kern_prot.c revision 1.81
1 1.81 christos /* $NetBSD: kern_prot.c,v 1.81 2004/04/17 15:15:29 christos Exp $ */ 2 1.16 cgd 3 1.14 cgd /* 4 1.15 cgd * Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993 5 1.15 cgd * The Regents of the University of California. All rights reserved. 6 1.14 cgd * (c) UNIX System Laboratories, Inc. 7 1.14 cgd * All or some portions of this file are derived from material licensed 8 1.14 cgd * to the University of California by American Telephone and Telegraph 9 1.14 cgd * Co. or Unix System Laboratories, Inc. and are reproduced herein with 10 1.14 cgd * the permission of UNIX System Laboratories, Inc. 11 1.14 cgd * 12 1.14 cgd * Redistribution and use in source and binary forms, with or without 13 1.14 cgd * modification, are permitted provided that the following conditions 14 1.14 cgd * are met: 15 1.14 cgd * 1. Redistributions of source code must retain the above copyright 16 1.14 cgd * notice, this list of conditions and the following disclaimer. 17 1.14 cgd * 2. Redistributions in binary form must reproduce the above copyright 18 1.14 cgd * notice, this list of conditions and the following disclaimer in the 19 1.14 cgd * documentation and/or other materials provided with the distribution. 20 1.80 agc * 3. Neither the name of the University nor the names of its contributors 21 1.14 cgd * may be used to endorse or promote products derived from this software 22 1.14 cgd * without specific prior written permission. 23 1.14 cgd * 24 1.14 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 1.14 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 1.14 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 1.14 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 1.14 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 1.14 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 1.14 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 1.14 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 1.14 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 1.14 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 1.14 cgd * SUCH DAMAGE. 35 1.14 cgd * 36 1.44 fvdl * @(#)kern_prot.c 8.9 (Berkeley) 2/14/95 37 1.14 cgd */ 38 1.14 cgd 39 1.14 cgd /* 40 1.14 cgd * System calls related to processes and protection 41 1.14 cgd */ 42 1.65 lukem 43 1.65 lukem #include <sys/cdefs.h> 44 1.81 christos __KERNEL_RCSID(0, "$NetBSD: kern_prot.c,v 1.81 2004/04/17 15:15:29 christos Exp $"); 45 1.45 thorpej 46 1.51 christos #include "opt_compat_43.h" 47 1.14 cgd 48 1.14 cgd #include <sys/param.h> 49 1.14 cgd #include <sys/acct.h> 50 1.14 cgd #include <sys/systm.h> 51 1.14 cgd #include <sys/ucred.h> 52 1.14 cgd #include <sys/proc.h> 53 1.14 cgd #include <sys/timeb.h> 54 1.14 cgd #include <sys/times.h> 55 1.14 cgd #include <sys/malloc.h> 56 1.72 dsl #include <sys/syslog.h> 57 1.81 christos #include <sys/resourcevar.h> 58 1.14 cgd 59 1.19 cgd #include <sys/mount.h> 60 1.70 thorpej #include <sys/sa.h> 61 1.19 cgd #include <sys/syscallargs.h> 62 1.71 thorpej 63 1.71 thorpej MALLOC_DEFINE(M_CRED, "cred", "credentials"); 64 1.63 mycroft 65 1.70 thorpej int sys_getpid(struct lwp *, void *, register_t *); 66 1.70 thorpej int sys_getpid_with_ppid(struct lwp *, void *, register_t *); 67 1.70 thorpej int sys_getuid(struct lwp *, void *, register_t *); 68 1.70 thorpej int sys_getuid_with_euid(struct lwp *, void *, register_t *); 69 1.70 thorpej int sys_getgid(struct lwp *, void *, register_t *); 70 1.70 thorpej int