kern_prot.c revision 1.17
1 1.17 deraadt /* $NetBSD: kern_prot.c,v 1.17 1994/08/25 07:13:55 deraadt Exp $ */ 2 1.16 cgd 3 1.14 cgd /* 4 1.15 cgd * Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993 5 1.15 cgd * The Regents of the University of California. All rights reserved. 6 1.14 cgd * (c) UNIX System Laboratories, Inc. 7 1.14 cgd * All or some portions of this file are derived from material licensed 8 1.14 cgd * to the University of California by American Telephone and Telegraph 9 1.14 cgd * Co. or Unix System Laboratories, Inc. and are reproduced herein with 10 1.14 cgd * the permission of UNIX System Laboratories, Inc. 11 1.14 cgd * 12 1.14 cgd * Redistribution and use in source and binary forms, with or without 13 1.14 cgd * modification, are permitted provided that the following conditions 14 1.14 cgd * are met: 15 1.14 cgd * 1. Redistributions of source code must retain the above copyright 16 1.14 cgd * notice, this list of conditions and the following disclaimer. 17 1.14 cgd * 2. Redistributions in binary form must reproduce the above copyright 18 1.14 cgd * notice, this list of conditions and the following disclaimer in the 19 1.14 cgd * documentation and/or other materials provided with the distribution. 20 1.14 cgd * 3. All advertising materials mentioning features or use of this software 21 1.14 cgd * must display the following acknowledgement: 22 1.14 cgd * This product includes software developed by the University of 23 1.14 cgd * California, Berkeley and its contributors. 24 1.14 cgd * 4. Neither the name of the University nor the names of its contributors 25 1.14 cgd * may be used to endorse or promote products derived from this software 26 1.14 cgd * without specific prior written permission. 27 1.14 cgd * 28 1.14 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 29 1.14 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 30 1.14 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 1.14 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 32 1.14 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 1.14 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 1.14 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 1.14 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 1.14 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 1.14 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 1.14 cgd * SUCH DAMAGE. 39 1.14 cgd * 40 1.16 cgd * @(#)kern_prot.c 8.6 (Berkeley) 1/21/94 41 1.14 cgd */ 42 1.14 cgd 43 1.14 cgd /* 44 1.14 cgd * System calls related to processes and protection 45 1.14 cgd */ 46 1.14 cgd 47 1.14 cgd #include <sys/param.h> 48 1.14 cgd #include <sys/acct.h> 49 1.14 cgd #include <sys/systm.h> 50 1.14 cgd #include <sys/ucred.h> 51 1.14 cgd #include <sys/proc.h> 52 1.14 cgd #include <sys/timeb.h> 53 1.14 cgd #include <sys/times.h> 54 1.14 cgd #include <sys/malloc.h> 55 1.14 cgd 56 1.14 cgd /* ARGSUSED */ 57 1.14 cgd getpid(p, uap, retval) 58 1.14 