• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

C++ priv_check_cred函数代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了C++中priv_check_cred函数的典型用法代码示例。如果您正苦于以下问题:C++ priv_check_cred函数的具体用法?C++ priv_check_cred怎么用?C++ priv_check_cred使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。



在下文中一共展示了priv_check_cred函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。

示例1: random_ioctl

static int 
random_ioctl(cdev_t dev, u_long cmd, caddr_t data, int flags, struct ucred *cred)
{
	int error;
	int intr;
	
	/*
	 * Even inspecting the state is privileged, since it gives a hint
	 * about how easily the randomness might be guessed.
	 */
	error = 0;

	switch (cmd) {
	/* Really handled in upper layer */
	case FIOASYNC:
		break;
	case MEM_SETIRQ:
		intr = *(int16_t *)data;
		if ((error = priv_check_cred(cred, PRIV_ROOT, 0)) != 0)
			break;
		if (intr < 0 || intr >= MAX_INTS)
			return (EINVAL);
		register_randintr(intr);
		break;
	case MEM_CLEARIRQ:
		intr = *(int16_t *)data;
		if ((error = priv_check_cred(cred, PRIV_ROOT, 0)) != 0)
			break;
		if (intr < 0 || intr >= MAX_INTS)
			return (EINVAL);
		unregister_randintr(intr);
		break;
	case MEM_RETURNIRQ:
		error = ENOTSUP;
		break;
	case MEM_FINDIRQ:
		intr = *(int16_t *)data;
		if ((error = priv_check_cred(cred, PRIV_ROOT, 0)) != 0)
			break;
		if (intr < 0 || intr >= MAX_INTS)
			return (EINVAL);
		intr = next_registered_randintr(intr);
		if (intr == MAX_INTS)
			return (ENOENT);
		*(u_int16_t *)data = intr;
		break;
	default:
		error = ENOTSUP;
		break;
	}
	return (error);
}
开发者ID:victoredwardocallaghan,项目名称:DragonFlyBSD,代码行数:52,代码来源:kern_memio.c


示例2: mmopen

static int
mmopen(struct dev_open_args *ap)
{
	cdev_t dev = ap->a_head.a_dev;
	int error;

	switch (minor(dev)) {
	case 0:
	case 1:
		if (ap->a_oflags & FWRITE) {
			if (securelevel > 0 || kernel_mem_readonly)
				return (EPERM);
		}
		error = 0;
		break;
	case 14:
		error = priv_check_cred(ap->a_cred, PRIV_ROOT, 0);
		if (error != 0)
			break;
		if (securelevel > 0 || kernel_mem_readonly) {
			error = EPERM;
			break;
		}
		error = cpu_set_iopl();
		break;
	default:
		error = 0;
		break;
	}
	return (error);
}
开发者ID:victoredwardocallaghan,项目名称:DragonFlyBSD,代码行数:31,代码来源:kern_memio.c


示例3: system_override

/* system call implementation */
int
system_override(__unused struct proc *p, struct system_override_args * uap, __unused int32_t *retval)
{
	uint64_t timeout = uap->timeout;
	uint64_t flags = uap->flags;
	int error = 0;

	/* Check credentials for caller. Only entitled processes are allowed to make this call. */
	if ((error = priv_check_cred(kauth_cred_get(), PRIV_SYSTEM_OVERRIDE, 0))) {
		goto out;
	}	

	/* Check to see if some flags are specified. Zero flags are invalid. */
	if ((flags == 0) || ((flags & ~SYS_OVERRIDE_FLAGS_MASK) != 0)) {
		error = EINVAL;
		goto out;
	}

	lck_mtx_lock(&sys_override_lock);

	enable_system_override(flags);

