0002-kernel-change-proc_token-by-per-process-token-to-pro.patch

jorisgio, 07/31/2013 05:54 AM

Download (7.33 KB)

View differences:

sys/kern/kern_prot.c
102 102
/* 
103 103
 * Get process group ID; note that POSIX getpgrp takes no parameter 
104 104
 *
105
 * MPSAFE XXX pgrp
105
 * MPSAFE
106 106
 */
107 107
int
108 108
sys_getpgrp(struct getpgrp_args *uap)
109 109
{
110 110
	struct proc *p = curproc;
111 111

  
112
	/*
113
	 * hold p_token to protect p_pgrp, because p_pgrp can be NULL
114
	 * if we race setpgid
115
	 */
116
	lwkt_gettoken_shared(&p->p_token);
112 117
	uap->sysmsg_result = p->p_pgrp->pg_id;
118
	lwkt_reltoken(&p->p_token);
113 119
	return (0);
114 120
}
115 121

  
......
133 139
		if (pt == NULL)
134 140
			error = ESRCH;
135 141
	}
136
	/* XXX MPSAFE on pgrp? */
137
	if (error == 0)
142
	if (error == 0) {
143
		lwkt_gettoken_shared(&pt->p_token);
138 144
		uap->sysmsg_result = pt->p_pgrp->pg_id;
145
		lwkt_reltoken(&pt->p_token);
146
	}
139 147
	if (pt)
140 148
		PRELE(pt);
141 149
	return (error);
......
372 380
	uid_t uid;
373 381
	int error;
374 382

  
375
	lwkt_gettoken(&proc_token);
383
	lwkt_gettoken(&p->p_token);
376 384
	cr = p->p_ucred;
377 385

  
378 386
	/*
......
446 454
	}
447 455
	error = 0;
448 456
done:
449
	lwkt_reltoken(&proc_token);
457
	lwkt_reltoken(&p->p_token);
450 458
	return (error);
451 459
}
452 460

  
......
458 466
	uid_t euid;
459 467
	int error;
460 468

  
461
	lwkt_gettoken(&proc_token);
469
	lwkt_gettoken(&p->p_token);
462 470
	cr = p->p_ucred;
463 471
	euid = uap->euid;
464 472
	if (euid != cr->cr_ruid &&		/* allow seteuid(getuid()) */
......
476 484
		change_euid(euid);
477 485
		setsugid();
478 486
	}
479
	lwkt_reltoken(&proc_token);
487
	lwkt_reltoken(&p->p_token);
480 488
	return (0);
481 489
}
482 490

  
......
488 496
	gid_t gid;
489 497
	int error;
490 498

  
491
	lwkt_gettoken(&proc_token);
499
	lwkt_gettoken(&p->p_token);
492 500
	cr = p->p_ucred;
493 501

  
494 502
	/*
......
558 566
	}
559 567
	error = 0;
560 568
done:
561
	lwkt_reltoken(&proc_token);
569
	lwkt_reltoken(&p->p_token);
562 570
	return (error);
563 571
}
564 572

  
......
570 578
	gid_t egid;
571 579
	int error;
572 580

  
573
	lwkt_gettoken(&proc_token);
581
	lwkt_gettoken(&p->p_token);
574 582
	cr = p->p_ucred;
575 583
	egid = uap->egid;
576 584
	if (egid != cr->cr_rgid &&		/* allow setegid(getgid()) */
......
585 593
	}
586 594
	error = 0;
587 595
done:
588
	lwkt_reltoken(&proc_token);
596
	lwkt_reltoken(&p->p_token);
589 597
	return (error);
590 598
}
591 599

  
......
597 605
	u_int ngrp;
598 606
	int error;
599 607

  
600
	lwkt_gettoken(&proc_token);
608
	lwkt_gettoken(&p->p_token);
601 609
	cr = p->p_ucred;
602 610

  
603 611
	if ((error = priv_check_cred(cr, PRIV_CRED_SETGROUPS, 0)))
......
630 638
	setsugid();
631 639
	error = 0;
632 640
done:
633
	lwkt_reltoken(&proc_token);
641
	lwkt_reltoken(&p->p_token);
634 642
	return (error);
635 643
}
636 644

  
......
642 650
	uid_t ruid, euid;
643 651
	int error;
644 652

  
645
	lwkt_gettoken(&proc_token);
653
	lwkt_gettoken(&p->p_token);
646 654
	cr = p->p_ucred;
647 655

  
648 656
	ruid = uap->ruid;
......
670 678
	}
671 679
	error = 0;
672 680
done:
673
	lwkt_reltoken(&proc_token);
681
	lwkt_reltoken(&p->p_token);
674 682
	return (error);
675 683
}
676 684

  
......
682 690
	gid_t rgid, egid;
683 691
	int error;
684 692

  
685
	lwkt_gettoken(&proc_token);
693
	lwkt_gettoken(&p->p_token);
686 694
	cr = p->p_ucred;
687 695

  
688 696
	rgid = uap->rgid;
......
712 720
	}
713 721
	error = 0;
714 722
done:
715
	lwkt_reltoken(&proc_token);
723
	lwkt_reltoken(&p->p_token);
716 724
	return (error);
717 725
}
718 726

