PERFORCE change 120603 for review

Robert Watson rwatson at FreeBSD.org
Wed May 30 08:31:21 UTC 2007 

http://perforce.freebsd.org/chv.cgi?CH=120603

Change 120603 by rwatson at rwatson_zoo on 2007/05/30 08:31:07

	Revert all MAC files in the audit3 branch to their CVS state; pretty
	much entirely merge and integration related duplicates.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#11 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.c#2 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.h#9 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_inet.c#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_internal.h#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_label.c#6 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_net.c#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_pipe.c#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_policy.h#9 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_posix_sem.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_priv.c#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_process.c#8 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_socket.c#8 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_syscalls.c#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_system.c#8 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_msg.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_sem.c#6 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_shm.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_vfs.c#11 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.c#13 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.h#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.c#13 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.h#4 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_ifoff/mac_ifoff.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.c#12 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.h#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.c#11 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.h#3 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_none/mac_none.c#5 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.c#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.h#2 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_portacl/mac_portacl.c#9 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_seeotheruids/mac_seeotheruids.c#8 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_stub/mac_stub.c#10 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/mac_test/mac_test.c#12 integrate

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#11 (text+ko) ====

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
+ * Copyright (c) 1999-2002 Robert N. M. Watson
  * Copyright (c) 2001 Ilmar S. Habibulin
  * Copyright (c) 2001-2004 Networks Associates Technology, Inc.
  *
@@ -32,7 +32,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $FreeBSD$
+ * $FreeBSD: src/sys/security/mac/mac_audit.c,v 1.1 2007/04/21 22:08:47 rwatson Exp $
  */
 
 #include <sys/param.h>

==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.c#2 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_framework.h#9 (text+ko) ====

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
+ * Copyright (c) 1999-2002 Robert N. M. Watson
  * Copyright (c) 2001-2005 Networks Associates Technology, Inc.
  * Copyright (c) 2005-2006 SPARTA, Inc.
  * All rights reserved.

==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_inet.c#7 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_internal.h#7 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_label.c#6 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_net.c#7 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_pipe.c#7 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_policy.h#9 (text+ko) ====

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999-2002, 2007 Robert N. M. Watson
+ * Copyright (c) 1999-2002 Robert N. M. Watson
  * Copyright (c) 2001-2005 Networks Associates Technology, Inc.
  * Copyright (c) 2005-2006 SPARTA, Inc.
  * All rights reserved.

==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_posix_sem.c#5 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_priv.c#3 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_process.c#8 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_socket.c#8 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_syscalls.c#3 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_system.c#8 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_msg.c#5 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_sem.c#6 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_sysv_shm.c#5 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_vfs.c#11 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.c#13 (text+ko) ====

@@ -2483,50 +2483,6 @@
 }
 
 static int
-mac_biba_check_system_auditctl(struct ucred *cred, struct vnode *vp,
-    struct label *vplabel)
-{
-	struct mac_biba *subj, *obj;
-	int error;
-
-	if (!mac_biba_enabled)
-		return (0);
-
-	subj = SLOT(cred->cr_label);
-
-	error = mac_biba_subject_privileged(subj);
-	if (error)
-		return (error);
-
-	if (vplabel == NULL)
-		return (0);
-
-	obj = SLOT(vplabel);
-	if (!mac_biba_high_effective(obj))
-		return (EACCES);
-
-	return (0);
-}
-
-static int
-mac_biba_check_system_auditon(struct ucred *cred, int cmd)
-{
-	struct mac_biba *subj;
-	int error;
-
-	if (!mac_biba_enabled)
-		return (0);
-
-	subj = SLOT(cred->cr_label);
-
-	error = mac_biba_subject_privileged(subj);
-	if (error)
-		return (error);
-
-	return (0);
-}
-
-static int
 mac_biba_check_system_auditon(struct ucred *cred, int cmd)
 {
 	struct mac_biba *subj;

==== //depot/projects/trustedbsd/audit3/sys/security/mac_biba/mac_biba.h#3 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.c#13 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_bsdextended/mac_bsdextended.h#4 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_ifoff/mac_ifoff.c#5 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.c#12 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_lomac/mac_lomac.h#3 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.c#11 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_mls/mac_mls.h#3 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_none/mac_none.c#5 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.c#7 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_partition/mac_partition.h#2 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_portacl/mac_portacl.c#9 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_seeotheruids/mac_seeotheruids.c#8 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/mac_stub/mac_stub.c#10 (text+ko) ====

@@ -923,20 +923,6 @@
 }
 
 static int
-stub_check_proc_setaudit(struct ucred *cred, struct auditinfo *ai)
-{
-
-	return (0);
-}
-
-static int
-stub_check_proc_setauid(struct ucred *cred, uid_t auid)
-{
-
-	return (0);
-}
-
-static int
 stub_check_proc_setuid(struct ucred *cred, uid_t uid)
 {
 
@@ -1112,28 +1098,6 @@
 }
 
 static int
-stub_check_system_audit(struct ucred *cred, void *record, int length)
-{
-
-	return (0);
-}
-
-static int
-stub_check_system_auditctl(struct ucred *cred, struct vnode *vp,
-    struct label *vlabel)
-{
-
-	return (0);
-}
-
-static int
-stub_check_system_auditon(struct ucred *cred, int cmd)
-{
-
-	return (0);
-}
-
-static int
 stub_check_system_auditctl(struct ucred *cred, struct vnode *vp,
     struct label *vplabel)
 {
@@ -1645,7 +1609,6 @@
 	.mpo_check_system_auditon = stub_check_system_auditon,
 	.mpo_check_system_reboot = stub_check_system_reboot,
 	.mpo_check_system_swapoff = stub_check_system_swapoff,
-	.mpo_check_system_swapoff = stub_check_system_swapoff,
 	.mpo_check_system_swapon = stub_check_system_swapon,
 	.mpo_check_system_sysctl = stub_check_system_sysctl,
 	.mpo_check_vnode_access = stub_check_vnode_access,

==== //depot/projects/trustedbsd/audit3/sys/security/mac_test/mac_test.c#12 (text+ko) ====

@@ -1957,9 +1957,6 @@
 
 	LABEL_CHECK(cred->cr_label, MAGIC_CRED);
 	COUNTER_INC(check_system_audit);
-	if (label != NULL) {
-		ASSERT_VNODE_LABEL(label);
-	}
 
 	return (0);
 }
@@ -2001,7 +1998,7 @@
 
 COUNTER_DECL(check_system_swapoff);
 static int
-mac_test_check_system_swapon(struct ucred *cred, struct vnode *vp,
+mac_test_check_system_swapoff(struct ucred *cred, struct vnode *vp,
     struct label *vplabel)
 {

More information about the p4-projects mailing list