kern_prot.c revision 1.84.12.3
1 1.84.12.3 yamt /* $NetBSD: kern_prot.c,v 1.84.12.3 2007/02/26 09:11:09 yamt Exp $ */ 2 1.16 cgd 3 1.14 cgd /* 4 1.15 cgd * Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993 5 1.15 cgd * The Regents of the University of California. All rights reserved. 6 1.14 cgd * (c) UNIX System Laboratories, Inc. 7 1.14 cgd * All or some portions of this file are derived from material licensed 8 1.14 cgd * to the University of California by American Telephone and Telegraph 9 1.14 cgd * Co. or Unix System Laboratories, Inc. and are reproduced herein with 10 1.14 cgd * the permission of UNIX System Laboratories, Inc. 11 1.14 cgd * 12 1.14 cgd * Redistribution and use in source and binary forms, with or without 13 1.14 cgd * modification, are permitted provided that the following conditions 14 1.14 cgd * are met: 15 1.14 cgd * 1. Redistributions of source code must retain the above copyright 16 1.14 cgd * notice, this list of conditions and the following disclaimer. 17 1.14 cgd * 2. Redistributions in binary form must reproduce the above copyright 18 1.14 cgd * notice, this list of conditions and the following disclaimer in the 19 1.14 cgd * documentation and/or other materials provided with the distribution. 20 1.80 agc * 3. Neither the name of the University nor the names of its contributors 21 1.14 cgd * may be used to endorse or promote products derived from this software 22 1.14 cgd * without specific prior written permission. 23 1.14 cgd * 24 1.14 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 1.14 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 1.14 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 1.14 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 1.14 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 1.14 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 1.14 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 1.14 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 1.14 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 1.14 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 1.14 cgd * SUCH DAMAGE. 35 1.14 cgd * 36 1.44 fvdl * @(#)kern_prot.c 8.9 (Berkeley) 2/14/95 37 1.14 cgd */ 38 1.14 cgd 39 1.14 cgd /* 40 1.14 cgd * System calls related to processes and protection 41 1.14 cgd */ 42 1.65 lukem 43 1.65 lukem #include <sys/cdefs.h> 44 1.84.12.3 yamt __KERNEL_RCSID(0, "$NetBSD: kern_prot.c,v 1.84.12.3 2007/02/26 09:11:09 yamt Exp $"); 45 1.45 thorpej 46 1.51 christos #include "opt_compat_43.h" 47 1.14 cgd 48 1.14 cgd #include <sys/param.h> 49 1.14 cgd #include <sys/acct.h> 50 1.14 cgd #include <sys/systm.h> 51 1.14 cgd #include <sys/ucred.h> 52 1.14 cgd #include <sys/proc.h> 53 1.14 cgd #include <sys/timeb.h> 54 1.14 cgd #include <sys/times.h> 55 1.82 simonb #include <sys/pool.h> 56 1.72 dsl #include <sys/syslog.h> 57 1.81 christos #include <sys/resourcevar.h> 58 1.84.12.1 yamt #include <sys/kauth.h> 59 1.14 cgd 60 1.19 cgd #include <sys/mount.h> 61 1.19 cgd #include <sys/syscallargs.h> 62 1.71 thorpej 63 1.84.12.1 yamt #include <sys/malloc.h> 64 1.63 mycroft 65 1.70 thorpej int sys_getpid(struct lwp *, void *, register_t *); 66 1.70 thorpej int sys_getpid_with_ppid(struct lwp *, void *, register_t *); 67 1.70 thorpej int sys_getuid(struct lwp *, void *, register_t *); 68 1.70 thorpej int sys_getuid_with_euid(struct lwp *, void *, register_t *); 69 1.70 thorpej int sys_getgid(struct lwp *, void *, register_t *); 70 1.70 thorpej int sys_getgid_with_egid(struct lwp *, void *, register_t *); 71 1.32 christos 72 1.84.12.1 yamt static int grsortu(gid_t *, int); 73 1.84.12.1 yamt 74 1.14 cgd /* ARGSUSED */ 75 1.32 christos int 76 1.73 dsl sys_getpid(struct lwp *l, void *v, register_t *retval) 77 1.14 cgd { 78 1.70 thorpej struct proc *p = l->l_proc; 79 1.14 cgd 80 1.14 cgd *retval = p->p_pid; 81 1.62 mycroft return (0); 82 1.62 mycroft } 83 1.62 mycroft 84 1.62 mycroft /* ARGSUSED */ 85 1.62 mycroft int 86 1.73 dsl sys_getpid_with_ppid(struct lwp *l, void *v, register_t *retval) 87 1.62 mycroft { 88 1.70 thorpej struct proc *p = l->l_proc; 89 1.62 mycroft 90 1.62 mycroft retval[0] = p->p_pid; 91 1.84.12.3 yamt rw_enter(&proclist_lock, RW_READER); 92 1.62 mycroft retval[1] = p->p_pptr->p_pid; 93 1.84.12.3 yamt rw_exit(&proclist_lock); 94 1.14 cgd return (0); 95 1.14 cgd } 96 1.14 cgd 97 1.14 cgd /* ARGSUSED */ 98 1.32 christos int 99 1.73 dsl sys_getppid(struct lwp *l, void *v, register_t *retval) 100 1.14 cgd { 101 1.70 thorpej struct proc *p = l->l_proc; 102 1.14 cgd 103 1.84.12.3 yamt rw_enter(&proclist_lock, RW_READER); 104 1.14 cgd *retval = p->p_pptr->p_pid; 105 1.84.12.3 yamt rw_exit(&proclist_lock); 106 1.14 cgd return (0); 107 1.14 cgd } 108 1.14 cgd 109 1.14 cgd /* Get process group ID; note that POSIX getpgrp takes no parameter */ 110 1.32 christos int 111 1.73 dsl sys_getpgrp(struct lwp *l, void *v, register_t *retval) 112 1.14 cgd { 113 1.70 thorpej struct proc *p = l->l_proc; 114 1.14 cgd 115 1.84.12.3 yamt rw_enter(&proclist_lock, RW_READER); 116 1.14 cgd *retval = p->p_pgrp->pg_id; 117 1.84.12.3 yamt rw_exit(&proclist_lock); 118 1.14 cgd return (0); 119 1.43 thorpej } 120 1.43 thorpej 121 1.43 thorpej /* 122 1.43 thorpej * Return the process group ID of the session leader (session ID) 123 1.43 thorpej * for the specified process. 124 1.43 thorpej */ 125 1.43 thorpej int 126 1.73 dsl sys_getsid(struct lwp *l, void *v, register_t *retval) 127 1.43 thorpej { 128 1.43 thorpej struct sys_getsid_args /* { 129 1.43 thorpej syscalldarg(pid_t) pid; 130 1.43 thorpej } */ *uap = v; 131 1.84.12.3 yamt pid_t pid = SCARG(uap, pid); 132 1.84.12.3 yamt struct proc *p; 133 1.84.12.3 yamt int error = 0; 134 1.84.12.3 yamt 135 1.84.12.3 yamt rw_enter(&proclist_lock, RW_READER); 136 1.84.12.3 yamt if (pid == 0) 137 1.84.12.3 yamt *retval = l->l_proc->p_session->s_sid; 138 1.84.12.3 yamt else if ((p = p_find(pid, PFIND_LOCKED)) != NULL) 139 1.84.12.3 yamt *retval = p->p_session->s_sid; 140 1.84.12.3 yamt else 141 1.84.12.3 yamt error = ESRCH; 142 1.84.12.3 yamt rw_exit(&proclist_lock); 143 1.43 thorpej 144 1.84.12.3 yamt return error; 145 1.36 mrg } 146 1.36 mrg 147 1.36 mrg int 148 1.73 dsl sys_getpgid(struct lwp *l, void *v, register_t *retval) 149 1.36 mrg { 150 1.56 augustss struct sys_getpgid_args /* { 151 1.36 mrg syscallarg(pid_t) pid; 152 1.36 mrg } */ *uap = v; 153 1.84.12.3 yamt pid_t pid = SCARG(uap, pid); 154 1.84.12.3 yamt struct proc *p; 155 1.84.12.3 yamt int error = 0; 156 1.84.12.3 yamt 157 1.84.12.3 yamt rw_enter(&proclist_lock, RW_READER); 158 1.84.12.3 yamt if (pid == 0) 159 1.84.12.3 yamt *retval = l->l_proc->p_pgid; 160 1.84.12.3 yamt else if ((p = p_find(pid, PFIND_LOCKED)) != NULL) 161 1.84.12.3 yamt *retval = p->p_pgid; 162 1.84.12.3 yamt else 163 1.84.12.3 yamt error = ESRCH; 164 1.84.12.3 yamt rw_exit(&proclist_lock); 165 1.36 mrg 166 1.84.12.3 yamt return error; 167 1.14 cgd } 168 1.14 cgd 169 1.14 cgd /* ARGSUSED */ 170 1.32 christos int 171 1.73 dsl sys_getuid(struct lwp *l, void *v, register_t *retval) 172 1.14 cgd { 173 1.14 cgd 174 1.84.12.2 yamt *retval = kauth_cred_getuid(l->l_cred); 175 1.62 mycroft return (0); 176 1.62 mycroft } 177 1.62 mycroft 178 1.62 mycroft /* ARGSUSED */ 179 1.62 mycroft int 180 1.73 dsl sys_getuid_with_euid(struct lwp *l, void *v, register_t *retval) 181 1.62 mycroft { 182 1.62 mycroft 183 1.84.12.2 yamt retval[0] = kauth_cred_getuid(l->l_cred); 184 1.84.12.2 yamt retval[1] = kauth_cred_geteuid(l->l_cred); 185 1.14 cgd return (0); 186 1.14 cgd } 187 1.14 cgd 188 1.14 cgd /* ARGSUSED */ 189 1.32 christos int 190 1.73 dsl sys_geteuid(struct lwp *l, void *v, register_t *retval) 191 1.14 cgd { 192 1.14 cgd 193 1.84.12.2 yamt *retval = kauth_cred_geteuid(l->l_cred); 194 1.14 cgd return (0); 195 1.14 cgd } 196 1.14 cgd 197 1.14 cgd /* ARGSUSED */ 198 1.32 christos int 199 1.73 dsl sys_getgid(struct lwp *l, void *v, register_t *retval) 200 1.14 cgd { 201 1.14 cgd 202 1.84.12.2 yamt *retval = kauth_cred_getgid(l->l_cred); 203 1.62 mycroft return (0); 204 1.62 mycroft } 205 1.62 mycroft 206 1.62 mycroft /* ARGSUSED */ 207 1.62 mycroft int 208 1.73 dsl sys_getgid_with_egid(struct lwp *l, void *v, register_t *retval) 209 1.62 mycroft { 210 1.62 mycroft 211 1.84.12.2 yamt retval[0] = kauth_cred_getgid(l->l_cred); 212 1.84.12.2 yamt retval[1] = kauth_cred_getegid(l->l_cred); 213 1.14 cgd return (0); 214 1.14 cgd } 215 1.14 cgd 216 1.14 cgd /* 217 1.14 cgd * Get effective group ID. The "egid" is groups[0], and could be obtained 218 1.14 cgd * via getgroups. This syscall exists because it is somewhat painful to do 219 1.14 cgd * correctly in a library function. 220 1.14 cgd */ 221 1.14 cgd /* ARGSUSED */ 222 1.32 christos int 223 1.73 dsl sys_getegid(struct lwp *l, void *v, register_t *retval) 224 1.14 cgd { 225 1.75 enami 226 1.84.12.2 yamt *retval = kauth_cred_getegid(l->l_cred); 227 1.14 cgd return (0); 228 1.14 cgd } 229 1.14 cgd 230 1.32 christos int 231 1.73 dsl sys_getgroups(struct lwp *l, void *v, register_t *retval) 232 1.29 thorpej { 233 1.56 augustss struct sys_getgroups_args /* { 234 1.41 thorpej syscallarg(int) gidsetsize; 235 1.19 cgd syscallarg(gid_t *) gidset; 236 1.29 thorpej } */ *uap = v; 237 1.84.12.2 yamt kauth_cred_t cred = l->l_cred; 238 1.69 thorpej u_int ngrp; 239 1.14 cgd int error; 240 1.84.12.1 yamt gid_t *grbuf; 241 1.14 cgd 242 1.69 thorpej if (SCARG(uap, gidsetsize) == 0) { 243 1.84.12.2 yamt *retval = kauth_cred_ngroups(cred); 244 1.14 cgd return (0); 245 1.69 thorpej } else if (SCARG(uap, gidsetsize) < 0) 246 1.69 thorpej return (EINVAL); 247 1.69 thorpej ngrp = SCARG(uap, gidsetsize); 248 1.84.12.2 yamt if (ngrp < kauth_cred_ngroups(cred)) 249 1.14 cgd return (EINVAL); 250 1.84.12.2 yamt ngrp = kauth_cred_ngroups(cred); 251 1.84.12.1 yamt 252 1.84.12.1 yamt grbuf = malloc(ngrp * sizeof(*grbuf), M_TEMP, M_WAITOK); 253 1.84.12.2 yamt kauth_cred_getgroups(cred, grbuf, ngrp); 254 1.84.12.1 yamt error = copyout(grbuf, (caddr_t)SCARG(uap, gidset), 255 1.84.12.1 yamt ngrp * sizeof(gid_t)); 256 1.84.12.1 yamt free(grbuf, M_TEMP); 257 1.32 christos if (error) 258 1.14 cgd return (error); 259 1.14 cgd *retval = ngrp; 260 1.14 cgd return (0); 261 1.14 cgd } 262 1.14 cgd 263 1.14 cgd /* ARGSUSED */ 264 1.32 christos int 265 1.73 dsl sys_setsid(struct lwp *l, void *v, register_t *retval) 266 1.14 cgd { 267 1.70 thorpej struct proc *p = l->l_proc; 268 1.84.12.3 yamt int error; 269 1.14 cgd 270 1.84.12.3 yamt error = enterpgrp(p, p->p_pid, p->p_pid, 1); 271 1.84.12.3 yamt *retval = p->p_pid; 272 1.84.12.3 yamt return (error); 273 