PERFORCE change 86624 for review
Todd Miller
millert at FreeBSD.org
Thu Nov 10 22:35:16 GMT 2005
http://perforce.freebsd.org/chv.cgi?CH=86624
Change 86624 by millert at millert_ibook on 2005/11/10 22:34:15
Remove some #if 0'd cruft for better readability
Affected files ...
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#19 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#19 (text+ko) ====
@@ -528,17 +528,7 @@
SLOT(label) = NULL;
}
-#if 0
static void
-sebsd_destroy_label(struct label *label)
-{
-
- free(SLOT(label), M_SEBSD);
- SLOT(label) = NULL;
-}
-#endif
-
-static void
sebsd_destroy_sysv_label(struct label *label)
{
@@ -2743,232 +2733,6 @@
#if 0
-static struct mac_policy_ops sebsd_ops_o = {
- /* Init Labels */
- .mpo_init_bpfdesc_label = sebsd_init_network_label,
- .mpo_init_cred_label = sebsd_init_cred_label,
-#if 0
- .mpo_init_devfsdirent_label = sebsd_init_vnode_label,
- .mpo_init_file_label = sebsd_init_file_label,
-#endif
- .mpo_init_ifnet_label = sebsd_init_network_label,
- .mpo_init_ipq_label = sebsd_init_network_label_waitcheck,
- .mpo_init_mbuf_label = sebsd_init_network_label_waitcheck,
-#ifdef HAS_PIPES
- .mpo_init_pipe_label = sebsd_init_vnode_label,
-#endif
- .mpo_init_socket_label = sebsd_init_network_label_waitcheck,
- .mpo_init_socket_peer_label = sebsd_init_network_label_waitcheck,
- .mpo_init_vnode_label = sebsd_init_vnode_label,
-
- /* Destroy Labels */
- .mpo_destroy = sebsd_destroy,
- .mpo_destroy_bpfdesc_label = sebsd_destroy_label,
- .mpo_destroy_cred_label = sebsd_destroy_label,
-#ifdef HAS_DEVFS_DIRENT
- .mpo_destroy_devfsdirent_label = sebsd_destroy_label,
-#endif
- .mpo_destroy_ifnet_label = sebsd_destroy_label,
- .mpo_destroy_ipq_label = sebsd_destroy_label,
- .mpo_destroy_mbuf_label = sebsd_destroy_label,
-#if 0
- .mpo_destroy_file_label = sebsd_destroy_label,
-#endif
-#ifdef HAS_PIPES
- .mpo_destroy_pipe_label = sebsd_destroy_label,
-#endif
- .mpo_destroy_socket_label = sebsd_destroy_label,
- .mpo_destroy_socket_peer_label = sebsd_destroy_label,
- .mpo_destroy_vnode_label = sebsd_destroy_label,
-
- /* Copy labels */
-#ifdef HAS_PIPES
- .mpo_copy_pipe_label = sebsd_copy_vnode_label,
-#endif
- .mpo_copy_vnode_label = sebsd_copy_vnode_label,
-#if 0
- .mpo_copy_mount_label = sebsd_copy_mount_label,
-#endif
-
-#if 0
- /* In/Out */
- .mpo_externalize_cred_label = sebsd_externalize_cred_label,
- .mpo_externalize_cred_audit_label = sebsd_externalize_cred_label,
- .mpo_externalize_ifnet_label = sebsd_externalize_network_label,
-#ifdef HAS_PIPES
- .mpo_externalize_pipe_label = sebsd_externalize_vnode_label,
-#endif
- .mpo_externalize_socket_label = sebsd_externalize_network_label,
- .mpo_externalize_socket_peer_label = sebsd_externalize_network_label,
- .mpo_externalize_vnode_label = sebsd_externalize_vnode_label,
- .mpo_externalize_vnode_audit_label = sebsd_externalize_vnode_label,
- .mpo_externalize_mount_label = sebsd_externalize_mount_label,
- .mpo_internalize_cred_label = sebsd_internalize_cred_label,
- .mpo_internalize_ifnet_label = sebsd_internalize_network_label,
-#ifdef HAS_PIPES
- .mpo_internalize_pipe_label = sebsd_internalize_vnode_label,
