From owner-p4-projects Wed Apr 17 11:21:38 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 91F2337B417; Wed, 17 Apr 2002 11:19:43 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 103CA37B405 for ; Wed, 17 Apr 2002 11:19:42 -0700 (PDT) Received: (from perforce@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g3HIJfC42819 for perforce@freebsd.org; Wed, 17 Apr 2002 11:19:41 -0700 (PDT) (envelope-from cvance@tislabs.com) Date: Wed, 17 Apr 2002 11:19:41 -0700 (PDT) Message-Id: <200204171819.g3HIJfC42819@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to cvance@tislabs.com using -f From: Chris Vance Subject: PERFORCE change 9923 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=9923 Change 9923 by cvance@cvance_korben on 2002/04/17 11:18:44 A bunch of small changes necessary to build some portions of the security server from userspace. This functionality is needed to build a policy. - Fixed includes - Correctly ifdef'd policy writing routines - replaced malloc/free with a macro Affected files ... ... //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/avc.h#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/linux-compat.h#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.h#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/avtab.c#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/avtab.h#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/ebitmap.c#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/ebitmap.h#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/fileutils.c#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/fileutils.h#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/global.h#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/hashtab.c#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/hashtab.h#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/init.c#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/mls.c#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/policydb.c#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/queue.c#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/services.c#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/services_private.h#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/sidtab.c#3 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/symtab.c#2 edit ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/syscalls.c#2 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/avc.h#2 (text+ko) ==== @@ -14,13 +14,16 @@ */ #ifdef __FreeBSD__ +#include #include #include #include #include +#ifdef _KERNEL MALLOC_DECLARE(M_SEBSD_AVC); +#endif /* _KERNEL */ #else /* __FreeBSD__ */ #include ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/linux-compat.h#2 (text+ko) ==== @@ -51,10 +51,27 @@ typedef u_int16_t __u16; typedef u_int8_t __u8; + +#ifdef _KERNEL #define le32_to_cpu(a) le32toh(a) #define le64_to_cpu(a) le64toh(a) +#else /* !