xref: /dragonfly/sys/kern/sysv_ipc.c (revision 2b3f93ea) 
1 /* $FreeBSD: src/sys/kern/sysv_ipc.c,v 1.13.2.2 2000/07/01 14:33:49 bsd Exp $ */
2 /*	$NetBSD: sysv_ipc.c,v 1.7 1994/06/29 06:33:11 cgd Exp $	*/
3 
4 /*
5  * Copyright (c) 1994 Herb Peyerl <hpeyerl@novatel.ca>
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 3. All advertising materials mentioning features or use of this software
17  *    must display the following acknowledgement:
18  *      This product includes software developed by Herb Peyerl.
19  * 4. The name of Herb Peyerl may not be used to endorse or promote products
20  *    derived from this software without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32  */
33 
34 #include <sys/param.h>
35 #include <sys/ipc.h>
36 #include <sys/proc.h>
37 #include <sys/caps.h>
38 #include <sys/ucred.h>
39 
40 /*
41  * Check for ipc permission
42  */
43 
44 int
ipcperm(struct proc * p,struct ipc_perm * perm,int mode)45 ipcperm(struct proc *p, struct ipc_perm *perm, int mode)
46 {
47 	struct ucred *cred = p->p_ucred;
48 
49 	/* Check for user match. */
50 	if (cred->cr_uid != perm->cuid && cred->cr_uid != perm->uid) {
51 		if (mode & IPC_M) {
52 			if (caps_priv_check(cred, SYSCAP_RESTRICTEDROOT))
53 				return EPERM;
54 			return 0;
55 		}
56 		/* Check for group match. */
57 		mode >>= 3;
58 		if (!groupmember(perm->gid, cred) &&
59 		    !groupmember(perm->cgid, cred))
60 			/* Check for `other' match. */
61 			mode >>= 3;
62 	}
63 
64 	if (mode & IPC_M)
65 		return (0);
66 	return (((mode & perm->mode) == mode ||
67 		 caps_priv_check(cred, SYSCAP_RESTRICTEDROOT) == 0) ?
68 		 0 : EACCES);
69 }
70