kern_auth.c revision 1.71.2.3
1 1.71.2.2 tls /* $NetBSD: kern_auth.c,v 1.71.2.3 2017/12/03 11:38:44 jdolecek Exp $ */ 2 1.2 elad 3 1.2 elad /*- 4 1.2 elad * Copyright (c) 2005, 2006 Elad Efrat <elad (at) NetBSD.org> 5 1.2 elad * All rights reserved. 6 1.2 elad * 7 1.2 elad * Redistribution and use in source and binary forms, with or without 8 1.2 elad * modification, are permitted provided that the following conditions 9 1.2 elad * are met: 10 1.2 elad * 1. Redistributions of source code must retain the above copyright 11 1.2 elad * notice, this list of conditions and the following disclaimer. 12 1.2 elad * 2. Redistributions in binary form must reproduce the above copyright 13 1.2 elad * notice, this list of conditions and the following disclaimer in the 14 1.2 elad * documentation and/or other materials provided with the distribution. 15 1.37 elad * 3. The name of the author may not be used to endorse or promote products 16 1.2 elad * derived from this software without specific prior written permission. 17 1.2 elad * 18 1.2 elad * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 19 1.2 elad * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 20 1.2 elad * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 1.2 elad * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 1.2 elad * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 23 1.2 elad * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 1.2 elad * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 1.2 elad * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 1.2 elad * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 27 1.2 elad * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 1.2 elad */ 29 1.2 elad 30 1.20 elad #include <sys/cdefs.h> 31 1.71.2.2 tls __KERNEL_RCSID(0, "$NetBSD: kern_auth.c,v 1.71.2.3 2017/12/03 11:38:44 jdolecek Exp $"); 32 1.20 elad 33 1.46 christos #include <sys/types.h> 34 1.2 elad #include <sys/param.h> 35 1.2 elad #include <sys/queue.h> 36 1.2 elad #include <sys/proc.h> 37 1.2 elad #include <sys/ucred.h> 38 1.2 elad #include <sys/pool.h> 39 1.71.2.3 jdolecek #define __KAUTH_PRIVATE 40 1.2 elad #include <sys/kauth.h> 41 1.34 ad #include <sys/kmem.h> 42 1.44 ad #include <sys/rwlock.h> 43 1.65 elad #include <sys/sysctl.h> 44 1.55 ad #include <sys/atomic.h> 45 1.46 christos #include <sys/specificdata.h> 46 1.64 elad #include <sys/vnode.h> 47 1.41 elad 48 1.66 jym #include <secmodel/secmodel.h> 49 1.66 jym 50 1.41 elad /* 51 1.41 elad * Secmodel-specific credentials. 52 1.41 elad */ 53 1.41 elad struct kauth_key { 54 1.66 jym secmodel_t ks_secmodel; /* secmodel */ 55 1.41 elad specificdata_key_t ks_key; /* key */ 56 1.41 elad }; 57 1.2 elad 58 1.46 christos 59 1.2 elad /* 60 1.2 elad * Listener. 61 1.2 elad */ 62 1.2 elad struct kauth_listener { 63 1.2 elad kauth_scope_callback_t func; /* callback */ 64 1.2 elad kauth_scope_t scope; /* scope backpointer */ 65 1.11 ad u_int refcnt; /* reference count */ 66 1.2 elad SIMPLEQ_ENTRY(kauth_listener) listener_next; /* listener list */ 67 1.2 elad }; 68 1.2 elad 69 1.2 elad /* 70 1.2 elad * Scope. 71 1.2 elad */ 72 1.2 elad struct kauth_scope { 73 1.2 elad const char *id; /* scope name */ 74 1.2 elad void *cookie; /* user cookie */ 75 1.11 ad u_int nlisteners; /* # of listeners */ 76 1.2 elad SIMPLEQ_HEAD(, kauth_listener) listenq; /* listener list */ 77 1.2 elad SIMPLEQ_ENTRY(kauth_scope) next_scope; /* scope list */ 78 1.2 elad }; 79 1.2 elad 80 1.41 elad static int kauth_cred_hook(kauth_cred_t, kauth_action_t, void *, void *); 81 1.2 elad 82 1.2 elad /* List of scopes and its lock. */ 83 1.54 matt static SIMPLEQ_HEAD(, kauth_scope) scope_list = 84 1.54 matt SIMPLEQ_HEAD_INITIALIZER(scope_list); 85 1.2 elad 86 1.2 elad /* Built-in scopes: generic, process. */ 87 1.2 elad static kauth_scope_t kauth_builtin_scope_generic; 88 1.19 elad static kauth_scope_t kauth_builtin_scope_system; 89 1.2 elad static kauth_scope_t kauth_builtin_scope_process; 90 1.19 elad static kauth_scope_t kauth_builtin_scope_network; 91 1.19 elad static kauth_scope_t kauth_builtin_scope_machdep; 92 1.25 elad static kauth_scope_t kauth_builtin_scope_device; 93 1.41 elad static kauth_scope_t kauth_builtin_scope_cred; 94 1.64 elad static kauth_scope_t kauth_builtin_scope_vnode; 95 1.2 elad 96 1.41 elad static specificdata_domain_t kauth_domain; 97 1.53 ad static pool_cache_t kauth_cred_cache; 98 1.65 elad 99 1.44 ad krwlock_t kauth_lock; 100 1.41 elad 101 1.2 elad /* Allocate new, empty kauth credentials. */ 102 1.2 elad kauth_cred_t 103 1.3 yamt kauth_cred_alloc(void) 104 1.3 yamt { 105 1.2 elad kauth_cred_t cred; 106 1.2 elad 107 1.53 ad cred = pool_cache_get(kauth_cred_cache, PR_WAITOK); 108 1.53 ad 109 1.2 elad cred->cr_refcnt = 1; 110 1.53 ad cred->cr_uid = 0; 111 1.53 ad cred->cr_euid = 0; 112 1.53 ad cred->cr_svuid = 0; 113 1.53 ad cred->cr_gid = 0; 114 1.53 ad cred->cr_egid = 0; 115 1.53 ad cred->cr_svgid = 0; 116 1.53 ad cred->cr_ngroups = 0; 117 1.53 ad 118 1.41 elad specificdata_init(kauth_domain, &cred->cr_sd); 119 1.41 elad kauth_cred_hook(cred, KAUTH_CRED_INIT, NULL, NULL); 120 1.2 elad 121 1.2 elad return (cred); 122 1.2 elad } 123 1.2 elad 124 1.2 elad /* Increment reference count to cred. */ 125 1.2 elad void 126 1.2 elad kauth_cred_hold(kauth_cred_t cred) 127 1.2 elad { 128 1.2 elad KASSERT(cred != NULL); 129 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 130 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 131 1.11 ad KASSERT(cred->cr_refcnt > 0); 132 1.2 elad 133 1.70 cheusov atomic_inc_uint(&cred->cr_refcnt); 134 1.2 elad } 135 1.2 elad 136 1.2 elad /* Decrease reference count to cred. If reached zero, free it. */ 137 1.2 elad void 138 1.3 yamt kauth_cred_free(kauth_cred_t cred) 139 1.3 yamt { 140 1.11 ad 141 1.2 elad KASSERT(cred != NULL); 142 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 143 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 144 1.11 ad KASSERT(cred->cr_refcnt > 0); 145 1.63 yamt ASSERT_SLEEPABLE(); 146 1.2 elad 147 1.56 ad if (atomic_dec_uint_nv(&cred->cr_refcnt) > 0) 148 1.55 ad return; 149 1.55 ad 150 1.55 ad kauth_cred_hook(cred, KAUTH_CRED_FREE, NULL, NULL); 151 1.55 ad specificdata_fini(kauth_domain, &cred->cr_sd); 152 1.55 ad pool_cache_put(kauth_cred_cache, cred); 153 1.2 elad } 154 1.2 elad 155 1.49 dsl static void 156 1.48 dsl kauth_cred_clone1(kauth_cred_t from, kauth_cred_t to, bool copy_groups) 157 1.48 dsl { 158 1.2 elad KASSERT(from != NULL); 159 1.71.2.3 jdolecek KASSERT(from != NOCRED); 160 1.71.2.3 jdolecek KASSERT(from != FSCRED); 161 1.2 elad KASSERT(to != NULL); 162 1.71.2.3 jdolecek KASSERT(to != NOCRED); 163 1.71.2.3 jdolecek KASSERT(to != FSCRED); 164 1.11 ad KASSERT(from->cr_refcnt > 0); 165 1.2 elad 166 1.2 elad to->cr_uid = from->cr_uid; 167 1.2 elad to->cr_euid = from->cr_euid; 168 1.2 elad to->cr_svuid = from->cr_svuid; 169 1.2 elad to->cr_gid = from->cr_gid; 170 1.2 elad to->cr_egid = from->cr_egid; 171 1.2 elad to->cr_svgid = from->cr_svgid; 172 1.48 dsl if (copy_groups) { 173 1.48 dsl to->cr_ngroups = from->cr_ngroups; 174 1.48 dsl memcpy(to->cr_groups, from->cr_groups, sizeof(to->cr_groups)); 175 1.48 dsl } 176 1.41 elad 177 1.41 elad kauth_cred_hook(from, KAUTH_CRED_COPY, to, NULL); 178 1.2 elad } 179 1.2 elad 180 1.49 dsl void 181 1.49 dsl kauth_cred_clone(kauth_cred_t from, kauth_cred_t to) 182 1.49 dsl { 183 1.49 dsl kauth_cred_clone1(from, to, true); 184 1.49 dsl } 185 1.49 dsl 186 1.2 elad /* 187 1.2 elad * Duplicate cred and return a new kauth_cred_t. 188 1.2 elad */ 189 1.2 elad kauth_cred_t 190 1.2 elad kauth_cred_dup(kauth_cred_t cred) 191 1.2 elad { 192 1.2 elad kauth_cred_t new_cred; 193 1.2 elad 194 1.2 elad KASSERT(cred != NULL); 195 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 196 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 197 1.11 ad KASSERT(cred->cr_refcnt > 0); 198 1.2 elad 199 1.2 elad new_cred = kauth_cred_alloc(); 200 1.2 elad 201 1.2 elad kauth_cred_clone(cred, new_cred); 202 1.2 elad 203 1.2 elad return (new_cred); 204 1.2 elad } 205 1.2 elad 206 1.2 elad /* 207 1.2 elad * Similar to crcopy(), only on a kauth_cred_t. 208 1.2 elad * XXX: Is this even needed? [kauth_cred_copy] 209 1.2 elad */ 210 1.2 elad kauth_cred_t 211 1.2 elad kauth_cred_copy(kauth_cred_t cred) 212 1.2 elad { 213 1.2 elad kauth_cred_t new_cred; 214 1.2 elad 215 1.2 elad KASSERT(cred != NULL); 216 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 217 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 218 1.11 ad KASSERT(cred->cr_refcnt > 0); 219 1.2 elad 220 1.2 elad /* If the provided credentials already have one reference, use them. */ 221 1.2 elad if (cred->cr_refcnt == 1) 222 1.2 elad return (cred); 223 1.2 elad 224 1.2 elad new_cred = kauth_cred_alloc(); 225 1.2 elad 226 1.2 elad kauth_cred_clone(cred, new_cred); 227 1.2 elad 228 1.2 elad kauth_cred_free(cred); 229 1.2 elad 230 1.2 elad return (new_cred); 231 1.2 elad } 232 1.2 elad 233 1.38 elad void 234 1.38 elad kauth_proc_fork(struct proc *parent, struct proc *child) 235 1.38 elad { 236 1.44 ad 237 1.59 ad mutex_enter(parent->p_lock); 238 1.38 elad kauth_cred_hold(parent->p_cred); 239 1.38 elad child->p_cred = parent->p_cred; 240 1.59 ad mutex_exit(parent->p_lock); 241 1.41 elad 242 1.44 ad /* XXX: relies on parent process stalling during fork() */ 243 1.41 elad kauth_cred_hook(parent->p_cred, KAUTH_CRED_FORK, parent, 244 1.41 elad child); 245 1.38 elad } 246 1.38 elad 247 1.71 cheusov void 248 1.71 cheusov kauth_proc_chroot(kauth_cred_t cred, struct cwdinfo *cwdi) 249 1.71 cheusov { 250 1.71 cheusov kauth_cred_hook(cred, KAUTH_CRED_CHROOT, cwdi, NULL); 251 1.71 cheusov } 252 1.71 cheusov 253 1.2 elad uid_t 254 1.2 elad kauth_cred_getuid(kauth_cred_t cred) 255 1.2 elad { 256 1.2 elad KASSERT(cred != NULL); 257 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 258 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 259 1.2 elad 260 1.2 elad return (cred->cr_uid); 261 1.2 elad } 262 1.2 elad 263 1.2 elad uid_t 264 1.2 elad kauth_cred_geteuid(kauth_cred_t cred) 265 1.2 elad { 266 1.2 elad KASSERT(cred != NULL); 267 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 268 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 269 1.2 elad 270 1.2 elad return (cred->cr_euid); 271 1.2 elad } 272 1.2 elad 273 1.2 elad uid_t 274 1.2 elad kauth_cred_getsvuid(kauth_cred_t cred) 275 1.2 elad { 276 1.2 elad KASSERT(cred != NULL); 277 