Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

integrate kauth.

This commit is contained in:
elad 2006-05-14 21:19:33 +00:00
parent bad43188a8
commit 874fef3711
135 changed files with 866 additions and 692 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/altq/altq_afmap.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: altq_afmap.c,v 1.10 2006/04/23 06:46:39 christos Exp $ */
/* $NetBSD: altq_afmap.c,v 1.11 2006/05/14 21:24:49 elad Exp $ */
/* $KAME: altq_afmap.c,v 1.7 2000/12/14 08:12:45 thorpej Exp $ */
/*
@ -36,7 +36,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: altq_afmap.c,v 1.10 2006/04/23 06:46:39 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: altq_afmap.c,v 1.11 2006/05/14 21:24:49 elad Exp $");
#ifdef _KERNEL_OPT
#include "opt_altq.h"
@ -383,7 +383,8 @@ afmioctl(dev, cmd, addr, flag, l)
#if (__FreeBSD_version > 400000)
error = suser(p);
#else
error = suser(p->p_ucred, &p->p_acflag);
error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag);
#endif
if (error)
return (error);

8
sys/altq/altq_blue.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: altq_blue.c,v 1.14 2006/04/23 16:57:22 christos Exp $ */
/* $NetBSD: altq_blue.c,v 1.15 2006/05/14 21:24:49 elad Exp $ */
/* $KAME: altq_blue.c,v 1.8 2002/01/07 11:25:40 kjc Exp $ */
/*
@ -61,7 +61,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: altq_blue.c,v 1.14 2006/04/23 16:57:22 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: altq_blue.c,v 1.15 2006/05/14 21:24:49 elad Exp $");
#if defined(__FreeBSD__) || defined(__NetBSD__)
#include "opt_altq.h"
@ -177,7 +177,9 @@ blueioctl(dev, cmd, addr, flag, l)
if ((error = suser(p)) != 0)
return (error);
#else
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
#endif
break;

7
sys/altq/altq_cbq.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: altq_cbq.c,v 1.14 2006/04/23 16:57:22 christos Exp $ */
/* $NetBSD: altq_cbq.c,v 1.15 2006/05/14 21:24:49 elad Exp $ */
/* $KAME: altq_cbq.c,v 1.11 2002/10/04 14:24:09 kjc Exp $ */
/*
@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: altq_cbq.c,v 1.14 2006/04/23 16:57:22 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: altq_cbq.c,v 1.15 2006/05/14 21:24:49 elad Exp $");
#if defined(__FreeBSD__) || defined(__NetBSD__)
#include "opt_altq.h"
@ -860,7 +860,8 @@ cbqioctl(dev, cmd, addr, flag, l)
#if (__FreeBSD_version > 400000)
error = suser(p);
#else
error = suser(p->p_ucred, &p->p_acflag);
error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag);
#endif
if (error)
return (error);

8
sys/altq/altq_cdnr.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: altq_cdnr.c,v 1.11 2006/04/23 06:46:40 christos Exp $ */
/* $NetBSD: altq_cdnr.c,v 1.12 2006/05/14 21:24:49 elad Exp $ */
/* $KAME: altq_cdnr.c,v 1.8 2000/12/14 08:12:45 thorpej Exp $ */
/*
@ -28,7 +28,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: altq_cdnr.c,v 1.11 2006/04/23 06:46:40 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: altq_cdnr.c,v 1.12 2006/05/14 21:24:49 elad Exp $");
#if defined(__FreeBSD__) || defined(__NetBSD__)
#include "opt_altq.h"
@ -1259,7 +1259,9 @@ cdnrioctl(dev, cmd, addr, flag, l)
#if (__FreeBSD_version > 400000)
if ((error = suser(p)) != 0)
#else
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
#endif
return (error);
break;

8
sys/altq/altq_conf.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: altq_conf.c,v 1.12 2005/12/11 12:16:03 christos Exp $ */
/* $NetBSD: altq_conf.c,v 1.13 2006/05/14 21:24:49 elad Exp $ */
/* $KAME: altq_conf.c,v 1.13 2002/01/29 10:16:01 kjc Exp $ */
/*
@ -28,7 +28,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: altq_conf.c,v 1.12 2005/12/11 12:16:03 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: altq_conf.c,v 1.13 2006/05/14 21:24:49 elad Exp $");
#if defined(__FreeBSD__) || defined(__NetBSD__)
#include "opt_altq.h"
@ -275,7 +275,9 @@ altqioctl(dev, cmd, addr, flag, l)
if ((error = suser(p)) != 0)
return (error);
#else
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
#endif
break;

8
sys/altq/altq_fifoq.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: altq_fifoq.c,v 1.8 2006/04/23 06:46:40 christos Exp $ */
/* $NetBSD: altq_fifoq.c,v 1.9 2006/05/14 21:24:49 elad Exp $ */
/* $KAME: altq_fifoq.c,v 1.7 2000/12/14 08:12:45 thorpej Exp $ */
/*
@ -28,7 +28,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: altq_fifoq.c,v 1.8 2006/04/23 06:46:40 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: altq_fifoq.c,v 1.9 2006/05/14 21:24:49 elad Exp $");
#if defined(__FreeBSD__) || defined(__NetBSD__)
#include "opt_altq.h"
@ -139,7 +139,9 @@ fifoqioctl(dev, cmd, addr, flag, l)
if ((error = suser(p)) != 0)
return (error);
#else
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
#endif
break;

8
sys/altq/altq_hfsc.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: altq_hfsc.c,v 1.14 2006/04/23 16:57:22 christos Exp $ */
/* $NetBSD: altq_hfsc.c,v 1.15 2006/05/14 21:24:49 elad Exp $ */
/* $KAME: altq_hfsc.c,v 1.9 2001/10/26 04:56:11 kjc Exp $ */
/*
@ -41,7 +41,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: altq_hfsc.c,v 1.14 2006/04/23 16:57:22 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: altq_hfsc.c,v 1.15 2006/05/14 21:24:49 elad Exp $");
#if defined(__FreeBSD__) || defined(__NetBSD__)
#include "opt_altq.h"
@ -1455,7 +1455,9 @@ hfscioctl(dev, cmd, addr, flag, l)
if ((error = suser(p)) != 0)
return (error);
#else
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
#endif
break;

8
sys/altq/altq_priq.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: altq_priq.c,v 1.10 2006/04/23 06:46:40 christos Exp $ */
/* $NetBSD: altq_priq.c,v 1.11 2006/05/14 21:24:49 elad Exp $ */
/* $KAME: altq_priq.c,v 1.2 2001/10/26 04:56:11 kjc Exp $ */
/*
* Copyright (C) 2000
@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: altq_priq.c,v 1.10 2006/04/23 06:46:40 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: altq_priq.c,v 1.11 2006/05/14 21:24:49 elad Exp $");
#if defined(__FreeBSD__) || defined(__NetBSD__)
#include "opt_altq.h"
@ -549,7 +549,9 @@ priqioctl(dev, cmd, addr, flag, l)
if ((error = suser(p)) != 0)
return (error);
#else
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
#endif
break;

8
sys/altq/altq_red.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: altq_red.c,v 1.15 2006/04/23 16:57:22 christos Exp $ */
/* $NetBSD: altq_red.c,v 1.16 2006/05/14 21:24:49 elad Exp $ */
/* $KAME: altq_red.c,v 1.9 2002/01/07 11:25:40 kjc Exp $ */
/*
@ -61,7 +61,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: altq_red.c,v 1.15 2006/04/23 16:57:22 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: altq_red.c,v 1.16 2006/05/14 21:24:49 elad Exp $");
#if defined(__FreeBSD__) || defined(__NetBSD__)
#include "opt_altq.h"
@ -271,7 +271,9 @@ redioctl(dev, cmd, addr, flag, l)
#if (__FreeBSD_version > 400000)
if ((error = suser(p)) != 0)
#else
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
#endif
return (error);
break;

8
sys/altq/altq_rio.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: altq_rio.c,v 1.9 2006/04/23 06:46:40 christos Exp $ */
/* $NetBSD: altq_rio.c,v 1.10 2006/05/14 21:24:49 elad Exp $ */
/* $KAME: altq_rio.c,v 1.8 2000/12/14 08:12:46 thorpej Exp $ */
/*
@ -60,7 +60,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: altq_rio.c,v 1.9 2006/04/23 06:46:40 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: altq_rio.c,v 1.10 2006/05/14 21:24:49 elad Exp $");
#if defined(__FreeBSD__) || defined(__NetBSD__)
#include "opt_altq.h"
@ -246,7 +246,9 @@ rioioctl(dev, cmd, addr, flag, l)
if ((error = suser(p)) != 0)
return (error);
#else
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
return (error);
#endif
break;

8
sys/altq/altq_wfq.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: altq_wfq.c,v 1.10 2006/04/23 06:46:40 christos Exp $ */
/* $NetBSD: altq_wfq.c,v 1.11 2006/05/14 21:24:49 elad Exp $ */
/* $KAME: altq_wfq.c,v 1.7 2000/12/14 08:12:46 thorpej Exp $ */
/*
@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: altq_wfq.c,v 1.10 2006/04/23 06:46:40 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: altq_wfq.c,v 1.11 2006/05/14 21:24:49 elad Exp $");
#if defined(__FreeBSD__) || defined(__NetBSD__)
#include "opt_altq.h"
@ -689,7 +689,9 @@ wfqioctl(dev, cmd, addr, flag, l)
#if (__FreeBSD_version > 400000)
if ((error = suser(p)) != 0)
#else
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
#endif
return (error);
break;

33
sys/coda/coda_namecache.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: coda_namecache.c,v 1.17 2005/12/11 12:19:50 christos Exp $ */
/* $NetBSD: coda_namecache.c,v 1.18 2006/05/14 21:24:49 elad Exp $ */
/*
*
@ -77,12 +77,13 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: coda_namecache.c,v 1.17 2005/12/11 12:19:50 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: coda_namecache.c,v 1.18 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/errno.h>
#include <sys/malloc.h>
#include <sys/select.h>
#include <sys/kauth.h>
#include <coda/coda.h>
#include <coda/cnode.h>
@ -121,7 +122,7 @@ int coda_nc_debug = 0;
*/
static struct coda_cache *
coda_nc_find(struct cnode *dcp, const char *name, int namelen,
struct ucred *cred, int hash);
kauth_cred_t cred, int hash);
static void
coda_nc_remove(struct coda_cache *cncp, enum dc_status dcstat);
@ -172,7 +173,7 @@ coda_nc_init(void)
static struct coda_cache *
coda_nc_find(struct cnode *dcp, const char *name, int namelen,
struct ucred *cred, int hash)
kauth_cred_t cred, int hash)
{
/*
* hash to find the appropriate bucket, look through the chain
@ -202,8 +203,12 @@ coda_nc_find(struct cnode *dcp, const char *name, int namelen,
printf("coda_nc_find: name %s, new cred = %p, cred = %p\n",
name, cred, cncp->cred);
printf("nref %d, nuid %d, ngid %d // oref %d, ocred %d, ogid %d\n",
cred->cr_ref, cred->cr_uid, cred->cr_gid,
cncp->cred->cr_ref, cncp->cred->cr_uid, cncp->cred->cr_gid);
kauth_cred_getrefcnt(cred),
kauth_cred_geteuid(cred),
kauth_cred_getegid(cred),
kauth_cred_getrefcnt(cncp->cred),
kauth_cred_geteuid(cncp->cred),
kauth_cred_getegid(cncp->cred));
print_cred(cred);
print_cred(cncp->cred);
}
@ -219,7 +224,7 @@ coda_nc_find(struct cnode *dcp, const char *name, int namelen,
*/
void
coda_nc_enter(struct cnode *dcp, const char *name, int namelen,
struct ucred *cred, struct cnode *cp)
kauth_cred_t cred, struct cnode *cp)
{
struct coda_cache *cncp;
int hash;
@ -262,7 +267,7 @@ coda_nc_enter(struct cnode *dcp, const char *name, int namelen,
CODA_NC_HSHREM(cncp);
vrele(CTOV(cncp->dcp));
vrele(CTOV(cncp->cp));
crfree(cncp->cred);
kauth_cred_free(cncp->cred);
}
/*
@ -270,7 +275,7 @@ coda_nc_enter(struct cnode *dcp, const char *name, int namelen,
*/
vref(CTOV(cp));
vref(CTOV(dcp));
crhold(cred);
kauth_cred_hold(cred);
cncp->dcp = dcp;
cncp->cp = cp;
cncp->namelen = namelen;
@ -293,7 +298,7 @@ coda_nc_enter(struct cnode *dcp, const char *name, int namelen,
*/
struct cnode *
coda_nc_lookup(struct cnode *dcp, const char *name, int namelen,
struct ucred *cred)
kauth_cred_t cred)
{
int hash;
struct coda_cache *cncp;
@ -364,7 +369,7 @@ coda_nc_remove(struct coda_cache *cncp, enum dc_status dcstat)
}
vrele(CTOV(cncp->cp));
crfree(cncp->cred);
kauth_cred_free(cncp->cred);
memset(DATA_PART(cncp), 0, DATA_SIZE);
/* Put the null entry just after the least-recently-used entry */
@ -451,7 +456,7 @@ coda_nc_zapfid(CodaFid *fid, enum dc_status dcstat)
* Remove all entries which match the fid and the cred
*/
void
coda_nc_zapvnode(CodaFid *fid, struct ucred *cred, enum dc_status dcstat)
coda_nc_zapvnode(CodaFid *fid, kauth_cred_t cred, enum dc_status dcstat)
{
/* See comment for zapfid. I don't think that one would ever
want to zap a file with a specific cred from the kernel.
@ -533,7 +538,7 @@ coda_nc_purge_user(uid_t uid, enum dc_status dcstat)
ncncp = CODA_NC_LRUGET(*cncp);
if ((CODA_NC_VALID(cncp)) &&
((cncp->cred)->cr_uid == uid)) {
(kauth_cred_geteuid(cncp->cred) == uid)) {
/* Seems really ugly, but we have to decrement the appropriate
hash bucket length here, so we have to find the hash bucket
*/
@ -598,7 +603,7 @@ coda_nc_flush(enum dc_status dcstat)
}
vrele(CTOV(cncp->cp));
crfree(cncp->cred);
kauth_cred_free(cncp->cred);
memset(DATA_PART(cncp), 0, DATA_SIZE);
}
}

12
sys/coda/coda_namecache.h
View File

@ -1,4 +1,4 @@
/* $NetBSD: coda_namecache.h,v 1.9 2005/12/11 12:19:50 christos Exp $ */
/* $NetBSD: coda_namecache.h,v 1.10 2006/05/14 21:24:49 elad Exp $ */
/*
*
@ -114,7 +114,7 @@ struct coda_cache {
struct coda_cache *lru_next, *lru_prev; /* LRU list */
struct cnode *cp; /* vnode of the file */
struct cnode *dcp; /* parent's cnode */
struct ucred *cred; /* user credentials */
kauth_cred_t cred; /* user credentials */
char name[CODA_NC_NAMELEN]; /* segment name */
int namelen; /* length of name */
};
@ -139,12 +139,14 @@ struct coda_hash { /* Start of Hash chain */
/* Prototypes of functions exported within cfs */
extern void coda_nc_init(void);
extern void coda_nc_enter(struct cnode *, const char *, int, struct ucred *, struct cnode *);
extern struct cnode *coda_nc_lookup(struct cnode *, const char *, int, struct ucred *);
extern void coda_nc_enter(struct cnode *, const char *, int,
kauth_cred_t, struct cnode *);
extern struct cnode *coda_nc_lookup(struct cnode *, const char *, int,
kauth_cred_t);
extern void coda_nc_zapParentfid(CodaFid *, enum dc_status);
extern void coda_nc_zapfid(CodaFid *, enum dc_status);
extern void coda_nc_zapvnode(CodaFid *, struct ucred *, enum dc_status);
extern void coda_nc_zapvnode(CodaFid *, kauth_cred_t, enum dc_status);
extern void coda_nc_zapfile(struct cnode *, const char *, int);
extern void coda_nc_purge_user(uid_t, enum dc_status);
extern void coda_nc_flush(enum dc_status);

