Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 10 May 2002 15:49:07 -0700 (PDT)
From:      Adam Migus <amigus@FreeBSD.org>
To:        Perforce Change Reviews <perforce@freebsd.org>
Subject:   PERFORCE change 11139 for review
Message-ID:  <200205102249.g4AMn7b19649@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=11139

Change 11139 by amigus@amigus_vmganyopa on 2002/05/10 15:48:53

	Implemented setsockopt(), SO_LABEL and SO_PEERLABEL (SOL_SOCKET).
	Note that it now returns EPERM if suser_cred() fails.  Once I
	figure out where else EPERM gets returned I'll update the
	[gs]etsockopt() man page to reflect that.  Also fixed a white
	space bug in socket.h.  I will also remove the now redunant
	__mac_get_peer() syscall.

Affected files ...

... //depot/projects/trustedbsd/mac/sys/kern/uipc_socket.c#20 edit
... //depot/projects/trustedbsd/mac/sys/sys/socket.h#6 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/uipc_socket.c#20 (text+ko) ====

@@ -1154,6 +1154,9 @@
 	struct	linger l;
 	struct	timeval tv;
 	u_long  val;
+#ifdef MAC
+	struct mac label, *labelp;
+#endif /* MAC */
 
 	error = 0;
 	if (sopt->sopt_level != SOL_SOCKET) {
@@ -1277,6 +1280,29 @@
 				break;
 			}
 			break;
+#ifdef MAC
+		case SO_LABEL:
+		case SO_PEERLABEL:
+			if(sopt->sopt_td != NULL)
+				error = suser_cred(sopt->sopt_td->td_ucred, 0);
+			if(error)
+				goto bad;
+
+			error = sooptcopyin(sopt, &label, sizeof label,
+					    sizeof label);
+			if (error)
+				goto bad;
+
+			error = mac_validate_label(&label);
+			if (error)
+				goto bad;
+
+			labelp = (sopt->sopt_name == SO_LABEL ?
+				 &so->so_label : &so->so_peerlabel);
+			bcopy(&label, labelp, sizeof label);
+
+			break;
+#endif /* MAC */
 		default:
 			error = ENOPROTOOPT;
 			break;

==== //depot/projects/trustedbsd/mac/sys/sys/socket.h#6 (text+ko) ====

@@ -96,8 +96,8 @@
 #define	SO_ERROR	0x1007		/* get error status and clear */
 #define	SO_TYPE		0x1008		/* get socket type */
 /*efine	SO_PRIVSTATE	0x1009		   get/deny privileged state */
-#define SO_LABEL        0x1010          /* sockets MAC label */
-#define SO_PEERLABEL    0x1011          /* sockets peer MAC label */
+#define SO_LABEL	0x1010		/* sockets MAC label */
+#define SO_PEERLABEL	0x1011		/* sockets peer MAC label */
 
 /*
  * Structure used for manipulating linger option.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205102249.g4AMn7b19649>