suser_to_priv.patch

mneumann, 12/29/2008 06:29 PM

Download (155 KB)

View differences:

sys/kern/vfs_syscalls.c
126 126
	struct ucred *cred = p->p_ucred;
127 127

  
128 128
	KKASSERT(p);
129
	if (cred->cr_prison != NULL)
129
	if (jailed(cred))
130 130
		return (EPERM);
131 131
	if (usermount == 0 && (error = priv_check(td, PRIV_ROOT)))
132 132
		return (error);
sys/kern/vfs_vnops.c
945 945
	}
946 946
	
947 947
	sb->st_flags = vap->va_flags;
948
	if (priv_check_cred(cred, PRIV_ROOT, 0))
948

  
949
	error = priv_check_cred(cred, PRIV_VFS_GENERATION, 0);
950
	if (error)
949 951
		sb->st_gen = 0;
950 952
	else
951 953
		sb->st_gen = (u_int32_t)vap->va_gen;
sys/vfs/procfs/procfs_ctl.c
44 44
#include <sys/param.h>
45 45
#include <sys/systm.h>
46 46
#include <sys/proc.h>
47
#include <sys/priv.h>
47 48
#include <sys/vnode.h>
48 49
#include <sys/ptrace.h>
49 50
#include <sys/signalvar.h>
sys/vfs/procfs/procfs_dbregs.c
46 46

  
47 47
#include <sys/param.h>
48 48
#include <sys/proc.h>
49
#include <sys/priv.h>
49 50
#include <sys/vnode.h>
50 51
#include <sys/reg.h>
51 52
#include <vfs/procfs/procfs.h>
sys/vfs/procfs/procfs_fpregs.c
43 43

  
44 44
#include <sys/param.h>
45 45
#include <sys/proc.h>
46
#include <sys/priv.h>
46 47
#include <sys/vnode.h>
47 48
#include <sys/reg.h>
48 49
#include <vfs/procfs/procfs.h>
sys/vfs/procfs/procfs_mem.c
49 49
#include <sys/param.h>
50 50
#include <sys/systm.h>
51 51
#include <sys/proc.h>
52
#include <sys/priv.h>
52 53
#include <sys/vnode.h>
53 54
#include <vfs/procfs/procfs.h>
54 55
#include <vm/vm.h>
sys/vfs/procfs/procfs_regs.c
43 43

  
44 44
#include <sys/param.h>
45 45
#include <sys/proc.h>
46
#include <sys/priv.h>
46 47
#include <sys/vnode.h>
47 48
#include <sys/reg.h>
48 49
#include <vfs/procfs/procfs.h>
sys/vfs/procfs/procfs_status.c
45 45
#include <sys/systm.h>
46 46
#include <sys/malloc.h>
47 47
#include <sys/proc.h>
48
#include <sys/priv.h>
48 49
#include <sys/jail.h>
49 50
#include <sys/vnode.h>
50 51
#include <sys/tty.h>
sys/kern/kern_prot.c
53 53
#include <sys/kernel.h>
54 54
#include <sys/lock.h>
55 55
#include <sys/proc.h>
56
#include <sys/priv.h>
56 57
#include <sys/malloc.h>
57 58
#include <sys/pioctl.h>
58 59
#include <sys/resourcevar.h>
sys/kern/kern_prot.c
817 817

  
818 818
/*
819 819
 * Test whether the specified credentials imply "super-user"
820
 * privilege; if so, and we have accounting info, set the flag
821
 * indicating use of super-powers.  A kernel thread without a process
822
 * context is assumed to have super user capabilities.  In situations
823
 * where the caller always expect a cred to exist, the cred should be
824
 * passed separately and suser_cred()should be used instead of suser().
820
 * privilege.
821
 * 
822
 * Depreciated! Use priv_check() instead. 
823
 */
824
int
825
suser(struct thread *td)
826
{
827
	return priv_check(td, PRIV_ROOT);
828
}
829

  
830
/*
831
 * Depreciated! Use priv_check_cred() instead. 
832
 */
833
int
834
suser_cred(struct ucred *cred, int flag)
835
{
836
	return priv_check_cred(cred, PRIV_ROOT, flag);
837
}
838

  
839
/*
840
 * Test whether the specified credentials have the privilege
841
 * in question.
842
 *
843
 * A kernel thread without a process context is assumed to have 
844
 * the privilege in question.  In situations where the caller always 
845
 * expect a cred to exist, the cred should be passed separately and 
846
 * priv_check_cred() should be used instead of priv_check().
825 847
 *
826 848
 * Returns 0 or error.
827 849
 */
828 850
int
829
suser(struct thread *td)
851
priv_check(struct thread *td, int priv)
830 852
{
831 853
	struct proc *p = td->td_proc;
832 854

  
833 855
	if (p != NULL) {
834
		return suser_cred(p->p_ucred, 0);
856
		return priv_check_cred(p->p_ucred, priv, 0);
835 857
	} else {
836 858
		return (0);
837 859
	}
838 860
}
839 861

  
840 862
/*
863
 * Check a credential for privilege.
864
 *
841 865
 * A non-null credential is expected unless NULL_CRED_OKAY is set.
842 866
 */
843 867
int
844
suser_cred(struct ucred *cred, int flag)
868
priv_check_cred(struct ucred *cred, int priv, int flags)
845 869
{
846
	KASSERT(cred != NULL || flag & NULL_CRED_OKAY,
847
		("suser_cred: NULL cred!"));
870
	KASSERT(PRIV_VALID(priv), ("priv_check_cred: invalid privilege"));
871

  
872
	KASSERT(cred != NULL || flags & NULL_CRED_OKAY,
873
		("priv_check_cred: NULL cred!"));
848 874

  
849 875
	if (cred == NULL) {
850
		if (flag & NULL_CRED_OKAY)
876
		if (flags & NULL_CRED_OKAY)
851 877
			return (0);
852 878
		else
853 879
			return (EPERM);
854 880
	}
855 881
	if (cred->cr_uid != 0) 
856 882
		return (EPERM);
857
	if (cred->cr_prison && !(flag & PRISON_ROOT))
883
	if (cred->cr_prison && !(flags & PRISON_ROOT))
858 884
		return (EPERM);
859 885
	/* NOTE: accounting for suser access (p_acflag/ASU) removed */
860 886
	return (0);
861 887
}
862 888

