#include <sys/kauth.h>
#include <sys/conf.h>
#include <sys/poll.h>
+#include <sys/priv.h>
#include <sys/queue.h>
#include <sys/signalvar.h>
#include <sys/syscall.h>
.se_procnt = 1,
};
-struct auditinfo_addr *audit_default_aia_p = &audit_default_se.se_auinfo;
+struct auditinfo_addr * const audit_default_aia_p = &audit_default_se.se_auinfo;
+/* Copied from <ipc/ipc_object.h> */
+#define IPC_OBJECT_COPYIN_FLAGS_ALLOW_IMMOVABLE_SEND 0x1
kern_return_t ipc_object_copyin(ipc_space_t, mach_port_name_t,
- mach_msg_type_name_t, ipc_port_t *);
+ mach_msg_type_name_t, ipc_port_t *, mach_port_context_t, mach_msg_guard_flags_t *, uint32_t);
void ipc_port_release_send(ipc_port_t);
#if CONFIG_AUDIT
static ioctl_fcn_t audit_sdev_ioctl;
static select_fcn_t audit_sdev_poll;
-static struct cdevsw audit_sdev_cdevsw = {
+static const struct cdevsw audit_sdev_cdevsw = {
.d_open = audit_sdev_open,
.d_close = audit_sdev_close,
.d_read = audit_sdev_read,
* We hold the lock over the alloc since we don't want the table to
* grow on us. Therefore, use the non-blocking version of kalloc().
*/
- sed_tab = (au_sentry_debug_t *)kalloc_noblock(entry_cnt *
- sizeof(au_sentry_debug_t));
+ sed_tab = (au_sentry_debug_t *)kheap_alloc(KHEAP_TEMP,
+ entry_cnt * sizeof(au_sentry_debug_t), Z_NOWAIT | Z_ZERO);
if (sed_tab == NULL) {
AUDIT_SENTRY_RUNLOCK();
return ENOMEM;
}
- bzero(sed_tab, entry_cnt * sizeof(au_sentry_debug_t));
/*
* Walk the audit session hash table and build the record array.
AUDIT_SENTRY_RUNLOCK();
/* Reconcile with the process table. */
- (void) proc_iterate(PROC_ALLPROCLIST | PROC_ZOMBPROCLIST,
+ proc_iterate(PROC_ALLPROCLIST | PROC_ZOMBPROCLIST,
audit_session_debug_callout, NULL,
audit_session_debug_filterfn, (void *)&sed_tab[0]);
req->oldlen = sz;
err = SYSCTL_OUT(req, sed_tab, sz);
- kfree(sed_tab, entry_cnt * sizeof(au_sentry_debug_t));
+ kheap_free(KHEAP_TEMP, sed_tab, entry_cnt * sizeof(au_sentry_debug_t));
return err;
}
*/
se = AU_SENTRY_PTR(aia_p);
audit_ref_session(se);
- } else if (kauth_cred_issuser(cred)) {
- /* The superuser may obtain a port for any existing
- * session.
+ } else {
+ /*
+ * Only privileged processes may obtain a port for
+ * any existing session.
*/
+ err = priv_check_cred(cred, PRIV_AUDIT_SESSION_PORT, 0);
+ if (err != 0) {
+ goto done;
+ }
AUDIT_SENTRY_RLOCK();
se = audit_session_find(uap->asid);
AUDIT_SENTRY_RUNLOCK();
goto done;
}
aia_p = &se->se_auinfo;
- } else {
- err = EPERM;
- goto done;
}
/*
if (ipc_object_copyin(get_task_ipcspace(p->task), send,
- MACH_MSG_TYPE_COPY_SEND, &port) != KERN_SUCCESS) {
+ MACH_MSG_TYPE_COPY_SEND, &port, 0, NULL, IPC_OBJECT_COPYIN_FLAGS_ALLOW_IMMOVABLE_SEND) != KERN_SUCCESS) {
*ret_asid = AU_DEFAUDITSID;
err = EINVAL;
} else {
projects / apple / xnu.git / blobdiff