diff options
| -rw-r--r-- | sys/kern/kern_mac.c | 60 | ||||
| -rw-r--r-- | sys/security/mac/mac_framework.c | 60 | ||||
| -rw-r--r-- | sys/security/mac/mac_internal.h | 60 | ||||
| -rw-r--r-- | sys/security/mac/mac_net.c | 60 | ||||
| -rw-r--r-- | sys/security/mac/mac_pipe.c | 60 | ||||
| -rw-r--r-- | sys/security/mac/mac_policy.h | 19 | ||||
| -rw-r--r-- | sys/security/mac/mac_process.c | 60 | ||||
| -rw-r--r-- | sys/security/mac/mac_syscalls.c | 60 | ||||
| -rw-r--r-- | sys/security/mac/mac_system.c | 60 | ||||
| -rw-r--r-- | sys/security/mac/mac_vfs.c | 60 | ||||
| -rw-r--r-- | sys/security/mac_biba/mac_biba.c | 40 | ||||
| -rw-r--r-- | sys/security/mac_lomac/mac_lomac.c | 171 | ||||
| -rw-r--r-- | sys/security/mac_mls/mac_mls.c | 40 | ||||
| -rw-r--r-- | sys/security/mac_none/mac_none.c | 2 | ||||
| -rw-r--r-- | sys/security/mac_partition/mac_partition.c | 10 | ||||
| -rw-r--r-- | sys/security/mac_stub/mac_stub.c | 2 | ||||
| -rw-r--r-- | sys/security/mac_test/mac_test.c | 2 | ||||
| -rw-r--r-- | sys/sys/mac_policy.h | 19 |
18 files changed, 298 insertions, 547 deletions
diff --git a/sys/kern/kern_mac.c b/sys/kern/kern_mac.c index 79a12ec..0d6bf29 100644 --- a/sys/kern/kern_mac.c +++ b/sys/kern/kern_mac.c @@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$"); #include <sys/mac.h> #include <sys/module.h> #include <sys/proc.h> +#include <sys/sbuf.h> #include <sys/systm.h> #include <sys/sysproto.h> #include <sys/sysent.h> @@ -398,65 +399,44 @@ mac_policy_list_unbusy(void) #define MAC_EXTERNALIZE(type, label, elementlist, outbuf, \ outbuflen) do { \ - char *curptr, *curptr_start, *element_name, *element_temp; \ - size_t left, left_start, len; \ - int claimed, first, first_start, ignorenotfound; \ + int claimed, first, ignorenotfound, savedlen; \ + char *element_name, *element_temp; \ + struct sbuf sb; \ \ error = 0; \ - element_temp = elementlist; \ - curptr = outbuf; \ - curptr[0] = '\0'; \ - left = outbuflen; \ first = 1; \ + sbuf_new(&sb, outbuf, outbuflen, SBUF_FIXEDLEN); \ + element_temp = elementlist; \ while ((element_name = strsep(&element_temp, ",")) != NULL) { \ - curptr_start = curptr; \ - left_start = left; \ - first_start = first; \ if (element_name[0] == '?') { \ element_name++; \ ignorenotfound = 1; \ - } else \ + } else \ ignorenotfound = 0; \ - claimed = 0; \ + savedlen = sbuf_len(&sb); \ if (first) { \ - len = snprintf(curptr, left, "%s/", \ - element_name); \ + error = sbuf_printf(&sb, "%s/", element_name); \ first = 0; \ } else \ - len = snprintf(curptr, left, ",%s/", \ - element_name); \ - if (len >= left) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ + error = sbuf_printf(&sb, ",%s/", element_name); \ + if (error == -1) { \ + error = EINVAL; /* XXX: E2BIG? */ \ break; \ } \ - curptr += len; \ - left -= len; \ - \ + claimed = 0; \ MAC_CHECK(externalize_ ## type, label, element_name, \ - curptr, left, &len, &claimed); \ + &sb, &claimed); \ if (error) \ break; \ - if (claimed == 1) { \ - if (len >= outbuflen) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ - break; \ - } \ - curptr += len; \ - left -= len; \ - } else if (claimed == 0 && ignorenotfound) { \ - /* \ - * Revert addition of the label element \ - * name. \ - */ \ - curptr = curptr_start; \ - *curptr = '\0'; \ - left = left_start; \ - first = first_start; \ - } else { \ - error = EINVAL; /* XXXMAC: ENOLABEL */ \ + if (claimed == 0 && ignorenotfound) { \ + /* Revert last label name. */ \ + sbuf_setpos(&sb, savedlen); \ + } else if (claimed != 1) { \ + error = EINVAL; /* XXX: ENOLABEL? */ \ break; \ } \ } \ + sbuf_finish(&sb); \ } while (0) #define MAC_INTERNALIZE(type, label, instring) do { \ diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c index 79a12ec..0d6bf29 100644 --- a/sys/security/mac/mac_framework.c +++ b/sys/security/mac/mac_framework.c @@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$"); #include <sys/mac.h> #include <sys/module.h> #include <sys/proc.h> +#include <sys/sbuf.h> #include <sys/systm.h> #include <sys/sysproto.h> #include <sys/sysent.h> @@ -398,65 +399,44 @@ mac_policy_list_unbusy(void) #define MAC_EXTERNALIZE(type, label, elementlist, outbuf, \ outbuflen) do { \ - char *curptr, *curptr_start, *element_name, *element_temp; \ - size_t left, left_start, len; \ - int claimed, first, first_start, ignorenotfound; \ + int claimed, first, ignorenotfound, savedlen; \ + char *element_name, *element_temp; \ + struct sbuf sb; \ \ error = 0; \ - element_temp = elementlist; \ - curptr = outbuf; \ - curptr[0] = '\0'; \ - left = outbuflen; \ first = 1; \ + sbuf_new(&sb, outbuf, outbuflen, SBUF_FIXEDLEN); \ + element_temp = elementlist; \ while ((element_name = strsep(&element_temp, ",")) != NULL) { \ - curptr_start = curptr; \ - left_start = left; \ - first_start = first; \ if (element_name[0] == '?') { \ element_name++; \ ignorenotfound = 1; \ - } else \ + } else \ ignorenotfound = 0; \ - claimed = 0; \ + savedlen = sbuf_len(&sb); \ if (first) { \ - len = snprintf(curptr, left, "%s/", \ - element_name); \ + error = sbuf_printf(&sb, "%s/", element_name); \ first = 0; \ } else \ - len = snprintf(curptr, left, ",%s/", \ - element_name); \ - if (len >= left) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ + error = sbuf_printf(&sb, ",%s/", element_name); \ + if (error == -1) { \ + error = EINVAL; /* XXX: E2BIG? */ \ break; \ } \ - curptr += len; \ - left -= len; \ - \ + claimed = 0; \ MAC_CHECK(externalize_ ## type, label, element_name, \ - curptr, left, &len, &claimed); \ + &sb, &claimed); \ if (error) \ break; \ - if (claimed == 1) { \ - if (len >= outbuflen) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ - break; \ - } \ - curptr += len; \ - left -= len; \ - } else if (claimed == 0 && ignorenotfound) { \ - /* \ - * Revert addition of the label element \ - * name. \ - */ \ - curptr = curptr_start; \ - *curptr = '\0'; \ - left = left_start; \ - first = first_start; \ - } else { \ - error = EINVAL; /* XXXMAC: ENOLABEL */ \ + if (claimed == 0 && ignorenotfound) { \ + /* Revert last label name. */ \ + sbuf_setpos(&sb, savedlen); \ + } else if (claimed != 1) { \ + error = EINVAL; /* XXX: ENOLABEL? */ \ break; \ } \ } \ + sbuf_finish(&sb); \ } while (0) #define MAC_INTERNALIZE(type, label, instring) do { \ diff --git a/sys/security/mac/mac_internal.h b/sys/security/mac/mac_internal.h index 79a12ec..0d6bf29 100644 --- a/sys/security/mac/mac_internal.h +++ b/sys/security/mac/mac_internal.h @@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$"); #include <sys/mac.h> #include <sys/module.h> #include <sys/proc.h> +#include <sys/sbuf.h> #include <sys/systm.h> #include <sys/sysproto.h> #include <sys/sysent.h> @@ -398,65 +399,44 @@ mac_policy_list_unbusy(void) #define MAC_EXTERNALIZE(type, label, elementlist, outbuf, \ outbuflen) do { \ - char *curptr, *curptr_start, *element_name, *element_temp; \ - size_t left, left_start, len; \ - int claimed, first, first_start, ignorenotfound; \ + int claimed, first, ignorenotfound, savedlen; \ + char *element_name, *element_temp; \ + struct sbuf sb; \ \ error = 0; \ - element_temp = elementlist; \ - curptr = outbuf; \ - curptr[0] = '\0'; \ - left = outbuflen; \ first = 1; \ + sbuf_new(&sb, outbuf, outbuflen, SBUF_FIXEDLEN); \ + element_temp = elementlist; \ while ((element_name = strsep(&element_temp, ",")) != NULL) { \ - curptr_start = curptr; \ - left_start = left; \ - first_start = first; \ if (element_name[0] == '?') { \ element_name++; \ ignorenotfound = 1; \ - } else \ + } else \ ignorenotfound = 0; \ - claimed = 0; \ + savedlen = sbuf_len(&sb); \ if (first) { \ - len = snprintf(curptr, left, "%s/", \ - element_name); \ + error = sbuf_printf(&sb, "%s/", element_name); \ first = 0; \ } else \ - len = snprintf(curptr, left, ",%s/", \ - element_name); \ - if (len >= left) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ + error = sbuf_printf(&sb, ",%s/", element_name); \ + if (error == -1) { \ + error = EINVAL; /* XXX: E2BIG? */ \ break; \ } \ - curptr += len; \ - left -= len; \ - \ + claimed = 0; \ MAC_CHECK(externalize_ ## type, label, element_name, \ - curptr, left, &len, &claimed); \ + &sb, &claimed); \ if (error) \ break; \ - if (claimed == 1) { \ - if (len >= outbuflen) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ - break; \ - } \ - curptr += len; \ - left -= len; \ - } else if (claimed == 0 && ignorenotfound) { \ - /* \ - * Revert addition of the label element \ - * name. \ - */ \ - curptr = curptr_start; \ - *curptr = '\0'; \ - left = left_start; \ - first = first_start; \ - } else { \ - error = EINVAL; /* XXXMAC: ENOLABEL */ \ + if (claimed == 0 && ignorenotfound) { \ + /* Revert last label name. */ \ + sbuf_setpos(&sb, savedlen); \ + } else if (claimed != 1) { \ + error = EINVAL; /* XXX: ENOLABEL? */ \ break; \ } \ } \ + sbuf_finish(&sb); \ } while (0) #define MAC_INTERNALIZE(type, label, instring) do { \ diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c index 79a12ec..0d6bf29 100644 --- a/sys/security/mac/mac_net.c +++ b/sys/security/mac/mac_net.c @@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$"); #include <sys/mac.h> #include <sys/module.h> #include <sys/proc.h> +#include <sys/sbuf.h> #include <sys/systm.h> #include <sys/sysproto.h> #include <sys/sysent.h> @@ -398,65 +399,44 @@ mac_policy_list_unbusy(void) #define MAC_EXTERNALIZE(type, label, elementlist, outbuf, \ outbuflen) do { \ - char *curptr, *curptr_start, *element_name, *element_temp; \ - size_t left, left_start, len; \ - int claimed, first, first_start, ignorenotfound; \ + int claimed, first, ignorenotfound, savedlen; \ + char *element_name, *element_temp; \ + struct sbuf sb; \ \ error = 0; \ - element_temp = elementlist; \ - curptr = outbuf; \ - curptr[0] = '\0'; \ - left = outbuflen; \ first = 1; \ + sbuf_new(&sb, outbuf, outbuflen, SBUF_FIXEDLEN); \ + element_temp = elementlist; \ while ((element_name = strsep(&element_temp, ",")) != NULL) { \ - curptr_start = curptr; \ - left_start = left; \ - first_start = first; \ if (element_name[0] == '?') { \ element_name++; \ ignorenotfound = 1; \ - } else \ + } else \ ignorenotfound = 0; \ - claimed = 0; \ + savedlen = sbuf_len(&sb); \ if (first) { \ - len = snprintf(curptr, left, "%s/", \ - element_name); \ + error = sbuf_printf(&sb, "%s/", element_name); \ first = 0; \ } else \ - len = snprintf(curptr, left, ",%s/", \ - element_name); \ - if (len >= left) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ + error = sbuf_printf(&sb, ",%s/", element_name); \ + if (error == -1) { \ + error = EINVAL; /* XXX: E2BIG? */ \ break; \ } \ - curptr += len; \ - left -= len; \ - \ + claimed = 0; \ MAC_CHECK(externalize_ ## type, label, element_name, \ - curptr, left, &len, &claimed); \ + &sb, &claimed); \ if (error) \ break; \ - if (claimed == 1) { \ - if (len >= outbuflen) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ - break; \ - } \ - curptr += len; \ - left -= len; \ - } else if (claimed == 0 && ignorenotfound) { \ - /* \ - * Revert addition of the label element \ - * name. \ - */ \ - curptr = curptr_start; \ - *curptr = '\0'; \ - left = left_start; \ - first = first_start; \ - } else { \ - error = EINVAL; /* XXXMAC: ENOLABEL */ \ + if (claimed == 0 && ignorenotfound) { \ + /* Revert last label name. */ \ + sbuf_setpos(&sb, savedlen); \ + } else if (claimed != 1) { \ + error = EINVAL; /* XXX: ENOLABEL? */ \ break; \ } \ } \ + sbuf_finish(&sb); \ } while (0) #define MAC_INTERNALIZE(type, label, instring) do { \ diff --git a/sys/security/mac/mac_pipe.c b/sys/security/mac/mac_pipe.c index 79a12ec..0d6bf29 100644 --- a/sys/security/mac/mac_pipe.c +++ b/sys/security/mac/mac_pipe.c @@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$"); #include <sys/mac.h> #include <sys/module.h> #include <sys/proc.h> +#include <sys/sbuf.h> #include <sys/systm.h> #include <sys/sysproto.h> #include <sys/sysent.h> @@ -398,65 +399,44 @@ mac_policy_list_unbusy(void) #define MAC_EXTERNALIZE(type, label, elementlist, outbuf, \ outbuflen) do { \ - char *curptr, *curptr_start, *element_name, *element_temp; \ - size_t left, left_start, len; \ - int claimed, first, first_start, ignorenotfound; \ + int claimed, first, ignorenotfound, savedlen; \ + char *element_name, *element_temp; \ + struct sbuf sb; \ \ error = 0; \ - element_temp = elementlist; \ - curptr = outbuf; \ - curptr[0] = '\0'; \ - left = outbuflen; \ first = 1; \ + sbuf_new(&sb, outbuf, outbuflen, SBUF_FIXEDLEN); \ + element_temp = elementlist; \ while ((element_name = strsep(&element_temp, ",")) != NULL) { \ - curptr_start = curptr; \ - left_start = left; \ - first_start = first; \ if (element_name[0] == '?') { \ element_name++; \ ignorenotfound = 1; \ - } else \ + } else \ ignorenotfound = 0; \ - claimed = 0; \ + savedlen = sbuf_len(&sb); \ if (first) { \ - len = snprintf(curptr, left, "%s/", \ - element_name); \ + error = sbuf_printf(&sb, "%s/", element_name); \ first = 0; \ } else \ - len = snprintf(curptr, left, ",%s/", \ - element_name); \ - if (len >= left) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ + error = sbuf_printf(&sb, ",%s/", element_name); \ + if (error == -1) { \ + error = EINVAL; /* XXX: E2BIG? */ \ break; \ } \ - curptr += len; \ - left -= len; \ - \ + claimed = 0; \ MAC_CHECK(externalize_ ## type, label, element_name, \ - curptr, left, &len, &claimed); \ + &sb, &claimed); \ if (error) \ break; \ - if (claimed == 1) { \ - if (len >= outbuflen) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ - break; \ - } \ - curptr += len; \ - left -= len; \ - } else if (claimed == 0 && ignorenotfound) { \ - /* \ - * Revert addition of the label element \ - * name. \ - */ \ - curptr = curptr_start; \ - *curptr = '\0'; \ - left = left_start; \ - first = first_start; \ - } else { \ - error = EINVAL; /* XXXMAC: ENOLABEL */ \ + if (claimed == 0 && ignorenotfound) { \ + /* Revert last label name. */ \ + sbuf_setpos(&sb, savedlen); \ + } else if (claimed != 1) { \ + error = EINVAL; /* XXX: ENOLABEL? */ \ break; \ } \ } \ + sbuf_finish(&sb); \ } while (0) #define MAC_INTERNALIZE(type, label, instring) do { \ diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h index 878b961..b1f7a43 100644 --- a/sys/security/mac/mac_policy.h +++ b/sys/security/mac/mac_policy.h @@ -60,6 +60,7 @@ struct mac_policy_conf; struct mbuf; struct mount; struct pipe; +struct sbuf; struct socket; struct ucred; struct uio; @@ -114,23 +115,17 @@ struct mac_policy_ops { void (*mpo_copy_vnode_label)(struct label *src, struct label *dest); int (*mpo_externalize_cred_label)(struct label *label, - char *element_name, char *buffer, size_t buflen, - size_t *len, int *claimed); + char *element_name, struct sbuf *sb, int *claimed); int (*mpo_externalize_ifnet_label)(struct label *label, - char *element_name, char *buffer, size_t buflen, - size_t *len, int *claimed); + char *element_name, struct sbuf *sb, int *claimed); int (*mpo_externalize_pipe_label)(struct label *label, - char *element_name, char *buffer, size_t buflen, - size_t *len, int *claimed); + char *element_name, struct sbuf *sb, int *claimed); int (*mpo_externalize_socket_label)(struct label *label, - char *element_name, char *buffer, size_t buflen, - size_t *len, int *claimed); + char *element_name, struct sbuf *sb, int *claimed); int (*mpo_externalize_socket_peer_label)(struct label *label, - char *element_name, char *buffer, size_t buflen, - size_t *len, int *claimed); + char *element_name, struct sbuf *sb, int *claimed); int (*mpo_externalize_vnode_label)(struct label *label, - char *element_name, char *buffer, size_t buflen, - size_t *len, int *claimed); + char *element_name, struct sbuf *sb, int *claimed); int (*mpo_internalize_cred_label)(struct label *label, char *element_name, char *element_data, int *claimed); int (*mpo_internalize_ifnet_label)(struct label *label, diff --git a/sys/security/mac/mac_process.c b/sys/security/mac/mac_process.c index 79a12ec..0d6bf29 100644 --- a/sys/security/mac/mac_process.c +++ b/sys/security/mac/mac_process.c @@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$"); #include <sys/mac.h> #include <sys/module.h> #include <sys/proc.h> +#include <sys/sbuf.h> #include <sys/systm.h> #include <sys/sysproto.h> #include <sys/sysent.h> @@ -398,65 +399,44 @@ mac_policy_list_unbusy(void) #define MAC_EXTERNALIZE(type, label, elementlist, outbuf, \ outbuflen) do { \ - char *curptr, *curptr_start, *element_name, *element_temp; \ - size_t left, left_start, len; \ - int claimed, first, first_start, ignorenotfound; \ + int claimed, first, ignorenotfound, savedlen; \ + char *element_name, *element_temp; \ + struct sbuf sb; \ \ error = 0; \ - element_temp = elementlist; \ - curptr = outbuf; \ - curptr[0] = '\0'; \ - left = outbuflen; \ first = 1; \ + sbuf_new(&sb, outbuf, outbuflen, SBUF_FIXEDLEN); \ + element_temp = elementlist; \ while ((element_name = strsep(&element_temp, ",")) != NULL) { \ - curptr_start = curptr; \ - left_start = left; \ - first_start = first; \ if (element_name[0] == '?') { \ element_name++; \ ignorenotfound = 1; \ - } else \ + } else \ ignorenotfound = 0; \ - claimed = 0; \ + savedlen = sbuf_len(&sb); \ if (first) { \ - len = snprintf(curptr, left, "%s/", \ - element_name); \ + error = sbuf_printf(&sb, "%s/", element_name); \ first = 0; \ } else \ - len = snprintf(curptr, left, ",%s/", \ - element_name); \ - if (len >= left) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ + error = sbuf_printf(&sb, ",%s/", element_name); \ + if (error == -1) { \ + error = EINVAL; /* XXX: E2BIG? */ \ break; \ } \ - curptr += len; \ - left -= len; \ - \ + claimed = 0; \ MAC_CHECK(externalize_ ## type, label, element_name, \ - curptr, left, &len, &claimed); \ + &sb, &claimed); \ if (error) \ break; \ - if (claimed == 1) { \ - if (len >= outbuflen) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ - break; \ - } \ - curptr += len; \ - left -= len; \ - } else if (claimed == 0 && ignorenotfound) { \ - /* \ - * Revert addition of the label element \ - * name. \ - */ \ - curptr = curptr_start; \ - *curptr = '\0'; \ - left = left_start; \ - first = first_start; \ - } else { \ - error = EINVAL; /* XXXMAC: ENOLABEL */ \ + if (claimed == 0 && ignorenotfound) { \ + /* Revert last label name. */ \ + sbuf_setpos(&sb, savedlen); \ + } else if (claimed != 1) { \ + error = EINVAL; /* XXX: ENOLABEL? */ \ break; \ } \ } \ + sbuf_finish(&sb); \ } while (0) #define MAC_INTERNALIZE(type, label, instring) do { \ diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c index 79a12ec..0d6bf29 100644 --- a/sys/security/mac/mac_syscalls.c +++ b/sys/security/mac/mac_syscalls.c @@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$"); #include <sys/mac.h> #include <sys/module.h> #include <sys/proc.h> +#include <sys/sbuf.h> #include <sys/systm.h> #include <sys/sysproto.h> #include <sys/sysent.h> @@ -398,65 +399,44 @@ mac_policy_list_unbusy(void) #define MAC_EXTERNALIZE(type, label, elementlist, outbuf, \ outbuflen) do { \ - char *curptr, *curptr_start, *element_name, *element_temp; \ - size_t left, left_start, len; \ - int claimed, first, first_start, ignorenotfound; \ + int claimed, first, ignorenotfound, savedlen; \ + char *element_name, *element_temp; \ + struct sbuf sb; \ \ error = 0; \ - element_temp = elementlist; \ - curptr = outbuf; \ - curptr[0] = '\0'; \ - left = outbuflen; \ first = 1; \ + sbuf_new(&sb, outbuf, outbuflen, SBUF_FIXEDLEN); \ + element_temp = elementlist; \ while ((element_name = strsep(&element_temp, ",")) != NULL) { \ - curptr_start = curptr; \ - left_start = left; \ - first_start = first; \ if (element_name[0] == '?') { \ element_name++; \ ignorenotfound = 1; \ - } else \ + } else \ ignorenotfound = 0; \ - claimed = 0; \ + savedlen = sbuf_len(&sb); \ if (first) { \ - len = snprintf(curptr, left, "%s/", \ - element_name); \ + error = sbuf_printf(&sb, "%s/", element_name); \ first = 0; \ } else \ - len = snprintf(curptr, left, ",%s/", \ - element_name); \ - if (len >= left) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ + error = sbuf_printf(&sb, ",%s/", element_name); \ + if (error == -1) { \ + error = EINVAL; /* XXX: E2BIG? */ \ break; \ } \ - curptr += len; \ - left -= len; \ - \ + claimed = 0; \ MAC_CHECK(externalize_ ## type, label, element_name, \ - curptr, left, &len, &claimed); \ + &sb, &claimed); \ if (error) \ break; \ - if (claimed == 1) { \ - if (len >= outbuflen) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ - break; \ - } \ - curptr += len; \ - left -= len; \ - } else if (claimed == 0 && ignorenotfound) { \ - /* \ - * Revert addition of the label element \ - * name. \ - */ \ - curptr = curptr_start; \ - *curptr = '\0'; \ - left = left_start; \ - first = first_start; \ - } else { \ - error = EINVAL; /* XXXMAC: ENOLABEL */ \ + if (claimed == 0 && ignorenotfound) { \ + /* Revert last label name. */ \ + sbuf_setpos(&sb, savedlen); \ + } else if (claimed != 1) { \ + error = EINVAL; /* XXX: ENOLABEL? */ \ break; \ } \ } \ + sbuf_finish(&sb); \ } while (0) #define MAC_INTERNALIZE(type, label, instring) do { \ diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c index 79a12ec..0d6bf29 100644 --- a/sys/security/mac/mac_system.c +++ b/sys/security/mac/mac_system.c @@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$"); #include <sys/mac.h> #include <sys/module.h> #include <sys/proc.h> +#include <sys/sbuf.h> #include <sys/systm.h> #include <sys/sysproto.h> #include <sys/sysent.h> @@ -398,65 +399,44 @@ mac_policy_list_unbusy(void) #define MAC_EXTERNALIZE(type, label, elementlist, outbuf, \ outbuflen) do { \ - char *curptr, *curptr_start, *element_name, *element_temp; \ - size_t left, left_start, len; \ - int claimed, first, first_start, ignorenotfound; \ + int claimed, first, ignorenotfound, savedlen; \ + char *element_name, *element_temp; \ + struct sbuf sb; \ \ error = 0; \ - element_temp = elementlist; \ - curptr = outbuf; \ - curptr[0] = '\0'; \ - left = outbuflen; \ first = 1; \ + sbuf_new(&sb, outbuf, outbuflen, SBUF_FIXEDLEN); \ + element_temp = elementlist; \ while ((element_name = strsep(&element_temp, ",")) != NULL) { \ - curptr_start = curptr; \ - left_start = left; \ - first_start = first; \ if (element_name[0] == '?') { \ element_name++; \ ignorenotfound = 1; \ - } else \ + } else \ ignorenotfound = 0; \ - claimed = 0; \ + savedlen = sbuf_len(&sb); \ if (first) { \ - len = snprintf(curptr, left, "%s/", \ - element_name); \ + error = sbuf_printf(&sb, "%s/", element_name); \ first = 0; \ } else \ - len = snprintf(curptr, left, ",%s/", \ - element_name); \ - if (len >= left) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ + error = sbuf_printf(&sb, ",%s/", element_name); \ + if (error == -1) { \ + error = EINVAL; /* XXX: E2BIG? */ \ break; \ } \ - curptr += len; \ - left -= len; \ - \ + claimed = 0; \ MAC_CHECK(externalize_ ## type, label, element_name, \ - curptr, left, &len, &claimed); \ + &sb, &claimed); \ if (error) \ break; \ - if (claimed == 1) { \ - if (len >= outbuflen) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ - break; \ - } \ - curptr += len; \ - left -= len; \ - } else if (claimed == 0 && ignorenotfound) { \ - /* \ - * Revert addition of the label element \ - * name. \ - */ \ - curptr = curptr_start; \ - *curptr = '\0'; \ - left = left_start; \ - first = first_start; \ - } else { \ - error = EINVAL; /* XXXMAC: ENOLABEL */ \ + if (claimed == 0 && ignorenotfound) { \ + /* Revert last label name. */ \ + sbuf_setpos(&sb, savedlen); \ + } else if (claimed != 1) { \ + error = EINVAL; /* XXX: ENOLABEL? */ \ break; \ } \ } \ + sbuf_finish(&sb); \ } while (0) #define MAC_INTERNALIZE(type, label, instring) do { \ diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c index 79a12ec..0d6bf29 100644 --- a/sys/security/mac/mac_vfs.c +++ b/sys/security/mac/mac_vfs.c @@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$"); #include <sys/mac.h> #include <sys/module.h> #include <sys/proc.h> +#include <sys/sbuf.h> #include <sys/systm.h> #include <sys/sysproto.h> #include <sys/sysent.h> @@ -398,65 +399,44 @@ mac_policy_list_unbusy(void) #define MAC_EXTERNALIZE(type, label, elementlist, outbuf, \ outbuflen) do { \ - char *curptr, *curptr_start, *element_name, *element_temp; \ - size_t left, left_start, len; \ - int claimed, first, first_start, ignorenotfound; \ + int claimed, first, ignorenotfound, savedlen; \ + char *element_name, *element_temp; \ + struct sbuf sb; \ \ error = 0; \ - element_temp = elementlist; \ - curptr = outbuf; \ - curptr[0] = '\0'; \ - left = outbuflen; \ first = 1; \ + sbuf_new(&sb, outbuf, outbuflen, SBUF_FIXEDLEN); \ + element_temp = elementlist; \ while ((element_name = strsep(&element_temp, ",")) != NULL) { \ - curptr_start = curptr; \ - left_start = left; \ - first_start = first; \ if (element_name[0] == '?') { \ element_name++; \ ignorenotfound = 1; \ - } else \ + } else \ ignorenotfound = 0; \ - claimed = 0; \ + savedlen = sbuf_len(&sb); \ if (first) { \ - len = snprintf(curptr, left, "%s/", \ - element_name); \ + error = sbuf_printf(&sb, "%s/", element_name); \ first = 0; \ } else \ - len = snprintf(curptr, left, ",%s/", \ - element_name); \ - if (len >= left) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ + error = sbuf_printf(&sb, ",%s/", element_name); \ + if (error == -1) { \ + error = EINVAL; /* XXX: E2BIG? */ \ break; \ } \ - curptr += len; \ - left -= len; \ - \ + claimed = 0; \ MAC_CHECK(externalize_ ## type, label, element_name, \ - curptr, left, &len, &claimed); \ + &sb, &claimed); \ if (error) \ break; \ - if (claimed == 1) { \ - if (len >= outbuflen) { \ - error = EINVAL; /* XXXMAC: E2BIG */ \ - break; \ - } \ - curptr += len; \ - left -= len; \ - } else if (claimed == 0 && ignorenotfound) { \ - /* \ - * Revert addition of the label element \ - * name. \ - */ \ - curptr = curptr_start; \ - *curptr = '\0'; \ - left = left_start; \ - first = first_start; \ - } else { \ - error = EINVAL; /* XXXMAC: ENOLABEL */ \ + if (claimed == 0 && ignorenotfound) { \ + /* Revert last label name. */ \ + sbuf_setpos(&sb, savedlen); \ + } else if (claimed != 1) { \ + error = EINVAL; /* XXX: ENOLABEL? */ \ break; \ } \ } \ + sbuf_finish(&sb); \ } while (0) #define MAC_INTERNALIZE(type, label, instring) do { \ diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c index fa9d5e2..60575c0 100644 --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -576,57 +576,49 @@ mac_biba_element_to_string(struct sbuf *sb, struct mac_biba_element *element) } /* - * mac_biba_to_string() converts an Biba label to a string, placing the - * results in the passed string buffer. It returns 0 on success, - * or EINVAL if there isn't room in the buffer. The size of the - * string appended, leaving out the nul termination, is returned to - * the caller via *caller_len. Eventually, we should expose the - * sbuf to the caller rather than using C strings at this layer. + * mac_biba_to_string() converts a Biba label to a string, and places + * the results in the passed sbuf. It returns 0 on success, or EINVAL + * if there isn't room in the sbuf. Note: the sbuf will be modified + * even in a failure case, so the caller may need to revert the sbuf + * by restoring the offset if that's undesired. */ static int -mac_biba_to_string(char *string, size_t size, size_t *caller_len, - struct mac_biba *mac_biba) +mac_biba_to_string(struct sbuf *sb, struct mac_biba *mac_biba) { - struct sbuf sb; - - sbuf_new(&sb, string, size, SBUF_FIXEDLEN); if (mac_biba->mb_flags & MAC_BIBA_FLAG_SINGLE) { - if (mac_biba_element_to_string(&sb, &mac_biba->mb_single) + if (mac_biba_element_to_string(sb, &mac_biba->mb_single) == -1) return (EINVAL); } if (mac_biba->mb_flags & MAC_BIBA_FLAG_RANGE) { - if (sbuf_putc(&sb, '(') == -1) + if (sbuf_putc(sb, '(') == -1) return (EINVAL); - if (mac_biba_element_to_string(&sb, &mac_biba->mb_rangelow) + if (mac_biba_element_to_string(sb, &mac_biba->mb_rangelow) == -1) return (EINVAL); - if (sbuf_putc(&sb, '-') == -1) + if (sbuf_putc(sb, '-') == -1) return (EINVAL); - if (mac_biba_element_to_string(&sb, &mac_biba->mb_rangehigh) + if (mac_biba_element_to_string(sb, &mac_biba->mb_rangehigh) == -1) return (EINVAL); - if (sbuf_putc(&sb, ')') == -1) + if (sbuf_putc(sb, ')') == -1) return (EINVAL); } - sbuf_finish(&sb); - *caller_len = strlen(string); return (0); } static int mac_biba_externalize_label(struct label *label, char *element_name, - char *element_data, size_t size, size_t *len, int *claimed) + struct sbuf *sb, int *claimed) { struct mac_biba *mac_biba; - int error; if (strcmp(MAC_BIBA_LABEL_NAME, element_name) != 0) return (0); @@ -634,11 +626,7 @@ mac_biba_externalize_label(struct label *label, char *element_name, (*claimed)++; mac_biba = SLOT(label); - error = mac_biba_to_string(element_data, size, len, mac_biba); - if (error) - return (error); - - return (0); + return (mac_biba_to_string(sb, mac_biba)); } static int diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c index 57c95e8..0f85c07 100644 --- a/sys/security/mac_lomac/mac_lomac.c +++ b/sys/security/mac_lomac/mac_lomac.c @@ -49,6 +49,7 @@ #include <sys/malloc.h> #include <sys/mount.h> #include <sys/proc.h> +#include <sys/sbuf.h> #include <sys/systm.h> #include <sys/sysproto.h> #include <sys/sysent.h> @@ -483,21 +484,23 @@ mac_lomac_copy(struct mac_lomac *source, struct mac_lomac *dest) mac_lomac_copy_range(source, dest); } -static int mac_lomac_to_string(char *string, size_t size, - size_t *caller_len, struct mac_lomac *mac_lomac); +static int mac_lomac_to_string(struct sbuf *sb, + struct mac_lomac *mac_lomac); static int maybe_demote(struct mac_lomac *subjlabel, struct mac_lomac *objlabel, const char *actionname, const char *objname, struct vnode *vpq) { + struct sbuf subjlabel_sb, subjtext_sb, objlabel_sb; + char *subjlabeltext, *objlabeltext, *subjtext; + struct mac_lomac cached_subjlabel; + struct mac_lomac_proc *subj; struct vattr va; - static char xxx[] = "<<XXX>>"; - struct mac_lomac_proc *subj = PSLOT(&curthread->td_proc->p_label); - char *subjlabeltext, *objlabeltext, *subjtext, *text; struct proc *p; - size_t len; pid_t pgid; + subj = PSLOT(&curthread->td_proc->p_label); + p = curthread->td_proc; mtx_lock(&subj->mtx); if (subj->mac_lomac.ml_flags & MAC_LOMAC_FLAG_UPDATE) { @@ -531,32 +534,29 @@ maybe_demote(struct mac_lomac *subjlabel, struct mac_lomac *objlabel, curthread->td_flags |= TDF_ASTPENDING; curthread->td_proc->p_sflag |= PS_MACPEND; mtx_unlock_spin(&sched_lock); - subjtext = subjlabeltext = objlabeltext = xxx; - if (mac_lomac_to_string(NULL, 0, &len, &subj->mac_lomac) == 0 && - (text = malloc(len + 1, M_MACLOMAC, M_NOWAIT)) != NULL) { - if (mac_lomac_to_string(text, len + 1, &len, - &subj->mac_lomac) == 0) - subjtext = text; - else - free(text, M_MACLOMAC); - } + + /* + * Avoid memory allocation while holding a mutex; cache the + * label. + */ + mac_lomac_copy_single(&subj->mac_lomac, &cached_subjlabel); mtx_unlock(&subj->mtx); - if (mac_lomac_to_string(NULL, 0, &len, subjlabel) == 0 && - (text = malloc(len + 1, M_MACLOMAC, M_NOWAIT)) != NULL) { - if (mac_lomac_to_string(text, len + 1, &len, - subjlabel) == 0) - subjlabeltext = text; - else - free(text, M_MACLOMAC); - } - if (mac_lomac_to_string(NULL, 0, &len, objlabel) == 0 && - (text = malloc(len + 1, M_MACLOMAC, M_NOWAIT)) != NULL) { - if (mac_lomac_to_string(text, len + 1, &len, - objlabel) == 0) - objlabeltext = text; - else - free(text, M_MACLOMAC); - } + + sbuf_new(&subjlabel_sb, NULL, 0, SBUF_AUTOEXTEND); + mac_lomac_to_string(&subjlabel_sb, subjlabel); + sbuf_finish(&subjlabel_sb); + subjlabeltext = sbuf_data(&subjlabel_sb); + + sbuf_new(&subjtext_sb, NULL, 0, SBUF_AUTOEXTEND); + mac_lomac_to_string(&subjtext_sb, &subj->mac_lomac); + sbuf_finish(&subjtext_sb); + subjtext = sbuf_data(&subjtext_sb); + + sbuf_new(&objlabel_sb, NULL, 0, SBUF_AUTOEXTEND); + mac_lomac_to_string(&objlabel_sb, objlabel); + sbuf_finish(&objlabel_sb); + objlabeltext = sbuf_data(&objlabel_sb); + pgid = p->p_pgrp->pg_id; /* XXX could be stale? */ if (vpq != NULL && VOP_GETATTR(vpq, &va, curthread->td_ucred, curthread) == 0) { @@ -572,13 +572,11 @@ maybe_demote(struct mac_lomac *subjlabel, struct mac_lomac *objlabel, subjlabeltext, p->p_pid, pgid, curthread->td_ucred->cr_uid, p->p_comm, subjtext, actionname, objlabeltext, objname); } + + sbuf_delete(&subjlabel_sb); + sbuf_delete(&subjtext_sb); + sbuf_delete(&objlabel_sb); - if (subjlabeltext != xxx) - free(subjlabeltext, M_MACLOMAC); - if (objlabeltext != xxx) - free(objlabeltext, M_MACLOMAC); - if (subjtext != xxx) - free(subjtext, M_MACLOMAC); return (0); } @@ -659,28 +657,22 @@ mac_lomac_destroy_proc_label(struct label *label) PSLOT(label) = NULL; } -/* - * mac_lomac_element_to_string() is basically an snprintf wrapper with - * the same properties as snprintf(). It returns the length it would - * have added to the string in the event the string is too short. - */ -static size_t -mac_lomac_element_to_string(char *string, size_t size, - struct mac_lomac_element *element) +static int +mac_lomac_element_to_string(struct sbuf *sb, struct mac_lomac_element *element) { switch (element->mle_type) { case MAC_LOMAC_TYPE_HIGH: - return (snprintf(string, size, "high")); + return (sbuf_printf(sb, "high")); case MAC_LOMAC_TYPE_LOW: - return (snprintf(string, size, "low")); + return (sbuf_printf(sb, "low")); case MAC_LOMAC_TYPE_EQUAL: - return (snprintf(string, size, "equal")); + return (sbuf_printf(sb, "equal")); case MAC_LOMAC_TYPE_GRADE: - return (snprintf(string, size, "%d", element->mle_grade)); + return (sbuf_printf(sb, "%d", element->mle_grade)); default: panic("mac_lomac_element_to_string: invalid type (%d)", @@ -689,81 +681,54 @@ mac_lomac_element_to_string(char *string, size_t size, } static int -mac_lomac_to_string(char *string, size_t size, size_t *caller_len, - struct mac_lomac *mac_lomac) +mac_lomac_to_string(struct sbuf *sb, struct mac_lomac *mac_lomac) { - size_t left, len, curlen; - char *curptr; - /* - * Also accept NULL string to allow for predetermination of total - * string length. - */ - if (string != NULL) - bzero(string, size); - else if (size != 0) - return (EINVAL); - curptr = string; - left = size; - curlen = 0; - -#define INCLEN(length, leftover) do { \ - if (string != NULL) { \ - if (length >= leftover) \ - return (EINVAL); \ - leftover -= length; \ - curptr += length; \ - } \ - curlen += length; \ -} while (0) if (mac_lomac->ml_flags & MAC_LOMAC_FLAG_SINGLE) { - len = mac_lomac_element_to_string(curptr, left, - &mac_lomac->ml_single); - INCLEN(len, left); + if (mac_lomac_element_to_string(sb, &mac_lomac->ml_single) + == -1) + return (EINVAL); } if (mac_lomac->ml_flags & MAC_LOMAC_FLAG_AUX) { - len = snprintf(curptr, left, "["); - INCLEN(len, left); + if (sbuf_putc(sb, '[') == -1) + return (EINVAL); - len = mac_lomac_element_to_string(curptr, left, - &mac_lomac->ml_auxsingle); - INCLEN(len, left); + if (mac_lomac_element_to_string(sb, &mac_lomac->ml_auxsingle) + == -1) + return (EINVAL); - len = snprintf(curptr, left, "]"); - INCLEN(len, left); + if (sbuf_putc(sb, ']') == -1) + return (EINVAL); } if (mac_lomac->ml_flags & MAC_LOMAC_FLAG_RANGE) { - len = snprintf(curptr, left, "("); - INCLEN(len, left); + if (sbuf_putc(sb, '(') == -1) + return (EINVAL); - len = mac_lomac_element_to_string(curptr, left, - &mac_lomac->ml_rangelow); - INCLEN(len, left); + if (mac_lomac_element_to_string(sb, &mac_lomac->ml_rangelow) + == -1) + return (EINVAL); - len = snprintf(curptr, left, "-"); - INCLEN(len, left); + if (sbuf_putc(sb, '-') == -1) + return (EINVAL); - len = mac_lomac_element_to_string(curptr, left, - &mac_lomac->ml_rangehigh); - INCLEN(len, left); + if (mac_lomac_element_to_string(sb, &mac_lomac->ml_rangehigh) + == -1) + return (EINVAL); - len = snprintf(curptr, left, ")"); - INCLEN(len, left); + if (sbuf_putc(sb, '-') == -1) + return (EINVAL); } -#undef INCLEN - *caller_len = curlen; return (0); } static int mac_lomac_externalize_label(struct label *label, char *element_name, - char *element_data, size_t size, size_t *len, int *claimed) + struct sbuf *sb, int *claimed) { struct mac_lomac *mac_lomac; - int error; if (strcmp(MAC_LOMAC_LABEL_NAME, element_name) != 0) return (0); @@ -771,12 +736,8 @@ mac_lomac_externalize_label(struct label *label, char *element_name, (*claimed)++; mac_lomac = SLOT(label); - error = mac_lomac_to_string(element_data, size, len, mac_lomac); - if (error) - return (error); - *len = strlen(element_data); - return (0); + return (mac_lomac_to_string(sb, mac_lomac)); } static int diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c index 2ceae35..b5e321b 100644 --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -541,57 +541,49 @@ mac_mls_element_to_string(struct sbuf *sb, struct mac_mls_element *element) } /* - * mac_mls_to_string() converts an MLS label to a string, placing the - * results in the passed string buffer. It returns 0 on success, - * or EINVAL if there isn't room in the buffer. The size of the - * string appended, leaving out the nul termination, is returned to - * the caller via *caller_len. Eventually, we should expose the - * sbuf to the caller rather than using C strings at this layer. + * mac_mls_to_string() converts an MLS label to a string, and places + * the results in the passed sbuf. It returns 0 on success, or EINVAL + * if there isn't room in the sbuf. Note: the sbuf will be modified + * even in a failure case, so the caller may need to revert the sbuf + * by restoring the offset if that's undesired. */ static int -mac_mls_to_string(char *string, size_t size, size_t *caller_len, - struct mac_mls *mac_mls) +mac_mls_to_string(struct sbuf *sb, struct mac_mls *mac_mls) { - struct