1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2011 The FreeBSD Foundation 5 * 6 * This software was developed by Edward Tomasz Napierala under sponsorship 7 * from the FreeBSD Foundation. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 * 30 * $FreeBSD$ 31 */ 32 33 /* 34 * Processes may set login class name using setloginclass(2). This 35 * is usually done through call to setusercontext(3), by programs 36 * such as login(1), based on information from master.passwd(5). Kernel 37 * uses this information to enforce per-class resource limits. Current 38 * login class can be determined using id(1). Login class is inherited 39 * from the parent process during fork(2). If not set, it defaults 40 * to "default". 41 * 42 * Code in this file implements setloginclass(2) and getloginclass(2) 43 * system calls, and maintains class name storage and retrieval. 44 */ 45 46 #include <sys/cdefs.h> 47 __FBSDID("$FreeBSD$"); 48 49 #include <sys/param.h> 50 #include <sys/eventhandler.h> 51 #include <sys/kernel.h> 52 #include <sys/lock.h> 53 #include <sys/loginclass.h> 54 #include <sys/malloc.h> 55 #include <sys/types.h> 56 #include <sys/priv.h> 57 #include <sys/proc.h> 58 #include <sys/queue.h> 59 #include <sys/racct.h> 60 #include <sys/rctl.h> 61 #include <sys/refcount.h> 62 #include <sys/rwlock.h> 63 #include <sys/sysproto.h> 64 #include <sys/systm.h> 65 66 static MALLOC_DEFINE(M_LOGINCLASS, "loginclass", "loginclass structures"); 67 68 LIST_HEAD(, loginclass) loginclasses; 69 70 /* 71 * Lock protecting loginclasses list. 72 */ 73 static struct rwlock loginclasses_lock; 74 RW_SYSINIT(loginclasses_init, &loginclasses_lock, "loginclasses lock"); 75 76 void 77 loginclass_hold(struct loginclass *lc) 78 { 79 80 refcount_acquire(&lc->lc_refcount); 81 } 82 83 void 84 loginclass_free(struct loginclass *lc) 85 { 86 87 if (refcount_release_if_not_last(&lc->lc_refcount)) 88 return; 89 90 rw_wlock(&loginclasses_lock); 91 if (!refcount_release(&lc->lc_refcount)) { 92 rw_wunlock(&loginclasses_lock); 93 return; 94 } 95 96 racct_destroy(&lc->lc_racct); 97 LIST_REMOVE(lc, lc_next); 98 rw_wunlock(&loginclasses_lock); 99 100 free(lc, M_LOGINCLASS); 101 } 102 103 /* 104 * Look up a loginclass struct for the parameter name. 105 * loginclasses_lock must be locked. 106 * Increase refcount on loginclass struct returned. 107 */ 108 static struct loginclass * 109 loginclass_lookup(const char *name) 110 { 111 struct loginclass *lc; 112 113 rw_assert(&loginclasses_lock, RA_LOCKED); 114 LIST_FOREACH(lc, &loginclasses, lc_next) 115 if (strcmp(name, lc->lc_name) == 0) { 116 loginclass_hold(lc); 117 break; 118 } 119 120 return (lc); 121 } 122 123 /* 124 * Return loginclass structure with a corresponding name. Not 125 * performance critical, as it's used mainly by setloginclass(2), 126 * which happens once per login session. Caller has to use 127 * loginclass_free() on the returned value when it's no longer 128 * needed. 