sys_getgid_with_egid(struct lwp *, void *, register_t *); 71 1.32 christos 72 1.14 cgd /* ARGSUSED */ 73 1.32 christos int 74 1.73 dsl sys_getpid(struct lwp *l, void *v, register_t *retval) 75 1.14 cgd { 76 1.70 thorpej struct proc *p = l->l_proc; 77 1.14 cgd 78 1.14 cgd *retval = p->p_pid; 79 1.62 mycroft return (0); 80 1.62 mycroft } 81 1.62 mycroft 82 1.62 mycroft /* ARGSUSED */ 83 1.62 mycroft int 84 1.73 dsl sys_getpid_with_ppid(struct lwp *l, void *v, register_t *retval) 85 1.62 mycroft { 86 1.70 thorpej struct proc *p = l->l_proc; 87 1.62 mycroft 88 1.62 mycroft retval[0] = p->p_pid; 89 1.62 mycroft retval[1] = p->p_pptr->p_pid; 90 1.14 cgd return (0); 91 1.14 cgd } 92 1.14 cgd 93 1.14 cgd /* ARGSUSED */ 94 1.32 christos int 95 1.73 dsl sys_getppid(struct lwp *l, void *v, register_t *retval) 96 1.14 cgd { 97 1.70 thorpej struct proc *p = l->l_proc; 98 1.14 cgd 99 1.14 cgd *retval = p->p_pptr->p_pid; 100 1.14 cgd return (0); 101 1.14 cgd } 102 1.14 cgd 103 1.14 cgd /* Get process group ID; note that POSIX getpgrp takes no parameter */ 104 1.32 christos int 105 1.73 dsl sys_getpgrp(struct lwp *l, void *v, register_t *retval) 106 1.14 cgd { 107 1.70 thorpej struct proc *p = l->l_proc; 108 1.14 cgd 109 1.14 cgd *retval = p->p_pgrp->pg_id; 110 1.14 cgd return (0); 111 1.43 thorpej } 112 1.43 thorpej 113 1.43 thorpej /* 114 1.43 thorpej * Return the process group ID of the session leader (session ID) 115 1.43 thorpej * for the specified process. 116 1.43 thorpej */ 117 1.43 thorpej int 118 1.73 dsl sys_getsid(struct lwp *l, void *v, register_t *retval) 119 1.43 thorpej { 120 1.43 thorpej struct sys_getsid_args /* { 121 1.43 thorpej syscalldarg(pid_t) pid; 122 1.43 thorpej } */ *uap = v; 123 1.70 thorpej struct proc *p = l->l_proc; 124 1.43 thorpej 125 1.43 thorpej if (SCARG(uap, pid) == 0) 126 1.43 thorpej goto found; 127 1.43 thorpej if ((p = pfind(SCARG(uap, pid))) == 0) 128 1.43 thorpej return (ESRCH); 129 1.43 thorpej found: 130 1.43 thorpej *retval = p->p_session->s_sid; 131 1.60 christos return (0); 132 1.36 mrg } 133 1.36 mrg 134 1.36 mrg int 135 1.73 dsl sys_getpgid(struct lwp *l, void *v, register_t *retval) 136 1.36 mrg { 137 1.56 augustss struct sys_getpgid_args /* { 138 1.36 mrg syscallarg(pid_t) pid; 139 1.36 mrg } */ *uap = v; 140 1.70 thorpej struct proc *p = l->l_proc; 141 1.36 mrg 142 1.36 mrg if (SCARG(uap, pid) == 0) 143 1.36 mrg goto found; 144 1.36 mrg if ((p = pfind(SCARG(uap, pid))) == 0) 145 1.36 mrg return (ESRCH); 146 1.36 mrg found: 147 1.36 mrg *retval = p->p_pgid; 148 1.60 christos return (0); 149 1.14 cgd } 150 1.14 cgd 151 1.14 cgd /* ARGSUSED */ 152 1.32 christos int 153 1.73 dsl sys_getuid(struct lwp *l, void *v, register_t *retval) 154 1.14 cgd { 155 1.70 thorpej struct proc *p = l->l_proc; 156 1.14 cgd 157 1.14 cgd *retval = p->p_cred->p_ruid; 158 1.62 mycroft return (0); 159 1.62 mycroft } 160 1.62 mycroft 161 1.62 mycroft /* ARGSUSED */ 162 1.62 mycroft int 163 1.73 dsl sys_getuid_with_euid(struct lwp *l, void *v, register_t *retval) 164 1.62 mycroft { 165 1.70 thorpej struct proc *p = l->l_proc; 166 1.62 mycroft 167 1.62 mycroft retval[0] = p->p_cred->p_ruid; 168 1.62 mycroft retval[1] = p->p_ucred->cr_uid; 169 1.14 cgd return (0); 170 1.14 cgd } 171 1.14 cgd 172 1.14 cgd /* ARGSUSED */ 173 1.32 christos int 174 1.73 dsl sys_geteuid(struct lwp *l, void *v, register_t *retval) 175 1.14 cgd { 176 1.70 thorpej struct proc *p = l->l_proc; 177 1.14 cgd 178 1.14 cgd *retval = p->p_ucred->cr_uid; 179 