kern_prot.c revision 1.92
1 1.92 ad /* $NetBSD: kern_prot.c,v 1.92 2006/07/19 21:11:38 ad Exp $ */ 2 1.16 cgd 3 1.14 cgd /* 4 1.15 cgd * Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993 5 1.15 cgd * The Regents of the University of California. All rights reserved. 6 1.14 cgd * (c) UNIX System Laboratories, Inc. 7 1.14 cgd * All or some portions of this file are derived from material licensed 8 1.14 cgd * to the University of California by American Telephone and Telegraph 9 1.14 cgd * Co. or Unix System Laboratories, Inc. and are reproduced herein with 10 1.14 cgd * the permission of UNIX System Laboratories, Inc. 11 1.14 cgd * 12 1.14 cgd * Redistribution and use in source and binary forms, with or without 13 1.14 cgd * modification, are permitted provided that the following conditions 14 1.14 cgd * are met: 15 1.14 cgd * 1. Redistributions of source code must retain the above copyright 16 1.14 cgd * notice, this list of conditions and the following disclaimer. 17 1.14 cgd * 2. Redistributions in binary form must reproduce the above copyright 18 1.14 cgd * notice, this list of conditions and the following disclaimer in the 19 1.14 cgd * documentation and/or other materials provided with the distribution. 20 1.80 agc * 3. Neither the name of the University nor the names of its contributors 21 1.14 cgd * may be used to endorse or promote products derived from this software 22 1.14 cgd * without specific prior written permission. 23 1.14 cgd * 24 1.14 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 1.14 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 1.14 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 1.14 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 1.14 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 1.14 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 1.14 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 1.14 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 1.14 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 1.14 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 1.14 cgd * SUCH DAMAGE. 35 1.14 cgd * 36 1.44 fvdl * @(#)kern_prot.c 8.9 (Berkeley) 2/14/95 37 1.14 cgd */ 38 1.14 cgd 39 1.14 cgd /* 40 1.14 cgd * System calls related to processes and protection 41 1.14 cgd */ 42 1.65 lukem 43 1.65 lukem #include <sys/cdefs.h> 44 1.92 ad __KERNEL_RCSID(0, "$NetBSD: kern_prot.c,v 1.92 2006/07/19 21:11:38 ad Exp $"); 45 1.45 thorpej 46 1.51 christos #include "opt_compat_43.h" 47 1.14 cgd 48 1.14 cgd #include <sys/param.h> 49 1.14 cgd #include <sys/acct.h> 50 1.14 cgd #include <sys/systm.h> 51 1.14 cgd #include <sys/ucred.h> 52 1.14 cgd #include <sys/proc.h> 53 1.14 cgd #include <sys/timeb.h> 54 1.14 cgd #include <sys/times.h> 55 1.82 simonb #include <sys/pool.h> 56 1.72 dsl #include <sys/syslog.h> 57 1.81 christos #include <sys/resourcevar.h> 58 1.89 elad #include <sys/kauth.h> 59 1.14 cgd 60 1.19 cgd #include <sys/mount.h> 61 1.70 thorpej #include <sys/sa.h> 62 1.19 cgd #include <sys/syscallargs.h> 63 1.71 thorpej 64 1.89 elad #include <sys/malloc.h> 65 1.63 mycroft 66 1.70 thorpej int sys_getpid(struct lwp *, void *, register_t *); 67 1.70 thorpej int sys_getpid_with_ppid(struct lwp *, void *, register_t *); 68 1.70 thorpej