Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

integrate kauth.

Browse Source
This commit is contained in:
elad 2006-05-14 21:15:11 +00:00
parent 33b0a10da4
commit 215bd95ba4
53 changed files with 742 additions and 762 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
sys/kern/core_elf32.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: core_elf32.c,v 1.24 2006/04/17 22:05:23 christos Exp $ */
/* $NetBSD: core_elf32.c,v 1.25 2006/05/14 21:15:11 elad Exp $ */
/*
* Copyright (c) 2001 Wasabi Systems, Inc.
@ -40,7 +40,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(1, "$NetBSD: core_elf32.c,v 1.24 2006/04/17 22:05:23 christos Exp $");
__KERNEL_RCSID(1, "$NetBSD: core_elf32.c,v 1.25 2006/05/14 21:15:11 elad Exp $");
/* If not included by core_elf64.c, ELFSIZE won't be defined. */
#ifndef ELFSIZE
@ -55,6 +55,7 @@ __KERNEL_RCSID(1, "$NetBSD: core_elf32.c,v 1.24 2006/04/17 22:05:23 christos Exp
#include <sys/exec_elf.h>
#include <sys/ptrace.h>
#include <sys/malloc.h>
#include <sys/kauth.h>
#include <machine/reg.h>
@ -341,13 +342,13 @@ ELFNAMEEND(coredump_notes)(struct proc *p, struct lwp *l,
cpi.cpi_pgrp = p->p_pgid;
cpi.cpi_sid = p->p_session->s_sid;
cpi.cpi_ruid = p->p_cred->p_ruid;
cpi.cpi_euid = p->p_ucred->cr_uid;
cpi.cpi_svuid = p->p_cred->p_svuid;
cpi.cpi_ruid = kauth_cred_getuid(p->p_cred);
cpi.cpi_euid = kauth_cred_geteuid(p->p_cred);
cpi.cpi_svuid = kauth_cred_getsvuid(p->p_cred);
cpi.cpi_rgid = p->p_cred->p_rgid;
cpi.cpi_egid = p->p_ucred->cr_gid;
cpi.cpi_svgid = p->p_cred->p_svgid;
cpi.cpi_rgid = kauth_cred_getgid(p->p_cred);
cpi.cpi_egid = kauth_cred_getegid(p->p_cred);
cpi.cpi_svgid = kauth_cred_getsvgid(p->p_cred);
cpi.cpi_nlwps = p->p_nlwps;
(void)strncpy(cpi.cpi_name, p->p_comm, sizeof(cpi.cpi_name));

17
sys/kern/exec_elf32.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: exec_elf32.c,v 1.111 2006/03/17 11:03:07 skrll Exp $ */
/* $NetBSD: exec_elf32.c,v 1.112 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1994, 2000, 2005 The NetBSD Foundation, Inc.
@ -64,7 +64,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(1, "$NetBSD: exec_elf32.c,v 1.111 2006/03/17 11:03:07 skrll Exp $");
__KERNEL_RCSID(1, "$NetBSD: exec_elf32.c,v 1.112 2006/05/14 21:15:11 elad Exp $");
/* If not included by exec_elf64.c, ELFSIZE won't be defined. */
#ifndef ELFSIZE
@ -82,6 +82,7 @@ __KERNEL_RCSID(1, "$NetBSD: exec_elf32.c,v 1.111 2006/03/17 11:03:07 skrll Exp $
#include <sys/signalvar.h>
#include <sys/mount.h>
#include <sys/stat.h>
#include <sys/kauth.h>
#include <machine/cpu.h>
#include <machine/reg.h>
@ -170,22 +171,22 @@ elf_copyargs(struct lwp *l, struct exec_package *pack,
if (vap->va_mode & S_ISUID)
a->a_v = vap->va_uid;
else
a->a_v = p->p_ucred->cr_uid;
a->a_v = kauth_cred_geteuid(p->p_cred);
a++;
a->a_type = AT_RUID;
a->a_v = p->p_cred->p_ruid;
a->a_v = kauth_cred_getuid(p->p_cred);
a++;
a->a_type = AT_EGID;
if (vap->va_mode & S_ISGID)
a->a_v = vap->va_gid;
else
a->a_v = p->p_ucred->cr_gid;
a->a_v = kauth_cred_getegid(p->p_cred);
a++;
a->a_type = AT_RGID;
a->a_v = p->p_cred->p_rgid;
a->a_v = kauth_cred_getgid(p->p_cred);
a++;
free(ap, M_TEMP);
@ -366,11 +367,11 @@ elf_load_file(struct lwp *l, struct exec_package *epp, char *path,
error = EACCES;
goto badunlock;
}
if ((error = VOP_ACCESS(vp, VEXEC, l->l_proc->p_ucred, l)) != 0)
if ((error = VOP_ACCESS(vp, VEXEC, l->l_proc->p_cred, l)) != 0)
goto badunlock;
/* get attributes */
if ((error = VOP_GETATTR(vp, &attr, l->l_proc->p_ucred, l)) != 0)
if ((error = VOP_GETATTR(vp, &attr, l->l_proc->p_cred, l)) != 0)
goto badunlock;
/*

8
sys/kern/exec_macho.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: exec_macho.c,v 1.36 2005/12/26 18:45:27 perry Exp $ */
/* $NetBSD: exec_macho.c,v 1.37 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 2001 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: exec_macho.c,v 1.36 2005/12/26 18:45:27 perry Exp $");
__KERNEL_RCSID(0, "$NetBSD: exec_macho.c,v 1.37 2006/05/14 21:15:11 elad Exp $");
#include <sys/param.h>
#include <sys/proc.h>
@ -327,11 +327,11 @@ exec_macho_load_file(struct lwp *l, struct exec_package *epp,
if (error)
return (error);
if ((error = VOP_ACCESS(vp, VEXEC, p->p_ucred, l)) != 0)
if ((error = VOP_ACCESS(vp, VEXEC, p->p_cred, l)) != 0)
goto badunlock;
/* get attributes */
if ((error = VOP_GETATTR(vp, &attr, p->p_ucred, l)) != 0)
if ((error = VOP_GETATTR(vp, &attr, p->p_cred, l)) != 0)
goto badunlock;
#ifdef notyet /* XXX cgd 960926 */

10
sys/kern/exec_script.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: exec_script.c,v 1.46 2006/03/17 23:29:09 christos Exp $ */
/* $NetBSD: exec_script.c,v 1.47 2006/05/14 21:15:11 elad Exp $ */
/*
* Copyright (c) 1993, 1994, 1996 Christopher G. Demetriou
@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: exec_script.c,v 1.46 2006/03/17 23:29:09 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: exec_script.c,v 1.47 2006/05/14 21:15:11 elad Exp $");
#if defined(SETUIDSCRIPTS) && !defined(FDSCRIPTS)
#define FDSCRIPTS /* Need this for safe set-id scripts. */
@ -184,7 +184,7 @@ check_shell:
* method of implementing "safe" set-id and x-only scripts.
*/
vn_lock(epp->ep_vp, LK_EXCLUSIVE | LK_RETRY);
error = VOP_ACCESS(epp->ep_vp, VREAD, l->l_proc->p_ucred, l);
error = VOP_ACCESS(epp->ep_vp, VREAD, l->l_proc->p_cred, l);
VOP_UNLOCK(epp->ep_vp, 0);
if (error == EACCES
#ifdef SETUIDSCRIPTS
@ -293,7 +293,7 @@ check_shell:
*/
if ((epp->ep_flags & EXEC_HASFD) == 0) {
vn_lock(scriptvp, LK_EXCLUSIVE | LK_RETRY);
VOP_CLOSE(scriptvp, FREAD, p->p_ucred, l);
VOP_CLOSE(scriptvp, FREAD, p->p_cred, l);
vput(scriptvp);
}
@ -332,7 +332,7 @@ fail:
(void) fdrelease(l, epp->ep_fd);
} else if (scriptvp) {
vn_lock(scriptvp, LK_EXCLUSIVE | LK_RETRY);
VOP_CLOSE(scriptvp, FREAD, p->p_ucred, l);
VOP_CLOSE(scriptvp, FREAD, p->p_cred, l);
vput(scriptvp);
}

8
sys/kern/exec_subr.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: exec_subr.c,v 1.46 2005/12/11 12:24:29 christos Exp $ */
/* $NetBSD: exec_subr.c,v 1.47 2006/05/14 21:15:11 elad Exp $ */
/*
* Copyright (c) 1993, 1994, 1996 Christopher G. Demetriou
@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: exec_subr.c,v 1.46 2005/12/11 12:24:29 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: exec_subr.c,v 1.47 2006/05/14 21:15:11 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -231,7 +231,7 @@ vmcmd_readvn(struct lwp *l, struct exec_vmcmd *cmd)
error = vn_rdwr(UIO_READ, cmd->ev_vp, (caddr_t)cmd->ev_addr,
cmd->ev_len, cmd->ev_offset, UIO_USERSPACE, IO_UNIT,
p->p_ucred, NULL, l);
p->p_cred, NULL, l);
if (error)
return error;
@ -299,7 +299,7 @@ exec_read_from(struct lwp *l, struct vnode *vp, u_long off, void *bf,
size_t resid;
if ((error = vn_rdwr(UIO_READ, vp, bf, size, off, UIO_SYSSPACE,
0, l->l_proc->p_ucred, &resid, NULL)) != 0)
0, l->l_proc->p_cred, &resid, NULL)) != 0)
return error;
/*
* See if we got all of it

8
sys/kern/init_main.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: init_main.c,v 1.265 2006/04/10 11:16:22 onoe Exp $ */
/* $NetBSD: init_main.c,v 1.266 2006/05/14 21:15:11 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1991, 1992, 1993
@ -71,7 +71,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: init_main.c,v 1.265 2006/04/10 11:16:22 onoe Exp $");
__KERNEL_RCSID(0, "$NetBSD: init_main.c,v 1.266 2006/05/14 21:15:11 elad Exp $");
#include "opt_ipsec.h"
#include "opt_sysv.h"
@ -141,6 +141,7 @@ __KERNEL_RCSID(0, "$NetBSD: init_main.c,v 1.265 2006/04/10 11:16:22 onoe Exp $")
#ifdef VERIFIED_EXEC
#include <sys/verified_exec.h>
#endif
#include <sys/kauth.h>
#include <net80211/ieee80211_netbsd.h>
#include <sys/syscall.h>
@ -311,6 +312,9 @@ main(void)
ksem_init();
#endif
/* Initialize kauth. */
kauth_init();
#ifdef VERIFIED_EXEC
/*
* Initialise the fingerprint operations vectors before

70
sys/kern/init_sysctl.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: init_sysctl.c,v 1.67 2006/04/17 03:39:39 elad Exp $ */
/* $NetBSD: init_sysctl.c,v 1.68 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 2003 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: init_sysctl.c,v 1.67 2006/04/17 03:39:39 elad Exp $");
__KERNEL_RCSID(0, "$NetBSD: init_sysctl.c,v 1.68 2006/05/14 21:15:11 elad Exp $");
#include "opt_sysv.h"
#include "opt_multiprocessor.h"
@ -75,6 +75,7 @@ __KERNEL_RCSID(0, "$NetBSD: init_sysctl.c,v 1.67 2006/04/17 03:39:39 elad Exp $"
#include <sys/verified_exec.h>
#endif /* VERIFIED_EXEC */
#include <sys/stat.h>
#include <sys/kauth.h>
#if defined(SYSVMSG) || defined(SYSVSEM) || defined(SYSVSHM)
#include <sys/ipc.h>
@ -1310,7 +1311,9 @@ sysctl_kern_file(SYSCTLFN_ARGS)
* followed by an array of file structures
*/
LIST_FOREACH(fp, &filehead, f_list) {
if (CURTAIN(l->l_proc->p_ucred->cr_uid, fp->f_cred->cr_uid))
if (kauth_authorize_process(l->l_proc->p_cred,
KAUTH_PROCESS_CANSEE, l->l_proc, fp->f_cred, NULL,
NULL) != 0)
continue;
if (buflen < sizeof(struct file)) {
*oldlenp = where - start;
@ -2028,8 +2031,9 @@ sysctl_kern_file2(SYSCTLFN_ARGS)
if (arg != 0)
return (EINVAL);
LIST_FOREACH(fp, &filehead, f_list) {
if (CURTAIN(l->l_proc->p_ucred->cr_uid,
fp->f_cred->cr_uid))
if (kauth_authorize_process(l->l_proc->p_cred,
KAUTH_PROCESS_CANSEE, l->l_proc, fp->f_cred, NULL,
NULL) != 0)
continue;
if (len >= elem_size && elem_count > 0) {
fill_file(&kf, fp, NULL, 0);
@ -2055,8 +2059,9 @@ sysctl_kern_file2(SYSCTLFN_ARGS)
if (p->p_stat == SIDL)
/* skip embryonic processes */
continue;
if (CURTAIN(l->l_proc->p_ucred->cr_uid,
p->p_ucred->cr_uid))
if (kauth_authorize_process(l->l_proc->p_cred,
KAUTH_PROCESS_CANSEE, l->l_proc, p->p_cred,
NULL, NULL) != 0)
continue;
if (arg > 0 && p->p_pid != arg)
/* pick only the one we want */
@ -2110,8 +2115,8 @@ fill_file(struct kinfo_file *kp, const struct file *fp, struct proc *p, int i)
kp->ki_msgcount = fp->f_msgcount;
kp->ki_usecount = fp->f_usecount;
kp->ki_fucred = PTRTOUINT64(fp->f_cred);
kp->ki_fuid = fp->f_cred->cr_uid;
kp->ki_fgid = fp->f_cred->cr_gid;
kp->ki_fuid = kauth_cred_geteuid(fp->f_cred);
kp->ki_fgid = kauth_cred_getegid(fp->f_cred);
kp->ki_fops = PTRTOUINT64(fp->f_ops);
kp->ki_foffset = fp->f_offset;
kp->ki_fdata = PTRTOUINT64(fp->f_data);
@ -2188,7 +2193,9 @@ again:
if (p->p_stat == SIDL)
continue;
if (CURTAIN(l->l_proc->p_ucred->cr_uid, p->p_ucred->cr_uid))
if (kauth_authorize_process(l->l_proc->p_cred,
KAUTH_PROCESS_CANSEE, l->l_proc, p->p_cred,
NULL, NULL) != 0)
continue;
/*
@ -2229,22 +2236,22 @@ again:
break;
case KERN_PROC_UID:
if (p->p_ucred->cr_uid != (uid_t)arg)
if (kauth_cred_geteuid(p->p_cred) != (uid_t)arg)
continue;
break;
case KERN_PROC_RUID:
if (p->p_cred->p_ruid != (uid_t)arg)
if (kauth_cred_getuid(p->p_cred) != (uid_t)arg)
continue;
break;
case KERN_PROC_GID:
if (p->p_ucred->cr_gid != (uid_t)arg)
if (kauth_cred_getegid(p->p_cred) != (uid_t)arg)
continue;
break;
case KERN_PROC_RGID:
if (p->p_cred->p_rgid != (uid_t)arg)
if (kauth_cred_getgid(p->p_cred) != (uid_t)arg)
continue;
break;
@ -2359,16 +2366,17 @@ sysctl_kern_proc_args(SYSCTLFN_ARGS)
goto out_locked;
}
if (CURTAIN(l->l_proc->p_ucred->cr_uid, p->p_ucred->cr_uid)) {
if (kauth_authorize_process(l->l_proc->p_cred,
KAUTH_PROCESS_CANSEE, l->l_proc, p->p_cred, NULL, NULL) != 0) {
error = EPERM;
goto out_locked;
}
/* only root or same user change look at the environment */
if (type == KERN_PROC_ENV || type == KERN_PROC_NENV) {
if (up->p_ucred->cr_uid != 0) {
if (up->p_cred->p_ruid != p->p_cred->p_ruid ||
up->p_cred->p_ruid != p->p_cred->p_svuid) {
if (kauth_cred_geteuid(up->p_cred) != 0) {
if (kauth_cred_getuid(up->p_cred) != kauth_cred_getuid(p->p_cred) ||
kauth_cred_getuid(up->p_cred) != kauth_cred_getsvuid(p->p_cred)) {
error = EPERM;
goto out_locked;
}
@ -2856,16 +2864,16 @@ fill_kproc2(struct proc *p, struct kinfo_proc2 *ki)
ki->p_tpgid = NO_PGID; /* may be changed if controlling tty below */
ki->p_uid = p->p_ucred->cr_uid;
ki->p_ruid = p->p_cred->p_ruid;
ki->p_gid = p->p_ucred->cr_gid;
ki->p_rgid = p->p_cred->p_rgid;
ki->p_svuid = p->p_cred->p_svuid;
ki->p_svgid = p->p_cred->p_svgid;
ki->p_uid = kauth_cred_geteuid(p->p_cred);
ki->p_ruid = kauth_cred_getuid(p->p_cred);
ki->p_gid = kauth_cred_getegid(p->p_cred);
ki->p_rgid = kauth_cred_getgid(p->p_cred);
ki->p_svuid = kauth_cred_getsvuid(p->p_cred);
ki->p_svgid = kauth_cred_getsvgid(p->p_cred);
memcpy(ki->p_groups, p->p_cred->pc_ucred->cr_groups,
min(sizeof(ki->p_groups), sizeof(p->p_cred->pc_ucred->cr_groups)));
ki->p_ngroups = p->p_cred->pc_ucred->cr_ngroups;
ki->p_ngroups = kauth_cred_ngroups(p->p_cred);
kauth_cred_getgroups(p->p_cred, ki->p_groups,
min(ki->p_ngroups, sizeof(ki->p_groups) / sizeof(ki->p_groups[0])));
ki->p_jobc = p->p_pgrp->pg_jobc;
if ((p->p_flag & P_CONTROLT) && (tp = p->p_session->s_ttyp)) {
@ -3041,11 +3049,15 @@ fill_eproc(struct proc *p, struct eproc *ep)
{
struct tty *tp;
struct lwp *l;
struct pcred pc;
struct ucred uc;
ep->e_paddr = p;
ep->e_sess = p->p_session;
ep->e_pcred = *p->p_cred;
ep->e_ucred = *p->p_ucred;
kauth_cred_topcred(p->p_cred, &pc);
kauth_cred_toucred(p->p_cred, &uc);
ep->e_pcred = pc;
ep->e_ucred = uc;
if (p->p_stat == SIDL || P_ZOMBIE(p)) {
ep->e_vm.vm_rssize = 0;
ep->e_vm.vm_tsize = 0;

38
sys/kern/kern_acct.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_acct.c,v 1.62 2005/12/11 12:24:29 christos Exp $ */
/* $NetBSD: kern_acct.c,v 1.63 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1982, 1986, 1989, 1993
@ -71,7 +71,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_acct.c,v 1.62 2005/12/11 12:24:29 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_acct.c,v 1.63 2006/05/14 21:15:11 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -90,6 +90,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_acct.c,v 1.62 2005/12/11 12:24:29 christos Exp
#include <sys/resourcevar.h>
#include <sys/ioctl.h>
#include <sys/tty.h>
#include <sys/kauth.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
@ -128,7 +129,7 @@ static enum {
ACCT_SUSPENDED
} acct_state; /* The current accounting state. */
static struct vnode *acct_vp; /* Accounting vnode pointer. */
static struct ucred *acct_ucred; /* Credential of accounting file
static kauth_cred_t acct_cred; /* Credential of accounting file
owner (i.e root). Used when
accounting file i/o. */
static struct proc *acct_dkwatcher; /* Free disk space checker. */
@ -216,7 +217,7 @@ acct_stop(void)
int error;
if (acct_vp != NULLVP && acct_vp->v_type != VBAD) {
error = vn_close(acct_vp, FWRITE, acct_ucred, NULL);
error = vn_close(acct_vp, FWRITE, acct_cred, NULL);
#ifdef DIAGNOSTIC
if (error != 0)
printf("acct_stop: failed to close, errno = %d\n",
@ -224,9 +225,9 @@ acct_stop(void)
#endif
acct_vp = NULLVP;
}
if (acct_ucred != NULL) {
crfree(acct_ucred);
acct_ucred = NULL;
if (acct_cred != NULL) {
kauth_cred_free(acct_cred);
acct_cred = NULL;
}
acct_state = ACCT_STOP;
}
@ -278,7 +279,7 @@ acct_init(void)
acct_state = ACCT_STOP;
acct_vp = NULLVP;
acct_ucred = NULL;
acct_cred = NULL;
lockinit(&acct_lock, PWAIT, "acctlk", 0, 0);
}
@ -297,7 +298,8 @@ sys_acct(struct lwp *l, void *v, register_t *retval)
struct proc *p = l->l_proc;
/* Make sure that the caller is root. */
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
/*
@ -316,7 +318,7 @@ sys_acct(struct lwp *l, void *v, register_t *retval)
error = EACCES;
goto bad;
}
if ((error = VOP_GETATTR(nd.ni_vp, &va, p->p_ucred, l)) != 0) {
if ((error = VOP_GETATTR(nd.ni_vp, &va, p->p_cred, l)) != 0) {
VOP_UNLOCK(nd.ni_vp, 0);
goto bad;
}
@ -330,7 +332,7 @@ sys_acct(struct lwp *l, void *v, register_t *retval)
#endif
VATTR_NULL(&va);
va.va_size = size;
error = VOP_SETATTR(nd.ni_vp, &va, p->p_ucred, l);
error = VOP_SETATTR(nd.ni_vp, &va, p->p_cred, l);
if (error != 0) {
VOP_UNLOCK(nd.ni_vp, 0);
goto bad;
@ -356,8 +358,8 @@ sys_acct(struct lwp *l, void *v, register_t *retval)
*/
acct_state = ACCT_ACTIVE;
acct_vp = nd.ni_vp;
acct_ucred = p->p_ucred;
crhold(acct_ucred);
acct_cred = p->p_cred;
kauth_cred_hold(acct_cred);
error = acct_chkfree(); /* Initial guess. */
if (error != 0) {
@ -376,7 +378,7 @@ sys_acct(struct lwp *l, void *v, register_t *retval)
ACCT_UNLOCK();
return (error);
bad:
vn_close(nd.ni_vp, FWRITE, p->p_ucred, l);
vn_close(nd.ni_vp, FWRITE, p->p_cred, l);
return error;
}
@ -446,8 +448,8 @@ acct_process(struct lwp *l)
acct.ac_io = encode_comp_t(r->ru_inblock + r->ru_oublock, 0);
/* (6) The UID and GID of the process */
acct.ac_uid = p->p_cred->p_ruid;
acct.ac_gid = p->p_cred->p_rgid;
acct.ac_uid = kauth_cred_getuid(p->p_cred);
acct.ac_gid = kauth_cred_getgid(p->p_cred);
/* (7) The terminal from which the process was started */
if ((p->p_flag & P_CONTROLT) && p->p_pgrp->pg_session->s_ttyp)
@ -461,10 +463,10 @@ acct_process(struct lwp *l)
/*
* Now, just write the accounting information to the file.
*/
VOP_LEASE(acct_vp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(acct_vp, l, p->p_cred, LEASE_WRITE);
error = vn_rdwr(UIO_WRITE, acct_vp, (caddr_t)&acct,
sizeof(acct), (off_t)0, UIO_SYSSPACE, IO_APPEND|IO_UNIT,
acct_ucred, NULL, NULL);
acct_cred, NULL, NULL);
if (error != 0)
log(LOG_ERR, "Accounting: write failed %d\n", error);

13
sys/kern/kern_descrip.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_descrip.c,v 1.142 2006/04/15 04:50:08 christos Exp $ */
/* $NetBSD: kern_descrip.c,v 1.143 2006/05/14 21:15:11 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1991, 1993
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.142 2006/04/15 04:50:08 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.143 2006/05/14 21:15:11 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -59,6 +59,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.142 2006/04/15 04:50:08 christos
#include <sys/resourcevar.h>
#include <sys/conf.h>
#include <sys/event.h>
#include <sys/kauth.h>
#include <sys/mount.h>
#include <sys/sa.h>
@ -994,8 +995,8 @@ falloc(struct proc *p, struct file **resultfp, int *resultfd)
p->p_fd->fd_ofiles[i] = fp;
simple_lock_init(&fp->f_slock);
fp->f_count = 1;
fp->f_cred = p->p_ucred;
crhold(fp->f_cred);
fp->f_cred = p->p_cred;
kauth_cred_hold(fp->f_cred);
if (resultfp) {
fp->f_usecount = 1;
*resultfp = fp;
@ -1019,7 +1020,7 @@ ffree(struct file *fp)
simple_lock(&filelist_slock);
LIST_REMOVE(fp, f_list);
crfree(fp->f_cred);
kauth_cred_free(fp->f_cred);
#ifdef DIAGNOSTIC
fp->f_count = 0; /* What's the point? */
#endif
@ -1817,7 +1818,7 @@ restart:
log(LOG_WARNING, "set{u,g}id pid %d (%s) "
"was invoked by uid %d ppid %d (%s) "
"with fd %s closed\n",
p->p_pid, p->p_comm, pp->p_ucred->cr_uid,
p->p_pid, p->p_comm, kauth_cred_geteuid(pp->p_cred),
pp->p_pid, pp->p_comm, &closed[1]);
}
return (0);

18
sys/kern/kern_event.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_event.c,v 1.26 2006/04/21 14:00:18 yamt Exp $ */
/* $NetBSD: kern_event.c,v 1.27 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1999,2000,2001 Jonathan Lemon <jlemon@FreeBSD.org>
* All rights reserved.
@ -28,7 +28,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_event.c,v 1.26 2006/04/21 14:00:18 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_event.c,v 1.27 2006/05/14 21:15:11 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -53,6 +53,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_event.c,v 1.26 2006/04/21 14:00:18 yamt Exp $")
#include <sys/filedesc.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
#include <sys/kauth.h>
static void kqueue_wakeup(struct kqueue *kq);
@ -60,9 +61,9 @@ static int kqueue_scan(struct file *, size_t, struct kevent *,
const struct timespec *, struct lwp *, register_t *,
const struct kevent_ops *);
static int kqueue_read(struct file *fp, off_t *offset, struct uio *uio,
struct ucred *cred, int flags);
kauth_cred_t cred, int flags);
static int kqueue_write(struct file *fp, off_t *offset, struct uio *uio,
struct ucred *cred, int flags);
kauth_cred_t cred, int flags);
static int kqueue_ioctl(struct file *fp, u_long com, void *data,
struct lwp *l);
static int kqueue_fcntl(struct file *fp, u_int com, void *data,
@ -367,9 +368,10 @@ filt_procattach(struct knote *kn)
* Fail if it's not owned by you, or the last exec gave us
* setuid/setgid privs (unless you're root).
*/
if ((p->p_cred->p_ruid != curproc->p_cred->p_ruid ||
if ((kauth_cred_getuid(p->p_cred) != kauth_cred_getuid(curproc->p_cred) ||
(p->p_flag & P_SUGID))
&& suser(curproc->p_ucred, &curproc->p_acflag) != 0)
&& kauth_authorize_generic(curproc->p_cred, KAUTH_GENERIC_ISSUSER,
&curproc->p_acflag) != 0)
return (EACCES);
kn->kn_ptr.p_proc = p;
@ -1067,7 +1069,7 @@ kqueue_scan(struct file *fp, size_t maxevents, struct kevent *ulistp,
/*ARGSUSED*/
static int
kqueue_read(struct file *fp, off_t *offset, struct uio *uio,
struct ucred *cred, int flags)
kauth_cred_t cred, int flags)
{
return (ENXIO);
@ -1080,7 +1082,7 @@ kqueue_read(struct file *fp, off_t *offset, struct uio *uio,
/*ARGSUSED*/
static int
kqueue_write(struct file *fp, off_t *offset, struct uio *uio,
struct ucred *cred, int flags)
kauth_cred_t cred, int flags)
{
return (ENXIO);

38
sys/kern/kern_exec.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_exec.c,v 1.217 2006/04/14 23:54:21 elad Exp $ */
/* $NetBSD: kern_exec.c,v 1.218 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (C) 1993, 1994, 1996 Christopher G. Demetriou
@ -33,7 +33,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.217 2006/04/14 23:54:21 elad Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.218 2006/05/14 21:15:11 elad Exp $");
#include "opt_ktrace.h"
#include "opt_syscall_debug.h"
@ -60,6 +60,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.217 2006/04/14 23:54:21 elad Exp $")
#include <sys/signalvar.h>
#include <sys/stat.h>
#include <sys/syscall.h>
#include <sys/kauth.h>
#include <sys/sa.h>
#include <sys/savar.h>
@ -261,11 +262,11 @@ check_exec(struct lwp *l, struct exec_package *epp, int flag)
error = EACCES;
goto bad1;
}
if ((error = VOP_ACCESS(vp, VEXEC, p->p_ucred, l)) != 0)
if ((error = VOP_ACCESS(vp, VEXEC, p->p_cred, l)) != 0)
goto bad1;
/* get attributes */
if ((error = VOP_GETATTR(vp, epp->ep_vap, p->p_ucred, l)) != 0)
if ((error = VOP_GETATTR(vp, epp->ep_vap, p->p_cred, l)) != 0)
goto bad1;
/* Check mount point */
@ -277,7 +278,7 @@ check_exec(struct lwp *l, struct exec_package *epp, int flag)
epp->ep_vap->va_mode &= ~(S_ISUID | S_ISGID);
/* try to open it */
if ((error = VOP_OPEN(vp, FREAD, p->p_ucred, l)) != 0)
if ((error = VOP_OPEN(vp, FREAD, p->p_cred, l)) != 0)
goto bad1;
/* unlock vp, since we need it unlocked from here on out. */
@ -293,7 +294,7 @@ check_exec(struct lwp *l, struct exec_package *epp, int flag)
/* now we have the file, get the exec header */
uvn_attach(vp, VM_PROT_READ);
error = vn_rdwr(UIO_READ, vp, epp->ep_hdr, epp->ep_hdrlen, 0,
UIO_SYSSPACE, 0, p->p_ucred, &resid, NULL);
UIO_SYSSPACE, 0, p->p_cred, &resid, NULL);
if (error)
goto bad2;
epp->ep_hdrvalid = epp->ep_hdrlen - resid;
@ -354,7 +355,7 @@ bad2:
* pathname buf, and punt.
*/
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
VOP_CLOSE(vp, FREAD, p->p_ucred, l);
VOP_CLOSE(vp, FREAD, p->p_cred, l);
vput(vp);
PNBUF_PUT(ndp->ni_cnd.cn_pnbuf);
return error;
@ -408,7 +409,7 @@ execve1(struct lwp *l, const char *path, char * const *args,
struct nameidata nid;
struct vattr attr;
struct proc *p;
struct ucred *cred;
kauth_cred_t cred;
char *argp;
char *dp, *sp;
long argc, envc;
@ -442,7 +443,7 @@ execve1(struct lwp *l, const char *path, char * const *args,
*/
p->p_flag |= P_INEXEC;
cred = p->p_ucred;
cred = p->p_cred;
base_vcp = NULL;
/*
* Init the namei data to point the file user's program name.
@ -780,10 +781,10 @@ execve1(struct lwp *l, const char *path, char * const *args,
if ((p->p_flag & P_TRACED) == 0 &&
(((attr.va_mode & S_ISUID) != 0 &&
p->p_ucred->cr_uid != attr.va_uid) ||
kauth_cred_geteuid(p->p_cred) != attr.va_uid) ||
((attr.va_mode & S_ISGID) != 0 &&
p->p_ucred->cr_gid != attr.va_gid))) {
kauth_cred_getegid(p->p_cred) != attr.va_gid))) {
/*
* Mark the process as SUGID before we do
* anything that might block.
@ -796,7 +797,8 @@ execve1(struct lwp *l, const char *path, char * const *args,
goto exec_abort;
}
p->p_ucred = crcopy(cred);
p->p_cred = kauth_cred_copy(cred);
cred = p->p_cred;
#ifdef KTRACE
/*
* If process is being ktraced, turn off - unless
@ -806,16 +808,16 @@ execve1(struct lwp *l, const char *path, char * const *args,
ktrderef(p);
#endif
if (attr.va_mode & S_ISUID)
p->p_ucred->cr_uid = attr.va_uid;
kauth_cred_seteuid(p->p_cred, attr.va_uid);
if (attr.va_mode & S_ISGID)
p->p_ucred->cr_gid = attr.va_gid;
kauth_cred_setegid(p->p_cred, attr.va_gid);
} else {
if (p->p_ucred->cr_uid == p->p_cred->p_ruid &&
p->p_ucred->cr_gid == p->p_cred->p_rgid)
if (kauth_cred_geteuid(p->p_cred) == kauth_cred_getuid(p->p_cred) &&
kauth_cred_getegid(p->p_cred) == kauth_cred_getgid(p->p_cred))
p->p_flag &= ~P_SUGID;
}
p->p_cred->p_svuid = p->p_ucred->cr_uid;
p->p_cred->p_svgid = p->p_ucred->cr_gid;
kauth_cred_setsvuid(p->p_cred, kauth_cred_geteuid(p->p_cred));
kauth_cred_setsvgid(p->p_cred, kauth_cred_getegid(p->p_cred));
#if defined(__HAVE_RAS)
/*

14
sys/kern/kern_exit.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_exit.c,v 1.155 2006/03/05 07:21:38 christos Exp $ */
/* $NetBSD: kern_exit.c,v 1.156 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1998, 1999 The NetBSD Foundation, Inc.
@ -74,7 +74,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_exit.c,v 1.155 2006/03/05 07:21:38 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_exit.c,v 1.156 2006/05/14 21:15:11 elad Exp $");
#include "opt_ktrace.h"
#include "opt_perfctrs.h"
@ -113,6 +113,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_exit.c,v 1.155 2006/03/05 07:21:38 christos Exp
#include <sys/mount.h>
#include <sys/syscallargs.h>
#include <sys/systrace.h>
#include <sys/kauth.h>
#include <machine/cpu.h>
@ -151,7 +152,7 @@ exit_psignal(struct proc *p, struct proc *pp, ksiginfo_t *ksi)
* we fill those in, even for non-SIGCHLD.
*/
ksi->ksi_pid = p->p_pid;
ksi->ksi_uid = p->p_ucred->cr_uid;
ksi->ksi_uid = kauth_cred_geteuid(p->p_cred);
ksi->ksi_status = p->p_xstat;
/* XXX: is this still valid? */
ksi->ksi_utime = p->p_ru->ru_utime.tv_sec;
@ -843,15 +844,12 @@ proc_free(struct proc *p)
/*
* Decrement the count of procs running with this uid.
*/
(void)chgproccnt(p->p_cred->p_ruid, -1);
(void)chgproccnt(kauth_cred_getuid(p->p_cred), -1);
/*
* Free up credentials.
*/
if (--p->p_cred->p_refcnt == 0) {
crfree(p->p_cred->pc_ucred);
pool_put(&pcred_pool, p->p_cred);
}
kauth_cred_free(p->p_cred);
/*
* Release reference to text vnode

14
sys/kern/kern_fork.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_fork.c,v 1.123 2005/12/11 12:24:29 christos Exp $ */
/* $NetBSD: kern_fork.c,v 1.124 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1999, 2001, 2004 The NetBSD Foundation, Inc.
@ -76,7 +76,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_fork.c,v 1.123 2005/12/11 12:24:29 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_fork.c,v 1.124 2006/05/14 21:15:11 elad Exp $");
#include "opt_ktrace.h"
#include "opt_systrace.h"
@ -100,6 +100,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_fork.c,v 1.123 2005/12/11 12:24:29 christos Exp
#include <sys/sched.h>
#include <sys/signalvar.h>
#include <sys/systrace.h>
#include <sys/kauth.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
@ -224,7 +225,7 @@ fork1(struct lwp *l1, int flags, int exitsig, void *stack, size_t stacksize,
* processes, maxproc is the limit.
*/
p1 = l1->l_proc;
uid = p1->p_cred->p_ruid;
uid = kauth_cred_getuid(p1->p_cred);
if (__predict_false((nprocs >= maxproc - 5 && uid != 0) ||
nprocs >= maxproc)) {
static struct timeval lasttfm;
@ -303,10 +304,9 @@ fork1(struct lwp *l1, int flags, int exitsig, void *stack, size_t stacksize,
if (p1->p_flag & P_PROFIL)
startprofclock(p2);
p2->p_cred = pool_get(&pcred_pool, PR_WAITOK);
memcpy(p2->p_cred, p1->p_cred, sizeof(*p2->p_cred));
p2->p_cred->p_refcnt = 1;
crhold(p1->p_ucred);
p2->p_cred = kauth_cred_alloc();
kauth_cred_clone(p1->p_cred, p2->p_cred);
LIST_INIT(&p2->p_raslist);
#if defined(__HAVE_RAS)

25
sys/kern/kern_ktrace.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_ktrace.c,v 1.102 2006/04/15 04:56:14 christos Exp $ */
/* $NetBSD: kern_ktrace.c,v 1.103 2006/05/14 21:15:11 elad Exp $ */
/*
* Copyright (c) 1989, 1993
@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_ktrace.c,v 1.102 2006/04/15 04:56:14 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_ktrace.c,v 1.103 2006/05/14 21:15:11 elad Exp $");
#include "opt_ktrace.h"
#include "opt_compat_mach.h"
@ -51,6 +51,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_ktrace.c,v 1.102 2006/04/15 04:56:14 christos E
#include <sys/filedesc.h>
#include <sys/ioctl.h>
#include <sys/callout.h>
#include <sys/kauth.h>
#include <sys/mount.h>
#include <sys/sa.h>
@ -985,7 +986,7 @@ sys_ktrace(struct lwp *l, void *v, register_t *retval)
vp = nd.ni_vp;
VOP_UNLOCK(vp, 0);
if (vp->v_type != VREG) {
(void) vn_close(vp, FREAD|FWRITE, curp->p_ucred, l);
(void) vn_close(vp, FREAD|FWRITE, curp->p_cred, l);
curp->p_traceflag &= ~KTRFAC_ACTIVE;
return (EACCES);
}
@ -1014,7 +1015,7 @@ sys_ktrace(struct lwp *l, void *v, register_t *retval)
SCARG(uap, pid), fp);
done:
if (vp != NULL)
(void) vn_close(vp, FWRITE, curp->p_ucred, l);
(void) vn_close(vp, FWRITE, curp->p_cred, l);
if (fp != NULL) {
FILE_UNUSE(fp, l); /* release file */
fdrelease(l, fd); /* release fd table slot */
@ -1050,7 +1051,7 @@ ktrops(struct proc *curp, struct proc *p, int ops, int facs,
ktradref(p);
}
p->p_traceflag |= facs;
if (curp->p_ucred->cr_uid == 0)
if (kauth_cred_geteuid(curp->p_cred) == 0)
p->p_traceflag |= KTRFAC_ROOT;
} else {
/* KTROP_CLEAR */
@ -1263,16 +1264,16 @@ ktrace_thread(void *arg)
int
ktrcanset(struct proc *callp, struct proc *targetp)
{
struct pcred *caller = callp->p_cred;
struct pcred *target = targetp->p_cred;
kauth_cred_t caller = callp->p_cred;
kauth_cred_t target = targetp->p_cred;
if ((caller->pc_ucred->cr_uid == target->p_ruid &&
target->p_ruid == target->p_svuid &&
caller->p_rgid == target->p_rgid && /* XXX */
target->p_rgid == target->p_svgid &&
if ((kauth_cred_geteuid(caller) == kauth_cred_getuid(target) &&
kauth_cred_getuid(target) == kauth_cred_getsvuid(target) &&
kauth_cred_getgid(caller) == kauth_cred_getgid(target) && /* XXX */
kauth_cred_getgid(target) == kauth_cred_getsvgid(target) &&
(targetp->p_traceflag & KTRFAC_ROOT) == 0 &&
(targetp->p_flag & P_SUGID) == 0) ||
caller->pc_ucred->cr_uid == 0)
kauth_cred_geteuid(caller) == 0)
return (1);
return (0);

8
sys/kern/kern_ntptime.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_ntptime.c,v 1.29 2005/12/11 12:24:29 christos Exp $ */
/* $NetBSD: kern_ntptime.c,v 1.30 2006/05/14 21:15:11 elad Exp $ */
/******************************************************************************
* *
@ -50,7 +50,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_ntptime.c,v 1.29 2005/12/11 12:24:29 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_ntptime.c,v 1.30 2006/05/14 21:15:11 elad Exp $");
#include "opt_ntp.h"
@ -62,6 +62,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_ntptime.c,v 1.29 2005/12/11 12:24:29 christos E
#include <sys/sysctl.h>
#include <sys/timex.h>
#include <sys/vnode.h>
#include <sys/kauth.h>
#include <sys/mount.h>
#include <sys/sa.h>
@ -207,7 +208,8 @@ sys_ntp_adjtime(l, v, retval)
sizeof(ntv))) != 0)
return (error);
if (ntv.modes != 0 && (error = suser(p->p_ucred, &p->p_acflag)) != 0)
if (ntv.modes != 0 && (error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
return (ntp_adjtime1(&ntv, v, retval));

15
sys/kern/kern_proc.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_proc.c,v 1.88 2006/04/10 11:16:22 onoe Exp $ */
/* $NetBSD: kern_proc.c,v 1.89 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1999 The NetBSD Foundation, Inc.
@ -69,7 +69,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.88 2006/04/10 11:16:22 onoe Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.89 2006/05/14 21:15:11 elad Exp $");
#include "opt_kstack.h"
#include "opt_maxuprc.h"
@ -95,6 +95,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.88 2006/04/10 11:16:22 onoe Exp $");
#include <sys/sa.h>
#include <sys/savar.h>
#include <sys/filedesc.h>
#include <sys/kauth.h>
#include <uvm/uvm.h>
#include <uvm/uvm_extern.h>
@ -164,7 +165,7 @@ struct session session0;
struct pgrp pgrp0;
struct proc proc0;
struct lwp lwp0;
struct pcred cred0;
kauth_cred_t cred0;
struct filedesc0 filedesc0;
struct cwdinfo cwdi0;
struct plimit limit0;
@ -188,8 +189,6 @@ POOL_INIT(lwp_uc_pool, sizeof(ucontext_t), 0, 0, 0, "lwpucpl",
&pool_allocator_nointr);
POOL_INIT(pgrp_pool, sizeof(struct pgrp), 0, 0, 0, "pgrppl",
&pool_allocator_nointr);
POOL_INIT(pcred_pool, sizeof(struct pcred), 0, 0, 0, "pcredpl",
&pool_allocator_nointr);
POOL_INIT(plimit_pool, sizeof(struct plimit), 0, 0, 0, "plimitpl",
&pool_allocator_nointr);
POOL_INIT(pstats_pool, sizeof(struct pstats), 0, 0, 0, "pstatspl",
@ -330,10 +329,8 @@ proc0_init(void)
callout_init(&l->l_tsleep_ch);
/* Create credentials. */
cred0.p_refcnt = 1;
p->p_cred = &cred0;
p->p_ucred = crget();
p->p_ucred->cr_ngroups = 1; /* group 0 */
cred0 = kauth_cred_alloc();
p->p_cred = cred0;
/* Create the CWD info. */
p->p_cwdi = &cwdi0;

