Subject: Re: kauth machdep actions (Re: CVS commit: src)
To: Bill Studenmund <wrstuden@netbsd.org>
From: Elad Efrat <elad@NetBSD.org>
List: tech-kern
Date: 12/24/2006 14:18:57
This is a multi-part message in MIME format.
--------------090201040001070306020305
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Bill Studenmund wrote:
> On Sun, Dec 24, 2006 at 07:17:38AM +1100, matthew green wrote:
>> i think all these requests are basically the same scope so putting
>> them all under the same style request seems sane. the current
>> inconsistent set of checking is not sane.
>
> I agree. Also, it could well be that our current behavior stems from lack
> of code copying. ;-)
fwiw, they are already under the same scope, using the same style... the
question was whether we want to assume that requests with a similar name
("access to unmanaged memory", "get mtrr", etc.) will be handled the
same regardless of arch.
the current code suggests that's not the case. I queried about this
(possible mistake) in the past, but now it seems that there's a stronger
consensus to unify them -- for which I'm happy.
attached is a diff that:
- removes 'enum kauth_machdep_req' and any use of it
- moves requests a level up, making them all actions:
KAUTH_MACHDEP_IOPERM_GET
KAUTH_MACHDEP_IOPERM_SET
KAUTH_MACHDEP_IOPL
KAUTH_MACHDEP_LDT_GET
KAUTH_MACHDEP_LDT_SET
KAUTH_MACHDEP_MTRR_GET
KAUTH_MACHDEP_MTRR_SET
KAUTH_MACHDEP_UNMANAGEDMEM
- converts sys/arch/* code to use the above.
- adapts secmodel code to the changes, unifying the security policy
for them:
KAUTH_MACHDEP_IOPERM_GET - allow always
KAUTH_MACHDEP_IOPERM_SET - superuser, securelevel < 1 only
KAUTH_MACHDEP_IOPL - superuser, securelevel < 1 only
KAUTH_MACHDEP_LDT_GET - allow always (new action)
KAUTH_MACHDEP_LDT_SET - allow always (new action)
KAUTH_MACHDEP_MTRR_GET - allow always (*)
KAUTH_MACHDEP_MTRR_SET - superuser only
KAUTH_MACHDEP_UNMANAGEDMEM - superuser, securelevel < 0 only (*)
notes:
* amd64 code for netbsd32 emulation used to deny MTRR_GET for non-root
users. I assumed this was a copy/paste error, so the new policy
always allows MTRR_GET.
* access to unmanaged memory was unified, to check both superuser and
securelevel. some ports (sun3, hp300, see my original message about
that) are still not checking either -- these are subject to future
work, shall we decide to adapt them to the said policy.
please review; if we'll be doing this, it should go to netbsd-4 too.
-e.
--------------090201040001070306020305
Content-Type: text/plain;
name="1.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="1.diff"
Index: sys/arch/alpha/alpha/machdep.c
===================================================================
RCS file: /usr/cvs/src/sys/arch/alpha/alpha/machdep.c,v
retrieving revision 1.290
diff -u -p -r1.290 machdep.c
--- sys/arch/alpha/alpha/machdep.c 22 Nov 2006 12:12:51 -0000 1.290
+++ sys/arch/alpha/alpha/machdep.c 23 Dec 2006 08:09:35 -0000
@@ -1892,8 +1892,8 @@ alpha_pa_access(pa)
* Address is not a memory address. If we're secure, disallow
* access. Otherwise, grant read/write.