1.14 cgd } 274 1.14 cgd 275 1.84.12.3 yamt 276 1.14 cgd /* 277 1.14 cgd * set process group (setpgid/old setpgrp) 278 1.14 cgd * 279 1.14 cgd * caller does setpgid(targpid, targpgid) 280 1.14 cgd * 281 1.39 mikel * pgid must be in valid range (EINVAL) 282 1.14 cgd * pid must be caller or child of caller (ESRCH) 283 1.14 cgd * if a child 284 1.14 cgd * pid must be in same session (EPERM) 285 1.14 cgd * pid can't have done an exec (EACCES) 286 1.14 cgd * if pgid != pid 287 1.14 cgd * there must exist some pid in same session having pgid (EPERM) 288 1.14 cgd * pid must not be session leader (EPERM) 289 1.77 dsl * 290 1.77 dsl * Permission checks now in enterpgrp() 291 1.14 cgd */ 292 1.14 cgd /* ARGSUSED */ 293 1.32 christos int 294 1.73 dsl sys_setpgid(struct lwp *l, void *v, register_t *retval) 295 1.29 thorpej { 296 1.56 augustss struct sys_setpgid_args /* { 297 1.19 cgd syscallarg(int) pid; 298 1.19 cgd syscallarg(int) pgid; 299 1.29 thorpej } */ *uap = v; 300 1.84.12.3 yamt struct proc *p = l->l_proc; 301 1.84.12.3 yamt pid_t targp, pgid; 302 1.14 cgd 303 1.39 mikel if (SCARG(uap, pgid) < 0) 304 1.77 dsl return EINVAL; 305 1.84.12.3 yamt if ((targp = SCARG(uap, pid)) == 0) 306 1.84.12.3 yamt targp = p->p_pid; 307 1.84.12.3 yamt if ((pgid = SCARG(uap, pgid)) == 0) 308 1.84.12.3 yamt pgid = targp; 309 1.14 cgd 310 1.84.12.3 yamt return enterpgrp(p, targp, pgid, 0); 311 1.14 cgd } 312 1.14 cgd 313 1.76 dsl /* 314 1.76 dsl * Set real, effective and saved uids to the requested values. 315 1.76 dsl * non-root callers can only ever change uids to values that match 316 1.76 dsl * one of the processes current uid values. 317 1.76 dsl * This is further restricted by the flags argument. 318 1.76 dsl */ 319 1.76 dsl 320 1.76 dsl int 321 1.76 dsl do_setresuid(struct lwp *l, uid_t r, uid_t e, uid_t sv, u_int flags) 322 1.76 dsl { 323 1.76 dsl struct proc *p = l->l_proc; 324 1.84.12.3 yamt kauth_cred_t cred, ncred; 325 1.84.12.3 yamt 326 1.84.12.3 yamt ncred = kauth_cred_alloc(); 327 1.76 dsl 328 1.84.12.2 yamt /* Get a write lock on the process credential. */ 329 1.84.12.3 yamt proc_crmod_enter(); 330 1.84.12.2 yamt cred = p->p_cred; 331 1.84.12.2 yamt 332 1.84.12.2 yamt /* 333 1.84.12.2 yamt * Check that the new value is one of the allowed existing values, 334 1.84.12.2 yamt * or that we have root privilege. 335 1.84.12.2 yamt */ 336 1.84.12.2 yamt if ((r != -1 337 1.84.12.2 yamt && !((flags & ID_R_EQ_R) && r == kauth_cred_getuid(cred)) 338 1.84.12.2 yamt && !((flags & ID_R_EQ_E) && r == kauth_cred_geteuid(cred)) 339 1.84.12.2 yamt && !((flags & ID_R_EQ_S) && r == kauth_cred_getsvuid(cred))) || 340 1.84.12.2 yamt (e != -1 341 1.84.12.2 yamt && !((flags & ID_E_EQ_R) && e == kauth_cred_getuid(cred)) 342 1.84.12.2 yamt && !((flags & ID_E_EQ_E) && e == kauth_cred_geteuid(cred)) 343 1.84.12.2 yamt && !((flags & ID_E_EQ_S) && e == kauth_cred_getsvuid(cred))) || 344 1.84.12.2 yamt (sv != -1 345 1.84.12.2 yamt && !((flags & ID_S_EQ_R) && sv == kauth_cred_getuid(cred)) 346 1.84.12.2 yamt && !((flags & ID_S_EQ_E) && sv == kauth_cred_geteuid(cred)) 347 1.84.12.2 yamt && !