287
sys/kern/kern_prot.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_prot.c,v 1.88 2005/12/11 12:24:29 christos Exp $ */
/* $NetBSD: kern_prot.c,v 1.89 2006/05/14 21:15:11 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993
@ -41,7 +41,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_prot.c,v 1.88 2005/12/11 12:24:29 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_prot.c,v 1.89 2006/05/14 21:15:11 elad Exp $");
#include "opt_compat_43.h"
@ -55,13 +55,13 @@ __KERNEL_RCSID(0, "$NetBSD: kern_prot.c,v 1.88 2005/12/11 12:24:29 christos Exp
#include <sys/pool.h>
#include <sys/syslog.h>
#include <sys/resourcevar.h>
#include <sys/kauth.h>
#include <sys/mount.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
POOL_INIT(cred_pool, sizeof(struct ucred), 0, 0, 0, "credpl",
&pool_allocator_nointr);
#include <sys/malloc.h>
int sys_getpid(struct lwp *, void *, register_t *);
int sys_getpid_with_ppid(struct lwp *, void *, register_t *);
@ -157,7 +157,7 @@ sys_getuid(struct lwp *l, void *v, register_t *retval)
{
struct proc *p = l->l_proc;
*retval = p->p_cred->p_ruid;
*retval = kauth_cred_getuid(p->p_cred);
return (0);
}
@ -167,8 +167,8 @@ sys_getuid_with_euid(struct lwp *l, void *v, register_t *retval)
{
struct proc *p = l->l_proc;
retval[0] = p->p_cred->p_ruid;
retval[1] = p->p_ucred->cr_uid;
retval[0] = kauth_cred_getuid(p->p_cred);
retval[1] = kauth_cred_geteuid(p->p_cred);
return (0);
}
@ -178,7 +178,7 @@ sys_geteuid(struct lwp *l, void *v, register_t *retval)
{
struct proc *p = l->l_proc;
*retval = p->p_ucred->cr_uid;
*retval = kauth_cred_geteuid(p->p_cred);
return (0);
}
@ -188,7 +188,7 @@ sys_getgid(struct lwp *l, void *v, register_t *retval)
{
struct proc *p = l->l_proc;
*retval = p->p_cred->p_rgid;
*retval = kauth_cred_getgid(p->p_cred);
return (0);
}
@ -198,8 +198,8 @@ sys_getgid_with_egid(struct lwp *l, void *v, register_t *retval)
{
struct proc *p = l->l_proc;
retval[0] = p->p_cred->p_rgid;
retval[1] = p->p_ucred->cr_gid;
retval[0] = kauth_cred_getgid(p->p_cred);
retval[1] = kauth_cred_getegid(p->p_cred);
return (0);
}
@ -214,7 +214,7 @@ sys_getegid(struct lwp *l, void *v, register_t *retval)
{
struct proc *p = l->l_proc;
*retval = p->p_ucred->cr_gid;
*retval = kauth_cred_getegid(p->p_cred);
return (0);
}
@ -226,21 +226,26 @@ sys_getgroups(struct lwp *l, void *v, register_t *retval)
syscallarg(gid_t *) gidset;
} */ *uap = v;
struct proc *p = l->l_proc;
struct pcred *pc = p->p_cred;
kauth_cred_t pc = p->p_cred;
u_int ngrp;
int error;
gid_t *grbuf;
if (SCARG(uap, gidsetsize) == 0) {
*retval = pc->pc_ucred->cr_ngroups;
*retval = kauth_cred_ngroups(pc);
return (0);
} else if (SCARG(uap, gidsetsize) < 0)
return (EINVAL);
ngrp = SCARG(uap, gidsetsize);
if (ngrp < pc->pc_ucred->cr_ngroups)
if (ngrp < kauth_cred_ngroups(pc))
return (EINVAL);
ngrp = pc->pc_ucred->cr_ngroups;
error = copyout((caddr_t)pc->pc_ucred->cr_groups,
(caddr_t)SCARG(uap, gidset), ngrp * sizeof(gid_t));
ngrp = kauth_cred_ngroups(pc);
grbuf = malloc(ngrp * sizeof(*grbuf), M_TEMP, M_WAITOK);
kauth_cred_getgroups(pc, grbuf, ngrp);
error = copyout(grbuf, (caddr_t)SCARG(uap, gidset),
ngrp * sizeof(gid_t));
free(grbuf, M_TEMP);
if (error)
return (error);
*retval = ngrp;
@ -317,48 +322,48 @@ do_setresuid(struct lwp *l, uid_t r, uid_t e, uid_t sv, u_int flags)
{
int error;
struct proc *p = l->l_proc;
struct pcred *pcred = p->p_cred;
struct ucred *cred = pcred->pc_ucred;
kauth_cred_t cred = p->p_cred;
/* Superuser can do anything it wants to.... */
error = suser(cred, &p->p_acflag);
error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag);
if (error) {
/* Otherwise check new value is one of the allowed
existing values. */
if (r != -1 && !((flags & ID_R_EQ_R) && r == pcred->p_ruid)
&& !((flags & ID_R_EQ_E) && r == cred->cr_uid)
&& !((flags & ID_R_EQ_S) && r == pcred->p_svuid))
if (r != -1 && !((flags & ID_R_EQ_R) && r == kauth_cred_getuid(cred))
&& !((flags & ID_R_EQ_E) && r == kauth_cred_geteuid(cred))
&& !((flags & ID_R_EQ_S) && r == kauth_cred_getsvuid(cred)))
return error;
if (e != -1 && !((flags & ID_E_EQ_R) && e == pcred->p_ruid)
&& !((flags & ID_E_EQ_E) && e == cred->cr_uid)
&& !((flags & ID_E_EQ_S) && e == pcred->p_svuid))
if (e != -1 && !((flags & ID_E_EQ_R) && e == kauth_cred_getuid(cred))
&& !((flags & ID_E_EQ_E) && e == kauth_cred_geteuid(cred))
&& !((flags & ID_E_EQ_S) && e == kauth_cred_getsvuid(cred)))
return error;
if (sv != -1 && !((flags & ID_S_EQ_R) && sv == pcred->p_ruid)
&& !((flags & ID_S_EQ_E) && sv == cred->cr_uid)
&& !((flags & ID_S_EQ_S) && sv == pcred->p_svuid))
if (sv != -1 && !((flags & ID_S_EQ_R) && sv == kauth_cred_getuid(cred))
&& !((flags & ID_S_EQ_E) && sv == kauth_cred_geteuid(cred))
&& !((flags & ID_S_EQ_S) && sv == kauth_cred_getsvuid(cred)))
return error;
}
/* If nothing has changed, short circuit the request */
if ((r == -1 || r == pcred->p_ruid)
&& (e == -1 || e == cred->cr_uid)
&& (sv == -1 || sv == pcred->p_svuid))
if ((r == -1 || r == kauth_cred_getuid(cred))
&& (e == -1 || e == kauth_cred_geteuid(cred))
&& (sv == -1 || sv == kauth_cred_getsvuid(cred)))
/* nothing to do */
return 0;
/* The pcred structure is not actually shared... */
if (r != -1 && r != pcred->p_ruid) {
if (r != -1 && r != kauth_cred_getuid(cred)) {
/* Update count of processes for this user */
(void)chgproccnt(pcred->p_ruid, -1);
(void)chgproccnt(kauth_cred_getuid(cred), -1);
(void)chgproccnt(r, 1);
pcred->p_ruid = r;
kauth_cred_setuid(cred, r);
}
if (sv != -1)
pcred->p_svuid = sv;
if (e != -1 && e != cred->cr_uid) {
kauth_cred_setsvuid(cred, sv);
if (e != -1 && e != kauth_cred_geteuid(cred)) {
/* Update a clone of the current credentials */
pcred->pc_ucred = cred = crcopy(cred);
cred->cr_uid = e;
cred = kauth_cred_copy(cred);
kauth_cred_seteuid(cred, e);
p->p_cred = cred;
}
/* Mark process as having changed credentials, stops tracing etc */
@ -378,44 +383,44 @@ do_setresgid(struct lwp *l, gid_t r, gid_t e, gid_t sv, u_int flags)
{
int error;
struct proc *p = l->l_proc;
struct pcred *pcred = p->p_cred;
struct ucred *cred = pcred->pc_ucred;
kauth_cred_t cred = p->p_cred;
/* Superuser can do anything it wants to.... */
error = suser(cred, &p->p_acflag);
error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag);
if (error) {
/* Otherwise check new value is one of the allowed
existing values. */
if (r != -1 && !((flags & ID_R_EQ_R) && r == pcred->p_rgid)
&& !((flags & ID_R_EQ_E) && r == cred->cr_gid)
&& !((flags & ID_R_EQ_S) && r == pcred->p_svgid))
if (r != -1 && !((flags & ID_R_EQ_R) && r == kauth_cred_getgid(cred))
&& !((flags & ID_R_EQ_E) && r == kauth_cred_getegid(cred))
&& !((flags & ID_R_EQ_S) && r == kauth_cred_getsvgid(cred)))
return error;
if (e != -1 && !((flags & ID_E_EQ_R) && e == pcred->p_rgid)
&& !((flags & ID_E_EQ_E) && e == cred->cr_gid)
&& !((flags & ID_E_EQ_S) && e == pcred->p_svgid))
if (e != -1 && !((flags & ID_E_EQ_R) && e == kauth_cred_getgid(cred))
&& !((flags & ID_E_EQ_E) && e == kauth_cred_getegid(cred))
&& !((flags & ID_E_EQ_S) && e == kauth_cred_getsvgid(cred)))
return error;
if (sv != -1 && !((flags & ID_S_EQ_R) && sv == pcred->p_rgid)
&& !((flags & ID_S_EQ_E) && sv == cred->cr_gid)
&& !((flags & ID_S_EQ_S) && sv == pcred->p_svgid))
if (sv != -1 && !((flags & ID_S_EQ_R) && sv == kauth_cred_getgid(cred))
&& !((flags & ID_S_EQ_E) && sv == kauth_cred_getegid(cred))
&& !((flags & ID_S_EQ_S) && sv == kauth_cred_getsvgid(cred)))
return error;
}
/* If nothing has changed, short circuit the request */
if ((r == -1 || r == pcred->p_rgid)
&& (e == -1 || e == cred->cr_gid)
&& (sv == -1 || sv == pcred->p_svgid))
if ((r == -1 || r == kauth_cred_getgid(cred))
&& (e == -1 || e == kauth_cred_getegid(cred))
&& (sv == -1 || sv == kauth_cred_getsvgid(cred)))
/* nothing to do */
return 0;
/* The pcred structure is not actually shared... */
if (r != -1)
pcred->p_rgid = r;
kauth_cred_setgid(cred, r);
if (sv != -1)
pcred->p_svgid = sv;
if (e != -1 && e != cred->cr_gid) {
kauth_cred_setsvgid(cred, sv);
if (e != -1 && e != kauth_cred_getegid(cred)) {
/* Update a clone of the current credentials */
pcred->pc_ucred = cred = crcopy(cred);
cred->cr_gid = e;
cred = kauth_cred_copy(cred);
kauth_cred_setegid(cred, e);
p->p_cred = cred;
}
/* Mark process as having changed credentials, stops tracing etc */
@ -460,11 +465,11 @@ sys_setreuid(struct lwp *l, void *v, register_t *retval)
ruid = SCARG(uap, ruid);
euid = SCARG(uap, euid);
if (ruid == -1)
ruid = p->p_cred->p_ruid;
ruid = kauth_cred_getuid(p->p_cred);
if (euid == -1)
euid = p->p_ucred->cr_uid;
euid = kauth_cred_geteuid(p->p_cred);
/* Saved uid is set to the new euid if the ruid changed */
svuid = (ruid == p->p_cred->p_ruid) ? -1 : euid;
svuid = (ruid == kauth_cred_getuid(p->p_cred)) ? -1 : euid;
return do_setresuid(l, ruid, euid, svuid,
ID_R_EQ_R | ID_R_EQ_E |
@ -509,11 +514,11 @@ sys_setregid(struct lwp *l, void *v, register_t *retval)
rgid = SCARG(uap, rgid);
egid = SCARG(uap, egid);
if (rgid == -1)
rgid = p->p_cred->p_rgid;
rgid = kauth_cred_getgid(p->p_cred);
if (egid == -1)
egid = p->p_ucred->cr_gid;
egid = kauth_cred_getegid(p->p_cred);
/* Saved gid is set to the new egid if the rgid changed */
svgid = rgid == p->p_cred->p_rgid ? -1 : egid;
svgid = rgid == kauth_cred_getgid(p->p_cred) ? -1 : egid;
return do_setresgid(l, rgid, egid, svgid,
ID_R_EQ_R | ID_R_EQ_E |
@ -586,13 +591,14 @@ sys_setgroups(struct lwp *l, void *v, register_t *retval)
syscallarg(const gid_t *) gidset;
} */ *uap = v;
struct proc *p = l->l_proc;
struct pcred *pc = p->p_cred;
kauth_cred_t pc = p->p_cred;
int ngrp;
int error;
gid_t grp[NGROUPS];
size_t grsize;
if ((error = suser(pc->pc_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(pc, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
ngrp = SCARG(uap, gidsetsize);
@ -605,148 +611,16 @@ sys_setgroups(struct lwp *l, void *v, register_t *retval)
return (error);
ngrp = grsortu(grp, ngrp);
/*
* Check if this is a no-op.
*/
if (pc->pc_ucred->cr_ngroups == (u_int) ngrp &&
memcmp(grp, pc->pc_ucred->cr_groups, grsize) == 0)
return (0);
pc->pc_ucred = crcopy(pc->pc_ucred);
(void)memcpy(pc->pc_ucred->cr_groups, grp, grsize);
pc->pc_ucred->cr_ngroups = ngrp;
pc = kauth_cred_copy(pc);
p->p_cred = pc;
kauth_cred_setgroups(p->p_cred, grp, ngrp, -1);
p_sugid(p);
return (0);
}
/*
* Check if gid is a member of the group set.
*/
int
groupmember(gid_t gid, const struct ucred *cred)
{
const gid_t *gp;
const gid_t *egp;
egp = &(cred->cr_groups[cred->cr_ngroups]);
for (gp = cred->cr_groups; gp < egp; gp++)
if (*gp == gid)
return (1);
return (0);
}
/*
* Test whether the specified credentials imply "super-user"
* privilege; if so, and we have accounting info, set the flag
* indicating use of super-powers.
* Returns 0 or error.
*/
int
suser(const struct ucred *cred, u_short *acflag)
{
if (cred->cr_uid == 0) {
if (acflag)
*acflag |= ASU;
return (0);
}
return (EPERM);
}
/*
* Allocate a zeroed cred structure.
*/
struct ucred *
crget(void)
{
struct ucred *cr;
cr = pool_get(&cred_pool, PR_WAITOK);
memset(cr, 0, sizeof(*cr));
simple_lock_init(&cr->cr_lock);
cr->cr_ref = 1;
return (cr);
}
/*
* Free a cred structure.
* Throws away space when ref count gets to 0.
*/
void
crfree(struct ucred *cr)
{
int n;
simple_lock(&cr->cr_lock);
n = --cr->cr_ref;
simple_unlock(&cr->cr_lock);
if (n == 0)
pool_put(&cred_pool, cr);
}
/*
* Compare cred structures and return 0 if they match
*/
int
crcmp(const struct ucred *cr1, const struct uucred *cr2)
{
/* FIXME: The group lists should be compared element by element,
* as the order of groups may be different in the two lists.
* Currently this function can return a non-zero value for
* equivalent group lists. */
return cr1->cr_uid != cr2->cr_uid ||
cr1->cr_gid != cr2->cr_gid ||
cr1->cr_ngroups != (uint32_t)cr2->cr_ngroups ||
memcmp(cr1->cr_groups, cr2->cr_groups,
sizeof(cr1->cr_groups[0]) * cr1->cr_ngroups);
}
/*
* Copy cred structure to a new one and free the old one.
*/
struct ucred *
crcopy(struct ucred *cr)
{
struct ucred *newcr;
if (cr->cr_ref == 1)
return (cr);
newcr = crget();
memcpy(&newcr->cr_startcopy, &cr->cr_startcopy,
sizeof(struct ucred) - offsetof(struct ucred, cr_startcopy));
crfree(cr);
return (newcr);
}
/*
* Dup cred struct to a new held one.
*/
struct ucred *
crdup(const struct ucred *cr)
{
struct ucred *newcr;
newcr = crget();
memcpy(&newcr->cr_startcopy, &cr->cr_startcopy,
sizeof(struct ucred) - offsetof(struct ucred, cr_startcopy));
return (newcr);
}
/*
* convert from userland credentials to kernel one
*/
void
crcvt(struct ucred *uc, const struct uucred *uuc)
{
uc->cr_ref = 0;
uc->cr_uid = uuc->cr_uid;
uc->cr_gid = uuc->cr_gid;
uc->cr_ngroups = uuc->cr_ngroups;
(void)memcpy(uc->cr_groups, uuc->cr_groups, sizeof(uuc->cr_groups));
}
/*
* Get login name, if available.
*/
@ -781,7 +655,8 @@ sys___setlogin(struct lwp *l, void *v, register_t *retval)
char newname[sizeof s->s_login + 1];
int error;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
error = copyinstr(SCARG(uap, namebuf), &newname, sizeof newname, NULL);
if (error != 0)

56
sys/kern/kern_resource.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_resource.c,v 1.100 2006/02/04 12:09:50 yamt Exp $ */
/* $NetBSD: kern_resource.c,v 1.101 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1982, 1986, 1991, 1993
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_resource.c,v 1.100 2006/02/04 12:09:50 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_resource.c,v 1.101 2006/05/14 21:15:11 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -49,6 +49,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_resource.c,v 1.100 2006/02/04 12:09:50 yamt Exp
#include <sys/pool.h>
#include <sys/proc.h>
#include <sys/sysctl.h>
#include <sys/kauth.h>
#include <sys/mount.h>
#include <sys/sa.h>
@ -110,10 +111,10 @@ sys_getpriority(struct lwp *l, void *v, register_t *retval)
case PRIO_USER:
if (SCARG(uap, who) == 0)
SCARG(uap, who) = curp->p_ucred->cr_uid;
SCARG(uap, who) = kauth_cred_geteuid(curp->p_cred);
proclist_lock_read();
PROCLIST_FOREACH(p, &allproc) {
if (p->p_ucred->cr_uid == (uid_t) SCARG(uap, who) &&
if (kauth_cred_geteuid(p->p_cred) == (uid_t) SCARG(uap, who) &&
p->p_nice < low)
low = p->p_nice;
}
@ -170,10 +171,10 @@ sys_setpriority(struct lwp *l, void *v, register_t *retval)
case PRIO_USER:
if (SCARG(uap, who) == 0)
SCARG(uap, who) = curp->p_ucred->cr_uid;
SCARG(uap, who) = kauth_cred_geteuid(curp->p_cred);
proclist_lock_read();
PROCLIST_FOREACH(p, &allproc) {
if (p->p_ucred->cr_uid == (uid_t) SCARG(uap, who)) {
if (kauth_cred_geteuid(p->p_cred) == (uid_t) SCARG(uap, who)) {
error = donice(curp, p, SCARG(uap, prio));
found++;
}
@ -192,19 +193,20 @@ sys_setpriority(struct lwp *l, void *v, register_t *retval)
int
donice(struct proc *curp, struct proc *chgp, int n)
{
struct pcred *pcred = curp->p_cred;
kauth_cred_t cred = curp->p_cred;
int s;
if (pcred->pc_ucred->cr_uid && pcred->p_ruid &&
pcred->pc_ucred->cr_uid != chgp->p_ucred->cr_uid &&
pcred->p_ruid != chgp->p_ucred->cr_uid)
if (kauth_cred_geteuid(cred) && kauth_cred_getuid(cred) &&
kauth_cred_geteuid(cred) != kauth_cred_geteuid(chgp->p_cred) &&
kauth_cred_getuid(cred) != kauth_cred_geteuid(chgp->p_cred))
return (EPERM);
if (n > PRIO_MAX)
n = PRIO_MAX;
if (n < PRIO_MIN)
n = PRIO_MIN;
n += NZERO;
if (n < chgp->p_nice && suser(pcred->pc_ucred, &curp->p_acflag))
if (n < chgp->p_nice && kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER,
&curp->p_acflag))
return (EACCES);
chgp->p_nice = n;
SCHED_LOCK(s);
@ -233,7 +235,7 @@ sys_setrlimit(struct lwp *l, void *v, register_t *retval)
}
int
dosetrlimit(struct proc *p, struct pcred *cred, int which, struct rlimit *limp)
dosetrlimit(struct proc *p, kauth_cred_t cred, int which, struct rlimit *limp)
{
struct rlimit *alimp;
struct plimit *oldplim;
@ -259,7 +261,8 @@ dosetrlimit(struct proc *p, struct pcred *cred, int which, struct rlimit *limp)
return (EINVAL);
}
if (limp->rlim_max > alimp->rlim_max
&& (error = suser(cred->pc_ucred, &p->p_acflag)) != 0)
&& (error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
if (p->p_limit->p_refcnt > 1 &&
@ -562,7 +565,7 @@ static int
sysctl_proc_findproc(struct proc *p, struct proc **p2, pid_t pid)
{
struct proc *ptmp;
int i, error = 0;
int error = 0;
if (pid == PROC_CURPROC)
ptmp = p;
@ -572,28 +575,31 @@ sysctl_proc_findproc(struct proc *p, struct proc **p2, pid_t pid)
/*
* suid proc of ours or proc not ours
*/
if (p->p_cred->p_ruid != ptmp->p_cred->p_ruid ||
p->p_cred->p_ruid != ptmp->p_cred->p_svuid)
error = suser(p->p_ucred, &p->p_acflag);
if (kauth_cred_getuid(p->p_cred) != kauth_cred_getuid(ptmp->p_cred) ||
kauth_cred_getuid(p->p_cred) != kauth_cred_getsvuid(ptmp->p_cred))
error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER, &p->p_acflag);
/*
* sgid proc has sgid back to us temporarily
*/
else if (ptmp->p_cred->p_rgid != ptmp->p_cred->p_svgid)
error = suser(p->p_ucred, &p->p_acflag);
else if (kauth_cred_getgid(ptmp->p_cred) != kauth_cred_getsvgid(ptmp->p_cred))
error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER, &p->p_acflag);
/*
* our rgid must be in target's group list (ie,
* sub-processes started by a sgid process)
*/
else {
for (i = 0; i < p->p_ucred->cr_ngroups; i++) {
if (p->p_ucred->cr_groups[i] ==
ptmp->p_cred->p_rgid)
break;
int ismember = 0;
if (kauth_cred_ismember_gid(p->p_cred,
kauth_cred_getgid(ptmp->p_cred), &ismember) != 0 ||
!ismember) {
error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER, &p->p_acflag);
}
if (i == p->p_ucred->cr_ngroups)
error = suser(p->p_ucred, &p->p_acflag);
}
}

47
sys/kern/kern_sig.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_sig.c,v 1.219 2006/05/10 21:53:17 mrg Exp $ */
/* $NetBSD: kern_sig.c,v 1.220 2006/05/14 21:15:11 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1991, 1993
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_sig.c,v 1.219 2006/05/10 21:53:17 mrg Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_sig.c,v 1.220 2006/05/14 21:15:11 elad Exp $");
#include "opt_ktrace.h"
#include "opt_compat_sunos.h"
@ -71,6 +71,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_sig.c,v 1.219 2006/05/10 21:53:17 mrg Exp $");
#include <sys/savar.h>
#include <sys/exec.h>
#include <sys/sysctl.h>
#include <sys/kauth.h>
#include <sys/mount.h>
#include <sys/syscallargs.h>
@ -120,17 +121,6 @@ POOL_INIT(siginfo_pool, sizeof(siginfo_t), 0, 0, 0, "siginfo",
&pool_allocator_nointr);
POOL_INIT(ksiginfo_pool, sizeof(ksiginfo_t), 0, 0, 0, "ksiginfo", NULL);
/*
* Can process p, with pcred pc, send the signal signum to process q?
*/
#define CANSIGNAL(p, pc, q, signum) \
((pc)->pc_ucred->cr_uid == 0 || \
(pc)->p_ruid == (q)->p_cred->p_ruid || \
(pc)->pc_ucred->cr_uid == (q)->p_cred->p_ruid || \
(pc)->p_ruid == (q)->p_ucred->cr_uid || \
(pc)->pc_ucred->cr_uid == (q)->p_ucred->cr_uid || \
((signum) == SIGCONT && (q)->p_session == (p)->p_session))
/*
* Remove and return the first ksiginfo element that matches our requested
* signal, or return NULL if one not found.
@ -778,7 +768,7 @@ sys_kill(struct lwp *l, void *v, register_t *retval)
syscallarg(int) signum;
} */ *uap = v;
struct proc *cp, *p;
struct pcred *pc;
kauth_cred_t pc;
ksiginfo_t ksi;
cp = l->l_proc;
@ -789,12 +779,14 @@ sys_kill(struct lwp *l, void *v, register_t *retval)
ksi.ksi_signo = SCARG(uap, signum);
ksi.ksi_code = SI_USER;
ksi.ksi_pid = cp->p_pid;
ksi.ksi_uid = cp->p_ucred->cr_uid;
ksi.ksi_uid = kauth_cred_geteuid(cp->p_cred);
if (SCARG(uap, pid) > 0) {
/* kill single process */
if ((p = pfind(SCARG(uap, pid))) == NULL)
return (ESRCH);
if (!CANSIGNAL(cp, pc, p, SCARG(uap, signum)))
if (kauth_authorize_process(pc, KAUTH_PROCESS_CANSIGNAL, cp,
p->p_cred, p,
(void *)(unsigned long)SCARG(uap, signum)) != 0)
return (EPERM);
if (SCARG(uap, signum))
kpsignal2(p, &ksi, 1);
@ -819,7 +811,7 @@ int
killpg1(struct proc *cp, ksiginfo_t *ksi, int pgid, int all)
{
struct proc *p;
struct pcred *pc;
kauth_cred_t pc;
struct pgrp *pgrp;
int nfound;
int signum = ksi->ksi_signo;
@ -833,7 +825,10 @@ killpg1(struct proc *cp, ksiginfo_t *ksi, int pgid, int all)
proclist_lock_read();
PROCLIST_FOREACH(p, &allproc) {
if (p->p_pid <= 1 || p->p_flag & P_SYSTEM ||
p == cp || !CANSIGNAL(cp, pc, p, signum))
p == cp ||
kauth_authorize_process(pc,
KAUTH_PROCESS_CANSIGNAL, cp, p->p_cred, p,
(void *)(unsigned long)signum) != 0)
continue;
nfound++;
if (signum)
@ -853,7 +848,9 @@ killpg1(struct proc *cp, ksiginfo_t *ksi, int pgid, int all)
}
LIST_FOREACH(p, &pgrp->pg_members, p_pglist) {
if (p->p_pid <= 1 || p->p_flag & P_SYSTEM ||
!CANSIGNAL(cp, pc, p, signum))
kauth_authorize_process(pc,
KAUTH_PROCESS_CANSIGNAL, cp, p->p_cred, p,
(void *)(unsigned long)signum) != 0)
continue;
nfound++;
if (signum && P_ZOMBIE(p) == 0)
@ -965,7 +962,7 @@ child_psignal(struct proc *p, int dolock)
ksi.ksi_signo = SIGCHLD;
ksi.ksi_code = p->p_xstat == SIGCONT ? CLD_CONTINUED : CLD_STOPPED;
ksi.ksi_pid = p->p_pid;
ksi.ksi_uid = p->p_ucred->cr_uid;
ksi.ksi_uid = kauth_cred_geteuid(p->p_cred);
ksi.ksi_status = p->p_xstat;
ksi.ksi_utime = p->p_stats->p_ru.ru_utime.tv_sec;
ksi.ksi_stime = p->p_stats->p_ru.ru_stime.tv_sec;
@ -2037,8 +2034,8 @@ sigexit(struct lwp *l, int signum)
if (kern_logsigexit) {
/* XXX What if we ever have really large UIDs? */
int uid = p->p_cred && p->p_ucred ?
(int) p->p_ucred->cr_uid : -1;
int uid = p->p_cred && p->p_cred ?
(int) kauth_cred_geteuid(p->p_cred) : -1;
if (error)
log(LOG_INFO, lognocoredump, p->p_pid,
@ -2057,7 +2054,7 @@ sigexit(struct lwp *l, int signum)
struct coredump_iostate {
struct lwp *io_lwp;
struct vnode *io_vp;
struct ucred *io_cred;
kauth_cred_t io_cred;
off_t io_offset;
};
@ -2093,7 +2090,7 @@ coredump(struct lwp *l, const char *pattern)
struct vnode *vp;
struct proc *p;
struct vmspace *vm;
struct ucred *cred;
kauth_cred_t cred;
struct nameidata nd;
struct vattr vattr;
struct mount *mp;
@ -2103,7 +2100,7 @@ coredump(struct lwp *l, const char *pattern)
p = l->l_proc;
vm = p->p_vmspace;
cred = p->p_cred->pc_ucred;
cred = p->p_cred;
/*
* Make sure the process has not set-id, to prevent data leaks,

9
sys/kern/kern_synch.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_synch.c,v 1.160 2005/12/27 04:06:46 chs Exp $ */
/* $NetBSD: kern_synch.c,v 1.161 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1999, 2000, 2004 The NetBSD Foundation, Inc.
@ -76,7 +76,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_synch.c,v 1.160 2005/12/27 04:06:46 chs Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_synch.c,v 1.161 2006/05/14 21:15:11 elad Exp $");
#include "opt_ddb.h"
#include "opt_ktrace.h"
@ -99,6 +99,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_synch.c,v 1.160 2005/12/27 04:06:46 chs Exp $")
#include <sys/sched.h>
#include <sys/sa.h>
#include <sys/savar.h>
#include <sys/kauth.h>
#include <uvm/uvm_extern.h>
@ -969,8 +970,8 @@ mi_switch(struct lwp *l, struct lwp *newl)
rlim->rlim_cur += 5;
}
}
if (autonicetime && s > autonicetime && p->p_ucred->cr_uid &&
p->p_nice == NZERO) {
if (autonicetime && s > autonicetime &&
kauth_cred_geteuid(p->p_cred) && p->p_nice == NZERO) {
p->p_nice = autoniceval + NZERO;
resetpriority(l);
}

26
sys/kern/kern_sysctl.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_sysctl.c,v 1.195 2006/04/17 03:39:39 elad Exp $ */
/* $NetBSD: kern_sysctl.c,v 1.196 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 2003 The NetBSD Foundation, Inc.
@ -75,7 +75,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_sysctl.c,v 1.195 2006/04/17 03:39:39 elad Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_sysctl.c,v 1.196 2006/05/14 21:15:11 elad Exp $");
#include "opt_defcorename.h"
#include "ksyms.h"
@ -90,6 +90,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_sysctl.c,v 1.195 2006/04/17 03:39:39 elad Exp $
#include <sys/mount.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
#include <sys/kauth.h>
#include <machine/stdarg.h>
MALLOC_DEFINE(M_SYSCTLNODE, "sysctlnode", "sysctl node structures");
@ -523,7 +524,8 @@ sysctl_locate(struct lwp *l, const int *name, u_int namelen,
* can anyone traverse this node or only root?
*/
if (l != NULL && (pnode->sysctl_flags & CTLFLAG_PRIVATE) &&
(error = suser(l->l_proc->p_ucred, &l->l_proc->p_acflag))
(error = kauth_authorize_generic(l->l_proc->p_cred,
KAUTH_GENERIC_ISSUSER, &l->l_proc->p_acflag))
!= 0)
return (error);
/*
@ -713,7 +715,8 @@ sysctl_create(SYSCTLFN_ARGS)
#ifndef SYSCTL_DISALLOW_CREATE
if (securelevel > 0)
return (EPERM);
error = suser(l->l_proc->p_ucred, &l->l_proc->p_acflag);
error = kauth_authorize_generic(l->l_proc->p_cred,
KAUTH_GENERIC_ISSUSER, &l->l_proc->p_acflag);
if (error)
return (error);
if (!(rnode->sysctl_flags & CTLFLAG_READWRITE))
@ -1249,7 +1252,8 @@ sysctl_destroy(SYSCTLFN_ARGS)
#ifndef SYSCTL_DISALLOW_CREATE
if (securelevel > 0)
return (EPERM);
error = suser(l->l_proc->p_ucred, &l->l_proc->p_acflag);
error = kauth_authorize_generic(l->l_proc->p_cred,
KAUTH_GENERIC_ISSUSER, &l->l_proc->p_acflag);
if (error)
return (error);
if (!(rnode->sysctl_flags & CTLFLAG_READWRITE))
@ -1415,7 +1419,8 @@ sysctl_lookup(SYSCTLFN_ARGS)
* some nodes are private, so only root can look into them.
*/
if (l != NULL && (rnode->sysctl_flags & CTLFLAG_PRIVATE) &&
(error = suser(l->l_proc->p_ucred, &l->l_proc->p_acflag)) != 0)
(error = kauth_authorize_generic(l->l_proc->p_cred,
KAUTH_GENERIC_ISSUSER, &l->l_proc->p_acflag)) != 0)
return (error);
/*
@ -1426,7 +1431,8 @@ sysctl_lookup(SYSCTLFN_ARGS)
*/
if (l != NULL && newp != NULL &&
!(rnode->sysctl_flags & CTLFLAG_ANYWRITE) &&
(error = suser(l->l_proc->p_ucred, &l->l_proc->p_acflag)) != 0)
(error = kauth_authorize_generic(l->l_proc->p_cred,
KAUTH_GENERIC_ISSUSER, &l->l_proc->p_acflag)) != 0)
return (error);
/*
@ -1662,7 +1668,8 @@ sysctl_describe(SYSCTLFN_ARGS)
#ifndef SYSCTL_DISALLOW_CREATE
if (securelevel > 0)
return (EPERM);
error = suser(l->l_proc->p_ucred,
error = kauth_authorize_generic(l->l_proc->p_cred,
KAUTH_GENERIC_ISSUSER,
&l->l_proc->p_acflag);
if (error)
return (error);
@ -1769,7 +1776,8 @@ sysctl_describe(SYSCTLFN_ARGS)
* don't describe "private" nodes to non-suser users
*/
if ((node[i].sysctl_flags & CTLFLAG_PRIVATE) && (l != NULL) &&
!(suser(l->l_proc->p_ucred, &l->l_proc->p_acflag)))
!(kauth_authorize_generic(l->l_proc->p_cred,
KAUTH_GENERIC_ISSUSER, &l->l_proc->p_acflag)))
continue;
/*

85
sys/kern/kern_systrace.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_systrace.c,v 1.52 2006/03/18 17:44:13 chris Exp $ */
/* $NetBSD: kern_systrace.c,v 1.53 2006/05/14 21:15:11 elad Exp $ */
/*
* Copyright 2002, 2003 Niels Provos <provos@citi.umich.edu>
@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_systrace.c,v 1.52 2006/03/18 17:44:13 chris Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_systrace.c,v 1.53 2006/05/14 21:15:11 elad Exp $");
#include "opt_systrace.h"
@ -58,6 +58,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_systrace.c,v 1.52 2006/03/18 17:44:13 chris Exp
#include <sys/systrace.h>
#include <sys/sa.h>
#include <sys/savar.h>
#include <sys/kauth.h>
#include <compat/common/compat_util.h>
@ -80,16 +81,16 @@ cdev_decl(systrace);
#endif
#ifdef __NetBSD__
int systracef_read(struct file *, off_t *, struct uio *, struct ucred *,
int systracef_read(struct file *, off_t *, struct uio *, kauth_cred_t,
int);
int systracef_write(struct file *, off_t *, struct uio *, struct ucred *,
int systracef_write(struct file *, off_t *, struct uio *, kauth_cred_t,
int);
int systracef_poll(struct file *, int, struct lwp *);
int systracef_ioctl(struct file *, u_long, void *, struct lwp *);
int systracef_close(struct file *, struct lwp *);
#else
int systracef_read(struct file *, off_t *, struct uio *, struct ucred *);
int systracef_write(struct file *, off_t *, struct uio *, struct ucred *);
int systracef_read(struct file *, off_t *, struct uio *, kauth_cred_t);
int systracef_write(struct file *, off_t *, struct uio *, kauth_cred_t);
int systracef_select(struct file *, int, struct proc *);
int systracef_ioctl(struct file *, u_long, caddr_t, struct proc *);
int systracef_stat(struct file *, struct stat *, struct proc *);
@ -229,7 +230,7 @@ const struct cdevsw systrace_cdevsw = {
/* ARGSUSED */
int
systracef_read(struct file *fp, off_t *poff, struct uio *uio,
struct ucred *cred
kauth_cred_t cred
#ifdef __NetBSD__
, int flags
#endif
@ -280,7 +281,7 @@ systracef_read(struct file *fp, off_t *poff, struct uio *uio,
/* ARGSUSED */
int
systracef_write(struct file *fp, off_t *poff, struct uio *uio,
struct ucred *cred
kauth_cred_t cred
#ifdef __NetBSD__
, int flags
#endif
@ -590,10 +591,11 @@ systraceopen(dev_t dev, int flag, int mode, struct lwp *l)
TAILQ_INIT(&fst->messages);
TAILQ_INIT(&fst->policies);
if (suser(p->p_ucred, &p->p_acflag) == 0)
if (kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag) == 0)
fst->issuser = 1;
fst->p_ruid = p->p_cred->p_ruid;
fst->p_rgid = p->p_cred->p_rgid;
fst->p_ruid = kauth_cred_getuid(p->p_cred);
fst->p_rgid = kauth_cred_getgid(p->p_cred);
return fdclone(l, fp, fd, flag, &systracefops, fst);
}
@ -685,7 +687,7 @@ systrace_enter(struct proc *p, register_t code, void *v)
struct str_process *strp;
struct str_policy *strpolicy;
struct fsystrace *fst;
struct pcred *pc;
kauth_cred_t pc;
int policy, error = 0, maycontrol = 0, issuser = 0;
size_t argsize;
@ -714,8 +716,8 @@ systrace_enter(struct proc *p, register_t code, void *v)
maycontrol = 1;
issuser = 1;
} else if (!(p->p_flag & P_SUGID)) {
maycontrol = fst->p_ruid == p->p_cred->p_ruid &&
fst->p_rgid == p->p_cred->p_rgid;
maycontrol = fst->p_ruid == kauth_cred_getuid(p->p_cred) &&
fst->p_rgid == kauth_cred_getgid(p->p_cred);
}
if (!maycontrol) {
@ -790,8 +792,8 @@ systrace_enter(struct proc *p, register_t code, void *v)
pc = p->p_cred;
strp->oldemul = p->p_emul;
strp->olduid = pc->p_ruid;
strp->oldgid = pc->p_rgid;
strp->olduid = kauth_cred_getuid(pc);
strp->oldgid = kauth_cred_getgid(pc);
/* Elevate privileges as desired */
if (issuser) {
@ -819,7 +821,7 @@ systrace_exit(struct proc *p, register_t code, void *v, register_t retval[],
const struct sysent *callp;
struct str_process *strp;
struct fsystrace *fst;
struct pcred *pc;
kauth_cred_t pc;
/* Report change in emulation */
systrace_lock();
@ -834,11 +836,11 @@ systrace_exit(struct proc *p, register_t code, void *v, register_t retval[],
pc = p->p_cred;
if (ISSET(strp->flags, STR_PROC_DIDSETUGID)) {
if (ISSET(strp->flags, STR_PROC_SETEUID)) {
if (pc->pc_ucred->cr_uid == strp->seteuid)
if (kauth_cred_geteuid(pc) == strp->seteuid)
systrace_seteuid(p, strp->saveuid);
}
if (ISSET(strp->flags, STR_PROC_SETEGID)) {
if (pc->pc_ucred->cr_gid == strp->setegid)
if (kauth_cred_getegid(pc) == strp->setegid)
systrace_setegid(p, strp->savegid);
}
}
@ -877,8 +879,8 @@ systrace_exit(struct proc *p, register_t code, void *v, register_t retval[],
/* Report if effective uid or gid changed */
systrace_lock();
strp = p->p_systrace;
if (strp != NULL && (strp->olduid != p->p_cred->p_ruid ||
strp->oldgid != p->p_cred->p_rgid)) {
if (strp != NULL && (strp->olduid != kauth_cred_getuid(p->p_cred) ||
strp->oldgid != kauth_cred_getgid(p->p_cred))) {
fst = strp->parent;
SYSTRACE_LOCK(fst, p);
@ -918,17 +920,19 @@ systrace_exit(struct proc *p, register_t code, void *v, register_t retval[],
uid_t
systrace_seteuid(struct proc *p, uid_t euid)
{
struct pcred *pc = p->p_cred;
uid_t oeuid = pc->pc_ucred->cr_uid;
kauth_cred_t pc = p->p_cred;
uid_t oeuid;
if (pc->pc_ucred->cr_uid == euid)
oeuid = kauth_cred_geteuid(pc);
if (kauth_cred_geteuid(pc) == euid)
return (oeuid);
/*
* Copy credentials so other references do not see our changes.
*/
pc->pc_ucred = crcopy(pc->pc_ucred);
pc->pc_ucred->cr_uid = euid;
pc = kauth_cred_copy(pc);
kauth_cred_seteuid(pc, euid);
p_sugid(p);
return (oeuid);
@ -937,17 +941,19 @@ systrace_seteuid(struct proc *p, uid_t euid)
gid_t
systrace_setegid(struct proc *p, gid_t egid)
{
struct pcred *pc = p->p_cred;
gid_t oegid = pc->pc_ucred->cr_gid;
kauth_cred_t pc = p->p_cred;
gid_t oegid;
if (pc->pc_ucred->cr_gid == egid)
oegid = kauth_cred_getegid(pc);
if (kauth_cred_getegid(pc) == egid)
return (oegid);
/*
* Copy credentials so other references do not see our changes.
*/
pc->pc_ucred = crcopy(pc->pc_ucred);
pc->pc_ucred->cr_gid = egid;
pc = kauth_cred_copy(pc);
kauth_cred_setegid(pc, egid);
p_sugid(p);
return (oegid);
@ -1245,9 +1251,10 @@ systrace_attach(struct fsystrace *fst, pid_t pid)
* special privileges using setuid() from being
* traced. This is good security.]
*/
if ((proc->p_cred->p_ruid != p->p_cred->p_ruid ||
if ((kauth_cred_getuid(proc->p_cred) != kauth_cred_getuid(p->p_cred) ||
ISSET(proc->p_flag, P_SUGID)) &&
(error = suser(p->p_ucred, &p->p_acflag)) != 0)
(error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
goto out;
/*
@ -1312,8 +1319,8 @@ systrace_execve1(char *path, struct proc *p)
* we're not allowed to control the process, escape.
*/
if (fst->issuser ||
fst->p_ruid != p->p_cred->p_ruid ||
fst->p_rgid != p->p_cred->p_rgid) {
fst->p_ruid != kauth_cred_getuid(p->p_cred) ||
fst->p_rgid != kauth_cred_getgid(p->p_cred)) {
SYSTRACE_UNLOCK(fst, curlwp);
return;
}
@ -1472,8 +1479,8 @@ systrace_scriptname(struct proc *p, char *dst)
systrace_unlock();
if (!fst->issuser && (ISSET(p->p_flag, P_SUGID) ||
fst->p_ruid != p->p_cred->p_ruid ||
fst->p_rgid != p->p_cred->p_rgid)) {
fst->p_ruid != kauth_cred_getuid(p->p_cred) ||
fst->p_rgid != kauth_cred_getgid(p->p_cred))) {
error = EPERM;
goto out;
}
@ -1732,8 +1739,8 @@ systrace_msg_ugid(struct fsystrace *fst, struct str_process *strp)
struct str_msg_ugid *msg_ugid = &msg.msg_data.msg_ugid;
struct proc *p = strp->proc;
msg_ugid->uid = p->p_cred->p_ruid;
msg_ugid->gid = p->p_cred->p_rgid;
msg_ugid->uid = kauth_cred_getuid(p->p_cred);
msg_ugid->gid = kauth_cred_getgid(p->p_cred);
return (systrace_make_msg(strp, SYSTR_MSG_UGID, &msg));
}

18
sys/kern/kern_time.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_time.c,v 1.98 2005/12/05 00:16:34 christos Exp $ */
/* $NetBSD: kern_time.c,v 1.99 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 2000, 2004, 2005 The NetBSD Foundation, Inc.
@ -68,7 +68,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_time.c,v 1.98 2005/12/05 00:16:34 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_time.c,v 1.99 2006/05/14 21:15:11 elad Exp $");
#include "fs_nfs.h"
#include "opt_nfs.h"
@ -85,6 +85,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_time.c,v 1.98 2005/12/05 00:16:34 christos Exp
#include <sys/signalvar.h>
#include <sys/syslog.h>
#include <sys/timevar.h>
#include <sys/kauth.h>
#include <sys/mount.h>
#include <sys/syscallargs.h>
@ -141,7 +142,7 @@ settime(struct proc *p, struct timespec *ts)
log(LOG_WARNING, "pid %d (%s) "
"invoked by uid %d ppid %d (%s) "
"tried to set clock forward to %ld\n",
p->p_pid, p->p_comm, pp->p_ucred->cr_uid,
p->p_pid, p->p_comm, kauth_cred_geteuid(pp->p_cred),
pp->p_pid, pp->p_comm, (long)ts->tv_sec);
return (EPERM);
}
@ -223,7 +224,8 @@ sys_clock_settime(struct lwp *l, void *v, register_t *retval)
struct proc *p = l->l_proc;
int error;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
return (clock_settime1(p, SCARG(uap, clock_id), SCARG(uap, tp)));
@ -381,7 +383,8 @@ sys_settimeofday(struct lwp *l, void *v, register_t *retval)
struct proc *p = l->l_proc;
int error;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
return settimeofday1(SCARG(uap, tv), SCARG(uap, tzp), p);
@ -429,7 +432,8 @@ sys_adjtime(struct lwp *l, void *v, register_t *retval)
struct proc *p = l->l_proc;
int error;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
return adjtime1(SCARG(uap, delta), SCARG(uap, olddelta), p);
@ -574,7 +578,7 @@ timer_create1(timer_t *tid, clockid_t id, struct sigevent *evp,
pt->pt_info.ksi_errno = 0;
pt->pt_info.ksi_code = 0;
pt->pt_info.ksi_pid = p->p_pid;
pt->pt_info.ksi_uid = p->p_cred->p_ruid;
pt->pt_info.ksi_uid = kauth_cred_getuid(p->p_cred);
pt->pt_info.ksi_sigval = pt->pt_ev.sigev_value;
pt->pt_type = id;

22
sys/kern/kern_verifiedexec.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_verifiedexec.c,v 1.49 2006/03/30 04:06:42 chs Exp $ */
/* $NetBSD: kern_verifiedexec.c,v 1.50 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright 2005 Elad Efrat <elad@bsd.org.il>
@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.49 2006/03/30 04:06:42 chs Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_verifiedexec.c,v 1.50 2006/05/14 21:15:11 elad Exp $");
#include "opt_verified_exec.h"
@ -259,7 +259,7 @@ veriexec_fp_calc(struct lwp *l, struct vnode *vp,
#else
0,
#endif
l->l_proc->p_ucred, &resid, NULL);
l->l_proc->p_cred, &resid, NULL);
if (error) {
if (do_perpage) {
@ -589,7 +589,7 @@ veriexec_removechk(struct lwp *l, struct vnode *vp, const char *pathbuf)
struct vattr va;
int error;
error = VOP_GETATTR(vp, &va, l->l_proc->p_ucred, l);
error = VOP_GETATTR(vp, &va, l->l_proc->p_cred, l);
if (error)
return (error);
@ -639,7 +639,7 @@ veriexec_renamechk(struct vnode *vp, const char *from, const char *to,
struct vattr va;
int error;
error = VOP_GETATTR(vp, &va, l->l_proc->p_ucred, l);
error = VOP_GETATTR(vp, &va, l->l_proc->p_cred, l);
if (error)
return (error);
@ -648,7 +648,8 @@ veriexec_renamechk(struct vnode *vp, const char *from, const char *to,
"of \"%s\" [%ld:%llu] to \"%s\", uid=%u, pid=%u: "
"Lockdown mode.\n", from, va.va_fsid,
(unsigned long long)va.va_fileid,
to, l->l_proc->p_ucred->cr_uid, l->l_proc->p_pid);
to, kauth_cred_geteuid(l->l_proc->p_cred),
l->l_proc->p_pid);
return (EPERM);
}
@ -660,7 +661,7 @@ veriexec_renamechk(struct vnode *vp, const char *from, const char *to,
"uid=%u, pid=%u: IPS mode, file "
"monitored.\n", from, va.va_fsid,
(unsigned long long)va.va_fileid,
to, l->l_proc->p_ucred->cr_uid,
to, kauth_cred_geteuid(l->l_proc->p_cred),
l->l_proc->p_pid);
return (EPERM);
}
@ -668,7 +669,8 @@ veriexec_renamechk(struct vnode *vp, const char *from, const char *to,
printf("Veriexec: veriexec_rename: Monitored file \"%s\" "
"[%ld:%llu] renamed to \"%s\", uid=%u, pid=%u.\n",
from, va.va_fsid, (unsigned long long)va.va_fileid, to,
l->l_proc->p_ucred->cr_uid, l->l_proc->p_pid);
kauth_cred_geteuid(l->l_proc->p_cred),
l->l_proc->p_pid);
}
return (0);
@ -708,7 +710,7 @@ veriexec_report(const u_char *msg, const u_char *filename,
f("veriexec: %s [%s, %ld:%" PRIu64 ", pid=%u, uid=%u, "
"gid=%u%s", msg, filename, va->va_fsid,
va->va_fileid, l->l_proc->p_pid,
l->l_proc->p_cred->p_ruid,
l->l_proc->p_cred->p_rgid, die ? "]" : "]\n");
kauth_cred_getuid(l->l_proc->p_cred),
kauth_cred_getgid(l->l_proc->p_cred), die ? "]" : "]\n");
}
}