*/
- if (kauth_authorize_machdep(kauth_cred_get(), KAUTH_MACHDEP_ALPHA,
- KAUTH_REQ_MACHDEP_ALPHA_UNMANAGEDMEM, NULL, NULL, NULL) != 0)
+ if (kauth_authorize_machdep(kauth_cred_get(),
+ KAUTH_MACHDEP_UNMANAGEDMEM, NULL, NULL, NULL, NULL) != 0)
return (PROT_NONE);
else
return (PROT_READ | PROT_WRITE);
Index: sys/arch/amd64/amd64/netbsd32_machdep.c
===================================================================
RCS file: /usr/cvs/src/sys/arch/amd64/amd64/netbsd32_machdep.c,v
retrieving revision 1.30
diff -u -p -r1.30 netbsd32_machdep.c
--- sys/arch/amd64/amd64/netbsd32_machdep.c 21 Nov 2006 15:02:18 -0000 1.30
+++ sys/arch/amd64/amd64/netbsd32_machdep.c 23 Dec 2006 09:48:43 -0000
@@ -616,11 +616,10 @@ x86_64_get_mtrr32(struct lwp *l, void *a
if (mtrr_funcs == NULL)
return ENOSYS;
- /* XXX this looks like a copy/paste error. */
- error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_X86_64,
- KAUTH_REQ_MACHDEP_X86_64_MTRR_GET, NULL, NULL, NULL);
- if (error != 0)
- return error;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_MTRR_GET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
error = copyin(args, &args32, sizeof args32);
if (error != 0)
@@ -684,10 +683,10 @@ x86_64_set_mtrr32(struct lwp *l, void *a
if (mtrr_funcs == NULL)
return ENOSYS;
- error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_X86,
- KAUTH_REQ_MACHDEP_X86_MTRR_SET, NULL, NULL, NULL);
- if (error != 0)
- return error;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_MTRR_SET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
error = copyin(args, &args32, sizeof args32);
if (error != 0)
Index: sys/arch/amd64/amd64/sys_machdep.c
===================================================================
RCS file: /usr/cvs/src/sys/arch/amd64/amd64/sys_machdep.c,v
retrieving revision 1.9
diff -u -p -r1.9 sys_machdep.c
--- sys/arch/amd64/amd64/sys_machdep.c 19 Sep 2006 22:03:10 -0000 1.9
+++ sys/arch/amd64/amd64/sys_machdep.c 23 Dec 2006 10:08:09 -0000
@@ -157,6 +157,11 @@ i386_get_ldt(struct lwp *l, void *args,
union descriptor *lp, *cp;
struct i386_get_ldt_args ua;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_LDT_GET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
+
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return (error);
@@ -225,6 +230,11 @@ i386_set_ldt(l, args, retval)
size_t old_len, new_len, ldt_len;
union descriptor *old_ldt, *new_ldt;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_LDT_SET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
+
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return (error);
@@ -392,9 +402,10 @@ x86_64_iopl(l, args, retval)
struct trapframe *tf = l->l_md.md_regs;
struct x86_64_iopl_args ua;
- if (kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_X86,
- KAUTH_REQ_MACHDEP_X86_IOPL, NULL, NULL, NULL))
- return EPERM;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_IOPL,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return error;
@@ -419,6 +430,11 @@ x86_64_get_ioperm(p, args, retval)
struct pcb *pcb = &p->p_addr->u_pcb;
struct x86_64_get_ioperm_args ua;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_IOPERM_GET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
