summaryrefslogtreecommitdiffstats
path: root/sys/security/mac/mac_system.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/security/mac/mac_system.c')
-rw-r--r--sys/security/mac/mac_system.c583
1 files changed, 0 insertions, 583 deletions
diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c
index 5c3da06..4882c0f 100644
--- a/sys/security/mac/mac_system.c
+++ b/sys/security/mac/mac_system.c
@@ -471,595 +471,16 @@ static int
mac_policy_register(struct mac_policy_conf *mpc)
{
struct mac_policy_conf *tmpc;
- struct mac_policy_op_entry *mpe;
int slot;
- MALLOC(mpc->mpc_ops, struct mac_policy_ops *, sizeof(*mpc->mpc_ops),
- M_MACOPVEC, M_WAITOK | M_ZERO);
- for (mpe = mpc->mpc_entries; mpe->mpe_constant != MAC_OP_LAST; mpe++) {
- switch (mpe->mpe_constant) {
- case MAC_OP_LAST:
- /*
- * Doesn't actually happen, but this allows checking
- * that all enumerated values are handled.
- */
- break;
- case MAC_DESTROY:
- mpc->mpc_ops->mpo_destroy =
- mpe->mpe_function;
- break;
- case MAC_INIT:
- mpc->mpc_ops->mpo_init =
- mpe->mpe_function;
- break;
- case MAC_SYSCALL:
- mpc->mpc_ops->mpo_syscall =
- mpe->mpe_function;
- break;
- case MAC_INIT_BPFDESC_LABEL:
- mpc->mpc_ops->mpo_init_bpfdesc_label =
- mpe->mpe_function;
- break;
- case MAC_INIT_CRED_LABEL:
- mpc->mpc_ops->mpo_init_cred_label =
- mpe->mpe_function;
- break;
- case MAC_INIT_DEVFSDIRENT_LABEL:
- mpc->mpc_ops->mpo_init_devfsdirent_label =
- mpe->mpe_function;
- break;
- case MAC_INIT_IFNET_LABEL:
- mpc->mpc_ops->mpo_init_ifnet_label =
- mpe->mpe_function;
- break;
- case MAC_INIT_IPQ_LABEL:
- mpc->mpc_ops->mpo_init_ipq_label =
- mpe->mpe_function;
- break;
- case MAC_INIT_MBUF_LABEL:
- mpc->mpc_ops->mpo_init_mbuf_label =
- mpe->mpe_function;
- break;
- case MAC_INIT_MOUNT_LABEL:
- mpc->mpc_ops->mpo_init_mount_label =
- mpe->mpe_function;
- break;
- case MAC_INIT_MOUNT_FS_LABEL:
- mpc->mpc_ops->mpo_init_mount_fs_label =
- mpe->mpe_function;
- break;
- case MAC_INIT_PIPE_LABEL:
- mpc->mpc_ops->mpo_init_pipe_label =
- mpe->mpe_function;
- break;
- case MAC_INIT_SOCKET_LABEL:
- mpc->mpc_ops->mpo_init_socket_label =
- mpe->mpe_function;
- break;
- case MAC_INIT_SOCKET_PEER_LABEL:
- mpc->mpc_ops->mpo_init_socket_peer_label =
- mpe->mpe_function;
- break;
- case MAC_INIT_VNODE_LABEL:
- mpc->mpc_ops->mpo_init_vnode_label =
- mpe->mpe_function;
- break;
- case MAC_DESTROY_BPFDESC_LABEL:
- mpc->mpc_ops->mpo_destroy_bpfdesc_label =
- mpe->mpe_function;
- break;
- case MAC_DESTROY_CRED_LABEL:
- mpc->mpc_ops->mpo_destroy_cred_label =
- mpe->mpe_function;
- break;
- case MAC_DESTROY_DEVFSDIRENT_LABEL:
- mpc->mpc_ops->mpo_destroy_devfsdirent_label =
- mpe->mpe_function;
- break;
- case MAC_DESTROY_IFNET_LABEL:
