Subject: Re: CVS commit: src/sys/kern
To: YAMAMOTO Takashi <email@example.com>
From: Elad Efrat <elad@NetBSD.org>
Date: 12/18/2006 07:52:57
YAMAMOTO Takashi wrote:
>> Module Name: src
>> Committed By: elad
>> Date: Thu Dec 14 11:15:28 UTC 2006
>> Modified Files:
>> src/sys/kern: kern_verifiedexec.c
>> Log Message:
>> PR/35252: YAMAMOTO Takashi: veriexec doesn't handle unmount
>> Call veriexec_table_delete() in the cases where we won't be failing the
>> unmount request.
>> To generate a diff of this commit:
>> cvs rdiff -r1.80 -r1.81 src/sys/kern/kern_verifiedexec.c
>> Please note that diffs are not public domain; they are subject to the
>> copyright notices on the relevant files.
> i don't think it's a correct fix.
> dounmount can fail for other reasons after calling veriexec_unmountchk.
what will happen is that at some point in time we'll have a kauth(9)
call at the top asking if the unmount is possible. that's where a
veriexec handler will hook, doing the permission check. we'll also have
notification of a successful unmount (fileop/vnode scope?), which is
where another veriexec handler, doing the table management, will hook.
at the moment, we can't really implement this cleanly (unless,
separating to two functions, one placed at the top, one placed at the
bottom, is clean).
this is another "known issue". :)