  
863 889
/*
864
 * Check for privilege.
865
 *
866
 * YYY: For now this is just a wrapper calling suser().
867
 */
868
int
869
priv_check(struct thread *td, int priv)
870
{
871
  return suser(td);
872
}
873

  
874
/*
875
 * Check a credential for privilege.
876
 *
877
 * YYY: For now this is just a wrapper calling suser_cred().
878
 */
879
int
880
priv_check_cred(struct ucred *cred, int priv, int flags)
881
{
882
  return suser_cred(cred, flags);
883
}
884

  
885
/*
886 890
 * Return zero if p1 can fondle p2, return errno (EPERM/ESRCH) otherwise.
887 891
 */
888 892
int
sys/dev/disk/ata/atapi-cd.c
36 36
#include <sys/kernel.h>
37 37
#include <sys/malloc.h>
38 38
#include <sys/proc.h>
39
#include <sys/priv.h>
39 40
#include <sys/buf.h>
40 41
#include <sys/bus.h>
41 42
#include <sys/disk.h>
......
596 597

  
597 598
    case CDIOCRESET:
598 599
;	/* note: if no proc EPERM will be returned */
599
	error = suser_cred(ap->a_cred, 0);
600
	error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
600 601
	if (error)
601 602
	    break;
602 603
	error = atapi_test_ready(cdp->device);
sys/dev/disk/fd/fd.c
72 72
#include <sys/malloc.h>
73 73
#include <sys/module.h>
74 74
#include <sys/proc.h>
75
#include <sys/priv.h>
75 76
#include <sys/syslog.h>
76 77
#include <sys/device.h>
77 78
#include <sys/bus.h>
......
2307 2308

  
2308 2309
	case FD_STYPE:                  /* set drive type */
2309 2310
		/* this is considered harmful; only allow for superuser */
2310
		if (suser_cred(ap->a_cred, 0) != 0)
2311
		if (priv_check_cred(ap->a_cred, PRIV_ROOT, 0) != 0)
2311 2312
			return EPERM;
2312 2313
		fd->ft = *(struct fd_type *)ap->a_data;
2313 2314
		break;
sys/dev/disk/nata/atapi-cd.c
44 44
#include <sys/module.h>
45 45
#include <sys/nata.h>
46 46
#include <sys/proc.h>
47
#include <sys/priv.h>
47 48
#include <sys/systm.h>
48 49

  
49 50
#include "ata-all.h"
......
345 346
	break;
346 347

  
347 348
    case CDIOCRESET:
348
	error = suser_cred(ap->a_cred, 0);
349
	error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
349 350
	if (error)
350 351
	    break;
351 352
	error = acd_test_ready(dev);
sys/dev/disk/vn/vn.c
61 61
#include <sys/systm.h>
62 62
#include <sys/kernel.h>
63 63
#include <sys/proc.h>
64
#include <sys/priv.h>
64 65
#include <sys/nlookup.h>
65 66
#include <sys/buf.h>
66 67
#include <sys/malloc.h>
......
479 480

  
480 481
    vn_specific:
481 482

  
482
	error = suser_cred(ap->a_cred, 0);
483
	error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
483 484
	if (error)
484 485
		return (error);
485 486

  
sys/dev/drm/drmP.h
48 48
#include <sys/systm.h>
49 49
#include <sys/conf.h>
50 50
#include <sys/stat.h>
51
#if __FreeBSD_version >= 700000
52 51
#include <sys/priv.h>
53
#endif
54 52
#include <sys/proc.h>
55 53
#include <sys/lock.h>
56 54
#include <sys/fcntl.h>
......
276 274
#if defined(__FreeBSD__) || defined(__DragonFly__)
277 275
#define PAGE_ALIGN(addr) round_page(addr)
278 276
/* DRM_SUSER returns true if the user is superuser */
279
#if __FreeBSD_version >= 700000
280 277
#define DRM_SUSER(p)		(priv_check(p, PRIV_DRIVER) == 0)
281
#else
282
#define DRM_SUSER(p)		(suser(p) == 0)
283
#endif
284 278
#define DRM_AGP_FIND_DEVICE()	agp_find_device()
285 279
#define DRM_MTRR_WC		MDF_WRITECOMBINE
286 280
#define jiffies			ticks
sys/dev/misc/dcons/dcons_os.c
50 50
#include <sys/tty.h>
51 51
#include <sys/malloc.h>
52 52
#include <sys/proc.h>
53
#include <sys/priv.h>
53 54
#include <sys/thread2.h>
54 55
#include <sys/ucred.h>
55 56
#include <sys/bus.h>
......
272 273
		tp->t_lflag = TTYDEF_LFLAG;
273 274
		tp->t_ispeed = tp->t_ospeed = TTYDEF_SPEED;
274 275
		ttsetwater(tp);
275
	} else if ((tp->t_state & TS_XCLUDE) && suser_cred(ap->a_cred, 0)) {
276
	} else if ((tp->t_state & TS_XCLUDE) && priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) {
276 277
		crit_exit();
277 278
		return (EBUSY);
278 279
	}
sys/dev/misc/nmdm/nmdm.c
44 44
#include <sys/ioctl_compat.h>
45 45
#endif
46 46
#include <sys/proc.h>
47
#include <sys/priv.h>
47 48
#include <sys/thread2.h>
48 49
#include <sys/tty.h>
49 50
#include <sys/conf.h>
......
203 204
		tp->t_lflag = TTYDEF_LFLAG;
204 205
		tp->t_cflag = TTYDEF_CFLAG;
205 206
		tp->t_ispeed = tp->t_ospeed = TTYDEF_SPEED;
206
	} else if (tp->t_state & TS_XCLUDE && suser_cred(ap->a_cred, 0)) {
207
	} else if (tp->t_state & TS_XCLUDE && priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) {
207 208
		return (EBUSY);
208 209
	} else if (pti->pt_prison != ap->a_cred->cr_prison) {
209 210
		return (EBUSY);
sys/dev/misc/spigot/spigot.c
60 60
#include	<sys/conf.h>
61 61
#include	<sys/device.h>
62 62
#include	<sys/proc.h>
63
#include	<sys/priv.h>
63 64
#include	<sys/signalvar.h>
64 65
#include	<sys/mman.h>
65 66

