While the MAC API has supported the ability to handle M_NOWAIT passed

to mbuf label initialization, that functionality was never merged to
the main tree.  Go ahead and merge that functionality now.  Note that
this requires policy modules to accept the case where the label
element may be destroyed even if init has not succeeded on it (in
the event that policy failed the init).  This will shortly also
apply to sockets.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories

9 files changed, 99 insertions, 27 deletions

diff --git a/sys/kern/kern_mac.c b/sys/kern/kern_mac.c
index dd5d2b3..d21d5df 100644
--- a/sys/kern/kern_mac.c
+++ b/sys/kern/kern_mac.c
@@ -1101,15 +1101,23 @@ mac_init_ipq(struct ipq *ipq)
 int
 mac_init_mbuf(struct mbuf *m, int flag)
 {
+	int error;
+
 	KASSERT(m->m_flags & M_PKTHDR, ("mac_init_mbuf on non-header mbuf"));
 
 	mac_init_label(&m->m_pkthdr.label);
 
-	MAC_PERFORM(init_mbuf_label, &m->m_pkthdr.label, flag);
+	MAC_CHECK(init_mbuf_label, &m->m_pkthdr.label, flag);
+	if (error) {
+		MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label);
+		mac_destroy_label(&m->m_pkthdr.label);
+	}
+
 #ifdef MAC_DEBUG
-	atomic_add_int(&nmacmbufs, 1);
+	if (error == 0)
+		atomic_add_int(&nmacmbufs, 1);
 #endif
-	return (0);
+	return (error);
 }
 
 void
diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c
index dd5d2b3..d21d5df 100644
--- a/sys/security/mac/mac_framework.c
+++ b/sys/security/mac/mac_framework.c
@@ -1101,15 +1101,23 @@ mac_init_ipq(struct ipq *ipq)
 int
 mac_init_mbuf(struct mbuf *m, int flag)
 {
+	int error;
+
 	KASSERT(m->m_flags & M_PKTHDR, ("mac_init_mbuf on non-header mbuf"));
 
 	mac_init_label(&m->m_pkthdr.label);
 
-	MAC_PERFORM(init_mbuf_label, &m->m_pkthdr.label, flag);
+	MAC_CHECK(init_mbuf_label, &m->m_pkthdr.label, flag);
+	if (error) {
+		MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label);
+		mac_destroy_label(&m->m_pkthdr.label);
+	}
+
 #ifdef MAC_DEBUG
-	atomic_add_int(&nmacmbufs, 1);
+	if (error == 0)
+		atomic_add_int(&nmacmbufs, 1);
 #endif
-	return (0);
+	return (error);
 }
 
 void
diff --git a/sys/security/mac/mac_internal.h b/sys/security/mac/mac_internal.h
index dd5d2b3..d21d5df 100644
--- a/sys/security/mac/mac_internal.h
+++ b/sys/security/mac/mac_internal.h
@@ -1101,15 +1101,23 @@ mac_init_ipq(struct ipq *ipq)
 int
 mac_init_mbuf(struct mbuf *m, int flag)
 {
+	int error;
+
 	KASSERT(m->m_flags & M_PKTHDR, ("mac_init_mbuf on non-header mbuf"));
 
 	mac_init_label(&m->m_pkthdr.label);
 
-	MAC_PERFORM(init_mbuf_label, &m->m_pkthdr.label, flag);
+	MAC_CHECK(init_mbuf_label, &m->m_pkthdr.label, flag);
+	if (error) {
+		MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label);
+		mac_destroy_label(&m->m_pkthdr.label);
+	}
+
 #ifdef MAC_DEBUG
-	atomic_add_int(&nmacmbufs, 1);
+	if (error == 0)
+		atomic_add_int(&nmacmbufs, 1);
 #endif
-	return (0);
+	return (error);
 }
 
 void
diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c
index dd5d2b3..d21d5df 100644
--- a/sys/security/mac/mac_net.c
+++ b/sys/security/mac/mac_net.c
@@ -1101,15 +1101,23 @@ mac_init_ipq(struct ipq *ipq)
 int
 mac_init_mbuf(struct mbuf *m, int flag)
 {
+	int error;
+
 	KASSERT(m->m_flags & M_PKTHDR, ("mac_init_mbuf on non-header mbuf"));
 
 	mac_init_label(&m->m_pkthdr.label);
 
-	MAC_PERFORM(init_mbuf_label, &m->m_pkthdr.label, flag);
+	MAC_CHECK(init_mbuf_label, &m->m_pkthdr.label, flag);
+	if (error) {
+		MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label);
+		mac_destroy_label(&m->m_pkthdr.label);
+	}
+
 #ifdef MAC_DEBUG
-	atomic_add_int(&nmacmbufs, 1);
+	if (error == 0)
+		atomic_add_int(&nmacmbufs, 1);
 #endif
-	return (0);
+	return (error);
 }
 
 void
diff --git a/sys/security/mac/mac_pipe.c b/sys/security/mac/mac_pipe.c
index dd5d2b3..d21d5df 100644
--- a/sys/security/mac/mac_pipe.c
+++ b/sys/security/mac/mac_pipe.c
@@ -1101,15 +1101,23 @@ mac_init_ipq(struct ipq *ipq)
 int
 mac_init_mbuf(struct mbuf *m, int flag)
 {
+	int error;
+
 	KASSERT(m->m_flags & M_PKTHDR, ("mac_init_mbuf on non-header mbuf"));
 
 	mac_init_label(&m->m_pkthdr.label);
 
