kern_prot.c revision 1.1.1.2
1 1.1.1.2 fvdl /* 2 1.1.1.2 fvdl * Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993 3 1.1.1.2 fvdl * The Regents of the University of California. All rights reserved. 4 1.1.1.2 fvdl * (c) UNIX System Laboratories, Inc. 5 1.1.1.2 fvdl * All or some portions of this file are derived from material licensed 6 1.1.1.2 fvdl * to the University of California by American Telephone and Telegraph 7 1.1.1.2 fvdl * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 1.1.1.2 fvdl * the permission of UNIX System Laboratories, Inc. 9 1.1.1.2 fvdl * 10 1.1.1.2 fvdl * Redistribution and use in source and binary forms, with or without 11 1.1.1.2 fvdl * modification, are permitted provided that the following conditions 12 1.1.1.2 fvdl * are met: 13 1.1.1.2 fvdl * 1. Redistributions of source code must retain the above copyright 14 1.1.1.2 fvdl * notice, this list of conditions and the following disclaimer. 15 1.1.1.2 fvdl * 2. Redistributions in binary form must reproduce the above copyright 16 1.1.1.2 fvdl * notice, this list of conditions and the following disclaimer in the 17 1.1.1.2 fvdl * documentation and/or other materials provided with the distribution. 18 1.1.1.2 fvdl * 3. All advertising materials mentioning features or use of this software 19 1.1.1.2 fvdl * must display the following acknowledgement: 20 1.1.1.2 fvdl * This product includes software developed by the University of 21 1.1.1.2 fvdl * California, Berkeley and its contributors. 22 1.1.1.2 fvdl * 4. Neither the name of the University nor the names of its contributors 23 1.1.1.2 fvdl * may be used to endorse or promote products derived from this software 24 1.1.1.2 fvdl * without specific prior written permission. 25 1.1.1.2 fvdl * 26 1.1.1.2 fvdl * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 1.1.1.2 fvdl * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 1.1.1.2 fvdl * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 1.1.1.2 fvdl * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 1.1.1.2 fvdl * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 1.1.1.2 fvdl * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 1.1.1.2 fvdl * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 1.1.1.2 fvdl * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 1.1.1.2 fvdl * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 1.1.1.2 fvdl * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 1.1.1.2 fvdl * SUCH DAMAGE. 37 1.1.1.2 fvdl * 38 1.1.1.2 fvdl * @(#)kern_prot.c 8.6 (Berkeley) 1/21/94 39 1.1.1.2 fvdl */ 40 1.1.1.2 fvdl 41 1.1.1.2 fvdl /* 42 1.1.1.2 fvdl * System calls related to processes and protection 43 1.1.1.2 fvdl */ 44 1.1.1.2 fvdl 45 1.1.1.2 fvdl #include <sys/param.h> 46 1.1.1.2 fvdl #include <sys/acct.h> 47 1.1.1.2 fvdl #include <sys/systm.h> 48 1.1.1.2 fvdl #include <sys/ucred.h> 49 1.1.1.2 fvdl #include <sys/proc.h> 50 1.1.1.2 fvdl #include <sys/timeb.h> 51 1.1.1.2 fvdl #include <sys/times.h> 52 1.1.1.2 fvdl #include <sys/malloc.h> 53 1.1.1.2 fvdl 54 1.1.1.2 fvdl struct args { 55 1.1.1.2 fvdl int dummy; 56 1.1.1.2 fvdl }; 57 1.1.1.2 fvdl 58 1.1.1.2 fvdl /* ARGSUSED */ 59 1.1.1.2 fvdl getpid(p, uap, retval) 60 1.1.1.2 fvdl struct proc *p; 61 1.1.1.2 fvdl struct args *uap; 62 1.1.1.2 fvdl int *retval; 63 1.1.1.2 fvdl { 64 1.1.1.2 fvdl 65 1.1.1.2 fvdl *retval = p->p_pid; 66 1.1.1.2 fvdl #if defined(COMPAT_43) || defined(COMPAT_SUNOS) 67 1.1.1.2 fvdl retval[1] = p->p_pptr->p_pid; 68 1.1.1.2 fvdl #endif 69 1.1.1.2 fvdl return (0); 70 1.1.1.2 fvdl } 71 1.1.1.2 fvdl 72 1.1.1.2 fvdl /* ARGSUSED */ 73 1.1.1.2 fvdl getppid(p, uap, retval) 74 1.1.1.2 fvdl struct proc *p; 75 1.1.1.2 fvdl struct args *uap; 76 1.1.1.2 fvdl int *retval; 77 1.1.1.2 fvdl { 78 1.1.1.2 fvdl 79 1.1.1.2 fvdl *retval = p->p_pptr->p_pid; 80 1.1.1.2 fvdl return (0); 81 1.1.1.2 fvdl } 82 1.1.1.2 fvdl 83 1.1.1.2 fvdl /* Get process group ID; note that POSIX getpgrp takes no parameter */ 84 1.1.1.2 fvdl getpgrp(p, uap, retval) 85 1.1.1.2 fvdl struct proc *p; 86 1.1.1.2 fvdl struct args *uap; 87 1.1.1.2 fvdl int *retval; 88 1.1.1.2 fvdl { 89 1.1.1.2 fvdl 90 1.1.1.2 fvdl *retval = p->p_pgrp->pg_id; 91 1.1.1.2 fvdl return (0); 92 1.1.1.2 fvdl } 93 1.1.1.2 fvdl 94 1.1.1.2 fvdl /* ARGSUSED */ 95 1.1.1.2 fvdl getuid(p, uap, retval) 96 1.1.1.2 fvdl struct proc *p; 97 1.1.1.2 fvdl struct args *uap; 98 1.1.1.2 fvdl int *retval; 99 1.1.1.2 fvdl { 100 1.1.1.2 fvdl 101 1.1.1.2 fvdl *retval = p->p_cred->p_ruid; 102 1.1.1.2 fvdl #if defined(COMPAT_43) || defined(COMPAT_SUNOS) 103 1.1.1.2 fvdl retval[1] = p->p_ucred->cr_uid; 104 1.1.1.2 fvdl #endif 105 1.1.1.2 fvdl return (0); 106 1.1.1.2 fvdl } 107 1.1.1.2 fvdl 108 1.1.1.2 fvdl /* ARGSUSED */ 109 1.1.1.2 fvdl geteuid(p, uap, retval) 110 1.1.1.2 fvdl struct proc *p; 111 1.1.1.2 fvdl struct args *uap; 112 1.1.1.2 fvdl int *retval; 113 1.1.1.2 fvdl { 114 1.1.1.2 fvdl 115 1.1.1.2 fvdl *retval = p->p_ucred->cr_uid; 116 1.1.1.2 fvdl return (0); 117 1.1.1.2 fvdl } 118 1.1.1.2 fvdl 119 1.1.1.2 fvdl /* ARGSUSED */ 120 1.1.1.2 fvdl getgid(p, uap, retval) 121 1.1.1.2 fvdl struct proc *p; 122 1.1.1.2 fvdl struct args *uap; 123 1.1.1.2 fvdl int *retval; 124 1.1.1.2 fvdl { 125 1.1.1.2 fvdl 126 1.1.1.2 fvdl *retval = p->p_cred->p_rgid; 127 1.1.1.2 fvdl #if defined(COMPAT_43) || defined(COMPAT_SUNOS) 128 1.1.1.2 fvdl retval[1] = p->p_ucred->cr_groups[0]; 129 1.1.1.2 fvdl #endif 130 1.1.1.2 fvdl return (0); 131 1.1.1.2 fvdl } 132 1.1.1.2 fvdl 133 1.1.1.2 fvdl /* 134 1.1.1.2 fvdl * Get effective group ID. The "egid" is groups[0], and could be obtained 135 1.1.1.2 fvdl * via getgroups. This syscall exists because it is somewhat painful to do 136 1.1.1.2 fvdl * correctly in a library function. 