Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/secmodel/suser Make this file a little bit smaller by co...



details:   https://anonhg.NetBSD.org/src/rev/1868e4c2b201
branches:  trunk
changeset: 747846:1868e4c2b201
user:      elad <elad%NetBSD.org@localhost>
date:      Sat Oct 03 02:06:11 2009 +0000

description:
Make this file a little bit smaller by collapsing cases.

diffstat:

 sys/secmodel/suser/secmodel_suser.c |  108 ++++++-----------------------------
 1 files changed, 20 insertions(+), 88 deletions(-)

diffs (192 lines):

diff -r 578c2e573e9b -r 1868e4c2b201 sys/secmodel/suser/secmodel_suser.c
--- a/sys/secmodel/suser/secmodel_suser.c       Sat Oct 03 02:01:12 2009 +0000
+++ b/sys/secmodel/suser/secmodel_suser.c       Sat Oct 03 02:06:11 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_suser.c,v 1.22 2009/10/03 02:01:12 elad Exp $ */
+/* $NetBSD: secmodel_suser.c,v 1.23 2009/10/03 02:06:11 elad Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <elad%NetBSD.org@localhost>
  * All rights reserved.
@@ -38,7 +38,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.22 2009/10/03 02:01:12 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.23 2009/10/03 02:06:11 elad Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -444,6 +444,8 @@
        case KAUTH_SYSTEM_CHROOT:
        case KAUTH_SYSTEM_FILEHANDLE:
        case KAUTH_SYSTEM_MKNOD:
+       case KAUTH_SYSTEM_SETIDCORE:
+       case KAUTH_SYSTEM_MODULE:
                if (isroot)
                        result = KAUTH_RESULT_ALLOW;
                break;
@@ -459,18 +461,6 @@
 
                break;
 
-       case KAUTH_SYSTEM_SETIDCORE:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-
-               break;
-
-       case KAUTH_SYSTEM_MODULE:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-
-               break;
-
        default:
                break;
        }
@@ -499,6 +489,15 @@
 
        switch (action) {
        case KAUTH_PROCESS_SIGNAL:
+       case KAUTH_PROCESS_KTRACE:
+       case KAUTH_PROCESS_PROCFS:
+       case KAUTH_PROCESS_PTRACE:
+       case KAUTH_PROCESS_SCHEDULER_GETPARAM:
+       case KAUTH_PROCESS_SCHEDULER_SETPARAM:
+       case KAUTH_PROCESS_SCHEDULER_SETAFFINITY:
+       case KAUTH_PROCESS_SETID:
+       case KAUTH_PROCESS_KEVENT_FILTER:
+       case KAUTH_PROCESS_NICE:
                if (isroot)
                        result = KAUTH_RESULT_ALLOW;
 
@@ -538,24 +537,6 @@
                break;
                }
 
-       case KAUTH_PROCESS_KTRACE:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-
-               break;
-
-       case KAUTH_PROCESS_PROCFS:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-
-               break;
-
-       case KAUTH_PROCESS_PTRACE:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-
-               break;
-
        case KAUTH_PROCESS_CORENAME:
                if (isroot || proc_uidmatch(cred, p->p_cred) == 0)
                        result = KAUTH_RESULT_ALLOW;
@@ -578,18 +559,6 @@
                break;
                }
 
-       case KAUTH_PROCESS_KEVENT_FILTER:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-
-               break;
-
-       case KAUTH_PROCESS_NICE:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-
-               break;
-
        case KAUTH_PROCESS_RLIMIT: {
                enum kauth_process_req req;
 
@@ -610,19 +579,6 @@
                break;
                }
 
-       case KAUTH_PROCESS_SCHEDULER_GETPARAM:
-       case KAUTH_PROCESS_SCHEDULER_SETPARAM:
-       case KAUTH_PROCESS_SCHEDULER_SETAFFINITY:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-
-               break;
-
-       case KAUTH_PROCESS_SETID:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-               break;
-
        case KAUTH_PROCESS_STOPFLAG:
                if (isroot || proc_uidmatch(cred, p->p_cred) == 0) {
                        result = KAUTH_RESULT_ALLOW;
@@ -698,6 +654,7 @@
                break;
 
        case KAUTH_NETWORK_FORWSRCRT:
+       case KAUTH_NETWORK_ROUTE:
                if (isroot)
                        result = KAUTH_RESULT_ALLOW;
 
@@ -782,12 +739,6 @@
                }
                break;
 
-       case KAUTH_NETWORK_ROUTE:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-
-               break;
-
        case KAUTH_NETWORK_SOCKET:
                switch (req) {
                case KAUTH_REQ_NETWORK_SOCKET_DROP:
@@ -893,6 +844,12 @@
        case KAUTH_DEVICE_BLUETOOTH_SETPRIV:
        case KAUTH_DEVICE_BLUETOOTH_SEND:
        case KAUTH_DEVICE_BLUETOOTH_RECV:
+       case KAUTH_DEVICE_TTY_OPEN:
+       case KAUTH_DEVICE_TTY_PRIVSET:
+       case KAUTH_DEVICE_TTY_STI:
+       case KAUTH_DEVICE_RND_ADDDATA:
+       case KAUTH_DEVICE_RND_GETPRIV:
+       case KAUTH_DEVICE_RND_SETPRIV:
                if (isroot)
                        result = KAUTH_RESULT_ALLOW;
                break;
@@ -927,31 +884,6 @@
                result = KAUTH_RESULT_ALLOW;
                break;
 
-       case KAUTH_DEVICE_TTY_OPEN:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-
-               break;
-
-       case KAUTH_DEVICE_TTY_PRIVSET:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-
-               break;
-
-       case KAUTH_DEVICE_TTY_STI:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-
-               break;
-
-       case KAUTH_DEVICE_RND_ADDDATA:
-       case KAUTH_DEVICE_RND_GETPRIV:
-       case KAUTH_DEVICE_RND_SETPRIV:
-               if (isroot)
-                       result = KAUTH_RESULT_ALLOW;
-               break;
-
        case KAUTH_DEVICE_GPIO_PINSET:
                /*
                 * root can access gpio pins, secmodel_securlevel can veto



Home | Main Index | Thread Index | Old Index