  
......
166 167
	 * require sufficient privilege soon and nothing much can be done
167 168
	 * without them.
168 169
	 */
169
	error = suser_cred(ap->a_cred, 0);
170
	error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
170 171
	if (error != 0)
171 172
		return error;
172 173
	if (securelevel > 0)
......
231 232
		break;
232 233
	case	SPIGOT_IOPL_ON:	/* allow access to the IO PAGE */
233 234
#if !defined(SPIGOT_UNSECURE)
234
		error = suser_cred(ap->a_cred, 0);
235
		error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
235 236
		if (error != 0)
236 237
			return error;
237 238
		if (securelevel > 0)
sys/dev/misc/syscons/syscons.c
43 43
#include <sys/reboot.h>
44 44
#include <sys/conf.h>
45 45
#include <sys/proc.h>
46
#include <sys/priv.h>
46 47
#include <sys/signalvar.h>
47 48
#include <sys/sysctl.h>
48 49
#include <sys/tty.h>
......
492 493
	(*linesw[tp->t_line].l_modem)(tp, 1);
493 494
    }
494 495
    else
495
	if (tp->t_state & TS_XCLUDE && suser_cred(ap->a_cred, 0))
496
	if (tp->t_state & TS_XCLUDE && priv_check_cred(ap->a_cred, PRIV_ROOT, 0))
496 497
	    return(EBUSY);
497 498

  
498 499
    error = (*linesw[tp->t_line].l_open)(dev, tp);
......
1002 1003
	return 0;
1003 1004

  
1004 1005
    case KDENABIO:      	/* allow io operations */
1005
	error = suser_cred(ap->a_cred, 0);
1006
	error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
1006 1007
	if (error != 0)
1007 1008
	    return error;
1008 1009
	if (securelevel > 0)
sys/dev/misc/syscons/sysmouse.c
33 33
#include <sys/systm.h>
34 34
#include <sys/conf.h>
35 35
#include <sys/proc.h>
36
#include <sys/priv.h>
36 37
#include <sys/tty.h>
37 38
#include <sys/kernel.h>
38 39
#include <sys/thread2.h>
......
97 98
		tp->t_ispeed = tp->t_ospeed = TTYDEF_SPEED;
98 99
		smparam(tp, &tp->t_termios);
99 100
		(*linesw[tp->t_line].l_modem)(tp, 1);
100
	} else if (tp->t_state & TS_XCLUDE && suser_cred(ap->a_cred, 0)) {
101
	} else if (tp->t_state & TS_XCLUDE && priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) {
101 102
		return EBUSY;
102 103
	}
103 104

  
sys/dev/netif/an/if_an.c
94 94
#include <sys/mbuf.h>
95 95
#include <sys/kernel.h>
96 96
#include <sys/proc.h>
97
#include <sys/priv.h>
97 98
#include <sys/ucred.h>
98 99
#include <sys/socket.h>
99 100
#ifdef ANCACHE
......
1843 1844
			break;
1844 1845
#ifdef ANCACHE
1845 1846
		if (sc->areq.an_type == AN_RID_ZERO_CACHE) {
1846
			error = suser_cred(cr, NULL_CRED_OKAY);
1847
			error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY);
1847 1848
			if (error)
1848 1849
				break;
1849 1850
			sc->an_sigitems = sc->an_nextitem = 0;
......
1867 1868
		error = copyout(&sc->areq, ifr->ifr_data, sizeof(sc->areq));
1868 1869
		break;
1869 1870
	case SIOCSAIRONET:
1870
		if ((error = suser_cred(cr, NULL_CRED_OKAY)))
1871
		if ((error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY)))
1871 1872
			break;
1872 1873
		error = copyin(ifr->ifr_data, &sc->areq, sizeof(sc->areq));
1873 1874
		if (error != 0)
......
1875 1876
		an_setdef(sc, &sc->areq);
1876 1877
		break;
1877 1878
	case SIOCGPRIVATE_0:              /* used by Cisco client utility */
1878
		if ((error = suser_cred(cr, NULL_CRED_OKAY)))
1879
		if ((error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY)))
1879 1880
			break;
1880 1881
		copyin(ifr->ifr_data, &l_ioctl, sizeof(l_ioctl));
1881 1882
		mode = l_ioctl.command;
......
1895 1896

  
1896 1897
		break;
1897 1898
	case SIOCGPRIVATE_1:              /* used by Cisco client utility */
1898
		if ((error = suser_cred(cr, NULL_CRED_OKAY)))
1899
		if ((error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY)))
1899 1900
			break;
1900 1901
		copyin(ifr->ifr_data, &l_ioctl, sizeof(l_ioctl));
1901 1902
		l_ioctl.command = 0;
......
2145 2146
		}
2146 2147
		break;
2147 2148
	case SIOCS80211:
2148
		if ((error = suser_cred(cr, NULL_CRED_OKAY)))
2149
		if ((error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY)))
2149 2150
			break;
2150 2151
		sc->areq.an_len = sizeof(sc->areq);
2151 2152
		/*
sys/dev/netif/ath/hal/ah_osdep.c
46 46
#include <sys/bus.h>
47 47
#include <sys/malloc.h>
48 48
#include <sys/proc.h>
49
#include <sys/priv.h>
49 50

  
50 51
#include <machine/stdarg.h>
51 52

  
......
203 204
	int error;
204 205

  
205 206
	if (enable) {
206
		error = suser(curthread);
207
		error = priv_check(curthread, PRIV_ROOT);
207 208
		if (error == 0) {
208 209
			error = alq_open(&ath_hal_alq, ath_hal_logfile,
209 210
				curthread->td_ucred, ALQ_DEFAULT_CMODE,
sys/dev/netif/cx/cx.c
29 29
#include <sys/fcntl.h>
30 30
#include <sys/conf.h>
31 31
#include <sys/proc.h>
32
#include <sys/priv.h>
32 33
#include <sys/tty.h>
33 34
#include <sys/socket.h>
34 35
#include <sys/thread2.h>
......
162 163
	tp = c->ttyp;
163 164
	tp->t_dev = dev;
164 165
	if ((tp->t_state & TS_ISOPEN) && (tp->t_state & TS_XCLUDE) &&
165
	    suser_cred(ap->a_cred, 0))
166
	    priv_check_cred(ap->a_cred, PRIV_ROOT, 0))
166 167
		return (EBUSY);
167 168
	if (! (tp->t_state & TS_ISOPEN)) {
168 169
		ttychars (tp);
sys/dev/netif/iwi/if_iwi.c
50 50
#include <sys/module.h>
51 51
#include <sys/endian.h>
52 52
#include <sys/proc.h>
53
#include <sys/priv.h>
53 54
#include <sys/ucred.h>
54 55
#include <sys/bus.h>
55 56
#include <sys/rman.h>
......
1953 1954