+
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return (error);
@@ -435,9 +451,10 @@ x86_64_set_ioperm(p, args, retval)
struct pcb *pcb = &p->p_addr->u_pcb;
struct x86_64_set_ioperm_args ua;
- if (kauth_authorize_machdep(p->p_cred, KAUTH_MACHDEP_X86,
- KAUTH_REQ_MACHDEP_X86_IOPERM, NULL, NULL, NULL))
- return EPERM;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_IOPERM_SET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return (error);
@@ -458,6 +475,11 @@ x86_64_get_mtrr(struct lwp *l, void *arg
if (mtrr_funcs == NULL)
return ENOSYS;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_MTRR_GET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
+
error = copyin(args, &ua, sizeof ua);
if (error != 0)
return error;
@@ -482,10 +504,10 @@ x86_64_set_mtrr(struct lwp *l, void *arg
if (mtrr_funcs == NULL)
return ENOSYS;
- error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_X86,
- KAUTH_REQ_MACHDEP_X86_MTRR_SET, NULL, NULL, NULL);
- if (error != 0)
- return error;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_MTRR_SET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
error = copyin(args, &ua, sizeof ua);
if (error != 0)
@@ -519,11 +541,13 @@ sys_sysarch(l, v, retval)
switch(SCARG(uap, op)) {
#if defined(USER_LDT) && 0
- case X86_64_GET_LDT:
+ case X86_64_GET_LDT:
+ /* XXX will need kauth_authorize_machdep() if added */
error = x86_64_get_ldt(l, SCARG(uap, parms), retval);
break;
- case X86_64_SET_LDT:
+ case X86_64_SET_LDT:
+ /* XXX will need kauth_authorize_machdep() if added */
error = x86_64_set_ldt(l, SCARG(uap, parms), retval);
break;
#endif
@@ -536,7 +560,7 @@ sys_sysarch(l, v, retval)
error = x86_64_get_ioperm(l, SCARG(uap, parms), retval);
break;
- case X86_64_SET_IOPERM:
+ case X86_64_SET_IOPERM:
error = x86_64_set_ioperm(l, SCARG(uap, parms), retval);
break;
#endif
Index: sys/arch/arm/arm32/mem.c
===================================================================
RCS file: /usr/cvs/src/sys/arch/arm/arm32/mem.c,v
retrieving revision 1.16
diff -u -p -r1.16 mem.c
--- sys/arch/arm/arm32/mem.c 22 Dec 2006 11:13:21 -0000 1.16
+++ sys/arch/arm/arm32/mem.c 23 Dec 2006 08:30:22 -0000
@@ -220,8 +220,7 @@ mmmmap(dev, off, prot)
/* minor device 0 is physical memory */
if (off >= ctob(physmem) && kauth_authorize_machdep(l->l_cred,
- KAUTH_MACHDEP_ARM, KAUTH_REQ_MACHDEP_ARM_UNMANAGEDMEM, NULL,
- NULL, NULL) != 0)
+ KAUTH_MACHDEP_UNMANAGEDMEM, NULL, NULL, NULL, NULL) != 0)
return -1;
return arm_btop(off);
}
Index: sys/arch/i386/i386/sys_machdep.c
===================================================================
RCS file: /usr/cvs/src/sys/arch/i386/i386/sys_machdep.c,v
retrieving revision 1.78
diff -u -p -r1.78 sys_machdep.c
--- sys/arch/i386/i386/sys_machdep.c 16 Nov 2006 01:32:38 -0000 1.78
+++ sys/arch/i386/i386/sys_machdep.c 23 Dec 2006 09:44:08 -0000
@@ -119,6 +119,11 @@ i386_get_ldt(l, args, retval)
union descriptor *lp, *cp;
struct i386_get_ldt_args ua;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_LDT_GET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
+
