From nobody Thu Sep 28 15:10:34 2023
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RxH3Z4FBHz4ttjq;
	Thu, 28 Sep 2023 15:10:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4RxH3Z3Nmpz3XQ5;
	Thu, 28 Sep 2023 15:10:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1695913834;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=f+jGDzmbpv6mHNAlgdiIkA1JWWcwJtmr5HL4z9RAHTg=;
	b=uDYh/Y8rGRGBC4j6cR7qcO1/c49xgA+eez5jFUiSzdxaoB6hCTlAWJqBtKcnYMNHeLQdJ+
	vEZEPS54K9qLuAOlopyg00XMu7897ed1E06eT7/UgzfYpcHyY64pLAo8n9X7XDS6Cv+oD5
	w8xzunjSBy9u0Vr95rwKK+lf0FnAuQ2PqEeoHUS/PtMUi1M6qOlUuvRJ+F/Nq9Ugoycvog
	Gwicwk8eatlDF/tkfJ/zbMOz7E4s8kpOiRjUHvlKPbyGufCQRKny5fXC0HTPJTEu4t+0ev
	fqMyXj10s+EMy3MIc+4fdPTJObMurRlxwmLfg6HRq5yEKvI5nhhnN3kGbQaXiw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1695913834; a=rsa-sha256; cv=none;
	b=DNCA7sfd8OQke2v6+4wCTWAjadLYYt+QwNCvtJOiZC5ZmW8K3drUnrLFxvZIMhgVM/PRkY
	Yw9kI+xQ5wzrunNXcMAWr+qQKGu41PSenE2W+/8ENGZg7zMpreEpfZzrkcIIFjHZRhiRdS
	O7HEXNRIehpml48XitRX1xTal/Pw9uWg2sts1qQtVsuvbC79MJU8cl5crAd6kVNYyodMgW
	0B+ZowZi9y2n/y5i74ze7urYr/YcFA+8u5tmo8qXKhtapwLmZH9gpxQo11XsJvLVSf7z9s
	U47MDlND7+wI1korLTrSkVsCohosbQZpDqeMsgpF4fFzRtfBkZLhzLiPr5uupQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1695913834;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=f+jGDzmbpv6mHNAlgdiIkA1JWWcwJtmr5HL4z9RAHTg=;
	b=rjadCt6dHFuLw2uYNPZ7jwz6Y/Wda7GhhmosAB6s828ZlP2mwXqudwVB7lwvV1Fpz7XD//
	/lsGnNXr9mIewTGOBdVGyJLVzZTAk32VeWvBz+FHVJVjz2lLVHpAdraDi+S9Vy2Z+rL/oR
	Mv7vX/YYdLvTMXe/SWh6pKfXjA7mItbB8wwZO2BwmyI09f88KhH6FAxhsjzcvWPmdx0nYP
	EfE5HFjZch5q8148llRC3k8gnL/DQDP+VGgTMWoBCT19s3s9mro+VkCDXZ4Bp+nYkDNSl+
	zxqBjHWPNRDVC7wug+BJ0wW1gA8eiY3+/Zc28bATGL16vYYd8JfYLgRZYpKZZA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RxH3Z26BKzBJd;
	Thu, 28 Sep 2023 15:10:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 38SFAYoc047160;
	Thu, 28 Sep 2023 15:10:34 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 38SFAYbn047157;
	Thu, 28 Sep 2023 15:10:34 GMT
	(envelope-from git)
Date: Thu, 28 Sep 2023 15:10:34 GMT
Message-Id: <202309281510.38SFAYbn047157@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Mitchell Horne <mhorne@FreeBSD.org>
Subject: git: e4a7b4f99cfd - main - New cr_bsd_visible(): Whether
  BSD policies deny seeing subjects/objects
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-main@freebsd.org
X-BeenThere: dev-commits-src-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mhorne
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: e4a7b4f99cfd4931468c0866da4ae8b49cf5badb
Auto-Submitted: auto-generated

The branch main has been updated by mhorne:

URL: https://cgit.FreeBSD.org/src/commit/?id=e4a7b4f99cfd4931468c0866da4ae8b49cf5badb

commit e4a7b4f99cfd4931468c0866da4ae8b49cf5badb
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:38 +0000
Commit:     Mitchell Horne <mhorne@FreeBSD.org>
CommitDate: 2023-09-28 14:57:43 +0000

    New cr_bsd_visible(): Whether BSD policies deny seeing subjects/objects
    
    This is a new helper function that leverages existing code: It calls
    successively cr_canseeotheruids(), cr_canseeothergids() and
    cr_canseejailproc() (as long as the previous didn't deny access).  Will
    be used in a subsequent commit.
    
    Reviewed by:            mhorne
    MFC after:              2 weeks
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40627
---
 sys/kern/kern_prot.c | 19 +++++++++++++++++++
 sys/sys/proc.h       |  1 +
 2 files changed, 20 insertions(+)

diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index ed15cb566499..1e6073b554e4 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -1434,6 +1434,25 @@ cr_canseejailproc(struct ucred *u1, struct ucred *u2)
 	return (ESRCH);
 }
 
+/*
+ * Helper for cr_cansee*() functions to abide by system-wide security.bsd.see_*
+ * policies.  Determines if u1 "can see" u2 according to these policies.
+ * Returns: 0 for permitted, ESRCH otherwise
+ */
+int
+cr_bsd_visible(struct ucred *u1, struct ucred *u2)
+{
+	int error;
+
+	if ((error = cr_canseeotheruids(u1, u2)))
+		return (error);
+	if ((error = cr_canseeothergids(u1, u2)))
+		return (error);
+	if ((error = cr_canseejailproc(u1, u2)))
+		return (error);
+	return (0);
+}
+
 /*-
  * Determine if u1 "can see" the subject specified by u2.
  * Returns: 0 for permitted, an errno value otherwise
diff --git a/sys/sys/proc.h b/sys/sys/proc.h
index 3102cae7add0..8609bbd124ad 100644
--- a/sys/sys/proc.h
+++ b/sys/sys/proc.h
@@ -1163,6 +1163,7 @@ void	ast_sched(struct thread *td, int tda);
 void	ast_unsched_locked(struct thread *td, int tda);
 
 struct	thread *choosethread(void);
+int	cr_bsd_visible(struct ucred *u1, struct ucred *u2);
 int	cr_cansee(struct ucred *u1, struct ucred *u2);
 int	cr_canseesocket(struct ucred *cred, struct socket *so);
 int	cr_canseeothergids(struct ucred *u1, struct ucred *u2);