In the KERN_GETPROC* handler:

* Handle KERN_PROC_SESSION that has been defined in <sys/sysctl.h> from
  day one.
* Add handlers for KERN_PROC_GID and KERN_PROC_RGID.
* If "op" doesn't valid, return EINVAL.

sys/kern/kern_sysctl.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_sysctl.c,v 1.70 2000/06/03 20:42:42 thorpej Exp $	*/
+/*	$NetBSD: kern_sysctl.c,v 1.71 2000/06/13 01:27:00 simonb Exp $	*/
 
 /*-
  * Copyright (c) 1982, 1986, 1989, 1993
@@ -1220,6 +1220,11 @@ again:
 				continue;
 			break;
 
+		case KERN_PROC_SESSION:
+			if (p->p_session->s_sid != (pid_t)arg)
+				continue;
+			break;
+
 		case KERN_PROC_TTY:
 			if (arg == KERN_PROC_TTY_REVOKE) {
 				if ((p->p_flag & P_CONTROLT) == 0 ||
@@ -1243,6 +1248,24 @@ again:
 			if (p->p_cred->p_ruid != (uid_t)arg)
 				continue;
 			break;
+
+		case KERN_PROC_GID:
+			if (p->p_ucred->cr_gid != (uid_t)arg)
+				continue;
+			break;
+
+		case KERN_PROC_RGID:
+			if (p->p_cred->p_rgid != (uid_t)arg)
+				continue;
+			break;
+
+		case KERN_PROC_ALL:
+			/* allow everything */
+			break;
+
+		default:
+			error = EINVAL;
+			goto cleanup;
 		}
 		if (type == KERN_PROC) {
 			if (buflen >= sizeof(struct kinfo_proc)) {

sys/sys/sysctl.h

@@ -1,4 +1,4 @@
-/*	$NetBSD: sysctl.h,v 1.49 2000/06/03 04:15:43 simonb Exp $	*/
+/*	$NetBSD: sysctl.h,v 1.50 2000/06/13 01:27:02 simonb Exp $	*/
 
 /*
  * Copyright (c) 1989, 1993
@@ -60,7 +60,7 @@
  * respective subsystem header files.
  */
 
-#define CTL_MAXNAME	12	/* largest number of components supported */
+#define	CTL_MAXNAME	12	/* largest number of components supported */
 
 /*
  * Each subsystem defined by sysctl defines a list of variables
@@ -95,7 +95,7 @@ struct ctlname {
 #define	CTL_PROC	10		/* per-proc attr */
 #define	CTL_MAXID	11		/* number of valid top-level ids */
 
-#define CTL_NAMES { \
+#define	CTL_NAMES { \
 	{ 0, 0 }, \
 	{ "kern", CTLTYPE_NODE }, \
 	{ "vm", CTLTYPE_NODE }, \
@@ -135,11 +135,11 @@ struct ctlname {
 #define	KERN_BOOTTIME		21	/* struct: time kernel was booted */
 #define	KERN_DOMAINNAME		22	/* string: (YP) domainname */
 #define	KERN_MAXPARTITIONS	23	/* int: number of partitions/disk */
-#define KERN_RAWPARTITION	24	/* int: raw partition number */
+#define	KERN_RAWPARTITION	24	/* int: raw partition number */
 #define	KERN_NTPTIME		25	/* struct: extended-precision time */
 #define	KERN_TIMEX		26	/* struct: ntp timekeeping state */
-#define KERN_AUTONICETIME	27	/* int: proc time before autonice */
-#define KERN_AUTONICEVAL	28	/* int: auto nice value */
+#define	KERN_AUTONICETIME	27	/* int: proc time before autonice */
+#define	KERN_AUTONICEVAL	28	/* int: auto nice value */
 #define	KERN_RTC_OFFSET		29	/* int: offset of rtc from gmt */
 #define	KERN_ROOT_DEVICE	30	/* string: root device */
 #define	KERN_MSGBUFSIZE		31	/* int: max # of chars in msg buffer */
@@ -166,7 +166,7 @@ struct ctlname {
 #define	KERN_SYSVIPC_INFO	52	/* number of valid kern ids */
 #define	KERN_MAXID		53	/* number of valid kern ids */
 
-#define CTL_KERN_NAMES { \
+#define	CTL_KERN_NAMES { \
 	{ 0, 0 }, \
 	{ "ostype", CTLTYPE_STRING }, \
 	{ "osrelease", CTLTYPE_STRING }, \
@@ -225,13 +225,15 @@ struct ctlname {
 /*
  * KERN_PROC subtypes
  */
-#define KERN_PROC_ALL		0	/* everything */
-#define	KERN_PROC_PID		1	/* by process id */
-#define	KERN_PROC_PGRP		2	/* by process group id */
-#define	KERN_PROC_SESSION	3	/* by session of pid */
-#define	KERN_PROC_TTY		4	/* by controlling tty */
-#define	KERN_PROC_UID		5	/* by effective uid */
-#define	KERN_PROC_RUID		6	/* by real uid */
+#define	KERN_PROC_ALL		 0	/* everything */
+#define	KERN_PROC_PID		 1	/* by process id */
+#define	KERN_PROC_PGRP		 2	/* by process group id */
+#define	KERN_PROC_SESSION	 3	/* by session of pid */
+#define	KERN_PROC_TTY		 4	/* by controlling tty */
+#define	KERN_PROC_UID		 5	/* by effective uid */
+#define	KERN_PROC_RUID		 6	/* by real uid */
+#define	KERN_PROC_GID		 7	/* by effective gid */
+#define	KERN_PROC_RGID		 8	/* by real gid */
 
