kern_auth.c revision 1.71
1 1.71 cheusov /* $NetBSD: kern_auth.c,v 1.71 2012/06/27 12:28:28 cheusov Exp $ */ 2 1.2 elad 3 1.2 elad /*- 4 1.2 elad * Copyright (c) 2005, 2006 Elad Efrat <elad (at) NetBSD.org> 5 1.2 elad * All rights reserved. 6 1.2 elad * 7 1.2 elad * Redistribution and use in source and binary forms, with or without 8 1.2 elad * modification, are permitted provided that the following conditions 9 1.2 elad * are met: 10 1.2 elad * 1. Redistributions of source code must retain the above copyright 11 1.2 elad * notice, this list of conditions and the following disclaimer. 12 1.2 elad * 2. Redistributions in binary form must reproduce the above copyright 13 1.2 elad * notice, this list of conditions and the following disclaimer in the 14 1.2 elad * documentation and/or other materials provided with the distribution. 15 1.37 elad * 3. The name of the author may not be used to endorse or promote products 16 1.2 elad * derived from this software without specific prior written permission. 17 1.2 elad * 18 1.2 elad * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 19 1.2 elad * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 20 1.2 elad * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 1.2 elad * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 1.2 elad * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 23 1.2 elad * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 1.2 elad * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 1.2 elad * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 1.2 elad * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 27 1.2 elad * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 1.2 elad */ 29 1.2 elad 30 1.20 elad #include <sys/cdefs.h> 31 1.71 cheusov __KERNEL_RCSID(0, "$NetBSD: kern_auth.c,v 1.71 2012/06/27 12:28:28 cheusov Exp $"); 32 1.20 elad 33 1.46 christos #include <sys/types.h> 34 1.2 elad #include <sys/param.h> 35 1.2 elad #include <sys/queue.h> 36 1.2 elad #include <sys/proc.h> 37 1.2 elad #include <sys/ucred.h> 38 1.2 elad #include <sys/pool.h> 39 1.2 elad #include <sys/kauth.h> 40 1.34 ad #include <sys/kmem.h> 41 1.44 ad #include <sys/rwlock.h> 42 1.65 elad #include <sys/sysctl.h> 43 1.55 ad #include <sys/atomic.h> 44 1.46 christos #include <sys/specificdata.h> 45 1.64 elad #include <sys/vnode.h> 46 1.41 elad 47 1.66 jym #include <secmodel/secmodel.h> 48 1.66 jym 49 1.41 elad /* 50 1.41 elad * Secmodel-specific credentials. 51 1.41 elad */ 52 1.41 elad struct kauth_key { 53 1.66 jym secmodel_t ks_secmodel; /* secmodel */ 54 1.41 elad specificdata_key_t ks_key; /* key */ 55 1.41 elad }; 56 1.2 elad 57 1.46 christos /* 58 1.46 christos * Credentials. 59 1.46 christos * 60 1.46 christos * A subset of this structure is used in kvm(3) (src/lib/libkvm/kvm_proc.c) 61 1.46 christos * and should be synchronized with this structure when the update is 62 1.46 christos * relevant. 63 1.46 christos */ 64 1.46 christos struct kauth_cred { 65 1.53 ad /* 66 1.53 ad * Ensure that the first part of the credential resides in its own 67 1.53 ad * cache line. Due to sharing there aren't many kauth_creds in a 68 1.53 ad * typical system, but the reference counts change very often. 69 1.69 cheusov * Keeping it separate from the rest of the data prevents false 70 1.53 ad * sharing between CPUs. 71 1.53 ad */ 72 1.46 christos u_int cr_refcnt; /* reference count */ 73 1.58 ad #if COHERENCY_UNIT > 4 74 1.58 ad uint8_t cr_pad[COHERENCY_UNIT - 4]; 75 1.58 ad #endif 76 1.55 ad uid_t cr_uid; /* user id */ 77 1.46 christos uid_t cr_euid; /* effective user id */ 78 1.46 christos uid_t cr_svuid; /* saved effective user id */ 79 1.46 christos gid_t cr_gid; /* group id */ 80 1.46 christos gid_t cr_egid; /* effective group id */ 81 1.46 christos gid_t cr_svgid; /* saved effective group id */ 82 1.46 christos u_int cr_ngroups; /* number of groups */ 83 1.46 christos gid_t cr_groups[NGROUPS]; /* group memberships */ 84 1.46 christos specificdata_reference cr_sd; /* specific data */ 85 1.46 christos }; 86 1.46 christos 87 1.2 elad /* 88 1.2 elad * Listener. 89 1.2 elad */ 90 1.2 elad struct kauth_listener { 91 1.2 elad kauth_scope_callback_t func; /* callback */ 92 1.2 elad kauth_scope_t scope; /* scope backpointer */ 93 1.11 ad u_int refcnt; /* reference count */ 94 1.2 elad SIMPLEQ_ENTRY(kauth_listener) listener_next; /* listener list */ 95 1.2 elad }; 96 1.2 elad 97 1.2 elad /* 98 1.2 elad * Scope. 