PERFORCE change 107054 for review
Robert Watson
rwatson at FreeBSD.org
Sun Oct 1 10:26:35 PDT 2006
http://perforce.freebsd.org/chv.cgi?CH=107054
Change 107054 by rwatson at rwatson_peppercorn on 2006/10/01 17:25:38
Mindlessly apply priv changes to RELENG_6, with some adaptations
(no subr_acl_posix1e.c, etc), and some omissions (no mqueues, and
so on). More work needed, including dealing with the alpha tree
(not present in HEAD), compiling it, etc.
Affected files ...
.. //depot/projects/trustedbsd/priv6/src/sys/amd64/amd64/io.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/compat/linux/linux_misc.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/compat/linux/linux_uid16.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/compat/svr4/svr4_fcntl.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/compat/svr4/svr4_misc.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/conf/NOTES#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/conf/files#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/conf/options#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/contrib/altq/altq/altq_cbq.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/contrib/altq/altq/altq_cdnr.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/contrib/altq/altq/altq_hfsc.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/contrib/altq/altq/altq_priq.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/contrib/altq/altq/altq_red.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/contrib/altq/altq/altq_rio.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/contrib/pf/net/if_pfsync.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/an/if_an.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/arl/if_arl.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/asr/asr.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/ata/atapi-cd.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/ce/if_ce.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/cp/if_cp.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/ctau/if_ct.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/cx/if_cx.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/dcons/dcons_os.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/drm/drmP.h#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/fdc/fdc.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/hwpmc/hwpmc_mod.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/if_ndis/if_ndis.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/kbd/kbd.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/nmdm/nmdm.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/null/null.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/ofw/ofw_console.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/random/randomdev.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/sbni/if_sbni.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/sbsh/if_sbsh.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/si/si.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/syscons/syscons.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/syscons/sysmouse.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/wi/if_wi.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/wl/if_wl.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/dev/zs/zs.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/fs/devfs/devfs_rule.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/fs/devfs/devfs_vnops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/fs/hpfs/hpfs_vnops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/fs/msdosfs/msdosfs_vfsops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/fs/msdosfs/msdosfs_vnops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/fs/procfs/procfs_ioctl.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/fs/smbfs/smbfs_vnops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/fs/udf/udf_vfsops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/fs/umapfs/umap_vfsops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/gnu/fs/ext2fs/ext2_vfsops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/gnu/fs/ext2fs/ext2_vnops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/gnu/fs/reiserfs/reiserfs_fs.h#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/gnu/fs/reiserfs/reiserfs_vfsops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/i386/i386/io.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/i386/i386/sys_machdep.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/i386/i386/vm86.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/i386/ibcs2/ibcs2_misc.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/i386/ibcs2/ibcs2_socksys.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/i386/ibcs2/ibcs2_sysi86.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/i386/linux/linux_machdep.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/i4b/driver/i4b_ipr.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/ia64/ia64/ssc.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/isofs/cd9660/cd9660_vfsops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_acct.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_acl.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_descrip.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_environment.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_exec.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_fork.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_jail.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_ktrace.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_linker.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_ntptime.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_prot.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_resource.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_shutdown.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_sysctl.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_thr.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_time.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_xxx.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/subr_firmware.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/subr_prf.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/subr_witness.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/sysv_ipc.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/sysv_msg.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/tty.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/tty_cons.