1 /* $NetBSD: sysv_ipc.c,v 1.7 1994/06/29 06:33:11 cgd Exp $ */ 2 /*- 3 * Copyright (c) 1994 Herb Peyerl <hpeyerl@novatel.ca> 4 * Copyright (c) 2006 nCircle Network Security, Inc. 5 * All rights reserved. 6 * 7 * This software was developed by Robert N. M. Watson for the TrustedBSD 8 * Project under contract to nCircle Network Security, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by Herb Peyerl. 21 * 4. The name of Herb Peyerl may not be used to endorse or promote products 22 * derived from this software without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 25 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 26 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 27 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 28 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 29 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 30 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 31 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 32 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36 #include <sys/cdefs.h> 37 __FBSDID("$FreeBSD$"); 38 39 #include "opt_compat.h" 40 #include "opt_sysvipc.h" 41 42 #include <sys/param.h> 43 #include <sys/systm.h> 44 #include <sys/sem.h> 45 #include <sys/shm.h> 46 #include <sys/ipc.h> 47 #include <sys/priv.h> 48 #include <sys/proc.h> 49 #include <sys/ucred.h> 50 51 void (*shmfork_hook)(struct proc *, struct proc *) = NULL; 52 void (*shmexit_hook)(struct vmspace *) = NULL; 53 54 /* called from kern_fork.c */ 55 void 56 shmfork(p1, p2) 57 struct proc *p1, *p2; 58 { 59 60 if (shmfork_hook != NULL) 61 shmfork_hook(p1, p2); 62 return; 63 } 64 65 /* called from kern_exit.c */ 66 void 67 shmexit(struct vmspace *vm) 68 { 69 70 if (shmexit_hook != NULL) 71 shmexit_hook(vm); 72 return; 73 } 74 75 /* 76 * Check for IPC permission. 77 * 78 * Note: The MAC Framework does not require any modifications to the 79 * ipcperm() function, as access control checks are performed throughout the 80 * implementation of each primitive. Those entry point calls complement the 81 * ipcperm() discertionary checks. Unlike file system discretionary access 82 * control, the original create of an object is given the same rights as the 83 * current owner. 84 */ 85 int 86 ipcperm(struct thread *td, struct ipc_perm *perm, int acc_mode) 87 { 88 struct ucred *cred = td->td_ucred; 89 int error, obj_mode, dac_granted, priv_granted; 90 91 dac_granted = 0; 92 if (cred->cr_uid == perm->cuid || cred->cr_uid == perm->uid) { 93 obj_mode = perm->mode; 94 dac_granted |= IPC_M; 95 } else if (groupmember(perm->gid, cred) || 96 groupmember(perm->cgid, cred)) { 97 obj_mode = perm->mode; 98 obj_mode <<= 3; 99 } else { 100 obj_mode = perm->mode; 101 obj_mode <<= 6; 102 } 103 104 /* 105 * While the System V IPC permission model allows IPC_M to be 106 * granted, as part of the mode, our implementation requires 107 * privilege to adminster the object if not the owner or creator. 108 */ 109 #if 0 110 if (obj_mode & IPC_M) 111 dac_granted |= IPC_M; 112 #endif 113 if (obj_mode & IPC_R) 114 dac_granted |= IPC_R; 115 if (obj_mode & IPC_W) 116 dac_granted |= IPC_W; 117 118 /* 119 * Simple case: all required rights are granted by DAC. 120 */ 121 if ((dac_granted & acc_mode) == acc_mode) 122 return (0); 123 124 /* 125 * Privilege is required to satisfy the request. 