PERFORCE change 91461 for review

Thu Feb 9 20:25:15 GMT 2006

http://perforce.freebsd.org/chv.cgi?CH=91461

Change 91461 by millert at millert_ibook on 2006/02/09 20:25:08

	Add missing (c) notice
	Factor out code to load the migscs file into its own function
	    for the new syscall.
	Add some missing error checks

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/mach_av.c#9 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/mach_av.c#9 (text+ko) ====

@@ -1,5 +1,31 @@
+/*-
+ * Copyright (c) 2005 SPARTA, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
 
 #include <mach/message.h>
+#include <kern/lock.h>
 #include <sedarwin/linux-compat.h>
 #include <sedarwin/flask.h>
 #include <sedarwin/ss/hashtab.h>
@@ -22,37 +48,41 @@
 {
 	int baseid;
 	int nclasses;
-	int classes[0];
+	int classes[0];		/* actually larger */
 };
 
 static struct hashtab *msgid2class;
 
-void sebsd_mach_av_init()
+static mutex_t *migscs_load_lock;
+
+/*
+ * Read the table mapping mach message ids to security classes.
+ * The permissions in those classes are expected to be relative to the
+ * base message id defined for a subsystem (which is in this table).
+ */
+int
+sebsd_load_migscs(void *tdata, size_t tsize)
 {
-	/* Read the table mapping mach message ids to security classes.
-	   The permissions in those classes are expected to be relative to the
-	   base message id defined for a subsystem (which is in this table). */
+	struct hashtab *ht, *oht;
+	int error, *p, *ep;
 
-	size_t tsize;
-	int   *tdata;
-	if (!preload_find_data ("sebsd_migscs", &tsize, &tdata)) {
-		msgid2class = hashtab_create(msgid_hash, msgid_cmp, 3);
-		return;
-	}
+	ht = hashtab_create(msgid_hash, msgid_cmp, 31337);
+	if (ht == NULL)
+		return (-1);
 
-	msgid2class = hashtab_create(msgid_hash, msgid_cmp, 31337);
+	printf("security class to subsystem table: %d classes\n",
+	    tsize / sizeof(int));
 
-	tsize /= sizeof(int);
-	int *p = tdata;
-
-	while (p < tdata+tsize) {
+	p = (int *)tdata;
+	ep = (int *)((char *)tdata + tsize);
+	while (p < ep) {
 		int msgid = *p++;
 		int nclasses = *p++;
 		int size = *p++;
 		int i;
+		struct msgid_classinfo *c;
 
-		struct msgid_classinfo *c = sebsd_malloc
-			(sizeof(int) * nclasses + sizeof(struct msgid_classinfo), M_WAITOK);
+		c = sebsd_malloc(sizeof(int) * nclasses + sizeof(*c), M_WAITOK);
 		c->baseid = msgid;
 		c->nclasses = nclasses;
 		for (i = 0; i < nclasses; i++)
@@ -60,11 +90,43 @@
 		for (i = msgid; i < msgid + size; i++) {
 			int *ip = sebsd_malloc(sizeof(int), M_WAITOK);
 			*ip = i;
-			hashtab_insert(msgid2class, ip, c);
+			error = hashtab_insert(ht, ip, c);
+			if (error) {
+			    hashtab_destroy(ht);
+			    return (-1);
+			}
 		}
 	}
+
+	/*
+	 * Swap the old message id to class mapping with the new one
+	 * and free the old.
+	 * XXX - does this leak memory?
+	 */
+	mutex_lock(migscs_load_lock);
+	oht = msgid2class;
+	msgid2class = ht;
+	mutex_unlock(migscs_load_lock);
+	hashtab_destroy(oht);
+	return (0);
+}
+
+void
+sebsd_mach_av_init(void)
+{
+	size_t tsize;
+	int   *tdata;
+
+	migscs_load_lock = mutex_alloc(ETAP_NO_TRACE);
+
+	if (!preload_find_data ("sebsd_migscs", &tsize, &tdata) ||
+	    sebsd_load_migscs(tdata, tsize) != 0) {
+		msgid2class = hashtab_create(msgid_hash, msgid_cmp, 3);
+		return;
+	}
 }
 
+
 int
 sebsd_check_ipc_method1(int subj, int obj, int msgid)
 {
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

