[unix-history] / usr / src / sys / kern / kern_prot.c

/*
 * Copyright (c) 1982, 1986, 1989, 1990 Regents of the University of California.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms are permitted
 * provided that the above copyright notice and this paragraph are
 * duplicated in all such forms and that any documentation,
 * advertising materials, and other materials related to such
 * distribution and use acknowledge that the software was developed
 * by the University of California, Berkeley.  The name of the
 * University may not be used to endorse or promote products derived
 * from this software without specific prior written permission.
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
 *
 *	@(#)kern_prot.c	7.11 (Berkeley) %G%
 */

/*
 * System calls related to processes and protection
 */

#include "param.h"
#include "acct.h"
#include "systm.h"
#include "syscontext.h"
#include "proc.h"
#include "timeb.h"
#include "times.h"
#include "malloc.h"

/* ARGSUSED */
getpid(p, uap, retval)
	struct proc *p;
	void *uap;
	int *retval;
{

	*retval = p->p_pid;
#ifdef COMPAT_43
	retval[1] = p->p_ppid;
#endif
	RETURN (0);
}

/* ARGSUSED */
getppid(p, uap, retval)
	struct proc *p;
	void *uap;
	int *retval;
{

	*retval = p->p_ppid;
	RETURN (0);
}

getpgrp(p, uap, retval)
	struct proc *p;
	struct args {
		int	pid;
	} *uap;
	int *retval;
{

	if (uap->pid != 0 && (p = pfind(uap->pid)) == 0)
		RETURN (ESRCH);
	*retval = p->p_pgrp->pg_id;
	RETURN (0);
}

/* ARGSUSED */
getuid(p, uap, retval)
	struct proc *p;
	void *uap;
	int *retval;
{

	*retval = p->p_ruid;
#ifdef COMPAT_43
	retval[1] = u.u_cred->cr_uid;
#endif
	RETURN (0);
}

/* ARGSUSED */
geteuid(p, uap, retval)
	struct proc *p;
	void *uap;
	int *retval;
{

	*retval = u.u_cred->cr_uid;
	RETURN (0);
}

/* ARGSUSED */
getgid(p, uap, retval)
	struct proc *p;
	void *uap;
	int *retval;
{

	*retval = p->p_rgid;
#ifdef COMPAT_43
	retval[1] = u.u_cred->cr_groups[0];
#endif
	RETURN (0);
}

/*
 * Get effective group ID.
 * The "egid" is groups[0], and thus could be obtained via getgroups;
 * this is somewhat painful to do correctly in a library function,
 * this the existence of this syscall.
 */
/* ARGSUSED */
getegid(p, uap, retval)
	struct proc *p;
	void *uap;
	int *retval;
{

	*retval = u.u_cred->cr_groups[0];
	RETURN (0);
}

getgroups(p, uap, retval)
	struct proc *p;
	register struct	arg {
		u_int	gidsetsize;
		int	*gidset;		/* XXX not yet POSIX */
	} *uap;
	int *retval;
{
	register gid_t *gp;
	register int *lp;
	int groups[NGROUPS];
	int error;

	if (uap->gidsetsize == 0) {
		*retval = u.u_cred->cr_ngroups;
		RETURN (0);
	}
	if (uap->gidsetsize < u.u_cred->cr_ngroups)
		RETURN (EINVAL);
	uap->gidsetsize = u.u_cred->cr_ngroups;
	gp = u.u_cred->cr_groups;
	for (lp = groups; lp < &groups[uap->gidsetsize]; )
		*lp++ = *gp++;
	if (error = copyout((caddr_t)groups, (caddr_t)uap->gidset,
	    uap->gidsetsize * sizeof (groups[0])))
		RETURN (error);
	*retval = uap->gidsetsize;
	RETURN (0);
}

/* ARGSUSED */
setsid(p, uap, retval)
	struct proc *p;
	void *uap;
	int *retval;
{

	if (p->p_pgid == p->p_pid || pgfind(p->p_pid)) {
		RETURN (EPERM);
	} else {
		pgmv(p, p->p_pid, 1);
		*retval = p->p_pid;
		RETURN (0);
	}
}

/*
 * set process group (setpgrp/setpgid)
 *
 * caller does setpgrp(pid, pgid)
 *
 * pid must be caller or child of caller (ESRCH)
 * if a child
 *	pid must be in same session (EPERM)
 *	pid can't have done an exec (EACCES)
 * if pgid != pid
 * 	there must exist some pid in same session having pgid (EPERM)
 * pid must not be session leader (EPERM)
 */
/* ARGSUSED */
setpgrp(cp, uap, retval)
	struct proc *cp;
	register struct args {
		int	pid;
		int	pgid;
	} *uap;
	int *retval;
{
	register struct proc *p;
	register struct pgrp *pgrp;

	if (uap->pid != 0) {
		if ((p = pfind(uap->pid)) == 0 || !inferior(p))
			RETURN (ESRCH);
		if (p->p_session != cp->p_session)
			RETURN (EPERM);
		if (p->p_flag&SEXEC)
			RETURN (EACCES);
	} else
		p = cp;
	if (SESS_LEADER(p))
		RETURN (EPERM);
	if (uap->pgid == 0)
		uap->pgid = p->p_pid;
	else if ((uap->pgid != p->p_pid) &&
		(((pgrp = pgfind(uap->pgid)) == 0) || 
		   pgrp->pg_mem == NULL ||
	           pgrp->pg_session != u.u_procp->p_session))
		RETURN (EPERM);
	/*
	 * done checking, now do it
	 */
	pgmv(p, uap->pgid, 0);
	RETURN (0);
}

/* ARGSUSED */
setuid(p, uap, retval)
	register struct proc *p;
	struct args {
		int	uid;
	} *uap;
	int *retval;
{
	register uid_t uid;
	int error;

	uid = uap->uid;
	if (uid != p->p_ruid && (error = suser(u.u_cred, &u.u_acflag)))
		RETURN (error);
	/*
	 * Everything's okay, do it.
	 * Copy credentials so other references do not
	 * see our changes.
	 */
	if (u.u_cred->cr_ref > 1)
		u.u_cred = crcopy(u.u_cred);
	u.u_cred->cr_uid = uid;
	p->p_uid = uid;
	p->p_ruid = uid;
	p->p_svuid = uid;
	RETURN (0);
}

/* ARGSUSED */
seteuid(p, uap, retval)
	register struct proc *p;
	struct args {
		int	euid;
	} *uap;
	int *retval;
{
	register uid_t euid;
	int error;

	euid = uap->euid;
	if (euid != p->p_ruid && euid != p->p_svuid &&
	    (error = suser(u.u_cred, &u.u_acflag)))
		RETURN (error);
	/*
	 * Everything's okay, do it.
	 * Copy credentials so other references do not
	 * see our changes.
	 */
	if (u.u_cred->cr_ref > 1)
		u.u_cred = crcopy(u.u_cred);
	u.u_cred->cr_uid = euid;
	p->p_uid = euid;
	RETURN (0);
}

/* ARGSUSED */
setgid(p, uap, retval)
	struct proc *p;
	struct args {
		int	gid;
	} *uap;
	int *retval;
{
	register gid_t gid;
	int error;

	gid = uap->gid;
	if (gid != p->p_rgid && (error = suser(u.u_cred, &u.u_acflag)))
		RETURN (error);
	if (u.u_cred->cr_ref > 1)
		u.u_cred = crcopy(u.u_cred);
	p->p_rgid = gid;
	u.u_cred->cr_groups[0] = gid;
	p->p_svgid = gid;		/* ??? */
	RETURN (0);
}

/* ARGSUSED */
setegid(p, uap, retval)
	struct proc *p;
	struct args {
		int	egid;
	} *uap;
	int *retval;
{
	register gid_t egid;
	int error;

	egid = uap->egid;
	if (egid != p->p_rgid && egid != p->p_svgid &&
	    (error = suser(u.u_cred, &u.u_acflag)))
		RETURN (error);
	if (u.u_cred->cr_ref > 1)
		u.u_cred = crcopy(u.u_cred);
	u.u_cred->cr_groups[0] = egid;
	RETURN (0);
}

#ifdef COMPAT_43
/* ARGSUSED */
osetreuid(p, uap, retval)
	register struct proc *p;
	struct args {
		int	ruid;
		int	euid;
	} *uap;
	int *retval;
{
	register uid_t ruid, euid;
	int error;

	if (uap->ruid == -1)
	    (error = suser(u.u_cred, &u.u_acflag)))
		RETURN (error);
	if (uap->euid == -1)
	    euid != p->p_svuid && (error = suser(u.u_cred, &u.u_acflag)))
		RETURN (error);
	/*
	 * Everything's okay, do it.
	 * Copy credentials so other references do not
	 * see our changes.
	 */
	if (u.u_cred->cr_ref > 1)
		u.u_cred = crcopy(u.u_cred);
	u.u_cred->cr_uid = euid;
	p->p_uid = euid;
	p->p_ruid = ruid;
	RETURN (0);
}

/* ARGSUSED */
osetregid(p, uap, retval)
	struct proc *p;
	struct args {
		int	rgid;
		int	egid;
	} *uap;
	int *retval;
{
	register gid_t rgid, egid;
	int error;

	if (uap->rgid == -1)
	    (error = suser(u.u_cred, &u.u_acflag)))
		RETURN (error);
	if (uap->egid == -1)
	    egid != p->p_svgid && (error = suser(u.u_cred, &u.u_acflag)))
		RETURN (error);
	if (u.u_cred->cr_ref > 1)
		u.u_cred = crcopy(u.u_cred);
	p->p_rgid = rgid;
	u.u_cred->cr_groups[0] = egid;
	RETURN (0);
}
#endif

/* ARGSUSED */
setgroups(p, uap, retval)
	struct proc *p;
	struct args {
		u_int	gidsetsize;
		int	*gidset;
	} *uap;
	int *retval;
{
	register gid_t *gp;
	register int *lp;
	int error, ngrp, groups[NGROUPS];

	if (error = suser(u.u_cred, &u.u_acflag))
		RETURN (error);
	ngrp = uap->gidsetsize;
	if (ngrp > NGROUPS)
		RETURN (EINVAL);
	error = copyin((caddr_t)uap->gidset, (caddr_t)groups,
	    uap->gidsetsize * sizeof (groups[0]));
	if (error)
		RETURN (error);
	gp = u.u_cred->cr_groups;
	for (lp = groups; lp < &groups[uap->gidsetsize]; )
		*gp++ = *lp++;
	u.u_cred->cr_ngroups = ngrp;
	RETURN (0);
}

/*
 * Check if gid is a member of the group set.
 */
groupmember(gid, cred)
	gid_t gid;
	register struct ucred *cred;
{
	register gid_t *gp;
	gid_t *egp;

	egp = &(cred->cr_groups[cred->cr_ngroups]);
	for (gp = cred->cr_groups; gp < egp; gp++)
		if (*gp == gid)
			return (1);
	return (0);
}

/*
 * Test if the current user is the super user.
 */
suser(cred, acflag)
	struct ucred *cred;
	short *acflag;
{

	if (cred->cr_uid == 0) {
		if (acflag)
			*acflag |= ASU;
		return (0);
	}
	return (EPERM);
}

/*
 * Allocate a zeroed cred structure.
 */
struct ucred *
crget()
{
	register struct ucred *cr;

	MALLOC(cr, struct ucred *, sizeof(*cr), M_CRED, M_WAITOK);
	bzero((caddr_t)cr, sizeof(*cr));
	cr->cr_ref = 1;
	return (cr);
}

/*
 * Free a cred structure.
 * Throws away space when ref count gets to 0.
 */
crfree(cr)
	struct ucred *cr;
{
	int s = splimp();

	if (--cr->cr_ref != 0) {
		(void) splx(s);
		return;
	}
	FREE((caddr_t)cr, M_CRED);
	(void) splx(s);
}

/*
 * Copy cred structure to a new one and free the old one.
 */
struct ucred *
crcopy(cr)
	struct ucred *cr;
{
	struct ucred *newcr;

	newcr = crget();
	*newcr = *cr;
	crfree(cr);
	newcr->cr_ref = 1;
	return (newcr);
}

/*
 * Dup cred struct to a new held one.
 */
struct ucred *
crdup(cr)
	struct ucred *cr;
{
	struct ucred *newcr;

	newcr = crget();
	*newcr = *cr;
	newcr->cr_ref = 1;
	return (newcr);
}

/*
 * Get login name, if available.
 */
/* ARGSUSED */
getlogin(p, uap, retval)
	struct proc *p;
	struct args {
		char	*namebuf;
		u_int	namelen;
	} *uap;
	int *retval;
{

	if (uap->namelen > sizeof (p->p_logname))
		uap->namelen = sizeof (p->p_logname);
	RETURN (copyout((caddr_t)p->p_logname, (caddr_t)uap->namebuf,
	    uap->namelen));
}

/*
 * Set login name.
 */
/* ARGSUSED */
setlogin(p, uap, retval)
	struct proc *p;
	struct args {
		char	*namebuf;
	} *uap;
	int *retval;
{
	int error;

	if (error = suser(u.u_cred, &u.u_acflag))
		RETURN (error);
	error = copyinstr((caddr_t)uap->namebuf, (caddr_t)p->p_logname,
	    sizeof (p->p_logname) - 1, (int *) 0);
	if (error == ENOENT)		/* name too long */
		error = EINVAL;
	RETURN (error);
}
Commit	Line	Data
da7c5cc6	1	/*
d5dc47bf	2	* Copyright (c) 1982, 1986, 1989, 1990 Regents of the University of California.
88a39492	3	* All rights reserved.
da7c5cc6	4	*
88a39492 KM	5	* Redistribution and use in source and binary forms are permitted
	6	* provided that the above copyright notice and this paragraph are
	7	* duplicated in all such forms and that any documentation,
	8	* advertising materials, and other materials related to such
	9	* distribution and use acknowledge that the software was developed
	10	* by the University of California, Berkeley. The name of the
	11	* University may not be used to endorse or promote products derived
	12	* from this software without specific prior written permission.
	13	* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
	14	* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
	15	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
	16	*
d5dc47bf	17	* @(#)kern_prot.c 7.11 (Berkeley) %G%
da7c5cc6	18	*/
a05af100 BJ	19
a05af100 BJ	20	/*
4147b3f6	21	* System calls related to processes and protection
a05af100 BJ	22	*/
a05af100 BJ	23
94368568	24	#include "param.h"
88a39492	25	#include "acct.h"
94368568	26	#include "systm.h"
d5dc47bf	27	#include "syscontext.h"
94368568 JB	28	#include "proc.h"
	29	#include "timeb.h"
	30	#include "times.h"
88a39492	31	#include "malloc.h"
a05af100	32
d5dc47bf MK	33	/* ARGSUSED */
	34	getpid(p, uap, retval)
	35	struct proc *p;
	36	void *uap;
	37	int *retval;
4147b3f6 BJ	38	{
4147b3f6 BJ	39
d5dc47bf MK	40	*retval = p->p_pid;
	41	#ifdef COMPAT_43
	42	retval[1] = p->p_ppid;
	43	#endif
	44	RETURN (0);
4147b3f6 BJ	45	}
4147b3f6 BJ	46
d5dc47bf MK	47	/* ARGSUSED */
	48	getppid(p, uap, retval)
	49	struct proc *p;
	50	void *uap;
	51	int *retval;
4147b3f6	52	{
d5dc47bf MK	53
	54	*retval = p->p_ppid;
	55	RETURN (0);
	56	}
	57
	58	getpgrp(p, uap, retval)
	59	struct proc *p;
	60	struct args {
4147b3f6	61	int pid;
d5dc47bf MK	62	} *uap;
	63	int *retval;
	64	{
4147b3f6	65
d5dc47bf MK	66	if (uap->pid != 0 && (p = pfind(uap->pid)) == 0)
	67	RETURN (ESRCH);
	68	*retval = p->p_pgrp->pg_id;
	69	RETURN (0);
4147b3f6 BJ	70	}
4147b3f6 BJ	71
d5dc47bf MK	72	/* ARGSUSED */
	73	getuid(p, uap, retval)
	74	struct proc *p;
	75	void *uap;
	76	int *retval;
a05af100 BJ	77	{
a05af100 BJ	78
d5dc47bf MK	79	*retval = p->p_ruid;
	80	#ifdef COMPAT_43
	81	retval[1] = u.u_cred->cr_uid;
	82	#endif
	83	RETURN (0);
a05af100 BJ	84	}
a05af100 BJ	85
d5dc47bf MK	86	/* ARGSUSED */
	87	geteuid(p, uap, retval)
	88	struct proc *p;
	89	void *uap;
	90	int *retval;
