From owner-p4-projects Wed Sep 18 15:55: 8 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 4BCD037B404; Wed, 18 Sep 2002 15:55:03 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EDDCA37B401 for ; Wed, 18 Sep 2002 15:55:02 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 693FA43E6A for ; Wed, 18 Sep 2002 15:55:02 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from freefall.freebsd.org (perforce@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g8IMt2Co098154 for ; Wed, 18 Sep 2002 15:55:02 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g8IMt1D3098150 for perforce@freebsd.org; Wed, 18 Sep 2002 15:55:01 -0700 (PDT) Date: Wed, 18 Sep 2002 15:55:01 -0700 (PDT) Message-Id: <200209182255.g8IMt1D3098150@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 17680 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=17680 Change 17680 by rwatson@rwatson_paprika on 2002/09/18 15:54:13 In an attempt to improve naming consistency, rename mac_pre_syscall_return(void) to mac_thread_userret(td). While I'm here, add prototypes to mac_none and mac_test, which are intended to implement all available entry points with stubs. Affected files ... .. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#269 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#6 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#74 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#45 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac.h#161 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#125 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#269 (text+ko) ==== @@ -760,12 +760,12 @@ case MAC_CREATE_PROC1: mpc->mpc_ops->mpo_create_proc1 = mpe->mpe_function; break; - case MAC_PRE_SYSCALL_RETURN: - mpc->mpc_ops->mpo_pre_syscall_return = + case MAC_RELABEL_CRED: + mpc->mpc_ops->mpo_relabel_cred = mpe->mpe_function; break; - case MAC_RELABEL_CRED: - mpc->mpc_ops->mpo_relabel_cred = + case MAC_THREAD_USERRET: + mpc->mpc_ops->mpo_thread_userret = mpe->mpe_function; break; case MAC_CHECK_BPFDESC_RECEIVE: @@ -1696,10 +1696,10 @@ } void -mac_pre_syscall_return(void) +mac_thread_userret(struct thread *td) { - MAC_PERFORM(pre_syscall_return); + MAC_PERFORM(thread_userret, td); } /* ==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#6 (text+ko) ==== @@ -2287,9 +2287,9 @@ } static void -mac_lomac_pre_syscall_return(void) +mac_lomac_thread_userret(struct thread *td) { - struct proc *p = curthread->td_proc; + struct proc *p = td->td_proc; struct mac_biba_proc *subj = PSLOT(&p->p_label); struct ucred *newcred, *oldcred; @@ -2457,6 +2457,8 @@ (macop_t)mac_biba_create_proc1 }, { MAC_RELABEL_CRED, (macop_t)mac_biba_relabel_cred }, + { MAC_THREAD_USERRET, + (macop_t)mac_lomac_thread_userret }, { MAC_CHECK_BPFDESC_RECEIVE, (macop_t)mac_biba_check_bpfdesc_receive }, { MAC_CHECK_CRED_RELABEL, @@ -2523,8 +2525,6 @@ (macop_t)mac_biba_check_vnode_write }, { MAC_CHECK_VNODE_MMAP_PERMS, (macop_t)mac_biba_check_vnode_mmap_perms }, - { MAC_PRE_SYSCALL_RETURN, - (macop_t)mac_lomac_pre_syscall_return }, { MAC_INIT_PROC, (macop_t)mac_lomac_init_proc }, { MAC_DESTROY_PROC, ==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#74 (text+ko) ==== @@ -439,6 +439,12 @@ } +static void +mac_none_thread_userret(struct thread *td) +{ + +} + /* * Access control checks. */ @@ -993,6 +999,8 @@ (macop_t)mac_none_create_proc1 }, { MAC_RELABEL_CRED, (macop_t)mac_none_relabel_cred }, + { MAC_THREAD_USERRET, + (macop_t)mac_none_thread_userret }, { MAC_CHECK_BPFDESC_RECEIVE, (macop_t)mac_none_check_bpfdesc_receive }, { MAC_CHECK_CRED_RELABEL, ==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#45 (text+ko) ==== @@ -813,6 +813,12 @@ } +static void +mac_test_thread_userret(struct thread *td) +{ + +} + /* * Access control checks. */ @@ -1369,6 +1375,8 @@ (macop_t)mac_test_create_proc1 }, { MAC_RELABEL_CRED, (macop_t)mac_test_relabel_cred }, + { MAC_THREAD_USERRET, + (macop_t)mac_test_thread_userret }, { MAC_CHECK_BPFDESC_RECEIVE, (macop_t)mac_test_check_bpfdesc_receive }, { MAC_CHECK_CRED_RELABEL, ==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#161 (text+ko) ==== @@ -318,7 +318,7 @@ int mac_execve_will_transition(struct ucred *old, struct vnode *vp); void mac_create_proc0(struct ucred *cred); void mac_create_proc1(struct ucred *cred); -void mac_pre_syscall_return(void); +void mac_thread_userret(struct thread *td); /* Access control checks. */ int mac_check_bpfdesc_receive(struct bpf_d *bpf_d, struct ifnet *ifnet); ==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#125 (text+ko) ==== @@ -253,9 +253,9 @@ struct vnode *vp, struct label *vnodelabel); void (*mpo_create_proc0)(struct ucred *cred); void (*mpo_create_proc1)(struct ucred *cred); - void (*mpo_pre_syscall_return)(void); void (*mpo_relabel_cred)(struct ucred *cred, struct label *newlabel); + void (*mpo_thread_userret)(struct thread *thread); /* * Access control checks. @@ -473,8 +473,8 @@ MAC_EXECVE_WILL_TRANSITION, MAC_CREATE_PROC0, MAC_CREATE_PROC1, - MAC_PRE_SYSCALL_RETURN, MAC_RELABEL_CRED, + MAC_THREAD_USERRET, MAC_CHECK_BPFDESC_RECEIVE, MAC_CHECK_CRED_RELABEL, MAC_CHECK_CRED_VISIBLE, To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message