diff options
| -rw-r--r-- | sys/kern/kern_descrip.c | 10 | ||||
| -rw-r--r-- | sys/kern/kern_sig.c | 42 | ||||
| -rw-r--r-- | sys/kern/subr_log.c | 17 | ||||
| -rw-r--r-- | sys/kern/sys_generic.c | 8 | ||||
| -rw-r--r-- | sys/kern/sys_socket.c | 5 | ||||
| -rw-r--r-- | sys/kern/uipc_socket.c | 9 | ||||
| -rw-r--r-- | sys/kern/uipc_socket2.c | 12 | ||||
| -rw-r--r-- | sys/net/bpf.c | 12 | ||||
| -rw-r--r-- | sys/net/bpfdesc.h | 4 | ||||
| -rw-r--r-- | sys/net/if_tun.c | 24 | ||||
| -rw-r--r-- | sys/sys/signalvar.h | 3 | ||||
| -rw-r--r-- | sys/sys/socketvar.h | 4 |
12 files changed, 96 insertions, 54 deletions
diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index 9e4b42861ab..06eb363448f 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_descrip.c,v 1.13 1997/08/21 05:17:37 deraadt Exp $ */ +/* $OpenBSD: kern_descrip.c,v 1.14 1997/08/31 20:42:15 deraadt Exp $ */ /* $NetBSD: kern_descrip.c,v 1.42 1996/03/30 22:24:38 christos Exp $ */ /* @@ -55,6 +55,7 @@ #include <sys/fcntl.h> #include <sys/malloc.h> #include <sys/syslog.h> +#include <sys/ucred.h> #include <sys/unistd.h> #include <sys/resourcevar.h> #include <sys/conf.h> @@ -251,8 +252,11 @@ sys_fcntl(p, v, retval) case F_SETOWN: if (fp->f_type == DTYPE_SOCKET) { - ((struct socket *)fp->f_data)->so_pgid = - (long)SCARG(uap, arg); + struct socket *so = (struct socket *)fp->f_data; + + so->so_pgid = (long)SCARG(uap, arg); + so->so_siguid = p->p_cred->p_ruid; + so->so_sigeuid = p->p_ucred->cr_uid; return (0); } if ((long)SCARG(uap, arg) <= 0) { diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c index 4aa5bd87f1d..298f3caace6 100644 --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sig.c,v 1.16 1997/02/01 21:49:41 deraadt Exp $ */ +/* $OpenBSD: kern_sig.c,v 1.17 1997/08/31 20:42:18 deraadt Exp $ */ /* $NetBSD: kern_sig.c,v 1.54 1996/04/22 01:38:32 christos Exp $ */ /* @@ -483,6 +483,46 @@ killpg1(cp, signum, pgid, all) return (nfound ? 0 : ESRCH); } +#define CANDELIVER(uid, euid, p) \ + (euid == 0 || \ + (uid) == (p)->p_cred->p_ruid || \ + (uid) == (p)->p_cred->p_svuid || \ + (uid) == (p)->p_ucred->cr_uid || \ + (euid) == (p)->p_cred->p_ruid || \ + (euid) == (p)->p_cred->p_svuid || \ + (euid) == (p)->p_ucred->cr_uid) + +/* + * Deliver signum to pgid, but first check uid/euid against each + * process and see if it is permitted. + */ +void +csignal(pgid, signum, uid, euid) + pid_t pgid; + int signum; + uid_t uid, euid; +{ + struct pgrp *pgrp; + struct proc *p; + + if (pgid == 0) + return; + if (pgid < 0) { + pgid = -pgid; + if ((pgrp = pgfind(pgid)) == NULL) + return; + for (p = pgrp->pg_members.lh_first; p; + p = p->p_pglist.le_next) + if (CANDELIVER(uid, euid, p)) + psignal(p, signum); + } else { + if ((p = pfind(pgid)) == NULL) + return; + if (CANDELIVER(uid, euid, p)) + psignal(p, signum); + } +} + /* * Send a signal to a process group. */ diff --git a/sys/kern/subr_log.c b/sys/kern/subr_log.c index d874fe87a3f..29cf214531e 100644 --- a/sys/kern/subr_log.c +++ b/sys/kern/subr_log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: subr_log.c,v 1.3 1996/04/21 22:27:17 deraadt Exp $ */ +/* $OpenBSD: subr_log.c,v 1.4 1997/08/31 20:42:20 deraadt