99 1.2 elad */ 100 1.2 elad struct kauth_scope { 101 1.2 elad const char *id; /* scope name */ 102 1.2 elad void *cookie; /* user cookie */ 103 1.11 ad u_int nlisteners; /* # of listeners */ 104 1.2 elad SIMPLEQ_HEAD(, kauth_listener) listenq; /* listener list */ 105 1.2 elad SIMPLEQ_ENTRY(kauth_scope) next_scope; /* scope list */ 106 1.2 elad }; 107 1.2 elad 108 1.41 elad static int kauth_cred_hook(kauth_cred_t, kauth_action_t, void *, void *); 109 1.2 elad 110 1.2 elad /* List of scopes and its lock. */ 111 1.54 matt static SIMPLEQ_HEAD(, kauth_scope) scope_list = 112 1.54 matt SIMPLEQ_HEAD_INITIALIZER(scope_list); 113 1.2 elad 114 1.2 elad /* Built-in scopes: generic, process. */ 115 1.2 elad static kauth_scope_t kauth_builtin_scope_generic; 116 1.19 elad static kauth_scope_t kauth_builtin_scope_system; 117 1.2 elad static kauth_scope_t kauth_builtin_scope_process; 118 1.19 elad static kauth_scope_t kauth_builtin_scope_network; 119 1.19 elad static kauth_scope_t kauth_builtin_scope_machdep; 120 1.25 elad static kauth_scope_t kauth_builtin_scope_device; 121 1.41 elad static kauth_scope_t kauth_builtin_scope_cred; 122 1.64 elad static kauth_scope_t kauth_builtin_scope_vnode; 123 1.2 elad 124 1.41 elad static specificdata_domain_t kauth_domain; 125 1.53 ad static pool_cache_t kauth_cred_cache; 126 1.65 elad 127 1.44 ad krwlock_t kauth_lock; 128 1.41 elad 129 1.2 elad /* Allocate new, empty kauth credentials. */ 130 1.2 elad kauth_cred_t 131 1.3 yamt kauth_cred_alloc(void) 132 1.3 yamt { 133 1.2 elad kauth_cred_t cred; 134 1.2 elad 135 1.53 ad cred = pool_cache_get(kauth_cred_cache, PR_WAITOK); 136 1.53 ad 137 1.2 elad cred->cr_refcnt = 1; 138 1.53 ad cred->cr_uid = 0; 139 1.53 ad cred->cr_euid = 0; 140 1.53 ad cred->cr_svuid = 0; 141 1.53 ad cred->cr_gid = 0; 142 1.53 ad cred->cr_egid = 0; 143 1.53 ad cred->cr_svgid = 0; 144 1.53 ad cred->cr_ngroups = 0; 145 1.53 ad 146 1.41 elad specificdata_init(kauth_domain, &cred->cr_sd); 147 1.41 elad kauth_cred_hook(cred, KAUTH_CRED_INIT, NULL, NULL); 148 1.2 elad 149 1.2 elad return (cred); 150 1.2 elad } 151 1.2 elad 152 1.2 elad /* Increment reference count to cred. */ 153 1.2 elad void 154 1.2 elad kauth_cred_hold(kauth_cred_t cred) 155 1.2 elad { 156 1.2 elad KASSERT(cred != NULL); 157 1.11 ad KASSERT(cred->cr_refcnt > 0); 158 1.2 elad 159 1.70 cheusov atomic_inc_uint(&cred->cr_refcnt); 160 1.2 elad } 161 1.2 elad 162 1.2 elad /* Decrease reference count to cred. If reached zero, free it. */ 163 1.2 elad void 164 1.3 yamt kauth_cred_free(kauth_cred_t cred) 165 1.3 yamt { 166 1.11 ad 167 1.2 elad KASSERT(cred != NULL); 168 1.11 ad KASSERT(cred->cr_refcnt > 0); 169 1.63 yamt ASSERT_SLEEPABLE(); 170 1.2 elad 171 1.56 ad if (atomic_dec_uint_nv(&cred->cr_refcnt) > 0) 172 1.55 ad return; 173 1.55 ad 174 1.55 ad kauth_cred_hook(cred, KAUTH_CRED_FREE, NULL, NULL); 175 1.55 ad specificdata_fini(kauth_domain, &cred->cr_sd); 176 1.55 ad pool_cache_put(kauth_cred_cache, cred); 177 1.2 elad } 178 1.2 elad 179 1.49 dsl static void 180 1.48 dsl kauth_cred_clone1(kauth_cred_t from, kauth_cred_t to, bool copy_groups) 181 1.48 dsl { 182 1.2 elad KASSERT(from != NULL); 183 1.2 elad KASSERT(to != NULL); 184 1.11 ad KASSERT(from->cr_refcnt > 0); 185 1.2 elad 186 1.2 elad to->cr_uid = from->cr_uid; 187 1.2 elad to->cr_euid = from->cr_euid; 188 1.2 elad to->cr_svuid = from->cr_svuid; 189 1.2 elad to->cr_gid = from->cr_gid; 190 1.2 elad to->cr_egid = from->cr_egid; 191 1.2 elad to->cr_svgid = from->cr_svgid; 192 1.48 dsl if (copy_groups) { 193 1.48 dsl to->cr_ngroups = from->cr_ngroups; 194 1.48 dsl memcpy(to->cr_groups, from->cr_groups, sizeof(to->cr_groups)); 195 1.48 dsl } 196 1.41 elad 197 1.41 elad kauth_cred_hook(from, KAUTH_CRED_COPY, to, NULL); 198 1.2 elad } 199 1.2 elad 200 1.49 dsl void 201 1.49 dsl kauth_cred_clone(kauth_cred_t from, kauth_cred_t to) 202 1.49 dsl { 203 1.49 dsl kauth_cred_clone1(from, to, true); 204 1.49 dsl } 205 1.49 dsl 206 1.2 elad /* 207 1.2 elad * Duplicate cred and return a new kauth_cred_t. 208 1.2 elad */ 209 1.2 elad kauth_cred_t 210 1.2 elad kauth_cred_dup(kauth_cred_t cred) 211 1.2 elad { 212 1.2 elad kauth_cred_t new_cred; 213 1.2 elad 214 1.2 elad KASSERT(cred != NULL); 215 1.11 ad KASSERT(cred->cr_refcnt > 0); 216 1.2 elad 217 1.2 elad new_cred = kauth_cred_alloc(); 218 1.2 elad 219 1.2 elad kauth_cred_clone(cred, new_cred); 220 1.2 elad 221 1.2 elad return (new_cred); 222 1.2 elad } 223 1.2 elad 224 1.2 elad /* 225 1.2 elad * Similar to crcopy(), only on a kauth_cred_t. 226 1.2 elad * XXX: Is this even needed? [kauth_cred_copy] 227 1.2 elad */ 228 1.2 elad kauth_cred_t 229 1.2 elad kauth_cred_copy(kauth_cred_t cred) 230 1.2 elad { 231 1.2 elad kauth_cred_t new_cred; 232 1.2 elad 233 1.2 elad KASSERT(cred != NULL); 234 1.11 ad KASSERT(cred->cr_refcnt > 0); 235 1.2 elad 236 1.2 elad /* If the provided credentials already have one reference, use them. */ 237 1.2 elad if (cred->cr_refcnt == 1) 238 1.2 elad return (cred); 239 1.2 elad 240 1.2 elad new_cred = kauth_cred_alloc(); 241 1.2 elad 242 1.2 elad kauth_cred_clone(cred, new_cred); 243 1.2 elad 244 1.2 elad kauth_cred_free(cred); 245 1.2 elad 246 1.2 elad return (new_cred); 247 1.2 elad } 248 1.2 elad 249 1.38 elad void 250 1.38 elad kauth_proc_fork(struct proc *parent, struct proc *child) 251 1.38 elad { 252 1.44 ad 253 1.59 ad mutex_enter(parent->p_lock); 254 1.38 elad kauth_cred_hold(parent->p_cred); 255 1.38 elad child->p_cred = parent->p_cred; 256 1.59 ad mutex_exit(parent->p_lock); 257 1.41 elad 258 1.44 ad /* XXX: relies on parent process stalling during fork() */ 