- limited number of processes per systrace

- escape fixes for special characters
markus, sturm ok.  from provos

1 files changed, 24 insertions, 1 deletions

diff --git a/bin/systrace/intercept.c b/bin/systrace/intercept.c
index e5b23123d99..e1bf867753d 100644
--- a/bin/systrace/intercept.c
+++ b/bin/systrace/intercept.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: intercept.c,v 1.39 2003/05/17 03:09:59 sturm Exp $	*/
+/*	$OpenBSD: intercept.c,v 1.40 2003/06/16 06:36:40 itojun Exp $	*/
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * All rights reserved.
@@ -79,6 +79,8 @@ void (*intercept_newimagecb)(int, pid_t, int, const char *, const char *, void *
 void *intercept_newimagecbarg = NULL;
 short (*intercept_gencb)(int, pid_t, int, const char *, int, const char *, void *, int, void *) = NULL;
 void *intercept_gencbarg = NULL;
+void (*intercept_pfreecb)(int, void*);
+void *intercept_pfreearg = NULL;
 
 int
 sccompare(struct intercept_syscall *a, struct intercept_syscall *b)
@@ -225,6 +227,15 @@ intercept_register_execcb(void (*cb)(int, pid_t, int, const char *, const char *
 	return (0);
 }
 
+int
+intercept_register_pfreecb(void (*cb)(int, void *), void *arg)
+{
+	intercept_pfreecb = cb;
+	intercept_pfreearg = arg;
+
+	return (0);
+}
+
 static void
 sigusr1_handler(int signum)
 {                                                                              
@@ -903,3 +914,15 @@ intercept_isvalidsystemcall(char *emulation, char *name)
 
 	return (res != -1);
 }
+
+/*
+ * Call back when a user has exhausted the number of allowed policies
+ * in the kernel.  The kernel returns the policy number of a policy
+ * that has been purged.
+ */
+
+void
+intercept_policy_free(int policynr)
+{
+	(*intercept_pfreecb)(policynr, intercept_pfreearg);
+}