From owner-p4-projects@FreeBSD.ORG  Sat Sep 20 12:55:14 2008
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 63C731065675; Sat, 20 Sep 2008 12:55:14 +0000 (UTC)
Delivered-To: perforce@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 27A6D1065673
	for <perforce@FreeBSD.org>; Sat, 20 Sep 2008 12:55:14 +0000 (UTC)
	(envelope-from hselasky@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 10EBC8FC0C
	for <perforce@FreeBSD.org>; Sat, 20 Sep 2008 12:55:14 +0000 (UTC)
	(envelope-from hselasky@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id m8KCtDC6090316
	for <perforce@FreeBSD.org>; Sat, 20 Sep 2008 12:55:13 GMT
	(envelope-from hselasky@FreeBSD.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id m8KCtDpu090310
	for perforce@freebsd.org; Sat, 20 Sep 2008 12:55:13 GMT
	(envelope-from hselasky@FreeBSD.org)
Date: Sat, 20 Sep 2008 12:55:13 GMT
Message-Id: <200809201255.m8KCtDpu090310@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	hselasky@FreeBSD.org using -f
From: Hans Petter Selasky <hselasky@FreeBSD.org>
To: Perforce Change Reviews <perforce@FreeBSD.org>
Cc: 
Subject: PERFORCE change 150165 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Sep 2008 12:55:14 -0000

http://perforce.freebsd.org/chv.cgi?CH=150165

Change 150165 by hselasky@hselasky_laptop001 on 2008/09/20 12:54:43

	
	Fix suser() to priv_check() conversion. TODO: We need
	a set of USB privileges which are currently marked
	PRIV_ROOT.

Affected files ...

.. //depot/projects/usb/src/sys/dev/usb2/core/usb2_dev.c#34 edit
.. //depot/projects/usb/src/sys/dev/usb2/core/usb2_generic.c#27 edit

Differences ...

==== //depot/projects/usb/src/sys/dev/usb2/core/usb2_dev.c#34 (text+ko) ====

@@ -261,11 +261,12 @@
 	uint32_t devloc;
 	int error;
 
-	/* only super-user can set permissions */
-	error = suser(curthread);
+	/* check if the current thread can change USB permissions. */
+	error = priv_check(curthread, PRIV_ROOT);
 	if (error) {
 		return (error);
 	}
+	/* range check device location */
 	if ((psrc->bus_index >= USB_BUS_MAX) ||
 	    (psrc->dev_index >= USB_DEV_MAX) ||
 	    (psrc->iface_index >= USB_IFACE_MAX)) {

==== //depot/projects/usb/src/sys/dev/usb2/core/usb2_generic.c#27 (text+ko) ====

@@ -869,6 +869,8 @@
 static int
 ugen_check_request(struct usb2_device_request *req)
 {
+	int error;
+
 	/*
 	 * Avoid requests that would damage the bus integrity:
 	 */
@@ -878,8 +880,12 @@
 	    (req->bRequest == UR_SET_CONFIG)) ||
 	    ((req->bmRequestType == UT_WRITE_INTERFACE) &&
 	    (req->bRequest == UR_SET_INTERFACE))) {
-		if (suser(curthread)) {
-			return (EPERM);
+		/*
+		 * These requests can be useful for testing USB drivers.
+		 */
+		error = priv_check(curthread, PRIV_DRIVER);
+		if (error) {
+			return (error);
 		}
 	}
 	/*
@@ -887,8 +893,9 @@
 	 * not update the data toggle value in "struct usb2_pipe" !
 	 */
 	if (req->bmRequestType == UT_WRITE_ENDPOINT) {
-		if (suser(curthread)) {
-			return (EPERM);
+		error = priv_check(curthread, PRIV_DRIVER);
+		if (error) {
+			return (error);
 		}
 	}
 	/* TODO: add more checks to verify the interface index */
@@ -946,8 +953,12 @@
 		/* control endpoint only */
 		return (EINVAL);
 	}
-	if (suser(curthread)) {
-		return (EPERM);
+	/*
+	 * This request can be useful for testing USB drivers:
+	 */
+	error = priv_check(curthread, PRIV_DRIVER);
+	if (error) {
+		return (error);
 	}
 	mtx_lock(f->priv_mtx);
 	error = usb2_req_re_enumerate(udev, f->priv_mtx);
@@ -1738,8 +1749,9 @@
 	    (udev->parent_hub == NULL)) {
 		return (EINVAL);
 	}
-	if (suser(curthread)) {
-		return (EPERM);
+	err = priv_check(curthread, PRIV_ROOT);
+	if (err) {
+		return (err);
 	}
 	switch (mode) {
 	case USB_POWER_MODE_OFF:
@@ -1805,8 +1817,9 @@
 	struct usb2_hub *hub;
 	int err;
 
-	if (suser(curthread)) {
-		return (EPERM);
+	err = priv_check(curthread, PRIV_ROOT);
+	if (err) {
+		return (err);
 	}
 	if (port_no == 0) {
 		return (EINVAL);
@@ -2115,10 +2128,11 @@
 
 	case USB_IFACE_DRIVER_DETACH:
 		/* TODO */
-		if (suser(curthread))
-			error = EPERM;
-		else
-			error = EINVAL;
+		error = priv_check(curthread, PRIV_DRIVER);
+		if (error) {
+			break;
+		}
+		error = EINVAL;
 		break;
 
 	case USB_SET_POWER_MODE: