kern_prot.c revision 1.21
1 1.21 cgd /* $NetBSD: kern_prot.c,v 1.21 1994/10/30 21:47:42 cgd Exp $ */ 2 1.16 cgd 3 1.14 cgd /* 4 1.15 cgd * Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993 5 1.15 cgd * The Regents of the University of California. All rights reserved. 6 1.14 cgd * (c) UNIX System Laboratories, Inc. 7 1.14 cgd * All or some portions of this file are derived from material licensed 8 1.14 cgd * to the University of California by American Telephone and Telegraph 9 1.14 cgd * Co. or Unix System Laboratories, Inc. and are reproduced herein with 10 1.14 cgd * the permission of UNIX System Laboratories, Inc. 11 1.14 cgd * 12 1.14 cgd * Redistribution and use in source and binary forms, with or without 13 1.14 cgd * modification, are permitted provided that the following conditions 14 1.14 cgd * are met: 15 1.14 cgd * 1. Redistributions of source code must retain the above copyright 16 1.14 cgd * notice, this list of conditions and the following disclaimer. 17 1.14 cgd * 2. Redistributions in binary form must reproduce the above copyright 18 1.14 cgd * notice, this list of conditions and the following disclaimer in the 19 1.14 cgd * documentation and/or other materials provided with the distribution. 20 1.14 cgd * 3. All advertising materials mentioning features or use of this software 21 1.14 cgd * must display the following acknowledgement: 22 1.14 cgd * This product includes software developed by the University of 23 1.14 cgd * California, Berkeley and its contributors. 24 1.14 cgd * 4. Neither the name of the University nor the names of its contributors 25 1.14 cgd * may be used to endorse or promote products derived from this software 26 1.14 cgd * without specific prior written permission. 27 1.14 cgd * 28 1.14 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 29 1.14 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 30 1.14 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 1.14 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 32 1.14 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 1.14 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 1.14 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 1.14 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 1.14 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 1.14 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 1.14 cgd * SUCH DAMAGE. 39 1.14 cgd * 40 1.16 cgd * @(#)kern_prot.c 8.6 (Berkeley) 1/21/94 41 1.14 cgd */ 42 1.14 cgd 43 1.14 cgd /* 44 1.14 cgd * System calls related to processes and protection 45 1.14 cgd */ 46 1.14 cgd 47 1.14 cgd #include <sys/param.h> 48 1.14 cgd #include <sys/acct.h> 49 1.14 cgd #include <sys/systm.h> 50 1.14 cgd #include <sys/ucred.h> 51 1.14 cgd #include <sys/proc.h> 52 1.14 cgd #include <sys/timeb.h> 53 1.14 cgd #include <sys/times.h> 54 1.14 cgd #include <sys/malloc.h> 55 1.14 cgd 56 1.19 cgd #include <sys/mount.h> 57 1.19 cgd #include <sys/syscallargs.h> 58 1.19 cgd 59 1.14 cgd /* ARGSUSED */ 60 1.14 cgd getpid(p, uap, retval) 