PERFORCE change 121485 for review
Zhouyi ZHOU
zhouzhouyi at FreeBSD.org
Tue Jun 12 09:11:12 UTC 2007
http://perforce.freebsd.org/chv.cgi?CH=121485
Change 121485 by zhouzhouyi at zhouzhouyi_mactest on 2007/06/12 09:10:21
1)
In mac_test module we must label specially for /dev/mactestpipe to avoid recursing.
Add a new MAGIC: MAGIC_MACTESTPIPE.
2)
For each mactestpipe record, add a pid inform to allow user space test program to do grep
Affected files ...
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test.c#5 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test_pipe.c#3 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test_private.h#3 edit
Differences ...
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test.c#5 (text+ko) ====
@@ -84,6 +84,7 @@
#define MAGIC_BPF 0xfe1ad1b6
#define MAGIC_DEVFS 0x9ee79c32
+#define MAGIC_MACTESTPIPE 0x9ee79c33
#define MAGIC_IFNET 0xc218b120
#define MAGIC_INPCB 0x4440f7bb
#define MAGIC_IPQ 0x206188ef
@@ -126,14 +127,16 @@
#define LABEL_CHECK(label, magic) do { \
if (label != NULL) { \
- KASSERT(SLOT(label) == magic || SLOT(label) == 0, \
+ KASSERT(SLOT(label) == magic || SLOT(label) == 0 || \
+ SLOT(label) == MAGIC_MACTESTPIPE, \
("%s: bad %s label", __func__, #magic)); \
} \
} while (0)
#define LABEL_DESTROY(label, magic) do { \
- if (SLOT(label) == magic || SLOT(label) == 0) { \
- SLOT_SET(label, MAGIC_FREE); \
+ if (SLOT(label) == magic || SLOT(label) == 0 || \
+ SLOT(label) == MAGIC_MACTESTPIPE ) { \
+ SLOT_SET(label, MAGIC_FREE); \
} else if (SLOT(label) == MAGIC_FREE) { \
DEBUGGER("%s: dup destroy", __func__); \
} else { \
@@ -157,7 +160,7 @@
static void
mac_test_init_bpfdesc_label(struct label *label)
{
- mactest_pipe_submit("mac_test_init_bpfdesc_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_bpfdesc_label\n",
strlen("mac_test_init_bpfdesc_label\n"));
LABEL_INIT(label, MAGIC_BPF);
COUNTER_INC(init_bpfdesc_label);
@@ -167,7 +170,7 @@
static void
mac_test_init_cred_label(struct label *label)
{
- mactest_pipe_submit("mac_test_init_cred_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_cred_label\n",
strlen("mac_test_init_cred_label\n"));
LABEL_INIT(label, MAGIC_CRED);
COUNTER_INC(init_cred_label);
@@ -177,17 +180,23 @@
static void
mac_test_init_devfs_label(struct label *label)
{
- mactest_pipe_submit("mac_test_init_devfs_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_devfs_label\n",
strlen("mac_test_init_devfs_label\n"));
LABEL_INIT(label, MAGIC_DEVFS);
COUNTER_INC(init_devfs_label);
}
+static void
+mac_test_init_mactestpipe_label(struct label *label)
+{
+ LABEL_INIT(label, MAGIC_MACTESTPIPE);
+}
+
COUNTER_DECL(init_ifnet_label);
static void
mac_test_init_ifnet_label(struct label *label)
{
- mactest_pipe_submit("mac_test_init_ifnet_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_ifnet_label\n",
strlen("mac_test_init_ifnet_label\n"));
LABEL_INIT(label, MAGIC_IFNET);
COUNTER_INC(init_ifnet_label);
@@ -197,7 +206,7 @@
static int
mac_test_init_inpcb_label(struct label *label, int flag)
{
- mactest_pipe_submit("mac_test_init_inpcb_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_inpcb_label\n",
strlen("mac_test_init_inpcb_label\n"));
if (flag & M_WAITOK)
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
@@ -213,7 +222,7 @@
static void