8
sys/kern/kern_xxx.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_xxx.c,v 1.57 2005/12/27 00:28:08 chs Exp $ */
/* $NetBSD: kern_xxx.c,v 1.58 2006/05/14 21:15:11 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1993
@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_xxx.c,v 1.57 2005/12/27 00:28:08 chs Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_xxx.c,v 1.58 2006/05/14 21:15:11 elad Exp $");
#include "opt_syscall_debug.h"
@ -46,6 +46,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_xxx.c,v 1.57 2005/12/27 00:28:08 chs Exp $");
#include <sys/mount.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
#include <sys/kauth.h>
/* ARGSUSED */
int
@ -59,7 +60,8 @@ sys_reboot(struct lwp *l, void *v, register_t *retval)
int error;
char *bootstr, bs[128];
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
/*

17
sys/kern/sys_pipe.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: sys_pipe.c,v 1.71 2006/03/01 12:38:21 yamt Exp $ */
/* $NetBSD: sys_pipe.c,v 1.72 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 2003 The NetBSD Foundation, Inc.
@ -83,7 +83,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: sys_pipe.c,v 1.71 2006/03/01 12:38:21 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: sys_pipe.c,v 1.72 2006/05/14 21:15:11 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -109,6 +109,7 @@ __KERNEL_RCSID(0, "$NetBSD: sys_pipe.c,v 1.71 2006/03/01 12:38:21 yamt Exp $");
#include <uvm/uvm.h>
#include <sys/sysctl.h>
#include <sys/kernel.h>
#include <sys/kauth.h>
#include <sys/pipe.h>
@ -130,9 +131,9 @@ __KERNEL_RCSID(0, "$NetBSD: sys_pipe.c,v 1.71 2006/03/01 12:38:21 yamt Exp $");
* interfaces to the outside world
*/
static int pipe_read(struct file *fp, off_t *offset, struct uio *uio,
struct ucred *cred, int flags);
kauth_cred_t cred, int flags);
static int pipe_write(struct file *fp, off_t *offset, struct uio *uio,
struct ucred *cred, int flags);
kauth_cred_t cred, int flags);
static int pipe_close(struct file *fp, struct lwp *l);
static int pipe_poll(struct file *fp, int events, struct lwp *l);
static int pipe_kqfilter(struct file *fp, struct knote *kn);
@ -411,7 +412,7 @@ pipeselwakeup(struct pipe *selp, struct pipe *sigp, int code)
/* ARGSUSED */
static int
pipe_read(struct file *fp, off_t *offset, struct uio *uio, struct ucred *cred,
pipe_read(struct file *fp, off_t *offset, struct uio *uio, kauth_cred_t cred,
int flags)
{
struct pipe *rpipe = (struct pipe *) fp->f_data;
@ -790,7 +791,7 @@ pipe_direct_write(struct file *fp, struct pipe *wpipe, struct uio *uio)
#endif /* !PIPE_NODIRECT */
static int
pipe_write(struct file *fp, off_t *offset, struct uio *uio, struct ucred *cred,
pipe_write(struct file *fp, off_t *offset, struct uio *uio, kauth_cred_t cred,
int flags)
{
struct pipe *wpipe, *rpipe;
@ -1213,8 +1214,8 @@ pipe_stat(struct file *fp, struct stat *ub, struct lwp *l)
TIMEVAL_TO_TIMESPEC(&pipe->pipe_atime, &ub->st_atimespec);
TIMEVAL_TO_TIMESPEC(&pipe->pipe_mtime, &ub->st_mtimespec);
TIMEVAL_TO_TIMESPEC(&pipe->pipe_ctime, &ub->st_ctimespec);
ub->st_uid = fp->f_cred->cr_uid;
ub->st_gid = fp->f_cred->cr_gid;
ub->st_uid = kauth_cred_geteuid(fp->f_cred);
ub->st_gid = kauth_cred_getegid(fp->f_cred);
/*
* Left as 0: st_dev, st_ino, st_nlink, st_rdev, st_flags, st_gen.
* XXX (st_dev, st_ino) should be unique.

15
sys/kern/sys_process.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: sys_process.c,v 1.102 2006/04/01 22:34:00 christos Exp $ */
/* $NetBSD: sys_process.c,v 1.103 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1982, 1986, 1989, 1993
@ -89,7 +89,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: sys_process.c,v 1.102 2006/04/01 22:34:00 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: sys_process.c,v 1.103 2006/05/14 21:15:11 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -100,6 +100,7 @@ __KERNEL_RCSID(0, "$NetBSD: sys_process.c,v 1.102 2006/04/01 22:34:00 christos E
#include <sys/user.h>
#include <sys/ras.h>
#include <sys/malloc.h>
#include <sys/kauth.h>
#include <sys/mount.h>
#include <sys/sa.h>
@ -176,9 +177,10 @@ sys_ptrace(struct lwp *l, void *v, register_t *retval)
* (4) it's not owned by you, or is set-id on exec
* (unless you're root), or...
*/
if ((t->p_cred->p_ruid != p->p_cred->p_ruid ||
if ((kauth_cred_getuid(t->p_cred) != kauth_cred_getuid(p->p_cred) ||
ISSET(t->p_flag, P_SUGID)) &&
(error = suser(p->p_ucred, &p->p_acflag)) != 0)
(error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
/*
@ -806,9 +808,10 @@ process_checkioperm(struct lwp *l, struct proc *t)
* (2) it's not owned by you, or is set-id on exec
* (unless you're root), or...
*/
if ((t->p_cred->p_ruid != p->p_cred->p_ruid ||
if ((kauth_cred_getuid(t->p_cred) != kauth_cred_getuid(p->p_cred) ||
ISSET(t->p_flag, P_SUGID)) &&
(error = suser(p->p_ucred, &p->p_acflag)) != 0)
(error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
/*

9
sys/kern/sys_socket.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: sys_socket.c,v 1.46 2006/03/01 12:38:21 yamt Exp $ */
/* $NetBSD: sys_socket.c,v 1.47 2006/05/14 21:15:11 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1990, 1993
@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: sys_socket.c,v 1.46 2006/03/01 12:38:21 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: sys_socket.c,v 1.47 2006/05/14 21:15:11 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -45,6 +45,7 @@ __KERNEL_RCSID(0, "$NetBSD: sys_socket.c,v 1.46 2006/03/01 12:38:21 yamt Exp $")
#include <sys/stat.h>
#include <sys/poll.h>
#include <sys/proc.h>
#include <sys/kauth.h>
#include <net/if.h>
#include <net/route.h>
@ -56,7 +57,7 @@ struct fileops socketops = {
/* ARGSUSED */
int
soo_read(struct file *fp, off_t *offset, struct uio *uio, struct ucred *cred,
soo_read(struct file *fp, off_t *offset, struct uio *uio, kauth_cred_t cred,
int flags)
{
struct socket *so = (struct socket *) fp->f_data;
@ -66,7 +67,7 @@ soo_read(struct file *fp, off_t *offset, struct uio *uio, struct ucred *cred,
/* ARGSUSED */
int
soo_write(struct file *fp, off_t *offset, struct uio *uio, struct ucred *cred,
soo_write(struct file *fp, off_t *offset, struct uio *uio, kauth_cred_t cred,
int flags)
{
struct socket *so = (struct socket *) fp->f_data;

24
sys/kern/sysv_ipc.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: sysv_ipc.c,v 1.16 2005/12/07 06:14:13 thorpej Exp $ */
/* $NetBSD: sysv_ipc.c,v 1.17 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1998 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: sysv_ipc.c,v 1.16 2005/12/07 06:14:13 thorpej Exp $");
__KERNEL_RCSID(0, "$NetBSD: sysv_ipc.c,v 1.17 2006/05/14 21:15:11 elad Exp $");
#include <sys/param.h>
#include <sys/kernel.h>
@ -47,30 +47,32 @@ __KERNEL_RCSID(0, "$NetBSD: sysv_ipc.c,v 1.16 2005/12/07 06:14:13 thorpej Exp $"
#include <sys/mount.h>
#include <sys/vnode.h>
#include <sys/stat.h>
#include <sys/kauth.h>
/*
* Check for ipc permission
*/
int
ipcperm(struct ucred *cred, struct ipc_perm *perm, int mode)
ipcperm(kauth_cred_t cred, struct ipc_perm *perm, int mode)
{
mode_t mask;
int ismember = 0;
if (cred->cr_uid == 0)
if (kauth_cred_geteuid(cred) == 0)
return (0);
if (mode == IPC_M) {
if (cred->cr_uid == perm->uid ||
cred->cr_uid == perm->cuid)
if (kauth_cred_geteuid(cred) == perm->uid ||
kauth_cred_geteuid(cred) == perm->cuid)
return (0);
return (EPERM);
}
mask = 0;
if (cred->cr_uid == perm->uid ||
cred->cr_uid == perm->cuid) {
if (kauth_cred_geteuid(cred) == perm->uid ||
kauth_cred_geteuid(cred) == perm->cuid) {
if (mode & IPC_R)
mask |= S_IRUSR;
if (mode & IPC_W)
@ -78,8 +80,10 @@ ipcperm(struct ucred *cred, struct ipc_perm *perm, int mode)
return ((perm->mode & mask) == mask ? 0 : EACCES);
}
if (cred->cr_gid == perm->gid || groupmember(perm->gid, cred) ||
cred->cr_gid == perm->cgid || groupmember(perm->cgid, cred)) {
if (kauth_cred_getegid(cred) == perm->gid ||
(kauth_cred_ismember_gid(cred, perm->gid, &ismember) == 0 && ismember) ||
kauth_cred_getegid(cred) == perm->cgid ||
(kauth_cred_ismember_gid(cred, perm->cgid, &ismember) == 0 && ismember)) {
if (mode & IPC_R)
mask |= S_IRGRP;
if (mode & IPC_W)

23
sys/kern/sysv_msg.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: sysv_msg.c,v 1.41 2006/03/06 14:24:13 cube Exp $ */
/* $NetBSD: sysv_msg.c,v 1.42 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1999 The NetBSD Foundation, Inc.
@ -57,7 +57,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: sysv_msg.c,v 1.41 2006/03/06 14:24:13 cube Exp $");
__KERNEL_RCSID(0, "$NetBSD: sysv_msg.c,v 1.42 2006/05/14 21:15:11 elad Exp $");
#define SYSVMSG
@ -68,6 +68,7 @@ __KERNEL_RCSID(0, "$NetBSD: sysv_msg.c,v 1.41 2006/03/06 14:24:13 cube Exp $");
#include <sys/mount.h> /* XXX for <sys/syscallargs.h> */
#include <sys/sa.h>
#include <sys/syscallargs.h>
#include <sys/kauth.h>
#define MSG_DEBUG
#undef MSG_DEBUG_OK
@ -211,7 +212,7 @@ sys___msgctl13(struct lwp *l, void *v, register_t *retval)
int
msgctl1(struct proc *p, int msqid, int cmd, struct msqid_ds *msqbuf)
{
struct ucred *cred = p->p_ucred;
kauth_cred_t cred = p->p_cred;
struct msqid_ds *msqptr;
int error = 0, ix;
@ -269,7 +270,7 @@ msgctl1(struct proc *p, int msqid, int cmd, struct msqid_ds *msqbuf)
case IPC_SET:
if ((error = ipcperm(cred, &msqptr->msg_perm, IPC_M)))
return (error);
if (msqbuf->msg_qbytes > msqptr->msg_qbytes && cred->cr_uid != 0)
if (msqbuf->msg_qbytes > msqptr->msg_qbytes && kauth_cred_geteuid(cred) != 0)
return (EPERM);
if (msqbuf->msg_qbytes > msginfo.msgmnb) {
MSG_PRINTF(("can't increase msg_qbytes beyond %d "
@ -316,7 +317,7 @@ sys_msgget(struct lwp *l, void *v, register_t *retval)
int msqid, error;
int key = SCARG(uap, key);
int msgflg = SCARG(uap, msgflg);
struct ucred *cred = p->p_ucred;
kauth_cred_t cred = p->p_cred;
struct msqid_ds *msqptr = NULL;
MSG_PRINTF(("msgget(0x%x, 0%o)\n", key, msgflg));
@ -364,10 +365,10 @@ sys_msgget(struct lwp *l, void *v, register_t *retval)
}
MSG_PRINTF(("msqid %d is available\n", msqid));
msqptr->msg_perm._key = key;
msqptr->msg_perm.cuid = cred->cr_uid;
msqptr->msg_perm.uid = cred->cr_uid;
msqptr->msg_perm.cgid = cred->cr_gid;
msqptr->msg_perm.gid = cred->cr_gid;
msqptr->msg_perm.cuid = kauth_cred_geteuid(cred);
msqptr->msg_perm.uid = kauth_cred_geteuid(cred);
msqptr->msg_perm.cgid = kauth_cred_getegid(cred);
msqptr->msg_perm.gid = kauth_cred_getegid(cred);
msqptr->msg_perm.mode = (msgflg & 0777);
/* Make sure that the returned msqid is unique */
msqptr->msg_perm._seq++;
@ -411,7 +412,7 @@ msgsnd1(struct proc *p, int msqidr, const char *user_msgp, size_t msgsz,
int msgflg, size_t typesz, copyin_t fetch_type)
{
int segs_needed, error, msqid;
struct ucred *cred = p->p_ucred;
kauth_cred_t cred = p->p_cred;
struct msqid_ds *msqptr;
struct __msg *msghdr;
short next;
@ -690,7 +691,7 @@ msgrcv1(struct proc *p, int msqidr, char *user_msgp, size_t msgsz, long msgtyp,
int msgflg, size_t typesz, copyout_t put_type, register_t *retval)
{
size_t len;
struct ucred *cred = p->p_ucred;
kauth_cred_t cred = p->p_cred;
struct msqid_ds *msqptr;
struct __msg *msghdr;
int error, msqid;

23
sys/kern/sysv_sem.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: sysv_sem.c,v 1.60 2006/04/15 04:26:43 christos Exp $ */
/* $NetBSD: sysv_sem.c,v 1.61 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1999 The NetBSD Foundation, Inc.
@ -46,7 +46,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: sysv_sem.c,v 1.60 2006/04/15 04:26:43 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: sysv_sem.c,v 1.61 2006/05/14 21:15:11 elad Exp $");
#define SYSVSEM
@ -58,6 +58,7 @@ __KERNEL_RCSID(0, "$NetBSD: sysv_sem.c,v 1.60 2006/04/15 04:26:43 christos Exp $
#include <sys/mount.h> /* XXX for <sys/syscallargs.h> */
#include <sys/sa.h>
#include <sys/syscallargs.h>
#include <sys/kauth.h>
static int semtot = 0;
struct semid_ds *sema; /* semaphore id pool */
@ -335,7 +336,7 @@ int
semctl1(struct proc *p, int semid, int semnum, int cmd, void *v,
register_t *retval)
{
struct ucred *cred = p->p_ucred;
kauth_cred_t cred = p->p_cred;
union __semun *arg = v;
struct semid_ds *sembuf = v, *semaptr;
int i, error, ix;
@ -356,8 +357,8 @@ semctl1(struct proc *p, int semid, int semnum, int cmd, void *v,
case IPC_RMID:
if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_M)) != 0)
return (error);
semaptr->sem_perm.cuid = cred->cr_uid;
semaptr->sem_perm.uid = cred->cr_uid;
semaptr->sem_perm.cuid = kauth_cred_geteuid(cred);
semaptr->sem_perm.uid = kauth_cred_geteuid(cred);
semtot -= semaptr->sem_nsems;
for (i = semaptr->_sem_base - sem; i < semtot; i++)
sem[i] = sem[i + semaptr->sem_nsems];
@ -476,7 +477,7 @@ sys_semget(struct lwp *l, void *v, register_t *retval)
int key = SCARG(uap, key);
int nsems = SCARG(uap, nsems);
int semflg = SCARG(uap, semflg);
struct ucred *cred = l->l_proc->p_ucred;
kauth_cred_t cred = l->l_proc->p_cred;
SEM_PRINTF(("semget(0x%x, %d, 0%o)\n", key, nsems, semflg));
@ -526,10 +527,10 @@ sys_semget(struct lwp *l, void *v, register_t *retval)
}
SEM_PRINTF(("semid %d is available\n", semid));
sema[semid].sem_perm._key = key;
sema[semid].sem_perm.cuid = cred->cr_uid;
sema[semid].sem_perm.uid = cred->cr_uid;
sema[semid].sem_perm.cgid = cred->cr_gid;
sema[semid].sem_perm.gid = cred->cr_gid;
sema[semid].sem_perm.cuid = kauth_cred_geteuid(cred);
sema[semid].sem_perm.uid = kauth_cred_geteuid(cred);
sema[semid].sem_perm.cgid = kauth_cred_getegid(cred);
sema[semid].sem_perm.gid = kauth_cred_getegid(cred);
sema[semid].sem_perm.mode = (semflg & 0777) | SEM_ALLOC;
sema[semid].sem_perm._seq =
(sema[semid].sem_perm._seq + 1) & 0x7fff;
@ -571,7 +572,7 @@ sys_semop(struct lwp *l, void *v, register_t *retval)
struct sembuf *sopptr = NULL;
struct __sem *semptr = NULL;
struct sem_undo *suptr = NULL;
struct ucred *cred = p->p_ucred;
kauth_cred_t cred = p->p_cred;
int i, eval;
int do_wakeup, do_undos;

17
sys/kern/sysv_shm.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: sysv_shm.c,v 1.86 2005/12/07 06:14:13 thorpej Exp $ */
/* $NetBSD: sysv_shm.c,v 1.87 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1999 The NetBSD Foundation, Inc.
@ -68,7 +68,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: sysv_shm.c,v 1.86 2005/12/07 06:14:13 thorpej Exp $");
__KERNEL_RCSID(0, "$NetBSD: sysv_shm.c,v 1.87 2006/05/14 21:15:11 elad Exp $");
#define SYSVSHM
@ -84,6 +84,7 @@ __KERNEL_RCSID(0, "$NetBSD: sysv_shm.c,v 1.86 2005/12/07 06:14:13 thorpej Exp $"
#include <sys/syscallargs.h>
#include <sys/queue.h>
#include <sys/pool.h>
#include <sys/kauth.h>
#include <uvm/uvm_extern.h>
#include <uvm/uvm_object.h>
@ -307,7 +308,7 @@ sys_shmat(struct lwp *l, void *v, register_t *retval)
} */ *uap = v;
int error, flags;
struct proc *p = l->l_proc;
struct ucred *cred = p->p_ucred;
kauth_cred_t cred = p->p_cred;
struct shmid_ds *shmseg;
struct shmmap_state *shmmap_s;
struct uvm_object *uobj;
@ -405,7 +406,7 @@ sys___shmctl13(struct lwp *l, void *v, register_t *retval)
int
shmctl1(struct proc *p, int shmid, int cmd, struct shmid_ds *shmbuf)
{
struct ucred *cred = p->p_ucred;
kauth_cred_t cred = p->p_cred;
struct shmid_ds *shmseg;
int error = 0;
@ -451,7 +452,7 @@ shmget_existing(struct proc *p, struct sys_shmget_args *uap, int mode,
int segnum, register_t *retval)
{
struct shmid_ds *shmseg;
struct ucred *cred = p->p_ucred;
kauth_cred_t cred = p->p_cred;
int error;
shmseg = &shmsegs[segnum];
@ -483,7 +484,7 @@ shmget_allocate_segment(struct proc *p, struct sys_shmget_args *uap, int mode,
register_t *retval)
{
int i, segnum, shmid, size;
struct ucred *cred = p->p_ucred;
kauth_cred_t cred = p->p_cred;
struct shmid_ds *shmseg;
int error = 0;
@ -518,8 +519,8 @@ shmget_allocate_segment(struct proc *p, struct sys_shmget_args *uap, int mode,
shmseg->_shm_internal = uao_create(size, 0);
shmseg->shm_perm.cuid = shmseg->shm_perm.uid = cred->cr_uid;
shmseg->shm_perm.cgid = shmseg->shm_perm.gid = cred->cr_gid;
shmseg->shm_perm.cuid = shmseg->shm_perm.uid = kauth_cred_geteuid(cred);
shmseg->shm_perm.cgid = shmseg->shm_perm.gid = kauth_cred_getegid(cred);
shmseg->shm_perm.mode = (shmseg->shm_perm.mode & SHMSEG_WANTED) |
(mode & (ACCESSPERMS|SHMSEG_RMLINGER)) | SHMSEG_ALLOCATED;
shmseg->shm_segsz = SCARG(uap, size);

11
sys/kern/tty.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: tty.c,v 1.181 2006/05/10 21:53:18 mrg Exp $ */
/* $NetBSD: tty.c,v 1.182 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1982, 1986, 1990, 1991, 1993
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: tty.c,v 1.181 2006/05/10 21:53:18 mrg Exp $");
__KERNEL_RCSID(0, "$NetBSD: tty.c,v 1.182 2006/05/14 21:15:11 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -61,6 +61,7 @@ __KERNEL_RCSID(0, "$NetBSD: tty.c,v 1.181 2006/05/10 21:53:18 mrg Exp $");
#include <sys/kprintf.h>
#include <sys/namei.h>
#include <sys/sysctl.h>
#include <sys/kauth.h>
#include <machine/stdarg.h>
@ -922,7 +923,7 @@ ttioctl(struct tty *tp, u_long cmd, caddr_t data, int flag, struct lwp *l)
"/dev/console", l);
if ((error = namei(&nd)) != 0)
return error;
error = VOP_ACCESS(nd.ni_vp, VREAD, p->p_ucred, l);
error = VOP_ACCESS(nd.ni_vp, VREAD, p->p_cred, l);
vput(nd.ni_vp);
if (error)
return error;
@ -1111,9 +1112,9 @@ ttioctl(struct tty *tp, u_long cmd, caddr_t data, int flag, struct lwp *l)
splx(s);
break;
case TIOCSTI: /* simulate terminal input */
if (p->p_ucred->cr_uid && (flag & FREAD) == 0)
if (kauth_cred_geteuid(p->p_cred) && (flag & FREAD) == 0)
return (EPERM);
if (p->p_ucred->cr_uid && !isctty(p, tp))
if (kauth_cred_geteuid(p->p_cred) && !isctty(p, tp))
return (EACCES);
(*tp->t_linesw->l_rint)(*(u_char *)data, tp);
break;

