PERFORCE change 92989 for review

[Robert Watson]

http://perforce.freebsd.org/chv.cgi?CH=92989

Change 92989 by rwatson at rwatson_peppercorn on 2006/03/08 21:43:17

	Setting file flags via fcntl() doesn't allow changing the access
	mode flags tested by this #if 0'd block, since they are
	immediately cleared.  As such, as don't actually need to check
	for permission here.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/kern/kern_descrip.c#62 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/kern_descrip.c#62 (text+ko) ====

@@ -39,7 +39,6 @@
 
 #include "opt_compat.h"
 #include "opt_ddb.h"
-#include "opt_mac.h"
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -53,7 +52,6 @@
 #include <sys/kernel.h>
 #include <sys/limits.h>
 #include <sys/lock.h>
-#include <sys/mac.h>
 #include <sys/malloc.h>
 #include <sys/mount.h>
 #include <sys/mqueue.h>
@@ -434,36 +432,6 @@
 		mtx_assert(&Giant, MA_OWNED);
 		FILE_LOCK(fp);
 		fhold_locked(fp);
-#if 0
-#ifdef MAC
-		if (fp->f_type == DTYPE_VNODE) {
-			int fflag = (fp->f_flag & ~FCNTLFLAGS) |
-			    (FFLAGS(uap->arg & ~O_ACCMODE) & FCNTLFLAGS);
-			mode_t mode = 0;
-
-			if (fflag & FREAD)
-				mode |= VREAD;
-			if (fflag & FWRITE)
-				mode |= VWRITE;
-			if (fflag & O_APPEND)
-				mode |= VAPPEND;
-			vn_lock((struct vnode *)fp->f_data, LK_EXCLUSIVE |
-			    LK_RETRY, td);
-			/*
-			 * XXX: A seperate entry point should be used here
-			 * to pass in both the old and the new flags,
-			 * with authorization performed only on the delta.
-			 */
-			error = mac_check_vnode_open(td->td_ucred,
-			    (struct vnode *)fp->f_data, mode);
-			VOP_UNLOCK((struct vnode *)fp->f_data, 0, td);
-			if (error) {
-				fdrop(fp, td);
-				break;
-			}
-		}
-#endif /* MAC */
-#endif
 		fp->f_flag &= ~FCNTLFLAGS;
 		fp->f_flag |= FFLAGS(arg & ~O_ACCMODE) & FCNTLFLAGS;
 		FILE_UNLOCK(fp);