PERFORCE change 128862 for review
Zhouyi ZHOU
zhouzhouyi at FreeBSD.org
Fri Nov 9 02:48:51 PST 2007
http://perforce.freebsd.org/chv.cgi?CH=128862
Change 128862 by zhouzhouyi at zhouzhouyi_mactest on 2007/11/09 10:48:22
As a part of Integration according to rwatson's change to MAC Framework
Affected files ...
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/security/mac/mac_vfs.c#8 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/security/mac_biba/mac_biba.c#7 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test.c#10 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test_private.h#6 edit
Differences ...
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/security/mac/mac_vfs.c#8 (text+ko) ====
@@ -108,6 +108,8 @@
{
if (de&&de->de_dirent&&!strncmp(de->de_dirent->d_name,"mactest", 7))
de->de_label = mac_mactest_label_alloc();
+ else if (de&&de->de_dirent&&!strncmp(de->de_dirent->d_name,"null", 4))
+ de->de_label = mac_mactest_label_alloc();
else
de->de_label = mac_devfs_label_alloc();
}
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/security/mac_biba/mac_biba.c#7 (text+ko) ====
@@ -918,6 +918,7 @@
mb = SLOT(delabel);
if (strcmp(dev->si_name, "null") == 0 ||
strcmp(dev->si_name, "zero") == 0 ||
+ strcmp(dev->si_name, "mactest") == 0 ||
strcmp(dev->si_name, "random") == 0 ||
strncmp(dev->si_name, "fd/", strlen("fd/")) == 0)
biba_type = MAC_BIBA_TYPE_EQUAL;
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test.c#10 (text+ko) ====
@@ -1,8 +1,8 @@
/*-
- * Copyright (c) 2007 Zhouyi Zhou
* Copyright (c) 1999-2002, 2007 Robert N. M. Watson
* Copyright (c) 2001-2005 McAfee, Inc.
* Copyright (c) 2006 SPARTA, Inc.
+ * Copyright (c) 2007 Zhouyi Zhou
* All rights reserved.
*
* This software was developed by Robert Watson for the TrustedBSD Project.
@@ -113,12 +113,39 @@
SYSCTL_NODE(_security_mac_test, OID_AUTO, counter, CTLFLAG_RW, 0,
"TrustedBSD mac_test counters controls");
+#define LOG_DECL \
+ char *buffer; \
+ char *currentchar; \
+ char *element1; \
+ char *buffer1; \
+ int error; \
+ struct thread *td1 = curthread; \
+ volatile int badmem = 0; \
+ error = 0; \
+ buffer = malloc(1024, M_MAC_TEST_LOG, M_NOWAIT); \
+ if (!buffer) \
+ badmem = 1; \
+ element1 = buffer + 512; buffer1 = element1 + 256; \
+ /*element1 and buffer1 will not be used if badmem == 1*/ \
+ currentchar = buffer;
+
#define COUNTER_DECL(variable) \
static int counter_##variable; \
SYSCTL_INT(_security_mac_test_counter, OID_AUTO, variable, \
CTLFLAG_RD, &counter_##variable, 0, #variable)
-#define COUNTER_INC(variable) atomic_add_int(&counter_##variable, 1)
+#define COUNTER_INC(variable) do { \
+ atomic_add_int(&counter_##variable, 1); \
+ if (!badmem) { \
+ strcpy(currentchar, #variable); \
+ currentchar += strlen(currentchar); \
+ sprintf(currentchar, "#pid = %d\n", td1->td_proc->p_pid);\
+ mac_test_log_submit(buffer, strlen(buffer)); \
+ free(buffer, M_MAC_TEST_LOG); \
+ } \
+} while (0)
+
+#define COUNTER_INC1(variable) atomic_add_int(&counter_##variable, 1)
#ifdef KDB
#define DEBUGGER(func, string) kdb_enter((string))
