![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to kern_prot.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Apple XNU] / XNU / bsd / kern|
Return to kern_prot.c CVS log | Up to [Apple XNU] / XNU / bsd / kern |
1.1 ! root 1: /* ! 2: * Copyright (c) 2000 Apple Computer, Inc. All rights reserved. ! 3: * ! 4: * @APPLE_LICENSE_HEADER_START@ ! 5: * ! 6: * The contents of this file constitute Original Code as defined in and ! 7: * are subject to the Apple Public Source License Version 1.1 (the ! 8: * "License"). You may not use this file except in compliance with the ! 9: * License. Please obtain a copy of the License at ! 10: * http://www.apple.com/publicsource and read it before using this file. ! 11: * ! 12: * This Original Code and all software distributed under the License are ! 13: * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER ! 14: * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, ! 15: * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, ! 16: * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the ! 17: * License for the specific language governing rights and limitations ! 18: * under the License. ! 19: * ! 20: * @APPLE_LICENSE_HEADER_END@ ! 21: */ ! 22: /* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */ ! 23: /* ! 24: * Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993 ! 25: * The Regents of the University of California. All rights reserved. ! 26: * (c) UNIX System Laboratories, Inc. ! 27: * All or some portions of this file are derived from material licensed ! 28: * to the University of California by American Telephone and Telegraph ! 29: * Co. or Unix System Laboratories, Inc. and are reproduced herein with ! 30: * the permission of UNIX System Laboratories, Inc. ! 31: * ! 32: * Redistribution and use in source and binary forms, with or without ! 33: * modification, are permitted provided that the following conditions ! 34: * are met: ! 35: * 1. Redistributions of source code must retain the above copyright ! 36: * notice, this list of conditions and the following disclaimer. ! 37: * 2. Redistributions in binary form must reproduce the above copyright ! 38: * notice, this list of conditions and the following disclaimer in the ! 39: * documentation and/or other materials provided with the distribution. ! 40: * 3. All advertising materials mentioning features or use of this software ! 41: * must display the following acknowledgement: ! 42: * This product includes software developed by the University of ! 43: * California, Berkeley and its contributors. ! 44: * 4. Neither the name of the University nor the names of its contributors ! 45: * may be used to endorse or promote products derived from this software ! 46: * without specific prior written permission. ! 47: * ! 48: * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND ! 49: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ! 50: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ! 51: * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE ! 52: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ! 53: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ! 54: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ! 55: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ! 56: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ! 57: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ! 