From owner-p4-projects  Fri Oct 25  9:28:43 2002
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id B418337B404; Fri, 25 Oct 2002 09:28:37 -0700 (PDT)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4B1E137B401
	for <perforce@freebsd.org>; Fri, 25 Oct 2002 09:28:37 -0700 (PDT)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D9CE743E4A
	for <perforce@freebsd.org>; Fri, 25 Oct 2002 09:28:36 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id g9PGRlmV004539
	for <perforce@freebsd.org>; Fri, 25 Oct 2002 09:27:47 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.12.6/8.12.6/Submit) id g9PGRkM4004536
	for perforce@freebsd.org; Fri, 25 Oct 2002 09:27:46 -0700 (PDT)
Date: Fri, 25 Oct 2002 09:27:46 -0700 (PDT)
Message-Id: <200210251627.g9PGRkM4004536@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
Subject: PERFORCE change 20127 for review
To: Perforce Change Reviews <perforce@freebsd.org>
Sender: owner-p4-projects@FreeBSD.ORG
Precedence: bulk
List-ID: <p4-projects.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20p4-projects>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20p4-projects>
X-Loop: FreeBSD.ORG

http://perforce.freebsd.org/chv.cgi?CH=20127

Change 20127 by rwatson@rwatson_tislabs on 2002/10/25 09:27:26

	Permit a libc wrapper for execve_mac().  We do this for all
	the other MAC-related system calls, and it permits us to perform
	user-space transforms on labels before they enter the kernel.
	Not currently used, but has been used in the past.

Affected files ...

.. //depot/projects/trustedbsd/mac/lib/libc/posix1e/Makefile.inc#20 edit
.. //depot/projects/trustedbsd/mac/sys/kern/init_sysent.c#41 edit
.. //depot/projects/trustedbsd/mac/sys/kern/kern_exec.c#39 edit
.. //depot/projects/trustedbsd/mac/sys/kern/syscalls.c#40 edit
.. //depot/projects/trustedbsd/mac/sys/kern/syscalls.master#38 edit
.. //depot/projects/trustedbsd/mac/sys/sys/imgact.h#13 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#191 edit
.. //depot/projects/trustedbsd/mac/sys/sys/syscall.h#41 edit
.. //depot/projects/trustedbsd/mac/sys/sys/syscall.mk#40 edit
.. //depot/projects/trustedbsd/mac/sys/sys/sysproto.h#42 edit

Differences ...

==== //depot/projects/trustedbsd/mac/lib/libc/posix1e/Makefile.inc#20 (text+ko) ====

@@ -20,6 +20,7 @@
 	acl_valid.c			\
 	extattr.c			\
 	mac.c				\
+	mac_exec.c			\
 	mac_get.c			\
 	mac_set.c
 

==== //depot/projects/trustedbsd/mac/sys/kern/init_sysent.c#41 (text+ko) ====

@@ -443,7 +443,7 @@
 	{ AS(extattr_set_link_args), (sy_call_t *)extattr_set_link },	/* 412 = extattr_set_link */
 	{ AS(extattr_get_link_args), (sy_call_t *)extattr_get_link },	/* 413 = extattr_get_link */
 	{ AS(extattr_delete_link_args), (sy_call_t *)extattr_delete_link },	/* 414 = extattr_delete_link */
-	{ SYF_MPSAFE | AS(execve_mac_args), (sy_call_t *)execve_mac },	/* 415 = execve_mac */
+	{ SYF_MPSAFE | AS(__execve_mac_args), (sy_call_t *)__execve_mac },	/* 415 = __execve_mac */
 	{ 0, (sy_call_t *)nosys },			/* 416 = newsigreturn */
 	{ 0, (sy_call_t *)nosys },			/* 417 = newsigaction */
 	{ 0, (sy_call_t *)nosys },			/* 418 = __xstat */

==== //depot/projects/trustedbsd/mac/sys/kern/kern_exec.c#39 (text+ko) ====

@@ -136,7 +136,7 @@
 static const struct execsw **execsw;
 
 #ifndef _SYS_SYSPROTO_H_
-struct execve_mac_args {
+struct __execve_mac_args {
         char    *fname; 
         char    **argv;
         char    **envv; 
@@ -145,14 +145,14 @@
 #endif
 
 /*
- * execve_mac() system call.
+ * __execve_mac() system call.
  *
  * MPSAFE
  */
 int
-execve_mac(td, uap)
+__execve_mac(td, uap)
 	struct thread *td;
-	register struct execve_mac_args *uap;
+	register struct __execve_mac_args *uap;
 {
 	struct proc *p = td->td_proc;
 	struct nameidata nd, *ndp;
@@ -684,7 +684,7 @@
 }
 
