Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Properly classify kauth PASSTHRU requests.

Browse Source 
Done with much help from chuck@, thanks!
This commit is contained in:
elad 2008-02-04 21:08:13 +00:00
parent 9db39a0c09
commit 38012644ad
4 changed files with 193 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
sys/arch/sun3/dev/xd.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: xd.c,v 1.61 2008/01/02 11:48:30 ad Exp $ */
/* $NetBSD: xd.c,v 1.62 2008/02/04 21:08:13 elad Exp $ */
/*
*
@ -52,7 +52,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: xd.c,v 1.61 2008/01/02 11:48:30 ad Exp $");
__KERNEL_RCSID(0, "$NetBSD: xd.c,v 1.62 2008/02/04 21:08:13 elad Exp $");
#undef XDC_DEBUG /* full debug */
#define XDC_DIAG /* extra sanity checks */
@ -794,6 +794,42 @@ xddump(dev_t dev, daddr_t blkno, void *va, size_t sz)
*/
}
static enum kauth_device_req
xd_getkauthreq(u_char cmd)
{
enum kauth_device_req req;
switch (cmd) {
case XDCMD_WR:
case XDCMD_XWR:
req = KAUTH_REQ_DEVICE_PASSTHRU_WRITE;
break;
case XDCMD_RD:
case XDCMD_XRD:
req = KAUTH_REQ_DEVICE_PASSTHRU_READ;
break;
case XDCMD_RDP:
req = KAUTH_REQ_DEVICE_PASSTHRU_READCONF;
break;
case XDCMD_WRP:
case XDCMD_RST:
req = KAUTH_REQ_DEVICE_PASSTHRU_WRITECONF;
break;
case XDCMD_NOP:
case XDCMD_SK:
case XDCMD_TST:
default:
req = 0;
break;
}
return (req);
}
/*
* xdioctl: ioctls on XD drives. based on ioctl's of other netbsd disks.
*/
@ -871,12 +907,16 @@ xdioctl(dev_t dev, u_long command, void *addr, int flag, struct lwp *l)
}
return error;
case DIOSXDCMD:
case DIOSXDCMD: {
enum kauth_device_req req;
xio = (struct xd_iocmd *) addr;
if ((error = kauth_authorize_generic(l->l_cred,
KAUTH_GENERIC_ISSUSER, NULL)) != 0)
req = xd_getkauthreq(xio->cmd);
if ((error = kauth_authorize_device_passthru(l->l_cred,
dev, req, xio)) != 0)
return (error);
return (xdc_ioctlcmd(xd, dev, xio));
}
default:
return ENOTTY;

57
sys/arch/sun3/dev/xy.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: xy.c,v 1.64 2008/01/02 11:48:30 ad Exp $ */
/* $NetBSD: xy.c,v 1.65 2008/02/04 21:08:14 elad Exp $ */
/*
*
@ -52,7 +52,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: xy.c,v 1.64 2008/01/02 11:48:30 ad Exp $");
__KERNEL_RCSID(0, "$NetBSD: xy.c,v 1.65 2008/02/04 21:08:14 elad Exp $");
#undef XYC_DEBUG /* full debug */
#undef XYC_DIAG /* extra sanity checks */
@ -747,6 +747,49 @@ xydump(dev_t dev, daddr_t blkno, void *va, size_t sz)
*/
}
static enum kauth_device_req
xy_getkauthreq(u_char cmd)
{
enum kauth_device_req req;
switch (cmd) {
case XYCMD_WR:
case XYCMD_WTH:
case XYCMD_WFM:
case XYCMD_WRH:
req = KAUTH_REQ_DEVICE_PASSTHRU_WRITE;
break;
case XYCMD_RD:
case XYCMD_RTH:
case XYCMD_RDH:
req = KAUTH_REQ_DEVICE_PASSTHRU_READ;
break;
case XYCMD_RDS:
case XYCMD_MBD:
req = KAUTH_REQ_DEVICE_PASSTHRU_READCONF;
break;
case XYCMD_WRP:
case XYCMD_RST:
case XYCMD_SDS:
case XYCMD_MBL:
req = KAUTH_REQ_DEVICE_PASSTHRU_WRITECONF;
break;
case XYCMD_NOP:
case XYCMD_SK:
case XYCMD_ST:
case XYCMD_R:
default:
req = 0;
break;
}
return (req);
}
/*
* xyioctl: ioctls on XY drives. based on ioctl's of other netbsd disks.
*/
@ -824,12 +867,16 @@ xyioctl(dev_t dev, u_long command, void *addr, int flag, struct lwp *l)
}
return error;
case DIOSXDCMD:
case DIOSXDCMD: {
enum kauth_device_req req;
xio = (struct xd_iocmd *) addr;
if ((error = kauth_authorize_generic(l->l_cred,
KAUTH_GENERIC_ISSUSER, NULL)) != 0)
req = xy_getkauthreq(xio->cmd);
if ((error = kauth_authorize_device_passthru(l->l_cred,
dev, req, xio)) != 0)
return (error);
return (xyc_ioctlcmd(xy, dev, xio));
}
default:
return ENOTTY;