  
......
728 736
	uid_t ruid, euid, suid;
729 737
	int error;
730 738

  
731
	lwkt_gettoken(&proc_token);
739
	lwkt_gettoken(&p->p_token);
732 740
	cr = p->p_ucred;
733 741

  
734 742
	ruid = uap->ruid;
......
758 766
	}
759 767
	error = 0;
760 768
done:
761
	lwkt_reltoken(&proc_token);
769
	lwkt_reltoken(&p->p_token);
762 770
	return (error);
763 771
}
764 772

  
......
774 782
	gid_t rgid, egid, sgid;
775 783
	int error;
776 784

  
777
	lwkt_gettoken(&proc_token);
785
	lwkt_gettoken(&p->p_token);
778 786
	cr = p->p_ucred;
779 787
	rgid = uap->rgid;
780 788
	egid = uap->egid;
......
806 814
	}
807 815
	error = 0;
808 816
done:
809
	lwkt_reltoken(&proc_token);
817
	lwkt_reltoken(&p->p_token);
810 818
	return (error);
811 819
}
812 820

  
......
816 824
	struct proc *p = curproc;
817 825
	struct ucred *cr;
818 826
	int error1 = 0, error2 = 0, error3 = 0;
827
	
828
	lwkt_gettoken_shared(&p->p_token);
829
	cr = crhold(p->p_ucred);
830
	lwkt_reltoken(&p->p_token);
819 831

  
820
	lwkt_gettoken(&proc_token);
821
	cr = p->p_ucred;
822 832
	if (uap->ruid)
823 833
		error1 = copyout((caddr_t)&cr->cr_ruid,
824 834
		    (caddr_t)uap->ruid, sizeof(cr->cr_ruid));
......
828 838
	if (uap->suid)
829 839
		error3 = copyout((caddr_t)&cr->cr_svuid,
830 840
		    (caddr_t)uap->suid, sizeof(cr->cr_svuid));
831
	lwkt_reltoken(&proc_token);
841
	crfree(cr);
832 842
	return error1 ? error1 : (error2 ? error2 : error3);
833 843
}
834 844

  
......
839 849
sys_getresgid(struct getresgid_args *uap)
840 850
{
841 851
	struct ucred *cr;
852
	struct proc *p = curproc;
842 853
	int error1 = 0, error2 = 0, error3 = 0;
843 854

  
844
	cr = curthread->td_ucred;
855
	lwkt_gettoken_shared(&p->p_token);
856
	cr = p->p_ucred;
857
	crhold(cr);
858
	lwkt_reltoken(&p->p_token);
859

  
845 860
	if (uap->rgid)
846 861
		error1 = copyout(&cr->cr_rgid, uap->rgid,
847 862
				 sizeof(cr->cr_rgid));
......
851 866
	if (uap->sgid)
852 867
		error3 = copyout(&cr->cr_svgid, uap->sgid,
853 868
				 sizeof(cr->cr_svgid));
869
	crfree(cr);
854 870
	return error1 ? error1 : (error2 ? error2 : error3);
855 871
}
856 872

  
......
1162 1178
	if (uap->namelen > MAXLOGNAME)		/* namelen is unsigned */
1163 1179
		uap->namelen = MAXLOGNAME;
1164 1180
	bzero(buf, sizeof(buf));
1165
	lwkt_gettoken(&proc_token);
1181
	lwkt_gettoken_shared(&p->p_token);
1166 1182
	bcopy(p->p_pgrp->pg_session->s_login, buf, uap->namelen);
1167
	lwkt_reltoken(&proc_token);
1183
	lwkt_reltoken(&p->p_token);
1168 1184

  
1169 1185
	error = copyout(buf, uap->namebuf, uap->namelen);
1170 1186
	return (error);
......
1176 1192
int
1177 1193
sys_setlogin(struct setlogin_args *uap)
1178 1194
{
1179
	struct thread *td = curthread;
1180
	struct proc *p;
1195
	struct proc *p = curproc;
1181 1196
	struct ucred *cred;
1182 1197
	char buf[MAXLOGNAME];
1183 1198
	int error;
1184 1199

  
1185
	cred = td->td_ucred;
1186
	p = td->td_proc;
1200
	lwkt_gettoken(&p->p_token);
1201
	cred = p->p_ucred;
1187 1202

  
1188 1203
	if ((error = priv_check_cred(cred, PRIV_PROC_SETLOGIN, 0)))
1189
		return (error);
1204
		goto done;
1190 1205
	bzero(buf, sizeof(buf));
1206

  
1191 1207
	error = copyinstr(uap->namebuf, buf, sizeof(buf), NULL);
1192 1208
	if (error == ENAMETOOLONG)
1193 1209
		error = EINVAL;
1194 1210
	if (error == 0) {
1195
		lwkt_gettoken(&proc_token);
1196 1211
		memcpy(p->p_pgrp->pg_session->s_login, buf, sizeof(buf));
1197
		lwkt_reltoken(&proc_token);
1198 1212
	}
1213
done:
1214
	lwkt_reltoken(&p->p_token);
1199 1215
	return (error);
1200 1216
}
1201 1217

  
......
1235 1251
 *
1236 1252
 * The per-uid process count for this process is transfered from
1237 1253
 * the old uid to the new uid.
1254
 *
1255
 * Requires curproc->p_token to be held.
1238 1256
 */
1239 1257
struct ucred *
1240 1258
change_ruid(uid_t ruid)
1241
-