PERFORCE change 14924 for review

Fri Jul 26 03:22:37 GMT 2002

http://people.freebsd.org/~peter/p4db/chv.cgi?CH=14924

Change 14924 by rwatson at rwatson_curry on 2002/07/25 20:21:45

	Initialize loopback interfaces as mls/equal(equal-equal) rather
	than mls/low(low-low).  This was lost in the conversion to
	dynamic labeling.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#60 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#60 (text+ko) ====

@@ -878,11 +878,17 @@
 mac_mls_create_ifnet(struct ifnet *ifnet, struct label *ifnetlabel)
 {
 	struct mac_mls *dest;
+	int level;
 
 	dest = SLOT(ifnetlabel);
 
-	mac_mls_set_single(dest, MAC_MLS_TYPE_LOW, 0);
-	mac_mls_set_range(dest, MAC_MLS_TYPE_LOW, 0, MAC_MLS_TYPE_LOW, 0);
+	if (ifnet->if_type == IFT_LOOP)
+		level = MAC_MLS_TYPE_EQUAL;
+	else
+		level = MAC_MLS_TYPE_LOW;
+
+	mac_mls_set_single(dest, level, 0);
+	mac_mls_set_range(dest, level, 0, level, 0);
 }
 
 static void
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

