From owner-svn-src-stable@freebsd.org Mon Nov 23 18:00:56 2015 Return-Path: Delivered-To: svn-src-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EA019A35188; Mon, 23 Nov 2015 18:00:56 +0000 (UTC) (envelope-from smh@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C53D22000; Mon, 23 Nov 2015 18:00:56 +0000 (UTC) (envelope-from smh@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id tANI0t9q058067; Mon, 23 Nov 2015 18:00:55 GMT (envelope-from smh@FreeBSD.org) Received: (from smh@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id tANI0t3F058063; Mon, 23 Nov 2015 18:00:55 GMT (envelope-from smh@FreeBSD.org) Message-Id: <201511231800.tANI0t3F058063@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: smh set sender to smh@FreeBSD.org using -f From: Steven Hartland Date: Mon, 23 Nov 2015 18:00:55 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r291215 - in stable/10/sys: dev/null geom kern sys X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Nov 2015 18:00:57 -0000 Author: smh Date: Mon Nov 23 18:00:55 2015 New Revision: 291215 URL: https://svnweb.freebsd.org/changeset/base/291215 Log: MFC r274366: Add missing privilege check when setting the dump device. Approved by: pjd, secteam (both no objections) Sponsored by: Multiplay Modified: stable/10/sys/dev/null/null.c stable/10/sys/geom/geom_dev.c stable/10/sys/kern/kern_shutdown.c stable/10/sys/sys/conf.h Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/dev/null/null.c ============================================================================== --- stable/10/sys/dev/null/null.c Mon Nov 23 17:27:29 2015 (r291214) +++ stable/10/sys/dev/null/null.c Mon Nov 23 18:00:55 2015 (r291215) @@ -36,7 +36,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include @@ -89,9 +88,7 @@ null_ioctl(struct cdev *dev __unused, u_ switch (cmd) { case DIOCSKERNELDUMP: - error = priv_check(td, PRIV_SETDUMPER); - if (error == 0) - error = set_dumper(NULL, NULL); + error = set_dumper(NULL, NULL, td); break; case FIONBIO: break; Modified: stable/10/sys/geom/geom_dev.c ============================================================================== --- stable/10/sys/geom/geom_dev.c Mon Nov 23 17:27:29 2015 (r291214) +++ stable/10/sys/geom/geom_dev.c Mon Nov 23 18:00:55 2015 (r291215) @@ -127,14 +127,14 @@ g_dev_fini(struct g_class *mp) } static int -g_dev_setdumpdev(struct cdev *dev) +g_dev_setdumpdev(struct cdev *dev, struct thread *td) { struct g_kerneldump kd; struct g_consumer *cp; int error, len; if (dev == NULL) - return (set_dumper(NULL, NULL)); + return (set_dumper(NULL, NULL, td)); cp = dev->si_drv2; len = sizeof(kd); @@ -142,7 +142,7 @@ g_dev_setdumpdev(struct cdev *dev) kd.length = OFF_MAX; error = g_io_getattr("GEOM::kerneldump", cp, &len, &kd); if (error == 0) { - error = set_dumper(&kd.di, devtoname(dev)); + error = set_dumper(&kd.di, devtoname(dev), td); if (error == 0) dev->si_flags |= SI_DUMPDEV; } @@ -157,7 +157,7 @@ init_dumpdev(struct cdev *dev) return; if (strcmp(devtoname(dev), dumpdev) != 0) return; - if (g_dev_setdumpdev(dev) == 0) { + if (g_dev_setdumpdev(dev, curthread) == 0) { freeenv(dumpdev); dumpdev = NULL; } @@ -480,9 +480,9 @@ g_dev_ioctl(struct cdev *dev, u_long cmd break; case DIOCSKERNELDUMP: if (*(u_int *)data == 0) - error = g_dev_setdumpdev(NULL); + error = g_dev_setdumpdev(NULL, td); else - error = g_dev_setdumpdev(dev); + error = g_dev_setdumpdev(dev, td); break; case DIOCGFLUSH: error = g_io_flush(cp); @@ -700,7 +700,7 @@ g_dev_orphan(struct g_consumer *cp) /* Reset any dump-area set on this device */ if (dev->si_flags & SI_DUMPDEV) - set_dumper(NULL, NULL); + (void)set_dumper(NULL, NULL, curthread); /* Destroy the struct cdev *so we get no more requests */ destroy_dev_sched_cb(dev, g_dev_callback, cp); Modified: stable/10/sys/kern/kern_shutdown.c ============================================================================== --- stable/10/sys/kern/kern_shutdown.c Mon Nov 23 17:27:29 2015 (r291214) +++ stable/10/sys/kern/kern_shutdown.c Mon Nov 23 18:00:55 2015 (r291215) @@ -843,9 +843,14 @@ SYSCTL_STRING(_kern_shutdown, OID_AUTO, /* Registration of dumpers */ int -set_dumper(struct dumperinfo *di, const char *devname) +set_dumper(struct dumperinfo *di, const char *devname, struct thread *td) { size_t wantcopy; + int error; + + error = priv_check(td, PRIV_SETDUMPER); + if (error != 0) + return (error); if (di == NULL) { bzero(&dumper, sizeof dumper); Modified: stable/10/sys/sys/conf.h ============================================================================== --- stable/10/sys/sys/conf.h Mon Nov 23 17:27:29 2015 (r291214) +++ stable/10/sys/sys/conf.h Mon Nov 23 18:00:55 2015 (r291215) @@ -337,7 +337,7 @@ struct dumperinfo { off_t mediasize; /* Space available in bytes. */ }; -int set_dumper(struct dumperinfo *, const char *_devname); +int set_dumper(struct dumperinfo *, const char *_devname, struct thread *td); int dump_write(struct dumperinfo *, void *, vm_offset_t, off_t, size_t); void dumpsys(struct dumperinfo *); int doadump(boolean_t);