@@ -131,9 +158,20 @@
KASSERT(SLOT(label) == magic || SLOT(label) == 0 || \
SLOT(label) == MAGIC_MACTESTLOG, \
("%s: bad %s label", __func__, #magic)); \
+ } \
+ if (!badmem) { \
+ strcpy(element1, elements); \
+ if (label != NULL) { \
+ MAC_EXTERNALIZE(cred, label, element1, buffer1, 256); \
+ } else \
+ strcpy(buffer1,"NULL"); \
+ sprintf(currentchar, "%s ", buffer1); \
+ currentchar += strlen(currentchar); \
} \
} while (0)
+
+
#define LABEL_DESTROY(label, magic) do { \
if (SLOT(label) == magic || SLOT(label) == 0 || \
SLOT(label) == MAGIC_MACTESTLOG ) { \
@@ -163,7 +201,8 @@
test_bpfdesc_check_receive(struct bpf_d *d, struct label *dlabel,
struct ifnet *ifp, struct label *ifplabel)
{
-
+
+ LOG_DECL
LABEL_CHECK(dlabel, MAGIC_BPF);
LABEL_CHECK(ifplabel, MAGIC_IFNET);
COUNTER_INC(bpfdesc_check_receive);
@@ -177,6 +216,7 @@
struct label *dlabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(dlabel, MAGIC_BPF);
COUNTER_INC(bpfdesc_create);
@@ -188,6 +228,7 @@
struct mbuf *m, struct label *mlabel)
{
+ LOG_DECL
LABEL_CHECK(dlabel, MAGIC_BPF);
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(bpfdesc_create_mbuf);
@@ -198,6 +239,7 @@
test_bpfdesc_destroy_label(struct label *label)
{
+ LOG_DECL
LABEL_DESTROY(label, MAGIC_BPF);
COUNTER_INC(bpfdesc_destroy_label);
}
@@ -207,6 +249,7 @@
test_bpfdesc_init_label(struct label *label)
{
+ LOG_DECL
LABEL_INIT(label, MAGIC_BPF);
COUNTER_INC(bpfdesc_init_label);
}
@@ -216,6 +259,7 @@
test_cred_check_relabel(struct ucred *cred, struct label *newlabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(newlabel, MAGIC_CRED);
COUNTER_INC(cred_check_relabel);
@@ -228,6 +272,7 @@
test_cred_check_visible(struct ucred *u1, struct ucred *u2)
{
+ LOG_DECL
LABEL_CHECK(u1->cr_label, MAGIC_CRED);
LABEL_CHECK(u2->cr_label, MAGIC_CRED);
COUNTER_INC(cred_check_visible);
@@ -240,6 +285,7 @@
test_cred_copy_label(struct label *src, struct label *dest)
{
+ LOG_DECL
LABEL_CHECK(src, MAGIC_CRED);
LABEL_CHECK(dest, MAGIC_CRED);
COUNTER_INC(cred_copy_label);
@@ -250,6 +296,7 @@
test_cred_destroy_label(struct label *label)
{
+ LOG_DECL
LABEL_DESTROY(label, MAGIC_CRED);
COUNTER_INC(cred_destroy_label);
}
@@ -260,8 +307,9 @@
struct sbuf *sb, int *claimed)
{
- LABEL_CHECK(label, MAGIC_CRED);
- COUNTER_INC(cred_externalize_label);
+// LOG_DECL
+// LABEL_CHECK(label, MAGIC_CRED);
+ COUNTER_INC1(cred_externalize_label);
return (0);
}
@@ -271,6 +319,7 @@
test_cred_init_label(struct label *label)
{
+ LOG_DECL
LABEL_INIT(label, MAGIC_CRED);
COUNTER_INC(cred_init_label);
}
@@ -281,6 +330,7 @@
char *element_data, int *claimed)
{
+ LOG_DECL
LABEL_CHECK(label, MAGIC_CRED);
COUNTER_INC(cred_internalize_label);
@@ -292,6 +342,7 @@
test_cred_relabel(struct ucred *cred, struct label *newlabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(newlabel, MAGIC_CRED);
COUNTER_INC(cred_relabel);
@@ -303,6 +354,7 @@
struct cdev *dev, struct devfs_dirent *de, struct label *delabel)
{
+ LOG_DECL
if (cred != NULL)
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(delabel, MAGIC_DEVFS);
@@ -315,6 +367,7 @@
