Date: Sat, 5 Oct 2002 10:29:46 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 18737 for review Message-ID: <200210051729.g95HTk8f096710@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=18737 Change 18737 by rwatson@rwatson_tislabs on 2002/10/05 10:28:47 Sort label and object init/destroy functions to match mac_policy ordering. Affected files ... .. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#295 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#295 (text+ko) ==== @@ -1160,36 +1160,14 @@ /* implicit: label->l_flags &= ~MAC_FLAG_INITIALIZED; */ } -int -mac_init_mbuf(struct mbuf *m, int flag) -{ - int error; - - KASSERT(m->m_flags & M_PKTHDR, ("mac_init_mbuf on non-header mbuf")); - - mac_init_label(&m->m_pkthdr.label); - - MAC_CHECK(init_mbuf_label, &m->m_pkthdr.label, flag); - if (error) { - MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label); - mac_destroy_label(&m->m_pkthdr.label); - } - -#ifdef MAC_DEBUG - if (error == 0) - atomic_add_int(&nmacmbufs, 1); -#endif - return (error); -} - void -mac_destroy_mbuf(struct mbuf *m) +mac_init_bpfdesc(struct bpf_d *bpf_d) { - MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label); - mac_destroy_label(&m->m_pkthdr.label); + mac_init_label(&bpf_d->bd_label); + MAC_PERFORM(init_bpfdesc_label, &bpf_d->bd_label); #ifdef MAC_DEBUG - atomic_subtract_int(&nmacmbufs, 1); + atomic_add_int(&nmacbpfdescs, 1); #endif } @@ -1211,24 +1189,17 @@ mac_init_cred_label(&cred->cr_label); } -static void -mac_destroy_cred_label(struct label *label) +void +mac_init_devfsdirent(struct devfs_dirent *de) { - MAC_PERFORM(destroy_cred_label, label); - mac_destroy_label(label); + mac_init_label(&de->de_label); + MAC_PERFORM(init_devfsdirent_label, &de->de_label); #ifdef MAC_DEBUG - atomic_subtract_int(&nmaccreds, 1); + atomic_add_int(&nmacdevfsdirents, 1); #endif } -void -mac_destroy_cred(struct ucred *cred) -{ - - mac_destroy_cred_label(&cred->cr_label); -} - static void mac_init_ifnet_label(struct label *label) { @@ -1247,43 +1218,82 @@ mac_init_ifnet_label(&ifp->if_label); } -static void -mac_destroy_ifnet_label(struct label *label) +void +mac_init_ipq(struct ipq *ipq) +{ + + mac_init_label(&ipq->ipq_label); + MAC_PERFORM(init_ipq_label, &ipq->ipq_label); +#ifdef MAC_DEBUG + atomic_add_int(&nmacipqs, 1); +#endif +} + +int +mac_init_mbuf(struct mbuf *m, int flag) { + int error; + + KASSERT(m->m_flags & M_PKTHDR, ("mac_init_mbuf on non-header mbuf")); + + mac_init_label(&m->m_pkthdr.label); + + MAC_CHECK(init_mbuf_label, &m->m_pkthdr.label, flag); + if (error) { + MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label); + mac_destroy_label(&m->m_pkthdr.label); + } - MAC_PERFORM(destroy_ifnet_label, label); - mac_destroy_label(label); #ifdef MAC_DEBUG - atomic_subtract_int(&nmacifnets, 1); + if (error == 0) + atomic_add_int(&nmacmbufs, 1); #endif + return (error); } void -mac_destroy_ifnet(struct ifnet *ifp) +mac_init_mount(struct mount *mp) { - mac_destroy_ifnet_label(&ifp->if_label); + mac_init_label(&mp->mnt_mntlabel); + mac_init_label(&mp->mnt_fslabel); + MAC_PERFORM(init_mount_label, &mp->mnt_mntlabel); + MAC_PERFORM(init_mount_fs_label, &mp->mnt_fslabel); +#ifdef MAC_DEBUG + atomic_add_int(&nmacmounts, 1); +#endif } -void -mac_init_ipq(struct ipq *ipq) +static void +mac_init_pipe_label(struct label *label) { - mac_init_label(&ipq->ipq_label); - MAC_PERFORM(init_ipq_label, &ipq->ipq_label); + mac_init_label(label); + MAC_PERFORM(init_pipe_label, label); #ifdef MAC_DEBUG - atomic_add_int(&nmacipqs, 1); + atomic_add_int(&nmacpipes, 1); #endif } void -mac_destroy_ipq(struct ipq *ipq) +mac_init_pipe(struct pipe *pipe) +{ + struct label *label; + + label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK); + pipe->pipe_label = label; + pipe->pipe_peer->pipe_label = label; + mac_init_pipe_label(label); +} + +void +mac_init_proc(struct proc *p) { - MAC_PERFORM(destroy_ipq_label, &ipq->ipq_label); - mac_destroy_label(&ipq->ipq_label); + mac_init_label(&p->p_label); + MAC_PERFORM(init_proc, p, &p->p_label); #ifdef MAC_DEBUG - atomic_subtract_int(&nmacipqs, 1); + atomic_add_int(&nmacprocs, 1); #endif } @@ -1341,126 +1351,100 @@ } static void -mac_destroy_socket_label(struct label *label) +mac_init_vnode_label(struct label *label) { - MAC_PERFORM(destroy_socket_label, label); - mac_destroy_label(label); + mac_init_label(label); + MAC_PERFORM(init_vnode_label, label); #ifdef MAC_DEBUG - atomic_subtract_int(&nmacsockets, 1); + atomic_add_int(&nmacvnodes, 1); #endif } -static void -mac_destroy_socket_peer_label(struct label *label) +void +mac_init_vnode(struct vnode *vp) { - MAC_PERFORM(destroy_socket_peer_label, label); - mac_destroy_label(label); + mac_init_vnode_label(&vp->v_label); } void -mac_destroy_socket(struct socket *socket) +mac_destroy_bpfdesc(struct bpf_d *bpf_d) { - mac_destroy_socket_label(&socket->so_label); - mac_destroy_socket_peer_label(&socket->so_peerlabel); -} - -static void -mac_init_pipe_label(struct label *label) -{ - - mac_init_label(label); - MAC_PERFORM(init_pipe_label, label); + MAC_PERFORM(destroy_bpfdesc_label, &bpf_d->bd_label); + mac_destroy_label(&bpf_d->bd_label); #ifdef MAC_DEBUG - atomic_add_int(&nmacpipes, 1); + atomic_subtract_int(&nmacbpfdescs, 1); #endif } -void -mac_init_pipe(struct pipe *pipe) -{ - struct label *label; - - label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK); - pipe->pipe_label = label; - pipe->pipe_peer->pipe_label = label; - mac_init_pipe_label(label); -} - static void -mac_destroy_pipe_label(struct label *label) +mac_destroy_cred_label(struct label *label) { - MAC_PERFORM(destroy_pipe_label, label); + MAC_PERFORM(destroy_cred_label, label); mac_destroy_label(label); #ifdef MAC_DEBUG - atomic_subtract_int(&nmacpipes, 1); + atomic_subtract_int(&nmaccreds, 1); #endif } void -mac_destroy_pipe(struct pipe *pipe) +mac_destroy_cred(struct ucred *cred) { - mac_destroy_pipe_label(pipe->pipe_label); - free(pipe->pipe_label, M_MACPIPELABEL); + + mac_destroy_cred_label(&cred->cr_label); } void -mac_init_proc(struct proc *p) +mac_destroy_devfsdirent(struct devfs_dirent *de) { - mac_init_label(&p->p_label); - MAC_PERFORM(init_proc, p, &p->p_label); + MAC_PERFORM(destroy_devfsdirent_label, &de->de_label); + mac_destroy_label(&de->de_label); #ifdef MAC_DEBUG - atomic_add_int(&nmacprocs, 1); + atomic_subtract_int(&nmacdevfsdirents, 1); #endif } void -mac_destroy_proc(struct proc *p) +mac_destroy_mbuf(struct mbuf *m) { - MAC_PERFORM(destroy_proc, p, &p->p_label); - mac_destroy_label(&p->p_label); + MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label); + mac_destroy_label(&m->m_pkthdr.label); #ifdef MAC_DEBUG - atomic_subtract_int(&nmacprocs, 1); + atomic_subtract_int(&nmacmbufs, 