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return (error);
@@ -187,6 +192,11 @@ i386_set_ldt(l, args, retval)
size_t old_len, new_len, ldt_len;
union descriptor *old_ldt, *new_ldt;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_LDT_SET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
+
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return (error);
@@ -351,10 +361,10 @@ i386_iopl(struct lwp *l, void *args, reg
struct trapframe *tf = l->l_md.md_regs;
struct i386_iopl_args ua;
- if ((error = kauth_authorize_machdep(l->l_cred,
- KAUTH_MACHDEP_X86, KAUTH_REQ_MACHDEP_X86_IOPL,
- NULL, NULL, NULL)) != 0)
- return error;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_IOPL,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return error;
@@ -374,6 +384,11 @@ i386_get_ioperm(struct lwp *l, void *arg
struct pcb *pcb = &l->l_addr->u_pcb;
struct i386_get_ioperm_args ua;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_IOPERM_GET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
+
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return (error);
@@ -387,10 +402,10 @@ i386_set_ioperm(struct lwp *l, void *arg
struct pcb *pcb = &l->l_addr->u_pcb;
struct i386_set_ioperm_args ua;
- if ((error = kauth_authorize_machdep(l->l_cred,
- KAUTH_MACHDEP_X86, KAUTH_REQ_MACHDEP_X86_IOPERM,
- NULL, NULL, NULL)) != 0)
- return error;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_IOPERM_SET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return (error);
@@ -408,6 +423,11 @@ i386_get_mtrr(struct lwp *l, void *args,
if (mtrr_funcs == NULL)
return ENOSYS;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_MTRR_GET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
+
error = copyin(args, &ua, sizeof ua);
if (error != 0)
return error;
@@ -432,10 +452,10 @@ i386_set_mtrr(struct lwp *l, void *args,
if (mtrr_funcs == NULL)
return ENOSYS;
- error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_X86,
- KAUTH_REQ_MACHDEP_X86_MTRR_SET, NULL, NULL, NULL);
- if (error != 0)
- return error;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_MTRR_SET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
error = copyin(args, &ua, sizeof ua);
if (error != 0)
Index: sys/arch/pc532/pc532/mem.c
===================================================================
RCS file: /usr/cvs/src/sys/arch/pc532/pc532/mem.c,v
retrieving revision 1.42
diff -u -p -r1.42 mem.c
--- sys/arch/pc532/pc532/mem.c 22 Dec 2006 11:13:21 -0000 1.42
+++ sys/arch/pc532/pc532/mem.c 23 Dec 2006 10:15:22 -0000
@@ -210,8 +210,7 @@ mmmmap(dev_t dev, off_t off, int prot)
return (-1);
if ((u_int)off > ctob(physmem) && kauth_authorize_machdep(l->l_cred,
- KAUTH_MACHDEP_PC532, KAUTH_REQ_MACHDEP_PC532_UNMANAGEDMEM, NULL,
- NULL, NULL) != 0)
+ KAUTH_MACHDEP_UNMANAGEDMEM, NULL, NULL, NULL, NULL) != 0)
return (-1);
return (ns532_btop((u_int)off));
}
Index: sys/arch/powerpc/powerpc/mem.c
===================================================================
RCS file: /usr/cvs/src/sys/arch/powerpc/powerpc/mem.c,v
retrieving revision 1.26
diff -u -p -r1.26 mem.c
--- sys/arch/powerpc/powerpc/mem.c 22 Dec 2006 11:13:21 -0000 1.26
