PERFORCE change 130686 for review
Zhouyi ZHOU
zhouzhouyi at FreeBSD.org
Wed Dec 12 00:22:38 PST 2007
http://perforce.freebsd.org/chv.cgi?CH=130686
Change 130686 by zhouzhouyi at zhouzhouyi_mactest on 2007/12/12 08:22:29
settle memory leaks in Mandatory Access Control
Affected files ...
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/bpf/00.t#4 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/kern/uipc_sem.c#4 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/netinet/in_pcb.c#6 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/netinet6/in6_pcb.c#4 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/security/mac/mac_posix_sem.c#4 edit
Differences ...
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/bpf/00.t#4 (text+ko) ====
@@ -60,6 +60,7 @@
"mls/6(4-7),biba/5(4-7)"
echo -n "pid = -2 bpfdesc_check_receive:" > ${mactest_conf}
echo "biba/5,mls/5 biba/5(4-7),mls/6(4-7)" >> ${mactest_conf}
+ echo "pid = -2 inpcb_destroy_label" > ${mactest_conf}
bizarretestexpect ${tcpconnect} "" \
"" -f ${mactest_conf} -t 2 -b "mls/5(4-7),biba/5(4-7)" \
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/kern/uipc_sem.c#4 (text+ko) ====
@@ -814,6 +814,9 @@
}
sem_rel(ks);
error = 0;
+#ifdef MAC
+ mac_posix_sem_destroy(ks);
+#endif
err:
mtx_unlock(&sem_lock);
return (error);
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/netinet/in_pcb.c#6 (text+ko) ====
@@ -198,7 +198,7 @@
#ifdef IPSEC
error = ipsec_init_policy(so, &inp->inp_sp);
if (error != 0)
- goto out;
+ goto out1;
#endif /*IPSEC*/
#ifdef INET6
if (INP_SOCKAF(so) == AF_INET6) {
@@ -218,8 +218,15 @@
inp->inp_gencnt = ++pcbinfo->ipi_gencnt;
#if defined(IPSEC) || defined(MAC)
+#ifdef IPSEC
+out1:
+#endif
+#ifdef MAC
+ if (error != 0)
+ mac_inpcb_destroy(inp);
+#endif
out:
- if (error != 0)
+ if (error != 0)
uma_zfree(pcbinfo->ipi_zone, inp);
#endif
return (error);
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/netinet6/in6_pcb.c#4 (text+ko) ====
@@ -65,6 +65,7 @@
#include "opt_inet.h"
#include "opt_inet6.h"
#include "opt_ipsec.h"
+#include "opt_mac.h"
#include <sys/param.h>
#include <sys/systm.h>
@@ -105,6 +106,8 @@
#include <netipsec/key.h>
#endif /* IPSEC */
+#include <security/mac/mac_framework.h>
+
struct in6_addr zeroin6_addr;
int
@@ -433,6 +436,10 @@
if (inp->inp_moptions != NULL)
inp_freemoptions(inp->inp_moptions);
inp->inp_vflag = 0;
+
+#ifdef MAC
+ mac_inpcb_destroy(inp);
+#endif
INP_UNLOCK(inp);
uma_zfree(ipi->ipi_zone, inp);
}
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/security/mac/mac_posix_sem.c#4 (text+ko) ====
@@ -79,6 +79,7 @@
{
mac_posixsem_label_free(ks->ks_label);
+ mac_labelzone_free(ks->ks_label);
ks->ks_label = NULL;
}
More information about the p4-projects
mailing list