Date: Wed, 30 May 2007 08:31:18 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 120603 for review Message-ID: <200705300831.l4U8VIWQ005241@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=120603 Change 120603 by rwatson@rwatson_zoo on 2007/05/30 08:31:07 Revert all MAC files in the audit3 branch to their CVS state; pretty much entirely merge and integration related duplicates. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#11 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.c#2 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.h#9 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_inet.c#7 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_internal.h#7 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_label.c#6 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_net.c#7 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_pipe.c#7 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_policy.h#9 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_posix_sem.c#5 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_priv.c#3 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_process.c#8 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_socket.c#8 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_syscalls.c#3 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_system.c#8 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_msg.c#5 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_sem.c#6 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_shm.c#5 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_vfs.c#11 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.c#13 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.h#3 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.c#13 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.h#4 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_ifoff/mac_ifoff.c#5 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.c#12 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.h#3 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.c#11 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.h#3 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_none/mac_none.c#5 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.c#7 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.h#2 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_portacl/mac_portacl.c#9 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_seeotheruids/mac_seeotheruids.c#8 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_stub/mac_stub.c#10 integrate .. //depot/projects/trustedbsd/audit3/sys/security/mac_test/mac_test.c#12 integrate Differences ... ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#11 (text+ko) ==== @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1999-2002, 2007 Robert N. M. Watson + * Copyright (c) 1999-2002 Robert N. M. Watson * Copyright (c) 2001 Ilmar S. Habibulin * Copyright (c) 2001-2004 Networks Associates Technology, Inc. * @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD$ + * $FreeBSD: src/sys/security/mac/mac_audit.c,v 1.1 2007/04/21 22:08:47 rwatson Exp $ */ #include <sys/param.h> ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.c#2 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.h#9 (text+ko) ==== @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1999-2002, 2007 Robert N. M. Watson + * Copyright (c) 1999-2002 Robert N. M. Watson * Copyright (c) 2001-2005 Networks Associates Technology, Inc. * Copyright (c) 2005-2006 SPARTA, Inc. * All rights reserved. ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_inet.c#7 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_internal.h#7 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_label.c#6 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_net.c#7 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_pipe.c#7 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_policy.h#9 (text+ko) ==== @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1999-2002, 2007 Robert N. M. Watson + * Copyright (c) 1999-2002 Robert N. M. Watson * Copyright (c) 2001-2005 Networks Associates Technology, Inc. * Copyright (c) 2005-2006 SPARTA, Inc. * All rights reserved. ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_posix_sem.c#5 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_priv.c#3 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_process.c#8 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_socket.c#8 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_syscalls.c#3 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_system.c#8 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_msg.c#5 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_sem.c#6 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_shm.c#5 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_vfs.c#11 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.c#13 (text+ko) ==== @@ -2483,50 +2483,6 @@ } static int -mac_biba_check_system_auditctl(struct ucred *cred, struct vnode *vp, - struct label *vplabel) -{ - struct mac_biba *subj, *obj; - int error; - - if (!mac_biba_enabled) - return (0); - - subj = SLOT(cred->cr_label); - - error = mac_biba_subject_privileged(subj); - if (error) - return (error); - - if (vplabel == NULL) - return (0); - - obj = SLOT(vplabel); - if (!mac_biba_high_effective(obj)) - return (EACCES); - - return (0); -} - -static int -mac_biba_check_system_auditon(struct ucred *cred, int cmd) -{ - struct mac_biba *subj; - int error; - - if (!mac_biba_enabled) - return (0); - - subj = SLOT(cred->cr_label); - - error = mac_biba_subject_privileged(subj); - if (error) - return (error); - - return (0); -} - -static int mac_biba_check_system_auditon(struct ucred *cred, int cmd) { struct mac_biba *subj; ==== //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.h#3 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.c#13 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.h#4 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_ifoff/mac_ifoff.c#5 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.c#12 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.h#3 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.c#11 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.h#3 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_none/mac_none.c#5 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.c#7 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.h#2 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_portacl/mac_portacl.c#9 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_seeotheruids/mac_seeotheruids.c#8 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/security/mac_stub/mac_stub.c#10 (text+ko) ==== @@ -923,20 +923,6 @@ } static int -stub_check_proc_setaudit(struct ucred *cred, struct auditinfo *ai) -{ - - return (0); -} - -static int -stub_check_proc_setauid(struct ucred *cred, uid_t auid) -{ - - return (0); -} - -static int stub_check_proc_setuid(struct ucred *cred, uid_t uid) { @@ -1112,28 +1098,6 @@ } static int -stub_check_system_audit(struct ucred *cred, void *record, int length) -{ - - return (0); -} - -static int -stub_check_system_auditctl(struct ucred *cred, struct vnode *vp, - struct label *vlabel) -{ - - return (0); -} - -static int -stub_check_system_auditon(struct ucred *cred, int cmd) -{ - - return (0); -} - -static int stub_check_system_auditctl(struct ucred *cred, struct vnode *vp, struct label *vplabel) { @@ -1645,7 +1609,6 @@ .mpo_check_system_auditon = stub_check_system_auditon, .mpo_check_system_reboot = stub_check_system_reboot, .mpo_check_system_swapoff = stub_check_system_swapoff, - .mpo_check_system_swapoff = stub_check_system_swapoff, .mpo_check_system_swapon = stub_check_system_swapon, .mpo_check_system_sysctl = stub_check_system_sysctl, .mpo_check_vnode_access = stub_check_vnode_access, ==== //depot/projects/trustedbsd/audit3/sys/security/mac_test/mac_test.c#12 (text+ko) ==== @@ -1957,9 +1957,6 @@ LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_system_audit); - if (label != NULL) { - ASSERT_VNODE_LABEL(label); - } return (0); } @@ -2001,7 +1998,7 @@ COUNTER_DECL(check_system_swapoff); static int -mac_test_check_system_swapon(struct ucred *cred, struct vnode *vp, +mac_test_check_system_swapoff(struct ucred *cred, struct vnode *vp, struct label *vplabel) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200705300831.l4U8VIWQ005241>