Module Name: src Committed By: pooka Date: Mon Feb 21 09:53:06 UTC 2011
Modified Files: src/sys/kern: kern_module.c Log Message: Don't allow disabling a builtin secmodel: too many questionable security implications. To generate a diff of this commit: cvs rdiff -u -r1.75 -r1.76 src/sys/kern/kern_module.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/kern/kern_module.c diff -u src/sys/kern/kern_module.c:1.75 src/sys/kern/kern_module.c:1.76 --- src/sys/kern/kern_module.c:1.75 Fri Jan 14 10:18:21 2011 +++ src/sys/kern/kern_module.c Mon Feb 21 09:53:06 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_module.c,v 1.75 2011/01/14 10:18:21 martin Exp $ */ +/* $NetBSD: kern_module.c,v 1.76 2011/02/21 09:53:06 pooka Exp $ */ /*- * Copyright (c) 2008 The NetBSD Foundation, Inc. @@ -34,7 +34,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: kern_module.c,v 1.75 2011/01/14 10:18:21 martin Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_module.c,v 1.76 2011/02/21 09:53:06 pooka Exp $"); #define _MODULE_INTERNAL @@ -1129,6 +1129,15 @@ module_print("module `%s' busy", name); return EBUSY; } + + /* + * Builtin secmodels are there to stay. + */ + if (mod->mod_source == MODULE_SOURCE_KERNEL && + mod->mod_info->mi_class == MODULE_CLASS_SECMODEL) { + return EPERM; + } + prev_active = module_active; module_active = mod; error = (*mod->mod_info->mi_modcmd)(MODULE_CMD_FINI, NULL);