The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/sys/priv.h

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
    3  *
    4  * Copyright (c) 2006 nCircle Network Security, Inc.
    5  * All rights reserved.
    6  *
    7  * This software was developed by Robert N. M. Watson for the TrustedBSD
    8  * Project under contract to nCircle Network Security, Inc.
    9  *
   10  * Redistribution and use in source and binary forms, with or without
   11  * modification, are permitted provided that the following conditions
   12  * are met:
   13  * 1. Redistributions of source code must retain the above copyright
   14  *    notice, this list of conditions and the following disclaimer.
   15  * 2. Redistributions in binary form must reproduce the above copyright
   16  *    notice, this list of conditions and the following disclaimer in the
   17  *    documentation and/or other materials provided with the distribution.
   18  *
   19  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
   20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR, NCIRCLE NETWORK SECURITY,
   23  * INC., OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
   24  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
   25  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
   26  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
   27  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
   28  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
   29  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
   30  *
   31  * $FreeBSD$
   32  */
   33 
   34 /*
   35  * Privilege checking interface for BSD kernel.
   36  */
   37 #ifndef _SYS_PRIV_H_
   38 #define _SYS_PRIV_H_
   39 
   40 /*
   41  * Privilege list, sorted loosely by kernel subsystem.
   42  *
   43  * Think carefully before adding or reusing one of these privileges -- are
   44  * there existing instances referring to the same privilege?  Third party
   45  * vendors may request the assignment of privileges to be used in loadable
   46  * modules.  Particular numeric privilege assignments are part of the
   47  * loadable kernel module ABI, and should not be changed across minor
   48  * releases.
   49  *
   50  * When adding a new privilege, remember to determine if it's appropriate
   51  * for use in jail, and update the privilege switch in prison_priv_check()
   52  * in kern_jail.c as necessary.
   53  */
   54 
   55 /*
   56  * Track beginning of privilege list.
   57  */
   58 #define _PRIV_LOWEST    1
   59 
   60 /*
   61  * The remaining privileges typically correspond to one or a small
   62  * number of specific privilege checks, and have (relatively) precise
   63  * meanings.  They are loosely sorted into a set of base system
   64  * privileges, such as the ability to reboot, and then loosely by
   65  * subsystem, indicated by a subsystem name.
   66  */
   67 #define _PRIV_ROOT              1       /* Removed. */
   68 #define PRIV_ACCT               2       /* Manage process accounting. */
   69 #define PRIV_MAXFILES           3       /* Exceed system open files limit. */
   70 #define PRIV_MAXPROC            4       /* Exceed system processes limit. */
   71 #define PRIV_KTRACE             5       /* Set/clear KTRFAC_ROOT on ktrace. */
   72 #define PRIV_SETDUMPER          6       /* Configure dump device. */
   73 #define PRIV_REBOOT             8       /* Can reboot system. */
   74 #define PRIV_SWAPON             9       /* Can swapon(). */
   75 #define PRIV_SWAPOFF            10      /* Can swapoff(). */
   76 #define PRIV_MSGBUF             11      /* Can read kernel message buffer. */
   77 #define PRIV_IO                 12      /* Can perform low-level I/O. */
   78 #define PRIV_KEYBOARD           13      /* Reprogram keyboard. */
   79 #define PRIV_DRIVER             14      /* Low-level driver privilege. */
   80 #define PRIV_ADJTIME            15      /* Set time adjustment. */
   81 #define PRIV_NTP_ADJTIME        16      /* Set NTP time adjustment. */
   82 #define PRIV_CLOCK_SETTIME      17      /* Can call clock_settime. */
   83 #define PRIV_SETTIMEOFDAY       18      /* Can call settimeofday. */
   84 #define _PRIV_SETHOSTID         19      /* Removed. */
   85 #define _PRIV_SETDOMAINNAME     20      /* Removed. */
   86 
   87 /*
   88  * Audit subsystem privileges.
   89  */
   90 #define PRIV_AUDIT_CONTROL      40      /* Can configure audit. */
   91 #define PRIV_AUDIT_FAILSTOP     41      /* Can run during audit fail stop. */
   92 #define PRIV_AUDIT_GETAUDIT     42      /* Can get proc audit properties. */
   93 #define PRIV_AUDIT_SETAUDIT     43      /* Can set proc audit properties. */
   94 #define PRIV_AUDIT_SUBMIT       44      /* Can submit an audit record. */
   95 
   96 /*
   97  * Credential management privileges.