((flags & ID_S_EQ_S) && sv == kauth_cred_getsvuid(cred)))) { 348 1.84.12.2 yamt int error; 349 1.84.12.2 yamt 350 1.84.12.2 yamt error = kauth_authorize_process(cred, KAUTH_PROCESS_SETID, 351 1.84.12.2 yamt p, NULL, NULL, NULL); 352 1.84.12.2 yamt if (error != 0) { 353 1.84.12.3 yamt proc_crmod_leave(cred, ncred, false); 354 1.76 dsl return error; 355 1.84.12.2 yamt } 356 1.76 dsl } 357 1.76 dsl 358 1.76 dsl /* If nothing has changed, short circuit the request */ 359 1.84.12.1 yamt if ((r == -1 || r == kauth_cred_getuid(cred)) 360 1.84.12.1 yamt && (e == -1 || e == kauth_cred_geteuid(cred)) 361 1.84.12.2 yamt && (sv == -1 || sv == kauth_cred_getsvuid(cred))) { 362 1.84.12.3 yamt proc_crmod_leave(cred, ncred, false); 363 1.76 dsl return 0; 364 1.84.12.2 yamt } 365 1.84.12.2 yamt 366 1.84.12.3 yamt kauth_cred_clone(cred, ncred); 367 1.76 dsl 368 1.84.12.3 yamt if (r != -1 && r != kauth_cred_getuid(ncred)) { 369 1.76 dsl /* Update count of processes for this user */ 370 1.84.12.3 yamt (void)chgproccnt(kauth_cred_getuid(ncred), -1); 371 1.76 dsl (void)chgproccnt(r, 1); 372 1.84.12.3 yamt kauth_cred_setuid(ncred, r); 373 1.76 dsl } 374 1.76 dsl if (sv != -1) 375 1.84.12.3 yamt kauth_cred_setsvuid(ncred, sv); 376 1.84.12.2 yamt if (e != -1) 377 1.84.12.3 yamt kauth_cred_seteuid(ncred, e); 378 1.84.12.2 yamt 379 1.84.12.2 yamt /* Broadcast our credentials to the process and other LWPs. */ 380 1.84.12.3 yamt proc_crmod_leave(ncred, cred, true); 381 1.84.12.2 yamt 382 1.76 dsl return 0; 383 1.76 dsl } 384 1.76 dsl 385 1.76 dsl /* 386 1.76 dsl * Set real, effective and saved gids to the requested values. 387 1.76 dsl * non-root callers can only ever change gids to values that match 388 1.76 dsl * one of the processes current gid values. 389 1.76 dsl * This is further restricted by the flags argument. 390 1.76 dsl */ 391 1.76 dsl 392 1.76 dsl int 393 1.76 dsl do_setresgid(struct lwp *l, gid_t r, gid_t e, gid_t sv, u_int flags) 394 1.76 dsl { 395 1.76 dsl struct proc *p = l->l_proc; 396 1.84.12.3 yamt kauth_cred_t cred, ncred; 397 1.84.12.3 yamt 398 1.84.12.3 yamt ncred = kauth_cred_alloc(); 399 1.76 dsl 400 1.84.12.2 yamt /* Get a write lock on the process credential. */ 401 1.84.12.3 yamt proc_crmod_enter(); 402 1.84.12.2 yamt cred = p->p_cred; 403 1.84.12.2 yamt 404 1.84.12.2 yamt /* 405 1.84.12.2 yamt * check new value is one of the allowed existing values. 406 1.84.12.2 yamt * otherwise, check if we have root privilege. 407 1.84.12.2 yamt */ 408 1.84.12.2 yamt if ((r != -1 409 1.84.12.2 yamt && !((flags & ID_R_EQ_R) && r == kauth_cred_getgid(cred)) 410 1.84.12.2 yamt && !((flags & ID_R_EQ_E) && r == kauth_cred_getegid(cred)) 411 1.84.12.2 yamt && !((flags & ID_R_EQ_S) && r == kauth_cred_getsvgid(cred))) || 412 1.84.12.2 yamt (e != -1 413 1.84.12.2 yamt && !((flags & ID_E_EQ_R) && e == kauth_cred_getgid(cred)) 414 1.84.12.2 yamt && !((flags & ID_E_EQ_E) && e == kauth_cred_getegid(cred)) 415 1.84.12.2 yamt && !((flags & ID_E_EQ_S) && e == kauth_cred_getsvgid(cred))) || 416 1.84.12.2 yamt (sv != -1 417 1.84.12.2 yamt && !((flags & ID_S_EQ_R) && sv == kauth_cred_getgid(cred)) 418 1.84.12.2 yamt && !((flags & ID_S_EQ_E) && sv == kauth_cred_getegid(cred)) 419 1.84.12.2 yamt && !((flags & ID_S_EQ_S) && sv == kauth_cred_getsvgid(cred)))) { 420 1.84.12.2 yamt int error; 421 1.84.12.2 yamt 422 1.84.12.2 yamt error = kauth_authorize_process(cred, KAUTH_PROCESS_SETID, 423 1.84.12.2 yamt p, NULL, NULL, NULL); 424 1.84.12.2 yamt if (error != 0) { 425 1.84.12.3 yamt proc_crmod_leave(cred, ncred, false); 426 1.76 dsl return error; 427 1.84.12.2 yamt } 428 1.76 dsl } 429 1.76 dsl 430 1.76 dsl /* If nothing has changed, short circuit the request */ 431 1.84.12.1 yamt if ((r == -1 || r == kauth_cred_getgid(cred)) 432 1.84.12.1 yamt && (e == -1 || e == kauth_cred_getegid(cred)) 433 1.84.12.2 yamt && (sv == -1 || sv == kauth_cred_getsvgid(cred))) { 434 1.84.12.3 yamt proc_crmod_leave(cred, ncred, false); 