summaryrefslogtreecommitdiff
path: root/sys/miscfs
diff options
context:
space:
mode:
Diffstat (limited to 'sys/miscfs')
-rw-r--r--sys/miscfs/procfs/procfs.h13
-rw-r--r--sys/miscfs/procfs/procfs_dbregs.c2
-rw-r--r--sys/miscfs/procfs/procfs_fpregs.c2
-rw-r--r--sys/miscfs/procfs/procfs_mem.c2
-rw-r--r--sys/miscfs/procfs/procfs_regs.c2
-rw-r--r--sys/miscfs/procfs/procfs_status.c2
-rw-r--r--sys/miscfs/procfs/procfs_vnops.c4
7 files changed, 7 insertions, 20 deletions
diff --git a/sys/miscfs/procfs/procfs.h b/sys/miscfs/procfs/procfs.h
index bd6a5540016f..1402a7c82f2c 100644
--- a/sys/miscfs/procfs/procfs.h
+++ b/sys/miscfs/procfs/procfs.h
@@ -90,19 +90,6 @@ struct pfsnode {
#define KMEM_GROUP 2
-/*
- * Check to see whether access to target process is allowed
- * Evaluates to 1 if access is allowed.
- */
-#define CHECKIO(p1, p2) \
- ((p1) == (p2) || \
- (PRISON_CHECK(p1, p2) && \
- ((((p1)->p_ucred->cr_uid == (p2)->p_cred->p_ruid) && \
- ((p1)->p_cred->p_ruid == (p2)->p_cred->p_ruid) && \
- ((p1)->p_cred->p_svuid == (p2)->p_cred->p_ruid) && \
- ((p2)->p_flag & P_SUGID) == 0) || \
- (suser_xxx(0, (p1), PRISON_ROOT) == 0))))
-
#define PROCFS_FILENO(pid, type) \
(((type) < Pproc) ? \
((type) + 2) : \
diff --git a/sys/miscfs/procfs/procfs_dbregs.c b/sys/miscfs/procfs/procfs_dbregs.c
index ce990e983745..0df1c3e529cc 100644
--- a/sys/miscfs/procfs/procfs_dbregs.c
+++ b/sys/miscfs/procfs/procfs_dbregs.c
@@ -63,7 +63,7 @@ procfs_dodbregs(curp, p, pfs, uio)
char *kv;
int kl;
- if (!CHECKIO(curp, p))
+ if (p_trespass(curp, p))
return (EPERM);
kl = sizeof(r);
kv = (char *) &r;
diff --git a/sys/miscfs/procfs/procfs_fpregs.c b/sys/miscfs/procfs/procfs_fpregs.c
index b3331e5a726e..d4a4cfee5390 100644
--- a/sys/miscfs/procfs/procfs_fpregs.c
+++ b/sys/miscfs/procfs/procfs_fpregs.c
@@ -60,7 +60,7 @@ procfs_dofpregs(curp, p, pfs, uio)
char *kv;
int kl;
- if (!CHECKIO(curp, p))
+ if (p_trespass(curp, p))
return EPERM;
kl = sizeof(r);
kv = (char *) &r;
diff --git a/sys/miscfs/procfs/procfs_mem.c b/sys/miscfs/procfs/procfs_mem.c
index 521bd5bbc551..e075a7adbc81 100644
--- a/sys/miscfs/procfs/procfs_mem.c
+++ b/sys/miscfs/procfs/procfs_mem.c
@@ -296,7 +296,7 @@ procfs_domem(curp, p, pfs, uio)
* All in all, quite yucky.
*/
- if (!CHECKIO(curp, p) &&
+ if (p_trespass(curp, p) &&
!(uio->uio_rw == UIO_READ &&
procfs_kmemaccess(curp)))
return EPERM;
diff --git a/sys/miscfs/procfs/procfs_regs.c b/sys/miscfs/procfs/procfs_regs.c
index 0edb9ad60639..88f85d3d1857 100644
--- a/sys/miscfs/procfs/procfs_regs.c
+++ b/sys/miscfs/procfs/procfs_regs.c
@@ -60,7 +60,7 @@ procfs_doregs(curp, p, pfs, uio)
char *kv;
int kl;
- if (!CHECKIO(curp, p))
+ if (p_trespass(curp, p))
return EPERM;
kl = sizeof(r);
kv = (char *) &r;
diff --git a/sys/miscfs/procfs/procfs_status.c b/sys/miscfs/procfs/procfs_status.c
index 0eb38581eae9..e63a12bcbeb5 100644
--- a/sys/miscfs/procfs/procfs_status.c
+++ b/sys/miscfs/procfs/procfs_status.c
@@ -183,7 +183,7 @@ procfs_docmdline(curp, p, pfs, uio)
* Linux behaviour is to return zero-length in this case.
*/
- if (p->p_args) {
+ if (p->p_args && !p_trespass(curp, p)) {
bp = p->p_args->ar_args;
buflen = p->p_args->ar_length;
buf = 0;
diff --git a/sys/miscfs/procfs/procfs_vnops.c b/sys/miscfs/procfs/procfs_vnops.c
index c579d73d8374..17075db6bf82 100644
--- a/sys/miscfs/procfs/procfs_vnops.c
+++ b/sys/miscfs/procfs/procfs_vnops.c
@@ -146,7 +146,7 @@ procfs_open(ap)
return (EBUSY);
p1 = ap->a_p;
- if (!CHECKIO(p1, p2) &&
+ if (p_trespass(p1, p2) &&
!procfs_kmemaccess(p1))
return (EPERM);
@@ -238,7 +238,7 @@ procfs_ioctl(ap)
return ENOTTY;
}
- if (!CHECKIO(p, procp))
+ if (p_trespass(p, procp))
return EPERM;
switch (ap->a_command) {
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-05 14:01:29 +0000