/*
* Copyright (c) 2003-2004 Apple Computer, Inc. All rights reserved.
*
- * @APPLE_LICENSE_HEADER_START@
- *
- * The contents of this file constitute Original Code as defined in and
- * are subject to the Apple Public Source License Version 1.1 (the
- * "License"). You may not use this file except in compliance with the
- * License. Please obtain a copy of the License at
- * http://www.apple.com/publicsource and read it before using this file.
- *
- * This Original Code and all software distributed under the License are
- * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. The rights granted to you under the License
+ * may not be used to create, or enable the creation or redistribution of,
+ * unlawful or unlicensed copies of an Apple operating system, or to
+ * circumvent, violate, or enable the circumvention or violation of, any
+ * terms of an Apple operating system software license agreement.
+ *
+ * Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
- * License for the specific language governing rights and limitations
- * under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
*/
#include <sys/param.h>
#include <sys/fcntl.h>
AUDIT_PRINTF(("audit_worker starting\n"));
TAILQ_INIT(&ar_worklist);
- audit_cred = NULL;
+ audit_cred = NOCRED;
audit_p = current_proc();
audit_vp = NULL;
old_vp = audit_vp;
audit_cred = audit_replacement_cred;
audit_vp = audit_replacement_vp;
- audit_replacement_cred = NULL;
+ audit_replacement_cred = NOCRED;
audit_replacement_vp = NULL;
audit_replacement_flag = 0;
AUDIT_PRINTF(("Closing old audit file\n"));
vn_close(old_vp, audit_close_flags, old_cred,
audit_p);
- kauth_cred_rele(old_cred);
- old_cred = NOCRED;
+ kauth_cred_unref(&old_cred);
old_vp = NULL;
AUDIT_PRINTF(("Audit file closed\n"));
}
my_cred = kauth_cred_proc_ref(tp);
/*
- * set the credential with new info. If there is no change we get back
- * the same credential we passed in.
+ * Set the credential with new info. If there is no
+ * change, we get back the same credential we passed
+ * in; if there is a change, we drop the reference on
+ * the credential we passed in. The subsequent
+ * compare is safe, because it is a pointer compare
+ * rather than a contents compare.
*/
temp_auditinfo = my_cred->cr_au;
temp_auditinfo.ai_mask.am_success =
*/
if (tp->p_ucred != my_cred) {
proc_unlock(tp);
- kauth_cred_rele(my_cred);
- kauth_cred_rele(my_new_cred);
+ kauth_cred_unref(&my_new_cred);
/* try again */
continue;
}
tp->p_ucred = my_new_cred;
proc_unlock(tp);
}
- /* drop our extra reference */
- kauth_cred_rele(my_cred);
+ /* drop old proc reference or our extra reference */
+ kauth_cred_unref(&my_cred);
break;
}
break;
my_cred = kauth_cred_proc_ref(p);
/*
- * set the credential with new info. If there is no change we get back
- * the same credential we passed in.
+ * Set the credential with new info. If there is no change,
+ * we get back the same credential we passed in; if there is
+ * a change, we drop the reference on the credential we
+ * passed in. The subsequent compare is safe, because it is
+ * a pointer compare rather than a contents compare.
*/
temp_auditinfo = my_cred->cr_au;
temp_auditinfo.ai_auid = temp_au_id;
*/
if (p->p_ucred != my_cred) {
proc_unlock(p);
- kauth_cred_rele(my_cred);
- kauth_cred_rele(my_new_cred);
+ kauth_cred_unref(&my_new_cred);
/* try again */
continue;
}
p->p_ucred = my_new_cred;
proc_unlock(p);
}
- /* drop our extra reference */
- kauth_cred_rele(my_cred);
+ /* drop old proc reference or our extra reference */
+ kauth_cred_unref(&my_cred);
break;
}
{
int error;
struct auditinfo temp_auditinfo;
+ kauth_cred_t safecred;
error = suser(kauth_cred_get(), &p->p_acflag);
if (error)
my_cred = kauth_cred_proc_ref(p);
/*
- * set the credential with new info. If there is no change we get back
- * the same credential we passed in.
+ * Set the credential with new info. If there is no change,
+ * we get back the same credential we passed in; if there is
+ * a change, we drop the reference on the credential we
+ * passed in. The subsequent compare is safe, because it is
+ * a pointer compare rather than a contents compare.
*/
my_new_cred = kauth_cred_setauditinfo(my_cred, &temp_auditinfo);
*/
if (p->p_ucred != my_cred) {
proc_unlock(p);
- kauth_cred_rele(my_cred);
- kauth_cred_rele(my_new_cred);
+ kauth_cred_unref(&my_new_cred);
/* try again */
continue;
}
p->p_ucred = my_new_cred;
proc_unlock(p);
}
- /* drop our extra reference */
- kauth_cred_rele(my_cred);
+ /* drop old proc reference or our extra reference */
+ kauth_cred_unref(&my_cred);
break;
}
/* propagate the change from the process to Mach task */
set_security_token(p);
- audit_arg_auditinfo(&p->p_ucred->cr_au);
+ safecred = kauth_cred_proc_ref(p);
+ audit_arg_auditinfo(&safecred->cr_au);
+ kauth_cred_unref(&safecred);
return (0);
}
{
struct kaudit_record *ar;
int no_record;
+ kauth_cred_t safecred;
/*
* Eventually, there may be certain classes of events that
ar->k_ar.ar_event = event;
nanotime(&ar->k_ar.ar_starttime);
+ safecred = kauth_cred_proc_ref(p);
/* Export the subject credential. */
- cru2x(p->p_ucred, &ar->k_ar.ar_subj_cred);
- ar->k_ar.ar_subj_ruid = p->p_ucred->cr_ruid;
- ar->k_ar.ar_subj_rgid = p->p_ucred->cr_rgid;
- ar->k_ar.ar_subj_egid = p->p_ucred->cr_groups[0];
- ar->k_ar.ar_subj_auid = p->p_ucred->cr_au.ai_auid;
- ar->k_ar.ar_subj_asid = p->p_ucred->cr_au.ai_asid;
+ cru2x(safecred, &ar->k_ar.ar_subj_cred);
+
+ ar->k_ar.ar_subj_ruid = safecred->cr_ruid;
+ ar->k_ar.ar_subj_rgid = safecred->cr_rgid;
+ ar->k_ar.ar_subj_egid = safecred->cr_groups[0];
+ ar->k_ar.ar_subj_auid = safecred->cr_au.ai_auid;
+ ar->k_ar.ar_subj_asid = safecred->cr_au.ai_asid;
+ ar->k_ar.ar_subj_amask = safecred->cr_au.ai_mask;
+ ar->k_ar.ar_subj_term = safecred->cr_au.ai_termid;
+ kauth_cred_unref(&safecred);
+
ar->k_ar.ar_subj_pid = p->p_pid;
- ar->k_ar.ar_subj_amask = p->p_ucred->cr_au.ai_mask;
- ar->k_ar.ar_subj_term = p->p_ucred->cr_au.ai_termid;
bcopy(p->p_comm, ar->k_ar.ar_subj_comm, MAXCOMLEN);
return (ar);
projects / apple / xnu.git / blobdiff