- mpc->mpc_ops->mpo_destroy_ifnet_label =
- mpe->mpe_function;
- break;
- case MAC_DESTROY_IPQ_LABEL:
- mpc->mpc_ops->mpo_destroy_ipq_label =
- mpe->mpe_function;
- break;
- case MAC_DESTROY_MBUF_LABEL:
- mpc->mpc_ops->mpo_destroy_mbuf_label =
- mpe->mpe_function;
- break;
- case MAC_DESTROY_MOUNT_LABEL:
- mpc->mpc_ops->mpo_destroy_mount_label =
- mpe->mpe_function;
- break;
- case MAC_DESTROY_MOUNT_FS_LABEL:
- mpc->mpc_ops->mpo_destroy_mount_fs_label =
- mpe->mpe_function;
- break;
- case MAC_DESTROY_PIPE_LABEL:
- mpc->mpc_ops->mpo_destroy_pipe_label =
- mpe->mpe_function;
- break;
- case MAC_DESTROY_SOCKET_LABEL:
- mpc->mpc_ops->mpo_destroy_socket_label =
- mpe->mpe_function;
- break;
- case MAC_DESTROY_SOCKET_PEER_LABEL:
- mpc->mpc_ops->mpo_destroy_socket_peer_label =
- mpe->mpe_function;
- break;
- case MAC_DESTROY_VNODE_LABEL:
- mpc->mpc_ops->mpo_destroy_vnode_label =
- mpe->mpe_function;
- break;
- case MAC_COPY_PIPE_LABEL:
- mpc->mpc_ops->mpo_copy_pipe_label =
- mpe->mpe_function;
- break;
- case MAC_COPY_VNODE_LABEL:
- mpc->mpc_ops->mpo_copy_vnode_label =
- mpe->mpe_function;
- break;
- case MAC_EXTERNALIZE_CRED_LABEL:
- mpc->mpc_ops->mpo_externalize_cred_label =
- mpe->mpe_function;
- break;
- case MAC_EXTERNALIZE_IFNET_LABEL:
- mpc->mpc_ops->mpo_externalize_ifnet_label =
- mpe->mpe_function;
- break;
- case MAC_EXTERNALIZE_PIPE_LABEL:
- mpc->mpc_ops->mpo_externalize_pipe_label =
- mpe->mpe_function;
- break;
- case MAC_EXTERNALIZE_SOCKET_LABEL:
- mpc->mpc_ops->mpo_externalize_socket_label =
- mpe->mpe_function;
- break;
- case MAC_EXTERNALIZE_SOCKET_PEER_LABEL:
- mpc->mpc_ops->mpo_externalize_socket_peer_label =
- mpe->mpe_function;
- break;
- case MAC_EXTERNALIZE_VNODE_LABEL:
- mpc->mpc_ops->mpo_externalize_vnode_label =
- mpe->mpe_function;
- break;
- case MAC_INTERNALIZE_CRED_LABEL:
- mpc->mpc_ops->mpo_internalize_cred_label =
- mpe->mpe_function;
- break;
- case MAC_INTERNALIZE_IFNET_LABEL:
- mpc->mpc_ops->mpo_internalize_ifnet_label =
- mpe->mpe_function;
- break;
- case MAC_INTERNALIZE_PIPE_LABEL:
- mpc->mpc_ops->mpo_internalize_pipe_label =
- mpe->mpe_function;
- break;
- case MAC_INTERNALIZE_SOCKET_LABEL:
- mpc->mpc_ops->mpo_internalize_socket_label =
- mpe->mpe_function;
- break;
- case MAC_INTERNALIZE_VNODE_LABEL:
- mpc->mpc_ops->mpo_internalize_vnode_label =
- mpe->mpe_function;
- break;
- case MAC_CREATE_DEVFS_DEVICE:
- mpc->mpc_ops->mpo_create_devfs_device =
- mpe->mpe_function;
- break;
- case MAC_CREATE_DEVFS_DIRECTORY:
- mpc->mpc_ops->mpo_create_devfs_directory =
- mpe->mpe_function;
- break;
- case MAC_CREATE_DEVFS_SYMLINK:
- mpc->mpc_ops->mpo_create_devfs_symlink =
- mpe->mpe_function;
- break;
- case MAC_CREATE_DEVFS_VNODE:
- mpc->mpc_ops->mpo_create_devfs_vnode =
- mpe->mpe_function;
- break;
- case MAC_CREATE_MOUNT:
- mpc->mpc_ops->mpo_create_mount =
- mpe->mpe_function;
- break;
- case MAC_CREATE_ROOT_MOUNT:
- mpc->mpc_ops->mpo_create_root_mount =
- mpe->mpe_function;
- break;
- case MAC_RELABEL_VNODE:
- mpc->mpc_ops->mpo_relabel_vnode =
- mpe->mpe_function;
- break;
- case MAC_UPDATE_DEVFSDIRENT:
- mpc->mpc_ops->mpo_update_devfsdirent =
- mpe->mpe_function;
- break;
- case MAC_ASSOCIATE_VNODE_DEVFS:
- mpc->mpc_ops->mpo_associate_vnode_devfs =
- mpe->mpe_function;
- break;
- case MAC_ASSOCIATE_VNODE_EXTATTR:
- mpc->mpc_ops->mpo_associate_vnode_extattr =
- mpe->mpe_function;
- break;
- case MAC_ASSOCIATE_VNODE_SINGLELABEL:
- mpc->mpc_ops->mpo_associate_vnode_singlelabel =
- mpe->mpe_function;
- break;
- case MAC_CREATE_VNODE_EXTATTR:
- mpc->mpc_ops->mpo_create_vnode_extattr =
- mpe->mpe_function;
- break;
- case MAC_SETLABEL_VNODE_EXTATTR:
- mpc->mpc_ops->mpo_setlabel_vnode_extattr =
- mpe->mpe_function;
- break;
- case MAC_CREATE_MBUF_FROM_SOCKET:
- mpc->mpc_ops->mpo_create_mbuf_from_socket =
- mpe->mpe_function;
- break;
- case MAC_CREATE_PIPE:
- mpc->mpc_ops->mpo_create_pipe =
- mpe->mpe_function;
- break;
- case MAC_CREATE_SOCKET:
- mpc->mpc_ops->mpo_create_socket =
- mpe->mpe_function;
- break;
- case MAC_CREATE_SOCKET_FROM_SOCKET:
- mpc->mpc_ops->mpo_create_socket_from_socket =
- mpe->mpe_function;
- break;
- case MAC_RELABEL_PIPE:
- mpc->mpc_ops->mpo_relabel_pipe =
- mpe->mpe_function;
- break;
- case MAC_RELABEL_SOCKET:
- mpc->mpc_ops->mpo_relabel_socket =
- mpe->mpe_function;
- break;
- case MAC_SET_SOCKET_PEER_FROM_MBUF:
- mpc->mpc_ops->mpo_set_socket_peer_from_mbuf =
- mpe->mpe_function;
- break;
- case MAC_SET_SOCKET_PEER_FROM_SOCKET:
- mpc->mpc_ops->mpo_set_socket_peer_from_socket =
- mpe->mpe_function;
- break;
- case MAC_CREATE_BPFDESC:
- mpc->mpc_ops->mpo_create_bpfdesc =
- mpe->mpe_function;
- break;
- case MAC_CREATE_DATAGRAM_FROM_IPQ:
- mpc->mpc_ops->mpo_create_datagram_from_ipq =
- mpe->mpe_function;
- break;
- case MAC_CREATE_FRAGMENT:
- mpc->mpc_ops->mpo_create_fragment =
- mpe->mpe_function;
- break;
- case MAC_CREATE_IFNET:
- mpc->mpc_ops->mpo_create_ifnet =
- mpe->mpe_function;
- break;
- case MAC_CREATE_IPQ:
- mpc->mpc_ops->mpo_create_ipq =
- mpe->mpe_function;
- break;
- case MAC_CREATE_MBUF_FROM_MBUF:
- mpc->mpc_ops->mpo_create_mbuf_from_mbuf =
- mpe->mpe_function;
- break;
- case MAC_CREATE_MBUF_LINKLAYER:
- mpc->mpc_ops->mpo_create_mbuf_linklayer =
- mpe->mpe_function;
- break;
- case MAC_CREATE_MBUF_FROM_BPFDESC:
- mpc->mpc_ops->mpo_create_mbuf_from_bpfdesc =
- mpe->mpe_function;
- break;
- case MAC_CREATE_MBUF_FROM_IFNET:
- mpc->mpc_ops->mpo_create_mbuf_from_ifnet =
