender->lh_object);
+ kmsg->ikm_sender = IO_NULL;
+ }
+ else if (kmsg->ikm_sender != IO_NULL && io_otype (&kmsg->ikm_sender->lh_object)
+ != IOT_LABELH)
+ printf ("strange otype in message label: %d\n", io_otype (&kmsg->ikm_sender->lh_object));
+
}
/*
@@ -680,17 +703,18 @@
trailer->msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
trailer->msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
+#if 1
task_t cur = current_thread()->top_act->task;
if (cur)
{
- tasklabel_lock (cur);
- mac_externalize_task_label (&cur->maclabel,
- "sebsd", trailer->msgh_labels.slabel,
- 64, 0);
- tasklabel_unlock (cur);
+ ipc_object_reference (&cur->label->lh_object);
+ /*trailer->msgh_labels.sender = (mach_port_name_t)cur->label;*/
+
+ kmsg->ikm_sender = cur->label;
}
else
- strcpy (trailer->msgh_labels.slabel, "system_u:system_r:kernel_t");
+#endif
+ trailer->msgh_labels.sender = 0;
*kmsgp = kmsg;
return MACH_MSG_SUCCESS;
@@ -774,6 +798,10 @@
trailer->msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
trailer->msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
+ trailer->msgh_labels.sender = 0;
+
+ kmsg->ikm_sender = (ipc_labelh_t)IO_NULL;
+
*kmsgp = kmsg;
return MACH_MSG_SUCCESS;
}
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_kmsg.h#2 (text+ko) ====
@@ -69,6 +69,7 @@
#include <kern/macro_help.h>
#include <kern/kalloc.h>
#include <ipc/ipc_object.h>
+#include <ipc/ipc_labelh.h>
/*
* This structure is only the header for a kmsg buffer;
@@ -88,6 +89,7 @@
struct ipc_kmsg *ikm_prev;
ipc_port_t ikm_prealloc; /* port we were preallocated from */
mach_msg_size_t ikm_size;
+ ipc_labelh_t ikm_sender;
mach_msg_header_t ikm_header;
} *ipc_kmsg_t;
@@ -135,6 +137,7 @@
MACRO_BEGIN \
(kmsg)->ikm_size = (size); \
(kmsg)->ikm_prealloc = IP_NULL; \
+ (kmsg)->ikm_sender = IO_NULL; \
assert((kmsg)->ikm_prev = (kmsg)->ikm_next = IKM_BOGUS); \
MACRO_END
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_labelh.c#2 (text+ko) ====
@@ -25,3 +25,38 @@
return 0;
}
+ipc_labelh_t labelh_new ()
+{
+ ipc_labelh_t lh = (ipc_labelh_t) io_alloc (IOT_LABELH);
+ io_lock_init (&(lh->lh_object));
+ lh->lh_object.io_references = 1;
+ lh->lh_object.io_bits = io_makebits (TRUE, IOT_LABELH, 0);
+ return lh;
+}
+
+/* call with old locked */
+
+ipc_labelh_t labelh_duplicate (ipc_labelh_t old)
+{
+ ipc_labelh_t lh = (ipc_labelh_t) io_alloc (IOT_LABELH);
+ io_lock_init (&(lh->lh_object));
+ lh->lh_object.io_references = 1;
+ lh->lh_object.io_bits = io_makebits (TRUE, IOT_LABELH, 0);
+
+ mac_init_port_label (&lh->lh_label);
+ mac_copy_port_label (&old->lh_label, &lh->lh_label);
+ return lh;
+}
+
+/* call with old locked; returns a locked object */
+
+ipc_labelh_t labelh_modify (ipc_labelh_t old)
+{
+ if (old->lh_object.io_references == 1)
+ return old;
+ ipc_labelh_t lh = labelh_duplicate (old);
+ io_release (&old->lh_object);
+ io_unlock (&old->lh_object);
+ io_lock (&lh->lh_object);
+ return lh;
+}
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_labelh.h#2 (text+ko) ====
@@ -1,4 +1,7 @@
+#ifndef _IPC_LABELH_H_
+#define _IPC_LABELH_H_
+
#include <kern/lock.h>
#include <ipc/ipc_object.h>
#include <mach/_label.h>
@@ -9,3 +12,8 @@
struct label lh_label;
} *ipc_labelh_t;
+
+ipc_labelh_t labelh_duplicate (ipc_labelh_t old);
+ipc_labelh_t labelh_modify (ipc_labelh_t old);
+
+#endif
