From owner-p4-projects@FreeBSD.ORG Fri Nov 21 04:01:59 2003 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id CCE4616A4D0; Fri, 21 Nov 2003 04:01:58 -0800 (PST) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A6B0516A4CE for ; Fri, 21 Nov 2003 04:01:58 -0800 (PST) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id E9C3D43FD7 for ; Fri, 21 Nov 2003 04:01:57 -0800 (PST) (envelope-from cvance@nailabs.com) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.9/8.12.9) with ESMTP id hALC1vXJ070625 for ; Fri, 21 Nov 2003 04:01:57 -0800 (PST) (envelope-from cvance@nailabs.com) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.9/8.12.9/Submit) id hALC1vri070622 for perforce@freebsd.org; Fri, 21 Nov 2003 04:01:57 -0800 (PST) (envelope-from cvance@nailabs.com) Date: Fri, 21 Nov 2003 04:01:57 -0800 (PST) Message-Id: <200311211201.hALC1vri070622@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to cvance@nailabs.com using -f From: Chris Vance To: Perforce Change Reviews Subject: PERFORCE change 42884 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Nov 2003 12:01:59 -0000 http://perforce.freebsd.org/chv.cgi?CH=42884 Change 42884 by cvance@cvance_osx_laptop on 2003/11/21 04:01:04 Add back code to label newly created files using extattrs Affected files ... .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#31 edit .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#16 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#31 (text+ko) ==== @@ -1484,7 +1484,6 @@ &vp->v_label); } -#if 0 int mac_create_vnode_extattr(struct ucred *cred, struct mount *mp, struct vnode *dvp, struct vnode *vp, struct componentname *cnp) @@ -1520,7 +1519,6 @@ return (error); } -#endif static int mac_setlabel_vnode_extattr(struct ucred *cred, struct vnode *vp, ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/sebsd.c#16 (text+ko) ==== @@ -919,7 +919,6 @@ #endif } -#ifdef HAS_EXTATTRS static int sebsd_create_vnode_extattr(struct ucred *cred, struct mount *mp, struct label *fslabel, struct vnode *parent, struct label *parentlabel, @@ -933,6 +932,7 @@ int error; int tclass; + printf("sebsd_create_vnode_extattr called\n"); task = SLOT(&cred->cr_label); dir = SLOT(parentlabel); vsec = SLOT(childlabel); @@ -956,12 +956,11 @@ error = vn_extattr_set(child, IO_NODELOCKED, SEBSD_MAC_EXTATTR_NAMESPACE, SEBSD_MAC_EXTATTR_NAME, - context_len, context, curthread); + context_len, context, current_proc()); security_free_context(context); return (error); } -#endif #ifdef CAPABILITIES static int @@ -2184,10 +2183,10 @@ /* Create Labels */ .mpo_create_cred = sebsd_create_cred, + .mpo_create_devfs_device = sebsd_create_devfs_device, .mpo_create_proc0 = sebsd_create_proc0, .mpo_create_proc1 = sebsd_create_proc1, - - .mpo_create_devfs_device = sebsd_create_devfs_device, + .mpo_create_vnode_extattr = sebsd_create_vnode_extattr, .mpo_associate_vnode_singlelabel = sebsd_associate_vnode_singlelabel, .mpo_associate_vnode_extattr = sebsd_associate_vnode_extattr, @@ -2357,9 +2356,6 @@ .mpo_create_root_mount = sebsd_create_root_mount, /* .mpo_create_socket = sebsd_create_socket, */ /* .mpo_create_socket_from_socket = sebsd_create_socket_from_socket, */ -#ifdef HAS_EXTATTRS - .mpo_create_vnode_extattr = sebsd_create_vnode_extattr, -#endif #ifdef HAS_DEVFS_DIRENT .mpo_associate_vnode_devfs = sebsd_associate_vnode_devfs, #endif