Date: Wed, 30 Aug 2006 20:33:50 GMT From: Todd Miller <millert@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 105353 for review Message-ID: <200608302033.k7UKXoQH023181@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=105353 Change 105353 by millert@millert_g4tower on 2006/08/30 20:33:21 Use proc_ucred() instead of peeking inside struct proc directly. Affected files ... .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#8 edit .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd_syscall.c#3 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#8 (text+ko) ==== @@ -270,7 +270,7 @@ struct task_security_struct *task, *target; task = SLOT(cred->cr_label); - target = SLOT(proc->p_ucred->cr_label); + target = SLOT(proc_ucred(proc)->cr_label); return (avc_has_perm(task->sid, target->sid, SECCLASS_PROCESS, perm, NULL)); @@ -1658,7 +1658,7 @@ case LCID_REMOVE: /* Orphan */ /* loginwindow.app/MAC.loginPlugin orphaned process. */ - dst = SLOT(p->p_ucred->cr_label); + dst = SLOT(proc_ucred(p)->cr_label); if (dst->sid != dst->osid) { /* * TBD: Need to flush any open files that are now @@ -1676,8 +1676,8 @@ default: /* Adopt */ /* loginwindow.app/MAC.loginPlugin adopted process. */ - src = SLOT(p0->p_ucred->cr_label); - dst = SLOT(p->p_ucred->cr_label); + src = SLOT(proc_ucred(p0)->cr_label); + dst = SLOT(proc_ucred(p)->cr_label); if (src->sid != dst->sid) { /* ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd_syscall.c#3 (text+ko) ==== @@ -60,7 +60,7 @@ void *kdata; int rc; - rc = cred_has_security(p->p_ucred, SECURITY__LOAD_POLICY); + rc = cred_has_security(proc_ucred(p), SECURITY__LOAD_POLICY); if (rc) return (rc); @@ -81,7 +81,7 @@ void *kdata; int rc; - rc = cred_has_security(p->p_ucred, SECURITY__LOAD_POLICY); + rc = cred_has_security(proc_ucred(p), SECURITY__LOAD_POLICY); if (rc) return (rc); @@ -165,7 +165,7 @@ { char *str; - error = cred_has_security(p->p_ucred, SECURITY__SETBOOL); + error = cred_has_security(proc_ucred(p), SECURITY__SETBOOL); if (error) return (error); @@ -186,7 +186,7 @@ } case SEBSDCALL_COMMIT_BOOLS: - error = cred_has_security(p->p_ucred, SECURITY__SETBOOL); + error = cred_has_security(proc_ucred(p), SECURITY__SETBOOL); if (error) return (error); return (security_commit_pending_bools());
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200608302033.k7UKXoQH023181>