From owner-p4-projects@FreeBSD.ORG  Sun Nov  9 19:52:21 2003
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 98F0A16A4D0; Sun,  9 Nov 2003 19:52:21 -0800 (PST)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 59D4F16A4CE
	for <perforce@freebsd.org>; Sun,  9 Nov 2003 19:52:21 -0800 (PST)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AEF3F43FA3
	for <perforce@freebsd.org>; Sun,  9 Nov 2003 19:52:20 -0800 (PST)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.12.9/8.12.9) with ESMTP id hAA3qKXJ066594
	for <perforce@freebsd.org>; Sun, 9 Nov 2003 19:52:20 -0800 (PST)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.12.9/8.12.9/Submit) id hAA3qJO9066591
	for perforce@freebsd.org; Sun, 9 Nov 2003 19:52:19 -0800 (PST)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Sun, 9 Nov 2003 19:52:19 -0800 (PST)
Message-Id: <200311100352.hAA3qJO9066591@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Subject: PERFORCE change 41859 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Nov 2003 03:52:22 -0000
X-List-Received-Date: Mon, 10 Nov 2003 03:52:22 -0000

http://perforce.freebsd.org/chv.cgi?CH=41859

Change 41859 by rwatson@rwatson_paprika on 2003/11/09 19:51:22

	Use zone-allocated temporary label storage for mac_get_fs()
	and lmount(), rather than stack-allocated storage.  GC old
	interfaces.

Affected files ...

.. //depot/projects/trustedbsd/sebsd/sys/kern/kern_mac.c#19 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/mac/mac_internal.h#8 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/mac/mac_vfs.c#7 edit

Differences ...

==== //depot/projects/trustedbsd/sebsd/sys/kern/kern_mac.c#19 (text+ko) ====

@@ -916,7 +916,7 @@
 {
 	char *elements, *buffer;
 	struct nameidata nd;
-	struct label intlabel;
+	struct label *intlabel;
 	struct mac mac;
 	int error;
 	struct mount *mp;
@@ -946,13 +946,13 @@
 
 	mp = nd.ni_vp->v_mount;
 
-	mac_init_mount_label(&intlabel);
-	mac_copy_mount_label(mp->mnt_mntlabel, &intlabel);
-	error = mac_externalize_mount_label(&intlabel, elements, buffer,
+	intlabel = mac_mount_label_alloc();
+	mac_copy_mount_label(mp->mnt_mntlabel, intlabel);
+	error = mac_externalize_mount_label(intlabel, elements, buffer,
 	    mac.m_buflen, M_WAITOK);
 
 	NDFREE(&nd, 0);
-	mac_destroy_mount_label(&intlabel);
+	mac_mount_label_free(intlabel);
 
 	if (error == 0)
 		error = copyout(buffer, mac.m_string, strlen(buffer)+1);
@@ -1215,7 +1215,7 @@
 	char *buffer;
 	int error;
 	struct mac mac;
-	struct label intlabel;
+	struct label *intlabel;
 
 	error = copyin(uap->mac_p, &mac, sizeof(mac));
 	if (error)
@@ -1232,13 +1232,11 @@
 		return (error);
 	}
 
-	mac_init_mount_label(&intlabel);
-	error = mac_internalize_mount_label(&intlabel, buffer);
+	intlabel = mac_mount_label_alloc();
+	error = mac_internalize_mount_label(intlabel, buffer);
 	free(buffer, M_MACTEMP);
-	if (error) {
-		mac_destroy_mount_label(&intlabel);
-		return (error);
-	}
+	if (error)
+		goto out;
 
 	fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK);
 	fspath = malloc(MNAMELEN, M_TEMP, M_WAITOK);
@@ -1251,9 +1249,12 @@
 	if (error == 0)
 		error = copyinstr(uap->path, fspath, MNAMELEN, NULL);
 	if (error == 0)
-		error = vfs_mount(td, fstype, fspath, uap->flags, uap->data, &intlabel);
+		error = vfs_mount(td, fstype, fspath, uap->flags, uap->data,
+		    intlabel);
 	free(fstype, M_TEMP);
 	free(fspath, M_TEMP);
+out:
+	mac_mount_label_free(intlabel);
 	return (error);
 }
 

==== //depot/projects/trustedbsd/sebsd/sys/security/mac/mac_internal.h#8 (text+ko) ====

@@ -103,6 +103,8 @@
  * the namespaces, etc, should work for these, so for now, sort by
  * object type.
  */
+struct label	*mac_mount_label_alloc(void);
+void		 mac_mount_label_free(struct label *label);
 struct label	*mac_pipe_label_alloc(void);
 void		 mac_pipe_label_free(struct label *label);
 

==== //depot/projects/trustedbsd/sebsd/sys/security/mac/mac_vfs.c#7 (text+ko) ====

@@ -118,7 +118,7 @@
 	de->de_label = mac_devfsdirent_label_alloc();
 }
 
-static struct label *
+struct label *
 mac_mount_label_alloc(void)
 {
 	struct label *label;
@@ -141,14 +141,6 @@
 }
 
 void
-mac_init_mount_label(struct label *label)
-{
-
-	mac_init_label(label);
-	MAC_PERFORM(init_mount_label, label);
-}
-
-void
 mac_init_mount(struct mount *mp)
 {
 
@@ -191,7 +183,7 @@
 	de->de_label = NULL;
 }
 
-static void
+void
 mac_mount_label_free(struct label *label)
 {
 
@@ -210,14 +202,6 @@
 }
 
 void
-mac_destroy_mount_label(struct label *label)
-{
-
-	MAC_PERFORM(destroy_mount_label, label);
-	mac_destroy_label(label);
-}
-
-void
 mac_destroy_mount(struct mount *mp)
 {