Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 1 Aug 2002 22:17:54 -0400 (EDT)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        Chris Vance <cvance@FreeBSD.org>
Cc:        Perforce Change Reviews <perforce@FreeBSD.org>
Subject:   Re: PERFORCE change 15425 for review
Message-ID:  <Pine.NEB.3.96L.1020801221517.90781C-100000@fledge.watson.org>
In-Reply-To: <200208020105.g72154i9089777@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, 1 Aug 2002, Chris Vance wrote:

> http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15425
> 
> Change 15425 by cvance@cvance_laptop on 2002/08/01 18:04:47
> 
> 	Add support for a basic mac_policy syscall handler.
> 	Things to think about: 
> 	    - who guarantees MPSAFE, trustedbsd harness or the modules?  

Right now, modules are assumed to be MPSAFE, although they can grab Giant
if they need it.

> 	    - the module must perform the copyin on the arg parameter.

Probably unavoidable

> +		case MAC_SYSCALL:
> +			mpc->mpc_ops->mpo_mac_policy =
> +			    mpe->mpe_function;

Looks like you're missing a "break;" here.  Should we rename mac_policy()
to mac_syscall()?

>  		case MAC_DESTROY:
>  			mpc->mpc_ops->mpo_destroy =
>  			    mpe->mpe_function;
> @@ -3060,6 +3063,40 @@
>  	return (error);
>  }
>  
> +/*
> + * MPSAFE
> + */
> +int
> +mac_policy(struct thread *td, struct mac_policy_args *uap)
> +{
> +	int error;
> +	char target[128]; /* TBD: should be MAX_MAXNAME or some such */

We probably should define a MAC_POLICY_MAXNAME or something and use that,
as well as bound the policy name provided by the policy to that length
during registration.

> +	error = copyinstr(uap->policy, target, sizeof(target), NULL);
> +	if (error == ENAMETOOLONG) {
> +		return (EINVAL);
> +	}

I would imagine it's OK to return the error verbatim..?

> +	LIST_FOREACH(mpc, &mac_policy_list, mpc_list) {
> +		if (strcmp(mpc->mpc_name, target) == 0 &&
> +			mpc->mpc_ops->mpo_mac_policy) {
> +			error = mpc->mpc_ops->mpo_mac_policy(SCARG(uap, call),
> +							     SCARG(uap, arg));
> +			goto out;

Looks good, thanks!

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Network Associates Laboratories



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1020801221517.90781C-100000>