36c36
< * $FreeBSD: head/sys/security/mac/mac_syscalls.c 106856 2002-11-13 15:47:09Z rwatson $
---
> * $FreeBSD: head/sys/security/mac/mac_syscalls.c 107089 2002-11-19 22:12:42Z rwatson $
127a128,132
> static int mac_enforce_kld = 1;
> SYSCTL_INT(_security_mac, OID_AUTO, enforce_kld, CTLFLAG_RW,
> &mac_enforce_kld, 0, "Enforce MAC policy on kld operations");
> TUNABLE_INT("security.mac.enforce_kld", &mac_enforce_kld);
>
2295a2301,2341
> mac_check_kld_load(struct ucred *cred, struct vnode *vp)
> {
> int error;
>
> ASSERT_VOP_LOCKED(vp, "mac_check_kld_load");
>
> if (!mac_enforce_kld)
> return (0);
>
> MAC_CHECK(check_kld_load, cred, vp, &vp->v_label);
>
> return (error);
> }
>
> int
> mac_check_kld_stat(struct ucred *cred)
> {
> int error;
>
> if (!mac_enforce_kld)
> return (0);
>
> MAC_CHECK(check_kld_stat, cred);
>
> return (error);
> }
>
> int
> mac_check_kld_unload(struct ucred *cred)
> {
> int error;
>
> if (!mac_enforce_kld)
> return (0);
>
> MAC_CHECK(check_kld_unload, cred);
>
> return (error);
> }
>
> int
< * $FreeBSD: head/sys/security/mac/mac_syscalls.c 106856 2002-11-13 15:47:09Z rwatson $
---
> * $FreeBSD: head/sys/security/mac/mac_syscalls.c 107089 2002-11-19 22:12:42Z rwatson $
127a128,132
> static int mac_enforce_kld = 1;
> SYSCTL_INT(_security_mac, OID_AUTO, enforce_kld, CTLFLAG_RW,
> &mac_enforce_kld, 0, "Enforce MAC policy on kld operations");
> TUNABLE_INT("security.mac.enforce_kld", &mac_enforce_kld);
>
2295a2301,2341
> mac_check_kld_load(struct ucred *cred, struct vnode *vp)
> {
> int error;
>
> ASSERT_VOP_LOCKED(vp, "mac_check_kld_load");
>
> if (!mac_enforce_kld)
> return (0);
>
> MAC_CHECK(check_kld_load, cred, vp, &vp->v_label);
>
> return (error);
> }
>
> int
> mac_check_kld_stat(struct ucred *cred)
> {
> int error;
>
> if (!mac_enforce_kld)
> return (0);
>
> MAC_CHECK(check_kld_stat, cred);
>
> return (error);
> }
>
> int
> mac_check_kld_unload(struct ucred *cred)
> {
> int error;
>
> if (!mac_enforce_kld)
> return (0);
>
> MAC_CHECK(check_kld_unload, cred);
>
> return (error);
> }
>
> int