diff options
Diffstat (limited to 'sys/ufs')
-rw-r--r-- | sys/ufs/ffs/ffs_alloc.c | 4 | ||||
-rw-r--r-- | sys/ufs/ffs/ffs_vfsops.c | 4 | ||||
-rw-r--r-- | sys/ufs/ifs/ifs_vnops.c | 2 | ||||
-rw-r--r-- | sys/ufs/ufs/ufs_extattr.c | 4 | ||||
-rw-r--r-- | sys/ufs/ufs/ufs_quota.c | 4 | ||||
-rw-r--r-- | sys/ufs/ufs/ufs_readwrite.c | 2 | ||||
-rw-r--r-- | sys/ufs/ufs/ufs_vfsops.c | 2 | ||||
-rw-r--r-- | sys/ufs/ufs/ufs_vnops.c | 10 |
8 files changed, 16 insertions, 16 deletions
diff --git a/sys/ufs/ffs/ffs_alloc.c b/sys/ufs/ffs/ffs_alloc.c index 0dd7269..3793f05 100644 --- a/sys/ufs/ffs/ffs_alloc.c +++ b/sys/ufs/ffs/ffs_alloc.c @@ -126,7 +126,7 @@ ffs_alloc(ip, lbn, bpref, size, cred, bnp) retry: if (size == fs->fs_bsize && fs->fs_cstotal.cs_nbfree == 0) goto nospace; - if (suser_xxx(cred, NULL, PRISON_ROOT) && + if (suser_cred(cred, PRISON_ROOT) && freespace(fs, fs->fs_minfree) - numfrags(fs, size) < 0) goto nospace; #ifdef QUOTA @@ -207,7 +207,7 @@ ffs_realloccg(ip, lbprev, bpref, osize, nsize, cred, bpp) #endif /* DIAGNOSTIC */ reclaimed = 0; retry: - if (suser_xxx(cred, NULL, PRISON_ROOT) && + if (suser_cred(cred, PRISON_ROOT) && freespace(fs, fs->fs_minfree) - numfrags(fs, nsize - osize) < 0) goto nospace; if ((bprev = ip->i_db[lbprev]) == 0) { diff --git a/sys/ufs/ffs/ffs_vfsops.c b/sys/ufs/ffs/ffs_vfsops.c index 67c7772..b283489 100644 --- a/sys/ufs/ffs/ffs_vfsops.c +++ b/sys/ufs/ffs/ffs_vfsops.c @@ -226,7 +226,7 @@ ffs_mount(mp, path, data, ndp, td) * If upgrade to read-write by non-root, then verify * that user has necessary permissions on the device. */ - if (suser_td(td)) { + if (suser(td)) { vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY, td); if ((error = VOP_ACCESS(devvp, VREAD | VWRITE, td->td_ucred, td)) != 0) { @@ -307,7 +307,7 @@ ffs_mount(mp, path, data, ndp, td) * If mount by non-root, then verify that user has necessary * permissions on the device. */ - if (suser_td(td)) { + if (suser(td)) { accessmode = VREAD; if ((mp->mnt_flag & MNT_RDONLY) == 0) accessmode |= VWRITE; diff --git a/sys/ufs/ifs/ifs_vnops.c b/sys/ufs/ifs/ifs_vnops.c index 0407032..5bbfc44 100644 --- a/sys/ufs/ifs/ifs_vnops.c +++ b/sys/ufs/ifs/ifs_vnops.c @@ -269,7 +269,7 @@ ifs_makeinode(mode, dvp, vpp, cnp) if (DOINGSOFTDEP(tvp)) softdep_change_linkcnt(ip); if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred) && - suser_xxx(cnp->cn_cred, 0, 0)) + suser_cred(cnp->cn_cred, 0)) ip->i_mode &= ~ISGID; if (cnp->cn_flags & ISWHITEOUT) diff --git a/sys/ufs/ufs/ufs_extattr.c b/sys/ufs/ufs/ufs_extattr.c index 238acd8..2cb87fc 100644 --- a/sys/ufs/ufs/ufs_extattr.c +++ b/sys/ufs/ufs/ufs_extattr.c @@ -714,7 +714,7 @@ ufs_extattrctl(struct mount *mp, int cmd, struct vnode *filename_vp, * Processes with privilege, but in jail, are not allowed to * configure extended attributes. */ - if ((error = suser_xxx(td->td_ucred, td->td_proc, 0))) { + if ((error = suser(td))) { if (filename_vp != NULL) VOP_UNLOCK(filename_vp, 0, td); return (error); @@ -811,7 +811,7 @@ ufs_extattr_credcheck(struct vnode *vp, struct ufs_extattr_list_entry *uele, switch (uele->uele_attrnamespace) { case EXTATTR_NAMESPACE_SYSTEM: /* Potentially should be: return (EPERM); */ - return (suser_xxx(cred, td->td_proc, 0)); + return (suser_cred(cred, 0)); case EXTATTR_NAMESPACE_USER: return (VOP_ACCESS(vp, access, cred, td)); default: diff --git a/sys/ufs/ufs/ufs_quota.c b/sys/ufs/ufs/ufs_quota.c index d9091c8..0d893b4 100644 --- a/sys/ufs/ufs/ufs_quota.c +++ b/sys/ufs/ufs/ufs_quota.c @@ -150,7 +150,7 @@ chkdq(ip, change, cred, flags) } return (0); } - if ((flags & FORCE) == 0 && suser_xxx(cred, NULL, 0)) { + if ((flags & FORCE) == 0 && suser_cred(cred, 0)) { for (i = 0; i < MAXQUOTAS; i++) { if ((dq = ip->i_dquot[i]) == NODQUOT) continue; @@ -271,7 +271,7 @@ chkiq(ip, change, cred, flags) } return (0); } - if ((flags & FORCE) == 0 && suser_xxx(cred, NULL, 0)) { + if ((flags & FORCE) == 0 && suser_cred(cred, 0)) { for (i = 0; i < MAXQUOTAS; i++) { if ((dq = ip->i_dquot[i]) == NODQUOT) continue; diff --git a/sys/ufs/ufs/ufs_readwrite.c b/sys/ufs/ufs/ufs_readwrite.c index b098785..cf8a5a0 100644 --- a/sys/ufs/ufs/ufs_readwrite.c +++ b/sys/ufs/ufs/ufs_readwrite.c @@ -566,7 +566,7 @@ WRITE(ap) * tampering. */ if (resid > uio->uio_resid && ap->a_cred && - suser_xxx(ap->a_cred, NULL, PRISON_ROOT)) + suser_cred(ap->a_cred, PRISON_ROOT)) ip->i_mode &= ~(ISUID | ISGID); if (resid > uio->uio_resid) VN_KNOTE(vp, NOTE_WRITE | (extended ? NOTE_EXTEND : 0)); diff --git a/sys/ufs/ufs/ufs_vfsops.c b/sys/ufs/ufs/ufs_vfsops.c index c9176d9..f7ec4c2 100644 --- a/sys/ufs/ufs/ufs_vfsops.c +++ b/sys/ufs/ufs/ufs_vfsops.c @@ -119,7 +119,7 @@ ufs_quotactl(mp, cmds, uid, arg, td) break; /* fall through */ default: - if ((error = suser_xxx(0, td->td_proc, PRISON_ROOT)) != 0) + if ((error = suser_cred(td->td_ucred, PRISON_ROOT)) != 0) return (error); } diff --git a/sys/ufs/ufs/ufs_vnops.c b/sys/ufs/ufs/ufs_vnops.c index 8ed1596..11f43a2 100644 --- a/sys/ufs/ufs/ufs_vnops.c +++ b/sys/ufs/ufs/ufs_vnops.c @@ -484,7 +484,7 @@ ufs_setattr(ap) * Privileged non-jail processes may not modify system flags * if securelevel > 0 and any existing system flags are set. */ - if (!suser_xxx(cred, NULL, PRISON_ROOT)) { + if (!suser_cred(cred, PRISON_ROOT)) { if (ip->i_flags & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) { error = securelevel_gt(cred, 0); @@ -616,7 +616,7 @@ ufs_chmod(vp, mode, cred, td) * as well as set the setgid bit on a file with a group that the * process is not a member of. */ - if (suser_xxx(cred, NULL, PRISON_ROOT)) { + if (suser_cred(cred, PRISON_ROOT)) { if (vp->v_type != VDIR && (mode & S_ISTXT)) return (EFTYPE); if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) @@ -666,7 +666,7 @@ ufs_chown(vp, uid, gid, cred, td) */ if ((uid != ip->i_uid || (gid != ip->i_gid && !groupmember(gid, cred))) && - (error = suser_xxx(cred, td->td_proc, PRISON_ROOT))) + (error = suser_cred(cred, PRISON_ROOT))) return (error); ogid = ip->i_gid; ouid = ip->i_uid; @@ -733,7 +733,7 @@ good: panic("ufs_chown: lost quota"); #endif /* QUOTA */ ip->i_flag |= IN_CHANGE; - if (suser_xxx(cred, NULL, PRISON_ROOT) && (ouid != uid || ogid != gid)) + if (suser_cred(cred, PRISON_ROOT) && (ouid != uid || ogid != gid)) ip->i_mode &= ~(ISUID | ISGID); return (0); } @@ -2370,7 +2370,7 @@ ufs_makeinode(mode, dvp, vpp, cnp) if (DOINGSOFTDEP(tvp)) softdep_change_linkcnt(ip); if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred) && - suser_xxx(cnp->cn_cred, NULL, PRISON_ROOT)) + suser_cred(cnp->cn_cred, PRISON_ROOT)) ip->i_mode &= ~ISGID; if (cnp->cn_flags & ISWHITEOUT) |