int dirnamelen, struct devfs_dirent *de, struct label *delabel)
{
+ LOG_DECL
LABEL_CHECK(delabel, MAGIC_DEVFS);
COUNTER_INC(devfs_create_directory);
}
@@ -326,6 +379,7 @@
struct label *delabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(ddlabel, MAGIC_DEVFS);
LABEL_CHECK(delabel, MAGIC_DEVFS);
@@ -337,6 +391,7 @@
test_devfs_destroy_label(struct label *label)
{
+ LOG_DECL
LABEL_DESTROY(label, MAGIC_DEVFS);
COUNTER_INC(devfs_destroy_label);
}
@@ -346,6 +401,7 @@
test_devfs_init_label(struct label *label)
{
+ LOG_DECL
LABEL_INIT(label, MAGIC_DEVFS);
COUNTER_INC(devfs_init_label);
}
@@ -356,6 +412,7 @@
struct label *direntlabel, struct vnode *vp, struct label *vplabel)
{
+ LOG_DECL
LABEL_CHECK(direntlabel, MAGIC_DEVFS);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(devfs_update);
@@ -368,9 +425,12 @@
struct label *vplabel)
{
+ LOG_DECL
LABEL_CHECK(mplabel, MAGIC_MOUNT);
LABEL_CHECK(delabel, MAGIC_DEVFS);
LABEL_CHECK(vplabel, MAGIC_VNODE);
+ if (delabel != NULL && SLOT(delabel) == MAGIC_MACTESTLOG)
+ LABEL_INIT(vplabel, MAGIC_MACTESTLOG);
COUNTER_INC(devfs_vnode_associate);
}
@@ -380,6 +440,7 @@
struct label *ifplabel, struct label *newlabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(ifplabel, MAGIC_IFNET);
LABEL_CHECK(newlabel, MAGIC_IFNET);
@@ -394,6 +455,7 @@
struct mbuf *m, struct label *mlabel)
{
+ LOG_DECL
LABEL_CHECK(ifplabel, MAGIC_IFNET);
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(ifnet_check_transmit);
@@ -406,6 +468,7 @@
test_ifnet_copy_label(struct label *src, struct label *dest)
{
+ LOG_DECL
LABEL_CHECK(src, MAGIC_IFNET);
LABEL_CHECK(dest, MAGIC_IFNET);
COUNTER_INC(ifnet_copy_label);
@@ -416,6 +479,7 @@
test_ifnet_create(struct ifnet *ifp, struct label *ifplabel)
{
+ LOG_DECL
LABEL_CHECK(ifplabel, MAGIC_IFNET);
COUNTER_INC(ifnet_create);
}
@@ -426,6 +490,7 @@
struct mbuf *m, struct label *mlabel)
{
+ LOG_DECL
LABEL_CHECK(ifplabel, MAGIC_IFNET);
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(ifnet_create_mbuf);
@@ -436,6 +501,7 @@
test_ifnet_destroy_label(struct label *label)
{
+ LOG_DECL
LABEL_DESTROY(label, MAGIC_IFNET);
COUNTER_INC(ifnet_destroy_label);
}
@@ -446,6 +512,7 @@
struct sbuf *sb, int *claimed)
{
+ LOG_DECL
LABEL_CHECK(label, MAGIC_IFNET);
COUNTER_INC(ifnet_externalize_label);
@@ -457,6 +524,7 @@
test_ifnet_init_label(struct label *label)
{
+ LOG_DECL
LABEL_INIT(label, MAGIC_IFNET);
COUNTER_INC(ifnet_init_label);
}
@@ -467,6 +535,7 @@
char *element_data, int *claimed)
{
+ LOG_DECL
LABEL_CHECK(label, MAGIC_IFNET);
COUNTER_INC(ifnet_internalize_label);
@@ -479,6 +548,7 @@
struct label *ifplabel, struct label *newlabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(ifplabel, MAGIC_IFNET);
LABEL_CHECK(newlabel, MAGIC_IFNET);
@@ -491,6 +561,7 @@
struct mbuf *m, struct label *mlabel)
{
+ LOG_DECL
LABEL_CHECK(inplabel, MAGIC_INPCB);
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(inpcb_check_deliver);
@@ -504,6 +575,7 @@
struct inpcb *inp, struct label *inplabel)
{
+ LOG_DECL
LABEL_CHECK(solabel, MAGIC_SOCKET);
LABEL_CHECK(inplabel, MAGIC_INPCB);
