Date: Thu, 20 Apr 2006 14:35:21 GMT From: Todd Miller <millert@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 95677 for review Message-ID: <200604201435.k3KEZL9G056130@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=95677 Change 95677 by millert@millert_g5tower on 2006/04/20 14:34:51 Enable policy and policy load locks Affected files ... .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/init.c#6 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/services.c#8 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/services.h#4 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/init.c#6 (text+ko) ==== @@ -15,6 +15,8 @@ #include <sys/malloc.h> #include <sys/systm.h> +#include <kern/lock.h> + #include <sedarwin/linux-compat.h> #include <sedarwin/sebsd.h> #include <sedarwin/ss/global.h> @@ -34,6 +36,12 @@ if (!preload_find_data("sebsd_policy", &policy_len, &policy_data)) goto loaderr; +#ifdef __APPLE__ + /* Initialize security server locks. */ + policy_rwlock = lock_alloc(TRUE, ETAP_NO_TRACE, ETAP_NO_TRACE); + load_sem = mutex_alloc(ETAP_NO_TRACE); +#endif + printf("security: reading policy configuration\n"); rc = security_load_policy(policy_data, policy_len); @@ -41,7 +49,7 @@ printf("security: error while reading policy, cannot initialize.\n"); return EINVAL; } - + return 0; loaderr: ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/services.c#8 (text+ko) ==== @@ -35,35 +35,17 @@ #include <sedarwin/avc/avc.h> #include <sedarwin/avc/avc_ss.h> #include <sys/socket.h> +#include <kern/lock.h> -#ifdef __FreeBSD__ +lock_t *policy_rwlock; +#define POLICY_RDLOCK lock_read(policy_rwlock) +#define POLICY_WRLOCK lock_write(policy_rwlock) +#define POLICY_RDUNLOCK lock_read_done(policy_rwlock) +#define POLICY_WRUNLOCK lock_write_done(policy_rwlock) -#include <sys/rwlock.h> -#include <sys/proc.h> - -static struct rwlock policy_rwlock; -#define POLICY_RDLOCK rw_rlock(&policy_rwlock) -#define POLICY_WRLOCK rw_wlock(&policy_rwlock) -#define POLICY_RDUNLOCK rw_runlock(&policy_rwlock) -#define POLICY_WRUNLOCK rw_wunlock(&policy_rwlock) - -RW_SYSINIT(policy_rwlock, &policy_rwlock, "SEBSD policy lock"); - -static struct mtx load_sem; -#define LOAD_LOCK mtx_lock(&load_sem) -#define LOAD_UNLOCK mtx_unlock(&load_sem) - -MTX_SYSINIT(load_sem, &load_sem, "SEBSD policy load lock", MTX_DEF); - -#else -/* XXX - define locking for Darwin */ -#define POLICY_RDLOCK -#define POLICY_WRLOCK -#define POLICY_RDUNLOCK -#define POLICY_WRUNLOCK -#define LOAD_LOCK -#define LOAD_UNLOCK -#endif +mutex_t *load_sem; +#define LOAD_LOCK mutex_lock(load_sem) +#define LOAD_UNLOCK mutex_unlock(load_sem) struct sidtab sidtab; struct policydb policydb; ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/services.h#4 (text+ko) ==== @@ -17,5 +17,11 @@ extern struct sidtab sidtab; extern struct policydb policydb; +/* + * Security server locks, as allocated by security_init(). + */ +extern lock_t *policy_rwlock; +extern mutex_t *load_sem; + #endif /* _SS_SERVICES_H_ */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200604201435.k3KEZL9G056130>