mac_test_init_sysv_msgmsg_label(struct label *label)
{
- mactest_pipe_submit("mac_test_init_sysv_msgmsg_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_sysv_msgmsg_label\n",
strlen("mac_test_init_sysv_msgmsg_label\n"));
LABEL_INIT(label, MAGIC_SYSV_MSG);
COUNTER_INC(init_sysv_msg_label);
@@ -223,7 +232,7 @@
static void
mac_test_init_sysv_msgqueue_label(struct label *label)
{
- mactest_pipe_submit("mac_test_init_sysv_msgqueue_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_sysv_msgqueue_label\n",
strlen("mac_test_init_sysv_msgqueue_label\n"));
LABEL_INIT(label, MAGIC_SYSV_MSQ);
COUNTER_INC(init_sysv_msq_label);
@@ -233,7 +242,7 @@
static void
mac_test_init_sysv_sem_label(struct label *label)
{
- mactest_pipe_submit("mac_test_init_sysv_sem_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_sysv_sem_label\n",
strlen("mac_test_init_sysv_sem_label\n"));
LABEL_INIT(label, MAGIC_SYSV_SEM);
COUNTER_INC(init_sysv_sem_label);
@@ -243,7 +252,7 @@
static void
mac_test_init_sysv_shm_label(struct label *label)
{
- mactest_pipe_submit("mac_test_init_sysv_shm_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_sysv_shm_label\n",
strlen("mac_test_init_sysv_shm_label\n"));
LABEL_INIT(label, MAGIC_SYSV_SHM);
COUNTER_INC(init_sysv_shm_label);
@@ -253,7 +262,7 @@
static int
mac_test_init_ipq_label(struct label *label, int flag)
{
- mactest_pipe_submit("mac_test_init_ipq_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_ipq_label\n",
strlen("mac_test_init_ipq_label\n"));
if (flag & M_WAITOK)
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
@@ -269,7 +278,7 @@
static int
mac_test_init_mbuf_label(struct label *label, int flag)
{
- mactest_pipe_submit("mac_test_init_mbuf_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_mbuf_label\n",
strlen("mac_test_init_mbuf_label\n"));
if (flag & M_WAITOK)
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
@@ -285,7 +294,7 @@
static void
mac_test_init_mount_label(struct label *label)
{
- mactest_pipe_submit("mac_test_init_mount_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_mount_label\n",
strlen("mac_test_init_mount_label\n"));
LABEL_INIT(label, MAGIC_MOUNT);
COUNTER_INC(init_mount_label);
@@ -296,7 +305,7 @@
mac_test_init_socket_label(struct label *label, int flag)
{
- mactest_pipe_submit("mac_test_init_socket_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_socket_label\n",
strlen("mac_test_init_socket_label\n"));
if (flag & M_WAITOK)
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
@@ -312,7 +321,7 @@
static int
mac_test_init_socket_peer_label(struct label *label, int flag)
{
- mactest_pipe_submit("mac_test_init_socket_peer_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_socket_peer_label\n",
strlen("mac_test_init_socket_peer_label\n"));
if (flag & M_WAITOK)
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
@@ -328,7 +337,7 @@
static void
mac_test_init_pipe_label(struct label *label)
{
- mactest_pipe_submit("mac_test_init_pipe_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_pipe_label\n",
strlen("mac_test_init_pipe_label\n"));
LABEL_INIT(label, MAGIC_PIPE);
COUNTER_INC(init_pipe_label);
@@ -338,7 +347,7 @@
static void
mac_test_init_posix_sem_label(struct label *label)
{
- mactest_pipe_submit("mac_test_init_posix_sem_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_posix_sem_label\n",
