d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

o Modify open() and close() for /dev/random to use securelevel_gt() instead

Browse Source 
of direct securelevel variable checks.

Obtained from:	TrustedBSD Project
This commit is contained in:
Robert Watson 2001-09-26 20:15:42 +00:00
parent 8002488bd9
commit 19f1565901
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
sys/dev/random/randomdev.c
View File

@ -141,17 +141,27 @@ SYSCTL_PROC(_kern_random_sys_harvest, OID_AUTO, interrupt,
static int
random_open(dev_t dev, int flags, int fmt, struct thread *td)
{
if ((flags & FWRITE) && (securelevel > 0 || suser(td->td_proc)))
return EPERM;
else
return 0;
int error;
if (flags & FWRITE) {
error = suser(td->td_proc);
if (error)
return (error);
error = securelevel_gt(td->td_proc->p_ucred, 0);
if (error)
return (error);
}
return 0;
}
static int
random_close(dev_t dev, int flags, int fmt, struct thread *td)
{
if ((flags & FWRITE) && !(securelevel > 0 || suser(td->td_proc)))
random_reseed();
if (flags & FWRITE) {
if (!(suser(td->td_proc) ||
securelevel_gt(td->td_proc->p_ucred, 0)))
random_reseed();
}
return 0;
}