Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src Add KAUTH_REQ_PROCESS_CANSEE_EPROC, and use it for the kern....
details: https://anonhg.NetBSD.org/src/rev/30b2722e7d95
branches: trunk
changeset: 834720:30b2722e7d95
user: maxv <maxv%NetBSD.org@localhost>
date: Sat Aug 25 09:54:37 2018 +0000
description:
Add KAUTH_REQ_PROCESS_CANSEE_EPROC, and use it for the kern.proc node.
Same permission as before, so no functional change.
diffstat:
share/examples/secmodel/secmodel_example.c | 5 +++--
sys/kern/kern_proc.c | 8 ++++----
sys/secmodel/extensions/secmodel_extensions.c | 5 +++--
sys/secmodel/suser/secmodel_suser.c | 5 +++--
sys/sys/kauth.h | 3 ++-
5 files changed, 15 insertions(+), 11 deletions(-)
diffs (132 lines):
diff -r a68db46141aa -r 30b2722e7d95 share/examples/secmodel/secmodel_example.c
--- a/share/examples/secmodel/secmodel_example.c Sat Aug 25 08:12:28 2018 +0000
+++ b/share/examples/secmodel/secmodel_example.c Sat Aug 25 09:54:37 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_example.c,v 1.27 2018/07/15 05:16:40 maxv Exp $ */
+/* $NetBSD: secmodel_example.c,v 1.28 2018/08/25 09:54:37 maxv Exp $ */
/*
* This file is placed in the public domain.
@@ -13,7 +13,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_example.c,v 1.27 2018/07/15 05:16:40 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_example.c,v 1.28 2018/08/25 09:54:37 maxv Exp $");
#include <sys/types.h>
#include <sys/param.h>
@@ -370,6 +370,7 @@
case KAUTH_REQ_PROCESS_CANSEE_ENTRY:
case KAUTH_REQ_PROCESS_CANSEE_ENV:
case KAUTH_REQ_PROCESS_CANSEE_OPENFILES:
+ case KAUTH_REQ_PROCESS_CANSEE_EPROC:
default:
result = KAUTH_RESULT_DEFER;
break;
diff -r a68db46141aa -r 30b2722e7d95 sys/kern/kern_proc.c
--- a/sys/kern/kern_proc.c Sat Aug 25 08:12:28 2018 +0000
+++ b/sys/kern/kern_proc.c Sat Aug 25 09:54:37 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_proc.c,v 1.212 2018/04/14 14:26:20 kamil Exp $ */
+/* $NetBSD: kern_proc.c,v 1.213 2018/08/25 09:54:37 maxv Exp $ */
/*-
* Copyright (c) 1999, 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.212 2018/04/14 14:26:20 kamil Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.213 2018/08/25 09:54:37 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_kstack.h"
@@ -263,8 +263,8 @@
case KAUTH_REQ_PROCESS_CANSEE_ARGS:
case KAUTH_REQ_PROCESS_CANSEE_ENTRY:
case KAUTH_REQ_PROCESS_CANSEE_OPENFILES:
+ case KAUTH_REQ_PROCESS_CANSEE_EPROC:
result = KAUTH_RESULT_ALLOW;
-
break;
case KAUTH_REQ_PROCESS_CANSEE_ENV:
@@ -1701,7 +1701,7 @@
mutex_enter(p->p_lock);
error = kauth_authorize_process(l->l_cred,
KAUTH_PROCESS_CANSEE, p,
- KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_ENTRY), NULL, NULL);
+ KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_EPROC), NULL, NULL);
if (error != 0) {
mutex_exit(p->p_lock);
continue;
diff -r a68db46141aa -r 30b2722e7d95 sys/secmodel/extensions/secmodel_extensions.c
--- a/sys/secmodel/extensions/secmodel_extensions.c Sat Aug 25 08:12:28 2018 +0000
+++ b/sys/secmodel/extensions/secmodel_extensions.c Sat Aug 25 09:54:37 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_extensions.c,v 1.8 2018/04/08 14:46:32 kamil Exp $ */
+/* $NetBSD: secmodel_extensions.c,v 1.9 2018/08/25 09:54:37 maxv Exp $ */
/*-
* Copyright (c) 2011 Elad Efrat <elad%NetBSD.org@localhost>
* All rights reserved.
@@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_extensions.c,v 1.8 2018/04/08 14:46:32 kamil Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_extensions.c,v 1.9 2018/08/25 09:54:37 maxv Exp $");
#include <sys/types.h>
#include <sys/param.h>
@@ -428,6 +428,7 @@
case KAUTH_REQ_PROCESS_CANSEE_ARGS:
case KAUTH_REQ_PROCESS_CANSEE_ENTRY:
case KAUTH_REQ_PROCESS_CANSEE_OPENFILES:
+ case KAUTH_REQ_PROCESS_CANSEE_EPROC:
if (curtain != 0) {
struct proc *p = arg0;
diff -r a68db46141aa -r 30b2722e7d95 sys/secmodel/suser/secmodel_suser.c
--- a/sys/secmodel/suser/secmodel_suser.c Sat Aug 25 08:12:28 2018 +0000
+++ b/sys/secmodel/suser/secmodel_suser.c Sat Aug 25 09:54:37 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_suser.c,v 1.46 2018/07/15 05:16:45 maxv Exp $ */
+/* $NetBSD: secmodel_suser.c,v 1.47 2018/08/25 09:54:37 maxv Exp $ */
/*-
* Copyright (c) 2006 Elad Efrat <elad%NetBSD.org@localhost>
* All rights reserved.
@@ -38,7 +38,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.46 2018/07/15 05:16:45 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.47 2018/08/25 09:54:37 maxv Exp $");
#include <sys/types.h>
#include <sys/param.h>
@@ -499,6 +499,7 @@
case KAUTH_REQ_PROCESS_CANSEE_ARGS:
case KAUTH_REQ_PROCESS_CANSEE_ENTRY:
case KAUTH_REQ_PROCESS_CANSEE_OPENFILES:
+ case KAUTH_REQ_PROCESS_CANSEE_EPROC:
if (isroot) {
result = KAUTH_RESULT_ALLOW;
break;
diff -r a68db46141aa -r 30b2722e7d95 sys/sys/kauth.h
--- a/sys/sys/kauth.h Sat Aug 25 08:12:28 2018 +0000
+++ b/sys/sys/kauth.h Sat Aug 25 09:54:37 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kauth.h,v 1.78 2018/07/15 05:16:45 maxv Exp $ */
+/* $NetBSD: kauth.h,v 1.79 2018/08/25 09:54:37 maxv Exp $ */
/*-
* Copyright (c) 2005, 2006 Elad Efrat <elad%NetBSD.org@localhost>
@@ -230,6 +230,7 @@
KAUTH_REQ_PROCESS_RLIMIT_GET,
KAUTH_REQ_PROCESS_RLIMIT_SET,
KAUTH_REQ_PROCESS_RLIMIT_BYPASS,
+ KAUTH_REQ_PROCESS_CANSEE_EPROC,
};
/*
Home |
Main Index |
Thread Index |
Old Index