summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sys/amd64/amd64/sys_machdep.c29
-rw-r--r--sys/arm/arm/sys_machdep.c21
-rw-r--r--sys/i386/i386/sys_machdep.c25
3 files changed, 75 insertions, 0 deletions
diff --git a/sys/amd64/amd64/sys_machdep.c b/sys/amd64/amd64/sys_machdep.c
index 001651b..2a890a0 100644
--- a/sys/amd64/amd64/sys_machdep.c
+++ b/sys/amd64/amd64/sys_machdep.c
@@ -33,8 +33,11 @@
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
+#include "opt_capabilities.h"
+
#include <sys/param.h>
#include <sys/systm.h>
+#include <sys/capability.h>
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/malloc.h>
@@ -177,6 +180,32 @@ sysarch(td, uap)
uint64_t a64base;
struct i386_ioperm_args iargs;
+#ifdef CAPABILITIES
+ /*
+ * Whitelist of operations which are safe enough for capability mode.
+ */
+ if (IN_CAPABILITY_MODE(td)) {
+ switch (uap->op) {
+ case I386_GET_LDT:
+ case I386_SET_LDT:
+ case I386_GET_IOPERM:
+ case I386_GET_FSBASE:
+ case I386_SET_FSBASE:
+ case I386_GET_GSBASE:
+ case I386_SET_GSBASE:
+ case AMD64_GET_FSBASE:
+ case AMD64_SET_FSBASE:
+ case AMD64_GET_GSBASE:
+ case AMD64_SET_GSBASE:
+ break;
+
+ case I386_SET_IOPERM:
+ default:
+ return (ECAPMODE);
+ }
+ }
+#endif
+
if (uap->op == I386_GET_LDT || uap->op == I386_SET_LDT)
return (sysarch_ldt(td, uap, UIO_USERSPACE));
/*
diff --git a/sys/arm/arm/sys_machdep.c b/sys/arm/arm/sys_machdep.c
index 1dd8677..89e5227 100644
--- a/sys/arm/arm/sys_machdep.c
+++ b/sys/arm/arm/sys_machdep.c
@@ -36,8 +36,11 @@
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
+#include "opt_capabilities.h"
+
#include <sys/param.h>
#include <sys/systm.h>
+#include <sys/capability.h>
#include <sys/proc.h>
#include <sys/sysproto.h>
#include <sys/syscall.h>
@@ -104,6 +107,24 @@ sysarch(td, uap)
{
int error;
+#ifdef CAPABILITIES
+ /*
+ * Whitelist of operations which are safe enough for capability mode.
+ */
+ if (IN_CAPABILITY_MODE(td)) {
+ switch (uap->op) {
+ case ARM_SYNC_ICACHE:
+ case ARM_DRAIN_WRITEBUF:
+ case ARM_SET_TP:
+ case ARM_GET_TP:
+ break;
+
+ default:
+ return (ECAPMODE);
+ }
+ }
+#endif
+
switch (uap->op) {
case ARM_SYNC_ICACHE :
error = arm32_sync_icache(td, uap->parms);
diff --git a/sys/i386/i386/sys_machdep.c b/sys/i386/i386/sys_machdep.c
index cd0c370..6a761bf 100644
--- a/sys/i386/i386/sys_machdep.c
+++ b/sys/i386/i386/sys_machdep.c
@@ -32,9 +32,11 @@
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
+#include "opt_capabilities.h"
#include "opt_kstack_pages.h"
#include <sys/param.h>
+#include <sys/capability.h>
#include <sys/systm.h>
#include <sys/lock.h>
#include <sys/malloc.h>
@@ -108,6 +110,29 @@ sysarch(td, uap)
struct segment_descriptor sd, *sdp;
AUDIT_ARG_CMD(uap->op);
+
+#ifdef CAPABILITIES
+ /*
+ * Whitelist of operations which are safe enough for capability mode.
+ */
+ if (IN_CAPABILITY_MODE(td)) {
+ switch (uap->op) {
+ case I386_GET_LDT:
+ case I386_SET_LDT:
+ case I386_GET_IOPERM:
+ case I386_GET_FSBASE:
+ case I386_SET_FSBASE:
+ case I386_GET_GSBASE:
+ case I386_SET_GSBASE:
+ break;
+
+ case I386_SET_IOPERM:
+ default:
+ return (ECAPMODE);
+ }
+ }
+#endif
+
switch (uap->op) {
case I386_GET_IOPERM:
case I386_SET_IOPERM:
OpenPOWER on IntegriCloud