From 0fd4030a5329faac256e6ede78ab445c412e8a67 Mon Sep 17 00:00:00 2001
From: smh <smh@FreeBSD.org>
Date: Mon, 23 Nov 2015 18:00:55 +0000
Subject: MFC r274366:

Add missing privilege check when setting the dump device.

Approved by:	pjd, secteam (both no objections)
Sponsored by:	Multiplay
---
 sys/kern/kern_shutdown.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'sys/kern')

diff --git a/sys/kern/kern_shutdown.c b/sys/kern/kern_shutdown.c
index 55fee01..5eba047 100644
--- a/sys/kern/kern_shutdown.c
+++ b/sys/kern/kern_shutdown.c
@@ -843,9 +843,14 @@ SYSCTL_STRING(_kern_shutdown, OID_AUTO, dumpdevname, CTLFLAG_RD,
 
 /* Registration of dumpers */
 int
-set_dumper(struct dumperinfo *di, const char *devname)
+set_dumper(struct dumperinfo *di, const char *devname, struct thread *td)
 {
 	size_t wantcopy;
+	int error;
+
+	error = priv_check(td, PRIV_SETDUMPER);
+	if (error != 0)
+		return (error);
 
 	if (di == NULL) {
 		bzero(&dumper, sizeof dumper);
-- 
cgit v1.1