PERFORCE change 78626 for review
Robert Watson
rwatson at FreeBSD.org
Thu Jun 16 13:30:07 GMT 2005
http://perforce.freebsd.org/chv.cgi?CH=78626
Change 78626 by rwatson at rwatson_fledge on 2005/06/16 13:29:51
Eliminate MAC entry point mac_create_mbuf_from_mbuf(), which is
redundant with respect to existing mbuf copy label routines. Expose
a new mac_copy_mbuf() routine at the top end of the Framework and
use that; use the existing mpo_copy_mbuf_label() routine on the
bottom end.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/net/bsd_comp.c#11 edit
.. //depot/projects/trustedbsd/mac/sys/net/if_ppp.c#26 edit
.. //depot/projects/trustedbsd/mac/sys/net/ppp_deflate.c#9 edit
.. //depot/projects/trustedbsd/mac/sys/netatalk/ddp_output.c#11 edit
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_output.c#42 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac/mac_net.c#28 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#255 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#94 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#208 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_stub/mac_stub.c#35 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#148 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#277 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#234 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/net/bsd_comp.c#11 (text+ko) ====
@@ -880,7 +880,7 @@
wptr = mtod(dmp, u_char *);
space = M_TRAILINGSPACE(dmp) - PPP_HDRLEN + 1;
#ifdef MAC
- mac_create_mbuf_from_mbuf(cmp, dmp);
+ mac_copy_mbuf(cmp, dmp);
#endif
/*
==== //depot/projects/trustedbsd/mac/sys/net/if_ppp.c#26 (text+ko) ====
@@ -1483,7 +1483,7 @@
}
}
#ifdef MAC
- mac_create_mbuf_from_mbuf(m, mp);
+ mac_copy_mbuf(m, mp);
#endif
cp = mtod(mp, u_char *);
cp[0] = adrs;
@@ -1537,7 +1537,7 @@
MGETHDR(mp, M_DONTWAIT, MT_DATA);
if (mp != NULL) {
#ifdef MAC
- mac_create_mbuf_from_mbuf(m, mp);
+ mac_copy_mbuf(m, mp);
#endif
m_copydata(m, 0, ilen, mtod(mp, caddr_t));
m_freem(m);
==== //depot/projects/trustedbsd/mac/sys/net/ppp_deflate.c#9 (text+ko) ====
@@ -523,7 +523,7 @@
ospace -= state->hdrlen;
}
#ifdef MAC
- mac_create_mbuf_from_mbuf(mi, mo);
+ mac_copy_mbuf(mi, mo);
#endif
/*
==== //depot/projects/trustedbsd/mac/sys/netatalk/ddp_output.c#11 (text+ko) ====
@@ -207,7 +207,7 @@
return (ENOBUFS);
}
#ifdef MAC
- mac_create_mbuf_from_mbuf(m, m0);
+ mac_copy_mbuf(m, m0);
#endif
m0->m_next = m;
/* XXX perhaps we ought to align the header? */
==== //depot/projects/trustedbsd/mac/sys/netinet/ip_output.c#42 (text+ko) ====
@@ -1071,7 +1071,7 @@
M_MOVE_PKTHDR(n, m);
n->m_pkthdr.rcvif = (struct ifnet *)0;
#ifdef MAC
- mac_create_mbuf_from_mbuf(m, n);
+ mac_copy_mbuf(m, n);
#endif
n->m_pkthdr.len += optlen;
m->m_len -= sizeof(struct ip);
==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_net.c#28 (text+ko) ====
@@ -253,6 +253,17 @@
MAC_PERFORM(copy_mbuf_label, src_label, dest_label);
}
+void
+mac_copy_mbuf(struct mbuf *m_from, struct mbuf *m_to)
+{
+ struct label *src_label, *dest_label;
+
+ src_label = mac_mbuf_to_label(m_from);
+ dest_label = mac_mbuf_to_label(m_to);
+
+ MAC_PERFORM(copy_mbuf_label, src_label, dest_label);
+}
+
static void
mac_copy_ifnet_label(struct label *src, struct label *dest)
{
@@ -298,18 +309,6 @@
}
void
-mac_create_mbuf_from_mbuf(struct mbuf *oldmbuf, struct mbuf *newmbuf)
-{
- struct label *oldmbuflabel, *newmbuflabel;
-
- oldmbuflabel = mac_mbuf_to_label(oldmbuf);
- newmbuflabel = mac_mbuf_to_label(newmbuf);
-
- MAC_PERFORM(create_mbuf_from_mbuf, oldmbuf, oldmbuflabel, newmbuf,
- newmbuflabel);
-}
-
-void
mac_create_mbuf_from_bpfdesc(struct bpf_d *bpf_d, struct mbuf *mbuf)
{
struct label *label;
==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#255 (text+ko) ====
@@ -1354,27 +1354,6 @@
}
static void
-mac_biba_create_mbuf_from_mbuf(struct mbuf *oldmbuf,
- struct label *oldmbuflabel, struct mbuf *newmbuf,
- struct label *newmbuflabel)
-{
- struct mac_biba *source, *dest;
-
- source = SLOT(oldmbuflabel);
- dest = SLOT(newmbuflabel);
-
- /*
- * Because the source mbuf may not yet have been "created",
- * just initialized, we do a conditional copy. Since we don't
- * allow mbufs to have ranges, do a KASSERT to make sure that
- * doesn't happen.
