Paths

Table of Contentst

Differential D40629

Make cr_bsd_visible()'s sub-functions internal
ClosedPublic
Actions

Authored by olce on Jun 20 2023, 1:44 PM.

Tags

None

Referenced Files

	F102583144: D40629.id124665.diff
	Thu, Nov 14, 9:13 AM

	Unknown Object (File)
	Sun, Nov 10, 8:34 PM

	Unknown Object (File)
	Fri, Nov 8, 2:48 PM

	Unknown Object (File)
	Thu, Nov 7, 9:56 AM

	Unknown Object (File)
	Wed, Nov 6, 10:43 AM

	Unknown Object (File)
	Tue, Nov 5, 10:16 AM

	Unknown Object (File)
	Tue, Oct 29, 4:54 AM

	Unknown Object (File)
	Sun, Oct 27, 4:38 PM

View All 93 Files

Subscribers

Details

Reviewers

mjg
kib
dchagin
mhorne
olce

Commits

rG3b14e215dd68: Make cr_bsd_visible()'s sub-functions internal
rG07c60e63237e: Make cr_bsd_visible()'s sub-functions internal
rG91e9d669b475: Make cr_bsd_visible()'s sub-functions internal

Summary

cr_canseeotheruids(), cr_canseeothergids() and cr_canseejailproc() should not be
used directly now. cr_bsd_visible() has to be called instead.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 52676
Build 49567: arc lint + arc unit

Event Timeline

olce created this revision.Jun 20 2023, 1:44 PM

Herald added a subscriber: imp. · View Herald TranscriptJun 20 2023, 1:44 PM

olce requested review of this revision.Jun 20 2023, 1:44 PM

Harbormaster completed remote builds in B52164: Diff 123495.Jun 20 2023, 1:44 PM

olce added a parent revision: D40628: Fix 'security.bsd.see_jail_proc' by using cr_bsd_visible().Jun 20 2023, 2:11 PM

olce added a child revision: D40630: cr_canseeotheruids(), cr_canseeothergids(): Man pages: Impacts of rename.

olce added reviewers: mjg, kib, dchagin.Jun 20 2023, 9:03 PM

These functions are exported, I think they should be kept as is to keep KPI compatibility.

This revision now requires changes to proceed.Jul 2 2023, 7:18 AM

zlei mentioned this in D40630: cr_canseeotheruids(), cr_canseeothergids(): Man pages: Impacts of rename.Jul 2 2023, 7:21 AM

We can change KPI across major versions at least, can't we?

This change has several goals. The first is to prevent consumers from using any of these individual functions, which are called by cr_bsd_visibility() itself. This helps avoid bugs where some callers forget to check if a particular policy authorizes accesses, which is exactly what happened with see_jail_proc. A second goal is that, more conceptually, visibility policies can be seen as a block that should be applied at once. If, in the future, some policy is added, it will just have to in cr_bsd_visibility() (no need of sprinkling calls all around).

olce requested review of this revision.Jul 10 2023, 12:45 PM

Rename cr_bsd_visibility() to cr_bsd_visible().

Harbormaster completed remote builds in B52642: Diff 124665.Jul 14 2023, 10:13 AM

Update context lines after update of D40626.

Harbormaster completed remote builds in B52676: Diff 124766.Jul 17 2023, 4:41 PM

mhorne accepted this revision.Jul 18 2023, 4:19 PM

Update context lines.

Harbormaster completed remote builds in B52727: Diff 124881.Jul 19 2023, 6:14 PM

Re-validate, since no actual changes.

olce removed a reviewer: zlei.Aug 2 2023, 10:37 AM

This revision is now accepted and ready to land.Aug 2 2023, 10:37 AM

Closed by commit rG91e9d669b475: Make cr_bsd_visible()'s sub-functions internal (authored by olce, committed by mhorne). · Explain WhySep 28 2023, 3:11 PM

This revision was automatically updated to reflect the committed changes.

mhorne added a commit: rG91e9d669b475: Make cr_bsd_visible()'s sub-functions internal.

mhorne added a commit: rG07c60e63237e: Make cr_bsd_visible()'s sub-functions internal.Oct 18 2023, 4:30 PM

mhorne added a commit: rG3b14e215dd68: Make cr_bsd_visible()'s sub-functions internal.Oct 18 2023, 6:10 PM

Revision Contents
Changeset List

Path

Size

sys/

kern/

10 lines

sys/

3 lines

Diff 124766

sys/kern/kern_prot.c

Loading...

sys/sys/proc.h

Loading...