diff options
author | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2003-06-16 06:36:41 +0000 |
---|---|---|
committer | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2003-06-16 06:36:41 +0000 |
commit | f4fb20fba83a40f6cbc1953f195f979baeeb3740 (patch) | |
tree | 1ded07d1d5e9e60694ee565e3120445083add775 /bin/systrace/policy.c | |
parent | 9edeec56abbf5950aacf46d99f21ee8bc6c2fdfc (diff) |
- limited number of processes per systrace
- escape fixes for special characters
markus, sturm ok. from provos
Diffstat (limited to 'bin/systrace/policy.c')
-rw-r--r-- | bin/systrace/policy.c | 43 |
1 files changed, 42 insertions, 1 deletions
diff --git a/bin/systrace/policy.c b/bin/systrace/policy.c index a8be78a2f83..0600ac01830 100644 --- a/bin/systrace/policy.c +++ b/bin/systrace/policy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: policy.c,v 1.26 2003/06/02 02:03:51 itojun Exp $ */ +/* $OpenBSD: policy.c,v 1.27 2003/06/16 06:36:40 itojun Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * All rights reserved. @@ -233,6 +233,47 @@ systrace_newpolicy(const char *emulation, const char *name) return (tmp); } +void +systrace_freepolicy(struct policy *policy) +{ + struct filter *filter; + struct policy_syscall *pflq; + + if (policy->flags & POLICY_CHANGED) { + if (systrace_writepolicy(policy) == -1) + fprintf(stderr, "Failed to write policy for %s\n", + policy->name); + } + + while ((filter = TAILQ_FIRST(&policy->prefilters)) != NULL) { + TAILQ_REMOVE(&policy->prefilters, filter, policy_next); + filter_free(filter); + } + + while ((filter = TAILQ_FIRST(&policy->filters)) != NULL) { + TAILQ_REMOVE(&policy->filters, filter, policy_next); + filter_free(filter); + } + + while ((pflq = SPLAY_ROOT(&policy->pflqs)) != NULL) { + SPLAY_REMOVE(syscalltree, &policy->pflqs, pflq); + + while ((filter = TAILQ_FIRST(&pflq->flq)) != NULL) { + TAILQ_REMOVE(&pflq->flq, filter, next); + filter_free(filter); + } + + free(pflq); + } + + SPLAY_REMOVE(policytree, &policyroot, policy); + if (policy->policynr != -1) + SPLAY_REMOVE(polnrtree, &polnrroot, policy); + + free((char *)policy->name); + free(policy); +} + struct filterq * systrace_policyflq(struct policy *policy, const char *emulation, const char *name) |