Date: Tue, 12 Jun 2007 09:11:11 GMT From: Zhouyi ZHOU <zhouzhouyi@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 121485 for review Message-ID: <200706120911.l5C9BBTN094387@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=121485 Change 121485 by zhouzhouyi@zhouzhouyi_mactest on 2007/06/12 09:10:21 1) In mac_test module we must label specially for /dev/mactestpipe to avoid recursing. Add a new MAGIC: MAGIC_MACTESTPIPE. 2) For each mactestpipe record, add a pid inform to allow user space test program to do grep Affected files ... .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test.c#5 edit .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test_pipe.c#3 edit .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test_private.h#3 edit Differences ... ==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test.c#5 (text+ko) ==== @@ -84,6 +84,7 @@ #define MAGIC_BPF 0xfe1ad1b6 #define MAGIC_DEVFS 0x9ee79c32 +#define MAGIC_MACTESTPIPE 0x9ee79c33 #define MAGIC_IFNET 0xc218b120 #define MAGIC_INPCB 0x4440f7bb #define MAGIC_IPQ 0x206188ef @@ -126,14 +127,16 @@ #define LABEL_CHECK(label, magic) do { \ if (label != NULL) { \ - KASSERT(SLOT(label) == magic || SLOT(label) == 0, \ + KASSERT(SLOT(label) == magic || SLOT(label) == 0 || \ + SLOT(label) == MAGIC_MACTESTPIPE, \ ("%s: bad %s label", __func__, #magic)); \ } \ } while (0) #define LABEL_DESTROY(label, magic) do { \ - if (SLOT(label) == magic || SLOT(label) == 0) { \ - SLOT_SET(label, MAGIC_FREE); \ + if (SLOT(label) == magic || SLOT(label) == 0 || \ + SLOT(label) == MAGIC_MACTESTPIPE ) { \ + SLOT_SET(label, MAGIC_FREE); \ } else if (SLOT(label) == MAGIC_FREE) { \ DEBUGGER("%s: dup destroy", __func__); \ } else { \ @@ -157,7 +160,7 @@ static void mac_test_init_bpfdesc_label(struct label *label) { - mactest_pipe_submit("mac_test_init_bpfdesc_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_bpfdesc_label\n", strlen("mac_test_init_bpfdesc_label\n")); LABEL_INIT(label, MAGIC_BPF); COUNTER_INC(init_bpfdesc_label); @@ -167,7 +170,7 @@ static void mac_test_init_cred_label(struct label *label) { - mactest_pipe_submit("mac_test_init_cred_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_cred_label\n", strlen("mac_test_init_cred_label\n")); LABEL_INIT(label, MAGIC_CRED); COUNTER_INC(init_cred_label); @@ -177,17 +180,23 @@ static void mac_test_init_devfs_label(struct label *label) { - mactest_pipe_submit("mac_test_init_devfs_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_devfs_label\n", strlen("mac_test_init_devfs_label\n")); LABEL_INIT(label, MAGIC_DEVFS); COUNTER_INC(init_devfs_label); } +static void +mac_test_init_mactestpipe_label(struct label *label) +{ + LABEL_INIT(label, MAGIC_MACTESTPIPE); +} + COUNTER_DECL(init_ifnet_label); static void mac_test_init_ifnet_label(struct label *label) { - mactest_pipe_submit("mac_test_init_ifnet_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_ifnet_label\n", strlen("mac_test_init_ifnet_label\n")); LABEL_INIT(label, MAGIC_IFNET); COUNTER_INC(init_ifnet_label); @@ -197,7 +206,7 @@ static int mac_test_init_inpcb_label(struct label *label, int flag) { - mactest_pipe_submit("mac_test_init_inpcb_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_inpcb_label\n", strlen("mac_test_init_inpcb_label\n")); if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, @@ -213,7 +222,7 @@ static void mac_test_init_sysv_msgmsg_label(struct label *label) { - mactest_pipe_submit("mac_test_init_sysv_msgmsg_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_sysv_msgmsg_label\n", strlen("mac_test_init_sysv_msgmsg_label\n")); LABEL_INIT(label, MAGIC_SYSV_MSG); COUNTER_INC(init_sysv_msg_label); @@ -223,7 +232,7 @@ static void mac_test_init_sysv_msgqueue_label(struct label *label) { - mactest_pipe_submit("mac_test_init_sysv_msgqueue_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_sysv_msgqueue_label\n", strlen("mac_test_init_sysv_msgqueue_label\n")); LABEL_INIT(label, MAGIC_SYSV_MSQ); COUNTER_INC(init_sysv_msq_label); @@ -233,7 +242,7 @@ static void mac_test_init_sysv_sem_label(struct label *label) { - mactest_pipe_submit("mac_test_init_sysv_sem_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_sysv_sem_label\n", strlen("mac_test_init_sysv_sem_label\n")); LABEL_INIT(label, MAGIC_SYSV_SEM); COUNTER_INC(init_sysv_sem_label); @@ -243,7 +252,7 @@ static void mac_test_init_sysv_shm_label(struct label *label) { - mactest_pipe_submit("mac_test_init_sysv_shm_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_sysv_shm_label\n", strlen("mac_test_init_sysv_shm_label\n")); LABEL_INIT(label, MAGIC_SYSV_SHM); COUNTER_INC(init_sysv_shm_label); @@ -253,7 +262,7 @@ static int mac_test_init_ipq_label(struct label *label, int flag) { - mactest_pipe_submit("mac_test_init_ipq_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_ipq_label\n", strlen("mac_test_init_ipq_label\n")); if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, @@ -269,7 +278,7 @@ static int mac_test_init_mbuf_label(struct label *label, int flag) { - mactest_pipe_submit("mac_test_init_mbuf_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_mbuf_label\n", strlen("mac_test_init_mbuf_label\n")); if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, @@ -285,7 +294,7 @@ static void mac_test_init_mount_label(struct label *label) { - mactest_pipe_submit("mac_test_init_mount_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_mount_label\n", strlen("mac_test_init_mount_label\n")); LABEL_INIT(label, MAGIC_MOUNT); COUNTER_INC(init_mount_label); @@ -296,7 +305,7 @@ mac_test_init_socket_label(struct label *label, int flag) { - mactest_pipe_submit("mac_test_init_socket_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_socket_label\n", strlen("mac_test_init_socket_label\n")); if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, @@ -312,7 +321,7 @@ static int mac_test_init_socket_peer_label(struct label *label, int flag) { - mactest_pipe_submit("mac_test_init_socket_peer_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_socket_peer_label\n", strlen("mac_test_init_socket_peer_label\n")); if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, @@ -328,7 +337,7 @@ static void mac_test_init_pipe_label(struct label *label) { - mactest_pipe_submit("mac_test_init_pipe_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_pipe_label\n", strlen("mac_test_init_pipe_label\n")); LABEL_INIT(label, MAGIC_PIPE); COUNTER_INC(init_pipe_label); @@ -338,7 +347,7 @@ static void mac_test_init_posix_sem_label(struct label *label) { - mactest_pipe_submit("mac_test_init_posix_sem_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_posix_sem_label\n", strlen("mac_test_init_posix_sem_label\n")); LABEL_INIT(label, MAGIC_POSIX_SEM); COUNTER_INC(init_posix_sem_label); @@ -348,7 +357,7 @@ static void mac_test_init_proc_label(struct label *label) { - mactest_pipe_submit("mac_test_init_proc_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_proc_label\n", strlen("mac_test_init_proc_label\n")); LABEL_INIT(label, MAGIC_PROC); COUNTER_INC(init_proc_label); @@ -358,7 +367,7 @@ static void mac_test_init_vnode_label(struct label *label) { - mactest_pipe_submit("mac_test_init_vnode_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_vnode_label\n", strlen("mac_test_init_vnode_label\n")); LABEL_INIT(label, MAGIC_VNODE); COUNTER_INC(init_vnode_label); @@ -368,7 +377,7 @@ static void mac_test_destroy_bpfdesc_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_bpfdesc_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_bpfdesc_label\n", strlen("mac_test_destroy_bpfdesc_label\n")); LABEL_DESTROY(label, MAGIC_BPF); COUNTER_INC(destroy_bpfdesc_label); @@ -378,7 +387,7 @@ static void mac_test_destroy_cred_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_cred_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_cred_label\n", strlen("mac_test_destroy_cred_label\n")); LABEL_DESTROY(label, MAGIC_CRED); COUNTER_INC(destroy_cred_label); @@ -388,7 +397,7 @@ static void mac_test_destroy_devfs_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_devfs_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_devfs_label\n", strlen("mac_test_destroy_devfs_label\n")); LABEL_DESTROY(label, MAGIC_DEVFS); COUNTER_INC(destroy_devfs_label); @@ -398,7 +407,7 @@ static void mac_test_destroy_ifnet_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_ifnet_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_ifnet_label\n", strlen("mac_test_destroy_ifnet_label\n")); LABEL_DESTROY(label, MAGIC_IFNET); COUNTER_INC(destroy_ifnet_label); @@ -408,7 +417,7 @@ static void mac_test_destroy_inpcb_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_inpcb_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_inpcb_label\n", strlen("mac_test_destroy_inpcb_label\n")); LABEL_DESTROY(label, MAGIC_INPCB); COUNTER_INC(destroy_inpcb_label); @@ -418,7 +427,7 @@ static void mac_test_destroy_sysv_msgmsg_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_sysv_msgmsg_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_sysv_msgmsg_label\n", strlen("mac_test_destroy_sysv_msgmsg__label\n")); LABEL_DESTROY(label, MAGIC_SYSV_MSG); COUNTER_INC(destroy_sysv_msg_label); @@ -428,7 +437,7 @@ static void mac_test_destroy_sysv_msgqueue_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_sysv_msgqueue_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_sysv_msgqueue_label\n", strlen("mac_test_destroy_sysv_msgqueue_label\n")); LABEL_DESTROY(label, MAGIC_SYSV_MSQ); COUNTER_INC(destroy_sysv_msq_label); @@ -438,7 +447,7 @@ static void mac_test_destroy_sysv_sem_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_sysv_sem_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_sysv_sem_label\n", strlen("mac_test_destroy_sysv_sem_label\n")); LABEL_DESTROY(label, MAGIC_SYSV_SEM); COUNTER_INC(destroy_sysv_sem_label); @@ -448,7 +457,7 @@ static void mac_test_destroy_sysv_shm_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_sysv_shm_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_sysv_shm_label\n", strlen("mac_test_destroy_sysv_shm_label\n")); LABEL_DESTROY(label, MAGIC_SYSV_SHM); COUNTER_INC(destroy_sysv_shm_label); @@ -458,7 +467,7 @@ static void mac_test_destroy_ipq_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_ipq_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_ipq_label\n", strlen("mac_test_destroy_ipq_label\n")); LABEL_DESTROY(label, MAGIC_IPQ); COUNTER_INC(destroy_ipq_label); @@ -468,7 +477,7 @@ static void mac_test_destroy_mbuf_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_mbuf_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_mbuf_label\n", strlen("mac_test_destroy_mbuf_label\n")); /* * If we're loaded dynamically, there may be mbufs in flight that @@ -486,7 +495,7 @@ static void mac_test_destroy_mount_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_mount_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_mount_label\n", strlen("mac_test_destroy_mount_label\n")); LABEL_DESTROY(label, MAGIC_MOUNT); COUNTER_INC(destroy_mount_label); @@ -496,7 +505,7 @@ static void mac_test_destroy_socket_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_socket_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_socket_label\n", strlen("mac_test_destroy_socket_label\n")); LABEL_DESTROY(label, MAGIC_SOCKET); COUNTER_INC(destroy_socket_label); @@ -506,7 +515,7 @@ static void mac_test_destroy_socket_peer_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_socket_peer_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_socket_peer_label\n", strlen("mac_test_destroy_socket_peer_label\n")); LABEL_DESTROY(label, MAGIC_SOCKET); COUNTER_INC(destroy_socket_peer_label); @@ -516,7 +525,7 @@ static void mac_test_destroy_pipe_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_pipe_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_pipe_label\n", strlen("mac_test_destroy_pipe_label\n")); LABEL_DESTROY(label, MAGIC_PIPE); COUNTER_INC(destroy_pipe_label); @@ -526,7 +535,7 @@ static void mac_test_destroy_posix_sem_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_posix_sem_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_posix_sem_label\n", strlen("mac_test_destroy_posix_sem_label\n")); LABEL_DESTROY(label, MAGIC_POSIX_SEM); COUNTER_INC(destroy_posix_sem_label); @@ -536,7 +545,7 @@ static void mac_test_destroy_proc_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_proc_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_proc_label\n", strlen("mac_test_destroy_proc_label\n")); LABEL_DESTROY(label, MAGIC_PROC); COUNTER_INC(destroy_proc_label); @@ -546,7 +555,7 @@ static void mac_test_destroy_vnode_label(struct label *label) { - mactest_pipe_submit("mac_test_destroy_vnode_label\n", + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_vnode_label\n", strlen("mac_test_destroy_vnode_label\n")); LABEL_DESTROY(label, MAGIC_VNODE); COUNTER_INC(destroy_vnode_label); @@ -556,8 +565,8 @@ static void mac_test_copy_cred_label(struct label *src, struct label *dest) { - mactest_pipe_submit("mac_test_copy_cred_label\n", - strlen("mac_test_copy_cred_label\n")); + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_copy_cred_label with src label:", + strlen("mac_test_copy_cred_label with src label:")); MACTEST_PIPE_SUBMIT_LABEL(cred,src); LABEL_CHECK(src, MAGIC_CRED); LABEL_CHECK(dest, MAGIC_CRED); @@ -568,7 +577,9 @@ static void mac_test_copy_ifnet_label(struct label *src, struct label *dest) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_copy_ifnet_label with src label:", + strlen("mac_test_copy_ifnet_label with src label:")); + MACTEST_PIPE_SUBMIT_LABEL(ifnet,src); LABEL_CHECK(src, MAGIC_IFNET); LABEL_CHECK(dest, MAGIC_IFNET); COUNTER_INC(copy_ifnet_label); @@ -578,7 +589,9 @@ static void mac_test_copy_mbuf_label(struct label *src, struct label *dest) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_copy_mbuf_label with src label:", + strlen("mac_test_copy_mbuf_label with src label:")); + MACTEST_PIPE_SUBMIT_LABEL(vnode,src); LABEL_CHECK(src, MAGIC_MBUF); LABEL_CHECK(dest, MAGIC_MBUF); COUNTER_INC(copy_mbuf_label); @@ -588,7 +601,9 @@ static void mac_test_copy_pipe_label(struct label *src, struct label *dest) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_copy_pipe_label with src label:", + strlen("mac_test_copy_pipe_label with src label:")); + MACTEST_PIPE_SUBMIT_LABEL(pipe,src); LABEL_CHECK(src, MAGIC_PIPE); LABEL_CHECK(dest, MAGIC_PIPE); COUNTER_INC(copy_pipe_label); @@ -598,7 +613,9 @@ static void mac_test_copy_socket_label(struct label *src, struct label *dest) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_copy_socket_label with src label:", + strlen("mac_test_copy_socket_label with src label:")); + MACTEST_PIPE_SUBMIT_LABEL(socket,src); LABEL_CHECK(src, MAGIC_SOCKET); LABEL_CHECK(dest, MAGIC_SOCKET); COUNTER_INC(copy_socket_label); @@ -608,7 +625,9 @@ static void mac_test_copy_vnode_label(struct label *src, struct label *dest) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_copy_vnode_label with src label:", + strlen("mac_test_copy_vnode_label with src label:")); + MACTEST_PIPE_SUBMIT_LABEL(vnode,src); LABEL_CHECK(src, MAGIC_VNODE); LABEL_CHECK(dest, MAGIC_VNODE); COUNTER_INC(copy_vnode_label); @@ -2513,6 +2532,7 @@ .mpo_init_bpfdesc_label = mac_test_init_bpfdesc_label, .mpo_init_cred_label = mac_test_init_cred_label, .mpo_init_devfs_label = mac_test_init_devfs_label, + .mpo_init_mactestpipe_label = mac_test_init_mactestpipe_label, .mpo_init_ifnet_label = mac_test_init_ifnet_label, .mpo_init_sysv_msgmsg_label = mac_test_init_sysv_msgmsg_label, .mpo_init_sysv_msgqueue_label = mac_test_init_sysv_msgqueue_label, ==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test_pipe.c#3 (text+ko) ==== @@ -74,11 +74,12 @@ /* - * Description of an individual audit_pipe. Consists largely of a bounded + * Description of an individual mactest_pipe. Consists