| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | /* $NetBSD: kern_auth.c,v 1.71 2012/06/27 12:28:28 cheusov Exp $ */ | | 1 | /* $NetBSD: kern_auth.c,v 1.72 2012/09/16 14:35:26 christos Exp $ */ |
2 | | | 2 | |
3 | /*- | | 3 | /*- |
4 | * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org> | | 4 | * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org> |
5 | * All rights reserved. | | 5 | * All rights reserved. |
6 | * | | 6 | * |
7 | * Redistribution and use in source and binary forms, with or without | | 7 | * Redistribution and use in source and binary forms, with or without |
8 | * modification, are permitted provided that the following conditions | | 8 | * modification, are permitted provided that the following conditions |
9 | * are met: | | 9 | * are met: |
10 | * 1. Redistributions of source code must retain the above copyright | | 10 | * 1. Redistributions of source code must retain the above copyright |
11 | * notice, this list of conditions and the following disclaimer. | | 11 | * notice, this list of conditions and the following disclaimer. |
12 | * 2. Redistributions in binary form must reproduce the above copyright | | 12 | * 2. Redistributions in binary form must reproduce the above copyright |
13 | * notice, this list of conditions and the following disclaimer in the | | 13 | * notice, this list of conditions and the following disclaimer in the |
14 | * documentation and/or other materials provided with the distribution. | | 14 | * documentation and/or other materials provided with the distribution. |
| @@ -18,27 +18,27 @@ | | | @@ -18,27 +18,27 @@ |
18 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | | 18 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
19 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | | 19 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
20 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | | 20 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
21 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | | 21 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
22 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | | 22 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
23 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | | 23 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
24 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | | 24 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
25 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | | 25 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
26 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | | 26 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
27 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | | 27 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
28 | */ | | 28 | */ |
29 | | | 29 | |
30 | #include <sys/cdefs.h> | | 30 | #include <sys/cdefs.h> |
31 | __KERNEL_RCSID(0, "$NetBSD: kern_auth.c,v 1.71 2012/06/27 12:28:28 cheusov Exp $"); | | 31 | __KERNEL_RCSID(0, "$NetBSD: kern_auth.c,v 1.72 2012/09/16 14:35:26 christos Exp $"); |
32 | | | 32 | |
33 | #include <sys/types.h> | | 33 | #include <sys/types.h> |
34 | #include <sys/param.h> | | 34 | #include <sys/param.h> |
35 | #include <sys/queue.h> | | 35 | #include <sys/queue.h> |
36 | #include <sys/proc.h> | | 36 | #include <sys/proc.h> |
37 | #include <sys/ucred.h> | | 37 | #include <sys/ucred.h> |
38 | #include <sys/pool.h> | | 38 | #include <sys/pool.h> |
39 | #include <sys/kauth.h> | | 39 | #include <sys/kauth.h> |
40 | #include <sys/kmem.h> | | 40 | #include <sys/kmem.h> |
41 | #include <sys/rwlock.h> | | 41 | #include <sys/rwlock.h> |
42 | #include <sys/sysctl.h> | | 42 | #include <sys/sysctl.h> |
43 | #include <sys/atomic.h> | | 43 | #include <sys/atomic.h> |
44 | #include <sys/specificdata.h> | | 44 | #include <sys/specificdata.h> |
| @@ -920,27 +920,27 @@ kauth_unlisten_scope(kauth_listener_t li | | | @@ -920,27 +920,27 @@ kauth_unlisten_scope(kauth_listener_t li |
920 | */ | | 920 | */ |
921 | static int | | 921 | static int |
922 | kauth_authorize_action_internal(kauth_scope_t scope, kauth_cred_t cred, | | 922 | kauth_authorize_action_internal(kauth_scope_t scope, kauth_cred_t cred, |
923 | kauth_action_t action, void *arg0, void *arg1, void *arg2, void *arg3) | | 923 | kauth_action_t action, void *arg0, void *arg1, void *arg2, void *arg3) |
924 | { | | 924 | { |
925 | kauth_listener_t listener; | | 925 | kauth_listener_t listener; |
926 | int error, allow, fail; | | 926 | int error, allow, fail; |
927 | | | 927 | |
928 | KASSERT(cred != NULL); | | 928 | KASSERT(cred != NULL); |
929 | KASSERT(action != 0); | | 929 | KASSERT(action != 0); |
930 | | | 930 | |
931 | /* Short-circuit requests coming from the kernel. */ | | 931 | /* Short-circuit requests coming from the kernel. */ |
932 | if (cred == NOCRED || cred == FSCRED) | | 932 | if (cred == NOCRED || cred == FSCRED) |
933 | return (0); | | 933 | return KAUTH_RESULT_ALLOW; |
934 | | | 934 | |
935 | KASSERT(scope != NULL); | | 935 | KASSERT(scope != NULL); |
936 | | | 936 | |
937 | fail = 0; | | 937 | fail = 0; |
938 | allow = 0; | | 938 | allow = 0; |
939 | | | 939 | |
940 | /* rw_enter(&kauth_lock, RW_READER); XXX not yet */ | | 940 | /* rw_enter(&kauth_lock, RW_READER); XXX not yet */ |
941 | SIMPLEQ_FOREACH(listener, &scope->listenq, listener_next) { | | 941 | SIMPLEQ_FOREACH(listener, &scope->listenq, listener_next) { |
942 | error = listener->func(cred, action, scope->cookie, arg0, | | 942 | error = listener->func(cred, action, scope->cookie, arg0, |
943 | arg1, arg2, arg3); | | 943 | arg1, arg2, arg3); |
944 | | | 944 | |
945 | if (error == KAUTH_RESULT_ALLOW) | | 945 | if (error == KAUTH_RESULT_ALLOW) |
946 | allow = 1; | | 946 | allow = 1; |