From owner-trustedbsd-cvs@FreeBSD.ORG  Thu Sep  7 13:51:46 2006
Return-Path: <owner-trustedbsd-cvs@FreeBSD.ORG>
X-Original-To: trustedbsd-cvs@freebsd.org
Delivered-To: trustedbsd-cvs@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 549CA16A506
	for <trustedbsd-cvs@freebsd.org>; Thu,  7 Sep 2006 13:51:46 +0000 (UTC)
	(envelope-from owner-perforce@freebsd.org)
Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E1D0443D79
	for <trustedbsd-cvs@freebsd.org>; Thu,  7 Sep 2006 13:51:19 +0000 (GMT)
	(envelope-from owner-perforce@freebsd.org)
Received: from mx2.freebsd.org (mx2.freebsd.org [216.136.204.119])
	by cyrus.watson.org (Postfix) with ESMTP id 33B7346D8A
	for <trustedbsd-cvs@trustedbsd.org>;
	Thu,  7 Sep 2006 09:51:19 -0400 (EDT)
Received: from hub.freebsd.org (hub.freebsd.org [216.136.204.18])
	by mx2.freebsd.org (Postfix) with ESMTP id B68D45A9C8;
	Thu,  7 Sep 2006 13:32:00 +0000 (GMT)
	(envelope-from owner-perforce@freebsd.org)
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 6E15A16A518; Thu,  7 Sep 2006 13:31:47 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 41ED516A4E9
	for <perforce@freebsd.org>; Thu,  7 Sep 2006 13:31:47 +0000 (UTC)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AF02643E4A
	for <perforce@freebsd.org>; Thu,  7 Sep 2006 13:31:09 +0000 (GMT)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k87DV9be011342
	for <perforce@freebsd.org>; Thu, 7 Sep 2006 13:31:09 GMT
	(envelope-from millert@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k87DV94f011339
	for perforce@freebsd.org; Thu, 7 Sep 2006 13:31:09 GMT
	(envelope-from millert@freebsd.org)
Date: Thu, 7 Sep 2006 13:31:09 GMT
Message-Id: <200609071331.k87DV94f011339@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	millert@freebsd.org using -f
From: Todd Miller <millert@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 105783 for review
X-BeenThere: trustedbsd-cvs@FreeBSD.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TrustedBSD CVS and Perforce commit message list
	<trustedbsd-cvs.FreeBSD.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/trustedbsd-cvs>, 
	<mailto:trustedbsd-cvs-request@FreeBSD.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/trustedbsd-cvs>
List-Post: <mailto:trustedbsd-cvs@FreeBSD.org>
List-Help: <mailto:trustedbsd-cvs-request@FreeBSD.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/trustedbsd-cvs>,
	<mailto:trustedbsd-cvs-request@FreeBSD.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Sep 2006 13:51:46 -0000

http://perforce.freebsd.org/chv.cgi?CH=105783

Change 105783 by millert@millert_g5tower on 2006/09/07 13:30:49

	Start labelling Mach threads.  When a thread is created it
	gets a reference to the label handle of the task that created
	it.  Note that one task can create threads in another task.
	
	Changes to the task label to propagate to its own threads
	that contain a reference to its label.  Changes will *not*
	be propagated to threads created in another task.  Those
	threads will retain the label of the task that created them
	(which will not change).  This is considered a feature (but
	I could be convinced otherwise).

Affected files ...

