X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/a1c7dba18ef36983396c282fe85292db066e39db..ecc0ceb4089d506a0b8d16686a95817b331af9cb:/bsd/kern/kern_credential.c?ds=sidebyside

diff --git a/bsd/kern/kern_credential.c b/bsd/kern/kern_credential.c
index b3c0d357a..0558ce449 100644
--- a/bsd/kern/kern_credential.c
+++ b/bsd/kern/kern_credential.c
@@ -264,9 +264,7 @@ static void	kauth_groups_trimcache(int newsize);
 
 #endif	/* CONFIG_EXT_RESOLVER */
 
-static const int kauth_cred_primes[KAUTH_CRED_PRIMES_COUNT] = KAUTH_CRED_PRIMES;
-static int	kauth_cred_primes_index = 0;
-static int	kauth_cred_table_size = 0;
+#define KAUTH_CRED_TABLE_SIZE 97
 
 TAILQ_HEAD(kauth_cred_entry_head, ucred);
 static struct kauth_cred_entry_head * kauth_cred_table_anchor = NULL;
@@ -2075,14 +2073,66 @@ static int	kauth_cred_cache_lookup(int from, int to, void *src, void *dst);
 
 #if CONFIG_EXT_RESOLVER == 0
 /*
- * If there's no resolver, short-circuit the kauth_cred_x2y() lookups.
+ * If there's no resolver, only support a subset of the kauth_cred_x2y() lookups.
  */
 static __inline int
-kauth_cred_cache_lookup(__unused int from, __unused int to,
-	__unused void *src, __unused void *dst)
+kauth_cred_cache_lookup(int from, int to, void *src, void *dst)
 {
-	return (EWOULDBLOCK);
-
+	/* NB: These must match the definitions used by Libinfo's mbr_identifier_translate(). */
+	static const uuid_t _user_compat_prefix = {0xff, 0xff, 0xee, 0xee, 0xdd, 0xdd, 0xcc, 0xcc, 0xbb, 0xbb, 0xaa, 0xaa, 0x00, 0x00, 0x00, 0x00};
+	static const uuid_t _group_compat_prefix = {0xab, 0xcd, 0xef, 0xab, 0xcd, 0xef, 0xab, 0xcd, 0xef, 0xab, 0xcd, 0xef, 0x00, 0x00, 0x00, 0x00};
+#define COMPAT_PREFIX_LEN	(sizeof(uuid_t) - sizeof(id_t))
+
+	assert(from != to);
+
+	switch (from) {
+	case KI_VALID_UID: {
+		id_t uid = htonl(*(id_t *)src);
+
+		if (to == KI_VALID_GUID) {
+			uint8_t *uu = dst;
+			memcpy(uu, _user_compat_prefix, sizeof(_user_compat_prefix));
+			memcpy(&uu[COMPAT_PREFIX_LEN], &uid, sizeof(uid));
+			return (0);
+		}
+		break;
+	}
+	case KI_VALID_GID: {
+		id_t gid = htonl(*(id_t *)src);
+
+		if (to == KI_VALID_GUID) {
+			uint8_t *uu = dst;
+			memcpy(uu, _group_compat_prefix, sizeof(_group_compat_prefix));
+			memcpy(&uu[COMPAT_PREFIX_LEN], &gid, sizeof(gid));
+			return (0);
+		}
+		break;
+	}
+	case KI_VALID_GUID: {
+		const uint8_t *uu = src;
+
+		if (to == KI_VALID_UID) {
+			if (memcmp(uu, _user_compat_prefix, COMPAT_PREFIX_LEN) == 0) {
+				id_t uid;
+				memcpy(&uid, &uu[COMPAT_PREFIX_LEN], sizeof(uid));
+				*(id_t *)dst = ntohl(uid);
+				return (0);
+			}
+		} else if (to == KI_VALID_GID) {
+			if (memcmp(uu, _group_compat_prefix, COMPAT_PREFIX_LEN) == 0) {
+				id_t gid;
+				memcpy(&gid, &uu[COMPAT_PREFIX_LEN], sizeof(gid));
+				*(id_t *)dst = ntohl(gid);
+				return (0);
+			}
+		}
+		break;
+	}
+	default:
+		/* NOT IMPLEMENTED */
+		break;
+	}
+	return (ENOENT);
 }
 #endif
 
