mirror of
https://github.com/opnsense/src.git
synced 2026-06-29 10:59:44 -04:00
be1f7435ef
This is the (mostly) kernel side of de-conflating cr_gid and the supplemental groups. The pre-existing behavior for getgroups() and setgroups() is retained to keep the user <-> kernel boundary functionally the same while we audit use of these syscalls, but we can remove a lot of the internal special-casing just by reorganizing ucred like this. struct xucred has been altered because the cr_gid macro becomes problematic if ucred has a real cr_gid member but xucred does not. Most notably, they both also have cr_groups[] members, so the definition means that we could easily have situations where we end up using the first supplemental group as the egid in some places. We really can't change the ABI of xucred, so instead we alias the first member to the `cr_gid` name and maintain the status quo. This also fixes the Linux setgroups(2)/getgroups(2) implementation to more cleanly preserve the group set, now that we don't need to special case cr_groups[0]. __FreeBSD_version bumped for the `struct ucred` ABI break. For relnotes: downstreams and out-of-tree modules absolutely must fix any references to cr_groups[0] in their code. These are almost exclusively incorrect in the new world, and cr_gid should be used instead. There is a cr_gid macro available in earlier FreeBSD versions that can be used to avoid having version-dependant conditionals to refer to the effective group id. Surrounding code may need adjusted if it peels off the first element of cr_groups and uses the others as the supplemental groups, since the supplemental groups start at cr_groups[0] now if &cr_groups[0] != &cr_gid. Relnotes: yes (see last paragraph) Co-authored-by: olce Differential Revision: https://reviews.freebsd.org/D51489 |
||
|---|---|---|
| .. | ||
| rpcsec_gss | ||
| rpcsec_tls | ||
| auth.h | ||
| auth_none.c | ||
| auth_unix.c | ||
| authunix_prot.c | ||
| clnt.h | ||
| clnt_bck.c | ||
| clnt_dg.c | ||
| clnt_nl.c | ||
| clnt_nl.h | ||
| clnt_rc.c | ||
| clnt_stat.h | ||
| clnt_vc.c | ||
| getnetconfig.c | ||
| krpc.h | ||
| netconfig.h | ||
| nettype.h | ||
| pmap_prot.h | ||
| replay.c | ||
| replay.h | ||
| rpc.h | ||
| rpc_callmsg.c | ||
| rpc_com.h | ||
| rpc_generic.c | ||
| rpc_msg.h | ||
| rpc_prot.c | ||
| rpcb_clnt.c | ||
| rpcb_clnt.h | ||
| rpcb_prot.c | ||
| rpcb_prot.h | ||
| rpcm_subs.h | ||
| rpcsec_gss.h | ||
| rpcsec_tls.h | ||
| svc.c | ||
| svc.h | ||
| svc_auth.c | ||
| svc_auth.h | ||
| svc_auth_unix.c | ||
| svc_dg.c | ||
| svc_generic.c | ||
| svc_vc.c | ||
| types.h | ||
| xdr.h | ||