Exp $ */ /* $NetBSD: subr_log.c,v 1.11 1996/03/30 22:24:44 christos Exp $ */ /* @@ -60,6 +60,8 @@ struct logsoftc { int sc_state; /* see above for possibilities */ struct selinfo sc_selp; /* process waiting on select call */ int sc_pgid; /* process/group for async I/O */ + uid_t sc_siguid; /* uid for process that set sc_pgid */ + uid_t sc_sigeuid; /* euid for process that set sc_pgid */ } logsoftc; int log_open; /* also used in log() */ @@ -179,17 +181,12 @@ logselect(dev, rw, p) void logwakeup() { - struct proc *p; - if (!log_open) return; selwakeup(&logsoftc.sc_selp); - if (logsoftc.sc_state & LOG_ASYNC) { - if (logsoftc.sc_pgid < 0) - gsignal(-logsoftc.sc_pgid, SIGIO); - else if ((p = pfind(logsoftc.sc_pgid)) != NULL) - psignal(p, SIGIO); - } + if (logsoftc.sc_state & LOG_ASYNC) + csignal(logsoftc.sc_pgid, SIGIO, + logsoftc.sc_siguid, logsoftc.sc_sigeuid); if (logsoftc.sc_state & LOG_RDWAIT) { wakeup((caddr_t)msgbufp); logsoftc.sc_state &= ~LOG_RDWAIT; @@ -232,6 +229,8 @@ logioctl(dev, com, data, flag, p) case TIOCSPGRP: logsoftc.sc_pgid = *(int *)data; + logsoftc.sc_siguid = p->p_cred->p_ruid; + logsoftc.sc_sigeuid = p->p_ucred->cr_uid; break; case TIOCGPGRP: diff --git a/sys/kern/sys_generic.c b/sys/kern/sys_generic.c index 68953baf9d6..ef811b417ba 100644 --- a/sys/kern/sys_generic.c +++ b/sys/kern/sys_generic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sys_generic.c,v 1.7 1997/01/27 23:21:13 deraadt Exp $ */ +/* $OpenBSD: sys_generic.c,v 1.8 1997/08/31 20:42:21 deraadt Exp $ */ /* $NetBSD: sys_generic.c,v 1.24 1996/03/29 00:25:32 cgd Exp $ */ /* @@ -480,7 +480,11 @@ sys_ioctl(p, v, retval) case FIOSETOWN: tmp = *(int *)data; if (fp->f_type == DTYPE_SOCKET) { - ((struct socket *)fp->f_data)->so_pgid = tmp; + struct socket *so = (struct socket *)fp->f_data; + + so->so_pgid = tmp; + so->so_siguid = p->p_cred->p_ruid; + so->so_sigeuid = p->p_ucred->cr_uid; error = 0; break; } diff --git a/sys/kern/sys_socket.c b/sys/kern/sys_socket.c index b0a67f398ce..f25e4b5d445 100644 --- a/sys/kern/sys_socket.c +++ b/sys/kern/sys_socket.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sys_socket.c,v 1.2 1997/02/24 14:19:59 niklas Exp $ */ +/* $OpenBSD: sys_socket.c,v 1.3 1997/08/31 20:42:23 deraadt Exp $ */ /* $NetBSD: sys_socket.c,v 1.13 1995/08/12 23:59:09 mycroft Exp $ */ /* @@ -39,6 +39,7 @@ #include <sys/param.h> #include <sys/systm.h> #include <sys/file.h> +#include <sys/proc.h> #include <sys/mbuf.h> #include <sys/protosw.h> #include <sys/socket.h> @@ -112,6 +113,8 @@ soo_ioctl(fp, cmd, data, p) case SIOCSPGRP: so->so_pgid = *(int *)data; + so->so_siguid = p->p_cred->p_ruid; + so->so_sigeuid = p->p_ucred->cr_uid; return (0); case SIOCGPGRP: diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index 3b86c9b985c..528b81bb3e8 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_socket.c,v 1.16 1997/08/31 06:29:35 deraadt Exp $ */ +/* $OpenBSD: uipc_socket.c,v 1.17 1997/08/31 20:42:24 deraadt Exp $ */ /* $NetBSD: uipc_socket.c,v 1.21 1996/02/04 02:17:52 christos Exp $ */ /* @@ -1060,11 +1060,6 @@ void sohasoutofband(so) register struct socket *so; { - struct proc *p; - - if (so->so_pgid < 