From owner-p4-projects@FreeBSD.ORG Thu Jun 9 15:58:33 2005 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 5640E16A420; Thu, 9 Jun 2005 15:58:32 +0000 (GMT) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 04C6B16A41C for ; Thu, 9 Jun 2005 15:58:32 +0000 (GMT) (envelope-from csjp@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id D83AD43D1F for ; Thu, 9 Jun 2005 15:58:31 +0000 (GMT) (envelope-from csjp@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j59FwV1G038931 for ; Thu, 9 Jun 2005 15:58:31 GMT (envelope-from csjp@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j59FwV8Z038928 for perforce@freebsd.org; Thu, 9 Jun 2005 15:58:31 GMT (envelope-from csjp@freebsd.org) Date: Thu, 9 Jun 2005 15:58:31 GMT Message-Id: <200506091558.j59FwV8Z038928@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to csjp@freebsd.org using -f From: "Christian S.J. Peron" To: Perforce Change Reviews Cc: Subject: PERFORCE change 78250 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Jun 2005 15:58:33 -0000 http://perforce.freebsd.org/chv.cgi?CH=78250 Change 78250 by csjp@csjp_xor on 2005/06/09 15:58:10 Remove mac_error, I am not sure why this was here but I can seem to see any good reason to have it here. Because mac_syscall_exit can no longer return a value, use MAC_PERFORM instead of MAC_CHECK. Pointed out by: rwatson Affected files ... .. //depot/projects/trustedbsd/mac/sys/i386/i386/trap.c#38 edit .. //depot/projects/trustedbsd/mac/sys/security/mac/mac_system.c#10 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac.h#275 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#232 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/i386/i386/trap.c#38 (text+ko) ==== @@ -881,9 +881,6 @@ int narg; int args[8]; u_int code; -#ifdef MAC - int mac_error; -#endif /* * note: PCPU_LAZY_INC() can only be used if we can afford @@ -977,12 +974,10 @@ PTRACESTOP_SC(p, td, S_PT_SCE); #ifdef MAC - mac_error = mac_syscall_enter(td, args, code); - if (mac_error == 0) + error = mac_syscall_enter(td, args, code); + if (error == 0) error = (*callp->sy_call)(td, args); - else - error = mac_error; - mac_syscall_exit(td, args, code, error, mac_error); + mac_syscall_exit(td, args, code, error); #else error = (*callp->sy_call)(td, args); #endif ==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_system.c#10 (text+ko) ==== @@ -282,20 +282,11 @@ return (error); } -int -mac_syscall_exit(struct thread *td, int *args, int code, int errcode, - int mac_error) +void +mac_syscall_exit(struct thread *td, int *args, int code, int errcode) { - int error; if (!mac_enforce_syscall) - return (0); - MAC_CHECK(syscall_exit, td, args, code, errcode, mac_error); - /* - * Since we do not care about this return value, unconditioanlly - * return 0. We can only run into problems by allowing this entry - * point to propagate return values back to the syscall. - */ - - return (0); + return; + MAC_PERFORM(syscall_exit, td, args, code, errcode); } ==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#275 (text+ko) ==== @@ -391,8 +391,8 @@ int mac_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp, void *arg1, int arg2, struct sysctl_req *req); int mac_syscall_enter(struct thread *td, int *args, int code); -int mac_syscall_exit(struct thread *td, int *args, int code, - int errcode, int mac_error); +void mac_syscall_exit(struct thread *td, int *args, int code, + int errcode); int mac_check_vnode_access(struct ucred *cred, struct vnode *vp, int acc_mode); int mac_check_vnode_chdir(struct ucred *cred, struct vnode *dvp); ==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#232 (text+ko) ==== @@ -492,8 +492,8 @@ struct sysctl_oid *oidp, void *arg1, int arg2, struct sysctl_req *req); int (*mpo_syscall_enter)(struct thread *td, int *args, int code); - int (*mpo_syscall_exit)(struct thread *td, int *args, int code, - int error, int mac_error); + void (*mpo_syscall_exit)(struct thread *td, int *args, int code, + int error); int (*mpo_check_vnode_access)(struct ucred *cred, struct vnode *vp, struct label *label, int acc_mode); int (*mpo_check_vnode_chdir)(struct ucred *cred,