Lines Matching defs:p
83 int parsepledges(struct proc *p, const char *kname,
410 parsepledges(struct proc *p, const char *kname, const char *promises, u_int64_t *fp)
424 if (KTRPOINT(p, KTR_STRUCT))
425 ktrstruct(p, kname, rbuf, rbuflen-1);
446 sys_pledge(struct proc *p, void *v, register_t *retval)
452 struct process *pr = p->p_p;
459 error = parsepledges(p, "pledgereq",
465 error = parsepledges(p, "pledgeexecreq",
528 pledge_syscall(struct proc *p, int code, uint64_t *tval)
530 p->p_pledge_syscall = code;
539 if (p->p_p->ps_pledge & pledge_syscalls[code])
547 pledge_fail(struct proc *p, int error, uint64_t code)
559 if (KTRPOINT(p, KTR_PLEDGE))
560 ktrpledge(p, error, code, p->p_pledge_syscall);
562 if (p->p_p->ps_pledge & PLEDGE_ERROR)
567 p->p_p->ps_comm, p->p_p->ps_pid, codes, p->p_pledge_syscall);
568 p->p_p->ps_acflag |= APLEDGE;
571 if (P_HASSIBLING(p))
572 single_thread_set(p, SINGLE_UNWIND | SINGLE_DEEP);
575 sigabort(p);
577 p->p_p->ps_pledge = 0; /* Disable all PLEDGE_ flags */
587 pledge_namei(struct proc *p, struct nameidata *ni, char *origpath)
593 if ((p->p_p->ps_flags & PS_PLEDGE) == 0 ||
594 (p->p_p->ps_flags & PS_COREDUMP))
596 pledge = READ_ONCE(p->p_p->ps_pledge);
617 (p->p_pledge_syscall == SYS_open) &&
628 (p->p_pledge_syscall == SYS_unlink) &&
635 switch (p->p_pledge_syscall) {
735 return (pledge_fail(p, EPERM, (ni->ni_pledge & ~pledge)));
745 pledge_recvfd(struct proc *p, struct file *fp)
749 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
751 if ((p->p_p->ps_pledge & PLEDGE_RECVFD) == 0)
752 return pledge_fail(p, EPERM, PLEDGE_RECVFD);
766 return pledge_fail(p, EINVAL, PLEDGE_RECVFD);
773 pledge_sendfd(struct proc *p, struct file *fp)
777 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
779 if ((p->p_p->ps_pledge & PLEDGE_SENDFD) == 0)
780 return pledge_fail(p, EPERM, PLEDGE_SENDFD);
795 return pledge_fail(p, EINVAL, PLEDGE_SENDFD);
799 pledge_sysctl(struct proc *p, int miblen, int *mib, void *new)
805 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
807 pledge = READ_ONCE(p->p_p->ps_pledge);
810 return pledge_fail(p, EFAULT, 0);
997 p->p_p->ps_comm, p->p_p->ps_pid, miblen);
1004 return pledge_fail(p, EINVAL, 0);
1008 pledge_chown(struct proc *p, uid_t uid, gid_t gid)
1010 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
1013 if (p->p_p->ps_pledge & PLEDGE_CHOWNUID)
1016 if (uid != -1 && uid != p->p_ucred->cr_uid)
1018 if (gid != -1 && !groupmember(gid, p->p_ucred))
1024 pledge_adjtime(struct proc *p, const void *v)
1028 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
1031 if ((p->p_p->ps_pledge & PLEDGE_SETTIME))
1039 pledge_sendit(struct proc *p, const void *to)
1041 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
1044 if ((p->p_p->ps_pledge & (PLEDGE_INET | PLEDGE_UNIX | PLEDGE_DNS)))
1048 return pledge_fail(p, EPERM, PLEDGE_INET);
1052 pledge_ioctl(struct proc *p, long com, struct file *fp)
1058 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
1060 pledge = READ_ONCE(p->p_p->ps_pledge);
1125 error = pledge_ioctl_drm(p, com, vp->v_rdev);
1339 error = pledge_ioctl_vmm(p, com);
1351 error = pledge_ioctl_psp(p, com);
1358 return pledge_fail(p, error, PLEDGE_TTY);
1362 pledge_sockopt(struct proc *p, int set, int level, int optname)
1366 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
1368 pledge = READ_ONCE(p->p_p->ps_pledge);
1398 return pledge_fail(p, EPERM, PLEDGE_INET);
1422 return pledge_fail(p, EPERM, PLEDGE_INET);
1427 return pledge_fail(p, EINVAL, PLEDGE_WROUTE);
1433 return pledge_fail(p, EPERM, PLEDGE_INET);
1495 return pledge_fail(p, EPERM, PLEDGE_INET);
1499 pledge_socket(struct proc *p, int domain, unsigned int state)
1503 if (!ISSET(p->p_p->ps_flags, PS_PLEDGE))
1505 pledge = READ_ONCE(p->p_p->ps_pledge);
1510 return pledge_fail(p, EPERM, PLEDGE_DNS);
1520 return pledge_fail(p, EPERM, PLEDGE_INET);
1525 return pledge_fail(p, EPERM, PLEDGE_UNIX);
1528 return pledge_fail(p, EINVAL, PLEDGE_INET);
1532 pledge_flock(struct proc *p)
1534 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
1537 if ((p->p_p->ps_pledge & PLEDGE_FLOCK))
1539 return (pledge_fail(p, EPERM, PLEDGE_FLOCK));
1543 pledge_swapctl(struct proc *p, int cmd)
1545 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
1548 if (p->p_p->ps_pledge & PLEDGE_VMINFO) {
1556 return pledge_fail(p, EPERM, PLEDGE_VMINFO);
1579 pledge_fcntl(struct proc *p, int cmd)
1581 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
1583 if ((p->p_p->ps_pledge & PLEDGE_PROC) == 0 && cmd == F_SETOWN)
1584 return pledge_fail(p, EPERM, PLEDGE_PROC);
1589 pledge_kill(struct proc *p, pid_t pid)
1591 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
1593 if (p->p_p->ps_pledge & PLEDGE_PROC)
1595 if (pid == 0 || pid == p->p_p->ps_pid)
1597 return pledge_fail(p, EPERM, PLEDGE_PROC);
1601 pledge_profil(struct proc *p, u_int scale)
1603 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
1606 return pledge_fail(p, EPERM, PLEDGE_STDIO);
1611 pledge_protexec(struct proc *p, int prot)
1613 if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
1616 if (p->p_p->ps_kbind_addr == 0 && p->p_p->ps_kbind_cookie == 0)
1618 if (!(p->p_p->ps_pledge & PLEDGE_PROTEXEC) && (prot & PROT_EXEC))
1619 return pledge_fail(p, EPERM, PLEDGE_PROTEXEC);
1626 const char *p;
1636 p = input;
1638 while (*p && (q - buf < bufsize)) {
1639 if (p[0] == '/' && (p[1] == '/' || p[1] == '\0')) {
1640 p += 1;
1642 } else if (p[0] == '/' && p[1] == '.' &&
1643 (p[2] == '/' || p[2] == '\0')) {
1644 p += 2;
1646 } else if (p[0] == '/' && p[1] == '.' && p[2] == '.' &&
1647 (p[3] == '/' || p[3] == '\0')) {
1648 p += 3;
1654 *q++ = *p++;
1657 if ((*p == '\0') && (q - buf < bufsize)) {