   98  */
   99 #define PRIV_CRED_SETUID        50      /* setuid. */
  100 #define PRIV_CRED_SETEUID       51      /* seteuid to !ruid and !svuid. */
  101 #define PRIV_CRED_SETGID        52      /* setgid. */
  102 #define PRIV_CRED_SETEGID       53      /* setgid to !rgid and !svgid. */
  103 #define PRIV_CRED_SETGROUPS     54      /* Set process additional groups. */
  104 #define PRIV_CRED_SETREUID      55      /* setreuid. */
  105 #define PRIV_CRED_SETREGID      56      /* setregid. */
  106 #define PRIV_CRED_SETRESUID     57      /* setresuid. */
  107 #define PRIV_CRED_SETRESGID     58      /* setresgid. */
  108 #define PRIV_SEEOTHERGIDS       59      /* Exempt bsd.seeothergids. */
  109 #define PRIV_SEEOTHERUIDS       60      /* Exempt bsd.seeotheruids. */
  110 
  111 /*
  112  * Debugging privileges.
  113  */
  114 #define PRIV_DEBUG_DIFFCRED     80      /* Exempt debugging other users. */
  115 #define PRIV_DEBUG_SUGID        81      /* Exempt debugging setuid proc. */
  116 #define PRIV_DEBUG_UNPRIV       82      /* Exempt unprivileged debug limit. */
  117 #define PRIV_DEBUG_DENIED       83      /* Exempt P2_NOTRACE. */
  118 
  119 /*
  120  * Dtrace privileges.
  121  */
  122 #define PRIV_DTRACE_KERNEL      90      /* Allow use of DTrace on the kernel. */
  123 #define PRIV_DTRACE_PROC        91      /* Allow attaching DTrace to process. */
  124 #define PRIV_DTRACE_USER        92      /* Process may submit DTrace events. */
  125 
  126 /*
  127  * Firmware privilegs.
  128  */
  129 #define PRIV_FIRMWARE_LOAD      100     /* Can load firmware. */
  130 
  131 /*
  132  * Jail privileges.
  133  */
  134 #define PRIV_JAIL_ATTACH        110     /* Attach to a jail. */
  135 #define PRIV_JAIL_SET           111     /* Set jail parameters. */
  136 #define PRIV_JAIL_REMOVE        112     /* Remove a jail. */
  137 
  138 /*
  139  * Kernel environment privileges.
  140  */
  141 #define PRIV_KENV_SET           120     /* Set kernel env. variables. */
  142 #define PRIV_KENV_UNSET         121     /* Unset kernel env. variables. */
  143 
  144 /*
  145  * Loadable kernel module privileges.
  146  */
  147 #define PRIV_KLD_LOAD           130     /* Load a kernel module. */
  148 #define PRIV_KLD_UNLOAD         131     /* Unload a kernel module. */
  149 
  150 /*
  151  * Privileges associated with the MAC Framework and specific MAC policy
  152  * modules.
  153  */
  154 #define PRIV_MAC_PARTITION      140     /* Privilege in mac_partition policy. */
  155 #define PRIV_MAC_PRIVS          141     /* Privilege in the mac_privs policy. */
  156 
  157 /*
  158  * Process-related privileges.
  159  */
  160 #define PRIV_PROC_LIMIT         160     /* Exceed user process limit. */
  161 #define PRIV_PROC_SETLOGIN      161     /* Can call setlogin. */
  162 #define PRIV_PROC_SETRLIMIT     162     /* Can raise resources limits. */
  163 #define PRIV_PROC_SETLOGINCLASS 163     /* Can call setloginclass(2). */
  164 
  165 /*
  166  * System V IPC privileges.
  167  */
  168 #define PRIV_IPC_READ           170     /* Can override IPC read perm. */
  169 #define PRIV_IPC_WRITE          171     /* Can override IPC write perm. */
  170 #define PRIV_IPC_ADMIN          172     /* Can override IPC owner-only perm. */
  171 #define PRIV_IPC_MSGSIZE        173     /* Exempt IPC message queue limit. */
  172 
  173 /*
  174  * POSIX message queue privileges.
