1 files changed, 30 insertions, 1 deletions

diff --git a/sys/security/mac/mac_posix_shm.c b/sys/security/mac/mac_posix_shm.c
index 97587ad..913cb43 100644
--- a/sys/security/mac/mac_posix_shm.c
+++ b/sys/security/mac/mac_posix_shm.c
@@ -1,5 +1,6 @@
 /*-
  * Copyright (c) 2003-2006 SPARTA, Inc.
+ * Copyright (c) 2009 Robert N. M. Watson
  * All rights reserved.
  *
  * This software was developed for the FreeBSD Project in part by Network
@@ -8,7 +9,10 @@
  * as part of the DARPA CHATS research program.
  *
  * This software was enhanced by SPARTA ISSO under SPAWAR contract
- * N66001-04-C-6019 ("SEFOS").
+ * N66001-04-C-6019 ("SEFOS"). *
+ *
+ * This software was developed at the University of Cambridge Computer
+ * Laboratory with support from a grant from Google, Inc. 
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -35,6 +39,7 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 
+#include "opt_kdtrace.h"
 #include "opt_mac.h"
 
 #include <sys/param.h>
@@ -42,6 +47,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/mman.h>
 #include <sys/malloc.h>
 #include <sys/module.h>
+#include <sys/sdt.h>
 #include <sys/systm.h>
 #include <sys/sysctl.h>
 
@@ -94,6 +100,9 @@ mac_posixshm_create(struct ucred *cred, struct shmfd *shmfd)
 	MAC_PERFORM(posixshm_create, cred, shmfd, shmfd->shm_label);
 }
 
+MAC_CHECK_PROBE_DEFINE4(posixshm_check_mmap, "struct ucred *",
+    "struct shmfd *", "int", "int");
+
 int
 mac_posixshm_check_mmap(struct ucred *cred, struct shmfd *shmfd, int prot,
     int flags)
@@ -102,20 +111,29 @@ mac_posixshm_check_mmap(struct ucred *cred, struct shmfd *shmfd, int prot,
 
 	MAC_CHECK(posixshm_check_mmap, cred, shmfd, shmfd->shm_label, prot,
 	    flags);
+	MAC_CHECK_PROBE4(posixshm_check_mmap, error, cred, shmfd, prot,
+	    flags);
 
 	return (error);
 }
 
+MAC_CHECK_PROBE_DEFINE2(posixshm_check_open, "struct ucred *",
+    "struct shmfd *");
+
 int
 mac_posixshm_check_open(struct ucred *cred, struct shmfd *shmfd)
 {
 	int error;
 
 	MAC_CHECK(posixshm_check_open, cred, shmfd, shmfd->shm_label);
+	MAC_CHECK_PROBE2(posixshm_check_open, error, cred, shmfd);
 
 	return (error);
 }
 
+MAC_CHECK_PROBE_DEFINE3(posixshm_check_stat, "struct ucred *",
+    "struct ucred *", "struct shmfd *");
+
 int
 mac_posixshm_check_stat(struct ucred *active_cred, struct ucred *file_cred,
     struct shmfd *shmfd)
@@ -124,10 +142,15 @@ mac_posixshm_check_stat(struct ucred *active_cred, struct ucred *file_cred,
 
 	MAC_CHECK(posixshm_check_stat, active_cred, file_cred, shmfd,
 	    shmfd->shm_label);
+	MAC_CHECK_PROBE3(posixshm_check_stat, error, active_cred, file_cred,
+	    shmfd);
 
 	return (error);
 }
 
+MAC_CHECK_PROBE_DEFINE3(posixshm_check_truncate, "struct ucred *",
+    "struct ucred *", "struct shmfd *");
+
 int
 mac_posixshm_check_truncate(struct ucred *active_cred, struct ucred *file_cred,
     struct shmfd *shmfd)
@@ -136,16 +159,22 @@ mac_posixshm_check_truncate(struct ucred *active_cred, struct ucred *file_cred,
 
 	MAC_CHECK(posixshm_check_truncate, active_cred, file_cred, shmfd,
 	    shmfd->shm_label);
+	MAC_CHECK_PROBE3(posixshm_check_truncate, error, active_cred,
+	    file_cred, shmfd);
 
 	return (error);
 }
 
+MAC_CHECK_PROBE_DEFINE2(posixshm_check_unlink, "struct ucred *",
+    "struct shmfd *");
+
 int
 mac_posixshm_check_unlink(struct ucred *cred, struct shmfd *shmfd)
 {
 	int error;
 
 	MAC_CHECK(posixshm_check_unlink, cred, shmfd, shmfd->shm_label);
+	MAC_CHECK_PROBE2(posixshm_check_unlink, error, cred, shmfd);
 
 	return (error);
 }