  
1954 1955
	case SIOCSLOADFW:
1955 1956
		/* only super-user can do that! */
1956
		error = suser_cred(cr, NULL_CRED_OKAY);
1957
		error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY);
1957 1958
		if (error != 0)
1958 1959
			break;
1959 1960

  
......
1963 1964

  
1964 1965
	case SIOCSKILLFW:
1965 1966
		/* only super-user can do that! */
1966
		error = suser_cred(cr, NULL_CRED_OKAY);
1967
		error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY);
1967 1968
		if (error != 0)
1968 1969
			break;
1969 1970

  
sys/dev/netif/ndis/if_ndis.c
42 42
#include <sys/socket.h>
43 43
#include <sys/queue.h>
44 44
#include <sys/proc.h>
45
#include <sys/priv.h>
45 46
#include <sys/sysctl.h>
46 47
#include <sys/bus.h>
47 48
#include <sys/rman.h>
......
1939 1940
	uint32_t		foo;
1940 1941
	int			error, len;
1941 1942

  
1942
	error = suser(curthread);
1943
	error = priv_check(curthread, PRIV_ROOT);
1943 1944
	if (error)
1944 1945
		return (error);
1945 1946

  
sys/dev/netif/sbni/if_sbni.c
67 67
#include <sys/mbuf.h>
68 68
#include <sys/kernel.h>
69 69
#include <sys/proc.h>
70
#include <sys/priv.h>
70 71
#include <sys/callout.h>
71 72
#include <sys/syslog.h>
72 73
#include <sys/random.h>
......
1091 1092

  
1092 1093
	case SIOCSHWFLAGS:	/* set flags */
1093 1094
		/* root only */
1094
		error = suser_cred(cr, NULL_CRED_OKAY);
1095
		error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY);
1095 1096
					/* NOTE: returns EPERM if no proc */
1096 1097
		if (error)
1097 1098
			break;
......
1114 1115
		break;
1115 1116

  
1116 1117
	case SIOCRINSTATS:
1117
		if (!(error = suser_cred(cr, NULL_CRED_OKAY)))	/* root only */
1118
		if (!(error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY)))	/* root only */
1118 1119
			bzero(&sc->in_stats, sizeof(struct sbni_in_stats));
1119 1120
		break;
1120 1121

  
sys/dev/netif/sbsh/if_sbsh.c
34 34
#include <sys/malloc.h>
35 35
#include <sys/kernel.h>
36 36
#include <sys/proc.h>
37
#include <sys/priv.h>
37 38
#include <sys/socket.h>
38 39
#include <sys/random.h>
39 40
#include <sys/serialize.h>
......
398 399

  
399 400
	switch(cmd) {
400 401
	case SIOCLOADFIRMW:
401
		if ((error = suser_cred(cr, NULL_CRED_OKAY)) != 0)
402
		if ((error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY)) != 0)
402 403
			break;
403 404
		if (ifp->if_flags & IFF_UP)
404 405
			error = EBUSY;
......
418 419
		break;
419 420

  
420 421
	case  SIOCGETSTATS :
421
		if ((error = suser_cred(cr, NULL_CRED_OKAY)) != 0)
422
		if ((error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY)) != 0)
422 423
			break;
423 424

  
424 425
		t = 0;
......
452 453
		break;
453 454

  
454 455
	case  SIOCCLRSTATS :
455
		if (!(error = suser_cred(cr, NULL_CRED_OKAY))) {
456
		if (!(error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY))) {
456 457
			bzero(&sc->in_stats, sizeof(struct sbni16_stats));
457 458
			t = 2;
458 459
			if (issue_cx28975_cmd(sc, _DSL_CLEAR_ERROR_CTRS, &t, 1))
sys/dev/netif/wi/if_wi.c
75 75
#include <sys/sockio.h>
76 76
#include <sys/mbuf.h>
77 77
#include <sys/proc.h>
78
#include <sys/priv.h>
78 79
#include <sys/kernel.h>
79 80
#include <sys/socket.h>
80 81
#include <sys/module.h>
......
1110 1111
		error = wi_get_cfg(ifp, cmd, data, cr);
1111 1112
		break;
1112 1113
	case SIOCSIFGENERIC:
1113
		error = suser_cred(cr, NULL_CRED_OKAY);
1114
		error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY);
1114 1115
		if (error)
1115 1116
			break;
1116 1117
		error = wi_set_cfg(ifp, cmd, data);
......
1129 1130
			error = copyout(&wreq, ifr->ifr_data, sizeof(wreq));
1130 1131
		break;
1131 1132
	case SIOCSPRISM2DEBUG:
1132
		if ((error = suser_cred(cr, NULL_CRED_OKAY)))
1133
		if ((error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY)))
1133 1134
			goto out;
1134 1135
		error = copyin(ifr->ifr_data, &wreq, sizeof(wreq));
1135 1136
		if (error)
......
1150 1151
		}
1151 1152
		break;
1152 1153
	case SIOCS80211:
1153
		error = suser_cred(cr, NULL_CRED_OKAY);
1154
		error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY);
1154 1155
		if (error)
1155 1156
			break;
1156 1157
		ireq = (struct ieee80211req *) data;
sys/dev/netif/wl/if_wl.c
200 200
#include <sys/socket.h>
201 201
#include <sys/syslog.h>
202 202
#include <sys/proc.h>
203
#include <sys/priv.h>
203 204
#include <sys/serialize.h>
204 205
#include <sys/sysctl.h>
205 206
#include <sys/bus.h>
......
1341 1342
	/* pointer to buffer in user space */
1342 1343
	up = (void *)ifr->ifr_data;
1343 1344
	/* work out if they're root */
1344
	isroot = (suser(td) == 0);
1345
	isroot = (priv_check(td, PRIV_ROOT) == 0);
1345 1346
	
