Date: Wed, 30 Oct 2002 14:01:07 -0500 (EST) From: Robert Watson <rwatson@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern kern_mac.c src/sys/security/mac_biba mac_biba.c src/sys/security/mac_bsdextended mac_bsdextended.c src/sys/security/mac_ifoff mac_ifoff.c src/sys/security/mac_mls mac_mls.c src/sys/security/mac_none mac_none.c ... Message-ID: <Pine.NEB.3.96L.1021030135925.38118D-100000@fledge.watson.org> In-Reply-To: <200210301848.g9UImp4j071876@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Despite the big diff line counts, this is actually almost entirely a mechanical change (with the exception of one or two other prototype fixes I made in the MAC tree and forgot to commit to the main tree first in order to get it working with type checking, so slippped in). Getting type checking into the framework for entry points solves a fairly sizable source code sync problem for policy writers by helping them detect entry point API changes, as well as catching frequently made errors. This moves us away from a VOP's registration model. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories On Wed, 30 Oct 2002, Robert Watson wrote: > rwatson 2002/10/30 10:48:51 PST > > Modified files: > sys/kern kern_mac.c > sys/security/mac_biba mac_biba.c > sys/security/mac_bsdextended mac_bsdextended.c > sys/security/mac_ifoff mac_ifoff.c > sys/security/mac_mls mac_mls.c > sys/security/mac_none mac_none.c > sys/security/mac_partition mac_partition.c > sys/security/mac_seeotheruids mac_seeotheruids.c > sys/security/mac_test mac_test.c > sys/sys mac_policy.h > Log: > Move to C99 sparse structure initialization for the mac_policy_ops > structure definition, rather than using an operation vector > we translate into the structure. Originally, we used a vector > for two reasons: > > (1) We wanted to define the structure sparsely, which wasn't > supported by the C compiler for structures. For a policy > with five entry points, you don't want to have to stick in > a few hundred NULL function pointers. > > (2) We thought it would improve ABI compatibility allowing modules > to work with kernels that had a superset of the entry points > defined in the module, even if the kernel had changed its > entry point set. > > Both of these no longer apply: > > (1) C99 gives us a way to sparsely define a static structure. > > (2) The ABI problems existed anyway, due to enumeration numbers, > argument changes, and semantic mismatches. Since the going > rule for FreeBSD is that you really need your modules to > pretty closely match your kernel, it's not worth the > complexity. > > This submit eliminates the operation vector, dynamic allocation > of the operation structure, copying of the vector to the > structure, and redoes the vectors in each policy to direct > structure definitions. One enourmous benefit of this change > is that we now get decent type checking on policy entry point > implementation arguments. > > Obtained from: TrustedBSD Project > Sponsored by: DARPA, Network Associates Laboratories > > Revision Changes Path > 1.56 +0 -583 src/sys/kern/kern_mac.c > 1.39 +132 -263 src/sys/security/mac_biba/mac_biba.c > 1.6 +28 -55 src/sys/security/mac_bsdextended/mac_bsdextended.c > 1.3 +5 -9 src/sys/security/mac_ifoff/mac_ifoff.c > 1.29 +130 -259 src/sys/security/mac_mls/mac_mls.c > 1.19 +136 -271 src/sys/security/mac_none/mac_none.c > 1.2 +17 -33 src/sys/security/mac_partition/mac_partition.c > 1.2 +7 -13 src/sys/security/mac_seeotheruids/mac_seeotheruids.c > 1.16 +134 -265 src/sys/security/mac_test/mac_test.c > 1.24 +4 -155 src/sys/sys/mac_policy.h > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1021030135925.38118D-100000>