Date: Mon, 6 Oct 2003 17:34:34 -0700 (PDT) From: Hrishikesh Dandekar <hdandeka@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 39279 for review Message-ID: <200310070034.h970YYWq084432@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=39279 Change 39279 by hdandeka@hdandeka_yash on 2003/10/06 17:33:41 Integrate the mac_create_ipc_msgmsg related changes from the mac branch. Affected files ... .. //depot/projects/trustedbsd/sebsd/sys/kern/kern_mac.c#11 integrate .. //depot/projects/trustedbsd/sebsd/sys/kern/sysv_msg.c#6 integrate .. //depot/projects/trustedbsd/sebsd/sys/security/mac_biba/mac_biba.c#6 integrate .. //depot/projects/trustedbsd/sebsd/sys/security/mac_lomac/mac_lomac.c#6 integrate .. //depot/projects/trustedbsd/sebsd/sys/security/mac_mls/mac_mls.c#6 integrate .. //depot/projects/trustedbsd/sebsd/sys/security/mac_stub/mac_stub.c#5 integrate .. //depot/projects/trustedbsd/sebsd/sys/security/mac_test/mac_test.c#6 integrate .. //depot/projects/trustedbsd/sebsd/sys/sys/mac.h#8 integrate .. //depot/projects/trustedbsd/sebsd/sys/sys/mac_policy.h#8 integrate Differences ... ==== //depot/projects/trustedbsd/sebsd/sys/kern/kern_mac.c#11 (text+ko) ==== @@ -40,7 +40,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/kern/kern_mac.c,v 1.97 2003/08/21 18:21:22 rwatson Exp $"); +__FBSDID("$FreeBSD: src/sys/kern/kern_mac.c,v 1.99 2003/09/29 18:35:17 rwatson Exp $"); #include "opt_mac.h" #include "opt_devfs.h" @@ -1350,7 +1350,8 @@ mac_check_structmac_consistent(struct mac *mac) { - if (mac->m_buflen > MAC_MAX_LABEL_BUF_LEN) + if (mac->m_buflen < 0 || + mac->m_buflen > MAC_MAX_LABEL_BUF_LEN) return (EINVAL); return (0); @@ -2521,10 +2522,12 @@ } void -mac_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr) +mac_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr, + struct msg *msgptr) { - MAC_PERFORM(create_ipc_msgmsg, cred, msgptr, &msgptr->label); + MAC_PERFORM(create_ipc_msgmsg, cred, msqkptr, &msqkptr->label, + msgptr, &msgptr->label); } void ==== //depot/projects/trustedbsd/sebsd/sys/kern/sysv_msg.c#6 (text+ko) ==== @@ -18,7 +18,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/kern/sysv_msg.c,v 1.49 2003/06/11 00:56:57 obrien Exp $"); +__FBSDID("$FreeBSD: src/sys/kern/sysv_msg.c,v 1.50 2003/08/07 16:42:27 nectar Exp $"); #include "opt_sysvipc.h" #include "opt_mac.h" @@ -349,7 +349,7 @@ struct thread *td; /* XXX actually varargs. */ struct msgsys_args /* { - u_int which; + int which; int a2; int a3; int a4; @@ -361,7 +361,8 @@ if (!jail_sysvipc_allowed && jailed(td->td_ucred)) return (ENOSYS); - if (uap->which >= sizeof(msgcalls)/sizeof(msgcalls[0])) + if (uap->which < 0 || + uap->which >= sizeof(msgcalls)/sizeof(msgcalls[0])) return (EINVAL); error = (*msgcalls[uap->which])(td, &uap->a2); return (error); @@ -890,7 +891,7 @@ msghdr->msg_spot = -1; msghdr->msg_ts = msgsz; #ifdef MAC - mac_create_ipc_msgmsg(td->td_ucred,msghdr); + mac_create_ipc_msgmsg(td->td_ucred, msqkptr, msghdr); /* * XXX: Should the mac_check_ipc_msgmsq check follow here immediately ? * Or, should it be checked just before the msg is enqueued in the msgq ==== //depot/projects/trustedbsd/sebsd/sys/security/mac_biba/mac_biba.c#6 (text+ko) ==== @@ -1172,11 +1172,12 @@ */ static void -mac_biba_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr, - struct label *msglabel) +mac_biba_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqlabel, struct msg *msgptr, struct label *msglabel) { struct mac_biba *source, *dest; + /* Ignore the msgq label */ source = SLOT(&cred->cr_label); dest = SLOT(msglabel); ==== //depot/projects/trustedbsd/sebsd/sys/security/mac_lomac/mac_lomac.c#6 (text+ko) ==== @@ -1244,11 +1244,12 @@ * Labeling event operations: System V IPC objects. */ static void -mac_lomac_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr, - struct