- Use td_ucred for jail checks.
- Move jail checks and some other checks involving constants and stack variables out from under Giant. This isn't perfectly safe atm because jail_sysvipc_allowed is read w/o a lock meaning that its value could be stale. This global variable will soon become a per-jail flag, however, at which time it will either not need a lock or will use the prison lock.
This commit is contained in:
parent
fdc6e087c0
commit
c6f55f33ea
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=91703
@ -288,17 +288,12 @@ msgsys(td, uap)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
if (uap->which >= sizeof(msgcalls)/sizeof(msgcalls[0]))
|
||||
return (EINVAL);
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
if (uap->which >= sizeof(msgcalls)/sizeof(msgcalls[0])) {
|
||||
error = EINVAL;
|
||||
goto done2;
|
||||
}
|
||||
error = (*msgcalls[uap->which])(td, &uap->a2);
|
||||
done2:
|
||||
mtx_unlock(&Giant);
|
||||
return (error);
|
||||
}
|
||||
@ -353,12 +348,10 @@ msgctl(td, uap)
|
||||
#ifdef MSG_DEBUG_OK
|
||||
printf("call to msgctl(%d, %d, 0x%x)\n", msqid, cmd, user_msqptr);
|
||||
#endif
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
|
||||
mtx_lock(&Giant);
|
||||
msqid = IPCID_TO_IX(msqid);
|
||||
|
||||
if (msqid < 0 || msqid >= msginfo.msgmni) {
|
||||
@ -498,19 +491,17 @@ msgget(td, uap)
|
||||
int msqid, error = 0;
|
||||
int key = uap->key;
|
||||
int msgflg = uap->msgflg;
|
||||
struct ucred *cred = td->td_proc->p_ucred;
|
||||
struct ucred *cred = td->td_ucred;
|
||||
register struct msqid_ds *msqptr = NULL;
|
||||
|
||||
#ifdef MSG_DEBUG_OK
|
||||
printf("msgget(0x%x, 0%o)\n", key, msgflg);
|
||||
#endif
|
||||
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
|
||||
mtx_lock(&Giant);
|
||||
if (key != IPC_PRIVATE) {
|
||||
for (msqid = 0; msqid < msginfo.msgmni; msqid++) {
|
||||
msqptr = &msqids[msqid];
|
||||
@ -630,12 +621,10 @@ msgsnd(td, uap)
|
||||
printf("call to msgsnd(%d, 0x%x, %d, %d)\n", msqid, user_msgp, msgsz,
|
||||
msgflg);
|
||||
#endif
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
|
||||
mtx_lock(&Giant);
|
||||
msqid = IPCID_TO_IX(msqid);
|
||||
|
||||
if (msqid < 0 || msqid >= msginfo.msgmni) {
|
||||
@ -974,12 +963,10 @@ msgrcv(td, uap)
|
||||
msgsz, msgtyp, msgflg);
|
||||
#endif
|
||||
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
|
||||
mtx_lock(&Giant);
|
||||
msqid = IPCID_TO_IX(msqid);
|
||||
|
||||
if (msqid < 0 || msqid >= msginfo.msgmni) {
|
||||
|
@ -261,17 +261,12 @@ semsys(td, uap)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
if (uap->which >= sizeof(semcalls)/sizeof(semcalls[0]))
|
||||
return (EINVAL);
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
if (uap->which >= sizeof(semcalls)/sizeof(semcalls[0])) {
|
||||
error = EINVAL;
|
||||
goto done2;
|
||||
}
|
||||
error = (*semcalls[uap->which])(td, &uap->a2);
|
||||
done2:
|
||||
mtx_unlock(&Giant);
|
||||
return (error);
|
||||
}
|
||||
@ -485,12 +480,10 @@ __semctl(td, uap)
|
||||
#ifdef SEM_DEBUG
|
||||
printf("call to semctl(%d, %d, %d, 0x%x)\n", semid, semnum, cmd, arg);