4147b3f6 BJ	91	{
4147b3f6 BJ	92
d5dc47bf MK	93	*retval = u.u_cred->cr_uid;
d5dc47bf MK	94	RETURN (0);
4147b3f6 BJ	95	}
4147b3f6 BJ	96
d5dc47bf MK	97	/* ARGSUSED */
	98	getgid(p, uap, retval)
	99	struct proc *p;
	100	void *uap;
	101	int *retval;
	102	{
	103
	104	*retval = p->p_rgid;
	105	#ifdef COMPAT_43
	106	retval[1] = u.u_cred->cr_groups[0];
	107	#endif
	108	RETURN (0);
	109	}
	110
	111	/*
	112	* Get effective group ID.
	113	* The "egid" is groups[0], and thus could be obtained via getgroups;
	114	* this is somewhat painful to do correctly in a library function,
	115	* this the existence of this syscall.
	116	*/
	117	/* ARGSUSED */
	118	getegid(p, uap, retval)
	119	struct proc *p;
	120	void *uap;
	121	int *retval;
4147b3f6	122	{
d5dc47bf MK	123
	124	*retval = u.u_cred->cr_groups[0];
	125	RETURN (0);
	126	}
	127
	128	getgroups(p, uap, retval)
	129	struct proc *p;
	130	register struct arg {
b32450f4	131	u_int gidsetsize;
d5dc47bf MK	132	int gidset; / XXX not yet POSIX */
	133	} *uap;
	134	int *retval;
	135	{
38b6104c MK	136	register gid_t *gp;
	137	register int *lp;
	138	int groups[NGROUPS];
d5dc47bf	139	int error;
4147b3f6	140
88a39492	141	if (uap->gidsetsize == 0) {
d5dc47bf MK	142	*retval = u.u_cred->cr_ngroups;
d5dc47bf MK	143	RETURN (0);
197da11b	144	}
d5dc47bf MK	145	if (uap->gidsetsize < u.u_cred->cr_ngroups)
d5dc47bf MK	146	RETURN (EINVAL);
164c0f54 MK	147	uap->gidsetsize = u.u_cred->cr_ngroups;
164c0f54 MK	148	gp = u.u_cred->cr_groups;
88a39492	149	for (lp = groups; lp < &groups[uap->gidsetsize]; )
38b6104c	150	lp++ = gp++;
d5dc47bf MK	151	if (error = copyout((caddr_t)groups, (caddr_t)uap->gidset,
	152	uap->gidsetsize * sizeof (groups[0])))
	153	RETURN (error);
	154	*retval = uap->gidsetsize;
	155	RETURN (0);
4147b3f6 BJ	156	}
4147b3f6 BJ	157
d5dc47bf MK	158	/* ARGSUSED */
	159	setsid(p, uap, retval)
	160	struct proc *p;
	161	void *uap;
	162	int *retval;
8fe87cbb	163	{
8fe87cbb	164
d5dc47bf MK	165	if (p->p_pgid == p->p_pid \|\| pgfind(p->p_pid)) {
	166	RETURN (EPERM);
	167	} else {
8fe87cbb	168	pgmv(p, p->p_pid, 1);
d5dc47bf MK	169	*retval = p->p_pid;
d5dc47bf MK	170	RETURN (0);
8fe87cbb	171	}
8fe87cbb MT	172	}
	173
	174	/*
d5dc47bf	175	* set process group (setpgrp/setpgid)
8fe87cbb	176	*
164c0f54 MK	177	* caller does setpgrp(pid, pgid)
	178	*
	179	* pid must be caller or child of caller (ESRCH)
	180	* if a child
	181	* pid must be in same session (EPERM)
	182	* pid can't have done an exec (EACCES)
	183	* if pgid != pid
	184	* there must exist some pid in same session having pgid (EPERM)
	185	* pid must not be session leader (EPERM)
8fe87cbb	186	*/
d5dc47bf MK	187	/* ARGSUSED */
	188	setpgrp(cp, uap, retval)
	189	struct proc *cp;
	190	register struct args {
4147b3f6	191	int pid;
8fe87cbb	192	int pgid;
d5dc47bf MK	193	} *uap;
	194	int *retval;
	195	{
8fe87cbb MT	196	register struct proc *p;
8fe87cbb MT	197	register struct pgrp *pgrp;
4147b3f6	198
d5dc47bf MK	199	if (uap->pid != 0) {
	200	if ((p = pfind(uap->pid)) == 0 \|\| !inferior(p))
	201	RETURN (ESRCH);
	202	if (p->p_session != cp->p_session)
	203	RETURN (EPERM);
	204	if (p->p_flag&SEXEC)
	205	RETURN (EACCES);
	206	} else
	207	p = cp;
	208	if (SESS_LEADER(p))
	209	RETURN (EPERM);
8fe87cbb MT	210	if (uap->pgid == 0)
	211	uap->pgid = p->p_pid;
	212	else if ((uap->pgid != p->p_pid) &&
	213	(((pgrp = pgfind(uap->pgid)) == 0) \|\|
	214	pgrp->pg_mem == NULL \|\|
d5dc47bf MK	215	pgrp->pg_session != u.u_procp->p_session))
d5dc47bf MK	216	RETURN (EPERM);
8fe87cbb	217	/*
d5dc47bf	218	* done checking, now do it
8fe87cbb MT	219	*/
8fe87cbb MT	220	pgmv(p, uap->pgid, 0);
d5dc47bf	221	RETURN (0);
4147b3f6 BJ	222	}
4147b3f6 BJ	223
d5dc47bf MK	224	/* ARGSUSED */
	225	setuid(p, uap, retval)
	226	register struct proc *p;
	227	struct args {
	228	int uid;
	229	} *uap;
	230	int *retval;
4f083fd7	231	{
d5dc47bf MK	232	register uid_t uid;
	233	int error;
	234
	235	uid = uap->uid;
	236	if (uid != p->p_ruid && (error = suser(u.u_cred, &u.u_acflag)))
	237	RETURN (error);
	238	/*
	239	* Everything's okay, do it.
	240	* Copy credentials so other references do not
	241	* see our changes.
	242	*/
	243	if (u.u_cred->cr_ref > 1)
	244	u.u_cred = crcopy(u.u_cred);
	245	u.u_cred->cr_uid = uid;
	246	p->p_uid = uid;
	247	p->p_ruid = uid;
	248	p->p_svuid = uid;
	249	RETURN (0);
	250	}
	251
	252	/* ARGSUSED */
	253	seteuid(p, uap, retval)
	254	register struct proc *p;
	255	struct args {
4f083fd7 SL	256	int euid;
4f083fd7 SL	257	} *uap;
d5dc47bf MK	258	int *retval;
	259	{
	260	register uid_t euid;
	261	int error;
4f083fd7	262
4f083fd7	263	euid = uap->euid;
d5dc47bf MK	264	if (euid != p->p_ruid && euid != p->p_svuid &&
	265	(error = suser(u.u_cred, &u.u_acflag)))
	266	RETURN (error);
4f083fd7 SL	267	/*
4f083fd7 SL	268	* Everything's okay, do it.
88a39492 KM	269	* Copy credentials so other references do not
88a39492 KM	270	* see our changes.
4f083fd7	271	*/
88a39492 KM	272	if (u.u_cred->cr_ref > 1)
88a39492 KM	273	u.u_cred = crcopy(u.u_cred);
164c0f54 MK	274	u.u_cred->cr_uid = euid;
164c0f54 MK	275	p->p_uid = euid;
d5dc47bf	276	RETURN (0);
4f083fd7 SL	277	}
4f083fd7 SL	278
d5dc47bf MK	279	/* ARGSUSED */
	280	setgid(p, uap, retval)
	281	struct proc *p;
	282	struct args {
	283	int gid;
	284	} *uap;
	285	int *retval;
4f083fd7	286	{
d5dc47bf MK	287	register gid_t gid;
	288	int error;
	289
	290	gid = uap->gid;
	291	if (gid != p->p_rgid && (error = suser(u.u_cred, &u.u_acflag)))
	292	RETURN (error);
	293	if (u.u_cred->cr_ref > 1)
	294	u.u_cred = crcopy(u.u_cred);
	295	p->p_rgid = gid;
	296	u.u_cred->cr_groups[0] = gid;
	297	p->p_svgid = gid; /* ??? */
	298	RETURN (0);
	299	}
	300
	301	/* ARGSUSED */
	302	setegid(p, uap, retval)
	303	struct proc *p;
	304	struct args {
4f083fd7 SL	305	int egid;
4f083fd7 SL	306	} *uap;
d5dc47bf MK	307	int *retval;
	308	{
	309	register gid_t egid;
	310	int error;
4f083fd7	311
4f083fd7	312	egid = uap->egid;