1.14 cgd return (0); 180 1.14 cgd } 181 1.14 cgd 182 1.14 cgd /* ARGSUSED */ 183 1.32 christos int 184 1.73 dsl sys_getgid(struct lwp *l, void *v, register_t *retval) 185 1.14 cgd { 186 1.70 thorpej struct proc *p = l->l_proc; 187 1.14 cgd 188 1.14 cgd *retval = p->p_cred->p_rgid; 189 1.62 mycroft return (0); 190 1.62 mycroft } 191 1.62 mycroft 192 1.62 mycroft /* ARGSUSED */ 193 1.62 mycroft int 194 1.73 dsl sys_getgid_with_egid(struct lwp *l, void *v, register_t *retval) 195 1.62 mycroft { 196 1.70 thorpej struct proc *p = l->l_proc; 197 1.62 mycroft 198 1.62 mycroft retval[0] = p->p_cred->p_rgid; 199 1.62 mycroft retval[1] = p->p_ucred->cr_gid; 200 1.14 cgd return (0); 201 1.14 cgd } 202 1.14 cgd 203 1.14 cgd /* 204 1.14 cgd * Get effective group ID. The "egid" is groups[0], and could be obtained 205 1.14 cgd * via getgroups. This syscall exists because it is somewhat painful to do 206 1.14 cgd * correctly in a library function. 207 1.14 cgd */ 208 1.14 cgd /* ARGSUSED */ 209 1.32 christos int 210 1.73 dsl sys_getegid(struct lwp *l, void *v, register_t *retval) 211 1.14 cgd { 212 1.70 thorpej struct proc *p = l->l_proc; 213 1.75 enami 214 1.27 jtc *retval = p->p_ucred->cr_gid; 215 1.14 cgd return (0); 216 1.14 cgd } 217 1.14 cgd 218 1.32 christos int 219 1.73 dsl sys_getgroups(struct lwp *l, void *v, register_t *retval) 220 1.29 thorpej { 221 1.56 augustss struct sys_getgroups_args /* { 222 1.41 thorpej syscallarg(int) gidsetsize; 223 1.19 cgd syscallarg(gid_t *) gidset; 224 1.29 thorpej } */ *uap = v; 225 1.70 thorpej struct proc *p = l->l_proc; 226 1.56 augustss struct pcred *pc = p->p_cred; 227 1.69 thorpej u_int ngrp; 228 1.14 cgd int error; 229 1.14 cgd 230 1.69 thorpej if (SCARG(uap, gidsetsize) == 0) { 231 1.14 cgd *retval = pc->pc_ucred->cr_ngroups; 232 1.14 cgd return (0); 233 1.69 thorpej } else if (SCARG(uap, gidsetsize) < 0) 234 1.69 thorpej return (EINVAL); 235 1.69 thorpej ngrp = SCARG(uap, gidsetsize); 236 1.14 cgd if (ngrp < pc->pc_ucred->cr_ngroups) 237 1.14 cgd return (EINVAL); 238 1.14 cgd ngrp = pc->pc_ucred->cr_ngroups; 239 1.32 christos error = copyout((caddr_t)pc->pc_ucred->cr_groups, 240 1.75 enami (caddr_t)SCARG(uap, gidset), ngrp * sizeof(gid_t)); 241 1.32 christos if (error) 242 1.14 cgd return (error); 243 1.14 cgd *retval = ngrp; 244 1.14 cgd return (0); 245 1.14 cgd } 246 1.14 cgd 247 1.14 cgd /* ARGSUSED */ 248 1.32 christos int 249 1.73 dsl sys_setsid(struct lwp *l, void *v, register_t *retval) 250 1.14 cgd { 251 1.70 thorpej struct proc *p = l->l_proc; 252 1.14 cgd 253 1.14 cgd if (p->p_pgid == p->p_pid || pgfind(p->p_pid)) { 254 1.14 cgd return (EPERM); 255 1.14 cgd } else { 256 1.15 cgd (void)enterpgrp(p, p->p_pid, 1); 257 1.14 cgd *retval = p->p_pid; 258 1.14 cgd return (0); 259 1.14 cgd } 260 1.14 cgd } 261 1.14 cgd 262 1.14 cgd /* 263 1.14 cgd * set process group (setpgid/old setpgrp) 264 1.14 cgd * 265 1.14 cgd * caller does setpgid(targpid, targpgid) 266 1.14 cgd * 267 1.39 mikel * pgid must be in valid range (EINVAL) 268 1.14 cgd * pid must be caller or child of caller (ESRCH) 269 1.14 cgd * if a child 270 1.14 cgd * pid must be in same session (EPERM) 271 1.14 cgd * pid can't have done an exec (EACCES) 272 1.14 cgd * if pgid != pid 273 1.14 cgd * there must exist some pid in same session having pgid (EPERM) 274 1.14 cgd * pid must not be session leader (EPERM) 275 1.77 dsl * 276 1.77 dsl * Permission checks now in enterpgrp() 277 1.14 cgd */ 278 1.14 cgd /* ARGSUSED */ 279 1.32 