@@ -3161,11 +3211,11 @@ kauth_cred_ismember_guid(__unused kauth_cred_t cred, guid_t *guidp, int *resultp
 		*resultp = 1;
 		break;
 	default:
-#if CONFIG_EXT_RESOLVER
 	{
-		struct kauth_identity ki;
 		gid_t gid;
-#if 6603280
+#if CONFIG_EXT_RESOLVER
+		struct kauth_identity ki;
+
 		/*
 		 * Grovel the identity cache looking for this GUID.
 		 * If we find it, and it is for a user record, return
@@ -3192,7 +3242,7 @@ kauth_cred_ismember_guid(__unused kauth_cred_t cred, guid_t *guidp, int *resultp
 				return (0);
 			}
 		}
-#endif /* 6603280 */
+#endif /* CONFIG_EXT_RESOLVER */
 		/*
 		 * Attempt to translate the GUID to a GID.  Even if
 		 * this fails, we will have primed the cache if it is
@@ -3209,13 +3259,12 @@ kauth_cred_ismember_guid(__unused kauth_cred_t cred, guid_t *guidp, int *resultp
 				error = 0;
 			}
 		} else {
+#if CONFIG_EXT_RESOLVER
  do_check:
+#endif /* CONFIG_EXT_RESOLVER */
 			error = kauth_cred_ismember_gid(cred, gid, resultp);
 		}
 	}
-#else	/* CONFIG_EXT_RESOLVER */
-		error = ENOENT;
-#endif	/* CONFIG_EXT_RESOLVER */
 		break;
 	}
 	return(error);
@@ -3364,15 +3413,14 @@ kauth_cred_init(void)
 	int		i;
 	
 	kauth_cred_hash_mtx = lck_mtx_alloc_init(kauth_lck_grp, 0/*LCK_ATTR_NULL*/);
-	kauth_cred_table_size = kauth_cred_primes[kauth_cred_primes_index];
 
 	/*allocate credential hash table */
 	MALLOC(kauth_cred_table_anchor, struct kauth_cred_entry_head *, 
-			(sizeof(struct kauth_cred_entry_head) * kauth_cred_table_size), 
+			(sizeof(struct kauth_cred_entry_head) * KAUTH_CRED_TABLE_SIZE),
 			M_KAUTH, M_WAITOK | M_ZERO);
 	if (kauth_cred_table_anchor == NULL)
 		panic("startup: kauth_cred_init");
-	for (i = 0; i < kauth_cred_table_size; i++) {
+	for (i = 0; i < KAUTH_CRED_TABLE_SIZE; i++) {
 		TAILQ_INIT(&kauth_cred_table_anchor[i]);
 	}
 }
@@ -3601,7 +3649,7 @@ kauth_cred_get_with_ref(void)
  * Returns:	(kauth_cred_t)			Pointer to the process's
  *						newly referenced credential
  *
- * Locks:	PROC_LOCK is held before taking the reference and released
+ * Locks:	PROC_UCRED_LOCK is held before taking the reference and released
  *		after the refeence is taken to protect the p_ucred field of
  *		the process referred to by procp.
  *
@@ -3623,10 +3671,10 @@ kauth_cred_proc_ref(proc_t procp)
 {
 	kauth_cred_t 	cred;
 	
-	proc_lock(procp);
+	proc_ucred_lock(procp);
 	cred = proc_ucred(procp);
 	kauth_cred_ref(cred);
-	proc_unlock(procp);
+	proc_ucred_unlock(procp);
 	return(cred);
 }
 
@@ -4459,7 +4507,7 @@ int kauth_proc_label_update(struct proc *p, struct label *label)
 
 			DEBUG_CRED_CHANGE("kauth_proc_setlabel_unlocked CH(%d): %p/0x%08x -> %p/0x%08x\n", p->p_pid, my_cred, my_cred->cr_flags, my_new_cred, my_new_cred->cr_flags);
 
-			proc_lock(p);
+			proc_ucred_lock(p);
 			/*
 			 * We need to protect for a race where another thread
 			 * also changed the credential after we took our
@@ -4467,7 +4515,7 @@ int kauth_proc_label_update(struct proc *p, struct label *label)
 			 * restart this again with the new cred.
 			 */
 			if (p->p_ucred != my_cred) {
-				proc_unlock(p);
+				proc_ucred_unlock(p);
 				kauth_cred_unref(&my_new_cred);
 				my_cred = kauth_cred_proc_ref(p);
 				/* try again */
@@ -4478,7 +4526,7 @@ int kauth_proc_label_update(struct proc *p, struct label *label)
 			PROC_UPDATE_CREDS_ONPROC(p);
 
 			mac_proc_set_enforce(p, MAC_ALL_ENFORCE);
-			proc_unlock(p);
+			proc_ucred_unlock(p);
 		}
 		break;
 	}
@@ -4539,7 +4587,7 @@ kauth_proc_label_update_execve(struct proc *p, vfs_context_t ctx,
 
