PERFORCE change 104271 for review
Todd Miller
millert at FreeBSD.org
Wed Aug 16 18:42:30 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=104271
Change 104271 by millert at millert_macbook on 2006/08/16 18:41:28
Just treat the return value of mac_check_service_access() as 0
or non-zero instead of trying to interpret BSD errno values
(which are not visible here).
Affected files ...
.. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/security.c#2 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/security.c#2 (text+ko) ====
@@ -124,15 +124,7 @@
mac_destroy_task_label(&subjl);
mac_destroy_task_label(&objl);
- switch (rc) {
- case 0:
- return KERN_SUCCESS;
- case 22:
- /* EINVAL */
- return KERN_INVALID_ARGUMENT;
- default:
- return KERN_NO_ACCESS;
- }
+ return rc ? KERN_NO_ACCESS : KERN_SUCCESS;
}
kern_return_t
@@ -191,15 +183,7 @@
io_unlock (objp);
mac_destroy_task_label(&subjl);
- switch (rc) {
- case 0:
- return KERN_SUCCESS;
- case 22:
- /* EINVAL */
- return KERN_INVALID_ARGUMENT;
- default:
- return KERN_NO_ACCESS;
- }
+ return rc ? KERN_NO_ACCESS : KERN_SUCCESS;
}
kern_return_t
@@ -248,15 +232,7 @@
io_unlock(objp);
ipc_port_multiple_unlock();
- switch (rc) {
- case 0:
- return KERN_SUCCESS;
- case 22:
- /* EINVAL */
- return KERN_INVALID_ARGUMENT;
- default:
- return KERN_NO_ACCESS;
- }
+ return rc ? KERN_NO_ACCESS : KERN_SUCCESS;
errout:
io_unlocklabel(subp);
@@ -314,19 +290,7 @@
io_unlock(objp);
ipc_port_multiple_unlock();
- switch (rc) {
- case 0:
- kr = labelh_new_user(space, &outl, outlabel);
- break;
- case 22:
- /* EINVAL */
- kr = KERN_INVALID_ARGUMENT;
- break;
- default:
- kr = KERN_NO_ACCESS;
- break;
- }
-
+ kr = rc ? KERN_NO_ACCESS : KERN_SUCCESS;
if (kr != KERN_SUCCESS)
mac_destroy_port_label(&outl);
More information about the trustedbsd-cvs
mailing list