Date: Sat, 8 Jul 2006 13:20:26 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 100997 for review Message-ID: <200607081320.k68DKQZB017621@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=100997 Change 100997 by rwatson@rwatson_zoo on 2006/07/08 13:20:05 Rename policy calls. Remove fs_label. Affected files ... .. //depot/projects/trustedbsd/mac2/sys/security/mac_test/mac_test.c#2 edit Differences ... ==== //depot/projects/trustedbsd/mac2/sys/security/mac_test/mac_test.c#2 (text+ko) ==== @@ -1,6 +1,7 @@ /*- * Copyright (c) 1999-2002 Robert N. M. Watson * Copyright (c) 2001-2005 McAfee, Inc. + * Copyright (c) 2006 SPARTA, Inc. * All rights reserved. * * This software was developed by Robert Watson for the TrustedBSD Project. @@ -10,6 +11,9 @@ * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA * CHATS research program. * + * This software was enhanced by SPARTA ISSO under SPAWAR contract + * N66001-04-C-6019 ("SEFOS"). + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -46,7 +50,7 @@ #include <sys/kdb.h> #include <sys/extattr.h> #include <sys/kernel.h> -#include <sys/mac.h> +#include <sys/mac_framework.h> #include <sys/malloc.h> #include <sys/mount.h> #include <sys/proc.h> @@ -182,9 +186,6 @@ static int init_count_mount; SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_mount, CTLFLAG_RD, &init_count_mount, 0, "mount init calls"); -static int init_count_mount_fslabel; -SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_mount_fslabel, CTLFLAG_RD, - &init_count_mount_fslabel, 0, "mount_fslabel init calls"); static int init_count_socket; SYSCTL_INT(_security_mac_test, OID_AUTO, init_count_socket, CTLFLAG_RD, &init_count_socket, 0, "socket init calls"); @@ -241,10 +242,6 @@ static int destroy_count_mount; SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_mount, CTLFLAG_RD, &destroy_count_mount, 0, "mount destroy calls"); -static int destroy_count_mount_fslabel; -SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_mount_fslabel, - CTLFLAG_RD, &destroy_count_mount_fslabel, 0, - "mount_fslabel destroy calls"); static int destroy_count_socket; SYSCTL_INT(_security_mac_test, OID_AUTO, destroy_count_socket, CTLFLAG_RD, &destroy_count_socket, 0, "socket destroy calls"); @@ -282,13 +279,13 @@ * Policy module operations. */ static void -mac_test_destroy(struct mac_policy_conf *conf) +mac_test_policy_destroy(struct mac_policy_conf *conf) { } static void -mac_test_init(struct mac_policy_conf *conf) +mac_test_policy_init(struct mac_policy_conf *conf) { } @@ -413,14 +410,6 @@ atomic_add_int(&init_count_mount, 1); } -static void -mac_test_init_mount_fs_label(struct label *label) -{ - - SLOT(label) = MOUNTMAGIC; - atomic_add_int(&init_count_mount_fslabel, 1); -} - static int mac_test_init_socket_label(struct label *label, int flag) { @@ -660,20 +649,6 @@ } static void -mac_test_destroy_mount_fs_label(struct label *label) -{ - - if ((SLOT(label) == MOUNTMAGIC || SLOT(label) == 0)) { - atomic_add_int(&destroy_count_mount_fslabel, 1); - SLOT(label) = EXMAGIC; - } else if (SLOT(label) == EXMAGIC) { - DEBUGGER("mac_test_destroy_mount_fslabel: dup destroy"); - } else { - DEBUGGER("mac_test_destroy_mount_fslabel: corrupted label"); - } -} - -static void mac_test_destroy_socket_label(struct label *label) { @@ -836,32 +811,32 @@ * a lot like file system objects. */ static void -mac_test_associate_vnode_devfs(struct mount *mp, struct label *fslabel, +mac_test_associate_vnode_devfs(struct mount *mp, struct label *mntlabel, struct devfs_dirent *de, struct label *delabel, struct vnode *vp, struct label *vlabel) { - ASSERT_MOUNT_LABEL(fslabel); + ASSERT_MOUNT_LABEL(mntlabel); ASSERT_DEVFS_LABEL(delabel); ASSERT_VNODE_LABEL(vlabel); } static int -mac_test_associate_vnode_extattr(struct mount *mp, struct label *fslabel, +mac_test_associate_vnode_extattr(struct mount *mp, struct label *mntlabel, struct vnode *vp, struct label *vlabel) { - ASSERT_MOUNT_LABEL(fslabel); + ASSERT_MOUNT_LABEL(mntlabel); ASSERT_VNODE_LABEL(vlabel); return (0); } static void mac_test_associate_vnode_singlelabel(struct mount *mp, - struct label *fslabel, struct vnode *vp, struct label *vlabel) + struct label *mntlabel, struct vnode *vp, struct label *vlabel) { - ASSERT_MOUNT_LABEL(fslabel); + ASSERT_MOUNT_LABEL(mntlabel); ASSERT_VNODE_LABEL(vlabel); } @@ -897,12 +872,12 @@ static int mac_test_create_vnode_extattr(struct ucred *cred, struct mount *mp, - struct label *fslabel, struct vnode *dvp, struct label *dlabel, + struct label *mntlabel, struct vnode *dvp, struct label *dlabel, struct vnode *vp, struct label *vlabel, struct componentname *cnp) { ASSERT_CRED_LABEL(cred->cr_label); - ASSERT_MOUNT_LABEL(fslabel); + ASSERT_MOUNT_LABEL(mntlabel); ASSERT_VNODE_LABEL(dlabel); return (0); @@ -910,12 +885,11 @@ static void mac_test_create_mount(struct ucred *cred, struct mount *mp, - struct label *mntlabel, struct label *fslabel) + struct label *mntlabel) { ASSERT_CRED_LABEL(cred->cr_label); ASSERT_MOUNT_LABEL(mntlabel); - ASSERT_MOUNT_LABEL(fslabel); } static void @@ -2411,7 +2385,6 @@ .mpo_init_ipq_label = mac_test_init_ipq_label, .mpo_init_mbuf_label = mac_test_init_mbuf_label, .mpo_init_mount_label = mac_test_init_mount_label, - .mpo_init_mount_fs_label = mac_test_init_mount_fs_label, .mpo_init_pipe_label = mac_test_init_pipe_label, .mpo_init_posix_sem_label = mac_test_init_posix_sem_label, .mpo_init_proc_label = mac_test_init_proc_label, @@ -2431,7 +2404,6 @@ .mpo_destroy_ipq_label = mac_test_destroy_ipq_label, .mpo_destroy_mbuf_label = mac_test_destroy_mbuf_label, .mpo_destroy_mount_label = mac_test_destroy_mount_label, - .mpo_destroy_mount_fs_label = mac_test_destroy_mount_fs_label, .mpo_destroy_pipe_label = mac_test_destroy_pipe_label, .mpo_destroy_posix_sem_label = mac_test_destroy_posix_sem_label, .mpo_destroy_proc_label = mac_test_destroy_proc_label,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200607081320.k68DKQZB017621>