+++ sys/arch/powerpc/powerpc/mem.c 23 Dec 2006 10:15:47 -0000
@@ -168,8 +168,7 @@ mmmmap(dev_t dev, off_t off, int prot)
return (-1);
if (atop(off) >= physmem && kauth_authorize_machdep(l->l_cred,
- KAUTH_MACHDEP_POWERPC, KAUTH_REQ_MACHDEP_POWERPC_UNMANAGEDMEM,
- NULL, NULL, NULL) != 0)
+ KAUTH_MACHDEP_UNMANAGEDMEM, NULL, NULL, NULL, NULL) != 0)
return (-1);
return (trunc_page((paddr_t)off));
}
Index: sys/arch/sh3/sh3/mem.c
===================================================================
RCS file: /usr/cvs/src/sys/arch/sh3/sh3/mem.c,v
retrieving revision 1.22
diff -u -p -r1.22 mem.c
--- sys/arch/sh3/sh3/mem.c 22 Dec 2006 11:13:21 -0000 1.22
+++ sys/arch/sh3/sh3/mem.c 23 Dec 2006 10:16:10 -0000
@@ -194,8 +194,7 @@ mmmmap(dev_t dev, off_t off, int prot)
return (-1);
if (!__mm_mem_addr(off) && kauth_authorize_machdep(l->l_cred,
- KAUTH_MACHDEP_SH3, KAUTH_REQ_MACHDEP_SH3_UNMANAGEDMEM, NULL,
- NULL, NULL) != 0)
+ KAUTH_MACHDEP_UNMANAGEDMEM, NULL, NULL, NULL, NULL) != 0)
return (-1);
return (sh3_btop((paddr_t)off));
}
Index: sys/arch/sh5/sh5/mem.c
===================================================================
RCS file: /usr/cvs/src/sys/arch/sh5/sh5/mem.c,v
retrieving revision 1.13
diff -u -p -r1.13 mem.c
--- sys/arch/sh5/sh5/mem.c 22 Dec 2006 11:13:21 -0000 1.13
+++ sys/arch/sh5/sh5/mem.c 23 Dec 2006 10:16:33 -0000
@@ -216,8 +216,7 @@ mmmmap(dev, off, prot)
/* minor device 0 is physical memory */
if (off >= ctob(physmem) && kauth_authorize_machdep(l->l_cred,
- KAUTH_MACHDEP_SH5, KAUTH_REQ_MACHDEP_SH5_UNMANAGEDMEM, NULL, NULL,
- NULL) != 0)
+ KAUTH_MACHDEP_UNMANAGEDMEM, NULL, NULL, NULL, NULL) != 0)
return -1;
return sh5_btop(off);
}
Index: sys/arch/vax/vax/mem.c
===================================================================
RCS file: /usr/cvs/src/sys/arch/vax/vax/mem.c,v
retrieving revision 1.33
diff -u -p -r1.33 mem.c
--- sys/arch/vax/vax/mem.c 22 Dec 2006 11:13:21 -0000 1.33
+++ sys/arch/vax/vax/mem.c 23 Dec 2006 10:16:54 -0000
@@ -201,8 +201,7 @@ mmmmap(dev_t dev, off_t off, int prot)
return (-1);
if ((u_int)off > ctob(physmem) && kauth_authorize_machdep(l->l_cred,
- KAUTH_MACHDEP_VAX, KAUTH_REQ_MACHDEP_VAX_UNMANAGEDMEM, NULL, NULL,
- NULL) != 0)
+ KAUTH_MACHDEP_UNMANAGEDMEM, NULL, NULL, NULL, NULL) != 0)
return (-1);
return (btop((u_int)off));
}
Index: sys/arch/x86/x86/x86_machdep.c
===================================================================
RCS file: /usr/cvs/src/sys/arch/x86/x86/x86_machdep.c,v
retrieving revision 1.4
diff -u -p -r1.4 x86_machdep.c
--- sys/arch/x86/x86/x86_machdep.c 22 Nov 2006 12:12:51 -0000 1.4
+++ sys/arch/x86/x86/x86_machdep.c 23 Dec 2006 10:17:53 -0000
@@ -99,8 +99,8 @@ check_pa_acc(paddr_t pa, vm_prot_t prot)
extern int mem_cluster_cnt;
int i;
- if (kauth_authorize_machdep(kauth_cred_get(), KAUTH_MACHDEP_X86,
- KAUTH_REQ_MACHDEP_X86_UNMANAGEDMEM, NULL, NULL, NULL) == 0) {
+ if (kauth_authorize_machdep(kauth_cred_get(),
+ KAUTH_MACHDEP_UNMANAGEDMEM, NULL, NULL, NULL, NULL) == 0) {
return 0;
}
Index: sys/arch/xen/i386/sys_machdep.c
===================================================================