259 1.41 elad kauth_cred_hook(parent->p_cred, KAUTH_CRED_FORK, parent, 260 1.41 elad child); 261 1.38 elad } 262 1.38 elad 263 1.71 cheusov void 264 1.71 cheusov kauth_proc_chroot(kauth_cred_t cred, struct cwdinfo *cwdi) 265 1.71 cheusov { 266 1.71 cheusov kauth_cred_hook(cred, KAUTH_CRED_CHROOT, cwdi, NULL); 267 1.71 cheusov } 268 1.71 cheusov 269 1.2 elad uid_t 270 1.2 elad kauth_cred_getuid(kauth_cred_t cred) 271 1.2 elad { 272 1.2 elad KASSERT(cred != NULL); 273 1.2 elad 274 1.2 elad return (cred->cr_uid); 275 1.2 elad } 276 1.2 elad 277 1.2 elad uid_t 278 1.2 elad kauth_cred_geteuid(kauth_cred_t cred) 279 1.2 elad { 280 1.2 elad KASSERT(cred != NULL); 281 1.2 elad 282 1.2 elad return (cred->cr_euid); 283 1.2 elad } 284 1.2 elad 285 1.2 elad uid_t 286 1.2 elad kauth_cred_getsvuid(kauth_cred_t cred) 287 1.2 elad { 288 1.2 elad KASSERT(cred != NULL); 289 1.2 elad 290 1.2 elad return (cred->cr_svuid); 291 1.2 elad } 292 1.2 elad 293 1.2 elad gid_t 294 1.2 elad kauth_cred_getgid(kauth_cred_t cred) 295 1.2 elad { 296 1.2 elad KASSERT(cred != NULL); 297 1.2 elad 298 1.2 elad return (cred->cr_gid); 299 1.2 elad } 300 1.2 elad 301 1.2 elad gid_t 302 1.2 elad kauth_cred_getegid(kauth_cred_t cred) 303 1.2 elad { 304 1.2 elad KASSERT(cred != NULL); 305 1.2 elad 306 1.2 elad return (cred->cr_egid); 307 1.2 elad } 308 1.2 elad 309 1.2 elad gid_t 310 1.2 elad kauth_cred_getsvgid(kauth_cred_t cred) 311 1.2 elad { 312 1.2 elad KASSERT(cred != NULL); 313 1.2 elad 314 1.2 elad return (cred->cr_svgid); 315 1.2 elad } 316 1.2 elad 317 1.2 elad void 318 1.2 elad kauth_cred_setuid(kauth_cred_t cred, uid_t uid) 319 1.2 elad { 320 1.2 elad KASSERT(cred != NULL); 321 1.11 ad KASSERT(cred->cr_refcnt == 1); 322 1.2 elad 323 1.2 elad cred->cr_uid = uid; 324 1.2 elad } 325 1.2 elad 326 1.2 elad void 327 1.2 elad kauth_cred_seteuid(kauth_cred_t cred, uid_t uid) 328 1.2 elad { 329 1.2 elad KASSERT(cred != NULL); 330 1.11 ad KASSERT(cred->cr_refcnt == 1); 331 1.2 elad 332 1.2 elad cred->cr_euid = uid; 333 1.2 elad } 334 1.2 elad 335 1.2 elad void 336 1.2 elad kauth_cred_setsvuid(kauth_cred_t cred, uid_t uid) 337 1.2 elad { 338 1.2 elad KASSERT(cred != NULL); 339 1.11 ad KASSERT(cred->cr_refcnt == 1); 340 1.2 elad 341 1.2 elad cred->cr_svuid = uid; 342 1.2 elad } 343 1.2 elad 344 1.2 elad void 345 1.2 elad kauth_cred_setgid(kauth_cred_t cred, gid_t gid) 346 1.2 elad { 347 1.2 elad KASSERT(cred != NULL); 348 1.11 ad KASSERT(cred->cr_refcnt == 1); 349 1.2 elad 350 1.2 elad cred->cr_gid = gid; 351 1.2 elad } 352 1.2 elad 353 1.2 elad void 354 1.2 elad kauth_cred_setegid(kauth_cred_t cred, gid_t gid) 355 1.2 elad { 356 1.2 elad KASSERT(cred != NULL); 357 1.11 ad KASSERT(cred->cr_refcnt == 1); 358 1.2 elad 359 1.2 elad cred->cr_egid = gid; 360 1.2 elad } 361 1.2 elad 362 1.2 elad void 363 1.2 elad kauth_cred_setsvgid(kauth_cred_t cred, gid_t gid) 364 1.2 elad { 365 1.2 elad KASSERT(cred != NULL); 366 1.11 ad KASSERT(cred->cr_refcnt == 1); 367 1.2 elad 368 1.2 elad cred->cr_svgid = gid; 369 1.2 elad } 370 1.2 elad 371 1.2 elad /* Checks if gid is a member of the groups in cred. */ 372 1.2 elad int 373 1.2 elad kauth_cred_ismember_gid(kauth_cred_t cred, gid_t gid, int *resultp) 374 1.2 elad { 375 1.62 lukem uint32_t i; 376 1.2 elad 377 1.2 elad KASSERT(cred != NULL); 378 1.2 elad KASSERT(resultp != NULL); 379 1.2 elad 380 1.2 elad *resultp = 0; 381 1.2 elad 382 1.2 elad for (i = 0; i < cred->cr_ngroups; i++) 383 1.2 elad if (cred->cr_groups[i] == gid) { 384 1.2 elad *resultp = 1; 385 1.2 elad break; 386 1.2 elad } 387 1.2 elad 388 1.2 elad return (0); 389 1.2 elad } 390 1.2 elad 391 1.11 ad u_int 392 1.2 elad kauth_cred_ngroups(kauth_cred_t cred) 393 1.2 elad { 394 1.2 elad KASSERT(cred != NULL); 395 1.2 elad 396 1.2 elad return (cred->cr_ngroups); 397 1.2 elad } 398 1.2 elad 399 1.2 elad /* 400 1.2 elad * Return the group at index idx from the groups in cred. 401 1.2 elad */ 402 1.2 elad gid_t 403 1.11 ad kauth_cred_group(kauth_cred_t cred, u_int idx) 404 1.2 elad { 405 1.2 elad KASSERT(cred != NULL); 406 1.2 elad KASSERT(idx < cred->cr_ngroups); 407 1.2 elad 408 1.2 elad return (cred->cr_groups[idx]); 409 1.2 elad } 410 1.2 elad 411 1.2 elad /* XXX elad: gmuid is unused for now. */ 412 1.2 elad int 413 1.49 dsl kauth_cred_setgroups(kauth_cred_t cred, const gid_t *grbuf, size_t len, 414 1.52 yamt uid_t gmuid, enum uio_seg seg) 415 1.2 elad { 416 1.49 dsl int error = 0; 417 1.49 dsl 418 1.2 elad KASSERT(cred != NULL); 419 1.11 ad KASSERT(cred->cr_refcnt == 1); 420 1.2 elad 421 1.61 matt if (len > __arraycount(cred->cr_groups)) 422 1.49 dsl return EINVAL; 423 1.49 dsl 424 1.49 dsl if (len) { 425 1.52 yamt if (seg == UIO_SYSSPACE) { 426 1.49 dsl memcpy(cred->cr_groups, grbuf, 427 1.49 dsl len * sizeof(cred->cr_groups[0])); 428 1.52 yamt } else { 429 1.49 dsl error = copyin(grbuf, cred->cr_groups, 430 1.49 dsl len * sizeof(cred->cr_groups[0])); 431 1.49 dsl if (error != 0) 432 1.49 dsl len = 0; 433 1.49 dsl } 434 1.49 dsl } 435 1.2 elad memset(cred->cr_groups + len, 0xff, 436 1.2 elad sizeof(cred->cr_groups) - (len * sizeof(cred->cr_groups[0]))); 437 1.2 elad 438 1.2 elad cred->cr_ngroups = len; 439 1.2 elad 440 1.49 dsl return error; 441 1.48 dsl } 442 1.48 dsl 443 1.49 dsl /* This supports sys_setgroups() */ 444 1.48 dsl int 445 1.48 dsl kauth_proc_setgroups(struct lwp *l, kauth_cred_t ncred) 446 1.48 dsl { 447 1.48 dsl kauth_cred_t cred; 448 1.48 dsl int error; 449 1.48 dsl 450 1.48 dsl /* 451 1.48 dsl * At this point we could delete duplicate groups from ncred, 452 1.48 dsl * and plausibly sort the list - but in general the later is 453 1.48 dsl * a bad idea. 454 1.48 dsl */ 455 1.48 dsl proc_crmod_enter(); 456 1.48 dsl /* Maybe we should use curproc here ? */ 457 1.48 dsl cred = l->l_proc->p_cred; 458 1.48 dsl 459 1.48 dsl kauth_cred_clone1(cred, ncred, false); 460 1.48 dsl 461 1.48 dsl error = kauth_authorize_process(cred, KAUTH_PROCESS_SETID, 462 1.48 dsl l->l_proc, NULL, NULL, NULL); 463 1.48 dsl if (error != 0) { 464 1.48 dsl proc_crmod_leave(cred, ncred, false); 465 1.48 dsl return error; 466 1.48 dsl } 467 1.48 dsl 468 1.48 dsl /* Broadcast our credentials to the process and other LWPs. */ 469 1.48 dsl proc_crmod_leave(ncred, cred, true); 470 1.48 dsl return 0; 471 1.48 dsl } 472 1.48 dsl 473 1.2 elad int 474 1.49 dsl kauth_cred_getgroups(kauth_cred_t cred, gid_t *grbuf, size_t len, 475 1.52 yamt enum uio_seg seg) 476 1.2 elad { 477 1.2 elad KASSERT(cred != NULL); 478 1.2 elad 479 1.49 dsl if (len > cred->cr_ngroups) 480 1.49 dsl return EINVAL; 481 1.49 dsl 482 1.52 yamt if (seg == UIO_USERSPACE) 483 1.49 dsl return copyout(cred->cr_groups, grbuf, sizeof(*grbuf) * len); 484 1.2 elad memcpy(grbuf, cred->cr_groups, sizeof(*grbuf) * len); 485 1.2 elad 486 1.49 dsl return 0; 487 1.48 dsl } 488 1.48 dsl 489 1.41 elad int 490 1.66 jym kauth_register_key(secmodel_t secmodel, kauth_key_t *result) 491 1.41 elad { 492 1.41 elad kauth_key_t k; 493 1.41 elad specificdata_key_t key; 494 1.41 elad int error; 495 1.41 elad 496 1.41 elad KASSERT(result != NULL); 497 1.41 elad 498 1.41 elad error = specificdata_key_create(kauth_domain, &key, NULL); 499 1.41 elad if (error) 500 1.41 elad return (error); 501 1.41 elad 502 1.41 elad k = kmem_alloc(sizeof(*k), KM_SLEEP); 503 1.41 elad k->ks_secmodel = secmodel; 504 1.41 elad k->ks_key = key; 505 1.41 elad 506 1.41 elad *result = k; 507 1.41 elad 508 1.41 elad return (0); 509 1.41 elad } 510 1.41 elad 511 1.41 elad int 512 1.41 elad kauth_deregister_key(kauth_key_t key) 513 1.41 elad { 514 1.41 elad KASSERT(key != NULL); 515 1.41 elad 516 1.41 elad specificdata_key_delete(kauth_domain, key->ks_key); 517 1.41 elad kmem_free(key, sizeof(*key)); 518 1.41 elad 519 1.41 elad return (0); 520 1.41 elad } 521 1.41 elad 522 1.41 elad void * 523 1.41 elad kauth_cred_getdata(kauth_cred_t cred, kauth_key_t key) 524 1.41 elad { 525 1.41 elad KASSERT(cred != NULL); 526 1.41 elad KASSERT(key != NULL); 527 1.41 elad 528 1.41 elad return (specificdata_getspecific(kauth_domain, &cred->cr_sd, 529 1.41 elad key->ks_key)); 530 1.41 elad } 531 1.41 elad 532 1.41 elad void 533 1.41 elad kauth_cred_setdata(kauth_cred_t cred, kauth_key_t key, void *data) 534 1.41 elad { 535 1.41 elad KASSERT(cred != NULL); 536 1.41 elad KASSERT(key != NULL); 537 1.41 elad 538 1.41 elad specificdata_setspecific(kauth_domain, &cred->cr_sd, key->ks_key, data); 539 1.41 elad } 540 1.41 elad 541 1.2 elad /* 542 1.19 elad * Match uids in two credentials. 543 1.2 elad */ 544 1.19 elad int 545 1.2 elad kauth_cred_uidmatch(kauth_cred_t cred1, kauth_cred_t cred2) 546 1.2 elad { 547 1.2 elad KASSERT(cred1 != NULL); 548 1.2 elad KASSERT(cred2 != NULL); 549 1.2 elad 550 1.2 elad if (cred1->cr_uid == cred2->cr_uid || 551 1.2 elad cred1->cr_euid == cred2->cr_uid || 552 1.2 elad cred1->cr_uid == cred2->cr_euid || 553 1.2 elad cred1->cr_euid == cred2->cr_euid) 554 1.2 elad return (1); 555 1.2 elad 556 1.2 elad return (0); 557 1.2 elad } 558 1.2 elad 559 1.11 ad u_int 560 1.2 elad kauth_cred_getrefcnt(kauth_cred_t cred) 561 1.2 elad { 562 1.2 elad KASSERT(cred != NULL); 563 1.2 elad 564 1.2 elad return (cred->cr_refcnt); 565 1.2 elad } 566 1.2 elad 567 1.2 elad /* 568 1.2 elad * Convert userland credentials (struct uucred) to kauth_cred_t. 569 1.29 pooka * XXX: For NFS & puffs 570 1.2 elad */ 571 1.29 pooka void 572 1.29 pooka kauth_uucred_to_cred(kauth_cred_t cred, const struct uucred *uuc) 573 1.29 pooka { 574 1.2 elad KASSERT(cred != NULL); 575 1.2 elad KASSERT(uuc != NULL); 576 1.29 pooka 577 1.2 elad cred->cr_refcnt = 1; 578 1.2 elad cred->cr_uid = uuc->cr_uid; 579 1.2 elad cred->cr_euid = uuc->cr_uid; 580 1.2 elad cred->cr_svuid = uuc->cr_uid; 581 1.2 elad cred->cr_gid = uuc->cr_gid; 582 1.2 elad cred->cr_egid = uuc->cr_gid; 583 1.2 elad cred->cr_svgid = uuc->cr_gid; 584 1.2 elad cred->cr_ngroups = min(uuc->cr_ngroups, NGROUPS); 585 1.2 elad kauth_cred_setgroups(cred, __UNCONST(uuc->cr_groups), 586 1.49 dsl cred->cr_ngroups, -1, UIO_SYSSPACE); 587 1.2 elad } 588 1.2 elad 589 1.2 elad /* 590 1.29 pooka * Convert kauth_cred_t to userland credentials (struct uucred). 