diff --git a/sys/dist/ipf/netinet/ip_fil_netbsd.c b/sys/dist/ipf/netinet/ip_fil_netbsd.c index 35393dd60831..8a338055882c 100644 --- a/sys/dist/ipf/netinet/ip_fil_netbsd.c +++ b/sys/dist/ipf/netinet/ip_fil_netbsd.c @@ -1,4 +1,4 @@ -/* $NetBSD: ip_fil_netbsd.c,v 1.22 2006/09/08 20:58:57 elad Exp $ */ +/* $NetBSD: ip_fil_netbsd.c,v 1.23 2006/09/13 10:07:42 elad Exp $ */ /* * Copyright (C) 1993-2003 by Darren Reed. @@ -524,7 +524,7 @@ int mode; #if (__NetBSD_Version__ >= 399002000) if ((mode & FWRITE) && kauth_authorize_network(p->l_cred, KAUTH_NETWORK_FIREWALL, (void *)KAUTH_REQ_NETWORK_FIREWALL_FW, - NULL, NULL, NULL) != KAUTH_RESULT_ALLOW) + NULL, NULL, NULL)) #else if ((securelevel >= 2) && (mode & FWRITE)) #endif diff --git a/sys/dist/ipf/netinet/ip_nat.c b/sys/dist/ipf/netinet/ip_nat.c index c2b614a375bf..6f0ea8780ebc 100644 --- a/sys/dist/ipf/netinet/ip_nat.c +++ b/sys/dist/ipf/netinet/ip_nat.c @@ -1,4 +1,4 @@ -/* $NetBSD: ip_nat.c,v 1.13 2006/09/08 20:58:57 elad Exp $ */ +/* $NetBSD: ip_nat.c,v 1.14 2006/09/13 10:07:42 elad Exp $ */ /* * Copyright (C) 1995-2003 by Darren Reed. @@ -627,7 +627,7 @@ int mode; #if (__NetBSD_Version__ >= 399002000) if ((mode & FWRITE) && kauth_authorize_network(curlwp->l_cred, KAUTH_NETWORK_FIREWALL, (void *)KAUTH_REQ_NETWORK_FIREWALL_NAT, - NULL, NULL, NULL) != KAUTH_RESULT_ALLOW) + NULL, NULL, NULL)) #else if ((securelevel >= 2) && (mode & FWRITE)) #endif diff --git a/sys/ipkdb/ipkdb_ipkdb.c b/sys/ipkdb/ipkdb_ipkdb.c index 34fae53d5063..fc689171a0ba 100644 --- a/sys/ipkdb/ipkdb_ipkdb.c +++ b/sys/ipkdb/ipkdb_ipkdb.c @@ -1,4 +1,4 @@ -/* $NetBSD: ipkdb_ipkdb.c,v 1.16 2006/09/08 20:58:57 elad Exp $ */ +/* $NetBSD: ipkdb_ipkdb.c,v 1.17 2006/09/13 10:07:42 elad Exp $ */ /* * Copyright (C) 1993-2000 Wolfgang Solfrank. @@ -32,7 +32,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ipkdb_ipkdb.c,v 1.16 2006/09/08 20:58:57 elad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ipkdb_ipkdb.c,v 1.17 2006/09/13 10:07:42 elad Exp $"); #include "opt_ipkdb.h" @@ -1140,7 +1140,7 @@ check_ipkdb(ifp, shost, p, l) #ifndef IPKDBSECURE if (kauth_authorize_system(curlwp->l_cred, KAUTH_SYSTEM_IPKDB, - NULL, NULL, NULL, NULL) != KAUTH_RESULT_ALLOW) + NULL, NULL, NULL, NULL)) return 0; #endif if (ipkdbcmp(chksum(p, l), p + l, LENCHK)) diff --git a/sys/kern/init_sysctl.c b/sys/kern/init_sysctl.c index c32d3062ec2e..9b884bb5311e 100644 --- a/sys/kern/init_sysctl.c +++ b/sys/kern/init_sysctl.c @@ -1,4 +1,4 @@ -/* $NetBSD: init_sysctl.c,v 1.84 2006/09/10 05:46:02 manu Exp $ */ +/* $NetBSD: init_sysctl.c,v 1.85 2006/09/13 10:07:42 elad Exp $ */ /*- * Copyright (c) 2003 The NetBSD Foundation, Inc. @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: init_sysctl.c,v 1.84 2006/09/10 05:46:02 manu Exp $"); +__KERNEL_RCSID(0, "$NetBSD: init_sysctl.c,v 1.85 2006/09/13 10:07:42 elad Exp $"); #include "opt_sysv.h" #include "opt_multiprocessor.h" @@ -1153,7 +1153,7 @@ sysctl_kern_rtc_offset(SYSCTLFN_ARGS) if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_TIME, KAUTH_REQ_SYSTEM_TIME_RTCOFFSET, - (void *)(u_long)new_rtc_offset, NULL, NULL) != KAUTH_RESULT_ALLOW) + (void *)(u_long)new_rtc_offset, NULL, NULL)) return (EPERM); if (rtc_offset == new_rtc_offset) return (0); @@ -2383,7 +2383,7 @@ sysctl_kern_proc_args(SYSCTLFN_ARGS) /* only root or same user change look at the environment */ if (type == KERN_PROC_ENV || type == KERN_PROC_NENV) { if (kauth_authorize_process(l->l_cred, KAUTH_PROCESS_CANSEE, - p, NULL, NULL, NULL) != KAUTH_RESULT_ALLOW) { + p, NULL, NULL, NULL)) { error = EPERM; goto out_locked; } @@ -2625,7 +2625,7 @@ sysctl_security_setidcore(SYSCTLFN_ARGS) return error; if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_SETIDCORE, - 0, NULL, NULL, NULL) != KAUTH_RESULT_ALLOW) + 0, NULL, NULL, NULL)) return (EPERM); *(int *)rnode->sysctl_data = newsize; @@ -2649,7 +2649,7 @@ sysctl_security_setidcorename(SYSCTLFN_ARGS) goto out; } if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_SETIDCORE, - 0, NULL, NULL, NULL) != KAUTH_RESULT_ALLOW) { + 0, NULL, NULL, NULL)) { error = EPERM; goto out; } diff --git a/sys/kern/kern_lkm.c b/sys/kern/kern_lkm.c index 8a0e40df6435..a6825123b14e 100644 --- a/sys/kern/kern_lkm.c +++ b/sys/kern/kern_lkm.c @@ -1,4 +1,4 @@ -/* $NetBSD: kern_lkm.c,v 1.92 2006/09/08 20:58:57 elad Exp $ */ +/* $NetBSD: kern_lkm.c,v 1.93 2006/09/13 10:07:42 elad Exp $ */ /* * Copyright (c) 1994 Christopher G. Demetriou @@ -41,7 +41,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_lkm.c,v 1.92 2006/09/08 20:58:57 elad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_lkm.c,v 1.93 2006/09/13 10:07:42 elad Exp $"); #include "opt_ddb.h" #include "opt_malloclog.h" @@ -345,7 +345,7 @@ lkmioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct lwp *l) switch(cmd) { case LMRESERV: /* reserve pages for a module */ if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LKM, - 0, (void *)cmd, NULL, NULL) != KAUTH_RESULT_ALLOW) + 0, (void *)cmd, NULL, NULL)) return EPERM; if ((flag & FWRITE) == 0) /* only allow this if writing */ @@ -397,7 +397,7 @@ lkmioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct lwp *l) case LMLOADBUF: /* Copy in; stateful, follows LMRESERV */ if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LKM, - 0, (void *)cmd, NULL, NULL) != KAUTH_RESULT_ALLOW) + 0, (void *)cmd, NULL, NULL)) return EPERM; if ((flag & FWRITE) == 0) /* only allow this if writing */ @@ -466,7 +466,7 @@ lkmioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct lwp *l) case LMUNRESRV: /* discard reserved pages for a module */ if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LKM, - 0, (void *)cmd, NULL, NULL) != KAUTH_RESULT_ALLOW) + 0, (void *)cmd, NULL, NULL)) return EPERM; if ((flag & FWRITE) == 0) /* only allow this if writing */ @@ -483,7 +483,7 @@ lkmioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct lwp *l) case LMREADY: /* module loaded: call entry */ if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LKM, - 0, (void *)cmd, NULL, NULL) != KAUTH_RESULT_ALLOW) + 0, (void *)cmd, NULL, NULL)) return EPERM; if ((flag & FWRITE) == 0) /* only allow this if writing */ @@ -573,7 +573,7 @@ lkmioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct lwp *l) case