From owner-p4-projects@FreeBSD.ORG  Wed May 30 08:31:21 2007
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id E003516A46B; Wed, 30 May 2007 08:31:20 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 7FD2816A400
	for <perforce@freebsd.org>; Wed, 30 May 2007 08:31:20 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41])
	by mx1.freebsd.org (Postfix) with ESMTP id 6147213C487
	for <perforce@freebsd.org>; Wed, 30 May 2007 08:31:20 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.8/8.13.8) with ESMTP id l4U8VKUn005311
	for <perforce@freebsd.org>; Wed, 30 May 2007 08:31:20 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.8/8.13.8/Submit) id l4U8VIWQ005241
	for perforce@freebsd.org; Wed, 30 May 2007 08:31:18 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Wed, 30 May 2007 08:31:18 GMT
Message-Id: <200705300831.l4U8VIWQ005241@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 120603 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 30 May 2007 08:31:21 -0000

http://perforce.freebsd.org/chv.cgi?CH=120603

Change 120603 by rwatson@rwatson_zoo on 2007/05/30 08:31:07

	Revert all MAC files in the audit3 branch to their CVS state; pretty
	much entirely merge and integration related duplicates.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#11 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.c#2 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.h#9 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_inet.c#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_internal.h#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_label.c#6 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_net.c#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_pipe.c#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_policy.h#9 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_posix_sem.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_priv.c#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_process.c#8 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_socket.c#8 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_syscalls.c#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_system.c#8 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_msg.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_sem.c#6 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_shm.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_vfs.c#11 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.c#13 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.h#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.c#13 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.h#4 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_ifoff/mac_ifoff.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.c#12 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.h#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.c#11 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.h#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_none/mac_none.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.c#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.h#2 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_portacl/mac_portacl.c#9 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_seeotheruids/mac_seeotheruids.c#8 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_stub/mac_stub.c#10 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_test/mac_test.c#12 integrate

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#11 (text+ko) ====

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
+ * Copyright (c) 1999-2002 Robert N. M. Watson
  * Copyright (c) 2001 Ilmar S. Habibulin
  * Copyright (c) 2001-2004 Networks Associates Technology, Inc.
  *
@@ -32,7 +32,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $FreeBSD$
+ * $FreeBSD: src/sys/security/mac/mac_audit.c,v 1.1 2007/04/21 22:08:47 rwatson Exp $
  */
 
 #include <sys/param.h>

==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.c#2 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.h#9 (text+ko) ====

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
+ * Copyright (c) 1999-2002 Robert N. M. Watson
  * Copyright (c) 2001-2005 Networks Associates Technology, Inc.
  * Copyright (c) 2005-2006 SPARTA, Inc.
  * All rights reserved.

==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_inet.c#7 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_internal.h#7 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_label.c#6 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_net.c#7 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_pipe.c#7 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_policy.h#9 (text+ko) ====

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
+ * Copyright (c) 1999-2002 Robert N. M. Watson
  * Copyright (c) 2001-2005 Networks Associates Technology, Inc.
  * Copyright (c) 2005-2006 SPARTA, Inc.
  * All rights reserved.

==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_posix_sem.c#5 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_priv.c#3 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_process.c#8 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_socket.c#8 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_syscalls.c#3 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_system.c#8 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_msg.c#5 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_sem.c#6 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_shm.c#5 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_vfs.c#11 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.c#13 (text+ko) ====

@@ -2483,50 +2483,6 @@
 }
 
 static int
-mac_biba_check_system_auditctl(struct ucred *cred, struct vnode *vp,
-    struct label *vplabel)
-{
-	struct mac_biba *subj, *obj;
-	int error;
-
-	if (!mac_biba_enabled)
-		return (0);
-
-	subj = SLOT(cred->cr_label);
-
-	error = mac_biba_subject_privileged(subj);
-	if (error)
-		return (error);
-
-	if (vplabel == NULL)
-		return (0);
-
-	obj = SLOT(vplabel);
-	if (!mac_biba_high_effective(obj))
-		return (EACCES);
-
-	return (0);
-}
-
-static int
-mac_biba_check_system_auditon(struct ucred *cred, int cmd)
-{
-	struct mac_biba *subj;
-	int error;
-
-	if (!mac_biba_enabled)
-		return (0);
-
-	subj = SLOT(cred->cr_label);
-
-	error = mac_biba_subject_privileged(subj);
-	if (error)
-		return (error);
-
-	return (0);
-}
-
-static int
 mac_biba_check_system_auditon(struct ucred *cred, int cmd)
 {
 	struct mac_biba *subj;

==== //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.h#3 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.c#13 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.h#4 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_ifoff/mac_ifoff.c#5 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.c#12 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.h#3 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.c#11 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.h#3 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_none/mac_none.c#5 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.c#7 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.h#2 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_portacl/mac_portacl.c#9 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_seeotheruids/mac_seeotheruids.c#8 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_stub/mac_stub.c#10 (text+ko) ====

@@ -923,20 +923,6 @@
 }
 
 static int
-stub_check_proc_setaudit(struct ucred *cred, struct auditinfo *ai)
-{
-
-	return (0);
-}
-
-static int
-stub_check_proc_setauid(struct ucred *cred, uid_t auid)
-{
-
-	return (0);
-}
-
-static int
 stub_check_proc_setuid(struct ucred *cred, uid_t uid)
 {
 
@@ -1112,28 +1098,6 @@
 }
 
 static int
-stub_check_system_audit(struct ucred *cred, void *record, int length)
-{
-
-	return (0);
-}
-
-static int
-stub_check_system_auditctl(struct ucred *cred, struct vnode *vp,
-    struct label *vlabel)
-{
-
-	return (0);
-}
-
-static int
-stub_check_system_auditon(struct ucred *cred, int cmd)
-{
-
-	return (0);
-}
-
-static int
 stub_check_system_auditctl(struct ucred *cred, struct vnode *vp,
     struct label *vplabel)
 {
@@ -1645,7 +1609,6 @@
 	.mpo_check_system_auditon = stub_check_system_auditon,
 	.mpo_check_system_reboot = stub_check_system_reboot,
 	.mpo_check_system_swapoff = stub_check_system_swapoff,
-	.mpo_check_system_swapoff = stub_check_system_swapoff,
 	.mpo_check_system_swapon = stub_check_system_swapon,
 	.mpo_check_system_sysctl = stub_check_system_sysctl,
 	.mpo_check_vnode_access = stub_check_vnode_access,

==== //depot/projects/trustedbsd/audit3/sys/security/mac_test/mac_test.c#12 (text+ko) ====

@@ -1957,9 +1957,6 @@
 
 	LABEL_CHECK(cred->cr_label, MAGIC_CRED);
 	COUNTER_INC(check_system_audit);
-	if (label != NULL) {
-		ASSERT_VNODE_LABEL(label);
-	}
 
 	return (0);
 }
@@ -2001,7 +1998,7 @@
 
 COUNTER_DECL(check_system_swapoff);
 static int
-mac_test_check_system_swapon(struct ucred *cred, struct vnode *vp,
+mac_test_check_system_swapoff(struct ucred *cred, struct vnode *vp,
     struct label *vplabel)
 {