Date: Wed, 15 Mar 2006 19:52:28 GMT From: Todd Miller <millert@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 93364 for review Message-ID: <200603151952.k2FJqSNx083526@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=93364 Change 93364 by millert@millert_p3 on 2006/03/15 19:51:56 Add sebsd_update_devfsdirent(). Check for fullpath == NULL in devfs functions that have it as a parameter. This is overkill as we really only need to do this in sebsd_create_devfs_directory() (which is called with a NULL fullpath from devfs_mount() via devfs_vmkdir()). Affected files ... .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#41 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#41 (text+ko) ==== @@ -443,6 +443,20 @@ */ } +static void +sebsd_update_devfsdirent(struct mount *mp, struct devfs_dirent *de, + struct label *delabel, struct vnode *vp, struct label *vlabel) +{ + struct vnode_security_struct *vsec, *dsec; + + vsec = SLOT(vlabel); + dsec = SLOT(delabel); + + dsec->sid = vsec->sid; + dsec->task_sid = vsec->task_sid; + dsec->sclass = vsec->sclass; +} + static int sebsd_associate_vnode_extattr(struct mount *mp, struct label *fslabel, struct vnode *vp, struct label *vlabel) @@ -644,9 +658,12 @@ dirent_type_to_security_class(devfs_dirent->de_dirent->d_type); /* Obtain a SID based on the fstype, path, and class. */ - path = malloc(strlen(fullpath) + 2, M_SEBSD, M_ZERO | M_WAITOK); - path[0] = '/'; - strcpy(&path[1], fullpath); + if (fullpath != NULL) { + path = malloc(strlen(fullpath) + 2, M_SEBSD, M_ZERO | M_WAITOK); + path[0] = '/'; + strcpy(&path[1], fullpath); + } else + path = "/"; rc = security_genfs_sid(mp->mnt_vfc->vfc_name, path, dirent->sclass, &newsid); @@ -675,7 +692,8 @@ "dirent=%d\n", path, sbsec->sid, mp->mnt_stat.f_mntonname, rc, dirent->sclass, newsid, dirent->sid); } - free(path, M_SEBSD); + if (fullpath != NULL) + free(path, M_SEBSD); } static void @@ -698,9 +716,12 @@ dirent->sclass = SECCLASS_DIR; /* Obtain a SID based on the fstype, path, and class. */ - path = malloc(strlen(fullpath) + 2, M_SEBSD, M_ZERO | M_WAITOK); - path[0] = '/'; - strcpy(&path[1], fullpath); + if (fullpath != NULL) { + path = malloc(strlen(fullpath) + 2, M_SEBSD, M_ZERO | M_WAITOK); + path[0] = '/'; + strcpy(&path[1], fullpath); + } else + path = "/"; rc = security_genfs_sid(mp->mnt_vfc->vfc_name, path, dirent->sclass, &newsid); if (rc == 0) @@ -713,7 +734,8 @@ __func__, path, sbsec->sid, mp->mnt_stat.f_mntonname, rc, dirent->sclass, newsid, dirent->sid); } - free(path, M_SEBSD); + if (fullpath != NULL) + free(path, M_SEBSD); } static void @@ -740,9 +762,12 @@ lnksec->sclass = SECCLASS_LNK_FILE; /* Obtain a SID based on the fstype, path, and class. */ - path = malloc(strlen(fullpath) + 2, M_SEBSD, M_ZERO | M_WAITOK); - path[0] = '/'; - strcpy(&path[1], fullpath); + if (fullpath != NULL) { + path = malloc(strlen(fullpath) + 2, M_SEBSD, M_ZERO | M_WAITOK); + path[0] = '/'; + strcpy(&path[1], fullpath); + } else + path = "/"; rc = security_genfs_sid(mp->mnt_vfc->vfc_name, path, lnksec->sclass, &newsid); if (rc == 0) @@ -754,7 +779,8 @@ sbsec->sid, mp->mnt_stat.f_mntonname, rc, lnksec->sclass, newsid, lnksec->sid); } - free(path, M_SEBSD); + if (fullpath != NULL) + free(path, M_SEBSD); } /* @@ -2457,6 +2483,7 @@ /* .mpo_create_socket = sebsd_create_socket, */ /* .mpo_create_socket_from_socket = sebsd_create_socket_from_socket, */ .mpo_create_vnode_extattr = sebsd_create_vnode_extattr, + .mpo_update_devfsdirent = sebsd_update_devfsdirent, .mpo_associate_vnode_devfs = sebsd_associate_vnode_devfs, .mpo_associate_vnode_singlelabel = sebsd_associate_vnode_singlelabel, .mpo_associate_vnode_extattr = sebsd_associate_vnode_extattr,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200603151952.k2FJqSNx083526>