Lines Matching refs:cred
105 kauth_cred_t cred;
107 cred = pool_cache_get(kauth_cred_cache, PR_WAITOK);
109 cred->cr_refcnt = 1;
110 cred->cr_uid = 0;
111 cred->cr_euid = 0;
112 cred->cr_svuid = 0;
113 cred->cr_gid = 0;
114 cred->cr_egid = 0;
115 cred->cr_svgid = 0;
116 cred->cr_ngroups = 0;
118 specificdata_init(kauth_domain, &cred->cr_sd);
119 kauth_cred_hook(cred, KAUTH_CRED_INIT, NULL, NULL);
121 return (cred);
124 /* Increment reference count to cred. */
126 kauth_cred_hold(kauth_cred_t cred)
128 KASSERT(cred != NULL);
129 KASSERT(cred != NOCRED);
130 KASSERT(cred != FSCRED);
131 KASSERT(cred->cr_refcnt > 0);
133 atomic_inc_uint(&cred->cr_refcnt);
134 return cred;
137 /* Decrease reference count to cred. If reached zero, free it. */
139 kauth_cred_free(kauth_cred_t cred)
142 KASSERT(cred != NULL);
143 KASSERT(cred != NOCRED);
144 KASSERT(cred != FSCRED);
145 KASSERT(cred->cr_refcnt > 0);
149 if (atomic_dec_uint_nv(&cred->cr_refcnt) > 0)
153 kauth_cred_hook(cred, KAUTH_CRED_FREE, NULL, NULL);
154 specificdata_fini(kauth_domain, &cred->cr_sd);
155 pool_cache_put(kauth_cred_cache, cred);
190 * Duplicate cred and return a new kauth_cred_t.
193 kauth_cred_dup(kauth_cred_t cred)
197 KASSERT(cred != NULL);
198 KASSERT(cred != NOCRED);
199 KASSERT(cred != FSCRED);
200 KASSERT(cred->cr_refcnt > 0);
204 kauth_cred_clone(cred, new_cred);
214 kauth_cred_copy(kauth_cred_t cred)
218 KASSERT(cred != NULL);
219 KASSERT(cred != NOCRED);
220 KASSERT(cred != FSCRED);
221 KASSERT(cred->cr_refcnt > 0);
224 if (cred->cr_refcnt == 1)
225 return (cred);
229 kauth_cred_clone(cred, new_cred);
231 kauth_cred_free(cred);
250 kauth_proc_chroot(kauth_cred_t cred, struct cwdinfo *cwdi)
252 kauth_cred_hook(cred, KAUTH_CRED_CHROOT, cwdi, NULL);
256 kauth_cred_getuid(kauth_cred_t cred)
258 KASSERT(cred != NULL);
259 KASSERT(cred != NOCRED);
260 KASSERT(cred != FSCRED);
262 return (cred->cr_uid);
266 kauth_cred_geteuid(kauth_cred_t cred)
268 KASSERT(cred != NULL);
269 KASSERT(cred != NOCRED);
270 KASSERT(cred != FSCRED);
272 return (cred->cr_euid);
276 kauth_cred_getsvuid(kauth_cred_t cred)
278 KASSERT(cred != NULL);
279 KASSERT(cred != NOCRED);
280 KASSERT(cred != FSCRED);
282 return (cred->cr_svuid);
286 kauth_cred_getgid(kauth_cred_t cred)
288 KASSERT(cred != NULL);
289 KASSERT(cred != NOCRED);
290 KASSERT(cred != FSCRED);
292 return (cred->cr_gid);
296 kauth_cred_getegid(kauth_cred_t cred)
298 KASSERT(cred != NULL);
299 KASSERT(cred != NOCRED);
300 KASSERT(cred != FSCRED);
302 return (cred->cr_egid);
306 kauth_cred_getsvgid(kauth_cred_t cred)
308 KASSERT(cred != NULL);
309 KASSERT(cred != NOCRED);
310 KASSERT(cred != FSCRED);
312 return (cred->cr_svgid);
316 kauth_cred_setuid(kauth_cred_t cred, uid_t uid)
318 KASSERT(cred != NULL);
319 KASSERT(cred != NOCRED);
320 KASSERT(cred != FSCRED);
321 KASSERT(cred->cr_refcnt == 1);
323 cred->cr_uid = uid;
327 kauth_cred_seteuid(kauth_cred_t cred, uid_t uid)
329 KASSERT(cred != NULL);
330 KASSERT(cred != NOCRED);
331 KASSERT(cred != FSCRED);
332 KASSERT(cred->cr_refcnt == 1);
334 cred->cr_euid = uid;
338 kauth_cred_setsvuid(kauth_cred_t cred, uid_t uid)
340 KASSERT(cred != NULL);
341 KASSERT(cred != NOCRED);
342 KASSERT(cred != FSCRED);
343 KASSERT(cred->cr_refcnt == 1);
345 cred->cr_svuid = uid;
349 kauth_cred_setgid(kauth_cred_t cred, gid_t gid)
351 KASSERT(cred != NULL);
352 KASSERT(cred != NOCRED);
353 KASSERT(cred != FSCRED);
354 KASSERT(cred->cr_refcnt == 1);
356 cred->cr_gid = gid;