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 278 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 279 1.2 elad 280 1.2 elad return (cred->cr_svuid); 281 1.2 elad } 282 1.2 elad 283 1.2 elad gid_t 284 1.2 elad kauth_cred_getgid(kauth_cred_t cred) 285 1.2 elad { 286 1.2 elad KASSERT(cred != NULL); 287 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 288 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 289 1.2 elad 290 1.2 elad return (cred->cr_gid); 291 1.2 elad } 292 1.2 elad 293 1.2 elad gid_t 294 1.2 elad kauth_cred_getegid(kauth_cred_t cred) 295 1.2 elad { 296 1.2 elad KASSERT(cred != NULL); 297 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 298 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 299 1.2 elad 300 1.2 elad return (cred->cr_egid); 301 1.2 elad } 302 1.2 elad 303 1.2 elad gid_t 304 1.2 elad kauth_cred_getsvgid(kauth_cred_t cred) 305 1.2 elad { 306 1.2 elad KASSERT(cred != NULL); 307 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 308 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 309 1.2 elad 310 1.2 elad return (cred->cr_svgid); 311 1.2 elad } 312 1.2 elad 313 1.2 elad void 314 1.2 elad kauth_cred_setuid(kauth_cred_t cred, uid_t uid) 315 1.2 elad { 316 1.2 elad KASSERT(cred != NULL); 317 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 318 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 319 1.11 ad KASSERT(cred->cr_refcnt == 1); 320 1.2 elad 321 1.2 elad cred->cr_uid = uid; 322 1.2 elad } 323 1.2 elad 324 1.2 elad void 325 1.2 elad kauth_cred_seteuid(kauth_cred_t cred, uid_t uid) 326 1.2 elad { 327 1.2 elad KASSERT(cred != NULL); 328 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 329 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 330 1.11 ad KASSERT(cred->cr_refcnt == 1); 331 1.2 elad 332 1.2 elad cred->cr_euid = uid; 333 1.2 elad } 334 1.2 elad 335 1.2 elad void 336 1.2 elad kauth_cred_setsvuid(kauth_cred_t cred, uid_t uid) 337 1.2 elad { 338 1.2 elad KASSERT(cred != NULL); 339 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 340 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 341 1.11 ad KASSERT(cred->cr_refcnt == 1); 342 1.2 elad 343 1.2 elad cred->cr_svuid = uid; 344 1.2 elad } 345 1.2 elad 346 1.2 elad void 347 1.2 elad kauth_cred_setgid(kauth_cred_t cred, gid_t gid) 348 1.2 elad { 349 1.2 elad KASSERT(cred != NULL); 350 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 351 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 352 1.11 ad KASSERT(cred->cr_refcnt == 1); 353 1.2 elad 354 1.2 elad cred->cr_gid = gid; 355 1.2 elad } 356 1.2 elad 357 1.2 elad void 358 1.2 elad kauth_cred_setegid(kauth_cred_t cred, gid_t gid) 359 1.2 elad { 360 1.2 elad KASSERT(cred != NULL); 361 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 362 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 363 1.11 ad KASSERT(cred->cr_refcnt == 1); 364 1.2 elad 365 1.2 elad cred->cr_egid = gid; 366 1.2 elad } 367 1.2 elad 368 1.2 elad void 369 1.2 elad kauth_cred_setsvgid(kauth_cred_t cred, gid_t gid) 370 1.2 elad { 371 1.2 elad KASSERT(cred != NULL); 372 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 373 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 374 1.11 ad KASSERT(cred->cr_refcnt == 1); 375 1.2 elad 376 1.2 elad cred->cr_svgid = gid; 377 1.2 elad } 378 1.2 elad 379 1.2 elad /* Checks if gid is a member of the groups in cred. */ 380 1.2 elad int 381 1.2 elad kauth_cred_ismember_gid(kauth_cred_t cred, gid_t gid, int *resultp) 382 1.2 elad { 383 1.62 lukem uint32_t i; 384 1.2 elad 385 1.2 elad KASSERT(cred != NULL); 386 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 387 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 388 1.2 elad KASSERT(resultp != NULL); 389 1.2 elad 390 1.2 elad *resultp = 0; 391 1.2 elad 392 1.2 elad for (i = 0; i < cred->cr_ngroups; i++) 393 1.2 elad if (cred->cr_groups[i] == gid) { 394 1.2 elad *resultp = 1; 395 1.2 elad break; 396 1.2 elad } 397 1.2 elad 398 1.2 elad return (0); 399 1.2 elad } 400 1.2 elad 401 1.11 ad u_int 402 1.2 elad kauth_cred_ngroups(kauth_cred_t cred) 403 1.2 elad { 404 1.2 elad KASSERT(cred != NULL); 405 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 406 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 407 1.2 elad 408 1.2 elad return (cred->cr_ngroups); 409 1.2 elad } 410 1.2 elad 411 1.2 elad /* 412 1.2 elad * Return the group at index idx from the groups in cred. 413 1.2 elad */ 414 1.2 elad gid_t 415 1.11 ad kauth_cred_group(kauth_cred_t cred, u_int idx) 416 1.2 elad { 417 1.2 elad KASSERT(cred != NULL); 418 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 419 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 420 1.2 elad KASSERT(idx < cred->cr_ngroups); 421 1.2 elad 422 1.2 elad return (cred->cr_groups[idx]); 423 1.2 elad } 424 1.2 elad 425 1.2 elad /* XXX elad: gmuid is unused for now. */ 426 1.2 elad int 427 1.49 dsl kauth_cred_setgroups(kauth_cred_t cred, const gid_t *grbuf, size_t len, 428 1.52 yamt uid_t gmuid, enum uio_seg seg) 429 1.2 elad { 430 1.49 dsl int error = 0; 431 1.49 dsl 432 1.2 elad KASSERT(cred != NULL); 433 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 434 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 435 1.11 