1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 28 /* All Rights Reserved */ 29 30 31 #pragma ident "%Z%%M% %I% %E% SMI" 32 33 #include <sys/types.h> 34 #include <sys/sysmacros.h> 35 #include <sys/param.h> 36 #include <sys/systm.h> 37 #include <sys/file.h> 38 #include <sys/vfs.h> 39 #include <sys/vnode.h> 40 #include <sys/errno.h> 41 #include <sys/signal.h> 42 #include <sys/pcb.h> 43 #include <sys/cred.h> 44 #include <sys/policy.h> 45 #include <sys/user.h> 46 #include <sys/buf.h> 47 #include <sys/var.h> 48 #include <sys/conf.h> 49 #include <sys/debug.h> 50 #include <sys/proc.h> 51 #include <sys/session.h> 52 #include <sys/kmem.h> 53 #include <sys/cmn_err.h> 54 #include <sys/strsubr.h> 55 56 sess_t session0 = { 57 1, /* s_ref */ 58 0555, /* s_mode */ 59 0, /* s_uid */ 60 0, /* s_gid */ 61 0, /* s_ctime */ 62 NODEV, /* s_dev */ 63 NULL, /* s_vp */ 64 &pid0, /* s_sidp */ 65 NULL /* s_cred */ 66 }; 67 68 void 69 sess_rele(sess_t *sp) 70 { 71 ASSERT(MUTEX_HELD(&pidlock)); 72 73 ASSERT(sp->s_ref != 0); 74 if (--sp->s_ref == 0) { 75 if (sp == &session0) 76 panic("sp == &session0"); 77 PID_RELE(sp->s_sidp); 78 mutex_destroy(&sp->s_lock); 79 cv_destroy(&sp->s_wait_cv); 80 kmem_free(sp, sizeof (sess_t)); 81 } 82 } 83 84 void 85 sess_create(void) 86 { 87 proc_t *pp; 88 sess_t *sp; 89 90 pp = ttoproc(curthread); 91 92 sp = kmem_zalloc(sizeof (sess_t), KM_SLEEP); 93 94 mutex_init(&sp->s_lock, NULL, MUTEX_DEFAULT, NULL); 95 cv_init(&sp->s_wait_cv, NULL, CV_DEFAULT, NULL); 96 97 mutex_enter(&pidlock); 98 99 /* 100 * We need to protect p_pgidp with p_lock because 101 * /proc looks at it while holding only p_lock. 102 */ 103 mutex_enter(&pp->p_lock); 104 pgexit(pp); 105 SESS_RELE(pp->p_sessp); 106 107 sp->s_sidp = pp->p_pidp; 108 sp->s_ref = 1; 109 sp->s_dev = NODEV; 110 111 pp->p_sessp = sp; 112 113 pgjoin(pp, pp->p_pidp); 114 mutex_exit(&pp->p_lock); 115 116 PID_HOLD(sp->s_sidp); 117 mutex_exit(&pidlock); 118 } 119 120 void 121 freectty(sess_t *sp) 122 { 123 vnode_t *vp; 124 cred_t *cred; 125 126 vp = sp->s_vp; 127 128 strfreectty(vp->v_stream); 129 130 mutex_enter(&sp->s_lock); 131 while (sp->s_cnt > 0) { 132 cv_wait(&sp->s_wait_cv, &sp->s_lock); 133 } 134 ASSERT(sp->s_cnt == 0); 135 ASSERT(vp->v_count >= 1); 136 sp->s_vp = NULL; 137 cred = sp->s_cred; 138 139 /* 140 * It is possible for the VOP_CLOSE below to call strctty 141 * and reallocate a new tty vnode. To prevent that the 142 * session is marked as closing here. 143 */ 144 145 sp->s_flag = SESS_CLOSE; 146 sp->s_cred = NULL; 147 mutex_exit(&sp->s_lock); 148 149 /* 150 * This will be the only thread with access to 151 * this vnode, from this point on. 152 */ 153 154 (void) VOP_CLOSE(vp, 0, 1, (offset_t)0, cred); 155 VN_RELE(vp); 156 157 crfree(cred); 158 } 159 160 /* 161 * ++++++++++++++++++++++++ 162 * ++ SunOS4.1 Buyback ++ 163 * ++++++++++++++++++++++++ 164 * 165 * vhangup: Revoke access of the current tty by all processes 166 * Used by privileged users to give a "clean" terminal at login 167 */ 168 int 169 vhangup() 170 { 171 if (secpolicy_sys_config(CRED(), B_FALSE) != 0) 172 return (set_errno(EPERM)); 173 /* 174 * This routine used to call freectty() under a condition that 175 * could never happen. So this code has never actually done 176 * anything, and evidently nobody has ever noticed. 4098399. 177 */ 178 return (0); 179 } 180 181 dev_t 182 cttydev(proc_t *pp) 183 { 184 sess_t *sp = pp->p_sessp; 185 if (sp->s_vp == NULL) 186 return (NODEV); 187 return (sp->s_dev); 188 } 189 190 void 191 alloctty(proc_t *pp, vnode_t *vp) 192 { 193 sess_t *sp = pp->p_sessp; 194 cred_t *crp; 195 196 sp->s_vp = vp; 197 sp->s_dev = vp->v_rdev; 198 199 mutex_enter(&pp->p_crlock); 200 crhold(crp = pp->p_cred); 201 mutex_exit(&pp->p_crlock); 202 sp->s_cred = crp; 203 sp->s_uid = crgetuid(crp); 204 sp->s_ctime = gethrestime_sec(); 205 if (session0.s_mode & VSGID) 206 sp->s_gid = session0.s_gid; 207 else 208 sp->s_gid = crgetgid(crp); 209 sp->s_mode = (0666 & ~(PTOU(pp)->u_cmask)); 210 } 211 212 int 213 hascttyperm(sess_t *sp, cred_t *cr, mode_t mode) 214 { 215 int shift = 0; 216 217 if (crgetuid(cr) != sp->s_uid) { 218 shift += 3; 219 if (!groupmember(sp->s_gid, cr)) 220 shift += 3; 221 } 222 223 mode &= ~(sp->s_mode << shift); 224 225 if (mode == 0) 226 return (1); 227 228 return (secpolicy_vnode_access(cr, sp->s_vp, sp->s_uid, mode) == 0); 229 } 230