0) - gsignal(-so->so_pgid, SIGURG); - else if (so->so_pgid > 0 && (p = pfind(so->so_pgid)) != 0) - psignal(p, SIGURG); + csignal(so->so_pgid, SIGURG, so->so_siguid, so->so_sigeuid); selwakeup(&so->so_rcv.sb_sel); } diff --git a/sys/kern/uipc_socket2.c b/sys/kern/uipc_socket2.c index 1641822b28a..2455a06c052 100644 --- a/sys/kern/uipc_socket2.c +++ b/sys/kern/uipc_socket2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_socket2.c,v 1.5 1997/02/21 08:45:00 deraadt Exp $ */ +/* $OpenBSD: uipc_socket2.c,v 1.6 1997/08/31 20:42:26 deraadt Exp $ */ /* $NetBSD: uipc_socket2.c,v 1.11 1996/02/04 02:17:55 christos Exp $ */ /* @@ -315,20 +315,14 @@ sowakeup(so, sb) register struct socket *so; register struct sockbuf *sb; { - struct proc *p; - selwakeup(&sb->sb_sel); sb->sb_flags &= ~SB_SEL; if (sb->sb_flags & SB_WAIT) { sb->sb_flags &= ~SB_WAIT; wakeup((caddr_t)&sb->sb_cc); } - if (so->so_state & SS_ASYNC) { - if (so->so_pgid < 0) - gsignal(-so->so_pgid, SIGIO); - else if (so->so_pgid > 0 && (p = pfind(so->so_pgid)) != 0) - psignal(p, SIGIO); - } + if (so->so_state & SS_ASYNC) + csignal(so->so_pgid, SIGIO, so->so_siguid, so->so_sigeuid); } /* diff --git a/sys/net/bpf.c b/sys/net/bpf.c index 7a447e1f6ac..a3e4f17c32a 100644 --- a/sys/net/bpf.c +++ b/sys/net/bpf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bpf.c,v 1.9 1997/03/17 16:29:37 niklas Exp $ */ +/* $OpenBSD: bpf.c,v 1.10 1997/08/31 20:42:29 deraadt Exp $ */ /* $NetBSD: bpf.c,v 1.33 1997/02/21 23:59:35 thorpej Exp $ */ /* @@ -522,14 +522,10 @@ static __inline void bpf_wakeup(d) register struct bpf_d *d; { - struct proc *p; - wakeup((caddr_t)d); if (d->bd_async && d->bd_sig) - if (d->bd_pgid > 0) - gsignal (d->bd_pgid, d->bd_sig); - else if ((p = pfind (-d->bd_pgid)) != NULL) - psignal (p, d->bd_sig); + csignal(d->bd_pgid, d->bd_sig, + d->bd_siguid, d->bd_sigeuid); #if BSD >= 199103 selwakeup(&d->bd_sel); @@ -822,6 +818,8 @@ bpfioctl(dev, cmd, addr, flag, p) */ case TIOCSPGRP: /* Process or group to send signals to */ d->bd_pgid = *(int *)addr; + d->bd_siguid = p->p_cred->p_ruid; + d->bd_sigeuid = p->p_ucred->cr_uid; break; case TIOCGPGRP: diff --git a/sys/net/bpfdesc.h b/sys/net/bpfdesc.h index 5bf7e55418c..bd5f50179a9 100644 --- a/sys/net/bpfdesc.h +++ b/sys/net/bpfdesc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bpfdesc.h,v 1.2 1997/02/24 13:33:56 niklas Exp $ */ +/* $OpenBSD: bpfdesc.h,v 1.3 1997/08/31 20:42:30 deraadt Exp $ */ /* $NetBSD: bpfdesc.h,v 1.11 1995/09/27 18:30:42 thorpej Exp $ */ /* @@ -77,6 +77,8 @@ struct bpf_d { int bd_async; /* non-zero if packet reception should generate signal */ int bd_sig; /* signal to send upon packet reception */ pid_t bd_pgid; /* process or group id for signal */ + uid_t bd_siguid; /* uid for process that set pgid */ + uid_t bd_sigeuid; /* euid for process that set pgid */ #if BSD < 199103 u_char bd_selcoll; /* true if selects collide */ int bd_timedout; diff --git a/sys/net/if_tun.c b/sys/net/if_tun.c index 29d27986cca..f5e7cdff9ff 100644 --- a/sys/net/if_tun.c +++ b/sys/net/if_tun.