Date: Thu, 29 Jan 2026 15:40:05 +0000 From: John Baldwin <jhb@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 52864a411a6f - stable/14 - setcred: Move initial copyin of struct setcred out to per-ABI syscall Message-ID: <697b7f55.3a62a.3dcf37f1@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch stable/14 has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=52864a411a6fb5bbb599ef6d15d727b782abf104 commit 52864a411a6fb5bbb599ef6d15d727b782abf104 Author: John Baldwin <jhb@FreeBSD.org> AuthorDate: 2025-11-24 15:48:48 +0000 Commit: John Baldwin <jhb@FreeBSD.org> CommitDate: 2026-01-29 15:30:22 +0000 setcred: Move initial copyin of struct setcred out to per-ABI syscall This is the more typical approach used in the tree for system calls with per-ABI structure layouts. Reviewed by: olce, brooks Obtained from: CheriBSD Sponsored by: AFRL, DARPA Differential Revision: https://reviews.freebsd.org/D53756 (cherry picked from commit 6292eecfd95c78abc1ab14f20ceaa507ab9c636a) --- sys/compat/freebsd32/freebsd32_misc.c | 18 ++++++++++-- sys/kern/kern_prot.c | 52 ++++++++++++----------------------- sys/sys/ucred.h | 4 +-- 3 files changed, 35 insertions(+), 39 deletions(-) diff --git a/sys/compat/freebsd32/freebsd32_misc.c b/sys/compat/freebsd32/freebsd32_misc.c index c147c9cf1dd1..320b739deeab 100644 --- a/sys/compat/freebsd32/freebsd32_misc.c +++ b/sys/compat/freebsd32/freebsd32_misc.c @@ -4237,6 +4237,20 @@ ofreebsd32_sethostid(struct thread *td, struct ofreebsd32_sethostid_args *uap) int freebsd32_setcred(struct thread *td, struct freebsd32_setcred_args *uap) { - /* Last argument is 'is_32bit'. */ - return (user_setcred(td, uap->flags, uap->wcred, uap->size, true)); + struct setcred wcred; + struct setcred32 wcred32; + int error; + + if (uap->size != sizeof(wcred32)) + return (EINVAL); + error = copyin(uap->wcred, &wcred32, sizeof(wcred32)); + if (error != 0) + return (error); + /* These fields have exactly the same sizes and positions. */ + memcpy(&wcred, &wcred32, __rangeof(struct setcred32, + setcred32_copy_start, setcred32_copy_end)); + /* Remaining fields are pointers and need PTRIN*(). */ + PTRIN_CP(wcred32, wcred, sc_supp_groups); + PTRIN_CP(wcred32, wcred, sc_label); + return (user_setcred(td, uap->flags, &wcred)); } diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index 900b6136a1fe..872645da8614 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -543,10 +543,8 @@ kern_setcred_copyin_supp_groups(struct setcred *const wcred, } int -user_setcred(struct thread *td, const u_int flags, - const void *const uwcred, const size_t size, bool is_32bit) +user_setcred(struct thread *td, const u_int flags, struct setcred *const wcred) { - struct setcred wcred; #ifdef MAC struct mac mac; /* Pointer to 'struct mac' or 'struct mac32'. */ @@ -566,42 +564,18 @@ user_setcred(struct thread *td, const u_int flags, if ((flags & ~SETCREDF_MASK) != 0) return (EINVAL); -#ifdef COMPAT_FREEBSD32 - if (is_32bit) { - struct setcred32 wcred32; - - if (size != sizeof(wcred32)) - return (EINVAL); - error = copyin(uwcred, &wcred32, sizeof(wcred32)); - if (error != 0) - return (error); - /* These fields have exactly the same sizes and positions. */ - memcpy(&wcred, &wcred32, __rangeof(struct setcred32, - setcred32_copy_start, setcred32_copy_end)); - /* Remaining fields are pointers and need PTRIN*(). */ - PTRIN_CP(wcred32, wcred, sc_supp_groups); - PTRIN_CP(wcred32, wcred, sc_label); - } else -#endif /* COMPAT_FREEBSD32 */ - { - if (size != sizeof(wcred)) - return (EINVAL); - error = copyin(uwcred, &wcred, sizeof(wcred)); - if (error != 0) - return (error); - } #ifdef MAC - umac = wcred.sc_label; + umac = wcred->sc_label; #endif /* Also done on !MAC as a defensive measure. */ - wcred.sc_label = NULL; + wcred->sc_label = NULL; /* * Copy supplementary groups as needed. There is no specific * alternative for 32-bit compatibility as 'gid_t' has the same size * everywhere. */ - error = kern_setcred_copyin_supp_groups(&wcred, flags, smallgroups, + error = kern_setcred_copyin_supp_groups(wcred, flags, smallgroups, &groups); if (error != 0) goto free_groups; @@ -611,15 +585,15 @@ user_setcred(struct thread *td, const u_int flags, error = mac_label_copyin(umac, &mac, NULL); if (error != 0) goto free_groups; - wcred.sc_label = &mac; + wcred->sc_label = &mac; } #endif - error = kern_setcred(td, flags, &wcred, groups); + error = kern_setcred(td, flags, wcred, groups); #ifdef MAC - if (wcred.sc_label != NULL) - free_copied_label(wcred.sc_label); + if (wcred->sc_label != NULL) + free_copied_label(wcred->sc_label); #endif free_groups: @@ -640,7 +614,15 @@ struct setcred_args { int sys_setcred(struct thread *td, struct setcred_args *uap) { - return (user_setcred(td, uap->flags, uap->wcred, uap->size, false)); + struct setcred wcred; + int error; + + if (uap->size != sizeof(wcred)) + return (EINVAL); + error = copyin(uap->wcred, &wcred, sizeof(wcred)); + if (error != 0) + return (error); + return (user_setcred(td, uap->flags, &wcred)); } /* diff --git a/sys/sys/ucred.h b/sys/sys/ucred.h index f43e3bb12414..d018e10d14a9 100644 --- a/sys/sys/ucred.h +++ b/sys/sys/ucred.h @@ -188,8 +188,8 @@ struct setcred32 { struct thread; /* Common native and 32-bit compatibility entry point. */ -int user_setcred(struct thread *td, const u_int flags, - const void *const uwcred, const size_t size, bool is_32bit); +int user_setcred(struct thread *td, const u_int flags, + struct setcred *const wcred); struct proc;home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?697b7f55.3a62a.3dcf37f1>