_KERNEL */ -#else /* __FreeBSD__ */ +#if BYTE_ORDER == LITTLE_ENDIAN +#define cpu_to_le32(x) ((__uint32_t)(x)) +#define cpu_to_le64(x) ((__uint64_t)(x)) +#define le32_to_cpu(x) ((__uint32_t)(x)) +#define le64_to_cpu(x) ((__uint64_t)(x)) +#else /* BYTE_ORDER != LITTLE_ENDIAN */ +#define cpu_to_le32(x) bswap32((x)) +#define cpu_to_le64(x) bswap64((x)) +#define le32_to_cpu(x) bswap32((x)) +#define le64_to_cpu(x) bswap64((x)) +#endif /* BYTE_ORDER */ + +#endif /* _KERNEL */ + +#else /* !__FreeBSD__ */ /* Should be Linux */ /* printk */ ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.h#2 (text+ko) ==== @@ -37,7 +37,10 @@ #ifndef _SYS_SECURITY_SEBSD_H #define _SYS_SECURITY_SEBSD_H +#ifdef _KERNEL MALLOC_DECLARE(M_SEBSD); +#endif /* _KERNEL */ + extern int avc_debug_always_allow; extern int security_init(void); ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/avtab.c#2 (text+ko) ==== @@ -8,11 +8,11 @@ */ - +#if defined(__FreeBSD__) && defined(_KERNEL) #include -#include #include #include +#endif /* _KERNEL */ #include #include @@ -59,8 +59,8 @@ break; } - newnode = (avtab_ptr_t)malloc(sizeof(struct avtab_node), M_SEBSD_SS, - M_WAITOK | M_ZERO); + newnode = (avtab_ptr_t)sebsd_malloc(sizeof(struct avtab_node), + M_SEBSD_SS, M_WAITOK | M_ZERO); if (newnode == NULL) return -ENOMEM; /* memset(newnode, 0, sizeof(struct avtab_node)); */ @@ -126,11 +126,11 @@ while (cur != NULL) { temp = cur; cur = cur->next; - free(temp, M_SEBSD_SS); + sebsd_free(temp, M_SEBSD_SS); } h->htable[i] = NULL; } - free(h->htable, M_SEBSD_SS); + sebsd_free(h->htable, M_SEBSD_SS); } @@ -164,8 +164,8 @@ { int i; - h->htable = malloc(sizeof(avtab_ptr_t)*AVTAB_SIZE, - M_SEBSD_SS, M_WAITOK | M_ZERO); + h->htable = sebsd_malloc(sizeof(avtab_ptr_t)*AVTAB_SIZE, + M_SEBSD_SS, M_WAITOK | M_ZERO); if (!h->htable) return -1; for (i = 0; i < AVTAB_SIZE; i++) @@ -293,8 +293,7 @@ } -#ifndef __FreeBSD__ /* TBD */ -#ifndef __KERNEL__ +#if !defined(__KERNEL__) && !defined(_KERNEL) int avtab_write(avtab_t * a, FILE * fp) { int i; @@ -349,5 +348,5 @@ return 0; } -#endif -#endif /* __FreeBSD__ */ /* TBD */ +#endif /* KERNEL */ + ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/avtab.h#2 (text+ko) ==== @@ -73,11 +73,9 @@ int avtab_read(avtab_t * a, FILE * fp, __u32 config); -#ifndef __FreeBSD__ /* TBD */ -#ifndef __KERNEL__ +#if !defined(__KERNEL__) && !defined(_KERNEL) int avtab_write(avtab_t * a, FILE * fp); -#endif -#endif /* __FreeBSD__ */ /* TBD */ +#endif /* KERNEL */ #endif /* _AVTAB_H_ */ ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/ebitmap.c#2 (text+ko) ==== @@ -7,10 +7,12 @@ * Implementation of the extensible bitmap type. */ + +#if defined(__FreeBSD__) && defined(_KERNEL) #include -#include #include #include +#endif /* FreeBSD _KERNEL */ #include #include @@ -27,8 +29,9 @@ n2 = e2->node; prev = 0; while (n1 || n2) { - new = (ebitmap_node_t *) malloc(sizeof(ebitmap_node_t), - M_SEBSD_SS, M_WAITOK | M_ZERO); + new = (ebitmap_node_t *) sebsd_malloc(sizeof(ebitmap_node_t), + M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!new) { ebitmap_destroy(dst); return FALSE; @@ -95,8 +98,9 @@ n = src->node; prev = 0; while (n) { - new = (ebitmap_node_t *) malloc(sizeof(ebitmap_node_t), - M_SEBSD_SS, M_WAITOK | M_ZERO); + new = (ebitmap_node_t *) sebsd_malloc(sizeof(ebitmap_node_t), + M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!new) { ebitmap_destroy(dst); return FALSE; @@ -201,7 +205,7 @@ else e->node = n->next; - free(n, M_SEBSD_SS); + sebsd_free(n, M_SEBSD_SS); } } return TRUE; @@ -213,8 +217,8 @@ if (!value) return TRUE; - new = (ebitmap_node_t *) malloc(sizeof(ebitmap_node_t), - M_SEBSD_SS, M_WAITOK | M_ZERO); + new = (ebitmap_node_t *) sebsd_malloc(sizeof(ebitmap_node_t), + M_SEBSD_SS, M_WAITOK | M_ZERO); if (!new) return FALSE; /* memset(new, 0, sizeof(ebitmap_node_t)); */ @@ -250,7 +254,7 @@ while (n) { temp = n; n = n->next; - free(temp, M_SEBSD_SS); + sebsd_free(temp, M_SEBSD_SS); } e->highbit = 0; @@ -295,8 +299,9 @@ printf("security: ebitmap: truncated map\n"); goto bad; } - n = (ebitmap_node_t *) malloc(sizeof(ebitmap_node_t), - M_SEBSD_SS, M_WAITOK | M_ZERO); + n = (ebitmap_node_t *) sebsd_malloc(sizeof(ebitmap_node_t), + M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!n) { printf("security: ebitmap: out of memory\n"); goto bad; @@ -339,15 +344,14 @@ return TRUE; bad_free: - free(n, M_SEBSD_SS); + sebsd_free(n, M_SEBSD_SS); bad: ebitmap_destroy(e); return FALSE; } -#ifndef __FreeBSD__ /* TBD */ -#ifndef __KERNEL__ +#if !defined(__KERNEL__) && !defined(_KERNEL) int ebitmap_write(ebitmap_t * e, FILE * fp) { ebitmap_node_t *n; @@ -381,8 +385,7 @@ return TRUE; } -#endif -#endif /* __FreeBSD__ */ /* TBD */ +#endif /* KERNEL */ /* FLASK */ ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/ebitmap.h#2 (text+ko) ==== @@ -66,11 +66,9 @@ int ebitmap_read(ebitmap_t * e, FILE * fp); -#ifndef __FreeBSD__ /* TBD */ -#ifndef __KERNEL__ +#if !defined(__KERNEL__) && !defined(_KERNEL) int ebitmap_write(ebitmap_t * e, FILE * fp); -#endif -#endif /* __FreeBSD__ */ /* TBD */ +#endif /* KERNEL */ #endif /* _EBITMAP_H_ */ ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/fileutils.c#2 (text+ko) ==== @@ -36,11 +36,11 @@ #ifdef __FreeBSD__ #include +#include #include #include #include -#include #include #include #include @@ -55,7 +55,7 @@ error = vn_close(fp->FILE_vp, fp->FILE_saved_open_flags, curthread->td_ucred, curthread); - free(fp, M_TEMP); + sebsd_free(fp, M_TEMP); return (error); } @@ -69,7 +69,7 @@ if (strcmp(type, "r") != 0) return (NULL); - fp = malloc(sizeof(*fp), M_TEMP, M_WAITOK | M_ZERO); + fp = sebsd_malloc(sizeof(*fp), M_TEMP, M_WAITOK | M_ZERO); fp->FILE_saved_open_flags = FREAD; NDINIT(&nd, LOOKUP, LOCKLEAF, UIO_SYSSPACE, path, td); error = vn_open(&nd, &fp->FILE_saved_open_flags, 0); ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/fileutils.h#2 (text+ko) ==== @@ -38,11 +38,12 @@ #define _FILEUTILS_H_ #ifdef __FreeBSD__ +#ifdef _KERNEL #include +#include #include #include #include -#include typedef struct kFILE { struct uio FILE_uio; @@ -54,7 +55,9 @@ int fclose(FILE *fp); FILE *fopen(const char *path, const char *type); size_t fread(void *ptr, size_t size, size_t nmemb, FILE *fp); - +#else /* _KERNEL */ +#include +#endif /* _KERNEL */ #endif /* __FreeBSD__ */ #endif /* _FILEUTILS_H_ */ ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/global.h#2 (text+ko) ==== @@ -21,9 +21,20 @@ * This variable is set to one when the security server * has completed initialization. */ -extern int ss_initialized; +#include +#ifdef _KERNEL MALLOC_DECLARE(M_SEBSD_SS); +#define sebsd_malloc(a,b,c) malloc(a,b,c) +#define sebsd_free(a,b) free(a,b) +#else /* _KERNEL */ +#include +#include +#define sebsd_malloc(a,b,c) (c&M_ZERO)?calloc(1,a):malloc(a) +#define sebsd_free(a,b) free(a) +#endif /* _KERNEL */ + +extern int ss_initialized; #ifdef __TDB_CDV__ #include /* printk */ ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/hashtab.c#2 (text+ko) ==== @@ -7,10 +7,11 @@ * Implementation of the hash table type. */ +#if defined(__FreeBSD__) && defined(_KERNEL) #include -#include #include #include +#endif /* FreeBSD _KERNEL */ #include #include @@ -27,8 +28,8 @@ int i; - p = (hashtab_t) malloc(sizeof(hashtab_val_t), - M_SEBSD_SS, M_WAITOK | M_ZERO); + p = (hashtab_t) sebsd_malloc(sizeof(hashtab_val_t), + M_SEBSD_SS, M_WAITOK | M_ZERO); if (p == NULL) return p; @@ -37,10 +38,11 @@ p->nel = 0; p->hash_value = hash_value; p->keycmp = keycmp; - p->htable = (hashtab_ptr_t *) malloc(sizeof(hashtab_ptr_t) * size, - M_SEBSD_SS, M_WAITOK); + p->htable = (hashtab_ptr_t *) sebsd_malloc(sizeof(hashtab_ptr_t) *size, + M_SEBSD_SS, + M_WAITOK); if (p->htable == NULL) { - free(p, M_SEBSD_SS); + sebsd_free(p, M_SEBSD_SS); return NULL; } for (i = 0; i < size; i++) @@ -70,8 +72,8 @@ if (cur && (h->keycmp(h, key, cur->key) == 0)) return HASHTAB_PRESENT; - newnode = (hashtab_ptr_t) malloc(sizeof(hashtab_node_t), - M_SEBSD_SS, M_WAITOK | M_ZERO); + newnode = (hashtab_ptr_t) sebsd_malloc(sizeof(hashtab_node_t), + M_SEBSD_SS, M_WAITOK | M_ZERO); if (newnode == NULL) return HASHTAB_OVERFLOW; /* memset(newnode, 0, sizeof(struct hashtab_node)); */ @@ -121,7 +123,7 @@ if (destroy) destroy(cur->key, cur->datum, args); - free(cur, M_SEBSD_SS); + sebsd_free(cur, M_SEBSD_SS); h->nel--; return HASHTAB_SUCCESS; } @@ -154,8 +156,9 @@ cur->key = key; cur->datum = datum; } else { - newnode = (hashtab_ptr_t) malloc(sizeof(hashtab_node_t), - M_SEBSD_SS, M_WAITOK | M_ZERO); + newnode = (hashtab_ptr_t) sebsd_malloc(sizeof(hashtab_node_t), + M_SEBSD_SS, + M_WAITOK | M_ZERO); if (newnode == NULL) return HASHTAB_OVERFLOW; /* memset(newnode, 0, sizeof(struct hashtab_node)); */ @@ -210,15 +213,15 @@ while (cur != NULL) { temp = cur; cur = cur->next; - free(temp, M_SEBSD_SS); + sebsd_free(temp, M_SEBSD_SS); } h->htable[i] = NULL; } - free(h->htable, M_SEBSD_SS); + sebsd_free(h->htable, M_SEBSD_SS); h->htable = NULL; - free(h, M_SEBSD_SS); + sebsd_free(h, M_SEBSD_SS); } @@ -280,7 +283,7 @@ cur = cur->next; if (destroy) destroy(temp->key, temp->datum, args); - free(temp, M_SEBSD_SS); + sebsd_free(temp, M_SEBSD_SS); h->nel--; } else { last = cur; ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/hashtab.h#2 (text+ko) ==== ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/init.c#2 (text+ko) ==== @@ -10,7 +10,6 @@ #include -#include #include #include ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/mls.c#2 (text+ko) ==== ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/policydb.c#2 (text+ko) ==== @@ -6,11 +6,12 @@ /* * Implementation of the policy database. */ +#if defined(__FreeBSD__) && defined(_KERNEL) #include -#include #include #include #include +#endif /* FreeBSD _KERNEL */ #include #include @@ -47,14 +48,15 @@ char *key = 0; role_datum_t *role; - role = malloc(sizeof(role_datum_t), M_SEBSD_SS, M_WAITOK | M_ZERO); + role = sebsd_malloc(sizeof(role_datum_t), M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!role) return -1; /* memset(role, 0, sizeof(role_datum_t)); */ role->value = ++p->p_roles.nprim; if (role->value != OBJECT_R_VAL) return -1; - key = malloc(strlen(OBJECT_R)+1, M_SEBSD_SS, M_WAITOK); + key = sebsd_malloc(strlen(OBJECT_R)+1, M_SEBSD_SS, M_WAITOK); if (!key) return -1; strcpy(key, OBJECT_R); @@ -196,8 +198,8 @@ int policydb_index_classes(policydb_t * p) { p->p_common_val_to_name = (char **) - malloc(p->p_commons.nprim * sizeof(char *), - M_SEBSD_SS, M_WAITOK); + sebsd_malloc(p->p_commons.nprim * sizeof(char *), + M_SEBSD_SS, M_WAITOK); if (!p->p_common_val_to_name) return -1; @@ -205,14 +207,14 @@ return -1; p->class_val_to_struct = (class_datum_t **) - malloc(p->p_classes.nprim * sizeof(class_datum_t *), - M_SEBSD_SS, M_WAITOK); + sebsd_malloc(p->p_classes.nprim * sizeof(class_datum_t *), + M_SEBSD_SS, M_WAITOK); if (!p->class_val_to_struct) return -1; p->p_class_val_to_name = (char **) - malloc(p->p_classes.nprim * sizeof(char *), - M_SEBSD_SS, M_WAITOK); + sebsd_malloc(p->p_classes.nprim * sizeof(char *), + M_SEBSD_SS, M_WAITOK); if (!p->p_class_val_to_name) return -1; @@ -246,21 +248,21 @@ #endif p->role_val_to_struct = (role_datum_t **) - malloc(p->p_roles.nprim * sizeof(role_datum_t *), - M_SEBSD_SS, M_WAITOK); + sebsd_malloc(p->p_roles.nprim * sizeof(role_datum_t *), + M_SEBSD_SS, M_WAITOK); if (!p->role_val_to_struct) return -1; p->user_val_to_struct = (user_datum_t **) - malloc(p->p_users.nprim * sizeof(user_datum_t *), - M_SEBSD_SS, M_WAITOK); + sebsd_malloc(p->p_users.nprim * sizeof(user_datum_t *), + M_SEBSD_SS, M_WAITOK); if (!p->user_val_to_struct) return -1; for (i = SYM_ROLES; i < SYM_NUM; i++) { p->sym_val_to_name[i] = (char **) - malloc(p->symtab[i].nprim * sizeof(char *), - M_SEBSD_SS, M_WAITOK); + sebsd_malloc(p->symtab[i].nprim * sizeof(char *), + M_SEBSD_SS, M_WAITOK); if (!p->sym_val_to_name[i]) return -1; if (hashtab_map(p->symtab[i].table, index_f[i], p)) @@ -280,8 +282,8 @@ static int perm_destroy(hashtab_key_t key, hashtab_datum_t datum, void *p) { if (key) - free(key, M_SEBSD_SS); - free(datum, M_SEBSD_SS); + sebsd_free(key, M_SEBSD_SS); + sebsd_free(datum, M_SEBSD_SS); return 0; } @@ -291,11 +293,11 @@ common_datum_t *comdatum; if (key) - free(key, M_SEBSD_SS); + sebsd_free(key, M_SEBSD_SS); comdatum = (common_datum_t *) datum; hashtab_map(comdatum->permissions.table, perm_destroy, 