MFC: Don't allow userland to set hardware watch points on kernel memory.

Approved by:	re (mux)

1 files changed, 20 insertions, 23 deletions

diff --git a/sys/amd64/amd64/machdep.c b/sys/amd64/amd64/machdep.c
index 6cbe684..942b034 100644
--- a/sys/amd64/amd64/machdep.c
+++ b/sys/amd64/amd64/machdep.c
@@ -1767,8 +1767,7 @@ set_dbregs(struct thread *td, struct dbreg *dbregs)
 		 * could halt the system by setting a breakpoint in the kernel
 		 * (if ddb was enabled).  Thus, we need to check to make sure
 		 * that no breakpoints are being enabled for addresses outside
-		 * process's address space, unless, perhaps, we were called by
-		 * uid 0.
+		 * process's address space.
 		 *
 		 * XXX - what about when the watched area of the user's
 		 * address space is written into from within the kernel
@@ -1776,27 +1775,25 @@ set_dbregs(struct thread *td, struct dbreg *dbregs)
 		 * from within kernel mode?
 		 */
 
-		if (suser(td) != 0) {
-			if (dbregs->dr[7] & 0x3) {
-				/* dr0 is enabled */
-				if (dbregs->dr[0] >= VM_MAXUSER_ADDRESS)
-					return (EINVAL);
-			}
-			if (dbregs->dr[7] & 0x3<<2) {
-				/* dr1 is enabled */
-				if (dbregs->dr[1] >= VM_MAXUSER_ADDRESS)
-					return (EINVAL);
-			}
-			if (dbregs->dr[7] & 0x3<<4) {
-				/* dr2 is enabled */
-				if (dbregs->dr[2] >= VM_MAXUSER_ADDRESS)
-					return (EINVAL);
-			}
-			if (dbregs->dr[7] & 0x3<<6) {
-				/* dr3 is enabled */
-				if (dbregs->dr[3] >= VM_MAXUSER_ADDRESS)
-					return (EINVAL);
-			}
+		if (dbregs->dr[7] & 0x3) {
+			/* dr0 is enabled */
+			if (dbregs->dr[0] >= VM_MAXUSER_ADDRESS)
+				return (EINVAL);
+		}
+		if (dbregs->dr[7] & 0x3<<2) {
+			/* dr1 is enabled */
+			if (dbregs->dr[1] >= VM_MAXUSER_ADDRESS)
+				return (EINVAL);
+		}
+		if (dbregs->dr[7] & 0x3<<4) {
+			/* dr2 is enabled */
+			if (dbregs->dr[2] >= VM_MAXUSER_ADDRESS)
+				return (EINVAL);
+		}
+		if (dbregs->dr[7] & 0x3<<6) {
+			/* dr3 is enabled */
+			if (dbregs->dr[3] >= VM_MAXUSER_ADDRESS)
+				return (EINVAL);
 		}
 
 		pcb->pcb_dr0 = dbregs->dr[0];