d5dc47bf MK	313	if (egid != p->p_rgid && egid != p->p_svgid &&
	314	(error = suser(u.u_cred, &u.u_acflag)))
	315	RETURN (error);
88a39492 KM	316	if (u.u_cred->cr_ref > 1)
88a39492 KM	317	u.u_cred = crcopy(u.u_cred);
164c0f54	318	u.u_cred->cr_groups[0] = egid;
d5dc47bf MK	319	RETURN (0);
	320	}
	321
	322	#ifdef COMPAT_43
	323	/* ARGSUSED */
	324	osetreuid(p, uap, retval)
	325	register struct proc *p;
	326	struct args {
	327	int ruid;
	328	int euid;
	329	} *uap;
	330	int *retval;
	331	{
	332	register uid_t ruid, euid;
	333	int error;
	334
	335	if (uap->ruid == -1)
	336	(error = suser(u.u_cred, &u.u_acflag)))
	337	RETURN (error);
	338	if (uap->euid == -1)
	339	euid != p->p_svuid && (error = suser(u.u_cred, &u.u_acflag)))
	340	RETURN (error);
	341	/*
	342	* Everything's okay, do it.
	343	* Copy credentials so other references do not
	344	* see our changes.
	345	*/
	346	if (u.u_cred->cr_ref > 1)
	347	u.u_cred = crcopy(u.u_cred);
	348	u.u_cred->cr_uid = euid;
	349	p->p_uid = euid;
	350	p->p_ruid = ruid;
	351	RETURN (0);
4f083fd7	352	}
a05af100	353
d5dc47bf MK	354	/* ARGSUSED */
	355	osetregid(p, uap, retval)
	356	struct proc *p;
	357	struct args {
	358	int rgid;
	359	int egid;
	360	} *uap;
	361	int *retval;
4147b3f6	362	{
d5dc47bf MK	363	register gid_t rgid, egid;
	364	int error;
	365
	366	if (uap->rgid == -1)
	367	(error = suser(u.u_cred, &u.u_acflag)))
	368	RETURN (error);
	369	if (uap->egid == -1)
	370	egid != p->p_svgid && (error = suser(u.u_cred, &u.u_acflag)))
	371	RETURN (error);
	372	if (u.u_cred->cr_ref > 1)
	373	u.u_cred = crcopy(u.u_cred);
	374	p->p_rgid = rgid;
	375	u.u_cred->cr_groups[0] = egid;
	376	RETURN (0);
	377	}
	378	#endif
	379
	380	/* ARGSUSED */
	381	setgroups(p, uap, retval)
	382	struct proc *p;
	383	struct args {
b32450f4	384	u_int gidsetsize;
4147b3f6	385	int *gidset;
d5dc47bf MK	386	} *uap;
	387	int *retval;
	388	{
38b6104c MK	389	register gid_t *gp;
38b6104c MK	390	register int *lp;
d5dc47bf	391	int error, ngrp, groups[NGROUPS];
4147b3f6	392
d5dc47bf MK	393	if (error = suser(u.u_cred, &u.u_acflag))
d5dc47bf MK	394	RETURN (error);
164c0f54	395	ngrp = uap->gidsetsize;
d5dc47bf MK	396	if (ngrp > NGROUPS)
	397	RETURN (EINVAL);
	398	error = copyin((caddr_t)uap->gidset, (caddr_t)groups,
38b6104c	399	uap->gidsetsize * sizeof (groups[0]));
d5dc47bf MK	400	if (error)
d5dc47bf MK	401	RETURN (error);
164c0f54	402	gp = u.u_cred->cr_groups;
88a39492	403	for (lp = groups; lp < &groups[uap->gidsetsize]; )
38b6104c	404	gp++ = lp++;
164c0f54	405	u.u_cred->cr_ngroups = ngrp;
d5dc47bf	406	RETURN (0);
4147b3f6 BJ	407	}
4147b3f6 BJ	408
f926daf9	409	/*
88a39492	410	* Check if gid is a member of the group set.
f926daf9	411	*/
88a39492	412	groupmember(gid, cred)
90731a34	413	gid_t gid;
88a39492	414	register struct ucred *cred;
197da11b	415	{
38b6104c	416	register gid_t *gp;
88a39492	417	gid_t *egp;
197da11b	418
88a39492 KM	419	egp = &(cred->cr_groups[cred->cr_ngroups]);
