ppriv.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2004 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <sys/sysmacros.h>
#include <sys/cred_impl.h>
#include <sys/priv_impl.h>
/*
* System call support for manipulating privileges.
*
*
* setppriv(2) - set process privilege set
* getppriv(2) - get process privilege set
* getprivimplinfo(2) - get process privilege implementation information
* setpflags(2) - set process (privilege) flags
* getpflags(2) - get process (privilege) flags
*/
/*
* setppriv (priv_op_t, priv_ptype_t, priv_set_t)
*/
static int
{
proc_t *p;
mutex_enter(&p->p_crlock);
#ifdef C2_AUDIT
if (audit_active)
#endif
/*
* Filter out unallowed request (bad op and bad type)
*/
switch (op) {
case PRIV_ON:
case PRIV_SET:
/*
* Turning on privileges; the limit set cannot grow,
* other sets can but only as long as they remain subsets
* of P. Only immediately after exec holds that P <= L.
*/
if (((type == PRIV_LIMIT &&
mutex_exit(&p->p_crlock);
}
break;
case PRIV_OFF:
/* PRIV_OFF is always allowed */
break;
}
/*
* OK! everything is cool.
* Do cred COW.
*/
/*
* If we change the effective, permitted or limit set, we attain
* "privilege awareness".
*/
if (type != PRIV_INHERITABLE)
switch (op) {
case PRIV_ON:
break;
case PRIV_OFF:
priv_inverse(&pset);
/*
* Fall-thru to set target and change other process
* privilege sets.
*/
/*FALLTHRU*/
case PRIV_SET:
/*
* Take privileges no longer permitted out
* of other effective sets as well.
* Limit set is enforced at exec() time.
*/
if (type == PRIV_PERMITTED)
break;
}
/*
* When we give up privileges not in the inheritable set,
* set SNOCD if not already set; first we compute the
* privileges removed from P using Diff = (~P') & P
* and then we check whether the removed privileges are
* a subset of I. If we retain uid 0, all privileges
* are required anyway so don't set SNOCD.
*/
priv_inverse(&diff);
} else {
}
mutex_exit(&p->p_crlock);
if (donocd) {
mutex_enter(&p->p_lock);
mutex_exit(&p->p_lock);
}
return (0);
}
/*
* getppriv (priv_ptype_t, priv_set_t *)
*/
static int
{
if (!PRIV_VALIDSET(type))
return (0);
}
static int
{
int err;
if (err)
return (0);
}
/*
* Set privilege flags
*
* For now we cheat: the flags are actually bit masks so we can simplify
* some; we do make sure that the arguments are valid, though.
*/
static int
{
flag != __PROC_PROTECT)) {
}
if (flag == __PROC_PROTECT) {
mutex_enter(&p->p_lock);
if (val == 0)
else
mutex_exit(&p->p_lock);
return (0);
}
mutex_enter(&p->p_crlock);
if (val != 0)
else
/* No change */
mutex_exit(&p->p_crlock);
return (0);
}
/* Trying to unset PA; if we can't, return an error */
mutex_exit(&p->p_crlock);
}
/* Committed to changing the flag */
if (flag == PRIV_AWARE) {
if (val != 0)
else
} else {
}
mutex_exit(&p->p_crlock);
return (0);
}
/*
* Getpflags. Currently only implements single bit flags.
*/
static uint_t
{
}
/*
* Privilege system call entry point
*/
int
{
switch (code) {
case PRIVSYS_SETPPRIV:
if (bufsize < sizeof (priv_set_t))
case PRIVSYS_GETPPRIV:
if (bufsize < sizeof (priv_set_t))
case PRIVSYS_GETIMPLINFO:
case PRIVSYS_SETPFLAGS:
case PRIVSYS_GETPFLAGS:
}
}
#ifdef _SYSCALL32_IMPL
int
{
}
#endif