PERFORCE change 108205 for review

[Robert Watson]

http://perforce.freebsd.org/chv.cgi?CH=108205

Change 108205 by rwatson at rwatson_peppercorn on 2006/10/21 01:27:53

	Catch a couple more suser's specific to RELENG_6 -- vfs_init and
	pcvt (not present in 7.x).

Affected files ...

.. //depot/projects/trustedbsd/priv6/src/sys/i386/isa/pcvt/pcvt_drv.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/i386/isa/pcvt/pcvt_ext.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/i386/isa/pcvt/pcvt_hdr.h#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/vfs_init.c#2 edit

Differences ...

==== //depot/projects/trustedbsd/priv6/src/sys/i386/isa/pcvt/pcvt_drv.c#2 (text+ko) ====

@@ -302,7 +302,8 @@
 		ttyld_modem(tp, 1);	/* fake connection */
 		winsz = 1;			/* set winsize later */
 	}
-	else if (tp->t_state & TS_XCLUDE && suser(td))
+	else if (tp->t_state & TS_XCLUDE && priv_check(td,
+	    PRIV_TTY_EXCLUSIVE))
 	{
 		return (EBUSY);
 	}

==== //depot/projects/trustedbsd/priv6/src/sys/i386/isa/pcvt/pcvt_ext.c#2 (text+ko) ====

@@ -2620,7 +2620,7 @@
 	{
 		struct trapframe *fp = td->td_frame;
 
-		error = suser(td);
+		error = priv_check(td, PRIV_TTY_EXCLUSIVE);
 		if (error != 0)
 			return (error);
 		error = securelevel_gt(td->td_ucred, 0);

==== //depot/projects/trustedbsd/priv6/src/sys/i386/isa/pcvt/pcvt_hdr.h#2 (text+ko) ====

@@ -61,6 +61,7 @@
 #include <sys/lock.h>
 #include <sys/malloc.h>
 #include <sys/mutex.h>
+#include <sys/priv.h>
 #include <sys/proc.h>
 #include <sys/random.h>
 #include <sys/signalvar.h>

==== //depot/projects/trustedbsd/priv6/src/sys/kern/vfs_init.c#2 (text+ko) ====

@@ -42,6 +42,7 @@
 #include <sys/kernel.h>
 #include <sys/linker.h>
 #include <sys/mount.h>
+#include <sys/priv.h>
 #include <sys/proc.h>
 #include <sys/sysctl.h>
 #include <sys/vnode.h>
@@ -115,7 +116,7 @@
 		return (vfsp);
 
 	/* Only load modules for root (very important!). */
-	*error = suser(td);
+	*error = priv_check(td, PRIV_KLD_LOAD);
 	if (*error)
 		return (NULL);
 	*error = securelevel_gt(td->td_ucred, 0);