51
sys/coda/coda_venus.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: coda_venus.c,v 1.23 2006/04/12 00:59:56 christos Exp $ */
/* $NetBSD: coda_venus.c,v 1.24 2006/05/14 21:24:49 elad Exp $ */
/*
*
@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: coda_venus.c,v 1.23 2006/04/12 00:59:56 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: coda_venus.c,v 1.24 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -42,6 +42,7 @@ __KERNEL_RCSID(0, "$NetBSD: coda_venus.c,v 1.23 2006/04/12 00:59:56 christos Exp
#include <sys/ioctl.h>
/* for CNV_OFLAGS below */
#include <sys/fcntl.h>
#include <sys/kauth.h>
#include <coda/coda.h>
#include <coda/cnode.h>
@ -119,8 +120,8 @@ __KERNEL_RCSID(0, "$NetBSD: coda_venus.c,v 1.23 2006/04/12 00:59:56 christos Exp
KASSERT(cred != NULL); \
KASSERT(cred != FSCRED); \
if (ident != NOCRED) { \
(in)->cred.cr_uid = ident->cr_uid; \
(in)->cred.cr_groupid = ident->cr_gid; \
(in)->cred.cr_uid = kauth_cred_geteuid(ident); \
(in)->cred.cr_groupid = kauth_cred_getegid(ident); \
} else { \
memset(&((in)->cred), 0, sizeof(struct coda_cred)); \
(in)->cred.cr_uid = -1; \
@ -136,7 +137,7 @@ __KERNEL_RCSID(0, "$NetBSD: coda_venus.c,v 1.23 2006/04/12 00:59:56 christos Exp
KASSERT(cred != NULL); \
KASSERT(cred != FSCRED); \
if (ident != NOCRED) { \
(in)->uid = ident->cr_uid; \
(in)->uid = kauth_cred_geteuid(ident); \
} else { \
(in)->uid = -1; \
} \
@ -204,7 +205,7 @@ int coda_kernel_version = CODA_KERNEL_VERSION;
int
venus_root(void *mdp,
struct ucred *cred, struct proc *p,
kauth_cred_t cred, struct proc *p,
/*out*/ CodaFid *VFid)
{
DECL_NO_IN(coda_root); /* sets Isize & Osize */
@ -223,7 +224,7 @@ venus_root(void *mdp,
int
venus_open(void *mdp, CodaFid *fid, int flag,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ dev_t *dev, ino_t *inode)
{
int cflag;
@ -249,7 +250,7 @@ venus_open(void *mdp, CodaFid *fid, int flag,
int
venus_close(void *mdp, CodaFid *fid, int flag,
struct ucred *cred, struct lwp *l)
kauth_cred_t cred, struct lwp *l)
{
int cflag;
DECL_NO_OUT(coda_close); /* sets Isize & Osize */
@ -287,7 +288,7 @@ venus_write(void)
int
venus_ioctl(void *mdp, CodaFid *fid,
int com, int flag, caddr_t data,
struct ucred *cred, struct lwp *l)
kauth_cred_t cred, struct lwp *l)
{
DECL(coda_ioctl); /* sets Isize & Osize */
struct PioctlData *iap = (struct PioctlData *)data;
@ -342,7 +343,7 @@ venus_ioctl(void *mdp, CodaFid *fid,
int
venus_getattr(void *mdp, CodaFid *fid,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ struct vattr *vap)
{
DECL(coda_getattr); /* sets Isize & Osize */
@ -363,7 +364,7 @@ venus_getattr(void *mdp, CodaFid *fid,
int
venus_setattr(void *mdp, CodaFid *fid, struct vattr *vap,
struct ucred *cred, struct lwp *l)
kauth_cred_t cred, struct lwp *l)
{
DECL_NO_OUT(coda_setattr); /* sets Isize & Osize */
ALLOC_NO_OUT(coda_setattr); /* sets inp & outp */
@ -381,7 +382,7 @@ venus_setattr(void *mdp, CodaFid *fid, struct vattr *vap,
int
venus_access(void *mdp, CodaFid *fid, int mode,
struct ucred *cred, struct lwp *l)
kauth_cred_t cred, struct lwp *l)
{
DECL_NO_OUT(coda_access); /* sets Isize & Osize */
ALLOC_NO_OUT(coda_access); /* sets inp & outp */
@ -399,7 +400,7 @@ venus_access(void *mdp, CodaFid *fid, int mode,
int
venus_readlink(void *mdp, CodaFid *fid,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ char **str, int *len)
{
DECL(coda_readlink); /* sets Isize & Osize */
@ -456,7 +457,7 @@ out:
int
venus_fsync(void *mdp, CodaFid *fid,
struct ucred *cred, struct lwp *l)
kauth_cred_t cred, struct lwp *l)
{
DECL_NO_OUT(coda_fsync); /* sets Isize & Osize */
ALLOC_NO_OUT(coda_fsync); /* sets inp & outp */
@ -474,7 +475,7 @@ venus_fsync(void *mdp, CodaFid *fid,
int
venus_lookup(void *mdp, CodaFid *fid,
const char *nm, int len,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ CodaFid *VFid, int *vtype)
{
DECL(coda_lookup); /* sets Isize & Osize */
@ -513,7 +514,7 @@ venus_lookup(void *mdp, CodaFid *fid,
int
venus_create(void *mdp, CodaFid *fid,
const char *nm, int len, int exclusive, int mode, struct vattr *va,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ CodaFid *VFid, struct vattr *attr)
{
DECL(coda_create); /* sets Isize & Osize */
@ -544,7 +545,7 @@ venus_create(void *mdp, CodaFid *fid,
int
venus_remove(void *mdp, CodaFid *fid,
const char *nm, int len,
struct ucred *cred, struct lwp *l)
kauth_cred_t cred, struct lwp *l)
{
DECL_NO_OUT(coda_remove); /* sets Isize & Osize */
coda_remove_size += len + 1;
@ -566,7 +567,7 @@ venus_remove(void *mdp, CodaFid *fid,
int
venus_link(void *mdp, CodaFid *fid, CodaFid *tfid,
const char *nm, int len,
struct ucred *cred, struct lwp *l)
kauth_cred_t cred, struct lwp *l)
{
DECL_NO_OUT(coda_link); /* sets Isize & Osize */
coda_link_size += len + 1;
@ -589,7 +590,7 @@ venus_link(void *mdp, CodaFid *fid, CodaFid *tfid,
int
venus_rename(void *mdp, CodaFid *fid, CodaFid *tfid,
const char *nm, int len, const char *tnm, int tlen,
struct ucred *cred, struct lwp *l)
kauth_cred_t cred, struct lwp *l)
{
DECL_NO_OUT(coda_rename); /* sets Isize & Osize */
coda_rename_size += len + 1 + tlen + 1;
@ -615,7 +616,7 @@ venus_rename(void *mdp, CodaFid *fid, CodaFid *tfid,
int
venus_mkdir(void *mdp, CodaFid *fid,
const char *nm, int len, struct vattr *va,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ CodaFid *VFid, struct vattr *ova)
{
DECL(coda_mkdir); /* sets Isize & Osize */
@ -644,7 +645,7 @@ venus_mkdir(void *mdp, CodaFid *fid,
int
venus_rmdir(void *mdp, CodaFid *fid,
const char *nm, int len,
struct ucred *cred, struct lwp *l)
kauth_cred_t cred, struct lwp *l)
{
DECL_NO_OUT(coda_rmdir); /* sets Isize & Osize */
coda_rmdir_size += len + 1;
@ -666,7 +667,7 @@ venus_rmdir(void *mdp, CodaFid *fid,
int
venus_symlink(void *mdp, CodaFid *fid,
const char *lnm, int llen, const char *nm, int len, struct vattr *va,
struct ucred *cred, struct lwp *l)
kauth_cred_t cred, struct lwp *l)
{
DECL_NO_OUT(coda_symlink); /* sets Isize & Osize */
coda_symlink_size += llen + 1 + len + 1;
@ -692,7 +693,7 @@ venus_symlink(void *mdp, CodaFid *fid,
int
venus_readdir(void *mdp, CodaFid *fid,
int count, int offset,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ char *buffer, int *len)
{
DECL(coda_readdir); /* sets Isize & Osize */
@ -718,7 +719,7 @@ venus_readdir(void *mdp, CodaFid *fid,
}
int
venus_statfs(void *mdp, struct ucred *cred, struct lwp *l,
venus_statfs(void *mdp, kauth_cred_t cred, struct lwp *l,
/*out*/ struct coda_statfs *fsp)
{
DECL(coda_statfs); /* sets Isize & Osize */
@ -739,7 +740,7 @@ venus_statfs(void *mdp, struct ucred *cred, struct lwp *l,
int
venus_fhtovp(void *mdp, CodaFid *fid,
struct ucred *cred, struct proc *p,
kauth_cred_t cred, struct proc *p,
/*out*/ CodaFid *VFid, int *vtype)
{
DECL(coda_vget); /* sets Isize & Osize */

42
sys/coda/coda_venus.h
View File

@ -1,4 +1,4 @@
/* $NetBSD: coda_venus.h,v 1.9 2005/12/11 12:19:50 christos Exp $ */
/* $NetBSD: coda_venus.h,v 1.10 2006/05/14 21:24:49 elad Exp $ */
/*
*
@ -33,17 +33,17 @@
int
venus_root(void *mdp,
struct ucred *cred, struct proc *p,
kauth_cred_t cred, struct proc *p,
/*out*/ CodaFid *VFid);
int
venus_open(void *mdp, CodaFid *fid, int flag,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ dev_t *dev, ino_t *inode);
int
venus_close(void *mdp, CodaFid *fid, int flag,
struct ucred *cred, struct lwp *l);
kauth_cred_t cred, struct lwp *l);
void
venus_read(void);
@ -54,84 +54,84 @@ venus_write(void);
int
venus_ioctl(void *mdp, CodaFid *fid,
int com, int flag, caddr_t data,
struct ucred *cred, struct lwp *l);
kauth_cred_t cred, struct lwp *l);
int
venus_getattr(void *mdp, CodaFid *fid,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ struct vattr *vap);
int
venus_setattr(void *mdp, CodaFid *fid, struct vattr *vap,
struct ucred *cred, struct lwp *l);
kauth_cred_t cred, struct lwp *l);
int
venus_access(void *mdp, CodaFid *fid, int mode,
struct ucred *cred, struct lwp *l);
kauth_cred_t cred, struct lwp *l);
int
venus_readlink(void *mdp, CodaFid *fid,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ char **str, int *len);
int
venus_fsync(void *mdp, CodaFid *fid,
struct ucred *cred, struct lwp *l);
kauth_cred_t cred, struct lwp *l);
int
venus_lookup(void *mdp, CodaFid *fid,
const char *nm, int len,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ CodaFid *VFid, int *vtype);
int
venus_create(void *mdp, CodaFid *fid,
const char *nm, int len, int exclusive, int mode, struct vattr *va,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ CodaFid *VFid, struct vattr *attr);
int
venus_remove(void *mdp, CodaFid *fid,
const char *nm, int len,
struct ucred *cred, struct lwp *l);
kauth_cred_t cred, struct lwp *l);
int
venus_link(void *mdp, CodaFid *fid, CodaFid *tfid,
const char *nm, int len,
struct ucred *cred, struct lwp *l);
kauth_cred_t cred, struct lwp *l);
int
venus_rename(void *mdp, CodaFid *fid, CodaFid *tfid,
const char *nm, int len, const char *tnm, int tlen,
struct ucred *cred, struct lwp *l);
kauth_cred_t cred, struct lwp *l);
int
venus_mkdir(void *mdp, CodaFid *fid,
const char *nm, int len, struct vattr *va,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ CodaFid *VFid, struct vattr *ova);
int
venus_rmdir(void *mdp, CodaFid *fid,
const char *nm, int len,
struct ucred *cred, struct lwp *l);
kauth_cred_t cred, struct lwp *l);
int
venus_symlink(void *mdp, CodaFid *fid,
const char *lnm, int llen, const char *nm, int len, struct vattr *va,
struct ucred *cred, struct lwp *l);
kauth_cred_t cred, struct lwp *l);
int
venus_readdir(void *mdp, CodaFid *fid,
int count, int offset,
struct ucred *cred, struct lwp *l,
kauth_cred_t cred, struct lwp *l,
/*out*/ char *buffer, int *len);
int
venus_statfs(void *mdp, struct ucred *cred, struct lwp *l,
venus_statfs(void *mdp, kauth_cred_t cred, struct lwp *l,
/*out*/ struct coda_statfs *fsp);
int
venus_fhtovp(void *mdp, CodaFid *fid,
struct ucred *cred, struct proc *p,
kauth_cred_t cred, struct proc *p,
/*out*/ CodaFid *VFid, int *vtype);

15
sys/coda/coda_vfsops.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: coda_vfsops.c,v 1.47 2005/12/11 12:19:50 christos Exp $ */
/* $NetBSD: coda_vfsops.c,v 1.48 2006/05/14 21:24:49 elad Exp $ */
/*
*
@ -45,7 +45,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: coda_vfsops.c,v 1.47 2005/12/11 12:19:50 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: coda_vfsops.c,v 1.48 2006/05/14 21:24:49 elad Exp $");
#ifdef _LKM
#define NVCODA 4
@ -63,6 +63,7 @@ __KERNEL_RCSID(0, "$NetBSD: coda_vfsops.c,v 1.47 2005/12/11 12:19:50 christos Ex
#include <sys/mount.h>
#include <sys/proc.h>
#include <sys/select.h>
#include <sys/kauth.h>
#include <coda/coda.h>
#include <coda/cnode.h>
@ -353,7 +354,7 @@ coda_root(struct mount *vfsp, struct vnode **vpp)
}
}
error = venus_root(vftomi(vfsp), p->p_cred->pc_ucred, p, &VFid);
error = venus_root(vftomi(vfsp), p->p_cred, p, &VFid);
if (!error) {
/*
@ -426,7 +427,7 @@ coda_nb_statvfs(struct mount *vfsp, struct statvfs *sbp, struct lwp *l)
*/
/* Note: Normal fs's have a bsize of 0x400 == 1024 */
error = venus_statfs(vftomi(vfsp), p->p_cred->pc_ucred, l, &fsstat);
error = venus_statfs(vftomi(vfsp), p->p_cred, l, &fsstat);
if (!error) {
sbp->f_bsize = 8192; /* XXX */
@ -451,7 +452,7 @@ coda_nb_statvfs(struct mount *vfsp, struct statvfs *sbp, struct lwp *l)
* Flush any pending I/O.
*/
int
coda_sync(struct mount *vfsp, int waitfor, struct ucred *cred, struct lwp *l)
coda_sync(struct mount *vfsp, int waitfor, kauth_cred_t cred, struct lwp *l)
{
ENTRY;
MARK_ENTRY(CODA_SYNC_STATS);
@ -473,7 +474,7 @@ coda_vget(struct mount *vfsp, ino_t ino, struct vnode **vpp)
*/
int
coda_fhtovp(struct mount *vfsp, struct fid *fhp, struct mbuf *nam,
struct vnode **vpp, int *exflagsp, struct ucred **creadanonp)
struct vnode **vpp, int *exflagsp, kauth_cred_t *creadanonp)
{
struct cfid *cfid = (struct cfid *)fhp;
struct cnode *cp = 0;
@ -493,7 +494,7 @@ coda_fhtovp(struct mount *vfsp, struct fid *fhp, struct mbuf *nam,
return(0);
}
error = venus_fhtovp(vftomi(vfsp), &cfid->cfid_fid, p->p_cred->pc_ucred, p, &VFid, &vtype);
error = venus_fhtovp(vftomi(vfsp), &cfid->cfid_fid, p->p_cred, p, &VFid, &vtype);
if (error) {
CODADEBUG(CODA_VGET, myprintf(("vget error %d\n",error));)

6
sys/coda/coda_vfsops.h
View File

@ -1,4 +1,4 @@
/* $NetBSD: coda_vfsops.h,v 1.14 2005/12/11 12:19:50 christos Exp $ */
/* $NetBSD: coda_vfsops.h,v 1.15 2006/05/14 21:24:49 elad Exp $ */
/*
*
@ -53,10 +53,10 @@ int coda_unmount(struct mount *, int, struct lwp *);
int coda_root(struct mount *, struct vnode **);
int coda_quotactl(struct mount *, int, uid_t, void *, struct lwp *);
int coda_nb_statvfs(struct mount *, struct statvfs *, struct lwp *);
int coda_sync(struct mount *, int, struct ucred *, struct lwp *);
int coda_sync(struct mount *, int, kauth_cred_t, struct lwp *);
int coda_vget(struct mount *, ino_t, struct vnode **);
int coda_fhtovp(struct mount *, struct fid *, struct mbuf *, struct vnode **,
int *, struct ucred **);
int *, kauth_cred_t *);
int coda_vptofh(struct vnode *, struct fid *);
void coda_init(void);
void coda_done(void);

57
sys/coda/coda_vnops.c
View File

@ -6,7 +6,7 @@ mkdir
rmdir
symlink
*/
/* $NetBSD: coda_vnops.c,v 1.48 2006/04/12 01:05:14 christos Exp $ */
/* $NetBSD: coda_vnops.c,v 1.49 2006/05/14 21:24:49 elad Exp $ */
/*
*
@ -54,7 +54,7 @@ symlink
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: coda_vnops.c,v 1.48 2006/04/12 01:05:14 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: coda_vnops.c,v 1.49 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -69,6 +69,8 @@ __KERNEL_RCSID(0, "$NetBSD: coda_vnops.c,v 1.48 2006/04/12 01:05:14 christos Exp
#include <sys/proc.h>
#include <sys/select.h>
#include <sys/user.h>
#include <sys/kauth.h>
#include <miscfs/genfs/genfs.h>
#include <coda/coda.h>
@ -224,7 +226,7 @@ coda_open(void *v)
struct vnode **vpp = &(ap->a_vp);
struct cnode *cp = VTOC(*vpp);
int flag = ap->a_mode & (~O_EXCL);
struct ucred *cred = ap->a_cred;
kauth_cred_t cred = ap->a_cred;
struct lwp *l = ap->a_l;
/* locals */
int error;
@ -301,7 +303,7 @@ coda_close(void *v)
struct vnode *vp = ap->a_vp;
struct cnode *cp = VTOC(vp);
int flag = ap->a_fflag;
struct ucred *cred = ap->a_cred;
kauth_cred_t cred = ap->a_cred;
struct lwp *l = ap->a_l;
/* locals */
int error;
@ -374,7 +376,7 @@ coda_write(void *v)
int
coda_rdwr(struct vnode *vp, struct uio *uiop, enum uio_rw rw, int ioflag,
struct ucred *cred, struct lwp *l)
kauth_cred_t cred, struct lwp *l)
{
/* upcall decl */
/* NOTE: container file operation!!! */
@ -477,7 +479,7 @@ coda_ioctl(void *v)
int com = ap->a_command;
caddr_t data = ap->a_data;
int flag = ap->a_fflag;
struct ucred *cred = ap->a_cred;
kauth_cred_t cred = ap->a_cred;
struct lwp *l = ap->a_l;
/* locals */
int error;
@ -561,7 +563,7 @@ coda_getattr(void *v)
struct vnode *vp = ap->a_vp;
struct cnode *cp = VTOC(vp);
struct vattr *vap = ap->a_vap;
struct ucred *cred = ap->a_cred;
kauth_cred_t cred = ap->a_cred;
struct lwp *l = ap->a_l;
/* locals */
int error;
@ -613,7 +615,7 @@ coda_setattr(void *v)
struct vnode *vp = ap->a_vp;
struct cnode *cp = VTOC(vp);
struct vattr *vap = ap->a_vap;
struct ucred *cred = ap->a_cred;
kauth_cred_t cred = ap->a_cred;
struct lwp *l = ap->a_l;
/* locals */
int error;
@ -646,7 +648,7 @@ coda_access(void *v)
struct vnode *vp = ap->a_vp;
struct cnode *cp = VTOC(vp);
int mode = ap->a_mode;
struct ucred *cred = ap->a_cred;
kauth_cred_t cred = ap->a_cred;
struct lwp *l = ap->a_l;
/* locals */
int error;
@ -711,7 +713,7 @@ coda_readlink(void *v)
struct vnode *vp = ap->a_vp;
struct cnode *cp = VTOC(vp);
struct uio *uiop = ap->a_uio;
struct ucred *cred = ap->a_cred;
kauth_cred_t cred = ap->a_cred;
/* locals */
struct lwp *l = curlwp;
int error;
@ -761,7 +763,7 @@ coda_fsync(void *v)
struct vop_fsync_args *ap = v;
struct vnode *vp = ap->a_vp;
struct cnode *cp = VTOC(vp);
struct ucred *cred = ap->a_cred;
kauth_cred_t cred = ap->a_cred;
struct lwp *l = ap->a_l;
/* locals */
struct vnode *convp = cp->c_ovp;
@ -813,7 +815,7 @@ coda_inactive(void *v)
struct vop_inactive_args *ap = v;
struct vnode *vp = ap->a_vp;
struct cnode *cp = VTOC(vp);
struct ucred *cred __attribute__((unused)) = NULL;
kauth_cred_t cred __attribute__((unused)) = NULL;
struct lwp *l __attribute__((unused)) = curlwp;
/* upcall decl */
/* locals */
@ -893,7 +895,7 @@ coda_lookup(void *v)
* could be wrong.
*/
struct componentname *cnp = ap->a_cnp;
struct ucred *cred = cnp->cn_cred;
kauth_cred_t cred = cnp->cn_cred;
struct lwp *l = cnp->cn_lwp;
/* locals */
struct cnode *cp;
@ -1055,7 +1057,7 @@ coda_create(void *v)
int mode = ap->a_vap->va_mode;
struct vnode **vpp = ap->a_vpp;
struct componentname *cnp = ap->a_cnp;
struct ucred *cred = cnp->cn_cred;
kauth_cred_t cred = cnp->cn_cred;
struct lwp *l = cnp->cn_lwp;
/* locals */
int error;
@ -1155,7 +1157,7 @@ coda_remove(void *v)
struct vnode *dvp = ap->a_dvp;
struct cnode *cp = VTOC(dvp);
struct componentname *cnp = ap->a_cnp;
struct ucred *cred = cnp->cn_cred;
kauth_cred_t cred = cnp->cn_cred;
struct lwp *l = cnp->cn_lwp;
/* locals */
int error;
@ -1230,7 +1232,7 @@ coda_link(void *v)
struct vnode *tdvp = ap->a_dvp;
struct cnode *tdcp = VTOC(tdvp);
struct componentname *cnp = ap->a_cnp;
struct ucred *cred = cnp->cn_cred;
kauth_cred_t cred = cnp->cn_cred;
struct lwp *l = cnp->cn_lwp;
/* locals */
int error;
@ -1309,7 +1311,7 @@ coda_rename(void *v)
struct vnode *ndvp = ap->a_tdvp;
struct cnode *ndcp = VTOC(ndvp);
struct componentname *tcnp = ap->a_tcnp;
struct ucred *cred = fcnp->cn_cred;
kauth_cred_t cred = fcnp->cn_cred;
struct lwp *l = fcnp->cn_lwp;
/* true args */
int error;
@ -1402,7 +1404,7 @@ coda_mkdir(void *v)
struct componentname *cnp = ap->a_cnp;
struct vattr *va = ap->a_vap;
struct vnode **vpp = ap->a_vpp;
struct ucred *cred = cnp->cn_cred;
kauth_cred_t cred = cnp->cn_cred;
struct lwp *l = cnp->cn_lwp;
/* locals */
int error;
@ -1491,7 +1493,7 @@ coda_rmdir(void *v)
struct vnode *dvp = ap->a_dvp;
struct cnode *dcp = VTOC(dvp);
struct componentname *cnp = ap->a_cnp;
struct ucred *cred = cnp->cn_cred;
kauth_cred_t cred = cnp->cn_cred;
struct lwp *l = cnp->cn_lwp;
/* true args */
int error;
@ -1555,7 +1557,7 @@ coda_symlink(void *v)
struct componentname *cnp = ap->a_cnp;
struct vattr *tva = ap->a_vap;
char *path = ap->a_target;
struct ucred *cred = cnp->cn_cred;
kauth_cred_t cred = cnp->cn_cred;
struct lwp *l = cnp->cn_lwp;
/* locals */
int error;
@ -1645,7 +1647,7 @@ coda_readdir(void *v)
struct vnode *vp = ap->a_vp;
struct cnode *cp = VTOC(vp);
struct uio *uiop = ap->a_uio;
struct ucred *cred = ap->a_cred;
kauth_cred_t cred = ap->a_cred;
int *eofflag = ap->a_eofflag;
off_t **cookies = ap->a_cookies;
int *ncookies = ap->a_ncookies;
@ -1911,15 +1913,18 @@ print_vattr(struct vattr *attr)
/* How to print a ucred */
void
print_cred(struct ucred *cred)
print_cred(kauth_cred_t cred)
{
uint16_t ngroups;
int i;
myprintf(("ref %d\tuid %d\n",cred->cr_ref,cred->cr_uid));
myprintf(("ref %d\tuid %d\n", kauth_cred_getrefcnt(cred),
kauth_cred_geteuid(cred)));
for (i=0; i < cred->cr_ngroups; i++)
myprintf(("\tgroup %d: (%d)\n",i,cred->cr_groups[i]));
ngroups = kauth_cred_ngroups(cred);
for (i=0; i < ngroups; i++)
myprintf(("\tgroup %d: (%d)\n", i, kauth_cred_group(cred, i)));
myprintf(("\n"));
}
@ -1976,7 +1981,7 @@ coda_getpages(void *v)
struct vnode *vp = ap->a_vp;
struct cnode *cp = VTOC(vp);
struct lwp *l = curlwp;
struct ucred *cred = l->l_proc->p_ucred;
kauth_cred_t cred = l->l_proc->p_cred;
int error;
/* Check for control object. */