int sys_getuid(struct lwp *, void *, register_t *); 69 1.70 thorpej int sys_getuid_with_euid(struct lwp *, void *, register_t *); 70 1.70 thorpej int sys_getgid(struct lwp *, void *, register_t *); 71 1.70 thorpej int sys_getgid_with_egid(struct lwp *, void *, register_t *); 72 1.32 christos 73 1.86 christos static int grsortu(gid_t *, int); 74 1.86 christos 75 1.14 cgd /* ARGSUSED */ 76 1.32 christos int 77 1.73 dsl sys_getpid(struct lwp *l, void *v, register_t *retval) 78 1.14 cgd { 79 1.70 thorpej struct proc *p = l->l_proc; 80 1.14 cgd 81 1.14 cgd *retval = p->p_pid; 82 1.62 mycroft return (0); 83 1.62 mycroft } 84 1.62 mycroft 85 1.62 mycroft /* ARGSUSED */ 86 1.62 mycroft int 87 1.73 dsl sys_getpid_with_ppid(struct lwp *l, void *v, register_t *retval) 88 1.62 mycroft { 89 1.70 thorpej struct proc *p = l->l_proc; 90 1.62 mycroft 91 1.62 mycroft retval[0] = p->p_pid; 92 1.62 mycroft retval[1] = p->p_pptr->p_pid; 93 1.14 cgd return (0); 94 1.14 cgd } 95 1.14 cgd 96 1.14 cgd /* ARGSUSED */ 97 1.32 christos int 98 1.73 dsl sys_getppid(struct lwp *l, void *v, register_t *retval) 99 1.14 cgd { 100 1.70 thorpej struct proc *p = l->l_proc; 101 1.14 cgd 102 1.14 cgd *retval = p->p_pptr->p_pid; 103 1.14 cgd return (0); 104 1.14 cgd } 105 1.14 cgd 106 1.14 cgd /* Get process group ID; note that POSIX getpgrp takes no parameter */ 107 1.32 christos int 108 1.73 dsl sys_getpgrp(struct lwp *l, void *v, register_t *retval) 109 1.14 cgd { 110 1.70 thorpej struct proc *p = l->l_proc; 111 1.14 cgd 112 1.14 cgd *retval = p->p_pgrp->pg_id; 113 1.14 cgd return (0); 114 1.43 thorpej } 115 1.43 thorpej 116 1.43 thorpej /* 117 1.43 thorpej * Return the process group ID of the session leader (session ID) 118 1.43 thorpej * for the specified process. 119 1.43 thorpej */ 120 1.43 thorpej int 121 1.73 dsl sys_getsid(struct lwp *l, void *v, register_t *retval) 122 1.43 thorpej { 123 1.43 thorpej struct sys_getsid_args /* { 124 1.43 thorpej syscalldarg(pid_t) pid; 125 1.43 thorpej } */ *uap = v; 126 1.70 thorpej struct proc *p = l->l_proc; 127 1.43 thorpej 128 1.43 thorpej if (SCARG(uap, pid) == 0) 129 1.43 thorpej goto found; 130 1.43 thorpej if ((p = pfind(SCARG(uap, pid))) == 0) 131 1.43 thorpej return (ESRCH); 132 1.43 thorpej found: 133 1.43 thorpej *retval = p->p_session->s_sid; 134 1.60 christos return (0); 135 1.36 mrg } 136 1.36 mrg 137 1.36 mrg int 138 1.73 dsl sys_getpgid(struct lwp *l, void *v, register_t *retval) 139 1.36 mrg { 140 1.56 augustss struct sys_getpgid_args /* { 141 1.36 mrg syscallarg(pid_t) pid; 142 1.36 mrg } */ *uap = v; 143 1.70 thorpej struct proc *p = l->l_proc; 144 1.36 mrg 145 1.36 mrg if (SCARG(uap, pid) == 0) 146 1.36 mrg goto found; 147 1.36 mrg if ((p = pfind(SCARG(uap, pid))) == 0) 148 1.36 mrg return (ESRCH); 149 1.36 mrg found: 150 1.36 mrg *retval = p->p_pgid; 151 1.60 christos return (0); 152 1.14 cgd } 153 1.14 cgd 154 1.14 cgd /* ARGSUSED */ 155 1.32 christos int 156 1.73 dsl sys_getuid(struct lwp *l, void *v, register_t *retval) 157 1.14 cgd { 158 1.14 cgd 159 1.92 ad *retval = kauth_cred_getuid(l->l_cred); 160 1.62 mycroft return (0); 161 1.62 mycroft } 162 1.62 mycroft 163 1.62 mycroft /* ARGSUSED */ 164 1.62 mycroft int 165 1.73 dsl sys_getuid_with_euid(struct