From owner-svn-src-head@FreeBSD.ORG Sun Mar 8 12:32:07 2009 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 09A331065670; Sun, 8 Mar 2009 12:32:07 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id E8D858FC28; Sun, 8 Mar 2009 12:32:06 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n28CW633083432; Sun, 8 Mar 2009 12:32:06 GMT (envelope-from rwatson@svn.freebsd.org) Received: (from rwatson@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n28CW6hx083421; Sun, 8 Mar 2009 12:32:06 GMT (envelope-from rwatson@svn.freebsd.org) Message-Id: <200903081232.n28CW6hx083421@svn.freebsd.org> From: Robert Watson Date: Sun, 8 Mar 2009 12:32:06 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r189533 - in head/sys: kern security/mac security/mac_biba security/mac_bsdextended security/mac_lomac security/mac_mls security/mac_stub security/mac_test X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Mar 2009 12:32:07 -0000 Author: rwatson Date: Sun Mar 8 12:32:06 2009 New Revision: 189533 URL: http://svn.freebsd.org/changeset/base/189533 Log: Remove 'uio' argument from MAC Framework and MAC policy entry points for extended attribute get/set; in the case of get an uninitialized user buffer was passed before the EA was retrieved, making it of relatively little use; the latter was simply unused by any policies. Obtained from: TrustedBSD Project Sponsored by: Google, Inc. Modified: head/sys/kern/vfs_extattr.c head/sys/security/mac/mac_framework.h head/sys/security/mac/mac_policy.h head/sys/security/mac/mac_vfs.c head/sys/security/mac_biba/mac_biba.c head/sys/security/mac_bsdextended/ugidfw_internal.h head/sys/security/mac_bsdextended/ugidfw_vnode.c head/sys/security/mac_lomac/mac_lomac.c head/sys/security/mac_mls/mac_mls.c head/sys/security/mac_stub/mac_stub.c head/sys/security/mac_test/mac_test.c Modified: head/sys/kern/vfs_extattr.c ============================================================================== --- head/sys/kern/vfs_extattr.c Sun Mar 8 12:22:00 2009 (r189532) +++ head/sys/kern/vfs_extattr.c Sun Mar 8 12:32:06 2009 (r189533) @@ -195,7 +195,7 @@ extattr_set_vp(struct vnode *vp, int att #ifdef MAC error = mac_vnode_check_setextattr(td->td_ucred, vp, attrnamespace, - attrname, &auio); + attrname); if (error) goto done; #endif @@ -373,7 +373,7 @@ extattr_get_vp(struct vnode *vp, int att #ifdef MAC error = mac_vnode_check_getextattr(td->td_ucred, vp, attrnamespace, - attrname, &auio); + attrname); if (error) goto done; #endif Modified: head/sys/security/mac/mac_framework.h ============================================================================== --- head/sys/security/mac/mac_framework.h Sun Mar 8 12:22:00 2009 (r189532) +++ head/sys/security/mac/mac_framework.h Sun Mar 8 12:32:06 2009 (r189533) @@ -85,7 +85,6 @@ struct pipepair; struct thread; struct timespec; struct ucred; -struct uio; struct vattr; struct vnode; struct vop_setlabel_args; @@ -377,7 +376,7 @@ int mac_vnode_check_exec(struct ucred *c int mac_vnode_check_getacl(struct ucred *cred, struct vnode *vp, acl_type_t type); int mac_vnode_check_getextattr(struct ucred *cred, struct vnode *vp, - int attrnamespace, const char *name, struct uio *uio); + int attrnamespace, const char *name); int mac_vnode_check_link(struct ucred *cred, struct vnode *dvp, struct vnode *vp, struct componentname *cnp); int mac_vnode_check_listextattr(struct ucred *cred, struct vnode *vp, @@ -404,7 +403,7 @@ int mac_vnode_check_revoke(struct ucred int mac_vnode_check_setacl(struct ucred *cred, struct vnode *vp, acl_type_t type, struct acl *acl); int mac_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, - int attrnamespace, const char *name, struct uio *uio); + int attrnamespace, const char *name); int mac_vnode_check_setflags(struct ucred *cred, struct vnode *vp, u_long flags); int mac_vnode_check_setmode(struct ucred *cred, struct vnode *vp, Modified: head/sys/security/mac/mac_policy.h ============================================================================== --- head/sys/security/mac/mac_policy.h Sun Mar 8 12:22:00 2009 (r189532) +++ head/sys/security/mac/mac_policy.h Sun Mar 8 12:32:06 2009 (r189533) @@ -97,7 +97,6 @@ struct sysctl_oid; struct sysctl_req; struct thread; struct ucred; -struct uio; struct vattr; struct vnode; @@ -557,7 +556,7 @@ typedef int (*mpo_vnode_check_getacl_t)( acl_type_t type); typedef int (*mpo_vnode_check_getextattr_t)(struct ucred *cred, struct vnode *vp, struct label *vplabel, - int attrnamespace, const char *name, struct uio *uio); + int attrnamespace, const char *name); typedef int (*mpo_vnode_check_link_t)(struct ucred *cred, struct vnode *dvp, struct label *dvplabel, struct vnode *vp, struct label *vplabel, @@ -606,7 +605,7 @@ typedef int (*mpo_vnode_check_setacl_t)( struct acl *acl); typedef int (*mpo_vnode_check_setextattr_t)(struct ucred *cred, struct vnode *vp, struct label *vplabel, - int attrnamespace, const char *name, struct uio *uio); + int attrnamespace, const char *name); typedef int (*mpo_vnode_check_setflags_t)(struct ucred *cred, struct vnode *vp, struct label *vplabel, u_long flags); typedef int (*mpo_vnode_check_setmode_t)(struct ucred *cred, Modified: head/sys/security/mac/mac_vfs.c ============================================================================== --- head/sys/security/mac/mac_vfs.c Sun Mar 8 12:22:00 2009 (r189532) +++ head/sys/security/mac/mac_vfs.c Sun Mar 8 12:32:06 2009 (r189533) @@ -506,14 +506,14 @@ MAC_CHECK_PROBE_DEFINE4(vnode_check_gete int mac_vnode_check_getextattr(struct ucred *cred, struct vnode *vp, - int attrnamespace, const char *name, struct uio *uio) + int attrnamespace, const char *name) { int error; ASSERT_VOP_LOCKED(vp, "mac_vnode_check_getextattr"); MAC_CHECK(vnode_check_getextattr, cred, vp, vp->v_label, - attrnamespace, name, uio); + attrnamespace, name); MAC_CHECK_PROBE4(vnode_check_getextattr, error, cred, vp, attrnamespace, name); @@ -798,14 +798,14 @@ MAC_CHECK_PROBE_DEFINE4(vnode_check_sete int mac_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, - int attrnamespace, const char *name, struct uio *uio) + int attrnamespace, const char *name) { int error; ASSERT_VOP_LOCKED(vp, "mac_vnode_check_setextattr"); MAC_CHECK(vnode_check_setextattr, cred, vp, vp->v_label, - attrnamespace, name, uio); + attrnamespace, name); MAC_CHECK_PROBE4(vnode_check_setextattr, error, cred, vp, attrnamespace, name); Modified: head/sys/security/mac_biba/mac_biba.c ============================================================================== --- head/sys/security/mac_biba/mac_biba.c Sun Mar 8 12:22:00 2009 (r189532) +++ head/sys/security/mac_biba/mac_biba.c Sun Mar 8 12:32:06 2009 (r189533) @@ -2775,8 +2775,7 @@ biba_vnode_check_getacl(struct ucred *cr static int biba_vnode_check_getextattr(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int attrnamespace, const char *name, - struct uio *uio) + struct label *vplabel, int attrnamespace, const char *name) { struct mac_biba *subj, *obj; @@ -3116,8 +3115,7 @@ biba_vnode_check_setacl(struct ucred *cr static int biba_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int attrnamespace, const char *name, - struct uio *uio) + struct label *vplabel, int attrnamespace, const char *name) { struct mac_biba *subj, *obj; Modified: head/sys/security/mac_bsdextended/ugidfw_internal.h ============================================================================== --- head/sys/security/mac_bsdextended/ugidfw_internal.h Sun Mar 8 12:22:00 2009 (r189532) +++ head/sys/security/mac_bsdextended/ugidfw_internal.h Sun Mar 8 12:32:06 2009 (r189533) @@ -72,8 +72,7 @@ int ugidfw_vnode_check_exec(struct ucred int ugidfw_vnode_check_getacl(struct ucred *cred, struct vnode *vp, struct label *vplabel, acl_type_t type); int ugidfw_vnode_check_getextattr(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int attrnamespace, const char *name, - struct uio *uio); + struct label *vplabel, int attrnamespace, const char *name); int ugidfw_vnode_check_link(struct ucred *cred, struct vnode *dvp, struct label *dvplabel, struct vnode *vp, struct label *label, struct componentname *cnp); @@ -98,8 +97,7 @@ int ugidfw_vnode_check_revoke(struct ucr int ugidfw_check_setacl_vnode(struct ucred *cred, struct vnode *vp, struct label *vplabel, acl_type_t type, struct acl *acl); int ugidfw_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int attrnamespace, const char *name, - struct uio *uio); + struct label *vplabel, int attrnamespace, const char *name); int ugidfw_vnode_check_setflags(struct ucred *cred, struct vnode *vp, struct