Date: Tue, 6 Aug 2002 13:01:14 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 15626 for review Message-ID: <200208062001.g76K1E6X009982@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15626 Change 15626 by rwatson@rwatson_tislabs on 2002/08/06 13:00:34 Introduce module dependencies to prevent MAC modules from getting loaded with a kernel that doesn't support MAC. Largely the evil of: peter Affected files ... .. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#229 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#109 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#229 (text+ko) ==== @@ -87,6 +87,13 @@ #ifdef MAC +/* + * Declare that the kernel provides MAC support, version 1. This permits + * modules to refuse to be loaded if the necessary support isn't present, + * even if it's pre-boot. + */ +MODULE_VERSION(kernel_mac_support, 1); + SYSCTL_DECL(_security); SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, ==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#109 (text+ko) ==== @@ -496,6 +496,7 @@ mac_policy_modevent, \ &mpname##_mac_policy_conf \ }; \ + MODULE_DEPEND(mpname, kernel_mac_support, 1, 1, 1); \ DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY, \ SI_ORDER_MIDDLE) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208062001.g76K1E6X009982>