7
sys/kern/tty_bsdpty.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: tty_bsdpty.c,v 1.7 2006/04/13 17:44:24 christos Exp $ */
/* $NetBSD: tty_bsdpty.c,v 1.8 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 2004 The NetBSD Foundation, Inc.
@ -34,7 +34,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: tty_bsdpty.c,v 1.7 2006/04/13 17:44:24 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: tty_bsdpty.c,v 1.8 2006/05/14 21:15:11 elad Exp $");
#include "opt_ptm.h"
@ -59,6 +59,7 @@ __KERNEL_RCSID(0, "$NetBSD: tty_bsdpty.c,v 1.7 2006/04/13 17:44:24 christos Exp
#include <sys/poll.h>
#include <sys/malloc.h>
#include <sys/pty.h>
#include <sys/kauth.h>
/*
* pts == /dev/tty[pqrs]?
@ -146,7 +147,7 @@ pty_getvattr(struct ptm_pty *ptm, struct proc *p, struct vattr *vattr)
{
VATTR_NULL(vattr);
/* get real uid */
vattr->va_uid = p->p_cred->p_ruid;
vattr->va_uid = kauth_cred_getuid(p->p_cred);
vattr->va_gid = TTY_GID;
vattr->va_mode = TTY_PERM;
}

17
sys/kern/tty_ptm.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: tty_ptm.c,v 1.8 2006/04/13 17:44:24 christos Exp $ */
/* $NetBSD: tty_ptm.c,v 1.9 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 2004 The NetBSD Foundation, Inc.
@ -34,7 +34,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: tty_ptm.c,v 1.8 2006/04/13 17:44:24 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: tty_ptm.c,v 1.9 2006/05/14 21:15:11 elad Exp $");
#include "opt_ptm.h"
@ -58,6 +58,7 @@ __KERNEL_RCSID(0, "$NetBSD: tty_ptm.c,v 1.8 2006/04/13 17:44:24 christos Exp $")
#include <sys/poll.h>
#include <sys/malloc.h>
#include <sys/pty.h>
#include <sys/kauth.h>
#ifdef DEBUG_PTM
#define DPRINTF(a) printf a
@ -112,7 +113,7 @@ pty_getfree(void)
int
pty_vn_open(struct vnode *vp, struct lwp *l)
{
struct ucred *cred;
kauth_cred_t cred;
int error;
if (vp->v_type != VCHR) {
@ -123,9 +124,9 @@ pty_vn_open(struct vnode *vp, struct lwp *l)
/*
* Get us a fresh cred with root privileges.
*/
cred = crget();
cred = kauth_cred_alloc();
error = VOP_OPEN(vp, FREAD|FWRITE, cred, l);
crfree(cred);
kauth_cred_free(cred);
if (error) {
vput(vp);
@ -216,12 +217,12 @@ pty_grant_slave(struct lwp *l, dev_t dev)
if ((vp->v_mount->mnt_flag & MNT_RDONLY) == 0) {
struct vattr vattr;
struct ucred *cred;
kauth_cred_t cred;
(*ptm->getvattr)(ptm, l->l_proc, &vattr);
/* Get a fake cred to pretend we're root. */
cred = crget();
cred = kauth_cred_alloc();
error = VOP_SETATTR(vp, &vattr, cred, l);
crfree(cred);
kauth_cred_free(cred);
if (error) {
DPRINTF(("setattr %d\n", error));
VOP_UNLOCK(vp, 0);

7
sys/kern/tty_pty.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: tty_pty.c,v 1.88 2006/04/13 17:44:24 christos Exp $ */
/* $NetBSD: tty_pty.c,v 1.89 2006/05/14 21:15:11 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1993
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: tty_pty.c,v 1.88 2006/04/13 17:44:24 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: tty_pty.c,v 1.89 2006/05/14 21:15:11 elad Exp $");
#include "opt_compat_sunos.h"
#include "opt_ptm.h"
@ -60,6 +60,7 @@ __KERNEL_RCSID(0, "$NetBSD: tty_pty.c,v 1.88 2006/04/13 17:44:24 christos Exp $"
#include <sys/poll.h>
#include <sys/malloc.h>
#include <sys/pty.h>
#include <sys/kauth.h>
#define DEFAULT_NPTYS 16 /* default number of initial ptys */
#define DEFAULT_MAXPTYS 992 /* default maximum number of ptys */
@ -332,7 +333,7 @@ ptsopen(dev, flag, devtype, l)
tp->t_cflag = TTYDEF_CFLAG;
tp->t_ispeed = tp->t_ospeed = TTYDEF_SPEED;
ttsetwater(tp); /* would be done in xxparam() */
} else if (ISSET(tp->t_state, TS_XCLUDE) && p->p_ucred->cr_uid != 0)
} else if (ISSET(tp->t_state, TS_XCLUDE) && kauth_cred_geteuid(p->p_cred) != 0)
return (EBUSY);
if (tp->t_oproc) /* Ctrlr still around. */
SET(tp->t_state, TS_CARR_ON);

7
sys/kern/tty_tty.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: tty_tty.c,v 1.27 2006/03/01 12:38:21 yamt Exp $ */
/* $NetBSD: tty_tty.c,v 1.28 2006/05/14 21:15:11 elad Exp $ */
/*-
* Copyright (c) 1982, 1986, 1991, 1993, 1995
@ -36,7 +36,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: tty_tty.c,v 1.27 2006/03/01 12:38:21 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: tty_tty.c,v 1.28 2006/05/14 21:15:11 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -46,6 +46,7 @@ __KERNEL_RCSID(0, "$NetBSD: tty_tty.c,v 1.27 2006/03/01 12:38:21 yamt Exp $");
#include <sys/vnode.h>
#include <sys/file.h>
#include <sys/conf.h>
#include <sys/kauth.h>
#define cttyvp(p) ((p)->p_flag & P_CONTROLT ? (p)->p_session->s_ttyvp : NULL)
@ -69,7 +70,7 @@ cttyopen(dev_t dev, int flag, int mode, struct lwp *l)
* to delete this test. (mckusick 5/93)
*/
error = VOP_ACCESS(ttyvp,
(flag&FREAD ? VREAD : 0) | (flag&FWRITE ? VWRITE : 0), p->p_ucred, p);
(flag&FREAD ? VREAD : 0) | (flag&FWRITE ? VWRITE : 0), p->p_cred, p);
if (!error)
#endif /* PARANOID */
error = VOP_OPEN(ttyvp, flag, NOCRED, l);

9
sys/kern/uipc_domain.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: uipc_domain.c,v 1.56 2006/04/15 04:41:52 christos Exp $ */
/* $NetBSD: uipc_domain.c,v 1.57 2006/05/14 21:15:12 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1993
@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: uipc_domain.c,v 1.56 2006/04/15 04:41:52 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: uipc_domain.c,v 1.57 2006/05/14 21:15:12 elad Exp $");
#include <sys/param.h>
#include <sys/socket.h>
@ -50,6 +50,7 @@ __KERNEL_RCSID(0, "$NetBSD: uipc_domain.c,v 1.56 2006/04/15 04:41:52 christos Ex
#include <sys/un.h>
#include <sys/unpcb.h>
#include <sys/file.h>
#include <sys/kauth.h>
void pffasttimo(void *);
void pfslowtimo(void *);
@ -284,7 +285,9 @@ sysctl_unpcblist(SYSCTLFN_ARGS)
* to walk the file list looking for them. :-/
*/
LIST_FOREACH(fp, &filehead, f_list) {
if (CURTAIN(l->l_proc->p_ucred->cr_uid, fp->f_cred->cr_uid))
if (kauth_authorize_process(l->l_proc->p_cred,
KAUTH_PROCESS_CANSEE, l->l_proc, fp->f_cred, NULL,
NULL) != 0)
continue;
if (fp->f_type != DTYPE_SOCKET)
continue;

24
sys/kern/uipc_sem.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: uipc_sem.c,v 1.13 2006/03/05 00:49:19 cube Exp $ */
/* $NetBSD: uipc_sem.c,v 1.14 2006/05/14 21:15:12 elad Exp $ */
/*-
* Copyright (c) 2003 The NetBSD Foundation, Inc.
@ -63,7 +63,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: uipc_sem.c,v 1.13 2006/03/05 00:49:19 cube Exp $");
__KERNEL_RCSID(0, "$NetBSD: uipc_sem.c,v 1.14 2006/05/14 21:15:12 elad Exp $");
#include "opt_posix.h"
@ -78,6 +78,7 @@ __KERNEL_RCSID(0, "$NetBSD: uipc_sem.c,v 1.13 2006/03/05 00:49:19 cube Exp $");
#include <sys/stat.h>
#include <sys/malloc.h>
#include <sys/fcntl.h>
#include <sys/kauth.h>
#include <sys/mount.h>
@ -243,13 +244,14 @@ ksem_drop_proc(struct ksem_proc *kp, struct ksem *ks)
static int
ksem_perm(struct proc *p, struct ksem *ks)
{
struct ucred *uc;
kauth_cred_t uc;
LOCK_ASSERT(simple_lock_held(&ks->ks_interlock));
uc = p->p_ucred;
if ((uc->cr_uid == ks->ks_uid && (ks->ks_mode & S_IWUSR) != 0) ||
(uc->cr_gid == ks->ks_gid && (ks->ks_mode & S_IWGRP) != 0) ||
(ks->ks_mode & S_IWOTH) != 0 || suser(uc, &p->p_acflag) == 0)
uc = p->p_cred;
if ((kauth_cred_geteuid(uc) == ks->ks_uid && (ks->ks_mode & S_IWUSR) != 0) ||
(kauth_cred_getegid(uc) == ks->ks_gid && (ks->ks_mode & S_IWGRP) != 0) ||
(ks->ks_mode & S_IWOTH) != 0 ||
kauth_authorize_generic(uc, KAUTH_GENERIC_ISSUSER, &p->p_acflag) == 0)
return (0);
return (EPERM);
}
@ -287,10 +289,10 @@ ksem_create(struct proc *p, const char *name, struct ksem **ksret,
mode_t mode, unsigned int value)
{
struct ksem *ret;
struct ucred *uc;
kauth_cred_t uc;
size_t len;
uc = p->p_ucred;
uc = p->p_cred;
if (value > SEM_VALUE_MAX)
return (EINVAL);
ret = malloc(sizeof(*ret), M_SEM, M_WAITOK | M_ZERO);
@ -313,8 +315,8 @@ ksem_create(struct proc *p, const char *name, struct ksem **ksret,
ret->ks_value = value;
ret->ks_ref = 1;
ret->ks_waiters = 0;
ret->ks_uid = uc->cr_uid;
ret->ks_gid = uc->cr_gid;
ret->ks_uid = kauth_cred_geteuid(uc);
ret->ks_gid = kauth_cred_getegid(uc);
simple_lock_init(&ret->ks_interlock);
simple_lock(&ksem_slock);

7
sys/kern/uipc_socket.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: uipc_socket.c,v 1.117 2006/04/11 09:32:58 yamt Exp $ */
/* $NetBSD: uipc_socket.c,v 1.118 2006/05/14 21:15:12 elad Exp $ */
/*-
* Copyright (c) 2002 The NetBSD Foundation, Inc.
@ -68,7 +68,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.117 2006/04/11 09:32:58 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.118 2006/05/14 21:15:12 elad Exp $");
#include "opt_sock_counters.h"
#include "opt_sosend_loan.h"
@ -91,6 +91,7 @@ __KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.117 2006/04/11 09:32:58 yamt Exp $
#include <sys/pool.h>
#include <sys/event.h>
#include <sys/poll.h>
#include <sys/kauth.h>
#include <uvm/uvm.h>
@ -478,7 +479,7 @@ socreate(int dom, struct socket **aso, int type, int proto, struct lwp *l)
so->so_mowner = &prp->pr_domain->dom_mowner;
#endif
if (l != NULL) {
uid = l->l_proc->p_ucred->cr_uid;
uid = kauth_cred_geteuid(l->l_proc->p_cred);
} else {
uid = 0;
}

7
sys/kern/uipc_socket2.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: uipc_socket2.c,v 1.70 2005/12/24 19:12:23 perry Exp $ */
/* $NetBSD: uipc_socket2.c,v 1.71 2006/05/14 21:15:12 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1988, 1990, 1993
@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: uipc_socket2.c,v 1.70 2005/12/24 19:12:23 perry Exp $");
__KERNEL_RCSID(0, "$NetBSD: uipc_socket2.c,v 1.71 2006/05/14 21:15:12 elad Exp $");
#include "opt_mbuftrace.h"
#include "opt_sb_max.h"
@ -49,6 +49,7 @@ __KERNEL_RCSID(0, "$NetBSD: uipc_socket2.c,v 1.70 2005/12/24 19:12:23 perry Exp
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/signalvar.h>
#include <sys/kauth.h>
/*
* Primitive routines for operating on sockets and socket buffers
@ -410,7 +411,7 @@ sbreserve(struct sockbuf *sb, u_long cc, struct socket *so)
if (cc == 0 || cc > sb_max_adj)
return (0);
if (so) {
if (p && p->p_ucred->cr_uid == so->so_uidinfo->ui_uid)
if (p && kauth_cred_geteuid(p->p_cred) == so->so_uidinfo->ui_uid)
maxcc = p->p_rlimit[RLIMIT_SBSIZE].rlim_cur;
else
maxcc = RLIM_INFINITY;

25
sys/kern/uipc_usrreq.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: uipc_usrreq.c,v 1.90 2006/04/14 23:15:21 christos Exp $ */
/* $NetBSD: uipc_usrreq.c,v 1.91 2006/05/14 21:15:12 elad Exp $ */
/*-
* Copyright (c) 1998, 2000, 2004 The NetBSD Foundation, Inc.
@ -103,7 +103,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: uipc_usrreq.c,v 1.90 2006/04/14 23:15:21 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: uipc_usrreq.c,v 1.91 2006/05/14 21:15:12 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -120,6 +120,7 @@ __KERNEL_RCSID(0, "$NetBSD: uipc_usrreq.c,v 1.90 2006/04/14 23:15:21 christos Ex
#include <sys/file.h>
#include <sys/stat.h>
#include <sys/mbuf.h>
#include <sys/kauth.h>
/*
* Unix communications domain.
@ -650,7 +651,7 @@ restart:
VATTR_NULL(&vattr);
vattr.va_type = VSOCK;
vattr.va_mode = ACCESSPERMS & ~(p->p_cwdi->cwdi_cmask);
VOP_LEASE(nd.ni_dvp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(nd.ni_dvp, l, p->p_cred, LEASE_WRITE);
error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
vn_finished_write(mp, 0);
if (error)
@ -699,7 +700,7 @@ unp_connect(struct socket *so, struct mbuf *nam, struct lwp *l)
error = ENOTSOCK;
goto bad;
}
if ((error = VOP_ACCESS(vp, VWRITE, l->l_proc->p_ucred, l)) != 0)
if ((error = VOP_ACCESS(vp, VWRITE, l->l_proc->p_cred, l)) != 0)
goto bad;
so2 = vp->v_socket;
if (so2 == 0) {
@ -1048,8 +1049,8 @@ unp_addsockcred(struct proc *p, struct mbuf *control)
struct mbuf *m, *n;
int len, space, i;
len = CMSG_LEN(SOCKCREDSIZE(p->p_ucred->cr_ngroups));
space = CMSG_SPACE(SOCKCREDSIZE(p->p_ucred->cr_ngroups));
len = CMSG_LEN(SOCKCREDSIZE(kauth_cred_ngroups(p->p_cred)));
space = CMSG_SPACE(SOCKCREDSIZE(kauth_cred_ngroups(p->p_cred)));
m = m_get(M_WAIT, MT_CONTROL);
if (space > MLEN) {
@ -1070,13 +1071,13 @@ unp_addsockcred(struct proc *p, struct mbuf *control)
cmp->cmsg_len = len;
cmp->cmsg_level = SOL_SOCKET;
cmp->cmsg_type = SCM_CREDS;
sc->sc_uid = p->p_cred->p_ruid;
sc->sc_euid = p->p_ucred->cr_uid;
sc->sc_gid = p->p_cred->p_rgid;
sc->sc_egid = p->p_ucred->cr_gid;
sc->sc_ngroups = p->p_ucred->cr_ngroups;
sc->sc_uid = kauth_cred_getuid(p->p_cred);
sc->sc_euid = kauth_cred_geteuid(p->p_cred);
sc->sc_gid = kauth_cred_getgid(p->p_cred);
sc->sc_egid = kauth_cred_getegid(p->p_cred);
sc->sc_ngroups = kauth_cred_ngroups(p->p_cred);
for (i = 0; i < sc->sc_ngroups; i++)
sc->sc_groups[i] = p->p_ucred->cr_groups[i];
sc->sc_groups[i] = kauth_cred_group(p->p_cred, i);
/*
* If a control message already exists, append us to the end.

15
sys/kern/vfs_bio.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_bio.c,v 1.159 2006/04/05 00:52:16 uwe Exp $ */
/* $NetBSD: vfs_bio.c,v 1.160 2006/05/14 21:15:12 elad Exp $ */
/*-
* Copyright (c) 1982, 1986, 1989, 1993
@ -82,7 +82,7 @@
#include "opt_softdep.h"
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_bio.c,v 1.159 2006/04/05 00:52:16 uwe Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_bio.c,v 1.160 2006/05/14 21:15:12 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -95,6 +95,7 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_bio.c,v 1.159 2006/04/05 00:52:16 uwe Exp $");
#include <sys/resourcevar.h>
#include <sys/sysctl.h>
#include <sys/conf.h>
#include <sys/kauth.h>
#include <uvm/uvm.h>
@ -124,7 +125,7 @@ static int buf_trim(void);
static void *bufpool_page_alloc(struct pool *, int);
static void bufpool_page_free(struct pool *, void *);
static inline struct buf *bio_doread(struct vnode *, daddr_t, int,
struct ucred *, int);
kauth_cred_t, int);
static int buf_lotsfree(void);
static int buf_canrelease(void);
static inline u_long buf_mempoolidx(u_long);
@ -559,7 +560,7 @@ buf_mrelease(caddr_t addr, size_t size)
* bread()/breadn() helper.
*/
static inline struct buf *
bio_doread(struct vnode *vp, daddr_t blkno, int size, struct ucred *cred,
bio_doread(struct vnode *vp, daddr_t blkno, int size, kauth_cred_t cred,
int async)
{
struct buf *bp;
@ -620,7 +621,7 @@ bio_doread(struct vnode *vp, daddr_t blkno, int size, struct ucred *cred,
* This algorithm described in Bach (p.54).
*/
int
bread(struct vnode *vp, daddr_t blkno, int size, struct ucred *cred,
bread(struct vnode *vp, daddr_t blkno, int size, kauth_cred_t cred,
struct buf **bpp)
{
struct buf *bp;
@ -638,7 +639,7 @@ bread(struct vnode *vp, daddr_t blkno, int size, struct ucred *cred,
*/
int
breadn(struct vnode *vp, daddr_t blkno, int size, daddr_t *rablks,
int *rasizes, int nrablks, struct ucred *cred, struct buf **bpp)
int *rasizes, int nrablks, kauth_cred_t cred, struct buf **bpp)
{
struct buf *bp;
int i;
@ -668,7 +669,7 @@ breadn(struct vnode *vp, daddr_t blkno, int size, daddr_t *rablks,
*/
int
breada(struct vnode *vp, daddr_t blkno, int size, daddr_t rablkno,
int rabsize, struct ucred *cred, struct buf **bpp)
int rabsize, kauth_cred_t cred, struct buf **bpp)
{
return (breadn(vp, blkno, size, &rablkno, &rabsize, 1, cred, bpp));

18
sys/kern/vfs_getcwd.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_getcwd.c,v 1.30 2006/03/01 12:38:21 yamt Exp $ */
/* $NetBSD: vfs_getcwd.c,v 1.31 2006/05/14 21:15:12 elad Exp $ */
/*-
* Copyright (c) 1999 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_getcwd.c,v 1.30 2006/03/01 12:38:21 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_getcwd.c,v 1.31 2006/05/14 21:15:12 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -52,6 +52,8 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_getcwd.c,v 1.30 2006/03/01 12:38:21 yamt Exp $")
#include <sys/uio.h>
#include <sys/malloc.h>
#include <sys/dirent.h>
#include <sys/kauth.h>
#include <ufs/ufs/dir.h> /* XXX only for DIRBLKSIZ */
#include <sys/sa.h>
@ -108,7 +110,7 @@ getcwd_scandir(struct vnode **lvpp, struct vnode **uvpp, char **bpp,
struct vattr va;
struct vnode *uvp = NULL;
struct vnode *lvp = *lvpp;
struct ucred *ucred = l->l_proc->p_ucred;
kauth_cred_t cred = l->l_proc->p_cred;
struct componentname cn;
int len, reclen;
tries = 0;
@ -118,7 +120,7 @@ getcwd_scandir(struct vnode **lvpp, struct vnode **uvpp, char **bpp,
* current directory is still locked.
*/
if (bufp != NULL) {
error = VOP_GETATTR(lvp, &va, ucred, l);
error = VOP_GETATTR(lvp, &va, cred, l);
if (error) {
vput(lvp);
*lvpp = NULL;
@ -134,7 +136,7 @@ getcwd_scandir(struct vnode **lvpp, struct vnode **uvpp, char **bpp,
cn.cn_nameiop = LOOKUP;
cn.cn_flags = ISLASTCN | ISDOTDOT | RDONLY;
cn.cn_lwp = l;
cn.cn_cred = ucred;
cn.cn_cred = cred;
cn.cn_pnbuf = NULL;
cn.cn_nameptr = "..";
cn.cn_namelen = 2;
@ -186,7 +188,7 @@ unionread:
eofflag = 0;
error = VOP_READDIR(uvp, &uio, ucred, &eofflag, 0, 0);
error = VOP_READDIR(uvp, &uio, cred, &eofflag, 0, 0);
off = uio.uio_offset;
@ -356,7 +358,7 @@ getcwd_common(struct vnode *lvp, struct vnode *rvp, char **bpp, char *bufp,
int limit, int flags, struct lwp *l)
{
struct cwdinfo *cwdi = l->l_proc->p_cwdi;
struct ucred *ucred = l->l_proc->p_ucred;
kauth_cred_t cred = l->l_proc->p_cred;
struct vnode *uvp = NULL;
char *bp = NULL;
int error;
@ -408,7 +410,7 @@ getcwd_common(struct vnode *lvp, struct vnode *rvp, char **bpp, char *bufp,
* whether or not caller cares.
*/
if (flags & GETCWD_CHECK_ACCESS) {
error = VOP_ACCESS(lvp, perms, ucred, l);
error = VOP_ACCESS(lvp, perms, cred, l);
if (error)
goto out;
perms = VEXEC|VREAD;

