Loading...
--- xnu/xnu-792.24.17/iokit/Kernel/IOUserClient.cpp
+++ xnu/xnu-792/iokit/Kernel/IOUserClient.cpp
@@ -22,7 +22,6 @@
#include <IOKit/IOKitServer.h>
-#include <IOKit/IOKitKeysPrivate.h>
#include <IOKit/IOUserClient.h>
#include <IOKit/IOService.h>
#include <IOKit/IOService.h>
@@ -758,75 +757,48 @@
asyncRef[kIOAsyncCalloutRefconIndex] = (natural_t) refcon;
}
-inline OSDictionary * CopyConsoleUser(UInt32 uid)
-{
- OSArray * array;
- OSDictionary * user = 0;
+IOReturn IOUserClient::clientHasPrivilege( void * securityToken,
+ const char * privilegeName )
+{
+ kern_return_t kr;
+ security_token_t token;
+ mach_msg_type_number_t count;
+
+ count = TASK_SECURITY_TOKEN_COUNT;
+ kr = task_info( (task_t) securityToken, TASK_SECURITY_TOKEN,
+ (task_info_t) &token, &count );
+
+ if (KERN_SUCCESS != kr)
+ {}
+ else if (!strcmp(privilegeName, kIOClientPrivilegeAdministrator))
+ {
+ if (0 != token.val[0])
+ kr = kIOReturnNotPrivileged;
+ }
+ else if (!strcmp(privilegeName, kIOClientPrivilegeLocalUser))
+ {
+ OSArray * array;
+ OSDictionary * user = 0;
if ((array = OSDynamicCast(OSArray,
IORegistryEntry::getRegistryRoot()->copyProperty(gIOConsoleUsersKey))))
{
for (unsigned int idx = 0;
(user = OSDynamicCast(OSDictionary, array->getObject(idx)));
- idx++) {
- OSNumber * num;
-
- if ((num = OSDynamicCast(OSNumber, user->getObject(gIOConsoleSessionUIDKey)))
- && (uid == num->unsigned32BitValue())) {
- user->retain();
- break;
- }
+ idx++)
+ {
+ OSNumber * num;
+ if ((num = OSDynamicCast(OSNumber, user->getObject(gIOConsoleSessionUIDKey)))
+ && (token.val[0] == num->unsigned32BitValue()))
+ break;
}
array->release();
}
- return user;
-}
-
-IOReturn IOUserClient::clientHasPrivilege( void * securityToken,
- const char * privilegeName )
-{
- kern_return_t kr;
- security_token_t token;
- mach_msg_type_number_t count;
- task_t task;
- OSDictionary * user;
- bool secureConsole;
-
- if ((secureConsole = !strcmp(privilegeName, kIOClientPrivilegeSecureConsoleProcess)))
- task = (task_t)((IOUCProcessToken *)securityToken)->token;
+ if (!user)
+ kr = kIOReturnNotPrivileged;
+ }
else
- task = (task_t)securityToken;
-
- count = TASK_SECURITY_TOKEN_COUNT;
- kr = task_info( task, TASK_SECURITY_TOKEN, (task_info_t) &token, &count );
-
- if (KERN_SUCCESS != kr)
- {}
- else if (!strcmp(privilegeName, kIOClientPrivilegeAdministrator)) {
- if (0 != token.val[0])
- kr = kIOReturnNotPrivileged;
- } else if (!strcmp(privilegeName, kIOClientPrivilegeLocalUser)) {
- user = CopyConsoleUser(token.val[0]);
- if ( user )
- user->release();
- else
- kr = kIOReturnNotPrivileged;
- } else if (secureConsole || !strcmp(privilegeName, kIOClientPrivilegeConsoleUser)) {
- user = CopyConsoleUser(token.val[0]);
- if ( user ) {
- if (user->getObject(gIOConsoleSessionOnConsoleKey) != kOSBooleanTrue)
- kr = kIOReturnNotPrivileged;
- else if ( secureConsole ) {
- OSNumber * pid = OSDynamicCast(OSNumber, user->getObject(gIOConsoleSessionSecureInputPIDKey));
- if ( pid && pid->unsigned32BitValue() != ((IOUCProcessToken *)securityToken)->pid)
- kr = kIOReturnNotPrivileged;
- }
- user->release();
- }
- else
- kr = kIOReturnNotPrivileged;
- } else
- kr = kIOReturnUnsupported;
+ kr = kIOReturnUnsupported;
return (kr);
}