christos int 280 1.73 dsl sys_setpgid(struct lwp *l, void *v, register_t *retval) 281 1.29 thorpej { 282 1.56 augustss struct sys_setpgid_args /* { 283 1.19 cgd syscallarg(int) pid; 284 1.19 cgd syscallarg(int) pgid; 285 1.29 thorpej } */ *uap = v; 286 1.70 thorpej struct proc *curp = l->l_proc; 287 1.56 augustss struct proc *targp; /* target process */ 288 1.14 cgd 289 1.39 mikel if (SCARG(uap, pgid) < 0) 290 1.77 dsl return EINVAL; 291 1.14 cgd 292 1.77 dsl /* XXX MP - there is a horrid race here with targp exiting! */ 293 1.19 cgd if (SCARG(uap, pid) != 0 && SCARG(uap, pid) != curp->p_pid) { 294 1.77 dsl targp = pfind(SCARG(uap, pid)); 295 1.77 dsl if (targp == NULL) 296 1.77 dsl return ESRCH; 297 1.14 cgd } else 298 1.14 cgd targp = curp; 299 1.77 dsl 300 1.19 cgd if (SCARG(uap, pgid) == 0) 301 1.19 cgd SCARG(uap, pgid) = targp->p_pid; 302 1.77 dsl return enterpgrp(targp, SCARG(uap, pgid), 0); 303 1.14 cgd } 304 1.14 cgd 305 1.76 dsl /* 306 1.76 dsl * Set real, effective and saved uids to the requested values. 307 1.76 dsl * non-root callers can only ever change uids to values that match 308 1.76 dsl * one of the processes current uid values. 309 1.76 dsl * This is further restricted by the flags argument. 310 1.76 dsl */ 311 1.76 dsl 312 1.76 dsl int 313 1.76 dsl do_setresuid(struct lwp *l, uid_t r, uid_t e, uid_t sv, u_int flags) 314 1.76 dsl { 315 1.76 dsl int error; 316 1.76 dsl struct proc *p = l->l_proc; 317 1.76 dsl struct pcred *pcred = p->p_cred; 318 1.76 dsl struct ucred *cred = pcred->pc_ucred; 319 1.76 dsl 320 1.76 dsl /* Superuser can do anything it wants to.... */ 321 1.76 dsl error = suser(cred, &p->p_acflag); 322 1.76 dsl if (error) { 323 1.76 dsl /* Otherwise check new value is one of the allowed 324 1.76 dsl existing values. */ 325 1.76 dsl if (r != -1 && !((flags & ID_R_EQ_R) && r == pcred->p_ruid) 326 1.76 dsl && !((flags & ID_R_EQ_E) && r == cred->cr_uid) 327 1.76 dsl && !((flags & ID_R_EQ_S) && r == pcred->p_svuid)) 328 1.76 dsl return error; 329 1.76 dsl if (e != -1 && !((flags & ID_E_EQ_R) && e == pcred->p_ruid) 330 1.76 dsl && !((flags & ID_E_EQ_E) && e == cred->cr_uid) 331 1.76 dsl && !((flags & ID_E_EQ_S) && e == pcred->p_svuid)) 332 1.76 dsl return error; 333 1.76 dsl if (sv != -1 && !((flags & ID_S_EQ_R) && sv == pcred->p_ruid) 334 1.76 dsl && !((flags & ID_S_EQ_E) && sv == cred->cr_uid) 335 1.76 dsl && !((flags & ID_S_EQ_S) && sv == pcred->p_svuid)) 336 1.76 dsl return error; 337 1.76 dsl } 338 1.76 dsl 339 1.76 dsl /* If nothing has changed, short circuit the request */ 340 1.76 dsl if ((r == -1 || r == pcred->p_ruid) 341 1.76 dsl && (e == -1 || e == cred->cr_uid) 342 1.76 dsl && (sv == -1 || sv == pcred->p_svuid)) 343 1.76 dsl /* nothing to do */ 344 1.76 dsl return 0; 345 1.76 dsl 346 1.76 dsl /* The pcred structure is not actually shared... */ 347 1.76 dsl if (r != -1 && r != pcred->p_ruid) { 348 1.76 dsl /* Update count of processes for this user */ 349 1.76 dsl (void)chgproccnt(pcred->p_ruid, -1); 350 1.76 dsl (void)chgproccnt(r, 1); 351 1.76 dsl pcred->p_ruid = r; 352 1.76 dsl } 353 1.76 dsl if (sv != -1) 354 1.76 dsl pcred->p_svuid = sv; 355 1.76 dsl if (e != -1 && e != cred->cr_uid) { 356 1.76 dsl /* Update a clone of the current credentials */ 357 1.76 dsl pcred->pc_ucred = cred = crcopy(cred); 358 1.76 dsl cred->cr_uid = e; 359 1.76 dsl } 360 1.76 dsl 361 1.76 dsl /* Mark process as having changed credentials, stops tracing etc */ 362 1.76 dsl p_sugid(p); 363 1.76 dsl return 0; 364 1.76 dsl } 365 1.76 dsl 366 1.76 dsl /* 367 1.76 dsl * Set real, effective and saved gids to the requested values. 