From owner-p4-projects@FreeBSD.ORG  Wed Dec 12 08:22:38 2007
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 6BFF616A421; Wed, 12 Dec 2007 08:22:38 +0000 (UTC)
Delivered-To: perforce@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 04D2916A417
	for <perforce@FreeBSD.org>; Wed, 12 Dec 2007 08:22:38 +0000 (UTC)
	(envelope-from zhouzhouyi@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id DF3A013C478
	for <perforce@FreeBSD.org>; Wed, 12 Dec 2007 08:22:37 +0000 (UTC)
	(envelope-from zhouzhouyi@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id lBC8Mbt2063668
	for <perforce@FreeBSD.org>; Wed, 12 Dec 2007 08:22:37 GMT
	(envelope-from zhouzhouyi@FreeBSD.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.1/8.14.1/Submit) id lBC8MbeW063664
	for perforce@freebsd.org; Wed, 12 Dec 2007 08:22:37 GMT
	(envelope-from zhouzhouyi@FreeBSD.org)
Date: Wed, 12 Dec 2007 08:22:37 GMT
Message-Id: <200712120822.lBC8MbeW063664@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	zhouzhouyi@FreeBSD.org using -f
From: Zhouyi ZHOU <zhouzhouyi@FreeBSD.org>
To: Perforce Change Reviews <perforce@FreeBSD.org>
Cc: 
Subject: PERFORCE change 130686 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Dec 2007 08:22:38 -0000

http://perforce.freebsd.org/chv.cgi?CH=130686

Change 130686 by zhouzhouyi@zhouzhouyi_mactest on 2007/12/12 08:22:29

	settle memory leaks in Mandatory Access Control

Affected files ...

.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/bpf/00.t#4 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/kern/uipc_sem.c#4 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/netinet/in_pcb.c#6 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/netinet6/in6_pcb.c#4 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/security/mac/mac_posix_sem.c#4 edit

Differences ...

==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/bpf/00.t#4 (text+ko) ====

@@ -60,6 +60,7 @@
 			"mls/6(4-7),biba/5(4-7)"
 		    echo -n "pid = -2 bpfdesc_check_receive:" > ${mactest_conf}
 		    echo "biba/5,mls/5 biba/5(4-7),mls/6(4-7)" >> ${mactest_conf}
+		    echo "pid = -2 inpcb_destroy_label" > ${mactest_conf}
 
 		    bizarretestexpect ${tcpconnect} "" \
 			""  -f ${mactest_conf} -t 2 -b "mls/5(4-7),biba/5(4-7)" \

==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/kern/uipc_sem.c#4 (text+ko) ====

@@ -814,6 +814,9 @@
 	}
 	sem_rel(ks);
 	error = 0;
+#ifdef MAC
+	mac_posix_sem_destroy(ks);
+#endif
 err:
 	mtx_unlock(&sem_lock);
 	return (error);

==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/netinet/in_pcb.c#6 (text+ko) ====

@@ -198,7 +198,7 @@
 #ifdef IPSEC
 	error = ipsec_init_policy(so, &inp->inp_sp);
 	if (error != 0)
-		goto out;
+		goto out1;
 #endif /*IPSEC*/
 #ifdef INET6
 	if (INP_SOCKAF(so) == AF_INET6) {
@@ -218,8 +218,15 @@
 	inp->inp_gencnt = ++pcbinfo->ipi_gencnt;
 	
 #if defined(IPSEC) || defined(MAC)
+#ifdef IPSEC
+out1: 
+#endif
+#ifdef MAC
+	if (error != 0) 
+		mac_inpcb_destroy(inp);
+#endif	
 out:
-	if (error != 0)
+	if (error != 0) 
 		uma_zfree(pcbinfo->ipi_zone, inp);
 #endif
 	return (error);

==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/netinet6/in6_pcb.c#4 (text+ko) ====

@@ -65,6 +65,7 @@
 #include "opt_inet.h"
 #include "opt_inet6.h"
 #include "opt_ipsec.h"
+#include "opt_mac.h"
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -105,6 +106,8 @@
 #include <netipsec/key.h>
 #endif /* IPSEC */
 
+#include <security/mac/mac_framework.h>
+
 struct	in6_addr zeroin6_addr;
 
 int
@@ -433,6 +436,10 @@
 	if (inp->inp_moptions != NULL)
 		inp_freemoptions(inp->inp_moptions);
 	inp->inp_vflag = 0;
+
+#ifdef MAC
+	mac_inpcb_destroy(inp);
+#endif
 	INP_UNLOCK(inp);
 	uma_zfree(ipi->ipi_zone, inp);
 }

==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/security/mac/mac_posix_sem.c#4 (text+ko) ====

@@ -79,6 +79,7 @@
 {
 
 	mac_posixsem_label_free(ks->ks_label);
+	mac_labelzone_free(ks->ks_label);
 	ks->ks_label = NULL;
 }