Print this page
15254 %ymm registers not restored after signal handler
15367 x86 getfpregs() summons corrupting %xmm ghosts
15333 want x86 /proc xregs support (libc_db, libproc, mdb, etc.)
15336 want libc functions for extended ucontext_t
15334 want ps_lwphandle-specific reg routines
15328 FPU_CW_INIT mistreats reserved bit
15335 i86pc fpu_subr.c isn't really platform-specific
15332 setcontext(2) isn't actually noreturn
15331 need <sys/stdalign.h>
Change-Id: I7060aa86042dfb989f77fc3323c065ea2eafa9ad
Conflicts:
usr/src/uts/common/fs/proc/prcontrol.c
usr/src/uts/intel/os/archdep.c
usr/src/uts/intel/sys/ucontext.h
usr/src/uts/intel/syscall/getcontext.c
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/sys/priv.h
+++ new/usr/src/uts/common/sys/priv.h
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright 2014 Garrett D'Amore <garrett@damore.org>
23 23 *
24 24 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
25 25 */
26 26
27 27 #ifndef _SYS_PRIV_H
28 28 #define _SYS_PRIV_H
29 29
30 30 #include <sys/types.h>
31 31 #include <sys/cred.h>
32 32 #include <sys/priv_names.h>
33 33
34 34 #ifdef __cplusplus
35 35 extern "C" {
36 36 #endif
37 37
38 38 typedef uint32_t priv_chunk_t;
39 39 typedef struct priv_set priv_set_t;
40 40
41 41 #ifdef _KERNEL
42 42
43 43 /*
44 44 * Kernel type definitions.
45 45 */
46 46 typedef int priv_ptype_t;
47 47 typedef int priv_t;
48 48
49 49 #else /* _KERNEL */
50 50
51 51 /*
52 52 * Userland type definitions.
53 53 */
54 54
55 55 typedef const char *priv_ptype_t;
56 56 typedef const char *priv_t;
57 57
58 58 #endif /* _KERNEL */
59 59
60 60 /*
61 61 * priv_op_t indicates a privilege operation type
62 62 */
63 63 typedef enum priv_op {
64 64 PRIV_ON,
65 65 PRIV_OFF,
66 66 PRIV_SET
67 67 } priv_op_t;
68 68
69 69 /*
70 70 * Privilege system call subcodes.
71 71 */
72 72
73 73 #define PRIVSYS_SETPPRIV 0
74 74 #define PRIVSYS_GETPPRIV 1
75 75 #define PRIVSYS_GETIMPLINFO 2
76 76 #define PRIVSYS_SETPFLAGS 3
77 77 #define PRIVSYS_GETPFLAGS 4
78 78 #define PRIVSYS_ISSETUGID 5
79 79 #define PRIVSYS_KLPD_REG 6
80 80 #define PRIVSYS_KLPD_UNREG 7
81 81 #define PRIVSYS_PFEXEC_REG 8
82 82 #define PRIVSYS_PFEXEC_UNREG 9
83 83
84 84
85 85 /*
86 86 * Maximum length of a user defined privilege name.
87 87 */
88 88 #define PRIVNAME_MAX 32
89 89
90 90 /*
91 91 * Privilege interface functions for those parts of the kernel that
92 92 * know nothing of the privilege internals.
93 93 *
94 94 * A privilege implementation can have a varying number of sets; sets
95 95 * consist of a number of priv_chunk_t's and the size is expressed as such.
96 96 * The privileges can be represented as
97 97 *
98 98 * priv_chunk_t privs[info.priv_nsets][info.priv_setsize]
99 99 * ... priv_infosize of extra information ...
100 100 *
101 101 * Extra data contained in the privilege information consists of chunks
102 102 * of data with specified size and type all headed by a priv_info_t header
103 103 * which defines both the type of information as well as the size of the
104 104 * information. ((char*)&info)+info->priv_info_size should be rounded up
105 105 * to point to the next piece of information.
106 106 */
107 107
108 108 typedef struct priv_impl_info {
109 109 uint32_t priv_headersize; /* sizeof (priv_impl_info) */
110 110 uint32_t priv_flags; /* additional flags */
111 111 uint32_t priv_nsets; /* number of priv sets */
112 112 uint32_t priv_setsize; /* size in priv_chunk_t */
113 113 uint32_t priv_max; /* highest actual valid priv */
114 114 uint32_t priv_infosize; /* Per proc. additional info */
115 115 uint32_t priv_globalinfosize; /* Per system info */
116 116 } priv_impl_info_t;
117 117
118 118 #define PRIV_IMPL_INFO_SIZE(p) \
119 119 ((p)->priv_headersize + (p)->priv_globalinfosize)
120 120
121 121 #define PRIV_PRPRIV_INFO_OFFSET(p) \
122 122 (sizeof (*(p)) + \
123 123 ((p)->pr_nsets * (p)->pr_setsize - 1) * sizeof (priv_chunk_t))
124 124
125 125 #define PRIV_PRPRIV_SIZE(p) \
126 126 (PRIV_PRPRIV_INFO_OFFSET(p) + (p)->pr_infosize)
127 127
128 128 /*
129 129 * Per credential flags.
