- Add a mutex to lock the global securelevel value.

- Make use of MTX_SYSINIT() as the means to initialize our mutex lock.
svn path=/head/; revision=93686
2025-01-12 14:29:28 +00:00 · 2002-04-02 17:43:17 +00:00 · 2002-04-02 17:43:17 +00:00 · 72a492cacf · 2020-12-20 02:59:44 +00:00
commit 72a492cacf
parent 5320165b09
1 changed files with 9 additions and 1 deletions
--- a/sys/kern/kern_mib.c
+++ b/sys/kern/kern_mib.c
@ -204,6 +204,10 @@ SYSCTL_INT(_regression, OID_AUTO, securelevel_nonmonotonic, CTLFLAG_RW,
 #endif

 int securelevel = -1;
+struct mtx securelevel_mtx;
+
+MTX_SYSINIT(securelevel_lock, &securelevel_mtx, "securelevel mutex lock",
+    MTX_DEF);

 static int
 sysctl_kern_securelvl(SYSCTL_HANDLER_ARGS)
@ -240,10 +244,14 @@ sysctl_kern_securelvl(SYSCTL_HANDLER_ARGS)
 		pr->pr_securelevel = level;
 		mtx_unlock(&pr->pr_mtx);
 	} else {
+		mtx_lock(&securelevel_mtx);
 		if (!regression_securelevel_nonmonotonic &&
-		    (level < securelevel))
+		    (level < securelevel)) {
+			mtx_unlock(&securelevel_mtx);
 			return (EPERM);
+		}
 		securelevel = level;
+		mtx_unlock(&securelevel_mtx);
 	}
 	return (error);
 }