D47484.diff
No OneTemporary
Actions

Size

1 KB

Referenced Files

None

Subscribers

None

D47484.diff
View Options

	diff --git a/sys/fs/procfs/procfs_mem.c b/sys/fs/procfs/procfs_mem.c
	--- a/sys/fs/procfs/procfs_mem.c
	+++ b/sys/fs/procfs/procfs_mem.c
	@@ -62,8 +62,6 @@

	PROC_LOCK(p);
	error = p_candebug(td, p);
	- if (error == 0 && uio->uio_rw == UIO_WRITE)
	- error = priv_check(td, PRIV_PROC_MEM_WRITE);
	PROC_UNLOCK(p);
	if (error == 0)
	error = proc_rwmem(p, uio);
	diff --git a/sys/kern/sys_process.c b/sys/kern/sys_process.c
	--- a/sys/kern/sys_process.c
	+++ b/sys/kern/sys_process.c
	@@ -361,6 +361,12 @@
	reqprot = writing ? VM_PROT_COPY \| VM_PROT_READ : VM_PROT_READ;
	fault_flags = writing ? VM_FAULT_DIRTY : VM_FAULT_NORMAL;

	+ if (writing) {
	+ error = priv_check_cred(p->p_ucred, PRIV_PROC_MEM_WRITE);
	+ if (error)
	+ return (error);
	+ }
	+
	/*
	* Only map in one page at a time. We don't have to, but it
	* makes things easier. This way is trivial - right?
	diff --git a/sys/sys/priv.h b/sys/sys/priv.h
	--- a/sys/sys/priv.h
	+++ b/sys/sys/priv.h
	@@ -515,7 +515,7 @@
	*/
	#define PRIV_KMEM_READ 680 /* Open mem/kmem for reading. */
	#define PRIV_KMEM_WRITE 681 /* Open mem/kmem for writing. */
	-#define PRIV_PROC_MEM_WRITE 682 /* Open /proc/<pid>/mem for writing. */
	+#define PRIV_PROC_MEM_WRITE 682 /* Writes via proc_rwmem */

	/*
	* Kernel debugger privileges.