diff --git a/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c b/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c index 019f29f..e49cee1 100644 --- a/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c +++ b/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c @@ -41,35 +41,35 @@ int secpolicy_nfs(cred_t *cr) { - return (priv_check_cred(cr, PRIV_NFS_DAEMON, 0)); + return (priv_check_cred(cr, PRIV_NFS_DAEMON)); } int secpolicy_zfs(cred_t *cr) { - return (priv_check_cred(cr, PRIV_VFS_MOUNT, 0)); + return (priv_check_cred(cr, PRIV_VFS_MOUNT)); } int secpolicy_sys_config(cred_t *cr, int checkonly __unused) { - return (priv_check_cred(cr, PRIV_ZFS_POOL_CONFIG, 0)); + return (priv_check_cred(cr, PRIV_ZFS_POOL_CONFIG)); } int secpolicy_zinject(cred_t *cr) { - return (priv_check_cred(cr, PRIV_ZFS_INJECT, 0)); + return (priv_check_cred(cr, PRIV_ZFS_INJECT)); } int secpolicy_fs_unmount(cred_t *cr, struct mount *vfsp __unused) { - return (priv_check_cred(cr, PRIV_VFS_UNMOUNT, 0)); + return (priv_check_cred(cr, PRIV_VFS_UNMOUNT)); } int @@ -97,7 +97,7 @@ secpolicy_basic_link(vnode_t *vp, cred_t *cr) return (0); if (secpolicy_fs_owner(vp->v_mount, cr) == 0) return (0); - return (priv_check_cred(cr, PRIV_VFS_LINK, 0)); + return (priv_check_cred(cr, PRIV_VFS_LINK)); } int @@ -113,7 +113,7 @@ secpolicy_vnode_remove(vnode_t *vp, cred_t *cr) if (secpolicy_fs_owner(vp->v_mount, cr) == 0) return (0); - return (priv_check_cred(cr, PRIV_VFS_ADMIN, 0)); + return (priv_check_cred(cr, PRIV_VFS_ADMIN)); } int @@ -123,18 +123,18 @@ secpolicy_vnode_access(cred_t *cr, vnode_t *vp, uid_t owner, accmode_t accmode) if (secpolicy_fs_owner(vp->v_mount, cr) == 0) return (0); - if ((accmode & VREAD) && priv_check_cred(cr, PRIV_VFS_READ, 0) != 0) + if ((accmode & VREAD) && priv_check_cred(cr, PRIV_VFS_READ) != 0) return (EACCES); if ((accmode & VWRITE) && - priv_check_cred(cr, PRIV_VFS_WRITE, 0) != 0) { + priv_check_cred(cr, PRIV_VFS_WRITE) != 0) { return (EACCES); } if (accmode & VEXEC) { if (vp->v_type == VDIR) { - if (priv_check_cred(cr, PRIV_VFS_LOOKUP, 0) != 0) + if (priv_check_cred(cr, PRIV_VFS_LOOKUP) != 0) return (EACCES); } else { - if (priv_check_cred(cr, PRIV_VFS_EXEC, 0) != 0) + if (priv_check_cred(cr, PRIV_VFS_EXEC) != 0) return (EACCES); } } @@ -192,7 +192,7 @@ secpolicy_vnode_any_access(cred_t *cr, vnode_t *vp, uid_t owner) continue; break; } - if (priv_check_cred(cr, priv, 0) == 0) + if (priv_check_cred(cr, priv) == 0) return (0); } return (EPERM); @@ -206,7 +206,7 @@ secpolicy_vnode_setdac(vnode_t *vp, cred_t *cr, uid_t owner) return (0); if (secpolicy_fs_owner(vp->v_mount, cr) == 0) return (0); - return (priv_check_cred(cr, PRIV_VFS_ADMIN, 0)); + return (priv_check_cred(cr, PRIV_VFS_ADMIN)); } int @@ -256,7 +256,7 @@ secpolicy_vnode_setattr(cred_t *cr, vnode_t *vp, struct vattr *vap, ((mask & AT_GID) && vap->va_gid != ovap->va_gid && !groupmember(vap->va_gid, cr))) { if (secpolicy_fs_owner(vp->v_mount, cr) != 0) { - error = priv_check_cred(cr, PRIV_VFS_CHOWN, 0); + error = priv_check_cred(cr, PRIV_VFS_CHOWN); if (error) return (error); } @@ -300,7 +300,7 @@ secpolicy_vnode_setids_setgids(vnode_t *vp, cred_t *cr, gid_t gid) return (0); if (secpolicy_fs_owner(vp->v_mount, cr) == 0) return (0); - return (priv_check_cred(cr, PRIV_VFS_SETGID, 0)); + return (priv_check_cred(cr, PRIV_VFS_SETGID)); } int @@ -310,7 +310,7 @@ secpolicy_vnode_setid_retain(vnode_t *vp, cred_t *cr, if (secpolicy_fs_owner(vp->v_mount, cr) == 0) return (0); - return (priv_check_cred(cr, PRIV_VFS_RETAINSUGID, 0)); + return (priv_check_cred(cr, PRIV_VFS_RETAINSUGID)); } void @@ -321,7 +321,7 @@ secpolicy_setid_clear(struct vattr *vap, vnode_t *vp, cred_t *cr) return; if ((vap->va_mode & (S_ISUID | S_ISGID)) != 0) { - if (priv_check_cred(cr, PRIV_VFS_RETAINSUGID, 0)) { + if (priv_check_cred(cr, PRIV_VFS_RETAINSUGID)) { vap->va_mask |= AT_MODE; vap->va_mode &= ~(S_ISUID|S_ISGID); } @@ -343,7 +343,7 @@ secpolicy_setid_setsticky_clear(vnode_t *vp, struct vattr *vap, * is not a member of. Both of these are allowed in jail(8). */ if (vp->v_type != VDIR && (vap->va_mode & S_ISTXT)) { - if (priv_check_cred(cr, PRIV_VFS_STICKYFILE, 0)) + if (priv_check_cred(cr, PRIV_VFS_STICKYFILE)) return (EFTYPE); } /* @@ -359,7 +359,7 @@ secpolicy_setid_setsticky_clear(vnode_t *vp, struct vattr *vap, * Deny setting setuid if we are not the file owner. */ if ((vap->va_mode & S_ISUID) && ovap->va_uid != cr->cr_uid) { - error = priv_check_cred(cr, PRIV_VFS_ADMIN, 0); + error = priv_check_cred(cr, PRIV_VFS_ADMIN); if (error) return (error); } @@ -370,7 +370,7 @@ int secpolicy_fs_mount(cred_t *cr, vnode_t *mvp, struct mount *vfsp) { - return (priv_check_cred(cr, PRIV_VFS_MOUNT, 0)); + return (priv_check_cred(cr, PRIV_VFS_MOUNT)); } int @@ -383,7 +383,7 @@ secpolicy_vnode_owner(vnode_t *vp, cred_t *cr, uid_t owner) return (0); /* XXX: vfs_suser()? */ - return (priv_check_cred(cr, PRIV_VFS_MOUNT_OWNER, 0)); + return (priv_check_cred(cr, PRIV_VFS_MOUNT_OWNER)); } int @@ -392,14 +392,14 @@ secpolicy_vnode_chown(vnode_t *vp, cred_t *cr, uid_t owner) if (secpolicy_fs_owner(vp->v_mount, cr) == 0) return (0); - return (priv_check_cred(cr, PRIV_VFS_CHOWN, 0)); + return (priv_check_cred(cr, PRIV_VFS_CHOWN)); } void secpolicy_fs_mount_clearopts(cred_t *cr, struct mount *vfsp) { - if (priv_check_cred(cr, PRIV_VFS_MOUNT_NONUSER, 0) != 0) { + if (priv_check_cred(cr, PRIV_VFS_MOUNT_NONUSER) != 0) { MNT_ILOCK(vfsp); vfsp->vfs_flag |= VFS_NOSETUID | MNT_USER; vfs_clearmntopt(vfsp, MNTOPT_SETUID); @@ -418,12 +418,12 @@ secpolicy_xvattr(vnode_t *vp, xvattr_t *xvap, uid_t owner, cred_t *cr, if (secpolicy_fs_owner(vp->v_mount, cr) == 0) return (0); - return (priv_check_cred(cr, PRIV_VFS_SYSFLAGS, 0)); + return (priv_check_cred(cr, PRIV_VFS_SYSFLAGS)); } int secpolicy_smb(cred_t *cr) { - return (priv_check_cred(cr, PRIV_NETSMB, 0)); + return (priv_check_cred(cr, PRIV_NETSMB)); } diff --git a/sys/cddl/compat/opensolaris/kern/opensolaris_zone.c b/sys/cddl/compat/opensolaris/kern/opensolaris_zone.c index 55b1906..f4a6042 100644 --- a/sys/cddl/compat/opensolaris/kern/opensolaris_zone.c +++ b/sys/cddl/compat/opensolaris/kern/opensolaris_zone.c @@ -63,7 +63,7 @@ zone_dataset_attach(struct