Date: Sat, 5 Aug 2006 23:48:05 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 103298 for review Message-ID: <200608052348.k75Nm5Ej067638@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=103298 Change 103298 by rwatson@rwatson_zoo on 2006/08/05 23:47:29 Restyle/etc for FreeBSD: - General white space, line wrap, etc, cleanup. - Avoid assignments in local variable declaration. - mac_audit.c is only built on FreeBSD if AUDIT is compiled in, so drop all the ifdefs for it. - Extend #if 0 section to cover policy submission of audit records, we're not ready for that yet. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#2 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#2 (text+ko) ==== @@ -1,4 +1,3 @@ - /*- * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson * Copyright (c) 2001 Ilmar S. Habibulin @@ -33,13 +32,14 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * + * $FreeBSD$ */ #include <sys/param.h> -#include <sys/types.h> -#include <sys/vnode.h> +#include <sys/types.h> +#include <sys/vnode.h> #include <sys/vnode_internal.h> -#include <sys/queue.h> +#include <sys/queue.h> #include <security/mac_internal.h> #include <bsd/bsm/audit.h> #include <bsd/bsm/audit_kernel.h> @@ -47,8 +47,6 @@ #include <vm/vm_kern.h> #include <kern/kalloc.h> -#ifdef AUDIT - int mac_check_system_audit(struct ucred *cred, void *record, int length) { @@ -73,7 +71,9 @@ mac_check_system_auditctl(struct ucred *cred, struct vnode *vp) { int error; - struct label *vl = vp ? vp->v_label : NULL; + struct label *vl; + + vl = (vp != NULL) ? vp->v_label : NULL; MAC_CHECK(check_system_auditctl, cred, vp, vl); @@ -100,8 +100,8 @@ return (error); } -int -mac_check_proc_getaudit(struct ucred *cred) +int +mac_check_proc_getaudit(struct ucred *cred) { int error; @@ -122,11 +122,9 @@ #if 0 /* - * This is the framework entry point for MAC policies to use to add - * arbitrary data to the current audit record. - * (Currently not supported, as no existing audit viewers would - * display this format) - * + * This is the framework entry point for MAC policies to use to add arbitrary + * data to the current audit record. (Currently not supported, as no + * existing audit viewers display this format) */ int mac_audit_data(int len, u_char *data, struct mac_policy_conf *caller) @@ -143,11 +141,10 @@ bcopy(data, sanitized, len); return (audit_mac_data(MAC_AUDIT_DATA_TYPE, len, sanitized)); } -#endif /* - * This is the entry point a MAC policy will call to add NULL- - * terminated ASCII text to the current audit record. + * This is the entry point a MAC policy will call to add NULL-terminated + * ASCII text to the current audit record. */ int mac_audit_text(char *text, struct mac_policy_conf *caller) @@ -189,16 +186,16 @@ ret = MAC_AUDIT_DEFAULT; LIST_FOREACH(mpc, &mac_static_policy_list, mpc_list) { if (mpc->mpc_ops->mpo_audit_preselect != NULL) { - error = mpc->mpc_ops->mpo_audit_preselect(cred, syscode, - args); + error = mpc->mpc_ops->mpo_audit_preselect(cred, + syscode, args); ret = (ret > error ? ret : error); } } if ((entrycount = mac_policy_list_conditional_busy()) != 0) { LIST_FOREACH(mpc, &mac_policy_list, mpc_list) { if (mpc->mpc_ops->mpo_audit_preselect != NULL) { - error = mpc->mpc_ops->mpo_audit_preselect(cred, syscode, - args); + error = mpc->mpc_ops->mpo_audit_preselect( + cred, syscode, args); ret = (ret > error ? ret : error); } } @@ -225,16 +222,16 @@ ret = MAC_AUDIT_DEFAULT; LIST_FOREACH(mpc, &mac_static_policy_list, mpc_list) { if (mpc->mpc_ops->mpo_audit_postselect != NULL) { - mac_error = mpc->mpc_ops->mpo_audit_postselect(cred, syscode, - args, error, retval); + mac_error = mpc->mpc_ops->mpo_audit_postselect(cred, + syscode, args, error, retval); ret = (ret > mac_error ? ret : mac_error); } } if ((entrycount = mac_policy_list_conditional_busy()) != 0) { LIST_FOREACH(mpc, &mac_policy_list, mpc_list) { if (mpc->mpc_ops->mpo_audit_postselect != NULL) { - mac_error = mpc->mpc_ops->mpo_audit_postselect(cred, syscode, - args, error, retval); + mac_error = mpc->mpc_ops->mpo_audit_postselect( + cred, syscode, args, error, retval); ret = (ret > mac_error ? ret : mac_error); } } @@ -243,82 +240,4 @@ return (ret); } - -#else /* AUDIT */ - -/* - * Function stubs for when AUDIT isn't defined. - */ - -int -mac_check_system_audit(struct ucred *cred, void *record, int length) -{ - - return (0); -} - -int -mac_check_system_auditon(struct ucred *cred, int cmd) -{ - - return (0); -} - -int -mac_check_system_auditctl(struct ucred *cred, struct vnode *vp) -{ - - return (0); -} - -int -mac_check_proc_getauid(struct ucred *cred) -{ - - return (0); -} - -int -mac_check_proc_setauid(struct ucred *cred, uid_t auid) -{ - - return (0); -} - -int -mac_check_proc_getaudit(struct ucred *cred) -{ - - return (0); -} - -int -mac_check_proc_setaudit(struct ucred *cred, struct auditinfo *ai) -{ - - return (0); -} - -int -mac_audit_preselect(struct ucred *cred, unsigned short syscode, - void *args) -{ - - return (MAC_AUDIT_DEFAULT); -} - -int -mac_audit_postselect(struct ucred *cred, unsigned short syscode, - void *args, int error, int retval, int mac_forced) -{ - - return (MAC_AUDIT_DEFAULT); -} - -int -mac_audit(int len, u_char *data) -{ - - return (0); -} -#endif /* !AUDIT */ +#endif
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200608052348.k75Nm5Ej067638>