PERFORCE change 79856 for review

Sat Jul 9 19:05:19 GMT 2005

http://perforce.freebsd.org/chv.cgi?CH=79856

Change 79856 by rwatson at rwatson_zoo on 2005/07/09 19:04:22

	Track changes in the MAC Framework as the POSIX semaphore access
	control and labeling support was merged to FreeBSD 6.x:
	
	- Rename entry points to *_posix_sem_*() from *_posix_ksem_*().
	
	- Control of sem_close() is no longer allowed for semantic reasons;
	  disable and add a comment explaining why.
	
	- Rename *_posix_sem_openexisting() to *_posix_sem_open().

Affected files ...

.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#36 edit

Differences ...

==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#36 (text+ko) ====

@@ -605,7 +605,7 @@
 }
 
 static void
-sebsd_create_posix_ksem(struct ucred *cred, struct ksem *ksemptr,
+sebsd_create_posix_sem(struct ucred *cred, struct ksem *ksemptr,
     struct label *ks_label)
 {
 	struct task_security_struct *tsec;
@@ -2296,6 +2296,12 @@
 	return(ipc_has_perm(cred, shmseglabel, SHM__ASSOCIATE));
 }
 
+#ifdef MAC_NO_LOONGER
+/*
+ * POSIX does not allow sem_close() to fail for reasons other than an invalid
+ * semaphore pointer, and close on exit is unconditional.  As such, the MAC
+ * Framework does not allow access control on sem_close().
+ */
 static int
 sebsd_check_posix_sem_close(struct ucred *cred, struct ksem *ksemptr,
     struct label *ks_label)
@@ -2303,6 +2309,7 @@
 
 	return(ipc_has_perm(cred, ks_label, POSIX_SEM__DISASSOCIATE));
 }
+#endif
 
 static int
 sebsd_check_posix_sem_destroy(struct ucred *cred, struct ksem *ksemptr,
@@ -2321,7 +2328,7 @@
 }
 
 static int
-sebsd_check_posix_sem_openexisting(struct ucred *cred, struct ksem *ksemptr,
+sebsd_check_posix_sem_open(struct ucred *cred, struct ksem *ksemptr,
     struct label *ks_label)
 {
 
@@ -2369,7 +2376,7 @@
 	.mpo_init_mount_label = sebsd_init_mount_label,
 	.mpo_init_mount_fs_label = sebsd_init_mount_fs_label,
 	.mpo_init_pipe_label = sebsd_init_vnode_label,
-	.mpo_init_posix_ksem_label = sebsd_init_sysv_label,
+	.mpo_init_posix_sem_label = sebsd_init_sysv_label,
 	.mpo_init_socket_label = sebsd_init_network_label_waitcheck,
 	.mpo_init_socket_peer_label = sebsd_init_network_label_waitcheck,
 	.mpo_init_vnode_label = sebsd_init_vnode_label,
@@ -2390,7 +2397,7 @@
 	.mpo_destroy_mount_label = sebsd_destroy_label,
 	.mpo_destroy_mount_fs_label = sebsd_destroy_label,
 	.mpo_destroy_pipe_label = sebsd_destroy_label,
-	.mpo_destroy_posix_ksem_label = sebsd_destroy_label,
+	.mpo_destroy_posix_sem_label = sebsd_destroy_label,
 	.mpo_destroy_socket_label = sebsd_destroy_label,
 	.mpo_destroy_socket_peer_label = sebsd_destroy_label,
 	.mpo_destroy_vnode_label = sebsd_destroy_label,
@@ -2447,7 +2454,7 @@
 	/* .mpo_create_mbuf_from_socket = sebsd_create_mbuf_from_socket, */
 	.mpo_create_mount = sebsd_create_mount,
 	.mpo_create_pipe = sebsd_create_pipe,
-	.mpo_create_posix_ksem = sebsd_create_posix_ksem,
+	.mpo_create_posix_sem = sebsd_create_posix_sem,
 	.mpo_create_proc0 = sebsd_create_proc0,
 	.mpo_create_proc1 = sebsd_create_proc1,
 	.mpo_create_root_mount = sebsd_create_root_mount,
@@ -2501,10 +2508,9 @@
 	.mpo_check_pipe_stat = sebsd_check_pipe_stat,
 	.mpo_check_pipe_write = sebsd_check_pipe_write,
 
-	.mpo_check_posix_sem_close = sebsd_check_posix_sem_close,
 	.mpo_check_posix_sem_destroy = sebsd_check_posix_sem_destroy,
 	.mpo_check_posix_sem_getvalue = sebsd_check_posix_sem_getvalue,
-	.mpo_check_posix_sem_openexisting = sebsd_check_posix_sem_openexisting,
+	.mpo_check_posix_sem_open = sebsd_check_posix_sem_open,
 	.mpo_check_posix_sem_post = sebsd_check_posix_sem_post,
 	.mpo_check_posix_sem_unlink = sebsd_check_posix_sem_unlink,
 	.mpo_check_posix_sem_wait = sebsd_check_posix_sem_wait,
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

