Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-5]: src/sys/kern Pullup 1.59 and 1.60 [christos]:
details: https://anonhg.NetBSD.org/src/rev/c4ea376cf320
branches: netbsd-1-5
changeset: 489891:c4ea376cf320
user: tv <tv%NetBSD.org@localhost>
date: Wed Oct 18 03:41:36 2000 +0000
description:
Pullup 1.59 and 1.60 [christos]:
Don't set P_SUGID if the calls to set{e,}{u,g}id(), setreuid(),
setgroups() did not result in actual changes. This has the nice
side effect that we don't needlesly allocate new credential and
resource limit data structures.
[releng: this is needed for proper operation of issetugid()]
diffstat:
sys/kern/kern_prot.c | 73 +++++++++++++++++++++++++++++++++++++++++----------
1 files changed, 58 insertions(+), 15 deletions(-)
diffs (190 lines):
diff -r 913c1c9f13f4 -r c4ea376cf320 sys/kern/kern_prot.c
--- a/sys/kern/kern_prot.c Wed Oct 18 03:39:11 2000 +0000
+++ b/sys/kern/kern_prot.c Wed Oct 18 03:41:36 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_prot.c,v 1.58 2000/05/27 00:40:46 sommerfeld Exp $ */
+/* $NetBSD: kern_prot.c,v 1.58.4.1 2000/10/18 03:41:36 tv Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993
@@ -124,7 +124,7 @@
return (ESRCH);
found:
*retval = p->p_session->s_sid;
- return 0;
+ return (0);
}
int
@@ -143,7 +143,7 @@
return (ESRCH);
found:
*retval = p->p_pgid;
- return 0;
+ return (0);
}
/* ARGSUSED */
@@ -326,6 +326,12 @@
(error = suser(pc->pc_ucred, &p->p_acflag)))
return (error);
/*
+ * Check if we are all set, and this is a no-op.
+ */
+ if (pc->p_ruid == uid && pc->p_svuid == uid &&
+ pc->pc_ucred->cr_uid == uid)
+ return (0);
+ /*
* Everything's okay, do it.
* Transfer proc count to new user.
* Copy credentials so other references do not see our changes.
@@ -359,6 +365,12 @@
(error = suser(pc->pc_ucred, &p->p_acflag)))
return (error);
/*
+ * Check if we are all set, and this is a no-op.
+ */
+ if (pc->pc_ucred->cr_uid == euid)
+ return (0);
+
+ /*
* Everything's okay, do it. Copy credentials so other references do
* not see our changes.
*/
@@ -380,7 +392,7 @@
} */ *uap = v;
struct pcred *pc = p->p_cred;
uid_t ruid, euid;
- int error;
+ int error, changed = 0;
ruid = SCARG(uap, ruid);
euid = SCARG(uap, euid);
@@ -396,19 +408,22 @@
(error = suser(pc->pc_ucred, &p->p_acflag)))
return (error);
- if (euid != (uid_t)-1) {
+ if (euid != (uid_t)-1 && euid != pc->pc_ucred->cr_uid) {
pc->pc_ucred = crcopy(pc->pc_ucred);
pc->pc_ucred->cr_uid = euid;
+ changed++;
}
- if (ruid != (uid_t)-1) {
+ if (ruid != (uid_t)-1 &&
+ (pc->p_ruid != ruid || pc->p_svuid != pc->pc_ucred->cr_uid)) {
(void)chgproccnt(pc->p_ruid, -1);
(void)chgproccnt(ruid, 1);
pc->p_ruid = ruid;
pc->p_svuid = pc->pc_ucred->cr_uid;
+ changed++;
}
- if (euid != (uid_t)-1 && ruid != (uid_t)-1)
+ if (changed)
p_sugid(p);
return (0);
}
@@ -431,6 +446,13 @@
if (gid != pc->p_rgid &&
(error = suser(pc->pc_ucred, &p->p_acflag)))
return (error);
+ /*
+ * Check if we are all set, and this is a no-op.
+ */
+ if (pc->pc_ucred->cr_gid == gid && pc->p_rgid == gid &&
+ pc->p_svgid == gid)
+ return (0);
+
pc->pc_ucred = crcopy(pc->pc_ucred);
pc->pc_ucred->cr_gid = gid;
pc->p_rgid = gid;
@@ -457,6 +479,12 @@
if (egid != pc->p_rgid && egid != pc->p_svgid &&
(error = suser(pc->pc_ucred, &p->p_acflag)))
return (error);
+ /*
+ * Check if we are all set, and this is a no-op.
+ */
+ if (pc->pc_ucred->cr_gid == egid)
+ return (0);
+
pc->pc_ucred = crcopy(pc->pc_ucred);
pc->pc_ucred->cr_gid = egid;
p_sugid(p);
@@ -475,7 +503,7 @@
} */ *uap = v;
struct pcred *pc = p->p_cred;
gid_t rgid, egid;
- int error;
+ int error, changed = 0;
rgid = SCARG(uap, rgid);
egid = SCARG(uap, egid);
@@ -491,17 +519,20 @@
(error = suser(pc->pc_ucred, &p->p_acflag)))
return (error);
- if (egid != (gid_t)-1) {
+ if (egid != (gid_t)-1 && pc->pc_ucred->cr_gid != egid) {
pc->pc_ucred = crcopy(pc->pc_ucred);
pc->pc_ucred->cr_gid = egid;
+ changed++;
}
- if (rgid != (gid_t)-1) {
+ if (rgid != (gid_t)-1 &&
+ (pc->p_rgid != rgid || pc->p_svgid != pc->pc_ucred->cr_gid)) {
pc->p_rgid = rgid;
pc->p_svgid = pc->pc_ucred->cr_gid;
+ changed++;
}
- if (egid != (gid_t)-1 && rgid != (gid_t)-1)
+ if (changed)
p_sugid(p);
return (0);
}
@@ -521,7 +552,7 @@
* that libc *might* have put in their data segment.
*/
*retval = (p->p_flag & P_SUGID) != 0;
- return 0;
+ return (0);
}
/* ARGSUSED */
@@ -538,17 +569,29 @@
struct pcred *pc = p->p_cred;
int ngrp;
int error;
+ gid_t grp[NGROUPS];
+ size_t grsize;
if ((error = suser(pc->pc_ucred, &p->p_acflag)) != 0)
return (error);
+
ngrp = SCARG(uap, gidsetsize);
if ((u_int)ngrp > NGROUPS)
return (EINVAL);
- pc->pc_ucred = crcopy(pc->pc_ucred);
- error = copyin(SCARG(uap, gidset), pc->pc_ucred->cr_groups,
- ngrp * sizeof(gid_t));
+
+ grsize = ngrp * sizeof(gid_t);
+ error = copyin(SCARG(uap, gidset), grp, grsize);
if (error)
return (error);
+ /*
+ * Check if this is a no-op.
+ */
+ if (pc->pc_ucred->cr_ngroups == ngrp &&
+ memcmp(grp, pc->pc_ucred->cr_groups, grsize) == 0)
+ return (0);
+
+ pc->pc_ucred = crcopy(pc->pc_ucred);
+ (void)memcpy(pc->pc_ucred->cr_groups, grp, grsize);
pc->pc_ucred->cr_ngroups = ngrp;
p_sugid(p);
return (0);
Home |
Main Index |
Thread Index |
Old Index