From owner-p4-projects@FreeBSD.ORG Mon Jun 18 09:06:29 2007 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 7967216A476; Mon, 18 Jun 2007 09:06:29 +0000 (UTC) X-Original-To: perforce@FreeBSD.org Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 3776D16A46F for ; Mon, 18 Jun 2007 09:06:29 +0000 (UTC) (envelope-from zhouzhouyi@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41]) by mx1.freebsd.org (Postfix) with ESMTP id 2861613C44C for ; Mon, 18 Jun 2007 09:06:29 +0000 (UTC) (envelope-from zhouzhouyi@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.8/8.13.8) with ESMTP id l5I96Tv8016986 for ; Mon, 18 Jun 2007 09:06:29 GMT (envelope-from zhouzhouyi@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.8/8.13.8/Submit) id l5I96Tbo016983 for perforce@freebsd.org; Mon, 18 Jun 2007 09:06:29 GMT (envelope-from zhouzhouyi@FreeBSD.org) Date: Mon, 18 Jun 2007 09:06:29 GMT Message-Id: <200706180906.l5I96Tbo016983@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to zhouzhouyi@FreeBSD.org using -f From: Zhouyi ZHOU To: Perforce Change Reviews Cc: Subject: PERFORCE change 121901 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jun 2007 09:06:29 -0000 http://perforce.freebsd.org/chv.cgi?CH=121901 Change 121901 by zhouzhouyi@zhouzhouyi_mactest on 2007/06/18 09:06:15 String manipulation during the mac checks when writing to the mactestpipe I plan to use bison to write a parser to parse the output of /dev/mactestpipe when constructing test programs Affected files ... .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test.c#8 edit Differences ... ==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test.c#8 (text+ko) ==== @@ -1118,7 +1118,10 @@ mac_test_create_mbuf_from_inpcb(struct inpcb *inp, struct label *inplabel, struct mbuf *m, struct label *mlabel) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_create_mbuf_from_inpcb " + "with inplabel and mlabel:", + strlen("mac_test_create_mbuf_from_inpcb with inplabel and mlabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(ifnet, inplabel, vnode, mlabel); LABEL_CHECK(inplabel, MAGIC_INPCB); LABEL_CHECK(mlabel, MAGIC_MBUF); COUNTER_INC(create_mbuf_from_inpcb); @@ -1129,7 +1132,11 @@ mac_test_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel, struct mbuf *mbuf, struct label *mbuflabel) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_create_mbuf_linklayer " + "with ifnetlabel and mbuflabel:", + strlen("mac_test_create_mbuf_linklayer with ifnetlabel " + "and mbuflabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(ifnet, ifnetlabel, vnode, mbuflabel); LABEL_CHECK(ifnetlabel, MAGIC_IFNET); LABEL_CHECK(mbuflabel, MAGIC_MBUF); COUNTER_INC(create_mbuf_linklayer); @@ -1140,7 +1147,10 @@ mac_test_create_mbuf_from_bpfdesc(struct bpf_d *bpf_d, struct label *bpflabel, struct mbuf *mbuf, struct label *mbuflabel) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_create_mbuf_from_bpfdesc " + "with inplabel and mlabel:", + strlen("mac_test_create_mbuf_from_bpfdesc with bpflabel and mbuflabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(vnode, bpflabel, vnode, mbuflabel); LABEL_CHECK(bpflabel, MAGIC_BPF); LABEL_CHECK(mbuflabel, MAGIC_MBUF); COUNTER_INC(create_mbuf_from_bpfdesc); @@ -1151,7 +1161,10 @@ mac_test_create_mbuf_from_ifnet(struct ifnet *ifnet, struct label *ifnetlabel, struct mbuf *m, struct label *mbuflabel) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_create_mbuf_from_ifnet " + "with ifnetlabel and mbuflabel:", + strlen("mac_test_create_mbuf_from_ifnet with ifnetlabel and mbuflabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(ifnet, ifnetlabel, vnode, mbuflabel); LABEL_CHECK(ifnetlabel, MAGIC_IFNET); LABEL_CHECK(mbuflabel, MAGIC_MBUF); COUNTER_INC(create_mbuf_from_ifnet); @@ -1163,7 +1176,12 @@ struct label *oldmbuflabel, struct ifnet *ifnet, struct label *ifnetlabel, struct mbuf *newmbuf, struct label *newmbuflabel) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_create_mbuf_multicast_encap " + "with oldmbuflabel ifnetlabel and newmbuflabel:", + strlen("mac_test_create_mbuf_multicast_encap " + "with oldmbuflabel ifnetlabel and newmbuflabel:")); + MACTEST_PIPE_SUBMIT_LABEL3(vnode, oldmbuflabel, ifnet, ifnetlabel, + vnode, newmbuflabel); LABEL_CHECK(oldmbuflabel, MAGIC_MBUF); LABEL_CHECK(ifnetlabel, MAGIC_IFNET); LABEL_CHECK(newmbuflabel, MAGIC_MBUF); @@ -1176,7 +1194,11 @@ struct label *oldmbuflabel, struct mbuf *newmbuf, struct label *newmbuflabel) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_create_mbuf_netlayer " + "with oldmbuflabel and newmbuflabel:", + strlen("mac_test_create_mbuf_netlayer " + "with oldmbuflabel and newmbuflabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(vnode, oldmbuflabel, vnode, newmbuflabel); LABEL_CHECK(oldmbuflabel, MAGIC_MBUF); LABEL_CHECK(newmbuflabel, MAGIC_MBUF); COUNTER_INC(create_mbuf_netlayer); @@ -1187,7 +1209,11 @@ mac_test_fragment_match(struct mbuf *fragment, struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_fragment_match " + "with fragmentlabel and ipqlabel:", + strlen("mac_test_fragment_match " + "with fragmentlabel and ipqlabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(vnode, fragmentlabel, vnode, ipqlabel); LABEL_CHECK(fragmentlabel, MAGIC_MBUF); LABEL_CHECK(ipqlabel, MAGIC_IPQ); COUNTER_INC(fragment_match); @@ -1199,7 +1225,9 @@ static void mac_test_reflect_mbuf_icmp(struct mbuf *m, struct label *mlabel) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_reflect_mbuf_icmp with mlabel:", + strlen("mac_test_reflect_mbuf_icmp with mlabel:")); + MACTEST_PIPE_SUBMIT_LABEL(vnode, mlabel); LABEL_CHECK(mlabel, MAGIC_MBUF); COUNTER_INC(reflect_mbuf_icmp); } @@ -1208,7 +1236,9 @@ static void mac_test_reflect_mbuf_tcp(struct mbuf *m, struct label *mlabel) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_reflect_mbuf_tcp with mlabel:", + strlen("mac_test_reflect_mbuf_tcp with mlabel:")); + MACTEST_PIPE_SUBMIT_LABEL(vnode, mlabel); LABEL_CHECK(mlabel, MAGIC_MBUF); COUNTER_INC(reflect_mbuf_tcp); } @@ -1218,7 +1248,10 @@ mac_test_relabel_ifnet(struct ucred *cred, struct ifnet *ifnet, struct label *ifnetlabel, struct label *newlabel) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_relabel_ifnet " + "with ifnetlabel and newlabel:", + strlen("mac_test_relabel_ifnet with ifnetlabel and newlabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(ifnet, ifnetlabel, ifnet, newlabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(ifnetlabel, MAGIC_IFNET); LABEL_CHECK(newlabel, MAGIC_IFNET); @@ -1230,7 +1263,10 @@ mac_test_update_ipq(struct mbuf *fragment, struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_update_ipq " + "with fragmentlabel and ipqlabel:", + strlen("mac_test_update_ipq with fragmentlabel and ipqlabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(vnode, fragmentlabel, vnode, ipqlabel); LABEL_CHECK(fragmentlabel, MAGIC_MBUF); LABEL_CHECK(ipqlabel, MAGIC_IPQ); COUNTER_INC(update_ipq); @@ -1241,7 +1277,10 @@ mac_test_inpcb_sosetlabel(struct socket *so, struct label *solabel, struct inpcb *inp, struct label *inplabel) { - + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_inpcb_sosetlabel " + "with solabel and inplabel:", + strlen("mac_test_inpcb_sosetlabel with solabel and inplabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(socket, solabel, socket, inplabel); LABEL_CHECK(solabel, MAGIC_SOCKET); LABEL_CHECK(inplabel, MAGIC_INPCB); COUNTER_INC(inpcb_sosetlabel); @@ -1258,6 +1297,13 @@ struct label *execlabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_execve_transition " + "with old cr_label, new