Date: Thu, 1 Aug 2002 22:17:54 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: Chris Vance <cvance@FreeBSD.org> Cc: Perforce Change Reviews <perforce@FreeBSD.org> Subject: Re: PERFORCE change 15425 for review Message-ID: <Pine.NEB.3.96L.1020801221517.90781C-100000@fledge.watson.org> In-Reply-To: <200208020105.g72154i9089777@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 1 Aug 2002, Chris Vance wrote: > http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15425 > > Change 15425 by cvance@cvance_laptop on 2002/08/01 18:04:47 > > Add support for a basic mac_policy syscall handler. > Things to think about: > - who guarantees MPSAFE, trustedbsd harness or the modules? Right now, modules are assumed to be MPSAFE, although they can grab Giant if they need it. > - the module must perform the copyin on the arg parameter. Probably unavoidable > + case MAC_SYSCALL: > + mpc->mpc_ops->mpo_mac_policy = > + mpe->mpe_function; Looks like you're missing a "break;" here. Should we rename mac_policy() to mac_syscall()? > case MAC_DESTROY: > mpc->mpc_ops->mpo_destroy = > mpe->mpe_function; > @@ -3060,6 +3063,40 @@ > return (error); > } > > +/* > + * MPSAFE > + */ > +int > +mac_policy(struct thread *td, struct mac_policy_args *uap) > +{ > + int error; > + char target[128]; /* TBD: should be MAX_MAXNAME or some such */ We probably should define a MAC_POLICY_MAXNAME or something and use that, as well as bound the policy name provided by the policy to that length during registration. > + error = copyinstr(uap->policy, target, sizeof(target), NULL); > + if (error == ENAMETOOLONG) { > + return (EINVAL); > + } I would imagine it's OK to return the error verbatim..? > + LIST_FOREACH(mpc, &mac_policy_list, mpc_list) { > + if (strcmp(mpc->mpc_name, target) == 0 && > + mpc->mpc_ops->mpo_mac_policy) { > + error = mpc->mpc_ops->mpo_mac_policy(SCARG(uap, call), > + SCARG(uap, arg)); > + goto out; Looks good, thanks! Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1020801221517.90781C-100000>