58: * SUCH DAMAGE. ! 59: * ! 60: * @(#)kern_prot.c 8.9 (Berkeley) 2/14/95 ! 61: */ ! 62: ! 63: /* ! 64: * System calls related to processes and protection ! 65: */ ! 66: ! 67: #include <sys/param.h> ! 68: #include <sys/acct.h> ! 69: #include <sys/systm.h> ! 70: #include <sys/ucred.h> ! 71: #include <sys/proc.h> ! 72: #include <sys/timeb.h> ! 73: #include <sys/times.h> ! 74: #include <sys/malloc.h> ! 75: ! 76: #include <sys/mount.h> ! 77: #include <mach/message.h> ! 78: ! 79: ! 80: ! 81: /* ! 82: * setprivexec: (dis)allow this process to hold ! 83: * task, thread, or execption ports of processes about to exec. ! 84: */ ! 85: struct setprivexec_args { ! 86: int flag; ! 87: }; ! 88: int ! 89: setprivexec(p, uap, retval) ! 90: struct proc *p; ! 91: register struct setprivexec_args *uap; ! 92: register_t *retval; ! 93: { ! 94: *retval = p->p_debugger; ! 95: p->p_debugger = (uap->flag != 0); ! 96: return(0); ! 97: } ! 98: ! 99: /* ARGSUSED */ ! 100: getpid(p, uap, retval) ! 101: struct proc *p; ! 102: void *uap; ! 103: register_t *retval; ! 104: { ! 105: ! 106: *retval = p->p_pid; ! 107: #if COMPAT_43 ! 108: retval[1] = p->p_pptr->p_pid; ! 109: #endif ! 110: return (0); ! 111: } ! 112: ! 113: /* ARGSUSED */ ! 114: getppid(p, uap, retval) ! 115: struct proc *p; ! 116: void *uap; ! 117: register_t *retval; ! 118: { ! 119: ! 120: *retval = p->p_pptr->p_pid; ! 121: return (0); ! 122: } ! 123: ! 124: /* Get process group ID; note that POSIX getpgrp takes no parameter */ ! 125: getpgrp(p, uap, retval) ! 126: struct proc *p; ! 127: void *uap; ! 128: register_t *retval; ! 129: { ! 130: ! 131: *retval = p->p_pgrp->pg_id; ! 132: return (0); ! 133: } ! 134: ! 135: /* ARGSUSED */ ! 136: getuid(p, uap, retval) ! 137: struct proc *p; ! 138: void *uap; ! 139: register_t *retval; ! 140: { ! 141: ! 142: *retval = p->p_cred->p_ruid; ! 143: #if COMPAT_43 ! 144: retval[1] = p->p_ucred->cr_uid; ! 145: #endif ! 146: return (0); ! 147: } ! 148: ! 149: /* ARGSUSED */ ! 150: geteuid(p, uap, retval) ! 151: struct proc *p; ! 152: void *uap; ! 153: register_t *retval; ! 154: { ! 155: ! 156: *retval = p->p_ucred->cr_uid; ! 157: return (0); ! 158: } ! 159: ! 160: /* ARGSUSED */ ! 161: getgid(p, uap, retval) ! 162: struct proc *p; ! 163: void *uap; ! 164: register_t *retval; ! 165: { ! 166: ! 167: *retval = p->p_cred->p_rgid; ! 168: #if COMPAT_43 ! 169: retval[1] = p->p_ucred->cr_groups[0]; ! 170: #endif ! 171: return (0); ! 172: } ! 173: ! 174: /* ! 175: * Get effective group ID. The "egid" is groups[0], and could be obtained ! 176: * via getgroups. This syscall exists because it is somewhat painful to do ! 177: * correctly in a library function. ! 178: */ ! 179: /* ARGSUSED */ ! 180: getegid(p, uap, retval) ! 181: struct proc *p; ! 182: void *uap; ! 183: register_t *retval; ! 184: { ! 185: ! 186: *retval = p->p_ucred->cr_groups[0]; ! 187: return (0); ! 188: } ! 189: ! 190: struct getgroups_args { ! 191: u_int gidsetsize; ! 192: gid_t *gidset; ! 193: }; ! 194: getgroups(p, uap, retval) ! 195: struct proc *p; ! 196: register struct getgroups_args *uap; ! 197: register_t *retval; ! 198: { ! 199: register struct pcred *pc = p->p_cred; ! 200: register u_int ngrp; ! 201: int error; ! 202: ! 203: if ((ngrp = uap->gidsetsize) == 0) { ! 204: *retval = pc->pc_ucred->cr_ngroups; ! 