From owner-p4-projects@FreeBSD.ORG  Thu Apr 20 14:35:24 2006
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 9DD9C16A40E; Thu, 20 Apr 2006 14:35:24 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4AA7F16A404
	for <perforce@freebsd.org>; Thu, 20 Apr 2006 14:35:24 +0000 (UTC)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C023A43D7E
	for <perforce@freebsd.org>; Thu, 20 Apr 2006 14:35:21 +0000 (GMT)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k3KEZLa5056135
	for <perforce@freebsd.org>; Thu, 20 Apr 2006 14:35:21 GMT
	(envelope-from millert@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k3KEZL9G056130
	for perforce@freebsd.org; Thu, 20 Apr 2006 14:35:21 GMT
	(envelope-from millert@freebsd.org)
Date: Thu, 20 Apr 2006 14:35:21 GMT
Message-Id: <200604201435.k3KEZL9G056130@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	millert@freebsd.org using -f
From: Todd Miller <millert@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 95677 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Apr 2006 14:35:25 -0000

http://perforce.freebsd.org/chv.cgi?CH=95677

Change 95677 by millert@millert_g5tower on 2006/04/20 14:34:51

	Enable policy and policy load locks

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/init.c#6 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/services.c#8 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/services.h#4 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/init.c#6 (text+ko) ====

@@ -15,6 +15,8 @@
 #include <sys/malloc.h>
 #include <sys/systm.h>
 
+#include <kern/lock.h>
+
 #include <sedarwin/linux-compat.h>
 #include <sedarwin/sebsd.h>
 #include <sedarwin/ss/global.h>
@@ -34,6 +36,12 @@
 	if (!preload_find_data("sebsd_policy", &policy_len, &policy_data))
 		goto loaderr;
 
+#ifdef __APPLE__
+	/* Initialize security server locks. */
+	policy_rwlock = lock_alloc(TRUE, ETAP_NO_TRACE, ETAP_NO_TRACE);
+	load_sem = mutex_alloc(ETAP_NO_TRACE);
+#endif
+
 	printf("security:  reading policy configuration\n");
 
 	rc = security_load_policy(policy_data, policy_len);
@@ -41,7 +49,7 @@
 		printf("security:  error while reading policy, cannot initialize.\n");
 		return EINVAL;
 	}
-	
+
 	return 0;
 
 loaderr:

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/services.c#8 (text+ko) ====

@@ -35,35 +35,17 @@
 #include <sedarwin/avc/avc.h>
 #include <sedarwin/avc/avc_ss.h>
 #include <sys/socket.h>
+#include <kern/lock.h>
 
-#ifdef __FreeBSD__
+lock_t *policy_rwlock;
+#define POLICY_RDLOCK lock_read(policy_rwlock)
+#define POLICY_WRLOCK lock_write(policy_rwlock)
+#define POLICY_RDUNLOCK lock_read_done(policy_rwlock)
+#define POLICY_WRUNLOCK lock_write_done(policy_rwlock)
 
-#include <sys/rwlock.h>
-#include <sys/proc.h>
-
-static struct rwlock policy_rwlock;
-#define POLICY_RDLOCK rw_rlock(&policy_rwlock)
-#define POLICY_WRLOCK rw_wlock(&policy_rwlock)
-#define POLICY_RDUNLOCK rw_runlock(&policy_rwlock)
-#define POLICY_WRUNLOCK rw_wunlock(&policy_rwlock)
-
-RW_SYSINIT(policy_rwlock, &policy_rwlock, "SEBSD policy lock");
-
-static struct mtx load_sem;
-#define LOAD_LOCK mtx_lock(&load_sem)
-#define LOAD_UNLOCK mtx_unlock(&load_sem)
-
-MTX_SYSINIT(load_sem, &load_sem, "SEBSD policy load lock", MTX_DEF);
-
-#else
-/* XXX - define locking for Darwin */
-#define POLICY_RDLOCK 
-#define POLICY_WRLOCK 
-#define POLICY_RDUNLOCK
-#define POLICY_WRUNLOCK
-#define LOAD_LOCK
-#define LOAD_UNLOCK
-#endif
+mutex_t *load_sem;
+#define LOAD_LOCK mutex_lock(load_sem)
+#define LOAD_UNLOCK mutex_unlock(load_sem)
 
 struct sidtab sidtab;
 struct policydb policydb;

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/services.h#4 (text+ko) ====

@@ -17,5 +17,11 @@
 extern struct sidtab sidtab;
 extern struct policydb policydb;
 
+/*
+ * Security server locks, as allocated by security_init().
+ */
+extern lock_t *policy_rwlock;
+extern mutex_t *load_sem;
+
 #endif	/* _SS_SERVICES_H_ */