61 1.14 cgd struct proc *p; 62 1.14 cgd void *uap; 63 1.19 cgd register_t *retval; 64 1.14 cgd { 65 1.14 cgd 66 1.14 cgd *retval = p->p_pid; 67 1.20 mycroft #if defined(COMPAT_43) || defined(COMPAT_SUNOS) || defined(COMPAT_IBCS2) 68 1.14 cgd retval[1] = p->p_pptr->p_pid; 69 1.14 cgd #endif 70 1.14 cgd return (0); 71 1.14 cgd } 72 1.14 cgd 73 1.14 cgd /* ARGSUSED */ 74 1.14 cgd getppid(p, uap, retval) 75 1.14 cgd struct proc *p; 76 1.14 cgd void *uap; 77 1.19 cgd register_t *retval; 78 1.14 cgd { 79 1.14 cgd 80 1.14 cgd *retval = p->p_pptr->p_pid; 81 1.14 cgd return (0); 82 1.14 cgd } 83 1.14 cgd 84 1.14 cgd /* Get process group ID; note that POSIX getpgrp takes no parameter */ 85 1.14 cgd getpgrp(p, uap, retval) 86 1.14 cgd struct proc *p; 87 1.14 cgd void *uap; 88 1.19 cgd register_t *retval; 89 1.14 cgd { 90 1.14 cgd 91 1.14 cgd *retval = p->p_pgrp->pg_id; 92 1.14 cgd return (0); 93 1.14 cgd } 94 1.14 cgd 95 1.14 cgd /* ARGSUSED */ 96 1.14 cgd getuid(p, uap, retval) 97 1.14 cgd struct proc *p; 98 1.14 cgd void *uap; 99 1.19 cgd register_t *retval; 100 1.14 cgd { 101 1.14 cgd 102 1.14 cgd *retval = p->p_cred->p_ruid; 103 1.20 mycroft #if defined(COMPAT_43) || defined(COMPAT_SUNOS) || defined(COMPAT_IBCS2) 104 1.14 cgd retval[1] = p->p_ucred->cr_uid; 105 1.14 cgd #endif 106 1.14 cgd return (0); 107 1.14 cgd } 108 1.14 cgd 109 1.14 cgd /* ARGSUSED */ 110 1.14 cgd geteuid(p, uap, retval) 111 1.14 cgd struct proc *p; 112 1.14 cgd void *uap; 113 1.19 cgd register_t *retval; 114 1.14 cgd { 115 1.14 cgd 116 1.14 cgd *retval = p->p_ucred->cr_uid; 117 1.14 cgd return (0); 118 1.14 cgd } 119 1.14 cgd 120 1.14 cgd /* ARGSUSED */ 121 1.14 cgd getgid(p, uap, retval) 122 1.14 cgd struct proc *p; 123 1.14 cgd void *uap; 124 1.19 cgd register_t *retval; 125 1.14 cgd { 126 1.14 cgd 127 1.14 cgd *retval = p->p_cred->p_rgid; 128 1.14 cgd #if defined(COMPAT_43) || defined(COMPAT_SUNOS) 129 1.14 cgd retval[1] = p->p_ucred->cr_groups[0]; 130 1.14 cgd #endif 131 1.14 cgd return (0); 132 1.14 cgd } 133 1.14 cgd 134 1.14 cgd /* 135 1.14 cgd * Get effective group ID. The "egid" is groups[0], and could be obtained 136 1.14 cgd * via getgroups. This syscall exists because it is somewhat painful to do 137 1.14 cgd * correctly in a library function. 138 1.14 cgd */ 139 1.14 cgd /* ARGSUSED */ 140 1.14 cgd getegid(p, uap, retval) 141 1.14 cgd struct proc *p; 142 1.14 cgd void *uap; 143 1.19 cgd register_t *retval; 144 1.14 cgd { 145 1.14 cgd 146 1.14 cgd *retval = p->p_ucred->cr_groups[0]; 147 1.14 cgd return (0); 148 1.14 cgd } 149 1.14 cgd 150 1.14 cgd getgroups(p, uap, retval) 151 1.14 cgd struct proc *p; 152 1.19 cgd register struct getgroups_args /* { 153 1.19 cgd syscallarg(u_int) gidsetsize; 154 1.19 cgd syscallarg(gid_t *) gidset; 155 1.19 cgd } */ *uap; 156 1.19 cgd register_t *retval; 157 1.14 cgd { 158 1.14 cgd register struct pcred *pc = p->p_cred; 159 1.14 cgd register u_int ngrp; 160 1.14 cgd int error; 161 1.14 cgd 162 1.19 cgd if ((ngrp = SCARG(uap, gidsetsize)) == 