From owner-cvs-all Sat Oct 26 7:39:21 2002 Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 73D6837B401; Sat, 26 Oct 2002 07:39:19 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0982C43E4A; Sat, 26 Oct 2002 07:39:19 -0700 (PDT) (envelope-from rwatson@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id g9QEcOmV098567; Sat, 26 Oct 2002 07:38:24 -0700 (PDT) (envelope-from rwatson@repoman.freebsd.org) Received: (from rwatson@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id g9QEcO9Q098566; Sat, 26 Oct 2002 07:38:24 -0700 (PDT) Message-Id: <200210261438.g9QEcO9Q098566@repoman.freebsd.org> From: Robert Watson Date: Sat, 26 Oct 2002 07:38:24 -0700 (PDT) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/conf files src/sys/fs/devfs devfs_vnops.c src/sys/fs/procfs procfs.c procfs.h procfs_mac.c src/sys/fs/pseudofs pseudofs.h pseudofs_vnops.c src/sys/kern kern_mac.c vfs_subr.c src/sys/modules/procfs Makefile ... X-FreeBSD-CVS-Branch: HEAD Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG rwatson 2002/10/26 07:38:24 PDT Modified files: sys/conf files sys/fs/devfs devfs_vnops.c sys/fs/procfs procfs.c procfs.h sys/fs/pseudofs pseudofs.h pseudofs_vnops.c sys/kern kern_mac.c vfs_subr.c sys/modules/procfs Makefile sys/security/mac_biba mac_biba.c sys/security/mac_mls mac_mls.c sys/security/mac_none mac_none.c sys/security/mac_test mac_test.c sys/sys mac.h mac_policy.h sys/ufs/ffs ffs_vfsops.c sys/ufs/ufs ufs_vnops.c Removed files: sys/fs/procfs procfs_mac.c Log: Slightly change the semantics of vnode labels for MAC: rather than "refreshing" the label on the vnode before use, just get the label right from inception. For single-label file systems, set the label in the generic VFS getnewvnode() code; for multi-label file systems, leave the labeling up to the file system. With UFS1/2, this means reading the extended attribute during vfs_vget() as the inode is pulled off disk, rather than hitting the extended attributes frequently during operations later, improving performance. This also corrects sematics for shared vnode locks, which were not previously present in the system. This chances the cache coherrency properties WRT out-of-band access to label data, but in an acceptable form. With UFS1, there is a small race condition during automatic extended attribute start -- this is not present with UFS2, and occurs because EAs aren't available at vnode inception. We'll introduce a work around for this shortly. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories Revision Changes Path 1.729 +0 -1 src/sys/conf/files 1.54 +1 -1 src/sys/fs/devfs/devfs_vnops.c 1.8 +0 -1 src/sys/fs/procfs/procfs.c 1.45 +0 -3 src/sys/fs/procfs/procfs.h 1.2 +0 -68 src/sys/fs/procfs/procfs_mac.c (dead) 1.22 +0 -10 src/sys/fs/pseudofs/pseudofs.h 1.32 +0 -47 src/sys/fs/pseudofs/pseudofs_vnops.c 1.49 +90 -486 src/sys/kern/kern_mac.c 1.419 +2 -0 src/sys/kern/vfs_subr.c 1.28 +0 -2 src/sys/modules/procfs/Makefile 1.29 +120 -61 src/sys/security/mac_biba/mac_biba.c 1.27 +98 -61 src/sys/security/mac_mls/mac_mls.c 1.15 +43 -39 src/sys/security/mac_none/mac_none.c 1.13 +43 -40 src/sys/security/mac_test/mac_test.c 1.19 +9 -7 src/sys/sys/mac.h 1.19 +23 -24 src/sys/sys/mac_policy.h 1.196 +18 -0 src/sys/ufs/ffs/ffs_vfsops.c 1.219 +12 -15 src/sys/ufs/ufs/ufs_vnops.c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message