  175  */
  176 #define PRIV_MQ_ADMIN           180     /* Can override msgq owner-only perm. */
  177 
  178 /*
  179  * Performance monitoring counter privileges.
  180  */
  181 #define PRIV_PMC_MANAGE         190     /* Can administer PMC. */
  182 #define PRIV_PMC_SYSTEM         191     /* Can allocate a system-wide PMC. */
  183 
  184 /*
  185  * Scheduling privileges.
  186  */
  187 #define PRIV_SCHED_DIFFCRED     200     /* Exempt scheduling other users. */
  188 #define PRIV_SCHED_SETPRIORITY  201     /* Can set lower nice value for proc. */
  189 #define PRIV_SCHED_RTPRIO       202     /* Can set real time scheduling. */
  190 #define PRIV_SCHED_SETPOLICY    203     /* Can set scheduler policy. */
  191 #define PRIV_SCHED_SET          204     /* Can set thread scheduler. */
  192 #define PRIV_SCHED_SETPARAM     205     /* Can set thread scheduler params. */
  193 #define PRIV_SCHED_CPUSET       206     /* Can manipulate cpusets. */
  194 #define PRIV_SCHED_CPUSET_INTR  207     /* Can adjust IRQ to CPU binding. */
  195 
  196 /*
  197  * POSIX semaphore privileges.
  198  */
  199 #define PRIV_SEM_WRITE          220     /* Can override sem write perm. */
  200 
  201 /*
  202  * Signal privileges.
  203  */
  204 #define PRIV_SIGNAL_DIFFCRED    230     /* Exempt signalling other users. */
  205 #define PRIV_SIGNAL_SUGID       231     /* Non-conserv signal setuid proc. */
  206 
  207 /*
  208  * Sysctl privileges.
  209  */
  210 #define PRIV_SYSCTL_DEBUG       240     /* Can invoke sysctl.debug. */
  211 #define PRIV_SYSCTL_WRITE       241     /* Can write sysctls. */
  212 #define PRIV_SYSCTL_WRITEJAIL   242     /* Can write sysctls, jail permitted. */
  213 
  214 /*
  215  * TTY privileges.
  216  */
  217 #define PRIV_TTY_CONSOLE        250     /* Set console to tty. */
  218 #define PRIV_TTY_DRAINWAIT      251     /* Set tty drain wait time. */
  219 #define PRIV_TTY_DTRWAIT        252     /* Set DTR wait on tty. */
  220 #define PRIV_TTY_EXCLUSIVE      253     /* Override tty exclusive flag. */
  221 #define _PRIV_TTY_PRISON        254     /* Removed. */
  222 #define PRIV_TTY_STI            255     /* Simulate input on another tty. */
  223 #define PRIV_TTY_SETA           256     /* Set tty termios structure. */
  224 
  225 /*
  226  * UFS-specific privileges.
  227  */
  228 #define PRIV_UFS_EXTATTRCTL     270     /* Can configure EAs on UFS1. */
  229 #define PRIV_UFS_QUOTAOFF       271     /* quotaoff(). */
  230 #define PRIV_UFS_QUOTAON        272     /* quotaon(). */
  231 #define PRIV_UFS_SETUSE         273     /* setuse(). */
  232 
  233 /*
  234  * ZFS-specific privileges.
  235  */
  236 #define PRIV_ZFS_POOL_CONFIG    280     /* Can configure ZFS pools. */
  237 #define PRIV_ZFS_INJECT         281     /* Can inject faults in the ZFS fault
  238                                            injection framework. */
  239 #define PRIV_ZFS_JAIL           282     /* Can attach/detach ZFS file systems
  240                                            to/from jails. */
  241 
  242 /*
  243  * NFS-specific privileges.
  244  */
  245 #define PRIV_NFS_DAEMON         290     /* Can become the NFS daemon. */
  246 #define PRIV_NFS_LOCKD          291     /* Can become NFS lock daemon. */
  247 
  248 /*
  249  * VFS privileges.
