Home | History | Annotate | Line # | Download | only in kern
kern_prot.c revision 1.102 
      1 /*	$NetBSD: kern_prot.c,v 1.102 2007/06/23 09:08:37 dsl Exp $	*/
      2 
      3 /*
      4  * Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993
      5  *	The Regents of the University of California.  All rights reserved.
      6  * (c) UNIX System Laboratories, Inc.
      7  * All or some portions of this file are derived from material licensed
      8  * to the University of California by American Telephone and Telegraph
      9  * Co. or Unix System Laboratories, Inc. and are reproduced herein with
     10  * the permission of UNIX System Laboratories, Inc.
     11  *
     12  * Redistribution and use in source and binary forms, with or without
     13  * modification, are permitted provided that the following conditions
     14  * are met:
     15  * 1. Redistributions of source code must retain the above copyright
     16  *    notice, this list of conditions and the following disclaimer.
     17  * 2. Redistributions in binary form must reproduce the above copyright
     18  *    notice, this list of conditions and the following disclaimer in the
     19  *    documentation and/or other materials provided with the distribution.
     20  * 3. Neither the name of the University nor the names of its contributors
     21  *    may be used to endorse or promote products derived from this software
     22  *    without specific prior written permission.
     23  *
     24  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
     25  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     26  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     27  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
     28  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     29  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     30  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     31  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     32  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     33  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     34  * SUCH DAMAGE.
     35  *
     36  *	@(#)kern_prot.c	8.9 (Berkeley) 2/14/95
     37  */
     38 
     39 /*
     40  * System calls related to processes and protection
     41  */
     42 
     43 #include <sys/cdefs.h>
     44 __KERNEL_RCSID(0, "$NetBSD: kern_prot.c,v 1.102 2007/06/23 09:08:37 dsl Exp $");
     45 
     46 #include "opt_compat_43.h"
     47 
     48 #include <sys/param.h>
     49 #include <sys/acct.h>
     50 #include <sys/systm.h>
     51 #include <sys/ucred.h>
     52 #include <sys/proc.h>
     53 #include <sys/timeb.h>
     54 #include <sys/times.h>
     55 #include <sys/pool.h>
     56 #include <sys/prot.h>
     57 #include <sys/syslog.h>
     58 #include <sys/resourcevar.h>
     59 #include <sys/kauth.h>
     60 
     61 #include <sys/mount.h>
     62 #include <sys/syscallargs.h>
     63 
     64 #include <sys/malloc.h>
     65 
     66 int	sys_getpid(struct lwp *, void *, register_t *);
     67 int	sys_getpid_with_ppid(struct lwp *, void *, register_t *);
     68 int	sys_getuid(struct lwp *, void *, register_t *);
     69 int	sys_getuid_with_euid(struct lwp *, void *, register_t *);
     70 int	sys_getgid(struct lwp *, void *, register_t *);
     71 int	sys_getgid_with_egid(struct lwp *, void *, register_t *);
     72 
     73 /* ARGSUSED */
     74 int
     75 sys_getpid(struct lwp *l, void *v, register_t *retval)
     76 {
     77 	struct proc *p = l->l_proc;
     78 
     79 	*retval = p->p_pid;
     80 	return (0);
     81 }
     82 
     83 /* ARGSUSED */
     84 int
     85 sys_getpid_with_ppid(struct lwp *l, void *v, register_t *retval)
     86 {
     87 	struct proc *p = l->l_proc;
     88 
     89 	retval[0] = p->p_pid;
     90 	mutex_enter(&proclist_lock);
     91 	retval[1] = p->p_pptr->p_pid;
     92 	mutex_exit(&proclist_lock);
     93 	return (0);
     94 }
     95 
     96 /* ARGSUSED */
     97 int
     98 sys_getppid(struct lwp *l, void *v, register_t *retval)
     99 {
    100 	struct proc *p = l->l_proc;
    101 
    102 	mutex_enter(&proclist_lock);
    103 	*retval = p->p_pptr->p_pid;
    104 	mutex_exit(&proclist_lock);
    105 	return (0);
    106 }
    107 
    108 /* Get process group ID; note that POSIX getpgrp takes no parameter */
    109 int
    110 sys_getpgrp(struct lwp *l, void *v, register_t *retval)
    111 {
    112 	struct proc *p = l->l_proc;
    113 
    114 	mutex_enter(&proclist_lock);
    115 	*retval = p->p_pgrp->pg_id;
    116 	mutex_exit(&proclist_lock);
    117 	return (0);
    118 }
    119 
    120 /*
    121  * Return the process group ID of the session leader (session ID)
    122  * for the specified process.
