PERFORCE change 87600 for review

Todd Miller millert at FreeBSD.org
Thu Dec 1 20:49:15 GMT 2005 

http://perforce.freebsd.org/chv.cgi?CH=87600

Change 87600 by millert at millert_g4tower on 2005/12/01 20:48:47

	Remove mpo_create_root_mount, it is no longer needed.
	From DSEP.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/mac.h#4 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/mac_policy.h#10 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/security/mac_vfs.c#4 edit
.. //depot/projects/trustedbsd/sedarwin7/src/mac_count/module/mac_count.c#2 edit
.. //depot/projects/trustedbsd/sedarwin7/src/mac_mls/mac_mls.c#4 edit
.. //depot/projects/trustedbsd/sedarwin7/src/mac_stub/mac_stub.c#4 edit
.. //depot/projects/trustedbsd/sedarwin7/src/mactest/mac_test.c#4 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#21 edit
.. //depot/projects/trustedbsd/sedarwin7/src/stacktrace/module/mac_stacktrace.c#3 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/mac.h#4 (text+ko) ====

@@ -189,7 +189,6 @@
 int	mac_create_vnode_extattr(struct ucred *cred, struct mount *mp,
 	    struct vnode *dvp, struct vnode *vp, struct componentname *cnp);
 void	mac_create_mount(struct ucred *cred, struct mount *mp);
-void	mac_create_root_mount(struct ucred *cred, struct mount *mp);
 void	mac_relabel_vnode(struct ucred *cred, struct vnode *vp,
 	    struct label *newlabel);
 void	mac_update_devfsdirent(struct mount *mp, struct devnode *de,

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/bsd/sys/mac_policy.h#10 (text+ko) ====

@@ -1096,7 +1096,6 @@
   @param fslabel Label for the file system default
   @see mpo_init_mount_label_t
   @see mpo_init_mount_fs_label_t
-  @see mpo_create_root_mount_t
 
   Fill out the labels on the mount point being created by the supplied
   user credential.  This call is made when file systems are first mounted.
@@ -1109,29 +1108,6 @@
 );
 
 /**
-  @brief Create root mount labels
-  @param cred Subject credential
-  @param mp Mount point of file system being mounted
-  @param mntlabel Label to associate with the new mount point
-  @param fslabel Label for the file system default
-  @see mpo_init_mount_label_t
-  @see mpo_init_mount_fs_label_t
-  @see mpo_create_root_mount_t
-
-  Fill out the labels on the root mount point being created by the
-  supplied user credential. 
-
-  @warning XXX This entry point is no longer necessary and will be
-  removed in a future version of the framework.
-*/
-typedef void mpo_create_root_mount_t(
-	struct ucred *cred,
-	struct mount *mp,
-	struct label *mntlabel,
-	struct label *fslabel
-);
-
-/**
   @brief Update a vnode label
   @param cred Subject credential
   @param vp The vnode to relabel
@@ -3938,7 +3914,6 @@
 	mpo_create_devfs_symlink_t		*mpo_create_devfs_symlink;
 	mpo_create_vnode_extattr_t		*mpo_create_vnode_extattr;
 	mpo_create_mount_t			*mpo_create_mount;
-	mpo_create_root_mount_t			*mpo_create_root_mount;
 	mpo_relabel_vnode_t			*mpo_relabel_vnode;
 	mpo_setlabel_vnode_extattr_t		*mpo_setlabel_vnode_extattr;
 	mpo_update_devfsdirent_t		*mpo_update_devfsdirent;

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/security/mac_vfs.c#4 (text+ko) ====

@@ -980,14 +980,6 @@
 	    mp->mnt_fslabel);
 }
 
-void
-mac_create_root_mount(struct ucred *cred, struct mount *mp)
-{
-
-	MAC_PERFORM(create_root_mount, cred, mp, mp->mnt_mntlabel,
-	    mp->mnt_fslabel);
-}
-
 int
 mac_check_mount_stat(struct ucred *cred, struct mount *mount)
 {

==== //depot/projects/trustedbsd/sedarwin7/src/mac_count/module/mac_count.c#2 (text+ko) ====

@@ -947,14 +947,6 @@
 }
 
 static void
-count_create_root_mount(struct ucred *cred, struct mount *mp,
-    struct label *mountlabel, struct label *fslabel)
-{
-
-	COUNT(__func__);
-}
-
-static void
 count_create_socket(struct ucred *cred, struct socket *so,
     struct label *solabel)
 {
@@ -1301,7 +1293,6 @@
 	.mpo_create_posix_shm		= count_create_posix_shm,
 	.mpo_create_proc0		= count_create_proc0,
 	.mpo_create_proc1		= count_create_proc1,
-	.mpo_create_root_mount		= count_create_root_mount,
 	.mpo_create_socket		= count_create_socket,
 	.mpo_create_socket_from_socket	= count_create_socket_from_socket,
 	.mpo_create_sysv_sem		= count_create_sysv_sem,

==== //depot/projects/trustedbsd/sedarwin7/src/mac_mls/mac_mls.c#4 (text+ko) ====

@@ -1141,18 +1141,6 @@
 }
 
 static void
-mac_mls_create_root_mount(struct ucred *cred, struct mount *mp,
-    struct label *mntlabel, struct label *fslabel)
-{
-	struct mac_mls *mac_mls;
-
-	mac_mls = SLOT(fslabel);
-	mac_mls_set_effective(mac_mls, MAC_MLS_TYPE_LOW, 0, NULL);
-	mac_mls = SLOT(mntlabel);
-	mac_mls_set_effective(mac_mls, MAC_MLS_TYPE_LOW, 0, NULL);
-}
-
-static void
 mac_mls_create_task (struct task *parent, struct task *child, struct label *pl,
     struct label *chl, struct label *chpl)
 {
@@ -3442,7 +3430,6 @@
     .mpo_init_proc_label                = mac_mls_init_label,
     .mpo_create_proc0                   = mac_mls_create_proc0,
     .mpo_create_proc1                   = mac_mls_create_proc1,
-    .mpo_create_root_mount              = mac_mls_create_root_mount,
     .mpo_check_system_swapon            = mac_mls_check_system_swapon,
     .mpo_associate_vnode_devfs          = mac_mls_associate_vnode_devfs,
     .mpo_associate_vnode_extattr        = mac_mls_associate_vnode_extattr,

==== //depot/projects/trustedbsd/sedarwin7/src/mac_stub/mac_stub.c#4 (text+ko) ====

@@ -965,13 +965,6 @@
 }
 
 static void
-stub_create_root_mount(struct ucred *cred, struct mount *mp,
-    struct label *mountlabel, struct label *fslabel)
-{
-
-}
-
-static void
 stub_create_socket(struct ucred *cred, struct socket *so,
     struct label *solabel)
 {
@@ -1300,7 +1293,6 @@
 	.mpo_create_posix_shm		= stub_create_posix_shm,
 	.mpo_create_proc0		= stub_create_proc0,
 	.mpo_create_proc1		= stub_create_proc1,
-	.mpo_create_root_mount		= stub_create_root_mount,
 	.mpo_create_socket		= stub_create_socket,
 	.mpo_create_socket_from_socket	= stub_create_socket_from_socket,
 	.mpo_create_sysv_sem		= stub_create_sysv_sem,

==== //depot/projects/trustedbsd/sedarwin7/src/mactest/mac_test.c#4 (text+ko) ====

