diff options
author | phk <phk@FreeBSD.org> | 1999-11-07 12:01:32 +0000 |
---|---|---|
committer | phk <phk@FreeBSD.org> | 1999-11-07 12:01:32 +0000 |
commit | a7f67fc8195e55b18432ca58b7e3db534b2181d5 (patch) | |
tree | 54702b25f542378e063481a12b6c492d50ab1d5f | |
parent | 61d8f0221ce5b6331dcf565b8fcfefa0aa6ddc88 (diff) | |
download | FreeBSD-src-a7f67fc8195e55b18432ca58b7e3db534b2181d5.zip FreeBSD-src-a7f67fc8195e55b18432ca58b7e3db534b2181d5.tar.gz |
Remove the iskmemdev() function. Make it the responsibility of the mem.c
drivers to enforce the securelevel checks.
-rw-r--r-- | sys/alpha/alpha/mem.c | 22 | ||||
-rw-r--r-- | sys/amd64/amd64/mem.c | 19 | ||||
-rw-r--r-- | sys/fs/specfs/spec_vnops.c | 4 | ||||
-rw-r--r-- | sys/i386/i386/mem.c | 19 | ||||
-rw-r--r-- | sys/miscfs/devfs/devfs_vnops.c | 4 | ||||
-rw-r--r-- | sys/miscfs/specfs/spec_vnops.c | 4 | ||||
-rw-r--r-- | sys/sys/conf.h | 1 | ||||
-rw-r--r-- | sys/sys/linedisc.h | 1 |
8 files changed, 18 insertions, 56 deletions
diff --git a/sys/alpha/alpha/mem.c b/sys/alpha/alpha/mem.c index e204b43..4c7f835 100644 --- a/sys/alpha/alpha/mem.c +++ b/sys/alpha/alpha/mem.c @@ -123,6 +123,11 @@ mmopen(dev, flags, fmt, p) { switch (minor(dev)) { + case 0: + case 1: + if (securelevel >= 1) + return (EPERM); + break; case 32: #ifdef PERFMON return perfmon_open(dev, flags, fmt, p); @@ -367,23 +372,6 @@ mmpoll(dev, events, p) } } -/* - * Routine that identifies /dev/mem and /dev/kmem. - * - * A minimal stub routine can always return 0. - */ -int -iskmemdev(dev) - dev_t dev; -{ - - return (((major(dev) == mem_cdevsw.d_maj) - && (minor(dev) == 0 || minor(dev) == 1)) -/* or the osf/1 mem device */ - ||((major(dev) == 0) - && (minor(dev) == 0x00200002))); -} - int iszerodev(dev) dev_t dev; diff --git a/sys/amd64/amd64/mem.c b/sys/amd64/amd64/mem.c index 92c7b2d..da9084b 100644 --- a/sys/amd64/amd64/mem.c +++ b/sys/amd64/amd64/mem.c @@ -111,6 +111,11 @@ mmclose(dev, flags, fmt, p) struct proc *p; { switch (minor(dev)) { + case 0: + case 1: + if (securelevel >= 1) + return (EPERM); + break; case 14: curproc->p_md.md_regs->tf_eflags &= ~PSL_IOPL; break; @@ -527,20 +532,6 @@ mmpoll(dev, events, p) } } -/* - * Routine that identifies /dev/mem and /dev/kmem. - * - * A minimal stub routine can always return 0. - */ -int -iskmemdev(dev) - dev_t dev; -{ - - return ((major(dev) == mem_cdevsw.d_maj) - && (minor(dev) == 0 || minor(dev) == 1)); -} - int iszerodev(dev) dev_t dev; diff --git a/sys/fs/specfs/spec_vnops.c b/sys/fs/specfs/spec_vnops.c index c012b15..969a124 100644 --- a/sys/fs/specfs/spec_vnops.c +++ b/sys/fs/specfs/spec_vnops.c @@ -176,7 +176,7 @@ spec_open(ap) return (EPERM); /* * When running in secure mode, do not allow opens - * for writing of /dev/mem, /dev/kmem, or character + * for writing of character * devices whose corresponding block devices are * currently mounted. */ @@ -186,8 +186,6 @@ spec_open(ap) bvp->v_usecount > 0 && (error = vfs_mountedon(bvp))) return (error); - if (iskmemdev(dev)) - return (EPERM); } } if ((dsw->d_flags & D_TYPEMASK) == D_TTY) diff --git