  250  */
  251 #define PRIV_VFS_READ           310     /* Override vnode DAC read perm. */
  252 #define PRIV_VFS_WRITE          311     /* Override vnode DAC write perm. */
  253 #define PRIV_VFS_ADMIN          312     /* Override vnode DAC admin perm. */
  254 #define PRIV_VFS_EXEC           313     /* Override vnode DAC exec perm. */
  255 #define PRIV_VFS_LOOKUP         314     /* Override vnode DAC lookup perm. */
  256 #define PRIV_VFS_BLOCKRESERVE   315     /* Can use free block reserve. */
  257 #define PRIV_VFS_CHFLAGS_DEV    316     /* Can chflags() a device node. */
  258 #define PRIV_VFS_CHOWN          317     /* Can set user; group to non-member. */
  259 #define PRIV_VFS_CHROOT         318     /* chroot(). */
  260 #define PRIV_VFS_RETAINSUGID    319     /* Can retain sugid bits on change. */
  261 #define PRIV_VFS_EXCEEDQUOTA    320     /* Exempt from quota restrictions. */
  262 #define PRIV_VFS_EXTATTR_SYSTEM 321     /* Operate on system EA namespace. */
  263 #define PRIV_VFS_FCHROOT        322     /* fchroot(). */
  264 #define PRIV_VFS_FHOPEN         323     /* Can fhopen(). */
  265 #define PRIV_VFS_FHSTAT         324     /* Can fhstat(). */
  266 #define PRIV_VFS_FHSTATFS       325     /* Can fhstatfs(). */
  267 #define PRIV_VFS_GENERATION     326     /* stat() returns generation number. */
  268 #define PRIV_VFS_GETFH          327     /* Can retrieve file handles. */
  269 #define PRIV_VFS_GETQUOTA       328     /* getquota(). */
  270 #define PRIV_VFS_LINK           329     /* bsd.hardlink_check_uid */
  271 #define PRIV_VFS_MKNOD_BAD      330     /* Was: mknod() can mark bad inodes. */
  272 #define PRIV_VFS_MKNOD_DEV      331     /* Can mknod() to create dev nodes. */
  273 #define PRIV_VFS_MKNOD_WHT      332     /* Can mknod() to create whiteout. */
  274 #define PRIV_VFS_MOUNT          333     /* Can mount(). */
  275 #define PRIV_VFS_MOUNT_OWNER    334     /* Can manage other users' file systems. */
  276 #define PRIV_VFS_MOUNT_EXPORTED 335     /* Can set MNT_EXPORTED on mount. */
  277 #define PRIV_VFS_MOUNT_PERM     336     /* Override dev node perms at mount. */
  278 #define PRIV_VFS_MOUNT_SUIDDIR  337     /* Can set MNT_SUIDDIR on mount. */
  279 #define PRIV_VFS_MOUNT_NONUSER  338     /* Can perform a non-user mount. */
  280 #define PRIV_VFS_SETGID         339     /* Can setgid if not in group. */
  281 #define PRIV_VFS_SETQUOTA       340     /* setquota(). */
  282 #define PRIV_VFS_STICKYFILE     341     /* Can set sticky bit on file. */
  283 #define PRIV_VFS_SYSFLAGS       342     /* Can modify system flags. */
  284 #define PRIV_VFS_UNMOUNT        343     /* Can unmount(). */
  285 #define PRIV_VFS_STAT           344     /* Override vnode MAC stat perm. */
  286 
  287 /*
  288  * Virtual memory privileges.
  289  */
  290 #define PRIV_VM_MADV_PROTECT    360     /* Can set MADV_PROTECT. */
  291 #define PRIV_VM_MLOCK           361     /* Can mlock(), mlockall(). */
  292 #define PRIV_VM_MUNLOCK         362     /* Can munlock(), munlockall(). */
  293 #define PRIV_VM_SWAP_NOQUOTA    363     /*
  294                                          * Can override the global
  295                                          * swap reservation limits.
  296                                          */
  297 #define PRIV_VM_SWAP_NORLIMIT   364     /*
  298                                          * Can override the per-uid
  299                                          * swap reservation limits.
  300                                          */
  301 
  302 /*
  303  * Device file system privileges.
