Move the securelevel check before loading KLD's into linker_load_file(),
instead of requiring every caller of linker_load_file() to perform the check itself. This avoids netgraph loading KLD's when securelevel > 0, not to mention any future code that may call linker_load_file(). Reviewed by: dfr
This commit is contained in:
archie
parent
32a6eb4143
commit
0e6c8a1f1b
@ -301,6 +301,10 @@ linker_load_file(const char* filename, linker_file_t* result)
|
|||||||
linker_file_t lf;
|
linker_file_t lf;
|
||||||
int foundfile, error = 0;
|
int foundfile, error = 0;
|
||||||
|
|
||||||
|
/* Refuse to load modules if securelevel raised */
|
||||||
|
if (securelevel > 0)
|
||||||
|
return EPERM;
|
||||||
|
|
||||||
lf = linker_find_file_by_name(filename);
|
lf = linker_find_file_by_name(filename);
|
||||||
if (lf) {
|
if (lf) {
|
||||||
KLD_DPF(FILE, ("linker_load_file: file %s is already loaded, incrementing refs\n", filename));
|
KLD_DPF(FILE, ("linker_load_file: file %s is already loaded, incrementing refs\n", filename));
|
||||||
@ -425,6 +429,10 @@ linker_file_unload(linker_file_t file)
|
|||||||
int error = 0;
|
int error = 0;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
|
/* Refuse to unload modules if securelevel raised */
|
||||||
|
if (securelevel > 0)
|
||||||
|
return EPERM;
|
||||||
|
|
||||||
KLD_DPF(FILE, ("linker_file_unload: lf->refs=%d\n", file->refs));
|
KLD_DPF(FILE, ("linker_file_unload: lf->refs=%d\n", file->refs));
|
||||||
lockmgr(&lock, LK_EXCLUSIVE, 0, curproc);
|
lockmgr(&lock, LK_EXCLUSIVE, 0, curproc);
|
||||||
if (file->refs == 1) {
|
if (file->refs == 1) {
|
||||||
@ -678,7 +686,7 @@ kldload(struct proc* p, struct kldload_args* uap)
|
|||||||
|
|
||||||
p->p_retval[0] = -1;
|
p->p_retval[0] = -1;
|
||||||
|
|
||||||
if (securelevel > 0)
|
if (securelevel > 0) /* redundant, but that's OK */
|
||||||
return EPERM;
|
return EPERM;
|
||||||
|
|
||||||
if ((error = suser(p)) != 0)
|
if ((error = suser(p)) != 0)
|
||||||
@ -721,7 +729,7 @@ kldunload(struct proc* p, struct kldunload_args* uap)
|
|||||||
linker_file_t lf;
|
linker_file_t lf;
|
||||||
int error = 0;
|
int error = 0;
|
||||||
|
|
||||||
if (securelevel > 0)
|
if (securelevel > 0) /* redundant, but that's OK */
|
||||||
return EPERM;
|
return EPERM;
|
||||||
|
|
||||||
if ((error = suser(p)) != 0)
|
if ((error = suser(p)) != 0)
|
||||||
|
|||||||
@ -225,11 +225,6 @@ mount(p, uap)
|
|||||||
if (vfsp == NULL) {
|
if (vfsp == NULL) {
|
||||||
linker_file_t lf;
|
linker_file_t lf;
|
||||||
|
|
||||||
/* Refuse to load modules if securelevel raised */
|
|
||||||
if (securelevel > 0) {
|
|
||||||
vput(vp);
|
|
||||||
return EPERM;
|
|
||||||
}
|
|
||||||
/* Only load modules for root (very important!) */
|
/* Only load modules for root (very important!) */
|
||||||
if ((error = suser(p)) != 0) {
|
if ((error = suser(p)) != 0) {
|
||||||
vput(vp);
|
vput(vp);
|
||||||
|
|||||||
@ -225,11 +225,6 @@ mount(p, uap)
|
|||||||
if (vfsp == NULL) {
|
if (vfsp == NULL) {
|
||||||
linker_file_t lf;
|
linker_file_t lf;
|
||||||
|
|
||||||
/* Refuse to load modules if securelevel raised */
|
|
||||||
if (securelevel > 0) {
|
|
||||||
vput(vp);
|
|
||||||
return EPERM;
|
|
||||||
}
|
|
||||||
/* Only load modules for root (very important!) */
|
/* Only load modules for root (very important!) */
|
||||||
if ((error = suser(p)) != 0) {
|
if ((error = suser(p)) != 0) {
|
||||||
vput(vp);
|
vput(vp);
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user