205: return (0); ! 206: } ! 207: if (ngrp < pc->pc_ucred->cr_ngroups) ! 208: return (EINVAL); ! 209: pcred_readlock(p); ! 210: ngrp = pc->pc_ucred->cr_ngroups; ! 211: if (error = copyout((caddr_t)pc->pc_ucred->cr_groups, ! 212: (caddr_t)uap->gidset, ngrp * sizeof(gid_t))) { ! 213: pcred_unlock(p); ! 214: return (error); ! 215: } ! 216: pcred_unlock(p); ! 217: *retval = ngrp; ! 218: return (0); ! 219: } ! 220: ! 221: /* ARGSUSED */ ! 222: setsid(p, uap, retval) ! 223: register struct proc *p; ! 224: void *uap; ! 225: register_t *retval; ! 226: { ! 227: ! 228: if (p->p_pgid == p->p_pid || pgfind(p->p_pid)) { ! 229: return (EPERM); ! 230: } else { ! 231: (void)enterpgrp(p, p->p_pid, 1); ! 232: *retval = p->p_pid; ! 233: return (0); ! 234: } ! 235: } ! 236: ! 237: /* ! 238: * set process group (setpgid/old setpgrp) ! 239: * ! 240: * caller does setpgid(targpid, targpgid) ! 241: * ! 242: * pid must be caller or child of caller (ESRCH) ! 243: * if a child ! 244: * pid must be in same session (EPERM) ! 245: * pid can't have done an exec (EACCES) ! 246: * if pgid != pid ! 247: * there must exist some pid in same session having pgid (EPERM) ! 248: * pid must not be session leader (EPERM) ! 249: */ ! 250: struct setpgid_args { ! 251: int pid; ! 252: int pgid; ! 253: }; ! 254: /* ARGSUSED */ ! 255: setpgid(curp, uap, retval) ! 256: struct proc *curp; ! 257: register struct setpgid_args *uap; ! 258: register_t *retval; ! 259: { ! 260: register struct proc *targp; /* target process */ ! 261: register struct pgrp *pgrp; /* target pgrp */ ! 262: ! 263: if (uap->pid != 0 && uap->pid != curp->p_pid) { ! 264: if ((targp = pfind(uap->pid)) == 0 || !inferior(targp)) ! 265: return (ESRCH); ! 266: if (targp->p_session != curp->p_session) ! 267: return (EPERM); ! 268: if (targp->p_flag & P_EXEC) ! 269: return (EACCES); ! 270: } else ! 271: targp = curp; ! 272: if (SESS_LEADER(targp)) ! 273: return (EPERM); ! 274: if (uap->pgid == 0) ! 275: uap->pgid = targp->p_pid; ! 276: else if (uap->pgid != targp->p_pid) ! 277: if ((pgrp = pgfind(uap->pgid)) == 0 || ! 278: pgrp->pg_session != curp->p_session) ! 279: return (EPERM); ! 280: return (enterpgrp(targp, uap->pgid, 0)); ! 281: } ! 282: ! 283: struct setuid_args { ! 284: uid_t uid; ! 285: }; ! 286: /* ARGSUSED */ ! 287: setuid(p, uap, retval) ! 288: struct proc *p; ! 289: struct setuid_args *uap; ! 290: register_t *retval; ! 291: { ! 292: register struct pcred *pc = p->p_cred; ! 293: register uid_t uid; ! 294: int error; ! 295: ! 296: uid = uap->uid; ! 297: if (uid != pc->p_ruid && ! 298: (error = suser(pc->pc_ucred, &p->p_acflag))) ! 299: return (error); ! 300: /* ! 301: * Everything's okay, do it. ! 302: * Transfer proc count to new user. ! 303: * Copy credentials so other references do not see our changes. ! 304: */ ! 305: pcred_writelock(p); ! 306: (void)chgproccnt(pc->p_ruid, -1); ! 307: (void)chgproccnt(uid, 1); ! 308: pc->pc_ucred = crcopy(pc->pc_ucred); ! 309: pc->pc_ucred->cr_uid = uid; ! 310: pc->p_ruid = uid; ! 311: pc->p_svuid = uid; ! 312: pcred_unlock(p); ! 313: set_security_token(p); ! 314: p->p_flag |= P_SUGID; ! 315: return (0); ! 316: } ! 317: ! 318: struct seteuid_args { ! 319: uid_t euid; ! 320: }; ! 321: /* ARGSUSED */ ! 322: seteuid(p, uap, retval) ! 323: struct proc *p; ! 324: struct seteuid_args *uap; ! 325: register_t *retval; ! 