FreeBSD kernel kern code
Functions | Variables
kern_priv.c File Reference
#include <sys/cdefs.h>
#include <sys/param.h>
#include <sys/jail.h>
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/mutex.h>
#include <sys/sx.h>
#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/sdt.h>
#include <sys/sysctl.h>
#include <sys/systm.h>
#include <security/mac/mac_framework.h>
Include dependency graph for kern_priv.c:

Go to the source code of this file.

Functions

 __FBSDID ("$FreeBSD$")
 
static bool suser_enabled (struct ucred *cred)
 
static int sysctl_kern_suser_enabled (SYSCTL_HANDLER_ARGS)
 
 SYSCTL_PROC (_security_bsd, OID_AUTO, suser_enabled, CTLTYPE_INT|CTLFLAG_RWTUN|CTLFLAG_PRISON|CTLFLAG_MPSAFE, 0, 0, &sysctl_kern_suser_enabled, "I", "Processes with uid 0 have privilege")
 
 SYSCTL_INT (_security_bsd, OID_AUTO, unprivileged_mlock, CTLFLAG_RWTUN, &unprivileged_mlock, 0, "Allow non-root users to call mlock(2)")
 
 SYSCTL_INT (_security_bsd, OID_AUTO, unprivileged_read_msgbuf, CTLFLAG_RW, &unprivileged_read_msgbuf, 0, "Unprivileged processes may read the kernel message buffer")
 
 SDT_PROVIDER_DEFINE (priv)
 
 SDT_PROBE_DEFINE1 (priv, kernel, priv_check, priv__ok, "int")
 
 SDT_PROBE_DEFINE1 (priv, kernel, priv_check, priv__err, "int")
 
static __always_inline int priv_check_cred_pre (struct ucred *cred, int priv)
 
static __always_inline int priv_check_cred_post (struct ucred *cred, int priv, int error, bool handled)
 
int priv_check_cred (struct ucred *cred, int priv)
 
int priv_check (struct thread *td, int priv)
 
static int __noinline priv_check_cred_vfs_lookup_slow (struct ucred *cred)
 
int priv_check_cred_vfs_lookup (struct ucred *cred)
 
int priv_check_cred_vfs_lookup_nomac (struct ucred *cred)
 
static int __noinline priv_check_cred_vfs_generation_slow (struct ucred *cred)
 
int priv_check_cred_vfs_generation (struct ucred *cred)
 

Variables

static int unprivileged_mlock = 1
 
static int unprivileged_read_msgbuf = 1
 

Function Documentation

◆ __FBSDID()

__FBSDID ( "$FreeBSD$"  )

◆ priv_check()

int priv_check ( struct thread *  td,
int  priv 
)

Definition at line 271 of file kern_priv.c.

References priv_check_cred().

Referenced by _falloc_noinstall(), _intr_event_bind(), cpuset_modify(), cpuset_modify_domain(), cpuset_setproc(), devctl2_ioctl(), do_lock_pp(), do_unlock_pp(), donice(), dumper_insert(), dumper_remove(), firmware_get_flags(), ipcperm(), kern_adjtime(), kern_clock_settime(), kern_fcntl(), kern_fhlinkat(), kern_fhopen(), kern_fhstat(), kern_fhstatfs(), kern_getfhat(), kern_jail_set(), kern_kldload(), kern_kldunload(), kern_linkat(), kern_mknodat(), kern_msgctl(), kern_ntp_adjtime(), kern_proc_setrlimit(), kern_settimeofday(), kern_unmount(), mqfs_setattr(), p_candebug(), p_cansched(), priv_check_cred_post(), protect_set(), setfflags(), sys_acct(), sys_chroot(), sys_fhreadlink(), sys_jail_attach(), sys_jail_remove(), sys_kenv(), sys_reboot(), sys_revoke(), sys_rtprio(), sys_rtprio_thread(), sys_setlogin(), sys_setloginclass(), sysctl_kern_msgbuf(), sysctl_root(), thread_create(), tty_generic_ioctl(), ttydev_open(), ttyil_ioctl(), vfs_domount(), vfs_suser(), and vn_io_fault().

Here is the call graph for this function:

◆ priv_check_cred()

int priv_check_cred ( struct ucred *  cred,
int  priv 
)

Definition at line 151 of file kern_priv.c.

References prison_allow(), prison_priv_check(), priv_check_cred_post(), priv_check_cred_pre(), priv_check_cred_vfs_generation(), priv_check_cred_vfs_lookup(), suser_enabled(), unprivileged_mlock, and unprivileged_read_msgbuf.

Referenced by can_hardlink(), cr_canseeothergids(), cr_canseeotheruids(), cr_cansignal(), do_unlink(), extattr_check_cred(), fork1(), kern_setgroups(), ksem_access(), ksem_chown(), mqf_chown(), priv_check(), shm_chown(), sys_setegid(), sys_seteuid(), sys_setgid(), sys_setregid(), sys_setresgid(), sys_setresuid(), sys_setreuid(), sys_setuid(), vaccess(), vaccess_acl_nfs4(), vaccess_acl_posix1e(), and vfs_domount_first().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ priv_check_cred_post()

static __always_inline int priv_check_cred_post ( struct ucred *  cred,
int  priv,
int  error,
bool  handled 
)
static

Definition at line 115 of file kern_priv.c.

