本文整理汇总了C++中priv_check_cred函数的典型用法代码示例。如果您正苦于以下问题:C++ priv_check_cred函数的具体用法?C++ priv_check_cred怎么用?C++ priv_check_cred使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了priv_check_cred函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: random_ioctl
static int
random_ioctl(cdev_t dev, u_long cmd, caddr_t data, int flags, struct ucred *cred)
{
int error;
int intr;
/*
* Even inspecting the state is privileged, since it gives a hint
* about how easily the randomness might be guessed.
*/
error = 0;
switch (cmd) {
/* Really handled in upper layer */
case FIOASYNC:
break;
case MEM_SETIRQ:
intr = *(int16_t *)data;
if ((error = priv_check_cred(cred, PRIV_ROOT, 0)) != 0)
break;
if (intr < 0 || intr >= MAX_INTS)
return (EINVAL);
register_randintr(intr);
break;
case MEM_CLEARIRQ:
intr = *(int16_t *)data;
if ((error = priv_check_cred(cred, PRIV_ROOT, 0)) != 0)
break;
if (intr < 0 || intr >= MAX_INTS)
return (EINVAL);
unregister_randintr(intr);
break;
case MEM_RETURNIRQ:
error = ENOTSUP;
break;
case MEM_FINDIRQ:
intr = *(int16_t *)data;
if ((error = priv_check_cred(cred, PRIV_ROOT, 0)) != 0)
break;
if (intr < 0 || intr >= MAX_INTS)
return (EINVAL);
intr = next_registered_randintr(intr);
if (intr == MAX_INTS)
return (ENOENT);
*(u_int16_t *)data = intr;
break;
default:
error = ENOTSUP;
break;
}
return (error);
}
开发者ID:victoredwardocallaghan,项目名称:DragonFlyBSD,代码行数:52,代码来源:kern_memio.c
示例2: mmopen
static int
mmopen(struct dev_open_args *ap)
{
cdev_t dev = ap->a_head.a_dev;
int error;
switch (minor(dev)) {
case 0:
case 1:
if (ap->a_oflags & FWRITE) {
if (securelevel > 0 || kernel_mem_readonly)
return (EPERM);
}
error = 0;
break;
case 14:
error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
if (error != 0)
break;
if (securelevel > 0 || kernel_mem_readonly) {
error = EPERM;
break;
}
error = cpu_set_iopl();
break;
default:
error = 0;
break;
}
return (error);
}
开发者ID:victoredwardocallaghan,项目名称:DragonFlyBSD,代码行数:31,代码来源:kern_memio.c
示例3: system_override
/* system call implementation */
int
system_override(__unused struct proc *p, struct system_override_args * uap, __unused int32_t *retval)
{
uint64_t timeout = uap->timeout;
uint64_t flags = uap->flags;
int error = 0;
/* Check credentials for caller. Only entitled processes are allowed to make this call. */
if ((error = priv_check_cred(kauth_cred_get(), PRIV_SYSTEM_OVERRIDE, 0))) {
goto out;
}
/* Check to see if some flags are specified. Zero flags are invalid. */
if ((flags == 0) || ((flags & ~SYS_OVERRIDE_FLAGS_MASK) != 0)) {
error = EINVAL;
goto out;
}
lck_mtx_lock(&sys_override_lock);
enable_system_override(flags);
PROCESS_OVERRIDING_SYSTEM_DEFAULTS(timeout);
disable_system_override(flags);
lck_mtx_unlock(&sys_override_lock);
out:
return error;
}
开发者ID:Bitesher,项目名称:xnu,代码行数:32,代码来源:kern_overrides.c
示例4: sys_mlockall
/*
* mlockall(int how)
*
* No requirements
*/
int
sys_mlockall(struct mlockall_args *uap)
{
struct thread *td = curthread;
struct proc *p = td->td_proc;
vm_map_t map = &p->p_vmspace->vm_map;
vm_map_entry_t entry;
int how = uap->how;
