Loading...
iokit/Kernel/IOUserClient.cpp xnu-792.24.17 xnu-792
--- xnu/xnu-792.24.17/iokit/Kernel/IOUserClient.cpp
+++ xnu/xnu-792/iokit/Kernel/IOUserClient.cpp
@@ -22,7 +22,6 @@
 
 
 #include <IOKit/IOKitServer.h>
-#include <IOKit/IOKitKeysPrivate.h>
 #include <IOKit/IOUserClient.h>
 #include <IOKit/IOService.h>
 #include <IOKit/IOService.h>
@@ -758,75 +757,48 @@
     asyncRef[kIOAsyncCalloutRefconIndex] = (natural_t) refcon;
 }
 
-inline OSDictionary * CopyConsoleUser(UInt32 uid)
-{
-	OSArray * array;
-	OSDictionary * user = 0; 
+IOReturn IOUserClient::clientHasPrivilege( void * securityToken,
+                                            const char * privilegeName )
+{
+    kern_return_t	   kr;
+    security_token_t	   token;
+    mach_msg_type_number_t count;
+
+    count = TASK_SECURITY_TOKEN_COUNT;
+    kr = task_info( (task_t) securityToken, TASK_SECURITY_TOKEN,
+		    (task_info_t) &token, &count );
+
+    if (KERN_SUCCESS != kr)
+    {}
+    else if (!strcmp(privilegeName, kIOClientPrivilegeAdministrator))
+    {
+	if (0 != token.val[0])
+	    kr = kIOReturnNotPrivileged;
+    }
+    else if (!strcmp(privilegeName, kIOClientPrivilegeLocalUser))
+    {
+	OSArray *      array;
+	OSDictionary * user = 0;
 
 	if ((array = OSDynamicCast(OSArray,
 	    IORegistryEntry::getRegistryRoot()->copyProperty(gIOConsoleUsersKey))))
 	{
 	    for (unsigned int idx = 0;
 		    (user = OSDynamicCast(OSDictionary, array->getObject(idx)));
-		    idx++) {
-            OSNumber * num;
-            
-            if ((num = OSDynamicCast(OSNumber, user->getObject(gIOConsoleSessionUIDKey)))
-              && (uid == num->unsigned32BitValue())) {
-                user->retain();
-                break;
-            }
+		    idx++)
+	    {
+		OSNumber * num;
+		if ((num = OSDynamicCast(OSNumber, user->getObject(gIOConsoleSessionUIDKey)))
+		  && (token.val[0] == num->unsigned32BitValue()))
+		    break;
 	    }
 	    array->release();
 	}
-    return user;
-}
-
-IOReturn IOUserClient::clientHasPrivilege( void * securityToken,
-                                            const char * privilegeName )
-{
-    kern_return_t           kr;
-    security_token_t        token;
-    mach_msg_type_number_t  count;
-    task_t                  task;
-    OSDictionary *          user;
-    bool                    secureConsole;
-
-    if ((secureConsole = !strcmp(privilegeName, kIOClientPrivilegeSecureConsoleProcess)))
-        task = (task_t)((IOUCProcessToken *)securityToken)->token;
+	if (!user)
+	    kr = kIOReturnNotPrivileged;
+    }
     else
-        task = (task_t)securityToken;
-    
-    count = TASK_SECURITY_TOKEN_COUNT;
-    kr = task_info( task, TASK_SECURITY_TOKEN, (task_info_t) &token, &count );
-
-    if (KERN_SUCCESS != kr)
-    {}
-    else if (!strcmp(privilegeName, kIOClientPrivilegeAdministrator)) {
-        if (0 != token.val[0])
-            kr = kIOReturnNotPrivileged;
-    } else if (!strcmp(privilegeName, kIOClientPrivilegeLocalUser)) {
-        user = CopyConsoleUser(token.val[0]);
-        if ( user )
-            user->release();
-        else
-            kr = kIOReturnNotPrivileged;            
-    } else if (secureConsole || !strcmp(privilegeName, kIOClientPrivilegeConsoleUser)) {
-        user = CopyConsoleUser(token.val[0]);
-        if ( user ) {
-            if (user->getObject(gIOConsoleSessionOnConsoleKey) != kOSBooleanTrue)
-                kr = kIOReturnNotPrivileged;
-            else if ( secureConsole ) {
-                OSNumber * pid = OSDynamicCast(OSNumber, user->getObject(gIOConsoleSessionSecureInputPIDKey));
-                if ( pid && pid->unsigned32BitValue() != ((IOUCProcessToken *)securityToken)->pid)
-                    kr = kIOReturnNotPrivileged;
-            }
-            user->release();
-        }
-        else 
-            kr = kIOReturnNotPrivileged;
-    } else
-        kr = kIOReturnUnsupported;
+	kr = kIOReturnUnsupported;
 
     return (kr);
 }