Move rlimit policy back to the subsystem. For this we needed proc_uidmatch() exposed, which makes a lot of sense, so put it back in sys_process.c for use in other places as well.diff -r1.152 -r1.153 src/sys/kern/kern_resource.c
(elad)
--- src/sys/kern/kern_resource.c 2009/05/26 06:57:38 1.152
+++ src/sys/kern/kern_resource.c 2009/10/02 22:38:45 1.153
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: kern_resource.c,v 1.152 2009/05/26 06:57:38 elad Exp $ */ | 1 | /* $NetBSD: kern_resource.c,v 1.153 2009/10/02 22:38:45 elad Exp $ */ | |
2 | 2 | |||
3 | /*- | 3 | /*- | |
4 | * Copyright (c) 1982, 1986, 1991, 1993 | 4 | * Copyright (c) 1982, 1986, 1991, 1993 | |
5 | * The Regents of the University of California. All rights reserved. | 5 | * The Regents of the University of California. All rights reserved. | |
6 | * (c) UNIX System Laboratories, Inc. | 6 | * (c) UNIX System Laboratories, Inc. | |
7 | * All or some portions of this file are derived from material licensed | 7 | * All or some portions of this file are derived from material licensed | |
8 | * to the University of California by American Telephone and Telegraph | 8 | * to the University of California by American Telephone and Telegraph | |
9 | * Co. or Unix System Laboratories, Inc. and are reproduced herein with | 9 | * Co. or Unix System Laboratories, Inc. and are reproduced herein with | |
10 | * the permission of UNIX System Laboratories, Inc. | 10 | * the permission of UNIX System Laboratories, Inc. | |
11 | * | 11 | * | |
12 | * Redistribution and use in source and binary forms, with or without | 12 | * Redistribution and use in source and binary forms, with or without | |
13 | * modification, are permitted provided that the following conditions | 13 | * modification, are permitted provided that the following conditions | |
14 | * are met: | 14 | * are met: | |
@@ -27,27 +27,27 @@ | @@ -27,27 +27,27 @@ | |||
27 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | 27 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
28 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | 28 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
29 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | 29 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
30 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 30 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
31 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | 31 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
32 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 32 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
33 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 33 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
34 | * SUCH DAMAGE. | 34 | * SUCH DAMAGE. | |
35 | * | 35 | * | |
36 | * @(#)kern_resource.c 8.8 (Berkeley) 2/14/95 | 36 | * @(#)kern_resource.c 8.8 (Berkeley) 2/14/95 | |
37 | */ | 37 | */ | |
38 | 38 | |||
39 | #include <sys/cdefs.h> | 39 | #include <sys/cdefs.h> | |
40 | __KERNEL_RCSID(0, "$NetBSD: kern_resource.c,v 1.152 2009/05/26 06:57:38 elad Exp $"); | 40 | __KERNEL_RCSID(0, "$NetBSD: kern_resource.c,v 1.153 2009/10/02 22:38:45 elad Exp $"); | |
41 | 41 | |||
42 | #include <sys/param.h> | 42 | #include <sys/param.h> | |
43 | #include <sys/systm.h> | 43 | #include <sys/systm.h> | |
44 | #include <sys/kernel.h> | 44 | #include <sys/kernel.h> | |
45 | #include <sys/file.h> | 45 | #include <sys/file.h> | |
46 | #include <sys/resourcevar.h> | 46 | #include <sys/resourcevar.h> | |
47 | #include <sys/malloc.h> | 47 | #include <sys/malloc.h> | |
48 | #include <sys/kmem.h> | 48 | #include <sys/kmem.h> | |