6
sys/coda/coda_vnops.h
View File

@ -1,4 +1,4 @@
/* $NetBSD: coda_vnops.h,v 1.12 2005/12/11 12:19:50 christos Exp $ */
/* $NetBSD: coda_vnops.h,v 1.13 2006/05/14 21:24:49 elad Exp $ */
/*
*
@ -81,8 +81,8 @@ int coda_putpages(void *);
int (**coda_vnodeop_p)(void *);
int coda_rdwr(struct vnode *vp, struct uio *uiop, enum uio_rw rw,
int ioflag, struct ucred *cred, struct lwp *l);
int ioflag, kauth_cred_t cred, struct lwp *l);
int coda_grab_vnode(dev_t dev, ino_t ino, struct vnode **vpp);
void print_vattr(struct vattr *attr);
void print_cred(struct ucred *cred);
void print_cred(kauth_cred_t cred);

8
sys/compat/common/compat_util.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: compat_util.c,v 1.30 2005/12/11 12:19:56 christos Exp $ */
/* $NetBSD: compat_util.c,v 1.31 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 1994 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: compat_util.c,v 1.30 2005/12/11 12:19:56 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: compat_util.c,v 1.31 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -170,10 +170,10 @@ emul_find(l, sgp, prefix, path, pbuf, sflag)
if ((error = namei(&ndroot)) != 0)
goto bad2;
if ((error = VOP_GETATTR(nd.ni_vp, &vat, p->p_ucred, l)) != 0)
if ((error = VOP_GETATTR(nd.ni_vp, &vat, p->p_cred, l)) != 0)
goto bad3;
if ((error = VOP_GETATTR(ndroot.ni_vp, &vatroot, p->p_ucred, l))
if ((error = VOP_GETATTR(ndroot.ni_vp, &vatroot, p->p_cred, l))
!= 0)
goto bad3;

7
sys/compat/common/kern_info_43.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_info_43.c,v 1.21 2005/12/11 12:19:56 christos Exp $ */
/* $NetBSD: kern_info_43.c,v 1.22 2006/05/14 21:24:49 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1991, 1993
@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_info_43.c,v 1.21 2005/12/11 12:19:56 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_info_43.c,v 1.22 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -49,6 +49,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_info_43.c,v 1.21 2005/12/11 12:19:56 christos E
#include <sys/syslog.h>
#include <sys/unistd.h>
#include <sys/resourcevar.h>
#include <sys/kauth.h>
#include <uvm/uvm_extern.h>
#include <sys/sysctl.h>
@ -288,7 +289,7 @@ compat_43_sys_sethostid(struct lwp *l, void *v, register_t *retval)
struct proc *p = l->l_proc;
int error;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
hostid = SCARG(uap, hostid);
return (0);

7
sys/compat/common/kern_sig_43.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_sig_43.c,v 1.21 2005/12/11 12:19:56 christos Exp $ */
/* $NetBSD: kern_sig_43.c,v 1.22 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 1998 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_sig_43.c,v 1.21 2005/12/11 12:19:56 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_sig_43.c,v 1.22 2006/05/14 21:24:49 elad Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@ -61,6 +61,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_sig_43.c,v 1.21 2005/12/11 12:19:56 christos Ex
#include <sys/syslog.h>
#include <sys/stat.h>
#include <sys/core.h>
#include <sys/kauth.h>
#include <sys/mount.h>
#include <sys/sa.h>
@ -277,6 +278,6 @@ compat_43_sys_killpg(struct lwp *l, void *v, register_t *retval)
ksi.ksi_signo = SCARG(uap, signum);
ksi.ksi_code = SI_USER;
ksi.ksi_pid = p->p_pid;
ksi.ksi_uid = p->p_ucred->cr_uid;
ksi.ksi_uid = kauth_cred_geteuid(p->p_cred);
return (killpg1(p, &ksi, SCARG(uap, pgid), 0));
}

7
sys/compat/common/kern_xxx_12.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_xxx_12.c,v 1.6 2005/12/11 12:19:56 christos Exp $ */
/* $NetBSD: kern_xxx_12.c,v 1.7 2006/05/14 21:24:49 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1993
@ -33,7 +33,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: kern_xxx_12.c,v 1.6 2005/12/11 12:19:56 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_xxx_12.c,v 1.7 2006/05/14 21:24:49 elad Exp $");
/*#ifdef COMPAT_12*/
@ -44,6 +44,7 @@ __KERNEL_RCSID(0, "$NetBSD: kern_xxx_12.c,v 1.6 2005/12/11 12:19:56 christos Exp
#include <sys/mount.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
#include <sys/kauth.h>
/* ARGSUSED */
int
@ -55,7 +56,7 @@ compat_12_sys_reboot(struct lwp *l, void *v, register_t *retval)
struct proc *p = l->l_proc;
int error;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
cpu_reboot(SCARG(uap, opt), NULL);
return (0);

7
sys/compat/common/vfs_syscalls_20.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_syscalls_20.c,v 1.7 2006/03/07 03:32:06 thorpej Exp $ */
/* $NetBSD: vfs_syscalls_20.c,v 1.8 2006/05/14 21:24:49 elad Exp $ */
/*
* Copyright (c) 1989, 1993
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_20.c,v 1.7 2006/03/07 03:32:06 thorpej Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_20.c,v 1.8 2006/05/14 21:24:49 elad Exp $");
#include "opt_compat_netbsd.h"
#include "opt_compat_43.h"
@ -59,6 +59,7 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_20.c,v 1.7 2006/03/07 03:32:06 thorpej
#include <sys/sysctl.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
#include <sys/kauth.h>
#include <compat/sys/mount.h>
@ -292,7 +293,7 @@ compat_20_sys_fhstatfs(l, v, retval)
/*
* Must be super user
*/
if ((error = suser(p->p_ucred, &p->p_acflag)))
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)))
return (error);
if ((error = copyin(SCARG(uap, fhp), &fh, sizeof(fhandle_t))) != 0)

8
sys/compat/common/vfs_syscalls_30.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_syscalls_30.c,v 1.8 2006/05/04 17:48:57 christos Exp $ */
/* $NetBSD: vfs_syscalls_30.c,v 1.9 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 2005 The NetBSD Foundation, Inc.
@ -36,7 +36,7 @@
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_30.c,v 1.8 2006/05/04 17:48:57 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_30.c,v 1.9 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -52,6 +52,7 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_30.c,v 1.8 2006/05/04 17:48:57 christos
#include <sys/uio.h>
#include <sys/dirent.h>
#include <sys/malloc.h>
#include <sys/kauth.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
@ -165,7 +166,8 @@ compat_30_sys_fhstat(struct lwp *l, void *v, register_t *retval)
/*
* Must be super user
*/
if ((error = suser(p->p_ucred, &p->p_acflag)))
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)))
return (error);
if ((error = copyin(SCARG(uap, fhp), &fh, sizeof(fhandle_t))) != 0)

14
sys/compat/darwin/darwin_attr.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: darwin_attr.c,v 1.9 2005/12/11 12:19:56 christos Exp $ */
/* $NetBSD: darwin_attr.c,v 1.10 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 2003 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: darwin_attr.c,v 1.9 2005/12/11 12:19:56 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: darwin_attr.c,v 1.10 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -127,7 +127,7 @@ darwin_sys_getattrlist(l, v, retval)
struct statfs12 f;
struct nameidata nd;
struct vnode *vp;
struct ucred *cred;
kauth_cred_t cred;
const char *path;
caddr_t sg = stackgap_init(p, 0);
int fl;
@ -198,9 +198,9 @@ darwin_sys_getattrlist(l, v, retval)
* vnode structure
*/
cred = crdup(p->p_ucred);
cred->cr_uid = p->p_cred->p_ruid;
cred->cr_gid = p->p_cred->p_rgid;
cred = kauth_cred_dup(p->p_cred);
kauth_cred_seteuid(cred, kauth_cred_getuid(p->p_cred));
kauth_cred_setegid(cred, kauth_cred_getgid(p->p_cred));
NDINIT(&nd, LOOKUP, follow | LOCKLEAF, UIO_USERSPACE, path, l);
if ((error = namei(&nd)) != 0)
@ -800,7 +800,7 @@ darwin_sys_getattrlist(l, v, retval)
out3:
vput(vp);
out2:
crfree(cred);
kauth_cred_free(cred);
free(tbuf, M_TEMP);
return error;

35
sys/compat/darwin/darwin_sysctl.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: darwin_sysctl.c,v 1.39 2006/03/01 12:38:12 yamt Exp $ */
/* $NetBSD: darwin_sysctl.c,v 1.40 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 2002 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: darwin_sysctl.c,v 1.39 2006/03/01 12:38:12 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: darwin_sysctl.c,v 1.40 2006/05/14 21:24:49 elad Exp $");
#include <sys/types.h>
#include <sys/param.h>
@ -700,12 +700,12 @@ again:
break;
case DARWIN_KERN_PROC_UID:
if (p->p_ucred->cr_uid != (uid_t)arg)
if (kauth_cred_geteuid(p->p_cred) != (uid_t)arg)
continue;
break;
case DARWIN_KERN_PROC_RUID:
if (p->p_cred->p_ruid != (uid_t)arg)
if (kauth_cred_getuid(p->p_cred) != (uid_t)arg)
continue;
break;
@ -813,16 +813,17 @@ darwin_fill_kproc(p, dkp)
/* (ptr) */ de->e_paddr = (struct darwin_proc *)p;
/* (ptr) */ de->e_sess =
(struct darwin_session *)p->p_session;
de->e_pcred.pc_ruid = p->p_cred->p_ruid;
de->e_pcred.pc_svuid = p->p_cred->p_svuid;
de->e_pcred.pc_rgid = p->p_cred->p_rgid;
de->e_pcred.pc_svgid = p->p_cred->p_svgid;
de->e_pcred.pc_refcnt = p->p_cred->p_refcnt;
de->e_ucred.cr_ref = p->p_ucred->cr_ref;
de->e_ucred.cr_uid = p->p_ucred->cr_uid;
de->e_ucred.cr_ngroups = p->p_ucred->cr_ngroups;
(void)memcpy(de->e_ucred.cr_groups,
p->p_ucred->cr_groups, sizeof(gid_t) * DARWIN_NGROUPS);
de->e_pcred.pc_ruid = kauth_cred_getuid(p->p_cred);
de->e_pcred.pc_svuid = kauth_cred_getsvuid(p->p_cred);
de->e_pcred.pc_rgid = kauth_cred_getgid(p->p_cred);
de->e_pcred.pc_svgid = kauth_cred_getsvgid(p->p_cred);
de->e_pcred.pc_refcnt = kauth_cred_getrefcnt(p->p_cred);
/* XXX elad ? de->e_ucred.cr_ref = p->p_ucred->cr_ref; */
/* XXX elad ? de->e_ucred.cr_ref = kauth_cred_getrefcnt(p->p_cred); */
de->e_ucred.cr_uid = kauth_cred_geteuid(p->p_cred);
de->e_ucred.cr_ngroups = kauth_cred_ngroups(p->p_cred);
kauth_cred_getgroups(p->p_cred, de->e_ucred.cr_groups,
sizeof(de->e_ucred.cr_groups) / sizeof(de->e_ucred.cr_groups[0]));
de->e_vm.vm_refcnt = p->p_vmspace->vm_refcnt;
de->e_vm.vm_rssize = p->p_vmspace->vm_rssize;
de->e_vm.vm_swrss = p->p_vmspace->vm_swrss;
@ -930,9 +931,9 @@ darwin_sysctl_procargs(SYSCTLFN_ARGS)
return (EINVAL);
/* only root or same user change look at the environment */
if (up->p_ucred->cr_uid != 0) {
if (up->p_cred->p_ruid != p->p_cred->p_ruid ||
up->p_cred->p_ruid != p->p_cred->p_svuid)
if (kauth_cred_geteuid(up->p_cred) != 0) {
if (kauth_cred_getuid(up->p_cred) != kauth_cred_getuid(p->p_cred) ||
kauth_cred_getuid(up->p_cred) != kauth_cred_getsvuid(p->p_cred))
return (EPERM);
}

53
sys/compat/freebsd/freebsd_sched.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: freebsd_sched.c,v 1.2 2003/01/18 07:33:16 thorpej Exp $ */
/* $NetBSD: freebsd_sched.c,v 1.3 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 1999 The NetBSD Foundation, Inc.
@ -42,13 +42,14 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: freebsd_sched.c,v 1.2 2003/01/18 07:33:16 thorpej Exp $");
__KERNEL_RCSID(0, "$NetBSD: freebsd_sched.c,v 1.3 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/mount.h>
#include <sys/proc.h>
#include <sys/systm.h>
#include <sys/syscallargs.h>
#include <sys/kauth.h>
#include <machine/cpu.h>
@ -91,16 +92,16 @@ freebsd_sys_sched_setparam(l, v, retval)
return error;
if (SCARG(uap, pid) != 0) {
struct pcred *pc = l->l_proc->p_cred;
kauth_cred_t pc = l->l_proc->p_cred;
if ((p = pfind(SCARG(uap, pid))) == NULL)
return ESRCH;
if (!(l->l_proc == p ||
pc->pc_ucred->cr_uid == 0 ||
pc->p_ruid == p->p_cred->p_ruid ||
pc->pc_ucred->cr_uid == p->p_cred->p_ruid ||
pc->p_ruid == p->p_ucred->cr_uid ||
pc->pc_ucred->cr_uid == p->p_ucred->cr_uid))
kauth_cred_geteuid(pc) == 0 ||
kauth_cred_getuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_getuid(pc) == kauth_cred_geteuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_geteuid(p->p_cred)))
return EPERM;
}
@ -128,16 +129,16 @@ freebsd_sys_sched_getparam(l, v, retval)
return EINVAL;
if (SCARG(uap, pid) != 0) {
struct pcred *pc = l->l_proc->p_cred;
kauth_cred_t pc = l->l_proc->p_cred;
if ((p = pfind(SCARG(uap, pid))) == NULL)
return ESRCH;
if (!(l->l_proc == p ||
pc->pc_ucred->cr_uid == 0 ||
pc->p_ruid == p->p_cred->p_ruid ||
pc->pc_ucred->cr_uid == p->p_cred->p_ruid ||
pc->p_ruid == p->p_ucred->cr_uid ||
pc->pc_ucred->cr_uid == p->p_ucred->cr_uid))
kauth_cred_geteuid(pc) == 0 ||
kauth_cred_getuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_getuid(pc) == kauth_cred_geteuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_geteuid(p->p_cred)))
return EPERM;
}
@ -171,16 +172,16 @@ freebsd_sys_sched_setscheduler(l, v, retval)
return error;
if (SCARG(uap, pid) != 0) {
struct pcred *pc = l->l_proc->p_cred;
kauth_cred_t pc = l->l_proc->p_cred;
if ((p = pfind(SCARG(uap, pid))) == NULL)
return ESRCH;
if (!(l->l_proc == p ||
pc->pc_ucred->cr_uid == 0 ||
pc->p_ruid == p->p_cred->p_ruid ||
pc->pc_ucred->cr_uid == p->p_cred->p_ruid ||
pc->p_ruid == p->p_ucred->cr_uid ||
pc->pc_ucred->cr_uid == p->p_ucred->cr_uid))
kauth_cred_geteuid(pc) == 0 ||
kauth_cred_getuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_getuid(pc) == kauth_cred_geteuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_geteuid(p->p_cred)))
return EPERM;
}
@ -210,16 +211,16 @@ freebsd_sys_sched_getscheduler(l, v, retval)
* We only check for valid parameters and return afterwards.
*/
if (SCARG(uap, pid) != 0) {
struct pcred *pc = l->l_proc->p_cred;
kauth_cred_t pc = l->l_proc->p_cred;
if ((p = pfind(SCARG(uap, pid))) == NULL)
return ESRCH;
if (!(l->l_proc == p ||
pc->pc_ucred->cr_uid == 0 ||
pc->p_ruid == p->p_cred->p_ruid ||
pc->pc_ucred->cr_uid == p->p_cred->p_ruid ||
pc->p_ruid == p->p_ucred->cr_uid ||
pc->pc_ucred->cr_uid == p->p_ucred->cr_uid))
kauth_cred_geteuid(pc) == 0 ||
kauth_cred_getuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_getuid(pc) == kauth_cred_geteuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_geteuid(p->p_cred)))
return EPERM;
}

2
sys/compat/freebsd/freebsd_syscallargs.h
View File

@ -1,4 +1,4 @@
/* $NetBSD: freebsd_syscallargs.h,v 1.64 2006/05/04 17:50:28 christos Exp $ */
/* $NetBSD: freebsd_syscallargs.h,v 1.65 2006/05/14 21:24:49 elad Exp $ */
/*
* System call argument lists.