326: { ! 327: register struct pcred *pc = p->p_cred; ! 328: register uid_t euid; ! 329: int error; ! 330: ! 331: euid = uap->euid; ! 332: if (euid != pc->p_ruid && euid != pc->p_svuid && ! 333: (error = suser(pc->pc_ucred, &p->p_acflag))) ! 334: return (error); ! 335: /* ! 336: * Everything's okay, do it. Copy credentials so other references do ! 337: * not see our changes. ! 338: */ ! 339: pcred_writelock(p); ! 340: pc->pc_ucred = crcopy(pc->pc_ucred); ! 341: pc->pc_ucred->cr_uid = euid; ! 342: pcred_unlock(p); ! 343: set_security_token(p); ! 344: p->p_flag |= P_SUGID; ! 345: return (0); ! 346: } ! 347: ! 348: struct setgid_args { ! 349: gid_t gid; ! 350: }; ! 351: /* ARGSUSED */ ! 352: setgid(p, uap, retval) ! 353: struct proc *p; ! 354: struct setgid_args *uap; ! 355: register_t *retval; ! 356: { ! 357: register struct pcred *pc = p->p_cred; ! 358: register gid_t gid; ! 359: int error; ! 360: ! 361: gid = uap->gid; ! 362: if (gid != pc->p_rgid && (error = suser(pc->pc_ucred, &p->p_acflag))) ! 363: return (error); ! 364: pcred_writelock(p); ! 365: pc->pc_ucred = crcopy(pc->pc_ucred); ! 366: pc->pc_ucred->cr_groups[0] = gid; ! 367: pc->p_rgid = gid; ! 368: pc->p_svgid = gid; /* ??? */ ! 369: pcred_unlock(p); ! 370: set_security_token(p); ! 371: p->p_flag |= P_SUGID; ! 372: return (0); ! 373: } ! 374: ! 375: struct setegid_args { ! 376: gid_t egid; ! 377: }; ! 378: /* ARGSUSED */ ! 379: setegid(p, uap, retval) ! 380: struct proc *p; ! 381: struct setegid_args *uap; ! 382: register_t *retval; ! 383: { ! 384: register struct pcred *pc = p->p_cred; ! 385: register gid_t egid; ! 386: int error; ! 387: ! 388: egid = uap->egid; ! 389: if (egid != pc->p_rgid && egid != pc->p_svgid && ! 390: (error = suser(pc->pc_ucred, &p->p_acflag))) ! 391: return (error); ! 392: pcred_writelock(p); ! 393: pc->pc_ucred = crcopy(pc->pc_ucred); ! 394: pc->pc_ucred->cr_groups[0] = egid; ! 395: pcred_unlock(p); ! 396: set_security_token(p); ! 397: p->p_flag |= P_SUGID; ! 398: return (0); ! 399: } ! 400: ! 401: struct setgroups_args{ ! 402: u_int gidsetsize; ! 403: gid_t *gidset; ! 404: }; ! 405: ! 406: /* ARGSUSED */ ! 407: setgroups(p, uap, retval) ! 408: struct proc *p; ! 409: struct setgroups_args *uap; ! 410: register_t *retval; ! 411: { ! 412: register struct pcred *pc = p->p_cred; ! 413: struct ucred *new, *old; ! 414: register u_int ngrp; ! 415: int error; ! 416: ! 417: if (error = suser(pc->pc_ucred, &p->p_acflag)) ! 418: return (error); ! 419: ngrp = uap->gidsetsize; ! 420: if (ngrp < 1 || ngrp > NGROUPS) ! 421: return (EINVAL); ! 422: new = crget(); ! 423: error = copyin((caddr_t)uap->gidset, ! 424: (caddr_t)new->cr_groups, ngrp * sizeof(gid_t)); ! 425: if (error) { ! 426: crfree(new); ! 427: return (error); ! 428: } ! 429: new->cr_ngroups = ngrp; ! 430: pcred_writelock(p); ! 431: old = pc->pc_ucred; ! 432: new->cr_uid = old->cr_uid; ! 433: pc->pc_ucred = new; ! 434: pcred_unlock(p); ! 435: set_security_token(p); ! 436: p->p_flag |= P_SUGID; ! 437: if (old != NOCRED) ! 438: crfree(old); ! 439: return (0); ! 440: } ! 441: ! 442: #if COMPAT_43 ! 443: struct osetreuid_args{ ! 444: int ruid; ! 445: int euid; ! 446: }; ! 447: /* ARGSUSED */ ! 448: osetreuid(p, uap, retval) ! 449: register struct proc *p; ! 450: struct osetreuid_args *uap; ! 451: register_t *retval; ! 452: { ! 