360 kauth_cred_setegid(kauth_cred_t cred, gid_t gid)
362 KASSERT(cred != NULL);
363 KASSERT(cred != NOCRED);
364 KASSERT(cred != FSCRED);
365 KASSERT(cred->cr_refcnt == 1);
367 cred->cr_egid = gid;
371 kauth_cred_setsvgid(kauth_cred_t cred, gid_t gid)
373 KASSERT(cred != NULL);
374 KASSERT(cred != NOCRED);
375 KASSERT(cred != FSCRED);
376 KASSERT(cred->cr_refcnt == 1);
378 cred->cr_svgid = gid;
381 /* Checks if gid is a member of the groups in cred. */
383 kauth_cred_ismember_gid(kauth_cred_t cred, gid_t gid, int *resultp)
387 KASSERT(cred != NULL);
388 KASSERT(cred != NOCRED);
389 KASSERT(cred != FSCRED);
394 for (i = 0; i < cred->cr_ngroups; i++)
395 if (cred->cr_groups[i] == gid) {
404 kauth_cred_groupmember(kauth_cred_t cred, gid_t gid)
408 KASSERT(cred != NULL);
409 KASSERT(cred != NOCRED);
410 KASSERT(cred != FSCRED);
412 if (kauth_cred_getegid(cred) == gid)
415 error = kauth_cred_ismember_gid(cred, gid, &ismember);
423 kauth_cred_ngroups(kauth_cred_t cred)
425 KASSERT(cred != NULL);
426 KASSERT(cred != NOCRED);
427 KASSERT(cred != FSCRED);
429 return (cred->cr_ngroups);
433 * Return the group at index idx from the groups in cred.
436 kauth_cred_group(kauth_cred_t cred, u_int idx)
438 KASSERT(cred != NULL);
439 KASSERT(cred != NOCRED);
440 KASSERT(cred != FSCRED);
441 KASSERT(idx < cred->cr_ngroups);
443 return (cred->cr_groups[idx]);
448 kauth_cred_setgroups(kauth_cred_t cred, const gid_t *grbuf, size_t len,
453 KASSERT(cred != NULL);
454 KASSERT(cred != NOCRED);
455 KASSERT(cred != FSCRED);
456 KASSERT(cred->cr_refcnt == 1);
458 if (len > __arraycount(cred->cr_groups))
463 memcpy(cred->cr_groups, grbuf,
464 len * sizeof(cred->cr_groups[0]));
466 error = copyin(grbuf, cred->cr_groups,
467 len * sizeof(cred->cr_groups[0]));
472 memset(cred->cr_groups + len, 0xff,
473 sizeof(cred->cr_groups) - (len * sizeof(cred->cr_groups[0])));
475 cred->cr_ngroups = len;
484 kauth_cred_t cred;
494 cred = l->l_proc->p_cred;
496 kauth_cred_clone1(cred, ncred, false);
498 error = kauth_authorize_process(cred, KAUTH_PROCESS_SETID,
501 proc_crmod_leave(cred, ncred, false);
506 proc_crmod_leave(ncred, cred, true);
511 kauth_cred_getgroups(kauth_cred_t cred, gid_t *grbuf, size_t len,
514 KASSERT(cred != NULL);
516 if (len > cred->cr_ngroups)
520 return copyout(cred->cr_groups, grbuf, sizeof(*grbuf) * len);
521 memcpy(grbuf, cred->cr_groups, sizeof(*grbuf) * len);
560 kauth_cred_getdata(kauth_cred_t cred, kauth_key_t key)
562 KASSERT(cred != NULL);
563 KASSERT(cred != NOCRED);
564 KASSERT(cred != FSCRED);
567 return (specificdata_getspecific(kauth_domain, &cred->cr_sd,
572 kauth_cred_setdata(kauth_cred_t cred, kauth_key_t key, void *data)
574 KASSERT(cred != NULL);
575 KASSERT(cred != NOCRED);
576 KASSERT(cred != FSCRED);
579 specificdata_setspecific(kauth_domain, &cred->cr_sd, key->ks_key, data);
605 kauth_cred_getrefcnt(kauth_cred_t cred)
607 KASSERT(cred != NULL);
608 KASSERT(cred != NOCRED);
609 KASSERT(cred != FSCRED);
611 return (cred->cr_refcnt);
619 kauth_uucred_to_cred(kauth_cred_t cred, const struct uucred *uuc)
621 KASSERT(cred != NULL);
622 KASSERT(cred != NOCRED);
623 KASSERT(cred != FSCRED);
626 cred->cr_refcnt = 1;
627 cred->cr_uid = uuc->cr_uid;
628 cred->cr_euid = uuc->cr_uid;
629 cred->cr_svuid = uuc->cr_uid;
630 cred->cr_gid = uuc->cr_gid;
631 cred->cr_egid = uuc->cr_gid;
632 cred->cr_svgid = uuc->cr_gid;
633 cred->cr_ngroups = uimin(uuc->cr_ngroups, NGROUPS);