50
sys/dev/vme/xd.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: xd.c,v 1.72 2008/01/02 11:48:39 ad Exp $ */
/* $NetBSD: xd.c,v 1.73 2008/02/04 21:08:13 elad Exp $ */
/*
*
@ -51,7 +51,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: xd.c,v 1.72 2008/01/02 11:48:39 ad Exp $");
__KERNEL_RCSID(0, "$NetBSD: xd.c,v 1.73 2008/02/04 21:08:13 elad Exp $");
#undef XDC_DEBUG /* full debug */
#define XDC_DIAG /* extra sanity checks */
@ -1002,6 +1002,42 @@ xddump(dev, blkno, va, size)
}
static enum kauth_device_req
xd_getkauthreq(u_char cmd)
{
enum kauth_device_req req;
switch (cmd) {
case XDCMD_WR:
case XDCMD_XWR:
req = KAUTH_REQ_DEVICE_PASSTHRU_WRITE;
break;
case XDCMD_RD:
req = KAUTH_REQ_DEVICE_PASSTHRU_READ;
break;
case XDCMD_RDP:
case XDCMD_XRD:
req = KAUTH_REQ_DEVICE_PASSTHRU_READCONF;
break;
case XDCMD_WRP:
case XDCMD_RST:
req = KAUTH_REQ_DEVICE_PASSTHRU_WRITECONF;
break;
case XDCMD_NOP:
case XDCMD_SK:
case XDCMD_TST:
default:
req = 0;
break;
}
return (req);
}
/*
* xdioctl: ioctls on XD drives. based on ioctl's of other netbsd disks.
*/
@ -1118,12 +1154,16 @@ xdioctl(dev, command, addr, flag, l)
}
return error;
case DIOSXDCMD:
case DIOSXDCMD: {
enum kauth_device_req req;
xio = (struct xd_iocmd *) addr;
if ((error = kauth_authorize_generic(l->l_cred,
KAUTH_GENERIC_ISSUSER, NULL)) != 0)
req = xd_getkauthreq(xio->cmd);
if ((error = kauth_authorize_device_passthru(l->l_cred,
dev, req, xio)) != 0)
return (error);
return (xdc_ioctlcmd(xd, dev, xio));
}
default:
return ENOTTY;

56
sys/dev/vme/xy.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: xy.c,v 1.75 2008/01/02 11:48:39 ad Exp $ */
/* $NetBSD: xy.c,v 1.76 2008/02/04 21:08:13 elad Exp $ */
/*
*
@ -51,7 +51,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: xy.c,v 1.75 2008/01/02 11:48:39 ad Exp $");
__KERNEL_RCSID(0, "$NetBSD: xy.c,v 1.76 2008/02/04 21:08:13 elad Exp $");
#undef XYC_DEBUG /* full debug */
#undef XYC_DIAG /* extra sanity checks */
@ -915,6 +915,49 @@ xydump(dev, blkno, va, size)
}
static enum kauth_device_req
xy_getkauthreq(u_char cmd)
{
enum kauth_device_req req;
switch (cmd) {
case XYCMD_WR:
case XYCMD_WTH:
case XYCMD_WFM:
case XYCMD_WRH:
req = KAUTH_REQ_DEVICE_PASSTHRU_WRITE;
break;
case XYCMD_RD:
case XYCMD_RTH:
case XYCMD_RDH:
req = KAUTH_REQ_DEVICE_PASSTHRU_READ;
break;
case XYCMD_RDS:
case XYCMD_MBD:
req = KAUTH_REQ_DEVICE_PASSTHRU_READCONF;
break;
case XYCMD_WRP:
case XYCMD_RST:
case XYCMD_SDS:
case XYCMD_MBL:
req = KAUTH_REQ_DEVICE_PASSTHRU_WRITECONF;
break;
case XYCMD_NOP:
case XYCMD_SK:
case XYCMD_ST:
case XYCMD_R:
default:
req = 0;
break;
}
return (req);
}
/*
* xyioctl: ioctls on XY drives. based on ioctl's of other netbsd disks.
*/
@ -1030,10 +1073,13 @@ xyioctl(dev, command, addr, flag, l)
}
return error;
case DIOSXDCMD:
case DIOSXDCMD: {
enum kauth_device_req req;
xio = (struct xd_iocmd *) addr;
if ((error = kauth_authorize_generic(l->l_cred,
KAUTH_GENERIC_ISSUSER, NULL)) != 0)
req = xy_getkauthreq(xio->cmd);
if ((error = kauth_authorize_device_passthru(l->l_cred,
dev, req, xio)) != 0)
return (error);
return (xyc_ioctlcmd(xy, dev, xio));