diff options
| author | Robert Watson <rwatson@FreeBSD.org> | 2000-08-30 13:23:19 +0000 |
|---|---|---|
| committer | Robert Watson <rwatson@FreeBSD.org> | 2000-08-30 13:23:19 +0000 |
| commit | 9cd5f4c13bdbd0dcdea5c0051c3c3b702712e216 (patch) | |
| tree | 48dc9ccab82cc42c142735f0c858c06da6161581 /sys/compat | |
| parent | 890fc9495b2e1d5932724edec3f69df3d1c2cecd (diff) | |
| download | src-9cd5f4c13bdbd0dcdea5c0051c3c3b702712e216.tar.gz src-9cd5f4c13bdbd0dcdea5c0051c3c3b702712e216.zip | |
o Update linprocfs to include similar changes as those in procfs, fixing
the build (oops!): replace calls to p_trespass() and PRISON_CHECK()
with p_can(..., {P_CAN_SEE, P_CAN_DEBUG}, NULL)
o Remove volatile usage from procfs_readdir() to remove warnings
o Apply bp's CREATE fix to linprocfs, causing EROFS to be returned on
CREATE calls to procfs_lookup()
o Some further synchronization still needs to occur: only existing
access checks were replaced, to fix the build--the new ones were not
added. I'll do this later today, this is a "fix the build quickly"
commit. This means that, in the interim, some information leakage
can still occur via linprocfs when using jail or kern.ps_showallprocs
Submitted by: knu
Approved by: des
Obtained from: TrustedBSD Project
Notes
Notes:
svn path=/head/; revision=65258
Diffstat (limited to 'sys/compat')
| -rw-r--r-- | sys/compat/linprocfs/linprocfs_vnops.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/sys/compat/linprocfs/linprocfs_vnops.c b/sys/compat/linprocfs/linprocfs_vnops.c index 5ba499d7d2dc..3b2cf983aecf 100644 --- a/sys/compat/linprocfs/linprocfs_vnops.c +++ b/sys/compat/linprocfs/linprocfs_vnops.c @@ -129,7 +129,7 @@ linprocfs_open(ap) p2 = PFIND(pfs->pfs_pid); if (p2 == NULL) return (ENOENT); - if (pfs->pfs_pid && !PRISON_CHECK(ap->a_p, p2)) + if (pfs->pfs_pid && p_can(ap->a_p, p2, P_CAN_SEE, NULL)) return (ENOENT); switch (pfs->pfs_type) { @@ -139,7 +139,7 @@ linprocfs_open(ap) return (EBUSY); p1 = ap->a_p; - if (p_trespass(p1, p2) && + if (p_can(p1, p2, P_CAN_DEBUG, NULL) && !procfs_kmemaccess(p1)) return (EPERM); @@ -231,7 +231,7 @@ linprocfs_ioctl(ap) return ENOTTY; } - if (p_trespass(p, procp)) + if (p_can(p, procp, P_CAN_DEBUG, NULL)) return EPERM; switch (ap->a_command) { @@ -669,7 +669,8 @@ linprocfs_lookup(ap) *vpp = NULL; - if (cnp->cn_nameiop == DELETE || cnp->cn_nameiop == RENAME) + if (cnp->cn_nameiop == DELETE || cnp->cn_nameiop == RENAME || + cnp->cn_nameiop == CREATE) return (EROFS); if (cnp->cn_namelen == 1 && *pname == '.') { @@ -794,7 +795,7 @@ linprocfs_readdir(ap) p = PFIND(pfs->pfs_pid); if (p == NULL) break; - if (!PRISON_CHECK(curproc, p)) + if (p_can(curproc, p, P_CAN_SEE, NULL)) break; for (pt = &proc_targets[i]; @@ -829,7 +830,7 @@ linprocfs_readdir(ap) int doingzomb = 0; #endif int pcnt = 0; - volatile struct proc *p = allproc.lh_first; + struct proc *p = allproc.lh_first; for (; p && uio->uio_resid >= delen; i++, pcnt++) { bzero((char *) dp, delen); @@ -871,11 +872,11 @@ linprocfs_readdir(ap) p = p->p_list.le_next; if (!p) goto done; - if (!PRISON_CHECK(curproc, p)) + if (p_can(curproc, p, P_CAN_SEE, NULL)) continue; pcnt++; } - while (!PRISON_CHECK(curproc, p)) { + while (p_can(curproc, p, P_CAN_SEE, NULL)) { p = p->p_list.le_next; if (!p) goto done; |