From owner-p4-projects@FreeBSD.ORG  Tue Jun 16 18:54:43 2009
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 380C210656D7; Tue, 16 Jun 2009 18:54:43 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id DB20210656A5
	for <perforce@freebsd.org>; Tue, 16 Jun 2009 18:54:42 +0000 (UTC)
	(envelope-from trasz@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id C7B568FC13
	for <perforce@freebsd.org>; Tue, 16 Jun 2009 18:54:42 +0000 (UTC)
	(envelope-from trasz@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n5GIsg01069345
	for <perforce@freebsd.org>; Tue, 16 Jun 2009 18:54:42 GMT
	(envelope-from trasz@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n5GIsgdD069343
	for perforce@freebsd.org; Tue, 16 Jun 2009 18:54:42 GMT
	(envelope-from trasz@freebsd.org)
Date: Tue, 16 Jun 2009 18:54:42 GMT
Message-Id: <200906161854.n5GIsgdD069343@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	trasz@freebsd.org using -f
From: Edward Tomasz Napierala <trasz@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 164523 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jun 2009 18:54:45 -0000

http://perforce.freebsd.org/chv.cgi?CH=164523

Change 164523 by trasz@trasz_victim on 2009/06/16 18:54:14

	Fix a LOR, few more to go.

Affected files ...

.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_exec.c#2 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_exit.c#5 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_prot.c#7 edit
.. //depot/projects/soc2009/trasz_limits/sys/sys/ucred.h#4 edit

Differences ...

==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_exec.c#2 (text+ko) ====

@@ -321,6 +321,7 @@
 	struct nameidata nd;
 	struct ucred *newcred = NULL, *oldcred;
 	struct uidinfo *euip;
+	struct gidinfo *egip;
 	register_t *stack_base;
 	int error, len = 0, i;
 	struct image_params image_params, *imgp;
@@ -559,6 +560,7 @@
 	 */
 	newcred = crget();
 	euip = uifind(attr.va_uid);
+	egip = gifind(attr.va_gid);
 	i = imgp->args->begin_envv - imgp->args->begin_argv;
 	/* Cache arguments if they fit inside our allowance */
 	if (ps_arg_cache_limit >= i + sizeof(struct pargs)) {
@@ -688,7 +690,7 @@
 		if (attr.va_mode & S_ISUID)
 			change_euid(newcred, euip);
 		if (attr.va_mode & S_ISGID)
-			change_egid(newcred, attr.va_gid);
+			change_egid(newcred, egip);
 #ifdef MAC
 		if (will_transition) {
 			mac_vnode_execve_transition(oldcred, newcred, imgp->vp,
@@ -816,6 +818,7 @@
 	 * Free any resources malloc'd earlier that we didn't use.
 	 */
 	uifree(euip);
+	gifree(egip);
 	if (newcred == NULL)
 		crfree(oldcred);
 	else

==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_exit.c#5 (text+ko) ====

@@ -406,8 +406,12 @@
 
 	for (i = 0; i < HRL_RESOURCE_MAX; i++) {
 		if (p->p_accounting.ha_resources[i] != 0)
+#ifdef notyet
 			printf("exit1: exiting process: resource %d = %lld\n",
 			    i, p->p_accounting.ha_resources[i]);
+#else
+			;
+#endif
 	}
 
 	/*

==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_prot.c#7 (text+ko) ====

@@ -647,11 +647,13 @@
 	struct proc *p = td->td_proc;
 	struct ucred *newcred, *oldcred;
 	gid_t gid;
+	struct gidinfo *gip;
 	int error;
 
 	gid = uap->gid;
 	AUDIT_ARG(gid, gid);
 	newcred = crget();
+	gip = gifind(gid);
 	PROC_LOCK(p);
 	oldcred = p->p_ucred;
 
@@ -720,11 +722,12 @@
 	 * Copy credentials so other references do not see our changes.
 	 */
 	if (oldcred->cr_groups[0] != gid) {
-		change_egid(newcred, gid);
+		change_egid(newcred, gip);
 		setsugid(p);
 	}
 	p->p_ucred = newcred;
 	PROC_UNLOCK(p);
+	gifree(gip);
 	crfree(oldcred);
 	return (0);
 