cr_label, filelabel, interpvplabel and execlabel", + strlen("mac_test_execve_transition " + "with old cr_label, new cr_label, filelabel, interpvplabel and execlabel")); + MACTEST_PIPE_SUBMIT_LABEL4(cred, old->cr_label, cred, new->cr_label, + vnode, filelabel, vnode, interpvplabel); + MACTEST_PIPE_SUBMIT_LABEL(vnode, execlabel); LABEL_CHECK(old->cr_label, MAGIC_CRED); LABEL_CHECK(new->cr_label, MAGIC_CRED); LABEL_CHECK(filelabel, MAGIC_VNODE); @@ -1273,6 +1319,12 @@ struct image_params *imgp, struct label *execlabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_execve_will_transition " + "with old cr_label, filelabel, interpvplabel and execlabel:", + strlen("mac_test_execve_will_transition " + "with old cr_label, filelabel, interpvplabel and execlabel:")); + MACTEST_PIPE_SUBMIT_LABEL4(cred, old->cr_label, vnode, filelabel, + vnode, interpvplabel, vnode, execlabel); LABEL_CHECK(old->cr_label, MAGIC_CRED); LABEL_CHECK(filelabel, MAGIC_VNODE); LABEL_CHECK(interpvplabel, MAGIC_VNODE); @@ -1287,6 +1339,10 @@ mac_test_create_proc0(struct ucred *cred) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_create_proc0 " + "with cr_label:", + strlen("mac_test_create_proc0 with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(create_proc0); } @@ -1296,6 +1352,10 @@ mac_test_create_proc1(struct ucred *cred) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_create_proc1 " + "with cr_label:", + strlen("mac_test_create_proc1 with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(create_proc1); } @@ -1305,6 +1365,10 @@ mac_test_relabel_cred(struct ucred *cred, struct label *newlabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_relabel_cred " + "with cr_label and newlabel:", + strlen("mac_test_relabel_cred with cr_label and newlabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, cred, newlabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(newlabel, MAGIC_CRED); COUNTER_INC(relabel_cred); @@ -1315,6 +1379,8 @@ mac_test_thread_userret(struct thread *td) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_thread_userret\n", + strlen("mac_test_thread_userret\n")); COUNTER_INC(thread_userret); } @@ -1326,6 +1392,10 @@ mac_test_cleanup_sysv_msgmsg(struct label *msglabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_cleanup_sysv_msgmsg " + "with msglabel:", + strlen("mac_test_cleanup_sysv_msgmsg with msglabel:")); + MACTEST_PIPE_SUBMIT_LABEL(vnode, msglabel); LABEL_CHECK(msglabel, MAGIC_SYSV_MSG); COUNTER_INC(cleanup_sysv_msgmsg); } @@ -1335,6 +1405,10 @@ mac_test_cleanup_sysv_msgqueue(struct label *msqlabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_cleanup_sysv_msgqueue " + "with msqlabel:", + strlen("mac_test_cleanup_sysv_msgqueue with msqlabel:")); + MACTEST_PIPE_SUBMIT_LABEL(vnode, msqlabel); LABEL_CHECK(msqlabel, MAGIC_SYSV_MSQ); COUNTER_INC(cleanup_sysv_msgqueue); } @@ -1344,6 +1418,10 @@ mac_test_cleanup_sysv_sem(struct label *semalabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_cleanup_sysv_sem " + "with semalabel:", + strlen("mac_test_cleanup_sysv_sem with semalabel:")); + MACTEST_PIPE_SUBMIT_LABEL(vnode, semalabel); LABEL_CHECK(semalabel, MAGIC_SYSV_SEM); COUNTER_INC(cleanup_sysv_sem); } @@ -1353,6 +1431,10 @@ mac_test_cleanup_sysv_shm(struct label *shmlabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_cleanup_sysv_shm " + "with shmlabel:", + strlen("mac_test_cleanup_sysv_shm with shmlabel:")); + MACTEST_PIPE_SUBMIT_LABEL(vnode, shmlabel); LABEL_CHECK(shmlabel, MAGIC_SYSV_SHM); COUNTER_INC(cleanup_sysv_shm); } @@ -1366,6 +1448,10 @@ struct ifnet *ifnet, struct label *ifnetlabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_bpfdesc_receive " + "with bpflabel and ifnetlabel:", + strlen("mac_test_check_bpfdesc_receive with bpflabel and ifnetlabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(socket, bpflabel, ifnet, ifnetlabel); LABEL_CHECK(bpflabel, MAGIC_BPF); LABEL_CHECK(ifnetlabel, MAGIC_IFNET); COUNTER_INC(check_bpfdesc_receive); @@ -1378,6 +1464,10 @@ mac_test_check_cred_relabel(struct ucred *cred, struct label *newlabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_cred_relabel " + "with cr_label and newlabel:", + strlen("mac_test_check_cred_relabel with cr_label and newlabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, cred, newlabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(newlabel, MAGIC_CRED); COUNTER_INC(check_cred_relabel); @@ -1390,6 +1480,11 @@ mac_test_check_cred_visible(struct ucred *u1, struct ucred *u2) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_cred_visible " + "with u1 cr_label and u2 cr_label:", + strlen("mac_test_check_cred_visible " + "with u1 cr_label and u2 cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, u1->cr_label, cred, u2->cr_label); LABEL_CHECK(u1->cr_label, MAGIC_CRED); LABEL_CHECK(u2->cr_label, MAGIC_CRED); COUNTER_INC(check_cred_visible); @@ -1403,6 +1498,12 @@ struct label *ifnetlabel, struct label *newlabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_ifnet_relabel " + "with cr_label, ifnetlabel and newlabel:", + strlen("mac_test_check_ifnet_relabel " + "with cr_label, ifnetlabel and newlabel:")); + MACTEST_PIPE_SUBMIT_LABEL3(cred, cred->cr_label, ifnet, ifnetlabel, + ifnet, newlabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(ifnetlabel, MAGIC_IFNET); LABEL_CHECK(newlabel, MAGIC_IFNET); @@ -1417,6 +1518,11 @@ struct mbuf *m, struct label *mbuflabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_ifnet_transmit " + "with ifnetlabel and mbuflabel:", + strlen("mac_test_check_ifnet_transmit " + "with ifnetlabel and mbuflabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(ifnet, ifnetlabel, vnode, mbuflabel); LABEL_CHECK(ifnetlabel, MAGIC_IFNET); LABEL_CHECK(mbuflabel, MAGIC_MBUF); COUNTER_INC(check_ifnet_transmit); @@ -1430,6 +1536,11 @@ struct mbuf *m, struct label *mlabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_inpcb_deliver " + "with inplabel and mlabel:", + strlen("mac_test_check_inpcb_deliver " + "with inplabel and mlabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(ifnet, inplabel, vnode, mlabel); LABEL_CHECK(inplabel, MAGIC_INPCB); LABEL_CHECK(mlabel, MAGIC_MBUF); COUNTER_INC(check_inpcb_deliver); @@ -1444,6 +1555,12 @@ struct label *msqklabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_sysv_msgmsq " + "with cr_label, msglabel and msqklabel:", + strlen("mac_test_check_sysv_msgmsq " + "with cr_label, msglabel and msqklabel:")); + MACTEST_PIPE_SUBMIT_LABEL3(cred, cred->cr_label, vnode, msqklabel, + vnode, msglabel); LABEL_CHECK(msqklabel, MAGIC_SYSV_MSQ); LABEL_CHECK(msglabel, MAGIC_SYSV_MSG); LABEL_CHECK(cred->cr_label, MAGIC_CRED); @@ -1458,6 +1575,11 @@ struct label *msglabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_sysv_msgrcv " + "with cr_label and msglabel:", + strlen("mac_test_check_sysv_msgrcv " + "with cr_label and msglabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, msglabel); LABEL_CHECK(msglabel, MAGIC_SYSV_MSG); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_sysv_msgrcv); @@ -1471,6 +1593,11 @@ struct label *msglabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_sysv_msgrmid " + "with cr_label and msglabel:", + strlen("mac_test_check_sysv_msgrmid " + "with cr_label and msglabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, msglabel); LABEL_CHECK(msglabel, MAGIC_SYSV_MSG); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_sysv_msgrmid); @@ -1484,6 +1611,11 @@ struct label *msqklabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_sysv_msqget " + "with cr_label and msqklabel:", + strlen("mac_test_check_sysv_msqget " + "with cr_label and msqklabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, msqklabel); LABEL_CHECK(msqklabel, MAGIC_SYSV_MSQ); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_sysv_msqget); @@ -1497,6 +1629,11 @@ struct label *msqklabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_sysv_msqsnd " + "with cr_label and msqklabel:", + strlen("mac_test_check_sysv_msqsnd " + "with cr_label and msqklabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, msqklabel); LABEL_CHECK(msqklabel, MAGIC_SYSV_MSQ); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_sysv_msqsnd); @@ -1510,6 +1647,11 @@ struct label *msqklabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_sysv_msqrcv " + "with cr_label and msqklabel:", + strlen("mac_test_check_sysv_msqrcv " + "with cr_label and msqklabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, msqklabel); LABEL_CHECK(msqklabel, MAGIC_SYSV_MSQ); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_sysv_msqrcv); @@ -1523,6 +1665,11 @@ struct label *msqklabel, int cmd) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_sysv_msqctl " + "with cr_label and msqklabel:", + strlen("mac_test_check_sysv_msqctl " + "with cr_label and msqklabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, msqklabel); LABEL_CHECK(msqklabel, MAGIC_SYSV_MSQ); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_sysv_msqctl); @@ -1536,6 +1683,60 @@ struct label *semaklabel, int cmd) { + char * submitstring = NULL; + char cmdstring[10]; + + submitstring = malloc(256, M_MACTEST_PIPE, M_NOWAIT); + + if (submitstring){ + bzero(submitstring, 256); + bzero(cmdstring, 10); + + switch(cmd) { + case IPC_RMID: + strcpy(cmdstring,"IPC_RMID"); + break; + case IPC_SET: + strcpy(cmdstring,"IPC_SET"); + break; + case SETVAL: + strcpy(cmdstring,"SETVAL"); + break; + case SETALL: + strcpy(cmdstring,"SETALL"); + break; + case IPC_STAT: + strcpy(cmdstring,"IPC_STAT"); + break; + case GETVAL: + strcpy(cmdstring,"GETALL"); + break; + case GETPID: + strcpy(cmdstring,"GETPID"); + break; + case GETNCNT: + strcpy(cmdstring,"GETNCNT"); + break; + case GETZCNT: + strcpy(cmdstring,"GETZCNT"); + break; + case GETALL: + strcpy(cmdstring,"GETALL"); + break; + default: + strcpy(cmdstring,"NULL"); + break; + } + + sprintf(submitstring, "mac_test_check_sysv_semctl " + "with access type and cr_label and semaklabel:%s:", + cmdstring); + MACTEST_PIPE_SUBMIT_WITHPID(submitstring, + strlen(submitstring)); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, semaklabel); + free(submitstring, M_MACTEST_PIPE); + } + LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(semaklabel, MAGIC_SYSV_SEM); COUNTER_INC(check_sysv_semctl); @@ -1549,6 +1750,11 @@ struct label *semaklabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_sysv_semget " + "with cr_label and semaklabel:", + strlen("mac_test_check_sysv_semget " + "with cr_label and semaklabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, semaklabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(semaklabel, MAGIC_SYSV_SEM); COUNTER_INC(check_sysv_semget); @@ -1562,6 +1768,19 @@ struct label *semaklabel, size_t accesstype) { + char * submitstring = NULL; + submitstring = malloc(256, M_MACTEST_PIPE, M_NOWAIT); + bzero(submitstring, 256); + if (submitstring){ + sprintf(submitstring, "mac_test_check_sysv_semop " + "with access type and cr_label and semaklabel:%s:", + accesstype&SEM_R? (accesstype&SEM_A? "SEM_AR": "SEM_R"): + (accesstype&SEM_A? "SEM_A": "NULL")); + MACTEST_PIPE_SUBMIT_WITHPID(submitstring, + strlen(submitstring)); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, semaklabel); + free(submitstring, M_MACTEST_PIPE); + } LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(semaklabel, MAGIC_SYSV_SEM); COUNTER_INC(check_sysv_semop);