368 1.76 dsl * non-root callers can only ever change gids to values that match 369 1.76 dsl * one of the processes current gid values. 370 1.76 dsl * This is further restricted by the flags argument. 371 1.76 dsl */ 372 1.76 dsl 373 1.76 dsl int 374 1.76 dsl do_setresgid(struct lwp *l, gid_t r, gid_t e, gid_t sv, u_int flags) 375 1.76 dsl { 376 1.76 dsl int error; 377 1.76 dsl struct proc *p = l->l_proc; 378 1.76 dsl struct pcred *pcred = p->p_cred; 379 1.76 dsl struct ucred *cred = pcred->pc_ucred; 380 1.76 dsl 381 1.76 dsl /* Superuser can do anything it wants to.... */ 382 1.76 dsl error = suser(cred, &p->p_acflag); 383 1.76 dsl if (error) { 384 1.76 dsl /* Otherwise check new value is one of the allowed 385 1.76 dsl existing values. */ 386 1.76 dsl if (r != -1 && !((flags & ID_R_EQ_R) && r == pcred->p_rgid) 387 1.76 dsl && !((flags & ID_R_EQ_E) && r == cred->cr_gid) 388 1.76 dsl && !((flags & ID_R_EQ_S) && r == pcred->p_svgid)) 389 1.76 dsl return error; 390 1.76 dsl if (e != -1 && !((flags & ID_E_EQ_R) && e == pcred->p_rgid) 391 1.76 dsl && !((flags & ID_E_EQ_E) && e == cred->cr_gid) 392 1.76 dsl && !((flags & ID_E_EQ_S) && e == pcred->p_svgid)) 393 1.76 dsl return error; 394 1.76 dsl if (sv != -1 && !((flags & ID_S_EQ_R) && sv == pcred->p_rgid) 395 1.76 dsl && !((flags & ID_S_EQ_E) && sv == cred->cr_gid) 396 1.76 dsl && !((flags & ID_S_EQ_S) && sv == pcred->p_svgid)) 397 1.76 dsl return error; 398 1.76 dsl } 399 1.76 dsl 400 1.76 dsl /* If nothing has changed, short circuit the request */ 401 1.76 dsl if ((r == -1 || r == pcred->p_rgid) 402 1.76 dsl && (e == -1 || e == cred->cr_gid) 403 1.76 dsl && (sv == -1 || sv == pcred->p_svgid)) 404 1.76 dsl /* nothing to do */ 405 1.76 dsl return 0; 406 1.76 dsl 407 1.76 dsl /* The pcred structure is not actually shared... */ 408 1.76 dsl if (r != -1) 409 1.76 dsl pcred->p_rgid = r; 410 1.76 dsl if (sv != -1) 411 1.76 dsl pcred->p_svgid = sv; 412 1.76 dsl if (e != -1 && e != cred->cr_gid) { 413 1.76 dsl /* Update a clone of the current credentials */ 414 1.76 dsl pcred->pc_ucred = cred = crcopy(cred); 415 1.76 dsl cred->cr_gid = e; 416 1.76 dsl } 417 1.76 dsl 418 1.76 dsl /* Mark process as having changed credentials, stops tracing etc */ 419 1.76 dsl p_sugid(p); 420 1.76 dsl return 0; 421 1.76 dsl } 422 1.76 dsl 423 1.14 cgd /* ARGSUSED */ 424 1.32 christos int 425 1.73 dsl sys_setuid(struct lwp *l, void *v, register_t *retval) 426 1.29 thorpej { 427 1.30 mycroft struct sys_setuid_args /* { 428 1.19 cgd syscallarg(uid_t) uid; 429 1.29 thorpej } */ *uap = v; 430 1.76 dsl uid_t uid = SCARG(uap, uid); 431 1.14 cgd 432 1.76 dsl return do_setresuid(l, uid, uid, uid, 433 1.76 dsl ID_R_EQ_R | ID_E_EQ_R | ID_S_EQ_R); 434 1.14 cgd } 435 1.14 cgd 436 1.14 cgd /* ARGSUSED */ 437 1.32 christos int 438 1.73 dsl sys_seteuid(struct lwp *l, void *v, register_t *retval) 439 1.29 thorpej { 440 1.30 mycroft struct sys_seteuid_args /* { 441 1.19 cgd syscallarg(uid_t) euid; 442 1.29 thorpej } */ *uap = v; 443 1.59 christos 444 1.76 dsl return do_setresuid(l, -1, SCARG(uap, euid), -1, ID_E_EQ_R | ID_E_EQ_S); 445 1.14 cgd } 446 1.14 cgd 447 1.35 mycroft int 448 1.73 dsl sys_setreuid(struct lwp *l, void *v, register_t *retval) 449 1.35 mycroft { 450 1.35 mycroft struct sys_setreuid_args /* { 451 1.35 mycroft syscallarg(uid_t) ruid; 452 1.35 mycroft syscallarg(uid_t) euid; 453 1.35 