    123  */
    124 int
    125 sys_getsid(struct lwp *l, void *v, register_t *retval)
    126 {
    127 	struct sys_getsid_args /* {
    128 		syscalldarg(pid_t) pid;
    129 	} */ *uap = v;
    130 	pid_t pid = SCARG(uap, pid);
    131 	struct proc *p;
    132 	int error = 0;
    133 
    134 	mutex_enter(&proclist_lock);
    135 	if (pid == 0)
    136 		*retval = l->l_proc->p_session->s_sid;
    137 	else if ((p = p_find(pid, PFIND_LOCKED)) != NULL)
    138 		*retval = p->p_session->s_sid;
    139 	else
    140 		error = ESRCH;
    141 	mutex_exit(&proclist_lock);
    142 
    143 	return error;
    144 }
    145 
    146 int
    147 sys_getpgid(struct lwp *l, void *v, register_t *retval)
    148 {
    149 	struct sys_getpgid_args /* {
    150 		syscallarg(pid_t) pid;
    151 	} */ *uap = v;
    152 	pid_t pid = SCARG(uap, pid);
    153 	struct proc *p;
    154 	int error = 0;
    155 
    156 	mutex_enter(&proclist_lock);
    157 	if (pid == 0)
    158 		*retval = l->l_proc->p_pgid;
    159 	else if ((p = p_find(pid, PFIND_LOCKED)) != NULL)
    160 		*retval = p->p_pgid;
    161 	else
    162 		error = ESRCH;
    163 	mutex_exit(&proclist_lock);
    164 
    165 	return error;
    166 }
    167 
    168 /* ARGSUSED */
    169 int
    170 sys_getuid(struct lwp *l, void *v, register_t *retval)
    171 {
    172 
    173 	*retval = kauth_cred_getuid(l->l_cred);
    174 	return (0);
    175 }
    176 
    177 /* ARGSUSED */
    178 int
    179 sys_getuid_with_euid(struct lwp *l, void *v, register_t *retval)
    180 {
    181 
    182 	retval[0] = kauth_cred_getuid(l->l_cred);
    183 	retval[1] = kauth_cred_geteuid(l->l_cred);
    184 	return (0);
    185 }
    186 
    187 /* ARGSUSED */
    188 int
    189 sys_geteuid(struct lwp *l, void *v, register_t *retval)
    190 {
    191 
    192 	*retval = kauth_cred_geteuid(l->l_cred);
    193 	return (0);
    194 }
    195 
    196 /* ARGSUSED */
    197 int
    198 sys_getgid(struct lwp *l, void *v, register_t *retval)
    199 {
    200 
    201 	*retval = kauth_cred_getgid(l->l_cred);
    202 	return (0);
    203 }
    204 
    205 /* ARGSUSED */
    206 int
    207 sys_getgid_with_egid(struct lwp *l, void *v, register_t *retval)
    208 {
    209 
    210 	retval[0] = kauth_cred_getgid(l->l_cred);
    211 	retval[1] = kauth_cred_getegid(l->l_cred);
    212 	return (0);
    213 }
    214 
    215 /*
    216  * Get effective group ID.  The "egid" is groups[0], and could be obtained
    217  * via getgroups.  This syscall exists because it is somewhat painful to do
    218  * correctly in a library function.