591 1.29 pooka * XXX: For NFS & puffs 592 1.29 pooka */ 593 1.29 pooka void 594 1.29 pooka kauth_cred_to_uucred(struct uucred *uuc, const kauth_cred_t cred) 595 1.29 pooka { 596 1.29 pooka KASSERT(cred != NULL); 597 1.29 pooka KASSERT(uuc != NULL); 598 1.29 pooka int ng; 599 1.29 pooka 600 1.29 pooka ng = min(cred->cr_ngroups, NGROUPS); 601 1.29 pooka uuc->cr_uid = cred->cr_euid; 602 1.29 pooka uuc->cr_gid = cred->cr_egid; 603 1.29 pooka uuc->cr_ngroups = ng; 604 1.49 dsl kauth_cred_getgroups(cred, uuc->cr_groups, ng, UIO_SYSSPACE); 605 1.29 pooka } 606 1.29 pooka 607 1.29 pooka /* 608 1.2 elad * Compare kauth_cred_t and uucred credentials. 609 1.2 elad * XXX: Modelled after crcmp() for NFS. 610 1.2 elad */ 611 1.2 elad int 612 1.2 elad kauth_cred_uucmp(kauth_cred_t cred, const struct uucred *uuc) 613 1.2 elad { 614 1.2 elad KASSERT(cred != NULL); 615 1.2 elad KASSERT(uuc != NULL); 616 1.2 elad 617 1.2 elad if (cred->cr_euid == uuc->cr_uid && 618 1.2 elad cred->cr_egid == uuc->cr_gid && 619 1.62 lukem cred->cr_ngroups == (uint32_t)uuc->cr_ngroups) { 620 1.2 elad int i; 621 1.2 elad 622 1.2 elad /* Check if all groups from uuc appear in cred. */ 623 1.2 elad for (i = 0; i < uuc->cr_ngroups; i++) { 624 1.2 elad int ismember; 625 1.2 elad 626 1.2 elad ismember = 0; 627 1.2 elad if (kauth_cred_ismember_gid(cred, uuc->cr_groups[i], 628 1.2 elad &ismember) != 0 || !ismember) 629 1.4 yamt return (1); 630 1.2 elad } 631 1.2 elad 632 1.4 yamt return (0); 633 1.2 elad } 634 1.2 elad 635 1.4 yamt return (1); 636 1.2 elad } 637 1.2 elad 638 1.2 elad /* 639 1.12 ad * Make a struct ucred out of a kauth_cred_t. For compatibility. 640 1.2 elad */ 641 1.2 elad void 642 1.45 dsl kauth_cred_toucred(kauth_cred_t cred, struct ki_ucred *uc) 643 1.2 elad { 644 1.2 elad KASSERT(cred != NULL); 645 1.2 elad KASSERT(uc != NULL); 646 1.2 elad 647 1.12 ad uc->cr_ref = cred->cr_refcnt; 648 1.2 elad uc->cr_uid = cred->cr_euid; 649 1.2 elad uc->cr_gid = cred->cr_egid; 650 1.61 matt uc->cr_ngroups = min(cred->cr_ngroups, __arraycount(uc->cr_groups)); 651 1.2 elad memcpy(uc->cr_groups, cred->cr_groups, 652 1.2 elad uc->cr_ngroups * sizeof(uc->cr_groups[0])); 653 1.2 elad } 654 1.2 elad 655 1.2 elad /* 656 1.12 ad * Make a struct pcred out of a kauth_cred_t. For compatibility. 657 1.2 elad */ 658 1.2 elad void 659 1.45 dsl kauth_cred_topcred(kauth_cred_t cred, struct ki_pcred *pc) 660 1.2 elad { 661 1.2 elad KASSERT(cred != NULL); 662 1.2 elad KASSERT(pc != NULL); 663 1.2 elad 664 1.45 dsl pc->p_pad = NULL; 665 1.2 elad pc->p_ruid = cred->cr_uid; 666 1.2 elad pc->p_svuid = cred->cr_svuid; 667 1.2 elad pc->p_rgid = cred->cr_gid; 668 1.2 elad pc->p_svgid = cred->cr_svgid; 669 1.2 elad pc->p_refcnt = cred->cr_refcnt; 670 1.2 elad } 671 1.2 elad 672 1.2 elad /* 673 1.14 ad * Return kauth_cred_t for the current LWP. 674 1.2 elad */ 675 1.2 elad kauth_cred_t 676 1.2 elad kauth_cred_get(void) 677 1.2 elad { 678 1.14 ad return (curlwp->l_cred); 679 1.2 elad } 680 1.2 elad 681 1.2 elad /* 682 1.2 elad * Returns a scope matching the provided id. 683 1.2 elad * Requires the scope list lock to be held by the caller. 684 1.2 elad */ 685 1.2 elad static kauth_scope_t 686 1.3 yamt kauth_ifindscope(const char *id) 687 1.3 yamt { 688 1.2 elad kauth_scope_t scope; 689 1.2 elad 690 1.44 ad KASSERT(rw_lock_held(&kauth_lock)); 691 1.2 elad 692 1.2 elad scope = NULL; 693 1.2 elad SIMPLEQ_FOREACH(scope, &scope_list, next_scope) { 694 1.2 elad if (strcmp(scope->id, id) == 0) 695 1.2 elad break; 696 1.2 elad } 697 1.2 elad 698 1.2 elad return (scope); 699 1.2 elad } 700 1.2 elad 701 1.2 elad /* 702 1.2 elad * Register a new scope. 703 1.2 elad * 704 1.2 elad * id - identifier for the scope 705 1.2 elad * callback - the scope's default listener 706 1.2 elad * cookie - cookie to be passed to the listener(s) 707 1.2 elad */ 708 1.2 elad kauth_scope_t 709 1.2 elad kauth_register_scope(const char *id, kauth_scope_callback_t callback, 710 1.16 christos void *cookie) 711 1.2 elad { 712 1.2 elad kauth_scope_t scope; 713 1.21 yamt kauth_listener_t listener = NULL; /* XXX gcc */ 714 1.2 elad 715 1.2 elad /* Sanitize input */ 716 1.16 christos if (id == NULL) 717 1.2 elad return (NULL); 718 1.2 elad 719 1.2 elad /* Allocate space for a new scope and listener. */ 720 1.34 ad scope = kmem_alloc(sizeof(*scope), KM_SLEEP); 721 1.34 ad if (scope == NULL) 722 1.34 ad return NULL; 723 1.21 yamt if (callback != NULL) { 724 1.34 ad listener = kmem_alloc(sizeof(*listener), KM_SLEEP); 725 1.34 ad if (listener == NULL) { 726 1.34 ad kmem_free(scope, sizeof(*scope)); 727 1.34 ad return (NULL); 728 1.34 ad } 729 1.21 yamt } 730 1.2 elad 731 1.34 ad /* 732 1.34 ad * Acquire scope list lock. 733 1.34 ad */ 734 1.44 ad rw_enter(&kauth_lock, RW_WRITER); 735 1.2 elad 736 1.2 elad /* Check we don't already have a scope with the same id */ 737 1.2 elad if (kauth_ifindscope(id) != NULL) { 738 1.44 ad rw_exit(&kauth_lock); 739 1.2 