int rc = KERN_SUCCESS;
if (((how & MCL_CURRENT) == 0) && ((how & MCL_FUTURE) == 0))
return (EINVAL);
rc = priv_check_cred(td->td_ucred, PRIV_ROOT, 0);
if (rc)
return (rc);
vm_map_lock(map);
do {
if (how & MCL_CURRENT) {
for(entry = map->header.next;
entry != &map->header;
entry = entry->next);
rc = ENOSYS;
break;
}
if (how & MCL_FUTURE)
map->flags |= MAP_WIREFUTURE;
} while(0);
vm_map_unlock(map);
return (rc);
}
开发者ID:wan721,项目名称:DragonFlyBSD,代码行数:40,代码来源:vm_mmap.c
示例5: zone_dataset_attach
int
zone_dataset_attach(struct ucred *cred, const char *dataset, int jailid)
{
struct zone_dataset_head *head;
zone_dataset_t *zd, *zd2;
struct prison *pr;
int dofree, error;
if ((error = priv_check_cred(cred, PRIV_ZFS_JAIL, 0)) != 0)
return (error);
/* Allocate memory before we grab prison's mutex. */
zd = malloc(sizeof(*zd) + strlen(dataset) + 1, M_ZONES, M_WAITOK);
sx_slock(&allprison_lock);
pr = prison_find(jailid); /* Locks &pr->pr_mtx. */
sx_sunlock(&allprison_lock);
if (pr == NULL) {
free(zd, M_ZONES);
return (ENOENT);
}
head = osd_jail_get(pr, zone_slot);
if (head != NULL) {
dofree = 0;
LIST_FOREACH(zd2, head, zd_next) {
if (strcmp(dataset, zd2->zd_dataset) == 0) {
free(zd, M_ZONES);
error = EEXIST;
goto end;
}
}
} else {
开发者ID:151706061,项目名称:osv,代码行数:33,代码来源:opensolaris_zone.c
示例6: sys_osethostname
int
sys_osethostname(struct sethostname_args *uap)
{
struct thread *td = curthread;
size_t len;
char *hostname;
int name[2];
int error;
name[0] = CTL_KERN;
name[1] = KERN_HOSTNAME;
error = priv_check_cred(td->td_ucred, PRIV_SETHOSTNAME, 0);
if (error)
return (error);
len = MIN(uap->len, MAXHOSTNAMELEN);
hostname = kmalloc(MAXHOSTNAMELEN, M_TEMP, M_WAITOK);
error = copyin(uap->hostname, hostname, len);
if (error) {
kfree(hostname, M_TEMP);
return (error);
}
error = kernel_sysctl(name, 2, NULL, 0, hostname, len, NULL);
kfree(hostname, M_TEMP);
return (error);
}
开发者ID:mihaicarabas,项目名称:dragonfly,代码行数:28,代码来源:43bsd_hostinfo.c
示例7: sys_setegid
int
sys_setegid(struct setegid_args *uap)
{
struct proc *p = curproc;
struct ucred *cr;
gid_t egid;
int error;
lwkt_gettoken(&proc_token);
cr = p->p_ucred;
egid = uap->egid;
if (egid != cr->cr_rgid && /* allow setegid(getgid()) */
egid != cr->cr_svgid && /* allow setegid(saved gid) */
(error = priv_check_cred(cr, PRIV_CRED_SETEGID, 0))) {
goto done;
}
if (cr->cr_groups[0] != egid) {
cr = cratom(&p->p_ucred);
cr->cr_groups[0] = egid;
setsugid();
}
error = 0;
done:
lwkt_reltoken(&proc_token);
return (error);
}
开发者ID:AhmadTux,项目名称:DragonFlyBSD,代码行数:26,代码来源:kern_prot.c
示例8: sys_seteuid
int
sys_seteuid(struct seteuid_args *uap)
{
struct proc *p = curproc;
struct ucred *cr;
uid_t euid;
int error;
lwkt_gettoken(&proc_token);
cr = p->p_ucred;
euid = uap->euid;
if (euid != cr->cr_ruid && /* allow seteuid(getuid()) */
euid != cr->cr_svuid && /* allow seteuid(saved uid) */
(error = priv_check_cred(cr, PRIV_CRED_SETEUID, 0))) {
lwkt_reltoken(&proc_token);
return (error);
}
/*
* Everything's okay, do it. Copy credentials so other references do
* not see our changes.
