CVS commit: src/sys

Maxime Villard Tue, 04 Sep 2018 07:31:40 -0700

Module Name:    src
Committed By:   maxv
Date:           Tue Sep  4 14:31:19 UTC 2018


Modified Files:
        src/sys/kern: kern_proc.c sys_module.c
        src/sys/secmodel/extensions: secmodel_extensions.c
        src/sys/secmodel/suser: secmodel_suser.c
        src/sys/sys: kauth.h

Log Message:
Introduce KAUTH_REQ_PROCESS_CANSEE_KPTR, and use it in the already-existing
modstat code. No real functional change.


To generate a diff of this commit:
cvs rdiff -u -r1.214 -r1.215 src/sys/kern/kern_proc.c
cvs rdiff -u -r1.24 -r1.25 src/sys/kern/sys_module.c
cvs rdiff -u -r1.9 -r1.10 src/sys/secmodel/extensions/secmodel_extensions.c
cvs rdiff -u -r1.47 -r1.48 src/sys/secmodel/suser/secmodel_suser.c
cvs rdiff -u -r1.79 -r1.80 src/sys/sys/kauth.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/kern_proc.c
diff -u src/sys/kern/kern_proc.c:1.214 src/sys/kern/kern_proc.c:1.215
--- src/sys/kern/kern_proc.c:1.214	Mon Sep  3 16:29:35 2018
+++ src/sys/kern/kern_proc.c	Tue Sep  4 14:31:18 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_proc.c,v 1.214 2018/09/03 16:29:35 riastradh Exp $	*/
+/*	$NetBSD: kern_proc.c,v 1.215 2018/09/04 14:31:18 maxv Exp $	*/
 
 /*-
  * Copyright (c) 1999, 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -62,7 +62,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.214 2018/09/03 16:29:35 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.215 2018/09/04 14:31:18 maxv Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_kstack.h"
@@ -278,6 +278,7 @@ proc_listener_cb(kauth_cred_t cred, kaut
 
 			break;
 
+		case KAUTH_REQ_PROCESS_CANSEE_KPTR:
 		default:
 			break;
 		}

Index: src/sys/kern/sys_module.c
diff -u src/sys/kern/sys_module.c:1.24 src/sys/kern/sys_module.c:1.25
--- src/sys/kern/sys_module.c:1.24	Mon Sep  3 16:29:35 2018
+++ src/sys/kern/sys_module.c	Tue Sep  4 14:31:18 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: sys_module.c,v 1.24 2018/09/03 16:29:35 riastradh Exp $	*/
+/*	$NetBSD: sys_module.c,v 1.25 2018/09/04 14:31:18 maxv Exp $	*/
 
 /*-
  * Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -31,7 +31,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sys_module.c,v 1.24 2018/09/03 16:29:35 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sys_module.c,v 1.25 2018/09/04 14:31:18 maxv Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_modular.h"
@@ -123,8 +123,8 @@ handle_modctl_stat(struct iovec *iov, vo
 	bool stataddr;
 
 	/* If not privileged, don't expose kernel addresses. */
-	error = kauth_authorize_system(kauth_cred_get(), KAUTH_SYSTEM_MODULE,
-	    0, (void *)(uintptr_t)MODCTL_STAT, NULL, NULL);
+	error = kauth_authorize_process(kauth_cred_get(), KAUTH_PROCESS_CANSEE,
+	    curproc, KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_KPTR), NULL, NULL);
 	stataddr = (error == 0);
 
 	kernconfig_lock();

Index: src/sys/secmodel/extensions/secmodel_extensions.c
diff -u src/sys/secmodel/extensions/secmodel_extensions.c:1.9 src/sys/secmodel/extensions/secmodel_extensions.c:1.10
--- src/sys/secmodel/extensions/secmodel_extensions.c:1.9	Sat Aug 25 09:54:37 2018
+++ src/sys/secmodel/extensions/secmodel_extensions.c	Tue Sep  4 14:31:19 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_extensions.c,v 1.9 2018/08/25 09:54:37 maxv Exp $ */
+/* $NetBSD: secmodel_extensions.c,v 1.10 2018/09/04 14:31:19 maxv Exp $ */
 /*-
  * Copyright (c) 2011 Elad Efrat <[email protected]>
  * All rights reserved.
@@ -27,7 +27,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_extensions.c,v 1.9 2018/08/25 09:54:37 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_extensions.c,v 1.10 2018/09/04 14:31:19 maxv Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -450,6 +450,7 @@ secmodel_extensions_process_cb(kauth_cre
 
 			break;
 
+		case KAUTH_REQ_PROCESS_CANSEE_KPTR:
 		default:
 			break;
 		}

Index: src/sys/secmodel/suser/secmodel_suser.c
diff -u src/sys/secmodel/suser/secmodel_suser.c:1.47 src/sys/secmodel/suser/secmodel_suser.c:1.48
--- src/sys/secmodel/suser/secmodel_suser.c:1.47	Sat Aug 25 09:54:37 2018
+++ src/sys/secmodel/suser/secmodel_suser.c	Tue Sep  4 14:31:19 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_suser.c,v 1.47 2018/08/25 09:54:37 maxv Exp $ */
+/* $NetBSD: secmodel_suser.c,v 1.48 2018/09/04 14:31:19 maxv Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <[email protected]>
  * All rights reserved.
@@ -38,7 +38,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.47 2018/08/25 09:54:37 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.48 2018/09/04 14:31:19 maxv Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -500,6 +500,7 @@ secmodel_suser_process_cb(kauth_cred_t c
 		case KAUTH_REQ_PROCESS_CANSEE_ENTRY:
 		case KAUTH_REQ_PROCESS_CANSEE_OPENFILES:
 		case KAUTH_REQ_PROCESS_CANSEE_EPROC:
+		case KAUTH_REQ_PROCESS_CANSEE_KPTR:
 			if (isroot) {
 				result = KAUTH_RESULT_ALLOW;
 				break;

Index: src/sys/sys/kauth.h
diff -u src/sys/sys/kauth.h:1.79 src/sys/sys/kauth.h:1.80
--- src/sys/sys/kauth.h:1.79	Sat Aug 25 09:54:37 2018
+++ src/sys/sys/kauth.h	Tue Sep  4 14:31:18 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: kauth.h,v 1.79 2018/08/25 09:54:37 maxv Exp $ */
+/* $NetBSD: kauth.h,v 1.80 2018/09/04 14:31:18 maxv Exp $ */
 
 /*-
  * Copyright (c) 2005, 2006 Elad Efrat <[email protected]>  
@@ -231,6 +231,7 @@ enum kauth_process_req {
 	KAUTH_REQ_PROCESS_RLIMIT_SET,
 	KAUTH_REQ_PROCESS_RLIMIT_BYPASS,
 	KAUTH_REQ_PROCESS_CANSEE_EPROC,
+	KAUTH_REQ_PROCESS_CANSEE_KPTR
 };
 
 /*

CVS commit: src/sys

Reply via email to