Deleted Added
sdiff udiff text old ( 104518 ) new ( 104520 )
full compact
mac_process.c (104518) mac_process.c (104520)
1/*-
2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
3 * Copyright (c) 2001 Ilmar S. Habibulin
4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc.
5 * All rights reserved.
6 *
7 * This software was developed by Robert Watson and Ilmar Habibulin for the
8 * TrustedBSD Project.

--- 22 unchanged lines hidden (view full) ---

31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * SUCH DAMAGE.
38 *
1/*-
2 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
3 * Copyright (c) 2001 Ilmar S. Habibulin
4 * Copyright (c) 2001, 2002 Networks Associates Technology, Inc.
5 * All rights reserved.
6 *
7 * This software was developed by Robert Watson and Ilmar Habibulin for the
8 * TrustedBSD Project.

--- 22 unchanged lines hidden (view full) ---

31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * SUCH DAMAGE.
38 *
39 * $FreeBSD: head/sys/security/mac/mac_process.c 104518 2002-10-05 16:33:46Z rwatson $
39 * $FreeBSD: head/sys/security/mac/mac_process.c 104520 2002-10-05 16:46:03Z rwatson $
40 */
41/*
42 * Developed by the TrustedBSD Project.
43 *
44 * Framework for extensible kernel access control. Kernel and userland
45 * interface to the framework, policy registration and composition.
46 */
47

--- 875 unchanged lines hidden (view full) ---

923
924 return (0);
925}
926
927static int
928mac_policy_unregister(struct mac_policy_conf *mpc)
929{
930
40 */
41/*
42 * Developed by the TrustedBSD Project.
43 *
44 * Framework for extensible kernel access control. Kernel and userland
45 * interface to the framework, policy registration and composition.
46 */
47

--- 875 unchanged lines hidden (view full) ---

923
924 return (0);
925}
926
927static int
928mac_policy_unregister(struct mac_policy_conf *mpc)
929{
930
931 /*
932 * If we fail the load, we may get a request to unload. Check
933 * to see if we did the run-time registration, and if not,
934 * silently succeed.
935 */
936 MAC_POLICY_LIST_LOCK();
937 if ((mpc->mpc_runtime_flags & MPC_RUNTIME_FLAG_REGISTERED) == 0) {
938 MAC_POLICY_LIST_UNLOCK();
939 return (0);
940 }
931#if 0
932 /*
933 * Don't allow unloading modules with private data.
934 */
941#if 0
942 /*
943 * Don't allow unloading modules with private data.
944 */
935 if (mpc->mpc_field_off != NULL)
945 if (mpc->mpc_field_off != NULL) {
946 MAC_POLICY_LIST_UNLOCK();
936 return (EBUSY);
947 return (EBUSY);
948 }
937#endif
949#endif
938 if ((mpc->mpc_loadtime_flags & MPC_LOADTIME_FLAG_UNLOADOK) == 0)
950 /*
951 * Only allow the unload to proceed if the module is unloadable
952 * by its own definition.
953 */
954 if ((mpc->mpc_loadtime_flags & MPC_LOADTIME_FLAG_UNLOADOK) == 0) {
955 MAC_POLICY_LIST_UNLOCK();
939 return (EBUSY);
956 return (EBUSY);
940 MAC_POLICY_LIST_LOCK();
957 }
958 /*
959 * Right now, we EBUSY if the list is in use. In the future,
960 * for reliability reasons, we might want to sleep and wakeup
961 * later to try again.
962 */
941 if (mac_policy_list_busy > 0) {
942 MAC_POLICY_LIST_UNLOCK();
943 return (EBUSY);
944 }
945 if (mpc->mpc_ops->mpo_destroy != NULL)
946 (*(mpc->mpc_ops->mpo_destroy))(mpc);
947
948 LIST_REMOVE(mpc, mpc_list);

--- 2454 unchanged lines hidden --- 		963 if (mac_policy_list_busy > 0) {
964 MAC_POLICY_LIST_UNLOCK();
965 return (EBUSY);
966 }
967 if (mpc->mpc_ops->mpo_destroy != NULL)
968 (*(mpc->mpc_ops->mpo_destroy))(mpc);
969
970 LIST_REMOVE(mpc, mpc_list);

--- 2454 unchanged lines hidden ---