diff options
| author | rwatson <rwatson@FreeBSD.org> | 2002-08-17 02:36:16 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2002-08-17 02:36:16 +0000 |
| commit | 3246fbf45f089a96288563f2d5071bfbde5f99df (patch) | |
| tree | fe31f7ea9a8713005d8ba378b027671dbea5c058 /sys/kern/kern_descrip.c | |
| parent | 2c79764ced8717b21fed701119314cb23bbbbbf6 (diff) | |
| download | FreeBSD-src-3246fbf45f089a96288563f2d5071bfbde5f99df.zip FreeBSD-src-3246fbf45f089a96288563f2d5071bfbde5f99df.tar.gz | |
In continuation of early fileop credential changes, modify fo_ioctl() to
accept an 'active_cred' argument reflecting the credential of the thread
initiating the ioctl operation.
- Change fo_ioctl() to accept active_cred; change consumers of the
fo_ioctl() interface to generally pass active_cred from td->td_ucred.
- In fifofs, initialize filetmp.f_cred to ap->a_cred so that the
invocations of soo_ioctl() are provided access to the calling f_cred.
Pass ap->a_td->td_ucred as the active_cred, but note that this is
required because we don't yet distinguish file_cred and active_cred
in invoking VOP's.
- Update kqueue_ioctl() for its new argument.
- Update pipe_ioctl() for its new argument, pass active_cred rather
than td_ucred to MAC for authorization.
- Update soo_ioctl() for its new argument.
- Update vn_ioctl() for its new argument, use active_cred rather than
td->td_ucred to authorize VOP_IOCTL() and the associated VOP_GETATTR().
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Diffstat (limited to 'sys/kern/kern_descrip.c')
| -rw-r--r-- | sys/kern/kern_descrip.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index bc09bfd..37dc894 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -101,7 +101,7 @@ static int do_dup(struct filedesc *fdp, int old, int new, register_t *retval, static int badfo_readwrite(struct file *fp, struct uio *uio, struct ucred *active_cred, int flags, struct thread *td); static int badfo_ioctl(struct file *fp, u_long com, void *data, - struct thread *td); + struct ucred *active_cred, struct thread *td); static int badfo_poll(struct file *fp, int events, struct ucred *active_cred, struct thread *td); static int badfo_kqfilter(struct file *fp, struct knote *kn); @@ -315,34 +315,35 @@ fcntl(td, uap) fp->f_flag &= ~FCNTLFLAGS; fp->f_flag |= FFLAGS(uap->arg & ~O_ACCMODE) & FCNTLFLAGS; tmp = fp->f_flag & FNONBLOCK; - error = fo_ioctl(fp, FIONBIO, &tmp, td); + error = fo_ioctl(fp, FIONBIO, &tmp, td->td_ucred, td); if (error) { fdrop(fp, td); break; } tmp = fp->f_flag & FASYNC; - error = fo_ioctl(fp, FIOASYNC, &tmp, td); + error = fo_ioctl(fp, FIOASYNC, &tmp, td->td_ucred, td); if (!error) { fdrop(fp, td); break; } fp->f_flag &= ~FNONBLOCK; tmp = 0; - (void)fo_ioctl(fp, FIONBIO, &tmp, td); + (void)fo_ioctl(fp, FIONBIO, &tmp, td->td_ucred, td); fdrop(fp, td); break; case F_GETOWN: fhold(fp); FILEDESC_UNLOCK(fdp); - error = fo_ioctl(fp, FIOGETOWN, (void *)td->td_retval, td); + error = fo_ioctl(fp, FIOGETOWN, (void *)td->td_retval, + td->td_ucred, td); fdrop(fp, td); break; case F_SETOWN: fhold(fp); FILEDESC_UNLOCK(fdp); - error = fo_ioctl(fp, FIOSETOWN, &uap->arg, td); + error = fo_ioctl(fp, FIOSETOWN, &uap->arg, td->td_ucred, td); fdrop(fp, td); break; @@ -2159,10 +2160,11 @@ badfo_readwrite(fp, uio, active_cred, flags, td) } static int -badfo_ioctl(fp, com, data, td) +badfo_ioctl(fp, com, data, active_cred, td) struct file *fp; u_long com; void *data; + struct ucred *active_cred; struct thread *td; { |
