 @@ -1,14 +1,14 @@
-/*	$NetBSD: kern_resource.c,v 1.152 2009/05/26 06:57:38 elad Exp $	*/
+/*	$NetBSD: kern_resource.c,v 1.153 2009/10/02 22:38:45 elad Exp $	*/
 /*-
  * Copyright (c) 1982, 1986, 1991, 1993
  *	The Regents of the University of California.  All rights reserved.
  * (c) UNIX System Laboratories, Inc.
  * All or some portions of this file are derived from material licensed
  * to the University of California by American Telephone and Telegraph
  * Co. or Unix System Laboratories, Inc. and are reproduced herein with
  * the permission of UNIX System Laboratories, Inc.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
 @@ -27,27 +27,27 @@
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
  *	@(#)kern_resource.c	8.8 (Berkeley) 2/14/95
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_resource.c,v 1.152 2009/05/26 06:57:38 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_resource.c,v 1.153 2009/10/02 22:38:45 elad Exp $");
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/kernel.h>
 #include <sys/file.h>
 #include <sys/resourcevar.h>
 #include <sys/malloc.h>
 #include <sys/kmem.h>
 #include <sys/namei.h>
 #include <sys/pool.h>
 #include <sys/proc.h>
 #include <sys/sysctl.h>
 #include <sys/timevar.h>
 @@ -59,34 +59,74 @@ __KERNEL_RCSID(0, "$NetBSD: kern_resourc
 #include <uvm/uvm_extern.h>
 /*
  * Maximum process data and stack limits.
  * They are variables so they are patchable.
  */
 rlim_t maxdmap = MAXDSIZ;
 rlim_t maxsmap = MAXSSIZ;
 static pool_cache_t	plimit_cache;
 static pool_cache_t	pstats_cache;
 static kauth_listener_t	rlimit_listener;
 static int
 rlimit_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie,
     void *arg0, void *arg1, void *arg2, void *arg3)
+{
 	struct proc *p;
 	int result;
 	enum kauth_process_req req;
 	result = KAUTH_RESULT_DEFER;
 	p = arg0;
 	req = (enum kauth_process_req)(unsigned long)arg1;
 	if (action != KAUTH_PROCESS_RLIMIT)
 		return result;
 	if (req == KAUTH_REQ_PROCESS_RLIMIT_SET) {
 		struct rlimit *new_rlimit;
 		u_long which;
 		if ((p != curlwp->l_proc) &&
 		    (proc_uidmatch(cred, p->p_cred) != 0))
 			return result;
 		new_rlimit = arg2;
 		which = (u_long)arg3;
 		if (new_rlimit->rlim_max <= p->p_rlimit[which].rlim_max)
 			result = KAUTH_RESULT_ALLOW;
 	} else if (req == KAUTH_REQ_PROCESS_RLIMIT_GET) {
 		result = KAUTH_RESULT_ALLOW;
+	}
 	return result;
+}
 void
 resource_init(void)
+{
 	plimit_cache = pool_cache_init(sizeof(struct plimit), 0, 0, 0,
 	    "plimitpl", NULL, IPL_NONE, NULL, NULL, NULL);
 	pstats_cache = pool_cache_init(sizeof(struct pstats), 0, 0, 0,
 	    "pstatspl", NULL, IPL_NONE, NULL, NULL, NULL);
 	rlimit_listener = kauth_listen_scope(KAUTH_SCOPE_PROCESS,
 	    rlimit_listener_cb, NULL);
+}
 /*
  * Resource controls and accounting.
  */
 int
 sys_getpriority(struct lwp *l, const struct sys_getpriority_args *uap,
     register_t *retval)
+{
 	/* {
 		syscallarg(int) which;
 		syscallarg(id_t) who;

 @@ -1,14 +1,14 @@
-/*	$NetBSD: sys_process.c,v 1.148 2009/10/02 22:18:57 elad Exp $	*/
+/*	$NetBSD: sys_process.c,v 1.149 2009/10/02 22:38:45 elad Exp $	*/
 /*-
  * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
  * All rights reserved.
+ *
  * This code is derived from software contributed to The NetBSD Foundation
  * by Andrew Doran.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
 @@ -108,27 +108,27 @@
 /*
  * References:
  *	(1) Bach's "The Design of the UNIX Operating System",
  *	(2) sys/miscfs/procfs from UCB's 4.4BSD-Lite distribution,
  *	(3) the "4.4BSD Programmer's Reference Manual" published
  *		by USENIX and O'Reilly & Associates.
