diff options
author | tegge <tegge@FreeBSD.org> | 1998-05-19 00:00:14 +0000 |
---|---|---|
committer | tegge <tegge@FreeBSD.org> | 1998-05-19 00:00:14 +0000 |
commit | 9fdbafa2fe06cfff465241ce76c5395269982396 (patch) | |
tree | 3b482820bffff64041452ded3ad80246ff105eb3 /sys/fs | |
parent | 34f4d24e56af87f75658e327d3046622ea4bc85d (diff) | |
download | FreeBSD-src-9fdbafa2fe06cfff465241ce76c5395269982396.zip FreeBSD-src-9fdbafa2fe06cfff465241ce76c5395269982396.tar.gz |
Disallow reading the current kernel stack. Only the user structure and
the current registers should be accessible.
Reviewed by: David Greenman <dg@root.com>
Diffstat (limited to 'sys/fs')
-rw-r--r-- | sys/fs/procfs/procfs.h | 5 | ||||
-rw-r--r-- | sys/fs/procfs/procfs_mem.c | 39 | ||||
-rw-r--r-- | sys/fs/procfs/procfs_vnops.c | 4 |
3 files changed, 38 insertions, 10 deletions
diff --git a/sys/fs/procfs/procfs.h b/sys/fs/procfs/procfs.h index ada5ef3..9adee8a 100644 --- a/sys/fs/procfs/procfs.h +++ b/sys/fs/procfs/procfs.h @@ -37,7 +37,7 @@ * @(#)procfs.h 8.9 (Berkeley) 5/14/95 * * From: - * $Id: procfs.h,v 1.17 1997/09/07 05:26:16 bde Exp $ + * $Id: procfs.h,v 1.18 1997/12/30 08:46:41 bde Exp $ */ /* @@ -155,6 +155,9 @@ int procfs_dostatus __P((struct proc *, struct proc *, struct pfsnode *pfsp, str int procfs_domap __P((struct proc *, struct proc *, struct pfsnode *pfsp, struct uio *uio)); int procfs_dotype __P((struct proc *, struct proc *, struct pfsnode *pfsp, struct uio *uio)); +/* Return 1 if process has special kernel digging privileges */ +int procfs_kmemaccess __P((struct proc *)); + /* functions to check whether or not files should be displayed */ int procfs_validfile __P((struct proc *)); int procfs_validfpregs __P((struct proc *)); diff --git a/sys/fs/procfs/procfs_mem.c b/sys/fs/procfs/procfs_mem.c index 5184f47..29c883c 100644 --- a/sys/fs/procfs/procfs_mem.c +++ b/sys/fs/procfs/procfs_mem.c @@ -37,7 +37,7 @@ * * @(#)procfs_mem.c 8.5 (Berkeley) 6/15/94 * - * $Id: procfs_mem.c,v 1.30 1998/02/06 12:13:41 eivind Exp $ + * $Id: procfs_mem.c,v 1.31 1998/04/17 22:36:55 des Exp $ */ /* @@ -61,11 +61,14 @@ #include <vm/vm_page.h> #include <vm/vm_extern.h> #include <sys/user.h> +#include <sys/ptrace.h> -static int procfs_rwmem __P((struct proc *p, struct uio *uio)); +static int procfs_rwmem __P((struct proc *curp, + struct proc *p, struct uio *uio)); static int -procfs_rwmem(p, uio) +procfs_rwmem(curp, p, uio) + struct proc *curp; struct proc *p; struct uio *uio; { @@ -130,7 +133,12 @@ procfs_rwmem(p, uio) if (uva >= VM_MAXUSER_ADDRESS) { vm_offset_t tkva; - if (writing || (uva >= (VM_MAXUSER_ADDRESS + UPAGES * PAGE_SIZE))) { + if (writing || + uva >= VM_MAXUSER_ADDRESS + UPAGES * PAGE_SIZE || + (ptrace_read_u_check(p, + uva - (vm_offset_t) VM_MAXUSER_ADDRESS, + (size_t) len) && + !procfs_kmemaccess(curp))) { error = 0; break; } @@ -290,11 +298,11 @@ procfs_domem(curp, p, pfs, uio) */ if (!CHECKIO(curp, p) && - !(curp->p_cred->pc_ucred->cr_gid == KMEM_GROUP && - uio->uio_rw == UIO_READ)) + !(uio->uio_rw == UIO_READ && + procfs_kmemaccess(curp))) return EPERM; - return (procfs_rwmem(p, uio)); + return (procfs_rwmem(curp, p, uio)); } /* @@ -315,3 +323,20 @@ procfs_findtextvp(p) return (p->p_textvp); } + +int procfs_kmemaccess(curp) + struct proc *curp; +{ + int i; + struct ucred *cred; + + cred = curp->p_cred->pc_ucred; + if (suser(cred, &curp->p_acflag)) + return 1; + + for (i = 0; i < cred->cr_ngroups; i++) + if (cred->cr_groups[i] == KMEM_GROUP) + return 1; + + return 0; +} diff --git a/sys/fs/procfs/procfs_vnops.c b/sys/fs/procfs/procfs_vnops.c index 78b6d92..54893ad 100644 --- a/sys/fs/procfs/procfs_vnops.c +++ b/sys/fs/procfs/procfs_vnops.c @@ -36,7 +36,7 @@ * * @(#)procfs_vnops.c 8.18 (Berkeley) 5/21/95 * - * $Id: procfs_vnops.c,v 1.55 1998/02/09 06:09:46 eivind Exp $ + * $Id: procfs_vnops.c,v 1.56 1998/03/26 20:52:42 phk Exp $ */ /* @@ -142,7 +142,7 @@ procfs_open(ap) p1 = ap->a_p; if (!CHECKIO(p1, p2) && - (p1->p_cred->pc_ucred->cr_gid != KMEM_GROUP)) + !procfs_kmemaccess(p1)) return (EPERM); if (ap->a_mode & FWRITE) |