label *msglabel) +mac_lomac_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqlabel, struct msg *msgptr, struct label *msglabel) { struct mac_lomac *source, *dest; + /* Ignore the msgq label */ source = SLOT(&cred->cr_label); dest = SLOT(msglabel); ==== //depot/projects/trustedbsd/sebsd/sys/security/mac_mls/mac_mls.c#6 (text+ko) ==== @@ -1140,11 +1140,12 @@ */ static void -mac_mls_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr, - struct label *msglabel) +mac_mls_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqlabel, struct msg *msgptr, struct label *msglabel) { struct mac_mls *source, *dest; + /* Ignore the msgq label */ source = SLOT(&cred->cr_label); dest = SLOT(msglabel); ==== //depot/projects/trustedbsd/sebsd/sys/security/mac_stub/mac_stub.c#5 (text+ko) ==== @@ -344,8 +344,8 @@ } static void -stub_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr, - struct label *msglabel) +stub_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqlabel, struct msg *msgptr, struct label *msglabel) { } ==== //depot/projects/trustedbsd/sebsd/sys/security/mac_test/mac_test.c#6 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD: src/sys/security/mac_test/mac_test.c,v 1.30 2003/08/21 17:28:45 rwatson Exp $ + * $FreeBSD: src/sys/security/mac_test/mac_test.c,v 1.31 2003/08/22 12:32:07 rwatson Exp $ */ /* @@ -988,11 +988,12 @@ } static void -mac_test_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr, - struct label *msglabel) +mac_test_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr, + struct label *msqlabel, struct msg *msgptr, struct label *msglabel) { ASSERT_SYSVIPCMSG_LABEL(msglabel); + ASSERT_SYSVIPCMSQ_LABEL(msqlabel); } static void @@ -2270,7 +2271,7 @@ .mpo_create_mbuf_netlayer = mac_test_create_mbuf_netlayer, .mpo_fragment_match = mac_test_fragment_match, .mpo_reflect_mbuf_icmp = mac_test_reflect_mbuf_icmp, - .mpo_reflect_mbuf_icmp = mac_test_reflect_mbuf_tcp, + .mpo_reflect_mbuf_tcp = mac_test_reflect_mbuf_tcp, .mpo_relabel_ifnet = mac_test_relabel_ifnet, .mpo_update_ipq = mac_test_update_ipq, .mpo_update_mbuf_from_cipso = mac_test_update_mbuf_from_cipso, ==== //depot/projects/trustedbsd/sebsd/sys/sys/mac.h#8 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD: src/sys/sys/mac.h,v 1.42 2003/08/21 18:21:22 rwatson Exp $ + * $FreeBSD: src/sys/sys/mac.h,v 1.45 2003/08/29 02:43:57 rwatson Exp $ */ /* * Userland/kernel interface for Mandatory Access Control. @@ -86,7 +86,7 @@ int mac_get_pid(pid_t _pid, mac_t _label); int mac_get_proc(mac_t _label); int mac_is_present(const char *_policyname); -int mac_prepare(mac_t *_label, char *_elements); +int mac_prepare(mac_t *_label, const char *_elements); int mac_prepare_file_label(mac_t *_label); int mac_prepare_ifnet_label(mac_t *_label); int mac_prepare_process_label(mac_t *_label); @@ -219,7 +219,8 @@ /* * Labeling event operations: System V IPC primitives */ -void mac_create_ipc_msgmsg(struct ucred *cred, struct msg *msgptr); +void mac_create_ipc_msgmsg(struct ucred *cred, struct msqid_kernel *msqkptr, + struct msg *msgptr); void mac_create_ipc_msgqueue(struct ucred *cred, struct msqid_kernel *msqkptr); void mac_create_ipc_sema(struct ucred *cred, ==== //depot/projects/trustedbsd/sebsd/sys/sys/mac_policy.h#8 (text+ko) ==== @@ -226,7 +226,10 @@ /* * Labeling event operations: System V IPC primitives */ - void (*mpo_create_ipc_msgmsg)(struct ucred *cred, struct msg *msgptr, + void (*mpo_create_ipc_msgmsg)(struct ucred *cred, + struct msqid_kernel *msqkptr, + struct label *msqlabel, + struct msg *msgptr, struct label *msglabel); void (*mpo_create_ipc_msgqueue)(struct ucred *cred, struct msqid_kernel *msqkptr, struct label *msqlabel);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200310070034.h970YYWq084432>