|
||||
#endif
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
|
||||
mtx_lock(&Giant);
|
||||
switch(cmd) {
|
||||
case SEM_STAT:
|
||||
if (semid < 0 || semid >= seminfo.semmsl)
|
||||
@ -693,17 +686,15 @@ semget(td, uap)
|
||||
int key = uap->key;
|
||||
int nsems = uap->nsems;
|
||||
int semflg = uap->semflg;
|
||||
struct ucred *cred = td->td_proc->p_ucred;
|
||||
struct ucred *cred = td->td_ucred;
|
||||
|
||||
#ifdef SEM_DEBUG
|
||||
printf("semget(0x%x, %d, 0%o)\n", key, nsems, semflg);
|
||||
#endif
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
|
||||
mtx_lock(&Giant);
|
||||
if (key != IPC_PRIVATE) {
|
||||
for (semid = 0; semid < seminfo.semmni; semid++) {
|
||||
if ((sema[semid].sem_perm.mode & SEM_ALLOC) &&
|
||||
@ -834,12 +825,10 @@ semop(td, uap)
|
||||
printf("call to semop(%d, 0x%x, %u)\n", semid, sops, nsops);
|
||||
#endif
|
||||
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
|
||||
mtx_lock(&Giant);
|
||||
semid = IPCID_TO_IX(semid); /* Convert back to zero origin */
|
||||
|
||||
if (semid < 0 || semid >= seminfo.semmsl) {
|
||||
|
@ -260,11 +260,9 @@ shmdt(td, uap)
|
||||
int i;
|
||||
int error = 0;
|
||||
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(p->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm;
|
||||
if (shmmap_s == NULL) {
|
||||
error = EINVAL;
|
||||
@ -313,11 +311,9 @@ shmat(td, uap)
|
||||
int rv;
|
||||
int error = 0;
|
||||
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(p->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm;
|
||||
if (shmmap_s == NULL) {
|
||||
size = shminfo.shmseg * sizeof(struct shmmap_state);
|
||||
@ -425,11 +421,9 @@ oshmctl(td, uap)
|
||||
struct shmid_ds *shmseg;
|
||||
struct oshmid_ds outbuf;
|
||||
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
shmseg = shm_find_segment_by_shmid(uap->shmid);
|
||||
if (shmseg == NULL) {
|
||||
error = EINVAL;
|
||||
@ -486,11 +480,9 @@ shmctl(td, uap)
|
||||
struct shmid_ds inbuf;
|
||||
struct shmid_ds *shmseg;
|
||||
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
switch (uap->cmd) {
|
||||
case IPC_INFO:
|
||||
error = copyout( (caddr_t)&shminfo, uap->buf, sizeof( shminfo ) );
|
||||
@ -706,11 +698,9 @@ shmget(td, uap)
|
||||
int segnum, mode;
|
||||
int error;
|
||||
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
mode = uap->shmflg & ACCESSPERMS;
|
||||
if (uap->key != IPC_PRIVATE) {
|
||||
again:
|
||||
@ -748,17 +738,12 @@ shmsys(td, uap)
|
||||
{
|
||||
int error;
|
||||
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
|
||||
return (ENOSYS);
|
||||
if (uap->which >= sizeof(shmcalls)/sizeof(shmcalls[0]))
|
||||
return (EINVAL);
|
||||
mtx_lock(&Giant);
|
||||
if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) {
|
||||
error = ENOSYS;
|
||||
goto done2;
|
||||
}
|
||||
if (uap->which >= sizeof(shmcalls)/sizeof(shmcalls[0])) {
|
||||
error = EINVAL;
|
||||
goto done2;
|
||||
}
|
||||
error = (*shmcalls[uap->which])(td, &uap->a2);
|
||||
done2:
|
||||
mtx_unlock(&Giant);
|
||||
return (error);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user