diff options
author | mlaier <mlaier@FreeBSD.org> | 2004-08-22 15:23:48 +0000 |
---|---|---|
committer | mlaier <mlaier@FreeBSD.org> | 2004-08-22 15:23:48 +0000 |
commit | 9c209cbf17be056242a8a4a401405154709088ab (patch) | |
tree | ad826bdf91ce0fe63c5334aa4c7a3c1e0423c690 | |
parent | 787cb6e990449f41af85c015af3a0f9455d80701 (diff) | |
download | FreeBSD-src-9c209cbf17be056242a8a4a401405154709088ab.zip FreeBSD-src-9c209cbf17be056242a8a4a401405154709088ab.tar.gz |
Use securelevel_gt instead of reading global securelevel unprotected.
Submitted by: yongari
MFC after: 3 days
-rw-r--r-- | sys/contrib/pf/net/pf_ioctl.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/sys/contrib/pf/net/pf_ioctl.c b/sys/contrib/pf/net/pf_ioctl.c index 4df9e37..a1172c7 100644 --- a/sys/contrib/pf/net/pf_ioctl.c +++ b/sys/contrib/pf/net/pf_ioctl.c @@ -66,6 +66,7 @@ #ifdef __FreeBSD__ #include <sys/module.h> #include <sys/conf.h> +#include <sys/proc.h> #else #include <sys/timeout.h> #include <sys/pool.h> @@ -979,7 +980,11 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct proc *p) int error = 0; /* XXX keep in sync with switch() below */ +#ifdef __FreeBSD__ + if (securelevel_gt(td->td_ucred, 1)) +#else if (securelevel > 1) +#endif switch (cmd) { case DIOCGETRULES: case DIOCGETRULE: |