    219  */
    220 /* ARGSUSED */
    221 int
    222 sys_getegid(struct lwp *l, void *v, register_t *retval)
    223 {
    224 
    225 	*retval = kauth_cred_getegid(l->l_cred);
    226 	return (0);
    227 }
    228 
    229 int
    230 sys_getgroups(struct lwp *l, void *v, register_t *retval)
    231 {
    232 	struct sys_getgroups_args /* {
    233 		syscallarg(int) gidsetsize;
    234 		syscallarg(gid_t *) gidset;
    235 	} */ *uap = v;
    236 	const gid_t *grbuf;
    237 
    238 	*retval = kauth_cred_ngroups(l->l_cred);
    239 	if (SCARG(uap, gidsetsize) == 0)
    240 		return 0;
    241 
    242 	grbuf = kauth_cred_getgrlist(l->l_cred, SCARG(uap, gidsetsize));
    243 	if (grbuf == NULL)
    244 		return EINVAL;
    245 
    246 	return copyout(grbuf, SCARG(uap, gidset), *retval * sizeof(gid_t));
    247 }
    248 
    249 /* ARGSUSED */
    250 int
    251 sys_setsid(struct lwp *l, void *v, register_t *retval)
    252 {
    253 	struct proc *p = l->l_proc;
    254 	int error;
    255 
    256 	error = enterpgrp(p, p->p_pid, p->p_pid, 1);
    257 	*retval = p->p_pid;
    258 	return (error);
    259 }
    260 
    261 
    262 /*
    263  * set process group (setpgid/old setpgrp)
    264  *
    265  * caller does setpgid(targpid, targpgid)
    266  *
    267  * pgid must be in valid range (EINVAL)
    268  * pid must be caller or child of caller (ESRCH)
    269  * if a child
    270  *	pid must be in same session (EPERM)
    271  *	pid can't have done an exec (EACCES)
    272  * if pgid != pid
    273  * 	there must exist some pid in same session having pgid (EPERM)
    274  * pid must not be session leader (EPERM)
    275  *
    276  * Permission checks now in enterpgrp()
    277  */
    278 /* ARGSUSED */
    279 int
    280 sys_setpgid(struct lwp *l, void *v, register_t *retval)
    281 {
    282 	struct sys_setpgid_args /* {
    283 		syscallarg(int) pid;
    284 		syscallarg(int) pgid;
    285 	} */ *uap = v;
    286 	struct proc *p = l->l_proc;
    287 	pid_t targp, pgid;
    288 
    289 	if (SCARG(uap, pgid) < 0)
    290 		return EINVAL;
    291 	if ((targp = SCARG(uap, pid)) == 0)
    292 		targp = p->p_pid;
    293 	if ((pgid = SCARG(uap, pgid)) == 0)
    294 		pgid = targp;
    295 
    296 	return enterpgrp(p, targp, pgid, 0);
    297 }
    298 
    299 /*
    300  * Set real, effective and saved uids to the requested values.
    301  * non-root callers can only ever change uids to values that match
    302  * one of the processes current uid values.
    303  * This is further restricted by the flags argument.
    304  */
    305 
    306 int
    307 do_setresuid(struct lwp *l, uid_t r, uid_t e, uid_t sv, u_int flags)
    308 {
    309 	struct proc *p = l->l_proc;
    310 	kauth_cred_t cred, ncred;
    311 
    312 	ncred = kauth_cred_alloc();
    313 
    314 	/* Get a write lock on the process credential. */
    315 	proc_crmod_enter();
    316 	cred = p->p_cred;
    317 
    318 	/*
    319 	 * Check that the new value is one of the allowed existing values,
    320 	 * or that we have root privilege.
    321 	 */
    322 	if ((r != -1
    323 	    && !((flags & ID_R_EQ_R) && r == kauth_cred_getuid(cred))
    324 	    && !((flags & ID_R_EQ_E) && r == kauth_cred_geteuid(cred))
    325 	    && !((flags & ID_R_EQ_S) && r == kauth_cred_getsvuid(cred))) ||
    326 	    (e != -1
    327 	    && !((flags & ID_E_EQ_R) && e == kauth_cred_getuid(cred))
    328 	    && !((flags & ID_E_EQ_E) && e == kauth_cred_geteuid(cred))
    329 	    && !((flags & ID_E_EQ_S) && e == kauth_cred_getsvuid(cred))) ||
    330 	    (sv != -1
    331 	    && !((flags & ID_S_EQ_R) && sv == kauth_cred_getuid(cred))
    332 	    && !((flags & ID_S_EQ_E) && sv == kauth_cred_geteuid(cred))
    333 	    && !((flags & ID_S_EQ_S) && sv == kauth_cred_getsvuid(cred)))) {
    334 		int error;
    335 
    336 		error = kauth_authorize_process(cred, KAUTH_PROCESS_SETID,
    337 		    p, NULL, NULL, NULL);
    338 		if (error != 0) {
    339 		 	proc_crmod_leave(cred, ncred, false);
    340 			return error;
    341 		}
    342 	}
    343 
    344 	/* If nothing has changed, short circuit the request */
    345 	if ((r == -1 || r == kauth_cred_getuid(cred))
    346 	    && (e == -1 || e == kauth_cred_geteuid(cred))
    347 	    && (sv == -1 || sv == kauth_cred_getsvuid(cred))) {
    348 		proc_crmod_leave(cred, ncred, false);
    349 		return 0;
    350 	}
    351 
    352 	kauth_cred_clone(cred, ncred);
    353 
    354 	if (r != -1 && r != kauth_cred_getuid(ncred)) {
    355 		/* Update count of processes for this user */
    356 		(void)chgproccnt(kauth_cred_getuid(ncred), -1);
    357 		(void)chgproccnt(r, 1);
    358 		kauth_cred_setuid(ncred, r);
    359 	}
    360 	if (sv != -1)
    361 		kauth_cred_setsvuid(ncred, sv);
    362 	if (e != -1)
    363 		kauth_cred_seteuid(ncred, e);
    364 
    365 	/* Broadcast our credentials to the process and other LWPs. */
    366  	proc_crmod_leave(ncred, cred, true);
    367 
    368 	return 0;
    369 }
    370 
    371 /*
    372  * Set real, effective and saved gids to the requested values.