mycroft } */ *uap = v; 454 1.70 thorpej struct proc *p = l->l_proc; 455 1.76 dsl uid_t ruid, euid, svuid; 456 1.35 mycroft 457 1.35 mycroft ruid = SCARG(uap, ruid); 458 1.35 mycroft euid = SCARG(uap, euid); 459 1.76 dsl if (ruid == -1) 460 1.76 dsl ruid = p->p_cred->p_ruid; 461 1.76 dsl if (euid == -1) 462 1.76 dsl euid = p->p_ucred->cr_uid; 463 1.76 dsl /* Saved uid is set to the new euid if the ruid changed */ 464 1.78 jdolecek svuid = (ruid == p->p_cred->p_ruid) ? -1 : euid; 465 1.76 dsl 466 1.76 dsl return do_setresuid(l, ruid, euid, svuid, 467 1.76 dsl ID_R_EQ_R | ID_R_EQ_E | 468 1.76 dsl ID_E_EQ_R | ID_E_EQ_E | ID_E_EQ_S | 469 1.76 dsl ID_S_EQ_R | ID_S_EQ_E | ID_S_EQ_S); 470 1.35 mycroft } 471 1.35 mycroft 472 1.14 cgd /* ARGSUSED */ 473 1.32 christos int 474 1.73 dsl sys_setgid(struct lwp *l, void *v, register_t *retval) 475 1.29 thorpej { 476 1.30 mycroft struct sys_setgid_args /* { 477 1.19 cgd syscallarg(gid_t) gid; 478 1.29 thorpej } */ *uap = v; 479 1.76 dsl gid_t gid = SCARG(uap, gid); 480 1.14 cgd 481 1.76 dsl return do_setresgid(l, gid, gid, gid, 482 1.76 dsl ID_R_EQ_R | ID_E_EQ_R | ID_S_EQ_R); 483 1.14 cgd } 484 1.14 cgd 485 1.14 cgd /* ARGSUSED */ 486 1.32 christos int 487 1.73 dsl sys_setegid(struct lwp *l, void *v, register_t *retval) 488 1.29 thorpej { 489 1.30 mycroft struct sys_setegid_args /* { 490 1.19 cgd syscallarg(gid_t) egid; 491 1.29 thorpej } */ *uap = v; 492 1.14 cgd 493 1.76 dsl return do_setresgid(l, -1, SCARG(uap, egid), -1, ID_E_EQ_R | ID_E_EQ_S); 494 1.35 mycroft } 495 1.35 mycroft 496 1.35 mycroft int 497 1.73 dsl sys_setregid(struct lwp *l, void *v, register_t *retval) 498 1.35 mycroft { 499 1.35 mycroft struct sys_setregid_args /* { 500 1.35 mycroft syscallarg(gid_t) rgid; 501 1.35 mycroft syscallarg(gid_t) egid; 502 1.35 mycroft } */ *uap = v; 503 1.70 thorpej struct proc *p = l->l_proc; 504 1.76 dsl gid_t rgid, egid, svgid; 505 1.35 mycroft 506 1.35 mycroft rgid = SCARG(uap, rgid); 507 1.35 mycroft egid = SCARG(uap, egid); 508 1.76 dsl if (rgid == -1) 509 1.76 dsl rgid = p->p_cred->p_rgid; 510 1.76 dsl if (egid == -1) 511 1.76 dsl egid = p->p_ucred->cr_gid; 512 1.76 dsl /* Saved gid is set to the new egid if the rgid changed */ 513 1.76 dsl svgid = rgid == p->p_cred->p_rgid ? -1 : egid; 514 1.76 dsl 515 1.76 dsl return do_setresgid(l, rgid, egid, svgid, 516 1.76 dsl ID_R_EQ_R | ID_R_EQ_E | 517 1.76 dsl ID_E_EQ_R | ID_E_EQ_E | ID_E_EQ_S | 518 1.76 dsl ID_S_EQ_R | ID_S_EQ_E | ID_S_EQ_S); 519 1.57 minoura } 520 1.57 minoura 521 1.57 minoura int 522 1.73 dsl sys_issetugid(struct lwp *l, void *v, register_t *retval) 523 1.57 minoura { 524 1.70 thorpej struct proc *p = l->l_proc; 525 1.75 enami 526 1.57 minoura /* 527 1.57 minoura * Note: OpenBSD sets a P_SUGIDEXEC flag set at execve() time, 528 1.57 minoura * we use P_SUGID because we consider changing the owners as 529 1.57 minoura * "tainting" as well. 530 1.57 minoura * This is significant for procs that start as root and "become" 531 1.57 minoura * a user without an exec - programs cannot know *everything* 532 1.57 minoura * that libc *might* have put in their data segment. 533 1.57 minoura */ 534 1.57 minoura *retval = (p->p_flag & P_SUGID) != 0; 535 1.60 christos return (0); 536 1.14 cgd } 537 1.14 cgd 538 1.15 cgd /* ARGSUSED */ 539 1.32 christos int 540 1.73 dsl sys_setgroups(struct lwp *l, void *v, register_t *retval) 541 1.29 thorpej { 542 1.30 mycroft struct sys_setgroups_args /* { 543 1.41 thorpej syscallarg(int) gidsetsize; 544 1.38 cgd syscallarg(const gid_t *) gidset; 545 1.29 thorpej } */ *uap = v; 546 1.70 thorpej struct proc *p = l->l_proc; 547 1.56 augustss struct pcred *pc = p->p_cred; 548 1.56 augustss int ngrp; 549 1.15 cgd int error; 550 1.59 christos gid_t grp[NGROUPS]; 551 1.59 christos size_t grsize; 552 1.15 cgd 553 1.32 christos if ((error = suser(pc->pc_ucred, &p->p_acflag)) != 0) 554 1.15 cgd return (error); 555 1.59 christos 556 1.19 cgd ngrp = SCARG(uap, gidsetsize); 557 1.42 mycroft if ((u_int)ngrp > NGROUPS) 558 1.15 cgd return (EINVAL); 559 1.59 christos 560 1.59 christos grsize = ngrp * sizeof(gid_t); 561 1.59 christos error = copyin(SCARG(uap, gidset), grp, grsize); 562 1.32 christos if (error) 563 1.15 cgd return (error); 564 1.59 christos /* 565 1.60 christos * Check if this is a no-op. 566 1.59 christos */ 567 1.69 thorpej if (pc->pc_ucred->cr_ngroups == (u_int) ngrp && 568 1.59 christos memcmp(grp, pc->pc_ucred->cr_groups, grsize) == 0) 569 1.60 christos return (0); 570 1.59 christos 571 1.59 christos pc->pc_ucred = crcopy(pc->pc_ucred); 572 1.59 christos (void)memcpy(pc->pc_ucred->cr_groups, grp, grsize); 573 1.15 cgd pc->pc_ucred->cr_ngroups = ngrp; 574 1.55 bouyer p_sugid(p); 575 1.15 cgd return (0); 576 1.15 cgd } 577 1.14 cgd 578 1.14 cgd /* 579 1.14 cgd * Check if gid is a member of the group set. 580 1.14 cgd */ 581 1.32 christos int 582 1.73 dsl groupmember(gid_t gid, const struct ucred *cred) 583 1.14 cgd { 584 1.73 dsl const gid_t *gp; 585 1.73 dsl const gid_t *egp; 586 1.14 cgd 587 1.14 cgd egp = &(cred->cr_groups[cred->cr_ngroups]); 588 1.14 cgd for (gp = cred->cr_groups; gp < egp; gp++) 589 1.14 cgd if (*gp == gid) 590 1.14 cgd return (1); 591 1.14 cgd return (0); 592 1.14 cgd } 593 1.14 cgd 594 1.14 cgd /* 595 1.14 cgd * Test whether the specified credentials imply "super-user" 596 1.14 cgd * privilege; if so, and we have accounting info, set the flag 597 1.14 cgd * indicating use of super-powers. 598 1.14 cgd * Returns 0 or error. 599 1.14 cgd */ 600 1.32 christos int 601 1.73 dsl suser(const struct ucred *cred, u_short *acflag) 602 1.14 cgd { 603 1.75 enami 604 1.14 cgd if (cred->cr_uid == 0) { 605 1.14 cgd if (acflag) 606 1.14 cgd *acflag |= ASU; 607 1.14 cgd return (0); 608 1.14 cgd } 609 1.14 cgd return (EPERM); 610 1.14 cgd } 611 1.14 cgd 612 1.14 cgd /* 613 1.14 cgd * Allocate a zeroed cred structure. 614 1.14 cgd */ 615 1.14 cgd struct ucred * 616 1.73 dsl crget(void) 617 1.14 cgd { 618 1.56 augustss struct ucred *cr; 619 1.14 cgd 620 1.14 cgd MALLOC(cr, struct ucred *, sizeof(*cr), M_CRED, M_WAITOK); 621 1.49 perry memset((caddr_t)cr, 0, sizeof(*cr)); 622 1.14 cgd cr->cr_ref = 1; 623 1.14 cgd return (cr); 624 1.14 cgd } 625 1.14 cgd 626 1.14 cgd /* 627 1.14 cgd * Free a cred structure. 628 1.14 cgd * Throws away space when ref count gets to 0. 629 1.14 cgd */ 630 1.22 cgd void 631 1.73 dsl crfree(struct ucred *cr) 632 1.14 cgd { 633 1.14 cgd 634 1.15 cgd if (--cr->cr_ref == 0) 635 1.15 cgd FREE((caddr_t)cr, M_CRED); 636 1.79 christos } 637 1.79 christos 638 1.79 christos /* 639 1.79 christos * Compare cred structures and return 0 if they match 640 1.79 christos */ 641 1.79 christos int 642 1.79 christos crcmp(const struct ucred *cr1, const struct uucred *cr2) 643 1.79 christos { 644 1.79 christos return cr1->cr_uid != cr2->cr_uid || 645 1.79 christos cr1->cr_gid != cr2->cr_gid || 646 1.79 christos cr1->cr_ngroups != (uint32_t)cr2->cr_ngroups || 647 1.79 christos