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_tun.c,v 1.19 1997/07/29 07:18:20 deraadt Exp $ */ +/* $OpenBSD: if_tun.c,v 1.20 1997/08/31 20:42:32 deraadt Exp $ */ /* $NetBSD: if_tun.c,v 1.24 1996/05/07 02:40:48 thorpej Exp $ */ /* @@ -84,7 +84,9 @@ struct tun_softc { u_short tun_flags; /* misc flags */ struct ifnet tun_if; /* the interface */ - int tun_pgrp; /* the process group - if any */ + pid_t tun_pgid; /* the process group - if any */ + uid_t tun_siguid; /* uid for process that set tun_pgid */ + uid_t tun_sigeuid; /* euid for process that set tun_pgid */ struct selinfo tun_rsel; /* read select */ struct selinfo tun_wsel; /* write select (not used) */ }; @@ -228,7 +230,7 @@ tunclose(dev, flag, mode, p) } splx(s); } - tp->tun_pgrp = 0; + tp->tun_pgid = 0; selwakeup(&tp->tun_rsel); TUNDEBUG(("%s: closed\n", ifp->if_xname)); @@ -331,7 +333,6 @@ tun_output(ifp, m0, dst, rt) { struct tun_softc *tp = ifp->if_softc; struct tunnel_header *th; - struct proc *p; int s; TUNDEBUG(("%s: tun_output\n", ifp->if_xname)); @@ -371,12 +372,9 @@ tun_output(ifp, m0, dst, rt) tp->tun_flags &= ~TUN_RWAIT; wakeup((caddr_t)tp); } - if (tp->tun_flags & TUN_ASYNC && tp->tun_pgrp) { - if (tp->tun_pgrp > 0) - gsignal(tp->tun_pgrp, SIGIO); - else if ((p = pfind(-tp->tun_pgrp)) != NULL) - psignal(p, SIGIO); - } + if (tp->tun_flags & TUN_ASYNC && tp->tun_pgid) + csignal(tp->tun_pgid, SIGIO, + tp->tun_siguid, tp->tun_sigeuid); selwakeup(&tp->tun_rsel); return 0; } @@ -446,10 +444,12 @@ tunioctl(dev, cmd, data, flag, p) splx(s); break; case TIOCSPGRP: - tp->tun_pgrp = *(int *)data; + tp->tun_pgid = *(int *)data; + tp->tun_siguid = p->p_cred->p_ruid; + tp->tun_sigeuid = p->p_ucred->cr_uid; break; case TIOCGPGRP: - *(int *)data = tp->tun_pgrp; + *(int *)data = tp->tun_pgid; break; default: splx(s); diff --git a/sys/sys/signalvar.h b/sys/sys/signalvar.h index bf84942038a..7c60cdd5897 100644 --- a/sys/sys/signalvar.h +++ b/sys/sys/signalvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: signalvar.h,v 1.6 1997/02/01 21:49:36 deraadt Exp $ */ +/* $OpenBSD: signalvar.h,v 1.7 1997/08/31 20:42:01 deraadt Exp $ */ /* $NetBSD: signalvar.h,v 1.17 1996/04/22 01:23:31 christos Exp $ */ /* @@ -156,6 +156,7 @@ int sigprop[NSIG + 1] = { int coredump __P((struct proc *p)); void execsigs __P((struct proc *p)); void gsignal __P((int pgid, int sig)); +void csignal __P((pid_t pgid, int signum, uid_t uid, uid_t euid)); int issignal __P((struct proc *p)); void pgsignal __P((struct pgrp *pgrp, int sig, int checkctty)); void postsig __P((int sig)); diff --git a/sys/sys/socketvar.h b/sys/sys/socketvar.h index f3b2d2e7f70..5e85d1928f5 100644 --- a/sys/sys/socketvar.h +++ b/sys/sys/socketvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: socketvar.h,v 1.10 1997/02/28 04:04:13 angelos Exp $ */ +/* $OpenBSD: socketvar.h,v 1.11 1997/08/31 20:42:02 deraadt Exp $ */ /* $NetBSD: socketvar.h,v 1.18 1996/02/09 18:25:38 christos Exp $ */ /*- @@ -71,6 +71,8 @@ struct socket { short so_timeo; /* connection timeout */ u_short so_error; /* error affecting connection */ pid_t so_pgid; /* pgid for signals */ + uid_t so_siguid; /* uid of process who set so_pgid */ + uid_t so_sigeuid; /* euid of process who set so_pgid */ u_long so_oobmark; /* chars to oob mark */ /* * Variables for socket buffering. |