47
sys/compat/hpux/hpux_compat.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: hpux_compat.c,v 1.73 2005/12/11 12:20:02 christos Exp $ */
/* $NetBSD: hpux_compat.c,v 1.74 2006/05/14 21:24:49 elad Exp $ */
/*
* Copyright (c) 1990, 1993
@ -82,7 +82,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: hpux_compat.c,v 1.73 2005/12/11 12:20:02 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: hpux_compat.c,v 1.74 2006/05/14 21:24:49 elad Exp $");
#if defined(_KERNEL_OPT)
#include "opt_sysv.h"
@ -545,7 +545,7 @@ hpux_sys_ulimit(l, v, retval)
case 2:
SCARG(uap, newlimit) *= 512;
if (SCARG(uap, newlimit) > limp->rlim_max &&
(error = suser(p->p_ucred, &p->p_acflag)))
(error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)))
break;
limp->rlim_cur = limp->rlim_max = SCARG(uap, newlimit);
/* else fall into... */
@ -936,7 +936,8 @@ hpux_sys_getpgrp2(lp, v, retval)
p = pfind(SCARG(uap, pid));
if (p == 0)
return (ESRCH);
if (cp->p_ucred->cr_uid && p->p_ucred->cr_uid != cp->p_ucred->cr_uid &&
if (kauth_cred_geteuid(cp->p_cred) &&
kauth_cred_geteuid(p->p_cred) != kauth_cred_geteuid(cp->p_cred) &&
!inferior(p, cp))
return (EPERM);
*retval = p->p_pgid;
@ -1050,19 +1051,20 @@ hpux_sys_getaccess(l, v, retval)
struct hpux_sys_getaccess_args *uap = v;
int lgroups[NGROUPS];
int error = 0;
struct ucred *cred;
kauth_cred_t cred;
struct vnode *vp;
struct nameidata nd;
gid_t gid;
/*
* Build an appropriate credential structure
*/
cred = crdup(p->p_ucred);
cred = kauth_cred_dup(p->p_cred);
switch (SCARG(uap, uid)) {
case 65502: /* UID_EUID */
break;
case 65503: /* UID_RUID */
cred->cr_uid = p->p_cred->p_ruid;
kauth_cred_seteuid(cred, kauth_cred_getuid(p->p_cred));
break;
case 65504: /* UID_SUID */
error = EINVAL;
@ -1070,29 +1072,31 @@ hpux_sys_getaccess(l, v, retval)
default:
if (SCARG(uap, uid) > 65504)
error = EINVAL;
cred->cr_uid = SCARG(uap, uid);
kauth_cred_seteuid(cred, SCARG(uap, uid));
break;
}
switch (SCARG(uap, ngroups)) {
case -1: /* NGROUPS_EGID */
cred->cr_ngroups = 1;
gid = kauth_cred_getegid(cred);
kauth_cred_setgroups(cred, &gid, 1, -1);
break;
case -5: /* NGROUPS_EGID_SUPP */
break;
case -2: /* NGROUPS_RGID */
cred->cr_ngroups = 1;
cred->cr_gid = p->p_cred->p_rgid;
kauth_cred_setegid(cred, kauth_cred_getgid(p->p_cred));
gid = kauth_cred_geteuid(gid);
kauth_cred_setgroups(cred, &gid, 1, -1);
break;
case -6: /* NGROUPS_RGID_SUPP */
cred->cr_gid = p->p_cred->p_rgid;
kauth_cred_setegid(cred, kauth_cred_getgid(p->p_cred));
break;
case -3: /* NGROUPS_SGID */
case -7: /* NGROUPS_SGID_SUPP */
error = EINVAL;
break;
case -4: /* NGROUPS_SUPP */
if (cred->cr_ngroups > 1)
cred->cr_gid = cred->cr_groups[1];
if (kauth_cred_ngroups(cred) > 1)
kauth_cred_setegid(cred, kauth_cred_group(cred, 1));
else
error = EINVAL;
break;
@ -1104,13 +1108,8 @@ hpux_sys_getaccess(l, v, retval)
sizeof(lgroups[0]));
else
error = EINVAL;
if (error == 0) {
int gid;
for (gid = 0; gid < SCARG(uap, ngroups); gid++)
cred->cr_groups[gid] = lgroups[gid];
cred->cr_ngroups = SCARG(uap, ngroups);
}
if (error == 0)
kauth_cred_setgroups(cred, lgroups, ngroups, -1);
break;
}
/*
@ -1122,7 +1121,7 @@ hpux_sys_getaccess(l, v, retval)
error = namei(&nd);
}
if (error) {
crfree(cred);
kauth_cred_free(cred);
return (error);
}
/*
@ -1137,7 +1136,7 @@ hpux_sys_getaccess(l, v, retval)
if (VOP_ACCESS(vp, VEXEC, cred, l) == 0)
*retval |= X_OK;
vput(vp);
crfree(cred);
kauth_cred_free(cred);
return (error);
}
@ -1203,7 +1202,7 @@ hpux_sys_stime_6x(l, v, retval)
tv.tv_sec = SCARG(uap, time);
tv.tv_usec = 0;
if ((error = suser(p->p_ucred, &p->p_acflag)))
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)))
return (error);
/* WHAT DO WE DO ABOUT PENDING REAL-TIME TIMEOUTS??? */

10
sys/compat/ibcs2/ibcs2_exec_coff.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: ibcs2_exec_coff.c,v 1.15 2005/12/11 12:20:02 christos Exp $ */
/* $NetBSD: ibcs2_exec_coff.c,v 1.16 2006/05/14 21:24:49 elad Exp $ */
/*
* Copyright (c) 1994, 1995, 1998 Scott Bartram
@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: ibcs2_exec_coff.c,v 1.15 2005/12/11 12:20:02 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: ibcs2_exec_coff.c,v 1.16 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -332,7 +332,7 @@ coff_find_section(l, vp, fp, sh, s_type)
for (i = 0; i < fp->f_nscns; i++, pos += sizeof(struct coff_scnhdr)) {
siz = sizeof(struct coff_scnhdr);
error = vn_rdwr(UIO_READ, vp, (caddr_t) sh,
siz, pos, UIO_SYSSPACE, IO_NODELOCKED, l->l_proc->p_ucred,
siz, pos, UIO_SYSSPACE, IO_NODELOCKED, l->l_proc->p_cred,
&resid, NULL);
if (error) {
DPRINTF(("section hdr %d read error %d\n", i, error));
@ -460,7 +460,7 @@ exec_ibcs2_coff_prep_zmagic(l, epp, fp, ap)
error = vn_rdwr(UIO_READ, epp->ep_vp, tbuf,
len, sh.s_scnptr,
UIO_SYSSPACE, IO_NODELOCKED, l->l_proc->p_ucred,
UIO_SYSSPACE, IO_NODELOCKED, l->l_proc->p_cred,
&resid, NULL);
if (error) {
DPRINTF(("shlib section read error %d\n", error));
@ -553,7 +553,7 @@ coff_load_shlib(l, path, epp)
siz = sizeof(struct coff_filehdr);
error = vn_rdwr(UIO_READ, nd.ni_vp, (caddr_t) fhp, siz, 0,
UIO_SYSSPACE, IO_NODELOCKED, p->p_ucred, &resid, l);
UIO_SYSSPACE, IO_NODELOCKED, p->p_cred, &resid, l);
if (error) {
DPRINTF(("filehdr read error %d\n", error));
vrele(nd.ni_vp);

6
sys/compat/ibcs2/ibcs2_exec_xout.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: ibcs2_exec_xout.c,v 1.11 2005/12/11 12:20:02 christos Exp $ */
/* $NetBSD: ibcs2_exec_xout.c,v 1.12 2006/05/14 21:24:49 elad Exp $ */
/*
* Copyright (c) 1994, 1995, 1998 Scott Bartram
@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: ibcs2_exec_xout.c,v 1.11 2005/12/11 12:20:02 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: ibcs2_exec_xout.c,v 1.12 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -124,7 +124,7 @@ exec_ibcs2_xout_prep_nmagic(l, epp, xp, xep)
xs = (struct xseg *)malloc(segsize, M_TEMP, M_WAITOK);
error = vn_rdwr(UIO_READ, epp->ep_vp, (caddr_t)xs,
segsize, xep->xe_segpos,
UIO_SYSSPACE, IO_NODELOCKED, l->l_proc->p_ucred,
UIO_SYSSPACE, IO_NODELOCKED, l->l_proc->p_cred,
&resid, NULL);
if (error) {
DPRINTF(("segment table read error %d\n", error));

7
sys/compat/ibcs2/ibcs2_fcntl.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: ibcs2_fcntl.c,v 1.20 2005/12/11 12:20:02 christos Exp $ */
/* $NetBSD: ibcs2_fcntl.c,v 1.21 2006/05/14 21:24:49 elad Exp $ */
/*
* Copyright (c) 1995 Scott Bartram
@ -28,7 +28,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: ibcs2_fcntl.c,v 1.20 2005/12/11 12:20:02 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: ibcs2_fcntl.c,v 1.21 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -43,6 +43,7 @@ __KERNEL_RCSID(0, "$NetBSD: ibcs2_fcntl.c,v 1.20 2005/12/11 12:20:02 christos Ex
#include <sys/sa.h>
#include <sys/syscallargs.h>
#include <sys/vnode.h>
#include <sys/kauth.h>
#include <compat/ibcs2/ibcs2_types.h>
#include <compat/ibcs2/ibcs2_fcntl.h>
@ -250,7 +251,7 @@ ibcs2_sys_eaccess(l, v, retval)
syscallarg(int) flags;
} */ *uap = v;
struct proc *p = l->l_proc;
struct ucred *cred = p->p_ucred;
kauth_cred_t cred = p->p_cred;
struct vnode *vp;
int error, flags;
struct nameidata nd;

9
sys/compat/ibcs2/ibcs2_misc.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: ibcs2_misc.c,v 1.77 2006/03/01 12:38:12 yamt Exp $ */
/* $NetBSD: ibcs2_misc.c,v 1.78 2006/05/14 21:24:49 elad Exp $ */
/*
* Copyright (c) 1992, 1993
@ -95,7 +95,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: ibcs2_misc.c,v 1.77 2006/03/01 12:38:12 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: ibcs2_misc.c,v 1.78 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -123,6 +123,7 @@ __KERNEL_RCSID(0, "$NetBSD: ibcs2_misc.c,v 1.77 2006/03/01 12:38:12 yamt Exp $")
#include <sys/wait.h>
#include <sys/utsname.h>
#include <sys/unistd.h>
#include <sys/kauth.h>
#include <netinet/in.h>
#include <sys/sa.h>
@ -1207,7 +1208,7 @@ ibcs2_sys_plock(l, v, retval)
#define IBCS2_DATALOCK 4
if (suser(p->p_ucred, &p->p_acflag) != 0)
if (kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag) != 0)
return EPERM;
switch(SCARG(uap, cmd)) {
case IBCS2_UNLOCK:
@ -1252,7 +1253,7 @@ ibcs2_sys_uadmin(l, v, retval)
#define SCO_AD_GETCMAJ 1
/* XXX: is this the right place for this call? */
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
switch(SCARG(uap, cmd)) {

6
sys/compat/irix/irix_fcntl.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: irix_fcntl.c,v 1.14 2005/12/11 12:20:12 christos Exp $ */
/* $NetBSD: irix_fcntl.c,v 1.15 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 2001-2002 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: irix_fcntl.c,v 1.14 2005/12/11 12:20:12 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: irix_fcntl.c,v 1.15 2006/05/14 21:24:49 elad Exp $");
#include <sys/types.h>
#include <sys/signal.h>
@ -267,7 +267,7 @@ fd_truncate(l, fd, whence, start, retval)
break;
case SEEK_END:
if ((error = VOP_GETATTR(vp, &vattr, p->p_ucred, l)) != 0)
if ((error = VOP_GETATTR(vp, &vattr, p->p_cred, l)) != 0)
return error;
SCARG(&ft, length) = vattr.va_size + start;
break;

6
sys/compat/irix/irix_ioctl.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: irix_ioctl.c,v 1.8 2005/12/11 12:20:12 christos Exp $ */
/* $NetBSD: irix_ioctl.c,v 1.9 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 2002 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: irix_ioctl.c,v 1.8 2005/12/11 12:20:12 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: irix_ioctl.c,v 1.9 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/proc.h>
@ -171,7 +171,7 @@ out:
error = EINVAL;
break;
case VBLK:
error = VOP_GETATTR(vp, &vattr, p->p_ucred, l);
error = VOP_GETATTR(vp, &vattr, p->p_cred, l);
if (error == 0) {
val = vattr.va_blocksize / 512;
error = copyout(&val, data, sizeof(int));

10
sys/compat/irix/irix_mman.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: irix_mman.c,v 1.10 2005/12/11 12:20:12 christos Exp $ */
/* $NetBSD: irix_mman.c,v 1.11 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 2002 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: irix_mman.c,v 1.10 2005/12/11 12:20:12 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: irix_mman.c,v 1.11 2006/05/14 21:24:49 elad Exp $");
#if defined(_KERNEL_OPT)
#include "opt_sysv.h"
@ -199,17 +199,17 @@ irix_mmap(l, addr, len, prot, flags, fd, pos, retval)
goto out;
}
if ((error = VOP_GETATTR(vp, &vattr, p->p_ucred, l)) != 0)
if ((error = VOP_GETATTR(vp, &vattr, p->p_cred, l)) != 0)
goto out;
if (pos + len > vattr.va_size) {
VATTR_NULL(&vattr);
vattr.va_size = round_page(pos + len);
VOP_LEASE(vp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_cred, LEASE_WRITE);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
error = VOP_SETATTR(vp, &vattr, p->p_ucred, l);
error = VOP_SETATTR(vp, &vattr, p->p_cred, l);
VOP_UNLOCK(vp, 0);
}

12
sys/compat/irix/irix_mount.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: irix_mount.c,v 1.10 2005/12/11 12:20:12 christos Exp $ */
/* $NetBSD: irix_mount.c,v 1.11 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 2001 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: irix_mount.c,v 1.10 2005/12/11 12:20:12 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: irix_mount.c,v 1.11 2006/05/14 21:24:49 elad Exp $");
#include <sys/types.h>
#include <sys/signal.h>
@ -68,7 +68,7 @@ irix_sys_getmountid(l, v, retval)
} */ *uap = v;
struct proc *p = l->l_proc;
caddr_t sg = stackgap_init(p, 0);
struct ucred *cred;
kauth_cred_t cred;
struct vnode *vp;
int error = 0;
struct nameidata nd;
@ -77,9 +77,9 @@ irix_sys_getmountid(l, v, retval)
CHECK_ALT_EXIST(l, &sg, SCARG(uap, path));
cred = crdup(p->p_ucred);
cred->cr_uid = p->p_cred->p_ruid;
cred->cr_gid = p->p_cred->p_rgid;
cred = kauth_cred_dup(p->p_cred);
kauth_cred_seteuid(cred, kauth_cred_getuid(p->p_cred));
kauth_cred_setegid(cred, kauth_cred_getgid(p->p_cred));
/* Get the vnode for the requested path */
NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE,

37
sys/compat/irix/irix_prctl.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: irix_prctl.c,v 1.29 2006/03/20 13:14:37 drochner Exp $ */
/* $NetBSD: irix_prctl.c,v 1.30 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 2001-2002 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: irix_prctl.c,v 1.29 2006/03/20 13:14:37 drochner Exp $");
__KERNEL_RCSID(0, "$NetBSD: irix_prctl.c,v 1.30 2006/05/14 21:24:49 elad Exp $");
#include <sys/errno.h>
#include <sys/types.h>
@ -172,7 +172,7 @@ irix_sys_prctl(l, v, retval)
pid_t pid = (pid_t)SCARG(uap, arg1);
struct irix_emuldata *ied;
struct proc *target;
struct pcred *pc;
kauth_cred_t pc;
if (pid == 0)
pid = p->p_pid;
@ -184,11 +184,11 @@ irix_sys_prctl(l, v, retval)
return 0;
pc = p->p_cred;
if (!(pc->pc_ucred->cr_uid == 0 || \
pc->p_ruid == target->p_cred->p_ruid || \
pc->pc_ucred->cr_uid == target->p_cred->p_ruid || \
pc->p_ruid == target->p_ucred->cr_uid || \
pc->pc_ucred->cr_uid == target->p_ucred->cr_uid))
if (!(kauth_cred_geteuid(pc) == 0 || \
kauth_cred_getuid(pc) == kauth_cred_getuid(target->p_cred) || \
kauth_cred_geteuid(pc) == kauth_cred_getuid(target->p_cred) || \
kauth_cred_getuid(pc) == kauth_cred_geteuid(target->p_cred) || \
kauth_cred_geteuid(pc) == kauth_cred_geteuid(target->p_cred)))
return EPERM;
ied = (struct irix_emuldata *)(target->p_emuldata);
@ -422,7 +422,7 @@ irix_sproc_child(isc)
struct proc *parent = lparent->l_proc;
struct frame *tf = (struct frame *)l2->l_md.md_regs;
struct frame *ptf = (struct frame *)lparent->l_md.md_regs;
struct pcred *pc;
kauth_cred_t pc;
struct plimit *pl;
struct irix_emuldata *ied;
struct irix_emuldata *parent_ied;
@ -486,12 +486,9 @@ irix_sproc_child(isc)
*/
if (inh & IRIX_PR_SID) {
pc = p2->p_cred;
parent->p_cred->p_refcnt++;
kauth_cred_hold(parent->p_cred);
p2->p_cred = parent->p_cred;
if (--pc->p_refcnt == 0) {
crfree(pc->pc_ucred);
pool_put(&pcred_pool, pc);
}
kauth_cred_free(pc);
}
/*
@ -572,7 +569,7 @@ irix_sys_procblk(l, v, retval)
struct irix_emuldata *iedp;
struct irix_share_group *isg;
struct proc *target;
struct pcred *pc;
kauth_cred_t pc;
int oldcount;
struct lwp *ied_lwp;
int error, last_error;
@ -584,11 +581,11 @@ irix_sys_procblk(l, v, retval)
/* May we stop it? */
pc = p->p_cred;
if (!(pc->pc_ucred->cr_uid == 0 || \
pc->p_ruid == target->p_cred->p_ruid || \
pc->pc_ucred->cr_uid == target->p_cred->p_ruid || \
pc->p_ruid == target->p_ucred->cr_uid || \
pc->pc_ucred->cr_uid == target->p_ucred->cr_uid))
if (!(kauth_cred_geteuid(pc) == 0 || \
kauth_cred_getuid(pc) == kauth_cred_getuid(target->p_cred) || \
kauth_cred_geteuid(pc) == kauth_cred_getuid(target->p_cred) || \
kauth_cred_getuid(pc) == kauth_cred_geteuid(target->p_cred) || \
kauth_cred_geteuid(pc) == kauth_cred_geteuid(target->p_cred)))
return EPERM;
/* Is it an IRIX process? */

10
sys/compat/irix/irix_usema.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: irix_usema.c,v 1.14 2005/12/11 12:20:12 christos Exp $ */
/* $NetBSD: irix_usema.c,v 1.15 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 2002 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: irix_usema.c,v 1.14 2005/12/11 12:20:12 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: irix_usema.c,v 1.15 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -180,7 +180,7 @@ irix_usema_ioctl(v)
u_long a_command;
caddr_t a_data;
int a_fflag;
struct ucred *a_cred;
kauth_cred_t a_cred;
struct lwp *a_l;
} */ *ap = v;
u_long cmd = ap->a_command;
@ -299,7 +299,7 @@ irix_usema_close(v)
struct vop_close_args /* {
struct vnode *a_vp;
int a_fflag;
struct ucred *a_cred;
kauth_cred_t a_cred;
struct lwp *a_l;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
@ -343,7 +343,7 @@ irix_usema_setattr(v)
struct vop_setattr_args /* {
struct vnode *a_vp;
struct vattr *a_vap;
struct ucred *a_cred;
kauth_cred_t a_cred;
struct lwp *a_l;
} */ *ap = v;
struct vnode *vp = (struct vnode *)(ap->a_vp->v_data);

6
sys/compat/linux/arch/alpha/linux_machdep.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_machdep.c,v 1.32 2005/12/11 12:20:12 christos Exp $ */
/* $NetBSD: linux_machdep.c,v 1.33 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 1998 The NetBSD Foundation, Inc.
@ -42,7 +42,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_machdep.c,v 1.32 2005/12/11 12:20:12 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_machdep.c,v 1.33 2006/05/14 21:24:49 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -185,7 +185,7 @@ setup_linux_rt_sigframe(struct trapframe *tf, int sig, const sigset_t *mask)
sigframe.info.lsi_signo = sig;
sigframe.info.lsi_code = LINUX_SI_USER;
sigframe.info.lsi_pid = p->p_pid;
sigframe.info.lsi_uid = p->p_ucred->cr_uid; /* Use real uid here? */
sigframe.info.lsi_uid = kauth_cred_geteuid(p->p_cred); /* Use real uid here? */
if (copyout((caddr_t)&sigframe, (caddr_t)sfp, fsize) != 0) {
#ifdef DEBUG

12
sys/compat/linux/arch/amd64/linux_exec_machdep.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_exec_machdep.c,v 1.5 2005/12/16 14:16:14 christos Exp $ */
/* $NetBSD: linux_exec_machdep.c,v 1.6 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 2005 Emmanuel Dreyfus, all rights reserved
@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_exec_machdep.c,v 1.5 2005/12/16 14:16:14 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_exec_machdep.c,v 1.6 2006/05/14 21:24:49 elad Exp $");
#ifdef __amd64__
#define ELFSIZE 64
@ -206,17 +206,17 @@ ELFNAME2(linux,copyargs)(l, pack, arginfo, stackp, argp)
esd.ai[i].a_type = LINUX_AT_EGID;
esd.ai[i++].a_v =
((vap->va_mode & S_ISGID) ? vap->va_gid : p->p_ucred->cr_gid);
((vap->va_mode & S_ISGID) ? vap->va_gid : kauth_cred_getegid(p->p_cred));
esd.ai[i].a_type = LINUX_AT_GID;
esd.ai[i++].a_v = p->p_cred->p_rgid;
esd.ai[i++].a_v = kauth_cred_getgid(p->p_cred);
esd.ai[i].a_type = LINUX_AT_EUID;
esd.ai[i++].a_v =
((vap->va_mode & S_ISUID) ? vap->va_uid : p->p_ucred->cr_uid);
((vap->va_mode & S_ISUID) ? vap->va_uid : kauth_cred_geteuid(p->p_cred));
esd.ai[i].a_type = LINUX_AT_UID;
esd.ai[i++].a_v = p->p_cred->p_ruid;
esd.ai[i++].a_v = kauth_cred_getuid(p->p_cred);
esd.ai[i].a_type = LINUX_AT_SECURE;
esd.ai[i++].a_v = 0;