  * The 4.4BSD PRM does a reasonably good job of documenting what the various
  * ptrace() requests should actually do, and its text is quoted several times
  * in this file.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sys_process.c,v 1.148 2009/10/02 22:18:57 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sys_process.c,v 1.149 2009/10/02 22:38:45 elad Exp $");
 #include "opt_ptrace.h"
 #include "opt_ktrace.h"
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/proc.h>
 #include <sys/errno.h>
 #include <sys/ptrace.h>
 #include <sys/uio.h>
 #include <sys/user.h>
 #include <sys/ras.h>
 #include <sys/kmem.h>
 @@ -1023,13 +1023,48 @@ process_stoptrace(void)
 	/*
 	 * Call issignal() once only, to have it take care of the
 	 * pending stop.  Signal processing will take place as usual
 	 * from userret().
 	 */
 	KERNEL_UNLOCK_ALL(l, &l->l_biglocks);
 	(void)issignal(l);
 	mutex_exit(p->p_lock);
 	KERNEL_LOCK(l->l_biglocks, l);
+}
 #endif	/* KTRACE || PTRACE */
 /*
  * common code for corename, rlimit, and stopflag.
  */
 int
 proc_uidmatch(kauth_cred_t cred, kauth_cred_t target)
+{
 	int r = 0;
 	if (kauth_cred_getuid(cred) != kauth_cred_getuid(target) ||
 	    kauth_cred_getuid(cred) != kauth_cred_getsvuid(target)) {
 		/*
 		 * suid proc of ours or proc not ours
 		 */
 		r = EPERM;
 	} else if (kauth_cred_getgid(target) != kauth_cred_getsvgid(target)) {
 		/*
 		 * sgid proc has sgid back to us temporarily
 		 */
 		r = EPERM;
 	} else {
 		/*
 		 * our rgid must be in target's group list (ie,
 		 * sub-processes started by a sgid process)
 		 */
 		int ismember = 0;
 		if (kauth_cred_ismember_gid(cred,
 		    kauth_cred_getgid(target), &ismember) != 0 ||
 		    !ismember)
 			r = EPERM;
+	}
 	return (r);
+}

 @@ -1,14 +1,14 @@
-/* $NetBSD: secmodel_suser.c,v 1.5 2009/10/02 22:18:57 elad Exp $ */
+/* $NetBSD: secmodel_suser.c,v 1.6 2009/10/02 22:38:45 elad Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. The name of the author may not be used to endorse or promote products
 @@ -28,27 +28,27 @@
 /*
  * This file contains kauth(9) listeners needed to implement the traditional
  * NetBSD superuser access restrictions.
+ *
  * There are two main resources a request can be issued to: user-owned and
  * system owned. For the first, traditional Unix access checks are done, as
  * well as superuser checks. If needed, the request context is examined before
  * a decision is made. For the latter, usually only superuser checks are done
  * as normal users are not allowed to access system resources.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.5 2009/10/02 22:18:57 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.6 2009/10/02 22:38:45 elad Exp $");
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/kauth.h>
 #include <sys/acct.h>
 #include <sys/mutex.h>
 #include <sys/ktrace.h>
 #include <sys/mount.h>
 #include <sys/pset.h>
 #include <sys/socketvar.h>
 #include <sys/sysctl.h>
 #include <sys/tty.h>
 @@ -494,61 +494,26 @@ secmodel_suser_system_cb(kauth_cred_t cr
 		if ((uintptr_t)arg2 != 0)	/* autoload */
 			result = KAUTH_RESULT_ALLOW;
 		break;
 	default:
 		result = KAUTH_RESULT_DEFER;
 		break;
+	}
 	return (result);
+}
 /*
  * common code for corename, rlimit, and stopflag.
