Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-3]: src/sys/dev Pull up revision 1.13 (requested by elad in ticke...
details: https://anonhg.NetBSD.org/src/rev/2809288a9f04
branches: netbsd-3
changeset: 576368:2809288a9f04
user: tron <tron%NetBSD.org@localhost>
date: Sat Jul 02 15:49:51 2005 +0000
description:
Pull up revision 1.13 (requested by elad in ticket #487):
Don't allow unprivileged users to open the veriexec device.
While I'm here, explicit 'int' for 'veriexec_device_usage'.
diffstat:
sys/dev/verified_exec.c | 11 +++++++----
1 files changed, 7 insertions(+), 4 deletions(-)
diffs (40 lines):
diff -r 0889ebe7545b -r 2809288a9f04 sys/dev/verified_exec.c
--- a/sys/dev/verified_exec.c Sat Jul 02 15:49:36 2005 +0000
+++ b/sys/dev/verified_exec.c Sat Jul 02 15:49:51 2005 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: verified_exec.c,v 1.5.2.6 2005/07/02 15:45:13 tron Exp $ */
+/* $NetBSD: verified_exec.c,v 1.5.2.7 2005/07/02 15:49:51 tron Exp $ */
/*-
* Copyright 2005 Elad Efrat <elad%bsd.org.il@localhost>
@@ -31,9 +31,9 @@
#include <sys/cdefs.h>
#if defined(__NetBSD__)
-__KERNEL_RCSID(0, "$NetBSD: verified_exec.c,v 1.5.2.6 2005/07/02 15:45:13 tron Exp $");
+__KERNEL_RCSID(0, "$NetBSD: verified_exec.c,v 1.5.2.7 2005/07/02 15:49:51 tron Exp $");
#else
-__RCSID("$Id: verified_exec.c,v 1.5.2.6 2005/07/02 15:45:13 tron Exp $\n$NetBSD: verified_exec.c,v 1.5.2.6 2005/07/02 15:45:13 tron Exp $");
+__RCSID("$Id: verified_exec.c,v 1.5.2.7 2005/07/02 15:49:51 tron Exp $\n$NetBSD: verified_exec.c,v 1.5.2.7 2005/07/02 15:49:51 tron Exp $");
#endif
#include <sys/param.h>
@@ -64,7 +64,7 @@
#include <sys/verified_exec.h>
/* count of number of times device is open (we really only allow one open) */
-static unsigned veriexec_dev_usage;
+static unsigned int veriexec_dev_usage;
struct veriexec_softc {
DEVPORT_DEVICE veriexec_dev;
@@ -127,6 +127,9 @@
p->p_pid, dev);
#endif
+ if (suser(p->p_ucred, &p->p_acflag) != 0)
+ return (EPERM);
+
if (veriexec_dev_usage > 0) {
veriexec_dprintf(("Veriexec: load device already in use\n"));
return(EBUSY);
Home |
Main Index |
Thread Index |
Old Index