LMUNLOAD: /* unload a module */ if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LKM, - 0, (void *)cmd, NULL, NULL) != KAUTH_RESULT_ALLOW) + 0, (void *)cmd, NULL, NULL)) return EPERM; if ((flag & FWRITE) == 0) /* only allow this if writing */ @@ -627,7 +627,7 @@ lkmioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct lwp *l) #ifdef LMFORCE case LMFORCE: /* stateful, optionally follows LMRESERV */ if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LKM, - 0, (void *)cmd, NULL, NULL) != KAUTH_RESULT_ALLOW) + 0, (void *)cmd, NULL, NULL)) return EPERM; if ((flag & FWRITE) == 0) /* only allow this if writing */ diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c index 371ebf08c53f..5a3ca4910929 100644 --- a/sys/kern/kern_resource.c +++ b/sys/kern/kern_resource.c @@ -1,4 +1,4 @@ -/* $NetBSD: kern_resource.c,v 1.104 2006/09/08 20:58:57 elad Exp $ */ +/* $NetBSD: kern_resource.c,v 1.105 2006/09/13 10:07:42 elad Exp $ */ /*- * Copyright (c) 1982, 1986, 1991, 1993 @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_resource.c,v 1.104 2006/09/08 20:58:57 elad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_resource.c,v 1.105 2006/09/13 10:07:42 elad Exp $"); #include #include @@ -264,7 +264,7 @@ dosetrlimit(struct lwp *l, struct proc *p, int which, struct rlimit *limp) if (limp->rlim_max > alimp->rlim_max && (error = kauth_authorize_process(l->l_cred, KAUTH_PROCESS_RESOURCE, p, (void *)KAUTH_REQ_PROCESS_RESOURCE_RLIMIT, limp, - (void *)(u_long)which)) != KAUTH_RESULT_ALLOW) + (void *)(u_long)which))) return (error); if (p->p_limit->p_refcnt > 1 && diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 83c3467e078d..717c0c5b7026 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -1,4 +1,4 @@ -/* $NetBSD: vfs_syscalls.c,v 1.269 2006/09/12 07:51:29 elad Exp $ */ +/* $NetBSD: vfs_syscalls.c,v 1.270 2006/09/13 10:07:42 elad Exp $ */ /* * Copyright (c) 1989, 1993 @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.269 2006/09/12 07:51:29 elad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.270 2006/09/13 10:07:42 elad Exp $"); #include "opt_compat_netbsd.h" #include "opt_compat_43.h" @@ -1496,7 +1496,7 @@ dofhopen(struct lwp *l, const void *ufhp, size_t fhsize, int oflags, * Must be super user */ if ((error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_FILEHANDLE, - 0, NULL, NULL, NULL)) != KAUTH_RESULT_ALLOW) + 0, NULL, NULL, NULL))) return (error); flags = FFLAGS(oflags); @@ -1631,7 +1631,7 @@ dofhstat(struct lwp *l, const void *ufhp, size_t fhsize, struct stat *sbp, * Must be super user */ if ((error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_FILEHANDLE, - 0, NULL, NULL, NULL)) != KAUTH_RESULT_ALLOW) + 0, NULL, NULL, NULL))) return (error); error = vfs_copyinfh_alloc(ufhp, fhsize, &fh); @@ -1682,7 +1682,7 @@ dofhstatvfs(struct lwp *l, const void *ufhp, size_t fhsize, struct statvfs *buf, * Must be super user */ if ((error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_FILEHANDLE, - 0, NULL, NULL, NULL)) != KAUTH_RESULT_ALLOW) + 0, NULL, NULL, NULL))) return error; error = vfs_copyinfh_alloc(ufhp, fhsize, &fh); diff --git