Check out the new USENIX Web site. next up previous
Next: About this document ... Up: Appendix Previous: Appendix

The check_rootproc function

int check_rootproc(struct inode *ino) { 
   int cont=0,iproc=0,error=0;
   suidp_t * suidproc;   
   efile_t f; 
   suidp_t p; 

    if ((IS_SETUID_TO_ROOT(current))||(IS_A_ROOT_DAEMON(current)))  {
      for (;cont<permitted.total;cont++) {
        if((permitted.lst[cont].efid.device==ino->i_dev)&&
           (permitted.lst[cont].efid.inode==ino->i_ino)) {
            if((permitted.lst[cont].efid.size==ino->i_size)&&
               (permitted.lst[cont].efid.modif==ino->i_mtime)) {
                suidproc=permitted.lst[cont].processes;
                for (iproc=1;iproc<=permitted.lst[cont].proc_nr;iproc++)  {
                     if (!strcmp(suidproc->suidp_id.comm,current->comm)) { 
                        suidproc->suidp_id.count++;
                        return PSA;
                     }  
                     if (iproc<permitted.lst[cont].proc_nr) {
                        suidproc=suidproc->next;
                    }
                }            
            } else { 
               error=EFNA; 
               goto file_exe_unauthorized; 
            }
        }        
      } 
      error=EXENA; /* EXE is not in the database */
      goto file_exe_unauthorized;
    } 

    return PNS; /* the process is not setuid to root or root daemon */

    file_exe_unauthorized:
                   f.efid.device=ino->i_dev;
                   f.efid.inode=ino->i_ino;
                   f.efid.size=ino->i_size; 
                   f.efid.modif=ino->i_mtime; 
                   strncpy(p.suidp_id.comm,current->comm,
                           sizeof(p.suidp_id.comm));
                   p.suidp_id.count=1; 
                   do {
                     while (writer_pid!=0){
                       cli(); /* interrupt disabled */
                       if (writer_pid!=0) 
                         interruptible_sleep_on(&pid_queue);
                       sti();       
                     }       
                   } while (!atomic_access(&writer_pid,current->pid));
                   /* start of critical section */
                   do_setuid_put(&(f.efid),&(p.suidp_id),FAILURE);
                   writer_pid=0; /* end of critical section */
                   atomic_access(&writer_pid,0); /* release of the lock */
                   return error;
}
 




2000-08-22