cgd struct proc *p; 59 1.14 cgd void *uap; 60 1.14 cgd int *retval; 61 1.14 cgd { 62 1.14 cgd 63 1.14 cgd *retval = p->p_pid; 64 1.14 cgd #if defined(COMPAT_43) || defined(COMPAT_SUNOS) 65 1.14 cgd retval[1] = p->p_pptr->p_pid; 66 1.14 cgd #endif 67 1.14 cgd return (0); 68 1.14 cgd } 69 1.14 cgd 70 1.14 cgd /* ARGSUSED */ 71 1.14 cgd getppid(p, uap, retval) 72 1.14 cgd struct proc *p; 73 1.14 cgd void *uap; 74 1.14 cgd int *retval; 75 1.14 cgd { 76 1.14 cgd 77 1.14 cgd *retval = p->p_pptr->p_pid; 78 1.14 cgd return (0); 79 1.14 cgd } 80 1.14 cgd 81 1.14 cgd /* Get process group ID; note that POSIX getpgrp takes no parameter */ 82 1.14 cgd getpgrp(p, uap, retval) 83 1.14 cgd struct proc *p; 84 1.14 cgd void *uap; 85 1.14 cgd int *retval; 86 1.14 cgd { 87 1.14 cgd 88 1.14 cgd *retval = p->p_pgrp->pg_id; 89 1.14 cgd return (0); 90 1.14 cgd } 91 1.14 cgd 92 1.14 cgd /* ARGSUSED */ 93 1.14 cgd getuid(p, uap, retval) 94 1.14 cgd struct proc *p; 95 1.14 cgd void *uap; 96 1.14 cgd int *retval; 97 1.14 cgd { 98 1.14 cgd 99 1.14 cgd *retval = p->p_cred->p_ruid; 100 1.14 cgd #if defined(COMPAT_43) || defined(COMPAT_SUNOS) 101 1.14 cgd retval[1] = p->p_ucred->cr_uid; 102 1.14 cgd #endif 103 1.14 cgd return (0); 104 1.14 cgd } 105 1.14 cgd 106 1.14 cgd /* ARGSUSED */ 107 1.14 cgd geteuid(p, uap, retval) 108 1.14 cgd struct proc *p; 109 1.14 cgd void *uap; 110 1.14 cgd int *retval; 111 1.14 cgd { 112 1.14 cgd 113 1.14 cgd *retval = p->p_ucred->cr_uid; 114 1.14 cgd return (0); 115 1.14 cgd } 116 1.14 cgd 117 1.14 cgd /* ARGSUSED */ 118 1.14 cgd getgid(p, uap, retval) 119 1.14 cgd struct proc *p; 120 1.14 cgd void *uap; 121 1.14 cgd int *retval; 122 1.14 cgd { 123 1.14 cgd 124 1.14 cgd *retval = p->p_cred->p_rgid; 125 1.14 cgd #if defined(COMPAT_43) || defined(COMPAT_SUNOS) 126 1.14 cgd retval[1] = p->p_ucred->cr_groups[0]; 127 1.14 cgd #endif 128 1.14 cgd return (0); 129 1.14 cgd } 130 1.14 cgd 131 1.14 cgd /* 132 1.14 cgd * Get effective group ID. The "egid" is groups[0], and could be obtained 133 1.14 cgd * via getgroups. This syscall exists because it is somewhat painful to do 134 1.14 cgd * correctly in a library function. 135 1.14 cgd */ 136 1.14 cgd /* ARGSUSED */ 137 1.14 cgd getegid(p, uap, retval) 138 1.14 cgd struct proc *p; 139 1.14 cgd void *uap; 140 1.14 cgd int *retval; 141 1.14 cgd { 142 1.14 cgd 143 1.14 cgd *retval = p->p_ucred->cr_groups[0]; 144 1.14 cgd return (0); 145 1.14 cgd } 146 1.14 cgd 147 1.14 cgd struct getgroups_args { 148 1.14 cgd u_int gidsetsize; 149 1.14 cgd gid_t *gidset; 150 1.14 cgd }; 151 1.14 cgd getgroups(p, uap, retval) 152 1.14 cgd struct proc *p; 153 1.14 cgd register struct getgroups_args *uap; 154 1.14 cgd int *retval; 155 1.14 cgd { 156 1.14 cgd register struct pcred *pc = p->p_cred; 157 1.14 cgd register u_int ngrp; 158 1.14 cgd int error; 159 1.14 cgd 160 1.14 cgd if ((ngrp = uap->gidsetsize) == 0) { 161 1.14 cgd *retval = pc->pc_ucred->cr_ngroups; 162 1.14 