49 | #include <sys/namei.h> | 49 | #include <sys/namei.h> | |
50 | #include <sys/pool.h> | 50 | #include <sys/pool.h> | |
51 | #include <sys/proc.h> | 51 | #include <sys/proc.h> | |
52 | #include <sys/sysctl.h> | 52 | #include <sys/sysctl.h> | |
53 | #include <sys/timevar.h> | 53 | #include <sys/timevar.h> | |
@@ -59,34 +59,74 @@ __KERNEL_RCSID(0, "$NetBSD: kern_resourc | @@ -59,34 +59,74 @@ __KERNEL_RCSID(0, "$NetBSD: kern_resourc | |||
59 | 59 | |||
60 | #include <uvm/uvm_extern.h> | 60 | #include <uvm/uvm_extern.h> | |
61 | 61 | |||
62 | /* | 62 | /* | |
63 | * Maximum process data and stack limits. | 63 | * Maximum process data and stack limits. | |
64 | * They are variables so they are patchable. | 64 | * They are variables so they are patchable. | |
65 | */ | 65 | */ | |
66 | rlim_t maxdmap = MAXDSIZ; | 66 | rlim_t maxdmap = MAXDSIZ; | |
67 | rlim_t maxsmap = MAXSSIZ; | 67 | rlim_t maxsmap = MAXSSIZ; | |
68 | 68 | |||
69 | static pool_cache_t plimit_cache; | 69 | static pool_cache_t plimit_cache; | |
70 | static pool_cache_t pstats_cache; | 70 | static pool_cache_t pstats_cache; | |
71 | 71 | |||
72 | static kauth_listener_t rlimit_listener; | |||
73 | ||||
74 | static int | |||
75 | rlimit_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie, | |||
76 | void *arg0, void *arg1, void *arg2, void *arg3) | |||
77 | { | |||
78 | struct proc *p; | |||
79 | int result; | |||
80 | enum kauth_process_req req; | |||
81 | ||||
82 | result = KAUTH_RESULT_DEFER; | |||
83 | p = arg0; | |||
84 | req = (enum kauth_process_req)(unsigned long)arg1; | |||
85 | ||||
86 | if (action != KAUTH_PROCESS_RLIMIT) | |||
87 | return result; | |||
88 | ||||
89 | if (req == KAUTH_REQ_PROCESS_RLIMIT_SET) { | |||
90 | struct rlimit *new_rlimit; | |||
91 | u_long which; | |||
92 | ||||
93 | if ((p != curlwp->l_proc) && | |||
94 | (proc_uidmatch(cred, p->p_cred) != 0)) | |||
95 | return result; | |||
96 | ||||
97 | new_rlimit = arg2; | |||
98 | which = (u_long)arg3; | |||
99 | ||||
100 | if (new_rlimit->rlim_max <= p->p_rlimit[which].rlim_max) | |||
101 | result = KAUTH_RESULT_ALLOW; | |||
102 | } else if (req == KAUTH_REQ_PROCESS_RLIMIT_GET) { | |||
103 | result = KAUTH_RESULT_ALLOW; | |||
104 | } | |||
105 | ||||
106 | return result; | |||
107 | } | |||
108 | ||||
72 | void | 109 | void | |
73 | resource_init(void) | 110 | resource_init(void) | |
74 | { | 111 | { | |
75 | 112 | |||
76 | plimit_cache = pool_cache_init(sizeof(struct plimit), 0, 0, 0, | 113 | plimit_cache = pool_cache_init(sizeof(struct plimit), 0, 0, 0, | |
77 | "plimitpl", NULL, IPL_NONE, NULL, NULL, NULL); | 114 | "plimitpl", NULL, IPL_NONE, NULL, NULL, NULL); | |
78 | pstats_cache = pool_cache_init(sizeof(struct pstats), 0, 0, 0, | 115 | pstats_cache = pool_cache_init(sizeof(struct pstats), 0, 0, 0, | |
79 | "pstatspl", NULL, IPL_NONE, NULL, NULL, NULL); | 116 | "pstatspl", NULL, IPL_NONE, NULL, NULL, NULL); | |
117 | ||||
118 | rlimit_listener = kauth_listen_scope(KAUTH_SCOPE_PROCESS, | |||
119 | rlimit_listener_cb, NULL); | |||
80 | } | 120 | } | |
81 | 121 | |||
82 | /* | 122 | /* | |
83 | * Resource controls and accounting. | 123 | * Resource controls and accounting. | |
84 | */ | 124 | */ | |
85 | 125 | |||
86 | int | 126 | int | |
87 | sys_getpriority(struct lwp *l, const struct sys_getpriority_args *uap, | 127 | sys_getpriority(struct lwp *l, const struct sys_getpriority_args *uap, | |
88 | register_t *retval) | 128 | register_t *retval) | |
89 | { | 129 | { | |
90 | /* { | 130 | /* { | |
91 | syscallarg(int) which; | 131 | syscallarg(int) which; | |
92 | syscallarg(id_t) who; | 132 | syscallarg(id_t) who; |
