Date: Sat, 8 May 2004 06:31:13 -0700 (PDT) From: Chris Vance <cvance@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 52507 for review Message-ID: <200405081331.i48DVDff085433@repoman.freebsd.org>
index | next in thread | raw e-mail
http://perforce.freebsd.org/chv.cgi?CH=52507 Change 52507 by cvance@cvance_sony on 2004/05/08 06:30:25 Fix up SEBSD branch after latest integ: - vfs_mount call syntax error - suser replaced with cap_check - MAC framework now uses struct pipepair instead of struct pipe Affected files ... .. //depot/projects/trustedbsd/sebsd/sys/compat/linux/linux_file.c#9 edit .. //depot/projects/trustedbsd/sebsd/sys/compat/linux/linux_stats.c#7 edit .. //depot/projects/trustedbsd/sebsd/sys/kern/kern_conf.c#8 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#31 edit .. //depot/projects/trustedbsd/sebsd/sys/sys/pipe.h#9 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/sys/compat/linux/linux_file.c#9 (text+ko) ==== @@ -811,7 +811,7 @@ iov[3].iov_len = strlen(mntonname) + 1; error = vfs_nmount(td, fsflags, &auio); } else - error = vfs_mount(td, fstypename, mntonname, fsflags, fsdata + error = vfs_mount(td, fstypename, mntonname, fsflags, fsdata, NULL); return (error); } ==== //depot/projects/trustedbsd/sebsd/sys/compat/linux/linux_stats.c#7 (text+ko) ==== @@ -268,7 +268,7 @@ linux_statfs.f_bavail = bsd_statfs->f_bavail; linux_statfs.f_ffree = bsd_statfs->f_ffree; linux_statfs.f_files = bsd_statfs->f_files; - if (suser(td)) { + if (cap_check(td, CAP_SYS_ADMIN)) { linux_statfs.f_fsid.val[0] = 0; linux_statfs.f_fsid.val[1] = 0; } else { @@ -317,7 +317,7 @@ linux_statfs.f_bavail = bsd_statfs->f_bavail; linux_statfs.f_ffree = bsd_statfs->f_ffree; linux_statfs.f_files = bsd_statfs->f_files; - if (suser(td)) { + if (cap_check(td, CAP_SYS_ADMIN)) { linux_statfs.f_fsid.val[0] = 0; linux_statfs.f_fsid.val[1] = 0; } else { ==== //depot/projects/trustedbsd/sebsd/sys/kern/kern_conf.c#8 (text+ko) ==== @@ -469,7 +469,7 @@ devunlock(); } -dev_t +static dev_t make_dev_credv(struct cdevsw *devsw, int minornr, uid_t uid, gid_t gid, struct ucred *cr, int perms, const char *fmt, ...) { ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#31 (text+ko) ==== @@ -284,13 +284,13 @@ } static int -pipe_has_perm(struct ucred *cred, struct pipe *pipe, access_vector_t perm) +pipe_has_perm(struct ucred *cred, struct pipepair *pp, access_vector_t perm) { struct task_security_struct *task; struct vnode_security_struct *file; task = SLOT(cred->cr_label); - file = SLOT(pipe->pipe_label); + file = SLOT(pp->pp_label); /* * TBD: No audit information yet @@ -1011,31 +1011,31 @@ } static int -sebsd_check_pipe_ioctl(struct ucred *cred, struct pipe *pipe, +sebsd_check_pipe_ioctl(struct ucred *cred, struct pipepair *pp, struct label *pipelabel, unsigned long cmd, void /* caddr_t */ *data) { - return (pipe_has_perm(cred, pipe, FIFO_FILE__IOCTL)); + return (pipe_has_perm(cred, pp, FIFO_FILE__IOCTL)); } static int -sebsd_check_pipe_poll(struct ucred *cred, struct pipe *pipe, +sebsd_check_pipe_poll(struct ucred *cred, struct pipepair *pp, struct label *pipelabel) { - return (pipe_has_perm(cred, pipe, FIFO_FILE__POLL)); + return (pipe_has_perm(cred, pp, FIFO_FILE__POLL)); } static int -sebsd_check_pipe_read(struct ucred *cred, struct pipe *pipe, +sebsd_check_pipe_read(struct ucred *cred, struct pipepair *pp, struct label *pipelabel) { - return (pipe_has_perm(cred, pipe, FIFO_FILE__READ)); + return (pipe_has_perm(cred, pp, FIFO_FILE__READ)); } static int -sebsd_check_pipe_relabel(struct ucred *cred, struct pipe *pipe, +sebsd_check_pipe_relabel(struct ucred *cred, struct pipepair *pp, struct label *pipelabel, struct label *newlabel) { struct task_security_struct *task; @@ -1068,19 +1068,19 @@ } static int -sebsd_check_pipe_stat(struct ucred *cred, struct pipe *pipe, +sebsd_check_pipe_stat(struct ucred *cred, struct pipepair *pp, struct label *pipelabel) { - return (pipe_has_perm(cred, pipe, FIFO_FILE__GETATTR)); + return (pipe_has_perm(cred, pp, FIFO_FILE__GETATTR)); } static int -sebsd_check_pipe_write(struct ucred *cred, struct pipe *pipe, +sebsd_check_pipe_write(struct ucred *cred, struct pipe *pp, struct label *pipelabel) { - return (pipe_has_perm(cred, pipe, FIFO_FILE__WRITE)); + return (pipe_has_perm(cred, pp, FIFO_FILE__WRITE)); } static int ==== //depot/projects/trustedbsd/sebsd/sys/sys/pipe.h#9 (text+ko) ====home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200405081331.i48DVDff085433>