453: struct seteuid_args seuidargs; ! 454: struct setuid_args suidargs; ! 455: ! 456: /* ! 457: * There are five cases, and we attempt to emulate them in ! 458: * the following fashion: ! 459: * -1, -1: return 0. This is correct emulation. ! 460: * -1, N: call seteuid(N). This is correct emulation. ! 461: * N, -1: if we called setuid(N), our euid would be changed ! 462: * to N as well. the theory is that we don't want to ! 463: * revoke root access yet, so we call seteuid(N) ! 464: * instead. This is incorrect emulation, but often ! 465: * suffices enough for binary compatibility. ! 466: * N, N: call setuid(N). This is correct emulation. ! 467: * N, M: call setuid(N). This is close to correct emulation. ! 468: */ ! 469: if (uap->ruid == (uid_t)-1) { ! 470: if (uap->euid == (uid_t)-1) ! 471: return (0); /* -1, -1 */ ! 472: seuidargs.euid = uap->euid; /* -1, N */ ! 473: return (seteuid(p, &seuidargs, retval)); ! 474: } ! 475: if (uap->euid == (uid_t)-1) { ! 476: seuidargs.euid = uap->ruid; /* N, -1 */ ! 477: return (seteuid(p, &seuidargs, retval)); ! 478: } ! 479: suidargs.uid = uap->ruid; /* N, N and N, M */ ! 480: return (setuid(p, &suidargs, retval)); ! 481: } ! 482: ! 483: struct osetregid_args { ! 484: int rgid; ! 485: int egid; ! 486: }; ! 487: /* ARGSUSED */ ! 488: osetregid(p, uap, retval) ! 489: register struct proc *p; ! 490: struct osetregid_args *uap; ! 491: register_t *retval; ! 492: { ! 493: struct setegid_args segidargs; ! 494: struct setgid_args sgidargs; ! 495: ! 496: /* ! 497: * There are five cases, described above in osetreuid() ! 498: */ ! 499: if (uap->rgid == (gid_t)-1) { ! 500: if (uap->egid == (gid_t)-1) ! 501: return (0); /* -1, -1 */ ! 502: segidargs.egid = uap->egid; /* -1, N */ ! 503: return (setegid(p, &segidargs, retval)); ! 504: } ! 505: if (uap->egid == (gid_t)-1) { ! 506: segidargs.egid = uap->rgid; /* N, -1 */ ! 507: return (setegid(p, &segidargs, retval)); ! 508: } ! 509: sgidargs.gid = uap->rgid; /* N, N and N, M */ ! 510: return (setgid(p, &sgidargs, retval)); ! 511: } ! 512: #endif /* COMPAT_43 */ ! 513: ! 514: /* ! 515: * Check if gid is a member of the group set. ! 516: */ ! 517: groupmember(gid, cred) ! 518: gid_t gid; ! 519: register struct ucred *cred; ! 520: { ! 521: register gid_t *gp; ! 522: gid_t *egp; ! 523: ! 524: egp = &(cred->cr_groups[cred->cr_ngroups]); ! 525: for (gp = cred->cr_groups; gp < egp; gp++) ! 526: if (*gp == gid) ! 527: return (1); ! 528: return (0); ! 529: } ! 530: ! 531: /* ! 532: * Test whether the specified credentials imply "super-user" ! 533: * privilege; if so, and we have accounting info, set the flag ! 534: * indicating use of super-powers. ! 535: * Returns 0 or error. ! 536: */ ! 537: suser(cred, acflag) ! 538: struct ucred *cred; ! 539: u_short *acflag; ! 540: { ! 541: #if DIAGNOSTIC ! 542: if (cred == NOCRED || cred == FSCRED) ! 543: panic("suser"); ! 544: #endif ! 545: if (cred->cr_uid == 0) { ! 546: if (acflag) ! 547: *acflag |= ASU; ! 548: return (0); ! 549: } ! 550: return (EPERM); ! 551: } ! 552: ! 553: int ! 554: is_suser(void) ! 555: { ! 556: struct proc *p = current_proc(); ! 557: ! 558: if (!p) ! 559: return (0); ! 560: ! 561: return (suser(p->p_ucred, &p->p_acflag) == 0); ! 562: } ! 563: ! 564: int ! 565: is_suser1(void) ! 566: { ! 567: struct proc *p = current_proc(); ! 568: ! 569: if (!p) ! 