ad KASSERT(cred->cr_refcnt == 1); 436 1.2 elad 437 1.61 matt if (len > __arraycount(cred->cr_groups)) 438 1.49 dsl return EINVAL; 439 1.49 dsl 440 1.49 dsl if (len) { 441 1.52 yamt if (seg == UIO_SYSSPACE) { 442 1.49 dsl memcpy(cred->cr_groups, grbuf, 443 1.49 dsl len * sizeof(cred->cr_groups[0])); 444 1.52 yamt } else { 445 1.49 dsl error = copyin(grbuf, cred->cr_groups, 446 1.49 dsl len * sizeof(cred->cr_groups[0])); 447 1.49 dsl if (error != 0) 448 1.49 dsl len = 0; 449 1.49 dsl } 450 1.49 dsl } 451 1.2 elad memset(cred->cr_groups + len, 0xff, 452 1.2 elad sizeof(cred->cr_groups) - (len * sizeof(cred->cr_groups[0]))); 453 1.2 elad 454 1.2 elad cred->cr_ngroups = len; 455 1.2 elad 456 1.49 dsl return error; 457 1.48 dsl } 458 1.48 dsl 459 1.49 dsl /* This supports sys_setgroups() */ 460 1.48 dsl int 461 1.48 dsl kauth_proc_setgroups(struct lwp *l, kauth_cred_t ncred) 462 1.48 dsl { 463 1.48 dsl kauth_cred_t cred; 464 1.48 dsl int error; 465 1.48 dsl 466 1.48 dsl /* 467 1.48 dsl * At this point we could delete duplicate groups from ncred, 468 1.48 dsl * and plausibly sort the list - but in general the later is 469 1.48 dsl * a bad idea. 470 1.48 dsl */ 471 1.48 dsl proc_crmod_enter(); 472 1.48 dsl /* Maybe we should use curproc here ? */ 473 1.48 dsl cred = l->l_proc->p_cred; 474 1.48 dsl 475 1.48 dsl kauth_cred_clone1(cred, ncred, false); 476 1.48 dsl 477 1.48 dsl error = kauth_authorize_process(cred, KAUTH_PROCESS_SETID, 478 1.48 dsl l->l_proc, NULL, NULL, NULL); 479 1.48 dsl if (error != 0) { 480 1.48 dsl proc_crmod_leave(cred, ncred, false); 481 1.48 dsl return error; 482 1.48 dsl } 483 1.48 dsl 484 1.48 dsl /* Broadcast our credentials to the process and other LWPs. */ 485 1.48 dsl proc_crmod_leave(ncred, cred, true); 486 1.48 dsl return 0; 487 1.48 dsl } 488 1.48 dsl 489 1.2 elad int 490 1.49 dsl kauth_cred_getgroups(kauth_cred_t cred, gid_t *grbuf, size_t len, 491 1.52 yamt enum uio_seg seg) 492 1.2 elad { 493 1.2 elad KASSERT(cred != NULL); 494 1.2 elad 495 1.49 dsl if (len > cred->cr_ngroups) 496 1.49 dsl return EINVAL; 497 1.49 dsl 498 1.52 yamt if (seg == UIO_USERSPACE) 499 1.49 dsl return copyout(cred->cr_groups, grbuf, sizeof(*grbuf) * len); 500 1.2 elad memcpy(grbuf, cred->cr_groups, sizeof(*grbuf) * len); 501 1.2 elad 502 1.49 dsl return 0; 503 1.48 dsl } 504 1.48 dsl 505 1.41 elad int 506 1.66 jym kauth_register_key(secmodel_t secmodel, kauth_key_t *result) 507 1.41 elad { 508 1.41 elad kauth_key_t k; 509 1.41 elad specificdata_key_t key; 510 1.41 elad int error; 511 1.41 elad 512 1.41 elad KASSERT(result != NULL); 513 1.41 elad 514 1.41 elad error = specificdata_key_create(kauth_domain, &key, NULL); 515 1.41 elad if (error) 516 1.41 elad return (error); 517 1.41 elad 518 1.41 elad k = kmem_alloc(sizeof(*k), KM_SLEEP); 519 1.41 elad k->ks_secmodel = secmodel; 520 1.41 elad k->ks_key = key; 521 1.41 elad 522 1.41 elad *result = k; 523 1.41 elad 524 1.41 elad return (0); 525 1.41 elad } 526 1.41 elad 527 1.41 elad int 528 1.41 elad kauth_deregister_key(kauth_key_t key) 529 1.41 elad { 530 1.41 elad KASSERT(key != NULL); 531 1.41 elad 532 1.41 elad specificdata_key_delete(kauth_domain, key->ks_key); 533 1.41 elad kmem_free(key, sizeof(*key)); 534 1.41 elad 535 1.41 elad return (0); 536 1.41 elad } 537 1.41 elad 538 1.41 elad void * 539 1.41 elad kauth_cred_getdata(kauth_cred_t cred, kauth_key_t key) 540 1.41 elad { 541 1.41 elad KASSERT(cred != NULL); 542 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 543 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 544 1.41 elad KASSERT(key != NULL); 545 1.41 elad 546 1.41 elad return (specificdata_getspecific(kauth_domain, &cred->cr_sd, 547 1.41 elad key->ks_key)); 548 1.41 elad } 549 1.41 elad 550 1.41 elad void 551 1.41 elad kauth_cred_setdata(kauth_cred_t cred, kauth_key_t key, void *data) 552 1.41 elad { 553 1.41 elad KASSERT(cred != NULL); 554 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 555 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 556 1.41 elad KASSERT(key != NULL); 557 1.41 elad 558 1.41 elad specificdata_setspecific(kauth_domain, &cred->cr_sd, key->ks_key, data); 559 1.41 elad } 560 1.41 elad 561 1.2 elad /* 562 1.19 elad * Match uids in two credentials. 563 1.2 elad */ 564 1.19 elad int 565 1.2 elad kauth_cred_uidmatch(kauth_cred_t cred1, kauth_cred_t cred2) 566 1.2 elad { 567 1.2 elad KASSERT(cred1 != NULL); 568 1.71.2.3 jdolecek KASSERT(cred1 != NOCRED); 569 1.71.2.3 jdolecek KASSERT(cred1 != FSCRED); 570 1.2 elad KASSERT(cred2 != NULL); 571 1.71.2.3 jdolecek KASSERT(cred2 != NOCRED); 572 1.71.2.3 jdolecek KASSERT(cred2 != FSCRED); 573 1.2 elad 574 1.2 elad if (cred1->cr_uid == cred2->cr_uid || 575 1.2 elad cred1->cr_euid == cred2->cr_uid || 576 1.2 elad cred1->cr_uid == cred2->cr_euid || 577 1.2 elad cred1->cr_euid == cred2->cr_euid) 578 1.2 elad return (1); 579 1.2 elad 580 1.2 elad return (0); 581 1.2 elad } 582 1.2 elad 583 1.11 ad u_int 584 1.2 elad kauth_cred_getrefcnt(kauth_cred_t cred) 585 1.2 elad { 586 1.2 elad KASSERT(cred != NULL); 587 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 588 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 589 1.2 elad 590 1.2 elad return (cred->cr_refcnt); 591 1.2 