0); hashtab_destroy(comdatum->permissions.table); - free(datum, M_SEBSD_SS); + sebsd_free(datum, M_SEBSD_SS); return 0; } @@ -309,7 +311,7 @@ constraint_expr_destroy(expr->left); if (expr->right) constraint_expr_destroy(expr->right); - free(expr, M_SEBSD_SS); + sebsd_free(expr, M_SEBSD_SS); } return 0; } @@ -321,7 +323,7 @@ constraint_node_t *constraint, *ctemp; if (key) - free(key, M_SEBSD_SS); + sebsd_free(key, M_SEBSD_SS); cladatum = (class_datum_t *) datum; hashtab_map(cladatum->permissions.table, perm_destroy, 0); hashtab_destroy(cladatum->permissions.table); @@ -330,11 +332,11 @@ constraint_expr_destroy(constraint->expr); ctemp = constraint; constraint = constraint->next; - free(ctemp, M_SEBSD_SS); + sebsd_free(ctemp, M_SEBSD_SS); } if (cladatum->comkey) - free(cladatum->comkey, M_SEBSD_SS); - free(datum, M_SEBSD_SS); + sebsd_free(cladatum->comkey, M_SEBSD_SS); + sebsd_free(datum, M_SEBSD_SS); return 0; } @@ -343,19 +345,19 @@ role_datum_t *role; if (key) - free(key, M_SEBSD_SS); + sebsd_free(key, M_SEBSD_SS); role = (role_datum_t *) datum; ebitmap_destroy(&role->dominates); ebitmap_destroy(&role->types); - free(datum, M_SEBSD_SS); + sebsd_free(datum, M_SEBSD_SS); return 0; } static int type_destroy(hashtab_key_t key, hashtab_datum_t datum, void *p) { if (key) - free(key, M_SEBSD_SS); - free(datum, M_SEBSD_SS); + sebsd_free(key, M_SEBSD_SS); + sebsd_free(datum, M_SEBSD_SS); return 0; } @@ -364,11 +366,11 @@ user_datum_t *usrdatum; if (key) - free(key, M_SEBSD_SS); + sebsd_free(key, M_SEBSD_SS); usrdatum = (user_datum_t *) datum; ebitmap_destroy(&usrdatum->roles); mls_user_destroy(usrdatum); - free(datum, M_SEBSD_SS); + sebsd_free(datum, M_SEBSD_SS); return 0; } @@ -399,15 +401,15 @@ for (i = 0; i < SYM_NUM; i++) { if (p->sym_val_to_name[i]) - free(p->sym_val_to_name[i], M_SEBSD_SS); + sebsd_free(p->sym_val_to_name[i], M_SEBSD_SS); } if (p->class_val_to_struct) - free(p->class_val_to_struct, M_SEBSD_SS); + sebsd_free(p->class_val_to_struct, M_SEBSD_SS); if (p->role_val_to_struct) - free(p->role_val_to_struct, M_SEBSD_SS); + sebsd_free(p->role_val_to_struct, M_SEBSD_SS); if (p->user_val_to_struct) - free(p->user_val_to_struct, M_SEBSD_SS); + sebsd_free(p->user_val_to_struct, M_SEBSD_SS); avtab_destroy(&p->te_avtab); @@ -419,8 +421,8 @@ context_destroy(&ctmp->context[0]); context_destroy(&ctmp->context[1]); if (i == OCON_ISID || i == OCON_FS || i == OCON_NETIF || i == OCON_DEVFS) - free(ctmp->u.name, M_SEBSD_SS); - free(ctmp, M_SEBSD_SS); + sebsd_free(ctmp->u.name, M_SEBSD_SS); + sebsd_free(ctmp, M_SEBSD_SS); } } @@ -550,7 +552,8 @@ __u32 buf[32], len; int items, items2; - perdatum = malloc(sizeof(perm_datum_t), M_SEBSD_SS, M_WAITOK | M_ZERO); + perdatum = sebsd_malloc(sizeof(perm_datum_t), M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!perdatum) return -1; /* memset(perdatum, 0, sizeof(perm_datum_t)); */ @@ -565,7 +568,7 @@ if (mls_read_perm(perdatum, fp)) goto bad; - key = malloc(len + 1, M_SEBSD_SS, M_WAITOK); + key = sebsd_malloc(len + 