Since cred never appears to be passed into the securelevel calls as

NULL, turn warning printf's into panic's, since this call has been
restructured such that a NULL cred would result in a page fault anyway.

There appears to be one case where NULL is explicitly passed in in the
sysctl code, and this is believed to be in error, so will be modified.
Securelevels now always require a credential context so that per-jail
securelevels are properly implemented.

Obtained from:	TrustedBSD Project
Sponsored by:	NAI Labs
Discussed with:	bde

1 files changed, 2 insertions, 2 deletions

diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 74f25bf..562e835 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -1353,7 +1353,7 @@ securelevel_gt(struct ucred *cr, int level)
 
 	active_securelevel = securelevel;
 	if (cr == NULL)
-		printf("securelevel_gt: cr is NULL\n");
+		panic("securelevel_gt: cr is NULL\n");
 	if (cr->cr_prison != NULL) {
 		mtx_lock(&cr->cr_prison->pr_mtx);
 		active_securelevel = imax(cr->cr_prison->pr_securelevel,
@@ -1370,7 +1370,7 @@ securelevel_ge(struct ucred *cr, int level)
 
 	active_securelevel = securelevel;
 	if (cr == NULL)
-		printf("securelevel_gt: cr is NULL\n");
+		panic("securelevel_gt: cr is NULL\n");
 	if (cr->cr_prison != NULL) {
 		mtx_lock(&cr->cr_prison->pr_mtx);
 		active_securelevel = imax(cr->cr_prison->pr_securelevel,