--- src/sys/kern/sys_process.c 2009/10/02 22:18:57 1.148
+++ src/sys/kern/sys_process.c 2009/10/02 22:38:45 1.149
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: sys_process.c,v 1.148 2009/10/02 22:18:57 elad Exp $ */ | 1 | /* $NetBSD: sys_process.c,v 1.149 2009/10/02 22:38:45 elad Exp $ */ | |
2 | 2 | |||
3 | /*- | 3 | /*- | |
4 | * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. | 4 | * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. | |
5 | * All rights reserved. | 5 | * All rights reserved. | |
6 | * | 6 | * | |
7 | * This code is derived from software contributed to The NetBSD Foundation | 7 | * This code is derived from software contributed to The NetBSD Foundation | |
8 | * by Andrew Doran. | 8 | * by Andrew Doran. | |
9 | * | 9 | * | |
10 | * Redistribution and use in source and binary forms, with or without | 10 | * Redistribution and use in source and binary forms, with or without | |
11 | * modification, are permitted provided that the following conditions | 11 | * modification, are permitted provided that the following conditions | |
12 | * are met: | 12 | * are met: | |
13 | * 1. Redistributions of source code must retain the above copyright | 13 | * 1. Redistributions of source code must retain the above copyright | |
14 | * notice, this list of conditions and the following disclaimer. | 14 | * notice, this list of conditions and the following disclaimer. | |
@@ -108,27 +108,27 @@ | @@ -108,27 +108,27 @@ | |||
108 | 108 | |||
109 | /* | 109 | /* | |
110 | * References: | 110 | * References: | |
111 | * (1) Bach's "The Design of the UNIX Operating System", | 111 | * (1) Bach's "The Design of the UNIX Operating System", | |
112 | * (2) sys/miscfs/procfs from UCB's 4.4BSD-Lite distribution, | 112 | * (2) sys/miscfs/procfs from UCB's 4.4BSD-Lite distribution, | |
113 | * (3) the "4.4BSD Programmer's Reference Manual" published | 113 | * (3) the "4.4BSD Programmer's Reference Manual" published | |
114 | * by USENIX and O'Reilly & Associates. | 114 | * by USENIX and O'Reilly & Associates. | |
115 | * The 4.4BSD PRM does a reasonably good job of documenting what the various | 115 | * The 4.4BSD PRM does a reasonably good job of documenting what the various | |
116 | * ptrace() requests should actually do, and its text is quoted several times | 116 | * ptrace() requests should actually do, and its text is quoted several times | |
117 | * in this file. | 117 | * in this file. | |
118 | */ | 118 | */ | |
119 | 119 | |||
120 | #include <sys/cdefs.h> | 120 | #include <sys/cdefs.h> | |
121 | __KERNEL_RCSID(0, "$NetBSD: sys_process.c,v 1.148 2009/10/02 22:18:57 elad Exp $"); | 121 | __KERNEL_RCSID(0, "$NetBSD: sys_process.c,v 1.149 2009/10/02 22:38:45 elad Exp $"); | |
122 | 122 | |||
123 | #include "opt_ptrace.h" | 123 | #include "opt_ptrace.h" | |
124 | #include "opt_ktrace.h" | 124 | #include "opt_ktrace.h" | |
125 | 125 | |||
126 | #include <sys/param.h> | 126 | #include <sys/param.h> | |
127 | #include <sys/systm.h> | 127 | #include <sys/systm.h> | |
128 | #include <sys/proc.h> | 128 | #include <sys/proc.h> | |
129 | #include <sys/errno.h> | 129 | #include <sys/errno.h> | |
130 | #include <sys/ptrace.h> | 130 | #include <sys/ptrace.h> | |
131 | #include <sys/uio.h> | 131 | #include <sys/uio.h> | |
132 | #include <sys/user.h> | 132 | #include <sys/user.h> | |
133 | #include <sys/ras.h> | 133 | #include <sys/ras.h> | |
134 | #include <sys/kmem.h> | 134 | #include <sys/kmem.h> | |
@@ -1023,13 +1023,48 @@ process_stoptrace(void) | @@ -1023,13 +1023,48 @@ process_stoptrace(void) | |||
1023 | 1023 | |||
1024 | /* | 1024 | /* | |
1025 | * Call issignal() once only, to have it take care of the | 1025 | * Call issignal() once only, to have it take care of the | |
1026 | * pending stop. Signal processing will take place as usual | 1026 | * pending stop. Signal processing will take place as usual | |
1027 | * from userret(). | 1027 | * from userret(). | |
1028 | */ | 1028 | */ | |
1029 | KERNEL_UNLOCK_ALL(l, &l->l_biglocks); | 1029 | KERNEL_UNLOCK_ALL(l, &l->l_biglocks); | |
1030 | (void)issignal(l); | 1030 | (void)issignal(l); | |
1031 | mutex_exit(p->p_lock); | 1031 | mutex_exit(p->p_lock); | |
1032 | KERNEL_LOCK(l->l_biglocks, l); | 1032 | KERNEL_LOCK(l->l_biglocks, l); | |
1033 | } | 1033 | } | |
1034 | #endif /* KTRACE || PTRACE */ | 1034 | #endif /* KTRACE || PTRACE */ | |
1035 | 1035 | |||
1036 | /* | |||
1037 | * common code for corename, rlimit, and stopflag. | |||
1038 | */ | |||
1039 | int | |||
1040 | proc_uidmatch(kauth_cred_t cred, kauth_cred_t target) | |||
1041 | { | |||
1042 | int r = 0; | |||
1043 | ||||
1044 | if (kauth_cred_getuid(cred) != kauth_cred_getuid(target) || | |||
1045 | kauth_cred_getuid(cred) != kauth_cred_getsvuid(target)) { | |||
1046 | /* | |||
1047 | * suid proc of ours or proc not ours | |||
1048 | */ | |||
1049 | r = EPERM; | |||
1050 | } else if (kauth_cred_getgid(target) != kauth_cred_getsvgid(target)) { | |||
1051 | /* | |||
1052 | * sgid proc has sgid back to us temporarily | |||
1053 | */ | |||
1054 | r = EPERM; | |||
1055 | } else { | |||
1056 | /* | |||
1057 | * our rgid must be in target's group list (ie, | |||
1058 | * sub-processes started by a sgid process) | |||
1059 | */ | |||
1060 | int ismember = 0; | |||
1061 | ||||
1062 | if (kauth_cred_ismember_gid(cred, | |||
1063 | kauth_cred_getgid(target), &ismember) != 0 || | |||
1064 | !ismember) | |||
1065 | r = EPERM; | |||
1066 | } | |||
1067 | ||||
1068 | return (r); | |||
1069 | } | |||
1070 |
--- src/sys/secmodel/suser/secmodel_suser.c 2009/10/02 22:18:57 1.5
+++ src/sys/secmodel/suser/secmodel_suser.c 2009/10/02 22:38:45 1.6
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: secmodel_suser.c,v 1.5 2009/10/02 22:18:57 elad Exp $ */ | 1 | /* $NetBSD: secmodel_suser.c,v 1.6 2009/10/02 22:38:45 elad Exp $ */ | |
2 | /*- | 2 | /*- | |
3 | * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org> | 3 | * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org> | |
4 | * All rights reserved. | 4 | * All rights reserved. | |
5 | * | 5 | * | |
6 | * Redistribution and use in source and binary forms, with or without | 6 | * Redistribution and use in source and binary forms, with or without | |
7 | * modification, are permitted provided that the following conditions | 7 | * modification, are permitted provided that the following conditions | |
8 | * are met: | 8 | * are met: | |
9 | * 1. Redistributions of source code must retain the above copyright | 9 | * 1. Redistributions of source code must retain the above copyright | |
10 | * notice, this list of conditions and the following disclaimer. | 10 | * notice, this list of conditions and the following disclaimer. | |
11 | * 2. Redistributions in binary form must reproduce the above copyright | 11 | * 2. Redistributions in binary form must reproduce the above copyright | |
12 | * notice, this list of conditions and the following disclaimer in the | 12 | * notice, this list of conditions and the following disclaimer in the | |
13 | * documentation and/or other materials provided with the distribution. | 13 | * documentation and/or other materials provided with the distribution. | |
14 | * 3. The name of the author may not be used to endorse or promote products | 14 | * 3. The name of the author may not be used to endorse or promote products | |