strlen("mac_test_init_posix_sem_label\n"));
LABEL_INIT(label, MAGIC_POSIX_SEM);
COUNTER_INC(init_posix_sem_label);
@@ -348,7 +357,7 @@
static void
mac_test_init_proc_label(struct label *label)
{
- mactest_pipe_submit("mac_test_init_proc_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_proc_label\n",
strlen("mac_test_init_proc_label\n"));
LABEL_INIT(label, MAGIC_PROC);
COUNTER_INC(init_proc_label);
@@ -358,7 +367,7 @@
static void
mac_test_init_vnode_label(struct label *label)
{
- mactest_pipe_submit("mac_test_init_vnode_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_init_vnode_label\n",
strlen("mac_test_init_vnode_label\n"));
LABEL_INIT(label, MAGIC_VNODE);
COUNTER_INC(init_vnode_label);
@@ -368,7 +377,7 @@
static void
mac_test_destroy_bpfdesc_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_bpfdesc_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_bpfdesc_label\n",
strlen("mac_test_destroy_bpfdesc_label\n"));
LABEL_DESTROY(label, MAGIC_BPF);
COUNTER_INC(destroy_bpfdesc_label);
@@ -378,7 +387,7 @@
static void
mac_test_destroy_cred_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_cred_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_cred_label\n",
strlen("mac_test_destroy_cred_label\n"));
LABEL_DESTROY(label, MAGIC_CRED);
COUNTER_INC(destroy_cred_label);
@@ -388,7 +397,7 @@
static void
mac_test_destroy_devfs_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_devfs_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_devfs_label\n",
strlen("mac_test_destroy_devfs_label\n"));
LABEL_DESTROY(label, MAGIC_DEVFS);
COUNTER_INC(destroy_devfs_label);
@@ -398,7 +407,7 @@
static void
mac_test_destroy_ifnet_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_ifnet_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_ifnet_label\n",
strlen("mac_test_destroy_ifnet_label\n"));
LABEL_DESTROY(label, MAGIC_IFNET);
COUNTER_INC(destroy_ifnet_label);
@@ -408,7 +417,7 @@
static void
mac_test_destroy_inpcb_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_inpcb_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_inpcb_label\n",
strlen("mac_test_destroy_inpcb_label\n"));
LABEL_DESTROY(label, MAGIC_INPCB);
COUNTER_INC(destroy_inpcb_label);
@@ -418,7 +427,7 @@
static void
mac_test_destroy_sysv_msgmsg_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_sysv_msgmsg_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_sysv_msgmsg_label\n",
strlen("mac_test_destroy_sysv_msgmsg__label\n"));
LABEL_DESTROY(label, MAGIC_SYSV_MSG);
COUNTER_INC(destroy_sysv_msg_label);
@@ -428,7 +437,7 @@
static void
mac_test_destroy_sysv_msgqueue_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_sysv_msgqueue_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_sysv_msgqueue_label\n",
strlen("mac_test_destroy_sysv_msgqueue_label\n"));
LABEL_DESTROY(label, MAGIC_SYSV_MSQ);
COUNTER_INC(destroy_sysv_msq_label);
@@ -438,7 +447,7 @@
static void
mac_test_destroy_sysv_sem_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_sysv_sem_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_sysv_sem_label\n",
strlen("mac_test_destroy_sysv_sem_label\n"));
LABEL_DESTROY(label, MAGIC_SYSV_SEM);
COUNTER_INC(destroy_sysv_sem_label);
@@ -448,7 +457,7 @@
static void
