![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to kern_prot.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / sys / kern|
Return to kern_prot.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / sys / kern |
1.1 root 1: /*
2: * Copyright (c) 1982, 1986, 1989, 1990 Regents of the University of California.
3: * All rights reserved.
4: *
5: * Redistribution is only permitted until one year after the first shipment
6: * of 4.4BSD by the Regents. Otherwise, redistribution and use in source and
7: * binary forms are permitted provided that: (1) source distributions retain
8: * this entire copyright notice and comment, and (2) distributions including
9: * binaries display the following acknowledgement: This product includes
10: * software developed by the University of California, Berkeley and its
11: * contributors'' in the documentation or other materials provided with the
12: * distribution and in all advertising materials mentioning features or use
13: * of this software. Neither the name of the University nor the names of
14: * its contributors may be used to endorse or promote products derived from
15: * this software without specific prior written permission.
16: * THIS SOFTWARE IS PROVIDED AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
17: * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
18: * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
19: *
20: * @(#)kern_prot.c 7.15 (Berkeley) 7/26/90
21: */
22:
23: /*
24: * System calls related to processes and protection
25: */
26:
27: #include "param.h"
28: #include "acct.h"
29: #include "systm.h"
30: #include "user.h"
31: #include "proc.h"
32: #include "timeb.h"
33: #include "times.h"
34: #include "malloc.h"
35:
36: /* ARGSUSED */
37: getpid(p, uap, retval)
38: struct proc *p;
39: void *uap;
40: int *retval;
41: {
42:
43: *retval = p->p_pid;
44: #ifdef COMPAT_43
45: retval[1] = p->p_ppid;
46: #endif
47: return (0);
48: }
49:
50: /* ARGSUSED */
51: getppid(p, uap, retval)
52: struct proc *p;
53: void *uap;
54: int *retval;
55: {
56:
57: *retval = p->p_ppid;
58: return (0);
59: }
60:
61: getpgrp(p, uap, retval)
62: struct proc *p;
63: struct args {
64: int pid;
65: } *uap;
66: int *retval;
67: {
68:
69: if (uap->pid != 0 && (p = pfind(uap->pid)) == 0)
70: return (ESRCH);
71: *retval = p->p_pgrp->pg_id;
72: return (0);
73: }
74:
75: /* ARGSUSED */
76: getuid(p, uap, retval)
77: struct proc *p;
78: void *uap;
79: int *retval;
80: {
81:
82: *retval = p->p_ruid;
83: #ifdef COMPAT_43
84: retval[1] = u.u_cred->cr_uid;
85: #endif
86: return (0);
87: }
88:
89: /* ARGSUSED */
90: geteuid(p, uap, retval)
91: struct proc *p;
92: void *uap;
93: int *retval;
94: {
95:
96: *retval = u.u_cred->cr_uid;
97: return (0);
98: }
99:
100: /* ARGSUSED */
101: getgid(p, uap, retval)
102: struct proc *p;
103: void *uap;
104: int *retval;
105: {
106:
107: *retval = p->p_rgid;
108: #ifdef COMPAT_43
109: retval[1] = u.u_cred->cr_groups[0];
110: #endif
111: return (0);
112: }
113:
114: /*
115: * Get effective group ID.
116: * The "egid" is groups[0], and thus could be obtained via getgroups;
117: * this is somewhat painful to do correctly in a library function,
118: * this the existence of this syscall.
119: */
120: /* ARGSUSED */
121: getegid(p, uap, retval)
122: struct proc *p;
123: void *uap;
124: int *retval;
125: {
126:
127: *retval = u.u_cred->cr_groups[0];
128: return (0);
129: }
130:
131: getgroups(p, uap, retval)
132: struct proc *p;
133: register struct arg {
134: u_int gidsetsize;
135: int *gidset; /* XXX not yet POSIX */
136: } *uap;
137: int *retval;
138: {
139: register gid_t *gp;
140: register int *lp;
141: register u_int ngrp;
142: int groups[NGROUPS];
143: int error;
144:
145: if ((ngrp = uap->gidsetsize) == 0) {
146: *retval = u.u_cred->cr_ngroups;
147: return (0);
148: }
149: if (ngrp < u.u_cred->cr_ngroups)
150: return (EINVAL);
151: ngrp = u.u_cred->cr_ngroups;
152: for (gp = u.u_cred->cr_groups, lp = groups; lp < &groups[ngrp]; )
153: *lp++ = *gp++;
154: if (error = copyout((caddr_t)groups, (caddr_t)uap->gidset,
155: ngrp * sizeof (groups[0])))
156: return (error);
157: *retval = ngrp;
158: return (0);
159: }
160:
161: /* ARGSUSED */
162: setsid(p, uap, retval)
163: struct proc *p;
164: void *uap;
165: int *retval;
166: {
167:
168: if (p->p_pgid == p->p_pid || pgfind(p->p_pid)) {
169: return (EPERM);
170: } else {
171: pgmv(p, p->p_pid, 1);
172: *retval = p->p_pid;
173: return (0);
174: }
175: }
176:
177: /*
178: * set process group (setpgrp/setpgid)
179: *
180: * caller does setpgrp(pid, pgid)
181: *
182: * pid must be caller or child of caller (ESRCH)
183: * if a child
184: * pid must be in same session (EPERM)
185: * pid can't have done an exec (EACCES)
186: * if pgid != pid
187: * there must exist some pid in same session having pgid (EPERM)
188: * pid must not be session leader (EPERM)
189: */
190: /* ARGSUSED */
191: setpgrp(cp, uap, retval)
192: struct proc *cp;
193: register struct args {
194: int pid;
195: int pgid;
196: } *uap;
197: int *retval;
198: {
199: register struct proc *p;
200: register struct pgrp *pgrp;
201:
202: if (uap->pid != 0) {
203: if ((p = pfind(uap->pid)) == 0 || !inferior(p))
204: return (ESRCH);
205: if (p->p_session != cp->p_session)
206: return (EPERM);
207: if (p->p_flag&SEXEC)
208: return (EACCES);
209: } else
210: p = cp;
211: if (SESS_LEADER(p))
212: return (EPERM);
213: if (uap->pgid == 0)
214: uap->pgid = p->p_pid;
215: else if ((uap->pgid != p->p_pid) &&
216: (((pgrp = pgfind(uap->pgid)) == 0) ||
217: pgrp->pg_mem == NULL ||
218: pgrp->pg_session != u.u_procp->p_session))
219: return (EPERM);
220: /*
221: * done checking, now do it
222: */
223: pgmv(p, uap->pgid, 0);
224: return (0);
225: }
226:
227: /* ARGSUSED */
228: setuid(p, uap, retval)
229: register struct proc *p;
230: struct args {
231: int uid;
232: } *uap;
233: int *retval;
234: {
235: register uid_t uid;
236: int error;
237:
238: uid = uap->uid;
239: if (uid != p->p_ruid && (error = suser(u.u_cred, &u.u_acflag)))
240: return (error);
241: /*
242: * Everything's okay, do it.
243: * Copy credentials so other references do not
244: * see our changes.
245: */
246: if (u.u_cred->cr_ref > 1)
247: u.u_cred = crcopy(u.u_cred);
248: u.u_cred->cr_uid = uid;
249: p->p_uid = uid;
250: p->p_ruid = uid;
251: p->p_svuid = uid;
252: return (0);
253: }
254:
255: /* ARGSUSED */
256: seteuid(p, uap, retval)
257: register struct proc *p;
258: struct args {
259: int euid;
260: } *uap;
261: int *retval;
262: {
263: register uid_t euid;
264: int error;
265:
266: euid = uap->euid;
267: if (euid != p->p_ruid && euid != p->p_svuid &&
268: (error = suser(u.u_cred, &u.u_acflag)))
269: return (error);
270: /*
271: * Everything's okay, do it.
272: * Copy credentials so other references do not
273: * see our changes.