-#endif
- .mpo_internalize_socket_label = sebsd_internalize_network_label,
- .mpo_internalize_vnode_label = sebsd_internalize_vnode_label,
- .mpo_internalize_mount_label = sebsd_internalize_mount_label,
-#endif
-
-#ifdef notdef
- void (*mpo_create_mbuf_from_socket)(struct socket *so,
- struct label *socketlabel, struct mbuf *m,
- struct label *mbuflabel);
- void (*mpo_create_socket)(struct ucred *cred, struct socket *so,
- struct label *socketlabel);
- void (*mpo_create_socket_from_socket)(struct socket *oldsocket,
- struct label *oldsocketlabel, struct socket *newsocket,
- struct label *newsocketlabel);
- void (*mpo_relabel_socket)(struct ucred *cred, struct socket *so,
- struct label *oldlabel, struct label *newlabel);
- void (*mpo_set_socket_peer_from_mbuf)(struct mbuf *mbuf,
- struct label *mbuflabel, struct socket *so,
- struct label *socketpeerlabel);
- void (*mpo_set_socket_peer_from_socket)(struct socket *oldsocket,
- struct label *oldsocketlabel, struct socket *newsocket,
- struct label *newsocketpeerlabel);
-#endif
-
- /* Create Labels */
- .mpo_create_cred = sebsd_create_cred,
-
-#ifdef HAS_DEVFS_DIRENT
- .mpo_create_devfs_device = sebsd_create_devfs_device,
- .mpo_create_devfs_directory = sebsd_create_devfs_directory,
- .mpo_create_devfs_symlink = sebsd_create_devfs_symlink,
-#endif
-#if 0
- .mpo_create_file = sebsd_create_file,
-#endif
- /* .mpo_create_mbuf_from_socket = sebsd_create_mbuf_from_socket, */
-#ifdef HAS_PIPES
- .mpo_create_pipe = sebsd_create_pipe,
-#endif
- .mpo_create_proc0 = sebsd_create_proc0,
- .mpo_create_proc1 = sebsd_create_proc1,
- .mpo_create_root_mount = sebsd_create_root_mount,
- /* .mpo_create_socket = sebsd_create_socket, */
- /* .mpo_create_socket_from_socket = sebsd_create_socket_from_socket, */
-#ifdef HAS_DEVFS_DIRENT
- .mpo_associate_vnode_devfs = sebsd_associate_vnode_devfs,
-#endif
- .mpo_associate_vnode_singlelabel = sebsd_associate_vnode_singlelabel,
-#ifdef HAS_EXTATTRS
- .mpo_associate_vnode_extattr = sebsd_associate_vnode_extattr,
-#endif
-
- /* Check Labels */
-#ifdef CAPABILITIES
- .mpo_check_cap = sebsd_check_cap,
-#endif
- .mpo_check_cred_relabel = sebsd_check_cred_relabel,
-#if 0
- .mpo_check_file_create = sebsd_check_file_create,
-
- /*
- .mpo_check_file_dup
- .mpo_check_file_inherit
- .mpo_check_file_ioctl
- .mpo_check_file_receive
- */
-
- .mpo_check_file_get_flags = sebsd_check_file_get_flags,
- .mpo_check_file_get_ofileflags = sebsd_check_file_get_ofileflags,
- .mpo_check_file_get_offset = sebsd_check_file_get_offset,
- .mpo_check_file_change_flags = sebsd_check_file_change_flags,
- .mpo_check_file_change_ofileflags = sebsd_check_file_change_ofileflags,
- .mpo_check_file_change_offset = sebsd_check_file_change_offset,
- .mpo_check_mount = sebsd_check_mount,
- .mpo_check_umount = sebsd_check_umount,
- .mpo_check_remount = sebsd_check_remount,
- .mpo_check_mount_stat = sebsd_check_mount_stat,
-#endif
-
-#ifdef HAS_PIPES
- .mpo_check_pipe_ioctl = sebsd_check_pipe_ioctl,
- .mpo_check_pipe_poll = sebsd_check_pipe_poll,
- .mpo_check_pipe_read = sebsd_check_pipe_read,
- .mpo_check_pipe_relabel = sebsd_check_pipe_relabel,
