mac_syscalls.c (121374) | mac_syscalls.c (122159) |
---|---|
1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002, 2003 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 26 unchanged lines hidden (view full) --- 35 */ 36 37/* 38 * Framework for extensible kernel access control. Kernel and userland 39 * interface to the framework, policy registration and composition. 40 */ 41 42#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002, 2003 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 26 unchanged lines hidden (view full) --- 35 */ 36 37/* 38 * Framework for extensible kernel access control. Kernel and userland 39 * interface to the framework, policy registration and composition. 40 */ 41 42#include <sys/cdefs.h> |
43__FBSDID("$FreeBSD: head/sys/security/mac/mac_syscalls.c 121374 2003-10-22 20:59:31Z rwatson $"); | 43__FBSDID("$FreeBSD: head/sys/security/mac/mac_syscalls.c 122159 2003-11-06 03:42:43Z rwatson $"); |
44 45#include "opt_mac.h" 46#include "opt_devfs.h" 47 48#include <sys/param.h> 49#include <sys/condvar.h> 50#include <sys/extattr.h> 51#include <sys/imgact.h> --- 503 unchanged lines hidden (view full) --- 555 if (error) { 556 free(elements, M_MACTEMP); 557 crfree(tcred); 558 return (error); 559 } 560 561 buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); 562 error = mac_externalize_cred_label(&tcred->cr_label, elements, | 44 45#include "opt_mac.h" 46#include "opt_devfs.h" 47 48#include <sys/param.h> 49#include <sys/condvar.h> 50#include <sys/extattr.h> 51#include <sys/imgact.h> --- 503 unchanged lines hidden (view full) --- 555 if (error) { 556 free(elements, M_MACTEMP); 557 crfree(tcred); 558 return (error); 559 } 560 561 buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); 562 error = mac_externalize_cred_label(&tcred->cr_label, elements, |
563 buffer, mac.m_buflen, M_WAITOK); | 563 buffer, mac.m_buflen); |
564 if (error == 0) 565 error = copyout(buffer, mac.m_string, strlen(buffer)+1); 566 567 free(buffer, M_MACTEMP); 568 free(elements, M_MACTEMP); 569 crfree(tcred); 570 return (error); 571} --- 20 unchanged lines hidden (view full) --- 592 error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); 593 if (error) { 594 free(elements, M_MACTEMP); 595 return (error); 596 } 597 598 buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); 599 error = mac_externalize_cred_label(&td->td_ucred->cr_label, | 564 if (error == 0) 565 error = copyout(buffer, mac.m_string, strlen(buffer)+1); 566 567 free(buffer, M_MACTEMP); 568 free(elements, M_MACTEMP); 569 crfree(tcred); 570 return (error); 571} --- 20 unchanged lines hidden (view full) --- 592 error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); 593 if (error) { 594 free(elements, M_MACTEMP); 595 return (error); 596 } 597 598 buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); 599 error = mac_externalize_cred_label(&td->td_ucred->cr_label, |
600 elements, buffer, mac.m_buflen, M_WAITOK); | 600 elements, buffer, mac.m_buflen); |
601 if (error == 0) 602 error = copyout(buffer, mac.m_string, strlen(buffer)+1); 603 604 free(buffer, M_MACTEMP); 605 free(elements, M_MACTEMP); 606 return (error); 607} 608 --- 137 unchanged lines hidden (view full) --- 746 } 747 fdrop(fp, td); 748 749 switch (label_type) { 750 case DTYPE_FIFO: 751 case DTYPE_VNODE: 752 if (error == 0) 753 error = mac_externalize_vnode_label(&intlabel, | 601 if (error == 0) 602 error = copyout(buffer, mac.m_string, strlen(buffer)+1); 603 604 free(buffer, M_MACTEMP); 605 free(elements, M_MACTEMP); 606 return (error); 607} 608 --- 137 unchanged lines hidden (view full) --- 746 } 747 fdrop(fp, td); 748 749 switch (label_type) { 750 case DTYPE_FIFO: 751 case DTYPE_VNODE: 752 if (error == 0) 753 error = mac_externalize_vnode_label(&intlabel, |
754 elements, buffer, mac.m_buflen, M_WAITOK); | 754 elements, buffer, mac.m_buflen); |
755 mac_destroy_vnode_label(&intlabel); 756 break; 757 case DTYPE_PIPE: 758 error = mac_externalize_pipe_label(&intlabel, elements, | 755 mac_destroy_vnode_label(&intlabel); 756 break; 757 case DTYPE_PIPE: 758 error = mac_externalize_pipe_label(&intlabel, elements, |
759 buffer, mac.m_buflen, M_WAITOK); | 759 buffer, mac.m_buflen); |
760 mac_destroy_pipe_label(&intlabel); 761 break; 762 default: 763 panic("__mac_get_fd: corrupted label_type"); 764 } 765 766 if (error == 0) 767 error = copyout(buffer, mac.m_string, strlen(buffer)+1); --- 39 unchanged lines hidden (view full) --- 807 td); 808 error = namei(&nd); 809 if (error) 810 goto out; 811 812 mac_init_vnode_label(&intlabel); 813 mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); 814 error = mac_externalize_vnode_label(&intlabel, elements, buffer, | 760 mac_destroy_pipe_label(&intlabel); 761 break; 762 default: 763 panic("__mac_get_fd: corrupted label_type"); 764 } 765 766 if (error == 0) 767 error = copyout(buffer, mac.m_string, strlen(buffer)+1); --- 39 unchanged lines hidden (view full) --- 807 td); 808 error = namei(&nd); 809 if (error) 810 goto out; 811 812 mac_init_vnode_label(&intlabel); 813 mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); 814 error = mac_externalize_vnode_label(&intlabel, elements, buffer, |
815 mac.m_buflen, M_WAITOK); | 815 mac.m_buflen); |
816 817 NDFREE(&nd, 0); 818 mac_destroy_vnode_label(&intlabel); 819 820 if (error == 0) 821 error = copyout(buffer, mac.m_string, strlen(buffer)+1); 822 823out: --- 38 unchanged lines hidden (view full) --- 862 td); 863 error = namei(&nd); 864 if (error) 865 goto out; 866 867 mac_init_vnode_label(&intlabel); 868 mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); 869 error = mac_externalize_vnode_label(&intlabel, elements, buffer, | 816 817 NDFREE(&nd, 0); 818 mac_destroy_vnode_label(&intlabel); 819 820 if (error == 0) 821 error = copyout(buffer, mac.m_string, strlen(buffer)+1); 822 823out: --- 38 unchanged lines hidden (view full) --- 862 td); 863 error = namei(&nd); 864 if (error) 865 goto out; 866 867 mac_init_vnode_label(&intlabel); 868 mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); 869 error = mac_externalize_vnode_label(&intlabel, elements, buffer, |
870 mac.m_buflen, M_WAITOK); | 870 mac.m_buflen); |
871 NDFREE(&nd, 0); 872 mac_destroy_vnode_label(&intlabel); 873 874 if (error == 0) 875 error = copyout(buffer, mac.m_string, strlen(buffer)+1); 876 877out: 878 mtx_unlock(&Giant); /* VFS */ --- 322 unchanged lines hidden --- | 871 NDFREE(&nd, 0); 872 mac_destroy_vnode_label(&intlabel); 873 874 if (error == 0) 875 error = copyout(buffer, mac.m_string, strlen(buffer)+1); 876 877out: 878 mtx_unlock(&Giant); /* VFS */ --- 322 unchanged lines hidden --- |