diff options
author | jhb <jhb@FreeBSD.org> | 2002-04-01 21:31:13 +0000 |
---|---|---|
committer | jhb <jhb@FreeBSD.org> | 2002-04-01 21:31:13 +0000 |
commit | dc2e474f79c1287592679cd5e0c4c2307feccd60 (patch) | |
tree | 79021f0d43a5858be317d5cd33eac8cd4962b336 /sys/net | |
parent | 34c7d606c9818987384d404948ecdc98521462bd (diff) | |
download | FreeBSD-src-dc2e474f79c1287592679cd5e0c4c2307feccd60.zip FreeBSD-src-dc2e474f79c1287592679cd5e0c4c2307feccd60.tar.gz |
Change the suser() API to take advantage of td_ucred as well as do a
general cleanup of the API. The entire API now consists of two functions
similar to the pre-KSE API. The suser() function takes a thread pointer
as its only argument. The td_ucred member of this thread must be valid
so the only valid thread pointers are curthread and a few kernel threads
such as thread0. The suser_cred() function takes a pointer to a struct
ucred as its first argument and an integer flag as its second argument.
The flag is currently only used for the PRISON_ROOT flag.
Discussed on: smp@
Diffstat (limited to 'sys/net')
-rw-r--r-- | sys/net/if.c | 18 | ||||
-rw-r--r-- | sys/net/if_ppp.c | 16 | ||||
-rw-r--r-- | sys/net/if_sl.c | 2 | ||||
-rw-r--r-- | sys/net/if_tap.c | 2 | ||||
-rw-r--r-- | sys/net/if_tun.c | 2 | ||||
-rw-r--r-- | sys/net/net_osdep.h | 4 | ||||
-rw-r--r-- | sys/net/ppp_tty.c | 8 | ||||
-rw-r--r-- | sys/net/raw_usrreq.c | 2 | ||||
-rw-r--r-- | sys/net/rtsock.c | 2 |
9 files changed, 30 insertions, 26 deletions
diff --git a/sys/net/if.c b/sys/net/if.c index 5ec27bf..4b8573f 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -1230,7 +1230,7 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td) break; case SIOCSIFFLAGS: - error = suser_td(td); + error = suser(td); if (error) return (error); ifr->ifr_prevflags = ifp->if_flags; @@ -1255,7 +1255,7 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td) break; case SIOCSIFCAP: - error = suser_td(td); + error = suser(td); if (error) return (error); if (ifr->ifr_reqcap & ~ifp->if_capabilities) @@ -1264,7 +1264,7 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td) break; case SIOCSIFMETRIC: - error = suser_td(td); + error = suser(td); if (error) return (error); ifp->if_metric = ifr->ifr_metric; @@ -1272,7 +1272,7 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td) break; case SIOCSIFPHYS: - error = suser_td(td); + error = suser(td); if (error) return error; if (!ifp->if_ioctl) @@ -1286,7 +1286,7 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td) { u_long oldmtu = ifp->if_mtu; - error = suser_td(td); + error = suser(td); if (error) return (error); if (ifr->ifr_mtu < IF_MINMTU || ifr->ifr_mtu > IF_MAXMTU) @@ -1311,7 +1311,7 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td) case SIOCADDMULTI: case SIOCDELMULTI: - error = suser_td(td); + error = suser(td); if (error) return (error); @@ -1341,7 +1341,7 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td) case SIOCSLIFPHYADDR: case SIOCSIFMEDIA: case SIOCSIFGENERIC: - error = suser_td(td); + error = suser(td); if (error) return (error); if (ifp->if_ioctl == NULL) @@ -1366,7 +1366,7 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td) break; case SIOCSIFLLADDR: - error = suser_td(td); + error = suser(td); if (error) return (error); error = if_setlladdr(ifp, @@ -1405,7 +1405,7 @@ ifioctl(so, cmd, data, td) switch (cmd) { case SIOCIFCREATE: case SIOCIFDESTROY: - if ((error = suser_td(td)) != 0) + if ((error = suser(td)) != 0) return (error); return ((cmd == SIOCIFCREATE) ? if_clone_create(ifr->ifr_name, sizeof(ifr->ifr_name)) : diff --git a/sys/net/if_ppp.c b/sys/net/if_ppp.c index 091b25e..e2c25eb 100644 --- a/sys/net/if_ppp.c +++ b/sys/net/if_ppp.c @@ -376,7 +376,7 @@ pppioctl(sc, cmd, data, flag, td) break; case PPPIOCSFLAGS: - if ((error = suser(p)) != 0) + if ((error = suser(td)) != 0) break; flags = *(int *)data & SC_MASK; s = splsoftnet(); @@ -390,7 +390,7 @@ pppioctl(sc, cmd, data, flag, td) break; case PPPIOCSMRU: - if ((error = suser(p)) != 0) + if ((error = suser(td)) != 0) return (error); mru = *(int *)data; if (mru >= PPP_MRU && mru <= PPP_MAXMRU) @@ -403,7 +403,7 @@ pppioctl(sc, cmd, data, flag, td) #ifdef VJC case PPPIOCSMAXCID: - if ((error = suser(p)) != 0) + if ((error = suser(td)) != 0) break; if (sc->sc_comp) { s = splsoftnet(); @@ -414,14 +414,14 @@ pppioctl(sc, cmd, data, flag, td) #endif case PPPIOCXFERUNIT: - if ((error = suser(p)) != 0) + if ((error = suser(td)) != 0) break; sc->sc_xfer = p->p_pid; break; #ifdef PPP_COMPRESS case PPPIOCSCOMPRESS: - if ((error = suser(p)) != 0) + if ((error = suser(td)) != 0) break; odp = (struct ppp_option_data *) data; nb = odp->length; @@ -497,7 +497,7 @@ pppioctl(sc, cmd, data, flag, td) if (cmd == PPPIOCGNPMODE) { npi->mode = sc->sc_npmode[npx]; } else { - if ((error = suser(p)) != 0) + if ((error = suser(td)) != 0) break; if (npi->mode != sc->sc_npmode[npx]) { s = splsoftnet(); @@ -573,7 +573,7 @@ pppsioctl(ifp, cmd, data) u_long cmd; caddr_t data; { - struct proc *p = curproc; /* XXX */ + struct thread *td = curthread; /* XXX */ register struct ppp_softc *sc = &ppp_softc[ifp->if_unit]; register struct ifaddr *ifa = (struct ifaddr *)data; register struct ifreq *ifr = (struct ifreq *)data; @@ -623,7 +623,7 @@ pppsioctl(ifp, cmd, data) break; case SIOCSIFMTU: - if ((error = suser(p)) != 0) + if ((error = suser(td)) != 0) break; if (ifr->ifr_mtu > PPP_MAXMTU) error = EINVAL; diff --git a/sys/net/if_sl.c b/sys/net/if_sl.c index 346252a..c8e284a 100644 --- a/sys/net/if_sl.c +++ b/sys/net/if_sl.c @@ -341,7 +341,7 @@ slopen(dev, tp) register struct sl_softc *sc; int s, error; - error = suser_td(curthread); + error = suser(curthread); if (error) return (error); diff --git a/sys/net/if_tap.c b/sys/net/if_tap.c index 605d287..253af5a 100644 --- a/sys/net/if_tap.c +++ b/sys/net/if_tap.c @@ -399,7 +399,7 @@ tapopen(dev, flag, mode, td) int unit, error; struct resource *r = NULL; - if ((error = suser_td(td)) != 0) + if ((error = suser(td)) != 0) return (error); unit = dev2unit(dev) & TAPMAXUNIT; diff --git a/sys/net/if_tun.c b/sys/net/if_tun.c index 6082949..1061274 100644 --- a/sys/net/if_tun.c +++ b/sys/net/if_tun.c @@ -533,7 +533,7 @@ tunioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct thread *td) if (tunp->mtu < IF_MINMTU) return (EINVAL); if (tp->tun_if.if_mtu != tunp->mtu - && (error = suser_td(td)) != 0) + && (error = suser(td)) != 0) return (error); tp->tun_if.if_mtu = tunp->mtu; tp->tun_if.if_type = tunp->type; diff --git a/sys/net/net_osdep.h b/sys/net/net_osdep.h index 57a1fb5..a5ff633 100644 --- a/sys/net/net_osdep.h +++ b/sys/net/net_osdep.h @@ -79,6 +79,10 @@ * struct proc *p; * if (p && !suser(p)) * privileged; + * FreeBSD 5 + * struct thread *td; + * if (suser(td)) + * privileged; * OpenBSD, BSDI [34], FreeBSD 2 * struct socket *so; * if (so->so_state & SS_PRIV) diff --git a/sys/net/ppp_tty.c b/sys/net/ppp_tty.c index e769b1b..2f65fdb 100644 --- a/sys/net/ppp_tty.c +++ b/sys/net/ppp_tty.c @@ -175,7 +175,7 @@ pppopen(dev, tp) register struct ppp_softc *sc; int error, s; - if ((error = suser_td(td)) != 0) + if ((error = suser(td)) != 0) return (error); s = spltty(); @@ -444,7 +444,7 @@ ppptioctl(tp, cmd, data, flag, td) error = 0; switch (cmd) { case PPPIOCSASYNCMAP: - if ((error = suser_td(td)) != 0) + if ((error = suser(td)) != 0) break; sc->sc_asyncmap[0] = *(u_int *)data; break; @@ -454,7 +454,7 @@ ppptioctl(tp, cmd, data, flag, td) break; case PPPIOCSRASYNCMAP: - if ((error = suser_td(td)) != 0) + if ((error = suser(td)) != 0) break; sc->sc_rasyncmap = *(u_int *)data; break; @@ -464,7 +464,7 @@ ppptioctl(tp, cmd, data, flag, td) break; case PPPIOCSXASYNCMAP: - if ((error = suser_td(td)) != 0) + if ((error = suser(td)) != 0) break; s = spltty(); bcopy(data, sc->sc_asyncmap, sizeof(sc->sc_asyncmap)); diff --git a/sys/net/raw_usrreq.c b/sys/net/raw_usrreq.c index 3138b10..47df8d0 100644 --- a/sys/net/raw_usrreq.c +++ b/sys/net/raw_usrreq.c @@ -157,7 +157,7 @@ raw_uattach(struct socket *so, int proto, struct thread *td) if (rp == 0) return EINVAL; - if (td && (error = suser_td(td)) != 0) + if (td && (error = suser(td)) != 0) return error; return raw_attach(so, proto); } diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c index 5b87991..ea9f4d3 100644 --- a/sys/net/rtsock.c +++ b/sys/net/rtsock.c @@ -332,7 +332,7 @@ route_output(m, so) * Verify that the caller has the appropriate privilege; RTM_GET * is the only operation the non-superuser is allowed. */ - if (rtm->rtm_type != RTM_GET && (error = suser(curproc)) != 0) + if (rtm->rtm_type != RTM_GET && (error = suser(curthread)) != 0) senderr(error); switch (rtm->rtm_type) { |