From owner-svn-src-all@FreeBSD.ORG  Tue Dec 29 17:31:53 2009
Return-Path: <owner-svn-src-all@FreeBSD.ORG>
Delivered-To: svn-src-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 3671B1065698;
	Tue, 29 Dec 2009 17:31:53 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c])
	by mx1.freebsd.org (Postfix) with ESMTP id 1930A8FC18;
	Tue, 29 Dec 2009 17:31:53 +0000 (UTC)
Received: from svn.freebsd.org (localhost [127.0.0.1])
	by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id nBTHVqni031190;
	Tue, 29 Dec 2009 17:31:53 GMT (envelope-from rwatson@svn.freebsd.org)
Received: (from rwatson@localhost)
	by svn.freebsd.org (8.14.3/8.14.3/Submit) id nBTHVqho031188;
	Tue, 29 Dec 2009 17:31:52 GMT (envelope-from rwatson@svn.freebsd.org)
Message-Id: <200912291731.nBTHVqho031188@svn.freebsd.org>
From: Robert Watson <rwatson@FreeBSD.org>
Date: Tue, 29 Dec 2009 17:31:52 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
	svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org
X-SVN-Group: stable-7
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: 
Subject: svn commit: r201206 - stable/7/sys/security/mac
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
	user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
	<mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
	<mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Dec 2009 17:31:53 -0000

Author: rwatson
Date: Tue Dec 29 17:31:52 2009
New Revision: 201206
URL: http://svn.freebsd.org/changeset/base/201206

Log:
  Merge r187666 from head to stable/7:
  
    Begin to add SDT tracing of the MAC Framework: add policy modevent,
    register, and unregister hooks that give access to the mac_policy_conf
    for the policy.
  
    Obtained from:	TrustedBSD Project
  
  Requested by:	bz

Modified:
  stable/7/sys/security/mac/mac_framework.c
Directory Properties:
  stable/7/sys/   (props changed)
  stable/7/sys/cddl/contrib/opensolaris/   (props changed)
  stable/7/sys/contrib/dev/acpica/   (props changed)
  stable/7/sys/contrib/pf/   (props changed)

Modified: stable/7/sys/security/mac/mac_framework.c
==============================================================================
--- stable/7/sys/security/mac/mac_framework.c	Tue Dec 29 16:01:22 2009	(r201205)
+++ stable/7/sys/security/mac/mac_framework.c	Tue Dec 29 17:31:52 2009	(r201206)
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999-2002, 2006 Robert N. M. Watson
+ * Copyright (c) 1999-2002, 2006, 2009 Robert N. M. Watson
  * Copyright (c) 2001 Ilmar S. Habibulin
  * Copyright (c) 2001-2005 Networks Associates Technology, Inc.
  * Copyright (c) 2005-2006 SPARTA, Inc.
@@ -62,6 +62,7 @@
  * src/sys/security/mac_*.
  */
 
+#include "opt_kdtrace.h"
 #include "opt_mac.h"
 
 #include <sys/cdefs.h>
@@ -74,6 +75,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/mutex.h>
 #include <sys/mac.h>
 #include <sys/module.h>
+#include <sys/sdt.h>
 #include <sys/systm.h>
 #include <sys/sysctl.h>
 
@@ -82,6 +84,24 @@ __FBSDID("$FreeBSD$");
 #include <security/mac/mac_policy.h>
 
 /*
+ * DTrace SDT provider for MAC.
+ */
+SDT_PROVIDER_DEFINE(mac);
+
+SDT_PROBE_DEFINE(mac, kernel, policy, modevent);
+SDT_PROBE_ARGTYPE(mac, kernel, policy, modevent, 0, "int");
+SDT_PROBE_ARGTYPE(mac, kernel, policy, modevent, 1,
+    "struct mac_policy_conf *mpc");
+
+SDT_PROBE_DEFINE(mac, kernel, policy, register);
+SDT_PROBE_ARGTYPE(mac, kernel, policy, register, 0,
+    "struct mac_policy_conf *");
+
+SDT_PROBE_DEFINE(mac, kernel, policy, unregister);
+SDT_PROBE_ARGTYPE(mac, kernel, policy, unregister, 0,
+    "struct mac_policy_conf *");
+
+/*
  * Root sysctl node for all MAC and MAC policy controls.
  */
 SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0,
@@ -435,6 +455,7 @@ mac_policy_register(struct mac_policy_co
 		(*(mpc->mpc_ops->mpo_init))(mpc);
 	mac_policy_updateflags();
 
+	SDT_PROBE(mac, kernel, policy, register, mpc, 0, 0, 0, 0);
 	printf("Security policy loaded: %s (%s)\n", mpc->mpc_fullname,
 	    mpc->mpc_name);
 
@@ -482,6 +503,7 @@ mac_policy_unregister(struct mac_policy_
 
 	mac_policy_release_exclusive();
 
+	SDT_PROBE(mac, kernel, policy, unregister, mpc, 0, 0, 0, 0);
 	printf("Security policy unload: %s (%s)\n", mpc->mpc_fullname,
 	    mpc->mpc_name);
 
@@ -507,6 +529,7 @@ mac_policy_modevent(module_t mod, int ty
 	}
 #endif
 
+	SDT_PROBE(mac, kernel, policy, modevent, type, mpc, 0, 0, 0);
 	switch (type) {
 	case MOD_LOAD:
 		if (mpc->mpc_loadtime_flags & MPC_LOADTIME_FLAG_NOTLATE &&