diff options
author | rwatson <rwatson@FreeBSD.org> | 2002-10-19 20:30:12 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2002-10-19 20:30:12 +0000 |
commit | 08f5fce1188ec355c4e7a7ac154b9d41f32a6b9a (patch) | |
tree | 964f5d070f651dc8128174cd262299083cfdd026 /sys | |
parent | 91dee1ecbba5ea622c64fab5844ae12e871dbe97 (diff) | |
download | FreeBSD-src-08f5fce1188ec355c4e7a7ac154b9d41f32a6b9a.zip FreeBSD-src-08f5fce1188ec355c4e7a7ac154b9d41f32a6b9a.tar.gz |
Make sure to clear the 'registered' flag for MAC policies when they
unregister. Under some obscure (perhaps demented) circumstances,
this can result in a panic if a policy is unregistered, and then someone
foolishly unregisters it again.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Diffstat (limited to 'sys')
-rw-r--r-- | sys/kern/kern_mac.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_framework.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_internal.h | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_net.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_pipe.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_process.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_syscalls.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_system.c | 1 | ||||
-rw-r--r-- | sys/security/mac/mac_vfs.c | 1 |
9 files changed, 9 insertions, 0 deletions
diff --git a/sys/kern/kern_mac.c b/sys/kern/kern_mac.c index eca63c3..88e9636 100644 --- a/sys/kern/kern_mac.c +++ b/sys/kern/kern_mac.c @@ -998,6 +998,7 @@ mac_policy_unregister(struct mac_policy_conf *mpc) FREE(mpc->mpc_ops, M_MACOPVEC); mpc->mpc_ops = NULL; + mpc->mpc_runtime_flags &= ~MPC_RUNTIME_FLAG_REGISTERED; printf("Security policy unload: %s (%s)\n", mpc->mpc_fullname, mpc->mpc_name); diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c index eca63c3..88e9636 100644 --- a/sys/security/mac/mac_framework.c +++ b/sys/security/mac/mac_framework.c @@ -998,6 +998,7 @@ mac_policy_unregister(struct mac_policy_conf *mpc) FREE(mpc->mpc_ops, M_MACOPVEC); mpc->mpc_ops = NULL; + mpc->mpc_runtime_flags &= ~MPC_RUNTIME_FLAG_REGISTERED; printf("Security policy unload: %s (%s)\n", mpc->mpc_fullname, mpc->mpc_name); diff --git a/sys/security/mac/mac_internal.h b/sys/security/mac/mac_internal.h index eca63c3..88e9636 100644 --- a/sys/security/mac/mac_internal.h +++ b/sys/security/mac/mac_internal.h @@ -998,6 +998,7 @@ mac_policy_unregister(struct mac_policy_conf *mpc) FREE(mpc->mpc_ops, M_MACOPVEC); mpc->mpc_ops = NULL; + mpc->mpc_runtime_flags &= ~MPC_RUNTIME_FLAG_REGISTERED; printf("Security policy unload: %s (%s)\n", mpc->mpc_fullname, mpc->mpc_name); diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c index eca63c3..88e9636 100644 --- a/sys/security/mac/mac_net.c +++ b/sys/security/mac/mac_net.c @@ -998,6 +998,7 @@ mac_policy_unregister(struct mac_policy_conf *mpc) FREE(mpc->mpc_ops, M_MACOPVEC); mpc->mpc_ops = NULL; + mpc->mpc_runtime_flags &= ~MPC_RUNTIME_FLAG_REGISTERED; printf("Security policy unload: %s (%s)\n", mpc->mpc_fullname, mpc->mpc_name); diff --git a/sys/security/mac/mac_pipe.c b/sys/security/mac/mac_pipe.c index eca63c3..88e9636 100644 --- a/sys/security/mac/mac_pipe.c +++ b/sys/security/mac/mac_pipe.c @@ -998,6 +998,7 @@ mac_policy_unregister(struct mac_policy_conf *mpc) FREE(mpc->mpc_ops, M_MACOPVEC); mpc->mpc_ops = NULL; + mpc->mpc_runtime_flags &= ~MPC_RUNTIME_FLAG_REGISTERED; printf("Security policy unload: %s (%s)\n", mpc->mpc_fullname, mpc->mpc_name); diff --git a/sys/security/mac/mac_process.c b/sys/security/mac/mac_process.c index eca63c3..88e9636 100644 --- a/sys/security/mac/mac_process.c +++ b/sys/security/mac/mac_process.c @@ -998,6 +998,7 @@ mac_policy_unregister(struct mac_policy_conf *mpc) FREE(mpc->mpc_ops, M_MACOPVEC); mpc->mpc_ops = NULL; + mpc->mpc_runtime_flags &= ~MPC_RUNTIME_FLAG_REGISTERED; printf("Security policy unload: %s (%s)\n", mpc->mpc_fullname, mpc->mpc_name); diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c index eca63c3..88e9636 100644 --- a/sys/security/mac/mac_syscalls.c +++ b/sys/security/mac/mac_syscalls.c @@ -998,6 +998,7 @@ mac_policy_unregister(struct mac_policy_conf *mpc) FREE(mpc->mpc_ops, M_MACOPVEC); mpc->mpc_ops = NULL; + mpc->mpc_runtime_flags &= ~MPC_RUNTIME_FLAG_REGISTERED; printf("Security policy unload: %s (%s)\n", mpc->mpc_fullname, mpc->mpc_name); diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c index eca63c3..88e9636 100644 --- a/sys/security/mac/mac_system.c +++ b/sys/security/mac/mac_system.c @@ -998,6 +998,7 @@ mac_policy_unregister(struct mac_policy_conf *mpc) FREE(mpc->mpc_ops, M_MACOPVEC); mpc->mpc_ops = NULL; + mpc->mpc_runtime_flags &= ~MPC_RUNTIME_FLAG_REGISTERED; printf("Security policy unload: %s (%s)\n", mpc->mpc_fullname, mpc->mpc_name); diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c index eca63c3..88e9636 100644 --- a/sys/security/mac/mac_vfs.c +++ b/sys/security/mac/mac_vfs.c @@ -998,6 +998,7 @@ mac_policy_unregister(struct mac_policy_conf *mpc) FREE(mpc->mpc_ops, M_MACOPVEC); mpc->mpc_ops = NULL; + mpc->mpc_runtime_flags &= ~MPC_RUNTIME_FLAG_REGISTERED; printf("Security policy unload: %s (%s)\n", mpc->mpc_fullname, mpc->mpc_name); |