88a39492 KM	420	for (gp = cred->cr_groups; gp < egp; gp++)
197da11b	421	if (*gp == gid)
88a39492 KM	422	return (1);
88a39492 KM	423	return (0);
197da11b BJ	424	}
197da11b BJ	425
f926daf9	426	/*
88a39492	427	* Test if the current user is the super user.
f926daf9	428	*/
88a39492 KM	429	suser(cred, acflag)
	430	struct ucred *cred;
	431	short *acflag;
197da11b	432	{
197da11b	433
88a39492 KM	434	if (cred->cr_uid == 0) {
	435	if (acflag)
	436	*acflag \|= ASU;
	437	return (0);
38b6104c	438	}
88a39492	439	return (EPERM);
197da11b	440	}
f926daf9 SL	441
f926daf9 SL	442	/*
88a39492	443	* Allocate a zeroed cred structure.
f926daf9	444	*/
88a39492 KM	445	struct ucred *
88a39492 KM	446	crget()
f926daf9	447	{
88a39492	448	register struct ucred *cr;
f926daf9	449
88a39492 KM	450	MALLOC(cr, struct ucred , sizeof(cr), M_CRED, M_WAITOK);
	451	bzero((caddr_t)cr, sizeof(*cr));
	452	cr->cr_ref = 1;
d5dc47bf	453	return (cr);
88a39492 KM	454	}
	455
	456	/*
	457	* Free a cred structure.
	458	* Throws away space when ref count gets to 0.
	459	*/
	460	crfree(cr)
	461	struct ucred *cr;
	462	{
d5dc47bf	463	int s = splimp();
88a39492 KM	464
	465	if (--cr->cr_ref != 0) {
	466	(void) splx(s);
	467	return;
	468	}
	469	FREE((caddr_t)cr, M_CRED);
	470	(void) splx(s);
	471	}
	472
	473	/*
	474	* Copy cred structure to a new one and free the old one.
	475	*/
	476	struct ucred *
	477	crcopy(cr)
	478	struct ucred *cr;
	479	{
	480	struct ucred *newcr;
	481
	482	newcr = crget();
	483	newcr = cr;
	484	crfree(cr);
	485	newcr->cr_ref = 1;
d5dc47bf	486	return (newcr);
88a39492 KM	487	}
	488
	489	/*
	490	* Dup cred struct to a new held one.
	491	*/
	492	struct ucred *
	493	crdup(cr)
	494	struct ucred *cr;
	495	{
	496	struct ucred *newcr;
	497
	498	newcr = crget();
	499	newcr = cr;
	500	newcr->cr_ref = 1;
d5dc47bf	501	return (newcr);
f926daf9	502	}
5b6ee178 KF	503
5b6ee178 KF	504	/*
164c0f54	505	* Get login name, if available.
5b6ee178	506	*/
d5dc47bf MK	507	/* ARGSUSED */
	508	getlogin(p, uap, retval)
	509	struct proc *p;
	510	struct args {
5b6ee178 KF	511	char *namebuf;
5b6ee178 KF	512	u_int namelen;
d5dc47bf MK	513	} *uap;
	514	int *retval;
	515	{
5b6ee178	516
d5dc47bf MK	517	if (uap->namelen > sizeof (p->p_logname))
	518	uap->namelen = sizeof (p->p_logname);
	519	RETURN (copyout((caddr_t)p->p_logname, (caddr_t)uap->namebuf,
	520	uap->namelen));
5b6ee178 KF	521	}
	522
	523	/*
164c0f54	524	* Set login name.
5b6ee178	525	*/
d5dc47bf MK	526	/* ARGSUSED */
	527	setlogin(p, uap, retval)
	528	struct proc *p;
	529	struct args {
5b6ee178	530	char *namebuf;
d5dc47bf MK	531	} *uap;
	532	int *retval;
	533	{
164c0f54	534	int error;
5b6ee178	535
d5dc47bf MK	536	if (error = suser(u.u_cred, &u.u_acflag))
	537	RETURN (error);
	538	error = copyinstr((caddr_t)uap->namebuf, (caddr_t)p->p_logname,
	539	sizeof (p->p_logname) - 1, (int *) 0);
164c0f54 MK	540	if (error == ENOENT) /* name too long */
164c0f54 MK	541	error = EINVAL;
d5dc47bf	542	RETURN (error);
5b6ee178	543	}