@@ -915,18 +915,6 @@
 }
 
 static void
-mac_test_create_root_mount(struct ucred *cred, struct mount *mp,
-    struct label *mntlabel, struct label *fslabel)
-{
-	CHECKNULL(cred, "cred", "mac_test_create_root_mount");
-	CHECKNULL(mp, "mp", "mac_test_create_root_mount");			
-
-	use_label(fslabel, MOUNTTYPE, "mac_test_create_root_mount (2)"); 
-	use_label(cred->cr_label, CREDTYPE, "mac_test_create_root_mount (1)");
-	init_label(mntlabel, MOUNTTYPE, "mac_test_create_root_mount");
-}
-
-static void
 mac_test_relabel_vnode(struct ucred *cred, struct vnode *vp,
     struct label *vnodelabel, struct label *label)
 {
@@ -2626,7 +2614,6 @@
 	.mpo_create_devfs_symlink	= mac_test_create_devfs_symlink,
 	.mpo_create_vnode_extattr	= mac_test_create_vnode_extattr,
 	.mpo_create_mount		= mac_test_create_mount,
-	.mpo_create_root_mount		= mac_test_create_root_mount,
 	.mpo_relabel_vnode		= mac_test_relabel_vnode,
 	.mpo_setlabel_vnode_extattr	= mac_test_setlabel_vnode_extattr,
 	.mpo_update_devfsdirent		= mac_test_update_devfsdirent,

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#21 (text+ko) ====

@@ -1047,37 +1047,6 @@
 #endif
 }
 
-/*
- * Initialize the SEBSD security server after the root partition has
- * been mounted; policy is located on root partition.
- */
-static void
-sebsd_create_root_mount(struct ucred *cred, struct mount *mp,
-    struct label *mntlabel, struct label *fslabel)
-{
-#if 0
-	struct vnode *vp, *nvp;
-
-	/*
-	 * Go through all open vnodes and reload their labels.
-	 */
-	mtx_lock(&mntvnode_mtx);
-	vp = TAILQ_FIRST(&mp->mnt_nvnodelist);
-	do {
-		nvp = TAILQ_NEXT(vp, v_nmntvnodes);
-		VI_LOCK(vp);
-		mtx_unlock(&mntvnode_mtx);
-		vn_lock(vp, LK_INTERLOCK | LK_EXCLUSIVE | LK_RETRY, curthread);
-		(void)sebsd_associate_vnode_extattr(mp, fslabel, vp,
-		    vp->v_label);
-		VOP_UNLOCK(vp, 0, curthread);
-		mtx_lock(&mntvnode_mtx);
-		vp = nvp;
-	} while (vp != NULL);
-	mtx_unlock(&mntvnode_mtx);
-#endif
-}
-
 static int
 sebsd_create_vnode_extattr(struct ucred *cred, struct mount *mp,
     struct label *fslabel, struct vnode *parent, struct label *parentlabel,

==== //depot/projects/trustedbsd/sedarwin7/src/stacktrace/module/mac_stacktrace.c#3 (text+ko) ====

@@ -147,7 +147,7 @@
 TRACE_DATA(create_devfs_symlink, 56, STACKTRACE_ON);
 TRACE_DATA(create_vnode_extattr, 57, STACKTRACE_ON);
 TRACE_DATA(create_mount, 58, STACKTRACE_ON);
-TRACE_DATA(create_root_mount, 59 , STACKTRACE_ON);
+TRACE_DATA(create_root_mount, 59, STACKTRACE_ON); // deprecated & removed
 TRACE_DATA(relabel_vnode, 60, STACKTRACE_ON);
 TRACE_DATA(setlabel_vnode_extattr, 61, STACKTRACE_ON);
 TRACE_DATA(update_devfsdirent, 62, STACKTRACE_ON);
@@ -1045,14 +1045,6 @@
 }
 
 static void
-stacktrace_create_root_mount(struct ucred *cred, struct mount *mp,
-    struct label *mntlabel, struct label *fslabel)
-{
-
-	trace(&create_root_mount_td);
-}
-
-static void
 stacktrace_relabel_vnode(struct ucred *cred, struct vnode *vp,
     struct label *vnodelabel, struct label *label)
 {
@@ -2056,7 +2048,6 @@
 	.mpo_create_devfs_symlink = stacktrace_create_devfs_symlink,
 	.mpo_create_vnode_extattr = stacktrace_create_vnode_extattr,
 	.mpo_create_mount = stacktrace_create_mount,
-	.mpo_create_root_mount = stacktrace_create_root_mount,
 	.mpo_relabel_vnode = stacktrace_relabel_vnode,
 	.mpo_setlabel_vnode_extattr = stacktrace_setlabel_vnode_extattr,
 	.mpo_update_devfsdirent = stacktrace_update_devfsdirent,
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list