From nobody Fri May 29 16:01:42 2026
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gRp523r0Hz6flSK
	for <dev-commits-src-main@mlmmj.nyi.freebsd.org>; Fri, 29 May 2026 16:01:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4gRp522JwDz3Hgh
	for <dev-commits-src-main@FreeBSD.org>; Fri, 29 May 2026 16:01:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1780070502;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=tkqa2enoSH3eChTmWAMsobUyghtmBWAfY94eJohBqf4=;
	b=xGk3EDY52sccMdsL7y/06kDhXSWbk99Gx0QKe+WeMNqT1NRQr6PcAEmFtO1vnqHPPdb7HF
	y/jCCWYKP1MAng2EQHqyv15vbdyIsIm6/Q9FhIoa1JRM4w/DvdDqcEyQHu/9gfxKhLNONd
	lMKjbYCTRrTzDXQ+DtlDWtmHM/iuJ/Oj/jt+GoNZbatIdMyWwpXLOXv3hN7USgn2PjvjqB
	Cc1LGG+gYIup5HiK8v2crUoOIeh7f2QA0LpPkjdG/8C3K8+kK8jxMCnZcGco0I3AavhyAI
	5jbhyopHxeDQkBVaZ9GefsKE91diaU0OCQwzI2shDgIyZ7nYBpVHmyBJUzVLvg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780070502; a=rsa-sha256; cv=none;
	b=P+LIn6ao9QlKVyg8vnVL32/CWoaDJfabDJZDQgOIDOnmaIoZkSDe8SB7alKI7UNpUvs8Ht
	RIzMSoz9gsKWCOKf9NIpNi5Hkd956qYNZsv05klv7VgIa5+cGJsD7O7DvAJfZMpVgv+5Yj
	ZYpad7TJmMjCRA85KxFMIRjz1w+jsc9gWny660dnHQa7dBvZMc6ecqoxYyavp5ykIUMpyP
	VHU7Un/1FxHMoFu7jL4OwCayOBkfV+XaBPln77l/8dLG4cf3mlQcZ2yOanoMv/Fovz+H6r
	iVLQkAgjnjY0ccRhqvgw1BZ5J/iQlHtvJVQUELAM/3/P22wfQOtSAlPIU+bhNQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1780070502;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=tkqa2enoSH3eChTmWAMsobUyghtmBWAfY94eJohBqf4=;
	b=j4kSMM1IaoQ99TV507SbJzaSi4oIVE7QXMmdt46zSow1p8qE2GsY7C9K+pX4px3kZ3wBP5
	jz854+PCNc9fnp52n9zShZ0Q68ObmPZrcd66fLrjSTAH+ZyJOkewD/DnkR97uPRYSw7N5Z
	Q5PCZOFgx39VMu9b0XGbcamDBWV6uDecv7T5Qw0BxNzyPIZe9y0Um1+rAAewOQkJQ1LmtU
	TkIM5M3A29kWWddz333QZdszZp/3QkB5mJDrgbwUcrVmdVOeaoO27mHfKpTV1MRx6Ja9Hm
	CPICuXWFy/WCdiHyOUz5ctkwbnPo4bh/je1BcbNnuNrKl1r/fU7/Ze022EzaMQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gRp521Cjlzg9F
	for <dev-commits-src-main@FreeBSD.org>; Fri, 29 May 2026 16:01:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from git (uid 1279)
	(envelope-from git@FreeBSD.org)
	id 35dfa
	by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org);
	Fri, 29 May 2026 16:01:42 +0000
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 11b567e94ad2 - main - MAC/do: Remove superfluous configuration initialization
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-main@freebsd.org
Sender: owner-dev-commits-src-main@FreeBSD.org
List-Id: <dev-commits-src-main.FreeBSD.org>
List-Post: <mailto:dev-commits-src-main@FreeBSD.org>
List-Help: <mailto:dev-commits-src-main+help@FreeBSD.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@FreeBSD.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@FreeBSD.org>
List-Owner: <mailto:postmaster@FreeBSD.org>
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 11b567e94ad2a1b4baf768d77c6f1fb2018cfe83
Auto-Submitted: auto-generated
Date: Fri, 29 May 2026 16:01:42 +0000
Message-Id: <6a19b866.35dfa.21209291@gitrepo.freebsd.org>

