CVS commit: src/sys

Fri, 02 Oct 2009 20:38:37 -0700 

Module Name:    src
Committed By:   elad
Date:           Sat Oct  3 03:38:31 UTC 2009

Modified Files:
        src/sys/kern: kern_proc.c
        src/sys/secmodel/suser: secmodel_suser.c

Log Message:
Move policies for KAUTH_PROCESS_{CANSEE,CORENAME,STOPFLAG,FORK} back to
the subsystem.

Note: Consider killing the signal listener and sticking
      KAUTH_PROCESS_SIGNAL here as well.


To generate a diff of this commit:
cvs rdiff -u -r1.152 -r1.153 src/sys/kern/kern_proc.c
cvs rdiff -u -r1.24 -r1.25 src/sys/secmodel/suser/secmodel_suser.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/kern/kern_proc.c
diff -u src/sys/kern/kern_proc.c:1.152 src/sys/kern/kern_proc.c:1.153
--- src/sys/kern/kern_proc.c:1.152	Sat May 23 18:28:06 2009
+++ src/sys/kern/kern_proc.c	Sat Oct  3 03:38:31 2009
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_proc.c,v 1.152 2009/05/23 18:28:06 ad Exp $	*/
+/*	$NetBSD: kern_proc.c,v 1.153 2009/10/03 03:38:31 elad Exp $	*/
 
 /*-
  * Copyright (c) 1999, 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -62,7 +62,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.152 2009/05/23 18:28:06 ad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.153 2009/10/03 03:38:31 elad Exp $");
 
 #include "opt_kstack.h"
 #include "opt_maxuprc.h"
@@ -235,6 +235,80 @@
 
 static pool_cache_t proc_cache;
 
+static kauth_listener_t proc_listener;
+
+static int
+proc_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie,
+    void *arg0, void *arg1, void *arg2, void *arg3)
+{
+	struct proc *p;
+	int result;
+
+	result = KAUTH_RESULT_DEFER;
+	p = arg0;
+
+	switch (action) {
+	case KAUTH_PROCESS_CANSEE: {
+		enum kauth_process_req req;
+
+		req = (enum kauth_process_req)arg1;
+
+		switch (req) {
+		case KAUTH_REQ_PROCESS_CANSEE_ARGS:
+		case KAUTH_REQ_PROCESS_CANSEE_ENTRY:
+		case KAUTH_REQ_PROCESS_CANSEE_OPENFILES:
+			result = KAUTH_RESULT_ALLOW;
+
+			break;
+
+		case KAUTH_REQ_PROCESS_CANSEE_ENV:
+			if (kauth_cred_getuid(cred) !=
+			    kauth_cred_getuid(p->p_cred) ||
+			    kauth_cred_getuid(cred) !=
+			    kauth_cred_getsvuid(p->p_cred))
+				break;
+
+			result = KAUTH_RESULT_ALLOW;
+
+			break;
+
+		default:
+			break;
+		}
+
+		break;
+		}
+
+	case KAUTH_PROCESS_FORK: {
+		int lnprocs = (int)(unsigned long)arg2;
+
+		/*
+		 * Don't allow a nonprivileged user to use the last few
+		 * processes. The variable lnprocs is the current number of
+		 * processes, maxproc is the limit.
+		 */
+		if (__predict_false((lnprocs >= maxproc - 5)))
+			break;
+
+		result = KAUTH_RESULT_ALLOW;
+
+		break;
+		}
+
+	case KAUTH_PROCESS_CORENAME:
+	case KAUTH_PROCESS_STOPFLAG:
+		if (proc_uidmatch(cred, p->p_cred) == 0)
+			result = KAUTH_RESULT_ALLOW;
+
+		break;
+
+	default:
+		break;
+	}
+
+	return result;
+}
+
 /*
  * Initialize global process hashing structures.
  */
@@ -272,6 +346,9 @@
 
 	proc_cache = pool_cache_init(sizeof(struct proc), 0, 0, 0,
 	    "procpl", NULL, IPL_NONE, NULL, NULL, NULL);
+
+	proc_listener = kauth_listen_scope(KAUTH_SCOPE_PROCESS,
+	    proc_listener_cb, NULL);
 }
 