- mpe->mpe_function;
- break;
- case MAC_CREATE_MBUF_MULTICAST_ENCAP:
- mpc->mpc_ops->mpo_create_mbuf_multicast_encap =
- mpe->mpe_function;
- break;
- case MAC_CREATE_MBUF_NETLAYER:
- mpc->mpc_ops->mpo_create_mbuf_netlayer =
- mpe->mpe_function;
- break;
- case MAC_FRAGMENT_MATCH:
- mpc->mpc_ops->mpo_fragment_match =
- mpe->mpe_function;
- break;
- case MAC_RELABEL_IFNET:
- mpc->mpc_ops->mpo_relabel_ifnet =
- mpe->mpe_function;
- break;
- case MAC_UPDATE_IPQ:
- mpc->mpc_ops->mpo_update_ipq =
- mpe->mpe_function;
- break;
- case MAC_CREATE_CRED:
- mpc->mpc_ops->mpo_create_cred =
- mpe->mpe_function;
- break;
- case MAC_EXECVE_TRANSITION:
- mpc->mpc_ops->mpo_execve_transition =
- mpe->mpe_function;
- break;
- case MAC_EXECVE_WILL_TRANSITION:
- mpc->mpc_ops->mpo_execve_will_transition =
- mpe->mpe_function;
- break;
- case MAC_CREATE_PROC0:
- mpc->mpc_ops->mpo_create_proc0 =
- mpe->mpe_function;
- break;
- case MAC_CREATE_PROC1:
- mpc->mpc_ops->mpo_create_proc1 =
- mpe->mpe_function;
- break;
- case MAC_RELABEL_CRED:
- mpc->mpc_ops->mpo_relabel_cred =
- mpe->mpe_function;
- break;
- case MAC_THREAD_USERRET:
- mpc->mpc_ops->mpo_thread_userret =
- mpe->mpe_function;
- break;
- case MAC_CHECK_BPFDESC_RECEIVE:
- mpc->mpc_ops->mpo_check_bpfdesc_receive =
- mpe->mpe_function;
- break;
- case MAC_CHECK_CRED_RELABEL:
- mpc->mpc_ops->mpo_check_cred_relabel =
- mpe->mpe_function;
- break;
- case MAC_CHECK_CRED_VISIBLE:
- mpc->mpc_ops->mpo_check_cred_visible =
- mpe->mpe_function;
- break;
- case MAC_CHECK_IFNET_RELABEL:
- mpc->mpc_ops->mpo_check_ifnet_relabel =
- mpe->mpe_function;
- break;
- case MAC_CHECK_IFNET_TRANSMIT:
- mpc->mpc_ops->mpo_check_ifnet_transmit =
- mpe->mpe_function;
- break;
- case MAC_CHECK_MOUNT_STAT:
- mpc->mpc_ops->mpo_check_mount_stat =
- mpe->mpe_function;
- break;
- case MAC_CHECK_PIPE_IOCTL:
- mpc->mpc_ops->mpo_check_pipe_ioctl =
- mpe->mpe_function;
- break;
- case MAC_CHECK_PIPE_POLL:
- mpc->mpc_ops->mpo_check_pipe_poll =
- mpe->mpe_function;
- break;
- case MAC_CHECK_PIPE_READ:
- mpc->mpc_ops->mpo_check_pipe_read =
- mpe->mpe_function;
- break;
- case MAC_CHECK_PIPE_RELABEL:
- mpc->mpc_ops->mpo_check_pipe_relabel =
- mpe->mpe_function;
- break;
- case MAC_CHECK_PIPE_STAT:
- mpc->mpc_ops->mpo_check_pipe_stat =
- mpe->mpe_function;
- break;
- case MAC_CHECK_PIPE_WRITE:
- mpc->mpc_ops->mpo_check_pipe_write =
- mpe->mpe_function;
- break;
- case MAC_CHECK_PROC_DEBUG:
- mpc->mpc_ops->mpo_check_proc_debug =
- mpe->mpe_function;
- break;
- case MAC_CHECK_PROC_SCHED:
- mpc->mpc_ops->mpo_check_proc_sched =
- mpe->mpe_function;
- break;
- case MAC_CHECK_PROC_SIGNAL:
- mpc->mpc_ops->mpo_check_proc_signal =
- mpe->mpe_function;
- break;