	PROCESS_OVERRIDING_SYSTEM_DEFAULTS(timeout);

	disable_system_override(flags);

	lck_mtx_unlock(&sys_override_lock);

out:
	return error;
}
开发者ID:Bitesher,项目名称:xnu,代码行数:32,代码来源:kern_overrides.c


示例4: sys_mlockall

/*
 * mlockall(int how)
 *
 * No requirements
 */
int
sys_mlockall(struct mlockall_args *uap)
{
	struct thread *td = curthread;
	struct proc *p = td->td_proc;
	vm_map_t map = &p->p_vmspace->vm_map;
	vm_map_entry_t entry;
	int how = uap->how;
	int rc = KERN_SUCCESS;

	if (((how & MCL_CURRENT) == 0) && ((how & MCL_FUTURE) == 0))
		return (EINVAL);

	rc = priv_check_cred(td->td_ucred, PRIV_ROOT, 0);
	if (rc) 
		return (rc);

	vm_map_lock(map);
	do {
		if (how & MCL_CURRENT) {
			for(entry = map->header.next;
			    entry != &map->header;
			    entry = entry->next);

			rc = ENOSYS;
			break;
		}
	
		if (how & MCL_FUTURE)
			map->flags |= MAP_WIREFUTURE;
	} while(0);
	vm_map_unlock(map);

	return (rc);
}
开发者ID:wan721,项目名称:DragonFlyBSD,代码行数:40,代码来源:vm_mmap.c


示例5: zone_dataset_attach

int
zone_dataset_attach(struct ucred *cred, const char *dataset, int jailid)
{
	struct zone_dataset_head *head;
	zone_dataset_t *zd, *zd2;
	struct prison *pr;
	int dofree, error;

	if ((error = priv_check_cred(cred, PRIV_ZFS_JAIL, 0)) != 0)
		return (error);

	/* Allocate memory before we grab prison's mutex. */
	zd = malloc(sizeof(*zd) + strlen(dataset) + 1, M_ZONES, M_WAITOK);

	sx_slock(&allprison_lock);
	pr = prison_find(jailid);	/* Locks &pr->pr_mtx. */
	sx_sunlock(&allprison_lock);
	if (pr == NULL) {
		free(zd, M_ZONES);
		return (ENOENT);
	}

	head = osd_jail_get(pr, zone_slot);
	if (head != NULL) {
		dofree = 0;
		LIST_FOREACH(zd2, head, zd_next) {
			if (strcmp(dataset, zd2->zd_dataset) == 0) {
				free(zd, M_ZONES);
				error = EEXIST;
				goto end;
			}
		}
	} else {
开发者ID:151706061,项目名称:osv,代码行数:33,代码来源:opensolaris_zone.c


示例6: sys_osethostname

int
sys_osethostname(struct sethostname_args *uap)
{
	struct thread *td = curthread;
	size_t len;
	char *hostname;
	int name[2];
	int error;

	name[0] = CTL_KERN;
	name[1] = KERN_HOSTNAME;
	error = priv_check_cred(td->td_ucred, PRIV_SETHOSTNAME, 0);
	if (error)
		return (error);
	len = MIN(uap->len, MAXHOSTNAMELEN);
	hostname = kmalloc(MAXHOSTNAMELEN, M_TEMP, M_WAITOK);

	error = copyin(uap->hostname, hostname, len);
	if (error) {
		kfree(hostname, M_TEMP);
		return (error);
	}

	error = kernel_sysctl(name, 2, NULL, 0, hostname, len, NULL);

	kfree(hostname, M_TEMP);
	return (error);
}
开发者ID:mihaicarabas,项目名称:dragonfly,代码行数:28,代码来源:43bsd_hostinfo.c


示例7: sys_setegid

int
sys_setegid(struct setegid_args *uap)
{
	struct proc *p = curproc;
	struct ucred *cr;
	gid_t egid;
	int error;

	lwkt_gettoken(&proc_token);
	cr = p->p_ucred;
	egid = uap->egid;
	if (egid != cr->cr_rgid &&		/* allow setegid(getgid()) */
	    egid != cr->cr_svgid &&		/* allow setegid(saved gid) */
	    (error = priv_check_cred(cr, PRIV_CRED_SETEGID, 0))) {
		goto done;
	}
	if (cr->cr_groups[0] != egid) {
		cr = cratom(&p->p_ucred);
		cr->cr_groups[0] = egid;
		setsugid();
	}
	error = 0;
done:
	lwkt_reltoken(&proc_token);
	return (error);
}
开发者ID:AhmadTux,项目名称:DragonFlyBSD,代码行数:26,代码来源:kern_prot.c


示例8: sys_seteuid

int
sys_seteuid(struct seteuid_args *uap)
{
	struct proc *p = curproc;
	struct ucred *cr;
	uid_t euid;
	int error;

	lwkt_gettoken(&proc_token);
	cr = p->p_ucred;
	euid = uap->euid;
	if (euid != cr->cr_ruid &&		/* allow seteuid(getuid()) */
	    euid != cr->cr_svuid &&		/* allow seteuid(saved uid) */
	    (error = priv_check_cred(cr, PRIV_CRED_SETEUID, 0))) {
		lwkt_reltoken(&proc_token);
		return (error);
	}

	/*
	 * Everything's okay, do it.  Copy credentials so other references do
	 * not see our changes.
	 */
	if (cr->cr_uid != euid) {
		change_euid(euid);
		setsugid();
	}
	lwkt_reltoken(&proc_token);
	return (0);
}
开发者ID:AhmadTux,项目名称:DragonFlyBSD,代码行数:29,代码来源:kern_prot.c


示例9: ksem_chown

static int
ksem_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred,
    struct thread *td)
{
	struct ksem *ks;
	int error;

	error = 0;
	ks = fp->f_data;
	mtx_lock(&sem_lock);
#ifdef MAC
	error = mac_posixsem_check_setowner(active_cred, ks, uid, gid);
	if (error != 0)
		goto out;
#endif
	if (uid == (uid_t)-1)
		uid = ks->ks_uid;
	if (gid == (gid_t)-1)
                 gid = ks->ks_gid;
	if (((uid != ks->ks_uid && uid != active_cred->cr_uid) ||
	    (gid != ks->ks_gid && !groupmember(gid, active_cred))) &&
	    (error = priv_check_cred(active_cred, PRIV_VFS_CHOWN, 0)))
		goto out;
	ks->ks_uid = uid;
	ks->ks_gid = gid;
out:
	mtx_unlock(&sem_lock);
	return (error);
}
开发者ID:rchander,项目名称:freebsd,代码行数:29,代码来源:uipc_sem.c


示例10: seeotheruids_check

static int
seeotheruids_check(struct ucred *cr1, struct ucred *cr2)
{

	if (!seeotheruids_enabled)
		return (0);

	if (primarygroup_enabled) {
		if (cr1->cr_rgid == cr2->cr_rgid)
			return (0);
	}

	if (specificgid_enabled) {
		if (cr1->cr_rgid == specificgid ||
		    groupmember(specificgid, cr1))
			return (0);
	}

	if (cr1->cr_ruid == cr2->cr_ruid)
		return (0);

	if (suser_privileged) {
		if (priv_check_cred(cr1, PRIV_SEEOTHERUIDS, 0) == 0)
			return (0);
	}

	return (ESRCH);
}
开发者ID:2asoft,项目名称:freebsd,代码行数:28,代码来源:mac_seeotheruids.c


示例11: partition_cred_check_relabel

/*
 * Object-specific entry points are sorted alphabetically by object type name
 * and then by operation.
 */
static int
partition_cred_check_relabel(struct ucred *cred, struct label *newlabel)
{
	int error;

	error = 0;

	/*
	 * Treat "0" as a no-op request because it reflects an unset
	 * partition label.  If we ever want to support switching back to an
	 * unpartitioned state for a process, we'll need to differentiate the
	 * "not in a partition" and "no partition defined during internalize"
	 * conditions.
	 */
	if (SLOT(newlabel) != 0) {
		/*
		 * Require BSD privilege in order to change the partition.
		 * Originally we also required that the process not be in a
		 * partition in the first place, but this didn't interact
		 * well with sendmail.
		 */
		error = priv_check_cred(cred, PRIV_MAC_PARTITION, 0);
	}

	return (error);
}
开发者ID:DangerDexter,项目名称:FreeBSD-8.0-dyntick,代码行数:30,代码来源:mac_partition.c


