From nobody Mon Nov 24 15:54:23 2025
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4dFVkS2gjyz6HPdh
	for <dev-commits-src-main@mlmmj.nyi.freebsd.org>; Mon, 24 Nov 2025 15:54:24 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4dFVkS0LQcz3qB5
	for <dev-commits-src-main@FreeBSD.org>; Mon, 24 Nov 2025 15:54:24 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1763999664;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=xsgmjETfrEZya5C/i8LZVSegaqfzjBYYmuoK5Dl1PzA=;
	b=AWZT8vVTAbo2V5Rjzu+NH3AvhBcA+nEkiBbew/6wyeMcJUuQcZS5edHmbMgoMQBs5T8xFm
	92ckiMN7Otuh2dqz5KzCz1vwQ7bS2rkfNi1fwqMrND59qMs9zHiBMQvDiiuPCm+tpjqTbV
	RFqL0bmGB7O/u1zmgQrYQUGEMm5y6iwougHBJU8owsRqnS0bKqPzr5CS/zUO0+oZIMxSs2
	bItFsxQ/EJ3yDLefE+6bGXk0TTMuDSIhKP1StvJZPY2PVj8Nqnb58Kx8cozPd+1WqM5qWQ
	qjzApaPgiwx09kaVhMyE1QsNjw6RqqU2k9TI6Sb/KmhCBwjNNtokEAsHs7bJpQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1763999664;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=xsgmjETfrEZya5C/i8LZVSegaqfzjBYYmuoK5Dl1PzA=;
	b=FDctUiO+ifTyPQjyCsRkHCagnCb5ZTZZfkZk0HQ73Zf2Sb9qsdB3BKcvYW/9IrgpezOiuR
	2aD6OsHjTQUU+WA5bXnHYuC4h16VQ0XOMOuSfk1UOHIpvOOLeY4Rfev0LMm+aJWUDm/I6Q
	ZqnSIIPw10g5PNiK2D9UXpp8zYX6oQWaKoiEbgoQVulnRzCQhZcSwXGTfDdP4Gdyu63wTZ
	1od60yrmcEoEfGzoxCFCqCz7NADPJx7eaU+hJ3nI2V5FxYCfHUx37xWBBYAxvHZirxHNan
	gLvR0N2w5jg3DlKeZQeL4ayFrR/vZMLJ6Yd5slKOPQfYk+fg239CwK7JLa7sVQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1763999664; a=rsa-sha256; cv=none;
	b=TsyfOTB5EgjCIzckinnrFrRs3D/UJlbWvAKc9UJqluipc8+QPTokkwGthC02eM2TpCwCA/
	bSigmgI5fGdhy+RreoVpuklorDr6OFx15T+L//P0I8iQZlPZuFt7APcHAb/RdMD5tguGKE
	ZOjDaXS/p9uRiOoiaw2QcdSnbjl+TKHd7SxWG6I2mGsSPR9x02dQF/+6YgFWMHAQ/C72+3
	dxJt28/EzCzzfaU/l5HEuSBMOrpFPbFKAjgx6kQJ3j1pLo3N4lEfVLqeBhcIyiy//HI6Jj
	lKdUSdpGetIxpM7sKjQUS56CHThMvutwuwVQxn44GSyFjQLJ2Sml6bv2IcMUeA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4dFVkR70Nxz5Qg
	for <dev-commits-src-main@FreeBSD.org>; Mon, 24 Nov 2025 15:54:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from git (uid 1279)
	(envelope-from git@FreeBSD.org)
	id 36578
	by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org);
	Mon, 24 Nov 2025 15:54:23 +0000
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
From: John Baldwin <jhb@FreeBSD.org>
Subject: git: 6292eecfd95c - main - setcred: Move initial copyin of struct setcred out to per-ABI syscall
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-main@freebsd.org
Sender: owner-dev-commits-src-main@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jhb
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 6292eecfd95c78abc1ab14f20ceaa507ab9c636a
Auto-Submitted: auto-generated
Date: Mon, 24 Nov 2025 15:54:23 +0000
Message-Id: <69247faf.36578.662833c4@gitrepo.freebsd.org>

The branch main has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=6292eecfd95c78abc1ab14f20ceaa507ab9c636a

commit 6292eecfd95c78abc1ab14f20ceaa507ab9c636a
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2025-11-24 15:48:48 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2025-11-24 15:48:48 +0000

    setcred: Move initial copyin of struct setcred out to per-ABI syscall
    
    This is the more typical approach used in the tree for system calls
    with per-ABI structure layouts.
    
    Reviewed by:    olce, brooks
    Obtained from:  CheriBSD
    Sponsored by:   AFRL, DARPA
    Differential Revision:  https://reviews.freebsd.org/D53756
---
 sys/compat/freebsd32/freebsd32_misc.c | 18 ++++++++++--
 sys/kern/kern_prot.c                  | 52 ++++++++++++-----------------------
 sys/sys/ucred.h                       |  4 +--
 3 files changed, 35 insertions(+), 39 deletions(-)

diff --git a/sys/compat/freebsd32/freebsd32_misc.c b/sys/compat/freebsd32/freebsd32_misc.c
index e62c76924d22..33b4872ba10f 100644
--- a/sys/compat/freebsd32/freebsd32_misc.c
+++ b/sys/compat/freebsd32/freebsd32_misc.c
@@ -4240,6 +4240,20 @@ ofreebsd32_sethostid(struct thread *td, struct ofreebsd32_sethostid_args *uap)
 int
 freebsd32_setcred(struct thread *td, struct freebsd32_setcred_args *uap)
 {
-	/* Last argument is 'is_32bit'. */
-	return (user_setcred(td, uap->flags, uap->wcred, uap->size, true));
+	struct setcred wcred;
+	struct setcred32 wcred32;
+	int error;
+
+	if (uap->size != sizeof(wcred32))
+		return (EINVAL);
+	error = copyin(uap->wcred, &wcred32, sizeof(wcred32));
+	if (error != 0)
+		return (error);
+	/* These fields have exactly the same sizes and positions. */
+	memcpy(&wcred, &wcred32, __rangeof(struct setcred32,
+	    setcred32_copy_start, setcred32_copy_end));
+	/* Remaining fields are pointers and need PTRIN*(). */
+	PTRIN_CP(wcred32, wcred, sc_supp_groups);
+	PTRIN_CP(wcred32, wcred, sc_label);
+	return (user_setcred(td, uap->flags, &wcred));
 }
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 5d57cdb7928d..8021beed90e8 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -570,10 +570,8 @@ kern_setcred_copyin_supp_groups(struct setcred *const wcred,
 }
 
 int
-user_setcred(struct thread *td, const u_int flags,
-    const void *const uwcred, const size_t size, bool is_32bit)
+user_setcred(struct thread *td, const u_int flags, struct setcred *const wcred)
 {
-	struct setcred wcred;
 #ifdef MAC
 	struct mac mac;
 	/* Pointer to 'struct mac' or 'struct mac32'. */
@@ -593,42 +591,18 @@ user_setcred(struct thread *td, const u_int flags,
 	if ((flags & ~SETCREDF_MASK) != 0)
 		return (EINVAL);
 
-#ifdef COMPAT_FREEBSD32
-	if (is_32bit) {
-		struct setcred32 wcred32;
-
-		if (size != sizeof(wcred32))
-			return (EINVAL);
-		error = copyin(uwcred, &wcred32, sizeof(wcred32));
-		if (error != 0)
-			return (error);
-		/* These fields have exactly the same sizes and positions. */
-		memcpy(&wcred, &wcred32, __rangeof(struct setcred32,
-		    setcred32_copy_start, setcred32_copy_end));
-		/* Remaining fields are pointers and need PTRIN*(). */
-		PTRIN_CP(wcred32, wcred, sc_supp_groups);
-		PTRIN_CP(wcred32, wcred, sc_label);
-	} else
-#endif /* COMPAT_FREEBSD32 */
-	{
-		if (size != sizeof(wcred))
-			return (EINVAL);
-		error = copyin(uwcred, &wcred, sizeof(wcred));
-		if (error != 0)
-			return (error);
-	}
 #ifdef MAC
-	umac = wcred.sc_label;
+	umac = wcred->sc_label;
 #endif
 	/* Also done on !MAC as a defensive measure. */
-	wcred.sc_label = NULL;
+	wcred->sc_label = NULL;
 
 	/*
 	 * Copy supplementary groups as needed.  There is no specific
 	 * alternative for 32-bit compatibility as 'gid_t' has the same size
 	 * everywhere.
 	 */
-	error = kern_setcred_copyin_supp_groups(&wcred, flags, smallgroups,
+	error = kern_setcred_copyin_supp_groups(wcred, flags, smallgroups,
 	    &groups);
 	if (error != 0)
 		goto free_groups;
@@ -638,15 +612,15 @@ user_setcred(struct thread *td, const u_int flags,
 		error = mac_label_copyin(umac, &mac, NULL);
 		if (error != 0)
 			goto free_groups;
-		wcred.sc_label = &mac;
+		wcred->sc_label = &mac;
 	}
 #endif
 
-	error = kern_setcred(td, flags, &wcred, groups);
+	error = kern_setcred(td, flags, wcred, groups);
 
 #ifdef MAC
-	if (wcred.sc_label != NULL)
-		free_copied_label(wcred.sc_label);
+	if (wcred->sc_label != NULL)
+		free_copied_label(wcred->sc_label);
 #endif
 
 free_groups:
@@ -667,7 +641,15 @@ struct setcred_args {
 int
 sys_setcred(struct thread *td, struct setcred_args *uap)
 {
-	return (user_setcred(td, uap->flags, uap->wcred, uap->size, false));
+	struct setcred wcred;
+	int error;
+
+	if (uap->size != sizeof(wcred))
+		return (EINVAL);
+	error = copyin(uap->wcred, &wcred, sizeof(wcred));
+	if (error != 0)
+		return (error);
+	return (user_setcred(td, uap->flags, &wcred));
 }
 
 /*
diff --git a/sys/sys/ucred.h b/sys/sys/ucred.h
index 254f58841993..12d34d990bff 100644
--- a/sys/sys/ucred.h
+++ b/sys/sys/ucred.h
@@ -198,8 +198,8 @@ struct setcred32 {
 struct thread;
 
 /* Common native and 32-bit compatibility entry point. */
-int user_setcred(struct thread *td, const u_int flags,
-    const void *const uwcred, const size_t size, bool is_32bit);
+int	user_setcred(struct thread *td, const u_int flags,
+	    struct setcred *const wcred);
 
 struct proc;