diff options
author | rwatson <rwatson@FreeBSD.org> | 2002-08-15 18:58:44 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2002-08-15 18:58:44 +0000 |
commit | 60c2032dc82bb90e75d4211b450596dbe5aa7211 (patch) | |
tree | fb13f25100ff0a872372db62500a78a7761f7324 /sys/netatalk | |
parent | d57d160b95412462bc223d2819c9006ecd02a68d (diff) | |
download | FreeBSD-src-60c2032dc82bb90e75d4211b450596dbe5aa7211.zip FreeBSD-src-60c2032dc82bb90e75d4211b450596dbe5aa7211.tar.gz |
Introduce experimental support for MAC in the AppleTalk/EtherTalk stack.
Label link layer mbufs as they are created for transmission, check
mbufs before delivering them to sockets, label mbufs as they are created
from sockets, and preserve mbuf labels if mbufs are copied.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Diffstat (limited to 'sys/netatalk')
-rw-r--r-- | sys/netatalk/aarp.c | 8 | ||||
-rw-r--r-- | sys/netatalk/ddp_input.c | 10 | ||||
-rw-r--r-- | sys/netatalk/ddp_output.c | 10 |
3 files changed, 28 insertions, 0 deletions
diff --git a/sys/netatalk/aarp.c b/sys/netatalk/aarp.c index 1276624..a22488a 100644 --- a/sys/netatalk/aarp.c +++ b/sys/netatalk/aarp.c @@ -6,9 +6,11 @@ */ #include "opt_atalk.h" +#include "opt_mac.h" #include <sys/param.h> #include <sys/systm.h> +#include <sys/mac.h> #include <sys/mbuf.h> #include <sys/kernel.h> #include <sys/socket.h> @@ -128,6 +130,9 @@ aarpwhohas( struct arpcom *ac, struct sockaddr_at *sat ) if (( m = m_gethdr( M_DONTWAIT, MT_DATA )) == NULL ) { return; } +#ifdef MAC + mac_create_mbuf_linklayer(&ac->ac_if, m); +#endif m->m_len = sizeof( *ea ); m->m_pkthdr.len = sizeof( *ea ); MH_ALIGN( m, sizeof( *ea )); @@ -549,6 +554,9 @@ aarpprobe( void *arg ) if (( m = m_gethdr( M_DONTWAIT, MT_DATA )) == NULL ) { return; } +#ifdef MAC + mac_create_mbuf_linklayer(&ac->ac_if, m); +#endif m->m_len = sizeof( *ea ); m->m_pkthdr.len = sizeof( *ea ); MH_ALIGN( m, sizeof( *ea )); diff --git a/sys/netatalk/ddp_input.c b/sys/netatalk/ddp_input.c index 4ef497b..6db107f 100644 --- a/sys/netatalk/ddp_input.c +++ b/sys/netatalk/ddp_input.c @@ -5,9 +5,12 @@ * $FreeBSD$ */ +#include "opt_mac.h" + #include <sys/param.h> #include <sys/kernel.h> #include <sys/lock.h> +#include <sys/mac.h> #include <sys/mbuf.h> #include <sys/signalvar.h> #include <sys/socket.h> @@ -395,6 +398,13 @@ ddp_input( m, ifp, elh, phase ) return; } +#ifdef MAC + if (mac_check_socket_deliver(ddp->ddp_socket, m) != 0) { + m_freem( m ); + return; + } +#endif + /* * If we found one, deliver th epacket to the socket */ diff --git a/sys/netatalk/ddp_output.c b/sys/netatalk/ddp_output.c index 3d48fd2..f15914b 100644 --- a/sys/netatalk/ddp_output.c +++ b/sys/netatalk/ddp_output.c @@ -23,8 +23,11 @@ /* $FreeBSD$ */ +#include "opt_mac.h" + #include <sys/param.h> #include <sys/systm.h> +#include <sys/mac.h> #include <sys/mbuf.h> #include <sys/socket.h> #include <sys/socketvar.h> @@ -48,6 +51,10 @@ ddp_output( struct mbuf *m, struct socket *so) struct ddpehdr *deh; struct ddpcb *ddp = sotoddpcb( so ); +#ifdef MAC + mac_create_mbuf_from_socket(so, m); +#endif + M_PREPEND( m, sizeof( struct ddpehdr ), M_TRYWAIT ); deh = mtod( m, struct ddpehdr *); @@ -195,6 +202,9 @@ ddp_route( struct mbuf *m, struct route *ro) printf("ddp_route: no buffers\n"); return( ENOBUFS ); } +#ifdef MAC + mac_create_mbuf_from_mbuf(m, m0); +#endif m0->m_next = m; /* XXX perhaps we ought to align the header? */ m0->m_len = SZ_ELAPHDR; |