Setting sensitivity label classifications and comparing sensitivity labels examples

This is an example of setting the classifications of sensitivity labels and using the library routines for comparisons between the sensitivity labels.

The PV_LAB_LEF privilege is required in the program's proxy privilege set and in the calling process's maximum privilege set.

	#include <stdio.h>
	#include <mls/mls.h>
	#include <userpriv.h>
	#include <errno.h>
	
	#define SUCCESS	0
	#define ERROR	1
	int
	main (int argc, char **argv)
	{
	/* Sensitivity labels */
	sl_t sl1, sl2;
	
	/* strings to hold labels' names */
	char *slBuffer1 = NULL;
	char *slBuffer2 = NULL;
	
	if (argc != 3) {
	fprintf(stderr, "Usage: compare slabel1 slabel2\n");
	exit(ERROR);
	}
	/*
	* Initialize this process with initlabeldb() to access the
	* system default Label database.
	*/
	priv_raise(PV_LAB_LEF , -1);
	if (initlabeldb(NULL) != 0) {
	fprintf(stderr, "Could not read the Label Encodings Database.\n");
	exit(ERROR);
	}
	priv_remove(PV_LAB_LEF, -1);
	
	/* Convert the passed SL to binary format */
	if (slhrtob(&sl1, argv[1]) != 0) {
	fprintf(stderr, "Unable to convert %s to binary form.\n", argv[1]);
	exit(ERROR);
	}
	if (slhrtob(&sl2, argv[2]) != 0) {
	fprintf(stderr, "Unable to convert %s to binary form.\n", argv[2]);
	exit(ERROR);
	}
	
	/* malloc for the maximum SL label length that can be formed */
	slBuffer1 = (char *) malloc(maxlen_sl());
	slBuffer2 = (char *) malloc(maxlen_sl());
	
	if ((slBuffer1 == NULL) || (slBuffer2 == NULL)) {
	perror("malloc");
	exit(ERROR);
	}
	
	/*
	* Translate the label back to human readable (long) form.
	* This is not a necessary step. It is shown as an example 
	* usage of slbtohr() API.
	*/
	if (slbtohr(slBuffer1, &sl1, HR_LONG) != 0) {
	fprintf(stderr, "Unable to convert to binary human readable form.\n");
	exit(ERROR);
	}
	
	if (slbtohr(slBuffer2, &sl2, HR_LONG) != 0) {
	fprintf(stderr,"Unable to convert to binary human readable form.\n");
	exit(ERROR);
	}
	
	/*
	* Use sl_cmp() to compare the dominance of the two labels.
	*/
	if (sl_cmp(&sl1, &sl2) == LAB_SAME) {
	printf("label (%s) equals label (%s).\n",
	slBuffer1, slBuffer2);
	}
	else if (sl_cmp(&sl1, &sl2) == LAB_DOM) {
	printf("label (%s) dominates label (%s).\n",
	slBuffer1, slBuffer2);
	}
	else if (sl_cmp(&sl2, &sl1) == LAB_DOM) {
	printf("label (%s) dominates label (%s).\n",
	slBuffer2, slBuffer1);
	}
	else {
	printf("The two labels are disjoint.\n");
	}
	
	return (SUCCESS);
	}