PERFORCE change 103298 for review

Sat Aug 5 23:48:08 UTC 2006

http://perforce.freebsd.org/chv.cgi?CH=103298

Change 103298 by rwatson at rwatson_zoo on 2006/08/05 23:47:29

	Restyle/etc for FreeBSD:
	
	- General white space, line wrap, etc, cleanup.
	- Avoid assignments in local variable declaration.
	- mac_audit.c is only built on FreeBSD if AUDIT is compiled in, so
	  drop all the ifdefs for it.
	- Extend #if 0 section to cover policy submission of audit records,
	  we're not ready for that yet.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#2 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/security/mac/mac_audit.c#2 (text+ko) ====

@@ -1,4 +1,3 @@
-
 /*-
  * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
  * Copyright (c) 2001 Ilmar S. Habibulin
@@ -33,13 +32,14 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
+ * $FreeBSD$
  */
 
 #include <sys/param.h>
-#include <sys/types.h>  
-#include <sys/vnode.h>  
+#include <sys/types.h>
+#include <sys/vnode.h>
 #include <sys/vnode_internal.h>
-#include <sys/queue.h>  
+#include <sys/queue.h>
 #include <security/mac_internal.h>
 #include <bsd/bsm/audit.h>
 #include <bsd/bsm/audit_kernel.h>
@@ -47,8 +47,6 @@
 #include <vm/vm_kern.h>
 #include <kern/kalloc.h>
 
-#ifdef AUDIT
-
 int
 mac_check_system_audit(struct ucred *cred, void *record, int length)
 {
@@ -73,7 +71,9 @@
 mac_check_system_auditctl(struct ucred *cred, struct vnode *vp)
 {
 	int error;
-	struct label *vl = vp ? vp->v_label : NULL;
+	struct label *vl;
+
+	vl = (vp != NULL) ? vp->v_label : NULL;
 
 	MAC_CHECK(check_system_auditctl, cred, vp, vl);
 
@@ -100,8 +100,8 @@
 	return (error);
 }
 
-int 
-mac_check_proc_getaudit(struct ucred *cred) 
+int
+mac_check_proc_getaudit(struct ucred *cred)
 {
 	int error;
 
@@ -122,11 +122,9 @@
 
 #if 0
 /*
- * This is the framework entry point for MAC policies to use to add
- * arbitrary data to the current audit record.
- * (Currently not supported, as no existing audit viewers would 
- * display this format)
- * 
+ * This is the framework entry point for MAC policies to use to add arbitrary
+ * data to the current audit record.  (Currently not supported, as no
+ * existing audit viewers display this format)
  */
 int
 mac_audit_data(int len, u_char *data, struct mac_policy_conf *caller)
@@ -143,11 +141,10 @@
 	bcopy(data, sanitized, len);
 	return (audit_mac_data(MAC_AUDIT_DATA_TYPE, len, sanitized));
 }
-#endif
 
 /*
- * This is the entry point a MAC policy will call to add NULL-
- * terminated ASCII text to the current audit record.
+ * This is the entry point a MAC policy will call to add NULL-terminated
+ * ASCII text to the current audit record.
  */
 int
 mac_audit_text(char *text, struct mac_policy_conf *caller)
@@ -189,16 +186,16 @@
 	ret = MAC_AUDIT_DEFAULT;
 	LIST_FOREACH(mpc, &mac_static_policy_list, mpc_list) {
 		if (mpc->mpc_ops->mpo_audit_preselect != NULL) {
-			error = mpc->mpc_ops->mpo_audit_preselect(cred, syscode,
-				args);
+			error = mpc->mpc_ops->mpo_audit_preselect(cred,
+			    syscode, args);
 			ret = (ret > error ? ret : error);
 		}
 	}
 	if ((entrycount = mac_policy_list_conditional_busy()) != 0) {
 		LIST_FOREACH(mpc, &mac_policy_list, mpc_list) {
 			if (mpc->mpc_ops->mpo_audit_preselect != NULL) {
-				error = mpc->mpc_ops->mpo_audit_preselect(cred, syscode,
-					args);
+				error = mpc->mpc_ops->mpo_audit_preselect(
+				    cred, syscode, args);
 				ret = (ret > error ? ret : error);
 			}
 		}
@@ -225,16 +222,16 @@
 	ret = MAC_AUDIT_DEFAULT;
 	LIST_FOREACH(mpc, &mac_static_policy_list, mpc_list) {
 		if (mpc->mpc_ops->mpo_audit_postselect != NULL) {
-			mac_error = mpc->mpc_ops->mpo_audit_postselect(cred, syscode,
-				args, error, retval);
+			mac_error = mpc->mpc_ops->mpo_audit_postselect(cred,
+			    syscode, args, error, retval);
 			ret = (ret > mac_error ? ret : mac_error);
 		}
 	}
 	if ((entrycount = mac_policy_list_conditional_busy()) != 0) {
 		LIST_FOREACH(mpc, &mac_policy_list, mpc_list) {
 			if (mpc->mpc_ops->mpo_audit_postselect != NULL) {
-				mac_error = mpc->mpc_ops->mpo_audit_postselect(cred, syscode,
-					args, error, retval);
+				mac_error = mpc->mpc_ops->mpo_audit_postselect(
+				    cred, syscode, args, error, retval);
 				ret = (ret > mac_error ? ret : mac_error);
 			}
 		}
@@ -243,82 +240,4 @@
 
 	return (ret);
 }
-
-#else	/* AUDIT */
-
-/*
- * Function stubs for when AUDIT isn't defined.
- */
-
-int
-mac_check_system_audit(struct ucred *cred, void *record, int length)
-{
-
-	return (0);
-}
-
-int
-mac_check_system_auditon(struct ucred *cred, int cmd)
-{
-
-	return (0);
-}
-
-int
-mac_check_system_auditctl(struct ucred *cred, struct vnode *vp)
-{
-
-	return (0);
-}
-
-int
-mac_check_proc_getauid(struct ucred *cred)
-{
-
-	return (0);
-}
-
-int
-mac_check_proc_setauid(struct ucred *cred, uid_t auid)
-{
-
-	return (0);
-}
-
-int
-mac_check_proc_getaudit(struct ucred *cred)
-{
-
-	return (0);
-}
-
-int
-mac_check_proc_setaudit(struct ucred *cred, struct auditinfo *ai)
-{
-
-	return (0);
-}
-
-int
-mac_audit_preselect(struct ucred *cred, unsigned short syscode,
-    void *args)
-{
-
-	return (MAC_AUDIT_DEFAULT);
-}
-
-int
-mac_audit_postselect(struct ucred *cred, unsigned short syscode,
-    void *args, int error, int retval, int mac_forced)
-{
-
-	return (MAC_AUDIT_DEFAULT);
-}
-
-int
-mac_audit(int len, u_char *data)
-{
-
-	return (0);
-}
-#endif	/* !AUDIT */
+#endif
