PERFORCE change 38418 for review

Andrew Reisse areisse at FreeBSD.org
Mon Sep 22 15:20:04 GMT 2003 

http://perforce.freebsd.org/chv.cgi?CH=38418

Change 38418 by areisse at areisse_tislabs on 2003/09/22 08:19:32

	remove avc_enforcing and avc_toggle syscalls
	also, it should build again...

Affected files ...

.. //depot/projects/trustedbsd/sebsd/lib/libsebsd/sebsd_ss.h#2 edit
.. //depot/projects/trustedbsd/sebsd/lib/libsebsd/system.c#2 edit

Differences ...

==== //depot/projects/trustedbsd/sebsd/lib/libsebsd/sebsd_ss.h#2 (text+ko) ====

@@ -36,13 +36,6 @@
 #ifndef _SELINUX_SS_H_
 #define _SELINUX_SS_H_
 
-
-/* Individual AVC calls. */
-
-extern int avc_toggle(void);
-
-extern int avc_enforcing(void);
-
 /* Individual security server calls. */
 
 extern int security_compute_av(struct security_query *query, 
@@ -70,16 +63,16 @@
 
 extern int security_sid_to_context(security_id_t sid, 
 				   security_context_t scontext, 
-				   __u32 *scontext_len);
+				   u32 *scontext_len);
 
 extern int security_context_to_sid(const security_context_t scontext, 
-				   __u32 scontext_len, 
+				   u32 scontext_len, 
 				   security_id_t *out_sid);
 
 extern int security_load_policy(const char *path);
 
 extern int security_get_sids(security_id_t *sids, 
-			     __u32 *nel);
+			     u32 *nel);
 
 extern int security_mls(void);
 

==== //depot/projects/trustedbsd/sebsd/lib/libsebsd/system.c#2 (text+ko) ====

@@ -40,21 +40,21 @@
 
 int sebsd_enabled()
 {
-	int error;
-	error = mac_syscall(SEBSD_ID_STRING, SEBSDCALL_AVC_ENFORCING , NULL);
-	return (error != ENOSYS);
+	int error, i;
+	error = sysctlbyname ("security.mac.sebsd.enforcing", 
+                              &i, sizeof(int), NULL, 0);
+	return (error != ENOENT);
 }
 
 int
 sebsd_enforcing()
 {
-	return mac_syscall(SEBSD_ID_STRING, SEBSDCALL_AVC_ENFORCING , NULL);
-}
-
-int
-sebsd_avc_toggle()
-{
-	return mac_syscall(SEBSD_ID_STRING, SEBSDCALL_AVC_TOGGLE , NULL);
+	int i, error;
+	error = sysctlbyname ("security.mac.sebsd.enforcing", 
+			      &i, sizeof (int), NULL, 0);
+	if (error)
+		return 0;
+	return i;
 }
 
 int
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list