From owner-p4-projects@FreeBSD.ORG  Thu May 25 21:20:28 2006
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 66CAA16C859; Thu, 25 May 2006 21:20:28 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 631ED16C852
	for <perforce@freebsd.org>; Thu, 25 May 2006 21:20:27 +0000 (UTC)
	(envelope-from jhb@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E9CE943D58
	for <perforce@freebsd.org>; Thu, 25 May 2006 21:20:25 +0000 (GMT)
	(envelope-from jhb@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k4PLJT8H063384
	for <perforce@freebsd.org>; Thu, 25 May 2006 21:19:29 GMT
	(envelope-from jhb@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k4PLJSTP063379
	for perforce@freebsd.org; Thu, 25 May 2006 21:19:28 GMT
	(envelope-from jhb@freebsd.org)
Date: Thu, 25 May 2006 21:19:28 GMT
Message-Id: <200605252119.k4PLJSTP063379@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	jhb@freebsd.org using -f
From: John Baldwin <jhb@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 97825 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 May 2006 21:20:35 -0000

http://perforce.freebsd.org/chv.cgi?CH=97825

Change 97825 by jhb@jhb_mutex on 2006/05/25 21:19:00

	- linker_reference_module() is never called with the KLD_LOCK held
	  anymore.
	- Use securelevel_gt() rather than checking the securelevel variable
	  directly.

Affected files ...

.. //depot/projects/smpng/sys/kern/kern_linker.c#58 edit

Differences ...

==== //depot/projects/smpng/sys/kern/kern_linker.c#58 (text+ko) ====

@@ -356,8 +356,8 @@
 	int foundfile, error;
 
 	/* Refuse to load modules if securelevel raised */
-	if (securelevel > 0)
-		return (EPERM);
+	if ((error = securelevel_gt(curthread->td_ucred, 0)) != 0)
+		return (error);
 
 	KLD_LOCK_ASSERT();
 	lf = linker_find_file_by_name(filename);
@@ -427,21 +427,17 @@
 	modlist_t mod;
 	int error, locked;
 
-	locked = KLD_LOCKED();
-	if (!locked)
-		KLD_LOCK();
+	KLD_LOCK();
 	if ((mod = modlist_lookup2(modname, verinfo)) != NULL) {
 		*result = mod->container;
 		(*result)->refs++;
-		if (!locked)
-			KLD_UNLOCK();
+		KLD_UNLOCK();
 		return (0);
 	}
 
 	error = linker_load_module(NULL, modname, NULL, verinfo,
 	    result);
-	if (!locked)
-		KLD_UNLOCK();
+	KLD_UNLOCK();
 	return (error);
 }
 
@@ -542,8 +538,8 @@
 	int error, i;
 
 	/* Refuse to unload modules if securelevel raised. */
-	if (securelevel > 0)
-		return (EPERM);
+	if ((error = securelevel_gt(curthread->td_ucred, 0)) != 0)
+		return (error);
 #ifdef MAC
 	error = mac_check_kld_unload(curthread->td_ucred);
 	if (error)