| kern_prot.c (87220) | kern_prot.c (87275) |
|---|---|
| 1/* 2 * Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. --- 23 unchanged lines hidden (view full) --- 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * 39 * @(#)kern_prot.c 8.6 (Berkeley) 1/21/94 | 1/* 2 * Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. --- 23 unchanged lines hidden (view full) --- 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * 39 * @(#)kern_prot.c 8.6 (Berkeley) 1/21/94 |
| 40 * $FreeBSD: head/sys/kern/kern_prot.c 87220 2001-12-02 15:22:56Z rwatson $ | 40 * $FreeBSD: head/sys/kern/kern_prot.c 87275 2001-12-03 16:12:27Z rwatson $ |
| 41 */ 42 43/* 44 * System calls related to processes and protection 45 */ 46 47#include "opt_compat.h" 48#include "opt_global.h" --- 1224 unchanged lines hidden (view full) --- 1273int 1274securelevel_gt(struct ucred *cr, int level) 1275{ 1276 int active_securelevel; 1277 1278 active_securelevel = securelevel; 1279 if (cr == NULL) 1280 printf("securelevel_gt: cr is NULL\n"); | 41 */ 42 43/* 44 * System calls related to processes and protection 45 */ 46 47#include "opt_compat.h" 48#include "opt_global.h" --- 1224 unchanged lines hidden (view full) --- 1273int 1274securelevel_gt(struct ucred *cr, int level) 1275{ 1276 int active_securelevel; 1277 1278 active_securelevel = securelevel; 1279 if (cr == NULL) 1280 printf("securelevel_gt: cr is NULL\n"); |
| 1281 if (cr->cr_prison != NULL) | 1281 if (cr->cr_prison != NULL) { 1282 mtx_lock(&cr->cr_prison->pr_mtx); |
| 1282 active_securelevel = imax(cr->cr_prison->pr_securelevel, 1283 active_securelevel); | 1283 active_securelevel = imax(cr->cr_prison->pr_securelevel, 1284 active_securelevel); |
| 1285 mtx_unlock(&cr->cr_prison->pr_mtx); 1286 } |
|
| 1284 return (active_securelevel > level ? EPERM : 0); 1285} 1286 1287int 1288securelevel_ge(struct ucred *cr, int level) 1289{ 1290 int active_securelevel; 1291 1292 active_securelevel = securelevel; 1293 if (cr == NULL) 1294 printf("securelevel_gt: cr is NULL\n"); | 1287 return (active_securelevel > level ? EPERM : 0); 1288} 1289 1290int 1291securelevel_ge(struct ucred *cr, int level) 1292{ 1293 int active_securelevel; 1294 1295 active_securelevel = securelevel; 1296 if (cr == NULL) 1297 printf("securelevel_gt: cr is NULL\n"); |
| 1295 if (cr->cr_prison != NULL) | 1298 if (cr->cr_prison != NULL) { 1299 mtx_lock(&cr->cr_prison->pr_mtx); |
| 1296 active_securelevel = imax(cr->cr_prison->pr_securelevel, 1297 active_securelevel); | 1300 active_securelevel = imax(cr->cr_prison->pr_securelevel, 1301 active_securelevel); |
| 1302 mtx_unlock(&cr->cr_prison->pr_mtx); 1303 } |
|
| 1298 return (active_securelevel >= level ? EPERM : 0); 1299} 1300 1301/* 1302 * 'see_other_uids' determines whether or not visibility of processes 1303 * and sockets with credentials holding different real uids is possible 1304 * using a variety of system MIBs. 1305 * XXX: data declarations should be together near the beginning of the file. --- 531 unchanged lines hidden --- | 1304 return (active_securelevel >= level ? EPERM : 0); 1305} 1306 1307/* 1308 * 'see_other_uids' determines whether or not visibility of processes 1309 * and sockets with credentials holding different real uids is possible 1310 * using a variety of system MIBs. 1311 * XXX: data declarations should be together near the beginning of the file. --- 531 unchanged lines hidden --- |