mac_test_destroy_sysv_shm_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_sysv_shm_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_sysv_shm_label\n",
strlen("mac_test_destroy_sysv_shm_label\n"));
LABEL_DESTROY(label, MAGIC_SYSV_SHM);
COUNTER_INC(destroy_sysv_shm_label);
@@ -458,7 +467,7 @@
static void
mac_test_destroy_ipq_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_ipq_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_ipq_label\n",
strlen("mac_test_destroy_ipq_label\n"));
LABEL_DESTROY(label, MAGIC_IPQ);
COUNTER_INC(destroy_ipq_label);
@@ -468,7 +477,7 @@
static void
mac_test_destroy_mbuf_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_mbuf_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_mbuf_label\n",
strlen("mac_test_destroy_mbuf_label\n"));
/*
* If we're loaded dynamically, there may be mbufs in flight that
@@ -486,7 +495,7 @@
static void
mac_test_destroy_mount_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_mount_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_mount_label\n",
strlen("mac_test_destroy_mount_label\n"));
LABEL_DESTROY(label, MAGIC_MOUNT);
COUNTER_INC(destroy_mount_label);
@@ -496,7 +505,7 @@
static void
mac_test_destroy_socket_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_socket_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_socket_label\n",
strlen("mac_test_destroy_socket_label\n"));
LABEL_DESTROY(label, MAGIC_SOCKET);
COUNTER_INC(destroy_socket_label);
@@ -506,7 +515,7 @@
static void
mac_test_destroy_socket_peer_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_socket_peer_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_socket_peer_label\n",
strlen("mac_test_destroy_socket_peer_label\n"));
LABEL_DESTROY(label, MAGIC_SOCKET);
COUNTER_INC(destroy_socket_peer_label);
@@ -516,7 +525,7 @@
static void
mac_test_destroy_pipe_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_pipe_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_pipe_label\n",
strlen("mac_test_destroy_pipe_label\n"));
LABEL_DESTROY(label, MAGIC_PIPE);
COUNTER_INC(destroy_pipe_label);
@@ -526,7 +535,7 @@
static void
mac_test_destroy_posix_sem_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_posix_sem_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_posix_sem_label\n",
strlen("mac_test_destroy_posix_sem_label\n"));
LABEL_DESTROY(label, MAGIC_POSIX_SEM);
COUNTER_INC(destroy_posix_sem_label);
@@ -536,7 +545,7 @@
static void
mac_test_destroy_proc_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_proc_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_proc_label\n",
strlen("mac_test_destroy_proc_label\n"));
LABEL_DESTROY(label, MAGIC_PROC);
COUNTER_INC(destroy_proc_label);
@@ -546,7 +555,7 @@
static void
mac_test_destroy_vnode_label(struct label *label)
{
- mactest_pipe_submit("mac_test_destroy_vnode_label\n",
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_destroy_vnode_label\n",
strlen("mac_test_destroy_vnode_label\n"));
LABEL_DESTROY(label, MAGIC_VNODE);
COUNTER_INC(destroy_vnode_label);
@@ -556,8 +565,8 @@
static void
mac_test_copy_cred_label(struct label *src, struct label *dest)
{
- mactest_pipe_submit("mac_test_copy_cred_label\n",
- strlen("mac_test_copy_cred_label\n"));
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_copy_cred_label with src label:",
+ strlen("mac_test_copy_cred_label with src label:"));