1); #endif } -void -mac_init_bpfdesc(struct bpf_d *bpf_d) +static void +mac_destroy_ifnet_label(struct label *label) { - mac_init_label(&bpf_d->bd_label); - MAC_PERFORM(init_bpfdesc_label, &bpf_d->bd_label); + MAC_PERFORM(destroy_ifnet_label, label); + mac_destroy_label(label); #ifdef MAC_DEBUG - atomic_add_int(&nmacbpfdescs, 1); + atomic_subtract_int(&nmacifnets, 1); #endif } void -mac_destroy_bpfdesc(struct bpf_d *bpf_d) +mac_destroy_ifnet(struct ifnet *ifp) { - MAC_PERFORM(destroy_bpfdesc_label, &bpf_d->bd_label); - mac_destroy_label(&bpf_d->bd_label); -#ifdef MAC_DEBUG - atomic_subtract_int(&nmacbpfdescs, 1); -#endif + mac_destroy_ifnet_label(&ifp->if_label); } void -mac_init_mount(struct mount *mp) +mac_destroy_ipq(struct ipq *ipq) { - mac_init_label(&mp->mnt_mntlabel); - mac_init_label(&mp->mnt_fslabel); - MAC_PERFORM(init_mount_label, &mp->mnt_mntlabel); - MAC_PERFORM(init_mount_fs_label, &mp->mnt_fslabel); + MAC_PERFORM(destroy_ipq_label, &ipq->ipq_label); + mac_destroy_label(&ipq->ipq_label); #ifdef MAC_DEBUG - atomic_add_int(&nmacmounts, 1); + atomic_subtract_int(&nmacipqs, 1); #endif } @@ -1478,61 +1462,77 @@ } static void -mac_init_vnode_label(struct label *label) +mac_destroy_pipe_label(struct label *label) { - mac_init_label(label); - MAC_PERFORM(init_vnode_label, label); + MAC_PERFORM(destroy_pipe_label, label); + mac_destroy_label(label); #ifdef MAC_DEBUG - atomic_add_int(&nmacvnodes, 1); + atomic_subtract_int(&nmacpipes, 1); #endif } void -mac_init_vnode(struct vnode *vp) +mac_destroy_pipe(struct pipe *pipe) +{ + mac_destroy_pipe_label(pipe->pipe_label); + free(pipe->pipe_label, M_MACPIPELABEL); +} + +void +mac_destroy_proc(struct proc *p) { - mac_init_vnode_label(&vp->v_label); + MAC_PERFORM(destroy_proc, p, &p->p_label); + mac_destroy_label(&p->p_label); +#ifdef MAC_DEBUG + atomic_subtract_int(&nmacprocs, 1); +#endif } static void -mac_destroy_vnode_label(struct label *label) +mac_destroy_socket_label(struct label *label) { - MAC_PERFORM(destroy_vnode_label, label); + MAC_PERFORM(destroy_socket_label, label); mac_destroy_label(label); #ifdef MAC_DEBUG - atomic_subtract_int(&nmacvnodes, 1); + atomic_subtract_int(&nmacsockets, 1); #endif } +static void +mac_destroy_socket_peer_label(struct label *label) +{ + + MAC_PERFORM(destroy_socket_peer_label, label); + mac_destroy_label(label); +} + void -mac_destroy_vnode(struct vnode *vp) +mac_destroy_socket(struct socket *socket) { - mac_destroy_vnode_label(&vp->v_label); + mac_destroy_socket_label(&socket->so_label); + mac_destroy_socket_peer_label(&socket->so_peerlabel); } -void -mac_init_devfsdirent(struct devfs_dirent *de) +static void +mac_destroy_vnode_label(struct label *label) { - mac_init_label(&de->de_label); - MAC_PERFORM(init_devfsdirent_label, &de->de_label); + MAC_PERFORM(destroy_vnode_label, label); + mac_destroy_label(label); #ifdef MAC_DEBUG - atomic_add_int(&nmacdevfsdirents, 1); + atomic_subtract_int(&nmacvnodes, 1); #endif } void -mac_destroy_devfsdirent(struct devfs_dirent *de) +mac_destroy_vnode(struct vnode *vp) { - MAC_PERFORM(destroy_devfsdirent_label, &de->de_label); - mac_destroy_label(&de->de_label); -#ifdef MAC_DEBUG - atomic_subtract_int(&nmacdevfsdirents, 1); -#endif + mac_destroy_vnode_label(&vp->v_label); } static void To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210051729.g95HTk8f096710>