memcmp(cr1->cr_groups, cr2->cr_groups, cr1->cr_ngroups); 648 1.14 cgd } 649 1.14 cgd 650 1.14 cgd /* 651 1.14 cgd * Copy cred structure to a new one and free the old one. 652 1.14 cgd */ 653 1.14 cgd struct ucred * 654 1.73 dsl crcopy(struct ucred *cr) 655 1.14 cgd { 656 1.14 cgd struct ucred *newcr; 657 1.14 cgd 658 1.14 cgd if (cr->cr_ref == 1) 659 1.14 cgd return (cr); 660 1.14 cgd newcr = crget(); 661 1.14 cgd *newcr = *cr; 662 1.14 cgd crfree(cr); 663 1.14 cgd newcr->cr_ref = 1; 664 1.14 cgd return (newcr); 665 1.14 cgd } 666 1.14 cgd 667 1.14 cgd /* 668 1.14 cgd * Dup cred struct to a new held one. 669 1.14 cgd */ 670 1.14 cgd struct ucred * 671 1.73 dsl crdup(const struct ucred *cr) 672 1.14 cgd { 673 1.14 cgd struct ucred *newcr; 674 1.14 cgd 675 1.14 cgd newcr = crget(); 676 1.14 cgd *newcr = *cr; 677 1.14 cgd newcr->cr_ref = 1; 678 1.14 cgd return (newcr); 679 1.67 christos } 680 1.67 christos 681 1.67 christos /* 682 1.67 christos * convert from userland credentials to kernel one 683 1.67 christos */ 684 1.67 christos void 685 1.73 dsl crcvt(struct ucred *uc, const struct uucred *uuc) 686 1.67 christos { 687 1.75 enami 688 1.67 christos uc->cr_ref = 0; 689 1.67 christos uc->cr_uid = uuc->cr_uid; 690 1.67 christos uc->cr_gid = uuc->cr_gid; 691 1.67 christos uc->cr_ngroups = uuc->cr_ngroups; 692 1.67 christos (void)memcpy(uc->cr_groups, uuc->cr_groups, sizeof(uuc->cr_groups)); 693 1.14 cgd } 694 1.14 cgd 695 1.14 cgd /* 696 1.14 cgd * Get login name, if available. 697 1.14 cgd */ 698 1.14 cgd /* ARGSUSED */ 699 1.32 christos int 700 1.73 dsl sys___getlogin(struct lwp *l, void *v, register_t *retval) 701 1.29 thorpej { 702 1.37 jtc struct sys___getlogin_args /* { 703 1.19 cgd syscallarg(char *) namebuf; 704 1.53 kleink syscallarg(size_t) namelen; 705 1.29 thorpej } */ *uap = v; 706 1.70 thorpej struct proc *p = l->l_proc; 707 1.14 cgd 708 1.48 perry if (SCARG(uap, namelen) > sizeof(p->p_pgrp->pg_session->s_login)) 709 1.48 perry SCARG(uap, namelen) = sizeof(p->p_pgrp->pg_session->s_login); 710 1.14 cgd return (copyout((caddr_t) p->p_pgrp->pg_session->s_login, 711 1.19 cgd (caddr_t) SCARG(uap, namebuf), SCARG(uap, namelen))); 712 1.14 cgd } 713 1.14 cgd 714 1.14 cgd /* 715 1.14 cgd * Set login name. 716 1.14 cgd */ 717 1.14 cgd /* ARGSUSED */ 718 1.32 christos int 719 1.73 dsl sys___setlogin(struct lwp *l, void *v, register_t *retval) 720 1.29 thorpej { 721 1.70 thorpej struct sys___setlogin_args /* { 722 1.38 cgd syscallarg(const char *) namebuf; 723 1.29 thorpej } */ *uap = v; 724 1.70 thorpej struct proc *p = l->l_proc; 725 1.72 dsl struct session *s = p->p_pgrp->pg_session; 726 1.72 dsl char newname[sizeof s->s_login + 1]; 727 1.14 cgd int error; 728 1.14 cgd 729 1.32 christos if ((error = suser(p->p_ucred, &p->p_acflag)) != 0) 730 1.14 cgd return (error); 731 1.72 dsl error = copyinstr(SCARG(uap, namebuf), &newname, sizeof newname, NULL); 732 1.72 dsl if (error != 0) 733 1.75 enami return (error == ENAMETOOLONG ? EINVAL : error); 734 1.72 dsl 735 1.72 dsl if (s->s_flags & S_LOGIN_SET && p->p_pid != s->s_sid && 736 1.72 dsl strncmp(newname, s->s_login, sizeof s->s_login) != 0) 737 1.74 wiz log(LOG_WARNING, "%s (pid %d) changing logname from " 738 1.74 wiz "%.*s to %s\n", p->p_comm, p->p_pid, 739 1.74 wiz (int)sizeof s->s_login, s->s_login, newname); 740 1.72 dsl s->s_flags |= S_LOGIN_SET; 741 1.72 dsl strncpy(s->s_login, newname, sizeof s->s_login); 742 1.75 enami return (0); 743 1.14 cgd } 744
Indexes created Sun Sep 21 20:09:37 GMT 2025