  304  */
  305 #define PRIV_DEVFS_RULE         370     /* Can manage devfs rules. */
  306 #define PRIV_DEVFS_SYMLINK      371     /* Can create symlinks in devfs. */
  307 
  308 /*
  309  * Random number generator privileges.
  310  */
  311 #define PRIV_RANDOM_RESEED      380     /* Closing /dev/random reseeds. */
  312 
  313 /*
  314  * Network stack privileges.
  315  */
  316 #define PRIV_NET_BRIDGE         390     /* Administer bridge. */
  317 #define PRIV_NET_GRE            391     /* Administer GRE. */
  318 #define _PRIV_NET_PPP           392     /* Removed. */
  319 #define _PRIV_NET_SLIP          393     /* Removed. */
  320 #define PRIV_NET_BPF            394     /* Monitor BPF. */
  321 #define PRIV_NET_RAW            395     /* Open raw socket. */
  322 #define PRIV_NET_ROUTE          396     /* Administer routing. */
  323 #define PRIV_NET_TAP            397     /* Can open tap device. */
  324 #define PRIV_NET_SETIFMTU       398     /* Set interface MTU. */
  325 #define PRIV_NET_SETIFFLAGS     399     /* Set interface flags. */
  326 #define PRIV_NET_SETIFCAP       400     /* Set interface capabilities. */
  327 #define PRIV_NET_SETIFNAME      401     /* Set interface name. */
  328 #define PRIV_NET_SETIFMETRIC    402     /* Set interface metrics. */
  329 #define PRIV_NET_SETIFPHYS      403     /* Set interface physical layer prop. */
  330 #define PRIV_NET_SETIFMAC       404     /* Set interface MAC label. */
  331 #define PRIV_NET_ADDMULTI       405     /* Add multicast addr. to ifnet. */
  332 #define PRIV_NET_DELMULTI       406     /* Delete multicast addr. from ifnet. */
  333 #define PRIV_NET_HWIOCTL        407     /* Issue hardware ioctl on ifnet. */
  334 #define PRIV_NET_SETLLADDR      408     /* Set interface link-level address. */
  335 #define PRIV_NET_ADDIFGROUP     409     /* Add new interface group. */
  336 #define PRIV_NET_DELIFGROUP     410     /* Delete interface group. */
  337 #define PRIV_NET_IFCREATE       411     /* Create cloned interface. */
  338 #define PRIV_NET_IFDESTROY      412     /* Destroy cloned interface. */
  339 #define PRIV_NET_ADDIFADDR      413     /* Add protocol addr to interface. */
  340 #define PRIV_NET_DELIFADDR      414     /* Delete protocol addr on interface. */
  341 #define PRIV_NET_LAGG           415     /* Administer lagg interface. */
  342 #define PRIV_NET_GIF            416     /* Administer gif interface. */
  343 #define PRIV_NET_SETIFVNET      417     /* Move interface to vnet. */
  344 #define PRIV_NET_SETIFDESCR     418     /* Set interface description. */
  345 #define PRIV_NET_SETIFFIB       419     /* Set interface fib. */
  346 #define PRIV_NET_VXLAN          420     /* Administer vxlan. */
  347 #define PRIV_NET_SETLANPCP      421     /* Set LAN priority. */
  348 #define PRIV_NET_SETVLANPCP     PRIV_NET_SETLANPCP /* Alias Set VLAN priority */
  349 #define PRIV_NET_ME             423     /* Administer ME interface. */
  350 
  351 /*
  352  * 802.11-related privileges.
  353  */
  354 #define PRIV_NET80211_VAP_GETKEY        440     /* Query VAP 802.11 keys. */
  355 #define PRIV_NET80211_VAP_MANAGE        441     /* Administer 802.11 VAP */
  356 #define PRIV_NET80211_VAP_SETMAC        442     /* Set VAP MAC address */
  357 #define PRIV_NET80211_CREATE_VAP        443     /* Create a new VAP */
  358 
  359 /*
  360  * Placeholder for AppleTalk privileges, not supported anymore.
  361  */
  362 #define _PRIV_NETATALK_RESERVEDPORT     450     /* Bind low port number. */
  363 
  364 /*
  365  * ATM privileges.
  366  */
  367 #define PRIV_NETATM_CFG         460
  368 #define PRIV_NETATM_ADD         461
  369 #define PRIV_NETATM_DEL         462
  370 #define PRIV_NETATM_SET         463
  371 
  372 /*
  373  * Bluetooth privileges.
  374  */
  375 #define PRIV_NETBLUETOOTH_RAW   470     /* Open raw bluetooth socket. */
  376 
  377 /*
  378  * Netgraph and netgraph module privileges.
  379  */
  380 #define PRIV_NETGRAPH_CONTROL   480     /* Open netgraph control socket. */
  381 #define PRIV_NETGRAPH_TTY       481     /* Configure tty for netgraph. */
  382 
  383 /*
  384  * IPv4 and IPv6 privileges.
  385  */
  386 #define PRIV_NETINET_RESERVEDPORT       490     /* Bind low port number. */
  387 #define PRIV_NETINET_IPFW       491     /* Administer IPFW firewall. */
  388 #define PRIV_NETINET_DIVERT     492     /* Open IP divert socket. */
  389 #define PRIV_NETINET_PF         493     /* Administer pf firewall. */
  390 #define PRIV_NETINET_DUMMYNET   494     /* Administer DUMMYNET. */
  391 #define PRIV_NETINET_CARP       495     /* Administer CARP. */
  392 #define PRIV_NETINET_MROUTE     496     /* Administer multicast routing. */
  393 #define PRIV_NETINET_RAW        497     /* Open netinet raw socket. */
  394 #define PRIV_NETINET_GETCRED    498     /* Query netinet pcb credentials. */
  395 #define PRIV_NETINET_ADDRCTRL6  499     /* Administer IPv6 address scopes. */
  396 #define PRIV_NETINET_ND6        500     /* Administer IPv6 neighbor disc. */
  397 #define PRIV_NETINET_SCOPE6     501     /* Administer IPv6 address scopes. */
  398 #define PRIV_NETINET_ALIFETIME6 502     /* Administer IPv6 address lifetimes. */
  399 #define PRIV_NETINET_IPSEC      503     /* Administer IPSEC. */
  400 #define PRIV_NETINET_REUSEPORT  504     /* Allow [rapid] port/address reuse. */
  401 #define PRIV_NETINET_SETHDROPTS 505     /* Set certain IPv4/6 header options. */
  402 #define PRIV_NETINET_BINDANY    506     /* Allow bind to any address. */
  403 #define PRIV_NETINET_HASHKEY    507     /* Get and set hash keys for IPv4/6. */
  404 
  405 /*
  406  * Placeholders for IPX/SPX privileges, not supported any more.
  407  */
  408 #define _PRIV_NETIPX_RESERVEDPORT       520     /* Bind low port number. */
  409 #define _PRIV_NETIPX_RAW                521     /* Open netipx raw socket. */
  410 
  411 /*
  412  * NCP privileges.
  413  */
  414 #define PRIV_NETNCP             530     /* Use another user's connection. */
  415 
  416 /*
  417  * SMB privileges.
  418  */
  419 #define PRIV_NETSMB             540     /* Use another user's connection. */
  420 
  421 /*
  422  * VM86 privileges.
  423  */
  424 #define PRIV_VM86_INTCALL       550     /* Allow invoking vm86 int handlers. */
  425 
  426 /*
  427  * Set of reserved privilege values, which will be allocated to code as
  428  * needed, in order to avoid renumbering later privileges due to insertion.
  429  */
  430 #define _PRIV_RESERVED0         560
  431 #define _PRIV_RESERVED1         561
  432 #define _PRIV_RESERVED2         562
  433 #define _PRIV_RESERVED3         563
  434 #define _PRIV_RESERVED4         564
  435 #define _PRIV_RESERVED5         565
  436 #define _PRIV_RESERVED6         566
  437 #define _PRIV_RESERVED7         567
  438 #define _PRIV_RESERVED8         568
  439 #define _PRIV_RESERVED9         569
  440 #define _PRIV_RESERVED10        570
  441 #define _PRIV_RESERVED11        571
  442 #define _PRIV_RESERVED12        572
  443 #define _PRIV_RESERVED13        573
  444 #define _PRIV_RESERVED14        574
  445 #define _PRIV_RESERVED15        575
  446 
  447 /*
  448  * Define a set of valid privilege numbers that can be used by loadable
  449  * modules that don't yet have privilege reservations.  Ideally, these should
  450  * not be used, since their meaning is opaque to any policies that are aware
  451  * of specific privileges, such as jail, and as such may be arbitrarily
  452  * denied.