sbuf sb; - - sbuf_new(&sb, string, size, SBUF_FIXEDLEN); if (mac_mls->mm_flags & MAC_MLS_FLAG_SINGLE) { - if (mac_mls_element_to_string(&sb, &mac_mls->mm_single) + if (mac_mls_element_to_string(sb, &mac_mls->mm_single) == -1) return (EINVAL); } if (mac_mls->mm_flags & MAC_MLS_FLAG_RANGE) { - if (sbuf_putc(&sb, '(') == -1) + if (sbuf_putc(sb, '(') == -1) return (EINVAL); - if (mac_mls_element_to_string(&sb, &mac_mls->mm_rangelow) + if (mac_mls_element_to_string(sb, &mac_mls->mm_rangelow) == -1) return (EINVAL); - if (sbuf_putc(&sb, '-') == -1) + if (sbuf_putc(sb, '-') == -1) return (EINVAL); - if (mac_mls_element_to_string(&sb, &mac_mls->mm_rangehigh) + if (mac_mls_element_to_string(sb, &mac_mls->mm_rangehigh) == -1) return (EINVAL); - if (sbuf_putc(&sb, ')') == -1) + if (sbuf_putc(sb, ')') == -1) return (EINVAL); } - sbuf_finish(&sb); - *caller_len = strlen(string); return (0); } static int mac_mls_externalize_label(struct label *label, char *element_name, - char *element_data, size_t size, size_t *len, int *claimed) + struct sbuf *sb, int *claimed) { struct mac_mls *mac_mls; - int error; if (strcmp(MAC_MLS_LABEL_NAME, element_name) != 0) return (0); @@ -600,11 +592,7 @@ mac_mls_externalize_label(struct label *label, char *element_name, mac_mls = SLOT(label); - error = mac_mls_to_string(element_data, size, len, mac_mls); - if (error) - return (error); - - return (0); + return (mac_mls_to_string(sb, mac_mls)); } static int diff --git a/sys/security/mac_none/mac_none.c b/sys/security/mac_none/mac_none.c index 5a600ea..c2ce7e7 100644 --- a/sys/security/mac_none/mac_none.c +++ b/sys/security/mac_none/mac_none.c @@ -127,7 +127,7 @@ mac_none_destroy_label(struct label *label) static int mac_none_externalize_label(struct label *label, char *element_name, - char *element_data, size_t size, size_t *len, int *claimed) + struct sbuf *sb, int *claimed) { return (0); diff --git a/sys/security/mac_partition/mac_partition.c b/sys/security/mac_partition/mac_partition.c index 5c68399..ed5bc2e 100644 --- a/sys/security/mac_partition/mac_partition.c +++ b/sys/security/mac_partition/mac_partition.c @@ -46,6 +46,7 @@ #include <sys/mac.h> #include <sys/mount.h> #include <sys/proc.h> +#include <sys/sbuf.h> #include <sys/systm.h> #include <sys/sysproto.h> #include <sys/sysent.h> @@ -102,15 +103,18 @@ mac_partition_destroy_label(struct label *label) static int mac_partition_externalize_label(struct label *label, char *element_name, - char *element_data, size_t size, size_t *len, int *claimed) + struct sbuf *sb, int *claimed) { if (strcmp(MAC_PARTITION_LABEL_NAME, element_name) != 0) return (0); (*claimed)++; - *len = snprintf(element_data, size, "%ld", SLOT(label)); - return (0); + + if (sbuf_printf(sb, "%ld", SLOT(label)) == -1) + return (EINVAL); + else + return (0); } static int diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c index 5a600ea..c2ce7e7 100644 --- a/sys/security/mac_stub/mac_stub.c +++ b/sys/security/mac_stub/mac_stub.c @@ -127,7 +127,7 @@ mac_none_destroy_label(struct label *label) static int mac_none_externalize_label(struct label *label, char *element_name, - char *element_data, size_t size, size_t *len, int *claimed) + struct sbuf *sb, int *claimed) { return (0); diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c index 2b13379..7948646 100644 --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -531,7 +531,7 @@ mac_test_destroy_vnode_label(struct label *label) static int mac_test_externalize_label(struct label *label, char *element_name, - char *element_data, size_t size, size_t *len, int *claimed) + struct sbuf *sb, int *claimed) { atomic_add_int(&externalize_count, 1); diff --git a/sys/sys/mac_policy.h b/sys/sys/mac_policy.h index 878b961..b1f7a43 100644 --- a/sys/sys/mac_policy.h +++ b/sys/sys/mac_policy.h @@ -60,6 +60,7 @@ struct mac_policy_conf; struct mbuf; struct mount; struct pipe; +struct sbuf; struct socket; struct ucred; struct uio; @@ -114,23 +115,17 @@ struct mac_policy_ops { void (*mpo_copy_vnode_label)(struct label *src, struct label *dest); int (*mpo_externalize_cred_label)(struct label *label, - char *element_name, char *buffer, size_t buflen, - size_t *len, int *claimed); + char *element_name, struct sbuf *sb, int *claimed); int (*mpo_externalize_ifnet_label)(struct label *label, - char *element_name, char *buffer, size_t buflen, - size_t *len, int *claimed); + char *element_name, struct sbuf *sb, int *claimed); int (*mpo_externalize_pipe_label)(struct label *label, - char *element_name, char *buffer, size_t buflen, - size_t *len, int *claimed); + char *element_name, struct sbuf *sb, int *claimed); int (*mpo_externalize_socket_label)(struct label *label, - char *element_name, char *buffer, size_t buflen, - size_t *len, int *claimed); + char *element_name, struct sbuf *sb, int *claimed); int (*mpo_externalize_socket_peer_label)(struct label *label, - char *element_name, char *buffer, size_t buflen, - size_t *len, int *claimed); + char *element_name, struct sbuf *sb, int *claimed); int (*mpo_externalize_vnode_label)(struct label *label, - char *element_name, char *buffer, size_t buflen, - size_t *len, int *claimed); + char *element_name, struct sbuf *sb, int *claimed); int (*mpo_internalize_cred_label)(struct label *label, char *element_name, char *element_data, int *claimed); int (*mpo_internalize_ifnet_label)(struct label *label, |