elad 740 1.34 ad kmem_free(scope, sizeof(*scope)); 741 1.34 ad if (callback != NULL) 742 1.34 ad kmem_free(listener, sizeof(*listener)); 743 1.2 elad 744 1.2 elad return (NULL); 745 1.2 elad } 746 1.2 elad 747 1.2 elad /* Initialize new scope with parameters */ 748 1.2 elad scope->id = id; 749 1.2 elad scope->cookie = cookie; 750 1.2 elad scope->nlisteners = 1; 751 1.2 elad 752 1.16 christos SIMPLEQ_INIT(&scope->listenq); 753 1.16 christos 754 1.2 elad /* Add default listener */ 755 1.16 christos if (callback != NULL) { 756 1.16 christos listener->func = callback; 757 1.16 christos listener->scope = scope; 758 1.16 christos listener->refcnt = 0; 759 1.16 christos SIMPLEQ_INSERT_HEAD(&scope->listenq, listener, listener_next); 760 1.16 christos } 761 1.2 elad 762 1.2 elad /* Insert scope to scopes list */ 763 1.16 christos SIMPLEQ_INSERT_TAIL(&scope_list, scope, next_scope); 764 1.2 elad 765 1.44 ad rw_exit(&kauth_lock); 766 1.2 elad 767 1.2 elad return (scope); 768 1.2 elad } 769 1.2 elad 770 1.2 elad /* 771 1.2 elad * Initialize the kernel authorization subsystem. 772 1.2 elad * 773 1.2 elad * Initialize the scopes list lock. 774 1.41 elad * Create specificdata domain. 775 1.41 elad * Register the credentials scope, used in kauth(9) internally. 776 1.41 elad * Register built-in scopes: generic, system, process, network, machdep, device. 777 1.2 elad */ 778 1.2 elad void 779 1.2 elad kauth_init(void) 780 1.2 elad { 781 1.44 ad rw_init(&kauth_lock); 782 1.2 elad 783 1.53 ad kauth_cred_cache = pool_cache_init(sizeof(struct kauth_cred), 784 1.58 ad coherency_unit, 0, 0, "kcredpl", NULL, IPL_NONE, 785 1.55 ad NULL, NULL, NULL); 786 1.53 ad 787 1.41 elad /* Create specificdata domain. */ 788 1.41 elad kauth_domain = specificdata_domain_create(); 789 1.41 elad 790 1.41 elad /* Register credentials scope. */ 791 1.41 elad kauth_builtin_scope_cred = 792 1.41 elad kauth_register_scope(KAUTH_SCOPE_CRED, NULL, NULL); 793 1.41 elad 794 1.2 elad /* Register generic scope. */ 795 1.2 elad kauth_builtin_scope_generic = kauth_register_scope(KAUTH_SCOPE_GENERIC, 796 1.19 elad NULL, NULL); 797 1.19 elad 798 1.19 elad /* Register system scope. */ 799 1.19 elad kauth_builtin_scope_system = kauth_register_scope(KAUTH_SCOPE_SYSTEM, 800 1.19 elad NULL, NULL); 801 1.2 elad 802 1.2 elad /* Register process scope. */ 803 1.2 elad kauth_builtin_scope_process = kauth_register_scope(KAUTH_SCOPE_PROCESS, 804 1.19 elad NULL, NULL); 805 1.19 elad 806 1.19 elad /* Register network scope. */ 807 1.19 elad kauth_builtin_scope_network = kauth_register_scope(KAUTH_SCOPE_NETWORK, 808 1.19 elad NULL, NULL); 809 1.19 elad 810 1.19 elad /* Register machdep scope. */ 811 1.19 elad kauth_builtin_scope_machdep = kauth_register_scope(KAUTH_SCOPE_MACHDEP, 812 1.19 elad NULL, NULL); 813 1.25 elad 814 1.25 elad /* Register device scope. */ 815 1.25 elad kauth_builtin_scope_device = kauth_register_scope(KAUTH_SCOPE_DEVICE, 816 1.25 elad NULL, NULL); 817 1.64 elad 818 1.64 elad /* Register vnode scope. */ 819 1.64 elad kauth_builtin_scope_vnode = kauth_register_scope(KAUTH_SCOPE_VNODE, 820 1.64 elad NULL, NULL); 821 1.2 elad } 822 1.2 elad 823 1.2 elad /* 824 1.2 elad * Deregister a scope. 825 1.2 elad * Requires scope list lock to be held by the caller. 826 1.2 elad * 827 1.2 elad * scope - the scope to deregister 828 1.2 elad */ 829 1.2 elad void 830 1.2 elad kauth_deregister_scope(kauth_scope_t scope) 831 1.2 elad { 832 1.2 elad if (scope != NULL) { 833 1.2 elad /* Remove scope from list */ 834 1.2 elad SIMPLEQ_REMOVE(&scope_list, scope, kauth_scope, next_scope); 835 1.36 elad kmem_free(scope, sizeof(*scope)); 836 1.2 elad } 837 1.2 elad } 838 1.2 elad 839 1.2 elad /* 840 1.2 elad * Register a listener. 841 1.2 elad * 842 1.2 elad * id - scope identifier. 843 1.2 elad * callback - the callback routine for the listener. 844 1.2 elad * cookie - cookie to pass unmoidfied to the callback. 845 1.2 elad */ 846 1.2 elad kauth_listener_t 847 1.2 elad kauth_listen_scope(const char *id, kauth_scope_callback_t callback, 848 1.30 yamt void *cookie) 849 1.2 elad { 850 1.2 elad kauth_scope_t scope; 851 1.2 elad kauth_listener_t listener; 852 1.2 elad 853 1.44 ad listener = kmem_alloc(sizeof(*listener), KM_SLEEP); 854 1.44 ad if (listener == NULL) 855 1.44 ad return (NULL); 856 1.44 ad 857 1.44 ad rw_enter(&kauth_lock, RW_WRITER); 858 1.44 ad 859 1.34 ad /* 860 1.34 ad * Find scope struct. 861 1.34 ad */ 862 1.2 elad scope = kauth_ifindscope(id); 863 1.44 ad if (scope == NULL) { 864 1.44 ad rw_exit(&kauth_lock); 865 1.44 ad kmem_free(listener, sizeof(*listener)); 866 1.2 elad return (NULL); 867 1.44 ad } 868 1.2 elad 869 1.2 elad /* Allocate listener */ 870 1.2 elad 871 1.2 elad /* Initialize listener with parameters */ 872 1.2 elad listener->func = callback; 873 1.2 elad listener->refcnt = 0; 874 1.2 elad 875 1.2 elad /* Add listener to scope */ 876 1.2 elad SIMPLEQ_INSERT_TAIL(&scope->listenq, listener, listener_next); 877 1.2 elad 878 1.2 elad /* Raise number of listeners on scope. */ 879 1.2 elad scope->nlisteners++; 880 1.2 elad listener->scope = scope; 881 1.2 elad 882 1.44 ad rw_exit(&kauth_lock); 883 1.44 ad 884 1.2 elad return (listener); 885 1.2 elad } 886 1.2 elad 887 1.2 elad /* 888 1.2 elad * Deregister a listener. 