Use suser() to determine super-user-ness, don't examine cr_uid directly.

1999-01-30 12:21:49 +00:00 · 1999-01-30 12:21:49 +00:00 · 3631fb0d2a
commit 3631fb0d2a
parent 3ffe82070e
8 changed files with 45 additions and 30 deletions
--- a/sys/i386/isa/atapi-cd.c
+++ b/sys/i386/isa/atapi-cd.c
@ -25,7 +25,7 @@
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
- *	$Id: atapi-cd.c,v 1.6 1998/12/07 21:58:20 archie Exp $
+ *	$Id: atapi-cd.c,v 1.7 1999/01/02 17:11:45 hoek Exp $
 */

 #include "wdc.h"
@ -652,8 +652,9 @@ acdioctl(dev_t dev, u_long cmd, caddr_t addr, int flag, struct proc *p)
            			0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0);

    case CDIOCRESET:
-        if (p->p_cred->pc_ucred->cr_uid)
-            return EPERM;
+        error = suser(p->p_ucred, &p->p_acflag);
+        if (error)
+            return (error);
        return acd_request_wait(cdp, ATAPI_TEST_UNIT_READY,
            			0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);

--- a/sys/i386/isa/wd_cd.c
+++ b/sys/i386/isa/wd_cd.c
@ -25,7 +25,7 @@
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
- *	$Id: atapi-cd.c,v 1.6 1998/12/07 21:58:20 archie Exp $
+ *	$Id: atapi-cd.c,v 1.7 1999/01/02 17:11:45 hoek Exp $
 */

 #include "wdc.h"
@ -652,8 +652,9 @@ acdioctl(dev_t dev, u_long cmd, caddr_t addr, int flag, struct proc *p)
            			0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0);

    case CDIOCRESET:
-        if (p->p_cred->pc_ucred->cr_uid)
-            return EPERM;
+        error = suser(p->p_ucred, &p->p_acflag);
+        if (error)
+            return (error);
        return acd_request_wait(cdp, ATAPI_TEST_UNIT_READY,
            			0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);

--- a/sys/i386/isa/wfd.c
+++ b/sys/i386/isa/wfd.c
@ -23,7 +23,7 @@
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
- *      $Id: wfd.c,v 1.16 1998/09/15 08:15:30 gibbs Exp $
+ *      $Id: wfd.c,v 1.17 1998/12/07 21:58:24 archie Exp $
 */

 /*
@ -681,20 +681,23 @@ int wfdioctl (dev_t dev, u_long cmd, caddr_t addr, int flag, struct proc *p)
 		}
 	switch (cmd) {
 	case CDIOCSETDEBUG:
-		if (p->p_cred->pc_ucred->cr_uid)
-			return (EPERM);
+		error = suser(p->p_ucred, &p->p_acflag);
+		if (error)
+			return (error);
 		t->flags |= F_DEBUG;
 		atapi_debug (t->ata, 1);
 		return 0;
 	case CDIOCCLRDEBUG:
-		if (p->p_cred->pc_ucred->cr_uid)
-			return (EPERM);
+		error = suser(p->p_ucred, &p->p_acflag);
+		if (error)
+			return (error);
 		t->flags &= ~F_DEBUG;
 		atapi_debug (t->ata, 0);
 		return 0;
 	case CDIOCRESET:
-		if (p->p_cred->pc_ucred->cr_uid)
-			return (EPERM);
+		error = suser(p->p_ucred, &p->p_acflag);
+		if (error)
+			return (error);
 		return wfd_request_wait (t, ATAPI_TEST_UNIT_READY,
 			0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
 	case CDIOCEJECT:
--- a/sys/kern/sysv_ipc.c
+++ b/sys/kern/sysv_ipc.c
@ -1,4 +1,4 @@
-/*	$Id: sysv_ipc.c,v 1.7 1997/11/06 19:29:22 phk Exp $ */
+/*	$Id: sysv_ipc.c,v 1.8 1997/11/18 12:52:10 bde Exp $ */
 /*	$NetBSD: sysv_ipc.c,v 1.7 1994/06/29 06:33:11 cgd Exp $	*/

 /*
@ -41,6 +41,9 @@

 /*
 * Check for ipc permission
+ *
+ * XXX: Should pass proc argument so that we can pass 
+ * XXX: proc->p_acflag to suser()
 */

 int
@ -50,7 +53,7 @@ ipcperm(cred, perm, mode)
 	int mode;
 {

-	if (cred->cr_uid == 0)
+	if (suser(cred, (u_short *)NULL))
 		return (0);

