PERFORCE change 18475 for review

Robert Watson rwatson at freebsd.org
Tue Oct 1 17:15:21 GMT 2002 

http://people.freebsd.org/~peter/p4db/chv.cgi?CH=18475

Change 18475 by rwatson at rwatson_curry on 2002/10/01 10:15:12

	
	(1) Attempt to fix logic regarding MAC label allocation for mbufs
	    in the M_NOWAIT case by properly composing the various returns
	    from label initializers and backing out the allocation if
	    any of them fail.  Note that policies must accept getting
	    uninitialized label entries in the label destruction calls
	    for objects that may have failed during allocation since we
	    invoke destruction for all of the policies even if some of
	    them succeeded and some failed.
	
	(2) Modify initializers for sockets to support an argument flag
	    also, since soalloc() also accepts the M_NOWAIT/M_WAITOK
	    flag semantics.
	
	This should clear up witness warnings regarding potential
	sleeping during loopback TCP involving the SYN cache.  It's not
	as well tested as I'd like, so some caution should be applied.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#287 edit
.. //depot/projects/trustedbsd/mac/sys/kern/uipc_socket.c#37 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#121 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#101 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#77 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#81 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#48 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#167 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#128 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#287 (text+ko) ====

@@ -217,6 +217,8 @@
 static int	mac_policy_register(struct mac_policy_conf *mpc);
 static int	mac_policy_unregister(struct mac_policy_conf *mpc);
 
+static void	mac_destroy_socket_label(struct label *label);
+
 static int	mac_stdcreatevnode_ea(struct vnode *vp);
 static void	mac_check_vnode_mmap_downgrade(struct ucred *cred,
 		    struct vnode *vp, int *prot);
@@ -1149,15 +1151,23 @@
 int
 mac_init_mbuf(struct mbuf *m, int how)
 {
+	int error;
+
 	KASSERT(m->m_flags & M_PKTHDR, ("mac_init_mbuf on non-header mbuf"));
 
-	/* XXX: allocation failure code? */
 	mac_init_label(&m->m_pkthdr.label);
-	MAC_PERFORM(init_mbuf_label, how, &m->m_pkthdr.label);
+
+	MAC_CHECK(init_mbuf_label, how, &m->m_pkthdr.label);
+	if (error) {
+		MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label);
+		mac_destroy_label(&m->m_pkthdr.label);
+	}
+
 #ifdef MAC_DEBUG
-	atomic_add_int(&nmacmbufs, 1);
+	if (error == 0)
+		atomic_add_int(&nmacmbufs, 1);
 #endif
-	return (0);
+	return (error);
 }
 
 void
@@ -1264,31 +1274,57 @@
 #endif
 }
 
-static void
-mac_init_socket_label(struct label *label)
+static int
+mac_init_socket_label(struct label *label, int flag)
 {
+	int error;
 
 	mac_init_label(label);
-	MAC_PERFORM(init_socket_label, label);
+
+	MAC_CHECK(init_socket_label, label, flag);
+	if (error) {
+		MAC_PERFORM(destroy_socket_label, label);
+		mac_destroy_label(label);
+	}
+
 #ifdef MAC_DEBUG
-	atomic_subtract_int(&nmacsockets, 1);
+	if (error == 0)
+		atomic_add_int(&nmacsockets, 1);
 #endif
+
+	return (error);
 }
 
-static void
-mac_init_socket_peer_label(struct label *label)
+static int
+mac_init_socket_peer_label(struct label *label, int flag)
 {
+	int error;
 
 	mac_init_label(label);
-	MAC_PERFORM(init_socket_peer_label, label);
+
+	MAC_CHECK(init_socket_peer_label, label, flag);
+	if (error) {
+		MAC_PERFORM(destroy_socket_label, label);
+		mac_destroy_label(label);
+	}
+
+	return (error);
 }
 
-void
-mac_init_socket(struct socket *socket)
+int
+mac_init_socket(struct socket *socket, int flag)
 {
+	int error;
 
-	mac_init_socket_label(&socket->so_label);
-	mac_init_socket_peer_label(&socket->so_peerlabel);
+	error = mac_init_socket_label(&socket->so_label, flag);
+	if (error)
+		return (error);
+
+	error = mac_init_socket_peer_label(&socket->so_peerlabel, flag);
+	if (error)
+		mac_destroy_socket_label(&socket->so_label);
+
+	return (error);
 }
 
 static void
@@ -3449,7 +3485,7 @@
 	if (error)
 		return (error);
 
-	mac_init_socket_label(&intlabel);
+	mac_init_socket_label(&intlabel, M_WAITOK);
 	error = mac_internalize_socket_label(&intlabel, extmac,
 	    element_array);
 	mac_free_element_array(element_array);

==== //depot/projects/trustedbsd/mac/sys/kern/uipc_socket.c#37 (text+ko) ====

@@ -131,7 +131,7 @@
 	int waitok;
 {
 	struct socket *so;
-	int flag;
+	int error, flag;
 
 	if (waitok == 1)
 		flag = M_WAITOK;
@@ -140,14 +140,19 @@
 	flag |= M_ZERO;
 	so = uma_zalloc(socket_zone, flag);
 	if (so) {
+#ifdef MAC
+		error = mac_init_socket(so, flag);
+		if (error != 0) {
+			uma_zfree(socket_zone, so);
+			so = NULL;
+			return so;
+		}
+#endif
 		/* XXX race condition for reentrant kernel */
 		so->so_gencnt = ++so_gencnt;
 		/* sx_init(&so->so_sxlock, "socket sxlock"); */
 		TAILQ_INIT(&so->so_aiojobq);
 		++numopensockets;
-#ifdef MAC
-		mac_init_socket(so);
-#endif
 	}
 	return so;
 }

==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#121 (text+ko) ====

@@ -2385,9 +2385,9 @@
 	{ MAC_INIT_PIPE_LABEL,
 	    (macop_t)mac_biba_init_label },
 	{ MAC_INIT_SOCKET_LABEL,
-	    (macop_t)mac_biba_init_label },
+	    (macop_t)mac_biba_init_label_waitcheck },
 	{ MAC_INIT_SOCKET_PEER_LABEL,
-	    (macop_t)mac_biba_init_label },
+	    (macop_t)mac_biba_init_label_waitcheck },
 	{ MAC_INIT_VNODE_LABEL,
 	    (macop_t)mac_biba_init_label },
 	{ MAC_DESTROY_BPFDESC_LABEL,

==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#101 (text+ko) ====

@@ -2347,9 +2347,9 @@
 	{ MAC_INIT_PIPE_LABEL,
 	    (macop_t)mac_mls_init_label },
 	{ MAC_INIT_SOCKET_LABEL,
-	    (macop_t)mac_mls_init_label },
+	    (macop_t)mac_mls_init_label_waitcheck },
 	{ MAC_INIT_SOCKET_PEER_LABEL,
-	    (macop_t)mac_mls_init_label },
+	    (macop_t)mac_mls_init_label_waitcheck },
 	{ MAC_INIT_VNODE_LABEL,
 	    (macop_t)mac_mls_init_label },
 	{ MAC_DESTROY_BPFDESC_LABEL,

==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#77 (text+ko) ====

@@ -889,9 +889,9 @@
 	{ MAC_INIT_PIPE_LABEL,
 	    (macop_t)mac_none_init_label },
 	{ MAC_INIT_SOCKET_LABEL,
-	    (macop_t)mac_none_init_label },
+	    (macop_t)mac_none_init_label_waitcheck },
 	{ MAC_INIT_SOCKET_PEER_LABEL,
-	    (macop_t)mac_none_init_label },
+	    (macop_t)mac_none_init_label_waitcheck },
 	{ MAC_INIT_VNODE_LABEL,
 	    (macop_t)mac_none_init_label },
 	{ MAC_DESTROY_BPFDESC_LABEL,

==== //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#81 (text+ko) ====

@@ -1663,9 +1663,9 @@
 	{ MAC_INIT_PIPE_LABEL,
 	    (macop_t)mac_te_init_label },
 	{ MAC_INIT_SOCKET_LABEL,
-	    (macop_t)mac_te_init_label },
+	    (macop_t)mac_te_init_label_waitcheck },
 	{ MAC_INIT_SOCKET_PEER_LABEL,
-	    (macop_t)mac_te_init_label },
+	    (macop_t)mac_te_init_label_waitcheck },
 	{ MAC_INIT_VNODE_LABEL,
 	    (macop_t)mac_te_init_label },
 	{ MAC_DESTROY_BPFDESC_LABEL,

==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#48 (text+ko) ====

@@ -273,20 +273,22 @@
 	atomic_add_int(&init_count_mount_fslabel, 1);
 }
 
-static void
-mac_test_init_socket_label(struct label *label)
+static int
+mac_test_init_socket_label(struct label *label, int flag)
 {
 
 	SLOT(label) = SOCKETMAGIC;
 	atomic_add_int(&init_count_socket, 1);
+	return (0);
 }
 
-static void
-mac_test_init_socket_peer_label(struct label *label)
+static int
+mac_test_init_socket_peer_label(struct label *label, int flag)
 {
 
 	SLOT(label) = SOCKETMAGIC;
 	atomic_add_int(&init_count_socket_peerlabel, 1);
+	return (0);
 }
 
 static void

==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#167 (text+ko) ====

@@ -233,7 +233,7 @@
 void	mac_init_devfsdirent(struct devfs_dirent *);
 void	mac_init_ifnet(struct ifnet *);
 void	mac_init_ipq(struct ipq *);
-void	mac_init_socket(struct socket *);
+int	mac_init_socket(struct socket *, int flag);
 void	mac_init_pipe(struct pipe *);
 int	mac_init_mbuf(struct mbuf *m, int how);
 void	mac_init_mount(struct mount *);

==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#128 (text+ko) ====

@@ -80,8 +80,9 @@
 	int	(*mpo_init_mbuf_label)(int how, struct label *label);
 	void	(*mpo_init_mount_label)(struct label *mntlabel);
 	void	(*mpo_init_mount_fs_label)(struct label *fslabel);
-	void	(*mpo_init_socket_label)(struct label *label);
-	void	(*mpo_init_socket_peer_label)(struct label *peerlabel);
+	int	(*mpo_init_socket_label)(struct label *label, int flag);
+	int	(*mpo_init_socket_peer_label)(struct label *peerlabel,
+		    int flag);;
 	void	(*mpo_init_pipe_label)(struct label *label);
 	void	(*mpo_init_proc)(struct proc *p, struct label *label);
 	void	(*mpo_init_vnode_label)(struct label *label);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list