The branch main has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=11b567e94ad2a1b4baf768d77c6f1fb2018cfe83

commit 11b567e94ad2a1b4baf768d77c6f1fb2018cfe83
Author:     Olivier Certner <olce@FreeBSD.org>
AuthorDate: 2026-05-20 09:29:51 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2026-05-29 15:22:49 +0000

    MAC/do: Remove superfluous configuration initialization
    
    Configuration objects would be initialized (zeroed, and some
    STAILQ_INIT() called) multiple times.  Make sure they are so only once,
    and add assertions to check that this is actually the case for functions
    that expect it.
    
    Reviewed by:    bapt
    MFC after:      1 month
    Sponsored by:   The FreeBSD Foundation
    Pull Request:   https://ron-dev.freebsd.org/FreeBSD/src/pulls/38
---
 sys/security/mac_do/mac_do.c | 34 ++++++++++++++++++++++++----------
 1 file changed, 24 insertions(+), 10 deletions(-)

diff --git a/sys/security/mac_do/mac_do.c b/sys/security/mac_do/mac_do.c
index 1d9b756bc0fc..fa20beadbaad 100644
--- a/sys/security/mac_do/mac_do.c
+++ b/sys/security/mac_do/mac_do.c
@@ -33,6 +33,23 @@
 
 #include <security/mac/mac_policy.h>
 
+#ifdef INVARIANTS
+/*
+ * Should typically be moved to libkern (and perhaps libc) at some point, and be
+ * optimized if to be used outside of INVARIANTS.
+ */
+static bool
+is_zeroed(const void *const buf, const size_t size)
+{
+	const char *const p = buf;
+
+	for (size_t i = 0; i < size; ++i)
+		if (p[i] != 0)
+			return (false);
+	return (true);
+}
+#endif
+
 static SYSCTL_NODE(_security_mac, OID_AUTO, do,
     CTLFLAG_RW|CTLFLAG_MPSAFE, 0, "mac_do policy controls");
 
@@ -353,25 +370,24 @@ toast_rules(struct rules *const rules)
 	}
 }
 
-/* Assumes storage has been zeroed. */
-static void
+static inline void
 init_rules(struct rules *const rules)
 {
+	MPASS(is_zeroed(rules, sizeof(*rules)));
 	STAILQ_INIT(&rules->head);
 }
 
-static void
+static inline void
 init_exec_paths(struct exec_paths *const exec_paths)
 {
-	bzero(exec_paths, sizeof(*exec_paths));
-	exec_paths->exec_paths_str[0] = 0;
+	MPASS(is_zeroed(exec_paths, sizeof(*exec_paths)));
 }
 
 static struct conf *
 new_conf(void)
 {
-	struct conf *const conf = malloc(sizeof(*conf), M_MAC_DO, M_WAITOK |
-	    M_ZERO);
+	struct conf *const conf = malloc(sizeof(*conf), M_MAC_DO,
+	    M_WAITOK | M_ZERO);
 
 	init_rules(&conf->rules);
 	init_exec_paths(&conf->exec_paths);
@@ -1356,9 +1372,7 @@ clone_rules(struct rules *const dst, const struct rules *const src)
 {
 	struct rule *src_rule, *dst_rule;
 
-	bzero(dst, sizeof(*dst));
 	strlcpy(dst->string, src->string, sizeof(dst->string));
-	STAILQ_INIT(&dst->head);
 
 	STAILQ_FOREACH(src_rule, &src->head, r_entries) {
 		dst_rule = malloc(sizeof(*dst_rule), M_MAC_DO, M_WAITOK |
@@ -1387,7 +1401,7 @@ static void
 clone_exec_paths(struct exec_paths *const dst,
     const struct exec_paths *const src)
 {
-	bzero(dst, sizeof(*dst));
+	MPASS(is_zeroed(dst, sizeof(*dst)));
 	dst->exec_path_count = src->exec_path_count;
 	for (int i = 0; i < src->exec_path_count; i++)
 		strlcpy(dst->exec_paths[i], src->exec_paths[i],