cgd return (0); 163 1.14 cgd } 164 1.14 cgd if (ngrp < pc->pc_ucred->cr_ngroups) 165 1.14 cgd return (EINVAL); 166 1.14 cgd ngrp = pc->pc_ucred->cr_ngroups; 167 1.14 cgd if (error = copyout((caddr_t)pc->pc_ucred->cr_groups, 168 1.14 cgd (caddr_t)uap->gidset, ngrp * sizeof(gid_t))) 169 1.14 cgd return (error); 170 1.14 cgd *retval = ngrp; 171 1.14 cgd return (0); 172 1.14 cgd } 173 1.14 cgd 174 1.14 cgd /* ARGSUSED */ 175 1.14 cgd setsid(p, uap, retval) 176 1.14 cgd register struct proc *p; 177 1.14 cgd void *uap; 178 1.14 cgd int *retval; 179 1.14 cgd { 180 1.14 cgd 181 1.14 cgd if (p->p_pgid == p->p_pid || pgfind(p->p_pid)) { 182 1.14 cgd return (EPERM); 183 1.14 cgd } else { 184 1.15 cgd (void)enterpgrp(p, p->p_pid, 1); 185 1.14 cgd *retval = p->p_pid; 186 1.14 cgd return (0); 187 1.14 cgd } 188 1.14 cgd } 189 1.14 cgd 190 1.14 cgd /* 191 1.14 cgd * set process group (setpgid/old setpgrp) 192 1.14 cgd * 193 1.14 cgd * caller does setpgid(targpid, targpgid) 194 1.14 cgd * 195 1.14 cgd * pid must be caller or child of caller (ESRCH) 196 1.14 cgd * if a child 197 1.14 cgd * pid must be in same session (EPERM) 198 1.14 cgd * pid can't have done an exec (EACCES) 199 1.14 cgd * if pgid != pid 200 1.14 cgd * there must exist some pid in same session having pgid (EPERM) 201 1.14 cgd * pid must not be session leader (EPERM) 202 1.14 cgd */ 203 1.14 cgd struct setpgid_args { 204 1.14 cgd int pid; /* target process id */ 205 1.14 cgd int pgid; /* target pgrp id */ 206 1.14 cgd }; 207 1.14 cgd /* ARGSUSED */ 208 1.14 cgd setpgid(curp, uap, retval) 209 1.14 cgd struct proc *curp; 210 1.14 cgd register struct setpgid_args *uap; 211 1.14 cgd int *retval; 212 1.14 cgd { 213 1.14 cgd register struct proc *targp; /* target process */ 214 1.14 cgd register struct pgrp *pgrp; /* target pgrp */ 215 1.14 cgd 216 1.14 cgd #ifdef COMPAT_09 217 1.14 cgd uap->pid = (short) uap->pid; /* XXX */ 218 1.14 cgd uap->pgid = (short) uap->pgid; /* XXX */ 219 1.14 cgd #endif 220 1.14 cgd 221 1.14 cgd if (uap->pid != 0 && uap->pid != curp->p_pid) { 222 1.14 cgd if ((targp = pfind(uap->pid)) == 0 || !inferior(targp)) 223 1.14 cgd return (ESRCH); 224 1.14 cgd if (targp->p_session != curp->p_session) 225 1.14 cgd return (EPERM); 226 1.15 cgd if (targp->p_flag & P_EXEC) 227 1.14 cgd return (EACCES); 228 1.14 cgd } else 229 1.14 cgd targp = curp; 230 1.14 cgd if (SESS_LEADER(targp)) 231 1.14 cgd return (EPERM); 232 1.14 cgd if (uap->pgid == 0) 233 1.14 cgd uap->pgid = targp->p_pid; 234 1.14 cgd else if (uap->pgid != targp->p_pid) 235 1.14 cgd if ((pgrp = pgfind(uap->pgid)) == 0 || 236 1.14 cgd pgrp->pg_session != curp->p_session) 237 1.14 cgd return (EPERM); 238 1.15 cgd return (enterpgrp(targp, uap->pgid, 0)); 239 1.14 cgd } 240 1.14 cgd 241 1.14 cgd struct setuid_args { 242 1.14 cgd uid_t uid; 243 1.14 cgd }; 244 1.14 cgd /* ARGSUSED */ 245 1.14 cgd setuid(p, uap, retval) 246 1.14 cgd struct proc *p; 247 1.14 cgd struct setuid_args *uap; 248 1.14 cgd int *retval; 249 1.14 cgd { 250 1.14 cgd register struct pcred *pc = p->p_cred; 251 1.14 cgd register uid_t uid; 252 1.14 cgd int error; 253 1.14 cgd 254 1.14 cgd #ifdef COMPAT_09 /* XXX */ 255 1.14 cgd uid = (u_short)uap->uid; 256 1.14 cgd #else 257 1.14 cgd uid = uap->uid; 258 1.14 cgd #endif 259 1.14 cgd if (uid != pc->p_ruid && 260 1.14 cgd (error = suser(pc->pc_ucred, &p->p_acflag))) 261 1.14 cgd return (error); 262 1.14 cgd /* 263 1.15 cgd * Everything's okay, do it. 264 1.15 cgd * Transfer proc count to new user. 265 1.15 cgd * Copy credentials so other references do not see our changes. 266 1.14 cgd */ 267 1.15 cgd (void)chgproccnt(pc->p_ruid, -1); 268 1.15 cgd (void)chgproccnt(uid, 1); 269 1.14 cgd pc->pc_ucred = crcopy(pc->pc_ucred); 270 1.14 cgd pc->pc_ucred->cr_uid = uid; 271 1.14 cgd pc->p_ruid = uid; 272 1.14 cgd pc->p_svuid = uid; 273 1.14 cgd p->p_flag |= P_SUGID; 274 1.14 cgd return (0); 275 1.14 cgd } 276 1.14 cgd 277 1.14 cgd struct seteuid_args { 278 1.14 cgd uid_t euid; 279 1.14 cgd }; 280 1.14 cgd /* ARGSUSED */ 281 1.14 cgd seteuid(p, uap, retval) 282 1.14 cgd struct proc *p; 283 1.14 cgd struct seteuid_args *uap; 284 1.14 cgd int *retval; 285 1.14 cgd { 286 1.14 cgd register struct pcred *pc = p->p_cred; 287 1.14 cgd register uid_t euid; 288 1.14 cgd int error; 289 1.14 cgd 290 1.14 cgd #ifdef COMPAT_09 /* XXX */ 291 1.14 cgd euid = (u_short)uap->euid; 292 1.14 cgd #else 293 1.14 cgd euid = uap->euid; 294 1.14 cgd #endif 295 1.14 cgd if (euid != pc->p_ruid && euid != pc->p_svuid && 296 1.14 cgd (error = suser(pc->pc_ucred, &p->p_acflag))) 297 1.14 cgd return (error); 298 1.14 cgd /* 299 1.14 cgd * Everything's okay, do it. Copy credentials so other references do 300 1.14 cgd * not see our changes. 301 1.14 cgd */ 302 1.14 cgd pc->pc_ucred = crcopy(pc->pc_ucred); 303 1.14 cgd pc->pc_ucred->cr_uid = euid; 304 1.14 cgd p->p_flag |= P_SUGID; 305 1.14 cgd return (0); 306 1.14 cgd } 307 1.14 cgd 308 1.14 cgd struct setgid_args { 309 1.14 cgd gid_t gid; 310 1.14 cgd }; 311 1.14 cgd /* ARGSUSED */ 312 1.14 cgd setgid(p, uap, retval) 313 1.14 cgd struct proc *p; 314 1.14 cgd struct setgid_args *uap; 315 1.14 cgd int *retval; 316 1.14 cgd { 317 1.14 cgd register struct pcred *pc = p->p_cred; 318 1.14 cgd register gid_t gid; 319 1.14 cgd int error; 320 1.14 cgd 321 1.14 cgd #ifdef COMPAT_09 /* XXX */ 322 1.14 cgd gid = (u_short)uap->gid; 323 1.14 cgd #else 324 1.14 cgd gid = uap->gid; 325 1.14 cgd #endif 326 1.14 cgd if (gid != pc->p_rgid && (error = suser(pc->pc_ucred, &p->p_acflag))) 327 1.14 cgd return (error); 328 1.14 cgd pc->pc_ucred = crcopy(pc->pc_ucred); 329 1.14 cgd pc->pc_ucred->cr_groups[0] = gid; 330 1.14 cgd pc->p_rgid = gid; 331 1.14 cgd pc->p_svgid = gid; /* ??? */ 332 1.14 cgd p->p_flag |= P_SUGID; 333 1.14 cgd return (0); 334 1.14 cgd } 335 1.14 cgd 336 1.14 cgd struct setegid_args { 337 1.14 cgd gid_t egid; 338 1.14 cgd }; 339 1.14 cgd /* ARGSUSED */ 340 1.14 cgd setegid(p, uap, retval) 341 1.14 cgd struct proc *p; 342 1.14 cgd struct setegid_args *uap; 343 1.14 cgd int *retval; 344 1.14 cgd { 345 1.14 cgd register struct pcred *pc = p->p_cred; 346 1.14 cgd register gid_t egid; 347 1.14 cgd int error; 348 1.14 cgd 349 1.14 cgd #ifdef COMPAT_09 /* XXX */ 350 1.14 cgd egid = (u_short)uap->egid; 351 1.14 cgd #else 352 1.14 cgd egid = uap->egid; 353 1.14 cgd #endif 354 1.14 cgd if (egid != pc->p_rgid && egid != pc->p_svgid && 355 1.14 cgd (error = suser(pc->pc_ucred, &p->p_acflag))) 356 1.14 cgd return (error); 357 1.14 cgd pc->pc_ucred = crcopy(pc->pc_ucred); 358 1.14 cgd pc->pc_ucred->cr_groups[0] = egid; 359 1.14 cgd p->p_flag |= P_SUGID; 360 1.14 cgd return (0); 361 1.14 cgd } 362 1.14 cgd 363 1.15 cgd struct setgroups_args { 364 1.15 cgd u_int gidsetsize; 365 1.15 cgd gid_t *gidset; 366 1.15 cgd }; 367 1.15 cgd /* ARGSUSED */ 368 1.15 cgd setgroups(p, uap, retval) 369 1.15 cgd struct proc *p; 370 1.15 cgd struct setgroups_args *uap; 371 1.15 cgd int *retval; 372 1.15 cgd { 373 1.15 cgd register struct pcred *pc = p->p_cred; 374 1.15 cgd register u_int ngrp; 375 1.15 cgd int error; 376 1.15 cgd 377 1.15 cgd if (error = suser(pc->pc_ucred, &p->p_acflag)) 378 1.15 cgd return (error); 379 1.15 cgd if ((ngrp = uap->gidsetsize) > NGROUPS) 380 1.15 cgd return (EINVAL); 381 1.15 cgd pc->pc_ucred = crcopy(pc->pc_ucred); 382 1.15 cgd if (error = copyin((caddr_t)uap->gidset, 383 1.15 cgd (caddr_t)pc->pc_ucred->cr_groups, ngrp * sizeof(gid_t))) 384 1.15 cgd return (error); 385 1.15 cgd pc->pc_ucred->cr_ngroups = ngrp; 386 1.15 cgd p->p_flag |= P_SUGID; 387 1.15 cgd return (0); 388 1.15 cgd } 389 1.14 cgd 390 1.15 cgd #if defined(COMPAT_43) || defined(COMPAT_SUNOS) 391 1.15 cgd struct setreuid_args { 392 1.15 cgd int ruid; 393 1.15 cgd int euid; 394 1.14 cgd }; 395 1.14 cgd /* ARGSUSED */ 396 1.14 cgd osetreuid(p, uap, retval) 397 1.14 cgd register struct proc *p; 398 1.15 cgd struct setreuid_args *uap; 399 1.14 cgd int *retval; 400 1.14 cgd { 401 1.17 deraadt struct seteuid_args seuidargs; 402 1.17 deraadt struct setuid_args suidargs; 403 1.14 cgd 404 1.14 cgd /* 405 1.17 deraadt * There are five cases, and we attempt to emulate them in 406 1.17 deraadt * the following fashion: 407 1.17 deraadt * -1, -1: return 0. This is correct emulation. 408 1.17 deraadt * -1, N: call seteuid(N). This is correct emulation. 409 1.17 deraadt * N, -1: if we called setuid(N), our euid would be changed 410 1.17 deraadt * to N as well. the theory is that we don't want to 411 1.17 deraadt * revoke root access yet, so we call seteuid(N) 412 1.17 deraadt * instead. This is incorrect emulation, but often 413 1.17 deraadt * suffices enough for binary compatibility. 414 1.17 deraadt * N, N: call setuid(N). This is correct emulation. 415 1.17 deraadt * N, M: call setuid(N). This is close to correct emulation. 