@@ -28,27 +28,27 @@ | @@ -28,27 +28,27 @@ | |||
28 | 28 | |||
29 | /* | 29 | /* | |
30 | * This file contains kauth(9) listeners needed to implement the traditional | 30 | * This file contains kauth(9) listeners needed to implement the traditional | |
31 | * NetBSD superuser access restrictions. | 31 | * NetBSD superuser access restrictions. | |
32 | * | 32 | * | |
33 | * There are two main resources a request can be issued to: user-owned and | 33 | * There are two main resources a request can be issued to: user-owned and | |
34 | * system owned. For the first, traditional Unix access checks are done, as | 34 | * system owned. For the first, traditional Unix access checks are done, as | |
35 | * well as superuser checks. If needed, the request context is examined before | 35 | * well as superuser checks. If needed, the request context is examined before | |
36 | * a decision is made. For the latter, usually only superuser checks are done | 36 | * a decision is made. For the latter, usually only superuser checks are done | |
37 | * as normal users are not allowed to access system resources. | 37 | * as normal users are not allowed to access system resources. | |
38 | */ | 38 | */ | |
39 | 39 | |||
40 | #include <sys/cdefs.h> | 40 | #include <sys/cdefs.h> | |
41 | __KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.5 2009/10/02 22:18:57 elad Exp $"); | 41 | __KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.6 2009/10/02 22:38:45 elad Exp $"); | |
42 | 42 | |||
43 | #include <sys/types.h> | 43 | #include <sys/types.h> | |
44 | #include <sys/param.h> | 44 | #include <sys/param.h> | |
45 | #include <sys/kauth.h> | 45 | #include <sys/kauth.h> | |
46 | 46 | |||
47 | #include <sys/acct.h> | 47 | #include <sys/acct.h> | |
48 | #include <sys/mutex.h> | 48 | #include <sys/mutex.h> | |
49 | #include <sys/ktrace.h> | 49 | #include <sys/ktrace.h> | |
50 | #include <sys/mount.h> | 50 | #include <sys/mount.h> | |
51 | #include <sys/pset.h> | 51 | #include <sys/pset.h> | |
52 | #include <sys/socketvar.h> | 52 | #include <sys/socketvar.h> | |
53 | #include <sys/sysctl.h> | 53 | #include <sys/sysctl.h> | |
54 | #include <sys/tty.h> | 54 | #include <sys/tty.h> | |
@@ -494,61 +494,26 @@ secmodel_suser_system_cb(kauth_cred_t cr | @@ -494,61 +494,26 @@ secmodel_suser_system_cb(kauth_cred_t cr | |||
494 | if ((uintptr_t)arg2 != 0) /* autoload */ | 494 | if ((uintptr_t)arg2 != 0) /* autoload */ | |
495 | result = KAUTH_RESULT_ALLOW; | 495 | result = KAUTH_RESULT_ALLOW; | |
496 | break; | 496 | break; | |
497 | 497 | |||
498 | default: | 498 | default: | |
499 | result = KAUTH_RESULT_DEFER; | 499 | result = KAUTH_RESULT_DEFER; | |
500 | break; | 500 | break; | |
501 | } | 501 | } | |
502 | 502 | |||
503 | return (result); | 503 | return (result); | |
504 | } | 504 | } | |
505 | 505 | |||
506 | /* | 506 | /* | |
507 | * common code for corename, rlimit, and stopflag. | |||
508 | */ | |||
509 | static int | |||
510 | proc_uidmatch(kauth_cred_t cred, kauth_cred_t target) | |||
511 | { | |||
512 | int r = 0; | |||
513 | ||||
514 | if (kauth_cred_getuid(cred) != kauth_cred_getuid(target) || | |||
515 | kauth_cred_getuid(cred) != kauth_cred_getsvuid(target)) { | |||
516 | /* | |||
517 | * suid proc of ours or proc not ours | |||
518 | */ | |||
519 | r = EPERM; | |||
520 | } else if (kauth_cred_getgid(target) != kauth_cred_getsvgid(target)) { | |||
521 | /* | |||
522 | * sgid proc has sgid back to us temporarily | |||
523 | */ | |||
524 | r = EPERM; | |||
525 | } else { | |||
526 | /* | |||
527 | * our rgid must be in target's group list (ie, | |||
528 | * sub-processes started by a sgid process) | |||
529 | */ | |||
530 | int ismember = 0; | |||
531 | ||||
532 | if (kauth_cred_ismember_gid(cred, | |||
533 | kauth_cred_getgid(target), &ismember) != 0 || | |||
534 | !ismember) | |||
535 | r = EPERM; | |||
536 | } | |||
537 | ||||
538 | return (r); | |||
539 | } | |||
540 | ||||
541 | /* | |||
542 | * kauth(9) listener | 507 | * kauth(9) listener | |
543 | * | 508 | * | |
544 | * Security model: Traditional NetBSD | 509 | * Security model: Traditional NetBSD | |
545 | * Scope: Process | 510 | * Scope: Process | |
546 | * Responsibility: Superuser access | 511 | * Responsibility: Superuser access | |
547 | */ | 512 | */ | |
548 | int | 513 | int | |
549 | secmodel_suser_process_cb(kauth_cred_t cred, kauth_action_t action, | 514 | secmodel_suser_process_cb(kauth_cred_t cred, kauth_action_t action, | |
550 | void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) | 515 | void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) | |
551 | { | 516 | { | |
552 | struct proc *p; | 517 | struct proc *p; | |
553 | bool isroot; | 518 | bool isroot; | |
554 | int result; | 519 | int result; | |
@@ -688,58 +653,37 @@ secmodel_suser_process_cb(kauth_cred_t c | @@ -688,58 +653,37 @@ secmodel_suser_process_cb(kauth_cred_t c | |||
688 | if (kauth_cred_geteuid(cred) != | 653 | if (kauth_cred_geteuid(cred) != | |
689 | kauth_cred_geteuid(p->p_cred) && | 654 | kauth_cred_geteuid(p->p_cred) && | |
690 | kauth_cred_getuid(cred) != | 655 | kauth_cred_getuid(cred) != | |
691 | kauth_cred_geteuid(p->p_cred)) { | 656 | kauth_cred_geteuid(p->p_cred)) { | |
692 | break; | 657 | break; | |
693 | } | 658 | } | |
694 | 659 | |||
695 | if ((u_long)arg1 >= p->p_nice) | 660 | if ((u_long)arg1 >= p->p_nice) | |
696 | result = KAUTH_RESULT_ALLOW; | 661 | result = KAUTH_RESULT_ALLOW; | |
697 | 662 | |||
698 | break; | 663 | break; | |
699 | 664 | |||
700 | case KAUTH_PROCESS_RLIMIT: { | 665 | case KAUTH_PROCESS_RLIMIT: { | |
701 | unsigned long req; | 666 | enum kauth_process_req req; | |
702 | 667 | |||
703 | req = (unsigned long)arg1; | 668 | req = (enum kauth_process_req)(unsigned long)arg1; | |
704 | 669 | |||
705 | switch (req) { | 670 | switch (req) { | |
706 | case KAUTH_REQ_PROCESS_RLIMIT_SET: { | 671 | case KAUTH_REQ_PROCESS_RLIMIT_SET: | |
707 | struct rlimit *new_rlimit; | 672 | case KAUTH_REQ_PROCESS_RLIMIT_GET: | |
708 | u_long which; | 673 | if (isroot) | |
709 | ||||
710 | if (isroot) { | |||
711 | result = KAUTH_RESULT_ALLOW; | |||
712 | break; | |||
713 | } | |||
714 | ||||
715 | if ((p != curlwp->l_proc) && | |||
716 | (proc_uidmatch(cred, p->p_cred) != 0)) { | |||
717 | break; | |||
718 | } | |||
719 | ||||
720 | new_rlimit = arg2; | |||
721 | which = (u_long)arg3; | |||
722 | ||||
723 | if (new_rlimit->rlim_max <= | |||
724 | p->p_rlimit[which].rlim_max) | |||
725 | result = KAUTH_RESULT_ALLOW; | 674 | result = KAUTH_RESULT_ALLOW; | |
726 | 675 | |||
727 | break; | 676 | break; | |
728 | } | |||
729 | ||||
730 | case KAUTH_REQ_PROCESS_RLIMIT_GET: | |||
731 | result = KAUTH_RESULT_ALLOW; | |||
732 | break; | |||
733 | 677 | |||
734 | default: | 678 | default: | |
735 | break; | 679 | break; | |
736 | } | 680 | } | |
737 | 681 | |||
738 | break; | 682 | break; | |
739 | } | 683 | } | |
740 | 684 | |||
741 | case KAUTH_PROCESS_SCHEDULER_GETPARAM: | 685 | case KAUTH_PROCESS_SCHEDULER_GETPARAM: | |
742 | if (isroot || kauth_cred_uidmatch(cred, p->p_cred)) | 686 | if (isroot || kauth_cred_uidmatch(cred, p->p_cred)) | |
743 | result = KAUTH_RESULT_ALLOW; | 687 | result = KAUTH_RESULT_ALLOW; | |
744 | 688 | |||
745 | break; | 689 | break; |
--- src/sys/sys/proc.h 2009/05/27 12:15:11 1.290
+++ src/sys/sys/proc.h 2009/10/02 22:38:45 1.291
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | /* $NetBSD: proc.h,v 1.290 2009/05/27 12:15:11 yamt Exp $ */ | 1 | /* $NetBSD: proc.h,v 1.291 2009/10/02 22:38:45 elad Exp $ */ | |
2 | 2 | |||
3 | /*- | 3 | /*- | |
4 | * Copyright (c) 2006, 2007, 2008 The NetBSD Foundation, Inc. | 4 | * Copyright (c) 2006, 2007, 2008 The NetBSD Foundation, Inc. | |
5 | * All rights reserved. | 5 | * All rights reserved. | |
6 | * | 6 | * | |
7 | * This code is derived from software contributed to The NetBSD Foundation | 7 | * This code is derived from software contributed to The NetBSD Foundation | |
8 | * by Andrew Doran. | 8 | * by Andrew Doran. | |
9 | * | 9 | * | |
10 | * Redistribution and use in source and binary forms, with or without | 10 | * Redistribution and use in source and binary forms, with or without | |
11 | * modification, are permitted provided that the following conditions | 11 | * modification, are permitted provided that the following conditions | |
12 | * are met: | 12 | * are met: | |
13 | * 1. Redistributions of source code must retain the above copyright | 13 | * 1. Redistributions of source code must retain the above copyright | |
14 | * notice, this list of conditions and the following disclaimer. | 14 | * notice, this list of conditions and the following disclaimer. | |
@@ -500,26 +500,27 @@ void cpu_lwp_free(struct lwp *, int); | @@ -500,26 +500,27 @@ void cpu_lwp_free(struct lwp *, int); | |||
500 | #ifndef cpu_lwp_free2 | 500 | #ifndef cpu_lwp_free2 | |
501 | void cpu_lwp_free2(struct lwp *); | 501 | void cpu_lwp_free2(struct lwp *); | |
502 | #endif | 502 | #endif | |
503 | #endif | 503 | #endif | |
504 | 504 | |||
505 | #ifdef __HAVE_SYSCALL_INTERN | 505 | #ifdef __HAVE_SYSCALL_INTERN | |
506 | void syscall_intern(struct proc *); | 506 | void syscall_intern(struct proc *); | |
507 | #endif | 507 | #endif | |
508 | 508 | |||
509 | void child_return(void *); | 509 | void child_return(void *); | |
510 | 510 | |||
511 | int proc_isunder(struct proc *, struct lwp *); | 511 | int proc_isunder(struct proc *, struct lwp *); | |
512 | void proc_stop(struct proc *, int, int); | 512 | void proc_stop(struct proc *, int, int); | |
513 | int proc_uidmatch(kauth_cred_t, kauth_cred_t); | |||
513 | 514 | |||
514 | int proc_vmspace_getref(struct proc *, struct vmspace **); | 515 | int proc_vmspace_getref(struct proc *, struct vmspace **); | |
515 | void proc_crmod_leave(kauth_cred_t, kauth_cred_t, bool); | 516 | void proc_crmod_leave(kauth_cred_t, kauth_cred_t, bool); | |
516 | void proc_crmod_enter(void); | 517 | void proc_crmod_enter(void); | |
517 | 518 | |||
518 | int proc_specific_key_create(specificdata_key_t *, specificdata_dtor_t); | 519 | int proc_specific_key_create(specificdata_key_t *, specificdata_dtor_t); | |
519 | void proc_specific_key_delete(specificdata_key_t); | 520 | void proc_specific_key_delete(specificdata_key_t); | |
520 | void proc_initspecific(struct proc *); | 521 | void proc_initspecific(struct proc *); | |
521 | void proc_finispecific(struct proc *); | 522 | void proc_finispecific(struct proc *); | |
522 | void * proc_getspecific(struct proc *, specificdata_key_t); | 523 | void * proc_getspecific(struct proc *, specificdata_key_t); | |
523 | void proc_setspecific(struct proc *, specificdata_key_t, void *); | 524 | void proc_setspecific(struct proc *, specificdata_key_t, void *); | |
524 | 525 | |||
525 | int proclist_foreach_call(struct proclist *, | 526 | int proclist_foreach_call(struct proclist *, |