435 1.76 dsl return 0; 436 1.84.12.2 yamt } 437 1.84.12.2 yamt 438 1.84.12.3 yamt kauth_cred_clone(cred, ncred); 439 1.76 dsl 440 1.76 dsl if (r != -1) 441 1.84.12.3 yamt kauth_cred_setgid(ncred, r); 442 1.76 dsl if (sv != -1) 443 1.84.12.3 yamt kauth_cred_setsvgid(ncred, sv); 444 1.84.12.2 yamt if (e != -1) 445 1.84.12.3 yamt kauth_cred_setegid(ncred, e); 446 1.84.12.2 yamt 447 1.84.12.2 yamt /* Broadcast our credentials to the process and other LWPs. */ 448 1.84.12.3 yamt proc_crmod_leave(ncred, cred, true); 449 1.84.12.2 yamt 450 1.76 dsl return 0; 451 1.76 dsl } 452 1.76 dsl 453 1.14 cgd /* ARGSUSED */ 454 1.32 christos int 455 1.73 dsl sys_setuid(struct lwp *l, void *v, register_t *retval) 456 1.29 thorpej { 457 1.30 mycroft struct sys_setuid_args /* { 458 1.19 cgd syscallarg(uid_t) uid; 459 1.29 thorpej } */ *uap = v; 460 1.76 dsl uid_t uid = SCARG(uap, uid); 461 1.14 cgd 462 1.76 dsl return do_setresuid(l, uid, uid, uid, 463 1.76 dsl ID_R_EQ_R | ID_E_EQ_R | ID_S_EQ_R); 464 1.14 cgd } 465 1.14 cgd 466 1.14 cgd /* ARGSUSED */ 467 1.32 christos int 468 1.73 dsl sys_seteuid(struct lwp *l, void *v, register_t *retval) 469 1.29 thorpej { 470 1.30 mycroft struct sys_seteuid_args /* { 471 1.19 cgd syscallarg(uid_t) euid; 472 1.29 thorpej } */ *uap = v; 473 1.59 christos 474 1.76 dsl return do_setresuid(l, -1, SCARG(uap, euid), -1, ID_E_EQ_R | ID_E_EQ_S); 475 1.14 cgd } 476 1.14 cgd 477 1.35 mycroft int 478 1.73 dsl sys_setreuid(struct lwp *l, void *v, register_t *retval) 479 1.35 mycroft { 480 1.35 mycroft struct sys_setreuid_args /* { 481 1.35 mycroft syscallarg(uid_t) ruid; 482 1.35 mycroft syscallarg(uid_t) euid; 483 1.35 mycroft } */ *uap = v; 484 1.84.12.2 yamt kauth_cred_t cred = l->l_cred; 485 1.76 dsl uid_t ruid, euid, svuid; 486 1.35 mycroft 487 1.35 mycroft ruid = SCARG(uap, ruid); 488 1.35 mycroft euid = SCARG(uap, euid); 489 1.84.12.2 yamt 490 1.76 dsl if (ruid == -1) 491 1.84.12.2 yamt ruid = kauth_cred_getuid(cred); 492 1.76 dsl if (euid == -1) 493 1.84.12.2 yamt euid = kauth_cred_geteuid(cred); 494 1.84.12.2 yamt 495 1.76 dsl /* Saved uid is set to the new euid if the ruid changed */ 496 1.84.12.2 yamt svuid = (ruid == kauth_cred_getuid(cred)) ? -1 : euid; 497 1.76 dsl 498 1.76 dsl return do_setresuid(l, ruid, euid, svuid, 499 1.76 dsl ID_R_EQ_R | ID_R_EQ_E | 500 1.76 dsl ID_E_EQ_R | ID_E_EQ_E | ID_E_EQ_S | 501 1.76 dsl ID_S_EQ_R | ID_S_EQ_E | ID_S_EQ_S); 502 1.35 mycroft } 503 1.35 mycroft 504 1.14 cgd /* ARGSUSED */ 505 1.32 christos int 506 1.73 dsl sys_setgid(struct lwp *l, void *v, register_t *retval) 507 1.29 thorpej { 508 1.30 mycroft struct sys_setgid_args /* { 509 1.19 cgd syscallarg(gid_t) gid; 510 1.29 thorpej } */ *uap = v; 511 1.76 dsl gid_t gid = SCARG(uap, gid); 512 1.14 cgd 513 1.76 dsl return do_setresgid(l, gid, gid, gid, 514 1.76 dsl ID_R_EQ_R | ID_E_EQ_R | ID_S_EQ_R); 515 1.14 cgd } 516 1.14 cgd 517 1.14 cgd /* ARGSUSED */ 518 1.32 christos int 519 1.73 dsl sys_setegid(struct lwp *l, void *v, register_t *retval) 520 1.29 thorpej { 521 1.30 mycroft struct sys_setegid_args /* { 522 1.19 cgd syscallarg(gid_t) egid; 523 1.29 thorpej } */ *uap = v; 524 1.14 cgd 525 1.76 dsl return do_setresgid(l, -1, SCARG(uap, egid), -1, ID_E_EQ_R | ID_E_EQ_S); 526 1.35 mycroft } 527 1.35 mycroft 528 1.35 mycroft int 529 1.73 dsl sys_setregid(struct lwp *l, void *v, register_t *retval) 530 1.35 mycroft { 531 1.35 mycroft struct sys_setregid_args /* { 532 1.35 mycroft syscallarg(gid_t) rgid; 533 1.35 mycroft syscallarg(gid_t) egid; 