a/sys/i386/i386/mem.c b/sys/i386/i386/mem.c index 92c7b2d..da9084b 100644 --- a/sys/i386/i386/mem.c +++ b/sys/i386/i386/mem.c @@ -111,6 +111,11 @@ mmclose(dev, flags, fmt, p) struct proc *p; { switch (minor(dev)) { + case 0: + case 1: + if (securelevel >= 1) + return (EPERM); + break; case 14: curproc->p_md.md_regs->tf_eflags &= ~PSL_IOPL; break; @@ -527,20 +532,6 @@ mmpoll(dev, events, p) } } -/* - * Routine that identifies /dev/mem and /dev/kmem. - * - * A minimal stub routine can always return 0. - */ -int -iskmemdev(dev) - dev_t dev; -{ - - return ((major(dev) == mem_cdevsw.d_maj) - && (minor(dev) == 0 || minor(dev) == 1)); -} - int iszerodev(dev) dev_t dev; diff --git a/sys/miscfs/devfs/devfs_vnops.c b/sys/miscfs/devfs/devfs_vnops.c index 6026792..96252d4 100644 --- a/sys/miscfs/devfs/devfs_vnops.c +++ b/sys/miscfs/devfs/devfs_vnops.c @@ -1353,7 +1353,7 @@ devfs_open( struct vop_open_args *ap) return (EPERM); /* * When running in secure mode, do not allow opens - * for writing of /dev/mem, /dev/kmem, or character + * for writing of character * devices whose corresponding block devices are * currently mounted. */ @@ -1363,8 +1363,6 @@ devfs_open( struct vop_open_args *ap) bvp->v_usecount > 0 && (error = vfs_mountedon(bvp))) return (error); - if (iskmemdev(dev)) - return (EPERM); } } if ((dsw->d_flags & D_TYPEMASK) == D_TTY) diff --git a/sys/miscfs/specfs/spec_vnops.c b/sys/miscfs/specfs/spec_vnops.c index c012b15..969a124 100644 --- a/sys/miscfs/specfs/spec_vnops.c +++ b/sys/miscfs/specfs/spec_vnops.c @@ -176,7 +176,7 @@ spec_open(ap) return (EPERM); /* * When running in secure mode, do not allow opens - * for writing of /dev/mem, /dev/kmem, or character + * for writing of character * devices whose corresponding block devices are * currently mounted. */ @@ -186,8 +186,6 @@ spec_open(ap) bvp->v_usecount > 0 && (error = vfs_mountedon(bvp))) return (error); - if (iskmemdev(dev)) - return (EPERM); } } if ((dsw->d_flags & D_TYPEMASK) == D_TTY) diff --git a/sys/sys/conf.h b/sys/sys/conf.h index 475f97b..a5805d0 100644 --- a/sys/sys/conf.h +++ b/sys/sys/conf.h @@ -266,7 +266,6 @@ struct cdevsw *devsw __P((dev_t dev)); int devsw_module_handler __P((struct module *mod, int what, void *arg)); const char *devtoname __P((dev_t dev)); void freedev __P((dev_t dev)); -int iskmemdev __P((dev_t dev)); int iszerodev __P((dev_t dev)); dev_t makebdev __P((int maj, int min)); dev_t make_dev __P((struct cdevsw *devsw, int minor, uid_t uid, gid_t gid, int perms, char *fmt, ...)) __printflike(6, 7); diff --git a/sys/sys/linedisc.h b/sys/sys/linedisc.h index 475f97b..a5805d0 100644 --- a/sys/sys/linedisc.h +++ b/sys/sys/linedisc.h @@ -266,7 +266,6 @@ struct cdevsw *devsw __P((dev_t dev)); int devsw_module_handler __P((struct module *mod, int what, void *arg)); const char *devtoname __P((dev_t dev)); void freedev __P((dev_t dev)); -int iskmemdev __P((dev_t dev)); int iszerodev __P((dev_t dev)); dev_t makebdev __P((int maj, int min)); dev_t make_dev __P((struct cdevsw *devsw, int minor, uid_t uid, gid_t gid, int perms, char *fmt, ...)) __printflike(6, 7); |