- */
- KASSERT((source->mb_flags & MAC_BIBA_FLAG_RANGE) == 0,
- ("mac_biba_create_mbuf_from_mbuf: source mbuf has range"));
- mac_biba_copy(source, dest);
-}
-
-static void
mac_biba_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel,
struct mbuf *mbuf, struct label *mbuflabel)
{
@@ -3204,7 +3183,6 @@
.mpo_create_sysv_shm = mac_biba_create_sysv_shm,
.mpo_create_ipq = mac_biba_create_ipq,
.mpo_create_mbuf_from_inpcb = mac_biba_create_mbuf_from_inpcb,
- .mpo_create_mbuf_from_mbuf = mac_biba_create_mbuf_from_mbuf,
.mpo_create_mbuf_linklayer = mac_biba_create_mbuf_linklayer,
.mpo_create_mbuf_from_bpfdesc = mac_biba_create_mbuf_from_bpfdesc,
.mpo_create_mbuf_from_ifnet = mac_biba_create_mbuf_from_ifnet,
==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#94 (text+ko) ====
@@ -1437,27 +1437,6 @@
}
static void
-mac_lomac_create_mbuf_from_mbuf(struct mbuf *oldmbuf,
- struct label *oldmbuflabel, struct mbuf *newmbuf,
- struct label *newmbuflabel)
-{
- struct mac_lomac *source, *dest;
-
- source = SLOT(oldmbuflabel);
- dest = SLOT(newmbuflabel);
-
- /*
- * Because the source mbuf may not yet have been "created",
- * just initialized, we do a conditional copy. Since we don't
- * allow mbufs to have ranges, do a KASSERT to make sure that
- * doesn't happen.
- */
- KASSERT((source->ml_flags & MAC_LOMAC_FLAG_RANGE) == 0,
- ("mac_lomac_create_mbuf_from_mbuf: source mbuf has range"));
- mac_lomac_copy(source, dest);
-}
-
-static void
mac_lomac_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel,
struct mbuf *mbuf, struct label *mbuflabel)
{
@@ -3131,7 +3110,6 @@
.mpo_create_sysv_shm = mac_lomac_create_sysv_shm,
.mpo_create_ipq = mac_lomac_create_ipq,
.mpo_create_mbuf_from_inpcb = mac_lomac_create_mbuf_from_inpcb,
- .mpo_create_mbuf_from_mbuf = mac_lomac_create_mbuf_from_mbuf,
.mpo_create_mbuf_linklayer = mac_lomac_create_mbuf_linklayer,
.mpo_create_mbuf_from_bpfdesc = mac_lomac_create_mbuf_from_bpfdesc,
.mpo_create_mbuf_from_ifnet = mac_lomac_create_mbuf_from_ifnet,
==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#208 (text+ko) ====
@@ -1291,27 +1291,6 @@
}
static void
-mac_mls_create_mbuf_from_mbuf(struct mbuf *oldmbuf,
- struct label *oldmbuflabel, struct mbuf *newmbuf,
- struct label *newmbuflabel)
-{
- struct mac_mls *source, *dest;
-
- source = SLOT(oldmbuflabel);
- dest = SLOT(newmbuflabel);
-
- /*
- * Because the source mbuf may not yet have been "created",
- * just initialized, we do a conditional copy. Since we don't
- * allow mbufs to have ranges, do a KASSERT to make sure that
- * doesn't happen.
