il_7029 Sdiff usr/src/uts/common/os/priv.c

Print this page

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

  72 static boolean_t priv_valid(const cred_t *);
  73 
  74 priv_set_t priv_fullset;        /* set of all privileges */
  75 priv_set_t priv_unsafe; /* unsafe to exec set-uid root if these are not in L */
  76 
  77 /*
  78  * Privilege initialization functions.
  79  * Called from common/os/cred.c when cred_init is called.
  80  */
  81 
  82 void
  83 priv_init(void)
  84 {
  85 #ifdef DEBUG
  86         int alloc_test_priv = 1;
  87 #else
  88         int alloc_test_priv = priv_debug;
  89 #endif
  90         rw_init(&privinfo_lock, NULL, RW_DRIVER, NULL);
  91 
  92         PRIV_BASIC_ASSERT(priv_basic);
  93         PRIV_UNSAFE_ASSERT(&priv_unsafe);
  94         priv_fillset(&priv_fullset);
  95 
  96         /*
  97          * When booting with priv_debug set or in a DEBUG kernel, then we'll
  98          * add an additional basic privilege and we verify that it is always
  99          * present in E.
 100          */
 101         if (alloc_test_priv != 0 &&
 102             (priv_basic_test = priv_getbyname("basic_test", PRIV_ALLOC)) >= 0) {
 103                 priv_addset(priv_basic, priv_basic_test);
 104         }
 105 
 106         devpolicy_init();
 107 }
 108 
 109 /* Utility functions: privilege sets as opaque data types */
 110 
 111 /*
 112  * Guts of prgetprivsize.
 113  */

 463 void
 464 priv_emptyset(priv_set_t *set)
 465 {
 466         bzero(set, sizeof (*set));
 467 }
 468 
 469 void
 470 priv_fillset(priv_set_t *set)
 471 {
 472         int i;
 473 
 474         /* memset? */
 475         for (i = 0; i < PRIV_SETSIZE; i++)
 476                 set->pbits[i] = ~(priv_chunk_t)0;
 477 }
 478 
 479 void
 480 priv_addset(priv_set_t *set, int priv)
 481 {
 482         ASSERT(priv >= 0 && priv < MAX_PRIVILEGE);
 483         __PRIV_ASSERT(set, priv);
 484 }
 485 
 486 void
 487 priv_delset(priv_set_t *set, int priv)
 488 {
 489         ASSERT(priv >= 0 && priv < MAX_PRIVILEGE);
 490         __PRIV_CLEAR(set, priv);
 491 }
 492 
 493 boolean_t
 494 priv_ismember(const priv_set_t *set, int priv)
 495 {
 496         ASSERT(priv >= 0 && priv < MAX_PRIVILEGE);
 497         return (__PRIV_ISASSERT(set, priv) ? B_TRUE : B_FALSE);
 498 }
 499 
 500 #define PRIV_TEST_BODY(test) \
 501         int i; \
 502 \
 503         for (i = 0; i < PRIV_SETSIZE; i++) \
 504                 if (!(test)) \
 505                         return (B_FALSE); \
 506 \
 507         return (B_TRUE)
 508 
 509 boolean_t
 510 priv_isequalset(const priv_set_t *a, const priv_set_t *b)
 511 {
 512         return ((boolean_t)(bcmp(a, b, sizeof (*a)) == 0));
 513 }
 514 
 515 boolean_t
 516 priv_isemptyset(const priv_set_t *set)
 517 {

  72 static boolean_t priv_valid(const cred_t *);
  73 
  74 priv_set_t priv_fullset;        /* set of all privileges */
  75 priv_set_t priv_unsafe; /* unsafe to exec set-uid root if these are not in L */
  76 
  77 /*
  78  * Privilege initialization functions.
  79  * Called from common/os/cred.c when cred_init is called.
  80  */
  81 
  82 void
  83 priv_init(void)
  84 {
  85 #ifdef DEBUG
  86         int alloc_test_priv = 1;
  87 #else
  88         int alloc_test_priv = priv_debug;
  89 #endif
  90         rw_init(&privinfo_lock, NULL, RW_DRIVER, NULL);
  91 
  92         PRIV_BASIC_ADDSET(priv_basic);
  93         PRIV_UNSAFE_ADDSET(&priv_unsafe);
  94         priv_fillset(&priv_fullset);
  95 
  96         /*
  97          * When booting with priv_debug set or in a DEBUG kernel, then we'll
  98          * add an additional basic privilege and we verify that it is always
  99          * present in E.
 100          */
 101         if (alloc_test_priv != 0 &&
 102             (priv_basic_test = priv_getbyname("basic_test", PRIV_ALLOC)) >= 0) {
 103                 priv_addset(priv_basic, priv_basic_test);
 104         }
 105 
 106         devpolicy_init();
 107 }
 108 
 109 /* Utility functions: privilege sets as opaque data types */
 110 
 111 /*
 112  * Guts of prgetprivsize.
 113  */

 463 void
 464 priv_emptyset(priv_set_t *set)
 465 {
 466         bzero(set, sizeof (*set));
 467 }
 468 
 469 void
 470 priv_fillset(priv_set_t *set)
 471 {
 472         int i;
 473 
 474         /* memset? */
 475         for (i = 0; i < PRIV_SETSIZE; i++)
 476                 set->pbits[i] = ~(priv_chunk_t)0;
 477 }
 478 
 479 void
 480 priv_addset(priv_set_t *set, int priv)
 481 {
 482         ASSERT(priv >= 0 && priv < MAX_PRIVILEGE);
 483         __PRIV_ADDSET(set, priv);
 484 }
 485 
 486 void
 487 priv_delset(priv_set_t *set, int priv)
 488 {
 489         ASSERT(priv >= 0 && priv < MAX_PRIVILEGE);
 490         __PRIV_DELSET(set, priv);
 491 }
 492 
 493 boolean_t
 494 priv_ismember(const priv_set_t *set, int priv)
 495 {
 496         ASSERT(priv >= 0 && priv < MAX_PRIVILEGE);
 497         return (__PRIV_ISMEMBER(set, priv) ? B_TRUE : B_FALSE);
 498 }
 499 
 500 #define PRIV_TEST_BODY(test) \
 501         int i; \
 502 \
 503         for (i = 0; i < PRIV_SETSIZE; i++) \
 504                 if (!(test)) \
 505                         return (B_FALSE); \
 506 \
 507         return (B_TRUE)
 508 
 509 boolean_t
 510 priv_isequalset(const priv_set_t *a, const priv_set_t *b)
 511 {
 512         return ((boolean_t)(bcmp(a, b, sizeof (*a)) == 0));
 513 }
 514 
 515 boolean_t
 516 priv_isemptyset(const priv_set_t *set)
 517 {