39#include <sys/kernel.h>
46#include <sys/sysctl.h>
49#include <security/mac/mac_framework.h>
75 cred = req->td->td_ucred;
78 if (error || !req->newptr)
85 CTLFLAG_RWTUN | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 0, 0,
95 "Unprivileged processes may read the kernel message buffer");
101static __always_inline
int
107 error = mac_priv_check(cred, priv);
114static __always_inline
int
118 if (__predict_true(handled))
125 if (mac_priv_grant(cred, priv) == 0) {
137 if (SDT_PROBES_ENABLED()) {
139 SDT_PROBE1(priv, kernel,
priv_check, priv__err, priv);
141 SDT_PROBE1(priv, kernel,
priv_check, priv__ok, priv);
155 KASSERT(PRIV_VALID(priv), (
"priv_check_cred: invalid privilege %d",
159 case PRIV_VFS_LOOKUP:
161 case PRIV_VFS_GENERATION:
188 case PRIV_VM_MUNLOCK:
199 if (priv == PRIV_MSGBUF) {
220 case PRIV_PROC_LIMIT:
221 if (cred->cr_ruid == 0) {
226 case PRIV_VFS_READ_DIR:
235 if (cred->cr_uid == 0) {
248 if (priv == PRIV_KMEM_READ) {
258 if (priv == PRIV_DEBUG_UNPRIV) {
274 KASSERT(td == curthread, (
"priv_check: td != curthread"));
304 if (__predict_false(mac_priv_check_fp_flag ||
305 mac_priv_grant_fp_flag || SDT_PROBES_ENABLED()))
319 if (__predict_false(mac_priv_check_fp_flag ||
320 mac_priv_grant_fp_flag || SDT_PROBES_ENABLED()))
359 if (__predict_false(mac_priv_check_fp_flag ||
360 mac_priv_grant_fp_flag || SDT_PROBES_ENABLED()))
364 if (!jailed(cred) && cred->cr_uid == 0 &&
suser_enabled(cred))
int prison_priv_check(struct ucred *cred, int priv)
void prison_set_allow(struct ucred *cred, unsigned flag, int enable)
int prison_allow(struct ucred *cred, unsigned flag)
static __always_inline int priv_check_cred_post(struct ucred *cred, int priv, int error, bool handled)
int priv_check_cred_vfs_generation(struct ucred *cred)
int priv_check_cred_vfs_lookup_nomac(struct ucred *cred)
static bool suser_enabled(struct ucred *cred)
SYSCTL_PROC(_security_bsd, OID_AUTO, suser_enabled, CTLTYPE_INT|CTLFLAG_RWTUN|CTLFLAG_PRISON|CTLFLAG_MPSAFE, 0, 0, &sysctl_kern_suser_enabled, "I", "Processes with uid 0 have privilege")
SDT_PROBE_DEFINE1(priv, kernel, priv_check, priv__ok, "int")
static int __noinline priv_check_cred_vfs_generation_slow(struct ucred *cred)
static __always_inline int priv_check_cred_pre(struct ucred *cred, int priv)
static int sysctl_kern_suser_enabled(SYSCTL_HANDLER_ARGS)
static int __noinline priv_check_cred_vfs_lookup_slow(struct ucred *cred)
static int unprivileged_read_msgbuf
SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_mlock, CTLFLAG_RWTUN, &unprivileged_mlock, 0, "Allow non-root users to call mlock(2)")
static int unprivileged_mlock
int priv_check_cred(struct ucred *cred, int priv)
int priv_check(struct thread *td, int priv)
int priv_check_cred_vfs_lookup(struct ucred *cred)
SDT_PROVIDER_DEFINE(priv)
int sysctl_handle_int(SYSCTL_HANDLER_ARGS)