130 130 */
131 131 #define PRIV_DEBUG 0x0001 /* User debugging */
132 132 #define PRIV_AWARE 0x0002 /* Is privilege aware */
133 133 #define PRIV_AWARE_INHERIT 0x0004 /* Inherit awareness */
134 134 #define __PROC_PROTECT 0x0008 /* Private */
135 135 #define NET_MAC_AWARE 0x0010 /* Is MAC aware */
136 136 #define NET_MAC_AWARE_INHERIT 0x0020 /* Inherit MAC aware */
137 137 #define PRIV_AWARE_RESET 0x0040 /* Reset on setuid() */
138 138 #define PRIV_XPOLICY 0x0080 /* Extended policy */
139 139 #define PRIV_PFEXEC 0x0100 /* As if pfexec'ed */
140 140
141 141 /* user-settable flags: */
142 142 #define PRIV_USER (PRIV_DEBUG | NET_MAC_AWARE | NET_MAC_AWARE_INHERIT |\
143 143 PRIV_XPOLICY | PRIV_AWARE_RESET | PRIV_PFEXEC)
144 144
145 145 /*
146 146 * Header of the privilege info data structure; multiple structures can
147 147 * follow the privilege sets and priv_impl_info structures.
148 148 */
149 149 typedef struct priv_info {
150 150 uint32_t priv_info_type;
151 151 uint32_t priv_info_size;
152 152 } priv_info_t;
153 153
154 154 typedef struct priv_info_uint {
155 155 priv_info_t info;
156 156 uint_t val;
157 157 } priv_info_uint_t;
158 158
159 159 /*
160 160 * Global privilege set information item; the actual size of the array is
161 161 * {priv_setsize}.
162 162 */
163 163 typedef struct priv_info_set {
164 164 priv_info_t info;
165 165 priv_chunk_t set[1];
166 166 } priv_info_set_t;
167 167
168 168 /*
169 169 * names[1] is a place holder which can contain multiple NUL terminated,
170 170 * non-empty strings.
171 171 */
172 172
173 173 typedef struct priv_info_names {
174 174 priv_info_t info;
175 175 int cnt; /* number of strings */
176 176 char names[1]; /* "string1\0string2\0 ..stringN\0" */
177 177 } priv_info_names_t;
178 178
179 179 /*
180 180 * Privilege information types.
181 181 */
182 182 #define PRIV_INFO_SETNAMES 0x0001
183 183 #define PRIV_INFO_PRIVNAMES 0x0002
184 184 #define PRIV_INFO_BASICPRIVS 0x0003
185 185 #define PRIV_INFO_FLAGS 0x0004
186 186
187 187 /*
188 188 * Special "privileges" used to indicate special conditions in privilege
189 189 * debugging/tracing code.
190 190 */
191 191 #define PRIV_ALL (-1) /* All privileges required */
192 192 #define PRIV_MULTIPLE (-2) /* More than one */
193 193 #define PRIV_NONE (-3) /* No value */
194 194 #define PRIV_ALLZONE (-4) /* All privileges in zone */
195 195 #define PRIV_GLOBAL (-5) /* Must be in global zone */
196 196
197 197 #ifdef _KERNEL
|
↓ open down ↓ |
197 lines elided |
↑ open up ↑ |
198 198
199 199 #define PRIV_ALLOC 0x1
200 200
201 201 extern int priv_debug;
202 202 extern int priv_basic_test;
203 203
204 204 struct proc;
205 205 struct prpriv;
206 206 struct cred;
207 207
208 -extern int priv_prgetprivsize(struct prpriv *);
208 +extern int priv_prgetprivsize(const struct prpriv *);
209 209 extern void cred2prpriv(const struct cred *, struct prpriv *);
210 210 extern int priv_pr_spriv(struct proc *, struct prpriv *, const struct cred *);
211 211
212 212 extern priv_impl_info_t *priv_hold_implinfo(void);
213 213 extern void priv_release_implinfo(void);
214 214 extern size_t priv_get_implinfo_size(void);
215 215 extern const priv_set_t *priv_getset(const struct cred *, int);
216 216 extern void priv_getinfo(const struct cred *, void *);
217 217 extern int priv_getbyname(const char *, uint_t);
218 218 extern int priv_getsetbyname(const char *, int);
219 219 extern const char *priv_getbynum(int);
220 220 extern const char *priv_getsetbynum(int);
221 221
222 222 extern void priv_emptyset(priv_set_t *);
223 223 extern void priv_fillset(priv_set_t *);
224 224 extern void priv_addset(priv_set_t *, int);
225 225 extern void priv_delset(priv_set_t *, int);
226 226 extern boolean_t priv_ismember(const priv_set_t *, int);
227 227 extern boolean_t priv_isemptyset(const priv_set_t *);
228 228 extern boolean_t priv_isfullset(const priv_set_t *);
229 229 extern boolean_t priv_isequalset(const priv_set_t *, const priv_set_t *);
230 230 extern boolean_t priv_issubset(const priv_set_t *, const priv_set_t *);
231 231 extern int priv_proc_cred_perm(const struct cred *, struct proc *,
232 232 struct cred **, int);
233 233 extern void priv_intersect(const priv_set_t *, priv_set_t *);
234 234 extern void priv_union(const priv_set_t *, priv_set_t *);
235 235 extern void priv_inverse(priv_set_t *);
236 236
237 237 extern void priv_set_PA(cred_t *);
238 238 extern void priv_adjust_PA(cred_t *);
239 239 extern void priv_reset_PA(cred_t *, boolean_t);
240 240 extern boolean_t priv_can_clear_PA(const cred_t *);
241 241
242 242 extern int setpflags(uint_t, uint_t, cred_t *);
243 243 extern uint_t getpflags(uint_t, const cred_t *);
244 244
245 245 #endif /* _KERNEL */
246 246
247 247 #ifdef __cplusplus
248 248 }
249 249 #endif
250 250
251 251 #endif /* _SYS_PRIV_H */
|
↓ open down ↓ |
33 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX