diff options
| author | rwatson <rwatson@FreeBSD.org> | 2003-04-15 21:20:34 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2003-04-15 21:20:34 +0000 |
| commit | 15ebe1b0102133bd6bed16d31282809593f0226d (patch) | |
| tree | 0b862f587798a0c0aee96122348cdbf2bce39781 /sys/security | |
| parent | 4f6904bca33e0bdaea33e9b258bd5987f1f4e220 (diff) | |
| download | FreeBSD-src-15ebe1b0102133bd6bed16d31282809593f0226d.zip FreeBSD-src-15ebe1b0102133bd6bed16d31282809593f0226d.tar.gz | |
Modify mac_test policy to invoke WITNESS_WARN() when a potentially
blocking allocation could occur as a result of a label
initialization. This will simulate the behavior of allocated
label policies such as MLS and Biba when running mac_test from
the perspective of WITNESS lock and sleep warnings.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Diffstat (limited to 'sys/security')
| -rw-r--r-- | sys/security/mac_test/mac_test.c | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index 7f02b6c..2b13379 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -46,6 +46,7 @@ #include <sys/extattr.h> #include <sys/kernel.h> #include <sys/mac.h> +#include <sys/malloc.h> #include <sys/mount.h> #include <sys/proc.h> #include <sys/systm.h> @@ -246,6 +247,11 @@ static int mac_test_init_ipq_label(struct label *label, int flag) { + if (flag & M_WAITOK) + WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, + "mac_test_init_ipq_label() at %s:%d", __FILE__, + __LINE__); + SLOT(label) = IPQMAGIC; atomic_add_int(&init_count_ipq, 1); return (0); @@ -255,6 +261,11 @@ static int mac_test_init_mbuf_label(struct label *label, int flag) { + if (flag & M_WAITOK) + WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, + "mac_test_init_mbuf_label() at %s:%d", __FILE__, + __LINE__); + SLOT(label) = MBUFMAGIC; atomic_add_int(&init_count_mbuf, 1); return (0); @@ -280,6 +291,11 @@ static int mac_test_init_socket_label(struct label *label, int flag) { + if (flag & M_WAITOK) + WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, + "mac_test_init_socket_label() at %s:%d", __FILE__, + __LINE__); + SLOT(label) = SOCKETMAGIC; atomic_add_int(&init_count_socket, 1); return (0); @@ -289,6 +305,11 @@ static int mac_test_init_socket_peer_label(struct label *label, int flag) { + if (flag & M_WAITOK) + WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, + "mac_test_init_socket_peer_label() at %s:%d", __FILE__, + __LINE__); + SLOT(label) = SOCKETMAGIC; atomic_add_int(&init_count_socket_peerlabel, 1); return (0); @@ -392,6 +413,14 @@ static void mac_test_destroy_mbuf_label(struct label *label) { + /* + * If we're loaded dynamically, there may be mbufs in flight that + * didn't have label storage allocated for them. Handle this + * gracefully. + */ + if (label == NULL) + return; + if (SLOT(label) == MBUFMAGIC || SLOT(label) == 0) { atomic_add_int(&destroy_count_mbuf, 1); SLOT(label) = EXMAGIC; |