416 1.14 cgd */ 417 1.17 deraadt if (uap->ruid == (uid_t)-1) { 418 1.17 deraadt if (uap->euid == (uid_t)-1) 419 1.17 deraadt return (0); /* -1, -1 */ 420 1.17 deraadt seuidargs.euid = uap->euid; /* -1, N */ 421 1.17 deraadt return (seteuid(p, &seuidargs, retval)); 422 1.17 deraadt } 423 1.17 deraadt if (uap->euid == (uid_t)-1) { 424 1.17 deraadt seuidargs.euid = uap->ruid; /* N, -1 */ 425 1.17 deraadt return (seteuid(p, &seuidargs, retval)); 426 1.17 deraadt } 427 1.17 deraadt suidargs.uid = uap->ruid; /* N, N and N, M */ 428 1.17 deraadt return (setuid(p, &suidargs, retval)); 429 1.14 cgd } 430 1.14 cgd 431 1.15 cgd struct setregid_args { 432 1.15 cgd int rgid; 433 1.15 cgd int egid; 434 1.14 cgd }; 435 1.14 cgd /* ARGSUSED */ 436 1.14 cgd osetregid(p, uap, retval) 437 1.14 cgd register struct proc *p; 438 1.15 cgd struct setregid_args *uap; 439 1.14 cgd int *retval; 440 1.14 cgd { 441 1.17 deraadt struct setegid_args segidargs; 442 1.17 deraadt struct setgid_args sgidargs; 443 1.14 cgd 444 1.14 cgd /* 445 1.17 deraadt * There are five cases, described above in osetreuid() 446 1.14 cgd */ 447 1.17 deraadt if (uap->rgid == (gid_t)-1) { 448 1.17 deraadt if (uap->egid == (gid_t)-1) 449 1.17 deraadt return (0); /* -1, -1 */ 450 1.17 deraadt segidargs.egid = uap->egid; /* -1, N */ 451 1.17 deraadt return (setegid(p, &segidargs, retval)); 452 1.17 deraadt } 453 1.17 deraadt if (uap->egid == (gid_t)-1) { 454 1.17 deraadt segidargs.egid = uap->rgid; /* N, -1 */ 455 1.17 deraadt return (setegid(p, &segidargs, retval)); 456 1.17 deraadt } 457 1.17 deraadt sgidargs.gid = uap->rgid; /* N, N and N, M */ 458 1.17 deraadt return (setgid(p, &sgidargs, retval)); 459 1.14 cgd } 460 1.15 cgd #endif /* defined(COMPAT_43) || defined(COMPAT_SUNOS) */ 461 1.14 cgd 462 1.14 cgd /* 463 1.14 cgd * Check if gid is a member of the group set. 464 1.14 cgd */ 465 1.14 cgd groupmember(gid, cred) 466 1.14 cgd gid_t gid; 467 1.14 cgd register struct ucred *cred; 468 1.14 cgd { 469 1.14 cgd register gid_t *gp; 470 1.14 cgd gid_t *egp; 471 1.14 cgd 472 1.14 cgd egp = &(cred->cr_groups[cred->cr_ngroups]); 473 1.14 cgd for (gp = cred->cr_groups; gp < egp; gp++) 474 1.14 cgd if (*gp == gid) 475 1.14 cgd return (1); 476 1.14 cgd return (0); 477 1.14 cgd } 478 1.14 cgd 479 1.14 cgd /* 480 1.14 cgd * Test whether the specified credentials imply "super-user" 481 1.14 cgd * privilege; if so, and we have accounting info, set the flag 482 1.14 cgd * indicating use of super-powers. 483 1.14 cgd * Returns 0 or error. 484 1.14 cgd */ 485 1.14 cgd suser(cred, acflag) 486 1.14 cgd struct ucred *cred; 487 1.14 cgd u_short *acflag; 488 1.14 cgd { 489 1.14 cgd if (cred->cr_uid == 0) { 490 1.14 cgd if (acflag) 491 1.14 cgd *acflag |= ASU; 492 1.14 cgd return (0); 493 1.14 cgd } 494 1.14 cgd return (EPERM); 495 1.14 cgd } 496 1.14 cgd 497 1.14 cgd /* 498 1.14 cgd * Allocate a zeroed cred structure. 