PERFORCE change 56789 for review
Robert Watson
rwatson at FreeBSD.org
Thu Jul 8 11:05:21 PDT 2004
http://perforce.freebsd.org/chv.cgi?CH=56789
Change 56789 by rwatson at rwatson_tislabs on 2004/07/08 18:04:24
Reduce differences to add System V IPC MAC labeling and access
control against CVS: don't introduce msg_msg.h, instead place the
global definition of 'struct msg' in '#ifdef _KERNEL' of msg.h.
Still not ideal name space wise, but is likely sufficient.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/kern/sysv_msg.c#19 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_msg.c#6 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#243 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#85 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#197 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_stub/mac_stub.c#21 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#133 edit
.. //depot/projects/trustedbsd/mac/sys/sys/msg.h#8 edit
.. //depot/projects/trustedbsd/mac/sys/sys/msg_msg.h#4 delete
Differences ...
==== //depot/projects/trustedbsd/mac/sys/kern/sysv_msg.c#19 (text+ko) ====
@@ -29,6 +29,7 @@
#include <sys/kernel.h>
#include <sys/proc.h>
#include <sys/lock.h>
+#include <sys/mac.h>
#include <sys/mutex.h>
#include <sys/msg.h>
#include <sys/syscall.h>
@@ -36,10 +37,6 @@
#include <sys/sysctl.h>
#include <sys/malloc.h>
#include <sys/jail.h>
-#ifdef MAC
-#include <sys/msg_msg.h>
-#include <sys/mac.h>
-#endif
static MALLOC_DEFINE(M_MSG, "msg", "SVID compatible message queues");
@@ -66,19 +63,6 @@
(sy_call_t *)msgsnd, (sy_call_t *)msgrcv
};
-#ifndef MAC
-/* For the MAC framework, struct moved to the header file sys/msg_msg.h */
-struct msg {
- struct msg *msg_next; /* next msg in the chain */
- long msg_type; /* type of this message */
- /* >0 -> type of this message */
- /* 0 -> free header */
- u_short msg_ts; /* size of this message */
- short msg_spot; /* location of start of msg in buffer */
-};
-#endif
-
-
#ifndef MSGSSZ
#define MSGSSZ 8 /* Each segment must be 2^N long */
#endif
==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_sysv_msg.c#6 (text+ko) ====
@@ -48,7 +48,6 @@
#include <sys/namei.h>
#include <sys/sysctl.h>
#include <sys/msg.h>
-#include <sys/msg_msg.h>
#include <sys/mac_policy.h>
==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#243 (text+ko) ====
@@ -61,7 +61,6 @@
#include <sys/pipe.h>
#include <sys/sysctl.h>
#include <sys/msg.h>
-#include <sys/msg_msg.h>
#include <sys/sem.h>
#include <sys/shm.h>
==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#85 (text+ko) ====
@@ -61,7 +61,6 @@
#include <sys/sysctl.h>
#include <sys/syslog.h>
#include <sys/msg.h>
-#include <sys/msg_msg.h>
#include <sys/sem.h>
#include <sys/shm.h>
==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#197 (text+ko) ====
@@ -61,7 +61,6 @@
#include <sys/pipe.h>
#include <sys/sysctl.h>
#include <sys/msg.h>
-#include <sys/msg_msg.h>
#include <sys/sem.h>
#include <sys/shm.h>
==== //depot/projects/trustedbsd/mac/sys/security/mac_stub/mac_stub.c#21 (text+ko) ====
@@ -60,7 +60,6 @@
#include <sys/pipe.h>
#include <sys/sysctl.h>
#include <sys/msg.h>
-#include <sys/msg_msg.h>
#include <sys/sem.h>
#include <sys/shm.h>
==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#133 (text+ko) ====
@@ -58,7 +58,6 @@
#include <sys/socketvar.h>
#include <sys/sysctl.h>
#include <sys/msg.h>
-#include <sys/msg_msg.h>
#include <sys/sem.h>
#include <sys/shm.h>
==== //depot/projects/trustedbsd/mac/sys/sys/msg.h#8 (text+ko) ====
@@ -101,6 +101,20 @@
#ifdef _KERNEL
/*
+ * Pull out the msg structure from kern/sysv_msg.c. This file is used
+ * throughout the MAC framework.
+ */
+struct msg {
+ struct msg *msg_next; /* next msg in the chain */
+ long msg_type; /* type of this message */
+ /* >0 -> type of this message */
+ /* 0 -> free header */
+ u_short msg_ts; /* size of this message */
+ short msg_spot; /* location of start of msg in buffer */
+ struct label *label; /* MAC Framework label */
+};
+
+/*
* Based on the configuration parameters described in an SVR2 (yes, two)
* config(1m) man page.
*
More information about the p4-projects
mailing list