diff options
author | rwatson <rwatson@FreeBSD.org> | 2001-07-05 17:10:46 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2001-07-05 17:10:46 +0000 |
commit | da1a848c61b09f2607111b298ac57fe2dcb183da (patch) | |
tree | 12e1eac2ac7b907cb9e647b6cd5c337073cd615c /sys/kern/kern_resource.c | |
parent | fcb893ccd5ba7f15c5e4198222a83cecc659c067 (diff) | |
download | FreeBSD-src-da1a848c61b09f2607111b298ac57fe2dcb183da.zip FreeBSD-src-da1a848c61b09f2607111b298ac57fe2dcb183da.tar.gz |
o Replace calls to p_can(..., P_CAN_xxx) with calls to p_canxxx().
The p_can(...) construct was a premature (and, it turns out,
awkward) abstraction. The individual calls to p_canxxx() better
reflect differences between the inter-process authorization checks,
such as differing checks based on the type of signal. This has
a side effect of improving code readability.
o Replace direct credential authorization checks in ktrace() with
invocation of p_candebug(), while maintaining the special case
check of KTR_ROOT. This allows ktrace() to "play more nicely"
with new mandatory access control schemes, as well as making its
authorization checks consistent with other "debugging class"
checks.
o Eliminate "privused" construct for p_can*() calls which allowed the
caller to determine if privilege was required for successful
evaluation of the access control check. This primitive is currently
unused, and as such, serves only to complicate the API.
Approved by: ({procfs,linprocfs} changes) des
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/kern/kern_resource.c')
-rw-r--r-- | sys/kern/kern_resource.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c index f7503db..6e9ee85 100644 --- a/sys/kern/kern_resource.c +++ b/sys/kern/kern_resource.c @@ -99,7 +99,7 @@ getpriority(curp, uap) p = pfind(uap->who); if (p == NULL) break; - if (p_can(curp, p, P_CAN_SEE, NULL) == 0) + if (p_cansee(curp, p) == 0) low = p->p_nice; PROC_UNLOCK(p); } @@ -113,7 +113,7 @@ getpriority(curp, uap) else if ((pg = pgfind(uap->who)) == NULL) break; LIST_FOREACH(p, &pg->pg_members, p_pglist) { - if (!p_can(curp, p, P_CAN_SEE, NULL) && p->p_nice < low) + if (!p_cansee(curp, p) && p->p_nice < low) low = p->p_nice; } break; @@ -124,7 +124,7 @@ getpriority(curp, uap) uap->who = curp->p_ucred->cr_uid; sx_slock(&allproc_lock); LIST_FOREACH(p, &allproc, p_list) - if (!p_can(curp, p, P_CAN_SEE, NULL) && + if (!p_cansee(curp, p) && p->p_ucred->cr_uid == uap->who && p->p_nice < low) low = p->p_nice; @@ -165,7 +165,7 @@ setpriority(curp, uap) p = pfind(uap->who); if (p == 0) break; - if (p_can(curp, p, P_CAN_SEE, NULL) == 0) + if (p_cansee(curp, p) == 0) error = donice(curp, p, uap->prio); PROC_UNLOCK(p); } @@ -180,7 +180,7 @@ setpriority(curp, uap) else if ((pg = pgfind(uap->who)) == NULL) break; LIST_FOREACH(p, &pg->pg_members, p_pglist) { - if (!p_can(curp, p, P_CAN_SEE, NULL)) { + if (!p_cansee(curp, p)) { error = donice(curp, p, uap->prio); found++; } @@ -194,7 +194,7 @@ setpriority(curp, uap) sx_slock(&allproc_lock); LIST_FOREACH(p, &allproc, p_list) if (p->p_ucred->cr_uid == uap->who && - !p_can(curp, p, P_CAN_SEE, NULL)) { + !p_cansee(curp, p)) { error = donice(curp, p, uap->prio); found++; } @@ -216,7 +216,7 @@ donice(curp, chgp, n) { int error; - if ((error = p_can(curp, chgp, P_CAN_SCHED, NULL))) + if ((error = p_cansched(curp, chgp))) return (error); if (n > PRIO_MAX) n = PRIO_MAX; @@ -263,13 +263,13 @@ rtprio(curp, uap) switch (uap->function) { case RTP_LOOKUP: - if ((error = p_can(curp, p, P_CAN_SEE, NULL))) + if ((error = p_cansee(curp, p))) break; pri_to_rtp(&p->p_pri, &rtp); error = copyout(&rtp, uap->rtp, sizeof(struct rtprio)); break; case RTP_SET: - if ((error = p_can(curp, p, P_CAN_SCHED, NULL)) || + if ((error = p_cansched(curp, p)) || (error = copyin(uap->rtp, &rtp, sizeof(struct rtprio)))) break; /* disallow setting rtprio in most cases if not superuser */ |