20 */
21
22 /*
23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 /*
28 * This file contains high level functions used by multiple utilities.
29 */
30
31 #include "libscf_impl.h"
32
33 #include <assert.h>
34 #include <libuutil.h>
35 #include <string.h>
36 #include <stdlib.h>
37 #include <sys/systeminfo.h>
38 #include <sys/uadmin.h>
39 #include <sys/utsname.h>
40
41 #ifdef __x86
42 #include <smbios.h>
43
44 /*
45 * Check whether the platform is on the fastreboot_blacklist.
46 * Return 1 if the platform has been blacklisted, 0 otherwise.
47 */
48 static int
49 scf_is_fb_blacklisted(void)
50 {
51 smbios_hdl_t *shp;
52 smbios_system_t sys;
53 smbios_info_t info;
54
55 id_t id;
56 int err;
57 int i;
58
59 scf_simple_prop_t *prop = NULL;
336 /*
337 * If we are on xVM, do not fast reboot by default.
338 */
339 if (sysinfo(SI_PLATFORM, procbuf, sizeof (procbuf)) == -1 ||
340 strcmp(procbuf, "i86xpv") == 0)
341 return (0);
342
343 /*
344 * Get property values from "config" property group
345 */
346 scf_get_boot_config(&boot_config);
347
348 /*
349 * Get property values from non-persistent "config_ovr" property group
350 */
351 boot_config_ovr = boot_config;
352 scf_get_boot_config_ovr(&boot_config_ovr);
353
354 return (boot_config & boot_config_ovr & UA_FASTREBOOT_DEFAULT);
355 }
|
20 */
21
22 /*
23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 /*
28 * This file contains high level functions used by multiple utilities.
29 */
30
31 #include "libscf_impl.h"
32
33 #include <assert.h>
34 #include <libuutil.h>
35 #include <string.h>
36 #include <stdlib.h>
37 #include <sys/systeminfo.h>
38 #include <sys/uadmin.h>
39 #include <sys/utsname.h>
40 #include <sys/secflags.h>
41
42 #ifdef __x86
43 #include <smbios.h>
44
45 /*
46 * Check whether the platform is on the fastreboot_blacklist.
47 * Return 1 if the platform has been blacklisted, 0 otherwise.
48 */
49 static int
50 scf_is_fb_blacklisted(void)
51 {
52 smbios_hdl_t *shp;
53 smbios_system_t sys;
54 smbios_info_t info;
55
56 id_t id;
57 int err;
58 int i;
59
60 scf_simple_prop_t *prop = NULL;
337 /*
338 * If we are on xVM, do not fast reboot by default.
339 */
340 if (sysinfo(SI_PLATFORM, procbuf, sizeof (procbuf)) == -1 ||
341 strcmp(procbuf, "i86xpv") == 0)
342 return (0);
343
344 /*
345 * Get property values from "config" property group
346 */
347 scf_get_boot_config(&boot_config);
348
349 /*
350 * Get property values from non-persistent "config_ovr" property group
351 */
352 boot_config_ovr = boot_config;
353 scf_get_boot_config_ovr(&boot_config_ovr);
354
355 return (boot_config & boot_config_ovr & UA_FASTREBOOT_DEFAULT);
356 }
357
358 /*
359 * Read the default security-flags from system/process-security and return a
360 * secflagset_t suitable for psecflags(2)
361 *
362 * Unfortunately, this symbol must _exist_ in the native build, for the sake
363 * of the mapfile, even though we don't ever use it, and it will never work.
364 */
365 struct group_desc {
366 secflagset_t *set;
367 char *fmri;
368 };
369
370 int
371 scf_default_secflags(scf_handle_t *hndl, psecflags_t *flags)
372 {
373 #if !defined(NATIVE_BUILD)
374 scf_property_t *prop;
375 scf_value_t *val;
376 const char *flagname;
377 int flag;
378 struct group_desc *g;
379 struct group_desc groups[] = {
380 {NULL, "svc:/system/process-security/"
381 ":properties/default"},
382 {NULL, "svc:/system/process-security/"
383 ":properties/lower"},
384 {NULL, "svc:/system/process-security/"
385 ":properties/upper"},
386 {NULL, NULL}
387 };
388
389 groups[0].set = &flags->psf_inherit;
390 groups[1].set = &flags->psf_lower;
391 groups[2].set = &flags->psf_upper;
392
393 /* Ensure sane defaults */
394 psecflags_default(flags);
395
396 for (g = groups; g->set != NULL; g++) {
397 for (flag = 0; (flagname = secflag_to_str(flag)) != NULL;
398 flag++) {
399 char *pfmri;
400 uint8_t flagval = 0;
401
402 if ((val = scf_value_create(hndl)) == NULL)
403 return (-1);
404
405 if ((prop = scf_property_create(hndl)) == NULL) {
406 scf_value_destroy(val);
407 return (-1);
408 }
409
410 if ((pfmri = uu_msprintf("%s/%s", g->fmri,
411 flagname)) == NULL)
412 uu_die("Allocation failure\n");
413
414 if (scf_handle_decode_fmri(hndl, pfmri,
415 NULL, NULL, NULL, NULL, prop, NULL) != 0)
416 goto next;
417
418 if (scf_property_get_value(prop, val) != 0)
419 goto next;
420
421 (void) scf_value_get_boolean(val, &flagval);
422
423 if (flagval != 0)
424 secflag_set(g->set, flag);
425 else
426 secflag_clear(g->set, flag);
427
428 next:
429 uu_free(pfmri);
430 scf_value_destroy(val);
431 scf_property_destroy(prop);
432 }
433 }
434
435 if (!psecflags_validate(flags))
436 return (-1);
437
438 return (0);
439 #else
440 assert(0);
441 abort();
442 #endif /* !NATIVE_BUILD */
443 }
|