9
sys/kern/vfs_lockf.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_lockf.c,v 1.48 2005/12/24 19:12:23 perry Exp $ */
/* $NetBSD: vfs_lockf.c,v 1.49 2006/05/14 21:15:12 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1993
@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_lockf.c,v 1.48 2005/12/24 19:12:23 perry Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_lockf.c,v 1.49 2006/05/14 21:15:12 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -46,6 +46,7 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_lockf.c,v 1.48 2005/12/24 19:12:23 perry Exp $")
#include <sys/pool.h>
#include <sys/fcntl.h>
#include <sys/lockf.h>
#include <sys/kauth.h>
POOL_INIT(lockfpool, sizeof(struct lockf), 0, 0, 0, "lockfpl",
&pool_allocator_nointr);
@ -795,7 +796,7 @@ lf_advlock(struct vop_advlock_args *ap, struct lockf **head, off_t size)
/*
* byte-range lock might need one more lock.
*/
sparelock = lf_alloc(p->p_ucred->cr_uid, 0);
sparelock = lf_alloc(kauth_cred_geteuid(p->p_cred), 0);
if (sparelock == NULL) {
error = ENOMEM;
goto quit;
@ -812,7 +813,7 @@ lf_advlock(struct vop_advlock_args *ap, struct lockf **head, off_t size)
return EINVAL;
}
lock = lf_alloc(p->p_ucred->cr_uid, ap->a_op != F_UNLCK ? 1 : 2);
lock = lf_alloc(kauth_cred_geteuid(p->p_cred), ap->a_op != F_UNLCK ? 1 : 2);
if (lock == NULL) {
error = ENOMEM;
goto quit;

7
sys/kern/vfs_lookup.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_lookup.c,v 1.69 2006/03/03 16:15:11 rumble Exp $ */
/* $NetBSD: vfs_lookup.c,v 1.70 2006/05/14 21:15:12 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1993
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_lookup.c,v 1.69 2006/03/03 16:15:11 rumble Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_lookup.c,v 1.70 2006/05/14 21:15:12 elad Exp $");
#include "opt_ktrace.h"
#include "opt_systrace.h"
@ -57,6 +57,7 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_lookup.c,v 1.69 2006/03/03 16:15:11 rumble Exp $
#include <sys/malloc.h>
#include <sys/proc.h>
#include <sys/syslog.h>
#include <sys/kauth.h>
#ifdef KTRACE
#include <sys/ktrace.h>
@ -605,7 +606,7 @@ dirloop:
log(LOG_WARNING,
"chrooted pid %d uid %d (%s) "
"detected outside of its chroot\n",
p->p_pid, p->p_ucred->cr_uid,
p->p_pid, kauth_cred_geteuid(p->p_cred),
p->p_comm);
/* Put us at the jail root. */
vput(dp);

21
sys/kern/vfs_subr.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_subr.c,v 1.265 2006/02/25 07:11:31 skrll Exp $ */
/* $NetBSD: vfs_subr.c,v 1.266 2006/05/14 21:15:12 elad Exp $ */
/*-
* Copyright (c) 1997, 1998, 2004, 2005 The NetBSD Foundation, Inc.
@ -80,7 +80,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_subr.c,v 1.265 2006/02/25 07:11:31 skrll Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_subr.c,v 1.266 2006/05/14 21:15:12 elad Exp $");
#include "opt_inet.h"
#include "opt_ddb.h"
@ -106,6 +106,7 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_subr.c,v 1.265 2006/02/25 07:11:31 skrll Exp $")
#include <sys/syscallargs.h>
#include <sys/device.h>
#include <sys/filedesc.h>
#include <sys/kauth.h>
#include <miscfs/specfs/specdev.h>
#include <miscfs/genfs/genfs.h>
@ -690,7 +691,7 @@ vwakeup(struct buf *bp)
* buffers from being queued.
*/
int
vinvalbuf(struct vnode *vp, int flags, struct ucred *cred, struct lwp *l,
vinvalbuf(struct vnode *vp, int flags, kauth_cred_t cred, struct lwp *l,
int slpflag, int slptimeo)
{
struct buf *bp, *nbp;
@ -2097,15 +2098,16 @@ vfs_mountedon(struct vnode *vp)
*/
int
vaccess(enum vtype type, mode_t file_mode, uid_t uid, gid_t gid,
mode_t acc_mode, struct ucred *cred)
mode_t acc_mode, kauth_cred_t cred)
{
mode_t mask;
int error, ismember;
/*
* Super-user always gets read/write access, but execute access depends
* on at least one execute bit being set.
*/
if (cred->cr_uid == 0) {
if (kauth_cred_geteuid(cred) == 0) {
if ((acc_mode & VEXEC) && type != VDIR &&
(file_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) == 0)
return (EACCES);
@ -2115,7 +2117,7 @@ vaccess(enum vtype type, mode_t file_mode, uid_t uid, gid_t gid,
mask = 0;
/* Otherwise, check the owner. */
if (cred->cr_uid == uid) {
if (kauth_cred_geteuid(cred) == uid) {
if (acc_mode & VEXEC)
mask |= S_IXUSR;
if (acc_mode & VREAD)
@ -2126,7 +2128,10 @@ vaccess(enum vtype type, mode_t file_mode, uid_t uid, gid_t gid,
}
/* Otherwise, check the groups. */
if (cred->cr_gid == gid || groupmember(gid, cred)) {
error = kauth_cred_ismember_gid(cred, gid, &ismember);
if (error)
return (error);
if (kauth_cred_getegid(cred) == gid || ismember) {
if (acc_mode & VEXEC)
mask |= S_IXGRP;
if (acc_mode & VREAD)
@ -2454,7 +2459,7 @@ vfs_write_suspend(struct mount *mp, int slpflag, int slptimeo)
0, &mp->mnt_slock);
simple_unlock(&mp->mnt_slock);
error = VFS_SYNC(mp, MNT_WAIT, l->l_proc->p_ucred, l);
error = VFS_SYNC(mp, MNT_WAIT, l->l_proc->p_cred, l);
if (error) {
vfs_write_resume(mp);
return error;

153
sys/kern/vfs_syscalls.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_syscalls.c,v 1.241 2006/05/10 11:02:29 yamt Exp $ */
/* $NetBSD: vfs_syscalls.c,v 1.242 2006/05/14 21:15:12 elad Exp $ */
/*
* Copyright (c) 1989, 1993
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.241 2006/05/10 11:02:29 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.242 2006/05/14 21:15:12 elad Exp $");
#include "opt_compat_netbsd.h"
#include "opt_compat_43.h"
@ -67,6 +67,7 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.241 2006/05/10 11:02:29 yamt Exp
#ifdef VERIFIED_EXEC
#include <sys/verified_exec.h>
#endif /* VERIFIED_EXEC */
#include <sys/kauth.h>
#include <miscfs/genfs/genfs.h>
#include <miscfs/syncfs/syncfs.h>
@ -158,7 +159,8 @@ sys_mount(struct lwp *l, void *v, register_t *retval)
}
if (dovfsusermount == 0 && (SCARG(uap, flags) & MNT_GETARGS) == 0 &&
(error = suser(p->p_ucred, &p->p_acflag)))
(error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)))
return (error);
/*
* Get vnode to be covered
@ -210,8 +212,10 @@ sys_mount(struct lwp *l, void *v, register_t *retval)
* permitted to update it.
*/
if ((mp->mnt_flag & MNT_GETARGS) == 0 &&
mp->mnt_stat.f_owner != p->p_ucred->cr_uid &&
(error = suser(p->p_ucred, &p->p_acflag)) != 0) {
mp->mnt_stat.f_owner != kauth_cred_geteuid(p->p_cred) &&
(error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0) {
vput(vp);
return (error);
}
@ -220,7 +224,7 @@ sys_mount(struct lwp *l, void *v, register_t *retval)
* users, silently enforce MNT_NOSUID and MNT_NODEV, and
* MNT_NOEXEC if mount point is already MNT_NOEXEC.
*/
if (p->p_ucred->cr_uid != 0) {
if (kauth_cred_geteuid(p->p_cred) != 0) {
if (SCARG(uap, flags) & MNT_EXPORTED) {
vput(vp);
return (EPERM);
@ -244,9 +248,11 @@ sys_mount(struct lwp *l, void *v, register_t *retval)
* If the user is not root, ensure that they own the directory
* onto which we are attempting to mount.
*/
if ((error = VOP_GETATTR(vp, &va, p->p_ucred, l)) != 0 ||
(va.va_uid != p->p_ucred->cr_uid &&
(error = suser(p->p_ucred, &p->p_acflag)) != 0)) {
if ((error = VOP_GETATTR(vp, &va, p->p_cred, l)) != 0 ||
(va.va_uid != kauth_cred_geteuid(p->p_cred) &&
(error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)) {
vput(vp);
return (error);
}
@ -255,7 +261,7 @@ sys_mount(struct lwp *l, void *v, register_t *retval)
* silently enforce MNT_NOSUID and MNT_NODEV, and MNT_NOEXEC if the
* mount point is already MNT_NOEXEC.
*/
if (p->p_ucred->cr_uid != 0) {
if (kauth_cred_geteuid(p->p_cred) != 0) {
if (SCARG(uap, flags) & MNT_EXPORTED) {
vput(vp);
return (EPERM);
@ -264,7 +270,7 @@ sys_mount(struct lwp *l, void *v, register_t *retval)
if (vp->v_mount->mnt_flag & MNT_NOEXEC)
SCARG(uap, flags) |= MNT_NOEXEC;
}
if ((error = vinvalbuf(vp, V_SAVE, p->p_ucred, l, 0, 0)) != 0) {
if ((error = vinvalbuf(vp, V_SAVE, p->p_cred, l, 0, 0)) != 0) {
vput(vp);
return (error);
}
@ -319,7 +325,7 @@ sys_mount(struct lwp *l, void *v, register_t *retval)
mp->mnt_op = vfs;
vfs->vfs_refcount++;
mp->mnt_vnodecovered = vp;
mp->mnt_stat.f_owner = p->p_ucred->cr_uid;
mp->mnt_stat.f_owner = kauth_cred_geteuid(p->p_cred);
mp->mnt_unmounter = NULL;
mp->mnt_leaf = mp;
@ -489,8 +495,9 @@ sys_unmount(struct lwp *l, void *v, register_t *retval)
* Only root, or the user that did the original mount is
* permitted to unmount this filesystem.
*/
if ((mp->mnt_stat.f_owner != p->p_ucred->cr_uid) &&
(error = suser(p->p_ucred, &p->p_acflag)) != 0) {
if ((mp->mnt_stat.f_owner != kauth_cred_geteuid(p->p_cred)) &&
(error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0) {
vput(vp);
return (error);
}
@ -575,7 +582,7 @@ dounmount(struct mount *mp, int flags, struct lwp *l)
error = fss_umount_hook(mp, (flags & MNT_FORCE));
#endif
if (error == 0)
error = VFS_SYNC(mp, MNT_WAIT, l->l_proc->p_ucred, l);
error = VFS_SYNC(mp, MNT_WAIT, l->l_proc->p_cred, l);
}
if (error == 0 || (flags & MNT_FORCE))
error = VFS_UNMOUNT(mp, flags, l);
@ -649,7 +656,7 @@ sys_sync(struct lwp *l, void *v, register_t *retval)
vn_start_write(NULL, &mp, V_NOWAIT) == 0) {
asyncflag = mp->mnt_flag & MNT_ASYNC;
mp->mnt_flag &= ~MNT_ASYNC;
VFS_SYNC(mp, MNT_NOWAIT, p->p_ucred, l);
VFS_SYNC(mp, MNT_NOWAIT, p->p_cred, l);
if (asyncflag)
mp->mnt_flag |= MNT_ASYNC;
vn_finished_write(mp, 0);
@ -929,7 +936,7 @@ sys_fchdir(struct lwp *l, void *v, register_t *retval)
if (vp->v_type != VDIR)
error = ENOTDIR;
else
error = VOP_ACCESS(vp, VEXEC, p->p_ucred, l);
error = VOP_ACCESS(vp, VEXEC, p->p_cred, l);
while (!error && (mp = vp->v_mountedhere) != NULL) {
if (vfs_busy(mp, 0, 0))
continue;
@ -978,7 +985,8 @@ sys_fchroot(struct lwp *l, void *v, register_t *retval)
struct file *fp;
int error;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return error;
/* getvnode() will use the descriptor for us */
if ((error = getvnode(fdp, SCARG(uap, fd), &fp)) != 0)
@ -988,7 +996,7 @@ sys_fchroot(struct lwp *l, void *v, register_t *retval)
if (vp->v_type != VDIR)
error = ENOTDIR;
else
error = VOP_ACCESS(vp, VEXEC, p->p_ucred, l);
error = VOP_ACCESS(vp, VEXEC, p->p_cred, l);
VOP_UNLOCK(vp, 0);
if (error)
goto out;
@ -1057,7 +1065,8 @@ sys_chroot(struct lwp *l, void *v, register_t *retval)
int error;
struct nameidata nd;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE,
SCARG(uap, path), l);
@ -1101,7 +1110,7 @@ change_dir(struct nameidata *ndp, struct lwp *l)
if (vp->v_type != VDIR)
error = ENOTDIR;
else
error = VOP_ACCESS(vp, VEXEC, l->l_proc->p_ucred, l);
error = VOP_ACCESS(vp, VEXEC, l->l_proc->p_cred, l);
if (error)
vput(vp);
@ -1212,7 +1221,8 @@ sys_getfh(struct lwp *l, void *v, register_t *retval)
/*
* Must be super user
*/
error = suser(p->p_ucred, &p->p_acflag);
error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag);
if (error)
return (error);
NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE,
@ -1252,7 +1262,7 @@ sys_fhopen(struct lwp *l, void *v, register_t *retval)
struct file *fp;
struct vnode *vp = NULL;
struct mount *mp;
struct ucred *cred = p->p_ucred;
kauth_cred_t cred = p->p_cred;
int flags;
struct file *nfp;
int type, indx, error=0;
@ -1263,7 +1273,8 @@ sys_fhopen(struct lwp *l, void *v, register_t *retval)
/*
* Must be super user
*/
if ((error = suser(p->p_ucred, &p->p_acflag)))
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)))
return (error);
flags = FFLAGS(SCARG(uap, flags));
@ -1397,7 +1408,8 @@ sys___fhstat30(struct lwp *l, void *v, register_t *retval)
/*
* Must be super user
*/
if ((error = suser(p->p_ucred, &p->p_acflag)))
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)))
return (error);
if ((error = copyin(SCARG(uap, fhp), &fh, sizeof(fhandle_t))) != 0)
@ -1436,7 +1448,8 @@ sys_fhstatvfs1(struct lwp *l, void *v, register_t *retval)
/*
* Must be super user
*/
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return error;
if ((error = copyin(SCARG(uap, fhp), &fh, sizeof(fhandle_t))) != 0)
@ -1482,7 +1495,8 @@ sys_mknod(struct lwp *l, void *v, register_t *retval)
int whiteout = 0;
struct nameidata nd;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
restart:
NDINIT(&nd, CREATE, LOCKPARENT, UIO_USERSPACE, SCARG(uap, path), l);
@ -1530,7 +1544,7 @@ restart:
goto restart;
}
if (!error) {
VOP_LEASE(nd.ni_dvp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(nd.ni_dvp, l, p->p_cred, LEASE_WRITE);
if (whiteout) {
error = VOP_WHITEOUT(nd.ni_dvp, &nd.ni_cnd, CREATE);
if (error)
@ -1601,7 +1615,7 @@ restart:
VATTR_NULL(&vattr);
vattr.va_type = VFIFO;
vattr.va_mode = (SCARG(uap, mode) & ALLPERMS) &~ p->p_cwdi->cwdi_cmask;
VOP_LEASE(nd.ni_dvp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(nd.ni_dvp, l, p->p_cred, LEASE_WRITE);
error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
if (error == 0)
vput(nd.ni_vp);
@ -1647,8 +1661,8 @@ sys_link(struct lwp *l, void *v, register_t *retval)
error = EEXIST;
goto out;
}
VOP_LEASE(nd.ni_dvp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(nd.ni_dvp, l, p->p_cred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_cred, LEASE_WRITE);
error = VOP_LINK(nd.ni_dvp, vp, &nd.ni_cnd);
out:
vrele(vp);
@ -1706,7 +1720,7 @@ restart:
VATTR_NULL(&vattr);
vattr.va_type = VLNK;
vattr.va_mode = ACCESSPERMS &~ p->p_cwdi->cwdi_cmask;
VOP_LEASE(nd.ni_dvp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(nd.ni_dvp, l, p->p_cred, LEASE_WRITE);
error = VOP_SYMLINK(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr, path);
if (error == 0)
vput(nd.ni_vp);
@ -1759,7 +1773,7 @@ restart:
return (error);
goto restart;
}
VOP_LEASE(nd.ni_dvp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(nd.ni_dvp, l, p->p_cred, LEASE_WRITE);
if ((error = VOP_WHITEOUT(nd.ni_dvp, &nd.ni_cnd, DELETE)) != 0)
VOP_ABORTOP(nd.ni_dvp, &nd.ni_cnd);
vput(nd.ni_dvp);
@ -1829,8 +1843,8 @@ restart:
return (error);
goto restart;
}
VOP_LEASE(nd.ni_dvp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(nd.ni_dvp, l, p->p_cred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_cred, LEASE_WRITE);
error = VOP_REMOVE(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
vn_finished_write(mp, 0);
out:
@ -1850,7 +1864,7 @@ sys_lseek(struct lwp *l, void *v, register_t *retval)
syscallarg(int) whence;
} */ *uap = v;
struct proc *p = l->l_proc;
struct ucred *cred = p->p_ucred;
kauth_cred_t cred = p->p_cred;
struct filedesc *fdp = p->p_fd;
struct file *fp;
struct vnode *vp;
@ -2118,14 +2132,14 @@ sys_access(struct lwp *l, void *v, register_t *retval)
syscallarg(int) flags;
} */ *uap = v;
struct proc *p = l->l_proc;
struct ucred *cred;
kauth_cred_t cred;
struct vnode *vp;
int error, flags;
struct nameidata nd;
cred = crdup(p->p_ucred);
cred->cr_uid = p->p_cred->p_ruid;
cred->cr_gid = p->p_cred->p_rgid;
cred = kauth_cred_dup(p->p_cred);
kauth_cred_seteuid(cred, kauth_cred_getuid(p->p_cred));
kauth_cred_setegid(cred, kauth_cred_getgid(p->p_cred));
NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE,
SCARG(uap, path), l);
/* Override default credentials */
@ -2150,7 +2164,7 @@ sys_access(struct lwp *l, void *v, register_t *retval)
}
vput(vp);
out:
crfree(cred);
kauth_cred_free(cred);
return (error);
}
@ -2258,7 +2272,7 @@ sys_readlink(struct lwp *l, void *v, register_t *retval)
if (vp->v_type != VLNK)
error = EINVAL;
else if (!(vp->v_mount->mnt_flag & MNT_SYMPERM) ||
(error = VOP_ACCESS(vp, VREAD, p->p_ucred, l)) == 0) {
(error = VOP_ACCESS(vp, VREAD, p->p_cred, l)) == 0) {
aiov.iov_base = SCARG(uap, buf);
aiov.iov_len = SCARG(uap, count);
auio.uio_iov = &aiov;
@ -2268,7 +2282,7 @@ sys_readlink(struct lwp *l, void *v, register_t *retval)
KASSERT(l == curlwp);
auio.uio_vmspace = l->l_proc->p_vmspace;
auio.uio_resid = SCARG(uap, count);
error = VOP_READLINK(vp, &auio, p->p_ucred);
error = VOP_READLINK(vp, &auio, p->p_cred);
}
vput(vp);
*retval = SCARG(uap, count) - auio.uio_resid;
@ -2362,14 +2376,15 @@ change_flags(struct vnode *vp, u_long flags, struct lwp *l)
if ((error = vn_start_write(vp, &mp, V_WAIT | V_PCATCH)) != 0)
return (error);
VOP_LEASE(vp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_cred, LEASE_WRITE);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
/*
* Non-superusers cannot change the flags on devices, even if they
* own them.
*/
if (suser(p->p_ucred, &p->p_acflag) != 0) {
if ((error = VOP_GETATTR(vp, &vattr, p->p_ucred, l)) != 0)
if (kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag) != 0) {
if ((error = VOP_GETATTR(vp, &vattr, p->p_cred, l)) != 0)
goto out;
if (vattr.va_type == VCHR || vattr.va_type == VBLK) {
error = EINVAL;
@ -2378,7 +2393,7 @@ change_flags(struct vnode *vp, u_long flags, struct lwp *l)
}
VATTR_NULL(&vattr);
vattr.va_flags = flags;
error = VOP_SETATTR(vp, &vattr, p->p_ucred, l);
error = VOP_SETATTR(vp, &vattr, p->p_cred, l);
out:
vn_finished_write(mp, 0);
return (error);
@ -2469,11 +2484,11 @@ change_mode(struct vnode *vp, int mode, struct lwp *l)
if ((error = vn_start_write(vp, &mp, V_WAIT | V_PCATCH)) != 0)
return (error);
VOP_LEASE(vp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_cred, LEASE_WRITE);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
VATTR_NULL(&vattr);
vattr.va_mode = mode & ALLPERMS;
error = VOP_SETATTR(vp, &vattr, p->p_ucred, l);
error = VOP_SETATTR(vp, &vattr, p->p_cred, l);
VOP_UNLOCK(vp, 0);
vn_finished_write(mp, 0);
return (error);
@ -2648,9 +2663,9 @@ change_owner(struct vnode *vp, uid_t uid, gid_t gid, struct lwp *l,
if ((error = vn_start_write(vp, &mp, V_WAIT | V_PCATCH)) != 0)
return (error);
VOP_LEASE(vp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_cred, LEASE_WRITE);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
if ((error = VOP_GETATTR(vp, &vattr, p->p_ucred, l)) != 0)
if ((error = VOP_GETATTR(vp, &vattr, p->p_cred, l)) != 0)
goto out;
#define CHANGED(x) ((int)(x) != -1)
@ -2663,7 +2678,8 @@ change_owner(struct vnode *vp, uid_t uid, gid_t gid, struct lwp *l,
* implementation-defined; we leave the set-user-id and set-
* group-id settings intact in that case.
*/
if (suser(p->p_ucred, NULL) != 0)
if (kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
NULL) != 0)
newmode &= ~(S_ISUID | S_ISGID);
} else {
/*
@ -2683,7 +2699,7 @@ change_owner(struct vnode *vp, uid_t uid, gid_t gid, struct lwp *l,
vattr.va_uid = CHANGED(uid) ? uid : (uid_t)VNOVAL;
vattr.va_gid = CHANGED(gid) ? gid : (gid_t)VNOVAL;
vattr.va_mode = newmode;
error = VOP_SETATTR(vp, &vattr, p->p_ucred, l);
error = VOP_SETATTR(vp, &vattr, p->p_cred, l);
#undef CHANGED
out:
@ -2793,9 +2809,9 @@ change_utimes(struct vnode *vp, const struct timeval *tptr, struct lwp *l)
TIMEVAL_TO_TIMESPEC(&tv[0], &vattr.va_atime);
TIMEVAL_TO_TIMESPEC(&tv[1], &vattr.va_mtime);
}
VOP_LEASE(vp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_cred, LEASE_WRITE);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
error = VOP_SETATTR(vp, &vattr, p->p_ucred, l);
error = VOP_SETATTR(vp, &vattr, p->p_cred, l);
VOP_UNLOCK(vp, 0);
out:
vn_finished_write(mp, 0);
@ -2829,15 +2845,15 @@ sys_truncate(struct lwp *l, void *v, register_t *retval)
vrele(vp);
return (error);
}
VOP_LEASE(vp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_cred, LEASE_WRITE);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
if (vp->v_type == VDIR)
error = EISDIR;
else if ((error = vn_writechk(vp)) == 0 &&
(error = VOP_ACCESS(vp, VWRITE, p->p_ucred, l)) == 0) {
(error = VOP_ACCESS(vp, VWRITE, p->p_cred, l)) == 0) {
VATTR_NULL(&vattr);
vattr.va_size = SCARG(uap, length);
error = VOP_SETATTR(vp, &vattr, p->p_ucred, l);
error = VOP_SETATTR(vp, &vattr, p->p_cred, l);
}
vput(vp);
vn_finished_write(mp, 0);
@ -2875,7 +2891,7 @@ sys_ftruncate(struct lwp *l, void *v, register_t *retval)
FILE_UNUSE(fp, l);
return (error);
}
VOP_LEASE(vp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_cred, LEASE_WRITE);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
if (vp->v_type == VDIR)
error = EISDIR;
@ -3139,11 +3155,11 @@ rename_files(const char *from, const char *to, struct lwp *l, int retain)
out:
p = l->l_proc;
if (!error) {
VOP_LEASE(tdvp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(tdvp, l, p->p_cred, LEASE_WRITE);
if (fromnd.ni_dvp != tdvp)
VOP_LEASE(fromnd.ni_dvp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(fromnd.ni_dvp, l, p->p_cred, LEASE_WRITE);
if (tvp) {
VOP_LEASE(tvp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(tvp, l, p->p_cred, LEASE_WRITE);
}
error = VOP_RENAME(fromnd.ni_dvp, fromnd.ni_vp, &fromnd.ni_cnd,
tond.ni_dvp, tond.ni_vp, &tond.ni_cnd);
@ -3217,7 +3233,7 @@ restart:
vattr.va_type = VDIR;
vattr.va_mode =
(SCARG(uap, mode) & ACCESSPERMS) &~ p->p_cwdi->cwdi_cmask;
VOP_LEASE(nd.ni_dvp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(nd.ni_dvp, l, p->p_cred, LEASE_WRITE);
error = VOP_MKDIR(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
if (!error)
vput(nd.ni_vp);
@ -3277,8 +3293,8 @@ restart:
return (error);
goto restart;
}
VOP_LEASE(nd.ni_dvp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(nd.ni_dvp, l, p->p_cred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_cred, LEASE_WRITE);
error = VOP_RMDIR(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
vn_finished_write(mp, 0);
return (error);
@ -3371,10 +3387,11 @@ sys_revoke(struct lwp *l, void *v, register_t *retval)
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
if ((error = VOP_GETATTR(vp, &vattr, p->p_ucred, l)) != 0)
if ((error = VOP_GETATTR(vp, &vattr, p->p_cred, l)) != 0)
goto out;
if (p->p_ucred->cr_uid != vattr.va_uid &&
(error = suser(p->p_ucred, &p->p_acflag)) != 0)
if (kauth_cred_geteuid(p->p_cred) != vattr.va_uid &&
(error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
goto out;
if ((error = vn_start_write(vp, &mp, V_WAIT | V_PCATCH)) != 0)
goto out;

