From nobody Tue Jan  6 13:34:29 2026
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4dlsbB2N1Yz6NddH
	for <dev-commits-src-all@mlmmj.nyi.freebsd.org>; Tue, 06 Jan 2026 13:34:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4dlsb9567zz3SvF
	for <dev-commits-src-all@FreeBSD.org>; Tue, 06 Jan 2026 13:34:29 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1767706469;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=nVohu9ftsTmPuF1FhVlLDzzZBDG9DzS1FKqsldpiHm0=;
	b=TjG2On1k3lOJJXMiT0IaxGfSxYCu0phd+7sjZHaRNgFZ+qW/GhqOWm0ZZuXqrNp1971zvQ
	FiE371djFm6WxKuLJrIWIog0VVvh8v1vOo3iU+g9iXMbkwSpqx5urdvF3A/u/glnqkIYr9
	EzjT8knuDHc7z9UudL52ob7NWluPzUgS9W51qJNs24GLan1AYuVWVAIToi8GHlY5Lb2NLR
	+wvDNjMJf1OxcSZiEhIIANgqO3p0megY1THxSfdRiatES8Yql3cj2ESHZbgXBY8gsQk2NK
	2lI5iymmEEMKyW8YCFx+Ap6szlv7Hzsjd+prabvdyR6jgXt7j56OurZ8CE3Ymg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1767706469;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=nVohu9ftsTmPuF1FhVlLDzzZBDG9DzS1FKqsldpiHm0=;
	b=vf/S/AlhD1EwKQItjIYBr37WlylVGtEx5gC6By/NZ2OnB4mar73Uodscd1iudpafjBoxTY
	TaBYxm/zenFQ0LNEdTS+81L6QtilGY4EBbWYPeT047dU1vWe3ivS42o/8/CzAH3XTk9ElF
	k89tu5LAb/XhjSb8XnX7qBPLdFv5iBR8OvcsSDCq0oWWyu9s0jK6i1gSEGmngsAdQVVRVm
	aoF16kIflSO6tZrRjowUX125WNl34qXiSfBYcwEStW/zX78j0gjgVCri5Fm304t+g9OEpG
	8xYtYqbjpGFIx11L42aJ2jdjBCwaMArOK9ZFpOt/jbVSJWiNQjsTB2Vbi3PmuQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1767706469; a=rsa-sha256; cv=none;
	b=asEQiy62wLGtQXjPdudaOujCxxjQtnnlRvOQQM3kFrnj6Bbfxf7PVBeFZJgzKGT0QF8OYA
	+nbi+qdSBeUMh/wsa3WeJsDjCYcNyCu4mnOlSgn0dFdaMQvGcNAjaIBy2prrGGQthCUPDE
	+7QPSSc4O8HjLB9U6xA06GX4f8mbMHoogMcFsKgv2su7LbZ8GDg51rArItmrEgbohLEp4c
	HID/eGBHab4CEyrj0LZPDcvCs5LwokvnakeBPPqyc5rHt1OPcMYHO8cnnlZ4OGT+BGjSva
	7DC8d1wtgVpb0UM2e7g0BzUMEG9HWxguyWFyQIS1Hk75aSaW6xxSG5aiELoQdQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4dlsb94bMRz17r3
	for <dev-commits-src-all@FreeBSD.org>; Tue, 06 Jan 2026 13:34:29 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from git (uid 1279)
	(envelope-from git@FreeBSD.org)
	id 3f497
	by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org);
	Tue, 06 Jan 2026 13:34:29 +0000
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Cc: John Baldwin <jhb@FreeBSD.org>
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 9a5b64536743 - stable/15 - setcred: Move initial copyin of struct setcred out to per-ABI syscall
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/15
X-Git-Reftype: branch
X-Git-Commit: 9a5b64536743c9021affda5f912d1d2363d296b3
Auto-Submitted: auto-generated
Date: Tue, 06 Jan 2026 13:34:29 +0000
Message-Id: <695d0f65.3f497.174c3b0c@gitrepo.freebsd.org>

The branch stable/15 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=9a5b64536743c9021affda5f912d1d2363d296b3

commit 9a5b64536743c9021affda5f912d1d2363d296b3
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2025-11-24 15:48:48 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2026-01-06 13:33:25 +0000

    setcred: Move initial copyin of struct setcred out to per-ABI syscall
    
    This is the more typical approach used in the tree for system calls
    with per-ABI structure layouts.
    
    Reviewed by:    olce, brooks
    Obtained from:  CheriBSD
    Sponsored by:   AFRL, DARPA
    Differential Revision:  https://reviews.freebsd.org/D53756
    
