sys/kern/kern_prot.c

23372Smckusick/*
*37578Smckusick * Copyright (c) 1982, 1986, 1989 Regents of the University of California.
*37578Smckusick * All rights reserved.
23372Smckusick *
*37578Smckusick * Redistribution and use in source and binary forms are permitted
*37578Smckusick * provided that the above copyright notice and this paragraph are
*37578Smckusick * duplicated in all such forms and that any documentation,
*37578Smckusick * advertising materials, and other materials related to such
*37578Smckusick * distribution and use acknowledge that the software was developed
*37578Smckusick * by the University of California, Berkeley.  The name of the
*37578Smckusick * University may not be used to endorse or promote products derived
*37578Smckusick * from this software without specific prior written permission.
*37578Smckusick * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
*37578Smckusick * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
*37578Smckusick * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*37578Smckusick *
*37578Smckusick *	@(#)kern_prot.c	7.1.1.1 (Berkeley) 05/01/89
23372Smckusick */
7420Sroot
7420Sroot/*
7498Sroot * System calls related to processes and protection
7420Sroot */
7420Sroot
*37578Smckusick#include "machine/reg.h"
*37578Smckusick
17092Sbloom#include "param.h"
*37578Smckusick#include "acct.h"
17092Sbloom#include "systm.h"
17092Sbloom#include "user.h"
17092Sbloom#include "proc.h"
17092Sbloom#include "timeb.h"
17092Sbloom#include "times.h"
17092Sbloom#include "reboot.h"
*37578Smckusick#include "mount.h"
17092Sbloom#include "buf.h"
*37578Smckusick#include "../ufs/quota.h"
*37578Smckusick#include "malloc.h"
*37578Smckusick#define GRPSTART 0
7420Sroot
7498Srootgetpid()
7498Sroot{
7498Sroot
7498Sroot	u.u_r.r_val1 = u.u_procp->p_pid;
7498Sroot	u.u_r.r_val2 = u.u_procp->p_ppid;
7498Sroot}
7498Sroot
7498Srootgetpgrp()
7498Sroot{
7498Sroot	register struct a {
7498Sroot		int	pid;
7498Sroot	} *uap = (struct a *)u.u_ap;
7498Sroot	register struct proc *p;
7498Sroot
7498Sroot	if (uap->pid == 0)
*37578Smckusick		uap->pid = u.u_procp->p_pid;
*37578Smckusick	p = pfind(uap->pid);
*37578Smckusick	if (p == 0) {
7498Sroot		u.u_error = ESRCH;
7498Sroot		return;
7498Sroot	}
*37578Smckusick	u.u_r.r_val1 = p->p_pgrp;
7498Sroot}
7498Sroot
7420Srootgetuid()
7420Sroot{
7420Sroot
7420Sroot	u.u_r.r_val1 = u.u_ruid;
7420Sroot	u.u_r.r_val2 = u.u_uid;
7420Sroot}
7420Sroot
7498Srootgetgid()
7498Sroot{
7498Sroot
7498Sroot	u.u_r.r_val1 = u.u_rgid;
7498Sroot	u.u_r.r_val2 = u.u_gid;
7498Sroot}
7498Sroot
7866Srootgetgroups()
7498Sroot{
7498Sroot	register struct	a {
8624Sroot		u_int	gidsetsize;
7498Sroot		int	*gidset;
7498Sroot	} *uap = (struct a *)u.u_ap;
18362Skarels	register gid_t *gp;
18362Skarels	register int *lp;
18362Skarels	int groups[NGROUPS];
7498Sroot
*37578Smckusick	if (uap->gidsetsize == 0) {
*37578Smckusick		u.u_r.r_val1 = u.u_ngroups - GRPSTART;
*37578Smckusick		return;
*37578Smckusick	}
*37578Smckusick	if (uap->gidsetsize < u.u_ngroups - GRPSTART) {
7866Sroot		u.u_error = EINVAL;
7866Sroot		return;
7866Sroot	}
*37578Smckusick	uap->gidsetsize = u.u_ngroups - GRPSTART;
*37578Smckusick	gp = &u.u_groups[GRPSTART];
*37578Smckusick	for (lp = groups; lp < &groups[uap->gidsetsize]; )
18362Skarels		*lp++ = *gp++;
18362Skarels	u.u_error = copyout((caddr_t)groups, (caddr_t)uap->gidset,
18362Skarels	    uap->gidsetsize * sizeof (groups[0]));
9997Ssam	if (u.u_error)
7498Sroot		return;
7866Sroot	u.u_r.r_val1 = uap->gidsetsize;
7498Sroot}
7498Sroot
7498Srootsetpgrp()
7498Sroot{
