diff options
| author | Robert Watson <rwatson@FreeBSD.org> | 2003-11-11 03:40:04 +0000 |
|---|---|---|
| committer | Robert Watson <rwatson@FreeBSD.org> | 2003-11-11 03:40:04 +0000 |
| commit | c8e7bf92ada7bed3bf19c9b1798f3d2623f67e34 (patch) | |
| tree | 36eab838402b7b73550e5d411f7b0fad463143f3 | |
| parent | ef9cbd37be8cefc3ae3d7fa0000f136360f94dfb (diff) | |
Notes
| -rw-r--r-- | sys/kern/kern_mac.c | 12 | ||||
| -rw-r--r-- | sys/security/mac/mac_framework.c | 12 | ||||
| -rw-r--r-- | sys/security/mac/mac_syscalls.c | 12 |
3 files changed, 27 insertions, 9 deletions
diff --git a/sys/kern/kern_mac.c b/sys/kern/kern_mac.c index 00ce1d97aae8..c45900379dcb 100644 --- a/sys/kern/kern_mac.c +++ b/sys/kern/kern_mac.c @@ -34,9 +34,11 @@ * SUCH DAMAGE. */ -/* - * Framework for extensible kernel access control. Kernel and userland - * interface to the framework, policy registration and composition. +/*- + * Framework for extensible kernel access control. This file contains + * Kernel and userland interface to the framework, policy registration + * and composition. Per-object interfaces, controls, and labeling may be + * found in src/sys/mac/. Sample policies may be found in src/sys/mac*. */ #include <sys/cdefs.h> @@ -182,6 +184,7 @@ struct mac_policy_list_head mac_static_policy_list; void mac_policy_grab_exclusive(void) { + WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, "mac_policy_grab_exclusive() at %s:%d", __FILE__, __LINE__); mtx_lock(&mac_policy_mtx); @@ -192,6 +195,7 @@ mac_policy_grab_exclusive(void) void mac_policy_assert_exclusive(void) { + mtx_assert(&mac_policy_mtx, MA_OWNED); KASSERT(mac_policy_count == 0, ("mac_policy_assert_exclusive(): not exclusive")); @@ -210,6 +214,7 @@ mac_policy_release_exclusive(void) void mac_policy_list_busy(void) { + mtx_lock(&mac_policy_mtx); mac_policy_count++; mtx_unlock(&mac_policy_mtx); @@ -233,6 +238,7 @@ mac_policy_list_conditional_busy(void) void mac_policy_list_unbusy(void) { + mtx_lock(&mac_policy_mtx); mac_policy_count--; KASSERT(mac_policy_count >= 0, ("MAC_POLICY_LIST_LOCK")); diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c index 00ce1d97aae8..c45900379dcb 100644 --- a/sys/security/mac/mac_framework.c +++ b/sys/security/mac/mac_framework.c @@ -34,9 +34,11 @@ * SUCH DAMAGE. */ -/* - * Framework for extensible kernel access control. Kernel and userland - * interface to the framework, policy registration and composition. +/*- + * Framework for extensible kernel access control. This file contains + * Kernel and userland interface to the framework, policy registration + * and composition. Per-object interfaces, controls, and labeling may be + * found in src/sys/mac/. Sample policies may be found in src/sys/mac*. */ #include <sys/cdefs.h> @@ -182,6 +184,7 @@ struct mac_policy_list_head mac_static_policy_list; void mac_policy_grab_exclusive(void) { + WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, "mac_policy_grab_exclusive() at %s:%d", __FILE__, __LINE__); mtx_lock(&mac_policy_mtx); @@ -192,6 +195,7 @@ mac_policy_grab_exclusive(void) void mac_policy_assert_exclusive(void) { + mtx_assert(&mac_policy_mtx, MA_OWNED); KASSERT(mac_policy_count == 0, ("mac_policy_assert_exclusive(): not exclusive")); @@ -210,6 +214,7 @@ mac_policy_release_exclusive(void) void mac_policy_list_busy(void) { + mtx_lock(&mac_policy_mtx); mac_policy_count++; mtx_unlock(&mac_policy_mtx); @@ -233,6 +238,7 @@ mac_policy_list_conditional_busy(void) void mac_policy_list_unbusy(void) { + mtx_lock(&mac_policy_mtx); mac_policy_count--; KASSERT(mac_policy_count >= 0, ("MAC_POLICY_LIST_LOCK")); diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c index 00ce1d97aae8..c45900379dcb 100644 --- a/sys/security/mac/mac_syscalls.c +++ b/sys/security/mac/mac_syscalls.c @@ -34,9 +34,11 @@ * SUCH DAMAGE. */ -/* - * Framework for extensible kernel access control. Kernel and userland - * interface to the framework, policy registration and composition. +/*- + * Framework for extensible kernel access control. This file contains + * Kernel and userland interface to the framework, policy registration + * and composition. Per-object interfaces, controls, and labeling may be + * found in src/sys/mac/. Sample policies may be found in src/sys/mac*. */ #include <sys/cdefs.h> @@ -182,6 +184,7 @@ struct mac_policy_list_head mac_static_policy_list; void mac_policy_grab_exclusive(void) { + WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, "mac_policy_grab_exclusive() at %s:%d", __FILE__, __LINE__); mtx_lock(&mac_policy_mtx); @@ -192,6 +195,7 @@ mac_policy_grab_exclusive(void) void mac_policy_assert_exclusive(void) { + mtx_assert(&mac_policy_mtx, MA_OWNED); KASSERT(mac_policy_count == 0, ("mac_policy_assert_exclusive(): not exclusive")); @@ -210,6 +214,7 @@ mac_policy_release_exclusive(void) void mac_policy_list_busy(void) { + mtx_lock(&mac_policy_mtx); mac_policy_count++; mtx_unlock(&mac_policy_mtx); @@ -233,6 +238,7 @@ mac_policy_list_conditional_busy(void) void mac_policy_list_unbusy(void) { + mtx_lock(&mac_policy_mtx); mac_policy_count--; KASSERT(mac_policy_count >= 0, ("MAC_POLICY_LIST_LOCK")); |