1 /* $NetBSD: sysv_ipc.c,v 1.7 1994/06/29 06:33:11 cgd Exp $ */ 2 /*- 3 * SPDX-License-Identifier: BSD-4-Clause 4 * 5 * Copyright (c) 1994 Herb Peyerl <hpeyerl@novatel.ca> 6 * Copyright (c) 2006 nCircle Network Security, Inc. 7 * All rights reserved. 8 * 9 * This software was developed by Robert N. M. Watson for the TrustedBSD 10 * Project under contract to nCircle Network Security, Inc. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. All advertising materials mentioning features or use of this software 21 * must display the following acknowledgement: 22 * This product includes software developed by Herb Peyerl. 23 * 4. The name of Herb Peyerl may not be used to endorse or promote products 24 * derived from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 27 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 28 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 29 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 30 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 31 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 32 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 33 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 34 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 35 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38 #include <sys/cdefs.h> 39 __FBSDID("$FreeBSD$"); 40 41 #include "opt_compat.h" 42 #include "opt_sysvipc.h" 43 44 #include <sys/param.h> 45 #include <sys/systm.h> 46 #include <sys/sem.h> 47 #include <sys/shm.h> 48 #include <sys/ipc.h> 49 #include <sys/priv.h> 50 #include <sys/proc.h> 51 #include <sys/ucred.h> 52 53 void (*shmfork_hook)(struct proc *, struct proc *) = NULL; 54 void (*shmexit_hook)(struct vmspace *) = NULL; 55 56 /* called from kern_fork.c */ 57 void 58 shmfork(p1, p2) 59 struct proc *p1, *p2; 60 { 61 62 if (shmfork_hook != NULL) 63 shmfork_hook(p1, p2); 64 return; 65 } 66 67 /* called from kern_exit.c */ 68 void 69 shmexit(struct vmspace *vm) 70 { 71 72 if (shmexit_hook != NULL) 73 shmexit_hook(vm); 74 return; 75 } 76 77 /* 78 * Check for IPC permission. 79 * 80 * Note: The MAC Framework does not require any modifications to the 81 * ipcperm() function, as access control checks are performed throughout the 82 * implementation of each primitive. Those entry point calls complement the 83 * ipcperm() discertionary checks. Unlike file system discretionary access 84 * control, the original create of an object is given the same rights as the 85 * current owner. 86 */ 87 int 88 ipcperm(struct thread *td, struct ipc_perm *perm, int acc_mode) 89 { 90 struct ucred *cred = td->td_ucred; 91 int error, obj_mode, dac_granted, priv_granted; 92 93 dac_granted = 0; 94 if (cred->cr_uid == perm->cuid || cred->cr_uid == perm->uid) { 95 obj_mode = perm->mode; 96 dac_granted |= IPC_M; 97 } else if (groupmember(perm->gid, cred) || 98 groupmember(perm->cgid, cred)) { 99 obj_mode = perm->mode; 100 obj_mode <<= 3; 101 } else { 102 obj_mode = perm->mode; 103 obj_mode <<= 6; 104 } 105 106 /* 107 * While the System V IPC permission model allows IPC_M to be 108 * granted, as part of the mode, our implementation requires 109 * privilege to adminster the object if not the owner or creator. 