o Remove (struct proc *p = td->td_proc) indirection in ipcperm(),
as suser_td(td) works as well as suser_xxx(NULL, p->p_ucred, 0); This simplifies upcoming changes to suser(), and causes this code to use the right credential (well, largely) once the td->td_ucred changes are complete. There remains some redundancy and oddness in this code, which should be rethought after the next batch of suser and credential changes.
This commit is contained in:
parent
bc5fc9140e
commit
fad8096565
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=85904
@ -88,14 +88,12 @@ ipcperm(td, perm, mode)
|
||||
struct ipc_perm *perm;
|
||||
int mode;
|
||||
{
|
||||
struct proc *p = td->td_proc;
|
||||
struct ucred *cred = p->p_ucred;
|
||||
struct ucred *cred = td->td_proc->p_ucred;
|
||||
|
||||
/* Check for user match. */
|
||||
if (cred->cr_uid != perm->cuid && cred->cr_uid != perm->uid) {
|
||||
if (mode & IPC_M)
|
||||
return (suser_xxx(p->p_ucred, NULL, 0) == 0 ? 0 :
|
||||
EPERM);
|
||||
return (suser_td(td) == 0 ? 0 : EPERM);
|
||||
/* Check for group match. */
|
||||
mode >>= 3;
|
||||
if (!groupmember(perm->gid, cred) &&
|
||||
@ -107,5 +105,5 @@ ipcperm(td, perm, mode)
|
||||
if (mode & IPC_M)
|
||||
return (0);
|
||||
return ((mode & perm->mode) == mode ||
|
||||
suser_xxx(p->p_ucred, NULL, 0) == 0 ? 0 : EACCES);
|
||||
suser_td(td) == 0 ? 0 : EACCES);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user