Date: Sat, 21 Jun 2003 20:46:58 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 33499 for review Message-ID: <200306220346.h5M3kwHC015432@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=33499 Change 33499 by rwatson@rwatson_powerbook on 2003/06/21 20:46:13 Stub out mtx_assert(); Darwin doesn't appear to have one; we'll probably want to add one. Convert mac_policy_mtx to a Mach mutex_t. "#if 0" out module load handling since we need to redo that the Darwin way. "#if 0" out devfs references, since we'll need to rehash those for the Darwin (FreeBSD 3.x) devfs. "#if 0" out pipe references, since Darwin uses FreeBSD 3.x pipes based on socket pairs; we'll need to revisit this. Closer and closer to compiling... Affected files ... .. //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#6 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/bsd/kern/kern_mac.c#6 (text+ko) ==== @@ -85,6 +85,7 @@ #define TUNABLE_INT(x, y) #define WITNESS_WARN(x, y, z, ...) +#define mtx_assert(x, y) SYSCTL_DECL(_security); @@ -258,7 +259,7 @@ * exclusive consumers that they should try to acquire the lock if a * first attempt at exclusive access fails. */ -static struct mtx mac_policy_mtx; +static mutex_t mac_policy_mtx; static struct cv mac_policy_cv; static int mac_policy_count; static LIST_HEAD(, mac_policy_conf) mac_policy_list; @@ -542,6 +543,7 @@ #endif } +#if 0 /* * Allow MAC policy modules to register during boot, etc. */ @@ -579,6 +581,7 @@ return (error); } +#endif static int mac_policy_register(struct mac_policy_conf *mpc) @@ -798,6 +801,7 @@ mac_init_cred_label(&cred->cr_label); } +#if 0 void mac_init_devfsdirent(struct devfs_dirent *de) { @@ -808,6 +812,7 @@ atomic_add_int(&nmacdevfsdirents, 1); #endif } +#endif static void mac_init_ifnet_label(struct label *label) @@ -911,6 +916,7 @@ #endif } +#if 0 static void mac_init_pipe_label(struct label *label) { @@ -932,6 +938,7 @@ pipe->pipe_peer->pipe_label = label; mac_init_pipe_label(label); } +#endif void mac_init_proc(struct proc *p) @@ -1044,6 +1051,7 @@ mac_destroy_cred_label(&cred->cr_label); } +#if 0 void mac_destroy_devfsdirent(struct devfs_dirent *de) { @@ -1054,6 +1062,7 @@ atomic_subtract_int(&nmacdevfsdirents, 1); #endif } +#endif static void mac_destroy_ifnet_label(struct label *label) @@ -1111,6 +1120,7 @@ #endif } +#if 0 static void mac_destroy_pipe_label(struct label *label) { @@ -1129,6 +1139,7 @@ mac_destroy_pipe_label(pipe->pipe_label); free(pipe->pipe_label, M_MACPIPELABEL); } +#endif void mac_destroy_proc(struct proc *p) @@ -1201,12 +1212,14 @@ MAC_PERFORM(copy_mbuf_label, src_label, dest_label); } +#if 0 static void mac_copy_pipe_label(struct label *src, struct label *dest) { MAC_PERFORM(copy_pipe_label, src, dest); } +#endif void mac_copy_vnode_label(struct label *src, struct label *dest) @@ -1247,6 +1260,7 @@ return (error); } +#if 0 static int mac_externalize_pipe_label(struct label *label, char *elements, char *outbuf, size_t outbuflen, int flags) @@ -1257,6 +1271,7 @@ return (error); } +#endif static int mac_externalize_socket_label(struct label *label, char *elements, @@ -1311,6 +1326,7 @@ return (error); } +#if 0 static int mac_internalize_pipe_label(struct label *label, char *string) { @@ -1320,6 +1336,7 @@ return (error); } +#endif static int mac_internalize_socket_label(struct label *label, char *string) @@ -1382,6 +1399,7 @@ MAC_PERFORM(create_cred, parent_cred, child_cred); } +#if 0 void mac_update_devfsdirent(struct mount *mp, struct devfs_dirent *de, struct vnode *vp) @@ -1399,6 +1417,7 @@ MAC_PERFORM(associate_vnode_devfs, mp, &mp->mnt_fslabel, de, &de->de_label, vp, &vp->v_label); } +#endif int mac_associate_vnode_extattr(struct mount *mp, struct vnode *vp) @@ -2241,12 +2260,14 @@ MAC_PERFORM(create_socket, cred, socket, &socket->so_label); } +#if 0 void mac_create_pipe(struct ucred *cred, struct pipe *pipe) { MAC_PERFORM(create_pipe, cred, pipe, pipe->pipe_label); } +#endif void mac_create_socket_from_socket(struct socket *oldsocket, @@ -2265,12 +2286,14 @@ MAC_PERFORM(relabel_socket, cred, socket, &socket->so_label, newlabel); } +#if 0 static void mac_relabel_pipe(struct ucred *cred, struct pipe *pipe, struct label *newlabel) { MAC_PERFORM(relabel_pipe, cred, pipe, pipe->pipe_label, newlabel); } +#endif void mac_set_socket_peer_from_mbuf(struct mbuf *mbuf, struct socket *socket) @@ -2647,6 +2670,7 @@ return (error); } +#if 0 int mac_check_pipe_ioctl(struct ucred *cred, struct pipe *pipe, unsigned long cmd, void *data) @@ -2738,6 +2762,7 @@ return (error); } +#endif int mac_check_proc_debug(struct ucred *cred, struct proc *proc) @@ -3116,6 +3141,7 @@ return (0); } +#if 0 void mac_create_devfs_device(struct mount *mp, dev_t dev, struct devfs_dirent *de, const char *fullpath) @@ -3142,6 +3168,7 @@ MAC_PERFORM(create_devfs_directory, mp, dirname, dirnamelen, de, &de->de_label, fullpath); } +#endif int mac_setsockopt_label_set(struct ucred *cred, struct socket *so, @@ -3182,6 +3209,7 @@ return (0); } +#if 0 int mac_pipe_label_set(struct ucred *cred, struct pipe *pipe, struct label *label) { @@ -3197,6 +3225,7 @@ return (0); } +#endif int mac_getsockopt_label_get(struct ucred *cred, struct socket *so, @@ -3500,7 +3529,9 @@ struct file *fp; struct mac mac; struct vnode *vp; +#if 0 struct pipe *pipe; +#endif short label_type; int error; @@ -3538,6 +3569,7 @@ VOP_UNLOCK(vp, 0, td); break; +#if 0 case DTYPE_PIPE: pipe = fp->f_data; @@ -3547,6 +3579,7 @@ mac_copy_pipe_label(pipe->pipe_label, &intlabel); PIPE_UNLOCK(pipe); break; +#endif default: error = EINVAL; fdrop(fp, td); @@ -3562,11 +3595,13 @@ elements, buffer, mac.m_buflen, M_WAITOK); mac_destroy_vnode_label(&intlabel); break; +#if 0 case DTYPE_PIPE: error = mac_externalize_pipe_label(&intlabel, elements, buffer, mac.m_buflen, M_WAITOK); mac_destroy_pipe_label(&intlabel); break; +#endif default: panic("__mac_get_fd: corrupted label_type"); } @@ -3698,7 +3733,9 @@ __mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap) { struct label intlabel; +#if 0 struct pipe *pipe; +#endif struct file *fp; struct mount *mp; struct vnode *vp; @@ -3752,6 +3789,7 @@ mac_destroy_vnode_label(&intlabel); break; +#if 0 case DTYPE_PIPE: mac_init_pipe_label(&intlabel); error = mac_internalize_pipe_label(&intlabel, buffer); @@ -3765,6 +3803,7 @@ mac_destroy_pipe_label(&intlabel); break; +#endif default: error = EINVAL;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200306220346.h5M3kwHC015432>