summaryrefslogtreecommitdiff
path: root/sys/security/mac_mls/mac_mls.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/security/mac_mls/mac_mls.c')
-rw-r--r--sys/security/mac_mls/mac_mls.c40
1 files changed, 14 insertions, 26 deletions
diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c
index 2ceae3559c1f..b5e321bffdf0 100644
--- a/sys/security/mac_mls/mac_mls.c
+++ b/sys/security/mac_mls/mac_mls.c
@@ -541,57 +541,49 @@ mac_mls_element_to_string(struct sbuf *sb, struct mac_mls_element *element)
}
/*
- * mac_mls_to_string() converts an MLS label to a string, placing the
- * results in the passed string buffer. It returns 0 on success,
- * or EINVAL if there isn't room in the buffer. The size of the
- * string appended, leaving out the nul termination, is returned to
- * the caller via *caller_len. Eventually, we should expose the
- * sbuf to the caller rather than using C strings at this layer.
+ * mac_mls_to_string() converts an MLS label to a string, and places
+ * the results in the passed sbuf. It returns 0 on success, or EINVAL
+ * if there isn't room in the sbuf. Note: the sbuf will be modified
+ * even in a failure case, so the caller may need to revert the sbuf
+ * by restoring the offset if that's undesired.
*/
static int
-mac_mls_to_string(char *string, size_t size, size_t *caller_len,
- struct mac_mls *mac_mls)
+mac_mls_to_string(struct sbuf *sb, struct mac_mls *mac_mls)
{
- struct sbuf sb;
-
- sbuf_new(&sb, string, size, SBUF_FIXEDLEN);
if (mac_mls->mm_flags & MAC_MLS_FLAG_SINGLE) {
- if (mac_mls_element_to_string(&sb, &mac_mls->mm_single)
+ if (mac_mls_element_to_string(sb, &mac_mls->mm_single)
== -1)
return (EINVAL);
}
if (mac_mls->mm_flags & MAC_MLS_FLAG_RANGE) {
- if (sbuf_putc(&sb, '(') == -1)
+ if (sbuf_putc(sb, '(') == -1)
return (EINVAL);
- if (mac_mls_element_to_string(&sb, &mac_mls->mm_rangelow)
+ if (mac_mls_element_to_string(sb, &mac_mls->mm_rangelow)
== -1)
return (EINVAL);
- if (sbuf_putc(&sb, '-') == -1)
+ if (sbuf_putc(sb, '-') == -1)
return (EINVAL);
- if (mac_mls_element_to_string(&sb, &mac_mls->mm_rangehigh)
+ if (mac_mls_element_to_string(sb, &mac_mls->mm_rangehigh)
== -1)
return (EINVAL);
- if (sbuf_putc(&sb, ')') == -1)
+ if (sbuf_putc(sb, ')') == -1)
return (EINVAL);
}
- sbuf_finish(&sb);
- *caller_len = strlen(string);
return (0);
}
static int
mac_mls_externalize_label(struct label *label, char *element_name,
- char *element_data, size_t size, size_t *len, int *claimed)
+ struct sbuf *sb, int *claimed)
{
struct mac_mls *mac_mls;
- int error;
if (strcmp(MAC_MLS_LABEL_NAME, element_name) != 0)
return (0);
@@ -600,11 +592,7 @@ mac_mls_externalize_label(struct label *label, char *element_name,
mac_mls = SLOT(label);
- error = mac_mls_to_string(element_data, size, len, mac_mls);
- if (error)
- return (error);
-
- return (0);
+ return (mac_mls_to_string(sb, mac_mls));
}
static int
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-12 17:52:21 +0000