*/
if (cr->cr_uid != euid) {
change_euid(euid);
setsugid();
}
lwkt_reltoken(&proc_token);
return (0);
}
开发者ID:AhmadTux,项目名称:DragonFlyBSD,代码行数:29,代码来源:kern_prot.c
示例9: ksem_chown
static int
ksem_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred,
struct thread *td)
{
struct ksem *ks;
int error;
error = 0;
ks = fp->f_data;
mtx_lock(&sem_lock);
#ifdef MAC
error = mac_posixsem_check_setowner(active_cred, ks, uid, gid);
if (error != 0)
goto out;
#endif
if (uid == (uid_t)-1)
uid = ks->ks_uid;
if (gid == (gid_t)-1)
gid = ks->ks_gid;
if (((uid != ks->ks_uid && uid != active_cred->cr_uid) ||
(gid != ks->ks_gid && !groupmember(gid, active_cred))) &&
(error = priv_check_cred(active_cred, PRIV_VFS_CHOWN, 0)))
goto out;
ks->ks_uid = uid;
ks->ks_gid = gid;
out:
mtx_unlock(&sem_lock);
return (error);
}
开发者ID:rchander,项目名称:freebsd,代码行数:29,代码来源:uipc_sem.c
示例10: seeotheruids_check
static int
seeotheruids_check(struct ucred *cr1, struct ucred *cr2)
{
if (!seeotheruids_enabled)
return (0);
if (primarygroup_enabled) {
if (cr1->cr_rgid == cr2->cr_rgid)
return (0);
}
if (specificgid_enabled) {
if (cr1->cr_rgid == specificgid ||
groupmember(specificgid, cr1))
return (0);
}
if (cr1->cr_ruid == cr2->cr_ruid)
return (0);
if (suser_privileged) {
if (priv_check_cred(cr1, PRIV_SEEOTHERUIDS, 0) == 0)
return (0);
}
return (ESRCH);
}
开发者ID:2asoft,项目名称:freebsd,代码行数:28,代码来源:mac_seeotheruids.c
示例11: partition_cred_check_relabel
/*
* Object-specific entry points are sorted alphabetically by object type name
* and then by operation.
*/
static int
partition_cred_check_relabel(struct ucred *cred, struct label *newlabel)
{
int error;
error = 0;
/*
* Treat "0" as a no-op request because it reflects an unset
* partition label. If we ever want to support switching back to an
* unpartitioned state for a process, we'll need to differentiate the
* "not in a partition" and "no partition defined during internalize"
* conditions.
*/
if (SLOT(newlabel) != 0) {
/*
* Require BSD privilege in order to change the partition.
* Originally we also required that the process not be in a
* partition in the first place, but this didn't interact
* well with sendmail.
*/
error = priv_check_cred(cred, PRIV_MAC_PARTITION, 0);
}
return (error);
}
开发者ID:DangerDexter,项目名称:FreeBSD-8.0-dyntick,代码行数:30,代码来源:mac_partition.c
示例12: shm_chown
static int
shm_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred,
struct thread *td)
{
struct shmfd *shmfd;
int error;
error = 0;
shmfd = fp->f_data;
mtx_lock(&shm_timestamp_lock);
#ifdef MAC
error = mac_posixshm_check_setowner(active_cred, shmfd, uid, gid);
if (error != 0)
goto out;
#endif
if (uid == (uid_t)-1)
uid = shmfd->shm_uid;
if (gid == (gid_t)-1)
gid = shmfd->shm_gid;
if (((uid != shmfd->shm_uid && uid != active_cred->cr_uid) ||
(gid != shmfd->shm_gid && !groupmember(gid, active_cred))) &&
(error = priv_check_cred(active_cred, PRIV_VFS_CHOWN, 0)))
goto out;
shmfd->shm_uid = uid;
shmfd->shm_gid = gid;
out:
mtx_unlock(&shm_timestamp_lock);
return (error);
}
开发者ID:BillTheBest,项目名称:libuinet,代码行数:29,代码来源:uipc_shm.c
示例13: priv_check
/*
* Test whether the specified credentials have the privilege
* in question.
*
* A kernel thread without a process context is assumed to have
* the privilege in question. In situations where the caller always
* expect a cred to exist, the cred should be passed separately and
* priv_check_cred() should be used instead of priv_check().
*
* Returns 0 or error.
*
* MPSAFE
*/
int
priv_check(struct thread *td, int priv)
{
if (td->td_lwp != NULL)
return priv_check_cred(td->td_ucred, priv, 0);
return (0);
}
开发者ID:AhmadTux,项目名称:DragonFlyBSD,代码行数:20,代码来源:kern_prot.c
示例14: sys_setlogin
/*
* Set login name.