RCS file: /usr/cvs/src/sys/arch/xen/i386/sys_machdep.c,v
retrieving revision 1.9
diff -u -p -r1.9 sys_machdep.c
--- sys/arch/xen/i386/sys_machdep.c 19 Sep 2006 22:03:11 -0000 1.9
+++ sys/arch/xen/i386/sys_machdep.c 23 Dec 2006 10:24:50 -0000
@@ -121,6 +121,11 @@ i386_get_ldt(l, args, retval)
union descriptor *lp, *cp;
struct i386_get_ldt_args ua;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_LDT_GET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
+
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return (error);
@@ -189,6 +194,11 @@ i386_set_ldt(l, args, retval)
size_t old_len, new_len, ldt_len;
union descriptor *old_ldt, *new_ldt;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_LDT_SET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
+
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return (error);
@@ -359,9 +369,10 @@ i386_iopl(l, args, retval)
if ((xen_start_info.flags & SIF_PRIVILEGED) == 0)
return EPERM;
- if (kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_X86,
- KAUTH_REQ_MACHDEP_X86_IOPL, NULL, NULL, NULL))
- return EPERM;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_IOPL,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return error;
@@ -403,6 +414,11 @@ i386_get_ioperm(l, args, retval)
struct pcb *pcb = &l->l_addr->u_pcb;
struct i386_get_ioperm_args ua;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_IOPERM_GET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
+
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return (error);
@@ -419,9 +435,10 @@ i386_set_ioperm(l, args, retval)
struct pcb *pcb = &l->l_addr->u_pcb;
struct i386_set_ioperm_args ua;
- if (kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_X86,
- KAUTH_REQ_MACHDEP_X86_IOPERM, NULL, NULL, NULL))
- return EPERM;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_IOPERM_SET,
+ NULL, NULL, NULL, NULL);
+ if (error)
+ return (error);
if ((error = copyin(args, &ua, sizeof(ua))) != 0)
return (error);
@@ -439,6 +456,11 @@ i386_get_mtrr(struct lwp *l, void *args,
if (mtrr_funcs == NULL)
return ENOSYS;
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_MTRR_GET,
+ NULL, NULL, NULL, NULL);
+ if (error != 0)
+ return error;
+
error = copyin(args, &ua, sizeof ua);
if (error != 0)
return error;
@@ -463,8 +485,8 @@ i386_set_mtrr(struct lwp *l, void *args,
if (mtrr_funcs == NULL)
return ENOSYS;
- error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_X86,
- KAUTH_REQ_MACHDEP_X86_MTRR_SET, NULL, NULL, NULL);
+ error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_MTRR_SET,
+ NULL, NULL, NULL, NULL);
if (error != 0)
return error;
Index: sys/kern/kern_auth.c
===================================================================
RCS file: /usr/cvs/src/sys/kern/kern_auth.c,v
retrieving revision 1.33
diff -u -p -r1.33 kern_auth.c
--- sys/kern/kern_auth.c 2 Dec 2006 03:10:43 -0000 1.33
+++ sys/kern/kern_auth.c 23 Dec 2006 10:39:02 -0000
@@ -804,10 +804,10 @@ kauth_authorize_network(kauth_cred_t cre
int
kauth_authorize_machdep(kauth_cred_t cred, kauth_action_t action,
- enum kauth_machdep_req req, void *arg1, void *arg2, void *arg3)
+ void *arg0, void *arg1, void *arg2, void *arg3)