1346 1347
	for (i = 0; i < 0x40; i++) {
1347 1348
	    /* don't hand the DES key out to non-root users */
......
1356 1357
	/* copy the PSA in from the caller; we only copy _some_ values */
1357 1358
    case SIOCSWLPSA:
1358 1359
	/* root only */
1359
	if ((error = suser(td)))
1360
	if ((error = priv_check(td, PRIV_ROOT)))
1360 1361
	    break;
1361 1362
	error = EINVAL;	/* assume the worst */
1362 1363
	/* pointer to buffer in user space containing data */
......
1410 1411
	 */
1411 1412
    case SIOCSWLCNWID:
1412 1413
	/* root only */
1413
	if ((error = suser(td)))
1414
	if ((error = priv_check(td, PRIV_ROOT)))
1414 1415
	    break;
1415 1416
	if (!(ifp->if_flags & IFF_UP)) {
1416 1417
	    error = EIO;	/* only allowed while up */
......
1428 1429
	/* copy the EEPROM in 2.4 Gz WaveMODEM  out to the caller */
1429 1430
    case SIOCGWLEEPROM:
1430 1431
	/* root only */
1431
	if ((error = suser(td)))
1432
	if ((error = priv_check(td; PRIV_ROOT)))
1432 1433
	    break;
1433 1434
	/* pointer to buffer in user space */
1434 1435
	up = (void *)ifr->ifr_data;
......
1451 1452
	/* zero (Delete) the wl cache */
1452 1453
    case SIOCDWLCACHE:
1453 1454
	/* root only */
1454
	if ((error = suser(td)))
1455
	if ((error = priv_check(td, PRIV_ROOT)))
1455 1456
	    break;
1456 1457
	wl_cache_zero(sc);
1457 1458
	break;
sys/dev/raid/asr/asr.c
215 215
#include <sys/systm.h>
216 216
#include <sys/malloc.h>
217 217
#include <sys/proc.h>
218
#include <sys/priv.h>
218 219
#include <sys/conf.h>
219 220
#include <sys/bus.h>
220 221
#include <sys/rman.h>
......
3243 3244
	crit_enter();
3244 3245
        if (ASR_ctlr_held) {
3245 3246
                error = EBUSY;
3246
        } else if ((error = suser_cred(ap->a_cred, 0)) == 0) {
3247
        } else if ((error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) == 0) {
3247 3248
                ++ASR_ctlr_held;
3248 3249
        }
3249 3250
	crit_exit();
sys/dev/raid/vinum/vinum.c
387 387
	}
388 388

  
389 389
    case VINUM_SUPERDEV_TYPE:
390
	error = suser_cred(ap->a_cred, 0);		    /* are we root? */
390
	error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);  /* are we root? */
391 391
	if (error == 0) {				    /* yes, can do */
392 392
	    if (devminor == VINUM_DAEMON_DEV)		    /* daemon device */
393 393
		vinum_conf.flags |= VF_DAEMONOPEN;	    /* we're open */
sys/dev/raid/vinum/vinumhdr.h
47 47
#include <sys/systm.h>
48 48
#include <sys/kernel.h>
49 49
#include <sys/proc.h>
50
#include <sys/priv.h>
50 51
#include <sys/conf.h>
51 52
#include <sys/mount.h>
52 53
#include <sys/vnode.h>
sys/dev/serial/cy/cy.c
72 72
#include <sys/systm.h>
73 73
#include <sys/tty.h>
74 74
#include <sys/proc.h>
75
#include <sys/priv.h>
75 76
#include <sys/conf.h>
76 77
#include <sys/dkstat.h>
77 78
#include <sys/fcntl.h>
......
698 699
			}
699 700
		}
700 701
		if (tp->t_state & TS_XCLUDE &&
701
		    suser_cred(ap->a_cred, 0)) {
702
		    priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) {
702 703
			error = EBUSY;
703 704
			goto out;
704 705
		}
......
1576 1577
		}
1577 1578
		switch (cmd) {
1578 1579
		case TIOCSETA:
1579
			error = suser_cred(ap->a_cred, 0);
1580
			error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
1580 1581
			if (error != 0)
1581 1582
				return (error);
1582 1583
			*ct = *(struct termios *)data;
......
1676 1677
		break;
1677 1678
	case TIOCMSDTRWAIT:
1678 1679
		/* must be root since the wait applies to following logins */
1679
		error = suser_cred(ap->a_cred, 0);
1680
		error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
1680 1681
		if (error != 0) {
1681 1682
			crit_exit();
1682 1683
			return (error);
sys/dev/serial/dgb/dgm.c
75 75

  
76 76
#include <sys/systm.h>
77 77
#include <sys/proc.h>
78
#include <sys/priv.h>
78 79
#include <sys/conf.h>
79 80
#include <sys/dkstat.h>
80 81
#include <sys/fcntl.h>
......
1020 1021
			crit_exit();
1021 1022
			goto open_top;
1022 1023
		}
1023
		if (tp->t_state & TS_XCLUDE && suser_cred(ap->a_cred, 0)) {
1024
		if (tp->t_state & TS_XCLUDE && priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) {
1024 1025
			error = EBUSY;
1025 1026
			goto out;
1026 1027
		}
......
1530 1531
		}
1531 1532
		switch (cmd) {
1532 1533
		case TIOCSETA:
1533
			error = suser_cred(ap->a_cred, 0);
1534
			error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
1534 1535
			if (error != 0)
1535 1536
				return (error);
1536 1537
			*ct = *(struct termios *)data;
......
1753 1754
		break;
1754 1755
	case TIOCMSDTRWAIT:
1755 1756
		/* must be root since the wait applies to following logins */
1756
		error = suser_cred(ap->a_cred, 0);
1757
		error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
1757 1758
		if (error != 0) {
1758 1759
			crit_exit();
1759 1760
			return (error);
sys/dev/serial/digi/digi.c
41 41
#include <sys/param.h>
42 42
#include <sys/systm.h>
43 43
#include <sys/proc.h>
44
#include <sys/priv.h>
44 45
#include <sys/conf.h>
45 46
#include <sys/linker.h>
46 47
#include <sys/kernel.h>
......
788 789
			}
789 790
			goto open_top;
790 791
		}
791
		if (tp->t_state & TS_XCLUDE && suser_cred(ap->a_cred, 0) != 0) {
792
		if (tp->t_state & TS_XCLUDE && priv_check_cred(ap->a_cred, PRIV_ROOT, 0) != 0) {
792 793
			error = EBUSY;
793 794
			goto out;
794 795
		}
......
1131 1132

