Push 'security.mac.debug_label_fallback' behind options MAC_DEBUG.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs

8 files changed, 112 insertions, 80 deletions

diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c
index 7722430..607113e 100644
--- a/sys/security/mac/mac_framework.c
+++ b/sys/security/mac/mac_framework.c
@@ -97,16 +97,6 @@ SYSCTL_DECL(_security);
 
 SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0,
     "TrustedBSD MAC policy controls");
-SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
-    "TrustedBSD MAC debug info");
-
-static int	mac_debug_label_fallback = 0;
-SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
-    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
-    "when label is corrupted.");
-TUNABLE_INT("security.mac.debug_label_fallback",
-    &mac_debug_label_fallback);
-
 #ifndef MAC_MAX_POLICIES
 #define	MAC_MAX_POLICIES	8
 #endif
@@ -177,6 +167,16 @@ SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation_via_cow, CTLFLAG_RW,
     "copy-on-write semantics, or by removing all write access");
 
 #ifdef MAC_DEBUG
+SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
+    "TrustedBSD MAC debug info");
+
+static int	mac_debug_label_fallback = 0;
+SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
+    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
+    "when label is corrupted.");
+TUNABLE_INT("security.mac.debug_label_fallback",
+    &mac_debug_label_fallback);
+
 static unsigned int nmacmbufs, nmaccreds, nmacifnets, nmacbpfdescs,
     nmacsockets, nmacmounts, nmactemp, nmacvnodes, nmacdevfsdirents,
     nmacipqs, nmacpipes;
@@ -1082,14 +1082,18 @@ vop_stdrefreshlabel_ea(struct vop_refreshlabel_args *ap)
 		    vp->v_mount->mnt_stat.f_mntonname);
 		if (VOP_GETATTR(vp, &va, curthread->td_ucred, curthread) == 0)
 			printf(" inum %ld", va.va_fileid);
+#ifdef MAC_DEBUG
 		if (mac_debug_label_fallback) {
 			printf(", falling back.\n");
 			mac_update_vnode_from_mount(vp, vp->v_mount);
 			error = 0;
 		} else {
+#endif
 			printf(".\n");
 			error = EPERM;
+#ifdef MAC_DEBUG
 		}
+#endif
 	}
 
 	return (error);
diff --git a/sys/security/mac/mac_internal.h b/sys/security/mac/mac_internal.h
index 7722430..607113e 100644
--- a/sys/security/mac/mac_internal.h
+++ b/sys/security/mac/mac_internal.h
@@ -97,16 +97,6 @@ SYSCTL_DECL(_security);
 
 SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0,
     "TrustedBSD MAC policy controls");
-SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
-    "TrustedBSD MAC debug info");
-
-static int	mac_debug_label_fallback = 0;
-SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
-    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
-    "when label is corrupted.");
-TUNABLE_INT("security.mac.debug_label_fallback",
-    &mac_debug_label_fallback);
-
 #ifndef MAC_MAX_POLICIES
 #define	MAC_MAX_POLICIES	8
 #endif
@@ -177,6 +167,16 @@ SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation_via_cow, CTLFLAG_RW,
     "copy-on-write semantics, or by removing all write access");
 
 #ifdef MAC_DEBUG
+SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
+    "TrustedBSD MAC debug info");
+
+static int	mac_debug_label_fallback = 0;
+SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
+    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
+    "when label is corrupted.");
+TUNABLE_INT("security.mac.debug_label_fallback",
+    &mac_debug_label_fallback);
+
 static unsigned int nmacmbufs, nmaccreds, nmacifnets, nmacbpfdescs,
     nmacsockets, nmacmounts, nmactemp, nmacvnodes, nmacdevfsdirents,
     nmacipqs, nmacpipes;
@@ -1082,14 +1082,18 @@ vop_stdrefreshlabel_ea(struct vop_refreshlabel_args *ap)
 		    vp->v_mount->mnt_stat.f_mntonname);
 		if (VOP_GETATTR(vp, &va, curthread->td_ucred, curthread) == 0)
 			printf(" inum %ld", va.va_fileid);
+#ifdef MAC_DEBUG
 		if (mac_debug_label_fallback) {
 			printf(", falling back.\n");
 			mac_update_vnode_from_mount(vp, vp->v_mount);
 			error = 0;
 		} else {
+#endif
 			printf(".\n");
 			error = EPERM;
+#ifdef MAC_DEBUG
 		}
+#endif
 	}
 
 	return (error);
diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c
index 7722430..607113e 100644
--- a/sys/security/mac/mac_net.c
+++ b/sys/security/mac/mac_net.c
@@ -97,16 +97,6 @@ SYSCTL_DECL(_security);
 
 SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0,
     "TrustedBSD MAC policy controls");
-SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
-    "TrustedBSD MAC debug info");
-
-static int	mac_debug_label_fallback = 0;
-SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
-    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
-    "when label is corrupted.");
-TUNABLE_INT("security.mac.debug_label_fallback",
-    &mac_debug_label_fallback);
-
 #ifndef MAC_MAX_POLICIES
 #define	MAC_MAX_POLICIES	8
 #endif
@@ -177,6 +167,16 @@ SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation_via_cow, CTLFLAG_RW,
     "copy-on-write semantics, or by removing all write access");
 
 #ifdef MAC_DEBUG
+SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
+    "TrustedBSD MAC debug info");
+
+static int	mac_debug_label_fallback = 0;
+SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
+    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
+    "when label is corrupted.");
+TUNABLE_INT("security.mac.debug_label_fallback",
+    &mac_debug_label_fallback);
+
 static unsigned int nmacmbufs, nmaccreds, nmacifnets, nmacbpfdescs,
     nmacsockets, nmacmounts, nmactemp, nmacvnodes, nmacdevfsdirents,
     nmacipqs, nmacpipes;
@@ -1082,14 +1082,18 @@ vop_stdrefreshlabel_ea(struct vop_refreshlabel_args *ap)
 		    vp->v_mount->mnt_stat.f_mntonname);
 		if (VOP_GETATTR(vp, &va, curthread->td_ucred, curthread) == 0)
 			printf(" inum %ld", va.va_fileid);
+#ifdef MAC_DEBUG
 		if (mac_debug_label_fallback) {
 			printf(", falling back.\n");
 			mac_update_vnode_from_mount(vp, vp->v_mount);
 			error = 0;
 		} else {
+#endif
 			printf(".\n");
 			error = EPERM;
+#ifdef MAC_DEBUG
 		}
+#endif
 	}
 
 	return (error);
diff --git a/sys/security/mac/mac_pipe.c b/sys/security/mac/mac_pipe.c
index 7722430..607113e 100644
--- a/sys/security/mac/mac_pipe.c
+++ b/sys/security/mac/mac_pipe.c
@@ -97,16 +97,6 @@ SYSCTL_DECL(_security);
 
 SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0,
     "TrustedBSD MAC policy controls");
-SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
-    "TrustedBSD MAC debug info");
-
-static int	mac_debug_label_fallback = 0;
-SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
-    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
-    "when label is corrupted.");
-TUNABLE_INT("security.mac.debug_label_fallback",
-    &mac_debug_label_fallback);
-
 #ifndef MAC_MAX_POLICIES
 #define	MAC_MAX_POLICIES	8
 #endif
@@ -177,6 +167,16 @@ SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation_via_cow, CTLFLAG_RW,
     "copy-on-write semantics, or by removing all write access");
 
 #ifdef MAC_DEBUG
+SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
+    "TrustedBSD MAC debug info");
+
+static int	mac_debug_label_fallback = 0;
+SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
+    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
+    "when label is corrupted.");
+TUNABLE_INT("security.mac.debug_label_fallback",
+    &mac_debug_label_fallback);
+
 static unsigned int nmacmbufs, nmaccreds, nmacifnets, nmacbpfdescs,
     nmacsockets, nmacmounts, nmactemp, nmacvnodes, nmacdevfsdirents,
     nmacipqs, nmacpipes;
@@ -1082,14 +1082,18 @@ vop_stdrefreshlabel_ea(struct vop_refreshlabel_args *ap)
 		    vp->v_mount->mnt_stat.f_mntonname);
 		if (VOP_GETATTR(vp, &va, curthread->td_ucred, curthread) == 0)
 			printf(" inum %ld", va.va_fileid);
+#ifdef MAC_DEBUG
 		if (mac_debug_label_fallback) {
 			printf(", falling back.\n");
 			mac_update_vnode_from_mount(vp, vp->v_mount);
 			error = 0;
 		} else {
+#endif
 			printf(".\n");
 			error = EPERM;
+#ifdef MAC_DEBUG
 		}
+#endif
 	}
 
 	return (error);
diff --git a/sys/security/mac/mac_process.c b/sys/security/mac/mac_process.c
index 7722430..607113e 100644
--- a/sys/security/mac/mac_process.c
+++ b/sys/security/mac/mac_process.c
@@ -97,16 +97,6 @@ SYSCTL_DECL(_security);
 
 SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0,
     "TrustedBSD MAC policy controls");
-SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
-    "TrustedBSD MAC debug info");
-
-static int	mac_debug_label_fallback = 0;
-SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
-    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
-    "when label is corrupted.");
-TUNABLE_INT("security.mac.debug_label_fallback",
-    &mac_debug_label_fallback);
-
 #ifndef MAC_MAX_POLICIES
 #define	MAC_MAX_POLICIES	8
 #endif
@@ -177,6 +167,16 @@ SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation_via_cow, CTLFLAG_RW,
     "copy-on-write semantics, or by removing all write access");
 
 #ifdef MAC_DEBUG
+SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
+    "TrustedBSD MAC debug info");
+
+static int	mac_debug_label_fallback = 0;
+SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
+    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
+    "when label is corrupted.");
+TUNABLE_INT("security.mac.debug_label_fallback",
+    &mac_debug_label_fallback);
+
 static unsigned int nmacmbufs, nmaccreds, nmacifnets, nmacbpfdescs,
     nmacsockets, nmacmounts, nmactemp, nmacvnodes, nmacdevfsdirents,
     nmacipqs, nmacpipes;
@@ -1082,14 +1082,18 @@ vop_stdrefreshlabel_ea(struct vop_refreshlabel_args *ap)
 		    vp->v_mount->mnt_stat.f_mntonname);
 		if (VOP_GETATTR(vp, &va, curthread->td_ucred, curthread) == 0)
 			printf(" inum %ld", va.va_fileid);
+#ifdef MAC_DEBUG
 		if (mac_debug_label_fallback) {
 			printf(", falling back.\n");
 			mac_update_vnode_from_mount(vp, vp->v_mount);
 			error = 0;
 		} else {
+#endif
 			printf(".\n");
 			error = EPERM;
+#ifdef MAC_DEBUG
 		}
+#endif
 	}
 
 	return (error);
diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c
index 7722430..607113e 100644
--- a/sys/security/mac/mac_syscalls.c
+++ b/sys/security/mac/mac_syscalls.c
@@ -97,16 +97,6 @@ SYSCTL_DECL(_security);
 
 SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0,
     "TrustedBSD MAC policy controls");
-SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
-    "TrustedBSD MAC debug info");
-
-static int	mac_debug_label_fallback = 0;
-SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
-    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
-    "when label is corrupted.");
-TUNABLE_INT("security.mac.debug_label_fallback",
-    &mac_debug_label_fallback);
-
 #ifndef MAC_MAX_POLICIES
 #define	MAC_MAX_POLICIES	8
 #endif
@@ -177,6 +167,16 @@ SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation_via_cow, CTLFLAG_RW,
     "copy-on-write semantics, or by removing all write access");
 
 #ifdef MAC_DEBUG
+SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
+    "TrustedBSD MAC debug info");
+
+static int	mac_debug_label_fallback = 0;
+SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
+    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
+    "when label is corrupted.");
+TUNABLE_INT("security.mac.debug_label_fallback",
+    &mac_debug_label_fallback);
+
 static unsigned int nmacmbufs, nmaccreds, nmacifnets, nmacbpfdescs,
     nmacsockets, nmacmounts, nmactemp, nmacvnodes, nmacdevfsdirents,
     nmacipqs, nmacpipes;
@@ -1082,14 +1082,18 @@ vop_stdrefreshlabel_ea(struct vop_refreshlabel_args *ap)
 		    vp->v_mount->mnt_stat.f_mntonname);
 		if (VOP_GETATTR(vp, &va, curthread->td_ucred, curthread) == 0)
 			printf(" inum %ld", va.va_fileid);
+#ifdef MAC_DEBUG
 		if (mac_debug_label_fallback) {
 			printf(", falling back.\n");
 			mac_update_vnode_from_mount(vp, vp->v_mount);
 			error = 0;
 		} else {
+#endif
 			printf(".\n");
 			error = EPERM;
+#ifdef MAC_DEBUG
 		}
+#endif
 	}
 
 	return (error);
diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c
index 7722430..607113e 100644
--- a/sys/security/mac/mac_system.c
+++ b/sys/security/mac/mac_system.c
@@ -97,16 +97,6 @@ SYSCTL_DECL(_security);
 
 SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0,
     "TrustedBSD MAC policy controls");
-SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
-    "TrustedBSD MAC debug info");
-
-static int	mac_debug_label_fallback = 0;
-SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
-    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
-    "when label is corrupted.");
-TUNABLE_INT("security.mac.debug_label_fallback",
-    &mac_debug_label_fallback);
-
 #ifndef MAC_MAX_POLICIES
 #define	MAC_MAX_POLICIES	8
 #endif
@@ -177,6 +167,16 @@ SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation_via_cow, CTLFLAG_RW,
     "copy-on-write semantics, or by removing all write access");
 
 #ifdef MAC_DEBUG
+SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
+    "TrustedBSD MAC debug info");
+
+static int	mac_debug_label_fallback = 0;
+SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
+    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
+    "when label is corrupted.");
+TUNABLE_INT("security.mac.debug_label_fallback",
+    &mac_debug_label_fallback);
+
 static unsigned int nmacmbufs, nmaccreds, nmacifnets, nmacbpfdescs,
     nmacsockets, nmacmounts, nmactemp, nmacvnodes, nmacdevfsdirents,
     nmacipqs, nmacpipes;
@@ -1082,14 +1082,18 @@ vop_stdrefreshlabel_ea(struct vop_refreshlabel_args *ap)
 		    vp->v_mount->mnt_stat.f_mntonname);
 		if (VOP_GETATTR(vp, &va, curthread->td_ucred, curthread) == 0)
 			printf(" inum %ld", va.va_fileid);
+#ifdef MAC_DEBUG
 		if (mac_debug_label_fallback) {
 			printf(", falling back.\n");
 			mac_update_vnode_from_mount(vp, vp->v_mount);
 			error = 0;
 		} else {
+#endif
 			printf(".\n");
 			error = EPERM;
+#ifdef MAC_DEBUG
 		}
+#endif
 	}
 
 	return (error);
diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c
index 7722430..607113e 100644
--- a/sys/security/mac/mac_vfs.c
+++ b/sys/security/mac/mac_vfs.c
@@ -97,16 +97,6 @@ SYSCTL_DECL(_security);
 
 SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0,
     "TrustedBSD MAC policy controls");
-SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
-    "TrustedBSD MAC debug info");
-
-static int	mac_debug_label_fallback = 0;
-SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
-    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
-    "when label is corrupted.");
-TUNABLE_INT("security.mac.debug_label_fallback",
-    &mac_debug_label_fallback);
-
 #ifndef MAC_MAX_POLICIES
 #define	MAC_MAX_POLICIES	8
 #endif
@@ -177,6 +167,16 @@ SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation_via_cow, CTLFLAG_RW,
     "copy-on-write semantics, or by removing all write access");
 
 #ifdef MAC_DEBUG
+SYSCTL_NODE(_security_mac, OID_AUTO, debug, CTLFLAG_RW, 0,
+    "TrustedBSD MAC debug info");
+
+static int	mac_debug_label_fallback = 0;
+SYSCTL_INT(_security_mac_debug, OID_AUTO, label_fallback, CTLFLAG_RW,
+    &mac_debug_label_fallback, 0, "Filesystems should fall back to fs label"
+    "when label is corrupted.");
+TUNABLE_INT("security.mac.debug_label_fallback",
+    &mac_debug_label_fallback);
+
 static unsigned int nmacmbufs, nmaccreds, nmacifnets, nmacbpfdescs,
     nmacsockets, nmacmounts, nmactemp, nmacvnodes, nmacdevfsdirents,
     nmacipqs, nmacpipes;
@@ -1082,14 +1082,18 @@ vop_stdrefreshlabel_ea(struct vop_refreshlabel_args *ap)
 		    vp->v_mount->mnt_stat.f_mntonname);
 		if (VOP_GETATTR(vp, &va, curthread->td_ucred, curthread) == 0)
 			printf(" inum %ld", va.va_fileid);
+#ifdef MAC_DEBUG
 		if (mac_debug_label_fallback) {
 			printf(", falling back.\n");
 			mac_update_vnode_from_mount(vp, vp->v_mount);
 			error = 0;
 		} else {
+#endif
 			printf(".\n");
 			error = EPERM;
+#ifdef MAC_DEBUG
 		}
+#endif
 	}
 
 	return (error);