Modify mac_test policy to invoke WITNESS_WARN() when a potentially
blocking allocation could occur as a result of a label initialization. This will simulate the behavior of allocated label policies such as MLS and Biba when running mac_test from the perspective of WITNESS lock and sleep warnings. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
This commit is contained in:
parent
4a87a5eecd
commit
0712b25402
@ -46,6 +46,7 @@
|
||||
#include <sys/extattr.h>
|
||||
#include <sys/kernel.h>
|
||||
#include <sys/mac.h>
|
||||
#include <sys/malloc.h>
|
||||
#include <sys/mount.h>
|
||||
#include <sys/proc.h>
|
||||
#include <sys/systm.h>
|
||||
@ -246,6 +247,11 @@ static int
|
||||
mac_test_init_ipq_label(struct label *label, int flag)
|
||||
{
|
||||
|
||||
if (flag & M_WAITOK)
|
||||
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
|
||||
"mac_test_init_ipq_label() at %s:%d", __FILE__,
|
||||
__LINE__);
|
||||
|
||||
SLOT(label) = IPQMAGIC;
|
||||
atomic_add_int(&init_count_ipq, 1);
|
||||
return (0);
|
||||
@ -255,6 +261,11 @@ static int
|
||||
mac_test_init_mbuf_label(struct label *label, int flag)
|
||||
{
|
||||
|
||||
if (flag & M_WAITOK)
|
||||
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
|
||||
"mac_test_init_mbuf_label() at %s:%d", __FILE__,
|
||||
__LINE__);
|
||||
|
||||
SLOT(label) = MBUFMAGIC;
|
||||
atomic_add_int(&init_count_mbuf, 1);
|
||||
return (0);
|
||||
@ -280,6 +291,11 @@ static int
|
||||
mac_test_init_socket_label(struct label *label, int flag)
|
||||
{
|
||||
|
||||
if (flag & M_WAITOK)
|
||||
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
|
||||
"mac_test_init_socket_label() at %s:%d", __FILE__,
|
||||
__LINE__);
|
||||
|
||||
SLOT(label) = SOCKETMAGIC;
|
||||
atomic_add_int(&init_count_socket, 1);
|
||||
return (0);
|
||||
@ -289,6 +305,11 @@ static int
|
||||
mac_test_init_socket_peer_label(struct label *label, int flag)
|
||||
{
|
||||
|
||||
if (flag & M_WAITOK)
|
||||
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
|
||||
"mac_test_init_socket_peer_label() at %s:%d", __FILE__,
|
||||
__LINE__);
|
||||
|
||||
SLOT(label) = SOCKETMAGIC;
|
||||
atomic_add_int(&init_count_socket_peerlabel, 1);
|
||||
return (0);
|
||||
@ -392,6 +413,14 @@ static void
|
||||
mac_test_destroy_mbuf_label(struct label *label)
|
||||
{
|
||||
|
||||
/*
|
||||
* If we're loaded dynamically, there may be mbufs in flight that
|
||||
* didn't have label storage allocated for them. Handle this
|
||||
* gracefully.
|
||||
*/
|
||||
if (label == NULL)
|
||||
return;
|
||||
|
||||
if (SLOT(label) == MBUFMAGIC || SLOT(label) == 0) {
|
||||
atomic_add_int(&destroy_count_mbuf, 1);
|
||||
SLOT(label) = EXMAGIC;
|
||||
|
Loading…
x
Reference in New Issue
Block a user