Date: Thu, 10 Oct 2002 06:10:42 -0700 (PDT) From: Brian Feldman <green@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 19018 for review Message-ID: <200210101310.g9ADAgGA082009@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/p4db/chv.cgi?CH=19018 Change 19018 by green@green_laptop_2 on 2002/10/10 06:10:03 Reinitialize root filesystem vnodes that exist before SEBSD is initialized. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#36 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#36 (text+ko) ==== @@ -1089,12 +1089,31 @@ */ static void sebsd_create_root_mount(struct ucred *cred, struct mount *mp, - struct mount *mntlabel, struct mount *fslabel) + struct label *mntlabel, struct label *fslabel) { + struct vnode *vp, *nvp; + avc_init(); if (security_init()) { panic("SEBSD: couldn't read policy file"); } + /* + * Go through all open vnodes and reload their labels. + */ + mtx_lock(&mntvnode_mtx); + vp = TAILQ_FIRST(&mp->mnt_nvnodelist); + do { + nvp = TAILQ_NEXT(vp, v_nmntvnodes); + VI_LOCK(vp); + mtx_unlock(&mntvnode_mtx); + vn_lock(vp, LK_INTERLOCK | LK_EXCLUSIVE | LK_RETRY, curthread); + (void)sebsd_update_vnode_from_extattr(vp, &vp->v_label, mp, + fslabel); + VOP_UNLOCK(vp, 0, curthread); + mtx_lock(&mntvnode_mtx); + vp = nvp; + } while (vp != NULL); + mtx_unlock(&mntvnode_mtx); } static struct mac_policy_op_entry sebsd_ops[] = { To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210101310.g9ADAgGA082009>