-	MAC_PERFORM(init_mbuf_label, &m->m_pkthdr.label, flag);
+	MAC_CHECK(init_mbuf_label, &m->m_pkthdr.label, flag);
+	if (error) {
+		MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label);
+		mac_destroy_label(&m->m_pkthdr.label);
+	}
+
 #ifdef MAC_DEBUG
-	atomic_add_int(&nmacmbufs, 1);
+	if (error == 0)
+		atomic_add_int(&nmacmbufs, 1);
 #endif
-	return (0);
+	return (error);
 }
 
 void
diff --git a/sys/security/mac/mac_process.c b/sys/security/mac/mac_process.c
index dd5d2b3..d21d5df 100644
--- a/sys/security/mac/mac_process.c
+++ b/sys/security/mac/mac_process.c
@@ -1101,15 +1101,23 @@ mac_init_ipq(struct ipq *ipq)
 int
 mac_init_mbuf(struct mbuf *m, int flag)
 {
+	int error;
+
 	KASSERT(m->m_flags & M_PKTHDR, ("mac_init_mbuf on non-header mbuf"));
 
 	mac_init_label(&m->m_pkthdr.label);
 
-	MAC_PERFORM(init_mbuf_label, &m->m_pkthdr.label, flag);
+	MAC_CHECK(init_mbuf_label, &m->m_pkthdr.label, flag);
+	if (error) {
+		MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label);
+		mac_destroy_label(&m->m_pkthdr.label);
+	}
+
 #ifdef MAC_DEBUG
-	atomic_add_int(&nmacmbufs, 1);
+	if (error == 0)
+		atomic_add_int(&nmacmbufs, 1);
 #endif
-	return (0);
+	return (error);
 }
 
 void
diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c
index dd5d2b3..d21d5df 100644
--- a/sys/security/mac/mac_syscalls.c
+++ b/sys/security/mac/mac_syscalls.c
@@ -1101,15 +1101,23 @@ mac_init_ipq(struct ipq *ipq)
 int
 mac_init_mbuf(struct mbuf *m, int flag)
 {
+	int error;
+
 	KASSERT(m->m_flags & M_PKTHDR, ("mac_init_mbuf on non-header mbuf"));
 
 	mac_init_label(&m->m_pkthdr.label);
 
-	MAC_PERFORM(init_mbuf_label, &m->m_pkthdr.label, flag);
+	MAC_CHECK(init_mbuf_label, &m->m_pkthdr.label, flag);
+	if (error) {
+		MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label);
+		mac_destroy_label(&m->m_pkthdr.label);
+	}
+
 #ifdef MAC_DEBUG
-	atomic_add_int(&nmacmbufs, 1);
+	if (error == 0)
+		atomic_add_int(&nmacmbufs, 1);
 #endif
-	return (0);
+	return (error);
 }
 
 void
diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c
index dd5d2b3..d21d5df 100644
--- a/sys/security/mac/mac_system.c
+++ b/sys/security/mac/mac_system.c
@@ -1101,15 +1101,23 @@ mac_init_ipq(struct ipq *ipq)
 int
 mac_init_mbuf(struct mbuf *m, int flag)
 {
+	int error;
+
 	KASSERT(m->m_flags & M_PKTHDR, ("mac_init_mbuf on non-header mbuf"));
 
 	mac_init_label(&m->m_pkthdr.label);
 
-	MAC_PERFORM(init_mbuf_label, &m->m_pkthdr.label, flag);
+	MAC_CHECK(init_mbuf_label, &m->m_pkthdr.label, flag);
+	if (error) {
+		MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label);
+		mac_destroy_label(&m->m_pkthdr.label);
+	}
+
 #ifdef MAC_DEBUG
-	atomic_add_int(&nmacmbufs, 1);
+	if (error == 0)
+		atomic_add_int(&nmacmbufs, 1);
 #endif
-	return (0);
+	return (error);
 }
 
 void
diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c
index dd5d2b3..d21d5df 100644
--- a/sys/security/mac/mac_vfs.c
+++ b/sys/security/mac/mac_vfs.c
@@ -1101,15 +1101,23 @@ mac_init_ipq(struct ipq *ipq)
 int
 mac_init_mbuf(struct mbuf *m, int flag)
 {
+	int error;
+
 	KASSERT(m->m_flags & M_PKTHDR, ("mac_init_mbuf on non-header mbuf"));
 
 	mac_init_label(&m->m_pkthdr.label);
 
-	MAC_PERFORM(init_mbuf_label, &m->m_pkthdr.label, flag);
+	MAC_CHECK(init_mbuf_label, &m->m_pkthdr.label, flag);
+	if (error) {
+		MAC_PERFORM(destroy_mbuf_label, &m->m_pkthdr.label);
+		mac_destroy_label(&m->m_pkthdr.label);
+	}
+
 #ifdef MAC_DEBUG
-	atomic_add_int(&nmacmbufs, 1);
+	if (error == 0)
+		atomic_add_int(&nmacmbufs, 1);
 #endif
-	return (0);
+	return (error);
 }
 
 void