Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 19 Jul 2022 17:26:57 +0300
From:      Konstantin Belousov <kostikbel@gmail.com>
To:        Allan Jude <allanjude@freebsd.org>
Cc:        src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org
Subject:   Re: git: 4e2121c10afc - main - mac_ddb: add some validation functions
Message-ID:  <Yta/MRbDEecCw9PF@kib.kiev.ua>
In-Reply-To: <202207182206.26IM6vMQ048237@gitrepo.freebsd.org>
References:  <202207182206.26IM6vMQ048237@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, Jul 18, 2022 at 10:06:57PM +0000, Allan Jude wrote:
> The branch main has been updated by allanjude:
> 
> URL: https://cgit.FreeBSD.org/src/commit/?id=4e2121c10afc3d9273368eae776fe31d0c68ba6a
> 
> commit 4e2121c10afc3d9273368eae776fe31d0c68ba6a
> Author:     Mitchell Horne <mhorne@FreeBSD.org>
> AuthorDate: 2022-07-18 21:25:00 +0000
> Commit:     Allan Jude <allanjude@FreeBSD.org>
> CommitDate: 2022-07-18 22:06:22 +0000
> 
>     mac_ddb: add some validation functions
>     
>     These global objects are easy to validate, so provide the helper
>     functions to do so and include these commands in the allow lists.
>     
>     Reviewed by:    markj
>     Sponsored by:   Juniper Networks, Inc.
>     Sponsored by:   Klara, Inc.
>     Differential Revision:  https://reviews.freebsd.org/D35372
> ---
>  sys/security/mac_ddb/mac_ddb.c | 101 +++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 101 insertions(+)

> +static int
> +db_show_vnet_valid(db_expr_t addr, bool have_addr, db_expr_t count, char *modif)
> +{
> +	VNET_ITERATOR_DECL(vnet);
> +
> +	if (!have_addr)
> +		return (0);
> +
> +	VNET_FOREACH(vnet) {
> +		if ((void *)vnet == (void *)addr)
> +			return (0);
> +	}
> +
> +	return (EACCES);
> +}

This seems to break non-VNET builds:
/usr/home/kostik/work/DEV/src/sys/security/mac_ddb/mac_ddb.c:200:15: error: use of undeclared identifier 'vnet'; did you mean 'int'?
                if ((void *)vnet == (void *)addr)
                            ^~~~
                            int
/usr/home/kostik/work/DEV/src/sys/security/mac_ddb/mac_ddb.c:200:15: error: expected expression
2 errors generated.
--- mac_ddb.o ---
*** [mac_ddb.o] Error code 1

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Yta/MRbDEecCw9PF>