- */
- KASSERT((source->mm_flags & MAC_MLS_FLAG_RANGE) == 0,
- ("mac_mls_create_mbuf_from_mbuf: source mbuf has range"));
- mac_mls_copy(source, dest);
-}
-
-static void
mac_mls_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel,
struct mbuf *mbuf, struct label *mbuflabel)
{
@@ -2986,7 +2965,6 @@
.mpo_create_sysv_sema = mac_mls_create_sysv_sema,
.mpo_create_sysv_shm = mac_mls_create_sysv_shm,
.mpo_create_mbuf_from_inpcb = mac_mls_create_mbuf_from_inpcb,
- .mpo_create_mbuf_from_mbuf = mac_mls_create_mbuf_from_mbuf,
.mpo_create_mbuf_linklayer = mac_mls_create_mbuf_linklayer,
.mpo_create_mbuf_from_bpfdesc = mac_mls_create_mbuf_from_bpfdesc,
.mpo_create_mbuf_from_ifnet = mac_mls_create_mbuf_from_ifnet,
==== //depot/projects/trustedbsd/mac/sys/security/mac_stub/mac_stub.c#35 (text+ko) ====
@@ -400,14 +400,6 @@
}
static void
-stub_create_mbuf_from_mbuf(struct mbuf *oldmbuf,
- struct label *oldmbuflabel, struct mbuf *newmbuf,
- struct label *newmbuflabel)
-{
-
-}
-
-static void
stub_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel,
struct mbuf *mbuf, struct label *mbuflabel)
{
@@ -1465,7 +1457,6 @@
.mpo_create_fragment = stub_create_fragment,
.mpo_create_ipq = stub_create_ipq,
.mpo_create_mbuf_from_inpcb = stub_create_mbuf_from_inpcb,
- .mpo_create_mbuf_from_mbuf = stub_create_mbuf_from_mbuf,
.mpo_create_mbuf_linklayer = stub_create_mbuf_linklayer,
.mpo_create_mbuf_from_bpfdesc = stub_create_mbuf_from_bpfdesc,
.mpo_create_mbuf_from_ifnet = stub_create_mbuf_from_ifnet,
==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#148 (text+ko) ====
@@ -1142,16 +1142,6 @@
}
static void
-mac_test_create_mbuf_from_mbuf(struct mbuf *oldmbuf,
- struct label *oldmbuflabel, struct mbuf *newmbuf,
- struct label *newmbuflabel)
-{
-
- ASSERT_MBUF_LABEL(oldmbuflabel);
- ASSERT_MBUF_LABEL(newmbuflabel);
-}
-
-static void
mac_test_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel,
struct mbuf *mbuf, struct label *mbuflabel)
{
@@ -2530,7 +2520,6 @@
.mpo_create_fragment = mac_test_create_fragment,
.mpo_create_ipq = mac_test_create_ipq,
.mpo_create_mbuf_from_inpcb = mac_test_create_mbuf_from_inpcb,
- .mpo_create_mbuf_from_mbuf = mac_test_create_mbuf_from_mbuf,
.mpo_create_mbuf_linklayer = mac_test_create_mbuf_linklayer,
.mpo_create_mbuf_from_bpfdesc = mac_test_create_mbuf_from_bpfdesc,
.mpo_create_mbuf_from_ifnet = mac_test_create_mbuf_from_ifnet,
==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#277 (text+ko) ====
@@ -163,6 +163,7 @@
void mac_init_mount(struct mount *);
void mac_init_proc(struct proc *);
void mac_init_vnode(struct vnode *);
+void mac_copy_mbuf(struct mbuf *m_from, struct mbuf *m_to);
void mac_copy_mbuf_tag(struct m_tag *, struct m_tag *);
void mac_copy_vnode_label(struct label *, struct label *label);
void mac_destroy_bpfdesc(struct bpf_d *);
@@ -253,7 +254,6 @@
void mac_create_datagram_from_ipq(struct ipq *ipq, struct mbuf *datagram);
void mac_create_fragment(struct mbuf *datagram, struct mbuf *fragment);
void mac_create_mbuf_from_inpcb(struct inpcb *inp, struct mbuf *m);
-void mac_create_mbuf_from_mbuf(struct mbuf *oldmbuf, struct mbuf *newmbuf);
void mac_create_mbuf_linklayer(struct ifnet *ifnet, struct mbuf *m);
void mac_create_mbuf_from_bpfdesc(struct bpf_d *bpf_d, struct mbuf *m);
void mac_create_mbuf_from_ifnet(struct ifnet *ifnet, struct mbuf *m);
==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#234 (text+ko) ====
@@ -286,9 +286,6 @@
void (*mpo_create_mbuf_from_inpcb)(struct inpcb *inp,
struct label *inplabel, struct mbuf *m,
struct label *mlabel);
- void (*mpo_create_mbuf_from_mbuf)(struct mbuf *oldmbuf,
- struct label *oldlabel, struct mbuf *newmbuf,
- struct label *newlabel);
void (*mpo_create_mbuf_linklayer)(struct ifnet *ifnet,
struct label *ifnetlabel, struct mbuf *mbuf,
struct label *mbuflabel);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list