From owner-p4-projects@FreeBSD.ORG Wed Nov 5 22:23:08 2003 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id CF3DA16A4D0; Wed, 5 Nov 2003 22:23:07 -0800 (PST) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A919916A4CE for ; Wed, 5 Nov 2003 22:23:07 -0800 (PST) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 09A4043F85 for ; Wed, 5 Nov 2003 22:23:07 -0800 (PST) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.9/8.12.9) with ESMTP id hA66N6XJ095087 for ; Wed, 5 Nov 2003 22:23:06 -0800 (PST) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.9/8.12.9/Submit) id hA66N6wo095084 for perforce@freebsd.org; Wed, 5 Nov 2003 22:23:06 -0800 (PST) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Wed, 5 Nov 2003 22:23:06 -0800 (PST) Message-Id: <200311060623.hA66N6wo095084@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Subject: PERFORCE change 41570 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Nov 2003 06:23:08 -0000 http://perforce.freebsd.org/chv.cgi?CH=41570 Change 41570 by rwatson@rwatson_paprika on 2003/11/05 22:22:44 Use MAC label UMA zone for pipe labels, rather than their own malloc pool. Currently, the zone is used only for labels on pipes themselves, and we retain the externally visible functions to initialize and destroy temporary pipe labels used in kern_mac.c for internalization/externalization. Better abstraction will migrate that code into mac_pipe.c, or other objects will also use dynamically allocated labels at some point. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac/mac_pipe.c#7 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_pipe.c#7 (text+ko) ==== @@ -61,8 +61,6 @@ &nmacpipes, 0, "number of pipes in use"); #endif -MALLOC_DEFINE(M_MACPIPELABEL, "macpipelabel", "MAC labels for pipes"); - void mac_init_pipe_label(struct label *label) { @@ -72,15 +70,23 @@ MAC_DEBUG_COUNTER_INC(&nmacpipes); } +static struct label * +mac_pipe_label_alloc(void) +{ + struct label *label; + + label = mac_labelzone_alloc(M_WAITOK); + MAC_PERFORM(init_pipe_label, label); + MAC_DEBUG_COUNTER_INC(&nmacpipes); + return (label); +} + void mac_init_pipe(struct pipe *pipe) { - struct label *label; - label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK); - pipe->pipe_label = label; - pipe->pipe_peer->pipe_label = label; - mac_init_pipe_label(label); + pipe->pipe_label = pipe->pipe_peer->pipe_label = + mac_pipe_label_alloc(); } void @@ -92,12 +98,20 @@ MAC_DEBUG_COUNTER_DEC(&nmacpipes); } +static void +mac_pipe_label_free(struct label *label) +{ + + MAC_PERFORM(destroy_pipe_label, label); + MAC_DEBUG_COUNTER_DEC(&nmacpipes); +} + void mac_destroy_pipe(struct pipe *pipe) { - mac_destroy_pipe_label(pipe->pipe_label); - free(pipe->pipe_label, M_MACPIPELABEL); + mac_pipe_label_free(pipe->pipe_label); + pipe->pipe_label = NULL; } void