COUNTER_INC(inpcb_create);
@@ -515,6 +587,7 @@
struct mbuf *m, struct label *mlabel)
{
+ LOG_DECL
LABEL_CHECK(inplabel, MAGIC_INPCB);
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(inpcb_create_mbuf);
@@ -525,6 +598,7 @@
test_inpcb_destroy_label(struct label *label)
{
+ LOG_DECL
LABEL_DESTROY(label, MAGIC_INPCB);
COUNTER_INC(inpcb_destroy_label);
}
@@ -534,6 +608,7 @@
test_inpcb_init_label(struct label *label, int flag)
{
+ LOG_DECL
if (flag & M_WAITOK)
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
"test_inpcb_init_label() at %s:%d", __FILE__,
@@ -550,6 +625,7 @@
struct inpcb *inp, struct label *inplabel)
{
+ LOG_DECL
LABEL_CHECK(solabel, MAGIC_SOCKET);
LABEL_CHECK(inplabel, MAGIC_INPCB);
COUNTER_INC(inpcb_sosetlabel);
@@ -561,6 +637,7 @@
struct ipq *ipq, struct label *ipqlabel)
{
+ LOG_DECL
LABEL_CHECK(fragmentlabel, MAGIC_MBUF);
LABEL_CHECK(ipqlabel, MAGIC_IPQ);
COUNTER_INC(ipq_create);
@@ -571,6 +648,7 @@
test_ipq_destroy_label(struct label *label)
{
+ LOG_DECL
LABEL_DESTROY(label, MAGIC_IPQ);
COUNTER_INC(ipq_destroy_label);
}
@@ -580,6 +658,7 @@
test_ipq_init_label(struct label *label, int flag)
{
+ LOG_DECL
if (flag & M_WAITOK)
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
"test_ipq_init_label() at %s:%d", __FILE__,
@@ -596,6 +675,7 @@
struct ipq *ipq, struct label *ipqlabel)
{
+ LOG_DECL
LABEL_CHECK(fragmentlabel, MAGIC_MBUF);
LABEL_CHECK(ipqlabel, MAGIC_IPQ);
COUNTER_INC(ipq_match);
@@ -609,6 +689,7 @@
struct label *mlabel)
{
+ LOG_DECL
LABEL_CHECK(ipqlabel, MAGIC_IPQ);
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(ipq_reassemble);
@@ -620,6 +701,7 @@
struct label *ipqlabel)
{
+ LOG_DECL
LABEL_CHECK(mlabel, MAGIC_MBUF);
LABEL_CHECK(ipqlabel, MAGIC_IPQ);
COUNTER_INC(ipq_update);
@@ -630,6 +712,7 @@
test_kenv_check_dump(struct ucred *cred)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(kenv_check_dump);
@@ -641,6 +724,7 @@
test_kenv_check_get(struct ucred *cred, char *name)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(kenv_check_get);
@@ -652,6 +736,7 @@
test_kenv_check_set(struct ucred *cred, char *name, char *value)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(kenv_check_set);
@@ -663,6 +748,7 @@
test_kenv_check_unset(struct ucred *cred, char *name)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(kenv_check_unset);
@@ -675,6 +761,7 @@
struct label *label)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
COUNTER_INC(kld_check_load);
@@ -687,6 +774,7 @@
test_kld_check_stat(struct ucred *cred)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(kld_check_stat);
@@ -698,6 +786,7 @@
test_mbuf_copy_label(struct label *src, struct label *dest)
{
+ LOG_DECL
LABEL_CHECK(src, MAGIC_MBUF);
LABEL_CHECK(dest, MAGIC_MBUF);
COUNTER_INC(mbuf_copy_label);
@@ -708,6 +797,7 @@
test_mbuf_destroy_label(struct label *label)
{
+ LOG_DECL
/*
* If we're loaded dynamically, there may be mbufs in flight that
* didn't have label storage allocated for them. Handle this
@@ -725,6 +815,7 @@
test_mbuf_init_label(struct label *label, int flag)
{
+ LOG_DECL
if (flag & M_WAITOK)
