From owner-p4-projects@FreeBSD.ORG Wed Feb 18 11:52:54 2004 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 73F3E16A4CE; Wed, 18 Feb 2004 11:52:54 -0800 (PST) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 48F6716A4CE for ; Wed, 18 Feb 2004 11:52:54 -0800 (PST) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4350543D2D for ; Wed, 18 Feb 2004 11:52:54 -0800 (PST) (envelope-from areisse@nailabs.com) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.10/8.12.10) with ESMTP id i1IJqsGe089023 for ; Wed, 18 Feb 2004 11:52:54 -0800 (PST) (envelope-from areisse@nailabs.com) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.10/8.12.10/Submit) id i1IJqr3j089020 for perforce@freebsd.org; Wed, 18 Feb 2004 11:52:53 -0800 (PST) (envelope-from areisse@nailabs.com) Date: Wed, 18 Feb 2004 11:52:53 -0800 (PST) Message-Id: <200402181952.i1IJqr3j089020@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to areisse@nailabs.com using -f From: Andrew Reisse To: Perforce Change Reviews Subject: PERFORCE change 47141 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Feb 2004 19:52:55 -0000 http://perforce.freebsd.org/chv.cgi?CH=47141 Change 47141 by areisse@areisse_ibook on 2004/02/18 11:52:53 Message trailers contain a label handle reference instead of a string. Tasks use label handles instead of inline label structures. Affected files ... .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_kmsg.c#3 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_kmsg.h#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_labelh.c#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_labelh.h#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_notify.c#2 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_object.c#4 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_object.h#3 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/mach_msg.c#3 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/kern/ipc_tt.c#3 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/kern/task.c#4 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/kern/task.h#3 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/mach/mach_types.defs#3 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/mach/message.h#3 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_kmsg.c#3 (text+ko) ==== @@ -199,6 +199,9 @@ if (kmsg != IKM_NULL) { ikm_init(kmsg, msg_and_trailer_size); } + + kmsg->ikm_sender = (ipc_labelh_t)IO_NULL; + return(kmsg); } @@ -221,6 +224,16 @@ mach_msg_size_t size = kmsg->ikm_size; ipc_port_t port; + if (kmsg->ikm_sender != IO_NULL && io_otype (&kmsg->ikm_sender->lh_object) == + IOT_LABELH) { + ipc_object_release (&kmsg->ikm_sender->lh_object); + kmsg->ikm_sender = IO_NULL; + } + else if (kmsg->ikm_sender != IO_NULL && io_otype (&kmsg->ikm_sender->lh_object) + != IOT_LABELH) + printf ("strange otype in message label: %d\n", io_otype (&kmsg->ikm_sender->lh_object)); + + /* * Check to see if the message is bound to the port. If so, * mark it not in use. If the port isn't already dead, then @@ -585,6 +598,16 @@ body = (mach_msg_body_t *) (&kmsg->ikm_header + 1); ipc_kmsg_clean_body(kmsg, body->msgh_descriptor_count); } + + if (kmsg->ikm_sender != IO_NULL && io_otype (&kmsg->ikm_sender->lh_object) == + IOT_LABELH) { + ipc_object_release (&kmsg->ikm_sender->lh_object); + kmsg->ikm_sender = IO_NULL; + } + else if (kmsg->ikm_sender != IO_NULL && io_otype (&kmsg->ikm_sender->lh_object) + != IOT_LABELH) + printf ("strange otype in message label: %d\n", io_otype (&kmsg->ikm_sender->lh_object)); + } /* @@ -680,17 +703,18 @@ trailer->msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0; trailer->msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE; +#if 1 task_t cur = current_thread()->top_act->task; if (cur) { - tasklabel_lock (cur); - mac_externalize_task_label (&cur->maclabel, - "sebsd", trailer->msgh_labels.slabel, - 64, 0); - tasklabel_unlock (cur); + ipc_object_reference (&cur->label->lh_object); + /*trailer->msgh_labels.sender = (mach_port_name_t)cur->label;*/ + + kmsg->ikm_sender = cur->label; } else - strcpy (trailer->msgh_labels.slabel, "system_u:system_r:kernel_t"); +#endif + trailer->msgh_labels.sender = 0; *kmsgp = kmsg; return MACH_MSG_SUCCESS; @@ -774,6 +798,10 @@ trailer->msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0; trailer->msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE; + trailer->msgh_labels.sender = 0; + + kmsg->ikm_sender = (ipc_labelh_t)IO_NULL; + *kmsgp = kmsg; return MACH_MSG_SUCCESS; } ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_kmsg.h#2 (text+ko) ==== @@ -69,6 +69,7 @@ #include #include #include +#include /* * This structure is only the header for a kmsg buffer; @@ -88,6 +89,7 @@ struct ipc_kmsg *ikm_prev; ipc_port_t ikm_prealloc; /* port we were preallocated from */ mach_msg_size_t ikm_size; + ipc_labelh_t ikm_sender; mach_msg_header_t ikm_header; } *ipc_kmsg_t; @@ -135,6 +137,7 @@ MACRO_BEGIN \ (kmsg)->ikm_size = (size); \ (kmsg)->ikm_prealloc = IP_NULL; \ + (kmsg)->ikm_sender = IO_NULL; \ assert((kmsg)->ikm_prev = (kmsg)->ikm_next = IKM_BOGUS); \ MACRO_END ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_labelh.c#2 (text+ko) ==== @@ -25,3 +25,38 @@ return 0; } +ipc_labelh_t labelh_new () +{ + ipc_labelh_t lh = (ipc_labelh_t) io_alloc (IOT_LABELH); + io_lock_init (&(lh->lh_object)); + lh->lh_object.io_references = 1; + lh->lh_object.io_bits = io_makebits (TRUE, IOT_LABELH, 0); + return lh; +} + +/* call with old locked */ + +ipc_labelh_t labelh_duplicate (ipc_labelh_t old) +{ + ipc_labelh_t lh = (ipc_labelh_t) io_alloc (IOT_LABELH); + io_lock_init (&(lh->lh_object)); + lh->lh_object.io_references = 1; + lh->lh_object.io_bits = io_makebits (TRUE, IOT_LABELH, 0); + + mac_init_port_label (&lh->lh_label); + mac_copy_port_label (&old->lh_label, &lh->lh_label); + return lh; +} + +/* call with old locked; returns a locked object */ + +ipc_labelh_t labelh_modify (ipc_labelh_t old) +{ + if (old->lh_object.io_references == 1) + return old; + ipc_labelh_t lh = labelh_duplicate (old); + io_release (&old->lh_object); + io_unlock (&old->lh_object); + io_lock (&lh->lh_object); + return lh; +} ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_labelh.h#2 (text+ko) ==== @@ -1,4 +1,7 @@ +#ifndef _IPC_LABELH_H_ +#define _IPC_LABELH_H_ + #include #include #include @@ -9,3 +12,8 @@ struct label lh_label; } *ipc_labelh_t; + +ipc_labelh_t labelh_duplicate (ipc_labelh_t old); +ipc_labelh_t labelh_modify (ipc_labelh_t old); + +#endif ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_notify.c#2 (text+ko) ==== @@ -117,6 +117,7 @@ n->trailer.msgh_sender = KERNEL_SECURITY_TOKEN; n->trailer.msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0; n->trailer.msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE; + n->trailer.msgh_labels.sender = 0; } /* @@ -146,6 +147,7 @@ n->trailer.msgh_sender = KERNEL_SECURITY_TOKEN; n->trailer.msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0; n->trailer.msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE; + n->trailer.msgh_labels.sender = 0; } /* @@ -171,6 +173,7 @@ n->trailer.msgh_sender = KERNEL_SECURITY_TOKEN; n->trailer.msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0; n->trailer.msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE; + n->trailer.msgh_labels.sender = 0; n->not_count = 0; } @@ -195,6 +198,7 @@ n->trailer.msgh_sender = KERNEL_SECURITY_TOKEN; n->trailer.msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0; n->trailer.msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE; + n->trailer.msgh_labels.sender = 0; } /* @@ -221,6 +225,7 @@ n->trailer.msgh_sender = KERNEL_SECURITY_TOKEN; n->trailer.msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0; n->trailer.msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE; + n->trailer.msgh_labels.sender = 0; } /* ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_object.c#4 (text+ko) ==== @@ -986,7 +986,6 @@ return NULL; } -#if MACH_ASSERT /* * Check whether the object is a port if so, free it. But * keep track of that fact. @@ -1005,7 +1004,10 @@ #endif /* MACH_ASSERT */ #ifdef MAC - mac_destroy_port_label (&port->ip_label); + /* XXX: This was never getting called before, + and calling it now causes problems. */ + + /*mac_destroy_port_label (&port->ip_label);*/ } else if (otype == IOT_LABELH) { ipc_labelh_t lh = (ipc_labelh_t) object; @@ -1014,7 +1016,6 @@ } zfree(ipc_object_zones[otype], (vm_offset_t) object); } -#endif /* MACH_ASSERT */ #include #if MACH_KDB ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/ipc_object.h#3 (text+ko) ==== @@ -141,19 +141,14 @@ #define io_alloc(otype) \ ((ipc_object_t) zalloc(ipc_object_zones[(otype)])) -#if MACH_ASSERT /* * Call