Using Shared Memory Labels
This example creates an identifier for a shared memory region at Confidential and gets the CMW label on the same shared memory region. The program is running at Top Secret.
#include <sys/ipc.h>
#include <sys/types.h>
#include <tsol/label.h>
#include <sys/shm.h>
main()
{
int id, retval, error, pid;
bclabel_t cmwlabel;
bslabel_t senslabel;
char *string = (char *)0;
retval = stobsl("CONFIDENTIAL", &senslabel, NEW_LABEL, &error);
/* Create shared memory region at Confidential */
/* Turn ipc_mac_write on in the effective set */
id = shmgetl(IPC_PRIVATE, 256, IPC_CREAT|0666, &senslabel);
/* Turn off ipc_mac_write */
/* Get CMW label of shared memory region */
/* Turn ipc_mac_read on in the effective set */
retval = getshmcmwlabel(id, &cmwlabel);
/* Turn off ipc_mac_read */
/* Print CMW label */
bcltos(&cmwlabel, &string, 0, LONG_WORDS);
printf("CMW label = %s\n", string);
}
The printf(1) statement prints the following:
CMW label = UNCLASSIFIED[C] |
- © 2010, Oracle Corporation and/or its affiliates