From owner-p4-projects@FreeBSD.ORG Thu Feb 9 19:28:52 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 52CC916A424; Thu, 9 Feb 2006 19:28:51 +0000 (GMT) X-Original-To: perforce@FreeBSD.org Delivered-To: perforce@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 15C5216A420 for ; Thu, 9 Feb 2006 19:28:51 +0000 (GMT) (envelope-from deker@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 24AD143D5C for ; Thu, 9 Feb 2006 19:28:47 +0000 (GMT) (envelope-from deker@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k19JSk9b028970 for ; Thu, 9 Feb 2006 19:28:46 GMT (envelope-from deker@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k19JSkkO028967 for perforce@freebsd.org; Thu, 9 Feb 2006 19:28:46 GMT (envelope-from deker@FreeBSD.org) Date: Thu, 9 Feb 2006 19:28:46 GMT Message-Id: <200602091928.k19JSkkO028967@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to deker@FreeBSD.org using -f From: Rob Deker To: Perforce Change Reviews Cc: Subject: PERFORCE change 91452 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Feb 2006 19:28:52 -0000 http://perforce.freebsd.org/chv.cgi?CH=91452 Change 91452 by deker@deker_build1.columbia.sparta.com on 2006/02/09 19:28:42 per millert: "Simpler version of sebsd_enabled()" Submitted by: millert Affected files ... .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/system.c#3 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/system.c#3 (text+ko) ==== @@ -35,37 +35,29 @@ */ #include #include -#include +#include #include #include #include -int sebsd_enabled() +int +sebsd_enabled(void) { - int args[2]; - int i; - size_t mibn = sizeof(int) * 64; - int mibs[64]; + int i, error; - args[0] = 0; - args[1] = 3; - - const char *name = "security.mac.sebsd.enforcing"; - i = sysctl (args, 2, mibs, &mibn, name, strlen(name)); - if (i < 0) - return 0; - return 1; + error = sysctlbyname("security.mac.sebsd.enforcing", &i, + sizeof(i), NULL, 0); + return (!error || errno != ENOENT); } int -sebsd_enforcing() +sebsd_enforcing(void) { int i, error; - error = sysctlbyname ("security.mac.sebsd.enforcing", - &i, sizeof (int), NULL, 0); - if (error) - return 0; - return i; + + error = sysctlbyname("security.mac.sebsd.enforcing", &i, + sizeof(i), NULL, 0); + return (error ? 0 : i); } struct lp_args @@ -87,9 +79,31 @@ fseek (fp, 0, SEEK_END); la.len = ftell (fp); fseek (fp, 0, SEEK_SET); - la.data = malloc (la.len); - if (1 != fread (la.data, la.len, 1, fp)) - return EIO; + if ((la.data = malloc (la.len)) == NULL) + return (ENOMEM); + if (fread(la.data, la.len, 1, fp) != 1) + return (EIO); + + return (mac_syscall(SEBSD_ID_STRING, SEBSDCALL_LOAD_POLICY, &la)); +} + +int +sebsd_load_migscs(const char *path) +{ + FILE *fp; + struct lp_args la; + + fp = fopen (path, "rb"); + if (fp == NULL) + return errno; + + fseek(fp, 0, SEEK_END); + la.len = ftell(fp); + fseek(fp, 0, SEEK_SET); + if ((la.data = malloc(la.len)) == NULL) + return (ENOMEM); + if (fread(la.data, la.len, 1, fp) != 1) + return (EIO); - return mac_syscall(SEBSD_ID_STRING, SEBSDCALL_LOAD_POLICY, &la); + return (mac_syscall(SEBSD_ID_STRING, SEBSDCALL_LOAD_MIGSCS, &la)); }