From owner-p4-projects@FreeBSD.ORG Thu Oct 9 17:58:11 2003 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 1D10916A4C1; Thu, 9 Oct 2003 17:58:11 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E96DD16A4B3 for ; Thu, 9 Oct 2003 17:58:10 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id D1CD743FA3 for ; Thu, 9 Oct 2003 17:58:09 -0700 (PDT) (envelope-from Hrishikesh_Dandekar@NAI.com) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.9/8.12.9) with ESMTP id h9A0w9XJ029367 for ; Thu, 9 Oct 2003 17:58:09 -0700 (PDT) (envelope-from Hrishikesh_Dandekar@NAI.com) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.9/8.12.9/Submit) id h9A0w9sU029364 for perforce@freebsd.org; Thu, 9 Oct 2003 17:58:09 -0700 (PDT) (envelope-from Hrishikesh_Dandekar@NAI.com) Date: Thu, 9 Oct 2003 17:58:09 -0700 (PDT) Message-Id: <200310100058.h9A0w9sU029364@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to Hrishikesh_Dandekar@NAI.com using -f From: Hrishikesh Dandekar To: Perforce Change Reviews Subject: PERFORCE change 39432 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Oct 2003 00:58:11 -0000 http://perforce.freebsd.org/chv.cgi?CH=39432 Change 39432 by hdandeka@hdandeka_yash on 2003/10/09 17:57:53 mmap the policy file before calling security_load_policy. Affected files ... .. //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/checkpolicy.c#5 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/checkpolicy.c#5 (text+ko) ==== @@ -34,9 +34,11 @@ #include #include #include +#include #include #include #include +#include #include #include "linux-compat.h" #else /* __FreeBSD__ */ @@ -320,6 +322,7 @@ unsigned int binary = 0, debug = 0; int ret, ch, nel; FILE *fp, *outfp = NULL; + int fd; void *filedata; struct stat fsb; size_t filelen; @@ -619,29 +622,28 @@ pathlen = strlen(ans); ans[pathlen - 1] = 0; printf("%s: loading policy configuration from %s\n", argv[0], ans); - fp = fopen(ans, "r"); - if (!fp) { + fd = open(ans, O_RDONLY); + if (fd < 0) { printf("%s: unable to open %s\n", argv[0], ans); break; } - if(stat(ans, &fsb) == -1) { + if(fstat(fd, &fsb) < 0) { printf("%s: unable to get size of %s\n", argv[0], ans); break; } filelen = (size_t) fsb.st_size; if ( ((off_t) filelen) != fsb.st_size ) { - printf("%s: large file, size truncated\n", argv[0]); - break; + printf("%s: large file, size truncated\n", argv[0]); + close(fd); + break; } - filedata = malloc(filelen); - if (!filedata) { - fprintf(stderr, "out of memory\n"); - exit(1); - } - if(fread(filedata, filelen, 1, fp) != filelen) { - printf("%s: unable to get read from %s\n", argv[0], ans); + + filedata = mmap(NULL, filelen, PROT_READ, MAP_SHARED, fd,0); + if (filedata == MAP_FAILED) { + printf("Can't map %s\n", ans); + close(fd); break; - } + } ret = security_load_policy(filedata, filelen); switch (ret) { case 0: @@ -656,7 +658,8 @@ default: printf("return code 0x%x\n", ret); } - fclose(fp); + /* XXX: call munmap(filedata, filelen) or not ? */ + close(fd); break; case '8': printf("fs kdevname? ");