Re: enhance sysctl kern.expose_address

[christos%zoulas.com@localhost (Christos Zoulas)]

On Dec 5,  8:45am, thorpej%me.com@localhost (Jason Thorpe) wrote:
-- Subject: Re: enhance sysctl kern.expose_address

| ...also it looks like the kauth callback doesn't handle the "2" case of 
| "everyone can see".

It does, by not break'ing...

| Also, I think the sysctl should validate that the value being set is one of=
|  the allowed values { 0, 1, 2 }.

Sure.

christos

@@ -2603,3 +2623,43 @@ proc_getauxv(struct proc *p, void **buf,
 
 	return 0;
 }
+
+
+static int
+sysctl_security_expose_address(SYSCTLFN_ARGS)
+{
+	int expose_address, error;
+	struct sysctlnode node;
+
+	node = *rnode;
+	node.sysctl_data = &expose_address;
+	expose_address = *(int *)rnode->sysctl_data;
+	error = sysctl_lookup(SYSCTLFN_CALL(&node));
+	if (error || newp == NULL)
+		return error;
+
+	if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_KERNADDR,
+	    0, NULL, NULL, NULL))
+		return EPERM;
+
+	switch (expose_address) {
+	case 0:
+	case 1:
+	case 2:
+		break;
+	default:
+		return EINVAL;
+	}
+
+	*(int *)rnode->sysctl_data = expose_address;
+
+	return 0;
+}
+
+bool
+get_expose_address(struct proc *p)
+{
+	/* allow only if sysctl variable is set or privileged */
+	return kauth_authorize_process(kauth_cred_get(), KAUTH_PROCESS_CANSEE,
+	    p, KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_KPTR), NULL, NULL) == 0;
+}