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
"test_mbuf_init_label() at %s:%d", __FILE__,
@@ -741,6 +832,7 @@
struct label *mplabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(mplabel, MAGIC_MOUNT);
COUNTER_INC(mount_check_stat);
@@ -754,6 +846,7 @@
struct label *mplabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(mplabel, MAGIC_MOUNT);
COUNTER_INC(mount_create);
@@ -764,6 +857,7 @@
test_mount_destroy_label(struct label *label)
{
+ LOG_DECL
LABEL_DESTROY(label, MAGIC_MOUNT);
COUNTER_INC(mount_destroy_label);
}
@@ -773,6 +867,7 @@
test_mount_init_label(struct label *label)
{
+ LOG_DECL
LABEL_INIT(label, MAGIC_MOUNT);
COUNTER_INC(mount_init_label);
}
@@ -783,6 +878,7 @@
struct mbuf *m, struct label *mlabel)
{
+ LOG_DECL
LABEL_CHECK(ifplabel, MAGIC_IFNET);
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(netatalk_aarp_send);
@@ -794,6 +890,7 @@
struct mbuf *m, struct label *mlabel)
{
+ LOG_DECL
LABEL_CHECK(ifplabel, MAGIC_IFNET);
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(netinet_arp_send);
@@ -805,6 +902,7 @@
struct mbuf *frag, struct label *fraglabel)
{
+ LOG_DECL
LABEL_CHECK(mlabel, MAGIC_MBUF);
LABEL_CHECK(fraglabel, MAGIC_MBUF);
COUNTER_INC(netinet_fragment);
@@ -816,6 +914,7 @@
struct mbuf *msend, struct label *msendlabel)
{
+ LOG_DECL
LABEL_CHECK(mrecvlabel, MAGIC_MBUF);
LABEL_CHECK(msendlabel, MAGIC_MBUF);
COUNTER_INC(netinet_icmp_reply);
@@ -826,6 +925,7 @@
test_netinet_icmp_replyinplace(struct mbuf *m, struct label *mlabel)
{
+ LOG_DECL
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(netinet_icmp_replyinplace);
}
@@ -836,6 +936,7 @@
struct mbuf *m, struct label *mlabel)
{
+ LOG_DECL
LABEL_CHECK(ifplabel, MAGIC_IFNET);
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(netinet_igmp_send);
@@ -846,6 +947,7 @@
test_netinet_tcp_reply(struct mbuf *m, struct label *mlabel)
{
+ LOG_DECL
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(netinet_tcp_reply);
}
@@ -856,6 +958,7 @@
struct mbuf *m, struct label *mlabel)
{
+ LOG_DECL
LABEL_CHECK(ifplabel, MAGIC_IFNET);
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(netinet6_nd6_send);
@@ -867,6 +970,7 @@
struct label *pplabel, unsigned long cmd, void /* caddr_t */ *data)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(pplabel, MAGIC_PIPE);
COUNTER_INC(pipe_check_ioctl);
@@ -880,6 +984,7 @@
struct label *pplabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(pplabel, MAGIC_PIPE);
COUNTER_INC(pipe_check_poll);
@@ -893,6 +998,7 @@
struct label *pplabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(pplabel, MAGIC_PIPE);
COUNTER_INC(pipe_check_read);
@@ -906,6 +1012,7 @@
struct label *pplabel, struct label *newlabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(pplabel, MAGIC_PIPE);
LABEL_CHECK(newlabel, MAGIC_PIPE);
@@ -920,6 +1027,7 @@
struct label *pplabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(pplabel, MAGIC_PIPE);
COUNTER_INC(pipe_check_stat);
@@ -933,6 +1041,7 @@
struct label *pplabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(pplabel, MAGIC_PIPE);
COUNTER_INC(pipe_check_write);
