Date: Sun, 9 Nov 2003 17:30:13 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 41851 for review Message-ID: <200311100130.hAA1UDpV057800@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=41851 Change 41851 by rwatson@rwatson_paprika on 2003/11/09 17:29:33 Use the UMA zone allocator to allocate temporary labels for the socket and ifnet code, rather than using the stack. This permits us to GC some of the older init/destroy functions for sockets and ifnets, reducing code duplication. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac/mac_net.c#7 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_net.c#7 (text+ko) ==== @@ -124,15 +124,6 @@ bpf_d->bd_label = mac_bpfdesc_label_alloc(); } -static void -mac_init_ifnet_label(struct label *label) -{ - - mac_init_label(label); - MAC_PERFORM(init_ifnet_label, label); - MAC_DEBUG_COUNTER_INC(&nmacifnets); -} - static struct label * mac_ifnet_label_alloc(void) { @@ -229,24 +220,6 @@ return (0); } -static int -mac_init_socket_label(struct label *label, int flag) -{ - int error; - - mac_init_label(label); - - MAC_CHECK(init_socket_label, label, flag); - if (error) { - MAC_PERFORM(destroy_socket_label, label); - mac_destroy_label(label); - } else { - MAC_DEBUG_COUNTER_INC(&nmacsockets); - } - - return (error); -} - static struct label * mac_socket_label_alloc(int flag) { @@ -320,15 +293,6 @@ } static void -mac_destroy_ifnet_label(struct label *label) -{ - - MAC_PERFORM(destroy_ifnet_label, label); - mac_destroy_label(label); - MAC_DEBUG_COUNTER_DEC(&nmacifnets); -} - -static void mac_ifnet_label_free(struct label *label) { @@ -372,15 +336,6 @@ } static void -mac_destroy_socket_label(struct label *label) -{ - - MAC_PERFORM(destroy_socket_label, label); - mac_destroy_label(label); - MAC_DEBUG_COUNTER_DEC(&nmacsockets); -} - -static void mac_socket_label_free(struct label *label) { @@ -891,7 +846,7 @@ mac_ioctl_ifnet_set(struct ucred *cred, struct ifreq *ifr, struct ifnet *ifnet) { - struct label intlabel; + struct label *intlabel; struct mac mac; char *buffer; int error; @@ -911,11 +866,11 @@ return (error); } - mac_init_ifnet_label(&intlabel); - error = mac_internalize_ifnet_label(&intlabel, buffer); + intlabel = mac_ifnet_label_alloc(); + error = mac_internalize_ifnet_label(intlabel, buffer); free(buffer, M_MACTEMP); if (error) { - mac_destroy_ifnet_label(&intlabel); + mac_ifnet_label_free(intlabel); return (error); } @@ -926,20 +881,20 @@ */ error = suser_cred(cred, 0); if (error) { - mac_destroy_ifnet_label(&intlabel); + mac_ifnet_label_free(intlabel); return (error); } MAC_CHECK(check_ifnet_relabel, cred, ifnet, ifnet->if_label, - &intlabel); + intlabel); if (error) { - mac_destroy_ifnet_label(&intlabel); + mac_ifnet_label_free(intlabel); return (error); } - MAC_PERFORM(relabel_ifnet, cred, ifnet, ifnet->if_label, &intlabel); + MAC_PERFORM(relabel_ifnet, cred, ifnet, ifnet->if_label, intlabel); - mac_destroy_ifnet_label(&intlabel); + mac_ifnet_label_free(intlabel); return (0); } @@ -947,7 +902,7 @@ mac_setsockopt_label_set(struct ucred *cred, struct socket *so, struct mac *mac) { - struct label intlabel; + struct label *intlabel; char *buffer; int error; @@ -962,23 +917,23 @@ return (error); } - mac_init_socket_label(&intlabel, M_WAITOK); - error = mac_internalize_socket_label(&intlabel, buffer); + intlabel = mac_socket_label_alloc(M_WAITOK); + error = mac_internalize_socket_label(intlabel, buffer); free(buffer, M_MACTEMP); if (error) { - mac_destroy_socket_label(&intlabel); + mac_socket_label_free(intlabel); return (error); } - mac_check_socket_relabel(cred, so, &intlabel); + mac_check_socket_relabel(cred, so, intlabel); if (error) { - mac_destroy_socket_label(&intlabel); + mac_socket_label_free(intlabel); return (error); } - mac_relabel_socket(cred, so, &intlabel); + mac_relabel_socket(cred, so, intlabel); - mac_destroy_socket_label(&intlabel); + mac_socket_label_free(intlabel); return (0); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311100130.hAA1UDpV057800>