From owner-p4-projects@FreeBSD.ORG Tue Jun 19 09:41:28 2007 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 6962116A46B; Tue, 19 Jun 2007 09:41:28 +0000 (UTC) X-Original-To: perforce@FreeBSD.org Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 138EC16A469 for ; Tue, 19 Jun 2007 09:41:28 +0000 (UTC) (envelope-from zhouzhouyi@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41]) by mx1.freebsd.org (Postfix) with ESMTP id 059B113C46C for ; Tue, 19 Jun 2007 09:41:28 +0000 (UTC) (envelope-from zhouzhouyi@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.8/8.13.8) with ESMTP id l5J9fRgG069357 for ; Tue, 19 Jun 2007 09:41:27 GMT (envelope-from zhouzhouyi@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.8/8.13.8/Submit) id l5J9fRcS069351 for perforce@freebsd.org; Tue, 19 Jun 2007 09:41:27 GMT (envelope-from zhouzhouyi@FreeBSD.org) Date: Tue, 19 Jun 2007 09:41:27 GMT Message-Id: <200706190941.l5J9fRcS069351@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to zhouzhouyi@FreeBSD.org using -f From: Zhouyi ZHOU To: Perforce Change Reviews Cc: Subject: PERFORCE change 121963 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Jun 2007 09:41:28 -0000 http://perforce.freebsd.org/chv.cgi?CH=121963 Change 121963 by zhouzhouyi@zhouzhouyi_mactest on 2007/06/19 09:40:26 Finish all the mac_test hooks for pipe, editing mac_test.c mac_test_private.h to settle concurrency problems Affected files ... .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test.c#9 edit .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test_private.h#6 edit Differences ... ==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test.c#9 (text+ko) ==== @@ -163,6 +163,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_bpfdesc_label\n", strlen("mac_test_init_bpfdesc_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_INIT(label, MAGIC_BPF); COUNTER_INC(init_bpfdesc_label); } @@ -173,6 +174,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_cred_label\n", strlen("mac_test_init_cred_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_INIT(label, MAGIC_CRED); COUNTER_INC(init_cred_label); } @@ -183,6 +185,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_devfs_label\n", strlen("mac_test_init_devfs_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_INIT(label, MAGIC_DEVFS); COUNTER_INC(init_devfs_label); } @@ -199,6 +202,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_ifnet_label\n", strlen("mac_test_init_ifnet_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_INIT(label, MAGIC_IFNET); COUNTER_INC(init_ifnet_label); } @@ -209,6 +213,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_inpcb_label\n", strlen("mac_test_init_inpcb_label\n")); + MACTEST_PIPE_DO_SUBMIT; if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, "mac_test_init_inpcb_label() at %s:%d", __FILE__, @@ -225,6 +230,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_sysv_msgmsg_label\n", strlen("mac_test_init_sysv_msgmsg_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_INIT(label, MAGIC_SYSV_MSG); COUNTER_INC(init_sysv_msg_label); } @@ -235,6 +241,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_sysv_msgqueue_label\n", strlen("mac_test_init_sysv_msgqueue_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_INIT(label, MAGIC_SYSV_MSQ); COUNTER_INC(init_sysv_msq_label); } @@ -245,6 +252,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_sysv_sem_label\n", strlen("mac_test_init_sysv_sem_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_INIT(label, MAGIC_SYSV_SEM); COUNTER_INC(init_sysv_sem_label); } @@ -255,6 +263,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_sysv_shm_label\n", strlen("mac_test_init_sysv_shm_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_INIT(label, MAGIC_SYSV_SHM); COUNTER_INC(init_sysv_shm_label); } @@ -265,6 +274,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_ipq_label\n", strlen("mac_test_init_ipq_label\n")); + MACTEST_PIPE_DO_SUBMIT; if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, "mac_test_init_ipq_label() at %s:%d", __FILE__, @@ -281,6 +291,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_mbuf_label\n", strlen("mac_test_init_mbuf_label\n")); + MACTEST_PIPE_DO_SUBMIT; if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, "mac_test_init_mbuf_label() at %s:%d", __FILE__, @@ -297,6 +308,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_mount_label\n", strlen("mac_test_init_mount_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_INIT(label, MAGIC_MOUNT); COUNTER_INC(init_mount_label); } @@ -308,6 +320,7 @@ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_socket_label\n", strlen("mac_test_init_socket_label\n")); + MACTEST_PIPE_DO_SUBMIT; if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, "mac_test_init_socket_label() at %s:%d", __FILE__, @@ -324,6 +337,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_socket_peer_label\n", strlen("mac_test_init_socket_peer_label\n")); + MACTEST_PIPE_DO_SUBMIT; if (flag & M_WAITOK) WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, "mac_test_init_socket_peer_label() at %s:%d", __FILE__, @@ -340,6 +354,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_pipe_label\n", strlen("mac_test_init_pipe_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_INIT(label, MAGIC_PIPE); COUNTER_INC(init_pipe_label); } @@ -350,6 +365,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_posix_sem_label\n", strlen("mac_test_init_posix_sem_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_INIT(label, MAGIC_POSIX_SEM); COUNTER_INC(init_posix_sem_label); } @@ -360,6 +376,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_proc_label\n", strlen("mac_test_init_proc_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_INIT(label, MAGIC_PROC); COUNTER_INC(init_proc_label); } @@ -370,6 +387,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_vnode_label\n", strlen("mac_test_init_vnode_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_INIT(label, MAGIC_VNODE); COUNTER_INC(init_vnode_label); } @@ -380,6 +398,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_bpfdesc_label\n", strlen("mac_test_destroy_bpfdesc_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_BPF); COUNTER_INC(destroy_bpfdesc_label); } @@ -390,6 +409,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_cred_label\n", strlen("mac_test_destroy_cred_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_CRED); COUNTER_INC(destroy_cred_label); } @@ -400,6 +420,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_devfs_label\n", strlen("mac_test_destroy_devfs_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_DEVFS); COUNTER_INC(destroy_devfs_label); } @@ -410,6 +431,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_ifnet_label\n", strlen("mac_test_destroy_ifnet_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_IFNET); COUNTER_INC(destroy_ifnet_label); } @@ -420,6 +442,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_inpcb_label\n", strlen("mac_test_destroy_inpcb_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_INPCB); COUNTER_INC(destroy_inpcb_label); } @@ -430,6 +453,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_sysv_msgmsg_label\n", strlen("mac_test_destroy_sysv_msgmsg__label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_SYSV_MSG); COUNTER_INC(destroy_sysv_msg_label); } @@ -440,6 +464,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_sysv_msgqueue_label\n", strlen("mac_test_destroy_sysv_msgqueue_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_SYSV_MSQ); COUNTER_INC(destroy_sysv_msq_label); } @@ -450,6 +475,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_sysv_sem_label\n", strlen("mac_test_destroy_sysv_sem_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_SYSV_SEM); COUNTER_INC(destroy_sysv_sem_label); } @@ -460,6 +486,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_sysv_shm_label\n", strlen("mac_test_destroy_sysv_shm_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_SYSV_SHM); COUNTER_INC(destroy_sysv_shm_label); } @@ -470,6 +497,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_ipq_label\n", strlen("mac_test_destroy_ipq_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_IPQ); COUNTER_INC(destroy_ipq_label); } @@ -480,6 +508,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_mbuf_label\n", strlen("mac_test_destroy_mbuf_label\n")); + MACTEST_PIPE_DO_SUBMIT; /* * If we're loaded dynamically, there may be mbufs in flight that * didn't have label storage allocated for them. Handle this @@ -498,6 +527,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_mount_label\n", strlen("mac_test_destroy_mount_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_MOUNT); COUNTER_INC(destroy_mount_label); } @@ -508,6 +538,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_socket_label\n", strlen("mac_test_destroy_socket_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_SOCKET); COUNTER_INC(destroy_socket_label); } @@ -518,6 +549,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_socket_peer_label\n", strlen("mac_test_destroy_socket_peer_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_SOCKET); COUNTER_INC(destroy_socket_peer_label); } @@ -528,6 +560,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_pipe_label\n", strlen("mac_test_destroy_pipe_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_PIPE); COUNTER_INC(destroy_pipe_label); } @@ -538,6 +571,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_posix_sem_label\n", strlen("mac_test_destroy_posix_sem_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_POSIX_SEM); COUNTER_INC(destroy_posix_sem_label); } @@ -548,6 +582,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_proc_label\n", strlen("mac_test_destroy_proc_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_PROC); COUNTER_INC(destroy_proc_label); } @@ -558,6 +593,7 @@ { MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_vnode_label\n", strlen("mac_test_destroy_vnode_label\n")); + MACTEST_PIPE_DO_SUBMIT; LABEL_DESTROY(label, MAGIC_VNODE); COUNTER_INC(destroy_vnode_label); } @@ -1301,9 +1337,8 @@ "with old cr_label, new cr_label, filelabel, interpvplabel and execlabel", strlen("mac_test_execve_transition " "with old cr_label, new cr_label, filelabel, interpvplabel and execlabel")); - MACTEST_PIPE_SUBMIT_LABEL4(cred, old->cr_label, cred, new->cr_label, - vnode, filelabel, vnode, interpvplabel); - MACTEST_PIPE_SUBMIT_LABEL(vnode, execlabel); + MACTEST_PIPE_SUBMIT_LABEL5(cred, old->cr_label, cred, new->cr_label, + vnode, filelabel, vnode, interpvplabel, vnode, execlabel); LABEL_CHECK(old->cr_label, MAGIC_CRED); LABEL_CHECK(new->cr_label, MAGIC_CRED); LABEL_CHECK(filelabel, MAGIC_VNODE); @@ -1381,6 +1416,7 @@ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_thread_userret\n", strlen("mac_test_thread_userret\n")); + MACTEST_PIPE_DO_SUBMIT; COUNTER_INC(thread_userret); } @@ -1729,7 +1765,7 @@ } sprintf(submitstring, "mac_test_check_sysv_semctl " - "with access type and cr_label and semaklabel:%s:", + "with cmd and cr_label and semaklabel:%s:", cmdstring); MACTEST_PIPE_SUBMIT_WITHPID(submitstring, strlen(submitstring)); @@ -1794,6 +1830,18 @@ struct label *shmseglabel, int shmflg) { + char * submitstring = NULL; + submitstring = malloc(256, M_MACTEST_PIPE, M_NOWAIT); + bzero(submitstring, 256); + if (submitstring){ + sprintf(submitstring, "mac_test_check_sysv_shmat " + "with shmflg and cr_label and shmseglabel:%s:", + (shmflg & SHM_RDONLY)? "SHM_RDONLY" : "SHM_RND"); + MACTEST_PIPE_SUBMIT_WITHPID(submitstring, + strlen(submitstring)); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, shmseglabel); + free(submitstring, M_MACTEST_PIPE); + } LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(shmseglabel, MAGIC_SYSV_SHM); COUNTER_INC(check_sysv_shmat); @@ -1807,6 +1855,41 @@ struct label *shmseglabel, int cmd) { + char * submitstring = NULL; + char cmdstring[10]; + + submitstring = malloc(256, M_MACTEST_PIPE, M_NOWAIT); + + if (submitstring){ + bzero(submitstring, 256); + bzero(cmdstring, 10); + + switch(cmd) { + case IPC_RMID: + strcpy(cmdstring,"IPC_RMID"); + break; + case IPC_SET: + strcpy(cmdstring,"IPC_SET"); + break; + case IPC_STAT: + strcpy(cmdstring,"IPC_STAT"); + break; + case SHM_STAT: + strcpy(cmdstring,"SHM_STAT"); + break; + default: + strcpy(cmdstring,"NULL"); + break; + } + + sprintf(submitstring, "mac_test_check_sysv_shmctl " + "with cmd and cr_label and shmseglabel:%s:", + cmdstring); + MACTEST_PIPE_SUBMIT_WITHPID(submitstring, + strlen(submitstring)); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, shmseglabel); + free(submitstring, M_MACTEST_PIPE); + } LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(shmseglabel, MAGIC_SYSV_SHM); COUNTER_INC(check_sysv_shmctl); @@ -1820,6 +1903,11 @@ struct label *shmseglabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_sysv_shmdt " + "with cr_label and shmseglabel:", + strlen("mac_test_check_sysv_shmdt " + "with cr_label and shmseglabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, shmseglabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(shmseglabel, MAGIC_SYSV_SHM); COUNTER_INC(check_sysv_shmdt); @@ -1833,6 +1921,11 @@ struct label *shmseglabel, int shmflg) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_sysv_shmget " + "with cr_label and shmseglabel:", + strlen("mac_test_check_sysv_shmget " + "with cr_label and shmseglabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, shmseglabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(shmseglabel, MAGIC_SYSV_SHM); COUNTER_INC(check_sysv_shmget); @@ -1845,6 +1938,11 @@ mac_test_check_kenv_dump(struct ucred *cred) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_kenv_dump " + "with cr_label:", + strlen("mac_test_check_kenv_dump " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_kenv_dump); @@ -1856,6 +1954,11 @@ mac_test_check_kenv_get(struct ucred *cred, char *name) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_kenv_get " + "with cr_label:", + strlen("mac_test_check_kenv_get " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_kenv_get); @@ -1867,6 +1970,11 @@ mac_test_check_kenv_set(struct ucred *cred, char *name, char *value) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_kenv_set " + "with cr_label:", + strlen("mac_test_check_kenv_set " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_kenv_set); @@ -1878,6 +1986,11 @@ mac_test_check_kenv_unset(struct ucred *cred, char *name) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_kenv_unset " + "with cr_label:", + strlen("mac_test_check_kenv_unset " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_kenv_unset); @@ -1890,6 +2003,11 @@ struct label *label) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_kld_load " + "with cr_label and vp label:", + strlen("mac_test_check_kld_load " + "with cr_label