MACTEST_PIPE_SUBMIT_LABEL(cred,src);
LABEL_CHECK(src, MAGIC_CRED);
LABEL_CHECK(dest, MAGIC_CRED);
@@ -568,7 +577,9 @@
static void
mac_test_copy_ifnet_label(struct label *src, struct label *dest)
{
-
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_copy_ifnet_label with src label:",
+ strlen("mac_test_copy_ifnet_label with src label:"));
+ MACTEST_PIPE_SUBMIT_LABEL(ifnet,src);
LABEL_CHECK(src, MAGIC_IFNET);
LABEL_CHECK(dest, MAGIC_IFNET);
COUNTER_INC(copy_ifnet_label);
@@ -578,7 +589,9 @@
static void
mac_test_copy_mbuf_label(struct label *src, struct label *dest)
{
-
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_copy_mbuf_label with src label:",
+ strlen("mac_test_copy_mbuf_label with src label:"));
+ MACTEST_PIPE_SUBMIT_LABEL(vnode,src);
LABEL_CHECK(src, MAGIC_MBUF);
LABEL_CHECK(dest, MAGIC_MBUF);
COUNTER_INC(copy_mbuf_label);
@@ -588,7 +601,9 @@
static void
mac_test_copy_pipe_label(struct label *src, struct label *dest)
{
-
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_copy_pipe_label with src label:",
+ strlen("mac_test_copy_pipe_label with src label:"));
+ MACTEST_PIPE_SUBMIT_LABEL(pipe,src);
LABEL_CHECK(src, MAGIC_PIPE);
LABEL_CHECK(dest, MAGIC_PIPE);
COUNTER_INC(copy_pipe_label);
@@ -598,7 +613,9 @@
static void
mac_test_copy_socket_label(struct label *src, struct label *dest)
{
-
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_copy_socket_label with src label:",
+ strlen("mac_test_copy_socket_label with src label:"));
+ MACTEST_PIPE_SUBMIT_LABEL(socket,src);
LABEL_CHECK(src, MAGIC_SOCKET);
LABEL_CHECK(dest, MAGIC_SOCKET);
COUNTER_INC(copy_socket_label);
@@ -608,7 +625,9 @@
static void
mac_test_copy_vnode_label(struct label *src, struct label *dest)
{
-
+ MACTEST_PIPE_SUBMIT_WITHPID("mac_test_copy_vnode_label with src label:",
+ strlen("mac_test_copy_vnode_label with src label:"));
+ MACTEST_PIPE_SUBMIT_LABEL(vnode,src);
LABEL_CHECK(src, MAGIC_VNODE);
LABEL_CHECK(dest, MAGIC_VNODE);
COUNTER_INC(copy_vnode_label);
@@ -2513,6 +2532,7 @@
.mpo_init_bpfdesc_label = mac_test_init_bpfdesc_label,
.mpo_init_cred_label = mac_test_init_cred_label,
.mpo_init_devfs_label = mac_test_init_devfs_label,
+ .mpo_init_mactestpipe_label = mac_test_init_mactestpipe_label,
.mpo_init_ifnet_label = mac_test_init_ifnet_label,
.mpo_init_sysv_msgmsg_label = mac_test_init_sysv_msgmsg_label,
.mpo_init_sysv_msgqueue_label = mac_test_init_sysv_msgqueue_label,
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test_pipe.c#3 (text+ko) ====
@@ -74,11 +74,12 @@
/*
- * Description of an individual audit_pipe. Consists largely of a bounded
+ * Description of an individual mactest_pipe. Consists largely of a bounded
* length queue.
*/
#define MACTEST_PIPE_ASYNC 0x00000001
#define MACTEST_PIPE_NBIO 0x00000002
+
struct mactest_pipe {
int mp_open; /* Device open? */
u_int mp_flags;
@@ -105,6 +106,7 @@
TAILQ_ENTRY(mactest_pipe) mp_list;
};
+
/*
* Global list of audit pipes, mutex to protect it and the pipes. Finer
* grained locking may be desirable at some point.
@@ -444,76 +446,6 @@
*/
/*
switch (cmd) {
- case FIONBIO:
- mtx_lock(&mactest_pipe_mtx);
- if (*(int *)data)
- mp->mp_flags |= MACTEST_PIPE_NBIO;
- else
- mp->mp_flags &= ~MACTEST_PIPE_NBIO;
- mtx_unlock(&mactest_pipe_mtx);
- error = 0;
- break;
-
