PERFORCE change 15626 for review
Robert Watson
rwatson at freebsd.org
Tue Aug 6 20:01:14 GMT 2002
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15626
Change 15626 by rwatson at rwatson_tislabs on 2002/08/06 13:00:34
Introduce module dependencies to prevent MAC modules from getting
loaded with a kernel that doesn't support MAC.
Largely the evil of: peter
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#229 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#109 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#229 (text+ko) ====
@@ -87,6 +87,13 @@
#ifdef MAC
+/*
+ * Declare that the kernel provides MAC support, version 1. This permits
+ * modules to refuse to be loaded if the necessary support isn't present,
+ * even if it's pre-boot.
+ */
+MODULE_VERSION(kernel_mac_support, 1);
+
SYSCTL_DECL(_security);
SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0,
==== //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#109 (text+ko) ====
@@ -496,6 +496,7 @@
mac_policy_modevent, \
&mpname##_mac_policy_conf \
}; \
+ MODULE_DEPEND(mpname, kernel_mac_support, 1, 1, 1); \
DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY, \
SI_ORDER_MIDDLE)
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list