ucred *cred, const char *dataset, int jailid) struct prison *pr; int dofree, error; - if ((error = priv_check_cred(cred, PRIV_ZFS_JAIL, 0)) != 0) + if ((error = priv_check_cred(cred, PRIV_ZFS_JAIL)) != 0) return (error); /* Allocate memory before we grab prison's mutex. */ @@ -115,7 +115,7 @@ zone_dataset_detach(struct ucred *cred, const char *dataset, int jailid) struct prison *pr; int error; - if ((error = priv_check_cred(cred, PRIV_ZFS_JAIL, 0)) != 0) + if ((error = priv_check_cred(cred, PRIV_ZFS_JAIL)) != 0) return (error); sx_slock(&allprison_lock); diff --git a/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c b/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c index b70e363..64a8d09 100644 --- a/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c +++ b/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c @@ -5959,7 +5959,7 @@ zfs_freebsd_setattr(ap) * processes. */ if (secpolicy_fs_owner(vp->v_mount, cred) == 0 || - priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0) == 0) { + priv_check_cred(cred, PRIV_VFS_SYSFLAGS) == 0) { if (zflags & (ZFS_IMMUTABLE | ZFS_APPENDONLY | ZFS_NOUNLINK)) { error = securelevel_gt(cred, 0); diff --git a/sys/compat/linux/linux_misc.c b/sys/compat/linux/linux_misc.c index 4365b10..241b08c 100644 --- a/sys/compat/linux/linux_misc.c +++ b/sys/compat/linux/linux_misc.c @@ -1119,7 +1119,7 @@ linux_setgroups(struct thread *td, struct linux_setgroups_args *args) * Keep cr_groups[0] unchanged to prevent that. */ - if ((error = priv_check_cred(oldcred, PRIV_CRED_SETGROUPS, 0)) != 0) { + if ((error = priv_check_cred(oldcred, PRIV_CRED_SETGROUPS)) != 0) { PROC_UNLOCK(p); crfree(newcred); goto out; diff --git a/sys/compat/linux/linux_uid16.c b/sys/compat/linux/linux_uid16.c index b66fb5c..e24e7fd 100644 --- a/sys/compat/linux/linux_uid16.c +++ b/sys/compat/linux/linux_uid16.c @@ -191,7 +191,7 @@ linux_setgroups16(struct thread *td, struct linux_setgroups16_args *args) * Keep cr_groups[0] unchanged to prevent that. */ - if ((error = priv_check_cred(oldcred, PRIV_CRED_SETGROUPS, 0)) != 0) { + if ((error = priv_check_cred(oldcred, PRIV_CRED_SETGROUPS)) != 0) { PROC_UNLOCK(p); crfree(newcred); diff --git a/sys/fs/ext2fs/ext2_vnops.c b/sys/fs/ext2fs/ext2_vnops.c index 4f8f6a9..3f94161 100644 --- a/sys/fs/ext2fs/ext2_vnops.c +++ b/sys/fs/ext2fs/ext2_vnops.c @@ -423,7 +423,7 @@ ext2_setattr(ap) * Privileged non-jail processes may not modify system flags * if securelevel > 0 and any existing system flags are set. */ - if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0)) { + if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS)) { if (ip->i_flags & (SF_IMMUTABLE | SF_APPEND)) { error = securelevel_gt(cred, 0); if (error) @@ -540,12 +540,12 @@ ext2_chmod(vp, mode, cred, td) * process is not a member of. */ if (vp->v_type != VDIR && (mode & S_ISTXT)) { - error = priv_check_cred(cred, PRIV_VFS_STICKYFILE, 0); + error = priv_check_cred(cred, PRIV_VFS_STICKYFILE); if (error) return (EFTYPE); } if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) { - error = priv_check_cred(cred, PRIV_VFS_SETGID, 0); + error = priv_check_cred(cred, PRIV_VFS_SETGID); if (error) return (error); } @@ -589,7 +589,7 @@ ext2_chown(vp, uid, gid, cred, td) */ if (uid != ip->i_uid || (gid != ip->i_gid && !groupmember(gid, cred))) { - error = priv_check_cred(cred, PRIV_VFS_CHOWN, 0); + error = priv_check_cred(cred, PRIV_VFS_CHOWN); if (error) return (error); } @@ -599,7 +599,7 @@ ext2_chown(vp, uid, gid, cred, td) ip->i_uid = uid; ip->i_flag |= IN_CHANGE; if ((ip->i_mode & (ISUID | ISGID)) && (ouid != uid || ogid != gid)) { - if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID, 0) != 0) + if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID) != 0) ip->i_mode &= ~(ISUID | ISGID); } return (0); @@ -1651,7 +1651,7 @@ ext2_makeinode(mode, dvp, vpp, cnp) tvp->v_type = IFTOVT(mode); /* Rest init'd in getnewvnode(). */ ip->i_nlink = 1; if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred)) { - if (priv_check_cred(cnp->cn_cred, PRIV_VFS_RETAINSUGID, 0)) + if (priv_check_cred(cnp->cn_cred, PRIV_VFS_RETAINSUGID)) ip->i_mode &= ~ISGID; } @@ -1988,7 +1988,7 @@ ext2_write(ap) */ if ((ip->i_mode & (ISUID | ISGID)) && resid > uio->uio_resid && ap->a_cred) { - if (priv_check_cred(ap->a_cred, PRIV_VFS_RETAINSUGID, 0)) + if (priv_check_cred(ap->a_cred, PRIV_VFS_RETAINSUGID)) ip->i_mode &= ~(ISUID | ISGID); } if (error) { diff --git a/sys/fs/msdosfs/msdosfs_vnops.c b/sys/fs/msdosfs/msdosfs_vnops.c index a90ee8d..78fad2c 100644 --- a/sys/fs/msdosfs/msdosfs_vnops.c +++ b/sys/fs/msdosfs/msdosfs_vnops.c @@ -399,7 +399,7 @@ msdosfs_setattr(ap) if (vp->v_mount->mnt_flag & MNT_RDONLY) return (EROFS); if (cred->cr_uid != pmp->pm_uid) { - error = priv_check_cred(cred, PRIV_VFS_ADMIN, 0); + error = priv_check_cred(cred, PRIV_VFS_ADMIN); if (error) return (error); } @@ -416,7 +416,7 @@ msdosfs_setattr(ap) * sensible filesystem attempts it a lot. */ if (vap->va_flags & SF_SETTABLE) { - error = priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0); + error = priv_check_cred(cred, PRIV_VFS_SYSFLAGS); if (error) return (error); } @@ -443,7 +443,7 @@ msdosfs_setattr(ap) gid = pmp->pm_gid; if (cred->cr_uid != pmp->pm_uid || uid != pmp->pm_uid || (gid != pmp->pm_gid && !groupmember(gid, cred))) { - error = priv_check_cred(cred, PRIV_VFS_CHOWN, 0); + error = priv_check_cred(cred, PRIV_VFS_CHOWN); if (error) return (error); } @@ -514,7 +514,7 @@ msdosfs_setattr(ap) if (vp->v_mount->mnt_flag & MNT_RDONLY) return (EROFS); if (cred->cr_uid != pmp->pm_uid) { - error = priv_check_cred(cred, PRIV_VFS_ADMIN, 0); + error = priv_check_cred(cred, PRIV_VFS_ADMIN); if (error) return (error); } diff --git a/sys/fs/nandfs/nandfs_vnops.c b/sys/fs/nandfs/nandfs_vnops.c index b226d30..7b88f2c 100644 --- a/sys/fs/nandfs/nandfs_vnops.c +++ b/sys/fs/nandfs/nandfs_vnops.c @@ -719,11 +719,11 @@ nandfs_chmod(struct vnode *vp, int mode, struct ucred *cred, struct thread *td) * jail(8). */ if (vp->v_type != VDIR && (mode & S_ISTXT)) { - if (priv_check_cred(cred, PRIV_VFS_STICKYFILE, 0)) + if (priv_check_cred(cred, PRIV_VFS_STICKYFILE)) return (EFTYPE); } if (!groupmember(inode->i_gid, cred) && (mode & ISGID)) { - error = priv_check_cred(cred, PRIV_VFS_SETGID, 0); + error = priv_check_cred(cred, PRIV_VFS_SETGID); if (error) return (error); } @@ -732,7 +732,7 @@ nandfs_chmod(struct vnode *vp, int mode, struct ucred *cred, struct thread *td) * Deny setting setuid if we are not the file owner. */ if ((mode & ISUID) && inode->i_uid != cred->cr_uid) { - error = priv_check_cred(cred, PRIV_VFS_ADMIN, 0); + error = priv_check_cred(cred, PRIV_VFS_ADMIN); if (error) return (error); } @@ -775,7 +775,7 @@ nandfs_chown(struct vnode *vp, uid_t uid, gid_t gid, struct ucred *cred, */ if (((uid != inode->i_uid && uid != cred->cr_uid) || (gid != inode->i_gid && !groupmember(gid, cred))) && - (error = priv_check_cred(cred, PRIV_VFS_CHOWN, 0))) + (error = priv_check_cred(cred, PRIV_VFS_CHOWN))) return (error); ogid = inode->i_gid; ouid = inode->i_uid; @@ -786,7 +786,7 @@ nandfs_chown(struct vnode *vp, uid_t uid, gid_t gid, struct ucred *cred, node->nn_flags |= IN_CHANGE; if ((inode->i_mode & (ISUID | ISGID)) && (ouid != uid || ogid != gid)) { - if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID, 0)) { + if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID)) { inode->i_mode &= ~(ISUID | ISGID); } } @@ -839,7 +839,7 @@ nandfs_setattr(struct vop_setattr_args *ap) */ flags = inode->i_flags; - if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0)) { + if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS)) { if (flags & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) { error = securelevel_gt(cred, 0); if (error) diff --git a/sys/fs/nfs/nfs_commonsubs.c b/sys/fs/nfs/nfs_commonsubs.c index af63c85..8c54f17 100644 --- a/sys/fs/nfs/nfs_commonsubs.c +++ b/sys/fs/nfs/nfs_commonsubs.c @@ -1450,7 +1450,7 @@ nfsv4_loadattr(struct nfsrv_descript *nd, vnode_t vp, case NFSATTRBIT_QUOTAHARD: NFSM_DISSECT(tl, u_int32_t *, NFSX_HYPER); if (sbp != NULL) { - if (priv_check_cred(cred, PRIV_VFS_EXCEEDQUOTA, 0)) + if (priv_check_cred(cred, PRIV_VFS_EXCEEDQUOTA)) freenum = sbp->f_bfree; else freenum = sbp->f_bavail; @@ -1479,7 +1479,7 @@ nfsv4_loadattr(struct nfsrv_descript *nd, vnode_t vp, case NFSATTRBIT_QUOTASOFT: NFSM_DISSECT(tl, u_int32_t *, NFSX_HYPER); if (sbp != NULL) { - if (priv_check_cred(cred, PRIV_VFS_EXCEEDQUOTA, 0)) + if (priv_check_cred(cred, PRIV_VFS_EXCEEDQUOTA)) freenum = sbp->f_bfree; else freenum = sbp->f_bavail; @@ -2284,7 +2284,7 @@ nfsv4_fillattr(struct nfsrv_descript *nd, struct mount *mp, vnode_t vp, free(cp, M_NFSSTRING); break; case NFSATTRBIT_QUOTAHARD: - if (priv_check_cred(cred, PRIV_VFS_EXCEEDQUOTA, 0)) + if (priv_check_cred(cred, PRIV_VFS_EXCEEDQUOTA)) freenum = fs.f_bfree; else freenum = fs.f_bavail; @@ -2308,7 +2308,7 @@ nfsv4_fillattr(struct nfsrv_descript *nd, struct mount *mp, vnode_t vp, retnum += NFSX_HYPER; break; case NFSATTRBIT_QUOTASOFT: - if (priv_check_cred(cred, PRIV_VFS_EXCEEDQUOTA, 0)) + if (priv_check_cred(cred, PRIV_VFS_EXCEEDQUOTA)) freenum = fs.f_bfree; else freenum = fs.f_bavail; @@ -2360,7 +2360,7 @@ nfsv4_fillattr(struct nfsrv_descript *nd, struct mount *mp, vnode_t vp, break; case NFSATTRBIT_SPACEAVAIL: NFSM_BUILD(tl, u_int32_t *, NFSX_HYPER); - if (priv_check_cred(cred, PRIV_VFS_BLOCKRESERVE, 0)) + if (priv_check_cred(cred, PRIV_VFS_BLOCKRESERVE)) uquad = (u_int64_t)fs.f_bfree; else uquad = (u_int64_t)fs.f_bavail; diff --git a/sys/fs/nfsserver/nfs_nfsdport.c b/sys/fs/nfsserver/nfs_nfsdport.c index 93c7af5..0d0bc8b 100644 --- a/sys/fs/nfsserver/nfs_nfsdport.c +++ b/sys/fs/nfsserver/nfs_nfsdport.c @@ -792,7 +792,7 @@ nfsvno_createsub(struct nfsrv_descript *nd, struct nameidata *ndp, nvap->na_type = VFIFO; if (nvap->na_type != VFIFO && (error = priv_check_cred(nd->nd_cred, - PRIV_VFS_MKNOD_DEV, 0))) { + PRIV_VFS_MKNOD_DEV))) { vrele(ndp->ni_startdir); nfsvno_relpathbuf(ndp); vput(ndp->ni_dvp); @@ -886,7 +886,7 @@ nfsvno_mknod(struct nameidata *ndp, struct nfsvattr *nvap, struct ucred *cred, nfsvno_relpathbuf(ndp); } else { if (nvap->na_type != VFIFO && - (error = priv_check_cred(cred, PRIV_VFS_MKNOD_DEV, 0))) { + (error = priv_check_cred(cred, PRIV_VFS_MKNOD_DEV))) { vrele(ndp->ni_startdir); nfsvno_relpathbuf(ndp); vput(ndp->ni_dvp); diff --git a/sys/fs/tmpfs/tmpfs_subr.c b/sys/fs/tmpfs/tmpfs_subr.c index 5f1616c..7d1a352 100644 --- a/sys/fs/tmpfs/tmpfs_subr.c +++ b/sys/fs/tmpfs/tmpfs_subr.c @@ -1098,7 +1098,7 @@ tmpfs_chflags(struct vnode *vp, int flags, struct ucred *cred, struct thread *p) * Unprivileged processes are not permitted to unset system * flags, or modify flags if any system flags are set. */ - if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0)) { + if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS)) { if (node->tn_flags & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) { error = securelevel_gt(cred, 0); @@ -1157,11 +1157,11 @@ tmpfs_chmod(struct vnode *vp, mode_t mode, struct ucred *cred, struct thread *p) * process is not a member of. */ if (vp->v_type != VDIR && (mode & S_ISTXT)) { - if (priv_check_cred(cred, PRIV_VFS_STICKYFILE, 0)) + if (priv_check_cred(cred, PRIV_VFS_STICKYFILE)) return (EFTYPE); } if (!groupmember(node->tn_gid, cred) && (mode & S_ISGID)) { - error = priv_check_cred(cred, PRIV_VFS_SETGID, 0); + error = priv_check_cred(cred, PRIV_VFS_SETGID); if (error) return (error); } @@ -1229,7 +1229,7 @@ tmpfs_chown(struct vnode *vp, uid_t uid, gid_t gid, struct ucred *cred, */ if ((uid != node->tn_uid || (gid != node->tn_gid && !groupmember(gid, cred))) && - (error = priv_check_cred(cred, PRIV_VFS_CHOWN, 0))) + (error = priv_check_cred(cred, PRIV_VFS_CHOWN))) return (error); ogid = node->tn_gid; @@ -1241,7 +1241,7 @@ tmpfs_chown(struct vnode *vp, uid_t uid, gid_t gid, struct ucred *cred, node->tn_status |= TMPFS_NODE_CHANGED; if ((node->tn_mode & (S_ISUID | S_ISGID)) && (ouid != uid || ogid != gid)) { - if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID, 0)) + if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID)) node->tn_mode &= ~(S_ISUID | S_ISGID); } diff --git a/sys/fs/tmpfs/tmpfs_vnops.c b/sys/fs/tmpfs/tmpfs_vnops.c index 368e1ca..199f34c 100644 --- a/sys/fs/tmpfs/tmpfs_vnops.c +++ b/sys/fs/tmpfs/tmpfs_vnops.c @@ -775,7 +775,7 @@ tmpfs_write(struct vop_write_args *v) (extended ? TMPFS_NODE_CHANGED : 0); if (node->tn_mode & (S_ISUID | S_ISGID)) { - if (priv_check_cred(v->a_cred, PRIV_VFS_RETAINSUGID, 0)) + if (priv_check_cred(v->a_cred, PRIV_VFS_RETAINSUGID)) node->tn_mode &= ~(S_ISUID | S_ISGID); } diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 90f7311..2c04a51 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -694,7 +694,7 @@ interpret: setsugid(p); #ifdef KTRACE - if (priv_check_cred(oldcred, PRIV_DEBUG_DIFFCRED, 0)) + if (priv_check_cred(oldcred, PRIV_DEBUG_DIFFCRED)) ktrprocexec(p, &tracecred, &tracevp); #endif /* diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c index 46cdca1..1910332 100644 --- a/sys/kern/kern_fork.c +++ b/sys/kern/kern_fork.c @@ -893,7 +893,7 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp, */ sx_xlock(&allproc_lock); if ((nprocs >= maxproc - 10 && priv_check_cred(td->td_ucred, - PRIV_MAXPROC, 0) != 0) || nprocs >= maxproc) { + PRIV_MAXPROC) != 0) || nprocs >= maxproc) { error = EAGAIN; goto fail; } @@ -904,7 +904,7 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp, * * XXXRW: Can we avoid privilege here if it's not needed? */ - error = priv_check_cred(td->td_ucred, PRIV_PROC_LIMIT, 0); + error = priv_check_cred(td->td_ucred, PRIV_PROC_LIMIT); if (error == 0) ok = chgproccnt(td->td_ucred->cr_ruidinfo, 1, 0); else { diff --git a/sys/kern/kern_priv.c b/sys/kern/kern_priv.c index fd3a95c..87f914a 100644 --- a/sys/kern/kern_priv.c +++ b/sys/kern/kern_priv.c @@ -68,7 +68,7 @@ SDT_PROBE_DEFINE1(priv, kernel, priv_check, priv_err, priv-err, "int"); * only a few to grant it. */ int -priv_check_cred(struct ucred *cred, int priv, int flags) +priv_check_cred(struct ucred *cred, int priv) { int error; @@ -157,5 +157,5 @@ priv_check(struct thread *td, int priv) KASSERT(td == curthread, ("priv_check: td != curthread")); - return (priv_check_cred(td->td_ucred, priv, 0)); + return (priv_check_cred(td->td_ucred, priv)); } diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index 53af793..8c8c8f5 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -540,7 +540,7 @@ sys_setuid(struct thread *td, struct setuid_args *uap) #ifdef POSIX_APPENDIX_B_4_2_2 /* Use BSD-compat clause from B.4.2.2 */ uid != oldcred->cr_uid && /* allow setuid(geteuid()) */ #endif - (error = priv_check_cred(oldcred, PRIV_CRED_SETUID, 0)) != 0) + (error = priv_check_cred(oldcred, PRIV_CRED_SETUID)) != 0) goto fail; #ifdef _POSIX_SAVED_IDS @@ -553,7 +553,7 @@ sys_setuid(struct thread *td, struct setuid_args *uap) uid == oldcred->cr_uid || #endif /* We are using privs. */ - priv_check_cred(oldcred, PRIV_CRED_SETUID, 0) == 0) + priv_check_cred(oldcred, PRIV_CRED_SETUID) == 0) #endif { /* @@ -632,7 +632,7 @@ sys_seteuid(struct thread *td, struct seteuid_args *uap) if (euid != oldcred->cr_ruid && /* allow seteuid(getuid()) */ euid != oldcred->cr_svuid && /* allow seteuid(saved uid) */ - (error = priv_check_cred(oldcred, PRIV_CRED_SETEUID, 0)) != 0) + (error = priv_check_cred(oldcred, PRIV_CRED_SETEUID)) != 0) goto fail; /* @@ -699,7 +699,7 @@ sys_setgid(struct thread *td, struct setgid_args *uap) #ifdef POSIX_APPENDIX_B_4_2_2 /* Use BSD-compat clause from B.4.2.2 */ gid != oldcred->cr_groups[0] && /* allow setgid(getegid()) */ #endif - (error = priv_check_cred(oldcred, PRIV_CRED_SETGID, 0)) != 0) + (error = priv_check_cred(oldcred, PRIV_CRED_SETGID)) != 0) goto fail; #ifdef _POSIX_SAVED_IDS @@ -712,7 +712,7 @@ sys_setgid(struct thread *td, struct setgid_args *uap) gid == oldcred->cr_groups[0] || #endif /* We are using privs. */ - priv_check_cred(oldcred, PRIV_CRED_SETGID, 0) == 0) + priv_check_cred(oldcred, PRIV_CRED_SETGID) == 0) #endif { /* @@ -781,7 +781,7 @@ sys_setegid(struct thread *td, struct setegid_args *uap) if (egid != oldcred->cr_rgid && /* allow setegid(getgid()) */ egid != oldcred->cr_svgid && /* allow setegid(saved gid) */ - (error = priv_check_cred(oldcred, PRIV_CRED_SETEGID, 0)) != 0) + (error = priv_check_cred(oldcred, PRIV_CRED_SETEGID)) != 0) goto fail; if (oldcred->cr_groups[0] != egid) { @@ -845,7 +845,7 @@ kern_setgroups(struct thread *td, u_int ngrp, gid_t *groups) goto fail; #endif - error = priv_check_cred(oldcred, PRIV_CRED_SETGROUPS, 0); + error = priv_check_cred(oldcred, PRIV_CRED_SETGROUPS); if (error) goto fail; @@ -908,7 +908,7 @@ sys_setreuid(register struct thread *td, struct setreuid_args *uap) ruid != oldcred->cr_svuid) || (euid != (uid_t)-1 && euid != oldcred->cr_uid && euid != oldcred->cr_ruid && euid != oldcred->cr_svuid)) && - (error = priv_check_cred(oldcred, PRIV_CRED_SETREUID, 0)) != 0) + (error = priv_check_cred(oldcred, PRIV_CRED_SETREUID)) != 0) goto fail; if (euid != (uid_t)-1 && oldcred->cr_uid != euid) { @@ -975,7 +975,7 @@ sys_setregid(register struct thread *td, struct setregid_args *uap) rgid != oldcred->cr_svgid) || (egid != (gid_t)-1 && egid != oldcred->cr_groups[0] && egid != oldcred->cr_rgid && egid != oldcred->cr_svgid)) && - (error = priv_check_cred(oldcred, PRIV_CRED_SETREGID, 0)) != 0) + (error = priv_check_cred(oldcred, PRIV_CRED_SETREGID)) != 0) goto fail; if (egid != (gid_t)-1 && oldcred->cr_groups[0] != egid) { @@ -1050,7 +1050,7 @@ sys_setresuid(register struct thread *td, struct setresuid_args *uap) (suid != (uid_t)-1 && suid != oldcred->cr_ruid && suid != oldcred->cr_svuid && suid != oldcred->cr_uid)) && - (error = priv_check_cred(oldcred, PRIV_CRED_SETRESUID, 0)) != 0) + (error = priv_check_cred(oldcred, PRIV_CRED_SETRESUID)) != 0) goto fail; if (euid != (uid_t)-1 && oldcred->cr_uid != euid) { @@ -1129,7 +1129,7 @@ sys_setresgid(register struct thread *td, struct setresgid_args *uap) (sgid != (gid_t)-1 && sgid != oldcred->cr_rgid && sgid != oldcred->cr_svgid && sgid != oldcred->cr_groups[0])) && - (error = priv_check_cred(oldcred, PRIV_CRED_SETRESGID, 0)) != 0) + (error = priv_check_cred(oldcred, PRIV_CRED_SETRESGID)) != 0) goto fail; if (egid != (gid_t)-1 && oldcred->cr_groups[0] != egid) { @@ -1345,7 +1345,7 @@ cr_seeotheruids(struct ucred *u1, struct ucred *u2) { if (!see_other_uids && u1->cr_ruid != u2->cr_ruid) { - if (priv_check_cred(u1, PRIV_SEEOTHERUIDS, 0) != 0) + if (priv_check_cred(u1, PRIV_SEEOTHERUIDS) != 0) return (ESRCH); } return (0); @@ -1384,7 +1384,7 @@ cr_seeothergids(struct ucred *u1, struct ucred *u2) break; } if (!match) { - if (priv_check_cred(u1, PRIV_SEEOTHERGIDS, 0) != 0) + if (priv_check_cred(u1, PRIV_SEEOTHERGIDS) != 0) return (ESRCH); } } @@ -1501,7 +1501,7 @@ cr_cansignal(struct ucred *cred, struct proc *proc, int signum) break; default: /* Not permitted without privilege. */ - error = priv_check_cred(cred, PRIV_SIGNAL_SUGID, 0); + error = priv_check_cred(cred, PRIV_SIGNAL_SUGID); if (error) return (error); } @@ -1515,7 +1515,7 @@ cr_cansignal(struct ucred *cred, struct proc *proc, int signum) cred->cr_ruid != proc->p_ucred->cr_svuid && cred->cr_uid != proc->p_ucred->cr_ruid && cred->cr_uid != proc->p_ucred->cr_svuid) { - error = priv_check_cred(cred, PRIV_SIGNAL_DIFFCRED, 0); + error = priv_check_cred(cred, PRIV_SIGNAL_DIFFCRED); if (error) return (error); } diff --git a/sys/kern/subr_acl_nfs4.c b/sys/kern/subr_acl_nfs4.c index ef378a0..57a2a50 100644 --- a/sys/kern/subr_acl_nfs4.c +++ b/sys/kern/subr_acl_nfs4.c @@ -258,7 +258,7 @@ vaccess_acl_nfs4(enum vtype type, uid_t file_uid, gid_t file_gid, */ if (is_directory) { if ((accmode & VEXEC) && !priv_check_cred(cred, - PRIV_VFS_LOOKUP, 0)) + PRIV_VFS_LOOKUP)) priv_granted |= VEXEC; } else { /* @@ -268,23 +268,23 @@ vaccess_acl_nfs4(enum vtype type, uid_t file_uid, gid_t file_gid, */ if ((accmode & VEXEC) && (file_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) != 0 && - !priv_check_cred(cred, PRIV_VFS_EXEC, 0)) + !priv_check_cred(cred, PRIV_VFS_EXEC)) priv_granted |= VEXEC; } - if ((accmode & VREAD) && !priv_check_cred(cred, PRIV_VFS_READ, 0)) + if ((accmode & VREAD) && !priv_check_cred(cred, PRIV_VFS_READ)) priv_granted |= VREAD; if ((accmode & (VWRITE | VAPPEND | VDELETE_CHILD)) && - !priv_check_cred(cred, PRIV_VFS_WRITE, 0)) + !priv_check_cred(cred, PRIV_VFS_WRITE)) priv_granted |= (VWRITE | VAPPEND | VDELETE_CHILD); if ((accmode & VADMIN_PERMS) && - !priv_check_cred(cred, PRIV_VFS_ADMIN, 0)) + !priv_check_cred(cred, PRIV_VFS_ADMIN)) priv_granted |= VADMIN_PERMS; if ((accmode & VSTAT_PERMS) && - !priv_check_cred(cred, PRIV_VFS_STAT, 0)) + !priv_check_cred(cred, PRIV_VFS_STAT)) priv_granted |= VSTAT_PERMS; if ((accmode & priv_granted) == accmode) { diff --git a/sys/kern/subr_acl_posix1e.c b/sys/kern/subr_acl_posix1e.c index 3200932..9ff4f96 100644 --- a/sys/kern/subr_acl_posix1e.c +++ b/sys/kern/subr_acl_posix1e.c @@ -89,7 +89,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (type == VDIR) { if ((accmode & VEXEC) && !priv_check_cred(cred, - PRIV_VFS_LOOKUP, 0)) + PRIV_VFS_LOOKUP)) priv_granted |= VEXEC; } else { /* @@ -99,18 +99,18 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, */ if ((accmode & VEXEC) && (acl_posix1e_acl_to_mode(acl) & (S_IXUSR | S_IXGRP | S_IXOTH)) != 0 && - !priv_check_cred(cred, PRIV_VFS_EXEC, 0)) + !priv_check_cred(cred, PRIV_VFS_EXEC)) priv_granted |= VEXEC; } - if ((accmode & VREAD) && !priv_check_cred(cred, PRIV_VFS_READ, 0)) + if ((accmode & VREAD) && !priv_check_cred(cred, PRIV_VFS_READ)) priv_granted |= VREAD; if (((accmode & VWRITE) || (accmode & VAPPEND)) && - !priv_check_cred(cred, PRIV_VFS_WRITE, 0)) + !priv_check_cred(cred, PRIV_VFS_WRITE)) priv_granted |= (VWRITE | VAPPEND); - if ((accmode & VADMIN) && !priv_check_cred(cred, PRIV_VFS_ADMIN, 0)) + if ((accmode & VADMIN) && !priv_check_cred(cred, PRIV_VFS_ADMIN)) priv_granted |= VADMIN; /* diff --git a/sys/kern/uipc_mqueue.c b/sys/kern/uipc_mqueue.c index eaee81e..f079404 100644 --- a/sys/kern/uipc_mqueue.c +++ b/sys/kern/uipc_mqueue.c @@ -1006,7 +1006,7 @@ int do_unlink(struct mqfs_node *pn, struct ucred *ucred) sx_assert(&pn->mn_info->mi_lock, SX_LOCKED); if (ucred->cr_uid != pn->mn_uid && - (error = priv_check_cred(ucred, PRIV_MQ_ADMIN, 0)) != 0) + (error = priv_check_cred(ucred, PRIV_MQ_ADMIN)) != 0) error = EACCES; else if (!pn->mn_deleted) { parent = pn->mn_parent; @@ -2519,7 +2519,7 @@ mqf_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred, gid = pn->mn_gid; if (((uid != pn->mn_uid && uid != active_cred->cr_uid) || (gid != pn->mn_gid && !groupmember(gid, active_cred))) && - (error = priv_check_cred(active_cred, PRIV_VFS_CHOWN, 0))) + (error = priv_check_cred(active_cred, PRIV_VFS_CHOWN))) goto out; pn->mn_uid = uid; pn->mn_gid = gid; diff --git a/sys/kern/uipc_sem.c b/sys/kern/uipc_sem.c index c219844..307b58e 100644 --- a/sys/kern/uipc_sem.c +++ b/sys/kern/uipc_sem.c @@ -284,7 +284,7 @@ ksem_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred, gid = ks->ks_gid; if (((uid != ks->ks_uid && uid != active_cred->cr_uid) || (gid != ks->ks_gid && !groupmember(gid, active_cred))) && - (error = priv_check_cred(active_cred, PRIV_VFS_CHOWN, 0))) + (error = priv_check_cred(active_cred, PRIV_VFS_CHOWN))) goto out; ks->ks_uid = uid; ks->ks_gid = gid; @@ -374,7 +374,7 @@ ksem_access(struct ksem *ks, struct ucred *ucred) error = vaccess(VREG, ks->ks_mode, ks->ks_uid, ks->ks_gid, VREAD | VWRITE, ucred, NULL); if (error) - error = priv_check_cred(ucred, PRIV_SEM_WRITE, 0); + error = priv_check_cred(ucred, PRIV_SEM_WRITE); return (error); } diff --git a/sys/kern/uipc_shm.c b/sys/kern/uipc_shm.c index 7f75bdc..fdf4630 100644 --- a/sys/kern/uipc_shm.c +++ b/sys/kern/uipc_shm.c @@ -736,7 +736,7 @@ shm_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred, gid = shmfd->shm_gid; if (((uid != shmfd->shm_uid && uid != active_cred->cr_uid) || (gid != shmfd->shm_gid && !groupmember(gid, active_cred))) && - (error = priv_check_cred(active_cred, PRIV_VFS_CHOWN, 0))) + (error = priv_check_cred(active_cred, PRIV_VFS_CHOWN))) goto out; shmfd->shm_uid = uid; shmfd->shm_gid = gid; diff --git a/sys/kern/vfs_mount.c b/sys/kern/vfs_mount.c index e9d3abe..27b7db9 100644 --- a/sys/kern/vfs_mount.c +++ b/sys/kern/vfs_mount.c @@ -787,7 +787,7 @@ vfs_domount_first( */ error = VOP_GETATTR(vp, &va, td->td_ucred); if (error == 0 && va.va_uid != td->td_ucred->cr_uid) - error = priv_check_cred(td->td_ucred, PRIV_VFS_ADMIN, 0); + error = priv_check_cred(td->td_ucred, PRIV_VFS_ADMIN); if (error == 0) error = vinvalbuf(vp, V_SAVE, 0, 0); if (error == 0 && vp->v_type != VDIR) diff --git a/sys/kern/vfs_subr.c b/sys/kern/vfs_subr.c index 631d3f2..f712ef6 100644 --- a/sys/kern/vfs_subr.c +++ b/sys/kern/vfs_subr.c @@ -3786,7 +3786,7 @@ privcheck: * requests, instead of PRIV_VFS_EXEC. */ if ((accmode & VEXEC) && ((dac_granted & VEXEC) == 0) && - !priv_check_cred(cred, PRIV_VFS_LOOKUP, 0)) + !priv_check_cred(cred, PRIV_VFS_LOOKUP)) priv_granted |= VEXEC; } else { /* @@ -3796,20 +3796,20 @@ privcheck: */ if ((accmode & VEXEC) && ((dac_granted & VEXEC) == 0) && (file_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) != 0 && - !priv_check_cred(cred, PRIV_VFS_EXEC, 0)) + !priv_check_cred(cred, PRIV_VFS_EXEC)) priv_granted |= VEXEC; } if ((accmode & VREAD) && ((dac_granted & VREAD) == 0) && - !priv_check_cred(cred, PRIV_VFS_READ, 0)) + !priv_check_cred(cred, PRIV_VFS_READ)) priv_granted |= VREAD; if ((accmode & VWRITE) && ((dac_granted & VWRITE) == 0) && - !priv_check_cred(cred, PRIV_VFS_WRITE, 0)) + !priv_check_cred(cred, PRIV_VFS_WRITE)) priv_granted |= (VWRITE | VAPPEND); if ((accmode & VADMIN) && ((dac_granted & VADMIN) == 0) && - !priv_check_cred(cred, PRIV_VFS_ADMIN, 0)) + !priv_check_cred(cred, PRIV_VFS_ADMIN)) priv_granted |= VADMIN; if ((accmode & (priv_granted | dac_granted)) == accmode) { @@ -3844,7 +3844,7 @@ extattr_check_cred(struct vnode *vp, int attrnamespace, struct ucred *cred, switch (attrnamespace) { case EXTATTR_NAMESPACE_SYSTEM: /* Potentially should be: return (EPERM); */ - return (priv_check_cred(cred, PRIV_VFS_EXTATTR_SYSTEM, 0)); + return (priv_check_cred(cred, PRIV_VFS_EXTATTR_SYSTEM)); case EXTATTR_NAMESPACE_USER: return (VOP_ACCESS(vp, accmode, cred, td)); default: diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index cc6d93c..7d87097 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -1573,13 +1573,13 @@ can_hardlink(struct vnode *vp, struct ucred *cred) return (error); if (hardlink_check_uid && cred->cr_uid != va.va_uid) { - error = priv_check_cred(cred, PRIV_VFS_LINK, 0); + error = priv_check_cred(cred, PRIV_VFS_LINK); if (error) return (error); } if (hardlink_check_gid && !groupmember(va.va_gid, cred)) { - error = priv_check_cred(cred, PRIV_VFS_LINK, 0); + error = priv_check_cred(cred, PRIV_VFS_LINK); if (error) return (error); } diff --git a/sys/net/if_tap.c b/sys/net/if_tap.c index 201f976..79a7605 100644 --- a/sys/net/if_tap.c +++ b/sys/net/if_tap.c @@ -344,7 +344,7 @@ tapclone(void *arg, struct ucred *cred, char *name, int namelen, struct cdev **d return; if (!tapdclone || - (!tapuopen && priv_check_cred(cred, PRIV_NET_IFCREATE, 0) != 0)) + (!tapuopen && priv_check_cred(cred, PRIV_NET_IFCREATE) != 0)) return; unit = 0; diff --git a/sys/net/if_tun.c b/sys/net/if_tun.c index f8eda08..f849b7e 100644 --- a/sys/net/if_tun.c +++ b/sys/net/if_tun.c @@ -208,7 +208,7 @@ tunclone(void *arg, struct ucred *cred, char *name, int namelen, * If tun cloning is enabled, only the superuser can create an * interface. */ - if (!tundclone || priv_check_cred(cred, PRIV_NET_IFCREATE, 0) != 0) + if (!tundclone || priv_check_cred(cred, PRIV_NET_IFCREATE) != 0) return; if (strcmp(name, TUNNAME) == 0) { diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index dd1460f..2abf446 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -377,7 +377,7 @@ in_pcb_lport(struct inpcb *inp, struct in_addr *laddrp, u_short *lportp, last = V_ipport_hilastauto; lastport = &pcbinfo->ipi_lasthi; } else if (inp->inp_flags & INP_LOWPORT) { - error = priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0); + error = priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT); if (error) return (error); first = V_ipport_lowfirstauto; /* 1023 */ @@ -558,12 +558,11 @@ in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp, /* GROSS */ if (ntohs(lport) <= V_ipport_reservedhigh && ntohs(lport) >= V_ipport_reservedlow && - priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, - 0)) + priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT)) return (EACCES); if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr)) && priv_check_cred(inp->inp_cred, - PRIV_NETINET_REUSEPORT, 0) != 0) { + PRIV_NETINET_REUSEPORT) != 0) { t = in_pcblookup_local(pcbinfo, sin->sin_addr, lport, INPLOOKUP_WILDCARD, cred); /* diff --git a/sys/netinet6/in6_pcb.c b/sys/netinet6/in6_pcb.c index 8ae5988..9ac4322 100644 --- a/sys/netinet6/in6_pcb.c +++ b/sys/netinet6/in6_pcb.c @@ -192,12 +192,11 @@ in6_pcbbind(register struct inpcb *inp, struct sockaddr *nam, /* GROSS */ if (ntohs(lport) <= V_ipport_reservedhigh && ntohs(lport) >= V_ipport_reservedlow && - priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, - 0)) + priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT)) return (EACCES); if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr) && priv_check_cred(inp->inp_cred, - PRIV_NETINET_REUSEPORT, 0) != 0) { + PRIV_NETINET_REUSEPORT)) { t = in6_pcblookup_local(pcbinfo, &sin6->sin6_addr, lport, INPLOOKUP_WILDCARD, cred); diff --git a/sys/netinet6/ip6_output.c b/sys/netinet6/ip6_output.c index df5ec0f..7b3ccdc 100644 --- a/sys/netinet6/ip6_output.c +++ b/sys/netinet6/ip6_output.c @@ -2751,8 +2751,7 @@ ip6_setpktopt(int optname, u_char *buf, int len, struct ip6_pktopts *opt, case IPV6_2292NEXTHOP: case IPV6_NEXTHOP: if (cred != NULL) { - error = priv_check_cred(cred, - PRIV_NETINET_SETHDROPTS, 0); + error = priv_check_cred(cred, PRIV_NETINET_SETHDROPTS); if (error) return (error); } @@ -2810,8 +2809,7 @@ ip6_setpktopt(int optname, u_char *buf, int len, struct ip6_pktopts *opt, * overhead. */ if (cred != NULL) { - error = priv_check_cred(cred, - PRIV_NETINET_SETHDROPTS, 0); + error = priv_check_cred(cred, PRIV_NETINET_SETHDROPTS); if (error) return (error); } @@ -2847,8 +2845,7 @@ ip6_setpktopt(int optname, u_char *buf, int len, struct ip6_pktopts *opt, int destlen; if (cred != NULL) { /* XXX: see the comment for IPV6_HOPOPTS */ - error = priv_check_cred(cred, - PRIV_NETINET_SETHDROPTS, 0); + error = priv_check_cred(cred, PRIV_NETINET_SETHDROPTS); if (error) return (error); } diff --git a/sys/netipsec/ipsec.c b/sys/netipsec/ipsec.c index 712040f..b24b258 100644 --- a/sys/netipsec/ipsec.c +++ b/sys/netipsec/ipsec.c @@ -979,7 +979,7 @@ ipsec_set_policy_internal(struct secpolicy **pcb_sp, int optname, /* Check privileged socket. */ if (cred != NULL && xpl->sadb_x_policy_type == IPSEC_POLICY_BYPASS) { - error = priv_check_cred(cred, PRIV_NETINET_IPSEC, 