Date: Sat, 21 Jun 2003 19:59:58 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 33494 for review Message-ID: <200306220259.h5M2xwKb099610@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=33494 Change 33494 by rwatson@rwatson_powerbook on 2003/06/21 19:59:09 Remove reference to devfs include file; a different devfs. Temporarily "#if 0" the module versioning support since that's different in Darwin. Stub out TUNABLE and WITNESS support, since they don't exist in Darwin. We'll need to find some substitute for lock order checking, so might need to port WITNESS to the Mach primitives. "#if 0" VM-related functionality, such as memory mapping downgrades, since the VM system is different on Darwin. Affected files ... .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#5 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#5 (text+ko) ==== @@ -62,8 +62,6 @@ #include <sys/mac_policy.h> -#include <fs/devfs/devfs.h> - #include <net/bpfdesc.h> #include <net/if.h> #include <net/if_var.h> @@ -81,7 +79,12 @@ * modules to refuse to be loaded if the necessary support isn't present, * even if it's pre-boot. */ +#if 0 MODULE_VERSION(kernel_mac_support, 1); +#endif + +#define TUNABLE_INT(x, y) +#define WITNESS_WARN(x, y, z, ...) SYSCTL_DECL(_security); @@ -222,10 +225,12 @@ static int mac_policy_register(struct mac_policy_conf *mpc); static int mac_policy_unregister(struct mac_policy_conf *mpc); +#if 0 static void mac_check_vnode_mmap_downgrade(struct ucred *cred, struct vnode *vp, int *prot); static void mac_cred_mmapped_drop_perms_recurse(struct thread *td, struct ucred *cred, struct vm_map *map); +#endif static void mac_destroy_socket_label(struct label *label); @@ -2034,6 +2039,7 @@ return (error); } +#if 0 /* * When relabeling a process, call out to the policies for the maximum * permission allowed for each object type we know about in its @@ -2193,6 +2199,7 @@ } vm_map_unlock_read(map); } +#endif /* * When the subject's label changes, it may require revocation of privilege @@ -3466,11 +3473,13 @@ crhold(newcred); PROC_UNLOCK(p); +#if 0 if (mac_enforce_vm) { mtx_lock(&Giant); mac_cred_mmapped_drop_perms(td, newcred); mtx_unlock(&Giant); } +#endif crfree(newcred); /* Free revocation reference. */ crfree(oldcred);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200306220259.h5M2xwKb099610>