Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.
*** 143,156 ****
#define HAS_ALLPRIVS(cr) priv_isfullset(&CR_OEPRIV(cr))
#define ZONEPRIVS(cr) ((cr)->cr_zone->zone_privset)
#define HAS_ALLZONEPRIVS(cr) priv_issubset(ZONEPRIVS(cr), &CR_OEPRIV(cr))
#define HAS_PRIVILEGE(cr, pr) ((pr) == PRIV_ALL ? \
HAS_ALLPRIVS(cr) : \
! PRIV_ISASSERT(&CR_OEPRIV(cr), pr))
#define FAST_BASIC_CHECK(cr, priv) \
! if (PRIV_ISASSERT(&CR_OEPRIV(cr), priv)) { \
DTRACE_PROBE2(priv__ok, int, priv, boolean_t, B_FALSE); \
return (0); \
}
/*
--- 143,156 ----
#define HAS_ALLPRIVS(cr) priv_isfullset(&CR_OEPRIV(cr))
#define ZONEPRIVS(cr) ((cr)->cr_zone->zone_privset)
#define HAS_ALLZONEPRIVS(cr) priv_issubset(ZONEPRIVS(cr), &CR_OEPRIV(cr))
#define HAS_PRIVILEGE(cr, pr) ((pr) == PRIV_ALL ? \
HAS_ALLPRIVS(cr) : \
! PRIV_ISMEMBER(&CR_OEPRIV(cr), pr))
#define FAST_BASIC_CHECK(cr, priv) \
! if (PRIV_ISMEMBER(&CR_OEPRIV(cr), priv)) { \
DTRACE_PROBE2(priv__ok, int, priv, boolean_t, B_FALSE); \
return (0); \
}
/*
*** 399,409 ****
{
if ((HAS_PRIVILEGE(cr, priv) && (!allzone || HAS_ALLZONEPRIVS(cr))) ||
(!servicing_interrupt() &&
priv_policy_override(cr, priv, allzone, ap) == 0)) {
if ((allzone || priv == PRIV_ALL ||
! !PRIV_ISASSERT(priv_basic, priv)) &&
!servicing_interrupt()) {
PTOU(curproc)->u_acflag |= ASU; /* Needed for SVVS */
if (AU_AUDITING())
audit_priv(priv,
allzone ? ZONEPRIVS(cr) : NULL, 1);
--- 399,409 ----
{
if ((HAS_PRIVILEGE(cr, priv) && (!allzone || HAS_ALLZONEPRIVS(cr))) ||
(!servicing_interrupt() &&
priv_policy_override(cr, priv, allzone, ap) == 0)) {
if ((allzone || priv == PRIV_ALL ||
! !PRIV_ISMEMBER(priv_basic, priv)) &&
!servicing_interrupt()) {
PTOU(curproc)->u_acflag |= ASU; /* Needed for SVVS */
if (AU_AUDITING())
audit_priv(priv,
allzone ? ZONEPRIVS(cr) : NULL, 1);
*** 447,457 ****
boolean_t res = HAS_PRIVILEGE(cr, priv) &&
(!allzone || HAS_ALLZONEPRIVS(cr));
/* Audit success only */
if (res && AU_AUDITING() &&
! (allzone || priv == PRIV_ALL || !PRIV_ISASSERT(priv_basic, priv)) &&
!servicing_interrupt()) {
audit_priv(priv, allzone ? ZONEPRIVS(cr) : NULL, 1);
}
if (res) {
DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone);
--- 447,457 ----
boolean_t res = HAS_PRIVILEGE(cr, priv) &&
(!allzone || HAS_ALLZONEPRIVS(cr));
/* Audit success only */
if (res && AU_AUDITING() &&
! (allzone || priv == PRIV_ALL || !PRIV_ISMEMBER(priv_basic, priv)) &&
!servicing_interrupt()) {
audit_priv(priv, allzone ? ZONEPRIVS(cr) : NULL, 1);
}
if (res) {
DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone);
*** 970,987 ****
{
mode_t mode;
/* Inline the basic privileges tests. */
if ((wantmode & VREAD) &&
! !PRIV_ISASSERT(&CR_OEPRIV(cr), PRIV_FILE_READ) &&
priv_policy_va(cr, PRIV_FILE_READ, B_FALSE, EACCES, NULL,
KLPDARG_VNODE, vp, (char *)NULL, KLPDARG_NOMORE) != 0) {
return (EACCES);
}
if ((wantmode & VWRITE) &&
! !PRIV_ISASSERT(&CR_OEPRIV(cr), PRIV_FILE_WRITE) &&
priv_policy_va(cr, PRIV_FILE_WRITE, B_FALSE, EACCES, NULL,
KLPDARG_VNODE, vp, (char *)NULL, KLPDARG_NOMORE) != 0) {
return (EACCES);
}
--- 970,987 ----
{
mode_t mode;
/* Inline the basic privileges tests. */
if ((wantmode & VREAD) &&
! !PRIV_ISMEMBER(&CR_OEPRIV(cr), PRIV_FILE_READ) &&
priv_policy_va(cr, PRIV_FILE_READ, B_FALSE, EACCES, NULL,
KLPDARG_VNODE, vp, (char *)NULL, KLPDARG_NOMORE) != 0) {
return (EACCES);
}
if ((wantmode & VWRITE) &&
! !PRIV_ISMEMBER(&CR_OEPRIV(cr), PRIV_FILE_WRITE) &&
priv_policy_va(cr, PRIV_FILE_WRITE, B_FALSE, EACCES, NULL,
KLPDARG_VNODE, vp, (char *)NULL, KLPDARG_NOMORE) != 0) {
return (EACCES);
}
*** 1726,1735 ****
--- 1726,1748 ----
secpolicy_pset(const cred_t *cr)
{
return (PRIV_POLICY(cr, PRIV_SYS_RES_CONFIG, B_FALSE, EPERM, NULL));
}
+ /* Process security flags */
+ int
+ secpolicy_psecflags(const cred_t *cr, proc_t *tp, proc_t *sp)
+ {
+ if (PRIV_POLICY(cr, PRIV_PROC_SECFLAGS, B_FALSE, EPERM, NULL) != 0)
+ return (EPERM);
+
+ if (!prochasprocperm(tp, sp, cr))
+ return (EPERM);
+
+ return (0);
+ }
+
/*
* Processor set binding.
*/
int
secpolicy_pbind(const cred_t *cr)