and vp label:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(label, MAGIC_VNODE); COUNTER_INC(check_kld_load); @@ -1902,6 +2020,11 @@ mac_test_check_kld_stat(struct ucred *cred) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_kld_stat " + "with cr_label:", + strlen("mac_test_check_kld_stat " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_kld_stat); @@ -1914,6 +2037,11 @@ struct label *mplabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_mount_stat " + "with cr_label and mplabel:", + strlen("mac_test_check_mount_stat " + "with cr_label and mplabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, mplabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(mplabel, MAGIC_MOUNT); COUNTER_INC(check_mount_stat); @@ -1927,6 +2055,11 @@ struct label *pipelabel, unsigned long cmd, void /* caddr_t */ *data) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_pipe_ioctl " + "with cr_label and pipelabel:", + strlen("mac_test_check_pipe_ioctl " + "with cr_label and pipelabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, pipe, pipelabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); COUNTER_INC(check_pipe_ioctl); @@ -1940,6 +2073,11 @@ struct label *pipelabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_pipe_poll " + "with cr_label and pipelabel:", + strlen("mac_test_check_pipe_poll " + "with cr_label and pipelabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, pipe, pipelabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); COUNTER_INC(check_pipe_poll); @@ -1953,6 +2091,11 @@ struct label *pipelabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_pipe_read " + "with cr_label and pipelabel:", + strlen("mac_test_check_pipe_read " + "with cr_label and pipelabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, pipe, pipelabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); COUNTER_INC(check_pipe_read); @@ -1966,6 +2109,12 @@ struct label *pipelabel, struct label *newlabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_pipe_relabel " + "with cr_label pipelabel and newlabel:", + strlen("mac_test_check_pipe_relabel " + "with cr_label pipelabel and newlabel:")); + MACTEST_PIPE_SUBMIT_LABEL3(cred, cred->cr_label, pipe, pipelabel, + pipe, newlabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); LABEL_CHECK(newlabel, MAGIC_PIPE); @@ -1980,6 +2129,11 @@ struct label *pipelabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_pipe_stat " + "with cr_label and pipelabel:", + strlen("mac_test_check_pipe_stat " + "with cr_label and pipelabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, pipe, pipelabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); COUNTER_INC(check_pipe_stat); @@ -1993,6 +2147,11 @@ struct label *pipelabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_pipe_write " + "with cr_label and pipelabel:", + strlen("mac_test_check_pipe_write " + "with cr_label and pipelabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, pipe, pipelabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(pipelabel, MAGIC_PIPE); COUNTER_INC(check_pipe_write); @@ -2006,6 +2165,11 @@ struct label *ks_label) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_posix_sem " + "with cr_label and ks_label:", + strlen("mac_test_check_posix_sem " + "with cr_label and ks_label:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, ks_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(ks_label, MAGIC_POSIX_SEM); COUNTER_INC(check_posix_sem); @@ -2018,6 +2182,11 @@ mac_test_check_proc_debug(struct ucred *cred, struct proc *p) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_debug " + "with cr_label:", + strlen("mac_test_check_proc_debug " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_debug); @@ -2030,6 +2199,11 @@ mac_test_check_proc_sched(struct ucred *cred, struct proc *p) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_sched " + "with cr_label:", + strlen("mac_test_check_proc_sched " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_sched); @@ -2042,6 +2216,11 @@ mac_test_check_proc_signal(struct ucred *cred, struct proc *p, int signum) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_signal " + "with cr_label and proc label:", + strlen("mac_test_check_proc_signal " + "with cr_label and proc label:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, cred, p->p_ucred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_signal); @@ -2054,6 +2233,11 @@ mac_test_check_proc_setaudit(struct ucred *cred, struct auditinfo *ai) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_setaudit " + "with cr_label:", + strlen("mac_test_check_proc_setaudit " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_setaudit); @@ -2065,6 +2249,11 @@ mac_test_check_proc_setauid(struct ucred *cred, uid_t auid) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_setauid " + "with cr_label:", + strlen("mac_test_check_proc_setauid " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_setauid); @@ -2076,6 +2265,11 @@ mac_test_check_proc_setuid(struct ucred *cred, uid_t uid) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_setuid " + "with cr_label:", + strlen("mac_test_check_proc_setuid " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_setuid); @@ -2087,6 +2281,11 @@ mac_test_check_proc_seteuid(struct ucred *cred, uid_t euid) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_seteuid " + "with cr_label:", + strlen("mac_test_check_proc_seteuid " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_euid); @@ -2098,6 +2297,11 @@ mac_test_check_proc_setgid(struct ucred *cred, gid_t gid) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_setgid " + "with cr_label:", + strlen("mac_test_check_proc_setgid " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_setgid); @@ -2109,6 +2313,11 @@ mac_test_check_proc_setegid(struct ucred *cred, gid_t egid) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_setegid " + "with cr_label:", + strlen("mac_test_check_proc_setegid " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_setegid); @@ -2121,6 +2330,11 @@ gid_t *gidset) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_setgroups " + "with cr_label:", + strlen("mac_test_check_proc_setgroups " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_setgroups); @@ -2132,6 +2346,11 @@ mac_test_check_proc_setreuid(struct ucred *cred, uid_t ruid, uid_t euid) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_setreuid " + "with cr_label:", + strlen("mac_test_check_proc_setreuid " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_setreuid); @@ -2143,6 +2362,11 @@ mac_test_check_proc_setregid(struct ucred *cred, gid_t rgid, gid_t egid) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_setregid " + "with cr_label:", + strlen("mac_test_check_proc_setregid " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_setregid); @@ -2155,6 +2379,11 @@ uid_t suid) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_setresuid " + "with cr_label:", + strlen("mac_test_check_proc_setresuid " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_setresuid); @@ -2167,6 +2396,11 @@ gid_t sgid) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_setresgid " + "with cr_label:", + strlen("mac_test_check_proc_setresgid " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_setresgid); @@ -2178,6 +2412,11 @@ mac_test_check_proc_wait(struct ucred *cred, struct proc *p) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_proc_wait " + "with cr_label and proc label:", + strlen("mac_test_check_proc_wait " + "with cr_label and proc label:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, cred, p->p_ucred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED); COUNTER_INC(check_proc_wait); @@ -2191,6 +2430,11 @@ struct label *solabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_socket_accept " + "with cr_label and solabel:", + strlen("mac_test_check_socket_accept " + "with cr_label and solabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, socket, solabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); COUNTER_INC(check_socket_accept); @@ -2204,6 +2448,11 @@ struct label *solabel, struct sockaddr *sa) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_socket_bind " + "with cr_label and solabel:", + strlen("mac_test_check_socket_bind " + "with cr_label and solabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, socket, solabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); COUNTER_INC(check_socket_bind); @@ -2217,6 +2466,11 @@ struct label *solabel, struct sockaddr *sa) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_socket_connect " + "with cr_label and solabel:", + strlen("mac_test_check_socket_connect " + "with cr_label and solabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, socket, solabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); COUNTER_INC(check_socket_connect); @@ -2230,6 +2484,11 @@ struct mbuf *m, struct label *mlabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_socket_deliver " + "with solabel and mlabel:", + strlen("mac_test_check_socket_deliver " + "with solabel and mlabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(socket, solabel, vnode, mlabel); LABEL_CHECK(solabel, MAGIC_SOCKET); LABEL_CHECK(mlabel, MAGIC_MBUF); COUNTER_INC(check_socket_deliver); @@ -2243,6 +2502,11 @@ struct label *solabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_socket_listen " + "with cr_label and solabel:", + strlen("mac_test_check_socket_listen " + "with cr_label and solabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, socket, solabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); COUNTER_INC(check_socket_listen); @@ -2256,6 +2520,11 @@ struct label *solabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_socket_poll " + "with cr_label and solabel:", + strlen("mac_test_check_socket_poll " + "with cr_label and solabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, socket, solabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); COUNTER_INC(check_socket_poll); @@ -2269,6 +2538,11 @@ struct label *solabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_socket_receive " + "with cr_label and solabel:", + strlen("mac_test_check_socket_receive " + "with cr_label and solabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, socket, solabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); COUNTER_INC(check_socket_receive); @@ -2282,6 +2556,12 @@ struct label *solabel, struct label *newlabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_socket_relabel " + "with cr_label solabel and newlabel:", + strlen("mac_test_check_socket_relabel " + "with cr_label solabel and newlabel:")); + MACTEST_PIPE_SUBMIT_LABEL3(cred, cred->cr_label, socket, solabel, + socket, newlabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); LABEL_CHECK(newlabel, MAGIC_SOCKET); @@ -2296,6 +2576,11 @@ struct label *solabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_socket_send " + "with cr_label and solabel:", + strlen("mac_test_check_socket_send " + "with cr_label and solabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, socket, solabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); COUNTER_INC(check_socket_send); @@ -2309,6 +2594,11 @@ struct label *solabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_socket_stat " + "with cr_label and solabel:", + strlen("mac_test_check_socket_stat " + "with cr_label and solabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, socket, solabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); COUNTER_INC(check_socket_stat); @@ -2322,6 +2612,11 @@ struct label *solabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_socket_visible " + "with cr_label and solabel:", + strlen("mac_test_check_socket_visible " + "with cr_label and solabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, socket, solabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(solabel, MAGIC_SOCKET); COUNTER_INC(check_socket_visible); @@ -2335,6 +2630,11 @@ struct label *vplabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_system_acct " + "with cr_label and vplabel:", + strlen("mac_test_check_system_acct " + "with cr_label and vplabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, vplabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); COUNTER_INC(check_system_acct); @@ -2347,6 +2647,11 @@ mac_test_check_system_audit(struct ucred *cred, void *record, int length) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_system_audit " + "with cr_label:", + strlen("mac_test_check_system_audit " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_system_audit); @@ -2359,6 +2664,11 @@ struct label *vplabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_system_auditctl " + "with cr_label and vplabel:", + strlen("mac_test_check_system_auditctl " + "with cr_label and vplabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, vplabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); COUNTER_INC(check_system_auditctl); @@ -2371,6 +2681,11 @@ mac_test_check_system_auditon(struct ucred *cred, int cmd) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_system_auditon " + "with cr_label:", + strlen("mac_test_check_system_auditon " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_system_auditon); @@ -2382,6 +2697,11 @@ mac_test_check_system_reboot(struct ucred *cred, int how) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_system_reboot " + "with cr_label:", + strlen("mac_test_check_system_reboot " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_system_reboot); @@ -2394,6 +2714,11 @@ struct label *vplabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_system_swapoff " + "with cr_label and vplabel:", + strlen("mac_test_check_system_swapoff " + "with cr_label and vplabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, vplabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); COUNTER_INC(check_system_swapoff); @@ -2407,6 +2732,11 @@ struct label *vplabel) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_system_swapon " + "with cr_label and vplabel:", + strlen("mac_test_check_system_swapon " + "with cr_label and vplabel:")); + MACTEST_PIPE_SUBMIT_LABEL2(cred, cred->cr_label, vnode, vplabel); LABEL_CHECK(cred->cr_label, MAGIC_CRED); LABEL_CHECK(vplabel, MAGIC_VNODE); COUNTER_INC(check_system_swapon); @@ -2420,6 +2750,11 @@ void *arg1, int arg2, struct sysctl_req *req) { + MACTEST_PIPE_SUBMIT_WITHPID("mac_test_check_system_sysctl " + "with cr_label:", + strlen("mac_test_check_system_sysctl " + "with cr_label:")); + MACTEST_PIPE_SUBMIT_LABEL(cred, cred->cr_label); LABEL_CHECK(cred->cr_label, MAGIC_CRED); COUNTER_INC(check_system_sysctl); @@ -2432,6 +2767,54 @@ struct label *vplabel, int acc_mode) { + if (vplabel != NULL && SLOT(vplabel) != MAGIC_MACTESTPIPE){ + char * submitstring = NULL; >>> TRUNCATED FOR MAIL (1000 lines) <<<