PERFORCE change 46748 for review

[Andrew Reisse]

http://perforce.freebsd.org/chv.cgi?CH=46748

Change 46748 by areisse at areisse_ibook on 2004/02/10 06:45:47

	Fix for using more than 1 preload at a time
	start sebsd in enforcing mode with "kenv_sebsd_enforce=1"

Affected files ...

.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ppc/ppc_init.c#3 edit
.. //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/avc/avc.c#7 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/osfmk/ppc/ppc_init.c#3 (text+ko) ====

@@ -115,9 +115,10 @@
   int    *exp = boot_exdata;
 
   while (rlen > 0) {
+    size_t esize = (exp[0] + sizeof (int) * 5 + 0xfff) & ~0xfff;
     if (strcmp ((char *) (exp + 1), name)) {
-      rlen -= exp[0];
-      exp = (int *) (((char*)exp) + exp[0]);
+      rlen -= esize;
+      exp = (int *) (((char*)exp) + esize);
     }
     else {
       *size = exp[0];

==== //depot/projects/trustedbsd/sedarwin/apsl/xnu/security/sebsd/avc/avc.c#7 (text+ko) ====

@@ -151,8 +151,12 @@
 	mtx_init(&avc_lock, "SEBSD AVC", NULL, MTX_DEF);
 	mtx_init(&avc_log_lock, "SEBSD message lock", NULL, MTX_DEF);
 
-	/* The fetch may or may not occur; if not, it doesn't change int *. */
-	TUNABLE_INT_FETCH("security.mac.sebsd.enforcing", &selinux_enforcing);
+	size_t  evsize;
+	char   *ev;
+	if (preload_find_data ("sebsd_enforce", &evsize, &ev)) {
+	  if (evsize > 0 && ev[0] == '1')
+	    selinux_enforcing = 1;
+	}
 }
 
 #if 0
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message