elad } 592 1.2 elad 593 1.2 elad /* 594 1.2 elad * Convert userland credentials (struct uucred) to kauth_cred_t. 595 1.29 pooka * XXX: For NFS & puffs 596 1.2 elad */ 597 1.29 pooka void 598 1.29 pooka kauth_uucred_to_cred(kauth_cred_t cred, const struct uucred *uuc) 599 1.29 pooka { 600 1.2 elad KASSERT(cred != NULL); 601 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 602 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 603 1.2 elad KASSERT(uuc != NULL); 604 1.29 pooka 605 1.2 elad cred->cr_refcnt = 1; 606 1.2 elad cred->cr_uid = uuc->cr_uid; 607 1.2 elad cred->cr_euid = uuc->cr_uid; 608 1.2 elad cred->cr_svuid = uuc->cr_uid; 609 1.2 elad cred->cr_gid = uuc->cr_gid; 610 1.2 elad cred->cr_egid = uuc->cr_gid; 611 1.2 elad cred->cr_svgid = uuc->cr_gid; 612 1.2 elad cred->cr_ngroups = min(uuc->cr_ngroups, NGROUPS); 613 1.2 elad kauth_cred_setgroups(cred, __UNCONST(uuc->cr_groups), 614 1.49 dsl cred->cr_ngroups, -1, UIO_SYSSPACE); 615 1.2 elad } 616 1.2 elad 617 1.2 elad /* 618 1.29 pooka * Convert kauth_cred_t to userland credentials (struct uucred). 619 1.29 pooka * XXX: For NFS & puffs 620 1.29 pooka */ 621 1.29 pooka void 622 1.29 pooka kauth_cred_to_uucred(struct uucred *uuc, const kauth_cred_t cred) 623 1.29 pooka { 624 1.29 pooka KASSERT(cred != NULL); 625 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 626 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 627 1.29 pooka KASSERT(uuc != NULL); 628 1.29 pooka int ng; 629 1.29 pooka 630 1.29 pooka ng = min(cred->cr_ngroups, NGROUPS); 631 1.29 pooka uuc->cr_uid = cred->cr_euid; 632 1.29 pooka uuc->cr_gid = cred->cr_egid; 633 1.29 pooka uuc->cr_ngroups = ng; 634 1.49 dsl kauth_cred_getgroups(cred, uuc->cr_groups, ng, UIO_SYSSPACE); 635 1.29 pooka } 636 1.29 pooka 637 1.29 pooka /* 638 1.2 elad * Compare kauth_cred_t and uucred credentials. 639 1.2 elad * XXX: Modelled after crcmp() for NFS. 640 1.2 elad */ 641 1.2 elad int 642 1.2 elad kauth_cred_uucmp(kauth_cred_t cred, const struct uucred *uuc) 643 1.2 elad { 644 1.2 elad KASSERT(cred != NULL); 645 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 646 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 647 1.2 elad KASSERT(uuc != NULL); 648 1.2 elad 649 1.2 elad if (cred->cr_euid == uuc->cr_uid && 650 1.2 elad cred->cr_egid == uuc->cr_gid && 651 1.62 lukem cred->cr_ngroups == (uint32_t)uuc->cr_ngroups) { 652 1.2 elad int i; 653 1.2 elad 654 1.2 elad /* Check if all groups from uuc appear in cred. */ 655 1.2 elad for (i = 0; i < uuc->cr_ngroups; i++) { 656 1.2 elad int ismember; 657 1.2 elad 658 1.2 elad ismember = 0; 659 1.2 elad if (kauth_cred_ismember_gid(cred, uuc->cr_groups[i], 660 1.2 elad &ismember) != 0 || !ismember) 661 1.4 yamt return (1); 662 1.2 elad } 663 1.2 elad 664 1.4 yamt return (0); 665 1.2 elad } 666 1.2 elad 667 1.4 yamt return (1); 668 1.2 elad } 669 1.2 elad 670 1.2 elad /* 671 1.12 ad * Make a struct ucred out of a kauth_cred_t. For compatibility. 672 1.2 elad */ 673 1.2 elad void 674 1.45 dsl kauth_cred_toucred(kauth_cred_t cred, struct ki_ucred *uc) 675 1.2 elad { 676 1.2 elad KASSERT(cred != NULL); 677 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 678 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 679 1.2 elad KASSERT(uc != NULL); 680 1.2 elad 681 1.12 ad uc->cr_ref = cred->cr_refcnt; 682 1.2 elad uc->cr_uid = cred->cr_euid; 683 1.2 elad uc->cr_gid = cred->cr_egid; 684 1.61 matt uc->cr_ngroups = min(cred->cr_ngroups, __arraycount(uc->cr_groups)); 685 1.2 elad memcpy(uc->cr_groups, cred->cr_groups, 686 1.2 elad uc->cr_ngroups * sizeof(uc->cr_groups[0])); 687 1.2 elad } 688 1.2 elad 689 1.2 elad /* 690 1.12 ad * Make a struct pcred out of a kauth_cred_t. For compatibility. 691 1.2 elad */ 692 1.2 elad void 693 1.45 dsl kauth_cred_topcred(kauth_cred_t cred, struct ki_pcred *pc) 694 1.2 elad { 695 1.2 elad KASSERT(cred != NULL); 696 1.71.2.3 jdolecek KASSERT(cred != NOCRED); 697 1.71.2.3 jdolecek KASSERT(cred != FSCRED); 698 1.2 elad KASSERT(pc != NULL); 699 1.2 elad 700 1.45 dsl pc->p_pad = NULL; 701 1.2 elad pc->p_ruid = cred->cr_uid; 702 1.2 elad pc->p_svuid = cred->cr_svuid; 703 1.2 elad pc->p_rgid = cred->cr_gid; 704 1.2 elad pc->p_svgid = cred->cr_svgid; 705 1.2 elad pc->p_refcnt = cred->cr_refcnt; 706 1.2 elad } 707 1.2 elad 708 1.2 elad /* 709 1.14 ad * Return kauth_cred_t for the current LWP. 710 1.2 elad */ 711 1.2 elad kauth_cred_t 712 1.2 elad kauth_cred_get(void) 713 1.2 elad { 714 1.14 ad return (curlwp->l_cred); 715 1.2 elad } 716 1.2 elad 717 1.2 elad /* 718 1.2 elad * Returns a scope matching the provided id. 719 1.2 elad * Requires the scope list lock to be held by the caller. 720 1.2 elad */ 721 1.2 elad static kauth_scope_t 722 1.3 yamt kauth_ifindscope(const char *id) 723 1.3 yamt { 724 1.2 elad kauth_scope_t scope; 725 1.2 elad 726 1.44 ad KASSERT(rw_lock_held(&kauth_lock)); 727 1.2 elad 728 1.2 elad scope = NULL; 729 1.2 elad SIMPLEQ_FOREACH(scope, &scope_list, next_scope) { 730 1.2 elad if (strcmp(scope->id, id) == 0) 731 1.2 elad break; 732 1.2 elad } 733 1.2 elad 734 1.2 elad return (scope); 735 1.2 elad } 736 1.2 elad 737 1.2 elad /* 738 1.2 elad * Register a new scope. 