 /*
  * KERN_PROC_TTY sub-subtypes
@@ -427,7 +429,7 @@ struct kinfo_proc2 {
 #define	HW_ALIGNBYTES	11		/* int: ALIGNBYTES for the kernel */
 #define	HW_MAXID	12		/* number of valid hw ids */
 
-#define CTL_HW_NAMES { \
+#define	CTL_HW_NAMES { \
 	{ 0, 0 }, \
 	{ "machine", CTLTYPE_STRING }, \
 	{ "model", CTLTYPE_STRING }, \
@@ -528,13 +530,13 @@ struct kinfo_proc2 {
  * CTL_PROC subtype. Either a PID, or a magic value for the current proc.
  */
 
-#define PROC_CURPROC	(~((u_int)1 << 31))
+#define	PROC_CURPROC	(~((u_int)1 << 31))
 
 /*
  * CTL_PROC tree: either corename (string), or a limit
  * (rlimit.<type>.{hard,soft}, int).
  */
-#define PROC_PID_CORENAME	1
+#define	PROC_PID_CORENAME	1
 #define	PROC_PID_LIMIT		2
 #define	PROC_PID_MAXID		3
 
@@ -545,18 +547,18 @@ struct kinfo_proc2 {
 }
 
 /* Limit types from <sys/resources.h> */
-#define PROC_PID_LIMIT_CPU	(RLIMIT_CPU+1)
-#define PROC_PID_LIMIT_FSIZE	(RLIMIT_FSIZE+1)
-#define PROC_PID_LIMIT_DATA	(RLIMIT_DATA+1)
-#define PROC_PID_LIMIT_STACK	(RLIMIT_STACK+1)
-#define PROC_PID_LIMIT_CORE	(RLIMIT_CORE+1)
-#define PROC_PID_LIMIT_RSS	(RLIMIT_RSS+1)
-#define PROC_PID_LIMIT_MEMLOCK	(RLIMIT_MEMLOCK+1)
+#define	PROC_PID_LIMIT_CPU	(RLIMIT_CPU+1)
+#define	PROC_PID_LIMIT_FSIZE	(RLIMIT_FSIZE+1)
+#define	PROC_PID_LIMIT_DATA	(RLIMIT_DATA+1)
+#define	PROC_PID_LIMIT_STACK	(RLIMIT_STACK+1)
+#define	PROC_PID_LIMIT_CORE	(RLIMIT_CORE+1)
+#define	PROC_PID_LIMIT_RSS	(RLIMIT_RSS+1)
+#define	PROC_PID_LIMIT_MEMLOCK	(RLIMIT_MEMLOCK+1)
 #define PROC_PID_LIMIT_NPROC	(RLIMIT_NPROC+1)
-#define PROC_PID_LIMIT_NOFILE	(RLIMIT_NOFILE+1)
-#define PROC_PID_LIMIT_MAXID 	10
+#define	PROC_PID_LIMIT_NOFILE	(RLIMIT_NOFILE+1)
+#define	PROC_PID_LIMIT_MAXID 	10
 
-#define PROC_PID_LIMIT_NAMES { \
+#define	PROC_PID_LIMIT_NAMES { \
 	{ 0, 0 }, \
 	{ "cputime", CTLTYPE_NODE }, \
 	{ "filesize", CTLTYPE_NODE }, \
@@ -569,11 +571,11 @@ struct kinfo_proc2 {
 	{ "descriptors", CTLTYPE_NODE }, \
 }
 /* for each type, either hard or soft value */
-#define PROC_PID_LIMIT_TYPE_SOFT	1
-#define PROC_PID_LIMIT_TYPE_HARD	2
-#define PROC_PID_LIMIT_TYPE_MAXID	3
+#define	PROC_PID_LIMIT_TYPE_SOFT	1
+#define	PROC_PID_LIMIT_TYPE_HARD	2
+#define	PROC_PID_LIMIT_TYPE_MAXID	3
 
-#define PROC_PID_LIMIT_TYPE_NAMES { \
+#define	PROC_PID_LIMIT_TYPE_NAMES { \
 	{0, 0}, \
 	{ "soft", CTLTYPE_QUAD }, \
 	{ "hard", CTLTYPE_QUAD }, \