634 kauth_cred_setgroups(cred, __UNCONST(uuc->cr_groups),
635 cred->cr_ngroups, -1, UIO_SYSSPACE);
643 kauth_cred_to_uucred(struct uucred *uuc, const kauth_cred_t cred)
645 KASSERT(cred != NULL);
646 KASSERT(cred != NOCRED);
647 KASSERT(cred != FSCRED);
651 ng = uimin(cred->cr_ngroups, NGROUPS);
652 uuc->cr_uid = cred->cr_euid;
653 uuc->cr_gid = cred->cr_egid;
655 kauth_cred_getgroups(cred, uuc->cr_groups, ng, UIO_SYSSPACE);
663 kauth_cred_uucmp(kauth_cred_t cred, const struct uucred *uuc)
665 KASSERT(cred != NULL);
666 KASSERT(cred != NOCRED);
667 KASSERT(cred != FSCRED);
670 if (cred->cr_euid == uuc->cr_uid &&
671 cred->cr_egid == uuc->cr_gid &&
672 cred->cr_ngroups == (uint32_t)uuc->cr_ngroups) {
675 /* Check if all groups from uuc appear in cred. */
680 if (kauth_cred_ismember_gid(cred, uuc->cr_groups[i],
695 kauth_cred_toucred(kauth_cred_t cred, struct ki_ucred *uc)
697 KASSERT(cred != NULL);
698 KASSERT(cred != NOCRED);
699 KASSERT(cred != FSCRED);
702 uc->cr_ref = cred->cr_refcnt;
703 uc->cr_uid = cred->cr_euid;
704 uc->cr_gid = cred->cr_egid;
705 uc->cr_ngroups = uimin(cred->cr_ngroups, __arraycount(uc->cr_groups));
706 memcpy(uc->cr_groups, cred->cr_groups,
714 kauth_cred_topcred(kauth_cred_t cred, struct ki_pcred *pc)
716 KASSERT(cred != NULL);
717 KASSERT(cred != NOCRED);
718 KASSERT(cred != FSCRED);
722 pc->p_ruid = cred->cr_uid;
723 pc->p_svuid = cred->cr_svuid;
724 pc->p_rgid = cred->cr_gid;
725 pc->p_svgid = cred->cr_svgid;
726 pc->p_refcnt = cred->cr_refcnt;
969 kauth_authorize_action_internal(kauth_scope_t scope, kauth_cred_t cred,
975 KASSERT(cred != NULL);
979 if (cred == NOCRED || cred == FSCRED)
989 error = listener->func(cred, action, scope->cookie, arg0,
1009 kauth_authorize_action(kauth_scope_t scope, kauth_cred_t cred,
1014 r = kauth_authorize_action_internal(scope, cred, action, arg0, arg1,
1033 kauth_authorize_generic(kauth_cred_t cred, kauth_action_t action, void *arg0)
1035 return (kauth_authorize_action(kauth_builtin_scope_generic, cred,
1043 kauth_authorize_system(kauth_cred_t cred, kauth_action_t action,
1046 return (kauth_authorize_action(kauth_builtin_scope_system, cred,
1054 kauth_authorize_process(kauth_cred_t cred, kauth_action_t action,
1057 return (kauth_authorize_action(kauth_builtin_scope_process, cred,
1065 kauth_authorize_network(kauth_cred_t cred, kauth_action_t action,
1068 return (kauth_authorize_action(kauth_builtin_scope_network, cred,
1073 kauth_authorize_machdep(kauth_cred_t cred, kauth_action_t action,
1076 return (kauth_authorize_action(kauth_builtin_scope_machdep, cred,
1081 kauth_authorize_device(kauth_cred_t cred, kauth_action_t action,
1084 return (kauth_authorize_action(kauth_builtin_scope_device, cred,
1089 kauth_authorize_device_tty(kauth_cred_t cred, kauth_action_t action,
1092 return (kauth_authorize_action(kauth_builtin_scope_device, cred,
1097 kauth_authorize_device_spec(kauth_cred_t cred, enum kauth_device_req req,
1100 return (kauth_authorize_action(kauth_builtin_scope_device, cred,
1105 kauth_authorize_device_passthru(kauth_cred_t cred, dev_t dev, u_long bits,
1108 return (kauth_authorize_action(kauth_builtin_scope_device, cred,
1143 kauth_authorize_vnode(kauth_cred_t cred, kauth_action_t action,
1148 error = kauth_authorize_action_internal(kauth_builtin_scope_vnode, cred,
1170 kauth_cred_hook(kauth_cred_t cred, kauth_action_t action, void *arg0,
1175 r = kauth_authorize_action(kauth_builtin_scope_cred, cred, action,
Indexes created Thu Oct 23 22:10:10 GMT 2025