137 1.1.1.2 fvdl */ 138 1.1.1.2 fvdl /* ARGSUSED */ 139 1.1.1.2 fvdl getegid(p, uap, retval) 140 1.1.1.2 fvdl struct proc *p; 141 1.1.1.2 fvdl struct args *uap; 142 1.1.1.2 fvdl int *retval; 143 1.1.1.2 fvdl { 144 1.1.1.2 fvdl 145 1.1.1.2 fvdl *retval = p->p_ucred->cr_groups[0]; 146 1.1.1.2 fvdl return (0); 147 1.1.1.2 fvdl } 148 1.1.1.2 fvdl 149 1.1.1.2 fvdl struct getgroups_args { 150 1.1.1.2 fvdl u_int gidsetsize; 151 1.1.1.2 fvdl gid_t *gidset; 152 1.1.1.2 fvdl }; 153 1.1.1.2 fvdl getgroups(p, uap, retval) 154 1.1.1.2 fvdl struct proc *p; 155 1.1.1.2 fvdl register struct getgroups_args *uap; 156 1.1.1.2 fvdl int *retval; 157 1.1.1.2 fvdl { 158 1.1.1.2 fvdl register struct pcred *pc = p->p_cred; 159 1.1.1.2 fvdl register u_int ngrp; 160 1.1.1.2 fvdl int error; 161 1.1.1.2 fvdl 162 1.1.1.2 fvdl if ((ngrp = uap->gidsetsize) == 0) { 163 1.1.1.2 fvdl *retval = pc->pc_ucred->cr_ngroups; 164 1.1.1.2 fvdl return (0); 165 1.1.1.2 fvdl } 166 1.1.1.2 fvdl if (ngrp < pc->pc_ucred->cr_ngroups) 167 1.1.1.2 fvdl return (EINVAL); 168 1.1.1.2 fvdl ngrp = pc->pc_ucred->cr_ngroups; 169 1.1.1.2 fvdl if (error = copyout((caddr_t)pc->pc_ucred->cr_groups, 170 1.1.1.2 fvdl (caddr_t)uap->gidset, ngrp * sizeof(gid_t))) 171 1.1.1.2 fvdl return (error); 172 1.1.1.2 fvdl *retval = ngrp; 173 1.1.1.2 fvdl return (0); 174 1.1.1.2 fvdl } 175 1.1.1.2 fvdl 176 1.1.1.2 fvdl /* ARGSUSED */ 177 1.1.1.2 fvdl setsid(p, uap, retval) 178 1.1.1.2 fvdl register struct proc *p; 179 1.1.1.2 fvdl struct args *uap; 180 1.1.1.2 fvdl int *retval; 181 1.1.1.2 fvdl { 182 1.1.1.2 fvdl 183 1.1.1.2 fvdl if (p->p_pgid == p->p_pid || pgfind(p->p_pid)) { 184 1.1.1.2 fvdl return (EPERM); 185 1.1.1.2 fvdl } else { 186 1.1.1.2 fvdl (void)enterpgrp(p, p->p_pid, 1); 187 1.1.1.2 fvdl *retval = p->p_pid; 188 1.1.1.2 fvdl return (0); 189 1.1.1.2 fvdl } 190 1.1.1.2 fvdl } 191 1.1.1.2 fvdl 192 1.1.1.2 fvdl /* 193 1.1.1.2 fvdl * set process group (setpgid/old setpgrp) 194 1.1.1.2 fvdl * 195 1.1.1.2 fvdl * caller does setpgid(targpid, targpgid) 196 1.1.1.2 fvdl * 197 1.1.1.2 fvdl * pid must be caller or child of caller (ESRCH) 198 1.1.1.2 fvdl * if a child 199 1.1.1.2 fvdl * pid must be in same session (EPERM) 200 1.1.1.2 fvdl * pid can't have done an exec (EACCES) 201 1.1.1.2 fvdl * if pgid != pid 202 1.1.1.2 fvdl * there must exist some