0); + error = priv_check_cred(cred, PRIV_NETINET_IPSEC); if (error) return (EACCES); } diff --git a/sys/netipsec/ipsec.h b/sys/netipsec/ipsec.h index 65faab8..ffc907c 100644 --- a/sys/netipsec/ipsec.h +++ b/sys/netipsec/ipsec.h @@ -51,7 +51,7 @@ #define IPSEC_IS_PRIVILEGED_SO(_so) \ ((_so)->so_cred != NULL && \ - priv_check_cred((_so)->so_cred, PRIV_NETINET_IPSEC, 0) \ + priv_check_cred((_so)->so_cred, PRIV_NETINET_IPSEC) \ == 0) /* diff --git a/sys/netncp/ncp_subr.h b/sys/netncp/ncp_subr.h index a0d3ce9..6886f83 100644 --- a/sys/netncp/ncp_subr.h +++ b/sys/netncp/ncp_subr.h @@ -78,7 +78,7 @@ #define checkbad(fn) {error=(fn);if(error) goto bad;} -#define ncp_suser(cred) priv_check_cred(cred, PRIV_NETNCP, 0) +#define ncp_suser(cred) priv_check_cred(cred, PRIV_NETNCP) #define ncp_isowner(conn,cred) ((cred)->cr_uid == (conn)->nc_owner->cr_uid) diff --git a/sys/netsmb/smb_subr.h b/sys/netsmb/smb_subr.h index 76d4c06..edc119f 100644 --- a/sys/netsmb/smb_subr.h +++ b/sys/netsmb/smb_subr.h @@ -62,7 +62,7 @@ void m_dumpm(struct mbuf *m); SIGISMEMBER(set, SIGHUP) || SIGISMEMBER(set, SIGKILL) || \ SIGISMEMBER(set, SIGQUIT)) -#define smb_suser(cred) priv_check_cred(cred, PRIV_NETSMB, 0) +#define smb_suser(cred) priv_check_cred(cred, PRIV_NETSMB) /* * Compatibility wrappers for simple locks diff --git a/sys/nfsserver/nfs_serv.c b/sys/nfsserver/nfs_serv.c index e51c761..a5397f2 100644 --- a/sys/nfsserver/nfs_serv.c +++ b/sys/nfsserver/nfs_serv.c @@ -1402,8 +1402,8 @@ nfsrv_create(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp, if (vap->va_type == VCHR && rdev == 0xffffffff) vap->va_type = VFIFO; if (vap->va_type != VFIFO && - (error = priv_check_cred(cred, PRIV_VFS_MKNOD_DEV, - 0))) { + (error = priv_check_cred(cred, PRIV_VFS_MKNOD_DEV)) + ) { goto ereply; } vap->va_rdev = rdev; @@ -1626,7 +1626,7 @@ nfsrv_mknod(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp, NDFREE(&nd, NDF_ONLY_PNBUF); } else { if (vtyp != VFIFO && (error = priv_check_cred(cred, - PRIV_VFS_MKNOD_DEV, 0))) + PRIV_VFS_MKNOD_DEV))) goto out; error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap); if (error) { diff --git a/sys/security/audit/audit_syscalls.c b/sys/security/audit/audit_syscalls.c index bf60874..f6038bc 100644 --- a/sys/security/audit/audit_syscalls.c +++ b/sys/security/audit/audit_syscalls.c @@ -596,7 +596,7 @@ sys_setauid(struct thread *td, struct setauid_args *uap) if (error) goto fail; #endif - error = priv_check_cred(oldcred, PRIV_AUDIT_SETAUDIT, 0); + error = priv_check_cred(oldcred, PRIV_AUDIT_SETAUDIT); if (error) goto fail; newcred->cr_audit.ai_auid = id; @@ -661,7 +661,7 @@ sys_setaudit(struct thread *td, struct setaudit_args *uap) if (error) goto fail; #endif - error = priv_check_cred(oldcred, PRIV_AUDIT_SETAUDIT, 0); + error = priv_check_cred(oldcred, PRIV_AUDIT_SETAUDIT); if (error) goto fail; bzero(&newcred->cr_audit, sizeof(newcred->cr_audit)); @@ -724,7 +724,7 @@ sys_setaudit_addr(struct thread *td, struct setaudit_addr_args *uap) if (error) goto fail; #endif - error = priv_check_cred(oldcred, PRIV_AUDIT_SETAUDIT, 0); + error = priv_check_cred(oldcred, PRIV_AUDIT_SETAUDIT); if (error) goto fail; newcred->cr_audit = aia; diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c index b7e4c54..ce837ab 100644 --- a/sys/security/mac/mac_net.c +++ b/sys/security/mac/mac_net.c @@ -478,7 +478,7 @@ mac_ifnet_ioctl_set(struct ucred *cred, struct ifreq *ifr, struct ifnet *ifp) * impose this check themselves if required by the policy * Eventually, this should go away. */ - error = priv_check_cred(cred, PRIV_NET_SETIFMAC, 0); + error = priv_check_cred(cred, PRIV_NET_SETIFMAC); if (error) { mac_ifnet_label_free(intlabel); return (error); diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c index ccbc525..8e614c1 100644 --- a/sys/security/mac_bsdextended/mac_bsdextended.c +++ b/sys/security/mac_bsdextended/mac_bsdextended.c @@ -386,20 +386,20 @@ ugidfw_rulecheck(struct mac_bsdextended_rule *rule, priv_granted = 0; mac_granted = rule->mbr_mode; if ((acc_mode & MBI_ADMIN) && (mac_granted & MBI_ADMIN) == 0 && - priv_check_cred(cred, PRIV_VFS_ADMIN, 0) == 0) + priv_check_cred(cred, PRIV_VFS_ADMIN) == 0) priv_granted |= MBI_ADMIN; if ((acc_mode & MBI_EXEC) && (mac_granted & MBI_EXEC) == 0 && priv_check_cred(cred, (vap->va_type == VDIR) ? PRIV_VFS_LOOKUP : - PRIV_VFS_EXEC, 0) == 0) + PRIV_VFS_EXEC) == 0) priv_granted |= MBI_EXEC; if ((acc_mode & MBI_READ) && (mac_granted & MBI_READ) == 0 && - priv_check_cred(cred, PRIV_VFS_READ, 0) == 0) + priv_check_cred(cred, PRIV_VFS_READ) == 0) priv_granted |= MBI_READ; if ((acc_mode & MBI_STAT) && (mac_granted & MBI_STAT) == 0 && - priv_check_cred(cred, PRIV_VFS_STAT, 0) == 0) + priv_check_cred(cred, PRIV_VFS_STAT) == 0) priv_granted |= MBI_STAT; if ((acc_mode & MBI_WRITE) && (mac_granted & MBI_WRITE) == 0 && - priv_check_cred(cred, PRIV_VFS_WRITE, 0) == 0) + priv_check_cred(cred, PRIV_VFS_WRITE) == 0) priv_granted |= MBI_WRITE; /* * Is the access permitted? diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c index 40c9c2f..e7e9808 100644 --- a/sys/security/mac_lomac/mac_lomac.c +++ b/sys/security/mac_lomac/mac_lomac.c @@ -1145,7 +1145,7 @@ lomac_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifp, * * XXXRW: This is also redundant to a higher layer check. */ - error = priv_check_cred(cred, PRIV_NET_SETIFMAC, 0); + error = priv_check_cred(cred, PRIV_NET_SETIFMAC); if (error) return (EPERM); diff --git a/sys/security/mac_partition/mac_partition.c b/sys/security/mac_partition/mac_partition.c index 729413e..8f02263 100644 --- a/sys/security/mac_partition/mac_partition.c +++ b/sys/security/mac_partition/mac_partition.c @@ -128,7 +128,7 @@ partition_cred_check_relabel(struct ucred *cred, struct label *newlabel) * partition in the first place, but this didn't interact * well with sendmail. */ - error = priv_check_cred(cred, PRIV_MAC_PARTITION, 0); + error = priv_check_cred(cred, PRIV_MAC_PARTITION); } return (error); diff --git a/sys/security/mac_portacl/mac_portacl.c b/sys/security/mac_portacl/mac_portacl.c index 1dbd199..5db7901 100644 --- a/sys/security/mac_portacl/mac_portacl.c +++ b/sys/security/mac_portacl/mac_portacl.c @@ -425,7 +425,7 @@ rules_check(struct ucred *cred, int family, int type, u_int16_t port) mtx_unlock(&rule_mtx); if (error != 0 && portacl_suser_exempt != 0) - error = priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0); + error = priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT); return (error); } diff --git a/sys/security/mac_seeotheruids/mac_seeotheruids.c b/sys/security/mac_seeotheruids/mac_seeotheruids.c index cef0d26..2d96464 100644 --- a/sys/security/mac_seeotheruids/mac_seeotheruids.c +++ b/sys/security/mac_seeotheruids/mac_seeotheruids.c @@ -123,7 +123,7 @@ seeotheruids_check(struct ucred *cr1, struct ucred *cr2) return (0); if (suser_privileged) { - if (priv_check_cred(cr1, PRIV_SEEOTHERUIDS, 0) == 0) + if (priv_check_cred(cr1, PRIV_SEEOTHERUIDS) == 0) return (0); } diff --git a/sys/sys/priv.h b/sys/sys/priv.h index b984f1a..8c81100 100644 --- a/sys/sys/priv.h +++ b/sys/sys/priv.h @@ -517,7 +517,7 @@ struct thread; struct ucred; int priv_check(struct thread *td, int priv); -int priv_check_cred(struct ucred *cred, int priv, int flags); +int priv_check_cred(struct ucred *cred, int priv); #endif #endif /* !_SYS_PRIV_H_ */ diff --git a/sys/ufs/ffs/ffs_alloc.c b/sys/ufs/ffs/ffs_alloc.c index 2b3740d..78a4ca3 100644 --- a/sys/ufs/ffs/ffs_alloc.c +++ b/sys/ufs/ffs/ffs_alloc.c @@ -188,7 +188,7 @@ retry: #endif if (size == fs->fs_bsize && fs->fs_cstotal.cs_nbfree == 0) goto nospace; - if (priv_check_cred(cred, PRIV_VFS_BLOCKRESERVE, 0) && + if (priv_check_cred(cred, PRIV_VFS_BLOCKRESERVE) && freespace(fs, fs->fs_minfree) - numfrags(fs, size) < 0) goto nospace; if (bpref >= fs->fs_size) @@ -282,7 +282,7 @@ ffs_realloccg(ip, lbprev, bprev, bpref, osize, nsize, flags, cred, bpp) #endif /* INVARIANTS */ reclaimed = 0; retry: - if (priv_check_cred(cred, PRIV_VFS_BLOCKRESERVE, 0) && + if (priv_check_cred(cred, PRIV_VFS_BLOCKRESERVE) && freespace(fs, fs->fs_minfree) - numfrags(fs, nsize - osize) < 0) { goto nospace; } diff --git a/sys/ufs/ffs/ffs_softdep.c b/sys/ufs/ffs/ffs_softdep.c index 3533b07..324ef4b 100644 --- a/sys/ufs/ffs/ffs_softdep.c +++ b/sys/ufs/ffs/ffs_softdep.c @@ -12634,7 +12634,7 @@ softdep_request_cleanup(fs, vp, cred, resource) } else if (resource == FLUSH_BLOCKS_WAIT) { needed = (vp->v_mount->mnt_writeopcount + 2) * fs->fs_contigsumsize; - if (priv_check_cred(cred, PRIV_VFS_BLOCKRESERVE, 0)) + if (priv_check_cred(cred, PRIV_VFS_BLOCKRESERVE)) needed += fragstoblks(fs, roundup((fs->fs_dsize * fs->fs_minfree / 100) - fs->fs_cstotal.cs_nffree, fs->fs_frag)); diff --git a/sys/ufs/ffs/ffs_vnops.c b/sys/ufs/ffs/ffs_vnops.c index 5c99d5b..26cf299 100644 --- a/sys/ufs/ffs/ffs_vnops.c +++ b/sys/ufs/ffs/ffs_vnops.c @@ -805,7 +805,7 @@ ffs_write(ap) */ if ((ip->i_mode & (ISUID | ISGID)) && resid > uio->uio_resid && ap->a_cred) { - if (priv_check_cred(ap->a_cred, PRIV_VFS_RETAINSUGID, 0)) { + if (priv_check_cred(ap->a_cred, PRIV_VFS_RETAINSUGID)) { ip->i_mode &= ~(ISUID | ISGID); DIP_SET(ip, i_mode, ip->i_mode); } @@ -1127,7 +1127,7 @@ ffs_extwrite(struct vnode *vp, struct uio *uio, int ioflag, struct ucred *ucred) * tampering. */ if ((ip->i_mode & (ISUID | ISGID)) && resid > uio->uio_resid && ucred) { - if (priv_check_cred(ucred, PRIV_VFS_RETAINSUGID, 0)) { + if (priv_check_cred(ucred, PRIV_VFS_RETAINSUGID)) { ip->i_mode &= ~(ISUID | ISGID); dp->di_mode = ip->i_mode; } diff --git a/sys/ufs/ufs/ufs_quota.c b/sys/ufs/ufs/ufs_quota.c index d353167..d557ca3 100644 --- a/sys/ufs/ufs/ufs_quota.c +++ b/sys/ufs/ufs/ufs_quota.c @@ -193,7 +193,7 @@ chkdq(struct inode *ip, ufs2_daddr_t change, struct ucred *cred, int flags) return (0); } if ((flags & FORCE) == 0 && - priv_check_cred(cred, PRIV_VFS_EXCEEDQUOTA, 0)) + priv_check_cred(cred, PRIV_VFS_EXCEEDQUOTA)) do_check = 1; else do_check = 0; @@ -335,7 +335,7 @@ chkiq(struct inode *ip, int change, struct ucred *cred, int flags) return (0); } if ((flags & FORCE) == 0 && - priv_check_cred(cred, PRIV_VFS_EXCEEDQUOTA, 0)) + priv_check_cred(cred, PRIV_VFS_EXCEEDQUOTA)) do_check = 1; else do_check = 0; diff --git a/sys/ufs/ufs/ufs_vnops.c b/sys/ufs/ufs/ufs_vnops.c index a271cdf..7a34c9c 100644 --- a/sys/ufs/ufs/ufs_vnops.c +++ b/sys/ufs/ufs/ufs_vnops.c @@ -550,7 +550,7 @@ ufs_setattr(ap) * is non-zero; otherwise, they behave like unprivileged * processes. */ - if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0)) { + if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS)) { if (ip->i_flags & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) { error = securelevel_gt(cred, 0); @@ -775,11 +775,11 @@ ufs_chmod(vp, mode, cred, td) * jail(8). */ if (vp->v_type != VDIR && (mode & S_ISTXT)) { - if (priv_check_cred(cred, PRIV_VFS_STICKYFILE, 0)) + if (priv_check_cred(cred, PRIV_VFS_STICKYFILE)) return (EFTYPE); } if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) { - error = priv_check_cred(cred, PRIV_VFS_SETGID, 0); + error = priv_check_cred(cred, PRIV_VFS_SETGID); if (error) return (error); } @@ -788,7 +788,7 @@ ufs_chmod(vp, mode, cred, td) * Deny setting setuid if we are not the file owner. */ if ((mode & ISUID) && ip->i_uid != cred->cr_uid) { - error = priv_check_cred(cred, PRIV_VFS_ADMIN, 0); + error = priv_check_cred(cred, PRIV_VFS_ADMIN); if (error) return (error); } @@ -845,7 +845,7 @@ ufs_chown(vp, uid, gid, cred, td) */ if (((uid != ip->i_uid && uid != cred->cr_uid) || (gid != ip->i_gid && !groupmember(gid, cred))) && - (error = priv_check_cred(cred, PRIV_VFS_CHOWN, 0))) + (error = priv_check_cred(cred, PRIV_VFS_CHOWN))) return (error); ogid = ip->i_gid; ouid = ip->i_uid; @@ -917,7 +917,7 @@ good: #endif /* QUOTA */ ip->i_flag |= IN_CHANGE; if ((ip->i_mode & (ISUID | ISGID)) && (ouid != uid || ogid != gid)) { - if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID, 0)) { + if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID)) { ip->i_mode &= ~(ISUID | ISGID); DIP_SET(ip, i_mode, ip->i_mode); } @@ -2683,7 +2683,7 @@ ufs_makeinode(mode, dvp, vpp, cnp) if (DOINGSOFTDEP(tvp)) softdep_setup_create(VTOI(dvp), ip); if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred) && - priv_check_cred(cnp->cn_cred, PRIV_VFS_SETGID, 0)) { + priv_check_cred(cnp->cn_cred, PRIV_VFS_SETGID)) { ip->i_mode &= ~ISGID; DIP_SET(ip, i_mode, ip->i_mode); }