hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2024-11-25 01:55:19 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

cred: Separate constant for the number of inlined groups

Browse Source 
CRED_SMALLGROUPS_NB now holds the number of inlined groups in field
'cr_smallgroups'.  XU_NGROUPS stays the number of groups allowed in
'struct xucred'.  The first is an implementation detail, while the
second is part of a public interface.  All mentions of XU_NGROUPS in the
tree have been reviewed and only those concerning the implementation
detail have been changed to use CRED_SMALLGROUPS_NB (they were all in
'kern_prot.c').

No functional change, as CRED_SMALLGROUPS_NB is set to 16, the same
value as XU_NGROUPS.

Reviewed by:    mhorne (slightly different version)
Approved by:    markj (mentor)
MFC after:      3 days
Differential Revision:  https://reviews.freebsd.org/D46911
This commit is contained in:
Olivier Certner 2024-07-16 22:37:44 +02:00
parent 6369544278
commit 664b9fcb1c
No known key found for this signature in database
GPG Key ID: 8CA13040971E2627
2 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sys/kern/kern_prot.c
View File

@ -811,7 +811,7 @@ struct setgroups_args {
int
sys_setgroups(struct thread *td, struct setgroups_args *uap)
{
gid_t smallgroups[XU_NGROUPS];
gid_t smallgroups[CRED_SMALLGROUPS_NB];
gid_t *groups;
int gidsetsize, error;
@ -819,7 +819,7 @@ sys_setgroups(struct thread *td, struct setgroups_args *uap)
if (gidsetsize > ngroups_max + 1 || gidsetsize < 0)
return (EINVAL);
if (gidsetsize > XU_NGROUPS)
if (gidsetsize > CRED_SMALLGROUPS_NB)
groups = malloc(gidsetsize * sizeof(gid_t), M_TEMP, M_WAITOK);
else
groups = smallgroups;
@ -828,7 +828,7 @@ sys_setgroups(struct thread *td, struct setgroups_args *uap)
if (error == 0)
error = kern_setgroups(td, gidsetsize, groups);
if (gidsetsize > XU_NGROUPS)
if (gidsetsize > CRED_SMALLGROUPS_NB)
free(groups, M_TEMP);
return (error);
}

12
sys/sys/ucred.h
View File

@ -42,6 +42,14 @@ struct loginclass;
#define XU_NGROUPS 16
#if defined(_KERNEL) || defined(_WANT_UCRED)
/*
* Number of groups inlined in 'struct ucred'. It must stay reasonably low as
* it is also used by some functions to allocate an array of this size on the
* stack.
*/
#define CRED_SMALLGROUPS_NB 16
/*
* Credentials.
*
@ -55,7 +63,6 @@ struct loginclass;
*
* See "Credential management" comment in kern_prot.c for more information.
*/
#if defined(_KERNEL) || defined(_WANT_UCRED)
struct ucred {
struct mtx cr_mtx;
long cr_ref; /* (c) reference count */
@ -78,7 +85,8 @@ struct ucred {
struct label *cr_label; /* MAC label */
gid_t *cr_groups; /* groups */
int cr_agroups; /* Available groups */
gid_t cr_smallgroups[XU_NGROUPS]; /* storage for small groups */
/* storage for small groups */
gid_t cr_smallgroups[CRED_SMALLGROUPS_NB];
};
#define NOCRED ((struct ucred *)0) /* no credential available */
#define FSCRED ((struct ucred *)-1) /* filesystem credential */