  453  */
  454 #define PRIV_MODULE0            600
  455 #define PRIV_MODULE1            601
  456 #define PRIV_MODULE2            602
  457 #define PRIV_MODULE3            603
  458 #define PRIV_MODULE4            604
  459 #define PRIV_MODULE5            605
  460 #define PRIV_MODULE6            606
  461 #define PRIV_MODULE7            607
  462 #define PRIV_MODULE8            608
  463 #define PRIV_MODULE9            609
  464 #define PRIV_MODULE10           610
  465 #define PRIV_MODULE11           611
  466 #define PRIV_MODULE12           612
  467 #define PRIV_MODULE13           613
  468 #define PRIV_MODULE14           614
  469 #define PRIV_MODULE15           615
  470 
  471 /*
  472  * DDB(4) privileges.
  473  */
  474 #define PRIV_DDB_CAPTURE        620     /* Allow reading of DDB capture log. */
  475 
  476 /*
  477  * Arla/nnpfs privileges.
  478  */
  479 #define PRIV_NNPFS_DEBUG        630     /* Perforn ARLA_VIOC_NNPFSDEBUG. */
  480 
  481 /*
  482  * cpuctl(4) privileges.
  483  */
  484 #define PRIV_CPUCTL_WRMSR       640     /* Write model-specific register. */
  485 #define PRIV_CPUCTL_UPDATE      641     /* Update cpu microcode. */
  486 
  487 /*
  488  * Capi4BSD privileges.
  489  */
  490 #define PRIV_C4B_RESET_CTLR     650     /* Load firmware, reset controller. */
  491 #define PRIV_C4B_TRACE          651     /* Unrestricted CAPI message tracing. */
  492 
  493 /*
  494  * OpenAFS privileges.
  495  */
  496 #define PRIV_AFS_ADMIN          660     /* Can change AFS client settings. */
  497 #define PRIV_AFS_DAEMON         661     /* Can become the AFS daemon. */
  498 
  499 /*
  500  * Resource Limits privileges.
  501  */
  502 #define PRIV_RCTL_GET_RACCT     670
  503 #define PRIV_RCTL_GET_RULES     671
  504 #define PRIV_RCTL_GET_LIMITS    672
  505 #define PRIV_RCTL_ADD_RULE      673
  506 #define PRIV_RCTL_REMOVE_RULE   674
  507 
  508 /*
  509  * mem(4) privileges.
  510  */
  511 #define PRIV_KMEM_READ          680     /* Open mem/kmem for reading. */
  512 #define PRIV_KMEM_WRITE         681     /* Open mem/kmem for writing. */
  513 
  514 /*
  515  * Track end of privilege list.
  516  */
  517 #define _PRIV_HIGHEST           682
  518 
  519 /*
  520  * Validate that a named privilege is known by the privilege system.  Invalid
  521  * privileges presented to the privilege system by a priv_check interface
  522  * will result in a panic.  This is only approximate due to sparse allocation
  523  * of the privilege space.
  524  */
  525 #define PRIV_VALID(x)   ((x) > _PRIV_LOWEST && (x) < _PRIV_HIGHEST)
  526 
  527 #ifdef _KERNEL
  528 /*
  529  * Privilege check interfaces, modeled after historic suser() interfaces, but
  530  * with the addition of a specific privilege name.  No flags are currently
  531  * defined for the API.  Historically, flags specified using the real uid
  532  * instead of the effective uid, and whether or not the check should be
  533  * allowed in jail.
  534  */
  535 struct thread;
  536 struct ucred;
  537 int     priv_check(struct thread *td, int priv);
  538 int     priv_check_cred(struct ucred *cred, int priv, int flags);
  539 #endif
  540 
  541 #endif /* !_SYS_PRIV_H_ */

Cache object: 382722327227812f8790bade9dd76a3f


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.