*
* sec   security download driver  
*

%DRIVER

Type:		character         	# driver type:  block, character, stream
Prefix:		sec		 	# prefix added to functions
Funcs:		open close read write init
Major:		48			# major device number(s)
Controller:	1			# number of controllers per system
Physical:	1			# physical devices per controller
Logical:	1  			# number of logical devices per physical
Multiproc: 	                            

%PARAM

PRIVMODE	1
MACMODE		1
SATMODE		1   
MAXUIDS		256			# default number of uids on system
MAXGIDS		64			# default number of gid on system
MAXROLES	64 			# default number of roles on system
MAXEXECL	5			# default number of exec labels 
 				

%CONFIG					# code added to conf.c for this driver

#ifdef SEC_0
#ifndef SYS_SEC_H
#include "sys/security.h"
#endif

#ifndef SYS_MLS_H
#include "sys/mls.h"
#endif

/* sec_mode - the is the security options mode bits. They 
 * describe the current security configuration! They are configurable
 * via the /etc/system file.
 */ 
uint sec_mode = (MACINHERIT<<3 | MACMODE<<2 | PRIVMODE<<1 | SATMODE);

/* sys_priv_mask - this is a global privilege mask. It can be reset
 * through the priv system call to restrict operating privileges processes
 * may inherit. It must start at P_ALL for init and su to function
 * at boottime
 */
uint sys_priv_mask = P_ALL;

kern_role_t kern_role[MAXROLES];
int rolemax = MAXROLES;
int rolesize = sizeof( kern_role_t );

kern_uidmap_t kern_uidmap[MAXUIDS];
int uidmax = MAXUIDS;
int uidsize = sizeof( kern_uidmap_t );

kern_gidmap_t kern_gidmap[MAXGIDS];
int gidmax = MAXGIDS;
int gidsize = sizeof( kern_gidmap_t );

slabel_t exec_labels[MAXEXECL];
int execmax = MAXEXECL;
int execsize = sizeof( slabel_t );
#endif /* SEC_0 */