110 */ 111 #if 0 112 if (obj_mode & IPC_M) 113 dac_granted |= IPC_M; 114 #endif 115 if (obj_mode & IPC_R) 116 dac_granted |= IPC_R; 117 if (obj_mode & IPC_W) 118 dac_granted |= IPC_W; 119 120 /* 121 * Simple case: all required rights are granted by DAC. 122 */ 123 if ((dac_granted & acc_mode) == acc_mode) 124 return (0); 125 126 /* 127 * Privilege is required to satisfy the request. 128 */ 129 priv_granted = 0; 130 if ((acc_mode & IPC_M) && !(dac_granted & IPC_M)) { 131 error = priv_check(td, PRIV_IPC_ADMIN); 132 if (error == 0) 133 priv_granted |= IPC_M; 134 } 135 136 if ((acc_mode & IPC_R) && !(dac_granted & IPC_R)) { 137 error = priv_check(td, PRIV_IPC_READ); 138 if (error == 0) 139 priv_granted |= IPC_R; 140 } 141 142 if ((acc_mode & IPC_W) && !(dac_granted & IPC_W)) { 143 error = priv_check(td, PRIV_IPC_WRITE); 144 if (error == 0) 145 priv_granted |= IPC_W; 146 } 147 148 if (((dac_granted | priv_granted) & acc_mode) == acc_mode) 149 return (0); 150 else 151 return (EACCES); 152 } 153 154 #if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \ 155 defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) 156 void 157 ipcperm_old2new(struct ipc_perm_old *old, struct ipc_perm *new) 158 { 159 160 new->cuid = old->cuid; 161 new->cgid = old->cgid; 162 new->uid = old->uid; 163 new->gid = old->gid; 164 new->mode = old->mode; 165 new->seq = old->seq; 166 new->key = old->key; 167 } 168 169 void 170 ipcperm_new2old(struct ipc_perm *new, struct ipc_perm_old *old) 171 { 172 173 /* XXX: How to handle ID's > USHORT_MAX? */ 174 old->cuid = new->cuid; 175 old->cgid = new->cgid; 176 old->uid = new->uid; 177 old->gid = new->gid; 178 old->mode = new->mode; 179 old->seq = new->seq; 180 old->key = new->key; 181 } 182 #endif 183 184 #ifdef COMPAT_FREEBSD32 185 #include <sys/mount.h> 186 #include <sys/socket.h> 187 #include <compat/freebsd32/freebsd32.h> 188 #include <compat/freebsd32/freebsd32_ipc.h> 189 #include <compat/freebsd32/freebsd32_proto.h> 190 #include <compat/freebsd32/freebsd32_signal.h> 191 #include <compat/freebsd32/freebsd32_syscall.h> 192 #include <compat/freebsd32/freebsd32_util.h> 193 194 #if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \ 195 defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) 196 void 197 freebsd32_ipcperm_old_in(struct ipc_perm32_old *ip32, struct ipc_perm *ip) 198 { 199 200 CP(*ip32, *ip, cuid); 201 CP(*ip32, *ip, cgid); 202 CP(*ip32, *ip, uid); 203 CP(*ip32, *ip, gid); 204 CP(*ip32, *ip, mode); 205 CP(*ip32, *ip, seq); 206 CP(*ip32, *ip, key); 207 } 208 209 void 210 freebsd32_ipcperm_old_out(struct ipc_perm *ip, struct ipc_perm32_old *ip32) 211 { 212 213 CP(*ip, *ip32, cuid); 214 CP(*ip, *ip32, cgid); 215 CP(*ip, *ip32, uid); 216 CP(*ip, *ip32, gid); 217 CP(*ip, *ip32, mode); 218 CP(*ip, *ip32, seq); 219 CP(*ip, *ip32, key); 220 } 221 #endif 222 223 void 224 freebsd32_ipcperm_in(struct ipc_perm32 *ip32, struct ipc_perm *ip) 225 { 226 227 CP(*ip32, *ip, cuid); 228 CP(*ip32, *ip, cgid); 229 CP(*ip32, *ip, uid); 230 CP(*ip32, *ip, gid); 231 CP(*ip32, *ip, mode); 232 CP(*ip32, *ip, seq); 233 CP(*ip32, *ip, key); 234 } 235 236 void 237 freebsd32_ipcperm_out(struct ipc_perm *ip, struct ipc_perm32 *ip32) 238 { 239 240 CP(*ip, *ip32, cuid); 241 CP(*ip, *ip32, cgid); 242 CP(*ip, *ip32, uid); 243 CP(*ip, *ip32, gid); 244 CP(*ip, *ip32, mode); 245 CP(*ip, *ip32, seq); 246 CP(*ip, *ip32, key); 247 } 248 #endif 249