  
1132 1133
		switch (cmd) {
1133 1134
		case TIOCSETA:
1134
			error = suser_cred(ap->a_cred, 0);
1135
			error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
1135 1136
			if (error != 0)
1136 1137
				return (error);
1137 1138
			*ct = *(struct termios *)data;
......
1303 1304
		*(int *)data = digimctl(port, 0, DMGET);
1304 1305
		break;
1305 1306
	case TIOCMSDTRWAIT:
1306
		error = suser_cred(ap->a_cred, 0);
1307
		error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
1307 1308
		if (error != 0) {
1308 1309
			crit_exit();
1309 1310
			return (error);
sys/dev/serial/rc/rc.c
42 42
#include <sys/systm.h>
43 43
#include <sys/tty.h>
44 44
#include <sys/proc.h>
45
#include <sys/priv.h>
45 46
#include <sys/conf.h>
46 47
#include <sys/dkstat.h>
47 48
#include <sys/fcntl.h>
......
752 753
			}
753 754
		}
754 755
		if (tp->t_state & TS_XCLUDE &&
755
		    suser_cred(ap->a_cred, 0)) {
756
		    priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) {
756 757
			error = EBUSY;
757 758
			goto out;
758 759
		}
......
1100 1101
		break;
1101 1102

  
1102 1103
	    case TIOCMSDTRWAIT:
1103
		error = suser_cred(ap->a_cred, 0);
1104
		error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
1104 1105
		if (error != 0) {
1105 1106
			crit_exit();
1106 1107
			return (error);
sys/dev/serial/rp/rp.c
43 43
#include <sys/malloc.h>
44 44
#include <sys/tty.h>
45 45
#include <sys/proc.h>
46
#include <sys/priv.h>
46 47
#include <sys/dkstat.h>
47 48
#include <sys/conf.h>
48 49
#include <sys/kernel.h>
......
986 987
				goto open_top;
987 988
			}
988 989
		}
989
		if(tp->t_state & TS_XCLUDE && suser_cred(ap->a_cred, 0) != 0) {
990
		if(tp->t_state & TS_XCLUDE && priv_check_cred(ap->a_cred, PRIV_ROOT, 0) != 0) {
990 991
			crit_exit();
991 992
			error = EBUSY;
992 993
			goto out2;
......
1236 1237
		}
1237 1238
		switch (cmd) {
1238 1239
		case TIOCSETA:
1239
			error = suser_cred(ap->a_cred, 0);
1240
			error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
1240 1241
			if(error != 0)
1241 1242
				return(error);
1242 1243
			*ct = *(struct termios *)data;
......
1382 1383
		*(int *)data = result;
1383 1384
		break;
1384 1385
	case TIOCMSDTRWAIT:
1385
		error = suser_cred(ap->a_cred, 0);
1386
		error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
1386 1387
		if(error != 0) {
1387 1388
			crit_exit();
1388 1389
			return(error);
sys/dev/serial/si/si.c
50 50
#endif
51 51
#include <sys/tty.h>
52 52
#include <sys/proc.h>
53
#include <sys/priv.h>
53 54
#include <sys/conf.h>
54 55
#include <sys/fcntl.h>
55 56
#include <sys/dkstat.h>
......
628 629

  
629 630
	/* quickly let in /dev/si_control */
630 631
	if (IS_CONTROLDEV(mynor)) {
631
		if ((error = suser_cred(ap->a_cred, 0)))
632
		if ((error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0)))
632 633
			return(error);
633 634
		return(0);
634 635
	}
......
707 708
			}
708 709
		}
709 710
		if (tp->t_state & TS_XCLUDE &&
710
		    suser_cred(ap->a_cred, 0)) {
711
		    priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) {
711 712
			DPRINT((pp, DBG_OPEN|DBG_FAIL,
712 713
				"already open and EXCLUSIVE set\n"));
713 714
			error = EBUSY;
......
973 974
		}
974 975
		switch (cmd) {
975 976
		case TIOCSETA:
976
			error = suser_cred(ap->a_cred, 0);
977
			error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
977 978
			if (error != 0)
978 979
				return (error);
979 980
			*ct = *(struct termios *)data;
......
1087 1088
		break;
1088 1089
	case TIOCMSDTRWAIT:
1089 1090
		/* must be root since the wait applies to following logins */
1090
		error = suser_cred(ap->a_cred, 0);
1091
		error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
1091 1092
		if (error == 0)
1092 1093
			pp->sp_dtr_wait = *(int *)data * hz / 100;
1093 1094
		break;
......
1139 1140

  
1140 1141
	ip = (int *)data;
1141 1142

  
1142
#define SUCHECK if ((error = suser_cred(cred, 0))) goto out
1143
#define SUCHECK if ((error = priv_check_cred(cred, PRIV_ROOT, 0))) goto out
1143 1144

