kern_mib.c (80447) | kern_mib.c (83990) |
---|---|
1/*- 2 * Copyright (c) 1982, 1986, 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * Mike Karels at Berkeley Software Design, Inc. 7 * 8 * Quite extensively rewritten by Poul-Henning Kamp of the FreeBSD --- 23 unchanged lines hidden (view full) --- 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * 39 * @(#)kern_sysctl.c 8.4 (Berkeley) 4/14/94 | 1/*- 2 * Copyright (c) 1982, 1986, 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * Mike Karels at Berkeley Software Design, Inc. 7 * 8 * Quite extensively rewritten by Poul-Henning Kamp of the FreeBSD --- 23 unchanged lines hidden (view full) --- 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * 39 * @(#)kern_sysctl.c 8.4 (Berkeley) 4/14/94 |
40 * $FreeBSD: head/sys/kern/kern_mib.c 80447 2001-07-27 15:52:49Z peter $ | 40 * $FreeBSD: head/sys/kern/kern_mib.c 83990 2001-09-26 20:39:48Z rwatson $ |
41 */ 42 43#include <sys/param.h> 44#include <sys/kernel.h> 45#include <sys/systm.h> 46#include <sys/sysctl.h> 47#include <sys/proc.h> 48#include <sys/jail.h> --- 118 unchanged lines hidden (view full) --- 167 168int securelevel = -1; 169 170static int 171sysctl_kern_securelvl(SYSCTL_HANDLER_ARGS) 172{ 173 int error, level; 174 | 41 */ 42 43#include <sys/param.h> 44#include <sys/kernel.h> 45#include <sys/systm.h> 46#include <sys/sysctl.h> 47#include <sys/proc.h> 48#include <sys/jail.h> --- 118 unchanged lines hidden (view full) --- 167 168int securelevel = -1; 169 170static int 171sysctl_kern_securelvl(SYSCTL_HANDLER_ARGS) 172{ 173 int error, level; 174 |
175 level = securelevel; | 175 /* 176 * If the process is in jail, return the maximum of the 177 * global and local levels; otherwise, return the global 178 * level. 179 */ 180 if (req->p->p_ucred->cr_prison != NULL) 181 level = imax(securelevel, 182 req->p->p_ucred->cr_prison->pr_securelevel); 183 else 184 level = securelevel; |
176 error = sysctl_handle_int(oidp, &level, 0, req); 177 if (error || !req->newptr) 178 return (error); | 185 error = sysctl_handle_int(oidp, &level, 0, req); 186 if (error || !req->newptr) 187 return (error); |
179 if (level < securelevel) 180 return (EPERM); 181 securelevel = level; | 188 /* 189 * Permit update only if the new securelevel exceeds the 190 * global level, and local level if any. 191 */ 192 if (req->p->p_ucred->cr_prison != NULL) { 193 if (level < imax(securelevel, 194 req->p->p_ucred->cr_prison->pr_securelevel)) 195 return (EPERM); 196 req->p->p_ucred->cr_prison->pr_securelevel = level; 197 } else { 198 if (level < securelevel) 199 return (EPERM); 200 securelevel = level; 201 } |
182 return (error); 183} 184 | 202 return (error); 203} 204 |
185SYSCTL_PROC(_kern, KERN_SECURELVL, securelevel, CTLTYPE_INT|CTLFLAG_RW, 186 0, 0, sysctl_kern_securelvl, "I", "Current secure level"); | 205SYSCTL_PROC(_kern, KERN_SECURELVL, securelevel, 206 CTLTYPE_INT|CTLFLAG_RW|CTLFLAG_PRISON, 0, 0, sysctl_kern_securelvl, 207 "I", "Current secure level"); |
187 188char domainname[MAXHOSTNAMELEN]; 189SYSCTL_STRING(_kern, KERN_NISDOMAINNAME, domainname, CTLFLAG_RW, 190 &domainname, sizeof(domainname), "Name of the current YP/NIS domain"); 191 192unsigned long hostid; 193SYSCTL_ULONG(_kern, KERN_HOSTID, hostid, CTLFLAG_RW, &hostid, 0, "Host ID"); 194 --- 67 unchanged lines hidden --- | 208 209char domainname[MAXHOSTNAMELEN]; 210SYSCTL_STRING(_kern, KERN_NISDOMAINNAME, domainname, CTLFLAG_RW, 211 &domainname, sizeof(domainname), "Name of the current YP/NIS domain"); 212 213unsigned long hostid; 214SYSCTL_ULONG(_kern, KERN_HOSTID, hostid, CTLFLAG_RW, &hostid, 0, "Host ID"); 215 --- 67 unchanged lines hidden --- |