xnu-6153.81.5.tar.gz

[apple/xnu.git] / bsd / kern / kern_priv.c

diff --git a/bsd/kern/kern_priv.c b/bsd/kern/kern_priv.c
index e7ceb6075b1a06b539b3aa41c5d3f6f7bb9b9b71..88adf2dda936329661656e44f9b4ee908d8027cb 100644 (file)
--- a/bsd/kern/kern_priv.c
+++ b/bsd/kern/kern_priv.c
@@ -2,7 +2,7 @@
  * Copyright (c) 2010 Apple Inc. All rights reserved.
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
- * 
+ *
  * This file contains Original Code and/or Modifications of Original Code
  * as defined in and that are subject to the Apple Public Source License
  * Version 2.0 (the 'License'). You may not use this file except in
@@ -11,10 +11,10 @@
  * unlawful or unlicensed copies of an Apple operating system, or to
  * circumvent, violate, or enable the circumvention or violation of, any
  * terms of an Apple operating system software license agreement.
- * 
+ *
  * Please obtain a copy of the License at
  * http://www.opensource.apple.com/apsl/ and read it before using this file.
- * 
+ *
  * The Original Code and all software distributed under the License are
  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
@@ -22,7 +22,7 @@
  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  * Please see the License for the specific language governing rights and
  * limitations under the License.
- * 
+ *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
  */
 /*-
@@ -68,13 +68,18 @@
 #include <security/mac_framework.h>
 #endif
 
+int proc_check_footprint_priv(void);
+
 /*
  * Check a credential for privilege.  Lots of good reasons to deny privilege;
  * only a few to grant it.
  */
 int
-priv_check_cred(kauth_cred_t cred, int priv, __unused int flags)
+priv_check_cred(kauth_cred_t cred, int priv, int flags)
 {
+#if !CONFIG_MACF
+#pragma unused(priv)
+#endif
        int error;
 
        /*
@@ -83,19 +88,23 @@ priv_check_cred(kauth_cred_t cred, int priv, __unused int flags)
         */
 #if CONFIG_MACF
        error = mac_priv_check(cred, priv);
-       if (error)
+       if (error) {
                goto out;
+       }
 #endif
 
-       /*
-        * Having determined if privilege is restricted by various policies,
-        * now determine if privilege is granted.  At this point, any policy
-        * may grant privilege.  For now, we allow short-circuit boolean
-        * evaluation, so may not call all policies.  Perhaps we should.
-        */
-       if (kauth_cred_getuid(cred) == 0) {
-               error = 0;
-               goto out;
+       /* Only grant all privileges to root if DEFAULT_UNPRIVELEGED flag is NOT set. */
+       if (!(flags & PRIVCHECK_DEFAULT_UNPRIVILEGED_FLAG)) {
+               /*
+                * Having determined if privilege is restricted by various policies,
+                * now determine if privilege is granted.       At this point, any policy
+                * may grant privilege. For now, we allow short-circuit boolean
+                * evaluation, so may not call all policies.     Perhaps we should.
+                */
+               if (kauth_cred_getuid(cred) == 0) {
+                       error = 0;
+                       goto out;
+               }
        }
 
        /*
@@ -115,5 +124,11 @@ priv_check_cred(kauth_cred_t cred, int priv, __unused int flags)
         */
        error = EPERM;
 out:
-       return (error);
+       return error;
+}
+
+int
+proc_check_footprint_priv(void)
+{
+       return priv_check_cred(kauth_cred_get(), PRIV_VM_FOOTPRINT_LIMIT, 0);
 }