Date: Thu, 6 Nov 2003 20:36:30 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 41615 for review Message-ID: <200311070436.hA74aU6M096158@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=41615 Change 41615 by rwatson@rwatson_paprika on 2003/11/06 20:35:59 Whitespace, linewrap, sync. Affected files ... .. //depot/projects/trustedbsd/mac/sys/kern/sysv_msg.c#15 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/kern/sysv_msg.c#15 (text+ko) ==== @@ -74,7 +74,7 @@ long msg_type; /* type of this message */ /* >0 -> type of this message */ /* 0 -> free header */ - unsigned short msg_ts; /* size of this message */ + u_short msg_ts; /* size of this message */ short msg_spot; /* location of start of msg in buffer */ }; #endif @@ -167,7 +167,8 @@ msghdrs = malloc(sizeof(struct msg) * msginfo.msgtql, M_MSG, M_WAITOK); if (msghdrs == NULL) panic("msghdrs is NULL"); - msqids = malloc(sizeof(struct msqid_kernel) * msginfo.msgmni, M_MSG, M_WAITOK); + msqids = malloc(sizeof(struct msqid_kernel) * msginfo.msgmni, M_MSG, + M_WAITOK); if (msqids == NULL) panic("msqids is NULL"); @@ -230,13 +231,13 @@ mtx_init(&msq_mtx, "msq", NULL, MTX_DEF); refcount = 0; /* - * It is not permissible to pass the same mutex to mtx_init() multiple - * times without intervening calls to mtx_destroy(). - * Since we cannot destroy the refcnt_mtx during msgunload, we check if the - * mtx_init has ever been called. If so, we dont need to do mtx_init as the - * mutex is already initialized. + * It is not permissible to pass the same mutex to mtx_init() + * multiple times without intervening calls to mtx_destroy(). Since + * we cannot destroy the refcnt_mtx during msgunload, we check if the + * mtx_init has ever been called. If so, we dont need to do mtx_init + * as the mutex is already initialized. */ - if ( mtx_initialized(&refcnt_mtx) == 0 ) + if (mtx_initialized(&refcnt_mtx) == 0) mtx_init(&refcnt_mtx, "msgrefcnt", NULL, MTX_DEF); } @@ -247,11 +248,11 @@ int msqid; /* - * Make sure that the msgunload maintains the consistency of the msqids - * and msghdrs data structures. This assures that the unload doesn't take - * place if any thread is in any of the code-paths (tinkering with the - * data structures), and also that no thread can enter the code-paths once - * the module is unloaded. + * Make sure that the msgunload maintains the consistency of the + * msqids and msghdrs data structures. This assures that the unload + * doesn't take place if any thread is in any of the code-paths + * (tinkering with the data structures), and also that no thread + * can enter the code-paths once the module is unloaded. */ mtx_lock(&refcnt_mtx); if (refcount > 0) { @@ -293,8 +294,8 @@ free(msqids, M_MSG); mtx_destroy(&msq_mtx); /* - * NOTE: We cannot destroy the refcnt_mtx as it is possible that some thread - * might (attempt to) hold the mutex. + * NOTE: We cannot destroy the refcnt_mtx as it is possible that + * some thread might (attempt to) hold the mutex. */ /* mtx_destroy(&refcnt_mtx); */ return (0); @@ -422,7 +423,10 @@ if (!jail_sysvipc_allowed && jailed(td->td_ucred)) return (ENOSYS); - /* Prevent thread from going any further if module is (being) unloaded */ + /* + * Prevent thread from going any further if module is (being) + * unloaded. + */ mtx_lock(&refcnt_mtx); if (refcount < 0 ) { mtx_unlock(&refcnt_mtx); @@ -457,9 +461,9 @@ goto done2; } #ifdef MAC - if ((error = mac_check_ipc_msqctl(td->td_ucred,msqkptr,cmd))) - { - MPRINTF(("MAC Framework: mac_check_ipc_msqctl permission denied!\n")); + if ((error = mac_check_ipc_msqctl(td->td_ucred,msqkptr,cmd))) { + MPRINTF(( + "MAC Framework: mac_check_ipc_msqctl permission denied!\n")); goto done2; } #endif @@ -477,22 +481,25 @@ goto done2; #ifdef MAC - /* - * Check that the thread has MAC access permissions to individual - * msghdrs. - * Note: We need to do this in a separate loop because the actual loop - * alters the msq/msghdr info as it progresses, and there is no going - * back if half the way through we discover that the thread cannot free - * a certain msghdr. The msq will get into an inconsistent state. - */ + /* + * Check that the thread has MAC access permissions to + * individual msghdrs. Note: We need to do this in a + * separate loop because the actual loop alters the + * msq/msghdr info as it progresses, and there is no going + * back if half the way through we discover that the + * thread cannot free a certain msghdr. The msq will get + * into an inconsistent state. + */ msghdr = msqkptr->u.msg_first; while (msghdr != NULL) { - if((error = mac_check_ipc_msgrmid(td->td_ucred,msghdr))) { - MPRINTF("MAC Framework: mac_check_ipc_msgrmid permission denied\n"); - /* XXX wakeup(msqkptr); ??? */ - goto done2; - } - msghdr = msghdr->msg_next; + if ((error = mac_check_ipc_msgrmid(td->td_ucred, + msghdr))) { + MPRINTF( + "MAC Framework: mac_check_ipc_msgrmid permission denied\n"); + /* XXX wakeup(msqkptr); ??? */ + goto done2; + } + msghdr = msghdr->msg_next; } #endif @@ -604,7 +611,10 @@ if (!jail_sysvipc_allowed && jailed(td->td_ucred)) return (ENOSYS); - /* Prevent thread from going any further if module is (being) unloaded */ + /* + * Prevent thread from going any further if module is (being) + * unloaded. + */ mtx_lock(&refcnt_mtx); if (refcount < 0 ) { mtx_unlock(&refcnt_mtx); @@ -634,8 +644,9 @@ goto done2; } #ifdef MAC - if(( error = mac_check_ipc_msqget(cred, msqkptr) )) { - MPRINTF("MAC Framework: mac_check_ipc_msqget access denied\n"); + if ((error = mac_check_ipc_msqget(cred, msqkptr))) { + MPRINTF( + "MAC Framework: mac_check_ipc_msqget access denied\n"); goto done2; } #endif @@ -732,7 +743,10 @@ if (!jail_sysvipc_allowed && jailed(td->td_ucred)) return (ENOSYS); - /* Prevent thread from going any further if module is (being) unloaded */ + /* + * Prevent thread from going any further if module is (being) + * unloaded. + */ mtx_lock(&refcnt_mtx); if (refcount < 0 ) { mtx_unlock(&refcnt_mtx); @@ -769,9 +783,13 @@ } #ifdef MAC - /* Make sure that the thread has access rights to the message queue */ + /* + * Make sure that the thread has access rights to the message + * queue. + */ if ((error = mac_check_ipc_msqsnd(td->td_ucred, msqkptr))) { - MPRINTF(("MAC Framework: mac_check_ipc_msqsnd permission denied\n")); + MPRINTF(( +"MAC Framework: mac_check_ipc_msqsnd permission denied\n")); goto done2; } #endif @@ -892,11 +910,10 @@ #ifdef MAC mac_create_ipc_msgmsg(td->td_ucred, msqkptr, msghdr); /* - * XXX: Should the mac_check_ipc_msgmsq check follow here immediately ? - * Or, should it be checked just before the msg is enqueued in the msgq - * (as it is done now) ? + * XXX: Should the mac_check_ipc_msgmsq check follow here + * immediately? Or, should it be checked just before the msg is + * enqueued in the msgq (as it is done now)? */ - #endif /* @@ -1008,17 +1025,19 @@ #ifdef MAC /* - * Note: Since the task/thread allocates the msghdr and usually primes - * it with its own MAC label,for a majority of policies, it won't be - * necessary to check whether the msghdr has access permissions to the - * msgq. The mac_check_ipc_msqsnd check would suffice in that case. - * However, this hook may be required where individual policies derive - * a non-identical label for the msghdr from the current thread label - * and may want to check the msghdr enqueue permissions, along with - * read/write permissions to the msgq. + * Note: Since the task/thread allocates the msghdr and usually + * primes it with its own MAC label,for a majority of policies, it + * won't be necessary to check whether the msghdr has access + * permissions to the msgq. The mac_check_ipc_msqsnd check would + * suffice in that case. However, this hook may be required where + * individual policies derive a non-identical label for the msghdr + * from the current thread label and may want to check the msghdr + * enqueue permissions, along with read/write permissions to the + * msgq. */ - if((error= mac_check_ipc_msgmsq(td->td_ucred,msghdr,msqkptr))) { - MPRINTF(("MAC Framework: mac_check_ipc_msqmsq permission denied\n")); + if ((error = mac_check_ipc_msgmsq(td->td_ucred,msghdr,msqkptr))) { + MPRINTF(( + "MAC Framework: mac_check_ipc_msqmsq permission denied\n")); msg_freehdr(msghdr); wakeup(msqkptr); goto done2; @@ -1084,7 +1103,10 @@ if (!jail_sysvipc_allowed && jailed(td->td_ucred)) return (ENOSYS); - /* Prevent thread from going any further if module is (being) unloaded */ + /* + * Prevent thread from going any further if module is (being) + * unloaded. + */ mtx_lock(&refcnt_mtx); if (refcount < 0 ) { mtx_unlock(&refcnt_mtx); @@ -1121,9 +1143,12 @@ } #ifdef MAC - /* Make sure that the thread has access rights to the message queue */ + /* + * Make sure that the thread has access rights to the message queue. + */ if ((error = mac_check_ipc_msqrcv(td->td_ucred, msqkptr))) { - MPRINTF(("MAC Framework: mac_check_ipc_msqrcv permission denied\n")); + MPRINTF(( +"MAC Framework: mac_check_ipc_msqrcv permission denied\n")); goto done2; } #endif @@ -1142,10 +1167,14 @@ goto done2; } #ifdef MAC - /* Make sure that the thread has access rights to the message header */ + /* + * Make sure that the thread has access + * rights to the message header. + */ if ((error = mac_check_ipc_msgrcv(td->td_ucred, msghdr))) { - MPRINTF(("MAC Framework: mac_check_ipc_msgrcv permission denied\n")); + MPRINTF(( + "MAC Framework: mac_check_ipc_msgrcv permission denied\n")); goto done2; } #endif @@ -1189,9 +1218,16 @@ goto done2; } #ifdef MAC - /* Make sure that the thread has access rights to the message header */ - if ((error = mac_check_ipc_msgrcv(td->td_ucred, msghdr))) { - MPRINTF(("MAC Framework: mac_check_ipc_msgrcv permission denied\n")); + /* + * Make sure that the thread has + * access rights to the message + * header. + */ + if ((error = + mac_check_ipc_msgrcv(td->td_ucred, + msghdr))) { + MPRINTF(( + "MAC Framework: mac_check_ipc_msgrcv permission denied\n")); goto done2; } #endif
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311070436.hA74aU6M096158>