@@ -945,6 +1054,7 @@
test_pipe_copy_label(struct label *src, struct label *dest)
{
+ LOG_DECL
LABEL_CHECK(src, MAGIC_PIPE);
LABEL_CHECK(dest, MAGIC_PIPE);
COUNTER_INC(pipe_copy_label);
@@ -956,6 +1066,7 @@
struct label *pplabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(pplabel, MAGIC_PIPE);
COUNTER_INC(pipe_create);
@@ -966,6 +1077,7 @@
test_pipe_destroy_label(struct label *label)
{
+ LOG_DECL
LABEL_DESTROY(label, MAGIC_PIPE);
COUNTER_INC(pipe_destroy_label);
}
@@ -976,6 +1088,7 @@
struct sbuf *sb, int *claimed)
{
+ LOG_DECL
LABEL_CHECK(label, MAGIC_PIPE);
COUNTER_INC(pipe_externalize_label);
@@ -987,6 +1100,7 @@
test_pipe_init_label(struct label *label)
{
+ LOG_DECL
LABEL_INIT(label, MAGIC_PIPE);
COUNTER_INC(pipe_init_label);
}
@@ -997,6 +1111,7 @@
char *element_data, int *claimed)
{
+ LOG_DECL
LABEL_CHECK(label, MAGIC_PIPE);
COUNTER_INC(pipe_internalize_label);
@@ -1009,6 +1124,7 @@
struct label *pplabel, struct label *newlabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(pplabel, MAGIC_PIPE);
LABEL_CHECK(newlabel, MAGIC_PIPE);
@@ -1021,6 +1137,7 @@
struct label *kslabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(kslabel, MAGIC_POSIX_SEM);
COUNTER_INC(posixsem_check_destroy);
@@ -1034,6 +1151,7 @@
struct label *kslabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(kslabel, MAGIC_POSIX_SEM);
COUNTER_INC(posixsem_check_getvalue);
@@ -1047,6 +1165,7 @@
struct label *kslabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(kslabel, MAGIC_POSIX_SEM);
COUNTER_INC(posixsem_check_open);
@@ -1060,6 +1179,7 @@
struct label *kslabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(kslabel, MAGIC_POSIX_SEM);
COUNTER_INC(posixsem_check_post);
@@ -1073,6 +1193,7 @@
struct label *kslabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(kslabel, MAGIC_POSIX_SEM);
COUNTER_INC(posixsem_check_unlink);
@@ -1086,6 +1207,7 @@
struct label *kslabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(kslabel, MAGIC_POSIX_SEM);
COUNTER_INC(posixsem_check_wait);
@@ -1099,6 +1221,7 @@
struct label *kslabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(kslabel, MAGIC_POSIX_SEM);
COUNTER_INC(posixsem_create);
@@ -1109,6 +1232,7 @@
test_posixsem_destroy_label(struct label *label)
{
+ LOG_DECL
LABEL_DESTROY(label, MAGIC_POSIX_SEM);
COUNTER_INC(posixsem_destroy_label);
}
@@ -1118,6 +1242,7 @@
test_posixsem_init_label(struct label *label)
{
+ LOG_DECL
LABEL_INIT(label, MAGIC_POSIX_SEM);
COUNTER_INC(posixsem_init_label);
}
@@ -1127,6 +1252,7 @@
test_proc_check_debug(struct ucred *cred, struct proc *p)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_debug);
@@ -1139,6 +1265,7 @@
test_proc_check_sched(struct ucred *cred, struct proc *p)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_sched);
@@ -1151,6 +1278,7 @@
test_proc_check_signal(struct ucred *cred, struct proc *p, int signum)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_signal);
@@ -1163,6 +1291,7 @@
test_proc_check_setaudit(struct ucred *cred, struct auditinfo *ai)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_setaudit);