0) { 163 1.14 cgd *retval = pc->pc_ucred->cr_ngroups; 164 1.14 cgd return (0); 165 1.14 cgd } 166 1.14 cgd if (ngrp < pc->pc_ucred->cr_ngroups) 167 1.14 cgd return (EINVAL); 168 1.14 cgd ngrp = pc->pc_ucred->cr_ngroups; 169 1.14 cgd if (error = copyout((caddr_t)pc->pc_ucred->cr_groups, 170 1.19 cgd (caddr_t)SCARG(uap, gidset), ngrp * sizeof(gid_t))) 171 1.14 cgd return (error); 172 1.14 cgd *retval = ngrp; 173 1.14 cgd return (0); 174 1.14 cgd } 175 1.14 cgd 176 1.14 cgd /* ARGSUSED */ 177 1.14 cgd setsid(p, uap, retval) 178 1.14 cgd register struct proc *p; 179 1.14 cgd void *uap; 180 1.19 cgd register_t *retval; 181 1.14 cgd { 182 1.14 cgd 183 1.14 cgd if (p->p_pgid == p->p_pid || pgfind(p->p_pid)) { 184 1.14 cgd return (EPERM); 185 1.14 cgd } else { 186 1.15 cgd (void)enterpgrp(p, p->p_pid, 1); 187 1.14 cgd *retval = p->p_pid; 188 1.14 cgd return (0); 189 1.14 cgd } 190 1.14 cgd } 191 1.14 cgd 192 1.14 cgd /* 193 1.14 cgd * set process group (setpgid/old setpgrp) 194 1.14 cgd * 195 1.14 cgd * caller does setpgid(targpid, targpgid) 196 1.14 cgd * 197 1.14 cgd * pid must be caller or child of caller (ESRCH) 198 1.14 cgd * if a child 199 1.14 cgd * pid must be in same session (EPERM) 200 1.14 cgd * pid can't have done an exec (EACCES) 201 1.14 cgd * if pgid != pid 202 1.14 cgd * there must exist some pid in same session having pgid (EPERM) 203 1.14 cgd * pid must not be session leader (EPERM) 204 1.14 cgd */ 205 1.14 cgd /* ARGSUSED */ 206 1.14 cgd setpgid(curp, uap, retval) 207 1.14 cgd struct proc *curp; 208 1.19 cgd register struct setpgid_args /* { 209 1.19 cgd syscallarg(int) pid; 210 1.19 cgd syscallarg(int) pgid; 211 1.19 cgd } */ *uap; 212 1.19 cgd register_t *retval; 213 1.14 cgd { 214 1.14 cgd register struct proc *targp; /* target process */ 215 1.14 cgd register struct pgrp *pgrp; /* target pgrp */ 216 1.14 cgd 217 1.14 cgd #ifdef COMPAT_09 218 1.19 cgd SCARG(uap, pid) = (short) SCARG(uap, pid); /* XXX */ 219 1.19 cgd SCARG(uap, pgid) = (short) SCARG(uap, pgid); /* XXX */ 220 1.14 cgd #endif 221 1.14 cgd 222 1.19 cgd if (SCARG(uap, pid) != 0 && SCARG(uap, pid) != curp->p_pid) { 223 1.19 cgd if ((targp = pfind(SCARG(uap, pid))) == 0 || !inferior(targp)) 224 1.14 cgd return (ESRCH); 225 1.14 cgd if (targp->p_session != curp->p_session) 226 1.14 cgd return (EPERM); 227 1.15 cgd if (targp->p_flag & P_EXEC) 228 1.14 cgd return (EACCES); 229 1.14 cgd } else 230 1.14 cgd targp = curp; 231 1.14 cgd if (SESS_LEADER(targp)) 232 1.14 cgd return (EPERM); 233 1.19 cgd if (SCARG(uap, pgid) == 0) 234 1.19 cgd SCARG(uap, pgid) = targp->p_pid; 235 1.19 cgd else if (SCARG(uap, pgid) != targp->p_pid) 236 1.19 cgd if ((pgrp = pgfind(SCARG(uap, pgid))) == 0 || 237 1.14 cgd pgrp->pg_session != curp->p_session) 238 1.14 cgd return (EPERM); 239 1.19 cgd return (enterpgrp(targp, SCARG(uap, pgid), 0)); 240 1.14 cgd } 241 1.14 cgd 242 1.14 cgd /* ARGSUSED */ 243 1.14 cgd setuid(p, uap, retval) 244 1.14 cgd struct proc *p; 245 1.19 cgd struct setuid_args /* { 246 1.19 cgd