739 1.2 elad * 740 1.2 elad * id - identifier for the scope 741 1.2 elad * callback - the scope's default listener 742 1.2 elad * cookie - cookie to be passed to the listener(s) 743 1.2 elad */ 744 1.2 elad kauth_scope_t 745 1.2 elad kauth_register_scope(const char *id, kauth_scope_callback_t callback, 746 1.16 christos void *cookie) 747 1.2 elad { 748 1.2 elad kauth_scope_t scope; 749 1.21 yamt kauth_listener_t listener = NULL; /* XXX gcc */ 750 1.2 elad 751 1.2 elad /* Sanitize input */ 752 1.16 christos if (id == NULL) 753 1.2 elad return (NULL); 754 1.2 elad 755 1.2 elad /* Allocate space for a new scope and listener. */ 756 1.34 ad scope = kmem_alloc(sizeof(*scope), KM_SLEEP); 757 1.71.2.3 jdolecek if (callback != NULL) 758 1.34 ad listener = kmem_alloc(sizeof(*listener), KM_SLEEP); 759 1.2 elad 760 1.34 ad /* 761 1.34 ad * Acquire scope list lock. 762 1.34 ad */ 763 1.44 ad rw_enter(&kauth_lock, RW_WRITER); 764 1.2 elad 765 1.2 elad /* Check we don't already have a scope with the same id */ 766 1.2 elad if (kauth_ifindscope(id) != NULL) { 767 1.44 ad rw_exit(&kauth_lock); 768 1.2 elad 769 1.34 ad kmem_free(scope, sizeof(*scope)); 770 1.34 ad if (callback != NULL) 771 1.34 ad kmem_free(listener, sizeof(*listener)); 772 1.2 elad 773 1.2 elad return (NULL); 774 1.2 elad } 775 1.2 elad 776 1.2 elad /* Initialize new scope with parameters */ 777 1.2 elad scope->id = id; 778 1.2 elad scope->cookie = cookie; 779 1.2 elad scope->nlisteners = 1; 780 1.2 elad 781 1.16 christos SIMPLEQ_INIT(&scope->listenq); 782 1.16 christos 783 1.2 elad /* Add default listener */ 784 1.16 christos if (callback != NULL) { 785 1.16 christos listener->func = callback; 786 1.16 christos listener->scope = scope; 787 1.16 christos listener->refcnt = 0; 788 1.16 christos SIMPLEQ_INSERT_HEAD(&scope->listenq, listener, listener_next); 789 1.16 christos } 790 1.2 elad 791 1.2 elad /* Insert scope to scopes list */ 792 1.16 christos SIMPLEQ_INSERT_TAIL(&scope_list, scope, next_scope); 793 1.2 elad 794 1.44 ad rw_exit(&kauth_lock); 795 1.2 elad 796 1.2 elad return (scope); 797 1.2 elad } 798 1.2 elad 799 1.2 elad /* 800 1.2 elad * Initialize the kernel authorization subsystem. 801 1.2 elad * 802 1.2 elad * Initialize the scopes list lock. 803 1.41 elad * Create specificdata domain. 804 1.41 elad * Register the credentials scope, used in kauth(9) internally. 805 1.41 elad * Register built-in scopes: generic, system, process, network, machdep, device. 806 1.2 elad */ 807 1.2 elad void 808 1.2 elad kauth_init(void) 809 1.2 elad { 810 1.44 ad rw_init(&kauth_lock); 811 1.2 elad 812 1.53 ad kauth_cred_cache = pool_cache_init(sizeof(struct kauth_cred), 813 1.58 ad coherency_unit, 0, 0, "kcredpl", NULL, IPL_NONE, 814 1.55 ad NULL, NULL, NULL); 815 1.53 ad 816 1.41 elad /* Create specificdata domain. */ 817 1.41 elad kauth_domain = specificdata_domain_create(); 818 1.41 elad 819 1.41 elad /* Register credentials scope. */ 820 1.41 elad kauth_builtin_scope_cred = 821 1.41 elad kauth_register_scope(KAUTH_SCOPE_CRED, NULL, NULL); 822 1.41 elad 823 1.2 elad /* Register generic scope. */ 824 1.2 elad kauth_builtin_scope_generic = kauth_register_scope(KAUTH_SCOPE_GENERIC, 825 1.19 elad NULL, NULL); 826 1.19 elad 827 1.19 elad /* Register system scope. */ 828 1.19 elad kauth_builtin_scope_system = kauth_register_scope(KAUTH_SCOPE_SYSTEM, 829 1.19 elad NULL, NULL); 830 1.2 elad 831 1.2 elad /* Register process scope. */ 832 1.2 elad kauth_builtin_scope_process = kauth_register_scope(KAUTH_SCOPE_PROCESS, 833 1.19 elad NULL, NULL); 834 1.19 elad 835 1.19 elad /* Register network scope. */ 836 1.19 elad kauth_builtin_scope_network = kauth_register_scope(KAUTH_SCOPE_NETWORK, 837 1.19 elad NULL, NULL); 838 1.19 elad 839 1.19 elad /* Register machdep scope. */ 840 1.19 elad kauth_builtin_scope_machdep = kauth_register_scope(KAUTH_SCOPE_MACHDEP, 841 1.19 elad NULL, NULL); 842 1.25 elad 843 1.25 elad /* Register device scope. */ 844 1.25 elad kauth_builtin_scope_device = kauth_register_scope(KAUTH_SCOPE_DEVICE, 845 1.25 elad NULL, NULL); 846 1.64 elad 847 1.64 elad /* Register vnode scope. */ 848 1.64 elad kauth_builtin_scope_vnode = kauth_register_scope(KAUTH_SCOPE_VNODE, 849 1.64 elad NULL, NULL); 850 1.2 elad } 851 1.2 elad 852 1.2 elad /* 853 1.2 elad * Deregister a scope. 854 1.2 elad * Requires scope list lock to be held by the caller. 855 1.2 elad * 856 1.2 elad * scope - the scope to deregister 857 1.2 elad */ 858 1.2 elad void 859 1.2 elad kauth_deregister_scope(kauth_scope_t scope) 860 1.2 elad { 861 1.2 elad if (scope != NULL) { 862 1.2 elad /* Remove scope from list */ 863 1.2 elad SIMPLEQ_REMOVE(&scope_list, scope, kauth_scope, next_scope); 864 1.36 elad kmem_free(scope, sizeof(*scope)); 865 1.2 elad } 866 1.2 elad } 867 1.2 elad 868 1.2 elad /* 869 1.2 elad * Register a listener. 870 1.2 elad * 871 1.2 elad * id - scope identifier. 872 1.2 elad * callback - the callback routine for the listener. 873 1.2 elad * cookie - cookie to pass unmoidfied to the callback. 874 1.2 elad */ 875 1.2 elad kauth_listener_t 876 1.2 elad kauth_listen_scope(const char *id, kauth_scope_callback_t callback, 877 1.30 yamt void *cookie) 878 1.2 elad { 879 1.2 elad kauth_scope_t scope; 880 1.2 elad kauth_listener_t listener; 881 1.2 elad 882 1.44 ad listener = kmem_alloc(sizeof(*listener), KM_SLEEP); 883 1.44 ad rw_enter(&kauth_lock, RW_WRITER); 884 1.44 ad 885 1.34 ad /* 886 1.34 ad * Find scope struct. 