References priv_check().

Referenced by priv_check_cred(), priv_check_cred_vfs_generation_slow(), and priv_check_cred_vfs_lookup_slow().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ priv_check_cred_pre()

static __always_inline int priv_check_cred_pre ( struct ucred *  cred,
int  priv 
)
static

Definition at line 102 of file kern_priv.c.

Referenced by priv_check_cred(), priv_check_cred_vfs_generation_slow(), and priv_check_cred_vfs_lookup_slow().

Here is the caller graph for this function:

◆ priv_check_cred_vfs_generation()

int priv_check_cred_vfs_generation ( struct ucred *  cred)

Definition at line 355 of file kern_priv.c.

References priv_check_cred_vfs_generation_slow(), and suser_enabled().

Referenced by kern_do_statfs(), kern_getfsstat(), and priv_check_cred().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ priv_check_cred_vfs_generation_slow()

static int __noinline priv_check_cred_vfs_generation_slow ( struct ucred *  cred)
static

Definition at line 330 of file kern_priv.c.

References priv_check_cred_post(), priv_check_cred_pre(), and suser_enabled().

Referenced by priv_check_cred_vfs_generation().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ priv_check_cred_vfs_lookup()

int priv_check_cred_vfs_lookup ( struct ucred *  cred)

Definition at line 300 of file kern_priv.c.

References priv_check_cred_vfs_lookup_slow(), and suser_enabled().

Referenced by priv_check_cred().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ priv_check_cred_vfs_lookup_nomac()

int priv_check_cred_vfs_lookup_nomac ( struct ucred *  cred)

Definition at line 315 of file kern_priv.c.

References suser_enabled().

Referenced by vaccess_vexec_smr().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ priv_check_cred_vfs_lookup_slow()

static int __noinline priv_check_cred_vfs_lookup_slow ( struct ucred *  cred)
static

Definition at line 280 of file kern_priv.c.

References priv_check_cred_post(), priv_check_cred_pre(), and suser_enabled().

Referenced by priv_check_cred_vfs_lookup().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ SDT_PROBE_DEFINE1() [1/2]

SDT_PROBE_DEFINE1 ( priv  ,
kernel  ,
priv_check  ,
priv__err  ,
"int"   
)

◆ SDT_PROBE_DEFINE1() [2/2]

SDT_PROBE_DEFINE1 ( priv  ,
kernel  ,
priv_check  ,
priv__ok  ,
"int"   
)

◆ SDT_PROVIDER_DEFINE()

SDT_PROVIDER_DEFINE ( priv  )

◆ suser_enabled()

static bool suser_enabled ( struct ucred *  cred)
static

Definition at line 63 of file kern_priv.c.

References prison_allow().

Referenced by priv_check_cred(), priv_check_cred_vfs_generation(), priv_check_cred_vfs_generation_slow(), priv_check_cred_vfs_lookup(), priv_check_cred_vfs_lookup_nomac(), priv_check_cred_vfs_lookup_slow(), and sysctl_kern_suser_enabled().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ SYSCTL_INT() [1/2]

SYSCTL_INT ( _security_bsd  ,
OID_AUTO  ,
unprivileged_mlock  ,
CTLFLAG_RWTUN  ,
unprivileged_mlock,
,
"Allow non-root users to call mlock(2)"   
)

◆ SYSCTL_INT() [2/2]

SYSCTL_INT ( _security_bsd  ,
OID_AUTO  ,
unprivileged_read_msgbuf  ,
CTLFLAG_RW  ,
unprivileged_read_msgbuf,
,
"Unprivileged processes may read the kernel message buffer"   
)

◆ sysctl_kern_suser_enabled()

static int sysctl_kern_suser_enabled ( SYSCTL_HANDLER_ARGS  )
static

Definition at line 70 of file kern_priv.c.

References prison_set_allow(), suser_enabled(), and sysctl_handle_int().

Here is the call graph for this function:

◆ SYSCTL_PROC()

SYSCTL_PROC ( _security_bsd  ,
OID_AUTO  ,
suser_enabled  ,
CTLTYPE_INT|CTLFLAG_RWTUN|CTLFLAG_PRISON|  CTLFLAG_MPSAFE,
,
,
sysctl_kern_suser_enabled,
"I"  ,
"Processes with uid 0 have privilege"   
)

Variable Documentation

◆ unprivileged_mlock

int unprivileged_mlock = 1
static

Definition at line 88 of file kern_priv.c.

Referenced by priv_check_cred().

◆ unprivileged_read_msgbuf

int unprivileged_read_msgbuf = 1
static

Definition at line 92 of file kern_priv.c.

Referenced by priv_check_cred().