From owner-p4-projects@FreeBSD.ORG Thu Jun 30 14:52:36 2005 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 89D0F16A41C; Thu, 30 Jun 2005 14:52:35 +0000 (GMT) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 305B616A41C for ; Thu, 30 Jun 2005 14:52:35 +0000 (GMT) (envelope-from areisse@nailabs.com) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id ED76D43D49 for ; Thu, 30 Jun 2005 14:52:34 +0000 (GMT) (envelope-from areisse@nailabs.com) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j5UEqY4J037030 for ; Thu, 30 Jun 2005 14:52:34 GMT (envelope-from areisse@nailabs.com) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j5UEqYTp037027 for perforce@freebsd.org; Thu, 30 Jun 2005 14:52:34 GMT (envelope-from areisse@nailabs.com) Date: Thu, 30 Jun 2005 14:52:34 GMT Message-Id: <200506301452.j5UEqYTp037027@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to areisse@nailabs.com using -f From: Andrew Reisse To: Perforce Change Reviews Cc: Subject: PERFORCE change 79304 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jun 2005 14:52:36 -0000 http://perforce.freebsd.org/chv.cgi?CH=79304 Change 79304 by areisse@areisse_ibook on 2005/06/30 14:51:55 Convert the mac_check_ipc_methods entry point and the associated mach trailer for access decisions to report a single decision, rather than a vector for the entire subsystem. This adds both simplicity, and reduces overhead with our abstract policy model. Affected files ... .. //depot/projects/trustedbsd/sedarwin7/src/darwin/bootstrap_cmds/migcom.tproj/server.c#5 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/mac_policy.h#7 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/ipc/mach_msg.c#5 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/mach/mac.h#6 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/mach/message.h#3 edit .. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/security/mac_port.c#5 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/bootstrap_cmds/migcom.tproj/server.c#5 (text+ko) ==== @@ -1046,9 +1046,7 @@ * vector supplied in the trailer. */ if (akIdent(arg->argKind) == akeAccessFlag) { - unsigned int ave = arg->argRoutine->rtNumber; - sprintf(buffer, "(0 != (TrailerP->msgh_av.av[%d] & %d))", - ave >> 5, 1 << (ave & 0x1f)); + sprintf(buffer, "(0 != TrailerP->msgh_ad)"); return buffer; } @@ -1485,9 +1483,7 @@ boolean_t NeedClose = FALSE; if (rt->rtCheckAccess) { - unsigned int ave = rt->rtNumber; - fprintf(file, "\tif (TrailerP->msgh_av.av[%d] & %d) {\n", - ave >> 5, 1 << (ave & 0x1f)); + fprintf(file, "\tif (TrailerP->msgh_ad) {\n"); } fprintf(file, "\t"); ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/mac_policy.h#7 (text+ko) ==== @@ -484,8 +484,8 @@ unsigned short syscode, void *args, int error, int retval); - void (*mpo_check_ipc_methods)(struct label *task, - struct label *port, int msgid, struct msg_access_vector *av); + int (*mpo_check_ipc_method)(struct label *task, + struct label *port, int msgid); }; struct mac_policy_conf { ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/ipc/mach_msg.c#5 (text+ko) ==== @@ -278,14 +278,13 @@ if (option & MACH_RCV_TRAILER_ELEMENTS (MACH_RCV_TRAILER_AV)) { if (kmsg->ikm_sender != NULL && IP_VALID(kmsg->ikm_header.msgh_remote_port)) { - mac_check_ipc_methods + trailer->msgh_ad = !mac_check_ipc_method (&kmsg->ikm_sender->lh_label, &((ipc_port_t)kmsg->ikm_header.msgh_remote_port)->ip_label, - kmsg->ikm_header.msgh_id, - &trailer->msgh_av); + kmsg->ikm_header.msgh_id); } else - memset(trailer->msgh_av.av, 0, sizeof(msg_access_vector_t)); + trailer->msgh_ad = 0; } /* ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/mach/mac.h#6 (text+ko) ==== @@ -63,5 +63,5 @@ int mac_request_object_label (struct label *subj, struct label *obj, const char *serv, struct label *out); -void mac_check_ipc_methods (struct label *task, struct label *port, int msgid, msg_access_vector_t *av); +int mac_check_ipc_method (struct label *task, struct label *port, int msgid); ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/mach/message.h#3 (text+ko) ==== @@ -331,11 +331,6 @@ mach_port_name_t sender; } msg_labels_t; -typedef struct msg_access_vector -{ - unsigned int av[4]; -} msg_access_vector_t; - typedef struct { mach_msg_trailer_type_t msgh_trailer_type; @@ -344,7 +339,7 @@ security_token_t msgh_sender; audit_token_t msgh_audit; msg_labels_t msgh_labels; - msg_access_vector_t msgh_av; + int msgh_ad; } mach_msg_mac_trailer_t; #define MACH_MSG_TRAILER_MINIMUM_SIZE sizeof(mach_msg_trailer_t) ==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/security/mac_port.c#5 (text+ko) ==== @@ -173,26 +173,12 @@ return (error); } -void -mac_check_ipc_methods(struct label *task, struct label *port, int msgid, - msg_access_vector_t *av) +int +mac_check_ipc_method(struct label *task, struct label *port, int msgid) { - struct mac_policy_conf *mpc; - int entrycount; + int error; - memset(av, 0xff, sizeof(msg_access_vector_t)); + MAC_CHECK(check_ipc_method, task, port, msgid); - LIST_FOREACH(mpc, &mac_static_policy_list, mpc_list) { - if (mpc->mpc_ops->mpo_check_ipc_methods != NULL) - mpc->mpc_ops->mpo_check_ipc_methods( - task, port, msgid, av); - } - if ((entrycount = mac_policy_list_conditional_busy()) != 0) { - LIST_FOREACH(mpc, &mac_policy_list, mpc_list) { - if (mpc->mpc_ops->mpo_check_ipc_methods != NULL) - mpc->mpc_ops->mpo_check_ipc_methods( - task, port, msgid, av); - } - mac_policy_list_unbusy(); - } + return (error); }