From owner-p4-projects  Wed May  1 15:30:40 2002
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 4CC8937B405; Wed,  1 May 2002 15:30:34 -0700 (PDT)
Delivered-To: perforce@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 498AB37B417
	for <perforce@freebsd.org>; Wed,  1 May 2002 15:30:33 -0700 (PDT)
Received: (from perforce@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g41MUXX02383
	for perforce@freebsd.org; Wed, 1 May 2002 15:30:33 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Wed, 1 May 2002 15:30:33 -0700 (PDT)
Message-Id: <200205012230.g41MUXX02383@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
Subject: PERFORCE change 10607 for review
To: Perforce Change Reviews <perforce@freebsd.org>
Sender: owner-p4-projects@FreeBSD.ORG
Precedence: bulk
List-ID: <p4-projects.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20p4-projects>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20p4-projects>
X-Loop: FreeBSD.ORG

http://people.freebsd.org/~peter/p4db/chv.cgi?CH=10607

Change 10607 by rwatson@rwatson_curry on 2002/05/01 15:30:03

	Call mac_create_socket_from_socket() instead of
	mac_create_socket() when we derive an acceptable socket from
	a listen socket.  Previously, we created the new socket label
	from the credential cached in the old socket.  Now we leave
	that up to individual policies, which now generally derive it
	from the old socket label.  For existing policies, this results
	in the same material endpoint, but improves flexibility as
	well as pushing us in the direction of peer credentials.

Affected files ...

... //depot/projects/trustedbsd/mac/sys/kern/uipc_socket2.c#16 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/uipc_socket2.c#16 (text+ko) ====

@@ -249,7 +249,7 @@
 	so->so_timeo = head->so_timeo;
 	so->so_cred = crhold(head->so_cred);
 #ifdef MAC
-	mac_create_socket(so->so_cred, so);
+	mac_create_socket_from_socket(head, so);
 #endif
 	if (soreserve(so, head->so_snd.sb_hiwat, head->so_rcv.sb_hiwat) ||
 	    (*so->so_proto->pr_usrreqs->pru_attach)(so, 0, NULL)) {

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message