Date: Tue, 28 Oct 2008 23:32:09 GMT From: Edward Tomasz Napierala <trasz@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 152133 for review Message-ID: <200810282332.m9SNW9A6098191@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=152133 Change 152133 by trasz@trasz_victim7 on 2008/10/28 23:31:44 Remove unneeded differences relative to SVN. Affected files ... .. //depot/projects/soc2008/trasz_nfs4acl/sys/kern/vfs_subr.c#18 edit .. //depot/projects/soc2008/trasz_nfs4acl/sys/security/mac_biba/mac_biba.c#10 edit .. //depot/projects/soc2008/trasz_nfs4acl/sys/security/mac_bsdextended/mac_bsdextended.c#10 integrate .. //depot/projects/soc2008/trasz_nfs4acl/sys/security/mac_lomac/mac_lomac.c#11 edit .. //depot/projects/soc2008/trasz_nfs4acl/sys/security/mac_mls/mac_mls.c#10 edit .. //depot/projects/soc2008/trasz_nfs4acl/sys/security/mac_stub/mac_stub.c#8 edit .. //depot/projects/soc2008/trasz_nfs4acl/sys/ufs/ffs/ffs_vnops.c#6 edit Differences ... ==== //depot/projects/soc2008/trasz_nfs4acl/sys/kern/vfs_subr.c#18 (text+ko) ==== @@ -53,7 +53,6 @@ #include <sys/dirent.h> #include <sys/event.h> #include <sys/eventhandler.h> -#include <sys/vnode.h> #include <sys/extattr.h> #include <sys/file.h> #include <sys/fcntl.h> @@ -72,6 +71,7 @@ #include <sys/sysctl.h> #include <sys/syslog.h> #include <sys/vmmeter.h> +#include <sys/vnode.h> #include <machine/stdarg.h> ==== //depot/projects/soc2008/trasz_nfs4acl/sys/security/mac_biba/mac_biba.c#10 (text+ko) ==== @@ -46,7 +46,6 @@ #include <sys/param.h> #include <sys/conf.h> -#include <sys/vnode.h> #include <sys/extattr.h> #include <sys/kernel.h> #include <sys/ksem.h> @@ -60,6 +59,7 @@ #include <sys/sysproto.h> #include <sys/sysent.h> #include <sys/systm.h> +#include <sys/vnode.h> #include <sys/file.h> #include <sys/socket.h> #include <sys/socketvar.h> ==== //depot/projects/soc2008/trasz_nfs4acl/sys/security/mac_bsdextended/mac_bsdextended.c#10 (text+ko) ==== @@ -225,8 +225,7 @@ static int ugidfw_rulecheck(struct mac_bsdextended_rule *rule, - struct ucred *cred, struct vnode *vp, struct vattr *vap, - accmode_t accmode) + struct ucred *cred, struct vnode *vp, struct vattr *vap, int acc_mode) { int mac_granted, match, priv_granted; int i; @@ -384,30 +383,30 @@ */ priv_granted = 0; mac_granted = rule->mbr_mode; - if ((accmode & MBI_ADMIN) && (mac_granted & MBI_ADMIN) == 0 && + if ((acc_mode & MBI_ADMIN) && (mac_granted & MBI_ADMIN) == 0 && priv_check_cred(cred, PRIV_VFS_ADMIN, 0) == 0) priv_granted |= MBI_ADMIN; - if ((accmode & MBI_EXEC) && (mac_granted & MBI_EXEC) == 0 && + if ((acc_mode & MBI_EXEC) && (mac_granted & MBI_EXEC) == 0 && priv_check_cred(cred, (vap->va_type == VDIR) ? PRIV_VFS_LOOKUP : PRIV_VFS_EXEC, 0) == 0) priv_granted |= MBI_EXEC; - if ((accmode & MBI_READ) && (mac_granted & MBI_READ) == 0 && + if ((acc_mode & MBI_READ) && (mac_granted & MBI_READ) == 0 && priv_check_cred(cred, PRIV_VFS_READ, 0) == 0) priv_granted |= MBI_READ; - if ((accmode & MBI_STAT) && (mac_granted & MBI_STAT) == 0 && + if ((acc_mode & MBI_STAT) && (mac_granted & MBI_STAT) == 0 && priv_check_cred(cred, PRIV_VFS_STAT, 0) == 0) priv_granted |= MBI_STAT; - if ((accmode & MBI_WRITE) && (mac_granted & MBI_WRITE) == 0 && + if ((acc_mode & MBI_WRITE) && (mac_granted & MBI_WRITE) == 0 && priv_check_cred(cred, PRIV_VFS_WRITE, 0) == 0) priv_granted |= MBI_WRITE; /* * Is the access permitted? */ - if (((mac_granted | priv_granted) & accmode) != accmode) { + if (((mac_granted | priv_granted) & acc_mode) != acc_mode) { if (ugidfw_logging) log(LOG_AUTHPRIV, "mac_bsdextended: %d:%d request %d" " on %d:%d failed. \n", cred->cr_ruid, - cred->cr_rgid, accmode, vap->va_uid, + cred->cr_rgid, acc_mode, vap->va_uid, vap->va_gid); return (EACCES); } @@ -424,23 +423,23 @@ int ugidfw_check(struct ucred *cred, struct vnode *vp, struct vattr *vap, - accmode_t accmode) + int acc_mode) { int error, i; /* * Since we do not separately handle append, map append to write. */ - if (accmode & MBI_APPEND) { - accmode &= ~MBI_APPEND; - accmode |= MBI_WRITE; + if (acc_mode & MBI_APPEND) { + acc_mode &= ~MBI_APPEND; + acc_mode |= MBI_WRITE; } mtx_lock(&ugidfw_mtx); for (i = 0; i < rule_slots; i++) { if (rules[i] == NULL) continue; error = ugidfw_rulecheck(rules[i], cred, - vp, vap, accmode); + vp, vap, acc_mode); if (error == EJUSTRETURN) break; if (error) { @@ -453,7 +452,7 @@ } int -ugidfw_check_vp(struct ucred *cred, struct vnode *vp, int accmode) +ugidfw_check_vp(struct ucred *cred, struct vnode *vp, int acc_mode) { int error; struct vattr vap; @@ -463,7 +462,7 @@ error = VOP_GETATTR(vp, &vap, cred); if (error) return (error); - return (ugidfw_check(cred, vp, &vap, accmode)); + return (ugidfw_check(cred, vp, &vap, acc_mode)); } static struct mac_policy_ops ugidfw_ops = ==== //depot/projects/soc2008/trasz_nfs4acl/sys/security/mac_lomac/mac_lomac.c#11 (text+ko) ==== @@ -48,7 +48,6 @@ #include <sys/param.h> #include <sys/acl.h> #include <sys/conf.h> -#include <sys/vnode.h> #include <sys/extattr.h> #include <sys/kernel.h> #include <sys/malloc.h> @@ -61,6 +60,7 @@ #include <sys/sysproto.h> #include <sys/sysent.h> #include <sys/systm.h> +#include <sys/vnode.h> #include <sys/file.h> #include <sys/socket.h> #include <sys/socketvar.h> ==== //depot/projects/soc2008/trasz_nfs4acl/sys/security/mac_mls/mac_mls.c#10 (text+ko) ==== @@ -48,7 +48,6 @@ #include <sys/param.h> #include <sys/acl.h> #include <sys/conf.h> -#include <sys/vnode.h> #include <sys/extattr.h> #include <sys/kernel.h> #include <sys/ksem.h> @@ -61,6 +60,7 @@ #include <sys/sysproto.h> #include <sys/sysent.h> #include <sys/systm.h> +#include <sys/vnode.h> #include <sys/file.h> #include <sys/socket.h> #include <sys/socketvar.h> ==== //depot/projects/soc2008/trasz_nfs4acl/sys/security/mac_stub/mac_stub.c#8 (text+ko) ==== @@ -50,7 +50,6 @@ #include <sys/param.h> #include <sys/acl.h> #include <sys/conf.h> -#include <sys/vnode.h> #include <sys/extattr.h> #include <sys/kernel.h> #include <sys/ksem.h> @@ -59,6 +58,7 @@ #include <sys/systm.h> #include <sys/sysproto.h> #include <sys/sysent.h> +#include <sys/vnode.h> #include <sys/file.h> #include <sys/socket.h> #include <sys/socketvar.h> ==== //depot/projects/soc2008/trasz_nfs4acl/sys/ufs/ffs/ffs_vnops.c#6 (text+ko) ==== @@ -69,7 +69,6 @@ #include <sys/systm.h> #include <sys/buf.h> #include <sys/conf.h> -#include <sys/vnode.h> #include <sys/extattr.h> #include <sys/kernel.h> #include <sys/limits.h> @@ -81,6 +80,7 @@ #include <sys/signalvar.h> #include <sys/stat.h> #include <sys/vmmeter.h> +#include <sys/vnode.h> #include <vm/vm.h> #include <vm/vm_extern.h>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200810282332.m9SNW9A6098191>