  
1144 1145
	switch (cmd) {
1145 1146
	case TCSIPORTS:
sys/dev/serial/sio/sio.c
61 61
#include <sys/malloc.h>
62 62
#include <sys/tty.h>
63 63
#include <sys/proc.h>
64
#include <sys/priv.h>
64 65
#include <sys/module.h>
65 66
#include <sys/conf.h>
66 67
#include <sys/dkstat.h>
......
1285 1286
				goto open_top;
1286 1287
			}
1287 1288
		}
1288
		if (tp->t_state & TS_XCLUDE && suser_cred(ap->a_cred, 0)) {
1289
		if (tp->t_state & TS_XCLUDE && priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) {
1289 1290
			error = EBUSY;
1290 1291
			goto out;
1291 1292
		}
......
1979 1980
		}
1980 1981
		switch (ap->a_cmd) {
1981 1982
		case TIOCSETA:
1982
			error = suser_cred(ap->a_cred, 0);
1983
			error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
1983 1984
			if (error != 0)
1984 1985
				return (error);
1985 1986
			*ct = *(struct termios *)data;
......
2071 2072
		break;
2072 2073
	case TIOCMSDTRWAIT:
2073 2074
		/* must be root since the wait applies to following logins */
2074
		error = suser_cred(ap->a_cred, 0);
2075
		error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
2075 2076
		if (error != 0) {
2076 2077
			crit_exit();
2077 2078
			return (error);
sys/dev/serial/stl/stallion.c
50 50
#include <sys/malloc.h>
51 51
#include <sys/tty.h>
52 52
#include <sys/proc.h>
53
#include <sys/priv.h>
53 54
#include <sys/conf.h>
54 55
#include <sys/fcntl.h>
55 56
#include <sys/thread2.h>
......
1214 1215
				goto stlopen_restart;
1215 1216
			}
1216 1217
		}
1217
		if ((tp->t_state & TS_XCLUDE) && suser_cred(ap->a_cred, 0)) {
1218
		if ((tp->t_state & TS_XCLUDE) && priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) {
1218 1219
			error = EBUSY;
1219 1220
			goto stlopen_end;
1220 1221
		}
......
1356 1357

  
1357 1358
		switch (cmd) {
1358 1359
		case TIOCSETA:
1359
			if ((error = suser_cred(ap->a_cred, 0)) == 0)
1360
			if ((error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) == 0)
1360 1361
				*localtios = *((struct termios *) data);
1361 1362
			break;
1362 1363
		case TIOCGETA:
......
1475 1476
		*((int *) data) = (stl_getsignals(portp) | TIOCM_LE);
1476 1477
		break;
1477 1478
	case TIOCMSDTRWAIT:
1478
		if ((error = suser_cred(ap->a_cred, 0)) == 0)
1479
		if ((error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) == 0)
1479 1480
			portp->dtrwait = *((int *) data) * hz / 100;
1480 1481
		break;
1481 1482
	case TIOCMGDTRWAIT:
sys/dev/serial/stli/istallion.c
49 49
#include <sys/malloc.h>
50 50
#include <sys/tty.h>
51 51
#include <sys/proc.h>
52
#include <sys/priv.h>
52 53
#include <sys/conf.h>
53 54
#include <sys/fcntl.h>
54 55
#include <sys/uio.h>
......
942 943
			}
943 944
		}
944 945
		if ((tp->t_state & TS_XCLUDE) &&
945
		    suser_cred(ap->a_cred, 0)) {
946
		    priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) {
946 947
			error = EBUSY;
947 948
			goto stliopen_end;
948 949
		}
......
1132 1133

  
1133 1134
		switch (cmd) {
1134 1135
		case TIOCSETA:
1135
			if ((error = suser_cred(ap->a_cred, 0)) == 0)
1136
			if ((error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) == 0)
1136 1137
				*localtios = *((struct termios *) data);
1137 1138
			break;
1138 1139
		case TIOCGETA:
......
1269 1270
		*((int *) data) = (portp->sigs | TIOCM_LE);
1270 1271
		break;
1271 1272
	case TIOCMSDTRWAIT:
1272
		if ((error = suser_cred(ap->a_cred, 0)) == 0)
1273
		if ((error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) == 0)
1273 1274
			portp->dtrwait = *((int *) data) * hz / 100;
1274 1275
		break;
1275 1276
	case TIOCMGDTRWAIT:
sys/dev/usbmisc/ucom/ucom.c
80 80
#include <sys/file.h>
81 81
#include <sys/select.h>
82 82
#include <sys/proc.h>
83
#include <sys/priv.h>
83 84
#include <sys/poll.h>
84 85
#include <sys/sysctl.h>
85 86
#include <sys/thread2.h>
......
264 265

  
265 266
	if (ISSET(tp->t_state, TS_ISOPEN) &&
266 267
	    ISSET(tp->t_state, TS_XCLUDE) &&
267
	    suser_cred(ap->a_cred, 0)
268
	    priv_check_cred(ap->a_cred, PRIV_ROOT, 0)
268 269
	) {
269 270
		return (EBUSY);
270 271
	}
sys/emulation/43bsd/43bsd_hostinfo.c
46 46
#include <sys/sysproto.h>
47 47
#include <sys/kernel.h>
48 48
#include <sys/proc.h>
49
#include <sys/priv.h>
49 50
#include <sys/socket.h>
50 51
#include <sys/sysctl.h>
51 52
#include <vm/vm_param.h>
......
84 85
	KKASSERT(p);
85 86
	name[0] = CTL_KERN;
86 87
	name[1] = KERN_HOSTNAME;
87
	error = suser_cred(p->p_ucred, PRISON_ROOT);
88
	error = priv_check_cred(p->p_ucred, PRIV_ROOT, PRISON_ROOT);
88 89
	if (error)
89 90
		return (error);
90 91
	len = MIN(uap->len, MAXHOSTNAMELEN);
......
115 116
	struct thread *td = curthread;
116 117
	int error;
117 118

  
118
	error = suser(td);
119
	error = priv_check(td, PRIV_ROOT);
119 120
	if (error)
120 121
		return (error);
121 122
	hostid = uap->hostid;
sys/emulation/dragonfly12/dfbsd12_stat.c
41 41
#include <sys/mount.h>
42 42
#include <sys/nlookup.h>
43 43
#include <sys/proc.h>
44
#include <sys/priv.h>
44 45
#include <sys/stat.h>
45 46
#include <sys/sysproto.h>
46 47
#include <sys/systm.h>
......
137 138
	/*
138 139
	 * Must be super user
139 140
	 */
140
	error = suser(td);
141
	error = priv_check(td, PRIV_ROOT);
141 142
	if (error)
142 143
		return (error);
143 144
	
sys/emulation/linux/i386/linprocfs/linprocfs_vnops.c
53 53
#include <sys/lock.h>
54 54
#include <sys/fcntl.h>
55 55
#include <sys/proc.h>
56
#include <sys/priv.h>
56 57
#include <sys/signalvar.h>
57 58
#include <sys/vnode.h>
58 59
#include <sys/mount.h>
......
263 264
	   */
264 265
#define NFLAGS	(PF_ISUGID)
265 266
	  flags = (unsigned char)*(unsigned int*)ap->a_data;
266
	  if (flags & NFLAGS && (error = suser_cred(ap->a_cred, 0)))
267
	  if (flags & NFLAGS && (error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0)))
267 268
	    return error;
268 269
	  procp->p_pfsflags = flags;
269 270
	  break;
sys/emulation/linux/i386/linux_machdep.c
37 37
#include <sys/mman.h>
38 38
#include <sys/nlookup.h>
39 39
#include <sys/proc.h>
40
#include <sys/priv.h>
40 41
#include <sys/resource.h>
41 42
#include <sys/resourcevar.h>
42 43
#include <sys/sysproto.h>
......
677 678

