diff options
author | jamie <jamie@FreeBSD.org> | 2014-01-31 17:39:51 +0000 |
---|---|---|
committer | jamie <jamie@FreeBSD.org> | 2014-01-31 17:39:51 +0000 |
commit | 64b15ec174b0b7a8dd798f25c0299df5c577d2fa (patch) | |
tree | f0132e664e1ee614f56db3268dbd52de2c26d511 /sys/dev/drm | |
parent | 16b6d5f86751ba0d7edce948c3d96f81505cf186 (diff) | |
download | FreeBSD-src-64b15ec174b0b7a8dd798f25c0299df5c577d2fa.zip FreeBSD-src-64b15ec174b0b7a8dd798f25c0299df5c577d2fa.tar.gz |
Back out r261266 pending security buy-in.
r261266:
Add a jail parameter, allow.kmem, which lets jailed processes access
/dev/kmem and related devices (i.e. grants PRIV_IO and PRIV_KMEM_WRITE).
This in conjunction with changing the drm driver's permission check from
PRIV_DRIVER to PRIV_KMEM_WRITE will allow a jailed Xorg server.
Diffstat (limited to 'sys/dev/drm')
-rw-r--r-- | sys/dev/drm/drmP.h | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/sys/dev/drm/drmP.h b/sys/dev/drm/drmP.h index 6ea4af1..bf5feed 100644 --- a/sys/dev/drm/drmP.h +++ b/sys/dev/drm/drmP.h @@ -227,9 +227,7 @@ enum { #define PAGE_ALIGN(addr) round_page(addr) /* DRM_SUSER returns true if the user is superuser */ -#if __FreeBSD_version >= 1000000 -#define DRM_SUSER(p) (priv_check(p, PRIV_KMEM_WRITE) == 0) -#elif __FreeBSD_version >= 700000 +#if __FreeBSD_version >= 700000 #define DRM_SUSER(p) (priv_check(p, PRIV_DRIVER) == 0) #else #define DRM_SUSER(p) (suser(p) == 0) |