274: */
275: if (u.u_cred->cr_ref > 1)
276: u.u_cred = crcopy(u.u_cred);
277: u.u_cred->cr_uid = euid;
278: p->p_uid = euid;
279: return (0);
280: }
281:
282: /* ARGSUSED */
283: setgid(p, uap, retval)
284: struct proc *p;
285: struct args {
286: int gid;
287: } *uap;
288: int *retval;
289: {
290: register gid_t gid;
291: int error;
292:
293: gid = uap->gid;
294: if (gid != p->p_rgid && (error = suser(u.u_cred, &u.u_acflag)))
295: return (error);
296: if (u.u_cred->cr_ref > 1)
297: u.u_cred = crcopy(u.u_cred);
298: p->p_rgid = gid;
299: u.u_cred->cr_groups[0] = gid;
300: p->p_svgid = gid; /* ??? */
301: return (0);
302: }
303:
304: /* ARGSUSED */
305: setegid(p, uap, retval)
306: struct proc *p;
307: struct args {
308: int egid;
309: } *uap;
310: int *retval;
311: {
312: register gid_t egid;
313: int error;
314:
315: egid = uap->egid;
316: if (egid != p->p_rgid && egid != p->p_svgid &&
317: (error = suser(u.u_cred, &u.u_acflag)))
318: return (error);
319: if (u.u_cred->cr_ref > 1)
320: u.u_cred = crcopy(u.u_cred);
321: u.u_cred->cr_groups[0] = egid;
322: return (0);
323: }
324:
325: #ifdef COMPAT_43
326: /* ARGSUSED */
327: osetreuid(p, uap, retval)
328: register struct proc *p;
329: struct args {
330: int ruid;
331: int euid;
332: } *uap;
333: int *retval;
334: {
335: register uid_t ruid, euid;
336: int error;
337:
338: if (uap->ruid == -1)
339: ruid = p->p_ruid;
340: else
341: ruid = uap->ruid;
342: /*
343: * Allow setting real uid to previous effective,
344: * for swapping real and effective.
345: * This should be:
346: * if (ruid != p->p_ruid && (error = suser(u.u_cred, &u.u_acflag)))
347: */
348: if (ruid != p->p_ruid && ruid != u.u_cred->cr_uid /* XXX */ &&
349: (error = suser(u.u_cred, &u.u_acflag)))
350: return (error);
351: if (uap->euid == -1)
352: euid = u.u_cred->cr_uid;
353: else
354: euid = uap->euid;
355: if (euid != u.u_cred->cr_uid && euid != p->p_ruid &&
356: euid != p->p_svuid && (error = suser(u.u_cred, &u.u_acflag)))
357: return (error);
358: /*
359: * Everything's okay, do it.
360: * Copy credentials so other references do not
361: * see our changes.
362: */
363: if (u.u_cred->cr_ref > 1)
364: u.u_cred = crcopy(u.u_cred);
365: u.u_cred->cr_uid = euid;
366: p->p_uid = euid;
367: p->p_ruid = ruid;
368: return (0);
369: }
370:
371: /* ARGSUSED */
372: osetregid(p, uap, retval)
373: struct proc *p;
374: struct args {
375: int rgid;
376: int egid;
377: } *uap;
378: int *retval;
379: {
380: register gid_t rgid, egid;
381: int error;
382:
383: if (uap->rgid == -1)
384: rgid = p->p_rgid;
385: else
386: rgid = uap->rgid;
387: /*
388: * Allow setting real gid to previous effective,
389: * for swapping real and effective. This didn't really work
390: * correctly in 4.[23], but is preserved so old stuff doesn't fail.
391: * This should be:
392: * if (rgid != p->p_rgid && (error = suser(u.u_cred, &u.u_acflag)))
393: */
394: if (rgid != p->p_rgid && rgid != u.u_cred->cr_groups[0] /* XXX */ &&
395: (error = suser(u.u_cred, &u.u_acflag)))
396: return (error);
397: if (uap->egid == -1)
398: egid = u.u_cred->cr_groups[0];
399: else
400: egid = uap->egid;
401: if (egid != u.u_cred->cr_groups[0] && egid != p->p_rgid &&
402: egid != p->p_svgid && (error = suser(u.u_cred, &u.u_acflag)))
403: return (error);
404: if (u.u_cred->cr_ref > 1)
405: u.u_cred = crcopy(u.u_cred);
406: p->p_rgid = rgid;
407: u.u_cred->cr_groups[0] = egid;
408: return (0);
409: }
410: #endif
411:
412: /* ARGSUSED */
413: setgroups(p, uap, retval)
414: struct proc *p;
415: struct args {
416: u_int gidsetsize;
417: int *gidset;
418: } *uap;
419: int *retval;
420: {
421: register gid_t *gp;
422: register u_int ngrp;
423: register int *lp;
424: int error, groups[NGROUPS];
425:
426: if (error = suser(u.u_cred, &u.u_acflag))
427: return (error);
428: if ((ngrp = uap->gidsetsize) > NGROUPS)
429: return (EINVAL);
430: if (error = copyin((caddr_t)uap->gidset, (caddr_t)groups,
431: ngrp * sizeof (groups[0])))
432: return (error);
433: u.u_cred->cr_ngroups = ngrp;
434: /* convert from int's to gid_t's */
435: for (gp = u.u_cred->cr_groups, lp = groups; ngrp--; )
436: *gp++ = *lp++;
437: return (0);
438: }
439:
440: /*
441: * Check if gid is a member of the group set.