887 1.34 ad */ 888 1.2 elad scope = kauth_ifindscope(id); 889 1.44 ad if (scope == NULL) { 890 1.44 ad rw_exit(&kauth_lock); 891 1.44 ad kmem_free(listener, sizeof(*listener)); 892 1.2 elad return (NULL); 893 1.44 ad } 894 1.2 elad 895 1.2 elad /* Allocate listener */ 896 1.2 elad 897 1.2 elad /* Initialize listener with parameters */ 898 1.2 elad listener->func = callback; 899 1.2 elad listener->refcnt = 0; 900 1.2 elad 901 1.2 elad /* Add listener to scope */ 902 1.2 elad SIMPLEQ_INSERT_TAIL(&scope->listenq, listener, listener_next); 903 1.2 elad 904 1.2 elad /* Raise number of listeners on scope. */ 905 1.2 elad scope->nlisteners++; 906 1.2 elad listener->scope = scope; 907 1.2 elad 908 1.44 ad rw_exit(&kauth_lock); 909 1.44 ad 910 1.2 elad return (listener); 911 1.2 elad } 912 1.2 elad 913 1.2 elad /* 914 1.2 elad * Deregister a listener. 915 1.2 elad * 916 1.2 elad * listener - listener reference as returned from kauth_listen_scope(). 917 1.2 elad */ 918 1.2 elad void 919 1.2 elad kauth_unlisten_scope(kauth_listener_t listener) 920 1.2 elad { 921 1.44 ad 922 1.2 elad if (listener != NULL) { 923 1.44 ad rw_enter(&kauth_lock, RW_WRITER); 924 1.3 yamt SIMPLEQ_REMOVE(&listener->scope->listenq, listener, 925 1.3 yamt kauth_listener, listener_next); 926 1.2 elad listener->scope->nlisteners--; 927 1.44 ad rw_exit(&kauth_lock); 928 1.36 elad kmem_free(listener, sizeof(*listener)); 929 1.2 elad } 930 1.2 elad } 931 1.2 elad 932 1.2 elad /* 933 1.2 elad * Authorize a request. 934 1.2 elad * 935 1.2 elad * scope - the scope of the request as defined by KAUTH_SCOPE_* or as 936 1.2 elad * returned from kauth_register_scope(). 937 1.2 elad * credential - credentials of the user ("actor") making the request. 938 1.2 elad * action - request identifier. 939 1.2 elad * arg[0-3] - passed unmodified to listener(s). 940 1.64 elad * 941 1.64 elad * Returns the aggregated result: 942 1.64 elad * - KAUTH_RESULT_ALLOW if there is at least one KAUTH_RESULT_ALLOW and 943 1.64 elad * zero KAUTH_DESULT_DENY 944 1.64 elad * - KAUTH_RESULT_DENY if there is at least one KAUTH_RESULT_DENY 945 1.64 elad * - KAUTH_RESULT_DEFER if there is nothing but KAUTH_RESULT_DEFER 946 1.2 elad */ 947 1.64 elad static int 948 1.64 elad kauth_authorize_action_internal(kauth_scope_t scope, kauth_cred_t cred, 949 1.64 elad kauth_action_t action, void *arg0, void *arg1, void *arg2, void *arg3) 950 1.2 elad { 951 1.2 elad kauth_listener_t listener; 952 1.2 elad int error, allow, fail; 953 1.2 elad 954 1.26 elad KASSERT(cred != NULL); 955 1.26 elad KASSERT(action != 0); 956 1.2 elad 957 1.17 christos /* Short-circuit requests coming from the kernel. */ 958 1.17 christos if (cred == NOCRED || cred == FSCRED) 959 1.71.2.1 tls return KAUTH_RESULT_ALLOW; 960 1.17 christos 961 1.26 elad KASSERT(scope != NULL); 962 1.26 elad 963 1.2 elad fail = 0; 964 1.2 elad allow = 0; 965 1.39 elad 966 1.44 ad /* rw_enter(&kauth_lock, RW_READER); XXX not yet */ 967 1.2 elad SIMPLEQ_FOREACH(listener, &scope->listenq, listener_next) { 968 1.2 elad error = listener->func(cred, action, scope->cookie, arg0, 969 1.44 ad arg1, arg2, arg3); 970 1.2 elad 971 1.2 elad if (error == KAUTH_RESULT_ALLOW) 972 1.2 elad allow = 1; 973 1.2 elad else if (error == KAUTH_RESULT_DENY) 974 1.2 elad fail = 1; 975 1.2 elad } 976 1.44 ad /* rw_exit(&kauth_lock); */ 977 1.2 elad 978 1.39 elad if (fail) 979 1.64 elad return (KAUTH_RESULT_DENY); 980 1.64 elad 981 1.64 elad if (allow) 982 1.64 elad return (KAUTH_RESULT_ALLOW); 983 1.64 elad 984 1.64 elad return (KAUTH_RESULT_DEFER); 985 1.64 elad }; 986 1.64 elad 987 1.64 elad int 988 1.64 elad kauth_authorize_action(kauth_scope_t scope, kauth_cred_t cred, 989 1.64 elad kauth_action_t action, void *arg0, void *arg1, void *arg2, void *arg3) 990 1.64 elad { 991 1.64 elad int r; 992 1.64 elad 993 1.64 elad r = kauth_authorize_action_internal(scope, cred, action, arg0, arg1, 994 1.64 elad arg2, arg3); 995 1.64 elad 996 1.64 elad if (r == KAUTH_RESULT_DENY) 997 1.39 elad return (EPERM); 998 1.39 elad 999 1.64 elad if (r == KAUTH_RESULT_ALLOW) 1000 1.39 elad return (0); 1001 1.39 elad 1002 1.66 jym if (secmodel_nsecmodels() == 0) 1003 1.39 elad return (0); 1004 1.39 elad 1005 1.39 elad return (EPERM); 1006 1.64 elad } 1007 1.2 elad 1008 1.2 elad /* 1009 1.2 elad * Generic scope authorization wrapper. 1010 1.2 elad */ 1011 1.2 elad int 1012 1.2 elad kauth_authorize_generic(kauth_cred_t cred, kauth_action_t action, void *arg0) 1013 1.2 elad { 1014 1.2 elad return (kauth_authorize_action(kauth_builtin_scope_generic, cred, 1015 1.2 elad action, arg0, NULL, NULL, NULL)); 1016 1.2 elad } 1017 1.2 elad 1018 1.2 elad /* 1019 1.19 elad * System scope authorization wrapper. 1020 1.2 elad */ 1021 1.2 elad int 1022 1.19 elad kauth_authorize_system(kauth_cred_t cred, kauth_action_t action, 1023 1.19 elad enum kauth_system_req req, void *arg1, void *arg2, void *arg3) 1024 1.2 elad { 1025 1.19 elad return (kauth_authorize_action(kauth_builtin_scope_system, cred, 1026 1.19 elad action, (void *)req, arg1, arg2, arg3)); 1027 1.2 elad } 1028 1.2 elad 1029 1.2 elad /* 1030 1.2 elad * Process scope authorization wrapper. 