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/tty_pty.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/uipc_sem.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/vfs_mount.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/vfs_subr.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/vfs_syscalls.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/kern/vfs_vnops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/modules/Makefile#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/net/bpf.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/net/if.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/net/if_bridge.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/net/if_gre.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/net/if_ppp.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/net/if_sl.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/net/if_tap.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/net/if_tun.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/net/ppp_tty.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/net/raw_usrreq.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/net/rtsock.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/net80211/ieee80211_ioctl.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netatalk/at_control.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netatalk/ddp_pcb.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netatm/atm_usrreq.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netgraph/bluetooth/drivers/h4/ng_h4.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netgraph/bluetooth/socket/ng_btsocket_hci_raw.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netgraph/bluetooth/socket/ng_btsocket_l2cap_raw.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netgraph/ng_socket.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netgraph/ng_tty.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet/in_pcb.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet/ip_carp.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet/ip_divert.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet/ip_fw2.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet/ip_mroute.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet/ip_output.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet/raw_ip.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet/tcp_subr.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet/udp_usrreq.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet6/in6.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet6/in6_pcb.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet6/in6_src.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet6/ipsec.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netinet6/udp6_usrreq.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netipx/ipx_pcb.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netipx/ipx_usrreq.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netncp/ncp_conn.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netncp/ncp_mod.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netncp/ncp_subr.h#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netsmb/smb_conn.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/netsmb/smb_subr.h#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/nfsserver/nfs_syscalls.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/pc98/cbus/fdc.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/posix4/p1003_1b.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/security/audit/audit.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/security/audit/audit_pipe.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/security/audit/audit_syscalls.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/security/mac/mac_internal.h#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/security/mac/mac_net.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/security/mac/mac_system.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/security/mac_bsdextended/mac_bsdextended.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/security/mac_lomac/mac_lomac.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/security/mac_partition/mac_partition.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/security/mac_portacl/mac_portacl.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/security/mac_seeotheruids/mac_seeotheruids.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/sys/jail.h#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/sys/mac.h#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/sys/systm.h#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/ufs/ffs/ffs_alloc.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/ufs/ffs/ffs_vfsops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/ufs/ffs/ffs_vnops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/ufs/ufs/ufs_extattr.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/ufs/ufs/ufs_quota.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/ufs/ufs/ufs_vnops.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/vm/swap_pager.c#2 edit
.. //depot/projects/trustedbsd/priv6/src/sys/vm/vm_mmap.c#2 edit
Differences ...
==== //depot/projects/trustedbsd/priv6/src/sys/amd64/amd64/io.c#2 (text+ko) ====
@@ -33,6 +33,7 @@
#include <sys/lock.h>
#include <sys/malloc.h>
#include <sys/mutex.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/signalvar.h>
#include <sys/systm.h>
@@ -54,7 +55,7 @@
{
int error;
- error = suser(td);
+ error = priv_check(td, PRIV_IO);
if (error != 0)
return (error);
error = securelevel_gt(td->td_ucred, 0);
==== //depot/projects/trustedbsd/priv6/src/sys/compat/linux/linux_misc.c#2 (text+ko) ====
@@ -48,6 +48,7 @@
#include <sys/mount.h>
#include <sys/mutex.h>
#include <sys/namei.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/reboot.h>
#include <sys/resourcevar.h>
@@ -1031,7 +1032,8 @@
* Keep cr_groups[0] unchanged to prevent that.
*/
- if ((error = suser_cred(oldcred, SUSER_ALLOWJAIL)) != 0) {
+ if ((error = priv_check_cred(oldcred, PRIV_CRED_SETGROUPS,
+ SUSER_ALLOWJAIL)) != 0) {
PROC_UNLOCK(p);
crfree(newcred);
return (error);
==== //depot/projects/trustedbsd/priv6/src/sys/compat/linux/linux_uid16.c#2 (text+ko) ====
@@ -31,6 +31,7 @@
#include <sys/lock.h>
#include <sys/malloc.h>
#include <sys/mutex.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/syscallsubr.h>
#include <sys/sysproto.h>
@@ -123,7 +124,8 @@
* Keep cr_groups[0] unchanged to prevent that.