lwp *l, void *v, register_t *retval) 166 1.62 mycroft { 167 1.62 mycroft 168 1.92 ad retval[0] = kauth_cred_getuid(l->l_cred); 169 1.92 ad retval[1] = kauth_cred_geteuid(l->l_cred); 170 1.14 cgd return (0); 171 1.14 cgd } 172 1.14 cgd 173 1.14 cgd /* ARGSUSED */ 174 1.32 christos int 175 1.73 dsl sys_geteuid(struct lwp *l, void *v, register_t *retval) 176 1.14 cgd { 177 1.14 cgd 178 1.92 ad *retval = kauth_cred_geteuid(l->l_cred); 179 1.14 cgd return (0); 180 1.14 cgd } 181 1.14 cgd 182 1.14 cgd /* ARGSUSED */ 183 1.32 christos int 184 1.73 dsl sys_getgid(struct lwp *l, void *v, register_t *retval) 185 1.14 cgd { 186 1.14 cgd 187 1.92 ad *retval = kauth_cred_getgid(l->l_cred); 188 1.62 mycroft return (0); 189 1.62 mycroft } 190 1.62 mycroft 191 1.62 mycroft /* ARGSUSED */ 192 1.62 mycroft int 193 1.73 dsl sys_getgid_with_egid(struct lwp *l, void *v, register_t *retval) 194 1.62 mycroft { 195 1.62 mycroft 196 1.92 ad retval[0] = kauth_cred_getgid(l->l_cred); 197 1.92 ad retval[1] = kauth_cred_getegid(l->l_cred); 198 1.14 cgd return (0); 199 1.14 cgd } 200 1.14 cgd 201 1.14 cgd /* 202 1.14 cgd * Get effective group ID. The "egid" is groups[0], and could be obtained 203 1.14 cgd * via getgroups. This syscall exists because it is somewhat painful to do 204 1.14 cgd * correctly in a library function. 205 1.14 cgd */ 206 1.14 cgd /* ARGSUSED */ 207 1.32 christos int 208 1.73 dsl sys_getegid(struct lwp *l, void *v, register_t *retval) 209 1.14 cgd { 210 1.75 enami 211 1.92 ad *retval = kauth_cred_getegid(l->l_cred); 212 1.14 cgd return (0); 213 1.14 cgd } 214 1.14 cgd 215 1.32 christos int 216 1.73 dsl sys_getgroups(struct lwp *l, void *v, register_t *retval) 217 1.29 thorpej { 218 1.56 augustss struct sys_getgroups_args /* { 219 1.41 thorpej syscallarg(int) gidsetsize; 220 1.19 cgd syscallarg(gid_t *) gidset; 221 1.29 thorpej } */ *uap = v; 222 1.92 ad kauth_cred_t cred = l->l_cred; 223 1.69 thorpej u_int ngrp; 224 1.14 cgd int error; 225 1.89 elad gid_t *grbuf; 226 1.14 cgd 227 1.69 thorpej if (SCARG(uap, gidsetsize) == 0) { 228 1.92 ad *retval = kauth_cred_ngroups(cred); 229 1.14 cgd return (0); 230 1.69 thorpej } else if (SCARG(uap, gidsetsize) < 0) 231 1.69 thorpej return (EINVAL); 232 1.69 thorpej ngrp = SCARG(uap, gidsetsize); 233 1.92 ad if (ngrp < kauth_cred_ngroups(cred)) 234 1.14 cgd return (EINVAL); 235 1.92 ad ngrp = kauth_cred_ngroups(cred); 236 1.89 elad 237 1.89 elad grbuf = malloc(ngrp * sizeof(*grbuf), M_TEMP, M_WAITOK); 238 1.92 ad kauth_cred_getgroups(cred, grbuf, ngrp); 239 1.89 elad error = copyout(grbuf, (caddr_t)SCARG(uap, gidset), 240 1.89 elad ngrp * sizeof(gid_t)); 241 1.89 elad free(grbuf, M_TEMP); 242 1.32 christos if (error) 243 1.14 cgd return (error); 244 1.14 cgd *retval = ngrp; 245 1.14 cgd return (0); 246 1.14 cgd } 247 1.14 cgd 248 1.14 cgd /* ARGSUSED */ 249 1.32 christos int 250 1.73 dsl sys_setsid(struct lwp *l, void *v, register_t *retval) 251 1.14 cgd { 252 1.70 thorpej struct proc *p = l->l_proc; 253 1.14 cgd 254 1.14 cgd if (p->p_pgid == p->p_pid || pgfind(p->p_pid)) { 255 1.14 cgd return (EPERM); 256 1.14 cgd } else { 257 1.15 cgd (void)enterpgrp(p, p->p_pid, 1); 258 1.14 cgd *retval = p->p_pid; 259 1.14 cgd return (0); 260 1.14 cgd } 261 