PERFORCE change 113360 for review

[Todd Miller]

http://perforce.freebsd.org/chv.cgi?CH=113360

Change 113360 by millert at millert_macbook on 2007/01/22 16:20:34

	Add includes, __unused and cast to quiet gcc warnings
	Add back code mistakenly removed during rc==22 (EINVAL)
	changes that broke mac_request_label().

Affected files ...

.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/security.c#6 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/security.c#6 (text+ko) ====

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2005, 2006 SPARTA, Inc.
+ * Copyright (c) 2005-2007 SPARTA, Inc.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -28,9 +28,11 @@
 #include <kern/kern_types.h>
 #include <kern/ipc_kobject.h>
 #include <ipc/ipc_object.h>
+#include <ipc/ipc_right.h>
 #include <ipc/ipc_labelh.h>
 #include <kern/task.h>
 #include <security/mac_mach_internal.h> 
+#include <mach/security.h> 
 
 kern_return_t
 mach_get_task_label(
@@ -98,7 +100,7 @@
 
 kern_return_t
 mac_check_service(
-	ipc_space_t space,
+	__unused ipc_space_t space,
 	labelstr_t  subj,
 	labelstr_t  obj,
 	labelstr_t  serv,
@@ -161,7 +163,7 @@
 		return kr;
 	}
 
-	dead = ipc_right_check(space, entry->ie_object, obj, entry);
+	dead = ipc_right_check(space, (ipc_port_t) entry->ie_object, obj, entry);
 	if (dead) {
 		is_write_unlock(space);
 		mac_task_label_destroy(&subjl);
@@ -290,7 +292,11 @@
 	io_unlock(objp);
 	ipc_port_multiple_unlock();
 
-	kr = rc ? KERN_NO_ACCESS : KERN_SUCCESS;
+	if (rc == 0)
+		kr = labelh_new_user(space, &outl, outlabel);
+	else
+		kr = KERN_NO_ACCESS;
+
 	if (kr != KERN_SUCCESS)
 		mac_port_label_destroy(&outl);