27
sys/kern/vfs_vnops.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_vnops.c,v 1.110 2006/05/14 05:30:31 christos Exp $ */
/* $NetBSD: vfs_vnops.c,v 1.111 2006/05/14 21:15:12 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1993
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_vnops.c,v 1.110 2006/05/14 05:30:31 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_vnops.c,v 1.111 2006/05/14 21:15:12 elad Exp $");
#include "opt_verified_exec.h"
@ -57,6 +57,7 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_vnops.c,v 1.110 2006/05/14 05:30:31 christos Exp
#include <sys/ioctl.h>
#include <sys/tty.h>
#include <sys/poll.h>
#include <sys/kauth.h>
#include <miscfs/specfs/specdev.h>
@ -76,9 +77,9 @@ int (*vn_union_readdir_hook) (struct vnode **, struct file *, struct lwp *);
#endif
static int vn_read(struct file *fp, off_t *offset, struct uio *uio,
struct ucred *cred, int flags);
kauth_cred_t cred, int flags);
static int vn_write(struct file *fp, off_t *offset, struct uio *uio,
struct ucred *cred, int flags);
kauth_cred_t cred, int flags);
static int vn_closefile(struct file *fp, struct lwp *l);
static int vn_poll(struct file *fp, int events, struct lwp *l);
static int vn_fcntl(struct file *fp, u_int com, void *data, struct lwp *l);
@ -100,7 +101,7 @@ vn_open(struct nameidata *ndp, int fmode, int cmode)
struct vnode *vp;
struct mount *mp = NULL; /* XXX: GCC */
struct lwp *l = ndp->ni_cnd.cn_lwp;
struct ucred *cred = l->l_proc->p_ucred;
kauth_cred_t cred = l->l_proc->p_cred;
struct vattr va;
int error;
#ifdef VERIFIED_EXEC
@ -329,7 +330,7 @@ vn_marktext(struct vnode *vp)
* Note: takes an unlocked vnode, while VOP_CLOSE takes a locked node.
*/
int
vn_close(struct vnode *vp, int flags, struct ucred *cred, struct lwp *l)
vn_close(struct vnode *vp, int flags, kauth_cred_t cred, struct lwp *l)
{
int error;
@ -346,7 +347,7 @@ vn_close(struct vnode *vp, int flags, struct ucred *cred, struct lwp *l)
*/
int
vn_rdwr(enum uio_rw rw, struct vnode *vp, caddr_t base, int len, off_t offset,
enum uio_seg segflg, int ioflg, struct ucred *cred, size_t *aresid,
enum uio_seg segflg, int ioflg, kauth_cred_t cred, size_t *aresid,
struct lwp *l)
{
struct uio auio;
@ -458,7 +459,7 @@ unionread:
* File table vnode read routine.
*/
static int
vn_read(struct file *fp, off_t *offset, struct uio *uio, struct ucred *cred,
vn_read(struct file *fp, off_t *offset, struct uio *uio, kauth_cred_t cred,
int flags)
{
struct vnode *vp = (struct vnode *)fp->f_data;
@ -487,7 +488,7 @@ vn_read(struct file *fp, off_t *offset, struct uio *uio, struct ucred *cred,
* File table vnode write routine.
*/
static int
vn_write(struct file *fp, off_t *offset, struct uio *uio, struct ucred *cred,
vn_write(struct file *fp, off_t *offset, struct uio *uio, kauth_cred_t cred,
int flags)
{
struct vnode *vp = (struct vnode *)fp->f_data;
@ -544,7 +545,7 @@ vn_stat(struct vnode *vp, struct stat *sb, struct lwp *l)
int error;
mode_t mode;
error = VOP_GETATTR(vp, &va, l->l_proc->p_ucred, l);
error = VOP_GETATTR(vp, &va, l->l_proc->p_cred, l);
if (error)
return (error);
/*
@ -604,7 +605,7 @@ vn_fcntl(struct file *fp, u_int com, void *data, struct lwp *l)
struct vnode *vp = ((struct vnode *)fp->f_data);
int error;
error = VOP_FCNTL(vp, com, data, fp->f_flag, l->l_proc->p_ucred, l);
error = VOP_FCNTL(vp, com, data, fp->f_flag, l->l_proc->p_cred, l);
return (error);
}
@ -624,7 +625,7 @@ vn_ioctl(struct file *fp, u_long com, void *data, struct lwp *l)
case VREG:
case VDIR:
if (com == FIONREAD) {
error = VOP_GETATTR(vp, &vattr, l->l_proc->p_ucred, l);
error = VOP_GETATTR(vp, &vattr, l->l_proc->p_cred, l);
if (error)
return (error);
*(int *)data = vattr.va_size - fp->f_offset;
@ -664,7 +665,7 @@ vn_ioctl(struct file *fp, u_long com, void *data, struct lwp *l)
case VCHR:
case VBLK:
error = VOP_IOCTL(vp, com, data, fp->f_flag,
l->l_proc->p_ucred, l);
l->l_proc->p_cred, l);
if (error == 0 && com == TIOCSCTTY) {
if (p->p_session->s_ttyvp)
vrele(p->p_session->s_ttyvp);

28
sys/kern/vfs_xattr.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_xattr.c,v 1.5 2006/03/01 12:38:21 yamt Exp $ */
/* $NetBSD: vfs_xattr.c,v 1.6 2006/05/14 21:15:12 elad Exp $ */
/*-
* Copyright (c) 2005 The NetBSD Foundation, Inc.
@ -75,7 +75,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_xattr.c,v 1.5 2006/03/01 12:38:21 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_xattr.c,v 1.6 2006/05/14 21:15:12 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -92,6 +92,7 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_xattr.c,v 1.5 2006/03/01 12:38:21 yamt Exp $");
#include <sys/sysctl.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
#include <sys/kauth.h>
/*
* Credential check based on process requesting service, and per-attribute
@ -101,7 +102,7 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_xattr.c,v 1.5 2006/03/01 12:38:21 yamt Exp $");
*/
int
extattr_check_cred(struct vnode *vp, int attrnamespace,
struct ucred *cred, struct lwp *l, int access)
kauth_cred_t cred, struct lwp *l, int access)
{
if (cred == NOCRED)
@ -113,7 +114,8 @@ extattr_check_cred(struct vnode *vp, int attrnamespace,
* Do we really want to allow this, or just require that
* these requests come from kernel code (NOCRED case above)?
*/
return (suser(cred, &l->l_proc->p_acflag));
return (kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER,
&l->l_proc->p_acflag));
case EXTATTR_NAMESPACE_USER:
return (VOP_ACCESS(vp, access, cred, l));
@ -231,7 +233,7 @@ extattr_set_vp(struct vnode *vp, int attrnamespace, const char *attrname,
error = vn_start_write(vp, &mp, V_WAIT | V_PCATCH);
if (error)
return (error);
VOP_LEASE(vp, l, l->l_proc->p_ucred, LEASE_WRITE);
VOP_LEASE(vp, l, l->l_proc->p_cred, LEASE_WRITE);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
aiov.iov_base = __UNCONST(data); /* XXXUNCONST kills const */
@ -250,7 +252,7 @@ extattr_set_vp(struct vnode *vp, int attrnamespace, const char *attrname,
cnt = nbytes;
error = VOP_SETEXTATTR(vp, attrnamespace, attrname, &auio,
l->l_proc->p_ucred, l);
l->l_proc->p_cred, l);
cnt -= auio.uio_resid;
retval[0] = cnt;
@ -275,7 +277,7 @@ extattr_get_vp(struct vnode *vp, int attrnamespace, const char *attrname,
size_t size, *sizep;
int error;
VOP_LEASE(vp, l, l->l_proc->p_ucred, LEASE_READ);
VOP_LEASE(vp, l, l->l_proc->p_cred, LEASE_READ);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
/*
@ -305,7 +307,7 @@ extattr_get_vp(struct vnode *vp, int attrnamespace, const char *attrname,
sizep = &size;
error = VOP_GETEXTATTR(vp, attrnamespace, attrname, auiop, sizep,
l->l_proc->p_ucred, l);
l->l_proc->p_cred, l);
if (auiop != NULL) {
cnt -= auio.uio_resid;
@ -333,13 +335,13 @@ extattr_delete_vp(struct vnode *vp, int attrnamespace, const char *attrname,
error = vn_start_write(vp, &mp, V_WAIT | V_PCATCH);
if (error)
return (error);
VOP_LEASE(vp, l, l->l_proc->p_ucred, LEASE_WRITE);
VOP_LEASE(vp, l, l->l_proc->p_cred, LEASE_WRITE);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
error = VOP_DELETEEXTATTR(vp, attrnamespace, attrname, l->l_proc->p_ucred, l);
error = VOP_DELETEEXTATTR(vp, attrnamespace, attrname, l->l_proc->p_cred, l);
if (error == EOPNOTSUPP)
error = VOP_SETEXTATTR(vp, attrnamespace, attrname, NULL,
l->l_proc->p_ucred, l);
l->l_proc->p_cred, l);
VOP_UNLOCK(vp, 0);
vn_finished_write(mp, 0);
@ -361,7 +363,7 @@ extattr_list_vp(struct vnode *vp, int attrnamespace, void *data, size_t nbytes,
ssize_t cnt;
int error;
VOP_LEASE(vp, l, l->l_proc->p_ucred, LEASE_READ);
VOP_LEASE(vp, l, l->l_proc->p_cred, LEASE_READ);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
auiop = NULL;
@ -386,7 +388,7 @@ extattr_list_vp(struct vnode *vp, int attrnamespace, void *data, size_t nbytes,
sizep = &size;
error = VOP_LISTEXTATTR(vp, attrnamespace, auiop, sizep,
l->l_proc->p_ucred, l);
l->l_proc->p_cred, l);
if (auiop != NULL) {
cnt -= auio.uio_resid;

50
sys/kern/vnode_if.c
View File

@ -1,13 +1,13 @@
/* $NetBSD: vnode_if.c,v 1.64 2006/05/04 16:49:54 perseant Exp $ */
/* $NetBSD: vnode_if.c,v 1.65 2006/05/14 21:15:12 elad Exp $ */
/*
* Warning: DO NOT EDIT! This file is automatically generated!
* (Modifications made here may easily be lost!)
*
* Created from the file:
* NetBSD: vnode_if.src,v 1.49 2006/05/04 16:48:16 perseant Exp
* NetBSD: vnode_if.src,v 1.48.10.1 2006/03/08 00:53:41 elad Exp
* by the script:
* NetBSD: vnode_if.sh,v 1.41 2005/12/11 12:24:30 christos Exp
* NetBSD: vnode_if.sh,v 1.41.10.1 2006/03/08 00:53:41 elad Exp
*/
/*
@ -40,7 +40,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vnode_if.c,v 1.64 2006/05/04 16:49:54 perseant Exp $");
__KERNEL_RCSID(0, "$NetBSD: vnode_if.c,v 1.65 2006/05/14 21:15:12 elad Exp $");
/*
@ -220,7 +220,7 @@ const struct vnodeop_desc vop_open_desc = {
int
VOP_OPEN(struct vnode *vp,
int mode,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_open_args a;
@ -258,7 +258,7 @@ const struct vnodeop_desc vop_close_desc = {
int
VOP_CLOSE(struct vnode *vp,
int fflag,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_close_args a;
@ -296,7 +296,7 @@ const struct vnodeop_desc vop_access_desc = {
int
VOP_ACCESS(struct vnode *vp,
int mode,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_access_args a;
@ -334,7 +334,7 @@ const struct vnodeop_desc vop_getattr_desc = {
int
VOP_GETATTR(struct vnode *vp,
struct vattr *vap,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_getattr_args a;
@ -366,7 +366,7 @@ const struct vnodeop_desc vop_setattr_desc = {
int
VOP_SETATTR(struct vnode *vp,
struct vattr *vap,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_setattr_args a;
@ -405,7 +405,7 @@ int
VOP_READ(struct vnode *vp,
struct uio *uio,
int ioflag,
struct ucred *cred)
kauth_cred_t cred)
{
struct vop_read_args a;
#ifdef VNODE_LOCKDEBUG
@ -443,7 +443,7 @@ int
VOP_WRITE(struct vnode *vp,
struct uio *uio,
int ioflag,
struct ucred *cred)
kauth_cred_t cred)
{
struct vop_write_args a;
#ifdef VNODE_LOCKDEBUG
@ -482,7 +482,7 @@ VOP_IOCTL(struct vnode *vp,
u_long command,
void *data,
int fflag,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_ioctl_args a;
@ -524,7 +524,7 @@ VOP_FCNTL(struct vnode *vp,
u_int command,
void *data,
int fflag,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_fcntl_args a;
@ -668,7 +668,7 @@ const struct vnodeop_desc vop_mmap_desc = {
int
VOP_MMAP(struct vnode *vp,
int fflags,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_mmap_args a;
@ -699,7 +699,7 @@ const struct vnodeop_desc vop_fsync_desc = {
};
int
VOP_FSYNC(struct vnode *vp,
struct ucred *cred,
kauth_cred_t cred,
int flags,
off_t offlo,
off_t offhi,
@ -743,7 +743,7 @@ int
VOP_SEEK(struct vnode *vp,
off_t oldoff,
off_t newoff,
struct ucred *cred)
kauth_cred_t cred)
{
struct vop_seek_args a;
#ifdef VNODE_LOCKDEBUG
@ -1038,7 +1038,7 @@ const struct vnodeop_desc vop_readdir_desc = {
int
VOP_READDIR(struct vnode *vp,
struct uio *uio,
struct ucred *cred,
kauth_cred_t cred,
int *eofflag,
off_t **cookies,
int *ncookies)
@ -1080,7 +1080,7 @@ const struct vnodeop_desc vop_readlink_desc = {
int
VOP_READLINK(struct vnode *vp,
struct uio *uio,
struct ucred *cred)
kauth_cred_t cred)
{
struct vop_readlink_args a;
#ifdef VNODE_LOCKDEBUG
@ -1470,7 +1470,7 @@ const struct vnodeop_desc vop_lease_desc = {
int
VOP_LEASE(struct vnode *vp,
struct lwp *l,
struct ucred *cred,
kauth_cred_t cred,
int flag)
{
struct vop_lease_args a;
@ -1610,7 +1610,7 @@ const struct vnodeop_desc vop_closeextattr_desc = {
int
VOP_CLOSEEXTATTR(struct vnode *vp,
int commit,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_closeextattr_args a;
@ -1651,7 +1651,7 @@ VOP_GETEXTATTR(struct vnode *vp,
const char *name,
struct uio *uio,
size_t *size,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_getextattr_args a;
@ -1694,7 +1694,7 @@ VOP_LISTEXTATTR(struct vnode *vp,
int attrnamespace,
struct uio *uio,
size_t *size,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_listextattr_args a;
@ -1733,7 +1733,7 @@ const struct vnodeop_desc vop_openextattr_desc = {
};
int
VOP_OPENEXTATTR(struct vnode *vp,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_openextattr_args a;
@ -1771,7 +1771,7 @@ int
VOP_DELETEEXTATTR(struct vnode *vp,
int attrnamespace,
const char *name,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_deleteextattr_args a;
@ -1812,7 +1812,7 @@ VOP_SETEXTATTR(struct vnode *vp,
int attrnamespace,
const char *name,
struct uio *uio,
struct ucred *cred,
kauth_cred_t cred,
struct lwp *l)
{
struct vop_setextattr_args a;

4
sys/kern/vnode_if.sh
View File

@ -29,7 +29,7 @@ copyright="\
* SUCH DAMAGE.
*/
"
SCRIPT_ID='$NetBSD: vnode_if.sh,v 1.41 2005/12/11 12:24:30 christos Exp $'
SCRIPT_ID='$NetBSD: vnode_if.sh,v 1.42 2006/05/14 21:15:12 elad Exp $'
# Script to produce VFS front-end sugar.
#
@ -329,7 +329,7 @@ function doit() {
# vpp (if any)
do_offset("struct vnode **");
# cred (if any)
do_offset("struct ucred *");
do_offset("kauth_cred_t");
# lwp (if any)
do_offset("struct lwp *");
# componentname

44
sys/kern/vnode_if.src
View File

@ -1,4 +1,4 @@
# $NetBSD: vnode_if.src,v 1.49 2006/05/04 16:48:16 perseant Exp $
# $NetBSD: vnode_if.src,v 1.50 2006/05/14 21:15:12 elad Exp $
#
# Copyright (c) 1992, 1993
# The Regents of the University of California. All rights reserved.
@ -130,7 +130,7 @@ vop_mknod {
vop_open {
IN LOCKED=YES struct vnode *vp;
IN int mode;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};
@ -140,7 +140,7 @@ vop_open {
vop_close {
IN LOCKED=YES struct vnode *vp;
IN int fflag;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};
@ -150,7 +150,7 @@ vop_close {
vop_access {
IN LOCKED=YES struct vnode *vp;
IN int mode;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};
@ -160,7 +160,7 @@ vop_access {
vop_getattr {
IN struct vnode *vp;
IN struct vattr *vap;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};
@ -170,7 +170,7 @@ vop_getattr {
vop_setattr {
IN LOCKED=YES struct vnode *vp;
IN struct vattr *vap;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};
@ -181,7 +181,7 @@ vop_read {
IN LOCKED=YES struct vnode *vp;
INOUT struct uio *uio;
IN int ioflag;
IN struct ucred *cred;
IN kauth_cred_t cred;
};
#
@ -191,7 +191,7 @@ vop_write {
IN LOCKED=YES struct vnode *vp;
INOUT struct uio *uio;
IN int ioflag;
IN struct ucred *cred;
IN kauth_cred_t cred;
};
#
@ -202,7 +202,7 @@ vop_ioctl {
IN u_long command;
IN void *data;
IN int fflag;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};
@ -214,7 +214,7 @@ vop_fcntl {
IN u_int command;
IN void *data;
IN int fflag;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};
@ -249,7 +249,7 @@ vop_revoke {
vop_mmap {
IN struct vnode *vp;
IN int fflags;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};
@ -258,7 +258,7 @@ vop_mmap {
#
vop_fsync {
IN LOCKED=YES struct vnode *vp;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN int flags;
IN off_t offlo;
IN off_t offhi;
@ -273,7 +273,7 @@ vop_seek {
IN struct vnode *vp;
IN off_t oldoff;
IN off_t newoff;
IN struct ucred *cred;
IN kauth_cred_t cred;
};
#
@ -365,7 +365,7 @@ vop_symlink {
vop_readdir {
IN LOCKED=YES struct vnode *vp;
INOUT struct uio *uio;
IN struct ucred *cred;
IN kauth_cred_t cred;
OUT int *eofflag;
OUT off_t **cookies;
IN int *ncookies;
@ -377,7 +377,7 @@ vop_readdir {
vop_readlink {
IN LOCKED=YES struct vnode *vp;
INOUT struct uio *uio;
IN struct ucred *cred;
IN kauth_cred_t cred;
};
#
@ -482,7 +482,7 @@ vop_advlock {
vop_lease {
IN struct vnode *vp;
IN struct lwp *l;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN int flag;
};
@ -536,7 +536,7 @@ vop_putpages {
vop_closeextattr {
IN LOCKED=YES struct vnode *vp;
IN int commit;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};
@ -549,7 +549,7 @@ vop_getextattr {
IN const char *name;
INOUT struct uio *uio;
OUT size_t *size;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};
@ -561,7 +561,7 @@ vop_listextattr {
IN int attrnamespace;
INOUT struct uio *uio;
OUT size_t *size;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};
@ -570,7 +570,7 @@ vop_listextattr {
#
vop_openextattr {
IN LOCKED=YES struct vnode *vp;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};
@ -581,7 +581,7 @@ vop_deleteextattr {
IN LOCKED=YES struct vnode *vp;
IN int attrnamespace;
IN const char *name;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};
@ -593,6 +593,6 @@ vop_setextattr {
IN int attrnamespace;
IN const char *name;
INOUT struct uio *uio;
IN struct ucred *cred;
IN kauth_cred_t cred;
IN struct lwp *l;
};