10
sys/compat/linux/arch/i386/linux_machdep.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_machdep.c,v 1.112 2005/12/11 12:20:14 christos Exp $ */
/* $NetBSD: linux_machdep.c,v 1.113 2006/05/14 21:24:49 elad Exp $ */
/*-
* Copyright (c) 1995, 2000 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_machdep.c,v 1.112 2005/12/11 12:20:14 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_machdep.c,v 1.113 2006/05/14 21:24:49 elad Exp $");
#if defined(_KERNEL_OPT)
#include "opt_vm86.h"
@ -69,6 +69,8 @@ __KERNEL_RCSID(0, "$NetBSD: linux_machdep.c,v 1.112 2005/12/11 12:20:14 christos
#include <sys/disklabel.h>
#include <sys/ioctl.h>
#include <sys/wait.h>
#include <sys/kauth.h>
#include <miscfs/specfs/specdev.h>
#include <compat/linux/common/linux_types.h>
@ -1139,7 +1141,7 @@ linux_sys_iopl(l, v, retval)
struct proc *p = l->l_proc;
struct trapframe *fp = l->l_md.md_regs;
if (suser(p->p_ucred, &p->p_acflag) != 0)
if (kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag) != 0)
return EPERM;
fp->tf_eflags |= PSL_IOPL;
*retval = 0;
@ -1164,7 +1166,7 @@ linux_sys_ioperm(l, v, retval)
struct proc *p = l->l_proc;
struct trapframe *fp = l->l_md.md_regs;
if (suser(p->p_ucred, &p->p_acflag) != 0)
if (kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag) != 0)
return EPERM;
if (SCARG(uap, val))
fp->tf_eflags |= PSL_IOPL;

8
sys/compat/linux/arch/m68k/linux_machdep.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_machdep.c,v 1.25 2005/12/24 22:59:39 perry Exp $ */
/* $NetBSD: linux_machdep.c,v 1.26 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 1998 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_machdep.c,v 1.25 2005/12/24 22:59:39 perry Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_machdep.c,v 1.26 2006/05/14 21:24:50 elad Exp $");
#define COMPAT_LINUX 1
@ -405,7 +405,7 @@ setup_linux_rt_sigframe(frame, sig, mask, usp, l)
kf.sf_info.lsi_signo = sig;
kf.sf_info.lsi_code = LINUX_SI_USER;
kf.sf_info.lsi_pid = p->p_pid;
kf.sf_info.lsi_uid = p->p_ucred->cr_uid; /* Use real uid here? */
kf.sf_info.lsi_uid = kauth_cred_geteuid(p->p_cred); /* Use real uid here? */
/* Build the signal context to be used by sigreturn. */
native_to_linux_sigset(&kf.sf_uc.uc_sigmask, mask);
@ -847,7 +847,7 @@ linux_sys_cacheflush(l, v, retval)
* LINUX_FLUSH_SCOPE_ALL (flush whole cache) is limited to super users.
*/
if (scope == LINUX_FLUSH_SCOPE_ALL) {
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return error;
#if defined(M68040) || defined(M68060)
/* entire cache */

6
sys/compat/linux/arch/mips/linux_machdep.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_machdep.c,v 1.24 2005/12/11 12:20:16 christos Exp $ */
/* $NetBSD: linux_machdep.c,v 1.25 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 1995, 2000, 2001 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_machdep.c,v 1.24 2005/12/11 12:20:16 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_machdep.c,v 1.25 2006/05/14 21:24:50 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -428,7 +428,7 @@ linux_sys_sysmips(l, v, retval)
int name[2];
size_t len;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return error;
if ((error = copyinstr((char *)SCARG(uap, arg1), nodename,
LINUX___NEW_UTS_LEN, &len)) != 0)

12
sys/compat/linux/arch/powerpc/linux_exec_powerpc.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_exec_powerpc.c,v 1.17 2005/12/11 12:20:16 christos Exp $ */
/* $NetBSD: linux_exec_powerpc.c,v 1.18 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 2001 The NetBSD Foundation, Inc.
@ -48,7 +48,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_exec_powerpc.c,v 1.17 2005/12/11 12:20:16 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_exec_powerpc.c,v 1.18 2006/05/14 21:24:50 elad Exp $");
#if defined (__alpha__)
#define ELFSIZE 64
@ -128,19 +128,19 @@ ELFNAME2(linux,copyargs)(l, pack, arginfo, stackp, argp)
* Why can't we use them too?
*/
a->a_type = LINUX_AT_EGID;
a->a_v = p->p_ucred->cr_gid;
a->a_v = kauth_cred_getegid(p->p_cred);
a++;
a->a_type = LINUX_AT_GID;
a->a_v = p->p_cred->p_rgid;
a->a_v = kauth_cred_getgid(p->p_cred);
a++;
a->a_type = LINUX_AT_EUID;
a->a_v = p->p_ucred->cr_uid;
a->a_v = kauth_cred_geteuid(p->p_cred);
a++;
a->a_type = LINUX_AT_UID;
a->a_v = p->p_cred->p_ruid;
a->a_v = kauth_cred_getuid(p->p_cred);
a++;
#endif

13
sys/compat/linux/common/linux_exec_elf32.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_exec_elf32.c,v 1.71 2006/02/09 19:18:56 manu Exp $ */
/* $NetBSD: linux_exec_elf32.c,v 1.72 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 1995, 1998, 2000, 2001 The NetBSD Foundation, Inc.
@ -42,7 +42,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_exec_elf32.c,v 1.71 2006/02/09 19:18:56 manu Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_exec_elf32.c,v 1.72 2006/05/14 21:24:50 elad Exp $");
#ifndef ELFSIZE
/* XXX should die */
@ -60,6 +60,7 @@ __KERNEL_RCSID(0, "$NetBSD: linux_exec_elf32.c,v 1.71 2006/02/09 19:18:56 manu E
#include <sys/exec.h>
#include <sys/exec_elf.h>
#include <sys/stat.h>
#include <sys/kauth.h>
#include <sys/mman.h>
#include <sys/sa.h>
@ -397,25 +398,25 @@ ELFNAME2(linux,copyargs)(struct lwp *l, struct exec_package *pack,
vap = pack->ep_vap;
a->a_type = LINUX_AT_UID;
a->a_v = p->p_cred->p_ruid;
a->a_v = kauth_cred_getuid(p->p_cred);
a++;
a->a_type = LINUX_AT_EUID;
if (vap->va_mode & S_ISUID)
a->a_v = vap->va_uid;
else
a->a_v = p->p_ucred->cr_uid;
a->a_v = kauth_cred_geteuid(p->p_cred);
a++;
a->a_type = LINUX_AT_GID;
a->a_v = p->p_cred->p_rgid;
a->a_v = kauth_cred_getgid(p->p_cred);
a++;
a->a_type = LINUX_AT_EGID;
if (vap->va_mode & S_ISGID)
a->a_v = vap->va_gid;
else
a->a_v = p->p_ucred->cr_gid;
a->a_v = kauth_cred_getegid(p->p_cred);
a++;
a->a_type = AT_NULL;

6
sys/compat/linux/common/linux_file.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_file.c,v 1.71 2005/12/11 12:20:19 christos Exp $ */
/* $NetBSD: linux_file.c,v 1.72 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 1995, 1998 The NetBSD Foundation, Inc.
@ -42,7 +42,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_file.c,v 1.71 2005/12/11 12:20:19 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_file.c,v 1.72 2006/05/14 21:24:50 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -443,7 +443,7 @@ linux_sys_fcntl(l, v, retval)
break;
}
error = VOP_GETATTR(vp, &va, p->p_ucred, l);
error = VOP_GETATTR(vp, &va, p->p_cred, l);
FILE_UNUSE(fp, l);

6
sys/compat/linux/common/linux_file64.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_file64.c,v 1.32 2006/03/01 12:38:12 yamt Exp $ */
/* $NetBSD: linux_file64.c,v 1.33 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 1995, 1998, 2000 The NetBSD Foundation, Inc.
@ -41,7 +41,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_file64.c,v 1.32 2006/03/01 12:38:12 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_file64.c,v 1.33 2006/05/14 21:24:50 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -440,7 +440,7 @@ linux_sys_getdents64(l, v, retval)
goto out1;
}
if ((error = VOP_GETATTR(vp, &va, p->p_ucred, l)))
if ((error = VOP_GETATTR(vp, &va, p->p_cred, l)))
goto out1;
nbytes = SCARG(uap, count);

6
sys/compat/linux/common/linux_ioctl.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_ioctl.c,v 1.43 2005/12/11 12:20:19 christos Exp $ */
/* $NetBSD: linux_ioctl.c,v 1.44 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 1995, 1998 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_ioctl.c,v 1.43 2005/12/11 12:20:19 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_ioctl.c,v 1.44 2006/05/14 21:24:50 elad Exp $");
#if defined(_KERNEL_OPT)
#include "sequencer.h"
@ -136,7 +136,7 @@ linux_sys_ioctl(l, v, retval)
if (fp->f_type == DTYPE_VNODE &&
(vp = (struct vnode *)fp->f_data) != NULL &&
vp->v_type == VCHR &&
VOP_GETATTR(vp, &va, p->p_ucred, l) == 0 &&
VOP_GETATTR(vp, &va, p->p_cred, l) == 0 &&
cdevsw_lookup(va.va_rdev) == &sequencer_cdevsw) {
error = oss_ioctl_sequencer(l, (void*)LINUX_TO_OSS(uap),
retval);

32
sys/compat/linux/common/linux_misc.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_misc.c,v 1.153 2006/05/10 11:05:34 yamt Exp $ */
/* $NetBSD: linux_misc.c,v 1.154 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 1995, 1998, 1999 The NetBSD Foundation, Inc.
@ -64,7 +64,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_misc.c,v 1.153 2006/05/10 11:05:34 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_misc.c,v 1.154 2006/05/14 21:24:50 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -95,6 +95,7 @@ __KERNEL_RCSID(0, "$NetBSD: linux_misc.c,v 1.153 2006/05/10 11:05:34 yamt Exp $"
#include <sys/unistd.h>
#include <sys/swap.h> /* for SWAP_ON */
#include <sys/sysctl.h> /* for KERN_DOMAINNAME */
#include <sys/kauth.h>
#include <sys/ptrace.h>
#include <machine/ptrace.h>
@ -859,7 +860,7 @@ linux_sys_getdents(l, v, retval)
goto out1;
}
if ((error = VOP_GETATTR(vp, &va, p->p_ucred, l)))
if ((error = VOP_GETATTR(vp, &va, p->p_cred, l)))
goto out1;
nbytes = SCARG(uap, count);
@ -1244,7 +1245,7 @@ linux_sys_getgroups16(l, v, retval)
struct sys_getgroups_args bsa;
gid_t *bset, *kbset;
linux_gid_t *lset;
struct pcred *pc = p->p_cred;
kauth_cred_t pc = p->p_cred;
n = SCARG(uap, gidsetsize);
if (n < 0)
@ -1253,7 +1254,7 @@ linux_sys_getgroups16(l, v, retval)
bset = kbset = NULL;
lset = NULL;
if (n > 0) {
n = min(pc->pc_ucred->cr_ngroups, n);
n = min(kauth_cred_ngroups(pc), n);
sg = stackgap_init(p, 0);
bset = stackgap_alloc(p, &sg, n * sizeof (gid_t));
kbset = malloc(n * sizeof (gid_t), M_TEMP, M_WAITOK);
@ -1276,7 +1277,7 @@ linux_sys_getgroups16(l, v, retval)
error = copyout(lset, SCARG(uap, gidset),
n * sizeof (linux_gid_t));
} else
*retval = pc->pc_ucred->cr_ngroups;
*retval = kauth_cred_ngroups(pc);
out:
if (kbset != NULL)
free(kbset, M_TEMP);
@ -1356,7 +1357,7 @@ linux_sys_setfsuid(l, v, retval)
uid_t uid;
uid = SCARG(uap, uid);
if (p->p_cred->p_ruid != uid)
if (kauth_cred_getuid(p->p_cred) != uid)
return sys_nosys(l, v, retval);
else
return (0);
@ -1411,8 +1412,9 @@ linux_sys_getresuid(l, v, retval)
syscallarg(uid_t *) suid;
} */ *uap = v;
struct proc *p = l->l_proc;
struct pcred *pc = p->p_cred;
kauth_cred_t pc = p->p_cred;
int error;
uid_t uid;
/*
* Linux copies these values out to userspace like so:
@ -1421,15 +1423,17 @@ linux_sys_getresuid(l, v, retval)
* 2. If that succeeds, copy out euid.
* 3. If both of those succeed, copy out suid.
*/
if ((error = copyout(&pc->p_ruid, SCARG(uap, ruid),
sizeof(uid_t))) != 0)
uid = kauth_cred_getuid(pc);
if ((error = copyout(&uid, SCARG(uap, ruid), sizeof(uid_t))) != 0)
return (error);
if ((error = copyout(&pc->pc_ucred->cr_uid, SCARG(uap, euid),
sizeof(uid_t))) != 0)
uid = kauth_cred_geteuid(pc);
if ((error = copyout(&uid, SCARG(uap, euid), sizeof(uid_t))) != 0)
return (error);
return (copyout(&pc->p_svuid, SCARG(uap, suid), sizeof(uid_t)));
uid = kauth_cred_getsvuid(pc);
return (copyout(&uid, SCARG(uap, suid), sizeof(uid_t)));
}
int
@ -1508,7 +1512,7 @@ linux_sys_reboot(struct lwp *l, void *v, register_t *retval)
struct proc *p = l->l_proc;
int error;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return(error);
if (SCARG(uap, magic1) != LINUX_REBOOT_MAGIC1)

22
sys/compat/linux/common/linux_misc_notalpha.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_misc_notalpha.c,v 1.78 2006/05/10 11:05:34 yamt Exp $ */
/* $NetBSD: linux_misc_notalpha.c,v 1.79 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 1995, 1998 The NetBSD Foundation, Inc.
@ -38,7 +38,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_misc_notalpha.c,v 1.78 2006/05/10 11:05:34 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_misc_notalpha.c,v 1.79 2006/05/14 21:24:50 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -54,6 +54,7 @@ __KERNEL_RCSID(0, "$NetBSD: linux_misc_notalpha.c,v 1.78 2006/05/10 11:05:34 yam
#include <sys/resourcevar.h>
#include <sys/time.h>
#include <sys/wait.h>
#include <sys/kauth.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
@ -360,8 +361,9 @@ linux_sys_getresgid(l, v, retval)
syscallarg(gid_t *) sgid;
} */ *uap = v;
struct proc *p = l->l_proc;
struct pcred *pc = p->p_cred;
kauth_cred_t pc = p->p_cred;
int error;
gid_t gid;
/*
* Linux copies these values out to userspace like so:
@ -370,15 +372,17 @@ linux_sys_getresgid(l, v, retval)
* 2. If that succeeds, copy out egid.
* 3. If both of those succeed, copy out sgid.
*/
if ((error = copyout(&pc->p_rgid, SCARG(uap, rgid),
sizeof(gid_t))) != 0)
gid = kauth_cred_getgid(pc);
if ((error = copyout(&gid, SCARG(uap, rgid), sizeof(gid_t))) != 0)
return (error);
if ((error = copyout(&pc->pc_ucred->cr_gid, SCARG(uap, egid),
sizeof(gid_t))) != 0)
gid = kauth_cred_getegid(pc);
if ((error = copyout(&gid, SCARG(uap, egid), sizeof(gid_t))) != 0)
return (error);
return (copyout(&pc->p_svgid, SCARG(uap, sgid), sizeof(gid_t)));
gid = kauth_cred_getsvgid(pc);
return (copyout(&gid, SCARG(uap, sgid), sizeof(gid_t)));
}
#ifndef __amd64__
@ -400,7 +404,7 @@ linux_sys_stime(l, v, retval)
linux_time_t tt;
int error;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
if ((error = copyin(&tt, SCARG(uap, t), sizeof tt)) != 0)

53
sys/compat/linux/common/linux_sched.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_sched.c,v 1.29 2005/11/29 22:31:59 jdolecek Exp $ */
/* $NetBSD: linux_sched.c,v 1.30 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 1999 The NetBSD Foundation, Inc.
@ -42,7 +42,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_sched.c,v 1.29 2005/11/29 22:31:59 jdolecek Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_sched.c,v 1.30 2006/05/14 21:24:50 elad Exp $");
#include <sys/param.h>
#include <sys/mount.h>
@ -53,6 +53,7 @@ __KERNEL_RCSID(0, "$NetBSD: linux_sched.c,v 1.29 2005/11/29 22:31:59 jdolecek Ex
#include <sys/sa.h>
#include <sys/syscallargs.h>
#include <sys/wait.h>
#include <sys/kauth.h>
#include <machine/cpu.h>
@ -198,16 +199,16 @@ linux_sys_sched_setparam(cl, v, retval)
return error;
if (SCARG(uap, pid) != 0) {
struct pcred *pc = cp->p_cred;
kauth_cred_t pc = cp->p_cred;
if ((p = pfind(SCARG(uap, pid))) == NULL)
return ESRCH;
if (!(cp == p ||
pc->pc_ucred->cr_uid == 0 ||
pc->p_ruid == p->p_cred->p_ruid ||
pc->pc_ucred->cr_uid == p->p_cred->p_ruid ||
pc->p_ruid == p->p_ucred->cr_uid ||
pc->pc_ucred->cr_uid == p->p_ucred->cr_uid))
kauth_cred_geteuid(pc) == 0 ||
kauth_cred_getuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_getuid(pc) == kauth_cred_geteuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_geteuid(p->p_cred)))
return EPERM;
}
@ -235,16 +236,16 @@ linux_sys_sched_getparam(cl, v, retval)
return EINVAL;
if (SCARG(uap, pid) != 0) {
struct pcred *pc = cp->p_cred;
kauth_cred_t pc = cp->p_cred;
if ((p = pfind(SCARG(uap, pid))) == NULL)
return ESRCH;
if (!(cp == p ||
pc->pc_ucred->cr_uid == 0 ||
pc->p_ruid == p->p_cred->p_ruid ||
pc->pc_ucred->cr_uid == p->p_cred->p_ruid ||
pc->p_ruid == p->p_ucred->cr_uid ||
pc->pc_ucred->cr_uid == p->p_ucred->cr_uid))
kauth_cred_geteuid(pc) == 0 ||
kauth_cred_getuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_getuid(pc) == kauth_cred_geteuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_geteuid(p->p_cred)))
return EPERM;
}
@ -280,16 +281,16 @@ linux_sys_sched_setscheduler(cl, v, retval)
return error;
if (SCARG(uap, pid) != 0) {
struct pcred *pc = cp->p_cred;
kauth_cred_t pc = cp->p_cred;
if ((p = pfind(SCARG(uap, pid))) == NULL)
return ESRCH;
if (!(cp == p ||
pc->pc_ucred->cr_uid == 0 ||
pc->p_ruid == p->p_cred->p_ruid ||
pc->pc_ucred->cr_uid == p->p_cred->p_ruid ||
pc->p_ruid == p->p_ucred->cr_uid ||
pc->pc_ucred->cr_uid == p->p_ucred->cr_uid))
kauth_cred_geteuid(pc) == 0 ||
kauth_cred_getuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_getuid(pc) == kauth_cred_geteuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_geteuid(p->p_cred)))
return EPERM;
}
@ -320,16 +321,16 @@ linux_sys_sched_getscheduler(cl, v, retval)
*/
if (SCARG(uap, pid) != 0) {
struct pcred *pc = cp->p_cred;
kauth_cred_t pc = cp->p_cred;
if ((p = pfind(SCARG(uap, pid))) == NULL)
return ESRCH;
if (!(cp == p ||
pc->pc_ucred->cr_uid == 0 ||
pc->p_ruid == p->p_cred->p_ruid ||
pc->pc_ucred->cr_uid == p->p_cred->p_ruid ||
pc->p_ruid == p->p_ucred->cr_uid ||
pc->pc_ucred->cr_uid == p->p_ucred->cr_uid))
kauth_cred_geteuid(pc) == 0 ||
kauth_cred_getuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_getuid(p->p_cred) ||
kauth_cred_getuid(pc) == kauth_cred_geteuid(p->p_cred) ||
kauth_cred_geteuid(pc) == kauth_cred_geteuid(p->p_cred)))
return EPERM;
}

8
sys/compat/linux/common/linux_socket.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_socket.c,v 1.61 2006/05/12 01:58:55 mrg Exp $ */
/* $NetBSD: linux_socket.c,v 1.62 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 1995, 1998 The NetBSD Foundation, Inc.
@ -42,7 +42,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.61 2006/05/12 01:58:55 mrg Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.62 2006/05/14 21:24:50 elad Exp $");
#if defined(_KERNEL_OPT)
#include "opt_inet.h"
@ -74,6 +74,7 @@ __KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.61 2006/05/12 01:58:55 mrg Exp $"
#include <sys/mbuf.h>
#include <sys/syslog.h>
#include <sys/exec.h>
#include <sys/kauth.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
@ -1529,8 +1530,7 @@ linux_sa_get(l, s, sgp, sap, osa, osalen)
!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr))) {
sin6->sin6_scope_id = 0;
} else {
int uid = p->p_cred && p->p_ucred ?
p->p_ucred->cr_uid : -1;
int uid = p->p_cred ? kauth_cred_geteuid(p->p_cred) : -1;
log(LOG_DEBUG,
"pid %d (%s), uid %d: obsolete pre-RFC2553 "

6
sys/compat/linux/common/linux_uselib.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux_uselib.c,v 1.14 2005/12/11 12:20:19 christos Exp $ */
/* $NetBSD: linux_uselib.c,v 1.15 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 1995, 1998 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux_uselib.c,v 1.14 2005/12/11 12:20:19 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux_uselib.c,v 1.15 2006/05/14 21:24:50 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -118,7 +118,7 @@ linux_sys_uselib(l, v, retval)
vp = ni.ni_vp;
if ((error = vn_rdwr(UIO_READ, vp, (caddr_t) &hdr, LINUX_AOUT_HDR_SIZE,
0, UIO_SYSSPACE, IO_NODELOCKED, p->p_ucred,
0, UIO_SYSSPACE, IO_NODELOCKED, p->p_cred,
&rem, NULL))) {
vrele(vp);
return error;

12
sys/compat/linux32/common/linux32_exec_elf32.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux32_exec_elf32.c,v 1.1 2006/02/09 19:18:57 manu Exp $ */
/* $NetBSD: linux32_exec_elf32.c,v 1.2 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 1995, 1998, 2000, 2001,2006 The NetBSD Foundation, Inc.
@ -38,7 +38,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux32_exec_elf32.c,v 1.1 2006/02/09 19:18:57 manu Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux32_exec_elf32.c,v 1.2 2006/05/14 21:24:50 elad Exp $");
#define ELFSIZE 32
@ -218,17 +218,17 @@ linux32_elf32_copyargs(struct lwp *l, struct exec_package *pack,
esd.ai[i].a_type = LINUX_AT_EGID;
esd.ai[i++].a_v =
((vap->va_mode & S_ISGID) ? vap->va_gid : p->p_ucred->cr_gid);
((vap->va_mode & S_ISGID) ? vap->va_gid : kauth_cred_getegid(p->p_cred));
esd.ai[i].a_type = LINUX_AT_GID;
esd.ai[i++].a_v = p->p_cred->p_rgid;
esd.ai[i++].a_v = kauth_cred_getgid(p->p_cred);
esd.ai[i].a_type = LINUX_AT_EUID;
esd.ai[i++].a_v =
((vap->va_mode & S_ISUID) ? vap->va_uid : p->p_ucred->cr_uid);
((vap->va_mode & S_ISUID) ? vap->va_uid : kauth_cred_geteuid(p->p_cred));
esd.ai[i].a_type = LINUX_AT_UID;
esd.ai[i++].a_v = p->p_cred->p_ruid;
esd.ai[i++].a_v = kauth_cred_getuid(p->p_cred);
esd.ai[i].a_type = LINUX_AT_SECURE;
esd.ai[i++].a_v = 0;

6
sys/compat/linux32/common/linux32_misc.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux32_misc.c,v 1.1 2006/02/09 19:18:57 manu Exp $ */
/* $NetBSD: linux32_misc.c,v 1.2 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 2006 Emmanuel Dreyfus, all rights reserved.
@ -33,7 +33,7 @@
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux32_misc.c,v 1.1 2006/02/09 19:18:57 manu Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux32_misc.c,v 1.2 2006/05/14 21:24:50 elad Exp $");
#include <sys/types.h>
#include <sys/param.h>
@ -1382,7 +1382,7 @@ linux32_sys_stime(l, v, retval)
linux32_time_t tt32;
int error;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return error;
if ((error = copyin(&tt32,

6
sys/compat/linux32/common/linux32_time.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: linux32_time.c,v 1.2 2006/02/24 06:39:47 manu Exp $ */
/* $NetBSD: linux32_time.c,v 1.3 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 2006 Emmanuel Dreyfus, all rights reserved.
@ -33,7 +33,7 @@
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: linux32_time.c,v 1.2 2006/02/24 06:39:47 manu Exp $");
__KERNEL_RCSID(0, "$NetBSD: linux32_time.c,v 1.3 2006/05/14 21:24:50 elad Exp $");
#include <sys/types.h>
#include <sys/param.h>
@ -201,7 +201,7 @@ linux32_sys_stime(l, v, retval)
linux32_time_t tt32;
int error;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return error;
if ((error = copyin(&tt32,

8
sys/compat/mach/mach_task.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: mach_task.c,v 1.56 2006/03/07 03:32:06 thorpej Exp $ */
/* $NetBSD: mach_task.c,v 1.57 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 2002-2003 The NetBSD Foundation, Inc.
@ -39,7 +39,7 @@
#include "opt_compat_darwin.h"
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: mach_task.c,v 1.56 2006/03/07 03:32:06 thorpej Exp $");
__KERNEL_RCSID(0, "$NetBSD: mach_task.c,v 1.57 2006/05/14 21:24:50 elad Exp $");
#include <sys/types.h>
#include <sys/param.h>
@ -681,9 +681,9 @@ mach_sys_task_for_pid(l, v, retval)
return ESRCH;
/* Allowed only if the UID match, if setuid, or if superuser */
if ((t->p_cred->p_ruid != p->p_cred->p_ruid ||
if ((kauth_cred_getuid(t->p_cred) != kauth_cred_getuid(p->p_cred) ||
ISSET(t->p_flag, P_SUGID)) &&
(error = suser(p->p_ucred, &p->p_acflag)) != 0)
(error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
/* This will only work on a Mach process */

2
sys/compat/ndis/subr_pe.c
View File

@ -35,7 +35,7 @@
__FBSDID("$FreeBSD: src/sys/compat/ndis/subr_pe.c,v 1.7.2.3 2005/03/31 04:24:36 wpaul Exp $");
#endif
#ifdef __NetBSD__
__KERNEL_RCSID(0, "$NetBSD: subr_pe.c,v 1.3 2006/03/31 00:03:57 rittera Exp $");
__KERNEL_RCSID(0, "$NetBSD: subr_pe.c,v 1.4 2006/05/14 21:24:50 elad Exp $");
#endif

8
sys/compat/netbsd32/netbsd32_compat_30.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: netbsd32_compat_30.c,v 1.6 2006/05/05 13:31:30 cube Exp $ */
/* $NetBSD: netbsd32_compat_30.c,v 1.7 2006/05/14 21:24:50 elad Exp $ */
/*
* Copyright (c) 1998, 2001 Matthew R. Green
@ -29,7 +29,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: netbsd32_compat_30.c,v 1.6 2006/05/05 13:31:30 cube Exp $");
__KERNEL_RCSID(0, "$NetBSD: netbsd32_compat_30.c,v 1.7 2006/05/14 21:24:50 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -50,6 +50,7 @@ __KERNEL_RCSID(0, "$NetBSD: netbsd32_compat_30.c,v 1.6 2006/05/05 13:31:30 cube
#include <sys/syscallargs.h>
#include <sys/proc.h>
#include <sys/dirent.h>
#include <sys/kauth.h>
#include <compat/netbsd32/netbsd32.h>
#include <compat/netbsd32/netbsd32_syscallargs.h>
@ -216,7 +217,8 @@ compat_30_netbsd32_fhstat(l, v, retval)
/*
* Must be super user
*/
if ((error = suser(p->p_ucred, &p->p_acflag)))
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)))
return (error);
if ((error = copyin(NETBSD32PTR64(SCARG(uap, fhp)), &fh,

13
sys/compat/netbsd32/netbsd32_exec_elf32.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: netbsd32_exec_elf32.c,v 1.24 2005/12/27 00:36:00 cube Exp $ */
/* $NetBSD: netbsd32_exec_elf32.c,v 1.25 2006/05/14 21:24:50 elad Exp $ */
/* from: NetBSD: exec_aout.c,v 1.15 1996/09/26 23:34:46 cgd Exp */
/*
@ -59,7 +59,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: netbsd32_exec_elf32.c,v 1.24 2005/12/27 00:36:00 cube Exp $");
__KERNEL_RCSID(0, "$NetBSD: netbsd32_exec_elf32.c,v 1.25 2006/05/14 21:24:50 elad Exp $");
#define ELFSIZE 32
@ -73,6 +73,7 @@ __KERNEL_RCSID(0, "$NetBSD: netbsd32_exec_elf32.c,v 1.24 2005/12/27 00:36:00 cub
#include <sys/resourcevar.h>
#include <sys/signal.h>
#include <sys/signalvar.h>
#include <sys/kauth.h>
#include <compat/netbsd32/netbsd32.h>
#include <compat/netbsd32/netbsd32_exec.h>
@ -180,19 +181,19 @@ netbsd32_elf32_copyargs(struct lwp *l, struct exec_package *pack,
a++;
a->a_type = AT_EUID;
a->a_v = p->p_ucred->cr_uid;
a->a_v = kauth_cred_geteuid(p->p_cred);
a++;
a->a_type = AT_RUID;
a->a_v = p->p_cred->p_ruid;
a->a_v = kauth_cred_getuid(p->p_cred);
a++;
a->a_type = AT_EGID;
a->a_v = p->p_ucred->cr_gid;
a->a_v = kauth_cred_getegid(p->p_cred);
a++;
a->a_type = AT_RGID;
a->a_v = p->p_cred->p_rgid;
a->a_v = kauth_cred_getgid(p->p_cred);
a++;
free((char *)ap, M_TEMP);

14
sys/compat/netbsd32/netbsd32_fs.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: netbsd32_fs.c,v 1.26 2006/05/05 13:31:30 cube Exp $ */
/* $NetBSD: netbsd32_fs.c,v 1.27 2006/05/14 21:24:50 elad Exp $ */
/*
* Copyright (c) 1998, 2001 Matthew R. Green
@ -29,7 +29,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: netbsd32_fs.c,v 1.26 2006/05/05 13:31:30 cube Exp $");
__KERNEL_RCSID(0, "$NetBSD: netbsd32_fs.c,v 1.27 2006/05/14 21:24:50 elad Exp $");
#if defined(_KERNEL_OPT)
#include "opt_ktrace.h"
@ -54,6 +54,7 @@ __KERNEL_RCSID(0, "$NetBSD: netbsd32_fs.c,v 1.26 2006/05/05 13:31:30 cube Exp $"
#include <sys/syscallargs.h>
#include <sys/proc.h>
#include <sys/dirent.h>
#include <sys/kauth.h>
#include <compat/netbsd32/netbsd32.h>
#include <compat/netbsd32/netbsd32_syscallargs.h>
@ -365,13 +366,13 @@ change_utimes32(vp, tptr, l)
netbsd32_to_timeval(&tv32[0], &tv[0]);
netbsd32_to_timeval(&tv32[1], &tv[1]);
}
VOP_LEASE(vp, l, p->p_ucred, LEASE_WRITE);
VOP_LEASE(vp, l, p->p_cred, LEASE_WRITE);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
vattr.va_atime.tv_sec = tv[0].tv_sec;
vattr.va_atime.tv_nsec = tv[0].tv_usec * 1000;
vattr.va_mtime.tv_sec = tv[1].tv_sec;
vattr.va_mtime.tv_nsec = tv[1].tv_usec * 1000;
error = VOP_SETATTR(vp, &vattr, p->p_ucred, l);
error = VOP_SETATTR(vp, &vattr, p->p_cred, l);
VOP_UNLOCK(vp, 0);
return (error);
}
@ -556,7 +557,7 @@ netbsd32_fhstatvfs1(l, v, retval)
/*
* Must be super user
*/
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return error;
if ((error = copyin((caddr_t)NETBSD32PTR64(SCARG(uap, fhp)), &fh,
@ -790,7 +791,8 @@ int netbsd32_sys___fhstat30(l, v, retval)
/*
* Must be super user
*/
if ((error = suser(p->p_ucred, &p->p_acflag)))
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag)))
return (error);
if ((error = copyin(NETBSD32PTR64(SCARG(uap, fhp)), &fh,

21
sys/compat/netbsd32/netbsd32_netbsd.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: netbsd32_netbsd.c,v 1.103 2006/05/11 00:59:10 mrg Exp $ */
/* $NetBSD: netbsd32_netbsd.c,v 1.104 2006/05/14 21:24:50 elad Exp $ */
/*
* Copyright (c) 1998, 2001 Matthew R. Green
@ -29,7 +29,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: netbsd32_netbsd.c,v 1.103 2006/05/11 00:59:10 mrg Exp $");
__KERNEL_RCSID(0, "$NetBSD: netbsd32_netbsd.c,v 1.104 2006/05/14 21:24:50 elad Exp $");
#if defined(_KERNEL_OPT)
#include "opt_ddb.h"
@ -75,6 +75,7 @@ __KERNEL_RCSID(0, "$NetBSD: netbsd32_netbsd.c,v 1.103 2006/05/11 00:59:10 mrg Ex
#include <sys/filedesc.h>
#include <sys/namei.h>
#include <sys/dirent.h>
#include <sys/kauth.h>
#include <uvm/uvm_extern.h>
@ -967,21 +968,25 @@ netbsd32_getgroups(l, v, retval)
syscallarg(int) gidsetsize;
syscallarg(netbsd32_gid_tp) gidset;
} */ *uap = v;
struct pcred *pc = l->l_proc->p_cred;
kauth_cred_t pc = l->l_proc->p_cred;
int ngrp;
int error;
gid_t *grbuf;
ngrp = SCARG(uap, gidsetsize);
if (ngrp == 0) {
*retval = pc->pc_ucred->cr_ngroups;
*retval = kauth_cred_ngroups(pc);
return (0);
}
if (ngrp < pc->pc_ucred->cr_ngroups)
if (ngrp < kauth_cred_ngroups(pc))
return (EINVAL);
ngrp = pc->pc_ucred->cr_ngroups;
ngrp = kauth_cred_ngroups(pc);
/* Should convert gid_t to netbsd32_gid_t, but they're the same */
error = copyout((caddr_t)pc->pc_ucred->cr_groups,
(caddr_t)NETBSD32PTR64(SCARG(uap, gidset)), ngrp * sizeof(gid_t));
grbuf = malloc(ngrp * sizeof(*grbuf), M_TEMP, M_WAITOK);
kauth_cred_getgroups(pc, grbuf, ngrp);
error = copyout(grbuf, (caddr_t)NETBSD32PTR64(SCARG(uap, gidset)),
ngrp * sizeof(*grbuf));
free(grbuf, M_TEMP);
if (error)
return (error);
*retval = ngrp;

13
sys/compat/netbsd32/netbsd32_time.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: netbsd32_time.c,v 1.19 2006/02/17 15:44:17 he Exp $ */
/* $NetBSD: netbsd32_time.c,v 1.20 2006/05/14 21:24:50 elad Exp $ */
/*
* Copyright (c) 1998, 2001 Matthew R. Green
@ -29,7 +29,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: netbsd32_time.c,v 1.19 2006/02/17 15:44:17 he Exp $");
__KERNEL_RCSID(0, "$NetBSD: netbsd32_time.c,v 1.20 2006/05/14 21:24:50 elad Exp $");
#if defined(_KERNEL_OPT)
#include "opt_ntp.h"
@ -45,6 +45,7 @@ __KERNEL_RCSID(0, "$NetBSD: netbsd32_time.c,v 1.19 2006/02/17 15:44:17 he Exp $"
#include <sys/pool.h>
#include <sys/resourcevar.h>
#include <sys/dirent.h>
#include <sys/kauth.h>
#include <compat/netbsd32/netbsd32.h>
#include <compat/netbsd32/netbsd32_syscallargs.h>
@ -195,7 +196,7 @@ netbsd32_ntp_adjtime(l, v, retval)
* the assumption the superuser should know what it is doing.
*/
modes = ntv.modes;
if (modes != 0 && (error = suser(p->p_ucred, &p->p_acflag)))
if (modes != 0 && (error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)))
return (error);
s = splclock();
@ -407,7 +408,7 @@ netbsd32_settimeofday(l, v, retval)
struct proc *p = l->l_proc;
/* Verify all parameters before changing time. */
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return error;
/*
@ -447,7 +448,7 @@ netbsd32_adjtime(l, v, retval)
extern long bigadj, timedelta;
extern int tickdelta;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
error = copyin((caddr_t)NETBSD32PTR64(SCARG(uap, delta)), &atv,
@ -532,7 +533,7 @@ netbsd32_clock_settime(l, v, retval)
int error;
struct proc *p = l->l_proc;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
clock_id = SCARG(uap, clock_id);

8
sys/compat/osf1/osf1_exec_ecoff.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: osf1_exec_ecoff.c,v 1.12 2005/12/11 12:20:23 christos Exp $ */
/* $NetBSD: osf1_exec_ecoff.c,v 1.13 2006/05/14 21:24:50 elad Exp $ */
/*
* Copyright (c) 1999 Christopher G. Demetriou. All rights reserved.
@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: osf1_exec_ecoff.c,v 1.12 2005/12/11 12:20:23 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: osf1_exec_ecoff.c,v 1.13 2006/05/14 21:24:50 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -237,7 +237,7 @@ osf1_exec_ecoff_dynamic(struct lwp *l, struct exec_package *epp)
goto badunlock;
}
if ((error = VOP_ACCESS(ldr_vp, VEXEC, p->p_ucred, l)) != 0)
if ((error = VOP_ACCESS(ldr_vp, VEXEC, p->p_cred, l)) != 0)
goto badunlock;
if (ldr_vp->v_mount->mnt_flag & MNT_NOEXEC) {
@ -258,7 +258,7 @@ osf1_exec_ecoff_dynamic(struct lwp *l, struct exec_package *epp)
* read the header, and make sure we got all of it.
*/
if ((error = vn_rdwr(UIO_READ, ldr_vp, (caddr_t)&ldr_exechdr,
sizeof ldr_exechdr, 0, UIO_SYSSPACE, 0, p->p_ucred,
sizeof ldr_exechdr, 0, UIO_SYSSPACE, 0, p->p_cred,
&resid, NULL)) != 0)
goto bad;
if (resid != 0) {