syscallarg(uid_t) uid; 247 1.19 cgd } */ *uap; 248 1.19 cgd register_t *retval; 249 1.14 cgd { 250 1.14 cgd register struct pcred *pc = p->p_cred; 251 1.14 cgd register uid_t uid; 252 1.14 cgd int error; 253 1.14 cgd 254 1.14 cgd #ifdef COMPAT_09 /* XXX */ 255 1.19 cgd uid = (u_short)SCARG(uap, uid); 256 1.14 cgd #else 257 1.19 cgd uid = SCARG(uap, uid); 258 1.14 cgd #endif 259 1.14 cgd if (uid != pc->p_ruid && 260 1.14 cgd (error = suser(pc->pc_ucred, &p->p_acflag))) 261 1.14 cgd return (error); 262 1.14 cgd /* 263 1.15 cgd * Everything's okay, do it. 264 1.15 cgd * Transfer proc count to new user. 265 1.15 cgd * Copy credentials so other references do not see our changes. 266 1.14 cgd */ 267 1.15 cgd (void)chgproccnt(pc->p_ruid, -1); 268 1.15 cgd (void)chgproccnt(uid, 1); 269 1.14 cgd pc->pc_ucred = crcopy(pc->pc_ucred); 270 1.14 cgd pc->pc_ucred->cr_uid = uid; 271 1.14 cgd pc->p_ruid = uid; 272 1.14 cgd pc->p_svuid = uid; 273 1.14 cgd p->p_flag |= P_SUGID; 274 1.14 cgd return (0); 275 1.14 cgd } 276 1.14 cgd 277 1.14 cgd /* ARGSUSED */ 278 1.14 cgd seteuid(p, uap, retval) 279 1.14 cgd struct proc *p; 280 1.19 cgd struct seteuid_args /* { 281 1.19 cgd syscallarg(uid_t) euid; 282 1.19 cgd } */ *uap; 283 1.19 cgd register_t *retval; 284 1.14 cgd { 285 1.14 cgd register struct pcred *pc = p->p_cred; 286 1.14 cgd register uid_t euid; 287 1.14 cgd int error; 288 1.14 cgd 289 1.14 cgd #ifdef COMPAT_09 /* XXX */ 290 1.19 cgd euid = (u_short)SCARG(uap, euid); 291 1.14 cgd #else 292 1.19 cgd euid = SCARG(uap, euid); 293 1.14 cgd #endif 294 1.14 cgd if (euid != pc->p_ruid && euid != pc->p_svuid && 295 1.14 cgd (error = suser(pc->pc_ucred, &p->p_acflag))) 296 1.14 cgd return (error); 297 1.14 cgd /* 298 1.14 cgd * Everything's okay, do it. Copy credentials so other references do 299 1.14 cgd * not see our changes. 300 1.14 cgd */ 301 1.14 cgd pc->pc_ucred = crcopy(pc->pc_ucred); 302 1.14 cgd pc->pc_ucred->cr_uid = euid; 303 1.14 cgd p->p_flag |= P_SUGID; 304 1.14 cgd return (0); 305 1.14 cgd } 306 1.14 cgd 307 1.14 cgd /* ARGSUSED */ 308 1.14 cgd setgid(p, uap, retval) 309 1.14 cgd struct proc *p; 310 1.19 cgd struct setgid_args /* { 311 1.19 cgd syscallarg(gid_t) gid; 312 1.19 cgd } */ *uap; 313 1.19 cgd register_t *retval; 314 1.14 cgd { 315 1.14 cgd register struct pcred *pc = p->p_cred; 316 1.14 cgd register gid_t gid; 317 1.14 cgd int error; 318 1.14 cgd 319 1.14 cgd #ifdef COMPAT_09 /* XXX */ 320 1.19 cgd gid = (u_short)SCARG(uap, gid); 321 1.14 cgd #else 322 1.19 cgd gid = SCARG(uap, gid); 323 1.14 cgd #endif 324 1.14 cgd if (gid != pc->p_rgid && (error = suser(pc->pc_ucred, &p->p_acflag))) 325 1.14 cgd return (error); 326 1.14 cgd pc->pc_ucred = crcopy(pc->pc_ucred); 327 1.14 cgd pc->pc_ucred->cr_groups[0] = gid; 328 1.14 cgd pc->p_rgid = gid; 329 1.14 cgd pc->p_svgid = gid; /* ??? */ 330 1.14 cgd p->p_flag |= P_SUGID; 331 1.14 cgd return (0); 332 1.14 cgd } 333 1.14 cgd 334 1.14 cgd /* ARGSUSED */ 335 1.14 cgd setegid(p, uap, retval) 336 1.14 cgd struct proc *p; 337 1.19 cgd struct setegid_args /* { 338 1.19 cgd syscallarg(gid_t) egid; 339 1.19 cgd } */ *uap; 340 1.19 cgd register_t *retval; 341 1.14 cgd { 342 1.14 cgd register struct pcred *pc = p->p_cred; 343 1.14 cgd register gid_t egid; 344 1.14 cgd int error; 345 1.14 cgd 346 1.14 cgd #ifdef COMPAT_09 /* XXX */ 347 1.19 cgd egid = (u_short)SCARG(uap, egid); 348 1.14 cgd #else 349 1.19 cgd egid = SCARG(uap, egid); 350 1.14 cgd #endif 351 1.14 cgd if (egid != pc->p_rgid && egid != pc->p_svgid && 352 1.14 cgd (error = suser(pc->pc_ucred, &p->p_acflag))) 353 1.14 cgd return (error); 354 1.14 cgd pc->pc_ucred = crcopy(pc->pc_ucred); 355 1.14 cgd pc->pc_ucred->cr_groups[0] = egid; 356 1.14 cgd p->p_flag |= P_SUGID; 357 1.14 cgd return (0); 358 1.14 cgd } 359 1.14 cgd 360 1.15 cgd /* ARGSUSED */ 361 1.15 cgd setgroups(p, uap, retval) 362 1.15 cgd struct proc *p; 363 1.19 cgd struct setgroups_args /* { 364 1.19 cgd syscallarg(u_int) gidsetsize; 365 1.19 cgd syscallarg(gid_t *) gidset; 366 1.19 cgd } */ *uap; 367 1.19 cgd register_t *retval; 368 1.15 cgd { 369 1.15 cgd register struct pcred *pc = p->p_cred; 370 1.15 cgd register u_int ngrp; 371 1.15 cgd int error; 372 1.15 cgd 373 1.15 cgd if (error = suser(pc->pc_ucred, &p->p_acflag)) 374 1.15 cgd return (error); 375 1.19 cgd ngrp = SCARG(uap, gidsetsize); 376 1.18 mycroft if (ngrp < 1 || ngrp > NGROUPS) 377 1.15 cgd return (EINVAL); 378 1.15 cgd pc->pc_ucred = crcopy(pc->pc_ucred); 379 1.19 cgd if (error = copyin((caddr_t)SCARG(uap, gidset), 380 1.15 cgd (caddr_t)pc->pc_ucred->cr_groups, ngrp * sizeof(gid_t))) 381 1.15 cgd return (error); 382 1.15 cgd pc->pc_ucred->cr_ngroups = ngrp; 383 1.15 cgd p->p_flag |= P_SUGID; 384 1.15 cgd return (0); 385 1.15 cgd } 386 1.14 cgd 387 1.15 cgd #if defined(COMPAT_43) || defined(COMPAT_SUNOS) 388 1.14 cgd /* ARGSUSED */ 389 1.19 cgd compat_43_setreuid(p, uap, retval) 390 1.14 cgd register struct proc *p; 391 1.19 cgd struct compat_43_setreuid_args /* { 392 1.19 cgd syscallarg(int) ruid; 393 1.19 cgd syscallarg(int) euid; 394 1.19 cgd } */ *uap; 395 1.19 cgd register_t *retval; 396 1.14 cgd { 397 1.17 deraadt struct seteuid_args seuidargs; 398 1.17 deraadt struct setuid_args suidargs; 399 1.14 cgd 400 1.14 cgd /* 401 1.17 deraadt * There are five cases, and we attempt to emulate them in 402 1.17 deraadt * the following fashion: 403 1.17 deraadt * -1, -1: return 0. This is correct emulation. 404 1.17 deraadt * -1, N: call seteuid(N). This is correct emulation. 405 1.17 deraadt * N, -1: if we called setuid(N), our euid would be changed 406 1.17 deraadt * to N as well. the theory is that we don't want to 407 1.17 deraadt * revoke root access yet, so we call seteuid(N) 408 1.17 deraadt * instead. This is incorrect emulation, but often 409 1.17 deraadt * suffices enough for binary compatibility. 410 1.17 deraadt * N, N: call setuid(N). This is correct emulation. 411 1.17 deraadt * N, M: call setuid(N). This is close to correct emulation. 