889 1.2 elad * 890 1.2 elad * listener - listener reference as returned from kauth_listen_scope(). 891 1.2 elad */ 892 1.2 elad void 893 1.2 elad kauth_unlisten_scope(kauth_listener_t listener) 894 1.2 elad { 895 1.44 ad 896 1.2 elad if (listener != NULL) { 897 1.44 ad rw_enter(&kauth_lock, RW_WRITER); 898 1.3 yamt SIMPLEQ_REMOVE(&listener->scope->listenq, listener, 899 1.3 yamt kauth_listener, listener_next); 900 1.2 elad listener->scope->nlisteners--; 901 1.44 ad rw_exit(&kauth_lock); 902 1.36 elad kmem_free(listener, sizeof(*listener)); 903 1.2 elad } 904 1.2 elad } 905 1.2 elad 906 1.2 elad /* 907 1.2 elad * Authorize a request. 908 1.2 elad * 909 1.2 elad * scope - the scope of the request as defined by KAUTH_SCOPE_* or as 910 1.2 elad * returned from kauth_register_scope(). 911 1.2 elad * credential - credentials of the user ("actor") making the request. 912 1.2 elad * action - request identifier. 913 1.2 elad * arg[0-3] - passed unmodified to listener(s). 914 1.64 elad * 915 1.64 elad * Returns the aggregated result: 916 1.64 elad * - KAUTH_RESULT_ALLOW if there is at least one KAUTH_RESULT_ALLOW and 917 1.64 elad * zero KAUTH_DESULT_DENY 918 1.64 elad * - KAUTH_RESULT_DENY if there is at least one KAUTH_RESULT_DENY 919 1.64 elad * - KAUTH_RESULT_DEFER if there is nothing but KAUTH_RESULT_DEFER 920 1.2 elad */ 921 1.64 elad static int 922 1.64 elad kauth_authorize_action_internal(kauth_scope_t scope, kauth_cred_t cred, 923 1.64 elad kauth_action_t action, void *arg0, void *arg1, void *arg2, void *arg3) 924 1.2 elad { 925 1.2 elad kauth_listener_t listener; 926 1.2 elad int error, allow, fail; 927 1.2 elad 928 1.26 elad KASSERT(cred != NULL); 929 1.26 elad KASSERT(action != 0); 930 1.2 elad 931 1.17 christos /* Short-circuit requests coming from the kernel. */ 932 1.17 christos if (cred == NOCRED || cred == FSCRED) 933 1.17 christos return (0); 934 1.17 christos 935 1.26 elad KASSERT(scope != NULL); 936 1.26 elad 937 1.2 elad fail = 0; 938 1.2 elad allow = 0; 939 1.39 elad 940 1.44 ad /* rw_enter(&kauth_lock, RW_READER); XXX not yet */ 941 1.2 elad SIMPLEQ_FOREACH(listener, &scope->listenq, listener_next) { 942 1.2 elad error = listener->func(cred, action, scope->cookie, arg0, 943 1.44 ad arg1, arg2, arg3); 944 1.2 elad 945 1.2 elad if (error == KAUTH_RESULT_ALLOW) 946 1.2 elad allow = 1; 947 1.2 elad else if (error == KAUTH_RESULT_DENY) 948 1.2 elad fail = 1; 949 1.2 elad } 950 1.44 ad /* rw_exit(&kauth_lock); */ 951 1.2 elad 952 1.39 elad if (fail) 953 1.64 elad return (KAUTH_RESULT_DENY); 954 1.64 elad 955 1.64 elad if (allow) 956 1.64 elad return (KAUTH_RESULT_ALLOW); 957 1.64 elad 958 1.64 elad return (KAUTH_RESULT_DEFER); 959 1.64 elad }; 960 1.64 elad 961 1.64 elad int 962 1.64 elad kauth_authorize_action(kauth_scope_t scope, kauth_cred_t cred, 963 1.64 elad kauth_action_t action, void *arg0, void *arg1, void *arg2, void *arg3) 964 1.64 elad { 965 1.64 elad int r; 966 1.64 elad 967 1.64 elad r = kauth_authorize_action_internal(scope, cred, action, arg0, arg1, 968 1.64 elad arg2, arg3); 969 1.64 elad 970 1.64 elad if (r == KAUTH_RESULT_DENY) 971 1.39 elad return (EPERM); 972 1.39 elad 973 1.64 elad if (r == KAUTH_RESULT_ALLOW) 974 1.39 elad return (0); 975 1.39 elad 976 1.66 jym if (secmodel_nsecmodels() == 0) 977 1.39 elad return (0); 978 1.39 elad 979 1.39 elad return (EPERM); 980 1.64 elad } 981 1.2 elad 982 1.2 elad /* 983 1.2 elad * Generic scope authorization wrapper. 984 1.2 elad */ 985 1.2 elad int 986 1.2 elad kauth_authorize_generic(kauth_cred_t cred, kauth_action_t action, void *arg0) 987 1.2 elad { 988 1.2 elad return (kauth_authorize_action(kauth_builtin_scope_generic, cred, 989 1.2 elad action, arg0, NULL, NULL, NULL)); 990 1.2 elad } 991 1.2 elad 992 1.2 elad /* 993 1.19 elad * System scope authorization wrapper. 994 1.2 elad */ 995 1.2 elad int 996 1.19 elad kauth_authorize_system(kauth_cred_t cred, kauth_action_t action, 997 1.19 elad enum kauth_system_req req, void *arg1, void *arg2, void *arg3) 998 1.2 elad { 999 1.19 elad return (kauth_authorize_action(kauth_builtin_scope_system, cred, 1000 1.19 elad action, (void *)req, arg1, arg2, arg3)); 1001 1.2 elad } 1002 1.2 elad 1003 1.2 elad /* 1004 1.2 elad * Process scope authorization wrapper. 1005 1.2 elad */ 1006 1.2 elad int 1007 1.2 elad kauth_authorize_process(kauth_cred_t cred, kauth_action_t action, 1008 1.2 elad struct proc *p, void *arg1, void *arg2, void *arg3) 1009 1.2 elad { 1010 1.2 elad return (kauth_authorize_action(kauth_builtin_scope_process, cred, 1011 1.2 elad action, p, arg1, arg2, arg3)); 1012 1.2 elad } 1013 1.19 elad 1014 1.19 elad /* 1015 1.19 elad * Network scope authorization wrapper. 