*/
- if ((error = suser_cred(oldcred, SUSER_ALLOWJAIL)) != 0) {
+ if ((error = priv_check_cred(oldcred, PRIV_CRED_SETGROUPS,
+ SUSER_ALLOWJAIL)) != 0) {
PROC_UNLOCK(p);
crfree(newcred);
return (error);
==== //depot/projects/trustedbsd/priv6/src/sys/compat/svr4/svr4_fcntl.c#2 (text+ko) ====
@@ -45,6 +45,7 @@
#include <sys/mount.h>
#include <sys/mutex.h>
#include <sys/namei.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/stat.h>
#include <sys/syscallsubr.h>
@@ -279,7 +280,8 @@
goto out;
if (td->td_ucred->cr_uid != vattr.va_uid &&
- (error = suser(td)) != 0)
+ (error = priv_check_cred(td->td_ucred, PRIV_VFS_ADMIN,
+ SUSER_ALLOWJAIL)) != 0)
goto out;
if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
==== //depot/projects/trustedbsd/priv6/src/sys/compat/svr4/svr4_misc.c#2 (text+ko) ====
@@ -53,6 +53,7 @@
#include <sys/msg.h>
#include <sys/mutex.h>
#include <sys/namei.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/ptrace.h>
#include <sys/resource.h>
@@ -607,7 +608,8 @@
struct file *fp;
int error;
- if ((error = suser(td)) != 0)
+ if ((error = priv_check_cred(td->td_ucred, PRIV_VFS_FCHROOT,
+ SUSER_ALLOWJAIL)) != 0)
return error;
if ((error = getvnode(fdp, uap->fd, &fp)) != 0)
return error;
==== //depot/projects/trustedbsd/priv6/src/sys/conf/NOTES#2 (text+ko) ====
@@ -987,6 +987,7 @@
options MAC_NONE
options MAC_PARTITION
options MAC_PORTACL
+options MAC_PRIVS
options MAC_SEEOTHERUIDS
options MAC_STUB
options MAC_TEST
==== //depot/projects/trustedbsd/priv6/src/sys/conf/files#2 (text+ko) ====
@@ -1268,6 +1268,7 @@
kern/kern_physio.c standard
kern/kern_pmc.c standard
kern/kern_poll.c optional device_polling
+kern/kern_priv.c standard
kern/kern_proc.c standard
kern/kern_prot.c standard
kern/kern_resource.c standard
@@ -1839,6 +1840,7 @@
security/mac/mac_net.c optional mac
security/mac/mac_pipe.c optional mac
security/mac/mac_posix_sem.c optional mac
+security/mac/mac_priv.c optional mac
security/mac/mac_process.c optional mac
security/mac/mac_socket.c optional mac
security/mac/mac_system.c optional mac
@@ -1854,6 +1856,7 @@
security/mac_none/mac_none.c optional mac_none
security/mac_partition/mac_partition.c optional mac_partition
security/mac_portacl/mac_portacl.c optional mac_portacl
+security/mac_privs/mac_privs.c optional mac_privs
security/mac_seeotheruids/mac_seeotheruids.c optional mac_seeotheruids
security/mac_stub/mac_stub.c optional mac_stub
security/mac_test/mac_test.c optional mac_test
==== //depot/projects/trustedbsd/priv6/src/sys/conf/options#2 (text+ko) ====
@@ -110,6 +110,7 @@
MAC_NONE opt_dontuse.h
MAC_PARTITION opt_dontuse.h
MAC_PORTACL opt_dontuse.h
+MAC_PRIVS opt_dontuse.h
MAC_SEEOTHERUIDS opt_dontuse.h
MAC_STATIC opt_mac.h
MAC_STUB opt_dontuse.h
==== //depot/projects/trustedbsd/priv6/src/sys/contrib/altq/altq/altq_cbq.c#2 (text+ko) ====
@@ -1062,7 +1062,9 @@
/* currently only command that an ordinary user can call */
break;
default:
-#if (__FreeBSD_version > 400000)
+#if (__FreeBSD_version > 700000)
+ error = priv_check(p, PRIV_ALTQ_MANAGE);
+#elsif (__FreeBSD_version > 400000)
error = suser(p);
#else
error = suser(p->p_ucred, &p->p_acflag);
==== //depot/projects/trustedbsd/priv6/src/sys/contrib/altq/altq/altq_cdnr.c#2 (text+ko) ====
@@ -1262,7 +1262,9 @@
case CDNR_GETSTATS:
break;
default:
-#if (__FreeBSD_version > 400000)
+#if (__FreeBSD_versoin > 700000)
+ if ((error = priv_check(p, PRIV_ALTQ_MANAGE)) != 0)
+#elsif (__FreeBSD_version > 400000)
if ((error = suser(p)) != 0)
#else
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
==== //depot/projects/trustedbsd/priv6/src/sys/contrib/altq/altq/altq_hfsc.c#2 (text+ko) ====
@@ -1975,7 +1975,10 @@
case HFSC_GETSTATS:
break;
default:
-#if (__FreeBSD_version > 400000)
+#if (__FreeBSD_version > 700000)
+ if ((error = priv_check(p, PRIV_ALTQ_MANAGE)) != 0)
+ return (error);
+#elsif (__FreeBSD_version > 400000)
if ((error = suser(p)) != 0)
return (error);
#else
==== //depot/projects/trustedbsd/priv6/src/sys/contrib/altq/altq/altq_priq.c#2 (text+ko) ====
@@ -772,7 +772,10 @@
case PRIQ_GETSTATS:
break;
default:
-#if (__FreeBSD_version > 400000)
+#if (__FreeBSD_version > 700000)
+ if ((error = priv_check(p, PRIV_ALTQ_MANAGE)) != 0)
+ return (error);
+#elsif (__FreeBSD_version > 400000)
if ((error = suser(p)) != 0)
return (error);
#else
==== //depot/projects/trustedbsd/priv6/src/sys/contrib/altq/altq/altq_red.c#2 (text+ko) ====
@@ -781,7 +781,9 @@
case RED_GETSTATS:
break;
default:
-#if (__FreeBSD_version > 400000)
+#if (__FreeBSD_version > 700000)
+ if ((error = priv_check(p, PRIV_ALTQ_MANAGE)) != 0)
+#elsif (__FreeBSD_version > 400000)
if ((error = suser(p)) != 0)
#else
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
==== //depot/projects/trustedbsd/priv6/src/sys/contrib/altq/altq/altq_rio.c#2 (text+ko) ====
@@ -531,7 +531,10 @@
case RIO_GETSTATS:
break;
default:
-#if (__FreeBSD_version > 400000)
+#if (__FreeBSD_versoin > 700000)
+ if ((error = priv_check(p, PRIV_ALTQ_MANAGE)) != 0)
+ return (error);
+#elsif (__FreeBSD_version > 400000)
if ((error = suser(p)) != 0)
return (error);
#else
==== //depot/projects/trustedbsd/priv6/src/sys/contrib/pf/net/if_pfsync.c#2 (text+ko) ====
@@ -43,6 +43,9 @@
#endif
#include <sys/param.h>
+#ifdef __FreeBSD__
+#include <sys/priv.h>
+#endif
#include <sys/proc.h>
#include <sys/systm.h>
#include <sys/time.h>
@@ -1028,7 +1031,7 @@
break;
case SIOCSETPFSYNC:
#ifdef __FreeBSD__
- if ((error = suser(curthread)) != 0)
+ if ((error = priv_check(curthread, PRIV_NETINET_PF)) != 0)
#else
if ((error = suser(p, p->p_acflag)) != 0)
#endif
==== //depot/projects/trustedbsd/priv6/src/sys/dev/an/if_an.c#2 (text+ko) ====
@@ -91,6 +91,7 @@
#include <sys/systm.h>
#include <sys/sockio.h>
#include <sys/mbuf.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/kernel.h>
#include <sys/socket.h>
@@ -1983,7 +1984,7 @@
break;
#ifdef ANCACHE
if (sc->areq.an_type == AN_RID_ZERO_CACHE) {
- error = suser(td);
+ error = priv_check(td, PRIV_DRIVER);
if (error)
break;
sc->an_sigitems = sc->an_nextitem = 0;
@@ -2007,7 +2008,7 @@
error = copyout(&sc->areq, ifr->ifr_data, sizeof(sc->areq));
break;
case SIOCSAIRONET:
- if ((error = suser(td)))
+ if ((error = priv_check(td, PRIV_DRIVER)))
goto out;
error = copyin(ifr->ifr_data, &sc->areq, sizeof(sc->areq));
if (error != 0)
@@ -2015,7 +2016,7 @@
an_setdef(sc, &sc->areq);
break;
case SIOCGPRIVATE_0: /* used by Cisco client utility */
- if ((error = suser(td)))
+ if ((error = priv_check(td, PRIV_DRIVER)))
goto out;
error = copyin(ifr->ifr_data, &l_ioctl, sizeof(l_ioctl));
if (error)
@@ -2037,7 +2038,7 @@
}
break;
case SIOCGPRIVATE_1: /* used by Cisco client utility */
- if ((error = suser(td)))
+ if ((error = priv_check(td, PRIV_DRIVER)))
goto out;
error = copyin(ifr->ifr_data, &l_ioctl, sizeof(l_ioctl));
if (error)
@@ -2289,7 +2290,7 @@
}
break;
case SIOCS80211:
- if ((error = suser(td)))
+ if ((error = priv_check(td, PRIV_NET80211_MANAGE)))
goto out;
sc->areq.an_len = sizeof(sc->areq);
/*
==== //depot/projects/trustedbsd/priv6/src/sys/dev/arl/if_arl.c#2 (text+ko) ====
@@ -43,6 +43,7 @@
#include <sys/mbuf.h>
#include <sys/socket.h>
#include <sys/sockio.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/conf.h>
@@ -505,7 +506,7 @@
break;
case SIOCS80211:
- if ((error = suser(td)))
+ if ((error = priv_check(td, PRIV_NET80211_MANAGE)))
break;
switch (ireq->i_type) {
case IEEE80211_IOC_SSID:
@@ -578,7 +579,7 @@
}
case SIOCGARLALL:
bzero(&arlan_io, sizeof(arlan_io));
- if (!suser(td)) {
+ if (!priv_check(td, PRIV_DRIVER)) {
bcopy(ar->systemId, arlan_io.cfg.sid, 4);
}
@@ -617,7 +618,7 @@
} while (0)
case SIOCSARLALL:
- if (suser(td))
+ if (priv_check(td, PRIV_DRIVER))
break;
user = (void *)ifr->ifr_data;
==== //depot/projects/trustedbsd/priv6/src/sys/dev/asr/asr.c#2 (text+ko) ====
@@ -117,6 +117,7 @@
#include <sys/malloc.h>
#include <sys/conf.h>
#include <sys/ioccom.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/bus.h>
#include <machine/resource.h>
@@ -3021,7 +3022,7 @@
s = splcam ();
if (ASR_ctlr_held) {
error = EBUSY;
- } else if ((error = suser(td)) == 0) {
+ } else if ((error = priv_check(td, PRIV_DRIVER)) == 0) {
++ASR_ctlr_held;
}
splx(s);
==== //depot/projects/trustedbsd/priv6/src/sys/dev/ata/atapi-cd.c#2 (text+ko) ====
@@ -34,6 +34,7 @@
#include <sys/kernel.h>
#include <sys/module.h>
#include <sys/malloc.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/bio.h>
#include <sys/bus.h>
@@ -257,8 +258,11 @@
cdp->flags |= F_LOCKED;
break;
+ /*
+ * XXXRW: Why does this require privilege?
+ */
case CDIOCRESET:
- error = suser(td);
+ error = priv_check(td, PRIV_DRIVER);
if (error)
break;
error = acd_test_ready(dev);
==== //depot/projects/trustedbsd/priv6/src/sys/dev/ce/if_ce.c#2 (text) ====
@@ -29,6 +29,7 @@
#if NPCI > 0
#include <sys/ucred.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/systm.h>
#include <sys/mbuf.h>
@@ -1341,9 +1342,11 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
-#else /* __FreeBSD_version >= 500000 */
+#elsif __FreeBSD_version < 700000
error = suser (td);
-#endif /* __FreeBSD_version >= 500000 */
+#else
+ error = priv_check (td, PRIV_DRIVER);
+#endif
if (error)
return error;
#if __FreeBSD_version >= 600034
@@ -1380,8 +1383,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1408,8 +1413,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1426,8 +1433,10 @@
CE_DEBUG2 (d, ("ioctl: setcfg\n"));
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1526,8 +1535,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1560,8 +1571,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1586,8 +1599,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1608,8 +1623,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1634,8 +1651,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1658,8 +1677,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1686,8 +1707,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1708,8 +1731,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1734,8 +1759,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1758,8 +1785,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1784,8 +1813,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1810,8 +1841,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1836,8 +1869,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1867,8 +1902,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1892,8 +1929,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1909,8 +1948,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
@@ -1945,8 +1986,10 @@
/* Only for superuser! */
#if __FreeBSD_version < 500000
error = suser (p);
+#elsif __FreeBSD_version < 700000
+ error = suser (td);
#else
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
#endif
if (error)
return error;
==== //depot/projects/trustedbsd/priv6/src/sys/dev/cp/if_cp.c#2 (text+ko) ====
@@ -33,6 +33,7 @@
#include <sys/module.h>
#include <sys/conf.h>
#include <sys/malloc.h>
+#include <sys/priv.h>
#include <sys/socket.h>
#include <sys/sockio.h>
#include <sys/sysctl.h>
@@ -1060,7 +1061,7 @@
case SERIAL_SETPROTO:
CP_DEBUG2 (d, ("ioctl: setproto\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
if (d->ifp->if_drv_flags & IFF_DRV_RUNNING)
@@ -1091,7 +1092,7 @@
case SERIAL_SETKEEPALIVE:
CP_DEBUG2 (d, ("ioctl: setkeepalive\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
if ((IFP2SP(d->ifp)->pp_flags & PP_FR) ||
@@ -1115,7 +1116,7 @@
case SERIAL_SETMODE:
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
if (*(int*)data != SERIAL_HDLC)
@@ -1131,7 +1132,7 @@
case SERIAL_SETCFG:
CP_DEBUG2 (d, ("ioctl: setcfg\n"));
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
if (c->type != T_E1)
@@ -1228,7 +1229,7 @@
case SERIAL_CLRSTAT:
CP_DEBUG2 (d, ("ioctl: clrstat\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
c->rintr = 0;
@@ -1257,7 +1258,7 @@
case SERIAL_SETBAUD:
CP_DEBUG2 (d, ("ioctl: setbaud\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
s = splimp ();
@@ -1275,7 +1276,7 @@
case SERIAL_SETLOOP:
CP_DEBUG2 (d, ("ioctl: setloop\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
s = splimp ();
@@ -1295,7 +1296,7 @@
case SERIAL_SETDPLL:
CP_DEBUG2 (d, ("ioctl: setdpll\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
if (c->type != T_SERIAL)
@@ -1317,7 +1318,7 @@
case SERIAL_SETNRZI:
CP_DEBUG2 (d, ("ioctl: setnrzi\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
if (c->type != T_SERIAL)
@@ -1337,7 +1338,7 @@
case SERIAL_SETDEBUG:
CP_DEBUG2 (d, ("ioctl: setdebug\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
d->chan->debug = *(int*)data;
@@ -1359,7 +1360,7 @@
case SERIAL_SETHIGAIN:
CP_DEBUG2 (d, ("ioctl: sethigain\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
if (c->type != T_E1)
@@ -1381,7 +1382,7 @@
case SERIAL_SETPHONY:
CP_DEBUG2 (d, ("ioctl: setphony\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
if (c->type != T_E1)
@@ -1403,7 +1404,7 @@
case SERIAL_SETUNFRAM:
CP_DEBUG2 (d, ("ioctl: setunfram\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
if (c->type != T_E1)
@@ -1425,7 +1426,7 @@
case SERIAL_SETSCRAMBLER:
CP_DEBUG2 (d, ("ioctl: setscrambler\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
if (c->type != T_G703 && !c->unfram)
@@ -1450,7 +1451,7 @@
case SERIAL_SETMONITOR:
CP_DEBUG2 (d, ("ioctl: setmonitor\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
if (c->type != T_E1)
@@ -1472,7 +1473,7 @@
case SERIAL_SETUSE16:
CP_DEBUG2 (d, ("ioctl: setuse16\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
if (c->type != T_E1)
@@ -1494,7 +1495,7 @@
case SERIAL_SETCRC4:
CP_DEBUG2 (d, ("ioctl: setcrc4\n"));
/* Only for superuser! */
- error = suser (td);
+ error = priv_check (td, PRIV_DRIVER);
if (error)
return error;
>>> TRUNCATED FOR MAIL (1000 lines) <<<
More information about the trustedbsd-cvs
mailing list