diff options
| author | Olivier Certner <olce.freebsd@certner.fr> | 2023-08-17 23:54:39 +0000 |
|---|---|---|
| committer | Mitchell Horne <mhorne@FreeBSD.org> | 2023-09-28 15:05:45 +0000 |
| commit | 91e9d669b475d1900e8dc01a49ad90a621c4a068 (patch) | |
| tree | 05b075d8644409c2dc907e2e41a239832c8ae5a5 | |
| parent | 5817169bc4a06a35aa5ef7f5ed18f6cb35037e18 (diff) | |
Make cr_bsd_visible()'s sub-functions internal
cr_canseeotheruids(), cr_canseeothergids() and cr_canseejailproc()
should not be used directly now. cr_bsd_visible() has to be called
instead.
Reviewed by: mhorne
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40629
| -rw-r--r-- | sys/kern/kern_prot.c | 10 | ||||
| -rw-r--r-- | sys/sys/proc.h | 3 |
2 files changed, 7 insertions, 6 deletions
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index 648c067dc528..04aaebf0de63 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -91,6 +91,10 @@ static void crfree_final(struct ucred *cr); static void crsetgroups_locked(struct ucred *cr, int ngrp, gid_t *groups); +static int cr_canseeotheruids(struct ucred *u1, struct ucred *u2); +static int cr_canseeothergids(struct ucred *u1, struct ucred *u2); +static int cr_canseejailproc(struct ucred *u1, struct ucred *u2); + #ifndef _SYS_SYSPROTO_H_ struct getpid_args { int dummy; @@ -1351,7 +1355,7 @@ SYSCTL_INT(_security_bsd, OID_AUTO, see_other_uids, CTLFLAG_RW, * References: *u1 and *u2 must not change during the call * u1 may equal u2, in which case only one reference is required */ -int +static int cr_canseeotheruids(struct ucred *u1, struct ucred *u2) { @@ -1381,7 +1385,7 @@ SYSCTL_INT(_security_bsd, OID_AUTO, see_other_gids, CTLFLAG_RW, * References: *u1 and *u2 must not change during the call * u1 may equal u2, in which case only one reference is required */ -int +static int cr_canseeothergids(struct ucred *u1, struct ucred *u2) { int i, match; @@ -1423,7 +1427,7 @@ SYSCTL_INT(_security_bsd, OID_AUTO, see_jail_proc, CTLFLAG_RW, * References: *u1 and *u2 must not change during the call * u1 may equal u2, in which case only one reference is required */ -int +static int cr_canseejailproc(struct ucred *u1, struct ucred *u2) { if (see_jail_proc || /* Policy deactivated. */ diff --git a/sys/sys/proc.h b/sys/sys/proc.h index 8609bbd124ad..0b91b2a1a0b5 100644 --- a/sys/sys/proc.h +++ b/sys/sys/proc.h @@ -1166,9 +1166,6 @@ struct thread *choosethread(void); int cr_bsd_visible(struct ucred *u1, struct ucred *u2); int cr_cansee(struct ucred *u1, struct ucred *u2); int cr_canseesocket(struct ucred *cred, struct socket *so); -int cr_canseeothergids(struct ucred *u1, struct ucred *u2); -int cr_canseeotheruids(struct ucred *u1, struct ucred *u2); -int cr_canseejailproc(struct ucred *u1, struct ucred *u2); int cr_cansignal(struct ucred *cred, struct proc *proc, int signum); int enterpgrp(struct proc *p, pid_t pgid, struct pgrp *pgrp, struct session *sess); |