129 */ 130 struct loginclass * 131 loginclass_find(const char *name) 132 { 133 struct loginclass *lc, *new_lc; 134 135 if (name[0] == '\0' || strlen(name) >= MAXLOGNAME) 136 return (NULL); 137 138 lc = curthread->td_ucred->cr_loginclass; 139 if (strcmp(name, lc->lc_name) == 0) { 140 loginclass_hold(lc); 141 return (lc); 142 } 143 144 rw_rlock(&loginclasses_lock); 145 lc = loginclass_lookup(name); 146 rw_runlock(&loginclasses_lock); 147 if (lc != NULL) 148 return (lc); 149 150 new_lc = malloc(sizeof(*new_lc), M_LOGINCLASS, M_ZERO | M_WAITOK); 151 racct_create(&new_lc->lc_racct); 152 refcount_init(&new_lc->lc_refcount, 1); 153 strcpy(new_lc->lc_name, name); 154 155 rw_wlock(&loginclasses_lock); 156 /* 157 * There's a chance someone created our loginclass while we 158 * were in malloc and not holding the lock, so we have to 159 * make sure we don't insert a duplicate loginclass. 160 */ 161 if ((lc = loginclass_lookup(name)) == NULL) { 162 LIST_INSERT_HEAD(&loginclasses, new_lc, lc_next); 163 rw_wunlock(&loginclasses_lock); 164 lc = new_lc; 165 } else { 166 rw_wunlock(&loginclasses_lock); 167 racct_destroy(&new_lc->lc_racct); 168 free(new_lc, M_LOGINCLASS); 169 } 170 171 return (lc); 172 } 173 174 /* 175 * Get login class name. 176 */ 177 #ifndef _SYS_SYSPROTO_H_ 178 struct getloginclass_args { 179 char *namebuf; 180 size_t namelen; 181 }; 182 #endif 183 /* ARGSUSED */ 184 int 185 sys_getloginclass(struct thread *td, struct getloginclass_args *uap) 186 { 187 struct loginclass *lc; 188 size_t lcnamelen; 189 190 lc = td->td_ucred->cr_loginclass; 191 lcnamelen = strlen(lc->lc_name) + 1; 192 if (lcnamelen > uap->namelen) 193 return (ERANGE); 194 return (copyout(lc->lc_name, uap->namebuf, lcnamelen)); 195 } 196 197 /* 198 * Set login class name. 199 */ 200 #ifndef _SYS_SYSPROTO_H_ 201 struct setloginclass_args { 202 const char *namebuf; 203 }; 204 #endif 205 /* ARGSUSED */ 206 int 207 sys_setloginclass(struct thread *td, struct setloginclass_args *uap) 208 { 209 struct proc *p = td->td_proc; 210 int error; 211 char lcname[MAXLOGNAME]; 212 struct loginclass *newlc; 213 struct ucred *newcred, *oldcred; 214 215 error = priv_check(td, PRIV_PROC_SETLOGINCLASS); 216 if (error != 0) 217 return (error); 218 error = copyinstr(uap->namebuf, lcname, sizeof(lcname), NULL); 219 if (error != 0) 220 return (error); 221 222 newlc = loginclass_find(lcname); 223 if (newlc == NULL) 224 return (EINVAL); 225 newcred = crget(); 226 227 PROC_LOCK(p); 228 oldcred = crcopysafe(p, newcred); 229 newcred->cr_loginclass = newlc; 230 proc_set_cred(p, newcred); 231 #ifdef RACCT 232 racct_proc_ucred_changed(p, oldcred, newcred); 233 crhold(newcred); 234 #endif 235 PROC_UNLOCK(p); 236 #ifdef RCTL 237 rctl_proc_ucred_changed(p, newcred); 238 crfree(newcred); 239 #endif 240 loginclass_free(oldcred->cr_loginclass); 241 crfree(oldcred); 242 243 return (0); 244 } 245 246 void 247 loginclass_racct_foreach(void (*callback)(struct racct *racct, 248 void *arg2, void *arg3), void (*pre)(void), void (*post)(void), 249 void *arg2, void *arg3) 250 { 251 struct loginclass *lc; 252 253 rw_rlock(&loginclasses_lock); 254 if (pre != NULL) 255 (pre)(); 256 LIST_FOREACH(lc, &loginclasses, lc_next) 257 (callback)(lc->lc_racct, arg2, arg3); 258 if (post != NULL) 259 (post)(); 260 rw_runlock(&loginclasses_lock); 261 } 262