126 */ 127 priv_granted = 0; 128 if ((acc_mode & IPC_M) && !(dac_granted & IPC_M)) { 129 error = priv_check(td, PRIV_IPC_ADMIN); 130 if (error == 0) 131 priv_granted |= IPC_M; 132 } 133 134 if ((acc_mode & IPC_R) && !(dac_granted & IPC_R)) { 135 error = priv_check(td, PRIV_IPC_READ); 136 if (error == 0) 137 priv_granted |= IPC_R; 138 } 139 140 if ((acc_mode & IPC_W) && !(dac_granted & IPC_W)) { 141 error = priv_check(td, PRIV_IPC_WRITE); 142 if (error == 0) 143 priv_granted |= IPC_W; 144 } 145 146 if (((dac_granted | priv_granted) & acc_mode) == acc_mode) 147 return (0); 148 else 149 return (EACCES); 150 } 151 152 #if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \ 153 defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) 154 void 155 ipcperm_old2new(struct ipc_perm_old *old, struct ipc_perm *new) 156 { 157 158 new->cuid = old->cuid; 159 new->cgid = old->cgid; 160 new->uid = old->uid; 161 new->gid = old->gid; 162 new->mode = old->mode; 163 new->seq = old->seq; 164 new->key = old->key; 165 } 166 167 void 168 ipcperm_new2old(struct ipc_perm *new, struct ipc_perm_old *old) 169 { 170 171 /* XXX: How to handle ID's > USHORT_MAX? */ 172 old->cuid = new->cuid; 173 old->cgid = new->cgid; 174 old->uid = new->uid; 175 old->gid = new->gid; 176 old->mode = new->mode; 177 old->seq = new->seq; 178 old->key = new->key; 179 } 180 #endif 181 182 #ifdef COMPAT_FREEBSD32 183 #include <sys/mount.h> 184 #include <sys/socket.h> 185 #include <compat/freebsd32/freebsd32.h> 186 #include <compat/freebsd32/freebsd32_ipc.h> 187 #include <compat/freebsd32/freebsd32_proto.h> 188 #include <compat/freebsd32/freebsd32_signal.h> 189 #include <compat/freebsd32/freebsd32_syscall.h> 190 #include <compat/freebsd32/freebsd32_util.h> 191 192 #if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \ 193 defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) 194 void 195 freebsd32_ipcperm_old_in(struct ipc_perm32_old *ip32, struct ipc_perm *ip) 196 { 197 198 CP(*ip32, *ip, cuid); 199 CP(*ip32, *ip, cgid); 200 CP(*ip32, *ip, uid); 201 CP(*ip32, *ip, gid); 202 CP(*ip32, *ip, mode); 203 CP(*ip32, *ip, seq); 204 CP(*ip32, *ip, key); 205 } 206 207 void 208 freebsd32_ipcperm_old_out(struct ipc_perm *ip, struct ipc_perm32_old *ip32) 209 { 210 211 CP(*ip, *ip32, cuid); 212 CP(*ip, *ip32, cgid); 213 CP(*ip, *ip32, uid); 214 CP(*ip, *ip32, gid); 215 CP(*ip, *ip32, mode); 216 CP(*ip, *ip32, seq); 217 CP(*ip, *ip32, key); 218 } 219 #endif 220 221 void 222 freebsd32_ipcperm_in(struct ipc_perm32 *ip32, struct ipc_perm *ip) 223 { 224 225 CP(*ip32, *ip, cuid); 226 CP(*ip32, *ip, cgid); 227 CP(*ip32, *ip, uid); 228 CP(*ip32, *ip, gid); 229 CP(*ip32, *ip, mode); 230 CP(*ip32, *ip, seq); 231 CP(*ip32, *ip, key); 232 } 233 234 void 235 freebsd32_ipcperm_out(struct ipc_perm *ip, struct ipc_perm32 *ip32) 236 { 237 238 CP(*ip, *ip32, cuid); 239 CP(*ip, *ip32, cgid); 240 CP(*ip, *ip32, uid); 241 CP(*ip, *ip32, gid); 242 CP(*ip, *ip32, mode); 243 CP(*ip, *ip32, seq); 244 CP(*ip, *ip32, key); 245 } 246 #endif 247