From owner-p4-projects Sat Sep 21 20:26:48 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 7C5BB37B404; Sat, 21 Sep 2002 20:26:45 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2B3A437B401 for ; Sat, 21 Sep 2002 20:26:45 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id BFAA143E3B for ; Sat, 21 Sep 2002 20:26:44 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from freefall.freebsd.org (perforce@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g8M3QiCo082052 for ; Sat, 21 Sep 2002 20:26:44 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g8M3Qi8i082049 for perforce@freebsd.org; Sat, 21 Sep 2002 20:26:44 -0700 (PDT) Date: Sat, 21 Sep 2002 20:26:44 -0700 (PDT) Message-Id: <200209220326.g8M3Qi8i082049@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 17904 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=17904 Change 17904 by rwatson@rwatson_tislabs on 2002/09/21 20:25:44 Modify Biba and MLS to recognize the reality that mpo_create_mbuf_from_mbuf() may have a source mbuf that is initialized but not created. Modify nfs_socket.c to not explicitly perform the label copy since it will be performed later. Affected files ... .. //depot/projects/trustedbsd/mac/sys/nfsclient/nfs_socket.c#14 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#108 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#89 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/nfsclient/nfs_socket.c#14 (text+ko) ==== @@ -889,10 +889,6 @@ m = nfsm_rpchead(cred, nmp->nm_flag, procnum, auth_type, auth_len, mrest, mrest_len, &mheadend, &xid); -#ifdef MAC - mac_create_mbuf_from_socket(nmp->nm_so, m); -#endif - /* * For stream protocols, insert a Sun RPC Record Mark. */ ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#108 (text+ko) ==== @@ -925,7 +925,15 @@ source = SLOT(oldmbuflabel); dest = SLOT(newmbuflabel); - mac_biba_copy_single(source, dest); + /* + * Because the source mbuf may not yet have been "created", + * just initialized, we do a conditional copy. Since we don't + * allow mbufs to have ranges, do a KASSERT to make sure that + * doesn't happen. + */ + KASSERT((source->mb_flags & MAC_BIBA_FLAG_RANGE) != 0, + ("mac_biba_create_mbuf_from_mbuf: source mbuf has range")); + mac_biba_copy(source, dest); } static void ==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#89 (text+ko) ==== @@ -879,7 +879,15 @@ source = SLOT(oldmbuflabel); dest = SLOT(newmbuflabel); - mac_mls_copy_single(source, dest); + /* + * Because the source mbuf may not yet have been "created", + * just initialized, we do a conditional copy. Since we don't + * allow mbufs to have ranges, do a KASSERT to make sure that + * doesn't happen. + */ + KASSERT((source->mm_flags & MAC_MLS_FLAG_RANGE) != 0, + ("mac_mls_create_mbuf_from_mbuf: source mbuf has range")); + mac_mls_copy(source, dest); } static void To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message