Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 5 Sep 1998 14:33:08 -0400 (EDT)
From:      robert@fledge.watson.org
To:        FreeBSD-gnats-submit@FreeBSD.ORG
Subject:   kern/7837: patches to add a p_auth extension pointer to the proc structure
Message-ID:  <199809051833.OAA02133@fledge.watson.org>
next in thread | raw e-mail | index | archive | help 

>Number:         7837
>Category:       kern
>Synopsis:       patches to add a p_auth extension pointer to the proc structure
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:
>Keywords:
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Sep  5 11:40:01 PDT 1998
>Last-Modified:
>Originator:     Robert Watson
>Organization:
>Release:        FreeBSD 3.0-CURRENT
>Environment:

3.0-CURRENT

>Description:

This patch adds an extra pointer to the proc structure (p_authext).  This
pointer is zero'd for each new process at creation time.

The intent of this patch is to allow lkm's and kernel modifications to hook
additional authenticatoin and authorization data into the proc structure
as needed.  Example uses include:
	
	FreeBSD Kernel Tokens (http://www.freebsd.org/fbsd-hardening/tokens/)
	POSIX Capabilities (http://www.computer.org/)
	Sandboxing support
	process auditing information

The authext information would most likely be set in an at_fork() lkm hook,
or by hooking the exec code.

>How-To-Repeat:
>Fix:
	
Patch:


diff -ur /usr/src/sys/kern/init_main.c sys/kern/init_main.c
--- /usr/src/sys/kern/init_main.c	Thu Jun 25 08:31:39 1998
+++ sys/kern/init_main.c	Fri Jul  3 15:01:37 1998
@@ -355,6 +355,8 @@
 	p->p_ucred = crget();
 	p->p_ucred->cr_ngroups = 1;	/* group 0 */
 
+	p->p_authext = 0;
+
 	/* Create the file descriptor table. */
 	fdp = &filedesc0;
 	p->p_fd = &fdp->fd_fd;
diff -ur /usr/src/sys/sys/proc.h sys/sys/proc.h
--- /usr/src/sys/sys/proc.h	Thu Jun 25 08:32:19 1998
+++ sys/sys/proc.h	Fri Jul  3 15:17:55 1998
@@ -121,6 +121,7 @@
 
 	pid_t	p_oppid;	 /* Save parent pid during ptrace. XXX */
 	int	p_dupfd;	 /* Sideways return value from fdopen. XXX */
+	void	*p_authext;	 /* authentication extensions */
 
 	struct	vmspace *p_vmspace;	/* Address space. */
 
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199809051833.OAA02133>