From owner-freebsd-current@FreeBSD.ORG Sun Jun 16 15:21:12 2013 Return-Path: Delivered-To: freebsd-current@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 4CF96A2A; Sun, 16 Jun 2013 15:21:12 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from m2.gritton.org (gritton.org [199.192.164.235]) by mx1.freebsd.org (Postfix) with ESMTP id 2B4DD1C55; Sun, 16 Jun 2013 15:21:11 +0000 (UTC) Received: from glorfindel.gritton.org (c-24-10-224-248.hsd1.ut.comcast.net [24.10.224.248]) (authenticated bits=0) by m2.gritton.org (8.14.5/8.14.5) with ESMTP id r5GFLA2e023186; Sun, 16 Jun 2013 09:21:10 -0600 (MDT) (envelope-from jamie@FreeBSD.org) Message-ID: <51BDD7E4.60704@FreeBSD.org> Date: Sun, 16 Jun 2013 09:21:08 -0600 From: Jamie Gritton User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.24) Gecko/20120129 Thunderbird/3.1.16 MIME-Version: 1.0 To: Konstantin Belousov Subject: Re: A PRIV_* flag for /dev/mem? References: <201305202256.r4KMuWpH055366@chez.mckusick.com> <51BCF786.2070603@FreeBSD.org> <20130616062057.GR91021@kib.kiev.ua> In-Reply-To: <20130616062057.GR91021@kib.kiev.ua> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Kirk McKusick , Robert Watson , FreeBSD Current , Alexander Leidinger X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Jun 2013 15:21:12 -0000 On 06/16/13 00:20, Konstantin Belousov wrote: > On Sat, Jun 15, 2013 at 05:23:50PM -0600, Jamie Gritton wrote: >> Index: sys/dev/mem/memdev.c >> =================================================================== >> --- sys/dev/mem/memdev.c (revision 251793) >> +++ sys/dev/mem/memdev.c (working copy) >> @@ -67,8 +67,14 @@ >> { >> int error = 0; >> >> - if (flags& FWRITE) >> - error = securelevel_gt(td->td_ucred, 0); >> + if (flags& FREAD) >> + error = priv_check(td, PRIV_KMEM_READ); >> + if (flags& FWRITE) { >> + if (error != 0) >> + error = priv_check(td, PRIV_KMEM_WRITE); >> + if (error != 0) > Shouldn't this be 'if (error == 0)' ? Indeed it should. None of this has even been compiled yet, let alone tested - still in the thought phase. - Jamie