pid in same session having pgid (EPERM) 203 1.1.1.2 fvdl * pid must not be session leader (EPERM) 204 1.1.1.2 fvdl */ 205 1.1.1.2 fvdl struct setpgid_args { 206 1.1.1.2 fvdl int pid; /* target process id */ 207 1.1.1.2 fvdl int pgid; /* target pgrp id */ 208 1.1.1.2 fvdl }; 209 1.1.1.2 fvdl /* ARGSUSED */ 210 1.1.1.2 fvdl setpgid(curp, uap, retval) 211 1.1.1.2 fvdl struct proc *curp; 212 1.1.1.2 fvdl register struct setpgid_args *uap; 213 1.1.1.2 fvdl int *retval; 214 1.1.1.2 fvdl { 215 1.1.1.2 fvdl register struct proc *targp; /* target process */ 216 1.1.1.2 fvdl register struct pgrp *pgrp; /* target pgrp */ 217 1.1.1.2 fvdl 218 1.1.1.2 fvdl if (uap->pid != 0 && uap->pid != curp->p_pid) { 219 1.1.1.2 fvdl if ((targp = pfind(uap->pid)) == 0 || !inferior(targp)) 220 1.1.1.2 fvdl return (ESRCH); 221 1.1.1.2 fvdl if (targp->p_session != curp->p_session) 222 1.1.1.2 fvdl return (EPERM); 223 1.1.1.2 fvdl if (targp->p_flag & P_EXEC) 224 1.1.1.2 fvdl return (EACCES); 225 1.1.1.2 fvdl } else 226 1.1.1.2 fvdl targp = curp; 227 1.1.1.2 fvdl if (SESS_LEADER(targp)) 228 1.1.1.2 fvdl return (EPERM); 229 1.1.1.2 fvdl if (uap->pgid == 0) 230 1.1.1.2 fvdl uap->pgid = targp->p_pid; 231 1.1.1.2 fvdl else if (uap->pgid != targp->p_pid) 232 1.1.1.2 fvdl if ((pgrp = pgfind(uap->pgid)) == 0 || 233 1.1.1.2 fvdl pgrp->pg_session != curp->p_session) 234 1.1.1.2 fvdl return (EPERM); 235 1.1.1.2 fvdl return (enterpgrp(targp, uap->pgid, 0)); 236 1.1.1.2 fvdl } 237 1.1.1.2 fvdl 238 1.1.1.2 fvdl struct setuid_args { 239 1.1.1.2 fvdl uid_t uid; 240 1.1.1.2 fvdl }; 241 1.1.1.2 fvdl /* ARGSUSED */ 242 1.1.1.2 fvdl setuid(p, uap, retval) 243 1.1.1.2 fvdl struct proc *p; 244 1.1.1.2 fvdl struct setuid_args *uap; 245 1.1.1.2 fvdl int *retval; 246 1.1.1.2 fvdl { 247 1.1.1.2 fvdl register struct pcred *pc = p->p_cred; 248 1.1.1.2 fvdl register uid_t uid; 249 1.1.1.2 fvdl int error; 250 1.1.1.2 fvdl 251 1.1.1.2 fvdl uid = uap->uid; 252 1.1.1.2 fvdl if (uid != pc->p_ruid && 253 1.1.1.2 fvdl (error = suser(pc->pc_ucred, &p->p_acflag))) 254 1.1.1.2 fvdl return (error); 255 1.1.1.2 fvdl /* 256 1.1.1.2 fvdl * Everything's okay, do it. 257 1.1.1.2 fvdl * Transfer proc count to new user. 258 1.1.1.2 fvdl * Copy credentials so other references do not see our changes. 259 1.1.1.2 fvdl */ 260 1.1.1.2 fvdl (void)chgproccnt(pc->p_ruid, -1); 261 1.1.1.2 fvdl (void)chgproccnt(uid, 1); 262 1.1.1.2 fvdl pc->pc_ucred = crcopy(pc->pc_ucred); 263 1.1.1.2 fvdl pc->pc_ucred->cr_uid = uid; 264 1.1.1.2 fvdl pc->p_ruid = uid; 265 1.1.1.2 fvdl pc->p_svuid = uid; 266 1.1.1.2 fvdl p->p_flag |= P_SUGID; 267 1.1.1.2 fvdl return (0); 268 1.1.1.2 fvdl } 269 1.1.1.2 fvdl 270 1.1.1.2 fvdl