*37578Smckusick	register struct proc *p;
7498Sroot	register struct a {
7498Sroot		int	pid;
*37578Smckusick		int	pgrp;
7498Sroot	} *uap = (struct a *)u.u_ap;
7498Sroot
7498Sroot	if (uap->pid == 0)
*37578Smckusick		uap->pid = u.u_procp->p_pid;
*37578Smckusick	p = pfind(uap->pid);
*37578Smckusick	if (p == 0) {
7498Sroot		u.u_error = ESRCH;
7498Sroot		return;
7498Sroot	}
*37578Smckusick/* need better control mechanisms for process groups */
*37578Smckusick	if (p->p_uid != u.u_uid && u.u_uid && !inferior(p)) {
7498Sroot		u.u_error = EPERM;
7498Sroot		return;
7498Sroot	}
*37578Smckusick	p->p_pgrp = uap->pgrp;
7498Sroot}
7498Sroot
9160Ssamsetreuid()
7420Sroot{
9160Ssam	struct a {
9160Ssam		int	ruid;
9160Ssam		int	euid;
9160Ssam	} *uap;
9160Ssam	register int ruid, euid;
9160Ssam
9160Ssam	uap = (struct a *)u.u_ap;
9160Ssam	ruid = uap->ruid;
9160Ssam	if (ruid == -1)
9160Ssam		ruid = u.u_ruid;
37553Smckusick	if (u.u_ruid != ruid && u.u_uid != ruid &&
37553Smckusick	    (u.u_error = suser(u.u_cred, &u.u_acflag)))
9160Ssam		return;
9160Ssam	euid = uap->euid;
9160Ssam	if (euid == -1)
9160Ssam		euid = u.u_uid;
37553Smckusick	if (u.u_ruid != euid && u.u_uid != euid &&
37553Smckusick	    (u.u_error = suser(u.u_cred, &u.u_acflag)))
9160Ssam		return;
9160Ssam	/*
9160Ssam	 * Everything's okay, do it.
*37578Smckusick	 * Copy credentials so other references do not
*37578Smckusick	 * see our changes.
9160Ssam	 */
9160Ssam#ifdef QUOTA
9320Ssam	if (u.u_quota->q_uid != ruid) {
9320Ssam		qclean();
26354Skarels		qstart(getquota((uid_t)ruid, 0, 0));
9320Ssam	}
9160Ssam#endif
*37578Smckusick	if (u.u_cred->cr_ref > 1)
*37578Smckusick		u.u_cred = crcopy(u.u_cred);
25627Skarels	u.u_procp->p_uid = euid;
9320Ssam	u.u_ruid = ruid;
9160Ssam	u.u_uid = euid;
9160Ssam}
9160Ssam
9160Ssamsetregid()
7420Sroot{
9160Ssam	register struct a {
9160Ssam		int	rgid;
9160Ssam		int	egid;
9160Ssam	} *uap;
9160Ssam	register int rgid, egid;
9160Ssam
9160Ssam	uap = (struct a *)u.u_ap;
9160Ssam	rgid = uap->rgid;
9160Ssam	if (rgid == -1)
9160Ssam		rgid = u.u_rgid;
37553Smckusick	if (u.u_rgid != rgid && u.u_gid != rgid &&
37553Smckusick	    (u.u_error = suser(u.u_cred, &u.u_acflag)))
9160Ssam		return;
9160Ssam	egid = uap->egid;
9160Ssam	if (egid == -1)
9160Ssam		egid = u.u_gid;
37553Smckusick	if (u.u_rgid != egid && u.u_gid != egid &&
37553Smckusick	    (u.u_error = suser(u.u_cred, &u.u_acflag)))
9160Ssam		return;
*37578Smckusick	if (u.u_cred->cr_ref > 1)
*37578Smckusick		u.u_cred = crcopy(u.u_cred);
*37578Smckusick	u.u_rgid = rgid;
11164Ssam	u.u_gid = egid;
9160Ssam}
9160Ssam
7866Srootsetgroups()
7498Sroot{
7498Sroot	register struct	a {
8624Sroot		u_int	gidsetsize;
7498Sroot		int	*gidset;
7498Sroot	} *uap = (struct a *)u.u_ap;
18362Skarels	register gid_t *gp;
18362Skarels	register int *lp;
*37578Smckusick	int ngrp, groups[NGROUPS];
7498Sroot
37553Smckusick	if (u.u_error = suser(u.u_cred, &u.u_acflag))
7498Sroot		return;
*37578Smckusick	ngrp = uap->gidsetsize + GRPSTART;
*37578Smckusick	if (ngrp > sizeof (u.u_groups) / sizeof (u.u_groups[0])) {
7866Sroot		u.u_error = EINVAL;
7498Sroot		return;
7498Sroot	}
18362Skarels	u.u_error = copyin((caddr_t)uap->gidset, (caddr_t)groups,
18362Skarels	    uap->gidsetsize * sizeof (groups[0]));
9997Ssam	if (u.u_error)
7498Sroot		return;
*37578Smckusick	gp = &u.u_groups[GRPSTART];
*37578Smckusick	for (lp = groups; lp < &groups[uap->gidsetsize]; )
18362Skarels		*gp++ = *lp++;
*37578Smckusick	u.u_ngroups = ngrp;
7498Sroot}
7498Sroot
7498Sroot/*
*37578Smckusick * Check if gid is a member of the group set.