@@ -1175,6 +1304,7 @@
struct auditinfo_addr *aia)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_setaudit_addr);
@@ -1186,6 +1316,7 @@
test_proc_check_setauid(struct ucred *cred, uid_t auid)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_setauid);
@@ -1197,6 +1328,7 @@
test_proc_check_setegid(struct ucred *cred, gid_t egid)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_setegid);
@@ -1208,6 +1340,7 @@
test_proc_check_seteuid(struct ucred *cred, uid_t euid)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_euid);
@@ -1219,6 +1352,7 @@
test_proc_check_setregid(struct ucred *cred, gid_t rgid, gid_t egid)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_setregid);
@@ -1230,6 +1364,7 @@
test_proc_check_setreuid(struct ucred *cred, uid_t ruid, uid_t euid)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_setreuid);
@@ -1241,6 +1376,7 @@
test_proc_check_setgid(struct ucred *cred, gid_t gid)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_setgid);
@@ -1253,6 +1389,7 @@
gid_t *gidset)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_setgroups);
@@ -1265,6 +1402,7 @@
gid_t sgid)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_setresgid);
@@ -1277,6 +1415,7 @@
uid_t suid)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_setresuid);
@@ -1288,6 +1427,7 @@
test_proc_check_setuid(struct ucred *cred, uid_t uid)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_setuid);
@@ -1299,6 +1439,7 @@
test_proc_check_wait(struct ucred *cred, struct proc *p)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_check_wait);
@@ -1311,6 +1452,7 @@
test_proc_create_init(struct ucred *cred)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_create_init);
}
@@ -1320,6 +1462,7 @@
test_proc_create_swapper(struct ucred *cred)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
COUNTER_INC(proc_create_swapper);
}
@@ -1329,6 +1472,7 @@
test_proc_destroy_label(struct label *label)
{
+ LOG_DECL
LABEL_DESTROY(label, MAGIC_PROC);
COUNTER_INC(proc_destroy_label);
}
@@ -1338,6 +1482,7 @@
test_proc_init_label(struct label *label)
{
+ LOG_DECL
LABEL_INIT(label, MAGIC_PROC);
COUNTER_INC(proc_init_label);
}
@@ -1348,6 +1493,7 @@
struct label *solabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(solabel, MAGIC_SOCKET);
COUNTER_INC(socket_check_accept);
@@ -1361,6 +1507,7 @@
struct label *solabel, struct sockaddr *sa)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(solabel, MAGIC_SOCKET);
COUNTER_INC(socket_check_bind);
@@ -1374,6 +1521,7 @@
struct label *solabel, struct sockaddr *sa)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(solabel, MAGIC_SOCKET);
COUNTER_INC(socket_check_connect);
@@ -1387,6 +1535,7 @@
struct mbuf *m, struct label *mlabel)
{
+ LOG_DECL
LABEL_CHECK(solabel, MAGIC_SOCKET);
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(socket_check_deliver);
@@ -1400,6 +1549,7 @@
struct label *solabel)
{
+ LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(solabel, MAGIC_SOCKET);
>>> TRUNCATED FOR MAIL (1000 lines) <<<
More information about the p4-projects
mailing list