 	/* Check for user match. */
--- a/sys/kern/sysv_msg.c
+++ b/sys/kern/sysv_msg.c
@ -1,4 +1,4 @@
-/*	$Id: sysv_msg.c,v 1.17 1997/11/06 19:29:24 phk Exp $ */
+/*	$Id: sysv_msg.c,v 1.18 1998/03/30 09:50:35 phk Exp $ */

 /*
 * Implementation of SVID messages
@ -252,8 +252,11 @@ msgctl(p, uap)
 			return(eval);
 		if ((eval = copyin(user_msqptr, &msqbuf, sizeof(msqbuf))) != 0)
 			return(eval);
-		if (msqbuf.msg_qbytes > msqptr->msg_qbytes && cred->cr_uid != 0)
-			return(EPERM);
+		if (msqbuf.msg_qbytes > msqptr->msg_qbytes) {
+			eval = suser(cred, &p->p_acflag);
+			if (eval)
+				return(eval);
+		}
 		if (msqbuf.msg_qbytes > msginfo.msgmnb) {
 #ifdef MSG_DEBUG_OK
 			printf("can't increase msg_qbytes beyond %d (truncating)\n",
--- a/sys/kern/vfs_vnops.c
+++ b/sys/kern/vfs_vnops.c
@ -36,7 +36,7 @@
 * SUCH DAMAGE.
 *
 *	@(#)vfs_vnops.c	8.2 (Berkeley) 1/21/94
- * $Id: vfs_vnops.c,v 1.61 1999/01/05 18:49:56 eivind Exp $
+ * $Id: vfs_vnops.c,v 1.62 1999/01/20 14:49:11 eivind Exp $
 */

 #include <sys/param.h>
@ -423,7 +423,7 @@ vn_stat(vp, sb, p)
 	sb->st_ctimespec = vap->va_ctime;
 	sb->st_blksize = vap->va_blocksize;
 	sb->st_flags = vap->va_flags;
-	if (p->p_ucred->cr_uid != 0)
+	if (suser(p->p_ucred, (u_short *)NULL))
 		sb->st_gen = 0;
 	else
 		sb->st_gen = vap->va_gen;
--- a/sys/pc98/pc98/wd_cd.c
+++ b/sys/pc98/pc98/wd_cd.c
@ -25,7 +25,7 @@
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
- *	$Id: atapi-cd.c,v 1.6 1998/12/07 21:58:20 archie Exp $
+ *	$Id: atapi-cd.c,v 1.7 1999/01/02 17:11:45 hoek Exp $
 */

 #include "wdc.h"
@ -652,8 +652,9 @@ acdioctl(dev_t dev, u_long cmd, caddr_t addr, int flag, struct proc *p)
            			0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0);

    case CDIOCRESET:
-        if (p->p_cred->pc_ucred->cr_uid)
-            return EPERM;
+        error = suser(p->p_ucred, &p->p_acflag);
+        if (error)
+            return (error);
        return acd_request_wait(cdp, ATAPI_TEST_UNIT_READY,
            			0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);

--- a/sys/pc98/pc98/wfd.c
+++ b/sys/pc98/pc98/wfd.c
@ -23,7 +23,7 @@
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
- *      $Id: wfd.c,v 1.16 1998/09/15 08:15:30 gibbs Exp $
+ *      $Id: wfd.c,v 1.17 1998/12/07 21:58:24 archie Exp $
 */

 /*
@ -681,20 +681,23 @@ int wfdioctl (dev_t dev, u_long cmd, caddr_t addr, int flag, struct proc *p)
 		}
 	switch (cmd) {
 	case CDIOCSETDEBUG:
-		if (p->p_cred->pc_ucred->cr_uid)
-			return (EPERM);
+		error = suser(p->p_ucred, &p->p_acflag);
+		if (error)
+			return (error);
 		t->flags |= F_DEBUG;
 		atapi_debug (t->ata, 1);
 		return 0;
 	case CDIOCCLRDEBUG:
-		if (p->p_cred->pc_ucred->cr_uid)
-			return (EPERM);
+		error = suser(p->p_ucred, &p->p_acflag);
+		if (error)
+			return (error);
 		t->flags &= ~F_DEBUG;
 		atapi_debug (t->ata, 0);
 		return 0;
 	case CDIOCRESET:
-		if (p->p_cred->pc_ucred->cr_uid)
-			return (EPERM);
+		error = suser(p->p_ucred, &p->p_acflag);
+		if (error)
+			return (error);
 		return wfd_request_wait (t, ATAPI_TEST_UNIT_READY,
 			0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
 	case CDIOCEJECT: