diff options
author | Robert Watson <rwatson@FreeBSD.org> | 2002-08-15 18:58:44 +0000 |
---|---|---|
committer | Robert Watson <rwatson@FreeBSD.org> | 2002-08-15 18:58:44 +0000 |
commit | a7320549ac21210859337101188bae4ef9a1f23e (patch) | |
tree | fb13f25100ff0a872372db62500a78a7761f7324 /sys/netatalk | |
parent | 2caa6a5afe614e2fa26f977229d566ec379b8dfd (diff) | |
download | src-a7320549ac21210859337101188bae4ef9a1f23e.tar.gz src-a7320549ac21210859337101188bae4ef9a1f23e.zip |
Introduce experimental support for MAC in the AppleTalk/EtherTalk stack.
Label link layer mbufs as they are created for transmission, check
mbufs before delivering them to sockets, label mbufs as they are created
from sockets, and preserve mbuf labels if mbufs are copied.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Notes
Notes:
svn path=/head/; revision=101937
Diffstat (limited to 'sys/netatalk')
-rw-r--r-- | sys/netatalk/aarp.c | 8 | ||||
-rw-r--r-- | sys/netatalk/ddp_input.c | 10 | ||||
-rw-r--r-- | sys/netatalk/ddp_output.c | 10 |
3 files changed, 28 insertions, 0 deletions
diff --git a/sys/netatalk/aarp.c b/sys/netatalk/aarp.c index 127662477fb4..a22488acf257 100644 --- a/sys/netatalk/aarp.c +++ b/sys/netatalk/aarp.c @@ -6,9 +6,11 @@ */ #include "opt_atalk.h" +#include "opt_mac.h" #include <sys/param.h> #include <sys/systm.h> +#include <sys/mac.h> #include <sys/mbuf.h> #include <sys/kernel.h> #include <sys/socket.h> @@ -128,6 +130,9 @@ aarpwhohas( struct arpcom *ac, struct sockaddr_at *sat ) if (( m = m_gethdr( M_DONTWAIT, MT_DATA )) == NULL ) { return; } +#ifdef MAC + mac_create_mbuf_linklayer(&ac->ac_if, m); +#endif m->m_len = sizeof( *ea ); m->m_pkthdr.len = sizeof( *ea ); MH_ALIGN( m, sizeof( *ea )); @@ -549,6 +554,9 @@ aarpprobe( void *arg ) if (( m = m_gethdr( M_DONTWAIT, MT_DATA )) == NULL ) { return; } +#ifdef MAC + mac_create_mbuf_linklayer(&ac->ac_if, m); +#endif m->m_len = sizeof( *ea ); m->m_pkthdr.len = sizeof( *ea ); MH_ALIGN( m, sizeof( *ea )); diff --git a/sys/netatalk/ddp_input.c b/sys/netatalk/ddp_input.c index 4ef497b0503c..6db107fc1e39 100644 --- a/sys/netatalk/ddp_input.c +++ b/sys/netatalk/ddp_input.c @@ -5,9 +5,12 @@ * $FreeBSD$ */ +#include "opt_mac.h" + #include <sys/param.h> #include <sys/kernel.h> #include <sys/lock.h> +#include <sys/mac.h> #include <sys/mbuf.h> #include <sys/signalvar.h> #include <sys/socket.h> @@ -395,6 +398,13 @@ ddp_input( m, ifp, elh, phase ) return; } +#ifdef MAC + if (mac_check_socket_deliver(ddp->ddp_socket, m) != 0) { + m_freem( m ); + return; + } +#endif + /* * If we found one, deliver th epacket to the socket */ diff --git a/sys/netatalk/ddp_output.c b/sys/netatalk/ddp_output.c index 3d48fd25e3be..f15914be2bba 100644 --- a/sys/netatalk/ddp_output.c +++ b/sys/netatalk/ddp_output.c @@ -23,8 +23,11 @@ /* $FreeBSD$ */ +#include "opt_mac.h" + #include <sys/param.h> #include <sys/systm.h> +#include <sys/mac.h> #include <sys/mbuf.h> #include <sys/socket.h> #include <sys/socketvar.h> @@ -48,6 +51,10 @@ ddp_output( struct mbuf *m, struct socket *so) struct ddpehdr *deh; struct ddpcb *ddp = sotoddpcb( so ); +#ifdef MAC + mac_create_mbuf_from_socket(so, m); +#endif + M_PREPEND( m, sizeof( struct ddpehdr ), M_TRYWAIT ); deh = mtod( m, struct ddpehdr *); @@ -195,6 +202,9 @@ ddp_route( struct mbuf *m, struct route *ro) printf("ddp_route: no buffers\n"); return( ENOBUFS ); } +#ifdef MAC + mac_create_mbuf_from_mbuf(m, m0); +#endif m0->m_next = m; /* XXX perhaps we ought to align the header? */ m0->m_len = SZ_ELAPHDR; |