summaryrefslogtreecommitdiff
path: root/bin/systrace/policy.c
diff options
context:
space:
mode:
authorJun-ichiro itojun Hagino <itojun@cvs.openbsd.org>2003-06-16 06:36:41 +0000
committerJun-ichiro itojun Hagino <itojun@cvs.openbsd.org>2003-06-16 06:36:41 +0000
commitf4fb20fba83a40f6cbc1953f195f979baeeb3740 (patch)
tree1ded07d1d5e9e60694ee565e3120445083add775 /bin/systrace/policy.c
parent9edeec56abbf5950aacf46d99f21ee8bc6c2fdfc (diff)
- limited number of processes per systrace
- escape fixes for special characters markus, sturm ok. from provos
Diffstat (limited to 'bin/systrace/policy.c')
-rw-r--r--bin/systrace/policy.c43
1 files changed, 42 insertions, 1 deletions
diff --git a/bin/systrace/policy.c b/bin/systrace/policy.c
index a8be78a2f83..0600ac01830 100644
--- a/bin/systrace/policy.c
+++ b/bin/systrace/policy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: policy.c,v 1.26 2003/06/02 02:03:51 itojun Exp $ */
+/* $OpenBSD: policy.c,v 1.27 2003/06/16 06:36:40 itojun Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
@@ -233,6 +233,47 @@ systrace_newpolicy(const char *emulation, const char *name)
return (tmp);
}
+void
+systrace_freepolicy(struct policy *policy)
+{
+ struct filter *filter;
+ struct policy_syscall *pflq;
+
+ if (policy->flags & POLICY_CHANGED) {
+ if (systrace_writepolicy(policy) == -1)
+ fprintf(stderr, "Failed to write policy for %s\n",
+ policy->name);
+ }
+
+ while ((filter = TAILQ_FIRST(&policy->prefilters)) != NULL) {
+ TAILQ_REMOVE(&policy->prefilters, filter, policy_next);
+ filter_free(filter);
+ }
+
+ while ((filter = TAILQ_FIRST(&policy->filters)) != NULL) {
+ TAILQ_REMOVE(&policy->filters, filter, policy_next);
+ filter_free(filter);
+ }
+
+ while ((pflq = SPLAY_ROOT(&policy->pflqs)) != NULL) {
+ SPLAY_REMOVE(syscalltree, &policy->pflqs, pflq);
+
+ while ((filter = TAILQ_FIRST(&pflq->flq)) != NULL) {
+ TAILQ_REMOVE(&pflq->flq, filter, next);
+ filter_free(filter);
+ }
+
+ free(pflq);
+ }
+
+ SPLAY_REMOVE(policytree, &policyroot, policy);
+ if (policy->policynr != -1)
+ SPLAY_REMOVE(polnrtree, &polnrroot, policy);
+
+ free((char *)policy->name);
+ free(policy);
+}
+
struct filterq *
systrace_policyflq(struct policy *policy, const char *emulation,
const char *name)