upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-09 08:43:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Make cr_bsd_visible()'s sub-functions internal

Browse source 
cr_canseeotheruids(), cr_canseeothergids() and cr_canseejailproc()
should not be used directly now.  cr_bsd_visible() has to be called
instead.

Reviewed by:            mhorne
Sponsored by:           Kumacom SAS
Differential Revision:  https://reviews.freebsd.org/D40629
This commit is contained in:
Olivier Certner 2023-08-18 01:54:39 +02:00 committed by Mitchell Horne
parent 5817169bc4
commit 91e9d669b4
2 changed files with 7 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
sys/kern/kern_prot.c
View file

@ -91,6 +91,10 @@ static void crfree_final(struct ucred *cr);
static void crsetgroups_locked(struct ucred *cr, int ngrp,
gid_t *groups);
static int cr_canseeotheruids(struct ucred *u1, struct ucred *u2);
static int cr_canseeothergids(struct ucred *u1, struct ucred *u2);
static int cr_canseejailproc(struct ucred *u1, struct ucred *u2);
#ifndef _SYS_SYSPROTO_H_
struct getpid_args {
int dummy;
@ -1351,7 +1355,7 @@ SYSCTL_INT(_security_bsd, OID_AUTO, see_other_uids, CTLFLAG_RW,
* References: *u1 and *u2 must not change during the call
* u1 may equal u2, in which case only one reference is required
*/
int
static int
cr_canseeotheruids(struct ucred *u1, struct ucred *u2)
{
@ -1381,7 +1385,7 @@ SYSCTL_INT(_security_bsd, OID_AUTO, see_other_gids, CTLFLAG_RW,
* References: *u1 and *u2 must not change during the call
* u1 may equal u2, in which case only one reference is required
*/
int
static int
cr_canseeothergids(struct ucred *u1, struct ucred *u2)
{
int i, match;
@ -1423,7 +1427,7 @@ SYSCTL_INT(_security_bsd, OID_AUTO, see_jail_proc, CTLFLAG_RW,
* References: *u1 and *u2 must not change during the call
* u1 may equal u2, in which case only one reference is required
*/
int
static int
cr_canseejailproc(struct ucred *u1, struct ucred *u2)
{
if (see_jail_proc || /* Policy deactivated. */

3
sys/sys/proc.h
View file

@ -1166,9 +1166,6 @@ struct thread *choosethread(void);
int cr_bsd_visible(struct ucred *u1, struct ucred *u2);
int cr_cansee(struct ucred *u1, struct ucred *u2);
int cr_canseesocket(struct ucred *cred, struct socket *so);
int cr_canseeothergids(struct ucred *u1, struct ucred *u2);
int cr_canseeotheruids(struct ucred *u1, struct ucred *u2);
int cr_canseejailproc(struct ucred *u1, struct ucred *u2);
int cr_cansignal(struct ucred *cred, struct proc *proc, int signum);
int enterpgrp(struct proc *p, pid_t pgid, struct pgrp *pgrp,
struct session *sess);