1031 1.2 elad */ 1032 1.2 elad int 1033 1.2 elad kauth_authorize_process(kauth_cred_t cred, kauth_action_t action, 1034 1.2 elad struct proc *p, void *arg1, void *arg2, void *arg3) 1035 1.2 elad { 1036 1.2 elad return (kauth_authorize_action(kauth_builtin_scope_process, cred, 1037 1.2 elad action, p, arg1, arg2, arg3)); 1038 1.2 elad } 1039 1.19 elad 1040 1.19 elad /* 1041 1.19 elad * Network scope authorization wrapper. 1042 1.19 elad */ 1043 1.19 elad int 1044 1.19 elad kauth_authorize_network(kauth_cred_t cred, kauth_action_t action, 1045 1.23 elad enum kauth_network_req req, void *arg1, void *arg2, void *arg3) 1046 1.19 elad { 1047 1.19 elad return (kauth_authorize_action(kauth_builtin_scope_network, cred, 1048 1.23 elad action, (void *)req, arg1, arg2, arg3)); 1049 1.19 elad } 1050 1.19 elad 1051 1.19 elad int 1052 1.19 elad kauth_authorize_machdep(kauth_cred_t cred, kauth_action_t action, 1053 1.35 elad void *arg0, void *arg1, void *arg2, void *arg3) 1054 1.19 elad { 1055 1.19 elad return (kauth_authorize_action(kauth_builtin_scope_machdep, cred, 1056 1.35 elad action, arg0, arg1, arg2, arg3)); 1057 1.19 elad } 1058 1.25 elad 1059 1.25 elad int 1060 1.32 elad kauth_authorize_device(kauth_cred_t cred, kauth_action_t action, 1061 1.32 elad void *arg0, void *arg1, void *arg2, void *arg3) 1062 1.32 elad { 1063 1.32 elad return (kauth_authorize_action(kauth_builtin_scope_device, cred, 1064 1.32 elad action, arg0, arg1, arg2, arg3)); 1065 1.32 elad } 1066 1.32 elad 1067 1.32 elad int 1068 1.25 elad kauth_authorize_device_tty(kauth_cred_t cred, kauth_action_t action, 1069 1.25 elad struct tty *tty) 1070 1.25 elad { 1071 1.25 elad return (kauth_authorize_action(kauth_builtin_scope_device, cred, 1072 1.25 elad action, tty, NULL, NULL, NULL)); 1073 1.25 elad } 1074 1.31 elad 1075 1.31 elad int 1076 1.31 elad kauth_authorize_device_spec(kauth_cred_t cred, enum kauth_device_req req, 1077 1.31 elad struct vnode *vp) 1078 1.31 elad { 1079 1.31 elad return (kauth_authorize_action(kauth_builtin_scope_device, cred, 1080 1.31 elad KAUTH_DEVICE_RAWIO_SPEC, (void *)req, vp, NULL, NULL)); 1081 1.31 elad } 1082 1.31 elad 1083 1.31 elad int 1084 1.33 elad kauth_authorize_device_passthru(kauth_cred_t cred, dev_t dev, u_long bits, 1085 1.33 elad void *data) 1086 1.31 elad { 1087 1.31 elad return (kauth_authorize_action(kauth_builtin_scope_device, cred, 1088 1.33 elad KAUTH_DEVICE_RAWIO_PASSTHRU, (void *)bits, (void *)(u_long)dev, 1089 1.33 elad data, NULL)); 1090 1.31 elad } 1091 1.39 elad 1092 1.64 elad kauth_action_t 1093 1.64 elad kauth_mode_to_action(mode_t mode) 1094 1.64 elad { 1095 1.64 elad kauth_action_t action = 0; 1096 1.64 elad 1097 1.64 elad if (mode & VREAD) 1098 1.64 elad action |= KAUTH_VNODE_READ_DATA; 1099 1.64 elad if (mode & VWRITE) 1100 1.64 elad action |= KAUTH_VNODE_WRITE_DATA; 1101 1.64 elad if (mode & VEXEC) 1102 1.64 elad action |= KAUTH_VNODE_EXECUTE; 1103 1.64 elad 1104 1.64 elad return action; 1105 1.64 elad } 1106 1.64 elad 1107 1.68 elad kauth_action_t 1108 1.68 elad kauth_extattr_action(mode_t access_mode) 1109 1.68 elad { 1110 1.68 elad kauth_action_t action = 0; 1111 1.68 elad 1112 1.68 elad if (access_mode & VREAD) 1113 1.68 elad action |= KAUTH_VNODE_READ_EXTATTRIBUTES; 1114 1.68 elad if (access_mode & VWRITE) 1115 1.68 elad action |= KAUTH_VNODE_WRITE_EXTATTRIBUTES; 1116 1.68 elad 1117 1.68 elad return action; 1118 1.68 elad } 1119 1.68 elad 1120 1.64 elad int 1121 1.64 elad kauth_authorize_vnode(kauth_cred_t cred, kauth_action_t action, 1122 1.64 elad struct vnode *vp, struct vnode *dvp, int fs_decision) 1123 1.64 elad { 1124 1.64 elad int error; 1125 1.64 elad 1126 1.64 elad error = kauth_authorize_action_internal(kauth_builtin_scope_vnode, cred, 1127 1.64 elad action, vp, dvp, NULL, NULL); 1128 1.64 elad 1129 1.64 elad if (error == KAUTH_RESULT_DENY) 1130 1.64 elad return (EACCES); 1131 1.64 elad 1132 1.64 elad if (error == KAUTH_RESULT_ALLOW) 1133 1.64 elad return (0); 1134 1.64 elad 1135 1.64 elad /* 1136 1.64 elad * If the file-system does not support decision-before-action, we can 1137 1.64 elad * only short-circuit the operation (deny). If we're here, it means no 1138 1.64 elad * listener denied it, so our only alternative is to supposedly-allow 1139 1.64 elad * it and let the file-system have the last word. 1140 1.64 elad */ 1141 1.64 elad if (fs_decision == KAUTH_VNODE_REMOTEFS) 1142 1.64 elad return (0); 1143 1.64 elad 1144 1.64 elad return (fs_decision); 1145 1.64 elad } 1146 1.64 elad 1147 1.41 elad static int 1148 1.41 elad kauth_cred_hook(kauth_cred_t cred, kauth_action_t action, void *arg0, 1149 1.41 elad void *arg1) 1150 1.41 elad { 1151 1.41 elad int r; 1152 1.41 elad 1153 1.41 elad r = kauth_authorize_action(kauth_builtin_scope_cred, cred, action, 1154 1.41 elad arg0, arg1, NULL, NULL); 1155 1.41 elad 1156 1.42 elad #ifdef DIAGNOSTIC 1157 1.42 elad if (!SIMPLEQ_EMPTY(&kauth_builtin_scope_cred->listenq)) 1158 1.42 elad KASSERT(r == 0); 1159 1.42 elad #endif /* DIAGNOSTIC */ 1160 1.41 elad 1161 1.41 elad return (r); 1162 1.41 elad } 1163
Indexes created Sat Sep 20 22:09:52 GMT 2025