- case FIONREAD:
- mtx_lock(&mactest_pipe_mtx);
- if (TAILQ_FIRST(&mp->mp_queue) != NULL)
- *(int *)data =
- TAILQ_FIRST(&mp->mp_queue)->mpe_record_len;
- else
- *(int *)data = 0;
- mtx_unlock(&mactest_pipe_mtx);
- error = 0;
- break;
-
- case FIOASYNC:
- mtx_lock(&mactest_pipe_mtx);
- if (*(int *)data)
- mp->mp_flags |= MACTEST_PIPE_ASYNC;
- else
- mp->mp_flags &= ~MACTEST_PIPE_ASYNC;
- mtx_unlock(&mactest_pipe_mtx);
- error = 0;
- break;
-
- case FIOSETOWN:
- error = fsetown(*(int *)data, &mp->mp_sigio);
- break;
-
- case FIOGETOWN:
- *(int *)data = fgetown(&mp->mp_sigio);
- error = 0;
- break;
-
- case MACTESTPIPE_GET_QLEN:
- *(u_int *)data = mp->mp_qlen;
- error = 0;
- break;
-
- case MACTESTPIPE_GET_QLIMIT:
- *(u_int *)data = mp->mp_qlimit;
- error = 0;
- break;
-
- case MACTESTPIPE_SET_QLIMIT:
-
- if (*(u_int *)data >= MACTEST_PIPE_QLIMIT_MIN ||
- *(u_int *)data <= MACTEST_PIPE_QLIMIT_MAX) {
- mp->mp_qlimit = *(u_int *)data;
- error = 0;
- } else
- error = EINVAL;
- break;
-
- case MACTESTPIPE_GET_QLIMIT_MIN:
- *(u_int *)data = MACTEST_PIPE_QLIMIT_MIN;
- error = 0;
- break;
-
- case MACTESTPIPE_GET_QLIMIT_MAX:
- *(u_int *)data = MACTEST_PIPE_QLIMIT_MAX;
- error = 0;
- break;
-
case MACTESTPIPE_FLUSH:
mtx_lock(&mactest_pipe_mtx);
mactest_pipe_flush(ap);
@@ -521,31 +453,11 @@
error = 0;
break;
- case MACTESTPIPE_GET_MAXMACTESTDATA:
- *(u_int *)data = MAXMACTESTDATA;
- error = 0;
+ case MACTESTPIPE_SETFILTER:
break;
- case MACTESTPIPE_GET_INSERTS:
- *(u_int *)data = mp->mp_inserts;
- error = 0;
- break;
-
- case MACTESTPIPE_GET_READS:
- *(u_int *)data = mp->mp_reads;
- error = 0;
- break;
-
- case MACTESTPIPE_GET_DROPS:
- *(u_int *)data = mp->mp_drops;
- error = 0;
+ case MACTESTPIPE_GETFILTER:
break;
-
- case MACTESTPIPE_GET_TRUNCATES:
- *(u_int *)data = mp->mp_truncates;
- error = 0;
- break;
-
default:
error = ENOTTY;
}
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test_private.h#3 (text+ko) ====
@@ -1,5 +1,6 @@
#ifndef _SECURITY_MAC_TEST_PRIVATE_H
#define _SECURITY_MAC_TEST_PRIVATE_H
+#include <sys/sbuf.h>
#include <security/mac/mac_internal.h>
void
mactest_pipe_submit(void *record, u_int record_len);
@@ -13,6 +14,7 @@
"mactest pipe entries and buffers");
#define MACTEST_PIPE_SUBMIT_LABEL(type,label) do { \
+ int error; \
int strleng = 0; \
char *buffer; \
char *elements1 = malloc(256, M_MACTEST_PIPE, M_NOWAIT); \
@@ -22,8 +24,7 @@
buffer = malloc(256, M_MACTEST_PIPE, M_NOWAIT); \
if (!buffer) \
goto exit1; \
- mac_externalize_##type##_label(label, elements1, \
- buffer, 256); \
+ MAC_EXTERNALIZE(type,label, elements1, buffer, 256); \
strleng = strlen(buffer); \
*(buffer + strleng) = '\n'; \
mactest_pipe_submit(buffer, strleng + 1); \
@@ -34,4 +35,19 @@
;/*extra ; to avoid label at the end of compound statement*/ \
}while(0)
+
+#define MACTEST_PIPE_SUBMIT_WITHPID(string,length) do { \
+ struct thread *td = curthread; \
+ char *buffer; \
+ buffer = malloc(256, M_MACTEST_PIPE, M_NOWAIT); \
+ if (!buffer) \
+ goto exit2; \
+ sprintf(buffer,"pid = %d ", td->td_proc->p_pid); \
+ mactest_pipe_submit(buffer, strlen(buffer)); \
+ mactest_pipe_submit(string, length); \
+ free(buffer, M_MACTEST_PIPE); \
+exit2: \
+ ; \
+}while(0)
+
#endif /* ! _SECURITY_MAC_TEST_PRIVATE_H */
More information about the p4-projects
mailing list