From owner-p4-projects Sat Sep 28 12:35:46 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 5AF5937B404; Sat, 28 Sep 2002 12:35:31 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 06FC837B401 for ; Sat, 28 Sep 2002 12:35:31 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 51E6A43E6E for ; Sat, 28 Sep 2002 12:35:30 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from freefall.freebsd.org (perforce@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g8SJZUCo098849 for ; Sat, 28 Sep 2002 12:35:30 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g8SJZTXh098846 for perforce@freebsd.org; Sat, 28 Sep 2002 12:35:29 -0700 (PDT) Date: Sat, 28 Sep 2002 12:35:29 -0700 (PDT) Message-Id: <200209281935.g8SJZTXh098846@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 18290 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=18290 Change 18290 by rwatson@rwatson_tislabs on 2002/09/28 12:34:57 Slightly restructure internalize/externalize routines to return immediately if there's no match, rather than not returning until the end, visually simplifying the functions. No functional change. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#116 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#96 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_partition/mac_partition.c#14 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#116 (text+ko) ==== @@ -516,68 +516,68 @@ size_t len, left; int error; - if (strcmp(MAC_BIBA_LABEL_NAME, element->me_name) == 0) { - (*claimed)++; + if (strcmp(MAC_BIBA_LABEL_NAME, element->me_name) != 0) + return (0); - mac_biba = SLOT(label); + (*claimed)++; - bzero(string, sizeof(string)); - curptr = string; - left = MAC_MAX_LABEL_ELEMENT_DATALEN; + mac_biba = SLOT(label); - if (mac_biba->mb_flags & MAC_BIBA_FLAG_SINGLE) { - len = mac_biba_element_to_string(curptr, left, - &mac_biba->mb_single); - if (len >= left) - return (EINVAL); - left -= len; - curptr += len; - } + bzero(string, sizeof(string)); + curptr = string; + left = MAC_MAX_LABEL_ELEMENT_DATALEN; - if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) { - len = snprintf(curptr, left, "("); - if (len >= left) - return (EINVAL); - left -= len; + if (mac_biba->mb_flags & MAC_BIBA_FLAG_SINGLE) { + len = mac_biba_element_to_string(curptr, left, + &mac_biba->mb_single); + if (len >= left) + return (EINVAL); + left -= len; curptr += len; + } - len = mac_biba_element_to_string(curptr, left, - &mac_biba->mb_rangelow); - if (len >= left) - return (EINVAL); - left -= len; - curptr += len; + if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) { + len = snprintf(curptr, left, "("); + if (len >= left) + return (EINVAL); + left -= len; + curptr += len; - len = snprintf(curptr, left, "-"); - if (len >= left) - return (EINVAL); - left -= len; - curptr += len; + len = mac_biba_element_to_string(curptr, left, + &mac_biba->mb_rangelow); + if (len >= left) + return (EINVAL); + left -= len; + curptr += len; - len = mac_biba_element_to_string(curptr, left, - &mac_biba->mb_rangehigh); - if (len >= left) - return (EINVAL); - left -= len; - curptr += len; + len = snprintf(curptr, left, "-"); + if (len >= left) + return (EINVAL); + left -= len; + curptr += len; - len = snprintf(curptr, left, ")"); - if (len >= left) - return (EINVAL); - left -= len; - curptr += len; - } + len = mac_biba_element_to_string(curptr, left, + &mac_biba->mb_rangehigh); + if (len >= left) + return (EINVAL); + left -= len; + curptr += len; - if (strlen(string)+1 > element->me_databuflen) + len = snprintf(curptr, left, ")"); + if (len >= left) return (EINVAL); + left -= len; + curptr += len; + } - error = copyout(string, element->me_data, strlen(string)+1); - if (error) - return (error); + if (strlen(string)+1 > element->me_databuflen) + return (EINVAL); - element->me_datalen = strlen(string)+1; - } + error = copyout(string, element->me_data, strlen(string)+1); + if (error) + return (error); + element->me_datalen = strlen(string)+1; return (0); } @@ -636,77 +636,78 @@ char *range, *rangeend, *rangehigh, *rangelow, *single; int error; - if (strcmp(MAC_BIBA_LABEL_NAME, element->me_name) == 0) { - (*claimed)++; + if (strcmp(MAC_BIBA_LABEL_NAME, element->me_name) != 0) + return (0); - error = copyin(element->me_data, &string, element->me_datalen); - if (error) - return (error); + (*claimed)++; - if (!strvalid(string, MAC_MAX_LABEL_ELEMENT_DATALEN)) - return (EINVAL); + error = copyin(element->me_data, &string, element->me_datalen); + if (error) + return (error); - /* Do we have a range? */ - single = string; - range = index(string, '('); - if (range == single) - single = NULL; - rangelow = rangehigh = NULL; - if (range != NULL) { - /* Nul terminate the end of the single string. */ - *range = '\0'; - range++; - rangelow = range; - rangehigh = index(rangelow, '-'); - if (rangehigh == NULL) - return (EINVAL); - rangehigh++; - if (*rangelow == '\0' || *rangehigh == '\0') - return (EINVAL); - rangeend = index(rangehigh, ')'); - if (rangeend == NULL) - return (EINVAL); - if (*(rangeend + 1) != '\0') - return (EINVAL); - /* Nul terminate the ends of the ranges. */ - *(rangehigh - 1) = '\0'; - *rangeend = '\0'; - } - KASSERT((rangelow != NULL && rangehigh != NULL) || - (rangelow == NULL && rangehigh == NULL), - ("mac_biba_internalize_label: range mismatch")); + if (!strvalid(string, MAC_MAX_LABEL_ELEMENT_DATALEN)) + return (EINVAL); - printf("Biba: single: %s, range low: %s, range high: %s\n", - single, rangelow, rangehigh); + /* Do we have a range? */ + single = string; + range = index(string, '('); + if (range == single) + single = NULL; + rangelow = rangehigh = NULL; + if (range != NULL) { + /* Nul terminate the end of the single string. */ + *range = '\0'; + range++; + rangelow = range; + rangehigh = index(rangelow, '-'); + if (rangehigh == NULL) + return (EINVAL); + rangehigh++; + if (*rangelow == '\0' || *rangehigh == '\0') + return (EINVAL); + rangeend = index(rangehigh, ')'); + if (rangeend == NULL) + return (EINVAL); + if (*(rangeend + 1) != '\0') + return (EINVAL); + /* Nul terminate the ends of the ranges. */ + *(rangehigh - 1) = '\0'; + *rangeend = '\0'; + } + KASSERT((rangelow != NULL && rangehigh != NULL) || + (rangelow == NULL && rangehigh == NULL), + ("mac_biba_internalize_label: range mismatch")); - bzero(&mac_biba_temp, sizeof(mac_biba_temp)); - if (single != NULL) { - error = mac_biba_parse_element( - &mac_biba_temp.mb_single, single); - if (error) - return (error); - mac_biba_temp.mb_flags |= MAC_BIBA_FLAG_SINGLE; - } + printf("Biba: single: %s, range low: %s, range high: %s\n", + single, rangelow, rangehigh); - if (rangelow != NULL) { - error = mac_biba_parse_element( - &mac_biba_temp.mb_rangelow, rangelow); - if (error) - return (error); - error == mac_biba_parse_element( - &mac_biba_temp.mb_rangehigh, rangehigh); - if (error) - return (error); - mac_biba_temp.mb_flags |= MAC_BIBA_FLAG_RANGE; - } + bzero(&mac_biba_temp, sizeof(mac_biba_temp)); + if (single != NULL) { + error = mac_biba_parse_element(&mac_biba_temp.mb_single, + single); + if (error) + return (error); + mac_biba_temp.mb_flags |= MAC_BIBA_FLAG_SINGLE; + } - error = mac_biba_valid(&mac_biba_temp); + if (rangelow != NULL) { + error = mac_biba_parse_element(&mac_biba_temp.mb_rangelow, + rangelow); + if (error) + return (error); + error == mac_biba_parse_element(&mac_biba_temp.mb_rangehigh, + rangehigh); if (error) return (error); + mac_biba_temp.mb_flags |= MAC_BIBA_FLAG_RANGE; + } - mac_biba = SLOT(label); - *mac_biba = mac_biba_temp; - } + error = mac_biba_valid(&mac_biba_temp); + if (error) + return (error); + + mac_biba = SLOT(label); + *mac_biba = mac_biba_temp; return (0); } ==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#96 (text+ko) ==== @@ -505,68 +505,68 @@ size_t left, len; int error; - if (strcmp(MAC_MLS_LABEL_NAME, element->me_name) == 0) { - (*claimed)++; + if (strcmp(MAC_MLS_LABEL_NAME, element->me_name) != 0) + return (0); - mac_mls = SLOT(label); + (*claimed)++; - bzero(string, sizeof(string)); - curptr = string; - left = MAC_MAX_LABEL_ELEMENT_DATALEN; + mac_mls = SLOT(label); - if (mac_mls->mm_flags & MAC_MLS_FLAG_SINGLE) { - len = mac_mls_element_to_string(curptr, left, - &mac_mls->mm_single); - if (len >= left) - return (EINVAL); - left -= len; - curptr += len; - } + bzero(string, sizeof(string)); + curptr = string; + left = MAC_MAX_LABEL_ELEMENT_DATALEN; - if (mac_mls->mm_flags & MAC_MLS_FLAG_RANGE) { - len = snprintf(curptr, left, "("); - if (len >= left) - return (EINVAL); - left -= len; - curptr += len; + if (mac_mls->mm_flags & MAC_MLS_FLAG_SINGLE) { + len = mac_mls_element_to_string(curptr, left, + &mac_mls->mm_single); + if (len >= left) + return (EINVAL); + left -= len; + curptr += len; + } - len = mac_mls_element_to_string(curptr, left, - &mac_mls->mm_rangelow); - if (len >= left) - return (EINVAL); - left -= len; - curptr += len; + if (mac_mls->mm_flags & MAC_MLS_FLAG_RANGE) { + len = snprintf(curptr, left, "("); + if (len >= left) + return (EINVAL); + left -= len; + curptr += len; - len = snprintf(curptr, left, "-"); - if (len >= left) - return (EINVAL); - left -= len; - curptr += len; + len = mac_mls_element_to_string(curptr, left, + &mac_mls->mm_rangelow); + if (len >= left) + return (EINVAL); + left -= len; + curptr += len; - len = mac_mls_element_to_string(curptr, left, - &mac_mls->mm_rangehigh); - if (len >= left) - return (EINVAL); - left -= len; - curptr += len; + len = snprintf(curptr, left, "-"); + if (len >= left) + return (EINVAL); + left -= len; + curptr += len; - len = snprintf(curptr, left, ")"); - if (len >= left) - return (EINVAL); - left -= len; - curptr += len; - } + len = mac_mls_element_to_string(curptr, left, + &mac_mls->mm_rangehigh); + if (len >= left) + return (EINVAL); + left -= len; + curptr += len; - if (strlen(string)+1 > element->me_databuflen) + len = snprintf(curptr, left, ")"); + if (len >= left) return (EINVAL); + left -= len; + curptr += len; + } - error = copyout(string, element->me_data, strlen(string)+1); - if (error) - return (error); + if (strlen(string)+1 > element->me_databuflen) + return (EINVAL); - element->me_datalen = strlen(string)+1; - } + error = copyout(string, element->me_data, strlen(string)+1); + if (error) + return (error); + element->me_datalen = strlen(string)+1; return (0); } @@ -625,77 +625,78 @@ char *range, *rangeend, *rangehigh, *rangelow, *single; int error; - if (strcmp(MAC_MLS_LABEL_NAME, element->me_name) == 0) { - (*claimed)++; + if (strcmp(MAC_MLS_LABEL_NAME, element->me_name) != 0) + return (0); - error = copyin(element->me_data, &string, element->me_datalen); - if (error) - return (error); + (*claimed)++; - if (!strvalid(string, MAC_MAX_LABEL_ELEMENT_DATALEN)) - return (EINVAL); + error = copyin(element->me_data, &string, element->me_datalen); + if (error) + return (error); - /* Do we have a range? */ - single = string; - range = index(string, '('); - if (range == single) - single = NULL; - rangelow = rangehigh = NULL; - if (range != NULL) { - /* Nul terminate the end of the single string. */ - *range = '\0'; - range++; - rangelow = range; - rangehigh = index(rangelow, '-'); - if (rangehigh == NULL) - return (EINVAL); - rangehigh++; - if (*rangelow == '\0' || *rangehigh == '\0') - return (EINVAL); - rangeend = index(rangehigh, ')'); - if (rangeend == NULL) - return (EINVAL); - if (*(rangeend + 1) != '\0') - return (EINVAL); - /* Nul terminate the ends of the ranges. */ - *(rangehigh - 1) = '\0'; - *rangeend = '\0'; - } - KASSERT((rangelow != NULL && rangehigh != NULL) || - (rangelow == NULL && rangehigh == NULL), - ("mac_biba_internalize_label: range mismatch")); + if (!strvalid(string, MAC_MAX_LABEL_ELEMENT_DATALEN)) + return (EINVAL); - printf("MLS: single: %s, range low: %s, range high: %s\n", - single, rangelow, rangehigh); + /* Do we have a range? */ + single = string; + range = index(string, '('); + if (range == single) + single = NULL; + rangelow = rangehigh = NULL; + if (range != NULL) { + /* Nul terminate the end of the single string. */ + *range = '\0'; + range++; + rangelow = range; + rangehigh = index(rangelow, '-'); + if (rangehigh == NULL) + return (EINVAL); + rangehigh++; + if (*rangelow == '\0' || *rangehigh == '\0') + return (EINVAL); + rangeend = index(rangehigh, ')'); + if (rangeend == NULL) + return (EINVAL); + if (*(rangeend + 1) != '\0') + return (EINVAL); + /* Nul terminate the ends of the ranges. */ + *(rangehigh - 1) = '\0'; + *rangeend = '\0'; + } + KASSERT((rangelow != NULL && rangehigh != NULL) || + (rangelow == NULL && rangehigh == NULL), + ("mac_biba_internalize_label: range mismatch")); - bzero(&mac_mls_temp, sizeof(mac_mls_temp)); - if (single != NULL) { - error = mac_mls_parse_element( - &mac_mls_temp.mm_single, single); - if (error) - return (error); - mac_mls_temp.mm_flags |= MAC_MLS_FLAG_SINGLE; - } + printf("MLS: single: %s, range low: %s, range high: %s\n", + single, rangelow, rangehigh); - if (rangelow != NULL) { - error = mac_mls_parse_element( - &mac_mls_temp.mm_rangelow, rangelow); - if (error) - return (error); - error = mac_mls_parse_element( - &mac_mls_temp.mm_rangehigh, rangehigh); - if (error) - return (error); - mac_mls_temp.mm_flags |= MAC_MLS_FLAG_RANGE; - } + bzero(&mac_mls_temp, sizeof(mac_mls_temp)); + if (single != NULL) { + error = mac_mls_parse_element(&mac_mls_temp.mm_single, + single); + if (error) + return (error); + mac_mls_temp.mm_flags |= MAC_MLS_FLAG_SINGLE; + } - error = mac_mls_valid(&mac_mls_temp); + if (rangelow != NULL) { + error = mac_mls_parse_element(&mac_mls_temp.mm_rangelow, + rangelow); + if (error) + return (error); + error = mac_mls_parse_element(&mac_mls_temp.mm_rangehigh, + rangehigh); if (error) return (error); + mac_mls_temp.mm_flags |= MAC_MLS_FLAG_RANGE; + } - mac_mls = SLOT(label); - *mac_mls = mac_mls_temp; - } + error = mac_mls_valid(&mac_mls_temp); + if (error) + return (error); + + mac_mls = SLOT(label); + *mac_mls = mac_mls_temp; return (0); } ==== //depot/projects/trustedbsd/mac/sys/security/mac_partition/mac_partition.c#14 (text+ko) ==== @@ -109,20 +109,19 @@ { int error; - if (strcmp(MAC_PARTITION_LABEL_NAME, element->me_name) == 0) { - (*claimed)++; + if (strcmp(MAC_PARTITION_LABEL_NAME, element->me_name) != 0) + return (0); - if (element->me_databuflen < sizeof(long)) - return (EINVAL); + (*claimed)++; - error = copyout(&SLOT(label), element->me_data, - sizeof(long)); - if (error) - return (error); + if (element->me_databuflen < sizeof(long)) + return (EINVAL); - element->me_datalen = sizeof(long); - } + error = copyout(&SLOT(label), element->me_data, sizeof(long)); + if (error) + return (error); + element->me_datalen = sizeof(long); return (0); } @@ -133,20 +132,19 @@ long long_temp; int error; - if (strcmp(MAC_PARTITION_LABEL_NAME, element->me_name) == 0) { - (*claimed)++; + if (strcmp(MAC_PARTITION_LABEL_NAME, element->me_name) != 0) + return (0); - if (element->me_datalen != sizeof(long)) - return (EINVAL); + (*claimed)++; - error = copyin(element->me_data, &long_temp, - sizeof(long_temp)); - if (error) - return (error); + if (element->me_datalen != sizeof(long)) + return (EINVAL); - SLOT(label) = long_temp; - } + error = copyin(element->me_data, &long_temp, sizeof(long_temp)); + if (error) + return (error); + SLOT(label) = long_temp; return (0); } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message