{
return (kauth_authorize_action(kauth_builtin_scope_machdep, cred,
- action, (void *)req, arg1, arg2, arg3));
+ action, arg0, arg1, arg2, arg3));
}
int
Index: sys/secmodel/bsd44/secmodel_bsd44_securelevel.c
===================================================================
RCS file: /usr/cvs/src/sys/secmodel/bsd44/secmodel_bsd44_securelevel.c,v
retrieving revision 1.19
diff -u -p -r1.19 secmodel_bsd44_securelevel.c
--- sys/secmodel/bsd44/secmodel_bsd44_securelevel.c 2 Dec 2006 03:10:43 -0000 1.19
+++ sys/secmodel/bsd44/secmodel_bsd44_securelevel.c 23 Dec 2006 10:37:49 -0000
@@ -342,39 +342,19 @@ secmodel_bsd44_securelevel_machdep_cb(ka
void *arg1, void *arg2, void *arg3)
{
int result;
- enum kauth_machdep_req req;
result = KAUTH_RESULT_DENY;
- req = (enum kauth_machdep_req)arg0;
switch (action) {
- case KAUTH_MACHDEP_ALPHA:
- switch (req) {
- case KAUTH_REQ_MACHDEP_ALPHA_UNMANAGEDMEM:
- if (securelevel < 0)
- result = KAUTH_RESULT_ALLOW;
- break;
- default:
- result = KAUTH_RESULT_DEFER;
- break;
- }
+ case KAUTH_MACHDEP_IOPERM_SET:
+ case KAUTH_MACHDEP_IOPL:
+ if (securelevel < 1)
+ result = KAUTH_RESULT_ALLOW;
break;
- case KAUTH_MACHDEP_X86:
- switch (req) {
- case KAUTH_REQ_MACHDEP_X86_IOPL:
- case KAUTH_REQ_MACHDEP_X86_IOPERM:
- if (securelevel < 1)
- result = KAUTH_RESULT_ALLOW;
- break;
- case KAUTH_REQ_MACHDEP_X86_UNMANAGEDMEM:
- if (securelevel < 0)
- result = KAUTH_RESULT_ALLOW;
- break;
- default:
- result = KAUTH_RESULT_DEFER;
- break;
- }
+ case KAUTH_MACHDEP_UNMANAGEDMEM:
+ if (securelevel < 0)
+ result = KAUTH_RESULT_ALLOW;
break;
default:
Index: sys/secmodel/bsd44/secmodel_bsd44_suser.c
===================================================================
RCS file: /usr/cvs/src/sys/secmodel/bsd44/secmodel_bsd44_suser.c,v
retrieving revision 1.20
diff -u -p -r1.20 secmodel_bsd44_suser.c
--- sys/secmodel/bsd44/secmodel_bsd44_suser.c 22 Dec 2006 11:13:22 -0000 1.20
+++ sys/secmodel/bsd44/secmodel_bsd44_suser.c 23 Dec 2006 10:37:28 -0000
@@ -528,111 +528,28 @@ secmodel_bsd44_suser_machdep_cb(kauth_cr
{
boolean_t isroot;
int result;
- enum kauth_machdep_req req;
isroot = (kauth_cred_geteuid(cred) == 0);
result = KAUTH_RESULT_DENY;
- req = (enum kauth_machdep_req)arg0;
switch (action) {
- case KAUTH_MACHDEP_ARM:
- switch (req) {
- case KAUTH_REQ_MACHDEP_ARM_UNMANAGEDMEM:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
- break;
- default:
- result = KAUTH_RESULT_DEFER;
- break;
- }
- break;
-
- case KAUTH_MACHDEP_PC532:
- switch (req) {
- case KAUTH_REQ_MACHDEP_PC532_UNMANAGEDMEM:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
- break;
- default:
- result = KAUTH_RESULT_DEFER;
- break;
- }
- break;
-
- case KAUTH_MACHDEP_POWERPC:
- switch (req) {
- case KAUTH_REQ_MACHDEP_POWERPC_UNMANAGEDMEM:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
- break;
- default:
- result = KAUTH_RESULT_DEFER;
- break;
- }
- break;
-
- case KAUTH_MACHDEP_SH3:
- switch (req) {
- case KAUTH_REQ_MACHDEP_SH3_UNMANAGEDMEM:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
- break;
- default:
- result = KAUTH_RESULT_DEFER;
- break;
- }
- break;
-
