From owner-p4-projects@FreeBSD.ORG  Wed Feb 23 19:10:43 2005
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id B9E9516A4D0; Wed, 23 Feb 2005 19:10:42 +0000 (GMT)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6072F16A4CE
	for <perforce@freebsd.org>; Wed, 23 Feb 2005 19:10:42 +0000 (GMT)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 15DFD43D46
	for <perforce@freebsd.org>; Wed, 23 Feb 2005 19:10:42 +0000 (GMT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j1NJAfxg078513
	for <perforce@freebsd.org>; Wed, 23 Feb 2005 19:10:41 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j1NJAfu3078510
	for perforce@freebsd.org; Wed, 23 Feb 2005 19:10:41 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Wed, 23 Feb 2005 19:10:41 GMT
Message-Id: <200502231910.j1NJAfu3078510@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Subject: PERFORCE change 71680 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Feb 2005 19:10:43 -0000

http://perforce.freebsd.org/chv.cgi?CH=71680

Change 71680 by rwatson@rwatson_paprika on 2005/02/23 19:10:39

	Re-lay out mac_bsdextended sysctl to copyin, lock+dowork+unlock,
	copyout.
	
	Suggested by:	jhb

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#87 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#87 (text+ko) ====

@@ -152,69 +152,68 @@
         if (index > MAC_BSDEXTENDED_MAXRULES)
 		return (ENOENT);
 
+	ruleptr = NULL;
+	if (req->newptr) {
+		error = SYSCTL_IN(req, &temprule, sizeof(temprule));
+		if (error)
+			return (error);
+		MALLOC(ruleptr, struct mac_bsdextended_rule *,
+		    sizeof(*ruleptr), M_MACBSDEXTENDED, M_WAITOK | M_ZERO);
+	}
+
+	mtx_lock(&mac_bsdextended_mtx);
+
 	if (req->oldptr) {
-		mtx_lock(&mac_bsdextended_mtx);
 		if (index < 0 || index > rule_slots + 1) {
-			mtx_unlock(&mac_bsdextended_mtx);
-			return (ENOENT);
+			error = ENOENT;
+			goto out;
 		}
-
 		if (rules[index] == NULL) {
-			mtx_unlock(&mac_bsdextended_mtx);
-			return (ENOENT);
+			error = ENOENT;
+			goto out;
 		}
-
 		temprule = *rules[index];
-		mtx_unlock(&mac_bsdextended_mtx);
-
-		error = SYSCTL_OUT(req, &temprule, sizeof(temprule));
-
-		if (error)
-			return (error);
 	}
 
-	if (req->newptr) {
-		if (req->newlen == 0) {
-			/* printf("deletion\n"); */
-			mtx_lock(&mac_bsdextended_mtx);
-			ruleptr = rules[index];
-			if (ruleptr == NULL) {
-				mtx_unlock(&mac_bsdextended_mtx);
-				return (ENOENT);
-			}
-			rule_count--;
-			rules[index] = NULL;
-			mtx_unlock(&mac_bsdextended_mtx);
-			FREE(ruleptr, M_MACBSDEXTENDED);
-			return(0);
+	if (req->newptr && req->newlen == 0) {
+		/* printf("deletion\n"); */
+		FREE(ruleptr, M_MACBSDEXTENDED);
+		ruleptr = rules[index];
+		if (ruleptr == NULL) {
+			error = ENOENT;
+			goto out;
 		}
-		error = SYSCTL_IN(req, &temprule, sizeof(temprule));
-		if (error)
-			return (error);
-
+		rule_count--;
+		rules[index] = NULL;
+	} else if (req->newptr) {
 		error = mac_bsdextended_rule_valid(&temprule);
 		if (error)
-			return (error);
+			goto out;
 
-		MALLOC(ruleptr, struct mac_bsdextended_rule *,
-		    sizeof(*ruleptr), M_MACBSDEXTENDED, M_WAITOK | M_ZERO);
-		mtx_lock(&mac_bsdextended_mtx);
 		if (rules[index] == NULL) {
 			/* printf("addition\n"); */
 			*ruleptr = temprule;
 			rules[index] = ruleptr;
+			ruleptr = NULL;
 			if (index + 1 > rule_slots)
 				rule_slots = index + 1;
 			rule_count++;
-			mtx_unlock(&mac_bsdextended_mtx);
 		} else {
 			/* printf("replacement\n"); */
 			*rules[index] = temprule;
-			mtx_unlock(&mac_bsdextended_mtx);
-			FREE(ruleptr, M_MACBSDEXTENDED);
 		}
 	}
 
+out:
+	mtx_unlock(&mac_bsdextended_mtx);
+	if (ruleptr != NULL)
+		FREE(ruleptr, M_MACBSDEXTENDED);
+	if (req->oldptr && error == 0) {
+		error = SYSCTL_OUT(req, &temprule, sizeof(temprule));
+		if (error)
+			return (error);
+	}
+
 	return (0);
 }