diff options
| author | tanimura <tanimura@FreeBSD.org> | 2002-05-31 11:52:35 +0000 |
|---|---|---|
| committer | tanimura <tanimura@FreeBSD.org> | 2002-05-31 11:52:35 +0000 |
| commit | e6fa9b9e922913444c2e6b2b58bf3de5eaed868d (patch) | |
| tree | 9d5f24794525313566896ab89aa860515db344a6 /sys/security/lomac | |
| parent | 1ea6cbb8c29088e04528460633798a6c131ca1ba (diff) | |
| download | FreeBSD-src-e6fa9b9e922913444c2e6b2b58bf3de5eaed868d.zip FreeBSD-src-e6fa9b9e922913444c2e6b2b58bf3de5eaed868d.tar.gz | |
Back out my lats commit of locking down a socket, it conflicts with hsu's work.
Requested by: hsu
Diffstat (limited to 'sys/security/lomac')
| -rw-r--r-- | sys/security/lomac/kernel_interface.c | 11 | ||||
| -rw-r--r-- | sys/security/lomac/kernel_socket.c | 62 |
2 files changed, 16 insertions, 57 deletions
diff --git a/sys/security/lomac/kernel_interface.c b/sys/security/lomac/kernel_interface.c index 9093ff3..adaff99 100644 --- a/sys/security/lomac/kernel_interface.c +++ b/sys/security/lomac/kernel_interface.c @@ -413,15 +413,10 @@ set_object_lattr(lomac_object_t *obj, lattr_t lattr) { case LO_TYPE_SOCKETPAIR: socket = obj->lo_object.socket; /* KASSERT that socket peer levels are synchronized */ - if (lattr.level == LOMAC_HIGHEST_LEVEL) { - SOCK_LOCK(socket); + if (lattr.level == LOMAC_HIGHEST_LEVEL) socket->so_state &= ~SOCKET_LEVEL_LOWEST; - SOCK_UNLOCK(socket); - } else { - SOCK_LOCK(socket); + else socket->so_state |= SOCKET_LEVEL_LOWEST; - SOCK_UNLOCK(socket); - } #ifdef NOT_YET pipe = pipe->pipe_peer; if (pipe != NULL) { @@ -479,10 +474,8 @@ get_object_lattr(const lomac_object_t *obj, lattr_t *lattr) { break; case LO_TYPE_SOCKETPAIR: socket = obj->lo_object.socket; - SOCK_LOCK(socket); lattr->level = (socket->so_state & SOCKET_LEVEL_LOWEST) ? LOMAC_LOWEST_LEVEL : LOMAC_HIGHEST_LEVEL; - SOCK_UNLOCK(socket); lattr->flags = 0; break; default: diff --git a/sys/security/lomac/kernel_socket.c b/sys/security/lomac/kernel_socket.c index 0c62f32..291ccc2 100644 --- a/sys/security/lomac/kernel_socket.c +++ b/sys/security/lomac/kernel_socket.c @@ -245,14 +245,8 @@ lomac_local_connect(struct socket *so, struct sockaddr *nam, struct thread *td) goto bad; } if (so->so_proto->pr_flags & PR_CONNREQUIRED) { - SOCK_LOCK(so2); - if ((so2->so_options & SO_ACCEPTCONN) == 0) { - SOCK_UNLOCK(so2); - error = ECONNREFUSED; - goto bad; - } - SOCK_UNLOCK(so2); - if ((so3 = sonewconn(so2, 0)) == 0) { + if ((so2->so_options & SO_ACCEPTCONN) == 0 || + (so3 = sonewconn(so2, 0)) == 0) { error = ECONNREFUSED; goto bad; } @@ -351,20 +345,15 @@ lomac_local_send( struct socket *so, int flags, struct mbuf *m, error = ENOTCONN; goto out; } - } else { - SOCK_LOCK(so); - if ((so->so_state & SS_ISCONNECTED) == 0) { - SOCK_UNLOCK(so); - if (addr != NULL) { - error = lomac_local_connect(so, addr, td); - if (error) - goto out; /* XXX */ - } else { - error = ENOTCONN; - goto out; - } - } else - SOCK_UNLOCK(so); + } else if ((so->so_state & SS_ISCONNECTED) == 0) { + if (addr != NULL) { + error = lomac_local_connect(so, addr, td); + if (error) + goto out; /* XXX */ + } else { + error = ENOTCONN; + goto out; + } } vp = unp->unp_vnode; if (vp != NULL) { @@ -571,12 +560,8 @@ bad: } if (mp) *mp = (struct mbuf *)0; - SOCK_LOCK(so); - if (so->so_state & SS_ISCONFIRMING && uio->uio_resid) { - SOCK_UNLOCK(so); + if (so->so_state & SS_ISCONFIRMING && uio->uio_resid) (*pr->pr_usrreqs->pru_rcvd)(so, 0); - } else - SOCK_UNLOCK(so); restart: error = sblock(&so->so_rcv, SBLOCKWAIT(flags)); @@ -612,9 +597,7 @@ restart: so->so_error = 0; goto release; } - SOCK_LOCK(so); if (so->so_state & SS_CANTRCVMORE) { - SOCK_UNLOCK(so); if (m) goto dontblock; else @@ -623,25 +606,19 @@ restart: for (; m; m = m->m_next) if (m->m_type == MT_OOBDATA || (m->m_flags & M_EOR)) { m = so->so_rcv.sb_mb; - SOCK_UNLOCK(so); goto dontblock; } if ((so->so_state & (SS_ISCONNECTED|SS_ISCONNECTING)) == 0 && (so->so_proto->pr_flags & PR_CONNREQUIRED)) { - SOCK_UNLOCK(so); error = ENOTCONN; goto release; } - if (uio->uio_resid == 0) { - SOCK_UNLOCK(so); + if (uio->uio_resid == 0) goto release; - } if ((so->so_state & SS_NBIO) || (flags & MSG_DONTWAIT)) { - SOCK_UNLOCK(so); error = EWOULDBLOCK; goto release; } - SOCK_LOCK(so); sbunlock(&so->so_rcv); error = sbwait(&so->so_rcv); splx(s); @@ -710,9 +687,7 @@ dontblock: else KASSERT(m->m_type == MT_DATA || m->m_type == MT_HEADER, ("receive 3")); - SOCK_LOCK(so); so->so_state &= ~SS_RCVATMARK; - SOCK_UNLOCK(so); len = uio->uio_resid; if (so->so_oobmark && len > so->so_oobmark - offset) len = so->so_oobmark - offset; @@ -771,9 +746,7 @@ dontblock: if ((flags & MSG_PEEK) == 0) { so->so_oobmark -= len; if (so->so_oobmark == 0) { - SOCK_LOCK(so); so->so_state |= SS_RCVATMARK; - SOCK_UNLOCK(so); break; } } else { @@ -793,12 +766,8 @@ dontblock: */ while (flags & MSG_WAITALL && m == 0 && uio->uio_resid > 0 && !sosendallatonce(so) && !nextrecord) { - SOCK_LOCK(so); - if (so->so_error || so->so_state & SS_CANTRCVMORE) { - SOCK_UNLOCK(so); + if (so->so_error || so->so_state & SS_CANTRCVMORE) break; - } - SOCK_UNLOCK(so); /* * Notify the protocol that some data has been * drained before blocking. @@ -828,15 +797,12 @@ dontblock: if (pr->pr_flags & PR_WANTRCVD && so->so_pcb) (*pr->pr_usrreqs->pru_rcvd)(so, flags); } - SOCK_LOCK(so); if (orig_resid == uio->uio_resid && orig_resid && (flags & MSG_EOR) == 0 && (so->so_state & SS_CANTRCVMORE) == 0) { - SOCK_UNLOCK(so); sbunlock(&so->so_rcv); splx(s); goto restart; } - SOCK_UNLOCK(so); if (flagsp) *flagsp |= flags; |
