diff options
author | rwatson <rwatson@FreeBSD.org> | 2001-09-26 20:08:02 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2001-09-26 20:08:02 +0000 |
commit | 955613d62b1740790ccfc84f02f5714ff4a94908 (patch) | |
tree | 8352a9f283b9b7f6749fa936df0035f5f1bba840 /sys/amd64/amd64/mem.c | |
parent | 823d828036dcc0c73682377a119e160758282ac6 (diff) | |
download | FreeBSD-src-955613d62b1740790ccfc84f02f5714ff4a94908.zip FreeBSD-src-955613d62b1740790ccfc84f02f5714ff4a94908.tar.gz |
o Modify device open access control for /dev/mem and friends to use
securelevel_gt() instead of direct securelevel variable checks.
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/amd64/amd64/mem.c')
-rw-r--r-- | sys/amd64/amd64/mem.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/sys/amd64/amd64/mem.c b/sys/amd64/amd64/mem.c index 48ecff8..c8fdd2a 100644 --- a/sys/amd64/amd64/mem.c +++ b/sys/amd64/amd64/mem.c @@ -115,15 +115,19 @@ mmopen(dev_t dev, int flags, int fmt, struct thread *td) switch (minor(dev)) { case 0: case 1: - if ((flags & FWRITE) && securelevel > 0) - return (EPERM); + if (flags & FWRITE) { + error = securelevel_gt(td->td_proc->p_ucred, 0); + if (error != 0) + return (error); + } break; case 14: error = suser_td(td); if (error != 0) return (error); - if (securelevel > 0) - return (EPERM); + error = securelevel_gt(td->td_proc->p_ucred, 0); + if (error != 0) + return (error); td->td_frame->tf_eflags |= PSL_IOPL; break; } |