diff options
author | jhb <jhb@FreeBSD.org> | 2002-04-01 21:31:13 +0000 |
---|---|---|
committer | jhb <jhb@FreeBSD.org> | 2002-04-01 21:31:13 +0000 |
commit | dc2e474f79c1287592679cd5e0c4c2307feccd60 (patch) | |
tree | 79021f0d43a5858be317d5cd33eac8cd4962b336 /sys/i386 | |
parent | 34c7d606c9818987384d404948ecdc98521462bd (diff) | |
download | FreeBSD-src-dc2e474f79c1287592679cd5e0c4c2307feccd60.zip FreeBSD-src-dc2e474f79c1287592679cd5e0c4c2307feccd60.tar.gz |
Change the suser() API to take advantage of td_ucred as well as do a
general cleanup of the API. The entire API now consists of two functions
similar to the pre-KSE API. The suser() function takes a thread pointer
as its only argument. The td_ucred member of this thread must be valid
so the only valid thread pointers are curthread and a few kernel threads
such as thread0. The suser_cred() function takes a pointer to a struct
ucred as its first argument and an integer flag as its second argument.
The flag is currently only used for the PRISON_ROOT flag.
Discussed on: smp@
Diffstat (limited to 'sys/i386')
-rw-r--r-- | sys/i386/i386/machdep.c | 2 | ||||
-rw-r--r-- | sys/i386/i386/mem.c | 2 | ||||
-rw-r--r-- | sys/i386/i386/sys_machdep.c | 2 | ||||
-rw-r--r-- | sys/i386/i386/vm86.c | 3 | ||||
-rw-r--r-- | sys/i386/ibcs2/ibcs2_misc.c | 4 | ||||
-rw-r--r-- | sys/i386/ibcs2/ibcs2_socksys.c | 2 | ||||
-rw-r--r-- | sys/i386/ibcs2/ibcs2_sysi86.c | 2 | ||||
-rw-r--r-- | sys/i386/isa/cx.c | 2 | ||||
-rw-r--r-- | sys/i386/isa/cy.c | 6 | ||||
-rw-r--r-- | sys/i386/isa/istallion.c | 6 | ||||
-rw-r--r-- | sys/i386/isa/pcvt/pcvt_drv.c | 2 | ||||
-rw-r--r-- | sys/i386/isa/pcvt/pcvt_ext.c | 2 | ||||
-rw-r--r-- | sys/i386/isa/rc.c | 4 | ||||
-rw-r--r-- | sys/i386/isa/spigot.c | 4 | ||||
-rw-r--r-- | sys/i386/isa/stallion.c | 6 | ||||
-rw-r--r-- | sys/i386/linux/linux_machdep.c | 2 |
16 files changed, 25 insertions, 26 deletions
diff --git a/sys/i386/i386/machdep.c b/sys/i386/i386/machdep.c index 6617f17..485a69e 100644 --- a/sys/i386/i386/machdep.c +++ b/sys/i386/i386/machdep.c @@ -2140,7 +2140,7 @@ set_dbregs(struct thread *td, struct dbreg *dbregs) * from within kernel mode? */ - if (suser_td(td) != 0) { + if (suser(td) != 0) { if (dbregs->dr7 & 0x3) { /* dr0 is enabled */ if (dbregs->dr0 >= VM_MAXUSER_ADDRESS) diff --git a/sys/i386/i386/mem.c b/sys/i386/i386/mem.c index 94851fd..220bad3 100644 --- a/sys/i386/i386/mem.c +++ b/sys/i386/i386/mem.c @@ -122,7 +122,7 @@ mmopen(dev_t dev, int flags, int fmt, struct thread *td) } break; case 14: - error = suser_td(td); + error = suser(td); if (error != 0) return (error); error = securelevel_gt(td->td_ucred, 0); diff --git a/sys/i386/i386/sys_machdep.c b/sys/i386/i386/sys_machdep.c index b039b51..c756be7 100644 --- a/sys/i386/i386/sys_machdep.c +++ b/sys/i386/i386/sys_machdep.c @@ -183,7 +183,7 @@ i386_set_ioperm(td, args) if ((error = copyin(args, &ua, sizeof(struct i386_ioperm_args))) != 0) return (error); - if ((error = suser_td(td)) != 0) + if ((error = suser(td)) != 0) return (error); if ((error = securelevel_gt(td->td_ucred, 0)) != 0) return (error); diff --git a/sys/i386/i386/vm86.c b/sys/i386/i386/vm86.c index 6a85718..fef6a00 100644 --- a/sys/i386/i386/vm86.c +++ b/sys/i386/i386/vm86.c @@ -659,7 +659,6 @@ vm86_sysarch(td, args) struct thread *td; char *args; { - struct proc *p = td->td_proc; int error = 0; struct i386_vm86_args ua; struct vm86_kernel *vm86; @@ -716,7 +715,7 @@ vm86_sysarch(td, args) case VM86_INTCALL: { struct vm86_intcall_args sa; - if ((error = suser(p))) + if ((error = suser(td))) return (error); if ((error = copyin(ua.sub_args, &sa, sizeof(sa)))) return (error); diff --git a/sys/i386/ibcs2/ibcs2_misc.c b/sys/i386/ibcs2/ibcs2_misc.c index 3be77c8..7274ea7 100644 --- a/sys/i386/ibcs2/ibcs2_misc.c +++ b/sys/i386/ibcs2/ibcs2_misc.c @@ -1013,7 +1013,7 @@ ibcs2_plock(td, uap) #define IBCS2_DATALOCK 4 - if ((error = suser_td(td)) != 0) + if ((error = suser(td)) != 0) return EPERM; switch(SCARG(uap, cmd)) { case IBCS2_UNLOCK: @@ -1048,7 +1048,7 @@ ibcs2_uadmin(td, uap) #define SCO_AD_GETBMAJ 0 #define SCO_AD_GETCMAJ 1 - if (suser_td(td)) + if (suser(td)) return EPERM; switch(SCARG(uap, cmd)) { diff --git a/sys/i386/ibcs2/ibcs2_socksys.c b/sys/i386/ibcs2/ibcs2_socksys.c index 0bd14d6..4c0774e 100644 --- a/sys/i386/ibcs2/ibcs2_socksys.c +++ b/sys/i386/ibcs2/ibcs2_socksys.c @@ -173,7 +173,7 @@ ibcs2_setipdomainname(td, uap) char hname[MAXHOSTNAMELEN], *ptr; int error, sctl[2], hlen; - if ((error = suser_td(td))) + if ((error = suser(td))) return (error); /* W/out a hostname a domain-name is nonsense */ diff --git a/sys/i386/ibcs2/ibcs2_sysi86.c b/sys/i386/ibcs2/ibcs2_sysi86.c index ae5215f..19a7917 100644 --- a/sys/i386/ibcs2/ibcs2_sysi86.c +++ b/sys/i386/ibcs2/ibcs2_sysi86.c @@ -73,7 +73,7 @@ ibcs2_sysi86(struct thread *td, struct ibcs2_sysi86_args *args) int name[2]; int error; - if ((error = suser_td(td))) + if ((error = suser(td))) return (error); name[0] = CTL_KERN; name[1] = KERN_HOSTNAME; diff --git a/sys/i386/isa/cx.c b/sys/i386/isa/cx.c index e9817d0..7809476 100644 --- a/sys/i386/isa/cx.c +++ b/sys/i386/isa/cx.c @@ -162,7 +162,7 @@ int cxopen (dev_t dev, int flag, int mode, struct thread *td) tp = c->ttyp; tp->t_dev = dev; if ((tp->t_state & TS_ISOPEN) && (tp->t_state & TS_XCLUDE) && - suser_td(td)) + suser(td)) return (EBUSY); if (! (tp->t_state & TS_ISOPEN)) { ttychars (tp); diff --git a/sys/i386/isa/cy.c b/sys/i386/isa/cy.c index dc523c2..f42bdb3 100644 --- a/sys/i386/isa/cy.c +++ b/sys/i386/isa/cy.c @@ -718,7 +718,7 @@ open_top: } } if (tp->t_state & TS_XCLUDE && - suser_td(td)) { + suser(td)) { error = EBUSY; goto out; } @@ -1637,7 +1637,7 @@ sioioctl(dev, cmd, data, flag, td) } switch (cmd) { case TIOCSETA: - error = suser_td(td); + error = suser(td); if (error != 0) return (error); *ct = *(struct termios *)data; @@ -1736,7 +1736,7 @@ sioioctl(dev, cmd, data, flag, td) break; case TIOCMSDTRWAIT: /* must be root since the wait applies to following logins */ - error = suser_td(td); + error = suser(td); if (error != 0) { splx(s); return (error); diff --git a/sys/i386/isa/istallion.c b/sys/i386/isa/istallion.c index 0b95211..d56a294 100644 --- a/sys/i386/isa/istallion.c +++ b/sys/i386/isa/istallion.c @@ -1010,7 +1010,7 @@ stliopen_restart: } } if ((tp->t_state & TS_XCLUDE) && - suser_td(td)) { + suser(td)) { error = EBUSY; goto stliopen_end; } @@ -1182,7 +1182,7 @@ STATIC int stliioctl(dev_t dev, unsigned long cmd, caddr_t data, int flag, switch (cmd) { case TIOCSETA: - if ((error = suser_td(td)) == 0) + if ((error = suser(td)) == 0) *localtios = *((struct termios *) data); break; case TIOCGETA: @@ -1318,7 +1318,7 @@ STATIC int stliioctl(dev_t dev, unsigned long cmd, caddr_t data, int flag, *((int *) data) = (portp->sigs | TIOCM_LE); break; case TIOCMSDTRWAIT: - if ((error = suser_td(td)) == 0) + if ((error = suser(td)) == 0) portp->dtrwait = *((int *) data) * hz / 100; break; case TIOCMGDTRWAIT: diff --git a/sys/i386/isa/pcvt/pcvt_drv.c b/sys/i386/isa/pcvt/pcvt_drv.c index 3b0a64f..ffbba2c 100644 --- a/sys/i386/isa/pcvt/pcvt_drv.c +++ b/sys/i386/isa/pcvt/pcvt_drv.c @@ -316,7 +316,7 @@ pcvt_open(dev_t dev, int flag, int mode, struct thread *td) (*linesw[tp->t_line].l_modem)(tp, 1); /* fake connection */ winsz = 1; /* set winsize later */ } - else if (tp->t_state & TS_XCLUDE && suser_td(td)) + else if (tp->t_state & TS_XCLUDE && suser(td)) { return (EBUSY); } diff --git a/sys/i386/isa/pcvt/pcvt_ext.c b/sys/i386/isa/pcvt/pcvt_ext.c index afa1380..ad0ea38 100644 --- a/sys/i386/isa/pcvt/pcvt_ext.c +++ b/sys/i386/isa/pcvt/pcvt_ext.c @@ -2619,7 +2619,7 @@ usl_vt_ioctl(dev_t dev, int cmd, caddr_t data, int flag, struct thread *td) { struct trapframe *fp = td->td_frame; - error = suser_td(td); + error = suser(td); if (error != 0) return (error); error = securelevel_gt(td->td_ucred, 0); diff --git a/sys/i386/isa/rc.c b/sys/i386/isa/rc.c index 43f77f9..291c0e2 100644 --- a/sys/i386/isa/rc.c +++ b/sys/i386/isa/rc.c @@ -764,7 +764,7 @@ again: } } if (tp->t_state & TS_XCLUDE && - suser_td(td)) { + suser(td)) { error = EBUSY; goto out; } @@ -1118,7 +1118,7 @@ struct thread *td; break; case TIOCMSDTRWAIT: - error = suser_td(td); + error = suser(td); if (error != 0) { splx(s); return (error); diff --git a/sys/i386/isa/spigot.c b/sys/i386/isa/spigot.c index cc51b18..bc6df62 100644 --- a/sys/i386/isa/spigot.c +++ b/sys/i386/isa/spigot.c @@ -175,7 +175,7 @@ struct spigot_softc *ss = (struct spigot_softc *)&spigot_softc[UNIT(dev)]; * require sufficient privilege soon and nothing much can be done * without them. */ - error = suser_td(td); + error = suser(td); if (error != 0) return error; error = securelevel_gt(td->td_ucred, 0); @@ -232,7 +232,7 @@ struct spigot_info *info; break; case SPIGOT_IOPL_ON: /* allow access to the IO PAGE */ #if !defined(SPIGOT_UNSECURE) - error = suser_td(td); + error = suser(td); if (error != 0) return error; error = securelevel_gt(td->td_ucred, 0); diff --git a/sys/i386/isa/stallion.c b/sys/i386/isa/stallion.c index c9c0df5..5706ea2 100644 --- a/sys/i386/isa/stallion.c +++ b/sys/i386/isa/stallion.c @@ -832,7 +832,7 @@ stlopen_restart: } } if ((tp->t_state & TS_XCLUDE) && - suser_td(td)) { + suser(td)) { error = EBUSY; goto stlopen_end; } @@ -970,7 +970,7 @@ STATIC int stlioctl(dev_t dev, unsigned long cmd, caddr_t data, int flag, switch (cmd) { case TIOCSETA: - if ((error = suser_td(td)) == 0) + if ((error = suser(td)) == 0) *localtios = *((struct termios *) data); break; case TIOCGETA: @@ -1088,7 +1088,7 @@ STATIC int stlioctl(dev_t dev, unsigned long cmd, caddr_t data, int flag, *((int *) data) = (stl_getsignals(portp) | TIOCM_LE); break; case TIOCMSDTRWAIT: - if ((error = suser_td(td)) == 0) + if ((error = suser(td)) == 0) portp->dtrwait = *((int *) data) * hz / 100; break; case TIOCMGDTRWAIT: diff --git a/sys/i386/linux/linux_machdep.c b/sys/i386/linux/linux_machdep.c index 59325c4..245c96a 100644 --- a/sys/i386/linux/linux_machdep.c +++ b/sys/i386/linux/linux_machdep.c @@ -559,7 +559,7 @@ linux_iopl(struct thread *td, struct linux_iopl_args *args) if (args->level < 0 || args->level > 3) return (EINVAL); - if ((error = suser_td(td)) != 0) + if ((error = suser(td)) != 0) return (error); if ((error = securelevel_gt(td->td_ucred, 0)) != 0) return (error); |