- case MAC_CHECK_SOCKET_BIND:
- mpc->mpc_ops->mpo_check_socket_bind =
- mpe->mpe_function;
- break;
- case MAC_CHECK_SOCKET_CONNECT:
- mpc->mpc_ops->mpo_check_socket_connect =
- mpe->mpe_function;
- break;
- case MAC_CHECK_SOCKET_DELIVER:
- mpc->mpc_ops->mpo_check_socket_deliver =
- mpe->mpe_function;
- break;
- case MAC_CHECK_SOCKET_LISTEN:
- mpc->mpc_ops->mpo_check_socket_listen =
- mpe->mpe_function;
- break;
- case MAC_CHECK_SOCKET_RECEIVE:
- mpc->mpc_ops->mpo_check_socket_receive =
- mpe->mpe_function;
- break;
- case MAC_CHECK_SOCKET_RELABEL:
- mpc->mpc_ops->mpo_check_socket_relabel =
- mpe->mpe_function;
- break;
- case MAC_CHECK_SOCKET_SEND:
- mpc->mpc_ops->mpo_check_socket_send =
- mpe->mpe_function;
- break;
- case MAC_CHECK_SOCKET_VISIBLE:
- mpc->mpc_ops->mpo_check_socket_visible =
- mpe->mpe_function;
- break;
- case MAC_CHECK_SYSTEM_REBOOT:
- mpc->mpc_ops->mpo_check_system_reboot =
- mpe->mpe_function;
- break;
- case MAC_CHECK_SYSTEM_SWAPON:
- mpc->mpc_ops->mpo_check_system_swapon =
- mpe->mpe_function;
- break;
- case MAC_CHECK_SYSTEM_SYSCTL:
- mpc->mpc_ops->mpo_check_system_sysctl =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_ACCESS:
- mpc->mpc_ops->mpo_check_vnode_access =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_CHDIR:
- mpc->mpc_ops->mpo_check_vnode_chdir =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_CHROOT:
- mpc->mpc_ops->mpo_check_vnode_chroot =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_CREATE:
- mpc->mpc_ops->mpo_check_vnode_create =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_DELETE:
- mpc->mpc_ops->mpo_check_vnode_delete =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_DELETEACL:
- mpc->mpc_ops->mpo_check_vnode_deleteacl =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_EXEC:
- mpc->mpc_ops->mpo_check_vnode_exec =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_GETACL:
- mpc->mpc_ops->mpo_check_vnode_getacl =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_GETEXTATTR:
- mpc->mpc_ops->mpo_check_vnode_getextattr =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_LINK:
- mpc->mpc_ops->mpo_check_vnode_link =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_LOOKUP:
- mpc->mpc_ops->mpo_check_vnode_lookup =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_MMAP:
- mpc->mpc_ops->mpo_check_vnode_mmap =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_MMAP_DOWNGRADE:
- mpc->mpc_ops->mpo_check_vnode_mmap_downgrade =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_MPROTECT:
- mpc->mpc_ops->mpo_check_vnode_mprotect =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_OPEN:
- mpc->mpc_ops->mpo_check_vnode_open =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_POLL:
