Date: Sun, 7 Oct 2001 20:41:12 -0700 (PDT) From: Takanori Saneto <sanewo@ba2.so-net.ne.jp> To: freebsd-gnats-submit@FreeBSD.org Subject: kern/31122: linux setre*uid() doesn't handle uid -1 properly Message-ID: <200110080341.f983fCv83034@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 31122
>Category: kern
>Synopsis: linux setre*uid() doesn't handle uid -1 properly
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Oct 07 20:50:01 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: Takanori Saneto
>Release: 5.0-CURRENT as of 2001/10/07
>Organization:
an individual
>Environment:
FreeBSD muse.sanewo 5.0-CURRENT FreeBSD 5.0-CURRENT #2: Sun Oct 7 18:06:09 JST 2001 root@muse.sanewo:/export/usr/obj/usr/src/sys/MUSE i386
>Description:
Although manpage of setre*uid() says that "Passing -1 as an argument causes the corresponding value to remain
unchanged," under linux ABI, they are
treated as if 65535 was specified. (Maybe this is i386 specific)
Because of this, vmware won't start up on CURRENT.
>How-To-Repeat:
Compile following program in linux environment and run it as root.
#include <stdlib.h>
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
void
printid()
{
printf("ruid=%d, euid=%d\n", getuid(), geteuid());
}
int
main(int ac, char **av)
{
printid();
if (setreuid(-1,-1) < 0) { perror("setreuid"); exit(1); }
printid();
}
>Fix:
Following patch should fix the problem. Yes, it's a quick hack.
Index: src/sys/compat/linux/linux_uid16.c
===================================================================
RCS file: /export/cvsup/cvs/src/sys/compat/linux/linux_uid16.c,v
retrieving revision 1.2
diff -u -u -r1.2 linux_uid16.c
--- linux_uid16.c 12 Sep 2001 08:36:57 -0000 1.2
+++ linux_uid16.c 15 Sep 2001 06:32:48 -0000
@@ -244,13 +244,16 @@
return (setuid(td, &bsd));
}
+#define NOIDCHG16 ((l_uid16_t)-1)
+#define NOIDCHG32 ((uid_t) -1)
+
int
linux_setregid16(struct thread *td, struct linux_setregid16_args *args)
{
struct setregid_args bsd;
- bsd.rgid = args->rgid;
- bsd.egid = args->egid;
+ bsd.rgid = args->rgid == NOIDCHG16? NOIDCHG32: args->rgid;
+ bsd.egid = args->egid == NOIDCHG16? NOIDCHG32: args->egid;
return (setregid(td, &bsd));
}
@@ -259,8 +262,8 @@
{
struct setreuid_args bsd;
- bsd.ruid = args->ruid;
- bsd.euid = args->euid;
+ bsd.ruid = args->ruid == NOIDCHG16? NOIDCHG32: args->ruid;
+ bsd.euid = args->euid == NOIDCHG16? NOIDCHG32: args->euid;
return (setreuid(td, &bsd));
}
@@ -269,9 +272,9 @@
{
struct setresgid_args bsd;
- bsd.rgid = args->rgid;
- bsd.egid = args->egid;
- bsd.sgid = args->sgid;
+ bsd.rgid = args->rgid == NOIDCHG16? NOIDCHG32: args->rgid;
+ bsd.egid = args->egid == NOIDCHG16? NOIDCHG32: args->egid;
+ bsd.egid = args->sgid == NOIDCHG16? NOIDCHG32: args->sgid;
return (setresgid(td, &bsd));
}
@@ -280,8 +283,8 @@
{
struct setresuid_args bsd;
- bsd.ruid = args->ruid;
- bsd.euid = args->euid;
- bsd.suid = args->suid;
+ bsd.ruid = args->ruid == NOIDCHG16? NOIDCHG32: args->ruid;
+ bsd.euid = args->euid == NOIDCHG16? NOIDCHG32: args->euid;
+ bsd.euid = args->suid == NOIDCHG16? NOIDCHG32: args->suid;
return (setresuid(td, &bsd));
}
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200110080341.f983fCv83034>