From owner-freebsd-current  Wed Mar 20 20: 8:56 2002
Delivered-To: freebsd-current@freebsd.org
Received: from h132-197-179-27.gte.com (h132-197-179-27.gte.com [132.197.179.27])
	by hub.freebsd.org (Postfix) with ESMTP
	id DFD8237B404; Wed, 20 Mar 2002 20:08:50 -0800 (PST)
Received: from kanpc.gte.com (localhost [IPv6:::1])
	by h132-197-179-27.gte.com (8.12.2/8.12.2) with ESMTP id g2L48nka072871;
	Wed, 20 Mar 2002 23:08:50 -0500 (EST)
	(envelope-from ak03@kanpc.gte.com)
Received: (from ak03@localhost)
	by kanpc.gte.com (8.12.2/8.12.2/Submit) id g2L48nl3072870;
	Wed, 20 Mar 2002 23:08:49 -0500 (EST)
Date: Wed, 20 Mar 2002 23:08:48 -0500
From: "Alexander N. Kabaev" <ak03@gte.com>
To: current@FreeBSD.org
Cc: rwatson@FreeBSD.org, arr@FreeBSD.org
Subject: securelevel_gt used incorrectly in kldload?
Message-ID: <20020321040848.GA72774@kanpc.gte.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.27i
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

The following check added into kern_linker.c seems wrong somehow:

	if (securelevel_gt(td->td_ucred, 0) == 0) {
		error = EPERM;
		goto out;
	}

The last thing securelevel_gt does is to perform this check:
        return (active_securelevel > level ? EPERM : 0);
i.e. it returns EPERM is securelevel restriction is violated.

Should above construct be rewritten as follows instead?

	if ((error = securelevel_gt(td->td_ucred, 0)) != 0)
		goto out;

The same bug is present in vfs_mount too.
--
Alexander Kabaev

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message