diff options
| author | rwatson <rwatson@FreeBSD.org> | 2011-07-17 23:05:24 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2011-07-17 23:05:24 +0000 |
| commit | 7c21db8ed3ea76933360bc701c1cfe99e080cdb5 (patch) | |
| tree | c4ed35a8f34e303ea8f9aaebd4a5bb9199dfb0dc /sys/kern/kern_mib.c | |
| parent | 8c65d0122a45d4d6c8d002377782ad53a7a76d91 (diff) | |
| download | FreeBSD-src-7c21db8ed3ea76933360bc701c1cfe99e080cdb5.zip FreeBSD-src-7c21db8ed3ea76933360bc701c1cfe99e080cdb5.tar.gz | |
Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which
may be jointly referenced via the mask CTLFLAG_CAPRW. Sysctls with these
flags are available in Capsicum's capability mode; other sysctl nodes are
not.
Flag several useful sysctls as available in capability mode, such as memory
layout sysctls required by the run-time linker and malloc(3). Also expose
access to randomness and available kernel features.
A few sysctls are enabled to support name->MIB conversion; these may leak
information to capability mode by virtue of providing resolution on names
not flagged for access in capability mode. This is, generally, not a huge
problem, but might be something to resolve in the future. Flag these cases
with XXX comments.
Submitted by: jonathan
Sponsored by: Google, Inc.
Diffstat (limited to 'sys/kern/kern_mib.c')
| -rw-r--r-- | sys/kern/kern_mib.c | 36 |
1 files changed, 19 insertions, 17 deletions
diff --git a/sys/kern/kern_mib.c b/sys/kern/kern_mib.c index f829551..75b3af9 100644 --- a/sys/kern/kern_mib.c +++ b/sys/kern/kern_mib.c @@ -57,7 +57,7 @@ __FBSDID("$FreeBSD$"); SYSCTL_NODE(, 0, sysctl, CTLFLAG_RW, 0, "Sysctl internal magic"); -SYSCTL_NODE(, CTL_KERN, kern, CTLFLAG_RW, 0, +SYSCTL_NODE(, CTL_KERN, kern, CTLFLAG_RW|CTLFLAG_CAPRD, 0, "High kernel, proc, limits &c"); SYSCTL_NODE(, CTL_VM, vm, CTLFLAG_RW, 0, "Virtual memory"); @@ -90,23 +90,23 @@ SYSCTL_NODE(, OID_AUTO, regression, CTLFLAG_RW, 0, SYSCTL_STRING(_kern, OID_AUTO, ident, CTLFLAG_RD|CTLFLAG_MPSAFE, kern_ident, 0, "Kernel identifier"); -SYSCTL_STRING(_kern, KERN_OSRELEASE, osrelease, CTLFLAG_RD|CTLFLAG_MPSAFE, - osrelease, 0, "Operating system release"); +SYSCTL_STRING(_kern, KERN_OSRELEASE, osrelease, CTLFLAG_RD|CTLFLAG_MPSAFE| + CTLFLAG_CAPRD, osrelease, 0, "Operating system release"); -SYSCTL_INT(_kern, KERN_OSREV, osrevision, CTLFLAG_RD, +SYSCTL_INT(_kern, KERN_OSREV, osrevision, CTLFLAG_RD|CTLFLAG_CAPRD, 0, BSD, "Operating system revision"); SYSCTL_STRING(_kern, KERN_VERSION, version, CTLFLAG_RD|CTLFLAG_MPSAFE, version, 0, "Kernel version"); -SYSCTL_STRING(_kern, KERN_OSTYPE, ostype, CTLFLAG_RD|CTLFLAG_MPSAFE, - ostype, 0, "Operating system type"); +SYSCTL_STRING(_kern, KERN_OSTYPE, ostype, CTLFLAG_RD|CTLFLAG_MPSAFE| + CTLFLAG_CAPRD, ostype, 0, "Operating system type"); /* * NOTICE: The *userland* release date is available in * /usr/include/osreldate.h */ -SYSCTL_INT(_kern, KERN_OSRELDATE, osreldate, CTLFLAG_RD, +SYSCTL_INT(_kern, KERN_OSRELDATE, osreldate, CTLFLAG_RD|CTLFLAG_CAPRD, &osreldate, 0, "Kernel release date"); SYSCTL_INT(_kern, KERN_MAXPROC, maxproc, CTLFLAG_RDTUN, @@ -118,24 +118,24 @@ SYSCTL_INT(_kern, KERN_MAXPROCPERUID, maxprocperuid, CTLFLAG_RW, SYSCTL_INT(_kern, OID_AUTO, maxusers, CTLFLAG_RDTUN, &maxusers, 0, "Hint for kernel tuning"); -SYSCTL_INT(_kern, KERN_ARGMAX, argmax, CTLFLAG_RD, +SYSCTL_INT(_kern, KERN_ARGMAX, argmax, CTLFLAG_RD|CTLFLAG_CAPRD, 0, ARG_MAX, "Maximum bytes of argument to execve(2)"); -SYSCTL_INT(_kern, KERN_POSIX1, posix1version, CTLFLAG_RD, +SYSCTL_INT(_kern, KERN_POSIX1, posix1version, CTLFLAG_RD|CTLFLAG_CAPRD, 0, _POSIX_VERSION, "Version of POSIX attempting to comply to"); -SYSCTL_INT(_kern, KERN_NGROUPS, ngroups, CTLFLAG_RDTUN, +SYSCTL_INT(_kern, KERN_NGROUPS, ngroups, CTLFLAG_RDTUN|CTLFLAG_CAPRD, &ngroups_max, 0, "Maximum number of supplemental groups a user can belong to"); -SYSCTL_INT(_kern, KERN_JOB_CONTROL, job_control, CTLFLAG_RD, +SYSCTL_INT(_kern, KERN_JOB_CONTROL, job_control, CTLFLAG_RD|CTLFLAG_CAPRD, 0, 1, "Whether job control is available"); #ifdef _POSIX_SAVED_IDS -SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD, +SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD|CTLFLAG_CAPRD, 0, 1, "Whether saved set-group/user ID is available"); #else -SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD, +SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD|CTLFLAG_CAPRD, 0, 0, "Whether saved set-group/user ID is available"); #endif @@ -144,13 +144,13 @@ char kernelname[MAXPATHLEN] = "/kernel"; /* XXX bloat */ SYSCTL_STRING(_kern, KERN_BOOTFILE, bootfile, CTLFLAG_RW, kernelname, sizeof kernelname, "Name of kernel file booted"); -SYSCTL_INT(_hw, HW_NCPU, ncpu, CTLFLAG_RD, +SYSCTL_INT(_hw, HW_NCPU, ncpu, CTLFLAG_RD|CTLFLAG_CAPRD, &mp_ncpus, 0, "Number of active CPUs"); -SYSCTL_INT(_hw, HW_BYTEORDER, byteorder, CTLFLAG_RD, +SYSCTL_INT(_hw, HW_BYTEORDER, byteorder, CTLFLAG_RD|CTLFLAG_CAPRD, 0, BYTE_ORDER, "System byte order"); -SYSCTL_INT(_hw, HW_PAGESIZE, pagesize, CTLFLAG_RD, +SYSCTL_INT(_hw, HW_PAGESIZE, pagesize, CTLFLAG_RD|CTLFLAG_CAPRD, 0, PAGE_SIZE, "System memory page size"); static int @@ -167,7 +167,7 @@ sysctl_kern_arnd(SYSCTL_HANDLER_ARGS) } SYSCTL_PROC(_kern, KERN_ARND, arandom, - CTLTYPE_OPAQUE | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0, + CTLTYPE_OPAQUE | CTLFLAG_RD | CTLFLAG_MPSAFE | CTLFLAG_CAPRD, NULL, 0, sysctl_kern_arnd, "", "arc4rand"); static int @@ -448,6 +448,8 @@ FEATURE(compat_freebsd7, "Compatible with FreeBSD 7"); * This is really cheating. These actually live in the libc, something * which I'm not quite sure is a good idea anyway, but in order for * getnext and friends to actually work, we define dummies here. + * + * XXXRW: These probably should be CTLFLAG_CAPRD. */ SYSCTL_STRING(_user, USER_CS_PATH, cs_path, CTLFLAG_RD, "", 0, "PATH that finds all the standard utilities"); |