1.14 cgd } 262 1.14 cgd 263 1.14 cgd /* 264 1.14 cgd * set process group (setpgid/old setpgrp) 265 1.14 cgd * 266 1.14 cgd * caller does setpgid(targpid, targpgid) 267 1.14 cgd * 268 1.39 mikel * pgid must be in valid range (EINVAL) 269 1.14 cgd * pid must be caller or child of caller (ESRCH) 270 1.14 cgd * if a child 271 1.14 cgd * pid must be in same session (EPERM) 272 1.14 cgd * pid can't have done an exec (EACCES) 273 1.14 cgd * if pgid != pid 274 1.14 cgd * there must exist some pid in same session having pgid (EPERM) 275 1.14 cgd * pid must not be session leader (EPERM) 276 1.77 dsl * 277 1.77 dsl * Permission checks now in enterpgrp() 278 1.14 cgd */ 279 1.14 cgd /* ARGSUSED */ 280 1.32 christos int 281 1.73 dsl sys_setpgid(struct lwp *l, void *v, register_t *retval) 282 1.29 thorpej { 283 1.56 augustss struct sys_setpgid_args /* { 284 1.19 cgd syscallarg(int) pid; 285 1.19 cgd syscallarg(int) pgid; 286 1.29 thorpej } */ *uap = v; 287 1.70 thorpej struct proc *curp = l->l_proc; 288 1.56 augustss struct proc *targp; /* target process */ 289 1.14 cgd 290 1.39 mikel if (SCARG(uap, pgid) < 0) 291 1.77 dsl return EINVAL; 292 1.14 cgd 293 1.77 dsl /* XXX MP - there is a horrid race here with targp exiting! */ 294 1.19 cgd if (SCARG(uap, pid) != 0 && SCARG(uap, pid) != curp->p_pid) { 295 1.77 dsl targp = pfind(SCARG(uap, pid)); 296 1.77 dsl if (targp == NULL) 297 1.77 dsl return ESRCH; 298 1.14 cgd } else 299 1.14 cgd targp = curp; 300 1.77 dsl 301 1.19 cgd if (SCARG(uap, pgid) == 0) 302 1.19 cgd SCARG(uap, pgid) = targp->p_pid; 303 1.77 dsl return enterpgrp(targp, SCARG(uap, pgid), 0); 304 1.14 cgd } 305 1.14 cgd 306 1.76 dsl /* 307 1.76 dsl * Set real, effective and saved uids to the requested values. 308 1.76 dsl * non-root callers can only ever change uids to values that match 309 1.76 dsl * one of the processes current uid values. 310 1.76 dsl * This is further restricted by the flags argument. 311 1.76 dsl */ 312 1.76 dsl 313 1.76 dsl int 314 1.76 dsl do_setresuid(struct lwp *l, uid_t r, uid_t e, uid_t sv, u_int flags) 315 1.76 dsl { 316 1.92 ad kauth_cred_t cred = l->l_cred; 317 1.76 dsl 318 1.90 yamt /* 319 1.90 yamt * check new value is one of the allowed existing values. 320 1.90 yamt * otherwise, check if we have root privilege. 321 1.90 yamt */ 322 1.90 yamt if ((r != -1 323 1.90 yamt && !((flags & ID_R_EQ_R) && r == kauth_cred_getuid(cred)) 324 1.90 yamt && !((flags & ID_R_EQ_E) && r == kauth_cred_geteuid(cred)) 325 1.90 yamt && !((flags & ID_R_EQ_S) && r == kauth_cred_getsvuid(cred))) || 326 1.90 yamt (e != -1 327 1.90 yamt && !((flags & ID_E_EQ_R) && e == kauth_cred_getuid(cred)) 328 1.90 yamt && !((flags & ID_E_EQ_E) && e == kauth_cred_geteuid(cred)) 329 1.90 yamt && !((flags & ID_E_EQ_S) && e == kauth_cred_getsvuid(cred))) || 330 1.90 yamt (sv != -1 331 1.90 yamt && !((flags & ID_S_EQ_R) && sv == kauth_cred_getuid(cred)) 332 1.90 yamt && !((flags & ID_S_EQ_E) && sv == kauth_cred_geteuid(cred)) 333 1.90 yamt && !