.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/task.c#5 edit
.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/thread.c#2 edit
.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/thread.h#2 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/task.c#5 (text+ko) ====

@@ -1686,29 +1686,78 @@
 void
 mac_task_update_label(
 	struct label	*pl,
-	struct task	*t)
+	struct task	*task)
 {
+	thread_t thread;
+	ipc_labelh_t oldlabel;
+
+	tasklabel_lock(task);
+	oldlabel = task->label;
 
-	tasklabel_lock(t);
-	t->label = labelh_modify(t->label);
-	mac_cred_copy_to_task(pl, &t->maclabel);
-	tasklabel_unlock(t);
-	ip_lock(t->itk_self);
-	mac_port_update_from_cred(pl, &t->itk_self->ip_label);
-	ip_unlock(t->itk_self);
+	/*
+	 * For each thread in the task, release a reference to the label
+	 * handle in the thread if it matches the parent's.
+	 * XXX - do we need to hold the task while this is going on?
+	 */
+	queue_iterate(&task->threads, thread, thread_t, task_threads) {
+		if (thread->label == oldlabel)
+			lh_release(oldlabel);
+	}
+	task->label = labelh_modify(task->label, 0);
+	mac_cred_copy_to_task(pl, &task->maclabel);
+	/*
+	 * Replace the old label in the task's threads with the new one.
+	 */
+	queue_iterate(&task->threads, thread, thread_t, task_threads) {
+		if (thread->label == oldlabel) {
+			thread->label = task->label;
+			lh_reference(task->label);
+		}
+	}
+	/* Free old label if it is no longer in use.  */
+	if (task->label != oldlabel)
+		lh_check_unlock(oldlabel);
+	tasklabel_unlock(task);
+	ip_lock(task->itk_self);
+	mac_port_update_from_cred(pl, &task->itk_self->ip_label);
+	ip_unlock(task->itk_self);
 }
 
 void
 mac_task_modify_label(
-	struct task	*pt,
+	struct task	*task,
 	void		*arg,
 	void (*f)	(struct label *l, void *arg))
 {
+	thread_t thread;
+	ipc_labelh_t oldlabel;
 
-	tasklabel_lock(pt);
-	pt->label = labelh_modify(pt->label);
-	(*f)(&pt->maclabel, arg);
-	tasklabel_unlock(pt);
+	tasklabel_lock(task);
+	oldlabel = task->label;
+
+	/*
+	 * For each thread in the task, release a reference to the label
+	 * handle in the thread if it matches the parent's.
+	 * XXX - do we need to hold the task while this is going on?
+	 */
+	queue_iterate(&task->threads, thread, thread_t, task_threads) {
+		if (thread->label == oldlabel)
+			lh_release(oldlabel);
+	}
+	task->label = labelh_modify(task->label, 0);
+	(*f)(&task->maclabel, arg);
+	/*
+	 * Replace the old label in the task's threads with the new one.
+	 */
+	queue_iterate(&task->threads, thread, thread_t, task_threads) {
+		if (thread->label == oldlabel) {
+			thread->label = task->label;
+			lh_reference(task->label);
+		}
+	}
+	/* Free old label if it is no longer in use.  */
+	if (task->label != oldlabel)
+		lh_check_unlock(oldlabel);
+	tasklabel_unlock(task);
 }
-
 #endif

==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/thread.c#2 (text+ko) ====

@@ -383,6 +383,10 @@
 
 	machine_thread_destroy(thread);
 
+#ifdef MAC
+	labelh_release(task->label);
+#endif
+
 	zfree(thread_zone, thread);
 }
 
@@ -657,6 +661,11 @@
 	new_thread->pri_shift = new_thread->processor_set->pri_shift;
 	compute_priority(new_thread, FALSE);
 
+#ifdef MAC
+	labelh_reference(parent_task->label);
+	new_thread->label = parent_task->label;
+#endif
+
 	new_thread->active = TRUE;
 
 	*out_thread = new_thread;

==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/thread.h#2 (text+ko) ====

@@ -114,7 +114,9 @@
 #include <kern/timer_call.h>
 #include <kern/task.h>
 #include <kern/exception.h>
+#include <security/_label.h>
 
+#include <ipc/ipc_labelh.h>
 #include <ipc/ipc_kmsg.h>
 
 #include <machine/cpu_data.h>
@@ -347,6 +349,10 @@
 #ifdef	MACH_BSD
 		void					*uthread;
 #endif
+
+#ifdef MAC
+		ipc_labelh_t				label;
+#endif
 };
 
 #define ith_state		saved.receive.state