    373  * non-root callers can only ever change gids to values that match
    374  * one of the processes current gid values.
    375  * This is further restricted by the flags argument.
    376  */
    377 
    378 int
    379 do_setresgid(struct lwp *l, gid_t r, gid_t e, gid_t sv, u_int flags)
    380 {
    381 	struct proc *p = l->l_proc;
    382 	kauth_cred_t cred, ncred;
    383 
    384 	ncred = kauth_cred_alloc();
    385 
    386 	/* Get a write lock on the process credential. */
    387 	proc_crmod_enter();
    388 	cred = p->p_cred;
    389 
    390 	/*
    391 	 * check new value is one of the allowed existing values.
    392 	 * otherwise, check if we have root privilege.
    393 	 */
    394 	if ((r != -1
    395 	    && !((flags & ID_R_EQ_R) && r == kauth_cred_getgid(cred))
    396 	    && !((flags & ID_R_EQ_E) && r == kauth_cred_getegid(cred))
    397 	    && !((flags & ID_R_EQ_S) && r == kauth_cred_getsvgid(cred))) ||
    398 	    (e != -1
    399 	    && !((flags & ID_E_EQ_R) && e == kauth_cred_getgid(cred))
    400 	    && !((flags & ID_E_EQ_E) && e == kauth_cred_getegid(cred))
    401 	    && !((flags & ID_E_EQ_S) && e == kauth_cred_getsvgid(cred))) ||
    402 	    (sv != -1
    403 	    && !((flags & ID_S_EQ_R) && sv == kauth_cred_getgid(cred))
    404 	    && !((flags & ID_S_EQ_E) && sv == kauth_cred_getegid(cred))
    405 	    && !((flags & ID_S_EQ_S) && sv == kauth_cred_getsvgid(cred)))) {
    406 		int error;
    407 
    408 		error = kauth_authorize_process(cred, KAUTH_PROCESS_SETID,
    409 		    p, NULL, NULL, NULL);
    410 		if (error != 0) {
    411 		 	proc_crmod_leave(cred, ncred, false);
    412 			return error;
    413 		}
    414 	}
    415 
    416 	/* If nothing has changed, short circuit the request */
    417 	if ((r == -1 || r == kauth_cred_getgid(cred))
    418 	    && (e == -1 || e == kauth_cred_getegid(cred))
    419 	    && (sv == -1 || sv == kauth_cred_getsvgid(cred))) {
    420 	 	proc_crmod_leave(cred, ncred, false);
    421 		return 0;
    422 	}
    423 
    424 	kauth_cred_clone(cred, ncred);
    425 
    426 	if (r != -1)
    427 		kauth_cred_setgid(ncred, r);
    428 	if (sv != -1)
    429 		kauth_cred_setsvgid(ncred, sv);
    430 	if (e != -1)
    431 		kauth_cred_setegid(ncred, e);
    432 
    433 	/* Broadcast our credentials to the process and other LWPs. */
    434  	proc_crmod_leave(ncred, cred, true);
    435 
    436 	return 0;
    437 }
    438 
    439 /* ARGSUSED */
    440 int
    441 sys_setuid(struct lwp *l, void *v, register_t *retval)
    442 {
    443 	struct sys_setuid_args /* {
    444 		syscallarg(uid_t) uid;
    445 	} */ *uap = v;
    446 	uid_t uid = SCARG(uap, uid);
    447 
    448 	return do_setresuid(l, uid, uid, uid,
    449 			    ID_R_EQ_R | ID_E_EQ_R | ID_S_EQ_R);
    450 }
    451 
    452 /* ARGSUSED */
    453 int
    454 sys_seteuid(struct lwp *l, void *v, register_t *retval)
    455 {