11810Ssam */
*37578Smckusickgroupmember(gid, cred)
26275Skarels	gid_t gid;
*37578Smckusick	register struct ucred *cred;
7866Sroot{
18362Skarels	register gid_t *gp;
*37578Smckusick	gid_t *egp;
7866Sroot
*37578Smckusick	egp = &(cred->cr_groups[cred->cr_ngroups]);
*37578Smckusick	for (gp = cred->cr_groups; gp < egp; gp++)
7866Sroot		if (*gp == gid)
*37578Smckusick			return (1);
*37578Smckusick	return (0);
7866Sroot}
7866Sroot
11810Ssam/*
*37578Smckusick * Test if the current user is the super user.
11810Ssam */
*37578Smckusicksuser(cred, acflag)
*37578Smckusick	struct ucred *cred;
*37578Smckusick	short *acflag;
7866Sroot{
7866Sroot
*37578Smckusick	if (cred->cr_uid == 0) {
*37578Smckusick		if (acflag)
*37578Smckusick			*acflag |= ASU;
*37578Smckusick		return (0);
18362Skarels	}
*37578Smckusick	return (EPERM);
7866Sroot}
11810Ssam
11810Ssam/*
*37578Smckusick * Allocate a zeroed cred structure.
11810Ssam */
*37578Smckusickstruct ucred *
*37578Smckusickcrget()
11810Ssam{
*37578Smckusick	register struct ucred *cr;
11810Ssam
*37578Smckusick	MALLOC(cr, struct ucred *, sizeof(*cr), M_CRED, M_WAITOK);
*37578Smckusick	bzero((caddr_t)cr, sizeof(*cr));
*37578Smckusick	cr->cr_ref = 1;
*37578Smckusick	return(cr);
11810Ssam}
37085Skfall
37085Skfall/*
*37578Smckusick * Free a cred structure.
*37578Smckusick * Throws away space when ref count gets to 0.
37085Skfall */
*37578Smckusickcrfree(cr)
*37578Smckusick	struct ucred *cr;
*37578Smckusick{
*37578Smckusick	int	s = splimp();
37085Skfall
*37578Smckusick	if (--cr->cr_ref != 0) {
*37578Smckusick		(void) splx(s);
*37578Smckusick		return;
*37578Smckusick	}
*37578Smckusick	FREE((caddr_t)cr, M_CRED);
*37578Smckusick	(void) splx(s);
*37578Smckusick}
*37578Smckusick
*37578Smckusick/*
*37578Smckusick * Copy cred structure to a new one and free the old one.
*37578Smckusick */
*37578Smckusickstruct ucred *
*37578Smckusickcrcopy(cr)
*37578Smckusick	struct ucred *cr;
37085Skfall{
*37578Smckusick	struct ucred *newcr;
37085Skfall
*37578Smckusick	newcr = crget();
*37578Smckusick	*newcr = *cr;
*37578Smckusick	crfree(cr);
*37578Smckusick	newcr->cr_ref = 1;
*37578Smckusick	return(newcr);
37085Skfall}
37085Skfall
37085Skfall/*
*37578Smckusick * Dup cred struct to a new held one.
37085Skfall */
*37578Smckusickstruct ucred *
*37578Smckusickcrdup(cr)
*37578Smckusick	struct ucred *cr;
37085Skfall{
*37578Smckusick	struct ucred *newcr;
37085Skfall
*37578Smckusick	newcr = crget();
*37578Smckusick	*newcr = *cr;
*37578Smckusick	newcr->cr_ref = 1;
*37578Smckusick	return(newcr);
37085Skfall}