a/sys/miscfs/umapfs/umap_vnops.c b/sys/miscfs/umapfs/umap_vnops.c index 2c8373a804bc..bf9a75a13e9d 100644 --- a/sys/miscfs/umapfs/umap_vnops.c +++ b/sys/miscfs/umapfs/umap_vnops.c @@ -1,4 +1,4 @@ -/* $NetBSD: umap_vnops.c,v 1.40 2006/09/08 20:58:57 elad Exp $ */ +/* $NetBSD: umap_vnops.c,v 1.41 2006/09/13 10:07:42 elad Exp $ */ /* * Copyright (c) 1992, 1993 @@ -39,7 +39,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: umap_vnops.c,v 1.40 2006/09/08 20:58:57 elad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: umap_vnops.c,v 1.41 2006/09/13 10:07:42 elad Exp $"); #include #include @@ -194,7 +194,7 @@ umap_bypass(v) if ((flags & LAYERFS_MBYPASSDEBUG) && kauth_authorize_generic(credp, KAUTH_GENERIC_ISSUSER, - NULL) != KAUTH_RESULT_ALLOW) + NULL)) printf("umap_bypass: user was %d, group %d\n", kauth_cred_geteuid(credp), kauth_cred_getegid(credp)); @@ -204,7 +204,7 @@ umap_bypass(v) if ((flags & LAYERFS_MBYPASSDEBUG) && kauth_authorize_generic(credp, KAUTH_GENERIC_ISSUSER, - NULL) != KAUTH_RESULT_ALLOW) + NULL)) printf("umap_bypass: user now %d, group %d\n", kauth_cred_geteuid(credp), kauth_cred_getegid(credp)); } @@ -225,7 +225,7 @@ umap_bypass(v) if ((flags & LAYERFS_MBYPASSDEBUG) && kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, - NULL) != KAUTH_RESULT_ALLOW) + NULL)) printf("umap_bypass: component credit user was %d, group %d\n", kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp)); @@ -235,7 +235,7 @@ umap_bypass(v) if ((flags & LAYERFS_MBYPASSDEBUG) && kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, - NULL) != KAUTH_RESULT_ALLOW) + NULL)) printf("umap_bypass: component credit user now %d, group %d\n", kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp)); } @@ -312,7 +312,7 @@ umap_bypass(v) *credpp = savecredp; if ((flags & LAYERFS_MBYPASSDEBUG) && credpp && kauth_authorize_generic(*credpp, - KAUTH_GENERIC_ISSUSER,NULL) != KAUTH_RESULT_ALLOW) + KAUTH_GENERIC_ISSUSER,NULL)) printf("umap_bypass: returning-user now %d\n\n", kauth_cred_geteuid(savecredp)); } @@ -321,7 +321,7 @@ umap_bypass(v) if (descp->vdesc_componentname_offset != VDESC_NO_OFFSET) { if ((flags & LAYERFS_MBYPASSDEBUG) && compcredp && kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, - NULL) != KAUTH_RESULT_ALLOW) + NULL)) printf("umap_bypass: returning-component-user was %d\n", kauth_cred_geteuid(compcredp)); @@ -330,7 +330,7 @@ umap_bypass(v) (*compnamepp)->cn_cred = savecompcredp; if ((flags & LAYERFS_MBYPASSDEBUG) && savecompcredp && kauth_authorize_generic(savecompcredp, - KAUTH_GENERIC_ISSUSER, NULL) != KAUTH_RESULT_ALLOW) + KAUTH_GENERIC_ISSUSER, NULL)) printf("umap_bypass: returning-component-user now %d\n", kauth_cred_geteuid(savecompcredp)); } @@ -387,7 +387,7 @@ umap_lookup(v) if ((flags & LAYERFS_MBYPASSDEBUG) && kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, - NULL) != KAUTH_RESULT_ALLOW) + NULL)) printf("umap_lookup: component credit user was %d, group %d\n", kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp)); @@ -397,7 +397,7 @@ umap_lookup(v) if ((flags & LAYERFS_MBYPASSDEBUG) && compcredp && kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, - NULL) != KAUTH_RESULT_ALLOW) + NULL)) printf("umap_lookup: component credit user now %d, group %d\n", kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp)); @@ -435,7 +435,7 @@ umap_lookup(v) */ if ((flags & LAYERFS_MBYPASSDEBUG) && compcredp && kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, - NULL) != KAUTH_RESULT_ALLOW) + NULL)) printf("umap_lookup: returning-component-user was %d\n", kauth_cred_geteuid(compcredp)); @@ -445,7 +445,7 @@ umap_lookup(v) cnp->cn_cred = savecompcredp; if ((flags & LAYERFS_MBYPASSDEBUG) && savecompcredp && kauth_authorize_generic(savecompcredp, - KAUTH_GENERIC_ISSUSER, NULL) != KAUTH_RESULT_ALLOW) + KAUTH_GENERIC_ISSUSER, NULL)) printf("umap_lookup: returning-component-user now %d\n", kauth_cred_geteuid(savecompcredp)); } @@ -578,7 +578,7 @@ umap_rename(v) if ((flags & LAYERFS_MBYPASSDEBUG) && kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, - NULL) != KAUTH_RESULT_ALLOW) + NULL)) printf("umap_rename: rename component credit user was %d, group %d\n", kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp)); @@ -588,7 +588,7 @@ umap_rename(v) if ((flags & LAYERFS_MBYPASSDEBUG) && kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, - NULL) != KAUTH_RESULT_ALLOW) + NULL)) printf("umap_rename: rename component credit user now %d, group %d\n", kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp)); diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index 6ae884f86093..837b5c058f13 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -1,4 +1,4 @@ -/* $NetBSD: ip_input.c,v 1.230 2006/09/08 20:58:58 elad Exp $ */ +/* $NetBSD: ip_input.c,v 1.231 2006/09/13 10:07:42 elad Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -98,7 +98,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.230 2006/09/08 20:58:58 elad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.231 2006/09/13 10:07:42 elad Exp $"); #include "opt_inet.h" #include "opt_gateway.h" @@ -2113,7 +2113,7 @@ sysctl_net_inet_ip_forwsrcrt(SYSCTLFN_ARGS) return (error); if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_FORWSRCRT, - NULL, NULL, NULL, NULL) != KAUTH_RESULT_ALLOW) + NULL, NULL, NULL, NULL)) return (EPERM); ip_forwsrcrt = tmp; diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index 80ee5cc68879..b0267345f9d8 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -1,4 +1,4 @@ -/* $NetBSD: tcp_usrreq.c,v 1.121 2006/09/08 20:58:58 elad Exp $ */ +/* $NetBSD: tcp_usrreq.c,v 1.122 2006/09/13 10:07:42 elad Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -102,7 +102,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: tcp_usrreq.c,v 1.121 2006/09/08 20:58:58 elad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: tcp_usrreq.c,v 1.122 2006/09/13 10:07:42 elad Exp $"); #include "opt_inet.h" #include "opt_ipsec.h" @@ -1259,7 +1259,7 @@ sysctl_inpcblist(SYSCTLFN_ARGS) #ifdef notyet if (kauth_authorize_generic(l->l_cred, KAUTH_GENERIC_CANSEE, - inph->inph_socket->so_cred) != KAUTH_RESULT_ALLOW) + inph->inph_socket->so_cred)) #endif if (kauth_cred_geteuid(l->l_cred) != 0 && kauth_cred_geteuid(l->l_cred) !=