the routine for io_free so that checking can be performed. + * It is also responsible for freeing labels. */ extern void io_free( unsigned int otype, ipc_object_t object); -#else /* MACH_ASSERT */ -#define io_free(otype, io) \ - zfree(ipc_object_zones[(otype)], (vm_offset_t) (io)) -#endif /* MACH_ASSERT */ - /* * Here we depend on the ipc_object being first within the ipc_common_data, * which is first within the rpc_common_data, which in turn must be first ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ipc/mach_msg.c#3 (text+ko) ==== @@ -262,6 +262,33 @@ if (option & MACH_RCV_TRAILER_MASK) { trailer->msgh_seqno = seqno; trailer->msgh_trailer_size = REQUESTED_TRAILER_SIZE(option); + +#if 1 + if (option & MACH_RCV_TRAILER_ELEMENTS (MACH_RCV_TRAILER_LABELS)) { + if (kmsg->ikm_sender != IO_NULL) { + ipc_object_t lh = &kmsg->ikm_sender->lh_object; + ipc_entry_t entry; + kern_return_t kr; + + io_lock (lh); + kr = ipc_entry_alloc (space, &trailer->msgh_labels.sender, &entry); + if (kr != KERN_SUCCESS) { + trailer->msgh_labels.sender = 0; + /*ipc_object_release (lh);*/ + } + else { + entry->ie_bits |= (1 | MACH_PORT_TYPE_LABELH); + entry->ie_object = lh; + io_reference (lh); + io_unlock (lh); + is_write_unlock (space); + } + } + else { + trailer->msgh_labels.sender = 0; + } + } +#endif } /* ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/kern/ipc_tt.c#3 (text+ko) ==== ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/kern/task.c#4 (text+ko) ==== @@ -402,7 +402,8 @@ eml_task_reference(new_task, parent_task); #ifdef MAC - mutex_init(&new_task->labellock, ETAP_NO_TRACE); + /*mutex_init(&new_task->labellock, ETAP_NO_TRACE);*/ + new_task->label = labelh_new (); mac_init_task_label (&new_task->maclabel); #endif @@ -554,7 +555,7 @@ task_prof_deallocate(task); #ifdef MAC - mac_destroy_task_label (&task->maclabel); + ipc_object_release (&task->label->lh_object); #endif zfree(task_zone, (vm_offset_t) task); @@ -1757,6 +1758,7 @@ void mac_update_task_label (struct label *pl, struct task *t) { tasklabel_lock (t); + t->label = labelh_modify (t->label); mac_copy_cred_to_task (pl, &t->maclabel); tasklabel_unlock (t); ip_lock (t->itk_self); ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/kern/task.h#3 (text+ko) ==== @@ -105,6 +105,7 @@ #include #include #include +#include typedef struct task { /* Synchronization/destruction information */ @@ -212,8 +213,11 @@ vm_offset_t dynamic_working_set; #ifdef MAC + /* decl_mutex_data(,labellock) struct label maclabel; + */ + ipc_labelh_t label; #endif } Task; @@ -223,40 +227,13 @@ #ifdef MAC -#define tasklabel_lock(task) mutex_lock(&(task)->labellock) -#define tasklabel_unlock(task) mutex_unlock(&(task)->labellock) +#define maclabel label->lh_label -extern inline void tasklabel_lock2 (task_t a, task_t b) -{ - if (a == b) - tasklabel_lock (a); - else if (a < b) - { - tasklabel_lock (a); - tasklabel_lock (b); - } - else - { - tasklabel_lock (b); - tasklabel_lock (a); - } -} +#define tasklabel_lock(task) io_lock(&(task)->label->lh_object) +#define tasklabel_unlock(task) io_unlock(&(task)->label->lh_object) -extern inline void tasklabel_unlock2 (task_t a, task_t b) -{ - if (a == b) - tasklabel_unlock (a); - else if (a < b) - { - tasklabel_unlock (b); - tasklabel_unlock (a); - } - else - { - tasklabel_unlock (a); - tasklabel_unlock (b); - } -} +#define tasklabel_lock2(a,b) io_lock2 (&(a)->label->lh_object, &(b)->label->lh_object) +#define tasklabel_unlock2(a,b) io_unlock2 (&(a)->label->lh_object, &(b)->label->lh_object) #endif ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/mach/mach_types.defs#3 (text+ko) ==== @@ -358,7 +358,7 @@ type security_token_t = MACH_MSG_TYPE_INTEGER_64; -type msg_labels_t = c_string[64]; +type msg_labels_t = mach_port_t; /* memory_object_info_t: variable-size inline array: * memory_object_attr_info_t (5 ints) ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/mach/message.h#3 (text+ko) ==== @@ -305,7 +305,7 @@ typedef struct { - char slabel[64]; + mach_port_name_t sender; } msg_labels_t; typedef struct @@ -462,7 +462,7 @@ #define MACH_RCV_TRAILER_NULL 0 #define MACH_RCV_TRAILER_SEQNO 1 #define MACH_RCV_TRAILER_SENDER 2 -#define MACH_RCV_TRAILER_LABELS 3 +#define MACH_RCV_TRAILER_LABELS 4 #define MACH_RCV_TRAILER_TYPE(x) (((x) & 0xf) << 28) #define MACH_RCV_TRAILER_ELEMENTS(x) (((x) & 0xf) << 24)