  */
 static int
 proc_uidmatch(kauth_cred_t cred, kauth_cred_t target)
 	int r = 0;
 	if (kauth_cred_getuid(cred) != kauth_cred_getuid(target) ||
 	    kauth_cred_getuid(cred) != kauth_cred_getsvuid(target)) {
 		/*
 		 * suid proc of ours or proc not ours
 		 */
 		r = EPERM;
 	} else if (kauth_cred_getgid(target) != kauth_cred_getsvgid(target)) {
 		/*
 		 * sgid proc has sgid back to us temporarily
 		 */
 		r = EPERM;
 	} else {
 		/*
 		 * our rgid must be in target's group list (ie,
 		 * sub-processes started by a sgid process)
 		 */
 		int ismember = 0;
 		if (kauth_cred_ismember_gid(cred,
 		    kauth_cred_getgid(target), &ismember) != 0 ||
 		    !ismember)
 			r = EPERM;
 	return (r);
 /*
  * kauth(9) listener
+ *
  * Security model: Traditional NetBSD
  * Scope: Process
  * Responsibility: Superuser access
  */
 int
 secmodel_suser_process_cb(kauth_cred_t cred, kauth_action_t action,
     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
+{
 	struct proc *p;
 	bool isroot;
 	int result;
 @@ -688,58 +653,37 @@ secmodel_suser_process_cb(kauth_cred_t c
 		if (kauth_cred_geteuid(cred) !=
 		    kauth_cred_geteuid(p->p_cred) &&
 		    kauth_cred_getuid(cred) !=
 		    kauth_cred_geteuid(p->p_cred)) {
 			break;
+		}
 		if ((u_long)arg1 >= p->p_nice)
 			result = KAUTH_RESULT_ALLOW;
 		break;
 	case KAUTH_PROCESS_RLIMIT: {
-		unsigned long req;
+		enum kauth_process_req req;
-		req = (unsigned long)arg1;
+		req = (enum kauth_process_req)(unsigned long)arg1;
 		switch (req) {
-		case KAUTH_REQ_PROCESS_RLIMIT_SET: {
+		case KAUTH_REQ_PROCESS_RLIMIT_SET:
-			struct rlimit *new_rlimit;
+		case KAUTH_REQ_PROCESS_RLIMIT_GET:
-			u_long which;
+			if (isroot)
 			if (isroot) {
 				result = KAUTH_RESULT_ALLOW;
 				break;
 			if ((p != curlwp->l_proc) &&
 			    (proc_uidmatch(cred, p->p_cred) != 0)) {
 				break;
 			new_rlimit = arg2;
 			which = (u_long)arg3;
 			if (new_rlimit->rlim_max <=
 			    p->p_rlimit[which].rlim_max)
 				result = KAUTH_RESULT_ALLOW;
 			break;
 		case KAUTH_REQ_PROCESS_RLIMIT_GET:
 			result = KAUTH_RESULT_ALLOW;
 			break;
 		default:
 			break;
+		}
 		break;
+		}
 	case KAUTH_PROCESS_SCHEDULER_GETPARAM:
 		if (isroot || kauth_cred_uidmatch(cred, p->p_cred))
 			result = KAUTH_RESULT_ALLOW;
 		break;

 @@ -1,14 +1,14 @@
-/*	$NetBSD: proc.h,v 1.290 2009/05/27 12:15:11 yamt Exp $	*/
+/*	$NetBSD: proc.h,v 1.291 2009/10/02 22:38:45 elad Exp $	*/
 /*-
  * Copyright (c) 2006, 2007, 2008 The NetBSD Foundation, Inc.
  * All rights reserved.
+ *
  * This code is derived from software contributed to The NetBSD Foundation
  * by Andrew Doran.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
 @@ -500,26 +500,27 @@ void	cpu_lwp_free(struct lwp *, int);
 #ifndef cpu_lwp_free2
 void	cpu_lwp_free2(struct lwp *);
 #endif
 #endif
 #ifdef __HAVE_SYSCALL_INTERN
 void	syscall_intern(struct proc *);
 #endif
 void	child_return(void *);
 int	proc_isunder(struct proc *, struct lwp *);
 void	proc_stop(struct proc *, int, int);
 int	proc_uidmatch(kauth_cred_t, kauth_cred_t);
 int	proc_vmspace_getref(struct proc *, struct vmspace **);
 void	proc_crmod_leave(kauth_cred_t, kauth_cred_t, bool);
 void	proc_crmod_enter(void);
 int	proc_specific_key_create(specificdata_key_t *, specificdata_dtor_t);
 void	proc_specific_key_delete(specificdata_key_t);
 void	proc_initspecific(struct proc *);
 void	proc_finispecific(struct proc *);
 void *	proc_getspecific(struct proc *, specificdata_key_t);
 void	proc_setspecific(struct proc *, specificdata_key_t, void *);
 int	proclist_foreach_call(struct proclist *,