largely of a bounded * length queue. */ #define MACTEST_PIPE_ASYNC 0x00000001 #define MACTEST_PIPE_NBIO 0x00000002 + struct mactest_pipe { int mp_open; /* Device open? */ u_int mp_flags; @@ -105,6 +106,7 @@ TAILQ_ENTRY(mactest_pipe) mp_list; }; + /* * Global list of audit pipes, mutex to protect it and the pipes. Finer * grained locking may be desirable at some point. @@ -444,76 +446,6 @@ */ /* switch (cmd) { - case FIONBIO: - mtx_lock(&mactest_pipe_mtx); - if (*(int *)data) - mp->mp_flags |= MACTEST_PIPE_NBIO; - else - mp->mp_flags &= ~MACTEST_PIPE_NBIO; - mtx_unlock(&mactest_pipe_mtx); - error = 0; - break; - - case FIONREAD: - mtx_lock(&mactest_pipe_mtx); - if (TAILQ_FIRST(&mp->mp_queue) != NULL) - *(int *)data = - TAILQ_FIRST(&mp->mp_queue)->mpe_record_len; - else - *(int *)data = 0; - mtx_unlock(&mactest_pipe_mtx); - error = 0; - break; - - case FIOASYNC: - mtx_lock(&mactest_pipe_mtx); - if (*(int *)data) - mp->mp_flags |= MACTEST_PIPE_ASYNC; - else - mp->mp_flags &= ~MACTEST_PIPE_ASYNC; - mtx_unlock(&mactest_pipe_mtx); - error = 0; - break; - - case FIOSETOWN: - error = fsetown(*(int *)data, &mp->mp_sigio); - break; - - case FIOGETOWN: - *(int *)data = fgetown(&mp->mp_sigio); - error = 0; - break; - - case MACTESTPIPE_GET_QLEN: - *(u_int *)data = mp->mp_qlen; - error = 0; - break; - - case MACTESTPIPE_GET_QLIMIT: - *(u_int *)data = mp->mp_qlimit; - error = 0; - break; - - case MACTESTPIPE_SET_QLIMIT: - - if (*(u_int *)data >= MACTEST_PIPE_QLIMIT_MIN || - *(u_int *)data <= MACTEST_PIPE_QLIMIT_MAX) { - mp->mp_qlimit = *(u_int *)data; - error = 0; - } else - error = EINVAL; - break; - - case MACTESTPIPE_GET_QLIMIT_MIN: - *(u_int *)data = MACTEST_PIPE_QLIMIT_MIN; - error = 0; - break; - - case MACTESTPIPE_GET_QLIMIT_MAX: - *(u_int *)data = MACTEST_PIPE_QLIMIT_MAX; - error = 0; - break; - case MACTESTPIPE_FLUSH: mtx_lock(&mactest_pipe_mtx); mactest_pipe_flush(ap); @@ -521,31 +453,11 @@ error = 0; break; - case MACTESTPIPE_GET_MAXMACTESTDATA: - *(u_int *)data = MAXMACTESTDATA; - error = 0; + case MACTESTPIPE_SETFILTER: break; - case MACTESTPIPE_GET_INSERTS: - *(u_int *)data = mp->mp_inserts; - error = 0; - break; - - case MACTESTPIPE_GET_READS: - *(u_int *)data = mp->mp_reads; - error = 0; - break; - - case MACTESTPIPE_GET_DROPS: - *(u_int *)data = mp->mp_drops; - error = 0; + case MACTESTPIPE_GETFILTER: break; - - case MACTESTPIPE_GET_TRUNCATES: - *(u_int *)data = mp->mp_truncates; - error = 0; - break; - default: error = ENOTTY; } ==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test_private.h#3 (text+ko) ==== @@ -1,5 +1,6 @@ #ifndef _SECURITY_MAC_TEST_PRIVATE_H #define _SECURITY_MAC_TEST_PRIVATE_H +#include <sys/sbuf.h> #include <security/mac/mac_internal.h> void mactest_pipe_submit(void *record, u_int record_len); @@ -13,6 +14,7 @@ "mactest pipe entries and buffers"); #define MACTEST_PIPE_SUBMIT_LABEL(type,label) do { \ + int error; \ int strleng = 0; \ char *buffer; \ char *elements1 = malloc(256, M_MACTEST_PIPE, M_NOWAIT); \ @@ -22,8 +24,7 @@ buffer = malloc(256, M_MACTEST_PIPE, M_NOWAIT); \ if (!buffer) \ goto exit1; \ - mac_externalize_##type##_label(label, elements1, \ - buffer, 256); \ + MAC_EXTERNALIZE(type,label, elements1, buffer, 256); \ strleng = strlen(buffer); \ *(buffer + strleng) = '\n'; \ mactest_pipe_submit(buffer, strleng + 1); \ @@ -34,4 +35,19 @@ ;/*extra ; to avoid label at the end of compound statement*/ \ }while(0) + +#define MACTEST_PIPE_SUBMIT_WITHPID(string,length) do { \ + struct thread *td = curthread; \ + char *buffer; \ + buffer = malloc(256, M_MACTEST_PIPE, M_NOWAIT); \ + if (!buffer) \ + goto exit2; \ + sprintf(buffer,"pid = %d ", td->td_proc->p_pid); \ + mactest_pipe_submit(buffer, strlen(buffer)); \ + mactest_pipe_submit(string, length); \ + free(buffer, M_MACTEST_PIPE); \ +exit2: \ + ; \ +}while(0) + #endif /* ! _SECURITY_MAC_TEST_PRIVATE_H */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200706120911.l5C9BBTN094387>