    (cherry picked from commit 6292eecfd95c78abc1ab14f20ceaa507ab9c636a)
---
 sys/compat/freebsd32/freebsd32_misc.c | 18 ++++++++++--
 sys/kern/kern_prot.c                  | 52 ++++++++++++-----------------------
 sys/sys/ucred.h                       |  4 +--
 3 files changed, 35 insertions(+), 39 deletions(-)

diff --git a/sys/compat/freebsd32/freebsd32_misc.c b/sys/compat/freebsd32/freebsd32_misc.c
index e62c76924d22..33b4872ba10f 100644
--- a/sys/compat/freebsd32/freebsd32_misc.c
+++ b/sys/compat/freebsd32/freebsd32_misc.c
@@ -4240,6 +4240,20 @@ ofreebsd32_sethostid(struct thread *td, struct ofreebsd32_sethostid_args *uap)
 int
 freebsd32_setcred(struct thread *td, struct freebsd32_setcred_args *uap)
 {
-	/* Last argument is 'is_32bit'. */
-	return (user_setcred(td, uap->flags, uap->wcred, uap->size, true));
+	struct setcred wcred;
+	struct setcred32 wcred32;
+	int error;
+
+	if (uap->size != sizeof(wcred32))
+		return (EINVAL);
+	error = copyin(uap->wcred, &wcred32, sizeof(wcred32));
+	if (error != 0)
+		return (error);
+	/* These fields have exactly the same sizes and positions. */
+	memcpy(&wcred, &wcred32, __rangeof(struct setcred32,
+	    setcred32_copy_start, setcred32_copy_end));
+	/* Remaining fields are pointers and need PTRIN*(). */
+	PTRIN_CP(wcred32, wcred, sc_supp_groups);
+	PTRIN_CP(wcred32, wcred, sc_label);
+	return (user_setcred(td, uap->flags, &wcred));
 }
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 5d57cdb7928d..8021beed90e8 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -570,10 +570,8 @@ kern_setcred_copyin_supp_groups(struct setcred *const wcred,
 }
 
 int
-user_setcred(struct thread *td, const u_int flags,
-    const void *const uwcred, const size_t size, bool is_32bit)
+user_setcred(struct thread *td, const u_int flags, struct setcred *const wcred)
 {
-	struct setcred wcred;
 #ifdef MAC
 	struct mac mac;
 	/* Pointer to 'struct mac' or 'struct mac32'. */
@@ -593,42 +591,18 @@ user_setcred(struct thread *td, const u_int flags,
 	if ((flags & ~SETCREDF_MASK) != 0)
 		return (EINVAL);
 
-#ifdef COMPAT_FREEBSD32
-	if (is_32bit) {
-		struct setcred32 wcred32;
-
-		if (size != sizeof(wcred32))
-			return (EINVAL);
-		error = copyin(uwcred, &wcred32, sizeof(wcred32));
-		if (error != 0)
-			return (error);
-		/* These fields have exactly the same sizes and positions. */
-		memcpy(&wcred, &wcred32, __rangeof(struct setcred32,
-		    setcred32_copy_start, setcred32_copy_end));
-		/* Remaining fields are pointers and need PTRIN*(). */
-		PTRIN_CP(wcred32, wcred, sc_supp_groups);
-		PTRIN_CP(wcred32, wcred, sc_label);
-	} else
-#endif /* COMPAT_FREEBSD32 */
-	{
-		if (size != sizeof(wcred))
-			return (EINVAL);
-		error = copyin(uwcred, &wcred, sizeof(wcred));
-		if (error != 0)
-			return (error);
-	}
 #ifdef MAC
-	umac = wcred.sc_label;
+	umac = wcred->sc_label;
 #endif
 	/* Also done on !MAC as a defensive measure. */
-	wcred.sc_label = NULL;
+	wcred->sc_label = NULL;
 
 	/*
 	 * Copy supplementary groups as needed.  There is no specific
 	 * alternative for 32-bit compatibility as 'gid_t' has the same size
 	 * everywhere.
 	 */
-	error = kern_setcred_copyin_supp_groups(&wcred, flags, smallgroups,
+	error = kern_setcred_copyin_supp_groups(wcred, flags, smallgroups,
 	    &groups);
 	if (error != 0)
 		goto free_groups;
@@ -638,15 +612,15 @@ user_setcred(struct thread *td, const u_int flags,
 		error = mac_label_copyin(umac, &mac, NULL);
 		if (error != 0)
 			goto free_groups;
-		wcred.sc_label = &mac;
+		wcred->sc_label = &mac;
 	}
 #endif
 
-	error = kern_setcred(td, flags, &wcred, groups);
+	error = kern_setcred(td, flags, wcred, groups);
 
 #ifdef MAC
-	if (wcred.sc_label != NULL)
-		free_copied_label(wcred.sc_label);
+	if (wcred->sc_label != NULL)
+		free_copied_label(wcred->sc_label);
 #endif
 
 free_groups:
@@ -667,7 +641,15 @@ struct setcred_args {
 int
 sys_setcred(struct thread *td, struct setcred_args *uap)
 {
-	return (user_setcred(td, uap->flags, uap->wcred, uap->size, false));
+	struct setcred wcred;
+	int error;
+
+	if (uap->size != sizeof(wcred))
+		return (EINVAL);
+	error = copyin(uap->wcred, &wcred, sizeof(wcred));
+	if (error != 0)
+		return (error);
+	return (user_setcred(td, uap->flags, &wcred));
 }
 
 /*
diff --git a/sys/sys/ucred.h b/sys/sys/ucred.h
index 254f58841993..12d34d990bff 100644
--- a/sys/sys/ucred.h
+++ b/sys/sys/ucred.h
@@ -198,8 +198,8 @@ struct setcred32 {
 struct thread;
 
 /* Common native and 32-bit compatibility entry point. */
-int user_setcred(struct thread *td, const u_int flags,
-    const void *const uwcred, const size_t size, bool is_32bit);
+int	user_setcred(struct thread *td, const u_int flags,
+	    struct setcred *const wcred);
 
 struct proc;