((flags & ID_S_EQ_S) && sv == kauth_cred_getsvuid(cred)))) { 334 1.90 yamt int error; 335 1.90 yamt 336 1.90 yamt error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, 337 1.92 ad &l->l_acflag); 338 1.90 yamt if (error != 0) { 339 1.76 dsl return error; 340 1.90 yamt } 341 1.76 dsl } 342 1.76 dsl 343 1.76 dsl /* If nothing has changed, short circuit the request */ 344 1.89 elad if ((r == -1 || r == kauth_cred_getuid(cred)) 345 1.89 elad && (e == -1 || e == kauth_cred_geteuid(cred)) 346 1.90 yamt && (sv == -1 || sv == kauth_cred_getsvuid(cred))) { 347 1.76 dsl /* nothing to do */ 348 1.76 dsl return 0; 349 1.90 yamt } 350 1.76 dsl 351 1.91 ad cred = kauth_cred_copy(cred); 352 1.92 ad l->l_cred = cred; 353 1.91 ad 354 1.89 elad if (r != -1 && r != kauth_cred_getuid(cred)) { 355 1.76 dsl /* Update count of processes for this user */ 356 1.89 elad (void)chgproccnt(kauth_cred_getuid(cred), -1); 357 1.76 dsl (void)chgproccnt(r, 1); 358 1.89 elad kauth_cred_setuid(cred, r); 359 1.76 dsl } 360 1.76 dsl if (sv != -1) 361 1.89 elad kauth_cred_setsvuid(cred, sv); 362 1.91 ad if (e != -1) 363 1.89 elad kauth_cred_seteuid(cred, e); 364 1.76 dsl 365 1.92 ad /* Broadcast our credentials to the process and other LWPs. */ 366 1.92 ad lwp_broadcast_creds(l); 367 1.92 ad 368 1.76 dsl /* Mark process as having changed credentials, stops tracing etc */ 369 1.92 ad p_sugid(l->l_proc); 370 1.76 dsl return 0; 371 1.76 dsl } 372 1.76 dsl 373 1.76 dsl /* 374 1.76 dsl * Set real, effective and saved gids to the requested values. 375 1.76 dsl * non-root callers can only ever change gids to values that match 376 1.76 dsl * one of the processes current gid values. 377 1.76 dsl * This is further restricted by the flags argument. 378 1.76 dsl */ 379 1.76 dsl 380 1.76 dsl int 381 1.76 dsl do_setresgid(struct lwp *l, gid_t r, gid_t e, gid_t sv, u_int flags) 382 1.76 dsl { 383 1.92 ad kauth_cred_t cred = l->l_cred; 384 1.76 dsl 385 1.90 yamt /* 386 1.90 yamt * check new value is one of the allowed existing values. 387 1.90 yamt * otherwise, check if we have root privilege. 388 1.90 yamt */ 389 1.90 yamt if ((r != -1 390 1.90 yamt && !((flags & ID_R_EQ_R) && r == kauth_cred_getgid(cred)) 391 1.90 yamt && !((flags & ID_R_EQ_E) && r == kauth_cred_getegid(cred)) 392 1.90 yamt && !((flags & ID_R_EQ_S) && r == kauth_cred_getsvgid(cred))) || 393 1.90 yamt (e != -1 394 1.90 yamt && !((flags & ID_E_EQ_R) && e == kauth_cred_getgid(cred)) 395 1.90 yamt && !((flags & ID_E_EQ_E) && e == kauth_cred_getegid(cred)) 396 1.90 yamt && !((flags & ID_E_EQ_S) && e == kauth_cred_getsvgid(cred))) || 397 1.90 yamt (sv != -1 398 1.90 yamt && !((flags & ID_S_EQ_R) && sv == kauth_cred_getgid(cred)) 399 1.90 yamt && !((flags & ID_S_EQ_E) && sv == kauth_cred_getegid(cred)) 400 1.90 yamt && !((flags & ID_S_EQ_S) && sv == kauth_cred_getsvgid(cred)))) { 401 1.90 yamt int error; 402 1.90 yamt 403 1.90 yamt error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, 404 1.92 ad &l->l_acflag); 405 1.90 yamt if (error != 0) { 406 1.76 dsl return error; 407 1.90 yamt } 408 1.76 dsl } 409 1.76 dsl 410 1.76 dsl /* If nothing has changed, short circuit the request */ 411 1.89 elad if ((r == -1 || r == kauth_cred_getgid(cred)) 412 1.89 elad && (e == -1 || e == kauth_cred_getegid(cred)) 413 1.90 yamt && (sv == -1 || sv == kauth_cred_getsvgid(cred))) { 414 1.76 dsl /* nothing to do */ 415 1.76 dsl return 0; 416 1.90 yamt } 417 1.76 dsl 418 1.91 ad cred = kauth_cred_copy(cred); 419 1.92 ad l->l_cred = cred; 