Remove 'uio' argument from MAC Framework and MAC policy entry points for

extended attribute get/set; in the case of get an uninitialized user buffer was passed before the EA was retrieved, making it of relatively little use; the latter was simply unused by any policies. Obtained from: TrustedBSD Project Sponsored by: Google, Inc.
author: rwatson <rwatson@FreeBSD.org> 2009-03-08 12:32:06 +0000
committer: rwatson <rwatson@FreeBSD.org> 2009-03-08 12:32:06 +0000
commit: ae492d67e0dd5fb22c60f8cf49aacd71cced02ec (patch)
tree: 5ad716ce37201626c4c55f560a037b7d2379e625 /sys/security/mac
parent: b6bad806514e2e92c0c1e3b7ce10c132ef10f499 (diff)
download: FreeBSD-src-ae492d67e0dd5fb22c60f8cf49aacd71cced02ec.zip
FreeBSD-src-ae492d67e0dd5fb22c60f8cf49aacd71cced02ec.tar.gz
3 files changed, 8 insertions, 10 deletions
diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h
index dfc48f8..f515e98e 100644
--- a/sys/security/mac/mac_framework.h
+++ b/sys/security/mac/mac_framework.h
@@ -85,7 +85,6 @@ struct pipepair;
 struct thread;
 struct timespec;
 struct ucred;
-struct uio;
 struct vattr;
 struct vnode;
 struct vop_setlabel_args;
@@ -377,7 +376,7 @@ int	mac_vnode_check_exec(struct ucred *cred, struct vnode *vp,
 int	mac_vnode_check_getacl(struct ucred *cred, struct vnode *vp,
 	    acl_type_t type);
 int	mac_vnode_check_getextattr(struct ucred *cred, struct vnode *vp,
-	    int attrnamespace, const char *name, struct uio *uio);
+	    int attrnamespace, const char *name);
 int	mac_vnode_check_link(struct ucred *cred, struct vnode *dvp,
 	    struct vnode *vp, struct componentname *cnp);
 int	mac_vnode_check_listextattr(struct ucred *cred, struct vnode *vp,
@@ -404,7 +403,7 @@ int	mac_vnode_check_revoke(struct ucred *cred, struct vnode *vp);
 int	mac_vnode_check_setacl(struct ucred *cred, struct vnode *vp,
 	    acl_type_t type, struct acl *acl);
 int	mac_vnode_check_setextattr(struct ucred *cred, struct vnode *vp,
-	    int attrnamespace, const char *name, struct uio *uio);
+	    int attrnamespace, const char *name);
 int	mac_vnode_check_setflags(struct ucred *cred, struct vnode *vp,
 	    u_long flags);
 int	mac_vnode_check_setmode(struct ucred *cred, struct vnode *vp,
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h
index 410906b..b874c41 100644
--- a/sys/security/mac/mac_policy.h
+++ b/sys/security/mac/mac_policy.h
@@ -97,7 +97,6 @@ struct sysctl_oid;
 struct sysctl_req;
 struct thread;
 struct ucred;
-struct uio;
 struct vattr;
 struct vnode;
 
@@ -557,7 +556,7 @@ typedef int	(*mpo_vnode_check_getacl_t)(struct ucred *cred,
 		    acl_type_t type);
 typedef int	(*mpo_vnode_check_getextattr_t)(struct ucred *cred,
 		    struct vnode *vp, struct label *vplabel,
-		    int attrnamespace, const char *name, struct uio *uio);
+		    int attrnamespace, const char *name);
 typedef int	(*mpo_vnode_check_link_t)(struct ucred *cred,
 		    struct vnode *dvp, struct label *dvplabel,
 		    struct vnode *vp, struct label *vplabel,
@@ -606,7 +605,7 @@ typedef int	(*mpo_vnode_check_setacl_t)(struct ucred *cred,
 		    struct acl *acl);
 typedef int	(*mpo_vnode_check_setextattr_t)(struct ucred *cred,
 		    struct vnode *vp, struct label *vplabel,
-		    int attrnamespace, const char *name, struct uio *uio);
+		    int attrnamespace, const char *name);
 typedef int	(*mpo_vnode_check_setflags_t)(struct ucred *cred,
 		    struct vnode *vp, struct label *vplabel, u_long flags);
 typedef int	(*mpo_vnode_check_setmode_t)(struct ucred *cred,
diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c
index 1ebf520..01afb81 100644
--- a/sys/security/mac/mac_vfs.c
+++ b/sys/security/mac/mac_vfs.c
@@ -506,14 +506,14 @@ MAC_CHECK_PROBE_DEFINE4(vnode_check_getextattr, "struct ucred *",
 
 int
 mac_vnode_check_getextattr(struct ucred *cred, struct vnode *vp,
-    int attrnamespace, const char *name, struct uio *uio)
+    int attrnamespace, const char *name)
 {
 	int error;
 
 	ASSERT_VOP_LOCKED(vp, "mac_vnode_check_getextattr");
 
 	MAC_CHECK(vnode_check_getextattr, cred, vp, vp->v_label,
-	    attrnamespace, name, uio);
+	    attrnamespace, name);
 	MAC_CHECK_PROBE4(vnode_check_getextattr, error, cred, vp,
 	    attrnamespace, name);
 
@@ -798,14 +798,14 @@ MAC_CHECK_PROBE_DEFINE4(vnode_check_setextattr, "struct ucred *",
 
 int
 mac_vnode_check_setextattr(struct ucred *cred, struct vnode *vp,
-    int attrnamespace, const char *name, struct uio *uio)
+    int attrnamespace, const char *name)
 {
 	int error;
 
 	ASSERT_VOP_LOCKED(vp, "mac_vnode_check_setextattr");
 
 	MAC_CHECK(vnode_check_setextattr, cred, vp, vp->v_label,
-	    attrnamespace, name, uio);
+	    attrnamespace, name);
 	MAC_CHECK_PROBE4(vnode_check_setextattr, error, cred, vp,
 	    attrnamespace, name);
author	rwatson <rwatson@FreeBSD.org>	2009-03-08 12:32:06 +0000
committer	rwatson <rwatson@FreeBSD.org>	2009-03-08 12:32:06 +0000
commit	ae492d67e0dd5fb22c60f8cf49aacd71cced02ec (patch)
tree	5ad716ce37201626c4c55f560a037b7d2379e625 /sys/security/mac
parent	b6bad806514e2e92c0c1e3b7ce10c132ef10f499 (diff)
download	FreeBSD-src-ae492d67e0dd5fb22c60f8cf49aacd71cced02ec.zip FreeBSD-src-ae492d67e0dd5fb22c60f8cf49aacd71cced02ec.tar.gz