struct seteuid_args { 271 1.1.1.2 fvdl uid_t euid; 272 1.1.1.2 fvdl }; 273 1.1.1.2 fvdl /* ARGSUSED */ 274 1.1.1.2 fvdl seteuid(p, uap, retval) 275 1.1.1.2 fvdl struct proc *p; 276 1.1.1.2 fvdl struct seteuid_args *uap; 277 1.1.1.2 fvdl int *retval; 278 1.1.1.2 fvdl { 279 1.1.1.2 fvdl register struct pcred *pc = p->p_cred; 280 1.1.1.2 fvdl register uid_t euid; 281 1.1.1.2 fvdl int error; 282 1.1.1.2 fvdl 283 1.1.1.2 fvdl euid = uap->euid; 284 1.1.1.2 fvdl if (euid != pc->p_ruid && euid != pc->p_svuid && 285 1.1.1.2 fvdl (error = suser(pc->pc_ucred, &p->p_acflag))) 286 1.1.1.2 fvdl return (error); 287 1.1.1.2 fvdl /* 288 1.1.1.2 fvdl * Everything's okay, do it. Copy credentials so other references do 289 1.1.1.2 fvdl * not see our changes. 290 1.1.1.2 fvdl */ 291 1.1.1.2 fvdl pc->pc_ucred = crcopy(pc->pc_ucred); 292 1.1.1.2 fvdl pc->pc_ucred->cr_uid = euid; 293 1.1.1.2 fvdl p->p_flag |= P_SUGID; 294 1.1.1.2 fvdl return (0); 295 1.1.1.2 fvdl } 296 1.1.1.2 fvdl 297 1.1.1.2 fvdl struct setgid_args { 298 1.1.1.2 fvdl gid_t gid; 299 1.1.1.2 fvdl }; 300 1.1.1.2 fvdl /* ARGSUSED */ 301 1.1.1.2 fvdl setgid(p, uap, retval) 302 1.1.1.2 fvdl struct proc *p; 303 1.1.1.2 fvdl struct setgid_args *uap; 304 1.1.1.2 fvdl int *retval; 305 1.1.1.2 fvdl { 306 1.1.1.2 fvdl register struct pcred *pc = p->p_cred; 307 1.1.1.2 fvdl register gid_t gid; 308 1.1.1.2 fvdl int error; 309 1.1.1.2 fvdl 310 1.1.1.2 fvdl gid = uap->gid; 311 1.1.1.2 fvdl if (gid != pc->p_rgid && (error = suser(pc->pc_ucred, &p->p_acflag))) 312 1.1.1.2 fvdl return (error); 313 1.1.1.2 fvdl pc->pc_ucred = crcopy(pc->pc_ucred); 314 1.1.1.2 fvdl pc->pc_ucred->cr_groups[0] = gid; 315 1.1.1.2 fvdl pc->p_rgid = gid; 316 1.1.1.2 fvdl pc->p_svgid = gid; /* ??? */ 317 1.1.1.2 fvdl p->p_flag |= P_SUGID; 318 1.1.1.2 fvdl return (0); 319 1.1.1.2 fvdl } 320 1.1.1.2 fvdl 321 1.1.1.2 fvdl struct setegid_args { 322 1.1.1.2 fvdl gid_t egid; 323 1.1.1.2 fvdl }; 324 1.1.1.2 fvdl /* ARGSUSED */ 325 1.1.1.2 fvdl setegid(p, uap, retval) 326 1.1.1.2 fvdl struct proc *p; 327 1.1.1.2 fvdl struct setegid_args *uap; 328 1.1.1.2 fvdl int *retval; 329 1.1.1.2 fvdl { 330 1.1.1.2 fvdl register struct pcred *pc = p->p_cred; 331 1.1.1.2 fvdl register gid_t egid; 332 1.1.1.2 fvdl int error; 333 1.1.1.2 fvdl 334 1.1.1.2 fvdl egid = uap->egid; 335 1.1.1.2 fvdl if (egid != pc->p_rgid && egid != pc->p_svgid && 336 1.1.1.2 fvdl (error = suser(pc->pc_ucred, &p->p_acflag))) 337 1.1.1.2 fvdl return (error); 338 1.1.1.2 fvdl pc->pc_ucred = crcopy(pc->pc_ucred); 339 1.1.1.2 fvdl pc->pc_ucred->cr_groups[0] = egid; 340 1.1.1.2 fvdl p->p_flag |= P_SUGID; 341 1.1.1.2 fvdl return (0); 342 1.1.1.2 fvdl } 343 1.1.1.2 fvdl 