From kazuhiro@alib.jp  Mon Sep  8 08:45:48 2003
Return-Path: <kazuhiro@alib.jp>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3071F16A4E9; Mon,  8 Sep 2003 08:45:48 -0700 (PDT)
Received: from reah.alib.jp (kita142132.kitanet.ne.jp [219.112.142.132])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id C461043FE3; Mon,  8 Sep 2003 08:45:46 -0700 (PDT)
	(envelope-from kazuhiro@alib.jp)
Received: from feena.alib.jp ([IPv6:2001:2c0:40e:2002:2a0:b0ff:fe42:147a])
	(authenticated bits=0)
	by reah.alib.jp (8.12.9/8.12.3) with ESMTP id h88FjhiA056553
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Tue, 9 Sep 2003 00:45:43 +0900 (JST)
	(envelope-from kazuhiro@alib.jp)
Message-Id: <20030909004529.4064acc7.kazuhiro@alib.jp>
Date: Tue, 9 Sep 2003 00:45:29 +0900
From: "KONDOU, Kazuhiro" <kazuhiro@alib.jp>
Reply-To: "KONDOU, Kazuhiro" <kazuhiro@alib.jp>
To: FreeBSD-gnats-submit@FreeBSD.org
Cc: "KONDOU, Kazuhiro" <kazuhiro@alib.jp>, rwatson@FreeBSD.org
Subject: sys/mac.h, sys/mac_policy.h cannot be used as is in C++

>Number:         56595
>Category:       bin
>Synopsis:       sys/mac.h, sys/mac_policy.h cannot be used as is in C++
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    rwatson
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Sep 08 08:50:21 PDT 2003
>Closed-Date:    Mon Nov 17 11:08:17 PST 2003
>Last-Modified:  Mon Nov 17 11:08:17 PST 2003
>Originator:     "KONDOU, Kazuhiro"
>Release:        FreeBSD 5.1-CURRENT i386
>Organization:
>Environment:
System: FreeBSD lilia.alib.jp 5.1-CURRENT FreeBSD 5.1-CURRENT #0: Sat Sep  6 14:08:48 JST 2003     root@:/usr/obj/usr/src/sys/REAH  i386 

>Description:

sys/mac.h and sys/mac_policy.h cannot be used as is in C++ code.
because function prototypes doesn't exist between __BEGIN_DECLS and
__END_DECLS.


>How-To-Repeat:

#include <sys/mac.h> or #include <sys/mac_policy.h> in C++ code.


>Fix:

apply following patch.


diff -urdN old/mac.h new/mac.h
--- old/mac.h	Tue Sep  9 00:16:24 2003
+++ new/mac.h	Tue Sep  9 00:39:23 2003
@@ -76,6 +76,7 @@
  * Extended non-POSIX.1e interfaces that offer additional services
  * available from the userland and kernel MAC frameworks.
  */
+__BEGIN_DECLS
 int		 mac_execve(char *fname, char **argv, char **envv,
 		    mac_t _label);
 int		 mac_free(mac_t _label);
@@ -97,6 +98,7 @@
 int		 mac_set_proc(const mac_t _label);
 int		 mac_syscall(const char *_policyname, int _call, void *_arg);
 int		 mac_to_text(mac_t mac, char **_text);
+__END_DECLS
 
 #else /* _KERNEL */
 
diff -urdN old/mac_policy.h new/mac_policy.h
--- old/mac_policy.h	Tue Sep  9 00:16:35 2003
+++ new/mac_policy.h	Tue Sep  9 00:21:44 2003
@@ -471,7 +471,9 @@
 	DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY,		\
 	    SI_ORDER_MIDDLE)
 
+__BEGIN_DECLS
 int	mac_policy_modevent(module_t mod, int type, void *data);
+__END_DECLS
 
 #define	LABEL_TO_SLOT(l, s)	(l)->l_perpolicy[s]
 
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->rwatson 
Responsible-Changed-By: rwatson 
Responsible-Changed-When: Mon Sep 8 09:10:39 PDT 2003 
Responsible-Changed-Why:  
Take ownership of this bug as it relates to MAC. 

I'm currently on travel, but will merge the mac.h change shortly; we 
actually do use MAC labels with C++ KDE apps here, so there must have 
been a regression at some point. 

Regarding mac_policy.h: this is a kernel-only API.  Right now, 
FreeBSD kernel-only headers are not generally C++-aware.  If there's 
a compelling reason to fix this (i.e., you're using C++ in your 
kernel), I'd be happy to change this. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=56595 
State-Changed-From-To: open->feedback 
State-Changed-By: rwatson 
State-Changed-When: Wed Oct 1 20:06:26 PDT 2003 
State-Changed-Why:  
Change to mac.h committed as src/sys/sys/mac.h:1.46.  Please let me 
know on the topic of the kernel includes as to whether you have a 
legitimate need to include mac_policy.h in C++ code--if so, I'll 
go ahead and merge that as well.  Thanks! 


http://www.freebsd.org/cgi/query-pr.cgi?pr=56595 
State-Changed-From-To: feedback->closed 
State-Changed-By: rwatson 
State-Changed-When: Mon Nov 17 11:07:26 PST 2003 
State-Changed-Why:  
There appears to be agreement that mac_policy.h doesn't need to be 
included by userland applications, so that current condition isn't 
a problem.  The mac.h fix is merged.  Closing the PR.  Please 
let me know if there are any further issues. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=56595 
>Unformatted:
