PERFORCE change 19565 for review

Fri Oct 18 18:29:42 GMT 2002

http://perforce.freebsd.org/chv.cgi?CH=19565

Change 19565 by green at green_laptop_2 on 2002/10/18 11:29:35

	* In SEBSD, since we're generally not allowed to just relabel
	  a process, return EPERM instead of 0.
	* Remove the relabel_vnode printf().
	* Fix arguments to internalization which were not synched properly.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#47 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#47 (text+ko) ====

@@ -236,7 +236,7 @@
 sebsd_check_cred_relabel(struct ucred *cred, struct label *newlabel)
 {
 	printf("sebsd_check_cred_relabel:: This does nothing\n");
-	return 0;
+	return EPERM;
 }
 
 static void
@@ -497,7 +497,7 @@
 
 static int
 sebsd_internalize_sid(security_id_t *sidp, char *element_name,
-    char *element_data, size_t size, size_t *len, int *claimed)
+    char *element_data, int *claimed)
 {
 	char context[128];
 	size_t context_len;
@@ -516,24 +516,24 @@
 
 static int
 sebsd_internalize_cred_label(struct label *label, char *element_name,
-    char *element_data, size_t size, size_t *len, int *claimed)
+    char *element_data, int *claimed)
 {
 	struct task_security_struct *tsec;
 
 	tsec = SLOT(label);
-	return (sebsd_internalize_sid(&tsec->sid, element_name,
-	    element_data, size, len, claimed));
+	return (sebsd_internalize_sid(&tsec->sid, element_name, element_data,
+	    claimed));
 }
 
 static int
 sebsd_internalize_vnode_label(struct label *label, char *element_name,
-    char *element_data, size_t size, size_t *len, int *claimed)
+    char *element_data, int *claimed)
 {
 	struct vnode_security_struct *vsec;
 
 	vsec = SLOT(label);
-	return (sebsd_internalize_sid(&vsec->sid, element_name,
-	    element_data, size, len, claimed));
+	return (sebsd_internalize_sid(&vsec->sid, element_name, element_data,
+	    claimed));
 }
 
 static void
@@ -557,9 +557,6 @@
 		return;
 	}
 		
-	printf("relabel_vnode:: source=%d, dest=%d\n", source->sid, 
-	       dest->sid);
-
 	if ((vp->v_mount->mnt_flag & MNT_MULTILABEL) == 0) {
 		return;
 	}
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