示例12: shm_chown

static int
shm_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred,
    struct thread *td)
{
	struct shmfd *shmfd;
	int error;

	error = 0;
	shmfd = fp->f_data;
	mtx_lock(&shm_timestamp_lock);
#ifdef MAC
	error = mac_posixshm_check_setowner(active_cred, shmfd, uid, gid);
	if (error != 0)
		goto out;
#endif
	if (uid == (uid_t)-1)
		uid = shmfd->shm_uid;
	if (gid == (gid_t)-1)
                 gid = shmfd->shm_gid;
	if (((uid != shmfd->shm_uid && uid != active_cred->cr_uid) ||
	    (gid != shmfd->shm_gid && !groupmember(gid, active_cred))) &&
	    (error = priv_check_cred(active_cred, PRIV_VFS_CHOWN, 0)))
		goto out;
	shmfd->shm_uid = uid;
	shmfd->shm_gid = gid;
out:
	mtx_unlock(&shm_timestamp_lock);
	return (error);
}
开发者ID:BillTheBest,项目名称:libuinet,代码行数:29,代码来源:uipc_shm.c


示例13: priv_check

/*
 * Test whether the specified credentials have the privilege
 * in question.
 *
 * A kernel thread without a process context is assumed to have 
 * the privilege in question.  In situations where the caller always 
 * expect a cred to exist, the cred should be passed separately and 
 * priv_check_cred() should be used instead of priv_check().
 *
 * Returns 0 or error.
 *
 * MPSAFE
 */
int
priv_check(struct thread *td, int priv)
{
	if (td->td_lwp != NULL)
		return priv_check_cred(td->td_ucred, priv, 0);
	return (0);
}
开发者ID:AhmadTux,项目名称:DragonFlyBSD,代码行数:20,代码来源:kern_prot.c


示例14: sys_setlogin

/*
 * Set login name.
 */
int
sys_setlogin(struct setlogin_args *uap)
{
	struct thread *td = curthread;
	struct proc *p;
	struct ucred *cred;
	char buf[MAXLOGNAME];
	int error;

	cred = td->td_ucred;
	p = td->td_proc;

	if ((error = priv_check_cred(cred, PRIV_PROC_SETLOGIN, 0)))
		return (error);
	bzero(buf, sizeof(buf));
	error = copyinstr(uap->namebuf, buf, sizeof(buf), NULL);
	if (error == ENAMETOOLONG)
		error = EINVAL;
	if (error == 0) {
		lwkt_gettoken(&proc_token);
		memcpy(p->p_pgrp->pg_session->s_login, buf, sizeof(buf));
		lwkt_reltoken(&proc_token);
	}
	return (error);
}
开发者ID:AhmadTux,项目名称:DragonFlyBSD,代码行数:28,代码来源:kern_prot.c


示例15: priv_check

int
priv_check(struct thread *td, int priv)
{

	KASSERT(td == curthread, ("priv_check: td != curthread"));

	return (priv_check_cred(td->td_ucred, priv, 0));
}
开发者ID:2asoft,项目名称:freebsd,代码行数:8,代码来源:kern_priv.c


示例16: secpolicy_vnode_setdac

int
secpolicy_vnode_setdac(kauth_cred_t cred, uid_t owner)
{

	if (owner == cred->cr_uid)
		return (0);
	return (priv_check_cred(cred, PRIV_VFS_ADMIN, 0));
}
开发者ID:Logout22,项目名称:rumpkernel-netbsd-src,代码行数:8,代码来源:policy.c


示例17: ksem_access

/*
 * Determine if the credentials have sufficient permissions for read
 * and write access.
 */
static int
ksem_access(struct ksem *ks, struct ucred *ucred)
{
	int error;

	error = vaccess(VREG, ks->ks_mode, ks->ks_uid, ks->ks_gid,
	    VREAD | VWRITE, ucred, NULL);
	if (error)
		error = priv_check_cred(ucred, PRIV_SEM_WRITE, 0);
	return (error);
}
开发者ID:rchander,项目名称:freebsd,代码行数:15,代码来源:uipc_sem.c


示例18: tmpfs_write

static int
tmpfs_write(struct vop_write_args *v)
{
	struct vnode *vp;
	struct uio *uio;
	struct tmpfs_node *node;
	off_t oldsize;
	int error, ioflag;
	boolean_t extended;

	vp = v->a_vp;
	uio = v->a_uio;
	ioflag = v->a_ioflag;
	error = 0;
	node = VP_TO_TMPFS_NODE(vp);
	oldsize = node->tn_size;

	if (uio->uio_offset < 0 || vp->v_type != VREG)
		return (EINVAL);
	if (uio->uio_resid == 0)
		return (0);
	if (ioflag & IO_APPEND)
		uio->uio_offset = node->tn_size;
	if (uio->uio_offset + uio->uio_resid >
	  VFS_TO_TMPFS(vp->v_mount)->tm_maxfilesize)
		return (EFBIG);
	if (vn_rlimit_fsize(vp, uio, uio->uio_td))
		return (EFBIG);
	extended = uio->uio_offset + uio->uio_resid > node->tn_size;
	if (extended) {
		error = tmpfs_reg_resize(vp, uio->uio_offset + uio->uio_resid,
		    FALSE);
		if (error != 0)
			goto out;
	}

	error = uiomove_object(node->tn_reg.tn_aobj, node->tn_size, uio);
	node->tn_status |= TMPFS_NODE_ACCESSED | TMPFS_NODE_MODIFIED |
	    (extended ? TMPFS_NODE_CHANGED : 0);
	if (node->tn_mode & (S_ISUID | S_ISGID)) {
		if (priv_check_cred(v->a_cred, PRIV_VFS_RETAINSUGID, 0))
			node->tn_mode &= ~(S_ISUID | S_ISGID);
	}
	if (error != 0)
		(void)tmpfs_reg_resize(vp, oldsize, TRUE);

out:
	MPASS(IMPLIES(error == 0, uio->uio_resid == 0));
	MPASS(IMPLIES(error != 0, oldsize == node->tn_size));

	return (error);
}
开发者ID:ChaosJohn,项目名称:freebsd,代码行数:52,代码来源:tmpfs_vnops.c


示例19: secpolicy_setid_clear

void
secpolicy_setid_clear(struct vattr *vap, kauth_cred_t cred)
{

	if (kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL))
		return;

	if ((vap->va_mode & (S_ISUID | S_ISGID)) != 0) {
		if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID, 0)) {
			vap->va_mask |= AT_MODE;
			vap->va_mode &= ~(S_ISUID|S_ISGID);
		}
	}
}
开发者ID:Logout22,项目名称:rumpkernel-netbsd-src,代码行数:14,代码来源:policy.c


示例20: ngc_attach

static void
ngc_attach(netmsg_t msg)
{
	struct socket *so = msg->attach.base.nm_so;
	struct pru_attach_info *ai = msg->attach.nm_ai;
	struct ngpcb *const pcbp = sotongpcb(so);
	int error;

	if (priv_check_cred(ai->p_ucred, PRIV_ROOT, NULL_CRED_OKAY) != 0)
		error = EPERM;
	else if (pcbp != NULL)
		error = EISCONN;
	else
		error = ng_attach_cntl(so);
	lwkt_replymsg(&msg->attach.base.lmsg, error);
}
开发者ID:wan721,项目名称:DragonFlyBSD,代码行数:16,代码来源:ng_socket.c



注:本文中的priv_check_cred函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
C++ private_nh函数代码示例发布时间:2022-05-30
下一篇:
C++ priv函数代码示例发布时间:2022-05-30
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap