From owner-p4-projects@FreeBSD.ORG Thu Oct 26 19:24:36 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 6226A16A417; Thu, 26 Oct 2006 19:24:36 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 40ECB16A40F for ; Thu, 26 Oct 2006 19:24:36 +0000 (UTC) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id EC5EB43D6D for ; Thu, 26 Oct 2006 19:24:35 +0000 (GMT) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k9QJOZdE078845 for ; Thu, 26 Oct 2006 19:24:35 GMT (envelope-from millert@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k9QJOZ4b078842 for perforce@freebsd.org; Thu, 26 Oct 2006 19:24:35 GMT (envelope-from millert@freebsd.org) Date: Thu, 26 Oct 2006 19:24:35 GMT Message-Id: <200610261924.k9QJOZ4b078842@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to millert@freebsd.org using -f From: Todd Miller To: Perforce Change Reviews Cc: Subject: PERFORCE change 108515 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Oct 2006 19:24:36 -0000 http://perforce.freebsd.org/chv.cgi?CH=108515 Change 108515 by millert@millert_macbook on 2006/10/26 19:23:45 Don't copy unlabeled objects. Fix some cut and paste errors. Affected files ... .. //depot/projects/trustedbsd/sedarwin8/policies/extattr_test/mac_extattr_test.c#7 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin8/policies/extattr_test/mac_extattr_test.c#7 (text+ko) ==== @@ -44,7 +44,7 @@ int XA_SIZENAME = XA_FILLLEN; -static mac_policy_handle_t ipctrace_handle; +static mac_policy_handle_t extattr_test_handle; static int extattr_test_slot; #define SLOT(l) ((struct xa_label *)LABEL_TO_SLOT((l), extattr_test_slot).l_ptr) @@ -194,6 +194,8 @@ extattr_test_label_copy(struct label *src, struct label *dst) { XA_TRACE; + if (SLOT(src) == NULL || SLOT(dst) == NULL) + return; XA_VALID(src, "copy src"); XA_VALID(dst, "copy dst"); bcopy(SLOT(src), SLOT(dst), XA_SIZE); @@ -243,6 +245,7 @@ /*XA_TRACE;*/ if (!mac_extattr_test_enabled) return(0); + XA_VALID(vlabel, "associate"); error = mac_vnop_getxattr(vp, MAC_EXTATTR_XATTR_NAME, (char *)SLOT(vlabel), XA_SIZE, &buflen); if (error != 0) { @@ -300,7 +303,7 @@ XA_TRACE; if (!mac_extattr_test_enabled) return(0); - XA_VALID(vlabel, "vnode_label_associate"); + XA_VALID(vlabel, "vnode_notify_create"); xa_filllabel(SLOT(vlabel)); error = mac_vnop_setxattr(vp, MAC_EXTATTR_XATTR_NAME, (char *)SLOT(vlabel), XA_SIZE); @@ -316,7 +319,7 @@ XA_TRACE; if (!mac_extattr_test_enabled) return(0); - XA_VALID(vlabel, "vnode_label_update"); + XA_VALID(vlabel, "vnode_label_store"); /* * Check the label. If it's good, use it, otherwise return an error. */ @@ -387,6 +390,6 @@ .mpo_vnode_check_setextattr = extattr_test_vnode_check_setextattr, }; -MAC_POLICY_SET(ipctrace_handle, &mac_extattr_test_ops, extattr_test, +MAC_POLICY_SET(extattr_test_handle, &mac_extattr_test_ops, extattr_test, POLICY_DESC, labelnamespaces, MAC_EXTATTR_LABEL_COUNT, - &extattr_test_slot, 0, 0); + &extattr_test_slot, MPC_LOADTIME_FLAG_UNLOADOK, 0);