diff options
author | jilles <jilles@FreeBSD.org> | 2013-09-17 20:48:19 +0000 |
---|---|---|
committer | jilles <jilles@FreeBSD.org> | 2013-09-17 20:48:19 +0000 |
commit | 5faad32e2cb68eac36328d8a57f6ffc2b94c1a39 (patch) | |
tree | 8721f0fa580ee08d74844e4259a8a80b42b7c3f8 /sys/compat/freebsd32 | |
parent | 5a339ba5aa8ada3092d9f5715e202e11a1fbed8e (diff) | |
download | FreeBSD-src-5faad32e2cb68eac36328d8a57f6ffc2b94c1a39.zip FreeBSD-src-5faad32e2cb68eac36328d8a57f6ffc2b94c1a39.tar.gz |
Disallow cap_enter() in freebsd32 compatibility mode.
The freebsd32 compatibility mode (for running 32-bit binaries on 64-bit
kernels) does not currently allow any system calls in capability mode, but
still permits cap_enter(). As a result, 32-bit binaries on 64-bit kernels
that use capability mode do not work (they crash after being disallowed to
call sys_exit()). Affected binaries include dhclient and uniq. The latter's
crashes cause obscure build failures.
This commit makes freebsd32 cap_enter() fail with [ENOSYS], as if capability
mode was not compiled in. Applications deal with this by doing their work
without capability mode.
This commit does not fix the uncommon situation where a 64-bit process
enters capability mode and then executes a 32-bit binary using fexecve().
This commit should be reverted when allowing the necessary freebsd32 system
calls in capability mode.
Reviewed by: pjd
Approved by: re (hrs)
Diffstat (limited to 'sys/compat/freebsd32')
-rw-r--r-- | sys/compat/freebsd32/freebsd32_capability.c | 20 | ||||
-rw-r--r-- | sys/compat/freebsd32/syscalls.master | 2 |
2 files changed, 21 insertions, 1 deletions
diff --git a/sys/compat/freebsd32/freebsd32_capability.c b/sys/compat/freebsd32/freebsd32_capability.c index b23cf95..27c83c4 100644 --- a/sys/compat/freebsd32/freebsd32_capability.c +++ b/sys/compat/freebsd32/freebsd32_capability.c @@ -49,6 +49,18 @@ __FBSDID("$FreeBSD$"); MALLOC_DECLARE(M_FILECAPS); int +freebsd32_cap_enter(struct thread *td, + struct freebsd32_cap_enter_args *uap) +{ + + /* + * We do not have an equivalent of capabilities.conf for freebsd32 + * compatibility, so do not allow capability mode for now. + */ + return (ENOSYS); +} + +int freebsd32_cap_ioctls_limit(struct thread *td, struct freebsd32_cap_ioctls_limit_args *uap) { @@ -136,6 +148,14 @@ out: #else /* !CAPABILITIES */ int +freebsd32_cap_enter(struct thread *td, + struct freebsd32_cap_enter_args *uap) +{ + + return (ENOSYS); +} + +int freebsd32_cap_ioctls_limit(struct thread *td, struct freebsd32_cap_ioctls_limit_args *uap) { diff --git a/sys/compat/freebsd32/syscalls.master b/sys/compat/freebsd32/syscalls.master index f537a54..c52256a 100644 --- a/sys/compat/freebsd32/syscalls.master +++ b/sys/compat/freebsd32/syscalls.master @@ -973,7 +973,7 @@ 514 AUE_NULL OBSOL cap_new 515 AUE_CAP_RIGHTS_GET NOPROTO { int __cap_rights_get(int version, \ int fd, cap_rights_t *rightsp); } -516 AUE_CAP_ENTER NOPROTO { int cap_enter(void); } +516 AUE_CAP_ENTER STD { int freebsd32_cap_enter(void); } 517 AUE_CAP_GETMODE NOPROTO { int cap_getmode(u_int *modep); } 518 AUE_PDFORK NOPROTO { int pdfork(int *fdp, int flags); } 519 AUE_PDKILL NOPROTO { int pdkill(int fd, int signum); } |