From owner-p4-projects@FreeBSD.ORG  Wed Aug 29 20:35:20 2007
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id A45FA16A420; Wed, 29 Aug 2007 20:35:20 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 6EFC116A41B
	for <perforce@freebsd.org>; Wed, 29 Aug 2007 20:35:20 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 5272313C48A
	for <perforce@freebsd.org>; Wed, 29 Aug 2007 20:35:20 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id l7TKZK92010948
	for <perforce@freebsd.org>; Wed, 29 Aug 2007 20:35:20 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.1/8.14.1/Submit) id l7TKZJ5G010945
	for perforce@freebsd.org; Wed, 29 Aug 2007 20:35:19 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Wed, 29 Aug 2007 20:35:19 GMT
Message-Id: <200708292035.l7TKZJ5G010945@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 125828 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Aug 2007 20:35:21 -0000

http://perforce.freebsd.org/chv.cgi?CH=125828

Change 125828 by rwatson@rwatson_zoo on 2007/08/29 20:34:59

	Fix issues in recent integration by adapting branch-local code to new
	world order from CVS.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/i386/i386/trap.c#52 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac/mac_policy.h#5 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#155 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/i386/i386/trap.c#52 (text+ko) ====

@@ -64,7 +64,6 @@
 #include <sys/kernel.h>
 #include <sys/ktr.h>
 #include <sys/lock.h>
-#include <sys/mac.h>
 #include <sys/mutex.h>
 #include <sys/resourcevar.h>
 #include <sys/signalvar.h>
@@ -80,6 +79,7 @@
 #include <sys/pmckern.h>
 #endif
 #include <security/audit/audit.h>
+#include <security/mac/mac_framework.h>
 
 #include <vm/vm.h>
 #include <vm/vm_param.h>

==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_policy.h#5 (text+ko) ====

@@ -323,6 +323,9 @@
 		    struct label *ifplabel, struct label *newlabel);
 typedef void	(*mpo_update_ipq_t)(struct mbuf *m, struct label *mlabel,
 		    struct ipq *ipq, struct label *ipqlabel);
+typedef int	(*mpo_update_mbuf_from_cipso_t)(struct mbuf *m,
+		    struct label *mlabel, struct ifnet *ifp,
+		    struct label *ifplabel, char *cp, int *code);
 typedef void	(*mpo_inpcb_sosetlabel_t)(struct socket *so,
 		    struct label *label, struct inpcb *inp,
 		    struct label *inplabel);
@@ -757,6 +760,7 @@
 	mpo_reflect_mbuf_tcp_t			mpo_reflect_mbuf_tcp;
 	mpo_relabel_ifnet_t			mpo_relabel_ifnet;
 	mpo_update_ipq_t			mpo_update_ipq;
+	mpo_update_mbuf_from_cipso_t		mpo_update_mbuf_from_cipso;
 	mpo_inpcb_sosetlabel_t			mpo_inpcb_sosetlabel;
 
 	/*

==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#155 (text+ko) ====

@@ -1068,11 +1068,11 @@
 COUNTER_DECL(update_mbuf_from_cipso);
 static int
 mac_test_update_mbuf_from_cipso(struct mbuf *m, struct label *mlabel,
-    struct ifnet *ifnet, struct label *ifnetlabel, char *cp, int *code)
+    struct ifnet *ifp, struct label *ifplabel, char *cp, int *code)
 {
 
-	ASSERT_MBUF_LABEL(mlabel);
-	ASSERT_IFNET_LABEL(ifnetlabel);
+	LABEL_CHECK(mlabel, MAGIC_MBUF);
+	LABEL_CHECK(ifplabel, MAGIC_IFNET);
 
 	return (0);
 }
@@ -1152,15 +1152,23 @@
 }
 
 COUNTER_DECL(thread_userret);
+static void
+mac_test_thread_userret(struct thread *td)
+{
+
+	COUNTER_INC(thread_userret);
+}
+
+COUNTER_DECL(thread_userret_sysctl);
 static int
 sysctl_mac_test_thread_userret(SYSCTL_HANDLER_ARGS)
 {
 
-	COUNTER_INC(thread_userret);
-	mtx_lock_spin(&sched_lock);
+	COUNTER_INC(thread_userret_sysctl);
+	thread_lock(curthread);
 	curthread->td_flags |= TDF_ASTPENDING;
 	curthread->td_proc->p_sflag |= PS_MACPEND;
-	mtx_unlock_spin(&sched_lock);
+	thread_unlock(curthread);
 	return (sysctl_handle_int(oidp, NULL, curthread->td_proc->p_pid,
 	    req));
 }