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_notify.c#2 (text+ko) ====
@@ -117,6 +117,7 @@
n->trailer.msgh_sender = KERNEL_SECURITY_TOKEN;
n->trailer.msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
n->trailer.msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
+ n->trailer.msgh_labels.sender = 0;
}
/*
@@ -146,6 +147,7 @@
n->trailer.msgh_sender = KERNEL_SECURITY_TOKEN;
n->trailer.msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
n->trailer.msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
+ n->trailer.msgh_labels.sender = 0;
}
/*
@@ -171,6 +173,7 @@
n->trailer.msgh_sender = KERNEL_SECURITY_TOKEN;
n->trailer.msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
n->trailer.msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
+ n->trailer.msgh_labels.sender = 0;
n->not_count = 0;
}
@@ -195,6 +198,7 @@
n->trailer.msgh_sender = KERNEL_SECURITY_TOKEN;
n->trailer.msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
n->trailer.msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
+ n->trailer.msgh_labels.sender = 0;
}
/*
@@ -221,6 +225,7 @@
n->trailer.msgh_sender = KERNEL_SECURITY_TOKEN;
n->trailer.msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
n->trailer.msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
+ n->trailer.msgh_labels.sender = 0;
}
/*
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_object.c#4 (text+ko) ====
@@ -986,7 +986,6 @@
return NULL;
}
-#if MACH_ASSERT
/*
* Check whether the object is a port if so, free it. But
* keep track of that fact.
@@ -1005,7 +1004,10 @@
#endif /* MACH_ASSERT */
#ifdef MAC
- mac_destroy_port_label (&port->ip_label);
+ /* XXX: This was never getting called before,
+ and calling it now causes problems. */
+
+ /*mac_destroy_port_label (&port->ip_label);*/
}
else if (otype == IOT_LABELH) {
ipc_labelh_t lh = (ipc_labelh_t) object;
@@ -1014,7 +1016,6 @@
}
zfree(ipc_object_zones[otype], (vm_offset_t) object);
}
-#endif /* MACH_ASSERT */
#include <mach_kdb.h>
#if MACH_KDB
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_object.h#3 (text+ko) ====
@@ -141,19 +141,14 @@
#define io_alloc(otype) \
((ipc_object_t) zalloc(ipc_object_zones[(otype)]))
-#if MACH_ASSERT
/*
* Call the routine for io_free so that checking can be performed.
+ * It is also responsible for freeing labels.
*/
extern void io_free(
unsigned int otype,
ipc_object_t object);
-#else /* MACH_ASSERT */
-#define io_free(otype, io) \
- zfree(ipc_object_zones[(otype)], (vm_offset_t) (io))
-#endif /* MACH_ASSERT */
-
/*
* Here we depend on the ipc_object being first within the ipc_common_data,
* which is first within the rpc_common_data, which in turn must be first
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/mach_msg.c#3 (text+ko) ====
@@ -262,6 +262,33 @@
if (option & MACH_RCV_TRAILER_MASK) {
trailer->msgh_seqno = seqno;
trailer->msgh_trailer_size = REQUESTED_TRAILER_SIZE(option);
+
+#if 1
+ if (option & MACH_RCV_TRAILER_ELEMENTS (MACH_RCV_TRAILER_LABELS)) {
+ if (kmsg->ikm_sender != IO_NULL) {
+ ipc_object_t lh = &kmsg->ikm_sender->lh_object;
+ ipc_entry_t entry;
+ kern_return_t kr;
+
+ io_lock (lh);
+ kr = ipc_entry_alloc (space, &trailer->msgh_labels.sender, &entry);
+ if (kr != KERN_SUCCESS) {
+ trailer->msgh_labels.sender = 0;
+ /*ipc_object_release (lh);*/
+ }
+ else {
+ entry->ie_bits |= (1 | MACH_PORT_TYPE_LABELH);