1, M_SEBSD_SS, M_WAITOK); if (!key) goto bad; items = fread(key, 1, len, fp); @@ -591,8 +594,8 @@ __u32 buf[32], len, nel; int items, i; - comdatum = malloc(sizeof(common_datum_t), M_SEBSD_SS, - M_WAITOK | M_ZERO); + comdatum = sebsd_malloc(sizeof(common_datum_t), M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!comdatum) return -1; /* memset(comdatum, 0, sizeof(common_datum_t)); */ @@ -609,7 +612,7 @@ comdatum->permissions.nprim = le32_to_cpu(buf[2]); nel = le32_to_cpu(buf[3]); - key = malloc(len + 1, M_SEBSD_SS, M_WAITOK); + key = sebsd_malloc(len + 1, M_SEBSD_SS, M_WAITOK); if (!key) goto bad; items = fread(key, 1, len, fp); @@ -640,8 +643,8 @@ __u32 buf[32]; int items; - expr = malloc(sizeof(constraint_expr_t), M_SEBSD_SS, - M_WAITOK | M_ZERO); + expr = sebsd_malloc(sizeof(constraint_expr_t), M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!expr) return NULL; /* memset(expr, 0, sizeof(constraint_expr_t)); */ @@ -693,8 +696,9 @@ __u32 buf[32], len, len2, ncons, nel; int items, i; - cladatum = (class_datum_t *) malloc(sizeof(class_datum_t), - M_SEBSD_SS, M_WAITOK | M_ZERO); + cladatum = (class_datum_t *) sebsd_malloc(sizeof(class_datum_t), + M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!cladatum) return -1; /* memset(cladatum, 0, sizeof(class_datum_t)); */ @@ -714,7 +718,7 @@ ncons = le32_to_cpu(buf[5]); - key = malloc(len + 1, M_SEBSD_SS, M_WAITOK); + key = sebsd_malloc(len + 1, M_SEBSD_SS, M_WAITOK); if (!key) goto bad; items = fread(key, 1, len, fp); @@ -723,7 +727,8 @@ key[len] = 0; if (len2) { - cladatum->comkey = malloc(len2 + 1, M_SEBSD_SS, M_WAITOK); + cladatum->comkey = sebsd_malloc(len2 + 1, M_SEBSD_SS, + M_WAITOK); if (!cladatum->comkey) goto bad; items = fread(cladatum->comkey, 1, len2, fp); @@ -745,8 +750,8 @@ l = NULL; for (i = 0; i < ncons; i++) { - c = malloc(sizeof(constraint_node_t), - M_SEBSD_SS, M_WAITOK | M_ZERO); + c = sebsd_malloc(sizeof(constraint_node_t), + M_SEBSD_SS, M_WAITOK | M_ZERO); if (!c) goto bad; /* memset(c, 0, sizeof(constraint_node_t)); */ @@ -787,7 +792,8 @@ __u32 buf[32], len; int items; - role = malloc(sizeof(role_datum_t), M_SEBSD_SS, M_WAITOK | M_ZERO); + role = sebsd_malloc(sizeof(role_datum_t), M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!role) return -1; /* memset(role, 0, sizeof(role_datum_t)); */ @@ -799,7 +805,7 @@ len = le32_to_cpu(buf[0]); role->value = le32_to_cpu(buf[1]); - key = malloc(len + 1, M_SEBSD_SS, M_WAITOK); + key = sebsd_malloc(len + 1, M_SEBSD_SS, M_WAITOK); if (!key) goto bad; items = fread(key, 1, len, fp); @@ -842,7 +848,8 @@ __u32 buf[32], len; int items; - typdatum = malloc(sizeof(type_datum_t), M_SEBSD_SS, M_WAITOK | M_ZERO); + typdatum = sebsd_malloc(sizeof(type_datum_t), M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!typdatum) return -1; /* memset(typdatum, 0, sizeof(type_datum_t)); */ @@ -855,7 +862,7 @@ typdatum->value = le32_to_cpu(buf[1]); typdatum->primary = le32_to_cpu(buf[2]); - key = malloc(len + 1, M_SEBSD_SS, M_WAITOK); + key = sebsd_malloc(len + 1, M_SEBSD_SS, M_WAITOK); if (!key) goto bad; items = fread(key, 1, len, fp); @@ -881,7 +888,8 @@ int items; - usrdatum = malloc(sizeof(user_datum_t), M_SEBSD_SS, M_WAITOK | M_ZERO); + usrdatum = sebsd_malloc(sizeof(user_datum_t), M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!usrdatum) return -1; /* memset(usrdatum, 0, sizeof(user_datum_t)); */ @@ -893,7 +901,7 @@ len = le32_to_cpu(buf[0]); usrdatum->value = le32_to_cpu(buf[1]); - key = malloc(len + 1, M_SEBSD_SS, M_WAITOK); + key = sebsd_malloc(len + 1, M_SEBSD_SS, M_WAITOK); if (!key) goto bad; items = fread(key, 1, len, fp); @@ -998,8 +1006,8 @@ nel = le32_to_cpu(buf[0]); ltr = NULL; for (i = 0; i < nel; i++) { - tr = malloc(sizeof(struct role_trans), M_SEBSD_SS, - M_WAITOK | M_ZERO); + tr = sebsd_malloc(sizeof(struct role_trans), M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!tr) { goto bad; } @@ -1024,8 +1032,8 @@ nel = le32_to_cpu(buf[0]); lra = NULL; for (i = 0; i < nel; i++) { - ra = malloc(sizeof(struct role_allow), M_SEBSD_SS, - M_WAITOK | M_ZERO); + ra = sebsd_malloc(sizeof(struct role_allow), M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!ra) { goto bad; } @@ -1056,8 +1064,8 @@ nel = le32_to_cpu(buf[0]); l = NULL; for (j = 0; j < nel; j++) { - c = malloc(sizeof(ocontext_t), M_SEBSD_SS, - M_WAITOK | M_ZERO); + c = sebsd_malloc(sizeof(ocontext_t), M_SEBSD_SS, + M_WAITOK | M_ZERO); if (!c) { goto bad; } @@ -1083,8 +1091,8 @@ if (items != 1) goto bad; len = le32_to_cpu(buf[0]); - c->u.name = malloc(len + 1, - M_SEBSD_SS, M_WAITOK); + c->u.name = sebsd_malloc(len + 1, + M_SEBSD_SS, M_WAITOK); if (!c->u.name) { goto bad; } @@ -1132,8 +1140,8 @@ if (items != 1) goto bad; len = le32_to_cpu(buf[0]); - c->u.name = malloc(len + 1, - M_SEBSD_SS, M_WAITOK); + c->u.name = sebsd_malloc(len + 1, + M_SEBSD_SS, M_WAITOK); if (!c->u.name) { goto bad; } ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/queue.c#2 (text+ko) ==== @@ -7,10 +7,11 @@ * Implementation of the double-ended queue type. */ +#if defined(__FreeBSD__) && defined(_KERNEL) #include -#include #include #include +#endif /* FreeBSD _KERNEL */ #include #include @@ -21,8 +22,8 @@ { queue_t q; - q = (queue_t) malloc(sizeof(struct queue_info), - M_SEBSD_SS, M_WAITOK); + q = (queue_t) sebsd_malloc(sizeof(struct queue_info), + M_SEBSD_SS, M_WAITOK); if (q == NULL) return NULL; @@ -39,8 +40,8 @@ if (!q) return -1; - newnode = (queue_node_ptr_t) malloc(sizeof(struct queue_node), - M_SEBSD_SS, M_WAITOK); + newnode = (queue_node_ptr_t) sebsd_malloc(sizeof(struct queue_node), + M_SEBSD_SS, M_WAITOK); if (newnode == NULL) return -1; @@ -65,8 +66,8 @@ if (!q) return -1; - newnode = (queue_node_ptr_t) malloc(sizeof(struct queue_node), - M_SEBSD_SS, M_WAITOK); + newnode = (queue_node_ptr_t) sebsd_malloc(sizeof(struct queue_node), + M_SEBSD_SS, M_WAITOK); if (newnode == NULL) return -1; @@ -102,7 +103,7 @@ q->tail = NULL; e = node->element; - free(node, M_SEBSD_SS); + sebsd_free(node, M_SEBSD_SS); >>> TRUNCATED FOR MAIL (1000 lines) <<< To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message