 /*

Index: src/sys/secmodel/suser/secmodel_suser.c
diff -u src/sys/secmodel/suser/secmodel_suser.c:1.24 src/sys/secmodel/suser/secmodel_suser.c:1.25
--- src/sys/secmodel/suser/secmodel_suser.c:1.24	Sat Oct  3 03:02:55 2009
+++ src/sys/secmodel/suser/secmodel_suser.c	Sat Oct  3 03:38:31 2009
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_suser.c,v 1.24 2009/10/03 03:02:55 elad Exp $ */
+/* $NetBSD: secmodel_suser.c,v 1.25 2009/10/03 03:38:31 elad Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <e...@netbsd.org>
  * All rights reserved.
@@ -38,7 +38,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.24 2009/10/03 03:02:55 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.25 2009/10/03 03:38:31 elad Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -496,6 +496,9 @@
 	case KAUTH_PROCESS_SETID:
 	case KAUTH_PROCESS_KEVENT_FILTER:
 	case KAUTH_PROCESS_NICE:
+	case KAUTH_PROCESS_FORK:
+	case KAUTH_PROCESS_CORENAME:
+	case KAUTH_PROCESS_STOPFLAG:
 		if (isroot)
 			result = KAUTH_RESULT_ALLOW;
 
@@ -510,20 +513,20 @@
 		case KAUTH_REQ_PROCESS_CANSEE_ARGS:
 		case KAUTH_REQ_PROCESS_CANSEE_ENTRY:
 		case KAUTH_REQ_PROCESS_CANSEE_OPENFILES:
-			if (!secmodel_suser_curtain)
-				result = KAUTH_RESULT_ALLOW;
-			else if (isroot || kauth_cred_uidmatch(cred, p->p_cred))
+			if (isroot) {
 				result = KAUTH_RESULT_ALLOW;
+				break;
+			}
+
+			if (secmodel_suser_curtain) {
+				if (kauth_cred_uidmatch(cred, p->p_cred) != 0)
+					result = KAUTH_RESULT_DENY;
+			}
+
 			break;
 
 		case KAUTH_REQ_PROCESS_CANSEE_ENV:
-			if (!isroot &&
-			    (kauth_cred_getuid(cred) !=
-			     kauth_cred_getuid(p->p_cred) ||
-			    kauth_cred_getuid(cred) !=
-			     kauth_cred_getsvuid(p->p_cred)))
-				break;
-			else
+			if (isroot)
 				result = KAUTH_RESULT_ALLOW;
 
 			break;
@@ -535,28 +538,6 @@
 		break;
 		}
 
-	case KAUTH_PROCESS_CORENAME:
-		if (isroot || proc_uidmatch(cred, p->p_cred) == 0)
-			result = KAUTH_RESULT_ALLOW;
-
-		break;
-
-	case KAUTH_PROCESS_FORK: {
-		int lnprocs = (int)(unsigned long)arg2;
-
-		/*
-		 * Don't allow a nonprivileged user to use the last few
-		 * processes. The variable lnprocs is the current number of
-		 * processes, maxproc is the limit.
-		 */
-		if (__predict_false((lnprocs >= maxproc - 5) && !isroot))
-			break;
-		else
-			result = KAUTH_RESULT_ALLOW;
-
-		break;
-		}
-
 	case KAUTH_PROCESS_RLIMIT: {
 		enum kauth_process_req req;
 
@@ -577,13 +558,6 @@
 		break;
 		}
 
-	case KAUTH_PROCESS_STOPFLAG:
-		if (isroot || proc_uidmatch(cred, p->p_cred) == 0) {
-			result = KAUTH_RESULT_ALLOW;
-			break;
-		}
-		break;
-
 	default:
 		break;
 	}

Reply via email to