- mpc->mpc_ops->mpo_check_vnode_poll =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_READ:
- mpc->mpc_ops->mpo_check_vnode_read =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_READDIR:
- mpc->mpc_ops->mpo_check_vnode_readdir =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_READLINK:
- mpc->mpc_ops->mpo_check_vnode_readlink =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_RELABEL:
- mpc->mpc_ops->mpo_check_vnode_relabel =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_RENAME_FROM:
- mpc->mpc_ops->mpo_check_vnode_rename_from =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_RENAME_TO:
- mpc->mpc_ops->mpo_check_vnode_rename_to =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_REVOKE:
- mpc->mpc_ops->mpo_check_vnode_revoke =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_SETACL:
- mpc->mpc_ops->mpo_check_vnode_setacl =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_SETEXTATTR:
- mpc->mpc_ops->mpo_check_vnode_setextattr =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_SETFLAGS:
- mpc->mpc_ops->mpo_check_vnode_setflags =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_SETMODE:
- mpc->mpc_ops->mpo_check_vnode_setmode =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_SETOWNER:
- mpc->mpc_ops->mpo_check_vnode_setowner =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_SETUTIMES:
- mpc->mpc_ops->mpo_check_vnode_setutimes =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_STAT:
- mpc->mpc_ops->mpo_check_vnode_stat =
- mpe->mpe_function;
- break;
- case MAC_CHECK_VNODE_WRITE:
- mpc->mpc_ops->mpo_check_vnode_write =
- mpe->mpe_function;
- break;
-/*
- default:
- printf("MAC policy `%s': unknown operation %d\n",
- mpc->mpc_name, mpe->mpe_constant);
- return (EINVAL);
-*/
- }
- }
MAC_POLICY_LIST_LOCK();
if (mac_policy_list_busy > 0) {
MAC_POLICY_LIST_UNLOCK();
- FREE(mpc->mpc_ops, M_MACOPVEC);
- mpc->mpc_ops = NULL;
return (EBUSY);
}
LIST_FOREACH(tmpc, &mac_policy_list, mpc_list) {
if (strcmp(tmpc->mpc_name, mpc->mpc_name) == 0) {
MAC_POLICY_LIST_UNLOCK();
- FREE(mpc->mpc_ops, M_MACOPVEC);
- mpc->mpc_ops = NULL;
return (EEXIST);
}
}
@@ -1067,8 +488,6 @@ mac_policy_register(struct mac_policy_conf *mpc)
slot = ffs(mac_policy_offsets_free);
if (slot == 0) {
MAC_POLICY_LIST_UNLOCK();
- FREE(mpc->mpc_ops, M_MACOPVEC);
- mpc->mpc_ops = NULL;
return (ENOMEM);
}
slot--;
@@ -1135,8 +554,6 @@ mac_policy_unregister(struct mac_policy_conf *mpc)
LIST_REMOVE(mpc, mpc_list);
MAC_POLICY_LIST_UNLOCK();
- FREE(mpc->mpc_ops, M_MACOPVEC);
- mpc->mpc_ops = NULL;
mpc->mpc_runtime_flags &= ~MPC_RUNTIME_FLAG_REGISTERED;
printf("Security policy unload: %s (%s)\n", mpc->mpc_fullname,
OpenPOWER on IntegriCloud