+ entry->ie_object = lh;
+ io_reference (lh);
+ io_unlock (lh);
+ is_write_unlock (space);
+ }
+ }
+ else {
+ trailer->msgh_labels.sender = 0;
+ }
+ }
+#endif
}
/*
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/kern/ipc_tt.c#3 (text+ko) ====
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/kern/task.c#4 (text+ko) ====
@@ -402,7 +402,8 @@
eml_task_reference(new_task, parent_task);
#ifdef MAC
- mutex_init(&new_task->labellock, ETAP_NO_TRACE);
+ /*mutex_init(&new_task->labellock, ETAP_NO_TRACE);*/
+ new_task->label = labelh_new ();
mac_init_task_label (&new_task->maclabel);
#endif
@@ -554,7 +555,7 @@
task_prof_deallocate(task);
#ifdef MAC
- mac_destroy_task_label (&task->maclabel);
+ ipc_object_release (&task->label->lh_object);
#endif
zfree(task_zone, (vm_offset_t) task);
@@ -1757,6 +1758,7 @@
void mac_update_task_label (struct label *pl, struct task *t)
{
tasklabel_lock (t);
+ t->label = labelh_modify (t->label);
mac_copy_cred_to_task (pl, &t->maclabel);
tasklabel_unlock (t);
ip_lock (t->itk_self);
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/kern/task.h#3 (text+ko) ====
@@ -105,6 +105,7 @@
#include <task_swapper.h>
#include <kern/thread_act.h>
#include <mach/_label.h>
+#include <ipc/ipc_labelh.h>
typedef struct task {
/* Synchronization/destruction information */
@@ -212,8 +213,11 @@
vm_offset_t dynamic_working_set;
#ifdef MAC
+ /*
decl_mutex_data(,labellock)
struct label maclabel;
+ */
+ ipc_labelh_t label;
#endif
} Task;
@@ -223,40 +227,13 @@
#ifdef MAC
-#define tasklabel_lock(task) mutex_lock(&(task)->labellock)
-#define tasklabel_unlock(task) mutex_unlock(&(task)->labellock)
+#define maclabel label->lh_label
-extern inline void tasklabel_lock2 (task_t a, task_t b)
-{
- if (a == b)
- tasklabel_lock (a);
- else if (a < b)
- {
- tasklabel_lock (a);
- tasklabel_lock (b);
- }
- else
- {
- tasklabel_lock (b);
- tasklabel_lock (a);
- }
-}
+#define tasklabel_lock(task) io_lock(&(task)->label->lh_object)
+#define tasklabel_unlock(task) io_unlock(&(task)->label->lh_object)
-extern inline void tasklabel_unlock2 (task_t a, task_t b)
-{
- if (a == b)
- tasklabel_unlock (a);
- else if (a < b)
- {
- tasklabel_unlock (b);
- tasklabel_unlock (a);
- }
- else
- {
- tasklabel_unlock (a);
- tasklabel_unlock (b);
- }
-}
+#define tasklabel_lock2(a,b) io_lock2 (&(a)->label->lh_object, &(b)->label->lh_object)
+#define tasklabel_unlock2(a,b) io_unlock2 (&(a)->label->lh_object, &(b)->label->lh_object)
#endif
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/mach/mach_types.defs#3 (text+ko) ====
@@ -358,7 +358,7 @@
type security_token_t = MACH_MSG_TYPE_INTEGER_64;
-type msg_labels_t = c_string[64];
+type msg_labels_t = mach_port_t;
/* memory_object_info_t: variable-size inline array:
* memory_object_attr_info_t (5 ints)
==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/mach/message.h#3 (text+ko) ====
@@ -305,7 +305,7 @@
typedef struct
{
- char slabel[64];
+ mach_port_name_t sender;
} msg_labels_t;
typedef struct
@@ -462,7 +462,7 @@
#define MACH_RCV_TRAILER_NULL 0
#define MACH_RCV_TRAILER_SEQNO 1
#define MACH_RCV_TRAILER_SENDER 2
-#define MACH_RCV_TRAILER_LABELS 3
+#define MACH_RCV_TRAILER_LABELS 4
#define MACH_RCV_TRAILER_TYPE(x) (((x) & 0xf) << 28)
#define MACH_RCV_TRAILER_ELEMENTS(x) (((x) & 0xf) << 24)
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list