 			DEBUG_CRED_CHANGE("kauth_proc_label_update_execve_unlocked CH(%d): %p/0x%08x -> %p/0x%08x\n", p->p_pid, my_cred, my_cred->cr_flags, my_new_cred, my_new_cred->cr_flags);
 
-			proc_lock(p);
+			proc_ucred_lock(p);
 			/*
 			 * We need to protect for a race where another thread
 			 * also changed the credential after we took our
@@ -4547,7 +4595,7 @@ kauth_proc_label_update_execve(struct proc *p, vfs_context_t ctx,
 			 * restart this again with the new cred.
 			 */
 			if (p->p_ucred != my_cred) {
-				proc_unlock(p);
+				proc_ucred_unlock(p);
 				kauth_cred_unref(&my_new_cred);
 				my_cred = kauth_cred_proc_ref(p);
 				/* try again */
@@ -4557,7 +4605,7 @@ kauth_proc_label_update_execve(struct proc *p, vfs_context_t ctx,
 			/* update cred on proc */
 			PROC_UPDATE_CREDS_ONPROC(p);
 			mac_proc_set_enforce(p, MAC_ALL_ENFORCE);
-			proc_unlock(p);
+			proc_ucred_unlock(p);
 		}
 		break;
 	}
@@ -5095,7 +5143,7 @@ kauth_cred_add(kauth_cred_t new_cred)
 	KAUTH_CRED_HASH_LOCK_ASSERT();
 
 	hash_key = kauth_cred_get_hashkey(new_cred);
-	hash_key %= kauth_cred_table_size;
+	hash_key %= KAUTH_CRED_TABLE_SIZE;
 
 	/* race fix - there is a window where another matching credential 
 	 * could have been inserted between the time this one was created and we
@@ -5140,7 +5188,7 @@ kauth_cred_remove(kauth_cred_t cred)
 	kauth_cred_t	found_cred;
 
 	hash_key = kauth_cred_get_hashkey(cred);
-	hash_key %= kauth_cred_table_size;
+	hash_key %= KAUTH_CRED_TABLE_SIZE;
 
 	/* Avoid race */
 	if (cred->cr_ref < 1)
@@ -5200,7 +5248,7 @@ kauth_cred_find(kauth_cred_t cred)
 #endif
 
 	hash_key = kauth_cred_get_hashkey(cred);
-	hash_key %= kauth_cred_table_size;
+	hash_key %= KAUTH_CRED_TABLE_SIZE;
 
 	/* Find cred in the credential hash table */
 	TAILQ_FOREACH(found_cred, &kauth_cred_table_anchor[hash_key], cr_link) {
@@ -5325,7 +5373,7 @@ kauth_cred_hash_print(void)
 		
 	printf("\n\t kauth credential hash table statistics - current cred count %d \n", kauth_cred_count);
 	/* count slot hits, misses, collisions, and max depth */
-	for (i = 0; i < kauth_cred_table_size; i++) {
+	for (i = 0; i < KAUTH_CRED_TABLE_SIZE; i++) {
 		printf("[%02d] ", i);
 		j = 0;
 		TAILQ_FOREACH(found_cred, &kauth_cred_table_anchor[i], cr_link) {
@@ -5510,7 +5558,7 @@ sysctl_dump_creds( __unused struct sysctl_oid *oidp, __unused void *arg1, __unus
 		return (EPERM);
 
 	/* calculate space needed */
-	for (i = 0; i < kauth_cred_table_size; i++) {
+	for (i = 0; i < KAUTH_CRED_TABLE_SIZE; i++) {
 		TAILQ_FOREACH(found_cred, &kauth_cred_table_anchor[i], cr_link) {
 			counter++;
 		}
@@ -5531,7 +5579,7 @@ sysctl_dump_creds( __unused struct sysctl_oid *oidp, __unused void *arg1, __unus
 	/* fill in creds to send back */
 	nextp = cred_listp;
 	space = 0;
-	for (i = 0; i < kauth_cred_table_size; i++) {
+	for (i = 0; i < KAUTH_CRED_TABLE_SIZE; i++) {
 		TAILQ_FOREACH(found_cred, &kauth_cred_table_anchor[i], cr_link) {
 			nextp->credp = found_cred;
 			nextp->cr_ref = found_cred->cr_ref;