570: return (0); ! 571: ! 572: return (suser(p->p_ucred, &p->p_acflag) == 0 || ! 573: p->p_cred->p_ruid == 0 || p->p_cred->p_svuid == 0); ! 574: } ! 575: ! 576: /* ! 577: * Allocate a zeroed cred structure. ! 578: */ ! 579: struct ucred * ! 580: crget() ! 581: { ! 582: register struct ucred *cr; ! 583: ! 584: MALLOC_ZONE(cr, struct ucred *, sizeof(*cr), M_CRED, M_WAITOK); ! 585: bzero((caddr_t)cr, sizeof(*cr)); ! 586: cr->cr_ref = 1; ! 587: return (cr); ! 588: } ! 589: ! 590: /* ! 591: * Free a cred structure. ! 592: * Throws away space when ref count gets to 0. ! 593: */ ! 594: void ! 595: crfree(cr) ! 596: struct ucred *cr; ! 597: { ! 598: #if DIAGNOSTIC ! 599: if (cr == NOCRED || cr == FSCRED) ! 600: panic("crfree"); ! 601: #endif ! 602: if (--cr->cr_ref == 0) ! 603: FREE_ZONE((caddr_t)cr, sizeof *cr, M_CRED); ! 604: } ! 605: ! 606: /* ! 607: * Copy cred structure to a new one and free the old one. ! 608: */ ! 609: struct ucred * ! 610: crcopy(cr) ! 611: struct ucred *cr; ! 612: { ! 613: struct ucred *newcr; ! 614: ! 615: #if DIAGNOSTIC ! 616: if (cr == NOCRED || cr == FSCRED) ! 617: panic("crcopy"); ! 618: #endif ! 619: if (cr->cr_ref == 1) ! 620: return (cr); ! 621: newcr = crget(); ! 622: *newcr = *cr; ! 623: crfree(cr); ! 624: newcr->cr_ref = 1; ! 625: return (newcr); ! 626: } ! 627: ! 628: /* ! 629: * Dup cred struct to a new held one. ! 630: */ ! 631: struct ucred * ! 632: crdup(cr) ! 633: struct ucred *cr; ! 634: { ! 635: struct ucred *newcr; ! 636: ! 637: #if DIAGNOSTIC ! 638: if (cr == NOCRED || cr == FSCRED) ! 639: panic("crdup"); ! 640: #endif ! 641: newcr = crget(); ! 642: *newcr = *cr; ! 643: newcr->cr_ref = 1; ! 644: return (newcr); ! 645: } ! 646: ! 647: /* ! 648: * Get login name, if available. ! 649: */ ! 650: struct getlogin_args { ! 651: char *namebuf; ! 652: u_int namelen; ! 653: }; ! 654: /* ARGSUSED */ ! 655: getlogin(p, uap, retval) ! 656: struct proc *p; ! 657: struct getlogin_args *uap; ! 658: register_t *retval; ! 659: { ! 660: ! 661: if (uap->namelen > sizeof (p->p_pgrp->pg_session->s_login)) ! 662: uap->namelen = sizeof (p->p_pgrp->pg_session->s_login); ! 663: return (copyout((caddr_t) p->p_pgrp->pg_session->s_login, ! 664: (caddr_t)uap->namebuf, uap->namelen)); ! 665: } ! 666: ! 667: /* ! 668: * Set login name. ! 669: */ ! 670: struct setlogin_args { ! 671: char *namebuf; ! 672: }; ! 673: /* ARGSUSED */ ! 674: setlogin(p, uap, retval) ! 675: struct proc *p; ! 676: struct setlogin_args *uap; ! 677: register_t *retval; ! 678: { ! 679: int error; ! 680: int dummy=0; ! 681: ! 682: if (error = suser(p->p_ucred, &p->p_acflag)) ! 683: return (error); ! 684: error = copyinstr((caddr_t) uap->namebuf, ! 685: (caddr_t) p->p_pgrp->pg_session->s_login, ! 686: sizeof (p->p_pgrp->pg_session->s_login) - 1, (size_t *)&dummy); ! 687: if (error == ENAMETOOLONG) ! 688: error = EINVAL; ! 689: return (error); ! 690: } ! 691: ! 692: ! 693: /* Set the secrity token of the task with current euid and eguid */ ! 694: void ! 695: set_security_token(struct proc * p) ! 696: { ! 697: #define BSD_DUMMY_HOST 1 ! 698: security_token_t sec_token; ! 699: ! 700: sec_token.val[0] = p->p_ucred->cr_uid; ! 701: sec_token.val[1] = p->p_ucred->cr_gid; ! 702: (void)host_security_set_task_token(BSD_DUMMY_HOST, p->task, sec_token); ! 703: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.