412 1.14 cgd */ 413 1.19 cgd if (SCARG(uap, ruid) == (uid_t)-1) { 414 1.19 cgd if (SCARG(uap, euid) == (uid_t)-1) 415 1.21 cgd return (0); /* -1, -1 */ 416 1.21 cgd SCARG(&seuidargs, euid) = SCARG(uap, euid); /* -1, N */ 417 1.17 deraadt return (seteuid(p, &seuidargs, retval)); 418 1.17 deraadt } 419 1.19 cgd if (SCARG(uap, euid) == (uid_t)-1) { 420 1.21 cgd SCARG(&seuidargs, euid) = SCARG(uap, ruid); /* N, -1 */ 421 1.17 deraadt return (seteuid(p, &seuidargs, retval)); 422 1.17 deraadt } 423 1.21 cgd SCARG(&suidargs, uid) = SCARG(uap, ruid); /* N, N and N, M */ 424 1.17 deraadt return (setuid(p, &suidargs, retval)); 425 1.14 cgd } 426 1.14 cgd 427 1.14 cgd /* ARGSUSED */ 428 1.19 cgd compat_43_setregid(p, uap, retval) 429 1.14 cgd register struct proc *p; 430 1.19 cgd struct compat_43_setregid_args /* { 431 1.19 cgd syscallarg(int) rgid; 432 1.19 cgd syscallarg(int) egid; 433 1.19 cgd } */ *uap; 434 1.19 cgd register_t *retval; 435 1.14 cgd { 436 1.17 deraadt struct setegid_args segidargs; 437 1.17 deraadt struct setgid_args sgidargs; 438 1.14 cgd 439 1.14 cgd /* 440 1.17 deraadt * There are five cases, described above in osetreuid() 441 1.14 cgd */ 442 1.19 cgd if (SCARG(uap, rgid) == (gid_t)-1) { 443 1.19 cgd if (SCARG(uap, egid) == (gid_t)-1) 444 1.21 cgd return (0); /* -1, -1 */ 445 1.21 cgd SCARG(&segidargs, egid) = SCARG(uap, egid); /* -1, N */ 446 1.17 deraadt return (setegid(p, &segidargs, retval)); 447 1.17 deraadt } 448 1.19 cgd if (SCARG(uap, egid) == (gid_t)-1) { 449 1.21 cgd SCARG(&segidargs, egid) = SCARG(uap, rgid); /* N, -1 */ 450 1.17 deraadt return (setegid(p, &segidargs, retval)); 451 1.17 deraadt } 452 1.21 cgd SCARG(&sgidargs, gid) = SCARG(uap, rgid); /* N, N and N, M */ 453 1.17 deraadt return (setgid(p, &sgidargs, retval)); 454 1.14 cgd } 455 1.15 cgd #endif /* defined(COMPAT_43) || defined(COMPAT_SUNOS) */ 456 1.14 cgd 457 1.14 cgd /* 458 1.14 cgd * Check if gid is a member of the group set. 459 1.14 cgd */ 460 1.14 cgd groupmember(gid, cred) 461 1.14 cgd gid_t gid; 462 1.14 cgd register struct ucred *cred; 463 1.14 cgd { 464 1.14 cgd register gid_t *gp; 465 1.14 cgd gid_t *egp; 466 1.14 cgd 467 1.14 cgd egp = &(cred->cr_groups[cred->cr_ngroups]); 468 1.14 cgd for (gp = cred->cr_groups; gp < egp; gp++) 469 1.14 cgd if (*gp == gid) 470 1.14 cgd return (1); 471 1.14 cgd return (0); 472 1.14 cgd } 473 1.14 cgd 474 1.14 cgd /* 475 1.14 cgd * Test whether the specified credentials imply "super-user" 476 1.14 cgd * privilege; if so, and we have accounting info, set the flag 477 1.14 cgd * indicating use of super-powers. 478 1.14 cgd * Returns 0 or error. 479 1.14 cgd */ 480 1.14 cgd suser(cred, acflag) 481 1.14 cgd struct ucred *cred; 482 1.14 cgd u_short *acflag; 483 1.14 cgd { 484 1.14 cgd if (cred->cr_uid == 0) { 485 1.14 cgd if (acflag) 486 1.14 cgd *acflag |= ASU; 487 1.14 cgd return (0); 488 1.14 cgd } 489 1.14 cgd return (EPERM); 490 1.14 cgd } 491 1.14 cgd 492 1.14 cgd /* 493 1.14 cgd * Allocate a zeroed cred structure. 