From owner-p4-projects@FreeBSD.ORG Thu Feb 9 20:25:22 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 22A6F16A423; Thu, 9 Feb 2006 20:25:22 +0000 (GMT) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D9E5C16A420 for ; Thu, 9 Feb 2006 20:25:21 +0000 (GMT) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 93A8B43D6A for ; Thu, 9 Feb 2006 20:25:15 +0000 (GMT) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k19KPF9U031515 for ; Thu, 9 Feb 2006 20:25:15 GMT (envelope-from millert@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k19KPF79031512 for perforce@freebsd.org; Thu, 9 Feb 2006 20:25:15 GMT (envelope-from millert@freebsd.org) Date: Thu, 9 Feb 2006 20:25:15 GMT Message-Id: <200602092025.k19KPF79031512@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to millert@freebsd.org using -f From: Todd Miller To: Perforce Change Reviews Cc: Subject: PERFORCE change 91461 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Feb 2006 20:25:23 -0000 http://perforce.freebsd.org/chv.cgi?CH=91461 Change 91461 by millert@millert_ibook on 2006/02/09 20:25:08 Add missing (c) notice Factor out code to load the migscs file into its own function for the new syscall. Add some missing error checks Affected files ... .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/mach_av.c#9 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/mach_av.c#9 (text+ko) ==== @@ -1,5 +1,31 @@ +/*- + * Copyright (c) 2005 SPARTA, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ #include +#include #include #include #include @@ -22,37 +48,41 @@ { int baseid; int nclasses; - int classes[0]; + int classes[0]; /* actually larger */ }; static struct hashtab *msgid2class; -void sebsd_mach_av_init() +static mutex_t *migscs_load_lock; + +/* + * Read the table mapping mach message ids to security classes. + * The permissions in those classes are expected to be relative to the + * base message id defined for a subsystem (which is in this table). + */ +int +sebsd_load_migscs(void *tdata, size_t tsize) { - /* Read the table mapping mach message ids to security classes. - The permissions in those classes are expected to be relative to the - base message id defined for a subsystem (which is in this table). */ + struct hashtab *ht, *oht; + int error, *p, *ep; - size_t tsize; - int *tdata; - if (!preload_find_data ("sebsd_migscs", &tsize, &tdata)) { - msgid2class = hashtab_create(msgid_hash, msgid_cmp, 3); - return; - } + ht = hashtab_create(msgid_hash, msgid_cmp, 31337); + if (ht == NULL) + return (-1); - msgid2class = hashtab_create(msgid_hash, msgid_cmp, 31337); + printf("security class to subsystem table: %d classes\n", + tsize / sizeof(int)); - tsize /= sizeof(int); - int *p = tdata; - - while (p < tdata+tsize) { + p = (int *)tdata; + ep = (int *)((char *)tdata + tsize); + while (p < ep) { int msgid = *p++; int nclasses = *p++; int size = *p++; int i; + struct msgid_classinfo *c; - struct msgid_classinfo *c = sebsd_malloc - (sizeof(int) * nclasses + sizeof(struct msgid_classinfo), M_WAITOK); + c = sebsd_malloc(sizeof(int) * nclasses + sizeof(*c), M_WAITOK); c->baseid = msgid; c->nclasses = nclasses; for (i = 0; i < nclasses; i++) @@ -60,11 +90,43 @@ for (i = msgid; i < msgid + size; i++) { int *ip = sebsd_malloc(sizeof(int), M_WAITOK); *ip = i; - hashtab_insert(msgid2class, ip, c); + error = hashtab_insert(ht, ip, c); + if (error) { + hashtab_destroy(ht); + return (-1); + } } } + + /* + * Swap the old message id to class mapping with the new one + * and free the old. + * XXX - does this leak memory? + */ + mutex_lock(migscs_load_lock); + oht = msgid2class; + msgid2class = ht; + mutex_unlock(migscs_load_lock); + hashtab_destroy(oht); + return (0); +} + +void +sebsd_mach_av_init(void) +{ + size_t tsize; + int *tdata; + + migscs_load_lock = mutex_alloc(ETAP_NO_TRACE); + + if (!preload_find_data ("sebsd_migscs", &tsize, &tdata) || + sebsd_load_migscs(tdata, tsize) != 0) { + msgid2class = hashtab_create(msgid_hash, msgid_cmp, 3); + return; + } } + int sebsd_check_ipc_method1(int subj, int obj, int msgid) {