Are there any kernel modules (in base, in ports, or out-of-both-trees) that access struct ucred?
On Sat, Nov 14, 2020 at 09:51:47PM +0100, Mateusz Guzik wrote: > I don't think so, it does not change any APIs > > On 11/14/20, Shawn Webb <shawn.w...@hardenedbsd.org> wrote: > > On Sat, Nov 14, 2020 at 07:20:37PM +0000, Mateusz Guzik wrote: > >> Author: mjg > >> Date: Sat Nov 14 19:20:37 2020 > >> New Revision: 367692 > >> URL: https://svnweb.freebsd.org/changeset/base/367692 > >> > >> Log: > >> cred: reorder cr_audit to be closer to the lock > >> > >> This makes cr_uid avoid sharing. > >> > >> Modified: > >> head/sys/sys/ucred.h > >> > >> Modified: head/sys/sys/ucred.h > >> ============================================================================== > >> --- head/sys/sys/ucred.h Sat Nov 14 19:19:27 2020 (r367691) > >> +++ head/sys/sys/ucred.h Sat Nov 14 19:20:37 2020 (r367692) > >> @@ -63,6 +63,7 @@ struct ucred { > >> struct mtx cr_mtx; > >> u_int cr_ref; /* (c) reference count */ > >> u_int cr_users; /* (c) proc + thread using this cred */ > >> + struct auditinfo_addr cr_audit; /* Audit properties. */ > >> #define cr_startcopy cr_uid > >> uid_t cr_uid; /* effective user id */ > >> uid_t cr_ruid; /* real user id */ > >> @@ -78,7 +79,6 @@ struct ucred { > >> void *cr_pspare2[2]; /* general use 2 */ > >> #define cr_endcopy cr_label > >> struct label *cr_label; /* MAC label */ > >> - struct auditinfo_addr cr_audit; /* Audit properties. */ > >> gid_t *cr_groups; /* groups */ > >> int cr_agroups; /* Available groups */ > >> gid_t cr_smallgroups[XU_NGROUPS]; /* storage for small groups */ > > > > Hey Mateusz, > > > > Since this changes KBI, does __FreeBSD_version need bumping? > > > > Thanks, > > > > -- > > Shawn Webb > > Cofounder / Security Engineer > > HardenedBSD > > > > GPG Key ID: 0xFF2E67A277F8E1FA > > GPG Key Fingerprint: D206 BB45 15E0 9C49 0CF9 3633 C85B 0AF8 AB23 0FB2 > > https://git-01.md.hardenedbsd.org/HardenedBSD/pubkeys/src/branch/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc > > > > > -- > Mateusz Guzik <mjguzik gmail.com> -- Shawn Webb Cofounder / Security Engineer HardenedBSD GPG Key ID: 0xFF2E67A277F8E1FA GPG Key Fingerprint: D206 BB45 15E0 9C49 0CF9 3633 C85B 0AF8 AB23 0FB2 https://git-01.md.hardenedbsd.org/HardenedBSD/pubkeys/src/branch/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
signature.asc
Description: PGP signature