- case KAUTH_MACHDEP_SH5:
- switch (req) {
- case KAUTH_REQ_MACHDEP_SH5_UNMANAGEDMEM:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
- break;
- default:
- result = KAUTH_RESULT_DEFER;
- break;
- }
- break;
-
- case KAUTH_MACHDEP_VAX:
- switch (req) {
- case KAUTH_REQ_MACHDEP_VAX_UNMANAGEDMEM:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
- break;
- default:
- result = KAUTH_RESULT_DEFER;
- break;
- }
+ case KAUTH_MACHDEP_IOPERM_GET:
+ case KAUTH_MACHDEP_LDT_GET:
+ case KAUTH_MACHDEP_LDT_SET:
+ case KAUTH_MACHDEP_MTRR_GET:
+ result = KAUTH_RESULT_ALLOW;
break;
- case KAUTH_MACHDEP_X86:
- switch (req) {
- case KAUTH_REQ_MACHDEP_X86_IOPL:
- case KAUTH_REQ_MACHDEP_X86_IOPERM:
- case KAUTH_REQ_MACHDEP_X86_MTRR_SET:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
- break;
-
- default:
- result = KAUTH_RESULT_DEFER;
- break;
- }
+ case KAUTH_MACHDEP_IOPERM_SET:
+ case KAUTH_MACHDEP_IOPL:
+ case KAUTH_MACHDEP_MTRR_SET:
+ if (isroot)
+ result = KAUTH_RESULT_ALLOW;
break;
- case KAUTH_MACHDEP_X86_64:
- switch (req) {
- case KAUTH_REQ_MACHDEP_X86_64_MTRR_GET:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
- break;
-
- default:
- result = KAUTH_RESULT_DEFER;
- break;
- }
+ case KAUTH_MACHDEP_UNMANAGEDMEM:
+ if (isroot)
+ result = KAUTH_RESULT_ALLOW;
break;
default:
Index: sys/sys/kauth.h
===================================================================
RCS file: /usr/cvs/src/sys/sys/kauth.h,v
retrieving revision 1.28
diff -u -p -r1.28 kauth.h
--- sys/sys/kauth.h 22 Dec 2006 11:13:22 -0000 1.28
+++ sys/sys/kauth.h 23 Dec 2006 10:38:44 -0000
@@ -186,33 +186,14 @@ enum kauth_network_req {
* Machdep scope - actions.
*/
enum {
- KAUTH_MACHDEP_ALPHA=1,
- KAUTH_MACHDEP_ARM,
- KAUTH_MACHDEP_PC532,
- KAUTH_MACHDEP_POWERPC,
- KAUTH_MACHDEP_SH3,
- KAUTH_MACHDEP_SH5,
- KAUTH_MACHDEP_VAX,
- KAUTH_MACHDEP_X86,
- KAUTH_MACHDEP_X86_64
-};
-
-/*
- * Machdep scope - sub-actions.
- */
-enum kauth_machdep_req {
- KAUTH_REQ_MACHDEP_ALPHA_UNMANAGEDMEM=1,
- KAUTH_REQ_MACHDEP_ARM_UNMANAGEDMEM,
- KAUTH_REQ_MACHDEP_PC532_UNMANAGEDMEM,
- KAUTH_REQ_MACHDEP_POWERPC_UNMANAGEDMEM,
- KAUTH_REQ_MACHDEP_SH3_UNMANAGEDMEM,
- KAUTH_REQ_MACHDEP_SH5_UNMANAGEDMEM,
- KAUTH_REQ_MACHDEP_VAX_UNMANAGEDMEM,
- KAUTH_REQ_MACHDEP_X86_64_MTRR_GET, /* ridiculous. */
- KAUTH_REQ_MACHDEP_X86_IOPERM,
- KAUTH_REQ_MACHDEP_X86_IOPL,
- KAUTH_REQ_MACHDEP_X86_MTRR_SET,
- KAUTH_REQ_MACHDEP_X86_UNMANAGEDMEM
+ KAUTH_MACHDEP_IOPERM_GET=1,
+ KAUTH_MACHDEP_IOPERM_SET,
+ KAUTH_MACHDEP_IOPL,
+ KAUTH_MACHDEP_LDT_GET,
+ KAUTH_MACHDEP_LDT_SET,
+ KAUTH_MACHDEP_MTRR_GET,
+ KAUTH_MACHDEP_MTRR_SET,
+ KAUTH_MACHDEP_UNMANAGEDMEM
};
/*
@@ -269,7 +250,7 @@ int kauth_authorize_process(kauth_cred_t
int kauth_authorize_network(kauth_cred_t, kauth_action_t,
enum kauth_network_req, void *, void *, void *);
int kauth_authorize_machdep(kauth_cred_t, kauth_action_t,
- enum kauth_machdep_req, void *, void *, void *);
+ void *, void *, void *, void *);
int kauth_authorize_device(kauth_cred_t, kauth_action_t,
void *, void *, void *, void *);
int kauth_authorize_device_tty(kauth_cred_t, kauth_action_t, struct tty *);
--------------090201040001070306020305--