344 1.1.1.2 fvdl struct setgroups_args { 345 1.1.1.2 fvdl u_int gidsetsize; 346 1.1.1.2 fvdl gid_t *gidset; 347 1.1.1.2 fvdl }; 348 1.1.1.2 fvdl /* ARGSUSED */ 349 1.1.1.2 fvdl setgroups(p, uap, retval) 350 1.1.1.2 fvdl struct proc *p; 351 1.1.1.2 fvdl struct setgroups_args *uap; 352 1.1.1.2 fvdl int *retval; 353 1.1.1.2 fvdl { 354 1.1.1.2 fvdl register struct pcred *pc = p->p_cred; 355 1.1.1.2 fvdl register u_int ngrp; 356 1.1.1.2 fvdl int error; 357 1.1.1.2 fvdl 358 1.1.1.2 fvdl if (error = suser(pc->pc_ucred, &p->p_acflag)) 359 1.1.1.2 fvdl return (error); 360 1.1.1.2 fvdl if ((ngrp = uap->gidsetsize) > NGROUPS) 361 1.1.1.2 fvdl return (EINVAL); 362 1.1.1.2 fvdl pc->pc_ucred = crcopy(pc->pc_ucred); 363 1.1.1.2 fvdl if (error = copyin((caddr_t)uap->gidset, 364 1.1.1.2 fvdl (caddr_t)pc->pc_ucred->cr_groups, ngrp * sizeof(gid_t))) 365 1.1.1.2 fvdl return (error); 366 1.1.1.2 fvdl pc->pc_ucred->cr_ngroups = ngrp; 367 1.1.1.2 fvdl p->p_flag |= P_SUGID; 368 1.1.1.2 fvdl return (0); 369 1.1.1.2 fvdl } 370 1.1.1.2 fvdl 371 1.1.1.2 fvdl #if defined(COMPAT_43) || defined(COMPAT_SUNOS) 372 1.1.1.2 fvdl struct setreuid_args { 373 1.1.1.2 fvdl int ruid; 374 1.1.1.2 fvdl int euid; 375 1.1.1.2 fvdl }; 376 1.1.1.2 fvdl /* ARGSUSED */ 377 1.1.1.2 fvdl osetreuid(p, uap, retval) 378 1.1.1.2 fvdl register struct proc *p; 379 1.1.1.2 fvdl struct setreuid_args *uap; 380 1.1.1.2 fvdl int *retval; 381 1.1.1.2 fvdl { 382 1.1.1.2 fvdl register struct pcred *pc = p->p_cred; 383 1.1.1.2 fvdl struct seteuid_args args; 384 1.1.1.2 fvdl 385 1.1.1.2 fvdl /* 386 1.1.1.2 fvdl * we assume that the intent of setting ruid is to be able to get 387 1.1.1.2 fvdl * back ruid priviledge. So we make sure that we will be able to 388 1.1.1.2 fvdl * do so, but do not actually set the ruid. 389 1.1.1.2 fvdl */ 390 1.1.1.2 fvdl if (uap->ruid != (uid_t)-1 && uap->ruid != pc->p_ruid && 391 1.1.1.2 fvdl uap->ruid != pc->p_svuid) 392 1.1.1.2 fvdl return (EPERM); 393 1.1.1.2 fvdl if (uap->euid == (uid_t)-1) 394 1.1.1.2 fvdl return (0); 395 1.1.1.2 fvdl args.euid = uap->euid; 396 1.1.1.2 fvdl return (seteuid(p, &args, retval)); 397 1.1.1.2 fvdl } 398 1.1.1.2 fvdl 399 1.1.1.2 fvdl struct setregid_args { 400 1.1.1.2 fvdl int rgid; 401 1.1.1.2 fvdl int egid; 402 1.1.1.2 fvdl }; 403 1.1.1.2 fvdl /* ARGSUSED */ 404 1.1.1.2 fvdl osetregid(p, uap, retval) 405 1.1.1.2 fvdl register struct proc *p; 406 1.1.1.2 fvdl struct setregid_args *uap; 407 1.1.1.2 fvdl int *retval; 408 1.1.1.2 fvdl { 409 1.1.1.2 fvdl register struct pcred *pc = p->p_cred; 410 1.1.1.2 fvdl struct setegid_args args; 411 1.1.1.2 fvdl 412 1.1.1.2 fvdl /* 413 1.1.1.2 fvdl * we assume that the intent of setting