494 1.14 cgd */ 495 1.14 cgd struct ucred * 496 1.14 cgd crget() 497 1.14 cgd { 498 1.14 cgd register struct ucred *cr; 499 1.14 cgd 500 1.14 cgd MALLOC(cr, struct ucred *, sizeof(*cr), M_CRED, M_WAITOK); 501 1.14 cgd bzero((caddr_t)cr, sizeof(*cr)); 502 1.14 cgd cr->cr_ref = 1; 503 1.14 cgd return (cr); 504 1.14 cgd } 505 1.14 cgd 506 1.14 cgd /* 507 1.14 cgd * Free a cred structure. 508 1.14 cgd * Throws away space when ref count gets to 0. 509 1.14 cgd */ 510 1.14 cgd crfree(cr) 511 1.14 cgd struct ucred *cr; 512 1.14 cgd { 513 1.15 cgd int s; 514 1.14 cgd 515 1.15 cgd s = splimp(); /* ??? */ 516 1.15 cgd if (--cr->cr_ref == 0) 517 1.15 cgd FREE((caddr_t)cr, M_CRED); 518 1.14 cgd (void) splx(s); 519 1.14 cgd } 520 1.14 cgd 521 1.14 cgd /* 522 1.14 cgd * Copy cred structure to a new one and free the old one. 523 1.14 cgd */ 524 1.14 cgd struct ucred * 525 1.14 cgd crcopy(cr) 526 1.14 cgd struct ucred *cr; 527 1.14 cgd { 528 1.14 cgd struct ucred *newcr; 529 1.14 cgd 530 1.14 cgd if (cr->cr_ref == 1) 531 1.14 cgd return (cr); 532 1.14 cgd newcr = crget(); 533 1.14 cgd *newcr = *cr; 534 1.14 cgd crfree(cr); 535 1.14 cgd newcr->cr_ref = 1; 536 1.14 cgd return (newcr); 537 1.14 cgd } 538 1.14 cgd 539 1.14 cgd /* 540 1.14 cgd * Dup cred struct to a new held one. 541 1.14 cgd */ 542 1.14 cgd struct ucred * 543 1.14 cgd crdup(cr) 544 1.14 cgd struct ucred *cr; 545 1.14 cgd { 546 1.14 cgd struct ucred *newcr; 547 1.14 cgd 548 1.14 cgd newcr = crget(); 549 1.14 cgd *newcr = *cr; 550 1.14 cgd newcr->cr_ref = 1; 551 1.14 cgd return (newcr); 552 1.14 cgd } 553 1.14 cgd 554 1.14 cgd /* 555 1.14 cgd * Get login name, if available. 556 1.14 cgd */ 557 1.14 cgd /* ARGSUSED */ 558 1.14 cgd getlogin(p, uap, retval) 559 1.14 cgd struct proc *p; 560 1.19 cgd struct getlogin_args /* { 561 1.19 cgd syscallarg(char *) namebuf; 562 1.19 cgd syscallarg(u_int) namelen; 563 1.19 cgd } */ *uap; 564 1.19 cgd register_t *retval; 565 1.14 cgd { 566 1.14 cgd 567 1.19 cgd if (SCARG(uap, namelen) > sizeof (p->p_pgrp->pg_session->s_login)) 568 1.19 cgd SCARG(uap, namelen) = sizeof (p->p_pgrp->pg_session->s_login); 569 1.14 cgd return (copyout((caddr_t) p->p_pgrp->pg_session->s_login, 570 1.19 cgd (caddr_t) SCARG(uap, namebuf), SCARG(uap, namelen))); 571 1.14 cgd } 572 1.14 cgd 573 1.14 cgd /* 574 1.14 cgd * Set login name. 575 1.14 cgd */ 576 1.14 cgd /* ARGSUSED */ 577 1.14 cgd setlogin(p, uap, retval) 578 1.14 cgd struct proc *p; 579 1.19 cgd struct setlogin_args /* { 580 1.19 cgd syscallarg(char *) namebuf; 581 1.19 cgd } */ *uap; 582 1.19 cgd register_t *retval; 583 1.14 cgd { 584 1.14 cgd int error; 585 1.14 cgd 586 1.14 cgd if (error = suser(p->p_ucred, &p->p_acflag)) 587 1.14 cgd return (error); 588 1.19 cgd error = copyinstr((caddr_t) SCARG(uap, namebuf), 589 1.14 cgd (caddr_t) p->p_pgrp->pg_session->s_login, 590 1.14 cgd sizeof (p->p_pgrp->pg_session->s_login) - 1, (u_int *)0); 591 1.14 cgd if (error == ENAMETOOLONG) 592 1.14 cgd error = EINVAL; 593 1.14 cgd return (error); 594 1.14 cgd } 595
Indexes created Sun Sep 21 20:09:37 GMT 2025