442: */
443: groupmember(gid, cred)
444: gid_t gid;
445: register struct ucred *cred;
446: {
447: register gid_t *gp;
448: gid_t *egp;
449:
450: egp = &(cred->cr_groups[cred->cr_ngroups]);
451: for (gp = cred->cr_groups; gp < egp; gp++)
452: if (*gp == gid)
453: return (1);
454: return (0);
455: }
456:
457: /*
458: * Test if the current user is the super user.
459: */
460: suser(cred, acflag)
461: struct ucred *cred;
462: short *acflag;
463: {
464:
465: if (cred->cr_uid == 0) {
466: if (acflag)
467: *acflag |= ASU;
468: return (0);
469: }
470: return (EPERM);
471: }
472:
473: /*
474: * Allocate a zeroed cred structure.
475: */
476: struct ucred *
477: crget()
478: {
479: register struct ucred *cr;
480:
481: MALLOC(cr, struct ucred *, sizeof(*cr), M_CRED, M_WAITOK);
482: bzero((caddr_t)cr, sizeof(*cr));
483: cr->cr_ref = 1;
484: return (cr);
485: }
486:
487: /*
488: * Free a cred structure.
489: * Throws away space when ref count gets to 0.
490: */
491: crfree(cr)
492: struct ucred *cr;
493: {
494: int s = splimp();
495:
496: if (--cr->cr_ref != 0) {
497: (void) splx(s);
498: return;
499: }
500: FREE((caddr_t)cr, M_CRED);
501: (void) splx(s);
502: }
503:
504: /*
505: * Copy cred structure to a new one and free the old one.
506: */
507: struct ucred *
508: crcopy(cr)
509: struct ucred *cr;
510: {
511: struct ucred *newcr;
512:
513: newcr = crget();
514: *newcr = *cr;
515: crfree(cr);
516: newcr->cr_ref = 1;
517: return (newcr);
518: }
519:
520: /*
521: * Dup cred struct to a new held one.
522: */
523: struct ucred *
524: crdup(cr)
525: struct ucred *cr;
526: {
527: struct ucred *newcr;
528:
529: newcr = crget();
530: *newcr = *cr;
531: newcr->cr_ref = 1;
532: return (newcr);
533: }
534:
535: /*
536: * Get login name, if available.
537: */
538: /* ARGSUSED */
539: getlogin(p, uap, retval)
540: struct proc *p;
541: struct args {
542: char *namebuf;
543: u_int namelen;
544: } *uap;
545: int *retval;
546: {
547:
548: if (uap->namelen > sizeof (p->p_logname))
549: uap->namelen = sizeof (p->p_logname);
550: return (copyout((caddr_t)p->p_logname, (caddr_t)uap->namebuf,
551: uap->namelen));
552: }
553:
554: /*
555: * Set login name.
556: */
557: /* ARGSUSED */
558: setlogin(p, uap, retval)
559: struct proc *p;
560: struct args {
561: char *namebuf;
562: } *uap;
563: int *retval;
564: {
565: int error;
566:
567: if (error = suser(u.u_cred, &u.u_acflag))
568: return (error);
569: error = copyinstr((caddr_t)uap->namebuf, (caddr_t)p->p_logname,
570: sizeof (p->p_logname) - 1, (int *) 0);
571: if (error == ENOENT) /* name too long */
572: error = EINVAL;
573: return (error);
574: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.