    456 	struct sys_seteuid_args /* {
    457 		syscallarg(uid_t) euid;
    458 	} */ *uap = v;
    459 
    460 	return do_setresuid(l, -1, SCARG(uap, euid), -1, ID_E_EQ_R | ID_E_EQ_S);
    461 }
    462 
    463 int
    464 sys_setreuid(struct lwp *l, void *v, register_t *retval)
    465 {
    466 	struct sys_setreuid_args /* {
    467 		syscallarg(uid_t) ruid;
    468 		syscallarg(uid_t) euid;
    469 	} */ *uap = v;
    470 	kauth_cred_t cred = l->l_cred;
    471 	uid_t ruid, euid, svuid;
    472 
    473 	ruid = SCARG(uap, ruid);
    474 	euid = SCARG(uap, euid);
    475 
    476 	if (ruid == -1)
    477 		ruid = kauth_cred_getuid(cred);
    478 	if (euid == -1)
    479 		euid = kauth_cred_geteuid(cred);
    480 
    481 	/* Saved uid is set to the new euid if the ruid changed */
    482 	svuid = (ruid == kauth_cred_getuid(cred)) ? -1 : euid;
    483 
    484 	return do_setresuid(l, ruid, euid, svuid,
    485 			    ID_R_EQ_R | ID_R_EQ_E |
    486 			    ID_E_EQ_R | ID_E_EQ_E | ID_E_EQ_S |
    487 			    ID_S_EQ_R | ID_S_EQ_E | ID_S_EQ_S);
    488 }
    489 
    490 /* ARGSUSED */
    491 int
    492 sys_setgid(struct lwp *l, void *v, register_t *retval)
    493 {
    494 	struct sys_setgid_args /* {
    495 		syscallarg(gid_t) gid;
    496 	} */ *uap = v;
    497 	gid_t gid = SCARG(uap, gid);
    498 
    499 	return do_setresgid(l, gid, gid, gid,
    500 			    ID_R_EQ_R | ID_E_EQ_R | ID_S_EQ_R);
    501 }
    502 
    503 /* ARGSUSED */
    504 int
    505 sys_setegid(struct lwp *l, void *v, register_t *retval)
    506 {
    507 	struct sys_setegid_args /* {
    508 		syscallarg(gid_t) egid;
    509 	} */ *uap = v;
    510 
    511 	return do_setresgid(l, -1, SCARG(uap, egid), -1, ID_E_EQ_R | ID_E_EQ_S);
    512 }
    513 
    514 int
    515 sys_setregid(struct lwp *l, void *v, register_t *retval)
    516 {
    517 	struct sys_setregid_args /* {
    518 		syscallarg(gid_t) rgid;
    519 		syscallarg(gid_t) egid;
    520 	} */ *uap = v;
    521 	kauth_cred_t cred = l->l_cred;
    522 	gid_t rgid, egid, svgid;
    523 
    524 	rgid = SCARG(uap, rgid);
    525 	egid = SCARG(uap, egid);
    526 
    527 	if (rgid == -1)
    528 		rgid = kauth_cred_getgid(cred);
    529 	if (egid == -1)
    530 		egid = kauth_cred_getegid(cred);
    531 
    532 	/* Saved gid is set to the new egid if the rgid changed */
    533 	svgid = rgid == kauth_cred_getgid(cred) ? -1 : egid;
    534 
    535 	return do_setresgid(l, rgid, egid, svgid,
    536 			ID_R_EQ_R | ID_R_EQ_E |
    537 			ID_E_EQ_R | ID_E_EQ_E | ID_E_EQ_S |
    538 			ID_S_EQ_R | ID_S_EQ_E | ID_S_EQ_S);
    539 }
    540 
    541 int
    542 sys_issetugid(struct lwp *l, void *v, register_t *retval)
    543 {
    544 	struct proc *p = l->l_proc;
    545 
    546 	/*
    547 	 * Note: OpenBSD sets a P_SUGIDEXEC flag set at execve() time,
    548 	 * we use PK_SUGID because we consider changing the owners as
    549 	 * "tainting" as well.
