Add an explicit credential argument to alq_open() to allow the caller to

specify what credential to use when authorizing vn_open() and later write operations, rather than curthread->td_ucred. When writing KTR traces to an ALQ, specify the credential of the thread generating the sysctl request. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
2003-06-22 22:28:56 +00:00 · 2003-06-22 22:28:56 +00:00 · 4b090e41ff
commit 4b090e41ff
parent b31745f599
3 changed files with 10 additions and 6 deletions
--- a/sys/kern/kern_alq.c
+++ b/sys/kern/kern_alq.c
@ -326,7 +326,8 @@ SYSINIT(ald, SI_SUB_LOCK, SI_ORDER_ANY, ald_startup, NULL)
 * Create the queue data structure, allocate the buffer, and open the file.
 */
 int
-alq_open(struct alq **alqp, const char *file, int size, int count)
+alq_open(struct alq **alqp, const char *file, struct ucred *cred, int size,
+    int count)
 {
 	struct thread *td;
 	struct nameidata nd;
@ -344,7 +345,7 @@ alq_open(struct alq **alqp, const char *file, int size, int count)
 	NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, file, td);
 	flags = FWRITE | O_NOFOLLOW | O_CREAT;

-	error = vn_open(&nd, &flags, 0);
+	error = vn_open_cred(&nd, &flags, 0, cred);
 	if (error)
 		return (error);
 	
@ -356,7 +357,7 @@ alq_open(struct alq **alqp, const char *file, int size, int count)
 	alq->aq_entbuf = malloc(count * size, M_ALD, M_WAITOK|M_ZERO);
 	alq->aq_first = malloc(sizeof(*ale) * count, M_ALD, M_WAITOK|M_ZERO);
 	alq->aq_vp = nd.ni_vp;
-	alq->aq_cred = crhold(td->td_ucred);
+	alq->aq_cred = crhold(cred);
 	alq->aq_entmax = count;
 	alq->aq_entlen = size;
 	alq->aq_entfree = alq->aq_first;
--- a/sys/kern/kern_ktr.c
+++ b/sys/kern/kern_ktr.c
@ -141,8 +141,9 @@ sysctl_debug_ktr_alq_enable(SYSCTL_HANDLER_ARGS)
 		error = suser(curthread);
 		if (error)
 			return (error);
-		error = alq_open(&ktr_alq, (const char *)ktr_alq_file, 
-		    sizeof(struct ktr_entry), ktr_alq_depth);
+		error = alq_open(&ktr_alq, (const char *)ktr_alq_file,
+		    req->td->td_ucred, sizeof(struct ktr_entry),
+		    ktr_alq_depth);
 		if (error == 0) {
 			ktr_mask &= ~KTR_ALQ_MASK;
 			ktr_alq_cnt = 0;
--- a/sys/sys/alq.h
+++ b/sys/sys/alq.h
@ -65,7 +65,9 @@ struct ale {
 * Returns:
 *	error from open or 0 on success
 */
-int alq_open(struct alq **, const char *file, int size, int count);
+struct ucred;
+int alq_open(struct alq **, const char *file, struct ucred *cred, int size,
+	    int count);

 /*
 * alq_write:  Write data into the queue