534 1.35 mycroft } */ *uap = v; 535 1.84.12.2 yamt kauth_cred_t cred = l->l_cred; 536 1.76 dsl gid_t rgid, egid, svgid; 537 1.35 mycroft 538 1.35 mycroft rgid = SCARG(uap, rgid); 539 1.35 mycroft egid = SCARG(uap, egid); 540 1.84.12.2 yamt 541 1.76 dsl if (rgid == -1) 542 1.84.12.2 yamt rgid = kauth_cred_getgid(cred); 543 1.76 dsl if (egid == -1) 544 1.84.12.2 yamt egid = kauth_cred_getegid(cred); 545 1.84.12.2 yamt 546 1.76 dsl /* Saved gid is set to the new egid if the rgid changed */ 547 1.84.12.2 yamt svgid = rgid == kauth_cred_getgid(cred) ? -1 : egid; 548 1.76 dsl 549 1.76 dsl return do_setresgid(l, rgid, egid, svgid, 550 1.76 dsl ID_R_EQ_R | ID_R_EQ_E | 551 1.76 dsl ID_E_EQ_R | ID_E_EQ_E | ID_E_EQ_S | 552 1.76 dsl ID_S_EQ_R | ID_S_EQ_E | ID_S_EQ_S); 553 1.57 minoura } 554 1.57 minoura 555 1.57 minoura int 556 1.73 dsl sys_issetugid(struct lwp *l, void *v, register_t *retval) 557 1.57 minoura { 558 1.70 thorpej struct proc *p = l->l_proc; 559 1.75 enami 560 1.57 minoura /* 561 1.57 minoura * Note: OpenBSD sets a P_SUGIDEXEC flag set at execve() time, 562 1.84.12.3 yamt * we use PK_SUGID because we consider changing the owners as 563 1.57 minoura * "tainting" as well. 564 1.57 minoura * This is significant for procs that start as root and "become" 565 1.57 minoura * a user without an exec - programs cannot know *everything* 566 1.57 minoura * that libc *might* have put in their data segment. 567 1.57 minoura */ 568 1.84.12.3 yamt *retval = (p->p_flag & PK_SUGID) != 0; 569 1.60 christos return (0); 570 1.14 cgd } 571 1.14 cgd 572 1.84.12.1 yamt /* 573 1.84.12.1 yamt * sort -u for groups. 574 1.84.12.1 yamt */ 575 1.84.12.1 yamt static int 576 1.84.12.1 yamt grsortu(gid_t *grp, int ngrp) 577 1.84.12.1 yamt { 578 1.84.12.1 yamt const gid_t *src, *end; 579 1.84.12.1 yamt gid_t *dst; 580 1.84.12.1 yamt gid_t group; 581 1.84.12.1 yamt int i, j; 582 1.84.12.1 yamt 583 1.84.12.1 yamt /* bubble sort */ 584 1.84.12.1 yamt for (i = 0; i < ngrp; i++) 585 1.84.12.1 yamt for (j = i + 1; j < ngrp; j++) 586 1.84.12.1 yamt if (grp[i] > grp[j]) { 587 1.84.12.1 yamt gid_t tmp = grp[i]; 588 1.84.12.1 yamt grp[i] = grp[j]; 589 1.84.12.1 yamt grp[j] = tmp; 590 1.84.12.1 yamt } 591 1.84.12.1 yamt 592 1.84.12.1 yamt /* uniq */ 593 1.84.12.1 yamt end = grp + ngrp; 594 1.84.12.1 yamt src = grp; 595 1.84.12.1 yamt dst = grp; 596 1.84.12.1 yamt while (src < end) { 597 1.84.12.1 yamt group = *src++; 598 1.84.12.1 yamt while (src < end && *src == group) 599 1.84.12.1 yamt src++; 600 1.84.12.1 yamt *dst++ = group; 601 1.84.12.1 yamt } 602 1.84.12.1 yamt 603 1.84.12.1 yamt #ifdef DIAGNOSTIC 604 1.84.12.1 yamt /* zero out the rest of the array */ 605 1.84.12.1 yamt (void)memset(dst, 0, sizeof(*grp) * (end - dst)); 606 1.84.12.1 yamt #endif 607 1.84.12.1 yamt 608 1.84.12.1 yamt return dst - grp; 609 1.84.12.1 yamt } 610 1.84.12.1 yamt 611 1.15 cgd /* ARGSUSED */ 612 1.32 christos int 613 1.73 dsl sys_setgroups(struct lwp *l, void *v, register_t *retval) 614 1.29 thorpej { 615 1.30 mycroft struct sys_setgroups_args /* { 616 1.41 thorpej syscallarg(int) gidsetsize; 617 1.38 cgd syscallarg(const gid_t *) gidset; 618 1.29 thorpej } */ *uap = v; 619 1.84.12.3 yamt kauth_cred_t cred, ncred; 620 1.70 thorpej struct proc *p = l->l_proc; 621 1.56 augustss int ngrp; 622 1.15 cgd int error; 623 1.59 christos gid_t grp[NGROUPS]; 624 1.59 christos size_t grsize; 625 1.15 cgd 626 1.19 cgd ngrp = SCARG(uap, gidsetsize); 627 1.84.12.3 yamt if ((u_int)ngrp > NGROUPS) 628 1.84.12.3 yamt return