420 1.91 ad 421 1.76 dsl if (r != -1) 422 1.89 elad kauth_cred_setgid(cred, r); 423 1.76 dsl if (sv != -1) 424 1.89 elad kauth_cred_setsvgid(cred, sv); 425 1.91 ad if (e != -1) 426 1.89 elad kauth_cred_setegid(cred, e); 427 1.76 dsl 428 1.92 ad /* Broadcast our credentials to the process and other LWPs. */ 429 1.92 ad lwp_broadcast_creds(l); 430 1.92 ad 431 1.76 dsl /* Mark process as having changed credentials, stops tracing etc */ 432 1.92 ad p_sugid(l->l_proc); 433 1.76 dsl return 0; 434 1.76 dsl } 435 1.76 dsl 436 1.14 cgd /* ARGSUSED */ 437 1.32 christos int 438 1.73 dsl sys_setuid(struct lwp *l, void *v, register_t *retval) 439 1.29 thorpej { 440 1.30 mycroft struct sys_setuid_args /* { 441 1.19 cgd syscallarg(uid_t) uid; 442 1.29 thorpej } */ *uap = v; 443 1.76 dsl uid_t uid = SCARG(uap, uid); 444 1.14 cgd 445 1.76 dsl return do_setresuid(l, uid, uid, uid, 446 1.76 dsl ID_R_EQ_R | ID_E_EQ_R | ID_S_EQ_R); 447 1.14 cgd } 448 1.14 cgd 449 1.14 cgd /* ARGSUSED */ 450 1.32 christos int 451 1.73 dsl sys_seteuid(struct lwp *l, void *v, register_t *retval) 452 1.29 thorpej { 453 1.30 mycroft struct sys_seteuid_args /* { 454 1.19 cgd syscallarg(uid_t) euid; 455 1.29 thorpej } */ *uap = v; 456 1.59 christos 457 1.76 dsl return do_setresuid(l, -1, SCARG(uap, euid), -1, ID_E_EQ_R | ID_E_EQ_S); 458 1.14 cgd } 459 1.14 cgd 460 1.35 mycroft int 461 1.73 dsl sys_setreuid(struct lwp *l, void *v, register_t *retval) 462 1.35 mycroft { 463 1.35 mycroft struct sys_setreuid_args /* { 464 1.35 mycroft syscallarg(uid_t) ruid; 465 1.35 mycroft syscallarg(uid_t) euid; 466 1.35 mycroft } */ *uap = v; 467 1.92 ad kauth_cred_t cred = l->l_cred; 468 1.76 dsl uid_t ruid, euid, svuid; 469 1.35 mycroft 470 1.35 mycroft ruid = SCARG(uap, ruid); 471 1.35 mycroft euid = SCARG(uap, euid); 472 1.92 ad 473 1.76 dsl if (ruid == -1) 474 1.92 ad ruid = kauth_cred_getuid(cred); 475 1.76 dsl if (euid == -1) 476 1.92 ad euid = kauth_cred_geteuid(cred); 477 1.92 ad 478 1.76 dsl /* Saved uid is set to the new euid if the ruid changed */ 479 1.92 ad svuid = (ruid == kauth_cred_getuid(cred)) ? -1 : euid; 480 1.76 dsl 481 1.76 dsl return do_setresuid(l, ruid, euid, svuid, 482 1.76 dsl ID_R_EQ_R | ID_R_EQ_E | 483 1.76 dsl ID_E_EQ_R | ID_E_EQ_E | ID_E_EQ_S | 484 1.76 dsl ID_S_EQ_R | ID_S_EQ_E | ID_S_EQ_S); 485 1.35 mycroft } 486 1.35 mycroft 487 1.14 cgd /* ARGSUSED */ 488 1.32 christos int 489 1.73 dsl sys_setgid(struct lwp *l, void *v, register_t *retval) 490 1.29 thorpej { 491 1.30 mycroft struct sys_setgid_args /* { 492 1.19 cgd syscallarg(gid_t) gid; 493 1.29 thorpej } */ *uap = v; 494 1.76 dsl gid_t gid = SCARG(uap, gid); 495 1.14 cgd 496 1.76 dsl return do_setresgid(l, gid, gid, gid, 497 1.76 dsl ID_R_EQ_R | ID_E_EQ_R | ID_S_EQ_R); 498 1.14 cgd } 499 1.14 cgd 500 1.14 cgd /* ARGSUSED */ 501 1.32 christos int 502 1.73 dsl sys_setegid(struct lwp *l, void *v, register_t *retval) 503 1.29 thorpej { 504 1.30 mycroft struct sys_setegid_args /* { 505 1.19 cgd syscallarg(gid_t) egid; 506 1.29 thorpej } */ *uap = v; 507 1.14 cgd 508 1.76 dsl return do_setresgid(l, -1, SCARG(uap, egid), -1, ID_E_EQ_R | ID_E_EQ_S); 509 1.35 mycroft } 510 1.35 mycroft 511 1.35 mycroft int 512 1.73 dsl sys_setregid(struct lwp *l, void *v, register_t *retval) 513 1.35 mycroft { 514 1.35 mycroft struct sys_setregid_args /* { 515 1.35 mycroft syscallarg(gid_t) rgid; 516 1.35 mycroft syscallarg(gid_t) egid; 517 1.35 mycroft } */ *uap = v; 518 1.92 ad kauth_cred_t cred = l->l_cred; 519 1.76 dsl gid_t rgid, egid, svgid; 520 1.35 mycroft 521 1.35 mycroft rgid = SCARG(uap, rgid); 522 1.35 mycroft egid = SCARG(uap, egid); 523 1.92 ad 524 1.76 dsl if (rgid == -1) 525 1.92 ad rgid = kauth_cred_getgid(cred); 526 1.76 dsl if (egid == -1) 527 1.92 ad egid = kauth_cred_getegid(cred); 528 1.92 ad 529 1.76 dsl /* Saved gid is set to the new egid if the rgid changed */ 530 1.92 ad svgid = rgid == kauth_cred_getgid(cred) ? -1 : egid; 531 1.76 dsl 532 1.76 dsl return do_setresgid(l, rgid, egid, svgid, 533 1.76 dsl ID_R_EQ_R | ID_R_EQ_E | 534 1.76 dsl ID_E_EQ_R | ID_E_EQ_E | ID_E_EQ_S | 535 1.76 dsl ID_S_EQ_R | ID_S_EQ_E | ID_S_EQ_S); 536 1.57 minoura } 537 1.57 minoura 538 1.57 minoura int 539 1.73 dsl sys_issetugid(struct lwp *l, void *v, register_t *retval) 540 1.57 minoura { 541 1.70 thorpej struct proc *p = l->l_proc; 542 1.75 enami 543 1.57 minoura /* 544 1.57 minoura * Note: OpenBSD sets a P_SUGIDEXEC flag set at execve() time, 545 1.57 minoura * we use P_SUGID because we consider changing the owners as 546 1.57 minoura * "tainting" as well. 547 1.57 minoura * This is significant for procs that start as root and "become" 548 1.57 minoura * a user without an exec - programs cannot know *everything* 549 1.57 minoura * that libc *might* have put in their data segment. 550 1.57 minoura */ 551 1.57 minoura *retval = (p->p_flag & P_SUGID) != 0; 552 1.60 christos return (0); 553 1.14 cgd } 554 1.14 cgd 555 1.86 christos /* 556 1.86 christos * sort -u for groups. 557 1.86 christos */ 558 1.86 christos static int 559 1.86 christos grsortu(gid_t *grp, int ngrp) 560 1.86 christos { 561 1.87 rillig const gid_t *src, *end; 562 1.87 rillig gid_t *dst; 563 1.87 rillig gid_t group; 564 1.87 rillig int i, j; 565 1.86 christos 566 1.86 christos /* bubble sort */ 567 1.86 christos for (i = 0; i < ngrp; i++) 568 1.86 christos for (j = i + 1; j < ngrp; j++) 569 1.86 christos if (grp[i] > grp[j]) { 570 1.86 christos gid_t tmp = grp[i]; 571 1.86 christos grp[i] = grp[j]; 572 1.86 christos grp[j] = tmp; 573 1.86 christos } 574 1.87 rillig 575 1.86 christos /* uniq */ 576 1.87 rillig end = grp + ngrp; 577 1.87 rillig src = grp; 578 1.87 rillig dst = grp; 579 1.87 rillig while (src < end) { 580 1.87 rillig group = *src++; 581 1.87 rillig while (src < end && *src == group) 582 1.87 rillig src++; 583 1.87 rillig *dst++ = group; 584 1.87 rillig } 585 1.87 rillig 586 1.86 christos #ifdef DIAGNOSTIC 587 1.87 rillig /* zero out the rest of the array */ 588 1.87 rillig (void)memset(dst, 0, sizeof(*grp) * (end - dst)); 589 1.86 christos #endif 590 1.87 rillig 591 1.87 rillig return dst - grp; 592 1.86 christos } 593 1.86 christos 594 1.15 cgd /* ARGSUSED */ 595 1.32 christos int 596 1.73 dsl sys_setgroups(struct lwp *l, void *v, register_t *retval) 597 1.29 thorpej { 598 1.30 mycroft struct sys_setgroups_args /* { 599 1.41 thorpej syscallarg(int) gidsetsize; 600 1.38 cgd syscallarg(const gid_t *) gidset; 601 1.29 thorpej } */ *uap = v; 602 1.92 ad kauth_cred_t cred = l->l_cred; 