 /*
- * execve() system call.  This is simply a wrapper for execve_mac
+ * execve() system call.  This is simply a wrapper for __execve_mac
  * which passes in a NULL label argument.
  *
  * MPSAFE
@@ -698,13 +698,13 @@
 		syscallarg(char **) envv;
 	} */ *uap;
 {
-	struct execve_mac_args mac_args;
+	struct __execve_mac_args mac_args;
 
 	mac_args.fname = uap->fname;
 	mac_args.argv = uap->argv;
 	mac_args.envv = uap->envv;
 	mac_args.mac_p = NULL;
-	return (execve_mac(td, &mac_args));
+	return (__execve_mac(td, &mac_args));
 }
 
 int

==== //depot/projects/trustedbsd/mac/sys/kern/syscalls.c#40 (text+ko) ====

@@ -422,7 +422,7 @@
 	"extattr_set_link",			/* 412 = extattr_set_link */
 	"extattr_get_link",			/* 413 = extattr_get_link */
 	"extattr_delete_link",			/* 414 = extattr_delete_link */
-	"execve_mac",			/* 415 = execve_mac */
+	"__execve_mac",			/* 415 = __execve_mac */
 	"#416",			/* 416 = newsigreturn */
 	"#417",			/* 417 = newsigaction */
 	"#418",			/* 418 = __xstat */

==== //depot/projects/trustedbsd/mac/sys/kern/syscalls.master#38 (text+ko) ====

@@ -601,7 +601,7 @@
 			    void *data, size_t nbytes); }
 414	STD	BSD	{ int extattr_delete_link(const char *path, \
 			    int attrnamespace, const char *attrname); }
-415	MSTD	BSD	{ int execve_mac(char *fname, char **argv, \
+415	MSTD	BSD	{ int __execve_mac(char *fname, char **argv, \
 			    char **envv, struct mac *mac_p); }
 416	UNIMPL	BSD	newsigreturn
 417	UNIMPL	BSD	newsigaction

==== //depot/projects/trustedbsd/mac/sys/sys/imgact.h#13 (text+ko) ====

@@ -45,7 +45,7 @@
 
 struct image_params {
 	struct proc *proc;	/* our process struct */
-	struct execve_mac_args *uap; /* syscall arguments */
+	struct __execve_mac_args *uap; /* syscall arguments */
 	struct label *execlabel; /* MAC label to compose transition with */
 	struct vnode *vp;	/* pointer to vnode of file to exec */
 	struct vm_object *object;	/* The vm object for this vp */

==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#191 (text+ko) ====

@@ -87,6 +87,8 @@
  * Extended non-POSIX.1e interfaces that offer additional services
  * available from the userland and kernel MAC frameworks.
  */
+int		 execve_mac(char *fname, char **argv, char **envv,
+		    mac_t _label);
 int		 mac_free(mac_t _label);
 int		 mac_from_text(mac_t *_label, const char *_text);
 int		 mac_get_fd(int _fd, mac_t _label);

==== //depot/projects/trustedbsd/mac/sys/sys/syscall.h#41 (text+ko) ====

@@ -323,5 +323,5 @@
 #define	SYS_extattr_set_link	412
 #define	SYS_extattr_get_link	413
 #define	SYS_extattr_delete_link	414
-#define	SYS_execve_mac	415
+#define	SYS___execve_mac	415
 #define	SYS_MAXSYSCALL	421

==== //depot/projects/trustedbsd/mac/sys/sys/syscall.mk#40 (text+ko) ====

@@ -272,4 +272,4 @@
 	extattr_set_link.o \
 	extattr_get_link.o \
 	extattr_delete_link.o \
-	execve_mac.o
+	__execve_mac.o

==== //depot/projects/trustedbsd/mac/sys/sys/sysproto.h#42 (text+ko) ====

@@ -1189,7 +1189,7 @@
 	char attrnamespace_l_[PADL_(int)]; int attrnamespace; char attrnamespace_r_[PADR_(int)];
 	char attrname_l_[PADL_(const char *)]; const char * attrname; char attrname_r_[PADR_(const char *)];
 };
-struct execve_mac_args {
+struct __execve_mac_args {
 	char fname_l_[PADL_(char *)]; char * fname; char fname_r_[PADR_(char *)];
 	char argv_l_[PADL_(char **)]; char ** argv; char argv_r_[PADR_(char **)];
 	char envv_l_[PADL_(char **)]; char ** envv; char envv_r_[PADR_(char **)];
@@ -1463,7 +1463,7 @@
 int	extattr_set_link(struct thread *, struct extattr_set_link_args *);
 int	extattr_get_link(struct thread *, struct extattr_get_link_args *);
 int	extattr_delete_link(struct thread *, struct extattr_delete_link_args *);
-int	execve_mac(struct thread *, struct execve_mac_args *);
+int	__execve_mac(struct thread *, struct __execve_mac_args *);
 
 #ifdef COMPAT_43
 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message