summaryrefslogtreecommitdiffstats
path: root/sys/kern/kern_linker.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/kern/kern_linker.c')
-rw-r--r--sys/kern/kern_linker.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/sys/kern/kern_linker.c b/sys/kern/kern_linker.c
index 2237107..4e0c5a3 100644
--- a/sys/kern/kern_linker.c
+++ b/sys/kern/kern_linker.c
@@ -992,6 +992,12 @@ kern_kldload(struct thread *td, const char *file, int *fileid)
if ((error = priv_check(td, PRIV_KLD_LOAD)) != 0)
return (error);
+#ifdef VIMAGE
+ /* Only the default vimage is permitted to kldload modules. */
+ if (!IS_DEFAULT_VIMAGE(TD_TO_VIMAGE(td)))
+ return (EPERM);
+#endif
+
/*
* It's possible that kldloaded module will attach a new ifnet,
* so vnet context must be set when this ocurs.
@@ -1063,6 +1069,12 @@ kern_kldunload(struct thread *td, int fileid, int flags)
if ((error = priv_check(td, PRIV_KLD_UNLOAD)) != 0)
return (error);
+#ifdef VIMAGE
+ /* Only the default vimage is permitted to kldunload modules. */
+ if (!IS_DEFAULT_VIMAGE(TD_TO_VIMAGE(td)))
+ return (EPERM);
+#endif
+
CURVNET_SET(TD_TO_VNET(td));
KLD_LOCK();
lf = linker_find_file_by_id(fileid);
OpenPOWER on IntegriCloud