From 6c66bbed1a9d9687057c4bdfb440a595e52100f6 Mon Sep 17 00:00:00 2001
From: Archie Cobbs <archie@FreeBSD.org>
Date: Thu, 29 Jun 2000 17:57:04 +0000
Subject: [PATCH] Move the securelevel check before loading KLD's into
 linker_load_file(), instead of requiring every caller of linker_load_file()
 to perform the check itself. This avoids netgraph loading KLD's when
 securelevel > 0, not to mention any future code that may call
 linker_load_file().

Reviewed by:	dfr
---
 sys/kern/kern_linker.c  | 12 ++++++++++--
 sys/kern/vfs_extattr.c  |  5 -----
 sys/kern/vfs_syscalls.c |  5 -----
 3 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/sys/kern/kern_linker.c b/sys/kern/kern_linker.c
index bb764f4c0c62..f81e0007832d 100644
--- a/sys/kern/kern_linker.c
+++ b/sys/kern/kern_linker.c
@@ -301,6 +301,10 @@ linker_load_file(const char* filename, linker_file_t* result)
     linker_file_t lf;
     int foundfile, error = 0;
 
+    /* Refuse to load modules if securelevel raised */
+    if (securelevel > 0)
+	return EPERM; 
+
     lf = linker_find_file_by_name(filename);
     if (lf) {
 	KLD_DPF(FILE, ("linker_load_file: file %s is already loaded, incrementing refs\n", filename));
@@ -425,6 +429,10 @@ linker_file_unload(linker_file_t file)
     int error = 0;
     int i;
 
+    /* Refuse to unload modules if securelevel raised */
+    if (securelevel > 0)
+	return EPERM; 
+
     KLD_DPF(FILE, ("linker_file_unload: lf->refs=%d\n", file->refs));
     lockmgr(&lock, LK_EXCLUSIVE, 0, curproc);
     if (file->refs == 1) {
@@ -678,7 +686,7 @@ kldload(struct proc* p, struct kldload_args* uap)
 
     p->p_retval[0] = -1;
 
-    if (securelevel > 0)
+    if (securelevel > 0)	/* redundant, but that's OK */
 	return EPERM;
 
     if ((error = suser(p)) != 0)
@@ -721,7 +729,7 @@ kldunload(struct proc* p, struct kldunload_args* uap)
     linker_file_t lf;
     int error = 0;
 
-    if (securelevel > 0)
+    if (securelevel > 0)	/* redundant, but that's OK */
 	return EPERM;
 
     if ((error = suser(p)) != 0)
diff --git a/sys/kern/vfs_extattr.c b/sys/kern/vfs_extattr.c
index 57a844d11857..5c808bdcc2af 100644
--- a/sys/kern/vfs_extattr.c
+++ b/sys/kern/vfs_extattr.c
@@ -225,11 +225,6 @@ mount(p, uap)
 	if (vfsp == NULL) {
 		linker_file_t lf;
 
-		/* Refuse to load modules if securelevel raised */
-		if (securelevel > 0) {
-			vput(vp);
-			return EPERM; 
-		}
 		/* Only load modules for root (very important!) */
 		if ((error = suser(p)) != 0) {
 			vput(vp);
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c
index 57a844d11857..5c808bdcc2af 100644
--- a/sys/kern/vfs_syscalls.c
+++ b/sys/kern/vfs_syscalls.c
@@ -225,11 +225,6 @@ mount(p, uap)
 	if (vfsp == NULL) {
 		linker_file_t lf;
 
-		/* Refuse to load modules if securelevel raised */
-		if (securelevel > 0) {
-			vput(vp);
-			return EPERM; 
-		}
 		/* Only load modules for root (very important!) */
 		if ((error = suser(p)) != 0) {
 			vput(vp);