From owner-p4-projects Fri Mar 22 15:31:20 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 4068D37B419; Fri, 22 Mar 2002 15:31:07 -0800 (PST) Delivered-To: perforce@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 4BC3837B404 for ; Fri, 22 Mar 2002 15:31:06 -0800 (PST) Received: (from perforce@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g2MNV6V53129 for perforce@freebsd.org; Fri, 22 Mar 2002 15:31:06 -0800 (PST) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Fri, 22 Mar 2002 15:31:06 -0800 (PST) Message-Id: <200203222331.g2MNV6V53129@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 8220 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=8220 Change 8220 by rwatson@rwatson_paprika on 2002/03/22 15:31:00 Introduce a run-time flags field into the struct mac_policy_conf, which will include a new flag, MPC_FLAG_REGISTERED, indicating whether the policy is actually registered. This assists in handling loadable kernel modules containing a policy already present and compiled into the kernel. Affected files ... ... //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#120 edit ... //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#54 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#120 (text+ko) ==== @@ -220,7 +220,11 @@ error = mac_policy_register(mpc); break; case MOD_UNLOAD: - error = mac_policy_unregister(mpc); + /* Don't unregister the module if it was never registered. */ + if ((mpc->mpc_runtime_flags & MPC_FLAG_REGISTERED) != 0) + error = mac_policy_unregister(mpc); + else + error = 0; break; default: } @@ -236,7 +240,7 @@ sx_xlock(&mac_policy_list_lock); LIST_FOREACH(tmpc, &mac_policy_list, mpc_list) { - if (!strcmp(tmpc->mpc_name, mpc->mpc_name)) { + if (strcmp(tmpc->mpc_name, mpc->mpc_name) == 0) { sx_xunlock(&mac_policy_list_lock); return (EEXIST); } @@ -252,6 +256,7 @@ mpc->mpc_field_off = slot; } else mpc->mpc_field_off = -1; + mpc->mpc_runtime_flags |= MPC_FLAG_REGISTERED; LIST_INSERT_HEAD(&mac_policy_list, mpc, mpc_list); printf("Security policy: %s (%s)\n", mpc->mpc_fullname, mpc->mpc_name); ==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#54 (text+ko) ==== @@ -208,15 +208,20 @@ char *mpc_fullname; /* policy full name */ struct mac_policy_ops *mpc_ops; /* policy operations */ int mpc_field_off; /* security field */ + int mpc_runtime_flags; /* flags */ LIST_ENTRY(mac_policy_conf) mpc_list; /* global list */ }; +/* Flags for the mpc_runtime_flags field. */ +#define MPC_FLAG_REGISTERED 0x00000001 + #define MAC_POLICY_SET(mpops, mpname, mpfullname, privdata_wanted) \ static struct mac_policy_conf mpname ## _mac_policy_conf = { \ #mpname, \ mpfullname, \ &mpops, \ - privdata_wanted \ + privdata_wanted, \ + 0 \ }; \ static moduledata_t mpname ## _mod = { \ #mpname, \ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message