From owner-p4-projects Fri Mar 29 21:25:23 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 9EAE737B400; Fri, 29 Mar 2002 21:24:13 -0800 (PST) Delivered-To: perforce@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id DE24D37B417; Fri, 29 Mar 2002 21:24:10 -0800 (PST) Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.11.6/8.11.6) with SMTP id g2U5O6w74735; Sat, 30 Mar 2002 00:24:06 -0500 (EST) (envelope-from robert@fledge.watson.org) Date: Sat, 30 Mar 2002 00:24:06 -0500 (EST) From: Robert Watson X-Sender: robert@fledge.watson.org To: Brian Feldman Cc: Perforce Change Reviews Subject: Re: PERFORCE change 8574 for review In-Reply-To: <200203281709.g2SH9g038754@freefall.freebsd.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG So there's a lot of other stuff in that commit too. Could you make sure you describe all the changes in your commit messages? Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services On Thu, 28 Mar 2002, Brian Feldman wrote: > http://people.freebsd.org/~peter/p4db/chv.cgi?CH=8574 > > Change 8574 by green@green_laptop_2 on 2002/03/28 09:09:26 > > Turn struct vnode {}'s v_op field from a vop_t ** to a vop_t ***. > Previously, it pointed to the actual vfs_init.c-generated > operation vector being used. However, this vector could be redone > at runtime via introduction of new vnode operations and removal > of old ones; this would result in the old vnode operation vector > being freed from underneath. This didn't show up before since > the old kernel malloc(9) coincidentally kept the old vop_t ** > in the vnodes valid. Jeff Roberson's UMA commit made this bug > apparent due to differently-sized chunks of memory actually being > likely to be allocated in different spots than previously allocated > at even if the size was grown just by a few bytes. > > The new vop_t *** actually points to the operation vector pointer > the kernel uses and modifies on-the-fly so that old vnodes, > and new ones created with getnewvnode(), both call the correct > operations. Getnewvnode()'s vop_t **vops argument changes to a > vop_t *** to reflect this. > > Affected files ... > > ... //depot/projects/trustedbsd/mac/sys/coda/coda_vnops.c#5 edit > ... //depot/projects/trustedbsd/mac/sys/fs/devfs/devfs_vnops.c#12 edit > ... //depot/projects/trustedbsd/mac/sys/fs/fdescfs/fdesc_vnops.c#4 edit > ... //depot/projects/trustedbsd/mac/sys/fs/hpfs/hpfs_vfsops.c#6 edit > ... //depot/projects/trustedbsd/mac/sys/fs/msdosfs/msdosfs_denode.c#4 edit > ... //depot/projects/trustedbsd/mac/sys/fs/ntfs/ntfs_vfsops.c#6 edit > ... //depot/projects/trustedbsd/mac/sys/fs/nullfs/null_subr.c#2 edit > ... //depot/projects/trustedbsd/mac/sys/fs/nullfs/null_vfsops.c#4 edit > ... //depot/projects/trustedbsd/mac/sys/fs/nullfs/null_vnops.c#3 edit > ... //depot/projects/trustedbsd/mac/sys/fs/nwfs/nwfs_node.c#4 edit > ... //depot/projects/trustedbsd/mac/sys/fs/portalfs/portal_vfsops.c#5 edit > ... //depot/projects/trustedbsd/mac/sys/fs/portalfs/portal_vnops.c#6 edit > ... //depot/projects/trustedbsd/mac/sys/fs/pseudofs/pseudofs_vncache.c#5 edit > ... //depot/projects/trustedbsd/mac/sys/fs/smbfs/smbfs_node.c#5 edit > ... //depot/projects/trustedbsd/mac/sys/fs/umapfs/umap_subr.c#3 edit > ... //depot/projects/trustedbsd/mac/sys/fs/umapfs/umap_vnops.c#3 edit > ... //depot/projects/trustedbsd/mac/sys/fs/unionfs/union_subr.c#6 edit > ... //depot/projects/trustedbsd/mac/sys/fs/unionfs/union_vfsops.c#5 edit > ... //depot/projects/trustedbsd/mac/sys/fs/unionfs/union_vnops.c#4 edit > ... //depot/projects/trustedbsd/mac/sys/gnu/ext2fs/ext2_vfsops.c#5 edit > ... //depot/projects/trustedbsd/mac/sys/isofs/cd9660/cd9660_vfsops.c#5 edit > ... //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#122 edit > ... //depot/projects/trustedbsd/mac/sys/kern/vfs_subr.c#20 edit > ... //depot/projects/trustedbsd/mac/sys/nfsclient/nfs_node.c#4 edit > ... //depot/projects/trustedbsd/mac/sys/nfsclient/nfs_subs.c#5 