1016 1.19 elad */ 1017 1.19 elad int 1018 1.19 elad kauth_authorize_network(kauth_cred_t cred, kauth_action_t action, 1019 1.23 elad enum kauth_network_req req, void *arg1, void *arg2, void *arg3) 1020 1.19 elad { 1021 1.19 elad return (kauth_authorize_action(kauth_builtin_scope_network, cred, 1022 1.23 elad action, (void *)req, arg1, arg2, arg3)); 1023 1.19 elad } 1024 1.19 elad 1025 1.19 elad int 1026 1.19 elad kauth_authorize_machdep(kauth_cred_t cred, kauth_action_t action, 1027 1.35 elad void *arg0, void *arg1, void *arg2, void *arg3) 1028 1.19 elad { 1029 1.19 elad return (kauth_authorize_action(kauth_builtin_scope_machdep, cred, 1030 1.35 elad action, arg0, arg1, arg2, arg3)); 1031 1.19 elad } 1032 1.25 elad 1033 1.25 elad int 1034 1.32 elad kauth_authorize_device(kauth_cred_t cred, kauth_action_t action, 1035 1.32 elad void *arg0, void *arg1, void *arg2, void *arg3) 1036 1.32 elad { 1037 1.32 elad return (kauth_authorize_action(kauth_builtin_scope_device, cred, 1038 1.32 elad action, arg0, arg1, arg2, arg3)); 1039 1.32 elad } 1040 1.32 elad 1041 1.32 elad int 1042 1.25 elad kauth_authorize_device_tty(kauth_cred_t cred, kauth_action_t action, 1043 1.25 elad struct tty *tty) 1044 1.25 elad { 1045 1.25 elad return (kauth_authorize_action(kauth_builtin_scope_device, cred, 1046 1.25 elad action, tty, NULL, NULL, NULL)); 1047 1.25 elad } 1048 1.31 elad 1049 1.31 elad int 1050 1.31 elad kauth_authorize_device_spec(kauth_cred_t cred, enum kauth_device_req req, 1051 1.31 elad struct vnode *vp) 1052 1.31 elad { 1053 1.31 elad return (kauth_authorize_action(kauth_builtin_scope_device, cred, 1054 1.31 elad KAUTH_DEVICE_RAWIO_SPEC, (void *)req, vp, NULL, NULL)); 1055 1.31 elad } 1056 1.31 elad 1057 1.31 elad int 1058 1.33 elad kauth_authorize_device_passthru(kauth_cred_t cred, dev_t dev, u_long bits, 1059 1.33 elad void *data) 1060 1.31 elad { 1061 1.31 elad return (kauth_authorize_action(kauth_builtin_scope_device, cred, 1062 1.33 elad KAUTH_DEVICE_RAWIO_PASSTHRU, (void *)bits, (void *)(u_long)dev, 1063 1.33 elad data, NULL)); 1064 1.31 elad } 1065 1.39 elad 1066 1.64 elad kauth_action_t 1067 1.64 elad kauth_mode_to_action(mode_t mode) 1068 1.64 elad { 1069 1.64 elad kauth_action_t action = 0; 1070 1.64 elad 1071 1.64 elad if (mode & VREAD) 1072 1.64 elad action |= KAUTH_VNODE_READ_DATA; 1073 1.64 elad if (mode & VWRITE) 1074 1.64 elad action |= KAUTH_VNODE_WRITE_DATA; 1075 1.64 elad if (mode & VEXEC) 1076 1.64 elad action |= KAUTH_VNODE_EXECUTE; 1077 1.64 elad 1078 1.64 elad return action; 1079 1.64 elad } 1080 1.64 elad 1081 1.68 elad kauth_action_t 1082 1.68 elad kauth_access_action(mode_t access_mode, enum vtype vn_type, mode_t file_mode) 1083 1.68 elad { 1084 1.68 elad kauth_action_t action = kauth_mode_to_action(access_mode); 1085 1.68 elad 1086 1.68 elad if (FS_OBJECT_CAN_EXEC(vn_type, file_mode)) 1087 1.68 elad action |= KAUTH_VNODE_IS_EXEC; 1088 1.68 elad 1089 1.68 elad return action; 1090 1.68 elad } 1091 1.68 elad 1092 1.68 elad kauth_action_t 1093 1.68 elad kauth_extattr_action(mode_t access_mode) 1094 1.68 elad { 1095 1.68 elad kauth_action_t action = 0; 1096 1.68 elad 1097 1.68 elad if (access_mode & VREAD) 1098 1.68 elad action |= KAUTH_VNODE_READ_EXTATTRIBUTES; 1099 1.68 elad if (access_mode & VWRITE) 1100 1.68 elad action |= KAUTH_VNODE_WRITE_EXTATTRIBUTES; 1101 1.68 elad 1102 1.68 elad return action; 1103 1.68 elad } 1104 1.68 elad 1105 1.64 elad int 1106 1.64 elad kauth_authorize_vnode(kauth_cred_t cred, kauth_action_t action, 1107 1.64 elad struct vnode *vp, struct vnode *dvp, int fs_decision) 1108 1.64 elad { 1109 1.64 elad int error; 1110 1.64 elad 1111 1.64 elad error = kauth_authorize_action_internal(kauth_builtin_scope_vnode, cred, 1112 1.64 elad action, vp, dvp, NULL, NULL); 1113 1.64 elad 1114 1.64 elad if (error == KAUTH_RESULT_DENY) 1115 1.64 elad return (EACCES); 1116 1.64 elad 1117 1.64 elad if (error == KAUTH_RESULT_ALLOW) 1118 1.64 elad return (0); 1119 1.64 elad 1120 1.64 elad /* 1121 1.64 elad * If the file-system does not support decision-before-action, we can 1122 1.64 elad * only short-circuit the operation (deny). If we're here, it means no 1123 1.64 elad * listener denied it, so our only alternative is to supposedly-allow 1124 1.64 elad * it and let the file-system have the last word. 1125 1.64 elad */ 1126 1.64 elad if (fs_decision == KAUTH_VNODE_REMOTEFS) 1127 1.64 elad return (0); 1128 1.64 elad 1129 1.64 elad return (fs_decision); 1130 1.64 elad } 1131 1.64 elad 1132 1.41 elad static int 1133 1.41 elad kauth_cred_hook(kauth_cred_t cred, kauth_action_t action, void *arg0, 1134 1.41 elad void *arg1) 1135 1.41 elad { 1136 1.41 elad int r; 1137 1.41 elad 1138 1.41 elad r = kauth_authorize_action(kauth_builtin_scope_cred, cred, action, 1139 1.41 elad arg0, arg1, NULL, NULL); 1140 1.41 elad 1141 1.42 elad #ifdef DIAGNOSTIC 1142 1.42 elad if (!SIMPLEQ_EMPTY(&kauth_builtin_scope_cred->listenq)) 1143 1.42 elad KASSERT(r == 0); 1144 1.42 elad #endif /* DIAGNOSTIC */ 1145 1.41 elad 1146 1.41 elad return (r); 1147 1.41 elad } 1148
Indexes created Sat Sep 20 22:09:52 GMT 2025