From owner-p4-projects@FreeBSD.ORG Wed Aug 30 20:33:51 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id EA49816A4E1; Wed, 30 Aug 2006 20:33:50 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B0E6A16A4DA for ; Wed, 30 Aug 2006 20:33:50 +0000 (UTC) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 60B3443D45 for ; Wed, 30 Aug 2006 20:33:50 +0000 (GMT) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k7UKXoNj023184 for ; Wed, 30 Aug 2006 20:33:50 GMT (envelope-from millert@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k7UKXoQH023181 for perforce@freebsd.org; Wed, 30 Aug 2006 20:33:50 GMT (envelope-from millert@freebsd.org) Date: Wed, 30 Aug 2006 20:33:50 GMT Message-Id: <200608302033.k7UKXoQH023181@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to millert@freebsd.org using -f From: Todd Miller To: Perforce Change Reviews Cc: Subject: PERFORCE change 105353 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Aug 2006 20:33:51 -0000 http://perforce.freebsd.org/chv.cgi?CH=105353 Change 105353 by millert@millert_g4tower on 2006/08/30 20:33:21 Use proc_ucred() instead of peeking inside struct proc directly. Affected files ... .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#8 edit .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd_syscall.c#3 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#8 (text+ko) ==== @@ -270,7 +270,7 @@ struct task_security_struct *task, *target; task = SLOT(cred->cr_label); - target = SLOT(proc->p_ucred->cr_label); + target = SLOT(proc_ucred(proc)->cr_label); return (avc_has_perm(task->sid, target->sid, SECCLASS_PROCESS, perm, NULL)); @@ -1658,7 +1658,7 @@ case LCID_REMOVE: /* Orphan */ /* loginwindow.app/MAC.loginPlugin orphaned process. */ - dst = SLOT(p->p_ucred->cr_label); + dst = SLOT(proc_ucred(p)->cr_label); if (dst->sid != dst->osid) { /* * TBD: Need to flush any open files that are now @@ -1676,8 +1676,8 @@ default: /* Adopt */ /* loginwindow.app/MAC.loginPlugin adopted process. */ - src = SLOT(p0->p_ucred->cr_label); - dst = SLOT(p->p_ucred->cr_label); + src = SLOT(proc_ucred(p0)->cr_label); + dst = SLOT(proc_ucred(p)->cr_label); if (src->sid != dst->sid) { /* ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd_syscall.c#3 (text+ko) ==== @@ -60,7 +60,7 @@ void *kdata; int rc; - rc = cred_has_security(p->p_ucred, SECURITY__LOAD_POLICY); + rc = cred_has_security(proc_ucred(p), SECURITY__LOAD_POLICY); if (rc) return (rc); @@ -81,7 +81,7 @@ void *kdata; int rc; - rc = cred_has_security(p->p_ucred, SECURITY__LOAD_POLICY); + rc = cred_has_security(proc_ucred(p), SECURITY__LOAD_POLICY); if (rc) return (rc); @@ -165,7 +165,7 @@ { char *str; - error = cred_has_security(p->p_ucred, SECURITY__SETBOOL); + error = cred_has_security(proc_ucred(p), SECURITY__SETBOOL); if (error) return (error); @@ -186,7 +186,7 @@ } case SEBSDCALL_COMMIT_BOOLS: - error = cred_has_security(p->p_ucred, SECURITY__SETBOOL); + error = cred_has_security(proc_ucred(p), SECURITY__SETBOOL); if (error) return (error); return (security_commit_pending_bools());