  
678 679
	if (args->level < 0 || args->level > 3)
679 680
		return (EINVAL);
680
	if ((error = suser(td)) != 0)
681
	if ((error = priv_check(td, PRIV_ROOT)) != 0)
681 682
		return (error);
682 683
	if (securelevel > 0)
683 684
		return (EPERM);
sys/emulation/linux/linux_misc.c
42 42
#include <sys/mount.h>
43 43
#include <sys/poll.h>
44 44
#include <sys/proc.h>
45
#include <sys/priv.h>
45 46
#include <sys/nlookup.h>
46 47
#include <sys/blist.h>
47 48
#include <sys/reboot.h>
......
975 976
	 * Keep cr_groups[0] unchanged to prevent that.
976 977
	 */
977 978

  
978
	if ((error = suser_cred(oldcred, PRISON_ROOT)) != 0)
979
	if ((error = priv_check_cred(oldcred, PRIV_ROOT, PRISON_ROOT)) != 0)
979 980
		return (error);
980 981

  
981 982
	if (ngrp >= NGROUPS)
sys/emulation/linux/linux_uid16.c
34 34
#include <sys/kern_syscall.h>
35 35
#include <sys/nlookup.h>
36 36
#include <sys/proc.h>
37
#include <sys/priv.h>
37 38
#include <sys/sysproto.h>
38 39
#include <sys/thread.h>
39 40

  
......
121 122
	 * Keep cr_groups[0] unchanged to prevent that.
122 123
	 */
123 124

  
124
	if ((error = suser_cred(oldcred, PRISON_ROOT)) != 0)
125
	if ((error = priv_check_cred(oldcred, PRIV_ROOT, PRISON_ROOT)) != 0)
125 126
		return (error);
126 127

  
127 128
	if (ngrp >= NGROUPS)
sys/kern/imgact_resident.c
43 43
#include <sys/imgact_aout.h>
44 44
#include <sys/mman.h>
45 45
#include <sys/proc.h>
46
#include <sys/priv.h>
46 47
#include <sys/resourcevar.h>
47 48
#include <sys/sysent.h>
48 49
#include <sys/systm.h>
......
132 133

  
133 134
	/* only super-user should call this sysctl */
134 135
	td = req->td;
135
	if ((suser(td)) != 0)
136
	if ((priv_check(td, PRIV_ROOT)) != 0)
136 137
		return EPERM;
137 138

  
138 139
	error = count = 0;
......
197 198
    int error;
198 199

  
199 200
    p = curproc;
200
    if ((error = suser_cred(p->p_ucred, 0)) != 0)
201
    if ((error = priv_check_cred(p->p_ucred, PRIV_ROOT, 0)) != 0)
201 202
	return(error);
202 203
    if ((vp = p->p_textvp) == NULL)
203 204
	return(ENOENT);
......
236 237
    int count;
237 238

  
238 239
    p = curproc;
239
    if ((error = suser_cred(p->p_ucred, 0)) != 0)
240
    if ((error = priv_check_cred(p->p_ucred, PRIV_ROOT, 0)) != 0)
240 241
	return(error);
241 242

  
242 243
    /*
sys/kern/kern_acct.c
45 45
#include <sys/systm.h>
46 46
#include <sys/sysproto.h>
47 47
#include <sys/proc.h>
48
#include <sys/priv.h>
48 49
#include <sys/mount.h>
49 50
#include <sys/vnode.h>
50 51
#include <sys/fcntl.h>
......
127 128
	int error;
128 129

  
129 130
	/* Make sure that the caller is root. */
130
	error = suser(td);
131
	error = priv_check(td, PRIV_ROOT);
131 132
	if (error)
132 133
		return (error);
133 134

  
sys/kern/kern_exec.c
42 42
#include <sys/wait.h>
43 43
#include <sys/malloc.h>
44 44
#include <sys/proc.h>
45
#include <sys/priv.h>
45 46
#include <sys/ktrace.h>
46 47
#include <sys/signalvar.h>
47 48
#include <sys/pioctl.h>
......
398 399
		 * we do not regain any tracing during a possible block.
399 400
		 */
400 401
		setsugid();
401
		if (p->p_tracenode && suser(td) != 0) {
402
		if (p->p_tracenode && priv_check(td, PRIV_ROOT) != 0) {
402 403
			ktrdestroy(&p->p_tracenode);
403 404
			p->p_traceflag = 0;
404 405
		}
sys/kern/kern_fp.c
54 54
#include <sys/sysctl.h>
55 55
#include <sys/vnode.h>
56 56
#include <sys/proc.h>
57
#include <sys/priv.h>
57 58
#include <sys/nlookup.h>
58 59
#include <sys/file.h>
59 60
#include <sys/stat.h>
......
511 512
	if (securelevel >= 1)
512 513
	    disablexworkaround = 1;
513 514
	else
514
	    disablexworkaround = suser(td);
515
	    disablexworkaround = priv_check(td, PRIV_ROOT);
515 516
	if (vp->v_type == VCHR && disablexworkaround &&
516 517
	    (flags & (MAP_PRIVATE|MAP_COPY))) {
517 518
		error = EINVAL;
sys/kern/kern_jail.c
51 51
#include <sys/nlookup.h>
52 52
#include <sys/namecache.h>
53 53
#include <sys/proc.h>
54
#include <sys/priv.h>
54 55
#include <sys/jail.h>
55 56
#include <sys/socket.h>
56 57
#include <sys/sysctl.h>
......
142 143
	struct jail_ip_storage *jip;
143 144
	/* Multiip */
144 145

  
145
	error = suser(td);
146
	error = priv_check(td, PRIV_ROOT);
... This diff was truncated because it exceeds the maximum size that can be displayed.