diff options
| author | mjg <mjg@FreeBSD.org> | 2015-03-16 00:10:03 +0000 |
|---|---|---|
| committer | mjg <mjg@FreeBSD.org> | 2015-03-16 00:10:03 +0000 |
| commit | 054f9cab595b222f85a975c8e12658ce0856c346 (patch) | |
| tree | d2955bf63801be88abf97941c4408cfec687393c /sys/security | |
| parent | 0038f0beedb51509dd45ce20e69215e0e61f9c71 (diff) | |
| download | FreeBSD-src-054f9cab595b222f85a975c8e12658ce0856c346.zip FreeBSD-src-054f9cab595b222f85a975c8e12658ce0856c346.tar.gz | |
cred: add proc_set_cred helper
The goal here is to provide one place altering process credentials.
This eases debugging and opens up posibilities to do additional work when such
an action is performed.
Diffstat (limited to 'sys/security')
| -rw-r--r-- | sys/security/audit/audit_syscalls.c | 8 | ||||
| -rw-r--r-- | sys/security/mac/mac_syscalls.c | 2 | ||||
| -rw-r--r-- | sys/security/mac_lomac/mac_lomac.c | 2 |
3 files changed, 6 insertions, 6 deletions
diff --git a/sys/security/audit/audit_syscalls.c b/sys/security/audit/audit_syscalls.c index 6ef606b..90d811d 100644 --- a/sys/security/audit/audit_syscalls.c +++ b/sys/security/audit/audit_syscalls.c @@ -461,7 +461,7 @@ sys_auditon(struct thread *td, struct auditon_args *uap) udata.au_aupinfo.ap_mask.am_success; newcred->cr_audit.ai_mask.am_failure = udata.au_aupinfo.ap_mask.am_failure; - tp->p_ucred = newcred; + proc_set_cred(tp, newcred); PROC_UNLOCK(tp); crfree(oldcred); break; @@ -600,7 +600,7 @@ sys_setauid(struct thread *td, struct setauid_args *uap) if (error) goto fail; newcred->cr_audit.ai_auid = id; - td->td_proc->p_ucred = newcred; + proc_set_cred(td->td_proc, newcred); PROC_UNLOCK(td->td_proc); crfree(oldcred); return (0); @@ -671,7 +671,7 @@ sys_setaudit(struct thread *td, struct setaudit_args *uap) newcred->cr_audit.ai_termid.at_addr[0] = ai.ai_termid.machine; newcred->cr_audit.ai_termid.at_port = ai.ai_termid.port; newcred->cr_audit.ai_termid.at_type = AU_IPv4; - td->td_proc->p_ucred = newcred; + proc_set_cred(td->td_proc, newcred); PROC_UNLOCK(td->td_proc); crfree(oldcred); return (0); @@ -728,7 +728,7 @@ sys_setaudit_addr(struct thread *td, struct setaudit_addr_args *uap) if (error) goto fail; newcred->cr_audit = aia; - td->td_proc->p_ucred = newcred; + proc_set_cred(td->td_proc, newcred); PROC_UNLOCK(td->td_proc); crfree(oldcred); return (0); diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c index f084ea4..304d313 100644 --- a/sys/security/mac/mac_syscalls.c +++ b/sys/security/mac/mac_syscalls.c @@ -208,7 +208,7 @@ sys___mac_set_proc(struct thread *td, struct __mac_set_proc_args *uap) setsugid(p); crcopy(newcred, oldcred); mac_cred_relabel(newcred, intlabel); - p->p_ucred = newcred; + proc_set_cred(p, newcred); PROC_UNLOCK(p); crfree(oldcred); diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c index 32ae223..5607940 100644 --- a/sys/security/mac_lomac/mac_lomac.c +++ b/sys/security/mac_lomac/mac_lomac.c @@ -2255,7 +2255,7 @@ lomac_thread_userret(struct thread *td) crcopy(newcred, oldcred); crhold(newcred); lomac_copy(&subj->mac_lomac, SLOT(newcred->cr_label)); - p->p_ucred = newcred; + proc_set_cred(p, newcred); crfree(oldcred); dodrop = 1; out: |