rgid is to be able to get 414 1.1.1.2 fvdl * back rgid priviledge. So we make sure that we will be able to 415 1.1.1.2 fvdl * do so, but do not actually set the rgid. 416 1.1.1.2 fvdl */ 417 1.1.1.2 fvdl if (uap->rgid != (gid_t)-1 && uap->rgid != pc->p_rgid && 418 1.1.1.2 fvdl uap->rgid != pc->p_svgid) 419 1.1.1.2 fvdl return (EPERM); 420 1.1.1.2 fvdl if (uap->egid == (gid_t)-1) 421 1.1.1.2 fvdl return (0); 422 1.1.1.2 fvdl args.egid = uap->egid; 423 1.1.1.2 fvdl return (setegid(p, &args, retval)); 424 1.1.1.2 fvdl } 425 1.1.1.2 fvdl #endif /* defined(COMPAT_43) || defined(COMPAT_SUNOS) */ 426 1.1.1.2 fvdl 427 1.1.1.2 fvdl /* 428 1.1.1.2 fvdl * Check if gid is a member of the group set. 429 1.1.1.2 fvdl */ 430 1.1.1.2 fvdl groupmember(gid, cred) 431 1.1.1.2 fvdl gid_t gid; 432 1.1.1.2 fvdl register struct ucred *cred; 433 1.1.1.2 fvdl { 434 1.1.1.2 fvdl register gid_t *gp; 435 1.1.1.2 fvdl gid_t *egp; 436 1.1.1.2 fvdl 437 1.1.1.2 fvdl egp = &(cred->cr_groups[cred->cr_ngroups]); 438 1.1.1.2 fvdl for (gp = cred->cr_groups; gp < egp; gp++) 439 1.1.1.2 fvdl if (*gp == gid) 440 1.1.1.2 fvdl return (1); 441 1.1.1.2 fvdl return (0); 442 1.1.1.2 fvdl } 443 1.1.1.2 fvdl 444 1.1.1.2 fvdl /* 445 1.1.1.2 fvdl * Test whether the specified credentials imply "super-user" 446 1.1.1.2 fvdl * privilege; if so, and we have accounting info, set the flag 447 1.1.1.2 fvdl * indicating use of super-powers. 448 1.1.1.2 fvdl * Returns 0 or error. 449 1.1.1.2 fvdl */ 450 1.1.1.2 fvdl suser(cred, acflag) 451 1.1.1.2 fvdl struct ucred *cred; 452 1.1.1.2 fvdl short *acflag; 453 1.1.1.2 fvdl { 454 1.1.1.2 fvdl if (cred->cr_uid == 0) { 455 1.1.1.2 fvdl if (acflag) 456 1.1.1.2 fvdl *acflag |= ASU; 457 1.1.1.2 fvdl return (0); 458 1.1.1.2 fvdl } 459 1.1.1.2 fvdl return (EPERM); 460 1.1.1.2 fvdl } 461 1.1.1.2 fvdl 462 1.1.1.2 fvdl /* 463 1.1.1.2 fvdl * Allocate a zeroed cred structure. 464 1.1.1.2 fvdl */ 465 1.1.1.2 fvdl struct ucred * 466 1.1.1.2 fvdl crget() 467 1.1.1.2 fvdl { 468 1.1.1.2 fvdl register struct ucred *cr; 469 1.1.1.2 fvdl 470 1.1.1.2 fvdl MALLOC(cr, struct ucred *, sizeof(*cr), M_CRED, M_WAITOK); 471 1.1.1.2 fvdl bzero((caddr_t)cr, sizeof(*cr)); 472 1.1.1.2 fvdl cr->cr_ref = 1; 473 1.1.1.2 fvdl return (cr); 474 1.1.1.2 fvdl } 475 1.1.1.2 fvdl 476 1.1.1.2 fvdl /* 477 1.1.1.2 fvdl * Free a cred structure. 478 1.1.1.2 fvdl * Throws away space when ref count gets to 0. 479 1.1.1.2 fvdl */ 480 1.1.1.2 fvdl crfree(cr) 481 1.1.1.2 fvdl struct ucred *cr; 482 1.1.1.2 fvdl { 483 1.1.1.2 fvdl int s; 484 1.1.1.2 fvdl 485 1.1.1.2 fvdl s = splimp(); /* ??? */ 486 1.1.1.2 fvdl if (--cr->cr_ref == 0) 487 1.1.1.2 fvdl FREE((caddr_t)cr, M_CRED); 488 1.1.1.2 fvdl (void) splx(s); 489 1.1.1.2 fvdl } 490 1.1.1.2 fvdl 491 1.1.1.2 fvdl /* 492 1.1.1.2 fvdl * Copy cred structure to a new one and free the old one. 493 1.1.1.2 fvdl */ 494 1.1.1.2 fvdl struct ucred * 495 1.1.1.2 fvdl crcopy(cr) 496 1.1.1.2 fvdl struct ucred *cr; 497 1.1.1.2 fvdl { 498 1.1.1.2 fvdl struct ucred *newcr; 499 1.1.1.2 fvdl 500 1.1.1.2 fvdl if (cr->cr_ref == 1) 501 1.1.1.2 fvdl return (cr); 502 1.1.1.2 fvdl newcr = crget(); 503 1.1.1.2 fvdl *newcr = *cr; 504 1.1.1.2 fvdl crfree(cr); 505 1.1.1.2 fvdl newcr->cr_ref = 1; 506 1.1.1.2 fvdl return (newcr); 507 1.1.1.2 fvdl } 508 1.1.1.2 fvdl 509 1.1.1.2 fvdl /* 510 1.1.1.2 fvdl * Dup cred struct to a new held one. 511 1.1.1.2 fvdl */ 512 1.1.1.2 fvdl struct ucred * 513 1.1.1.2 fvdl crdup(cr) 514 1.1.1.2 fvdl struct ucred *cr; 515 1.1.1.2 fvdl { 516 1.1.1.2 fvdl struct ucred *newcr; 517 1.1.1.2 fvdl 518 1.1.1.2 fvdl newcr = crget(); 519 1.1.1.2 fvdl *newcr = *cr; 520 1.1.1.2 fvdl newcr->cr_ref = 1; 521 1.1.1.2 fvdl return (newcr); 522 1.1.1.2 fvdl } 523 1.1.1.2 fvdl 524 1.1.1.2 fvdl /* 525 1.1.1.2 fvdl * Get login name, if available. 526 1.1.1.2 fvdl */ 527 1.1.1.2 fvdl struct getlogin_args { 528 1.1.1.2 fvdl char *namebuf; 529 1.1.1.2 fvdl u_int namelen; 530 1.1.1.2 fvdl }; 531 1.1.1.2 fvdl /* ARGSUSED */ 532 1.1.1.2 fvdl getlogin(p, uap, retval) 533 1.1.1.2 fvdl struct proc *p; 534 1.1.1.2 fvdl struct getlogin_args *uap; 535 1.1.1.2 fvdl int *retval; 536 1.1.1.2 fvdl { 537 1.1.1.2 fvdl 538 1.1.1.2 fvdl if (uap->namelen > sizeof (p->p_pgrp->pg_session->s_login)) 539 1.1.1.2 fvdl uap->namelen = sizeof (p->p_pgrp->pg_session->s_login); 540 1.1.1.2 fvdl return (copyout((caddr_t) p->p_pgrp->pg_session->s_login, 541 1.1.1.2 fvdl (caddr_t) uap->namebuf, uap->namelen)); 542 1.1.1.2 fvdl } 543 1.1.1.2 fvdl 544 1.1.1.2 fvdl /* 545 1.1.1.2 fvdl * Set login name. 546 1.1.1.2 fvdl */ 547 1.1.1.2 fvdl struct setlogin_args { 548 1.1.1.2 fvdl char *namebuf; 549 1.1.1.2 fvdl }; 550 1.1.1.2 fvdl /* ARGSUSED */ 551 1.1.1.2 fvdl setlogin(p, uap, retval) 552 1.1.1.2 fvdl struct proc *p; 553 1.1.1.2 fvdl struct setlogin_args *uap; 554 1.1.1.2 fvdl int *retval; 555 1.1.1.2 fvdl { 556 1.1.1.2 fvdl int error; 557 1.1.1.2 fvdl 558 1.1.1.2 fvdl if (error = suser(p->p_ucred, &p->p_acflag)) 559 1.1.1.2 fvdl return (error); 560 1.1.1.2 fvdl error = copyinstr((caddr_t) uap->namebuf, 561 1.1.1.2 fvdl (caddr_t) p->p_pgrp->pg_session->s_login, 562 1.1.1.2 fvdl sizeof (p->p_pgrp->pg_session->s_login) - 1, (u_int *)0); 563 1.1.1.2 fvdl if (error == ENAMETOOLONG) 564 1.1.1.2 fvdl error = EINVAL; 565 1.1.1.2 fvdl return (error); 566 1.1.1.2 fvdl } 567
Indexes created Sat Sep 27 22:09:54 GMT 2025