*/
int
sys_setlogin(struct setlogin_args *uap)
{
struct thread *td = curthread;
struct proc *p;
struct ucred *cred;
char buf[MAXLOGNAME];
int error;
cred = td->td_ucred;
p = td->td_proc;
if ((error = priv_check_cred(cred, PRIV_PROC_SETLOGIN, 0)))
return (error);
bzero(buf, sizeof(buf));
error = copyinstr(uap->namebuf, buf, sizeof(buf), NULL);
if (error == ENAMETOOLONG)
error = EINVAL;
if (error == 0) {
lwkt_gettoken(&proc_token);
memcpy(p->p_pgrp->pg_session->s_login, buf, sizeof(buf));
lwkt_reltoken(&proc_token);
}
return (error);
}
开发者ID:AhmadTux,项目名称:DragonFlyBSD,代码行数:28,代码来源:kern_prot.c
示例15: priv_check
int
priv_check(struct thread *td, int priv)
{
KASSERT(td == curthread, ("priv_check: td != curthread"));
return (priv_check_cred(td->td_ucred, priv, 0));
}
开发者ID:2asoft,项目名称:freebsd,代码行数:8,代码来源:kern_priv.c
示例16: secpolicy_vnode_setdac
int
secpolicy_vnode_setdac(kauth_cred_t cred, uid_t owner)
{
if (owner == cred->cr_uid)
return (0);
return (priv_check_cred(cred, PRIV_VFS_ADMIN, 0));
}
开发者ID:Logout22,项目名称:rumpkernel-netbsd-src,代码行数:8,代码来源:policy.c
示例17: ksem_access
/*
* Determine if the credentials have sufficient permissions for read
* and write access.
*/
static int
ksem_access(struct ksem *ks, struct ucred *ucred)
{
int error;
error = vaccess(VREG, ks->ks_mode, ks->ks_uid, ks->ks_gid,
VREAD | VWRITE, ucred, NULL);
if (error)
error = priv_check_cred(ucred, PRIV_SEM_WRITE, 0);
return (error);
}
开发者ID:rchander,项目名称:freebsd,代码行数:15,代码来源:uipc_sem.c
示例18: tmpfs_write
static int
tmpfs_write(struct vop_write_args *v)
{
struct vnode *vp;
struct uio *uio;
struct tmpfs_node *node;
off_t oldsize;
int error, ioflag;
boolean_t extended;
vp = v->a_vp;
uio = v->a_uio;
ioflag = v->a_ioflag;
error = 0;
node = VP_TO_TMPFS_NODE(vp);
oldsize = node->tn_size;
if (uio->uio_offset < 0 || vp->v_type != VREG)
return (EINVAL);
if (uio->uio_resid == 0)
return (0);
if (ioflag & IO_APPEND)
uio->uio_offset = node->tn_size;
if (uio->uio_offset + uio->uio_resid >
VFS_TO_TMPFS(vp->v_mount)->tm_maxfilesize)
return (EFBIG);
if (vn_rlimit_fsize(vp, uio, uio->uio_td))
return (EFBIG);
extended = uio->uio_offset + uio->uio_resid > node->tn_size;
if (extended) {
error = tmpfs_reg_resize(vp, uio->uio_offset + uio->uio_resid,
FALSE);
if (error != 0)
goto out;
}
error = uiomove_object(node->tn_reg.tn_aobj, node->tn_size, uio);
node->tn_status |= TMPFS_NODE_ACCESSED | TMPFS_NODE_MODIFIED |
(extended ? TMPFS_NODE_CHANGED : 0);
if (node->tn_mode & (S_ISUID | S_ISGID)) {
if (priv_check_cred(v->a_cred, PRIV_VFS_RETAINSUGID, 0))
node->tn_mode &= ~(S_ISUID | S_ISGID);
}
if (error != 0)
(void)tmpfs_reg_resize(vp, oldsize, TRUE);
out:
MPASS(IMPLIES(error == 0, uio->uio_resid == 0));
MPASS(IMPLIES(error != 0, oldsize == node->tn_size));
return (error);
}
开发者ID:ChaosJohn,项目名称:freebsd,代码行数:52,代码来源:tmpfs_vnops.c
示例19: secpolicy_setid_clear
void
secpolicy_setid_clear(struct vattr *vap, kauth_cred_t cred)
{
if (kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL))
return;
if ((vap->va_mode & (S_ISUID | S_ISGID)) != 0) {
if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID, 0)) {
vap->va_mask |= AT_MODE;
vap->va_mode &= ~(S_ISUID|S_ISGID);
}
}
}
开发者ID:Logout22,项目名称:rumpkernel-netbsd-src,代码行数:14,代码来源:policy.c
示例20: ngc_attach
static void
ngc_attach(netmsg_t msg)
{
struct socket *so = msg->attach.base.nm_so;
struct pru_attach_info *ai = msg->attach.nm_ai;
struct ngpcb *const pcbp = sotongpcb(so);
int error;
if (priv_check_cred(ai->p_ucred, PRIV_ROOT, NULL_CRED_OKAY) != 0)
error = EPERM;
else if (pcbp != NULL)
error = EISCONN;
else
error = ng_attach_cntl(so);
lwkt_replymsg(&msg->attach.base.lmsg, error);
}
开发者ID:wan721,项目名称:DragonFlyBSD,代码行数:16,代码来源:ng_socket.c
注:本文中的priv_check_cred函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论