6
sys/compat/ossaudio/ossaudio.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: ossaudio.c,v 1.50 2006/03/04 11:17:08 xtraeme Exp $ */
/* $NetBSD: ossaudio.c,v 1.51 2006/05/14 21:24:50 elad Exp $ */
/*-
* Copyright (c) 1997 The NetBSD Foundation, Inc.
@ -34,7 +34,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: ossaudio.c,v 1.50 2006/03/04 11:17:08 xtraeme Exp $");
__KERNEL_RCSID(0, "$NetBSD: ossaudio.c,v 1.51 2006/05/14 21:24:50 elad Exp $");
#include <sys/param.h>
#include <sys/proc.h>
@ -643,7 +643,7 @@ getdevinfo(fp, l)
vp = (struct vnode *)fp->f_data;
if (vp->v_type != VCHR)
return 0;
if (VOP_GETATTR(vp, &va, p->p_ucred, l))
if (VOP_GETATTR(vp, &va, p->p_cred, l))
return 0;
if (di->done && di->dev == va.va_rdev)
return di;

8
sys/compat/pecoff/pecoff_exec.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: pecoff_exec.c,v 1.30 2006/05/11 17:17:00 mrg Exp $ */
/* $NetBSD: pecoff_exec.c,v 1.31 2006/05/14 21:25:21 elad Exp $ */
/*
* Copyright (c) 2000 Masaru OKI
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: pecoff_exec.c,v 1.30 2006/05/11 17:17:00 mrg Exp $");
__KERNEL_RCSID(0, "$NetBSD: pecoff_exec.c,v 1.31 2006/05/14 21:25:21 elad Exp $");
/*#define DEBUG_PECOFF*/
@ -195,11 +195,11 @@ pecoff_load_file(l, epp, path, vcset, entry, argp)
error = EACCES;
goto badunlock;
}
if ((error = VOP_ACCESS(vp, VEXEC, l->l_proc->p_ucred, l)) != 0)
if ((error = VOP_ACCESS(vp, VEXEC, l->l_proc->p_cred, l)) != 0)
goto badunlock;
/* get attributes */
if ((error = VOP_GETATTR(vp, &attr, l->l_proc->p_ucred, l)) != 0)
if ((error = VOP_GETATTR(vp, &attr, l->l_proc->p_cred, l)) != 0)
goto badunlock;
/*

6
sys/compat/sunos/sunos_misc.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: sunos_misc.c,v 1.136 2006/03/01 12:38:12 yamt Exp $ */
/* $NetBSD: sunos_misc.c,v 1.137 2006/05/14 21:25:21 elad Exp $ */
/*
* Copyright (c) 1992, 1993
@ -50,7 +50,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: sunos_misc.c,v 1.136 2006/03/01 12:38:12 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: sunos_misc.c,v 1.137 2006/05/14 21:25:21 elad Exp $");
#if defined(_KERNEL_OPT)
#include "opt_nfsserver.h"
@ -1259,7 +1259,7 @@ sunos_sys_reboot(l, v, retval)
int error, bsd_howto, sun_howto;
char *bootstr;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
/*

7
sys/compat/sunos32/sunos32_misc.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: sunos32_misc.c,v 1.36 2006/03/01 12:38:12 yamt Exp $ */
/* $NetBSD: sunos32_misc.c,v 1.37 2006/05/14 21:25:21 elad Exp $ */
/* from :NetBSD: sunos_misc.c,v 1.107 2000/12/01 19:25:10 jdolecek Exp */
/*
@ -79,7 +79,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: sunos32_misc.c,v 1.36 2006/03/01 12:38:12 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: sunos32_misc.c,v 1.37 2006/05/14 21:25:21 elad Exp $");
#define COMPAT_SUNOS 1
@ -123,6 +123,7 @@ __KERNEL_RCSID(0, "$NetBSD: sunos32_misc.c,v 1.36 2006/03/01 12:38:12 yamt Exp $
#include <sys/socketvar.h>
#include <sys/exec.h>
#include <sys/swap.h>
#include <sys/kauth.h>
#include <compat/netbsd32/netbsd32.h>
#include <compat/netbsd32/netbsd32_syscallargs.h>
@ -1562,7 +1563,7 @@ sunos32_sys_reboot(l, v, retval)
int error, bsd_howto, sun_howto;
char *bootstr;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
/*

13
sys/compat/svr4/svr4_fcntl.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: svr4_fcntl.c,v 1.48 2005/12/11 12:20:26 christos Exp $ */
/* $NetBSD: svr4_fcntl.c,v 1.49 2006/05/14 21:25:21 elad Exp $ */
/*-
* Copyright (c) 1994, 1997 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: svr4_fcntl.c,v 1.48 2005/12/11 12:20:26 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: svr4_fcntl.c,v 1.49 2006/05/14 21:25:21 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -51,6 +51,7 @@ __KERNEL_RCSID(0, "$NetBSD: svr4_fcntl.c,v 1.48 2005/12/11 12:20:26 christos Exp
#include <sys/mount.h>
#include <sys/malloc.h>
#include <sys/vnode.h>
#include <sys/kauth.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
@ -285,11 +286,11 @@ fd_revoke(l, fd, retval)
goto out;
}
if ((error = VOP_GETATTR(vp, &vattr, p->p_ucred, l)) != 0)
if ((error = VOP_GETATTR(vp, &vattr, p->p_cred, l)) != 0)
goto out;
if (p->p_ucred->cr_uid != vattr.va_uid &&
(error = suser(p->p_ucred, &p->p_acflag)) != 0)
if (kauth_cred_geteuid(p->p_cred) != vattr.va_uid &&
(error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
goto out;
if ((error = vn_start_write(vp, &mp, V_WAIT | V_PCATCH)) != 0)
@ -330,7 +331,7 @@ fd_truncate(l, fd, flp, retval)
if (fp->f_type != DTYPE_VNODE || vp->v_type == VFIFO)
return ESPIPE;
if ((error = VOP_GETATTR(vp, &vattr, p->p_ucred, l)) != 0)
if ((error = VOP_GETATTR(vp, &vattr, p->p_cred, l)) != 0)
return error;
length = vattr.va_size;

4
sys/compat/svr4/svr4_sysent.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: svr4_sysent.c,v 1.76 2006/04/02 06:34:18 macallan Exp $ */
/* $NetBSD: svr4_sysent.c,v 1.77 2006/05/14 21:25:21 elad Exp $ */
/*
* System call switch table.
@ -8,7 +8,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: svr4_sysent.c,v 1.76 2006/04/02 06:34:18 macallan Exp $");
__KERNEL_RCSID(0, "$NetBSD: svr4_sysent.c,v 1.77 2006/05/14 21:25:21 elad Exp $");
#if defined(_KERNEL_OPT)
#include "opt_ntp.h"

12
sys/compat/svr4_32/svr4_32_exec_elf32.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: svr4_32_exec_elf32.c,v 1.14 2005/12/11 12:20:26 christos Exp $ */
/* $NetBSD: svr4_32_exec_elf32.c,v 1.15 2006/05/14 21:25:21 elad Exp $ */
/*-
* Copyright (c) 1994 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: svr4_32_exec_elf32.c,v 1.14 2005/12/11 12:20:26 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: svr4_32_exec_elf32.c,v 1.15 2006/05/14 21:25:21 elad Exp $");
#define ELFSIZE 32 /* XXX should die */
@ -142,19 +142,19 @@ svr4_32_copyargs(l, pack, arginfo, stackp, argp)
a++;
a->a_type = AT_EUID;
a->a_v = p->p_ucred->cr_uid;
a->a_v = kauth_cred_geteuid(p->p_cred);
a++;
a->a_type = AT_RUID;
a->a_v = p->p_cred->p_ruid;
a->a_v = kauth_cred_getuid(p->p_cred);
a++;
a->a_type = AT_EGID;
a->a_v = p->p_ucred->cr_gid;
a->a_v = kauth_cred_getegid(p->p_cred);
a++;
a->a_type = AT_RGID;
a->a_v = p->p_cred->p_rgid;
a->a_v = kauth_cred_getgid(p->p_cred);
a++;
if (sun_hwcap) {

13
sys/compat/svr4_32/svr4_32_fcntl.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: svr4_32_fcntl.c,v 1.12 2005/12/11 12:20:26 christos Exp $ */
/* $NetBSD: svr4_32_fcntl.c,v 1.13 2006/05/14 21:25:21 elad Exp $ */
/*-
* Copyright (c) 1994, 1997 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: svr4_32_fcntl.c,v 1.12 2005/12/11 12:20:26 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: svr4_32_fcntl.c,v 1.13 2006/05/14 21:25:21 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -51,6 +51,7 @@ __KERNEL_RCSID(0, "$NetBSD: svr4_32_fcntl.c,v 1.12 2005/12/11 12:20:26 christos
#include <sys/mount.h>
#include <sys/malloc.h>
#include <sys/vnode.h>
#include <sys/kauth.h>
#include <sys/sa.h>
#include <sys/syscallargs.h>
@ -284,11 +285,11 @@ fd_revoke(l, fd, retval)
goto out;
}
if ((error = VOP_GETATTR(vp, &vattr, p->p_ucred, l)) != 0)
if ((error = VOP_GETATTR(vp, &vattr, p->p_cred, l)) != 0)
goto out;
if (p->p_ucred->cr_uid != vattr.va_uid &&
(error = suser(p->p_ucred, &p->p_acflag)) != 0)
if (kauth_cred_geteuid(p->p_cred) != vattr.va_uid &&
(error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
goto out;
if ((error = vn_start_write(vp, &mp, V_WAIT | V_PCATCH)) != 0)
@ -328,7 +329,7 @@ fd_truncate(l, fd, flp, retval)
if (fp->f_type != DTYPE_VNODE || vp->v_type == VFIFO)
return ESPIPE;
if ((error = VOP_GETATTR(vp, &vattr, p->p_ucred, l)) != 0)
if ((error = VOP_GETATTR(vp, &vattr, p->p_cred, l)) != 0)
return error;
length = vattr.va_size;

9
sys/compat/svr4_32/svr4_32_stat.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: svr4_32_stat.c,v 1.18 2005/12/11 12:20:26 christos Exp $ */
/* $NetBSD: svr4_32_stat.c,v 1.19 2006/05/14 21:25:21 elad Exp $ */
/*-
* Copyright (c) 1994 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: svr4_32_stat.c,v 1.18 2005/12/11 12:20:26 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: svr4_32_stat.c,v 1.19 2006/05/14 21:25:21 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -51,6 +51,7 @@ __KERNEL_RCSID(0, "$NetBSD: svr4_32_stat.c,v 1.18 2005/12/11 12:20:26 christos E
#include <sys/mount.h>
#include <sys/malloc.h>
#include <sys/unistd.h>
#include <sys/kauth.h>
#include <sys/time.h>
#include <sys/ucred.h>
@ -686,13 +687,13 @@ svr4_32_sys_systeminfo(l, v, retval)
break;
case SVR4_SI_SET_HOSTNAME:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return error;
name[1] = KERN_HOSTNAME;
break;
case SVR4_SI_SET_SRPC_DOMAIN:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return error;
name[1] = KERN_DOMAINNAME;
break;

3
sys/conf/files
View File

@ -1,4 +1,4 @@
# $NetBSD: files,v 1.772 2006/05/05 18:26:19 thorpej Exp $
# $NetBSD: files,v 1.773 2006/05/14 21:25:21 elad Exp $
# @(#)files.newconf 7.5 (Berkeley) 5/10/93
@ -1213,6 +1213,7 @@ file kern/init_main.c
file kern/init_sysctl.c
file kern/init_sysent.c
file kern/kern_acct.c
file kern/kern_auth.c
file kern/kern_clock.c
file kern/kern_descrip.c
file kern/kern_event.c

2
sys/conf/majors
View File

@ -1,4 +1,4 @@
# $NetBSD: majors,v 1.21 2006/04/03 08:15:48 scw Exp $
# $NetBSD: majors,v 1.22 2006/05/14 21:25:21 elad Exp $
#
# Device majors for Machine-Independent drivers.
#

6
sys/contrib/dev/ath/netbsd/ah_osdep.c
View File

@ -33,7 +33,7 @@
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGES.
*
* $Id: ah_osdep.c,v 1.2 2006/04/05 06:54:26 gdamore Exp $
* $Id: ah_osdep.c,v 1.3 2006/05/14 21:25:21 elad Exp $
*/
#include "opt_athhal.h"
#include "athhal_options.h"
@ -44,6 +44,7 @@
#include <sys/sysctl.h>
#include <sys/malloc.h>
#include <sys/proc.h>
#include <sys/kauth.h>
#include <machine/stdarg.h>
@ -225,7 +226,8 @@ ath_hal_setlogging(int enable)
int error;
if (enable) {
error = suser(curproc->p_ucred, &curproc->p_acflag);
error = kauth_authorize_generic(curproc->p_cred,
KAUTH_GENERIC_ISSUSER, &curproc->p_acflag);
if (error == 0) {
error = alq_open(&ath_hal_alq, ath_hal_logfile,
curproc->p_ucred,

2
sys/contrib/dev/ath/public/alpha-elf.hal.o.uu
View File

@ -33,7 +33,7 @@
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGES.
*
* $Id: alpha-elf.hal.o.uu,v 1.1 2006/04/02 05:52:17 gdamore Exp $
* $Id: alpha-elf.hal.o.uu,v 1.2 2006/05/14 21:25:21 elad Exp $
*/
#define ATH_HAL_VERSION "0.9.16.16"
begin 644 hal.o

2
sys/contrib/dev/ath/public/powerpc-le-eabi.hal.o.uu
View File

@ -33,7 +33,7 @@
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGES.
*
* $Id: powerpc-le-eabi.hal.o.uu,v 1.1 2006/04/02 05:52:17 gdamore Exp $
* $Id: powerpc-le-eabi.hal.o.uu,v 1.2 2006/05/14 21:25:21 elad Exp $
*/
#define ATH_HAL_VERSION "0.9.16.16"
begin 644 hal.o

4
sys/ddb/db_command.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: db_command.c,v 1.87 2006/05/14 14:00:17 he Exp $ */
/* $NetBSD: db_command.c,v 1.88 2006/05/14 21:25:49 elad Exp $ */
/*
* Mach Operating System
@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: db_command.c,v 1.87 2006/05/14 14:00:17 he Exp $");
__KERNEL_RCSID(0, "$NetBSD: db_command.c,v 1.88 2006/05/14 21:25:49 elad Exp $");
#include "opt_ddb.h"
#include "opt_kgdb.h"

7
sys/ddb/db_xxx.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: db_xxx.c,v 1.37 2006/01/22 01:08:50 uwe Exp $ */
/* $NetBSD: db_xxx.c,v 1.38 2006/05/14 21:25:49 elad Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1991, 1993
@ -39,7 +39,7 @@
#include "opt_kgdb.h"
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: db_xxx.c,v 1.37 2006/01/22 01:08:50 uwe Exp $");
__KERNEL_RCSID(0, "$NetBSD: db_xxx.c,v 1.38 2006/05/14 21:25:49 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -51,6 +51,7 @@ __KERNEL_RCSID(0, "$NetBSD: db_xxx.c,v 1.37 2006/01/22 01:08:50 uwe Exp $");
#include <sys/signalvar.h>
#include <sys/resourcevar.h>
#include <sys/pool.h>
#include <sys/kauth.h>
#include <machine/db_machdep.h>
@ -194,7 +195,7 @@ db_show_all_procs(db_expr_t addr, int haddr, db_expr_t count, const char *modif)
case 'n':
db_printf("%8d %8d %10d %d %#7x %4d %16s %7.7s\n",
pp ? pp->p_pid : -1, p->p_pgrp->pg_id,
p->p_cred->p_ruid, p->p_stat, p->p_flag,
kauth_cred_getuid(p->p_cred), p->p_stat, p->p_flag,
p->p_nlwps, p->p_comm,
(p->p_nlwps != 1) ? "*" : (
(l->l_wchan && l->l_wmesg) ?

7
sys/net/agr/if_agr.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_agr.c,v 1.3 2005/12/11 12:24:54 christos Exp $ */
/* $NetBSD: if_agr.c,v 1.4 2006/05/14 21:19:33 elad Exp $ */
/*-
* Copyright (c)2005 YAMAMOTO Takashi,
@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_agr.c,v 1.3 2005/12/11 12:24:54 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_agr.c,v 1.4 2006/05/14 21:19:33 elad Exp $");
#include "bpfilter.h"
#include "opt_inet.h"
@ -858,7 +858,8 @@ agr_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
case SIOCSETAGR:
splx(s);
p = curproc; /* XXX */
error = suser(p->p_ucred, &p->p_acflag);
error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER,
&p->p_acflag);
if (!error) {
error = agrreq_copyin(ifr->ifr_data, &ar);
}

17
sys/net/bpf.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: bpf.c,v 1.116 2006/05/10 21:53:18 mrg Exp $ */
/* $NetBSD: bpf.c,v 1.117 2006/05/14 21:19:33 elad Exp $ */
/*
* Copyright (c) 1990, 1991, 1993
@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.116 2006/05/10 21:53:18 mrg Exp $");
__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.117 2006/05/14 21:19:33 elad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -64,6 +64,7 @@ __KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.116 2006/05/10 21:53:18 mrg Exp $");
#include <sys/kernel.h>
#include <sys/poll.h>
#include <sys/sysctl.h>
#include <sys/kauth.h>
#include <net/if.h>
#include <net/slip.h>
@ -141,9 +142,9 @@ static void reset_d(struct bpf_d *);
static int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *);
static int bpf_setdlt(struct bpf_d *, u_int);
static int bpf_read(struct file *, off_t *, struct uio *, struct ucred *,
static int bpf_read(struct file *, off_t *, struct uio *, kauth_cred_t,
int);
static int bpf_write(struct file *, off_t *, struct uio *, struct ucred *,
static int bpf_write(struct file *, off_t *, struct uio *, kauth_cred_t,
int);
static int bpf_ioctl(struct file *, u_long, void *, struct lwp *);
static int bpf_poll(struct file *, int, struct lwp *);
@ -455,7 +456,7 @@ bpf_close(struct file *fp, struct lwp *l)
*/
static int
bpf_read(struct file *fp, off_t *offp, struct uio *uio,
struct ucred *cred, int flags)
kauth_cred_t cred, int flags)
{
struct bpf_d *d = fp->f_data;
int timed_out;
@ -584,7 +585,7 @@ bpf_timed_out(void *arg)
static int
bpf_write(struct file *fp, off_t *offp, struct uio *uio,
struct ucred *cred, int flags)
kauth_cred_t cred, int flags)
{
struct bpf_d *d = fp->f_data;
struct ifnet *ifp;
@ -1702,7 +1703,9 @@ sysctl_net_bpf_peers(SYSCTLFN_ARGS)
if (namelen != 2)
return (EINVAL);
if ((error = suser(l->l_proc->p_ucred, &l->l_proc->p_acflag)))
if ((error = kauth_authorize_generic(l->l_proc->p_cred,
KAUTH_GENERIC_ISSUSER,
&l->l_proc->p_acflag)))
return (error);
len = (oldp != NULL) ? *oldlenp : 0;

13
sys/net/if.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if.c,v 1.164 2006/05/01 18:17:42 dyoung Exp $ */
/* $NetBSD: if.c,v 1.165 2006/05/14 21:19:33 elad Exp $ */
/*-
* Copyright (c) 1999, 2000, 2001 The NetBSD Foundation, Inc.
@ -97,7 +97,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.164 2006/05/01 18:17:42 dyoung Exp $");
__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.165 2006/05/14 21:19:33 elad Exp $");
#include "opt_inet.h"
@ -123,6 +123,7 @@ __KERNEL_RCSID(0, "$NetBSD: if.c,v 1.164 2006/05/01 18:17:42 dyoung Exp $");
#include <sys/ioctl.h>
#include <sys/sysctl.h>
#include <sys/syslog.h>
#include <sys/kauth.h>
#include <net/if.h>
#include <net/if_dl.h>
@ -1361,7 +1362,9 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct lwp *l)
case SIOCIFCREATE:
case SIOCIFDESTROY:
if (l) {
error = suser(l->l_proc->p_ucred, &l->l_proc->p_acflag);
error = kauth_authorize_generic(l->l_proc->p_cred,
KAUTH_GENERIC_ISSUSER,
&l->l_proc->p_acflag);
if (error)
return error;
}
@ -1399,7 +1402,9 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct lwp *l)
case SIOCS80211BSSID:
case SIOCS80211CHANNEL:
if (l) {
error = suser(l->l_proc->p_ucred, &l->l_proc->p_acflag);
error = kauth_authorize_generic(l->l_proc->p_cred,
KAUTH_GENERIC_ISSUSER,
&l->l_proc->p_acflag);
if (error)
return error;
}

