d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Disallow LKM manipulations when in seure mode.

Browse Source 
Noticed by: bde
This commit is contained in:
wollman 1995-11-29 17:45:59 +00:00
parent 058f435a83
commit 7a30acc257
1 changed files with 11 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
sys/kern/kern_lkm.c
View File

@ -30,14 +30,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $Id: kern_lkm.c,v 1.20 1995/11/29 10:48:22 julian Exp $
*/
/*
* XXX it's not really safe to unload *any* of the types which are
* currently loadable; e.g. you could unload a syscall which was being
* blocked in, etc. In the long term, a solution should be come up
* with, but "not right now." -- cgd
* $Id: kern_lkm.c,v 1.21 1995/11/29 14:40:34 julian Exp $
*/
#include <sys/param.h>
@ -205,7 +198,8 @@ lkmcioctl(dev, cmd, data, flag, p)
switch(cmd) {
case LMRESERV: /* reserve pages for a module */
if ((flag & FWRITE) == 0) /* only allow this if writing */
if ((flag & FWRITE) == 0 || securelevel > 0)
/* only allow this if writing and insecure */
return EPERM;
resrvp = (struct lmc_resrv *)data;
@ -245,7 +239,8 @@ lkmcioctl(dev, cmd, data, flag, p)
break;
case LMLOADBUF: /* Copy in; stateful, follows LMRESERV */
if ((flag & FWRITE) == 0) /* only allow this if writing */
if ((flag & FWRITE) == 0 || securelevel > 0)
/* only allow this if writing and insecure */
return EPERM;
loadbufp = (struct lmc_loadbuf *)data;
@ -280,7 +275,8 @@ lkmcioctl(dev, cmd, data, flag, p)
break;
case LMUNRESRV: /* discard reserved pages for a module */
if ((flag & FWRITE) == 0) /* only allow this if writing */
if ((flag & FWRITE) == 0 || securelevel > 0)
/* only allow this if writing and insecure */
return EPERM;
lkmunreserve(); /* coerce state to LKM_IDLE */
@ -290,7 +286,8 @@ lkmcioctl(dev, cmd, data, flag, p)
break;
case LMREADY: /* module loaded: call entry */
if ((flag & FWRITE) == 0) /* only allow this if writing */
if ((flag & FWRITE) == 0 || securelevel > 0)
/* only allow this if writing or insecure */
return EPERM;
switch (lkm_state) {
@ -354,7 +351,8 @@ lkmcioctl(dev, cmd, data, flag, p)
break;
case LMUNLOAD: /* unload a module */
if ((flag & FWRITE) == 0) /* only allow this if writing */
if ((flag & FWRITE) == 0 || securelevel > 0)
/* only allow this if writing and insecure */
return EPERM;
unloadp = (struct lmc_unload *)data;
@ -878,7 +876,6 @@ _lkm_exec(lkmtp, cmd)
const struct execsw **execsw =
(const struct execsw **)&execsw_set.ls_items[0];
#if 1
switch(cmd) {
case LKM_E_LOAD:
/* don't load twice! */
@ -924,9 +921,6 @@ _lkm_exec(lkmtp, cmd)
case LKM_E_STAT: /* no special handling... */
break;
}
#else
err = EINVAL;
#endif
return(err);
}