diff options
Diffstat (limited to 'sys')
-rw-r--r-- | sys/kern/kern_prot.c | 16 | ||||
-rw-r--r-- | sys/kern/uipc_usrreq.c | 12 | ||||
-rw-r--r-- | sys/netinet/tcp_subr.c | 12 | ||||
-rw-r--r-- | sys/netinet/tcp_timewait.c | 12 | ||||
-rw-r--r-- | sys/netinet/udp_usrreq.c | 6 | ||||
-rw-r--r-- | sys/netinet6/udp6_usrreq.c | 6 | ||||
-rw-r--r-- | sys/security/lomac/kernel_socket.c | 6 | ||||
-rw-r--r-- | sys/sys/ucred.h | 4 |
8 files changed, 28 insertions, 46 deletions
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index 615709e..56f7895 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -1760,6 +1760,22 @@ crdup(cr) } /* + * Fill in a struct xucred based on a struct ucred. + */ +void +cru2x(cr, xcr) + struct ucred *cr; + struct xucred *xcr; +{ + + bzero(xcr, sizeof(*xcr)); + xcr->cr_version = XUCRED_VERSION; + xcr->cr_uid = cr->cr_uid; + xcr->cr_ngroups = cr->cr_ngroups; + bcopy(cr->cr_groups, xcr->cr_groups, sizeof(cr->cr_groups)); +} + +/* * small routine to swap a thread's current ucred for the correct one * taken from the process. */ diff --git a/sys/kern/uipc_usrreq.c b/sys/kern/uipc_usrreq.c index 6bc58f2..a6522607 100644 --- a/sys/kern/uipc_usrreq.c +++ b/sys/kern/uipc_usrreq.c @@ -717,11 +717,7 @@ unp_connect(so, nam, td) * from its process structure at the time of connect() * (which is now). */ - memset(&unp3->unp_peercred, '\0', sizeof(unp3->unp_peercred)); - unp3->unp_peercred.cr_uid = td->td_proc->p_ucred->cr_uid; - unp3->unp_peercred.cr_ngroups = td->td_proc->p_ucred->cr_ngroups; - memcpy(unp3->unp_peercred.cr_groups, td->td_proc->p_ucred->cr_groups, - sizeof(unp3->unp_peercred.cr_groups)); + cru2x(td->td_proc->p_ucred, &unp3->unp_peercred); unp3->unp_flags |= UNP_HAVEPC; /* * The receiver's (server's) credentials are copied @@ -1427,11 +1423,7 @@ unp_listen(unp, p) struct proc *p; { - bzero(&unp->unp_peercred, sizeof(unp->unp_peercred)); - unp->unp_peercred.cr_uid = p->p_ucred->cr_uid; - unp->unp_peercred.cr_ngroups = p->p_ucred->cr_ngroups; - bcopy(p->p_ucred->cr_groups, unp->unp_peercred.cr_groups, - sizeof(unp->unp_peercred.cr_groups)); + cru2x(p->p_ucred, &unp->unp_peercred); unp->unp_flags |= UNP_HAVEPCCACHED; return (0); } diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index d79b816..99b50a5 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -922,11 +922,7 @@ tcp_getcred(SYSCTL_HANDLER_ARGS) error = cr_cansee(req->td->td_proc->p_ucred, inp->inp_socket->so_cred); if (error) goto out; - bzero(&xuc, sizeof(xuc)); - xuc.cr_uid = inp->inp_socket->so_cred->cr_uid; - xuc.cr_ngroups = inp->inp_socket->so_cred->cr_ngroups; - bcopy(inp->inp_socket->so_cred->cr_groups, xuc.cr_groups, - sizeof(xuc.cr_groups)); + cru2x(inp->inp_socket->so_cred, &xuc); error = SYSCTL_OUT(req, &xuc, sizeof(struct xucred)); out: splx(s); @@ -978,11 +974,7 @@ tcp6_getcred(SYSCTL_HANDLER_ARGS) error = cr_cansee(req->td->td_proc->p_ucred, inp->inp_socket->so_cred); if (error) goto out; - bzero(&xuc, sizeof(xuc)); - xuc.cr_uid = inp->inp_socket->so_cred->cr_uid; - xuc.cr_ngroups = inp->inp_socket->so_cred->cr_ngroups; - bcopy(inp->inp_socket->so_cred->cr_groups, xuc.cr_groups, - sizeof(xuc.cr_groups)); + cru2x(inp->inp_socket->so_cred, &xuc); error = SYSCTL_OUT(req, &xuc, sizeof(struct xucred)); out: splx(s); diff --git a/sys/netinet/tcp_timewait.c b/sys/netinet/tcp_timewait.c index d79b816..99b50a5 100644 --- a/sys/netinet/tcp_timewait.c +++ b/sys/netinet/tcp_timewait.c @@ -922,11 +922,7 @@ tcp_getcred(SYSCTL_HANDLER_ARGS) error = cr_cansee(req->td->td_proc->p_ucred, inp->inp_socket->so_cred); if (error) goto out; - bzero(&xuc, sizeof(xuc)); - xuc.cr_uid = inp->inp_socket->so_cred->cr_uid; - xuc.cr_ngroups = inp->inp_socket->so_cred->cr_ngroups; - bcopy(inp->inp_socket->so_cred->cr_groups, xuc.cr_groups, - sizeof(xuc.cr_groups)); + cru2x(inp->inp_socket->so_cred, &xuc); error = SYSCTL_OUT(req, &xuc, sizeof(struct xucred)); out: splx(s); @@ -978,11 +974,7 @@ tcp6_getcred(SYSCTL_HANDLER_ARGS) error = cr_cansee(req->td->td_proc->p_ucred, inp->inp_socket->so_cred); if (error) goto out; - bzero(&xuc, sizeof(xuc)); - xuc.cr_uid = inp->inp_socket->so_cred->cr_uid; - xuc.cr_ngroups = inp->inp_socket->so_cred->cr_ngroups; - bcopy(inp->inp_socket->so_cred->cr_groups, xuc.cr_groups, - sizeof(xuc.cr_groups)); + cru2x(inp->inp_socket->so_cred, &xuc); error = SYSCTL_OUT(req, &xuc, sizeof(struct xucred)); out: splx(s); diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 6eeb3a1..047a5d4 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -651,11 +651,7 @@ udp_getcred(SYSCTL_HANDLER_ARGS) error = cr_cansee(req->td->td_proc->p_ucred, inp->inp_socket->so_cred); if (error) goto out; - bzero(&xuc, sizeof(xuc)); - xuc.cr_uid = inp->inp_socket->so_cred->cr_uid; - xuc.cr_ngroups = inp->inp_socket->so_cred->cr_ngroups; - bcopy(inp->inp_socket->so_cred->cr_groups, xuc.cr_groups, - sizeof(xuc.cr_groups)); + cru2x(inp->inp_socket->so_cred, &xuc); error = SYSCTL_OUT(req, &xuc, sizeof(struct xucred)); out: splx(s); diff --git a/sys/netinet6/udp6_usrreq.c b/sys/netinet6/udp6_usrreq.c index 09fd898..2861f7f 100644 --- a/sys/netinet6/udp6_usrreq.c +++ b/sys/netinet6/udp6_usrreq.c @@ -486,11 +486,7 @@ udp6_getcred(SYSCTL_HANDLER_ARGS) error = ENOENT; goto out; } - bzero(&xuc, sizeof(xuc)); - xuc.cr_uid = inp->inp_socket->so_cred->cr_uid; - xuc.cr_ngroups = inp->inp_socket->so_cred->cr_ngroups; - bcopy(inp->inp_socket->so_cred->cr_groups, xuc.cr_groups, - sizeof(xuc.cr_groups)); + cru2x(inp->inp_socket->so_cred, &xuc); error = SYSCTL_OUT(req, &xuc, sizeof(struct xucred)); out: splx(s); diff --git a/sys/security/lomac/kernel_socket.c b/sys/security/lomac/kernel_socket.c index 541822b..3ed2ee1 100644 --- a/sys/security/lomac/kernel_socket.c +++ b/sys/security/lomac/kernel_socket.c @@ -265,11 +265,7 @@ lomac_local_connect(struct socket *so, struct sockaddr *nam, struct thread *td) * from its process structure at the time of connect() * (which is now). */ - memset(&unp3->unp_peercred, '\0', sizeof(unp3->unp_peercred)); - unp3->unp_peercred.cr_uid = td->td_proc->p_ucred->cr_uid; - unp3->unp_peercred.cr_ngroups = td->td_proc->p_ucred->cr_ngroups; - memcpy(unp3->unp_peercred.cr_groups, td->td_proc->p_ucred->cr_groups, - sizeof(unp3->unp_peercred.cr_groups)); + cru2x(td->td_proc->p_ucred, &unp3->unp_peercred); unp3->unp_flags |= UNP_HAVEPC; /* * The receiver's (server's) credentials are copied diff --git a/sys/sys/ucred.h b/sys/sys/ucred.h index 03d4337..ed0d576 100644 --- a/sys/sys/ucred.h +++ b/sys/sys/ucred.h @@ -73,12 +73,13 @@ struct ucred { * any need to change the size of this or layout of its used fields. */ struct xucred { - u_short _cr_unused0; /* compatibility with old ucred */ + u_int cr_version; /* structure layout version */ uid_t cr_uid; /* effective user id */ short cr_ngroups; /* number of groups */ gid_t cr_groups[NGROUPS]; /* groups */ void *_cr_unused1; /* compatibility with old ucred */ }; +#define XUCRED_VERSION 0 #ifdef _KERNEL @@ -96,6 +97,7 @@ void crfree(struct ucred *cr); struct ucred *crget(void); struct ucred *crhold(struct ucred *cr); int crshared(struct ucred *cr); +void cru2x(struct ucred *cr, struct xucred *xcr); int groupmember(gid_t gid, struct ucred *cred); #endif /* _KERNEL */ |