mirror of
https://github.com/freebsd/freebsd-src
synced 2024-10-23 16:52:56 +00:00
o Modify device open access control for /dev/mem and friends to use
securelevel_gt() instead of direct securelevel variable checks. Obtained from: TrustedBSD Project
This commit is contained in:
parent
785f9ffca3
commit
1851c8fd41
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=83971
|
@ -115,15 +115,19 @@ mmopen(dev_t dev, int flags, int fmt, struct thread *td)
|
|||
switch (minor(dev)) {
|
||||
case 0:
|
||||
case 1:
|
||||
if ((flags & FWRITE) && securelevel > 0)
|
||||
return (EPERM);
|
||||
if (flags & FWRITE) {
|
||||
error = securelevel_gt(td->td_proc->p_ucred, 0);
|
||||
if (error != 0)
|
||||
return (error);
|
||||
}
|
||||
break;
|
||||
case 14:
|
||||
error = suser_td(td);
|
||||
if (error != 0)
|
||||
return (error);
|
||||
if (securelevel > 0)
|
||||
return (EPERM);
|
||||
error = securelevel_gt(td->td_proc->p_ucred, 0);
|
||||
if (error != 0)
|
||||
return (error);
|
||||
td->td_frame->tf_eflags |= PSL_IOPL;
|
||||
break;
|
||||
}
|
||||
|
|
|
@ -115,15 +115,19 @@ mmopen(dev_t dev, int flags, int fmt, struct thread *td)
|
|||
switch (minor(dev)) {
|
||||
case 0:
|
||||
case 1:
|
||||
if ((flags & FWRITE) && securelevel > 0)
|
||||
return (EPERM);
|
||||
if (flags & FWRITE) {
|
||||
error = securelevel_gt(td->td_proc->p_ucred, 0);
|
||||
if (error != 0)
|
||||
return (error);
|
||||
}
|
||||
break;
|
||||
case 14:
|
||||
error = suser_td(td);
|
||||
if (error != 0)
|
||||
return (error);
|
||||
if (securelevel > 0)
|
||||
return (EPERM);
|
||||
error = securelevel_gt(td->td_proc->p_ucred, 0);
|
||||
if (error != 0)
|
||||
return (error);
|
||||
td->td_frame->tf_eflags |= PSL_IOPL;
|
||||
break;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue