kern

Christos Zoulas Tue, 24 Mar 2009 14:00:09 -0700

Module Name:    src
Committed By:   christos
Date:           Tue Mar 24 21:00:06 UTC 2009


Modified Files:
        src/sys/kern: kern_exec.c kern_fork.c

Log Message:
use kauth instead of uid != 0


To generate a diff of this commit:
cvs rdiff -u -r1.286 -r1.287 src/sys/kern/kern_exec.c
cvs rdiff -u -r1.172 -r1.173 src/sys/kern/kern_fork.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/kern_exec.c
diff -u src/sys/kern/kern_exec.c:1.286 src/sys/kern/kern_exec.c:1.287
--- src/sys/kern/kern_exec.c:1.286	Sat Mar  7 14:23:02 2009
+++ src/sys/kern/kern_exec.c	Tue Mar 24 17:00:05 2009
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_exec.c,v 1.286 2009/03/07 19:23:02 christos Exp $	*/
+/*	$NetBSD: kern_exec.c,v 1.287 2009/03/24 21:00:05 christos Exp $	*/
 
 /*-
  * Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -59,7 +59,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.286 2009/03/07 19:23:02 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.287 2009/03/24 21:00:05 christos Exp $");
 
 #include "opt_ktrace.h"
 #include "opt_modular.h"
@@ -520,7 +520,6 @@
 	char			*pathbuf;
 	size_t			pathbuflen;
 	u_int			modgen;
-	uid_t			uid;
 
 	p = l->l_proc;
  	modgen = 0;
@@ -541,8 +540,9 @@
 	 * to call exec in order to do something useful.
 	 */
  retry:
-	if ((p->p_flag & PK_SUGID) && (uid = kauth_cred_getuid(l->l_cred)) != 0
-	    && chgproccnt(uid, 0) > p->p_rlimit[RLIMIT_NPROC].rlim_cur)
+	if ((p->p_flag & PK_SUGID) && kauth_authorize_generic(l->l_cred,
+	    KAUTH_GENERIC_ISSUSER, NULL) != 0 && chgproccnt(kauth_cred_getuid(
+	    l->l_cred), 0) > p->p_rlimit[RLIMIT_NPROC].rlim_cur)
 		return EAGAIN;
 
 	oldlwpflags = l->l_flag & (LW_SA | LW_SA_UPCALL);

Index: src/sys/kern/kern_fork.c
diff -u src/sys/kern/kern_fork.c:1.172 src/sys/kern/kern_fork.c:1.173
--- src/sys/kern/kern_fork.c:1.172	Sat Jan 17 02:02:35 2009
+++ src/sys/kern/kern_fork.c	Tue Mar 24 17:00:06 2009
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_fork.c,v 1.172 2009/01/17 07:02:35 yamt Exp $	*/
+/*	$NetBSD: kern_fork.c,v 1.173 2009/03/24 21:00:06 christos Exp $	*/
 
 /*-
  * Copyright (c) 1999, 2001, 2004, 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -67,7 +67,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_fork.c,v 1.172 2009/01/17 07:02:35 yamt Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_fork.c,v 1.173 2009/03/24 21:00:06 christos Exp $");
 
 #include "opt_ktrace.h"
 
@@ -240,8 +240,8 @@
 	 * Enforce limits.
 	 */
 	count = chgproccnt(uid, 1);
-	if (uid != 0 &&
-	    __predict_false(count > p1->p_rlimit[RLIMIT_NPROC].rlim_cur)) {
+	if (kauth_authorize_generic(l1->l_cred, KAUTH_GENERIC_ISSUSER, NULL) !=
+	    0 && __predict_false(count > p1->p_rlimit[RLIMIT_NPROC].rlim_cur)) {
 		(void)chgproccnt(uid, -1);
 		atomic_dec_uint(&nprocs);
 		if (forkfsleep)

CVS commit: src/sys/kern

Reply via email to