Module Name: src
Committed By: pooka
Date: Mon Feb 21 09:53:06 UTC 2011
Modified Files:
src/sys/kern: kern_module.c
Log Message:
Don't allow disabling a builtin secmodel: too many questionable
security implications.
To generate a diff of this commit:
cvs rdiff -u -r1.75 -r1.76 src/sys/kern/kern_module.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/kern_module.c
diff -u src/sys/kern/kern_module.c:1.75 src/sys/kern/kern_module.c:1.76
--- src/sys/kern/kern_module.c:1.75 Fri Jan 14 10:18:21 2011
+++ src/sys/kern/kern_module.c Mon Feb 21 09:53:06 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_module.c,v 1.75 2011/01/14 10:18:21 martin Exp $ */
+/* $NetBSD: kern_module.c,v 1.76 2011/02/21 09:53:06 pooka Exp $ */
/*-
* Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -34,7 +34,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_module.c,v 1.75 2011/01/14 10:18:21 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_module.c,v 1.76 2011/02/21 09:53:06 pooka Exp $");
#define _MODULE_INTERNAL
@@ -1129,6 +1129,15 @@
module_print("module `%s' busy", name);
return EBUSY;
}
+
+ /*
+ * Builtin secmodels are there to stay.
+ */
+ if (mod->mod_source == MODULE_SOURCE_KERNEL &&
+ mod->mod_info->mi_class == MODULE_CLASS_SECMODEL) {
+ return EPERM;
+ }
+
prev_active = module_active;
module_active = mod;
error = (*mod->mod_info->mi_modcmd)(MODULE_CMD_FINI, NULL);
