Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 5 Nov 2003 21:59:37 -0800 (PST)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        Perforce Change Reviews <perforce@freebsd.org>
Subject:   PERFORCE change 41568 for review
Message-ID:  <200311060559.hA65xbn2093220@repoman.freebsd.org>
index | next in thread | raw e-mail 

http://perforce.freebsd.org/chv.cgi?CH=41568

Change 41568 by rwatson@rwatson_paprika on 2003/11/05 21:59:19

	Add mac_label.c, which encapsulates a UMA zone for MAC label
	allocation.  Currently, MAC labels observably increase the
	size of some important data structures even when MAC is
	disabled, which is undesirable.  Also, this means that the
	size of a MAC label is a compile-time constant.  By moving
	towards run-time allocation of MAC label storage, we can reduce
	the non-MAC overhead, make MAC label size a boot-time
	constant, as well as reap some of the benefits of a slab
	allocator (over time).  This commit does not hook up the
	zone allocated MAC labels to any object types.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/conf/files#96 edit
.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#422 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac/mac_internal.h#11 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/conf/files#96 (text+ko) ====

@@ -1596,6 +1596,7 @@
 posix4/p1003_1b.c	standard
 posix4/posix4_mib.c	standard
 kern/uipc_sem.c		optional p1003_1b_semaphores
+security/mac/mac_label.c	optional mac
 security/mac/mac_net.c		optional mac
 security/mac/mac_pipe.c		optional mac
 security/mac/mac_posix_sem.c	optional mac

==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#422 (text+ko) ====

@@ -270,6 +270,7 @@
 
 	LIST_INIT(&mac_static_policy_list);
 	LIST_INIT(&mac_policy_list);
+	mac_labelzone_init();
 
 #ifndef MAC_STATIC
 	mtx_init(&mac_policy_mtx, "mac_policy_mtx", NULL, MTX_DEF);

==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_internal.h#11 (text+ko) ====

@@ -89,6 +89,10 @@
 int	mac_policy_list_conditional_busy(void);
 void	mac_policy_list_unbusy(void);
 
+struct label	*mac_labelzone_alloc(int flags);
+void		 mac_labelzone_free(struct label *label);
+void		 mac_labelzone_init(void);
+
 void	mac_init_label(struct label *label);
 void	mac_destroy_label(struct label *label);
 int	mac_check_structmac_consistent(struct mac *mac);
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311060559.hA65xbn2093220>