Introduce the new function

        p_trespass(struct proc *p1, struct proc *p2)
which returns zero or an errno depending on the legality of p1 trespassing
on p2.

Replace kern_sig.c:CANSIGNAL() with call to p_trespass() and one
extra signal related check.

Replace procfs.h:CHECKIO() macros with calls to p_trespass().

Only show command lines to process which can trespass on the target
process.

7 files changed, 7 insertions, 20 deletions

diff --git a/sys/fs/procfs/procfs.h b/sys/fs/procfs/procfs.h
index bd6a554..1402a7c 100644
--- a/sys/fs/procfs/procfs.h
+++ b/sys/fs/procfs/procfs.h
@@ -90,19 +90,6 @@ struct pfsnode {
 
 #define KMEM_GROUP 2
 
-/*
- * Check to see whether access to target process is allowed
- * Evaluates to 1 if access is allowed.
- */
-#define CHECKIO(p1, p2) \
-     ((p1) == (p2) || \
-       (PRISON_CHECK(p1, p2) && \
-       ((((p1)->p_ucred->cr_uid == (p2)->p_cred->p_ruid) && \
-       ((p1)->p_cred->p_ruid == (p2)->p_cred->p_ruid) && \
-       ((p1)->p_cred->p_svuid == (p2)->p_cred->p_ruid) && \
-       ((p2)->p_flag & P_SUGID) == 0) || \
-	(suser_xxx(0, (p1), PRISON_ROOT) == 0))))
-      
 #define PROCFS_FILENO(pid, type) \
 	(((type) < Pproc) ? \
 			((type) + 2) : \
diff --git a/sys/fs/procfs/procfs_dbregs.c b/sys/fs/procfs/procfs_dbregs.c
index ce990e9..0df1c3e 100644
--- a/sys/fs/procfs/procfs_dbregs.c
+++ b/sys/fs/procfs/procfs_dbregs.c
@@ -63,7 +63,7 @@ procfs_dodbregs(curp, p, pfs, uio)
 	char *kv;
 	int kl;
 
-	if (!CHECKIO(curp, p))
+	if (p_trespass(curp, p))
 		return (EPERM);
 	kl = sizeof(r);
 	kv = (char *) &r;
diff --git a/sys/fs/procfs/procfs_fpregs.c b/sys/fs/procfs/procfs_fpregs.c
index b3331e5..d4a4cfe 100644
--- a/sys/fs/procfs/procfs_fpregs.c
+++ b/sys/fs/procfs/procfs_fpregs.c
@@ -60,7 +60,7 @@ procfs_dofpregs(curp, p, pfs, uio)
 	char *kv;
 	int kl;
 
-	if (!CHECKIO(curp, p))
+	if (p_trespass(curp, p))
 		return EPERM;
 	kl = sizeof(r);
 	kv = (char *) &r;
diff --git a/sys/fs/procfs/procfs_mem.c b/sys/fs/procfs/procfs_mem.c
index 521bd5b..e075a7a 100644
--- a/sys/fs/procfs/procfs_mem.c
+++ b/sys/fs/procfs/procfs_mem.c
@@ -296,7 +296,7 @@ procfs_domem(curp, p, pfs, uio)
  	 * All in all, quite yucky.
  	 */
  
- 	if (!CHECKIO(curp, p) &&
+ 	if (p_trespass(curp, p) &&
 	    !(uio->uio_rw == UIO_READ &&
 	      procfs_kmemaccess(curp)))
  		return EPERM;
diff --git a/sys/fs/procfs/procfs_regs.c b/sys/fs/procfs/procfs_regs.c
index 0edb9ad..88f85d3 100644
--- a/sys/fs/procfs/procfs_regs.c
+++ b/sys/fs/procfs/procfs_regs.c
@@ -60,7 +60,7 @@ procfs_doregs(curp, p, pfs, uio)
 	char *kv;
 	int kl;
 
-	if (!CHECKIO(curp, p))
+	if (p_trespass(curp, p))
 		return EPERM;
 	kl = sizeof(r);
 	kv = (char *) &r;
diff --git a/sys/fs/procfs/procfs_status.c b/sys/fs/procfs/procfs_status.c
index 0eb3858..e63a12b 100644
--- a/sys/fs/procfs/procfs_status.c
+++ b/sys/fs/procfs/procfs_status.c
@@ -183,7 +183,7 @@ procfs_docmdline(curp, p, pfs, uio)
 	 * Linux behaviour is to return zero-length in this case.
 	 */
 
-	if (p->p_args) {
+	if (p->p_args && !p_trespass(curp, p)) {
 		bp = p->p_args->ar_args;
 		buflen = p->p_args->ar_length;
 		buf = 0;
diff --git a/sys/fs/procfs/procfs_vnops.c b/sys/fs/procfs/procfs_vnops.c
index c579d73..17075db 100644
--- a/sys/fs/procfs/procfs_vnops.c
+++ b/sys/fs/procfs/procfs_vnops.c
@@ -146,7 +146,7 @@ procfs_open(ap)
 			return (EBUSY);
 
 		p1 = ap->a_p;
-		if (!CHECKIO(p1, p2) &&
+		if (p_trespass(p1, p2) &&
 		    !procfs_kmemaccess(p1))
 			return (EPERM);
 
@@ -238,7 +238,7 @@ procfs_ioctl(ap)
 		return ENOTTY;
 	}
 
-	if (!CHECKIO(p, procp))
+	if (p_trespass(p, procp))
 		return EPERM;
 
 	switch (ap->a_command) {