@@ -746,11 +749,13 @@
 	struct proc *p = td->td_proc;
 	struct ucred *newcred, *oldcred;
 	gid_t egid;
+	struct gidinfo *egip;
 	int error;
 
 	egid = uap->egid;
 	AUDIT_ARG(egid, egid);
 	newcred = crget();
+	egip = gifind(egid);
 	PROC_LOCK(p);
 	oldcred = p->p_ucred;
 
@@ -767,11 +772,12 @@
 
 	crcopy(newcred, oldcred);
 	if (oldcred->cr_groups[0] != egid) {
-		change_egid(newcred, egid);
+		change_egid(newcred, egip);
 		setsugid(p);
 	}
 	p->p_ucred = newcred;
 	PROC_UNLOCK(p);
+	gifree(egip);
 	crfree(oldcred);
 	return (0);
 
@@ -942,6 +948,7 @@
 	struct proc *p = td->td_proc;
 	struct ucred *newcred, *oldcred;
 	gid_t egid, rgid;
+	struct gidinfo *egip;
 	int error;
 
 	egid = uap->egid;
@@ -949,6 +956,7 @@
 	AUDIT_ARG(egid, egid);
 	AUDIT_ARG(rgid, rgid);
 	newcred = crget();
+	egip = gifind(egid);
 	PROC_LOCK(p);
 	oldcred = p->p_ucred;
 
@@ -967,7 +975,7 @@
 
 	crcopy(newcred, oldcred);
 	if (egid != (gid_t)-1 && oldcred->cr_groups[0] != egid) {
-		change_egid(newcred, egid);
+		change_egid(newcred, egip);
 		setsugid(p);
 	}
 	if (rgid != (gid_t)-1 && oldcred->cr_rgid != rgid) {
@@ -981,6 +989,7 @@
 	}
 	p->p_ucred = newcred;
 	PROC_UNLOCK(p);
+	gifree(egip);
 	crfree(oldcred);
 	return (0);
 
@@ -1088,6 +1097,7 @@
 	struct proc *p = td->td_proc;
 	struct ucred *newcred, *oldcred;
 	gid_t egid, rgid, sgid;
+	struct gidinfo *egip;
 	int error;
 
 	egid = uap->egid;
@@ -1097,6 +1107,7 @@
 	AUDIT_ARG(rgid, rgid);
 	AUDIT_ARG(sgid, sgid);
 	newcred = crget();
+	egip = gifind(egid);
 	PROC_LOCK(p);
 	oldcred = p->p_ucred;
 
@@ -1120,7 +1131,7 @@
 
 	crcopy(newcred, oldcred);
 	if (egid != (gid_t)-1 && oldcred->cr_groups[0] != egid) {
-		change_egid(newcred, egid);
+		change_egid(newcred, egip);
 		setsugid(p);
 	}
 	if (rgid != (gid_t)-1 && oldcred->cr_rgid != rgid) {
@@ -1133,6 +1144,7 @@
 	}
 	p->p_ucred = newcred;
 	PROC_UNLOCK(p);
+	gifree(egip);
 	crfree(oldcred);
 	return (0);
 
@@ -2000,6 +2012,9 @@
 		p->p_stops = 0;
 }
 
+/*
+ * XXX: All of these need to somehow fixup the resource accounting.
+ */
 /*-
  * Change a process's effective uid.
  * Side effects: newcred->cr_uid and newcred->cr_uidinfo will be modified.
@@ -2023,12 +2038,13 @@
  *             duration of the call.
  */
 void
-change_egid(struct ucred *newcred, gid_t egid)
+change_egid(struct ucred *newcred, struct gidinfo *egip)
 {
 
+	newcred->cr_groups[0] = egip->gi_gid;
+	gihold(egip);
 	gifree(newcred->cr_gidinfos[0]);
-	newcred->cr_groups[0] = egid;
-	newcred->cr_gidinfos[0] = gifind(egid);
+	newcred->cr_gidinfos[0] = egip;
 }
 
 /*-

==== //depot/projects/soc2009/trasz_limits/sys/sys/ucred.h#4 (text+ko) ====

@@ -85,7 +85,7 @@
 #ifdef _KERNEL
 struct thread;
 
-void	change_egid(struct ucred *newcred, gid_t egid);
+void	change_egid(struct ucred *newcred, struct gidinfo *egip);
 void	change_euid(struct ucred *newcred, struct uidinfo *euip);
 void	change_rgid(struct ucred *newcred, gid_t rgid);
 void	change_ruid(struct ucred *newcred, struct uidinfo *ruip);