edit > ... //depot/projects/trustedbsd/mac/sys/security/lomac/lomacfs.h#3 edit > ... //depot/projects/trustedbsd/mac/sys/security/lomac/lomacfs_subr.c#3 edit > ... //depot/projects/trustedbsd/mac/sys/sys/vnode.h#19 edit > ... //depot/projects/trustedbsd/mac/sys/ufs/ffs/ffs_vfsops.c#9 edit > ... //depot/projects/trustedbsd/mac/sys/ufs/ifs/ifs_vfsops.c#4 edit > ... //depot/projects/trustedbsd/mac/sys/ufs/ufs/ufs_vnops.c#30 edit > ... //depot/projects/trustedbsd/mac/sys/vm/vm_swap.c#5 edit > > Differences ... > > ==== //depot/projects/trustedbsd/mac/sys/coda/coda_vnops.c#5 (text+ko) ==== > > @@ -578,7 +578,7 @@ > * Make sure this is a coda style cnode, but it may be a > * different vfsp > */ > - if (tvp->v_op != coda_vnodeop_p) { > + if (tvp->v_op != &coda_vnodeop_p) { > vrele(tvp); > NDFREE(&ndp, NDF_ONLY_PNBUF); > MARK_INT_FAIL(CODA_IOCTL_STATS); > @@ -1959,7 +1959,7 @@ > lockinit(&cp->c_lock, PINOD, "cnode", 0, 0); > cp->c_fid = *fid; > > - err = getnewvnode(VT_CODA, vfsp, coda_vnodeop_p, &vp); > + err = getnewvnode(VT_CODA, vfsp, &coda_vnodeop_p, &vp); > if (err) { > panic("coda: getnewvnode returned error %d\n", err); > } > > ==== //depot/projects/trustedbsd/mac/sys/fs/devfs/devfs_vnops.c#12 (text+ko) ==== > > @@ -143,7 +143,7 @@ > } else { > dev = NODEV; > } > - error = getnewvnode(VT_DEVFS, mp, devfs_vnodeop_p, &vp); > + error = getnewvnode(VT_DEVFS, mp, &devfs_vnodeop_p, &vp); > if (error != 0) { > printf("devfs_allocv: failed to allocate new vnode\n"); > return (error); > @@ -152,7 +152,7 @@ > if (de->de_dirent->d_type == DT_CHR) { > vp->v_type = VCHR; > vp = addaliasu(vp, dev->si_udev); > - vp->v_op = devfs_specop_p; > + vp->v_op = &devfs_specop_p; > } else if (de->de_dirent->d_type == DT_DIR) { > vp->v_type = VDIR; > } else if (de->de_dirent->d_type == DT_LNK) { > > ==== //depot/projects/trustedbsd/mac/sys/fs/fdescfs/fdesc_vnops.c#4 (text+ko) ==== > > @@ -135,7 +135,7 @@ > */ > MALLOC(fd, struct fdescnode *, sizeof(struct fdescnode), M_TEMP, M_WAITOK); > > - error = getnewvnode(VT_FDESC, mp, fdesc_vnodeop_p, vpp); > + error = getnewvnode(VT_FDESC, mp, &fdesc_vnodeop_p, vpp); > if (error) { > FREE(fd, M_TEMP); > goto out; > > ==== //depot/projects/trustedbsd/mac/sys/fs/hpfs/hpfs_vfsops.c#6 (text+ko) ==== > > @@ -496,7 +496,7 @@ > MALLOC(hp, struct hpfsnode *, sizeof(struct hpfsnode), > M_HPFSNO, M_WAITOK); > > - error = getnewvnode(VT_HPFS, hpmp->hpm_mp, hpfs_vnodeop_p, &vp); > + error = getnewvnode(VT_HPFS, hpmp->hpm_mp, &hpfs_vnodeop_p, &vp); > if (error) { > printf("hpfs_vget: can't get new vnode\n"); > FREE(hp, M_HPFSNO); > > ==== //depot/projects/trustedbsd/mac/sys/fs/msdosfs/msdosfs_denode.c#4 (text+ko) ==== > > @@ -253,7 +253,7 @@ > * copy it from the passed disk buffer. > */ > /* getnewvnode() does a VREF() on the vnode */ > - error = getnewvnode(VT_MSDOSFS, mntp, msdosfs_vnodeop_p, &nvp); > + error = getnewvnode(VT_MSDOSFS, mntp, &msdosfs_vnodeop_p, &nvp); > if (error) { > *depp = NULL; > FREE(ldep, M_MSDOSFSNODE); > > ==== //depot/projects/trustedbsd/mac/sys/fs/ntfs/ntfs_vfsops.c#6 (text+ko) ==== > > @@ -732,7 +732,7 @@ > return (0); > } > > - error = getnewvnode(VT_NTFS, ntmp->ntm_mountp, ntfs_vnodeop_p, &vp); > + error = getnewvnode(VT_NTFS, ntmp->ntm_mountp, &ntfs_vnodeop_p, &vp); > if(error) { > ntfs_frele(fp); > ntfs_ntput(ip); > > ==== //depot/projects/trustedbsd/mac/sys/fs/nullfs/null_subr.c#2 (text+ko) ==== > > @@ -176,7 +176,7 @@ > MALLOC(xp, struct null_node *, sizeof(struct null_node), > M_NULLFSNODE, M_WAITOK); > > - error = getnewvnode(VT_NULL, mp, null_vnodeop_p, vpp); > + error = getnewvnode(VT_NULL, mp, &null_vnodeop_p, vpp); > if (error) { > FREE(xp, M_NULLFSNODE); > return (error); > @@ -307,7 +307,7 @@ > * Can't do this check because vop_reclaim runs > * with a funny vop vector. > */ > - if (vp->v_op != null_vnodeop_p) { > + if (vp->v_op != &null_vnodeop_p) { > printf ("null_checkvp: on non-null-node\n"); > while (null_checkvp_barrier) /*WAIT*/ ; > panic("null_checkvp"); > > ==== //depot/projects/trustedbsd/mac/sys/fs/nullfs/null_vfsops.c#4 (text+ko) ==== > > @@ -121,7 +121,7 @@ > * Unlock lower node to avoid deadlock. > * (XXX) VOP_ISLOCKED is needed? > */ > - if ((mp->mnt_vnodecovered->v_op == null_vnodeop_p) && > + if ((mp->mnt_vnodecovered->v_op == &null_vnodeop_p) && > VOP_ISLOCKED(mp->mnt_vnodecovered, NULL)) { > VOP_UNLOCK(mp->mnt_vnodecovered, 0, td); > isvnunlocked = 1; > > ==== //depot/projects/trustedbsd/mac/sys/fs/nullfs/null_vnops.c#3 (text+ko) ==== > > @@ -280,7 +280,7 @@ > * that aren't. (We must always map first vp or vclean fails.) > */ > if (i && (*this_vp_p == NULLVP || > - (*this_vp_p)->v_op != null_vnodeop_p)) { > + (*this_vp_p)->v_op != &null_vnodeop_p)) { > old_vps[i] = NULLVP; > } else { > old_vps[i] = *this_vp_p; > > ==== //depot/projects/trustedbsd/mac/sys/fs/nwfs/nwfs_node.c#4 (text+ko) ==== > > @@ -170,7 +170,7 @@ > * elsewhere if MALLOC should block. > */ > MALLOC(np, struct nwnode *, sizeof *np, M_NWNODE, M_WAITOK | M_ZERO); > - error = getnewvnode(VT_NWFS, mp, nwfs_vnodeop_p, &vp); > + error = getnewvnode(VT_NWFS, mp, &nwfs_vnodeop_p, &vp); > if (error) { > *vpp = NULL; > FREE(np, M_NWNODE); > > ==== //depot/projects/trustedbsd/mac/sys/fs/portalfs/portal_vfsops.c#5 (text+ko) ==== > > @@ -118,7 +118,7 @@ > MALLOC(fmp, struct portalmount *, sizeof(struct portalmount), > M_PORTALFSMNT, M_WAITOK); /* XXX */ > > - error = getnewvnode(VT_PORTAL, mp, portal_vnodeop_p, &rvp); /* XXX */ > + error = getnewvnode(VT_PORTAL, mp, &portal_vnodeop_p, &rvp); /* XXX */ > if (error) { > FREE(fmp, M_PORTALFSMNT); > FREE(pn, M_TEMP); > > ==== //depot/projects/trustedbsd/mac/sys/fs/portalfs/portal_vnops.c#6 (text+ko) ==== > > @@ -135,7 +135,7 @@ > MALLOC(pt, struct portalnode *, sizeof(struct portalnode), > M_TEMP, M_WAITOK); > > - error = getnewvnode(VT_PORTAL, dvp->v_mount, portal_vnodeop_p, &fvp); > + error = getnewvnode(VT_PORTAL, dvp->v_mount, &portal_vnodeop_p, &fvp); > if (error) { > FREE(pt, M_TEMP); > goto bad; > > ==== //depot/projects/trustedbsd/mac/sys/fs/pseudofs/pseudofs_vncache.c#5 (text+ko) ==== > > @@ -132,7 +132,7 @@ > MALLOC(pvd, struct pfs_vdata *, sizeof *pvd, M_PFSVNCACHE, M_WAITOK); > if (++pfs_vncache_entries > pfs_vncache_maxentries) > pfs_vncache_maxentries = pfs_vncache_entries; > - error = getnewvnode(VT_PSEUDOFS, mp, pfs_vnodeop_p, vpp); > + error = getnewvnode(VT_PSEUDOFS, mp, &pfs_vnodeop_p, vpp); > if (error) > return (error); > pvd->pvd_pn = pn; > > ==== //depot/projects/trustedbsd/mac/sys/fs/smbfs/smbfs_node.c#5 (text+ko) ==== > > @@ -220,7 +220,7 @@ > return ENOENT; > > MALLOC(np, struct smbnode *, sizeof *np, M_SMBNODE, M_WAITOK); > - error = getnewvnode(VT_SMBFS, mp, smbfs_vnodeop_p, &vp); > + error = getnewvnode(VT_SMBFS, mp, &smbfs_vnodeop_p, &vp); > if (error) { > FREE(np, M_SMBNODE); > return error; > > ==== //depot/projects/trustedbsd/mac/sys/fs/umapfs/umap_subr.c#3 (text+ko) ==== > > @@ -212,7 +212,7 @@ > MALLOC(xp, struct umap_node *, sizeof(struct umap_node), > M_TEMP, M_WAITOK); > > - error = getnewvnode(VT_UMAP, mp, umap_vnodeop_p, vpp); > + error = getnewvnode(VT_UMAP, mp, &umap_vnodeop_p, vpp); > if (error) { > FREE(xp, M_TEMP); > return (error); > @@ -311,7 +311,7 @@ > * Can't do this check because vop_reclaim runs > * with funny vop vector. > */ > - if (vp->v_op != umap_vnodeop_p) { > + if (vp->v_op != &umap_vnodeop_p) { > printf ("umap_checkvp: on non-umap-node\n"); > while (umap_checkvp_barrier) /*WAIT*/ ; > panic("umap_checkvp"); > > ==== //depot/projects/trustedbsd/mac/sys/fs/umapfs/umap_vnops.c#3 (text+ko) ==== > > @@ -125,7 +125,7 @@ > * that aren't. (Must map first vp or vclean fails.) > */ > > - if (i && (*this_vp_p)->v_op != umap_vnodeop_p) { > + if (i && (*this_vp_p)->v_op != &umap_vnodeop_p) { > old_vps[i] = NULL; > } else { > old_vps[i] = *this_vp_p; > > ==== //depot/projects/trustedbsd/mac/sys/fs/unionfs/union_subr.c#6 (text+ko) ==== > > @@ -545,7 +545,7 @@ > * Create new node rather then replace old node > */ > > - error = getnewvnode(VT_UNION, mp, union_vnodeop_p, vpp); > + error = getnewvnode(VT_UNION, mp, &union_vnodeop_p, vpp); > if (error) { > /* > * If an error occurs clear out vnodes. > @@ -1216,7 +1216,7 @@ > { > struct union_node *un; > > - if (vp->v_op != union_vnodeop_p) { > + if (vp->v_op != &union_vnodeop_p) { > if (vppp) { > VREF(vp); > *(*vppp)++ = vp; > @@ -1299,7 +1299,7 @@ > { > int error = 0; > > - if ((*vp)->v_op == union_vnodeop_p) { > + if ((*vp)->v_op == &union_vnodeop_p) { > struct vnode *lvp; > > lvp = union_dircache(*vp, td); > > ==== //depot/projects/trustedbsd/mac/sys/fs/unionfs/union_vfsops.c#5 (text+ko) ==== > > @@ -126,7 +126,7 @@ > /* > * Unlock lower node to avoid deadlock. > */ > - if (lowerrootvp->v_op == union_vnodeop_p) > + if (lowerrootvp->v_op == &union_vnodeop_p) > VOP_UNLOCK(lowerrootvp, 0, td); > #endif > > @@ -140,7 +140,7 @@ > error = namei(ndp); > > #if 0 > - if (lowerrootvp->v_op == union_vnodeop_p) > + if (lowerrootvp->v_op == &union_vnodeop_p) > vn_lock(lowerrootvp, LK_EXCLUSIVE | LK_RETRY, td); > #endif > if (error) > > ==== //depot/projects/trustedbsd/mac/sys/fs/unionfs/union_vnops.c#4 (text+ko) ==== > > @@ -1319,7 +1319,7 @@ > * replace the fdvp, release the original one and ref the new one. > */ > > - if (fdvp->v_op == union_vnodeop_p) { /* always true */ > + if (fdvp->v_op == &union_vnodeop_p) { /* always true */ > struct union_node *un = VTOUNION(fdvp); > if (un->un_uppervp == NULLVP) { > /* > @@ -1341,7 +1341,7 @@ > * replace the fvp, release the original one and ref the new one. > */ > > - if (fvp->v_op == union_vnodeop_p) { /* always true */ > + if (fvp->v_op == &union_vnodeop_p) { /* always true */ > struct union_node *un = VTOUNION(fvp); > #if 0 > struct union_mount *um = MOUNTTOUNIONMOUNT(fvp->v_mount); > @@ -1399,7 +1399,7 @@ > * reference. > */ > > - if (tdvp->v_op == union_vnodeop_p) { > + if (tdvp->v_op == &union_vnodeop_p) { > struct union_node *un = VTOUNION(tdvp); > > if (un->un_uppervp == NULLVP) { > @@ -1429,7 +1429,7 @@ > * file and change tvp to NULL. > */ > > - if (tvp != NULLVP && tvp->v_op == union_vnodeop_p) { > + if (tvp != NULLVP && tvp->v_op == &union_vnodeop_p) { > struct union_node *un = VTOUNION(tvp); > > tvp = union_lock_upper(un, ap->a_tcnp->cn_thread); > > ==== //depot/projects/trustedbsd/mac/sys/gnu/ext2fs/ext2_vfsops.c#5 (text+ko) ==== > > @@ -1029,7 +1029,7 @@ > MALLOC(ip, struct inode *, sizeof(struct inode), M_EXT2NODE, M_WAITOK); > > /* Allocate a new vnode/inode. */ > - if ((error = getnewvnode(VT_UFS, mp, ext2_vnodeop_p, &vp)) != 0) { > + if ((error = getnewvnode(VT_UFS, mp, &ext2_vnodeop_p, &vp)) != 0) { > if (ext2fs_inode_hash_lock < 0) > wakeup(&ext2fs_inode_hash_lock); > ext2fs_inode_hash_lock = 0; > > ==== //depot/projects/trustedbsd/mac/sys/isofs/cd9660/cd9660_vfsops.c#5 (text+ko) ==== > > @@ -705,7 +705,7 @@ > return (0); > > /* Allocate a new vnode/iso_node. */ > - if ((error = getnewvnode(VT_ISOFS, mp, cd9660_vnodeop_p, &vp)) != 0) { > + if ((error = getnewvnode(VT_ISOFS, mp, &cd9660_vnodeop_p, &vp)) != 0) { > *vpp = NULLVP; > return (error); > } > @@ -852,11 +852,11 @@ > */ > switch (vp->v_type = IFTOVT(ip->inode.iso_mode)) { > case VFIFO: > - vp->v_op = cd9660_fifoop_p; > + vp->v_op = &cd9660_fifoop_p; > break; > case VCHR: > case VBLK: > - vp->v_op = cd9660_specop_p; > + vp->v_op = &cd9660_specop_p; > vp = addaliasu(vp, ip->inode.iso_rdev); > ip->i_vnode = vp; > break; > > ==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#122 (text+ko) ==== > > @@ -90,9 +90,9 @@ > #if MAC_MAX_POLICIES > 32 > #error "MAC_MAX_POLICIES too large" > #endif > -static const unsigned int mac_max_policies = MAC_MAX_POLICIES; > -static unsigned int mac_policies_free = (1 << MAC_MAX_POLICIES) - 1; > -SYSCTL_INT(_security_mac, OID_AUTO, max_policies, CTLFLAG_RD, > +static unsigned int mac_max_policies = MAC_MAX_POLICIES; > +static unsigned int mac_policies_free = (1 << MAC_MAX_POLICIES) - 1; > +SYSCTL_UINT(_security_mac, OID_AUTO, max_policies, CTLFLAG_RD, > &mac_max_policies, 0, ""); > struct maclabels { > void *labels[MAC_MAX_POLICIES]; > @@ -149,9 +149,9 @@ > error = 0; \ > sx_slock(&mac_policy_list_lock); \ > LIST_FOREACH(mpc, &mac_policy_list, mpc_list) { \ > - if (mpc->mpc_ops->mpo_ ## check != NULL) \ > + if (mpc->mpc_ops.mpo_ ## check != NULL) \ > error = error_select( \ > - mpc->mpc_ops->mpo_ ## check (## args), \ > + mpc->mpc_ops.mpo_ ## check (## args), \ > error); \ > } \ > sx_sunlock(&mac_policy_list_lock); \ > @@ -170,9 +170,9 @@ > \ > sx_slock(&mac_policy_list_lock); \ > LIST_FOREACH(mpc, &mac_policy_list, mpc_list) { \ > - if (mpc->mpc_ops->mpo_ ## operation != NULL) \ > + if (mpc->mpc_ops.mpo_ ## operation != NULL) \ > result = result composition \ > - mpc->mpc_ops->mpo_ ## operation ( ## args); \ > + mpc->mpc_ops.mpo_ ## operation ( ## args); \ > } \ > sx_sunlock(&mac_policy_list_lock); \ > } while (0) > @@ -186,8 +186,8 @@ > \ > sx_slock(&mac_policy_list_lock); \ > LIST_FOREACH(mpc, &mac_policy_list, mpc_list) { \ > - if (mpc->mpc_ops->mpo_ ## operation != NULL) \ > - mpc->mpc_ops->mpo_ ## operation (## args); \ > + if (mpc->mpc_ops.mpo_ ## operation != NULL) \ > + mpc->mpc_ops.mpo_ ## operation (## args); \ > } \ > sx_sunlock(&mac_policy_list_lock); \ > } while (0) > @@ -236,8 +236,250 @@ > mac_policy_register(struct mac_policy_conf *mpc) > { > struct mac_policy_conf *tmpc; > + struct mac_policy_op_entry *mpe; > int slot; > > + for (mpe = mpc->mpc_entries; mpe->mpe_constant != MAC_OP_LAST; mpe++) { > + switch (mpe->mpe_constant) { > + case MAC_DESTROY: > + mpc->mpc_ops.mpo_destroy = mpe->mpe_function; > + break; > + case MAC_INIT: > + mpc->mpc_ops.mpo_init = mpe->mpe_function; > + break; > + case MAC_COPY_LABEL: > + mpc->mpc_ops.mpo_copy_label = mpe->mpe_function; > + break; > + case MAC_DOMINATE: > + mpc->mpc_ops.mpo_dominate = mpe->mpe_function; > + break; > + case MAC_EQUAL: > + mpc->mpc_ops.mpo_equal = mpe->mpe_function; > + break; > + case MAC_PRINT_LABEL: > + mpc->mpc_ops.mpo_print_label = mpe->mpe_function; > + break; > + case MAC_VALIDATE_LABEL: > + mpc->mpc_ops.mpo_validate_label = mpe->mpe_function; > + break; > + case MAC_CREATE_DEVFS_DEVICE: > + mpc->mpc_ops.mpo_create_devfs_device = > + mpe->mpe_function; > + break; > + case MAC_CREATE_DEVFS_DIRECTORY: > + mpc->mpc_ops.mpo_create_devfs_directory = > + mpe->mpe_function; > + break; > + case MAC_CREATE_VNODE_FROM_VNODE: > + mpc->mpc_ops.mpo_create_vnode_from_vnode = > + mpe->mpe_function; > + break; > + case MAC_CREATE_MOUNT: > + mpc->mpc_ops.mpo_create_mount = mpe->mpe_function; > + break; > + case MAC_CREATE_ROOT_MOUNT: > + mpc->mpc_ops.mpo_create_root_mount = mpe->mpe_function; > + break; > + case MAC_CREATE_MBUF_FROM_SOCKET: > + mpc->mpc_ops.mpo_create_mbuf_from_socket = > + mpe->mpe_function; > + break; > + case MAC_CREATE_SOCKET: > + mpc->mpc_ops.mpo_create_socket = mpe->mpe_function; > + break; > + case MAC_RELABEL_SOCKET: > + mpc->mpc_ops.mpo_relabel_socket = mpe->mpe_function; > + break; > + case MAC_CREATE_BPFDESC: > + mpc->mpc_ops.mpo_create_bpfdesc = mpe->mpe_function; > + break; > + case MAC_CREATE_IFNET: > + mpc->mpc_ops.mpo_create_ifnet = mpe->mpe_function; > + break; > + case MAC_CREATE_MBUF_DATAGRAM_FROM_MBUF_FRAGMENTQUEUE: > + mpc->mpc_ops.mpo_create_mbuf_datagram_from_mbuf_fragmentqueue = > + mpe->mpe_function; > + break; > + case MAC_CREATE_MBUF_FRAGMENT_FROM_MBUF: > + mpc->mpc_ops.mpo_create_mbuf_fragment_from_mbuf = > + mpe->mpe_function; > + break; > + case MAC_CREATE_MBUF_FRAGMENTQUEUE_FROM_MBUF_FRAGMENT: > + mpc->mpc_ops.mpo_create_mbuf_fragmentqueue_from_mbuf_fragment = > + mpe->mpe_function; > + break; > + case MAC_CREATE_MBUF_FROM_MBUF: > + mpc->mpc_ops.mpo_create_mbuf_from_mbuf = > + mpe->mpe_function; > + break; > + case MAC_CREATE_MBUF_LINKLAYER_FOR_IFNET: > + mpc->mpc_ops.mpo_create_mbuf_linklayer_for_ifnet = > + mpe->mpe_function; > + break; > + case MAC_CREATE_MBUF_FROM_BPFDESC: > + mpc->mpc_ops.mpo_create_mbuf_from_bpfdesc = > + mpe->mpe_function; > + break; > + case MAC_CREATE_MBUF_FROM_IFNET: > + mpc->mpc_ops.mpo_create_mbuf_from_ifnet = > + mpe->mpe_function; > + break; > + case MAC_CREATE_MBUF_MULTICAST_ENCAP_FROM_MBUF: > + mpc->mpc_ops.mpo_create_mbuf_multicast_encap_from_mbuf = > + mpe->mpe_function; > + break; > + case MAC_CREATE_MBUF_NETLAYER_FROM_MBUF: > + mpc->mpc_ops.mpo_create_mbuf_netlayer_from_mbuf = > + mpe->mpe_function; > + break; > + case MAC_MBUF_FRAGMENT_MATCHES_MBUF_FRAGMENTQUEUE: > + mpc->mpc_ops.mpo_mbuf_fragment_matches_mbuf_fragmentqueue = > + mpe->mpe_function; > + break; > + case MAC_RELABEL_IFNET: > + mpc->mpc_ops.mpo_relabel_ifnet = mpe->mpe_function; > + break; > + case MAC_UPDATE_MBUF_FRAGMENTQUEUE_FROM_MBUF_FRAGMENT: > + mpc->mpc_ops.mpo_update_mbuf_fragmentqueue_from_mbuf_fragment = > + mpe->mpe_function; > + break; > + case MAC_CREATE_SUBJECT: > + mpc->mpc_ops.mpo_create_subject = mpe->mpe_function; > + break; > + case MAC_EXECVE_TRANSITION: > + mpc->mpc_ops.mpo_execve_transition = mpe->mpe_function; > + break; > + case MAC_EXECVE_WILL_TRANSITION: > + mpc->mpc_ops.mpo_execve_will_transition = > + mpe->mpe_function; > + break; > + case MAC_CREATE_PROC0: > + mpc->mpc_ops.mpo_create_proc0 = mpe->mpe_function; > + break; > + case MAC_CREATE_PROC1: > + mpc->mpc_ops.mpo_create_proc1 = mpe->mpe_function; > + break; > + case MAC_RELABEL_SUBJECT: > + mpc->mpc_ops.mpo_relabel_subject = > + mpe->mpe_function; > + break; > + case MAC_BPFDESC_CHECK_RECEIVE_FROM_IFNET: > + mpc->mpc_ops.mpo_bpfdesc_check_receive_from_ifnet = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_SEE_CRED: > + mpc->mpc_ops.mpo_cred_check_see_cred = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_SEE_SOCKET: > + mpc->mpc_ops.mpo_cred_check_see_socket = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_RELABEL_IFNET: > + mpc->mpc_ops.mpo_cred_check_relabel_ifnet = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_RELABEL_SOCKET: > + mpc->mpc_ops.mpo_cred_check_relabel_socket = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_RELABEL_SUBJECT: > + mpc->mpc_ops.mpo_cred_check_relabel_subject = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_RELABEL_VNODE: > + mpc->mpc_ops.mpo_cred_check_relabel_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_STATFS: > + mpc->mpc_ops.mpo_cred_check_statfs = mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_DEBUG_PROC: > + mpc->mpc_ops.mpo_cred_check_debug_proc = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_EXEC_FILE: > + mpc->mpc_ops.mpo_cred_check_exec_file = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_CHDIR_VNODE: > + mpc->mpc_ops.mpo_cred_check_chdir_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_CREATE_VNODE: > + mpc->mpc_ops.mpo_cred_check_create_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_DELETE_VNODE: > + mpc->mpc_ops.mpo_cred_check_delete_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_EXEC_VNODE: > + mpc->mpc_ops.mpo_cred_check_exec_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_OPEN_VNODE: > + mpc->mpc_ops.mpo_cred_check_open_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_RENAME_FROM_VNODE: > + mpc->mpc_ops.mpo_cred_check_rename_from_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_RENAME_TO_VNODE: > + mpc->mpc_ops.mpo_cred_check_rename_to_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_REVOKE_VNODE: > + mpc->mpc_ops.mpo_cred_check_revoke_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_SEARCH_VNODE: > + mpc->mpc_ops.mpo_cred_check_search_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_SETFLAGS_VNODE: > + mpc->mpc_ops.mpo_cred_check_setflags_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_SETMODE_VNODE: > + mpc->mpc_ops.mpo_cred_check_setmode_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_SETOWNER_VNODE: > + mpc->mpc_ops.mpo_cred_check_setowner_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_SETUTIMES_VNODE: > + mpc->mpc_ops.mpo_cred_check_setutimes_vnode = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_SCHED_PROC: > + mpc->mpc_ops.mpo_cred_check_sched_proc = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_SIGNAL_PROC: > + mpc->mpc_ops.mpo_cred_check_signal_proc = > + mpe->mpe_function; > + break; > + case MAC_CRED_CHECK_STAT_VNODE: > + mpc->mpc_ops.mpo_cred_check_stat_vnode = > + mpe->mpe_function; > + break; > + case MAC_IFNET_CHECK_SEND_MBUF: > + mpc->mpc_ops.mpo_ifnet_check_send_mbuf = > + mpe->mpe_function; > + break; > + case MAC_SOCKET_CHECK_RECEIVE_MBUF: > + mpc->mpc_ops.mpo_socket_check_receive_mbuf = > + mpe->mpe_function; > + break; > + default: > + printf("MAC policy `%s': unknown operation %d\n", > + mpc->mpc_name, mpe->mpe_constant); > + return (EINVAL); > + } > + } > sx_xlock(&mac_policy_list_lock); > LIST_FOREACH(tmpc, &mac_policy_list, mpc_list) { > if (strcmp(tmpc->mpc_name, mpc->mpc_name) == 0) { > @@ -249,7 +491,7 @@ > slot = ffs(mac_policies_free); > if (slot == 0) { > sx_xunlock(&mac_policy_list_lock); > - return (EEXIST); > + return (ENOMEM); > } > slot--; > mac_policies_free &= ~(1 << slot); > @@ -261,8 +503,8 @@ > printf("Security policy: %s (%s)\n", mpc->mpc_fullname, mpc->mpc_name); > > /* Per-policy initialization. */ > - if (mpc->mpc_ops->mpo_init != NULL) > - (*(mpc->mpc_ops->mpo_init))(mpc); > + if (mpc->mpc_ops.mpo_init != NULL) > + (*(mpc->mpc_ops.mpo_init))(mpc); > sx_xunlock(&mac_policy_list_lock); > > return (0); > @@ -278,8 +520,8 @@ > if (mpc->mpc_field_off != -1) > return (EBUSY); > sx_xlock(&mac_policy_list_lock); > - if (mpc->mpc_ops->mpo_destroy != NULL) > - (*(mpc->mpc_ops->mpo_destroy))(mpc); > + if (mpc->mpc_ops.mpo_destroy != NULL) > + (*(mpc->mpc_ops.mpo_destroy))(mpc); > > LIST_REMOVE(mpc, mpc_list); > sx_xunlock(&mac_policy_list_lock); > > ==== //depot/projects/trustedbsd/mac/sys/kern/vfs_subr.c#20 (text+ko) ==== > > @@ -677,7 +677,7 @@ > getnewvnode(tag, mp, vops, vpp) > enum vtagtype tag; > struct mount *mp; > - vop_t **vops; > + vop_t ***vops; > struct vnode **vpp; > { > int s; > @@ -1552,7 +1552,7 @@ > } > if (vfinddev(dev, VCHR, vpp)) > return (0); > - error = getnewvnode(VT_NON, (struct mount *)0, spec_vnodeop_p, &nvp); > + error = getnewvnode(VT_NON, (struct mount *)0, &spec_vnodeop_p, &nvp); > if (error) { > *vpp = NULLVP; > return (error); > @@ -1578,7 +1578,7 @@ > udev_t nvp_rdev; > { > struct vnode *ovp; > - vop_t **ops; > + vop_t ***ops; > dev_t dev; > > if (nvp->v_type == VBLK) > @@ -1952,7 +1952,7 @@ > vgonel(vp, td); > } else { > vclean(vp, 0, td); > - vp->v_op = spec_vnodeop_p; > + vp->v_op = &spec_vnodeop_p; > insmntque(vp, (struct mount *) 0); > } > mtx_lock(&mntvnode_mtx); > @@ -2108,7 +2108,7 @@ > /* > * Done with purge, notify sleepers of the grim news. > */ > - vp->v_op = dead_vnodeop_p; > + vp->v_op = &dead_vnodeop_p; > if (vp->v_pollinfo != NULL) > vn_pollgone(vp); > vp->v_tag = VT_NON; > @@ -2847,7 +2847,7 @@ > int error; > > /* Allocate a new vnode */ > - if ((error = getnewvnode(VT_VFS, mp, sync_vnodeop_p, &vp)) != 0) { > + if ((error = getnewvnode(VT_VFS, mp, &sync_vnodeop_p, &vp)) != 0) { > mp->mnt_syncer = NULL; > return (error); > } > > ==== //depot/projects/trustedbsd/mac/sys/nfsclient/nfs_node.c#4 (text+ko) ==== > > @@ -223,7 +223,7 @@ > */ > np = uma_zalloc(nfsnode_zone, M_WAITOK); > > - error = getnewvnode(VT_NFS, mntp, nfsv2_vnodeop_p, &nvp); > + error = getnewvnode(VT_NFS, mntp, &nfsv2_vnodeop_p, &nvp); > if (error) { > if (nfs_node_hash_lock < 0) > wakeup(&nfs_node_hash_lock); > > ==== //depot/projects/trustedbsd/mac/sys/nfsclient/nfs_subs.c#5 (text+ko) ==== > > @@ -527,10 +527,10 @@ > if (vp->v_type != vtyp) { > vp->v_type = vtyp; > if (vp->v_type == VFIFO) { > - vp->v_op = fifo_nfsv2nodeop_p; > + vp->v_op = &fifo_nfsv2nodeop_p; > } > if (vp->v_type == VCHR || vp->v_type == VBLK) { > - vp->v_op = spec_nfsv2nodeop_p; > + vp->v_op = &spec_nfsv2nodeop_p; > vp = addaliasu(vp, rdev); > np->n_vnode = vp; > } > > ==== //depot/projects/trustedbsd/mac/sys/security/lomac/lomacfs.h#3 (text+ko) ==== > > @@ -103,7 +103,7 @@ > #define VTOLOMAC(vp) ((struct lomac_node *)(vp)->v_data) > #define VTOLVP(vp) VTOLOMAC(vp)->ln_lowervp > #define VFSTOLOMAC(mp) ((struct lomac_mount *)mp->mnt_data) > -#define VISLOMAC(vp) (vp->v_op == lomacfs_vnodeop_p) > +#define VISLOMAC(vp) (vp->v_op == &lomacfs_vnodeop_p) > > int lomacfs_node_alloc(struct mount *mp, struct componentname *cnp, > struct vnode *dvp, struct vnode *lowervp, struct vnode **vpp); > > ==== //depot/projects/trustedbsd/mac/sys/security/lomac/lomacfs_subr.c#3 (text+ko) ==== > > @@ -73,7 +73,7 @@ > return (EEXIST); > } > } > - error = getnewvnode(VT_NULL, mp, lomacfs_vnodeop_p, vpp); > + error = getnewvnode(VT_NULL, mp, &lomacfs_vnodeop_p, vpp); > if (error) { > vput(lowervp); > free(lp, M_LOMACFS); > > ==== //depot/projects/trustedbsd/mac/sys/sys/vnode.h#19 (text+ko) ==== > > @@ -105,7 +105,7 @@ > int v_holdcnt; /* page & buffer references */ > u_long v_id; /* capability identifier */ > struct mount *v_mount; /* ptr to vfs we are in */ > - vop_t **v_op; /* vnode operations vector */ > + vop_t ***v_op; /* vnode operations vector */ > TAILQ_ENTRY(vnode) v_freelist; /* vnode freelist */ > TAILQ_ENTRY(vnode) v_nmntvnodes; /* vnodes for mount point */ > struct buflists v_cleanblkhd; /* clean blocklist head */ > @@ -527,7 +527,7 @@ > /* > * This call works for vnodes in the kernel. > */ > -#define VCALL(VP,OFF,AP) VOCALL((VP)->v_op,(OFF),(AP)) > +#define VCALL(VP,OFF,AP) VOCALL(*(VP)->v_op,(OFF),(AP)) > #define VDESC(OP) (& __CONCAT(OP,_desc)) > #define VOFFSET(OP) (VDESC(OP)->vdesc_offset) > > @@ -583,7 +583,7 @@ > void cvtstat(struct stat *st, struct ostat *ost); > void cvtnstat(struct stat *sb, struct nstat *nsb); > int getnewvnode(enum vtagtype tag, > - struct mount *mp, vop_t **vops, struct vnode **vpp); > + struct mount *mp, vop_t ***vops, struct vnode **vpp); > int lease_check(struct vop_lease_args *ap); > int spec_vnoperate(struct vop_generic_args *); > int speedup_syncer(void); > > ==== //depot/projects/trustedbsd/mac/sys/ufs/ffs/ffs_vfsops.c#9 (text+ko) ==== > > @@ -1192,7 +1192,7 @@ > ump->um_malloctype, M_WAITOK); > > /* Allocate a new vnode/inode. */ > - error = getnewvnode(VT_UFS, mp, ffs_vnodeop_p, &vp); > + error = getnewvnode(VT_UFS, mp, &ffs_vnodeop_p, &vp); > if (error) { > /* > * Do not wake up processes while holding the mutex, > > ==== //depot/projects/trustedbsd/mac/sys/ufs/ifs/ifs_vfsops.c#4 (text+ko) ==== > > @@ -201,7 +201,7 @@ > ump->um_malloctype, M_WAITOK); > > /* Allocate a new vnode/inode. */ > - error = getnewvnode(VT_UFS, mp, ifs_vnodeop_p, &vp); > + error = getnewvnode(VT_UFS, mp, &ifs_vnodeop_p, &vp); > if (error) { > /* > * Do not wake up processes while holding the mutex, > > ==== //depot/projects/trustedbsd/mac/sys/ufs/ufs/ufs_vnops.c#30 (text+ko) ==== > > @@ -2208,12 +2208,12 @@ > switch(vp->v_type = IFTOVT(ip->i_mode)) { > case VCHR: > case VBLK: > - vp->v_op = specops; > + vp->v_op = &specops; > vp = addaliasu(vp, ip->i_rdev); > ip->i_vnode = vp; > break; > case VFIFO: > - vp->v_op = fifoops; > + vp->v_op = &fifoops; > break; > default: > break; > > ==== //depot/projects/trustedbsd/mac/sys/vm/vm_swap.c#5 (text+ko) ==== > > @@ -263,7 +263,7 @@ > u_long aligned_nblks; > > if (!swapdev_vp) { > - error = getnewvnode(VT_NON, NULL, swapdev_vnodeop_p, > + error = getnewvnode(VT_NON, NULL, &swapdev_vnodeop_p, > &swapdev_vp); > if (error) > panic("Cannot get vnode for swapdev"); > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message