    550 	 * This is significant for procs that start as root and "become"
    551 	 * a user without an exec - programs cannot know *everything*
    552 	 * that libc *might* have put in their data segment.
    553 	 */
    554 	*retval = (p->p_flag & PK_SUGID) != 0;
    555 	return (0);
    556 }
    557 
    558 /* ARGSUSED */
    559 int
    560 sys_setgroups(struct lwp *l, void *v, register_t *retval)
    561 {
    562 	struct sys_setgroups_args /* {
    563 		syscallarg(int) gidsetsize;
    564 		syscallarg(const gid_t *) gidset;
    565 	} */ *uap = v;
    566 	kauth_cred_t ncred;
    567 	int error;
    568 	gid_t *grbuf;
    569 
    570 	ncred = kauth_cred_alloc();
    571 
    572 	grbuf = kauth_cred_setngroups(ncred, SCARG(uap, gidsetsize));
    573 	if (grbuf == NULL)
    574 		error = EINVAL;
    575 	else {
    576 		error = copyin(SCARG(uap, gidset), grbuf,
    577 		    SCARG(uap, gidsetsize) * sizeof(gid_t));
    578 	}
    579 	if (error != 0) {
    580 		kauth_cred_free(ncred);
    581 		return error;
    582 	}
    583 
    584 	return kauth_proc_setgroups(l, ncred);
    585 }
    586 
    587 /*
    588  * Get login name, if available.
    589  */
    590 /* ARGSUSED */
    591 int
    592 sys___getlogin(struct lwp *l, void *v, register_t *retval)
    593 {
    594 	struct sys___getlogin_args /* {
    595 		syscallarg(char *) namebuf;
    596 		syscallarg(size_t) namelen;
    597 	} */ *uap = v;
    598 	struct proc *p = l->l_proc;
    599 	char login[sizeof(p->p_session->s_login)];
    600 	int namelen = SCARG(uap, namelen);
    601 
    602 	if (namelen > sizeof(login))
    603 		namelen = sizeof(login);
    604 	mutex_enter(&proclist_lock);
    605 	memcpy(login, p->p_session->s_login, namelen);
    606 	mutex_exit(&proclist_lock);
    607 	return (copyout(login, (void *)SCARG(uap, namebuf), namelen));
    608 }
    609 
    610 /*
    611  * Set login name.
    612  */
    613 /* ARGSUSED */
    614 int
    615 sys___setlogin(struct lwp *l, void *v, register_t *retval)
    616 {
    617 	struct sys___setlogin_args /* {
    618 		syscallarg(const char *) namebuf;
    619 	} */ *uap = v;
    620 	struct proc *p = l->l_proc;
    621 	struct session *sp;
    622 	char newname[sizeof sp->s_login + 1];
    623 	int error;
    624 
    625 	if ((error = kauth_authorize_process(l->l_cred, KAUTH_PROCESS_SETID,
    626 	    p, NULL, NULL, NULL)) != 0)
    627 		return (error);
    628 	error = copyinstr(SCARG(uap, namebuf), &newname, sizeof newname, NULL);
    629 	if (error != 0)
    630 		return (error == ENAMETOOLONG ? EINVAL : error);
    631 
    632 	mutex_enter(&proclist_lock);
    633 	sp = p->p_session;
    634 	if (sp->s_flags & S_LOGIN_SET && p->p_pid != sp->s_sid &&
    635 	    strncmp(newname, sp->s_login, sizeof sp->s_login) != 0)
    636 		log(LOG_WARNING, "%s (pid %d) changing logname from "
    637 		    "%.*s to %s\n", p->p_comm, p->p_pid,
    638 		    (int)sizeof sp->s_login, sp->s_login, newname);
    639 	sp->s_flags |= S_LOGIN_SET;
    640 	strncpy(sp->s_login, newname, sizeof sp->s_login);
    641 	mutex_exit(&proclist_lock);
    642 	return (0);
    643 }
    644 
    645