- .mpo_check_pipe_stat = sebsd_check_pipe_stat,
- .mpo_check_pipe_write = sebsd_check_pipe_write,
-#endif
-
- .mpo_check_proc_debug = sebsd_check_proc_debug,
- .mpo_check_proc_sched = sebsd_check_proc_sched,
- .mpo_check_proc_signal = sebsd_check_proc_signal,
- .mpo_check_system_nfsd = sebsd_check_system_nfsd,
- .mpo_check_system_swapon = sebsd_check_system_swapon,
- .mpo_check_system_swapoff = sebsd_check_system_swapoff,
- .mpo_check_system_sysctl = sebsd_check_system_sysctl,
- .mpo_check_vnode_access = sebsd_check_vnode_access,
- .mpo_check_vnode_chdir = sebsd_check_vnode_chdir,
- .mpo_check_vnode_chroot = sebsd_check_vnode_chroot,
- .mpo_check_vnode_create = sebsd_check_vnode_create,
- .mpo_check_vnode_delete = sebsd_check_vnode_delete,
-#ifdef HAS_ACLS
- .mpo_check_vnode_deleteacl = sebsd_check_vnode_deleteacl,
-#endif
-#ifdef HAS_IMAGE_PARAMS
- .mpo_check_vnode_exec = sebsd_check_vnode_exec,
-#endif
-#ifdef HAS_ACLS
- .mpo_check_vnode_getacl = sebsd_check_vnode_getacl,
-#endif
-#ifdef EXTATTR
- .mpo_check_vnode_getextattr = sebsd_check_vnode_getextattr,
- .mpo_check_vnode_listextattr = NOT_IMPLEMENTED,
- .mpo_check_vnode_deleteextattr = NOT_IMPLEMENTED,
-#endif
- .mpo_check_vnode_link = sebsd_check_vnode_link,
- .mpo_check_vnode_lookup = sebsd_check_vnode_lookup,
- .mpo_check_vnode_mmap = sebsd_check_vnode_mmap,
- .mpo_check_vnode_mprotect = sebsd_check_vnode_mmap,
- .mpo_check_vnode_open = sebsd_check_vnode_open,
- .mpo_check_vnode_poll = sebsd_check_vnode_poll,
- .mpo_check_vnode_read = sebsd_check_vnode_read,
- .mpo_check_vnode_readdir = sebsd_check_vnode_readdir,
- .mpo_check_vnode_readlink = sebsd_check_vnode_readlink,
- .mpo_check_vnode_relabel = sebsd_check_vnode_relabel,
- .mpo_check_vnode_rename_from = sebsd_check_vnode_rename_from,
- .mpo_check_vnode_rename_to = sebsd_check_vnode_rename_to,
- .mpo_check_vnode_revoke = sebsd_check_vnode_revoke,
-#ifdef HAS_ACLS
- .mpo_check_vnode_setacl = sebsd_check_vnode_setacl,
-#endif
-#ifdef HAS_EXTATTRS
- .mpo_check_vnode_setextattr = sebsd_check_vnode_setextattr,
-#endif
- .mpo_check_vnode_setflags = sebsd_check_vnode_setflags,
- .mpo_check_vnode_setmode = sebsd_check_vnode_setmode,
- .mpo_check_vnode_setowner = sebsd_check_vnode_setowner,
- .mpo_check_vnode_setutimes = sebsd_check_vnode_setutimes,
- .mpo_check_vnode_stat = sebsd_check_vnode_stat,
- .mpo_check_vnode_write = sebsd_check_vnode_write,
-
- /* Misc */
-#ifdef HAS_IMAGE_PARAMS
- .mpo_execve_transition = sebsd_execve_transition,
- .mpo_execve_will_transition = sebsd_execve_will_transition,
-#endif
- .mpo_relabel_cred = sebsd_relabel_cred,
-#ifdef HAS_PIPES
- .mpo_relabel_pipe = sebsd_relabel_pipe,
-#endif
- /* .mpo_relabel_socket = sebsd_relabel_socket, */
- .mpo_relabel_vnode = sebsd_relabel_vnode,
- /*.mpo_set_socket_peer_from_mbuf = sebsd_set_socket_peer_from_mbuf,*/
- /*.mpo_set_socket_peer_from_socket = sebsd_set_socket_peer_from_socket,*/
-
-#if 0
- .mpo_syscall = sebsd_syscall,
-#endif
-};
-#endif
-
-#if 0
MAC_POLICY_SET(&sebsd_ops, sebsd, "NSA/NAI Labs Security Enhanced BSD",
MPC_LOADTIME_FLAG_NOTLATE, &slot);
#endif
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list