diff options
author | alfred <alfred@FreeBSD.org> | 2003-01-21 08:56:16 +0000 |
---|---|---|
committer | alfred <alfred@FreeBSD.org> | 2003-01-21 08:56:16 +0000 |
commit | bf8e8a6e8f0bd9165109f0a258730dd242299815 (patch) | |
tree | f16a2fb9fa7a7fbc4c19e981d278d5f6eb53234d /sys/security | |
parent | 2180deee00350fff613a1d1d1328eddc4c0ba9c8 (diff) | |
download | FreeBSD-src-bf8e8a6e8f0bd9165109f0a258730dd242299815.zip FreeBSD-src-bf8e8a6e8f0bd9165109f0a258730dd242299815.tar.gz |
Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
Diffstat (limited to 'sys/security')
-rw-r--r-- | sys/security/mac/mac_framework.c | 68 | ||||
-rw-r--r-- | sys/security/mac/mac_internal.h | 68 | ||||
-rw-r--r-- | sys/security/mac/mac_net.c | 68 | ||||
-rw-r--r-- | sys/security/mac/mac_pipe.c | 68 | ||||
-rw-r--r-- | sys/security/mac/mac_process.c | 68 | ||||
-rw-r--r-- | sys/security/mac/mac_syscalls.c | 68 | ||||
-rw-r--r-- | sys/security/mac/mac_system.c | 68 | ||||
-rw-r--r-- | sys/security/mac/mac_vfs.c | 68 | ||||
-rw-r--r-- | sys/security/mac_biba/mac_biba.c | 2 | ||||
-rw-r--r-- | sys/security/mac_bsdextended/mac_bsdextended.c | 2 | ||||
-rw-r--r-- | sys/security/mac_lomac/mac_lomac.c | 4 | ||||
-rw-r--r-- | sys/security/mac_mls/mac_mls.c | 2 |
12 files changed, 277 insertions, 277 deletions
diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c index e9d9eeb..b4df06f 100644 --- a/sys/security/mac/mac_framework.c +++ b/sys/security/mac/mac_framework.c @@ -758,7 +758,7 @@ mac_init_pipe(struct pipe *pipe) { struct label *label; - label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK); + label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO); pipe->pipe_label = label; pipe->pipe_peer->pipe_label = label; mac_init_pipe_label(label); @@ -1323,7 +1323,7 @@ mac_execve_enter(struct image_params *imgp, struct mac *mac_p, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2727,16 +2727,16 @@ mac_ioctl_ifnet_get(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_ifnet_label(&ifnet->if_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -2763,7 +2763,7 @@ mac_ioctl_ifnet_set(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2839,14 +2839,14 @@ mac_setsockopt_label_set(struct ucred *cred, struct socket *so, if (error) return (error); - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, buffer, mac->m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); return (error); } - mac_init_socket_label(&intlabel, M_WAITOK); + mac_init_socket_label(&intlabel, 0); error = mac_internalize_socket_label(&intlabel, buffer); free(buffer, M_MACTEMP); if (error) { @@ -2893,16 +2893,16 @@ mac_getsockopt_label_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_label(&so->so_label, elements, - buffer, mac->m_buflen, M_WAITOK); + buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -2923,16 +2923,16 @@ mac_getsockopt_peerlabel_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_peer_label(&so->so_peerlabel, - elements, buffer, mac->m_buflen, M_WAITOK); + elements, buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -3040,7 +3040,7 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); @@ -3048,9 +3048,9 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&tcred->cr_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3078,16 +3078,16 @@ __mac_get_proc(struct thread *td, struct __mac_get_proc_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&td->td_ucred->cr_label, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3117,7 +3117,7 @@ __mac_set_proc(struct thread *td, struct __mac_set_proc_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3194,14 +3194,14 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ error = fget(td, uap->fd, &fp); if (error) @@ -3241,12 +3241,12 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) case DTYPE_VNODE: if (error == 0) error = mac_externalize_vnode_label(&intlabel, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); mac_destroy_vnode_label(&intlabel); break; case DTYPE_PIPE: error = mac_externalize_pipe_label(&intlabel, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); mac_destroy_pipe_label(&intlabel); break; default: @@ -3284,14 +3284,14 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3302,7 +3302,7 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3339,14 +3339,14 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | NOFOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3357,7 +3357,7 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3396,7 +3396,7 @@ __mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3482,7 +3482,7 @@ __mac_set_file(struct thread *td, struct __mac_set_file_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3538,7 +3538,7 @@ __mac_set_link(struct thread *td, struct __mac_set_link_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); diff --git a/sys/security/mac/mac_internal.h b/sys/security/mac/mac_internal.h index e9d9eeb..b4df06f 100644 --- a/sys/security/mac/mac_internal.h +++ b/sys/security/mac/mac_internal.h @@ -758,7 +758,7 @@ mac_init_pipe(struct pipe *pipe) { struct label *label; - label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK); + label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO); pipe->pipe_label = label; pipe->pipe_peer->pipe_label = label; mac_init_pipe_label(label); @@ -1323,7 +1323,7 @@ mac_execve_enter(struct image_params *imgp, struct mac *mac_p, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2727,16 +2727,16 @@ mac_ioctl_ifnet_get(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_ifnet_label(&ifnet->if_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -2763,7 +2763,7 @@ mac_ioctl_ifnet_set(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2839,14 +2839,14 @@ mac_setsockopt_label_set(struct ucred *cred, struct socket *so, if (error) return (error); - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, buffer, mac->m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); return (error); } - mac_init_socket_label(&intlabel, M_WAITOK); + mac_init_socket_label(&intlabel, 0); error = mac_internalize_socket_label(&intlabel, buffer); free(buffer, M_MACTEMP); if (error) { @@ -2893,16 +2893,16 @@ mac_getsockopt_label_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_label(&so->so_label, elements, - buffer, mac->m_buflen, M_WAITOK); + buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -2923,16 +2923,16 @@ mac_getsockopt_peerlabel_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_peer_label(&so->so_peerlabel, - elements, buffer, mac->m_buflen, M_WAITOK); + elements, buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -3040,7 +3040,7 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); @@ -3048,9 +3048,9 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&tcred->cr_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3078,16 +3078,16 @@ __mac_get_proc(struct thread *td, struct __mac_get_proc_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&td->td_ucred->cr_label, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3117,7 +3117,7 @@ __mac_set_proc(struct thread *td, struct __mac_set_proc_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3194,14 +3194,14 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ error = fget(td, uap->fd, &fp); if (error) @@ -3241,12 +3241,12 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) case DTYPE_VNODE: if (error == 0) error = mac_externalize_vnode_label(&intlabel, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); mac_destroy_vnode_label(&intlabel); break; case DTYPE_PIPE: error = mac_externalize_pipe_label(&intlabel, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); mac_destroy_pipe_label(&intlabel); break; default: @@ -3284,14 +3284,14 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3302,7 +3302,7 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3339,14 +3339,14 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | NOFOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3357,7 +3357,7 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3396,7 +3396,7 @@ __mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3482,7 +3482,7 @@ __mac_set_file(struct thread *td, struct __mac_set_file_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3538,7 +3538,7 @@ __mac_set_link(struct thread *td, struct __mac_set_link_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c index e9d9eeb..b4df06f 100644 --- a/sys/security/mac/mac_net.c +++ b/sys/security/mac/mac_net.c @@ -758,7 +758,7 @@ mac_init_pipe(struct pipe *pipe) { struct label *label; - label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK); + label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO); pipe->pipe_label = label; pipe->pipe_peer->pipe_label = label; mac_init_pipe_label(label); @@ -1323,7 +1323,7 @@ mac_execve_enter(struct image_params *imgp, struct mac *mac_p, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2727,16 +2727,16 @@ mac_ioctl_ifnet_get(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_ifnet_label(&ifnet->if_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -2763,7 +2763,7 @@ mac_ioctl_ifnet_set(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2839,14 +2839,14 @@ mac_setsockopt_label_set(struct ucred *cred, struct socket *so, if (error) return (error); - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, buffer, mac->m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); return (error); } - mac_init_socket_label(&intlabel, M_WAITOK); + mac_init_socket_label(&intlabel, 0); error = mac_internalize_socket_label(&intlabel, buffer); free(buffer, M_MACTEMP); if (error) { @@ -2893,16 +2893,16 @@ mac_getsockopt_label_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_label(&so->so_label, elements, - buffer, mac->m_buflen, M_WAITOK); + buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -2923,16 +2923,16 @@ mac_getsockopt_peerlabel_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_peer_label(&so->so_peerlabel, - elements, buffer, mac->m_buflen, M_WAITOK); + elements, buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -3040,7 +3040,7 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); @@ -3048,9 +3048,9 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&tcred->cr_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3078,16 +3078,16 @@ __mac_get_proc(struct thread *td, struct __mac_get_proc_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&td->td_ucred->cr_label, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3117,7 +3117,7 @@ __mac_set_proc(struct thread *td, struct __mac_set_proc_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3194,14 +3194,14 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ error = fget(td, uap->fd, &fp); if (error) @@ -3241,12 +3241,12 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) case DTYPE_VNODE: if (error == 0) error = mac_externalize_vnode_label(&intlabel, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); mac_destroy_vnode_label(&intlabel); break; case DTYPE_PIPE: error = mac_externalize_pipe_label(&intlabel, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); mac_destroy_pipe_label(&intlabel); break; default: @@ -3284,14 +3284,14 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3302,7 +3302,7 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3339,14 +3339,14 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | NOFOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3357,7 +3357,7 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3396,7 +3396,7 @@ __mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3482,7 +3482,7 @@ __mac_set_file(struct thread *td, struct __mac_set_file_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3538,7 +3538,7 @@ __mac_set_link(struct thread *td, struct __mac_set_link_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); diff --git a/sys/security/mac/mac_pipe.c b/sys/security/mac/mac_pipe.c index e9d9eeb..b4df06f 100644 --- a/sys/security/mac/mac_pipe.c +++ b/sys/security/mac/mac_pipe.c @@ -758,7 +758,7 @@ mac_init_pipe(struct pipe *pipe) { struct label *label; - label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK); + label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO); pipe->pipe_label = label; pipe->pipe_peer->pipe_label = label; mac_init_pipe_label(label); @@ -1323,7 +1323,7 @@ mac_execve_enter(struct image_params *imgp, struct mac *mac_p, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2727,16 +2727,16 @@ mac_ioctl_ifnet_get(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_ifnet_label(&ifnet->if_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -2763,7 +2763,7 @@ mac_ioctl_ifnet_set(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2839,14 +2839,14 @@ mac_setsockopt_label_set(struct ucred *cred, struct socket *so, if (error) return (error); - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, buffer, mac->m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); return (error); } - mac_init_socket_label(&intlabel, M_WAITOK); + mac_init_socket_label(&intlabel, 0); error = mac_internalize_socket_label(&intlabel, buffer); free(buffer, M_MACTEMP); if (error) { @@ -2893,16 +2893,16 @@ mac_getsockopt_label_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_label(&so->so_label, elements, - buffer, mac->m_buflen, M_WAITOK); + buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -2923,16 +2923,16 @@ mac_getsockopt_peerlabel_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_peer_label(&so->so_peerlabel, - elements, buffer, mac->m_buflen, M_WAITOK); + elements, buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -3040,7 +3040,7 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); @@ -3048,9 +3048,9 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&tcred->cr_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3078,16 +3078,16 @@ __mac_get_proc(struct thread *td, struct __mac_get_proc_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&td->td_ucred->cr_label, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3117,7 +3117,7 @@ __mac_set_proc(struct thread *td, struct __mac_set_proc_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3194,14 +3194,14 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ error = fget(td, uap->fd, &fp); if (error) @@ -3241,12 +3241,12 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) case DTYPE_VNODE: if (error == 0) error = mac_externalize_vnode_label(&intlabel, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); mac_destroy_vnode_label(&intlabel); break; case DTYPE_PIPE: error = mac_externalize_pipe_label(&intlabel, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); mac_destroy_pipe_label(&intlabel); break; default: @@ -3284,14 +3284,14 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3302,7 +3302,7 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3339,14 +3339,14 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | NOFOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3357,7 +3357,7 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3396,7 +3396,7 @@ __mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3482,7 +3482,7 @@ __mac_set_file(struct thread *td, struct __mac_set_file_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3538,7 +3538,7 @@ __mac_set_link(struct thread *td, struct __mac_set_link_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); diff --git a/sys/security/mac/mac_process.c b/sys/security/mac/mac_process.c index e9d9eeb..b4df06f 100644 --- a/sys/security/mac/mac_process.c +++ b/sys/security/mac/mac_process.c @@ -758,7 +758,7 @@ mac_init_pipe(struct pipe *pipe) { struct label *label; - label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK); + label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO); pipe->pipe_label = label; pipe->pipe_peer->pipe_label = label; mac_init_pipe_label(label); @@ -1323,7 +1323,7 @@ mac_execve_enter(struct image_params *imgp, struct mac *mac_p, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2727,16 +2727,16 @@ mac_ioctl_ifnet_get(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_ifnet_label(&ifnet->if_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -2763,7 +2763,7 @@ mac_ioctl_ifnet_set(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2839,14 +2839,14 @@ mac_setsockopt_label_set(struct ucred *cred, struct socket *so, if (error) return (error); - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, buffer, mac->m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); return (error); } - mac_init_socket_label(&intlabel, M_WAITOK); + mac_init_socket_label(&intlabel, 0); error = mac_internalize_socket_label(&intlabel, buffer); free(buffer, M_MACTEMP); if (error) { @@ -2893,16 +2893,16 @@ mac_getsockopt_label_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_label(&so->so_label, elements, - buffer, mac->m_buflen, M_WAITOK); + buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -2923,16 +2923,16 @@ mac_getsockopt_peerlabel_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_peer_label(&so->so_peerlabel, - elements, buffer, mac->m_buflen, M_WAITOK); + elements, buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -3040,7 +3040,7 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); @@ -3048,9 +3048,9 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&tcred->cr_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3078,16 +3078,16 @@ __mac_get_proc(struct thread *td, struct __mac_get_proc_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&td->td_ucred->cr_label, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3117,7 +3117,7 @@ __mac_set_proc(struct thread *td, struct __mac_set_proc_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3194,14 +3194,14 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ error = fget(td, uap->fd, &fp); if (error) @@ -3241,12 +3241,12 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) case DTYPE_VNODE: if (error == 0) error = mac_externalize_vnode_label(&intlabel, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); mac_destroy_vnode_label(&intlabel); break; case DTYPE_PIPE: error = mac_externalize_pipe_label(&intlabel, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); mac_destroy_pipe_label(&intlabel); break; default: @@ -3284,14 +3284,14 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3302,7 +3302,7 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3339,14 +3339,14 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | NOFOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3357,7 +3357,7 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3396,7 +3396,7 @@ __mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3482,7 +3482,7 @@ __mac_set_file(struct thread *td, struct __mac_set_file_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3538,7 +3538,7 @@ __mac_set_link(struct thread *td, struct __mac_set_link_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c index e9d9eeb..b4df06f 100644 --- a/sys/security/mac/mac_syscalls.c +++ b/sys/security/mac/mac_syscalls.c @@ -758,7 +758,7 @@ mac_init_pipe(struct pipe *pipe) { struct label *label; - label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK); + label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO); pipe->pipe_label = label; pipe->pipe_peer->pipe_label = label; mac_init_pipe_label(label); @@ -1323,7 +1323,7 @@ mac_execve_enter(struct image_params *imgp, struct mac *mac_p, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2727,16 +2727,16 @@ mac_ioctl_ifnet_get(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_ifnet_label(&ifnet->if_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -2763,7 +2763,7 @@ mac_ioctl_ifnet_set(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2839,14 +2839,14 @@ mac_setsockopt_label_set(struct ucred *cred, struct socket *so, if (error) return (error); - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, buffer, mac->m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); return (error); } - mac_init_socket_label(&intlabel, M_WAITOK); + mac_init_socket_label(&intlabel, 0); error = mac_internalize_socket_label(&intlabel, buffer); free(buffer, M_MACTEMP); if (error) { @@ -2893,16 +2893,16 @@ mac_getsockopt_label_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_label(&so->so_label, elements, - buffer, mac->m_buflen, M_WAITOK); + buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -2923,16 +2923,16 @@ mac_getsockopt_peerlabel_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_peer_label(&so->so_peerlabel, - elements, buffer, mac->m_buflen, M_WAITOK); + elements, buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -3040,7 +3040,7 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); @@ -3048,9 +3048,9 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&tcred->cr_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3078,16 +3078,16 @@ __mac_get_proc(struct thread *td, struct __mac_get_proc_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&td->td_ucred->cr_label, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3117,7 +3117,7 @@ __mac_set_proc(struct thread *td, struct __mac_set_proc_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3194,14 +3194,14 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ error = fget(td, uap->fd, &fp); if (error) @@ -3241,12 +3241,12 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) case DTYPE_VNODE: if (error == 0) error = mac_externalize_vnode_label(&intlabel, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); mac_destroy_vnode_label(&intlabel); break; case DTYPE_PIPE: error = mac_externalize_pipe_label(&intlabel, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); mac_destroy_pipe_label(&intlabel); break; default: @@ -3284,14 +3284,14 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3302,7 +3302,7 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3339,14 +3339,14 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | NOFOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3357,7 +3357,7 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3396,7 +3396,7 @@ __mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3482,7 +3482,7 @@ __mac_set_file(struct thread *td, struct __mac_set_file_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3538,7 +3538,7 @@ __mac_set_link(struct thread *td, struct __mac_set_link_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c index e9d9eeb..b4df06f 100644 --- a/sys/security/mac/mac_system.c +++ b/sys/security/mac/mac_system.c @@ -758,7 +758,7 @@ mac_init_pipe(struct pipe *pipe) { struct label *label; - label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK); + label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO); pipe->pipe_label = label; pipe->pipe_peer->pipe_label = label; mac_init_pipe_label(label); @@ -1323,7 +1323,7 @@ mac_execve_enter(struct image_params *imgp, struct mac *mac_p, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2727,16 +2727,16 @@ mac_ioctl_ifnet_get(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_ifnet_label(&ifnet->if_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -2763,7 +2763,7 @@ mac_ioctl_ifnet_set(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2839,14 +2839,14 @@ mac_setsockopt_label_set(struct ucred *cred, struct socket *so, if (error) return (error); - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, buffer, mac->m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); return (error); } - mac_init_socket_label(&intlabel, M_WAITOK); + mac_init_socket_label(&intlabel, 0); error = mac_internalize_socket_label(&intlabel, buffer); free(buffer, M_MACTEMP); if (error) { @@ -2893,16 +2893,16 @@ mac_getsockopt_label_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_label(&so->so_label, elements, - buffer, mac->m_buflen, M_WAITOK); + buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -2923,16 +2923,16 @@ mac_getsockopt_peerlabel_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_peer_label(&so->so_peerlabel, - elements, buffer, mac->m_buflen, M_WAITOK); + elements, buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -3040,7 +3040,7 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); @@ -3048,9 +3048,9 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&tcred->cr_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3078,16 +3078,16 @@ __mac_get_proc(struct thread *td, struct __mac_get_proc_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&td->td_ucred->cr_label, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3117,7 +3117,7 @@ __mac_set_proc(struct thread *td, struct __mac_set_proc_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3194,14 +3194,14 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ error = fget(td, uap->fd, &fp); if (error) @@ -3241,12 +3241,12 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) case DTYPE_VNODE: if (error == 0) error = mac_externalize_vnode_label(&intlabel, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); mac_destroy_vnode_label(&intlabel); break; case DTYPE_PIPE: error = mac_externalize_pipe_label(&intlabel, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); mac_destroy_pipe_label(&intlabel); break; default: @@ -3284,14 +3284,14 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3302,7 +3302,7 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3339,14 +3339,14 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | NOFOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3357,7 +3357,7 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3396,7 +3396,7 @@ __mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3482,7 +3482,7 @@ __mac_set_file(struct thread *td, struct __mac_set_file_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3538,7 +3538,7 @@ __mac_set_link(struct thread *td, struct __mac_set_link_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c index e9d9eeb..b4df06f 100644 --- a/sys/security/mac/mac_vfs.c +++ b/sys/security/mac/mac_vfs.c @@ -758,7 +758,7 @@ mac_init_pipe(struct pipe *pipe) { struct label *label; - label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO|M_WAITOK); + label = malloc(sizeof(struct label), M_MACPIPELABEL, M_ZERO); pipe->pipe_label = label; pipe->pipe_peer->pipe_label = label; mac_init_pipe_label(label); @@ -1323,7 +1323,7 @@ mac_execve_enter(struct image_params *imgp, struct mac *mac_p, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2727,16 +2727,16 @@ mac_ioctl_ifnet_get(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_ifnet_label(&ifnet->if_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -2763,7 +2763,7 @@ mac_ioctl_ifnet_set(struct ucred *cred, struct ifreq *ifr, if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -2839,14 +2839,14 @@ mac_setsockopt_label_set(struct ucred *cred, struct socket *so, if (error) return (error); - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, buffer, mac->m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); return (error); } - mac_init_socket_label(&intlabel, M_WAITOK); + mac_init_socket_label(&intlabel, 0); error = mac_internalize_socket_label(&intlabel, buffer); free(buffer, M_MACTEMP); if (error) { @@ -2893,16 +2893,16 @@ mac_getsockopt_label_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_label(&so->so_label, elements, - buffer, mac->m_buflen, M_WAITOK); + buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -2923,16 +2923,16 @@ mac_getsockopt_peerlabel_get(struct ucred *cred, struct socket *so, if (error) return (error); - elements = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac->m_buflen, M_MACTEMP, 0); error = copyinstr(mac->m_string, elements, mac->m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac->m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac->m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_socket_peer_label(&so->so_peerlabel, - elements, buffer, mac->m_buflen, M_WAITOK); + elements, buffer, mac->m_buflen, 0); if (error == 0) error = copyout(buffer, mac->m_string, strlen(buffer)+1); @@ -3040,7 +3040,7 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); @@ -3048,9 +3048,9 @@ __mac_get_pid(struct thread *td, struct __mac_get_pid_args *uap) return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&tcred->cr_label, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3078,16 +3078,16 @@ __mac_get_proc(struct thread *td, struct __mac_get_proc_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); error = mac_externalize_cred_label(&td->td_ucred->cr_label, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -3117,7 +3117,7 @@ __mac_set_proc(struct thread *td, struct __mac_set_proc_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3194,14 +3194,14 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ error = fget(td, uap->fd, &fp); if (error) @@ -3241,12 +3241,12 @@ __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap) case DTYPE_VNODE: if (error == 0) error = mac_externalize_vnode_label(&intlabel, - elements, buffer, mac.m_buflen, M_WAITOK); + elements, buffer, mac.m_buflen, 0); mac_destroy_vnode_label(&intlabel); break; case DTYPE_PIPE: error = mac_externalize_pipe_label(&intlabel, elements, - buffer, mac.m_buflen, M_WAITOK); + buffer, mac.m_buflen, 0); mac_destroy_pipe_label(&intlabel); break; default: @@ -3284,14 +3284,14 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3302,7 +3302,7 @@ __mac_get_file(struct thread *td, struct __mac_get_file_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3339,14 +3339,14 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) if (error) return (error); - elements = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + elements = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, elements, mac.m_buflen, NULL); if (error) { free(elements, M_MACTEMP); return (error); } - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); + buffer = malloc(mac.m_buflen, M_MACTEMP, M_ZERO); mtx_lock(&Giant); /* VFS */ NDINIT(&nd, LOOKUP, LOCKLEAF | NOFOLLOW, UIO_USERSPACE, uap->path_p, td); @@ -3357,7 +3357,7 @@ __mac_get_link(struct thread *td, struct __mac_get_link_args *uap) mac_init_vnode_label(&intlabel); mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel); error = mac_externalize_vnode_label(&intlabel, elements, buffer, - mac.m_buflen, M_WAITOK); + mac.m_buflen, 0); NDFREE(&nd, 0); mac_destroy_vnode_label(&intlabel); @@ -3396,7 +3396,7 @@ __mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3482,7 +3482,7 @@ __mac_set_file(struct thread *td, struct __mac_set_file_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); @@ -3538,7 +3538,7 @@ __mac_set_link(struct thread *td, struct __mac_set_link_args *uap) if (error) return (error); - buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK); + buffer = malloc(mac.m_buflen, M_MACTEMP, 0); error = copyinstr(mac.m_string, buffer, mac.m_buflen, NULL); if (error) { free(buffer, M_MACTEMP); diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c index f9db7dd..67cb05b 100644 --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -505,7 +505,7 @@ static void mac_biba_init_label(struct label *label) { - SLOT(label) = biba_alloc(M_WAITOK); + SLOT(label) = biba_alloc(0); } static int diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c index ba357ff..9231125 100644 --- a/sys/security/mac_bsdextended/mac_bsdextended.c +++ b/sys/security/mac_bsdextended/mac_bsdextended.c @@ -164,7 +164,7 @@ sysctl_rule(SYSCTL_HANDLER_ARGS) if (rules[index] == NULL) { /* printf("addition\n"); */ MALLOC(ruleptr, struct mac_bsdextended_rule *, - sizeof(*ruleptr), M_MACBSDEXTENDED, M_WAITOK | + sizeof(*ruleptr), M_MACBSDEXTENDED, M_ZERO); *ruleptr = temprule; rules[index] = ruleptr; diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c index 483fca1..0e796fd 100644 --- a/sys/security/mac_lomac/mac_lomac.c +++ b/sys/security/mac_lomac/mac_lomac.c @@ -621,7 +621,7 @@ static void mac_lomac_init_label(struct label *label) { - SLOT(label) = lomac_alloc(M_WAITOK); + SLOT(label) = lomac_alloc(0); } static int @@ -640,7 +640,7 @@ mac_lomac_init_proc_label(struct label *label) { PSLOT(label) = malloc(sizeof(struct mac_lomac_proc), M_MACLOMAC, - M_ZERO | M_WAITOK); + M_ZERO); mtx_init(&PSLOT(label)->mtx, "MAC/Lomac proc lock", NULL, MTX_DEF); } diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c index f82993d..3948c49 100644 --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -470,7 +470,7 @@ static void mac_mls_init_label(struct label *label) { - SLOT(label) = mls_alloc(M_WAITOK); + SLOT(label) = mls_alloc(0); } static int |