label *vplabel, u_long flags); int ugidfw_vnode_check_setmode(struct ucred *cred, struct vnode *vp, Modified: head/sys/security/mac_bsdextended/ugidfw_vnode.c ============================================================================== --- head/sys/security/mac_bsdextended/ugidfw_vnode.c Sun Mar 8 12:22:00 2009 (r189532) +++ head/sys/security/mac_bsdextended/ugidfw_vnode.c Sun Mar 8 12:32:06 2009 (r189533) @@ -127,8 +127,7 @@ ugidfw_vnode_check_getacl(struct ucred * int ugidfw_vnode_check_getextattr(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int attrnamespace, const char *name, - struct uio *uio) + struct label *vplabel, int attrnamespace, const char *name) { return (ugidfw_check_vp(cred, vp, MBI_READ)); @@ -236,8 +235,7 @@ ugidfw_check_setacl_vnode(struct ucred * int ugidfw_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int attrnamespace, const char *name, - struct uio *uio) + struct label *vplabel, int attrnamespace, const char *name) { return (ugidfw_check_vp(cred, vp, MBI_WRITE)); Modified: head/sys/security/mac_lomac/mac_lomac.c ============================================================================== --- head/sys/security/mac_lomac/mac_lomac.c Sun Mar 8 12:22:00 2009 (r189532) +++ head/sys/security/mac_lomac/mac_lomac.c Sun Mar 8 12:32:06 2009 (r189533) @@ -2631,8 +2631,7 @@ lomac_vnode_check_setacl(struct ucred *c static int lomac_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int attrnamespace, const char *name, - struct uio *uio) + struct label *vplabel, int attrnamespace, const char *name) { struct mac_lomac *subj, *obj; Modified: head/sys/security/mac_mls/mac_mls.c ============================================================================== --- head/sys/security/mac_mls/mac_mls.c Sun Mar 8 12:22:00 2009 (r189532) +++ head/sys/security/mac_mls/mac_mls.c Sun Mar 8 12:32:06 2009 (r189533) @@ -2398,8 +2398,7 @@ mls_vnode_check_getacl(struct ucred *cre static int mls_vnode_check_getextattr(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int attrnamespace, const char *name, - struct uio *uio) + struct label *vplabel, int attrnamespace, const char *name) { struct mac_mls *subj, *obj; @@ -2739,8 +2738,7 @@ mls_vnode_check_setacl(struct ucred *cre static int mls_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int attrnamespace, const char *name, - struct uio *uio) + struct label *vplabel, int attrnamespace, const char *name) { struct mac_mls *subj, *obj; Modified: head/sys/security/mac_stub/mac_stub.c ============================================================================== --- head/sys/security/mac_stub/mac_stub.c Sun Mar 8 12:22:00 2009 (r189532) +++ head/sys/security/mac_stub/mac_stub.c Sun Mar 8 12:32:06 2009 (r189533) @@ -1283,8 +1283,7 @@ stub_vnode_check_getacl(struct ucred *cr static int stub_vnode_check_getextattr(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int attrnamespace, const char *name, - struct uio *uio) + struct label *vplabel, int attrnamespace, const char *name) { return (0); @@ -1422,8 +1421,7 @@ stub_vnode_check_setacl(struct ucred *cr static int stub_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int attrnamespace, const char *name, - struct uio *uio) + struct label *vplabel, int attrnamespace, const char *name) { return (0); Modified: head/sys/security/mac_test/mac_test.c ============================================================================== --- head/sys/security/mac_test/mac_test.c Sun Mar 8 12:22:00 2009 (r189532) +++ head/sys/security/mac_test/mac_test.c Sun Mar 8 12:32:06 2009 (r189533) @@ -2435,8 +2435,7 @@ test_vnode_check_getacl(struct ucred *cr COUNTER_DECL(vnode_check_getextattr); static int test_vnode_check_getextattr(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int attrnamespace, const char *name, - struct uio *uio) + struct label *vplabel, int attrnamespace, const char *name) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); @@ -2642,8 +2641,7 @@ test_vnode_check_setacl(struct ucred *cr COUNTER_DECL(vnode_check_setextattr); static int test_vnode_check_setextattr(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int attrnamespace, const char *name, - struct uio *uio) + struct label *vplabel, int attrnamespace, const char *name) { LABEL_CHECK(cred->cr_label, MAGIC_CRED);