EINVAL; 629 1.59 christos 630 1.59 christos grsize = ngrp * sizeof(gid_t); 631 1.59 christos error = copyin(SCARG(uap, gidset), grp, grsize); 632 1.32 christos if (error) 633 1.84.12.3 yamt return error; 634 1.84.12.3 yamt 635 1.84.12.3 yamt ncred = kauth_cred_alloc(); 636 1.84.12.3 yamt proc_crmod_enter(); 637 1.84.12.3 yamt cred = p->p_cred; 638 1.84.12.3 yamt 639 1.84.12.3 yamt if ((error = kauth_authorize_process(cred, KAUTH_PROCESS_SETID, 640 1.84.12.3 yamt p, NULL, NULL, NULL)) != 0) 641 1.84.12.2 yamt goto bad; 642 1.14 cgd 643 1.84.12.1 yamt ngrp = grsortu(grp, ngrp); 644 1.84.12.3 yamt kauth_cred_clone(cred, ncred); 645 1.84.12.3 yamt kauth_cred_setgroups(ncred, grp, ngrp, -1); 646 1.14 cgd 647 1.84.12.2 yamt /* Broadcast our credentials to the process and other LWPs. */ 648 1.84.12.3 yamt proc_crmod_leave(ncred, cred, true); 649 1.14 cgd 650 1.84.12.1 yamt return (0); 651 1.84.12.2 yamt bad: 652 1.84.12.3 yamt proc_crmod_leave(cred, ncred, false); 653 1.84.12.2 yamt return (error); 654 1.14 cgd } 655 1.14 cgd 656 1.14 cgd /* 657 1.14 cgd * Get login name, if available. 658 1.14 cgd */ 659 1.14 cgd /* ARGSUSED */ 660 1.32 christos int 661 1.73 dsl sys___getlogin(struct lwp *l, void *v, register_t *retval) 662 1.29 thorpej { 663 1.37 jtc struct sys___getlogin_args /* { 664 1.19 cgd syscallarg(char *) namebuf; 665 1.53 kleink syscallarg(size_t) namelen; 666 1.29 thorpej } */ *uap = v; 667 1.70 thorpej struct proc *p = l->l_proc; 668 1.84.12.3 yamt char login[sizeof(p->p_session->s_login)]; 669 1.84.12.3 yamt int namelen = SCARG(uap, namelen); 670 1.14 cgd 671 1.84.12.3 yamt if (namelen > sizeof(login)) 672 1.84.12.3 yamt namelen = sizeof(login); 673 1.84.12.3 yamt rw_enter(&proclist_lock, RW_READER); 674 1.84.12.3 yamt memcpy(login, p->p_session->s_login, namelen); 675 1.84.12.3 yamt rw_exit(&proclist_lock); 676 1.84.12.3 yamt return (copyout(login, (void *)SCARG(uap, namebuf), namelen)); 677 1.14 cgd } 678 1.14 cgd 679 1.14 cgd /* 680 1.14 cgd * Set login name. 681 1.14 cgd */ 682 1.14 cgd /* ARGSUSED */ 683 1.32 christos int 684 1.73 dsl sys___setlogin(struct lwp *l, void *v, register_t *retval) 685 1.29 thorpej { 686 1.70 thorpej struct sys___setlogin_args /* { 687 1.38 cgd syscallarg(const char *) namebuf; 688 1.29 thorpej } */ *uap = v; 689 1.70 thorpej struct proc *p = l->l_proc; 690 1.84.12.3 yamt struct session *sp; 691 1.84.12.3 yamt char newname[sizeof sp->s_login + 1]; 692 1.14 cgd int error; 693 1.14 cgd 694 1.84.12.2 yamt if ((error = kauth_authorize_process(l->l_cred, KAUTH_PROCESS_SETID, 695 1.84.12.2 yamt p, NULL, NULL, NULL)) != 0) 696 1.14 cgd return (error); 697 1.72 dsl error = copyinstr(SCARG(uap, namebuf), &newname, sizeof newname, NULL); 698 1.72 dsl if (error != 0) 699 1.75 enami return (error == ENAMETOOLONG ? EINVAL : error); 700 1.72 dsl 701 1.84.12.3 yamt rw_enter(&proclist_lock, RW_WRITER); 702 1.84.12.3 yamt sp = p->p_session; 703 1.84.12.3 yamt if (sp->s_flags & S_LOGIN_SET && p->p_pid != sp->s_sid && 704 1.84.12.3 yamt strncmp(newname, sp->s_login, sizeof sp->s_login) != 0) 705 1.74 wiz log(LOG_WARNING, "%s (pid %d) changing logname from " 706 1.74 wiz "%.*s to %s\n", p->p_comm, p->p_pid, 707 1.84.12.3 yamt (int)sizeof sp->s_login, sp->s_login, newname); 708 1.84.12.3 yamt sp->s_flags |= S_LOGIN_SET; 709 1.84.12.3 yamt strncpy(sp->s_login, newname, sizeof sp->s_login); 710 1.84.12.3 yamt rw_exit(&proclist_lock); 711 1.75 enami return (0); 712 1.14 cgd } 713 1.84.12.3 yamt 714
Indexes created Fri Sep 26 20:09:58 GMT 2025