PERFORCE change 91692 for review

Todd Miller millert at FreeBSD.org
Mon Feb 13 13:15:52 PST 2006


http://perforce.freebsd.org/chv.cgi?CH=91692

Change 91692 by millert at millert_ibook on 2006/02/13 21:15:23

	Add mac_check_port_receive() receive entry points.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/ipc/ipc_mqueue.c#4 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/ipc/ipc_mqueue.c#4 (text+ko) ====

@@ -655,9 +655,15 @@
 	ipc_kmsg_t		*kmsgp;
 	mach_port_seqno_t	*seqnop;
 	spl_t s;
+#ifdef MAC
+	ipc_labelh_t lh;
+	task_t task;
+	int rc;
+#endif
 
 	s = splsched();
 	imq_lock(mqueue);
+	self = current_thread();	/* XXXMAC - lock it too? deadlock? */
 	
 	if (imq_is_set(mqueue)) {
 		wait_queue_link_t wql;
@@ -712,6 +718,21 @@
 
 			ipc_mqueue_select(port_mq, option, max_size);
 			imq_unlock(port_mq);
+#ifdef MAC
+			if (self->ith_kmsg != NULL &&
+			    self->ith_kmsg->ikm_sender != NULL) {
+				lh = self->ith_kmsg->ikm_sender;
+				task = current_task();
+				tasklabel_lock(task);
+				ip_lock(lh->lh_port);
+				rc = mac_check_port_receive(&task->maclabel,
+				    &lh->lh_label);
+				ip_unlock(lh->lh_port);
+				tasklabel_unlock(task);
+				if (rc)
+					self->ith_state = MACH_RCV_INVALID_DATA;
+			}
+#endif
 			splx(s);
 			return;
 			
@@ -726,6 +747,21 @@
 		if (ipc_kmsg_queue_first(kmsgs) != IKM_NULL) {
 			ipc_mqueue_select(mqueue, option, max_size);
 			imq_unlock(mqueue);
+#ifdef MAC
+			if (self->ith_kmsg != NULL &&
+			    self->ith_kmsg->ikm_sender != NULL) {
+				lh = self->ith_kmsg->ikm_sender;
+				task = current_task();
+				tasklabel_lock(task);
+				ip_lock(lh->lh_port);
+				rc = mac_check_port_receive(&task->maclabel,
+				    &lh->lh_label);
+				ip_unlock(lh->lh_port);
+				tasklabel_unlock(task);
+				if (rc)
+					self->ith_state = MACH_RCV_INVALID_DATA;
+			}
+#endif
 			splx(s);
 			return;
 		}
@@ -736,7 +772,6 @@
 	 * block on (whether the set's or the local port's) is
 	 * still locked.
 	 */
-	self = current_thread();
 	if (option & MACH_RCV_TIMEOUT) {
 		if (timeout == 0) {
 			imq_unlock(mqueue);


More information about the trustedbsd-cvs mailing list