499 1.14 cgd */ 500 1.14 cgd struct ucred * 501 1.14 cgd crget() 502 1.14 cgd { 503 1.14 cgd register struct ucred *cr; 504 1.14 cgd 505 1.14 cgd MALLOC(cr, struct ucred *, sizeof(*cr), M_CRED, M_WAITOK); 506 1.14 cgd bzero((caddr_t)cr, sizeof(*cr)); 507 1.14 cgd cr->cr_ref = 1; 508 1.14 cgd return (cr); 509 1.14 cgd } 510 1.14 cgd 511 1.14 cgd /* 512 1.14 cgd * Free a cred structure. 513 1.14 cgd * Throws away space when ref count gets to 0. 514 1.14 cgd */ 515 1.14 cgd crfree(cr) 516 1.14 cgd struct ucred *cr; 517 1.14 cgd { 518 1.15 cgd int s; 519 1.14 cgd 520 1.15 cgd s = splimp(); /* ??? */ 521 1.15 cgd if (--cr->cr_ref == 0) 522 1.15 cgd FREE((caddr_t)cr, M_CRED); 523 1.14 cgd (void) splx(s); 524 1.14 cgd } 525 1.14 cgd 526 1.14 cgd /* 527 1.14 cgd * Copy cred structure to a new one and free the old one. 528 1.14 cgd */ 529 1.14 cgd struct ucred * 530 1.14 cgd crcopy(cr) 531 1.14 cgd struct ucred *cr; 532 1.14 cgd { 533 1.14 cgd struct ucred *newcr; 534 1.14 cgd 535 1.14 cgd if (cr->cr_ref == 1) 536 1.14 cgd return (cr); 537 1.14 cgd newcr = crget(); 538 1.14 cgd *newcr = *cr; 539 1.14 cgd crfree(cr); 540 1.14 cgd newcr->cr_ref = 1; 541 1.14 cgd return (newcr); 542 1.14 cgd } 543 1.14 cgd 544 1.14 cgd /* 545 1.14 cgd * Dup cred struct to a new held one. 546 1.14 cgd */ 547 1.14 cgd struct ucred * 548 1.14 cgd crdup(cr) 549 1.14 cgd struct ucred *cr; 550 1.14 cgd { 551 1.14 cgd struct ucred *newcr; 552 1.14 cgd 553 1.14 cgd newcr = crget(); 554 1.14 cgd *newcr = *cr; 555 1.14 cgd newcr->cr_ref = 1; 556 1.14 cgd return (newcr); 557 1.14 cgd } 558 1.14 cgd 559 1.14 cgd /* 560 1.14 cgd * Get login name, if available. 561 1.14 cgd */ 562 1.14 cgd struct getlogin_args { 563 1.14 cgd char *namebuf; 564 1.14 cgd u_int namelen; 565 1.14 cgd }; 566 1.14 cgd /* ARGSUSED */ 567 1.14 cgd getlogin(p, uap, retval) 568 1.14 cgd struct proc *p; 569 1.14 cgd struct getlogin_args *uap; 570 1.14 cgd int *retval; 571 1.14 cgd { 572 1.14 cgd 573 1.14 cgd if (uap->namelen > sizeof (p->p_pgrp->pg_session->s_login)) 574 1.14 cgd uap->namelen = sizeof (p->p_pgrp->pg_session->s_login); 575 1.14 cgd return (copyout((caddr_t) p->p_pgrp->pg_session->s_login, 576 1.14 cgd (caddr_t) uap->namebuf, uap->namelen)); 577 1.14 cgd } 578 1.14 cgd 579 1.14 cgd /* 580 1.14 cgd * Set login name. 581 1.14 cgd */ 582 1.14 cgd struct setlogin_args { 583 1.14 cgd char *namebuf; 584 1.14 cgd }; 585 1.14 cgd /* ARGSUSED */ 586 1.14 cgd setlogin(p, uap, retval) 587 1.14 cgd struct proc *p; 588 1.14 cgd struct setlogin_args *uap; 589 1.14 cgd int *retval; 590 1.14 cgd { 591 1.14 cgd int error; 592 1.14 cgd 593 1.14 cgd if (error = suser(p->p_ucred, &p->p_acflag)) 594 1.14 cgd return (error); 595 1.14 cgd error = copyinstr((caddr_t) uap->namebuf, 596 1.14 cgd (caddr_t) p->p_pgrp->pg_session->s_login, 597 1.14 cgd sizeof (p->p_pgrp->pg_session->s_login) - 1, (u_int *)0); 598 1.14 cgd if (error == ENAMETOOLONG) 599 1.14 cgd error = EINVAL; 600 1.14 cgd return (error); 601 1.14 cgd } 602
Indexes created Sat Sep 20 22:09:52 GMT 2025