From owner-p4-projects@FreeBSD.ORG Sat Aug 5 23:48:06 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id DD60916A4E0; Sat, 5 Aug 2006 23:48:05 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AA61516A4DD for ; Sat, 5 Aug 2006 23:48:05 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6611143D45 for ; Sat, 5 Aug 2006 23:48:05 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k75Nm5ZF067641 for ; Sat, 5 Aug 2006 23:48:05 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k75Nm5Ej067638 for perforce@freebsd.org; Sat, 5 Aug 2006 23:48:05 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Sat, 5 Aug 2006 23:48:05 GMT Message-Id: <200608052348.k75Nm5Ej067638@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Cc: Subject: PERFORCE change 103298 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Aug 2006 23:48:06 -0000 http://perforce.freebsd.org/chv.cgi?CH=103298 Change 103298 by rwatson@rwatson_zoo on 2006/08/05 23:47:29 Restyle/etc for FreeBSD: - General white space, line wrap, etc, cleanup. - Avoid assignments in local variable declaration. - mac_audit.c is only built on FreeBSD if AUDIT is compiled in, so drop all the ifdefs for it. - Extend #if 0 section to cover policy submission of audit records, we're not ready for that yet. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#2 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#2 (text+ko) ==== @@ -1,4 +1,3 @@ - /*- * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson * Copyright (c) 2001 Ilmar S. Habibulin @@ -33,13 +32,14 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * + * $FreeBSD$ */ #include -#include -#include +#include +#include #include -#include +#include #include #include #include @@ -47,8 +47,6 @@ #include #include -#ifdef AUDIT - int mac_check_system_audit(struct ucred *cred, void *record, int length) { @@ -73,7 +71,9 @@ mac_check_system_auditctl(struct ucred *cred, struct vnode *vp) { int error; - struct label *vl = vp ? vp->v_label : NULL; + struct label *vl; + + vl = (vp != NULL) ? vp->v_label : NULL; MAC_CHECK(check_system_auditctl, cred, vp, vl); @@ -100,8 +100,8 @@ return (error); } -int -mac_check_proc_getaudit(struct ucred *cred) +int +mac_check_proc_getaudit(struct ucred *cred) { int error; @@ -122,11 +122,9 @@ #if 0 /* - * This is the framework entry point for MAC policies to use to add - * arbitrary data to the current audit record. - * (Currently not supported, as no existing audit viewers would - * display this format) - * + * This is the framework entry point for MAC policies to use to add arbitrary + * data to the current audit record. (Currently not supported, as no + * existing audit viewers display this format) */ int mac_audit_data(int len, u_char *data, struct mac_policy_conf *caller) @@ -143,11 +141,10 @@ bcopy(data, sanitized, len); return (audit_mac_data(MAC_AUDIT_DATA_TYPE, len, sanitized)); } -#endif /* - * This is the entry point a MAC policy will call to add NULL- - * terminated ASCII text to the current audit record. + * This is the entry point a MAC policy will call to add NULL-terminated + * ASCII text to the current audit record. */ int mac_audit_text(char *text, struct mac_policy_conf *caller) @@ -189,16 +186,16 @@ ret = MAC_AUDIT_DEFAULT; LIST_FOREACH(mpc, &mac_static_policy_list, mpc_list) { if (mpc->mpc_ops->mpo_audit_preselect != NULL) { - error = mpc->mpc_ops->mpo_audit_preselect(cred, syscode, - args); + error = mpc->mpc_ops->mpo_audit_preselect(cred, + syscode, args); ret = (ret > error ? ret : error); } } if ((entrycount = mac_policy_list_conditional_busy()) != 0) { LIST_FOREACH(mpc, &mac_policy_list, mpc_list) { if (mpc->mpc_ops->mpo_audit_preselect != NULL) { - error = mpc->mpc_ops->mpo_audit_preselect(cred, syscode, - args); + error = mpc->mpc_ops->mpo_audit_preselect( + cred, syscode, args); ret = (ret > error ? ret : error); } } @@ -225,16 +222,16 @@ ret = MAC_AUDIT_DEFAULT; LIST_FOREACH(mpc, &mac_static_policy_list, mpc_list) { if (mpc->mpc_ops->mpo_audit_postselect != NULL) { - mac_error = mpc->mpc_ops->mpo_audit_postselect(cred, syscode, - args, error, retval); + mac_error = mpc->mpc_ops->mpo_audit_postselect(cred, + syscode, args, error, retval); ret = (ret > mac_error ? ret : mac_error); } } if ((entrycount = mac_policy_list_conditional_busy()) != 0) { LIST_FOREACH(mpc, &mac_policy_list, mpc_list) { if (mpc->mpc_ops->mpo_audit_postselect != NULL) { - mac_error = mpc->mpc_ops->mpo_audit_postselect(cred, syscode, - args, error, retval); + mac_error = mpc->mpc_ops->mpo_audit_postselect( + cred, syscode, args, error, retval); ret = (ret > mac_error ? ret : mac_error); } } @@ -243,82 +240,4 @@ return (ret); } - -#else /* AUDIT */ - -/* - * Function stubs for when AUDIT isn't defined. - */ - -int -mac_check_system_audit(struct ucred *cred, void *record, int length) -{ - - return (0); -} - -int -mac_check_system_auditon(struct ucred *cred, int cmd) -{ - - return (0); -} - -int -mac_check_system_auditctl(struct ucred *cred, struct vnode *vp) -{ - - return (0); -} - -int -mac_check_proc_getauid(struct ucred *cred) -{ - - return (0); -} - -int -mac_check_proc_setauid(struct ucred *cred, uid_t auid) -{ - - return (0); -} - -int -mac_check_proc_getaudit(struct ucred *cred) -{ - - return (0); -} - -int -mac_check_proc_setaudit(struct ucred *cred, struct auditinfo *ai) -{ - - return (0); -} - -int -mac_audit_preselect(struct ucred *cred, unsigned short syscode, - void *args) -{ - - return (MAC_AUDIT_DEFAULT); -} - -int -mac_audit_postselect(struct ucred *cred, unsigned short syscode, - void *args, int error, int retval, int mac_forced) -{ - - return (MAC_AUDIT_DEFAULT); -} - -int -mac_audit(int len, u_char *data) -{ - - return (0); -} -#endif /* !AUDIT */ +#endif