9
sys/net/if_bridge.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_bridge.c,v 1.36 2006/01/17 13:23:02 christos Exp $ */
/* $NetBSD: if_bridge.c,v 1.37 2006/05/14 21:19:33 elad Exp $ */
/*
* Copyright 2001 Wasabi Systems, Inc.
@ -80,7 +80,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_bridge.c,v 1.36 2006/01/17 13:23:02 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_bridge.c,v 1.37 2006/05/14 21:19:33 elad Exp $");
#include "opt_bridge_ipf.h"
#include "opt_inet.h"
@ -97,6 +97,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_bridge.c,v 1.36 2006/01/17 13:23:02 christos Exp
#include <sys/systm.h>
#include <sys/proc.h>
#include <sys/pool.h>
#include <sys/kauth.h>
#if NBPFILTER > 0
#include <net/bpf.h>
@ -478,7 +479,9 @@ bridge_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
}
if (bc->bc_flags & BC_F_SUSER) {
error = suser(p->p_ucred, &p->p_acflag);
error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER,
&p->p_acflag);
if (error)
break;
}

5
sys/net/if_ethersubr.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_ethersubr.c,v 1.131 2006/05/12 01:20:33 mrg Exp $ */
/* $NetBSD: if_ethersubr.c,v 1.132 2006/05/14 21:19:33 elad Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -61,7 +61,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.131 2006/05/12 01:20:33 mrg Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.132 2006/05/14 21:19:33 elad Exp $");
#include "opt_inet.h"
#include "opt_atalk.h"
@ -91,6 +91,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.131 2006/05/12 01:20:33 mrg Exp $
#include <sys/ioctl.h>
#include <sys/errno.h>
#include <sys/syslog.h>
#include <sys/kauth.h>
#include <machine/cpu.h>

14
sys/net/if_gif.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_gif.c,v 1.58 2006/03/08 03:09:33 msaitoh Exp $ */
/* $NetBSD: if_gif.c,v 1.59 2006/05/14 21:19:33 elad Exp $ */
/* $KAME: if_gif.c,v 1.76 2001/08/20 02:01:02 kjc Exp $ */
/*
@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_gif.c,v 1.58 2006/03/08 03:09:33 msaitoh Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_gif.c,v 1.59 2006/05/14 21:19:33 elad Exp $");
#include "opt_inet.h"
#include "opt_iso.h"
@ -48,6 +48,8 @@ __KERNEL_RCSID(0, "$NetBSD: if_gif.c,v 1.58 2006/03/08 03:09:33 msaitoh Exp $");
#include <sys/syslog.h>
#include <sys/proc.h>
#include <sys/protosw.h>
#include <sys/kauth.h>
#include <machine/cpu.h>
#include <machine/intr.h>
@ -601,7 +603,9 @@ gif_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
break;
case SIOCSIFMTU:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred,
KAUTH_GENERIC_ISSUSER,
&p->p_acflag)) != 0)
break;
mtu = ifr->ifr_mtu;
if (mtu < GIF_MTU_MIN || mtu > GIF_MTU_MAX)
@ -617,7 +621,7 @@ gif_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
case SIOCSIFPHYADDR_IN6:
#endif /* INET6 */
case SIOCSLIFPHYADDR:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
switch (cmd) {
#ifdef INET
@ -706,7 +710,7 @@ gif_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
#ifdef SIOCDIFPHYADDR
case SIOCDIFPHYADDR:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
gif_delete_tunnel(&sc->gif_if);
break;

17
sys/net/if_gre.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_gre.c,v 1.59 2005/12/11 23:05:25 thorpej Exp $ */
/* $NetBSD: if_gre.c,v 1.60 2006/05/14 21:19:33 elad Exp $ */
/*
* Copyright (c) 1998 The NetBSD Foundation, Inc.
@ -48,7 +48,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_gre.c,v 1.59 2005/12/11 23:05:25 thorpej Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_gre.c,v 1.60 2006/05/14 21:19:33 elad Exp $");
#include "opt_inet.h"
#include "opt_ns.h"
@ -65,6 +65,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_gre.c,v 1.59 2005/12/11 23:05:25 thorpej Exp $");
#include <sys/queue.h>
#if __NetBSD__
#include <sys/systm.h>
#include <sys/kauth.h>
#endif
#include <machine/cpu.h>
@ -363,7 +364,7 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
case SIOCSIFDSTADDR:
break;
case SIOCSIFFLAGS:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
if ((ifr->ifr_flags & IFF_LINK0) != 0)
sc->g_proto = IPPROTO_GRE;
@ -371,7 +372,7 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
sc->g_proto = IPPROTO_MOBILE;
break;
case SIOCSIFMTU:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
if (ifr->ifr_mtu < 576) {
error = EINVAL;
@ -403,7 +404,7 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
}
break;
case GRESPROTO:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
sc->g_proto = ifr->ifr_flags;
switch (sc->g_proto) {
@ -423,7 +424,7 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
break;
case GRESADDRS:
case GRESADDRD:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
/*
* set tunnel endpoints, compute a less specific route
@ -462,7 +463,7 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
ifr->ifr_addr = *sa;
break;
case SIOCSLIFPHYADDR:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
if (lifr->addr.ss_family != AF_INET ||
lifr->dstaddr.ss_family != AF_INET) {
@ -479,7 +480,7 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
(satosin((struct sockadrr *)&lifr->dstaddr))->sin_addr;
goto recompute;
case SIOCDIFPHYADDR:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
sc->g_src.s_addr = INADDR_ANY;
sc->g_dst.s_addr = INADDR_ANY;

19
sys/net/if_ppp.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_ppp.c,v 1.105 2006/01/02 01:42:36 yamt Exp $ */
/* $NetBSD: if_ppp.c,v 1.106 2006/05/14 21:19:33 elad Exp $ */
/* Id: if_ppp.c,v 1.6 1997/03/04 03:33:00 paulus Exp */
/*
@ -102,7 +102,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_ppp.c,v 1.105 2006/01/02 01:42:36 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_ppp.c,v 1.106 2006/05/14 21:19:33 elad Exp $");
#include "ppp.h"
@ -125,6 +125,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_ppp.c,v 1.105 2006/01/02 01:42:36 yamt Exp $");
#include <sys/time.h>
#include <sys/malloc.h>
#include <sys/conf.h>
#include <sys/kauth.h>
#include <net/if.h>
#include <net/if_types.h>
@ -535,7 +536,7 @@ pppioctl(struct ppp_softc *sc, u_long cmd, caddr_t data, int flag,
break;
case PPPIOCSFLAGS:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
flags = *(int *)data & SC_MASK;
s = splsoftnet();
@ -549,7 +550,7 @@ pppioctl(struct ppp_softc *sc, u_long cmd, caddr_t data, int flag,
break;
case PPPIOCSMRU:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
mru = *(int *)data;
if (mru >= PPP_MINMRU && mru <= PPP_MAXMRU)
@ -562,7 +563,7 @@ pppioctl(struct ppp_softc *sc, u_long cmd, caddr_t data, int flag,
#ifdef VJC
case PPPIOCSMAXCID:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
if (sc->sc_comp) {
s = splsoftnet();
@ -573,14 +574,14 @@ pppioctl(struct ppp_softc *sc, u_long cmd, caddr_t data, int flag,
#endif
case PPPIOCXFERUNIT:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
sc->sc_xfer = p->p_pid;
break;
#ifdef PPP_COMPRESS
case PPPIOCSCOMPRESS:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
odp = (struct ppp_option_data *) data;
nb = odp->length;
@ -653,7 +654,7 @@ pppioctl(struct ppp_softc *sc, u_long cmd, caddr_t data, int flag,
if (cmd == PPPIOCGNPMODE) {
npi->mode = sc->sc_npmode[npx];
} else {
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
if (npi->mode != sc->sc_npmode[npx]) {
s = splnet();
@ -794,7 +795,7 @@ pppsioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
break;
case SIOCSIFMTU:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
sc->sc_if.if_mtu = ifr->ifr_mtu;
break;

7
sys/net/if_pppoe.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_pppoe.c,v 1.67 2006/04/27 20:04:26 tron Exp $ */
/* $NetBSD: if_pppoe.c,v 1.68 2006/05/14 21:19:33 elad Exp $ */
/*-
* Copyright (c) 2002 The NetBSD Foundation, Inc.
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.67 2006/04/27 20:04:26 tron Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.68 2006/05/14 21:19:33 elad Exp $");
#include "pppoe.h"
#include "bpfilter.h"
@ -52,6 +52,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.67 2006/04/27 20:04:26 tron Exp $");
#include <sys/socket.h>
#include <sys/proc.h>
#include <sys/ioctl.h>
#include <sys/kauth.h>
#include <net/if.h>
#include <net/if_types.h>
#include <net/if_ether.h>
@ -858,7 +859,7 @@ pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, caddr_t data)
case PPPOESETPARMS:
{
struct pppoediscparms *parms = (struct pppoediscparms*)data;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return error;
if (parms->eth_ifname[0] != 0) {
struct ifnet *eth_if;

7
sys/net/if_sl.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_sl.c,v 1.96 2006/03/02 17:20:07 christos Exp $ */
/* $NetBSD: if_sl.c,v 1.97 2006/05/14 21:19:33 elad Exp $ */
/*
* Copyright (c) 1987, 1989, 1992, 1993
@ -60,7 +60,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_sl.c,v 1.96 2006/03/02 17:20:07 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_sl.c,v 1.97 2006/05/14 21:19:33 elad Exp $");
#include "opt_inet.h"
#include "bpfilter.h"
@ -79,6 +79,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_sl.c,v 1.96 2006/03/02 17:20:07 christos Exp $");
#include <sys/kernel.h>
#if __NetBSD__
#include <sys/systm.h>
#include <sys/kauth.h>
#endif
#include <machine/cpu.h>
@ -306,7 +307,7 @@ slopen(dev_t dev, struct tty *tp)
int error;
int s;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
if (tp->t_linesw == &slip_disc)

7
sys/net/if_spppsubr.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_spppsubr.c,v 1.89 2006/05/14 05:30:31 christos Exp $ */
/* $NetBSD: if_spppsubr.c,v 1.90 2006/05/14 21:19:33 elad Exp $ */
/*
* Synchronous PPP/Cisco link level subroutines.
@ -41,7 +41,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_spppsubr.c,v 1.89 2006/05/14 05:30:31 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_spppsubr.c,v 1.90 2006/05/14 21:19:33 elad Exp $");
#include "opt_inet.h"
#include "opt_ipx.h"
@ -61,6 +61,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_spppsubr.c,v 1.89 2006/05/14 05:30:31 christos Ex
#include <sys/callout.h>
#include <sys/md5.h>
#include <sys/inttypes.h>
#include <sys/kauth.h>
#include <net/if.h>
#include <net/netisr.h>
@ -1147,7 +1148,7 @@ sppp_ioctl(struct ifnet *ifp, u_long cmd, void *data)
{
struct proc *p = curproc; /* XXX */
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
}
/* FALLTHROUGH */

8
sys/net/if_stf.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_stf.c,v 1.50 2005/12/11 23:05:25 thorpej Exp $ */
/* $NetBSD: if_stf.c,v 1.51 2006/05/14 21:19:33 elad Exp $ */
/* $KAME: if_stf.c,v 1.62 2001/06/07 22:32:16 itojun Exp $ */
/*
@ -75,7 +75,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_stf.c,v 1.50 2005/12/11 23:05:25 thorpej Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_stf.c,v 1.51 2006/05/14 21:19:33 elad Exp $");
#include "opt_inet.h"
@ -90,6 +90,8 @@ __KERNEL_RCSID(0, "$NetBSD: if_stf.c,v 1.50 2005/12/11 23:05:25 thorpej Exp $");
#include <sys/protosw.h>
#include <sys/queue.h>
#include <sys/syslog.h>
#include <sys/kauth.h>
#include <machine/cpu.h>
#include <net/if.h>
@ -715,7 +717,7 @@ stf_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
break;
case SIOCSIFMTU:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
ifr = (struct ifreq *)data;
mtu = ifr->ifr_mtu;

7
sys/net/if_strip.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_strip.c,v 1.64 2005/12/11 23:05:25 thorpej Exp $ */
/* $NetBSD: if_strip.c,v 1.65 2006/05/14 21:19:33 elad Exp $ */
/* from: NetBSD: if_sl.c,v 1.38 1996/02/13 22:00:23 christos Exp $ */
/*
@ -87,7 +87,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_strip.c,v 1.64 2005/12/11 23:05:25 thorpej Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_strip.c,v 1.65 2006/05/14 21:19:33 elad Exp $");
#include "opt_inet.h"
#include "bpfilter.h"
@ -106,6 +106,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_strip.c,v 1.64 2005/12/11 23:05:25 thorpej Exp $"
#if __NetBSD__
#include <sys/systm.h>
#include <sys/callout.h>
#include <sys/kauth.h>
#endif
#include <sys/syslog.h>
@ -481,7 +482,7 @@ stripopen(dev_t dev, struct tty *tp)
int s;
#endif
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
if (tp->t_linesw == &strip_disc)

13
sys/net/if_tap.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_tap.c,v 1.16 2006/03/29 04:16:51 thorpej Exp $ */
/* $NetBSD: if_tap.c,v 1.17 2006/05/14 21:19:33 elad Exp $ */
/*
* Copyright (c) 2003, 2004 The NetBSD Foundation.
@ -43,7 +43,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_tap.c,v 1.16 2006/03/29 04:16:51 thorpej Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_tap.c,v 1.17 2006/05/14 21:19:33 elad Exp $");
#if defined(_KERNEL_OPT)
#include "bpfilter.h"
@ -62,6 +62,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_tap.c,v 1.16 2006/03/29 04:16:51 thorpej Exp $");
#include <sys/select.h>
#include <sys/sockio.h>
#include <sys/sysctl.h>
#include <sys/kauth.h>
#include <net/if.h>
#include <net/if_dl.h>
@ -140,9 +141,9 @@ static int tap_dev_kqfilter(int, struct knote *);
/* Fileops access routines */
static int tap_fops_close(struct file *, struct lwp *);
static int tap_fops_read(struct file *, off_t *, struct uio *,
struct ucred *, int);
kauth_cred_t, int);
static int tap_fops_write(struct file *, off_t *, struct uio *,
struct ucred *, int);
kauth_cred_t, int);
static int tap_fops_ioctl(struct file *, u_long, void *,
struct lwp *);
static int tap_fops_poll(struct file *, int, struct lwp *);
@ -807,7 +808,7 @@ tap_cdev_read(dev_t dev, struct uio *uio, int flags)
static int
tap_fops_read(struct file *fp, off_t *offp, struct uio *uio,
struct ucred *cred, int flags)
kauth_cred_t cred, int flags)
{
return tap_dev_read((intptr_t)fp->f_data, uio, flags);
}
@ -906,7 +907,7 @@ tap_cdev_write(dev_t dev, struct uio *uio, int flags)
static int
tap_fops_write(struct file *fp, off_t *offp, struct uio *uio,
struct ucred *cred, int flags)
kauth_cred_t cred, int flags)
{
return tap_dev_write((intptr_t)fp->f_data, uio, flags);
}

7
sys/net/if_tun.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_tun.c,v 1.88 2006/04/18 19:30:49 rpaulo Exp $ */
/* $NetBSD: if_tun.c,v 1.89 2006/05/14 21:19:33 elad Exp $ */
/*
* Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk>
@ -15,7 +15,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_tun.c,v 1.88 2006/04/18 19:30:49 rpaulo Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_tun.c,v 1.89 2006/05/14 21:19:33 elad Exp $");
#include "opt_inet.h"
#include "opt_ns.h"
@ -35,6 +35,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_tun.c,v 1.88 2006/04/18 19:30:49 rpaulo Exp $");
#include <sys/file.h>
#include <sys/signalvar.h>
#include <sys/conf.h>
#include <sys/kauth.h>
#include <machine/cpu.h>
@ -279,7 +280,7 @@ tunopen(dev_t dev, int flag, int mode, struct lwp *l)
struct tun_softc *tp;
int s, error;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
s = splnet();

7
sys/net/if_vlan.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: if_vlan.c,v 1.47 2005/12/11 12:24:51 christos Exp $ */
/* $NetBSD: if_vlan.c,v 1.48 2006/05/14 21:19:33 elad Exp $ */
/*-
* Copyright (c) 2000, 2001 The NetBSD Foundation, Inc.
@ -85,7 +85,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: if_vlan.c,v 1.47 2005/12/11 12:24:51 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: if_vlan.c,v 1.48 2006/05/14 21:19:33 elad Exp $");
#include "opt_inet.h"
#include "bpfilter.h"
@ -98,6 +98,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_vlan.c,v 1.47 2005/12/11 12:24:51 christos Exp $"
#include <sys/sockio.h>
#include <sys/systm.h>
#include <sys/proc.h>
#include <sys/kauth.h>
#if NBPFILTER > 0
#include <net/bpf.h>
@ -514,7 +515,7 @@ vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
break;
case SIOCSETVLAN:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
if ((error = copyin(ifr->ifr_data, &vlr, sizeof(vlr))) != 0)
break;

4
sys/net/net_osdep.h
View File

@ -1,4 +1,4 @@
/* $NetBSD: net_osdep.h,v 1.12 2006/01/28 01:49:58 rpaulo Exp $ */
/* $NetBSD: net_osdep.h,v 1.13 2006/05/14 21:19:33 elad Exp $ */
/* $KAME: net_osdep.h,v 1.51 2001/07/06 06:21:43 itojun Exp $ */
/*
@ -82,7 +82,7 @@
* NetBSD
* struct lwp *l;
* if (l->l_proc &&
* !suser(l->l_proc->p_ucred, &l->l_proc->p_acflag))
* !kauth_authorize_generic(l->l_proc->p_cred, KAUTH_GENERIC_ISSUSER, &l->l_proc->p_acflag))
* privileged;
* FreeBSD 3
* struct proc *p;

13
sys/net/ppp_tty.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: ppp_tty.c,v 1.41 2005/12/11 23:05:25 thorpej Exp $ */
/* $NetBSD: ppp_tty.c,v 1.42 2006/05/14 21:19:33 elad Exp $ */
/* Id: ppp_tty.c,v 1.3 1996/07/01 01:04:11 paulus Exp */
/*
@ -93,7 +93,7 @@
/* from NetBSD: if_ppp.c,v 1.15.2.2 1994/07/28 05:17:58 cgd Exp */
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: ppp_tty.c,v 1.41 2005/12/11 23:05:25 thorpej Exp $");
__KERNEL_RCSID(0, "$NetBSD: ppp_tty.c,v 1.42 2006/05/14 21:19:33 elad Exp $");
#include "ppp.h"
@ -113,6 +113,7 @@ __KERNEL_RCSID(0, "$NetBSD: ppp_tty.c,v 1.41 2005/12/11 23:05:25 thorpej Exp $")
#include <sys/conf.h>
#include <sys/vnode.h>
#include <sys/systm.h>
#include <sys/kauth.h>
#include <net/if.h>
#include <net/if_types.h>
@ -207,7 +208,7 @@ pppopen(dev_t dev, struct tty *tp)
struct ppp_softc *sc;
int error, s;
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
return (error);
s = spltty();
@ -450,7 +451,7 @@ ppptioctl(struct tty *tp, u_long cmd, caddr_t data, int flag, struct lwp *l)
break;
case PPPIOCSASYNCMAP:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
sc->sc_asyncmap[0] = *(u_int *)data;
break;
@ -460,7 +461,7 @@ ppptioctl(struct tty *tp, u_long cmd, caddr_t data, int flag, struct lwp *l)
break;
case PPPIOCSRASYNCMAP:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
sc->sc_rasyncmap = *(u_int *)data;
break;
@ -470,7 +471,7 @@ ppptioctl(struct tty *tp, u_long cmd, caddr_t data, int flag, struct lwp *l)
break;
case PPPIOCSXASYNCMAP:
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
if ((error = kauth_authorize_generic(p->p_cred, KAUTH_GENERIC_ISSUSER, &p->p_acflag)) != 0)
break;
s = spltty();
bcopy(data, sc->sc_asyncmap, sizeof(sc->sc_asyncmap));

Some files were not shown because too many files have changed in this diff Show More