mac_process.c (104518) | mac_process.c (104520) |
---|---|
1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 22 unchanged lines hidden (view full) --- 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * | 1/*- 2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert Watson and Ilmar Habibulin for the 8 * TrustedBSD Project. --- 22 unchanged lines hidden (view full) --- 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * |
39 * $FreeBSD: head/sys/security/mac/mac_process.c 104518 2002-10-05 16:33:46Z rwatson $ | 39 * $FreeBSD: head/sys/security/mac/mac_process.c 104520 2002-10-05 16:46:03Z rwatson $ |
40 */ 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * Framework for extensible kernel access control. Kernel and userland 45 * interface to the framework, policy registration and composition. 46 */ 47 --- 875 unchanged lines hidden (view full) --- 923 924 return (0); 925} 926 927static int 928mac_policy_unregister(struct mac_policy_conf *mpc) 929{ 930 | 40 */ 41/* 42 * Developed by the TrustedBSD Project. 43 * 44 * Framework for extensible kernel access control. Kernel and userland 45 * interface to the framework, policy registration and composition. 46 */ 47 --- 875 unchanged lines hidden (view full) --- 923 924 return (0); 925} 926 927static int 928mac_policy_unregister(struct mac_policy_conf *mpc) 929{ 930 |
931 /* 932 * If we fail the load, we may get a request to unload. Check 933 * to see if we did the run-time registration, and if not, 934 * silently succeed. 935 */ 936 MAC_POLICY_LIST_LOCK(); 937 if ((mpc->mpc_runtime_flags & MPC_RUNTIME_FLAG_REGISTERED) == 0) { 938 MAC_POLICY_LIST_UNLOCK(); 939 return (0); 940 } |
|
931#if 0 932 /* 933 * Don't allow unloading modules with private data. 934 */ | 941#if 0 942 /* 943 * Don't allow unloading modules with private data. 944 */ |
935 if (mpc->mpc_field_off != NULL) | 945 if (mpc->mpc_field_off != NULL) { 946 MAC_POLICY_LIST_UNLOCK(); |
936 return (EBUSY); | 947 return (EBUSY); |
948 } |
|
937#endif | 949#endif |
938 if ((mpc->mpc_loadtime_flags & MPC_LOADTIME_FLAG_UNLOADOK) == 0) | 950 /* 951 * Only allow the unload to proceed if the module is unloadable 952 * by its own definition. 953 */ 954 if ((mpc->mpc_loadtime_flags & MPC_LOADTIME_FLAG_UNLOADOK) == 0) { 955 MAC_POLICY_LIST_UNLOCK(); |
939 return (EBUSY); | 956 return (EBUSY); |
940 MAC_POLICY_LIST_LOCK(); | 957 } 958 /* 959 * Right now, we EBUSY if the list is in use. In the future, 960 * for reliability reasons, we might want to sleep and wakeup 961 * later to try again. 962 */ |
941 if (mac_policy_list_busy > 0) { 942 MAC_POLICY_LIST_UNLOCK(); 943 return (EBUSY); 944 } 945 if (mpc->mpc_ops->mpo_destroy != NULL) 946 (*(mpc->mpc_ops->mpo_destroy))(mpc); 947 948 LIST_REMOVE(mpc, mpc_list); --- 2454 unchanged lines hidden --- | 963 if (mac_policy_list_busy > 0) { 964 MAC_POLICY_LIST_UNLOCK(); 965 return (EBUSY); 966 } 967 if (mpc->mpc_ops->mpo_destroy != NULL) 968 (*(mpc->mpc_ops->mpo_destroy))(mpc); 969 970 LIST_REMOVE(mpc, mpc_list); --- 2454 unchanged lines hidden --- |