PERFORCE change 105792 for review

Todd Miller millert at FreeBSD.org
Thu Sep 7 14:52:07 UTC 2006 

http://perforce.freebsd.org/chv.cgi?CH=105792

Change 105792 by millert at millert_g5tower on 2006/09/07 14:50:23

	Add support for label and multilabel options to mount_msdos.
	Build and install modified mount_msdos as part of SEDarwin.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin8/darwin/Makefile#2 edit
.. //depot/projects/trustedbsd/sedarwin8/darwin/msdosfs/Makefile#1 add
.. //depot/projects/trustedbsd/sedarwin8/darwin/msdosfs/mount_msdos.tproj/Makefile#1 add
.. //depot/projects/trustedbsd/sedarwin8/darwin/msdosfs/mount_msdos.tproj/mount_msdos.c#2 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin8/darwin/Makefile#2 (text+ko) ====

@@ -14,6 +14,7 @@
 	$(MAKE) -C adv_cmds/ps.tproj all
 	$(MAKE) -C file_cmds/ls all
 	bsdmake -C diskdev_cmds -f Makefile.mac all
+	$(MAKE) -C msdosfs/mount_msdos.tproj
 	$(MAKE) -C pam_modules/pam_lctx
 	$(MAKE) -C pam_modules/pam_mac_console
 	$(MAKE) -C etc
@@ -33,6 +34,7 @@
 	$(MAKE) -C adv_cmds/ps.tproj DSTROOT=$(DESTDIR) install
 	$(MAKE) -C file_cmds/ls install
 	bsdmake -C diskdev_cmds -f Makefile.mac DSTROOT=$(DESTDIR) install
+	$(MAKE) -C msdosfs/mount_msdos.tproj install
 	$(MAKE) -C pam_modules/pam_lctx DSTROOT=$(DESTDIR) install
 	$(MAKE) -C pam_modules/pam_mac_console DSTROOT=$(DESTDIR) install
 	$(MAKE) -C etc install
@@ -51,6 +53,7 @@
 	$(MAKE) -C adv_cmds/ps.tproj clean
 	$(MAKE) -C file_cmds/ls clean
 	bsdmake -C diskdev_cmds -f Makefile.mac clean
+	$(MAKE) -C msdosfs/mount_msdos.tproj clean
 	$(MAKE) -C pam_modules/pam_lctx clean
 	$(MAKE) -C pam_modules/pam_mac_console clean
 	$(MAKE) -C etc clean

==== //depot/projects/trustedbsd/sedarwin8/darwin/msdosfs/mount_msdos.tproj/mount_msdos.c#2 (text+ko) ====

@@ -53,6 +53,12 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
+/*
+ * NOTICE: This file was modified by SPARTA, Inc. in 2006 to introduce
+ * support for mandatory and extensible security protections.  This notice
+ * is included in support of clause 2.2 (b) of the Apple Public License,
+ * Version 2.0.
+ */
 
 #ifndef lint
 static const char rcsid[] =
@@ -72,6 +78,8 @@
 #include <sys/time.h>
 #include <sys/wait.h>
 
+#include <security/mac.h>
+
 #include "../msdosfs.kextproj/msdosfs.kmodproj/msdosfsmount.h"
 
 #include <ctype.h>
@@ -94,7 +102,7 @@
 
 /* bek 5/20/98 - [2238317] - mntopts.h needs to be installed in a public place */
 
-#define Radar_2238317 1
+// #define Radar_2238317 1
 
 #if ! Radar_2238317
 
@@ -158,6 +166,7 @@
 #define MOPT_BROWSE             { "browse",     1, MNT_DONTBROWSE, 0 }
 #define MOPT_AUTOMOUNTED        { "automounted",0, MNT_AUTOMOUNTED, 0 }
 #define MOPT_DEFWRITE           { "defwrite",   0, MNT_DEFWRITE, 0}
+#define MOPT_LABEL		{ "label=", 0, MNT_LABEL, 0 }
 
 /* Control flags. */
 #define MOPT_FORCE		{ "force",	0, MNT_FORCE, 0 }
@@ -184,6 +193,8 @@
 	MOPT_RDONLY,							\
 	MOPT_UNION,							\
 	MOPT_PERMISSIONS,						\
+	MOPT_LABEL,							\
+	MOPT_MULTILABEL,						\
 	MOPT_BROWSE
 
 void getmntopts __P((const char *, const struct mntopt *, int *, int *));
@@ -234,12 +245,21 @@
         char *dev, *dir, mntpath[MAXPATHLEN];
         // struct vfsconf vfc;
         struct timezone local_tz;
+	mac_t mlabel = NULL;
+	struct mac mac;
+	char labelstr[MAC_MAX_LABEL_BUF_LEN + 1];
+	char *p;
         
 	mntflags = set_gid = set_uid = set_mask = 0;
 	(void)memset(&args, '\0', sizeof(args));
 	args.magic = MSDOSFS_ARGSMAGIC;
         progname = argv[0];
 
+	(void)memset(labelstr, '\0', sizeof(labelstr));
+	(void)memset(&mac, '\0', sizeof(struct mac));
+	mac.m_string = labelstr;
+	mlabel = NULL;
+
 	while ((c = getopt(argc, argv, "sl9u:g:m:o:")) != -1) {
 		switch (c) {
 		case 'u':
@@ -256,6 +276,13 @@
 			break;
 		case 'o':
 			getmntopts(optarg, mopts, &mntflags, &args.flags);
+			if (mntflags & MNT_LABEL) {
+				p = strcasestr(optarg, "label=");
+				if (p != NULL) {
+					if (mac_label_opt(p, &mac) != 0)
+						usage();
+				}
+			}
 			break;
 		case '?':
 		default:
@@ -264,6 +291,9 @@
 		}
 	}
 
+	if (mntflags & MNT_LABEL)
+		mlabel = &mac;
+
 	if (optind + 2 != argc)
 		usage();
 
@@ -308,7 +338,7 @@
 		if (load_kmod())		/* Load it in */
 			errx(EX_OSERR, "msdos filesystem is not available");
 
-	if (mount("msdos", mntpath, mntflags, &args) < 0)
+	if (mac_mount("msdos", mntpath, mntflags, &args, mlabel) < 0)
 		err(EX_OSERR, "%s on %s", dev, mntpath);
 
 	exit (0);

More information about the trustedbsd-cvs mailing list