603 1.56 augustss int ngrp; 604 1.15 cgd int error; 605 1.59 christos gid_t grp[NGROUPS]; 606 1.59 christos size_t grsize; 607 1.15 cgd 608 1.92 ad if ((error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, 609 1.92 ad &l->l_acflag)) != 0) 610 1.15 cgd return (error); 611 1.59 christos 612 1.19 cgd ngrp = SCARG(uap, gidsetsize); 613 1.42 mycroft if ((u_int)ngrp > NGROUPS) 614 1.15 cgd return (EINVAL); 615 1.59 christos 616 1.59 christos grsize = ngrp * sizeof(gid_t); 617 1.59 christos error = copyin(SCARG(uap, gidset), grp, grsize); 618 1.32 christos if (error) 619 1.15 cgd return (error); 620 1.86 christos 621 1.86 christos ngrp = grsortu(grp, ngrp); 622 1.59 christos 623 1.92 ad cred = kauth_cred_copy(cred); 624 1.92 ad l->l_cred = cred; 625 1.92 ad kauth_cred_setgroups(cred, grp, ngrp, -1); 626 1.92 ad 627 1.92 ad /* Broadcast our credentials to the process and other LWPs. */ 628 1.92 ad lwp_broadcast_creds(l); 629 1.14 cgd 630 1.92 ad /* Mark process as having changed credentials, stops tracing etc. */ 631 1.92 ad p_sugid(l->l_proc); 632 1.14 cgd return (0); 633 1.14 cgd } 634 1.14 cgd 635 1.14 cgd /* 636 1.14 cgd * Get login name, if available. 637 1.14 cgd */ 638 1.14 cgd /* ARGSUSED */ 639 1.32 christos int 640 1.73 dsl sys___getlogin(struct lwp *l, void *v, register_t *retval) 641 1.29 thorpej { 642 1.37 jtc struct sys___getlogin_args /* { 643 1.19 cgd syscallarg(char *) namebuf; 644 1.53 kleink syscallarg(size_t) namelen; 645 1.29 thorpej } */ *uap = v; 646 1.70 thorpej struct proc *p = l->l_proc; 647 1.14 cgd 648 1.48 perry if (SCARG(uap, namelen) > sizeof(p->p_pgrp->pg_session->s_login)) 649 1.48 perry SCARG(uap, namelen) = sizeof(p->p_pgrp->pg_session->s_login); 650 1.14 cgd return (copyout((caddr_t) p->p_pgrp->pg_session->s_login, 651 1.19 cgd (caddr_t) SCARG(uap, namebuf), SCARG(uap, namelen))); 652 1.14 cgd } 653 1.14 cgd 654 1.14 cgd /* 655 1.14 cgd * Set login name. 656 1.14 cgd */ 657 1.14 cgd /* ARGSUSED */ 658 1.32 christos int 659 1.73 dsl sys___setlogin(struct lwp *l, void *v, register_t *retval) 660 1.29 thorpej { 661 1.70 thorpej struct sys___setlogin_args /* { 662 1.38 cgd syscallarg(const char *) namebuf; 663 1.29 thorpej } */ *uap = v; 664 1.70 thorpej struct proc *p = l->l_proc; 665 1.72 dsl struct session *s = p->p_pgrp->pg_session; 666 1.72 dsl char newname[sizeof s->s_login + 1]; 667 1.14 cgd int error; 668 1.14 cgd 669 1.92 ad if ((error = kauth_authorize_generic(l->l_cred, KAUTH_GENERIC_ISSUSER, 670 1.92 ad &l->l_acflag)) != 0) 671 1.14 cgd return (error); 672 1.72 dsl error = copyinstr(SCARG(uap, namebuf), &newname, sizeof newname, NULL); 673 1.72 dsl if (error != 0) 674 1.75 enami return (error == ENAMETOOLONG ? EINVAL : error); 675 1.72 dsl 676 1.72 dsl if (s->s_flags & S_LOGIN_SET && p->p_pid != s->s_sid && 677 1.72 dsl strncmp(newname, s->s_login, sizeof s->s_login) != 0) 678 1.74 wiz log(LOG_WARNING, "%s (pid %d) changing logname from " 679 1.74 wiz "%.*s to %s\n", p->p_comm, p->p_pid, 680 1.74 wiz (int)sizeof s->s_login, s->s_login, newname); 681 1.72 dsl s->s_flags |= S_LOGIN_SET; 682 1.72 dsl strncpy(s->s_login, newname, sizeof s->s_login); 683 1.75 enami return (0); 684 1.14 cgd } 685
Indexes created Sun Sep 21 20:09:37 GMT 2025