summaryrefslogtreecommitdiff
path: root/sys/arch/arm
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2016-09-25 15:23:38 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2016-09-25 15:23:38 +0000
commitad35585b9ffc27f529b70035fcdfe3e2d66d3993 (patch)
tree714a871bb4d04c9a62c9099e614da701fd0b639f /sys/arch/arm
parent9028f68eb5361d23438fc560643a30d93e49e4d1 (diff)
Make a move towards ending 4 decades of kernel snooping.
Add sysctl kern.allowkmem (default 0) which controls the ability to open /dev/mem or /dev/kmem at securelevel > 0. Over 15 years we converted 99% of utilities in the tree to operate on sysctl-nodes (either by themselves or via code hiding in the guts of -lkvm). pstat -d and -v & procmap are affected and continued use of them will require kern.allowkmem=1 in /etc/sysctl.conf. acpidump (and it's buddy sendbug) are affected, but we'll work out a solution soon. There will be some impact in ports. ok kettenis guenther
Diffstat (limited to 'sys/arch/arm')
-rw-r--r--sys/arch/arm/arm/mem.c21
1 files changed, 13 insertions, 8 deletions
diff --git a/sys/arch/arm/arm/mem.c b/sys/arch/arm/arm/mem.c
index 2e76a251861..c05990f6c52 100644
--- a/sys/arch/arm/arm/mem.c
+++ b/sys/arch/arm/arm/mem.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mem.c,v 1.18 2016/08/16 18:21:54 tedu Exp $ */
+/* $OpenBSD: mem.c,v 1.19 2016/09/25 15:23:37 deraadt Exp $ */
/* $NetBSD: mem.c,v 1.11 2003/10/16 12:02:58 jdolecek Exp $ */
/*
@@ -101,15 +101,20 @@ extern int allowaperture;
int
mmopen(dev_t dev, int flag, int mode, struct proc *p)
{
+ extern int allowkmem;
+
switch (minor(dev)) {
- case 0:
- case 1:
- case 2:
- case 12:
+ case 0:
+ case 1:
+ if (securelevel <= 0 || allowkmem)
break;
+ return (EPERM);
+ case 2:
+ case 12:
+ break;
#ifdef APERTURE
case 4:
- if (suser(p, 0) != 0 || !allowaperture)
+ if (suser(p, 0) != 0 || !allowaperture)
return (EPERM);
/* authorize only one simultaneous open() unless
@@ -119,8 +124,8 @@ mmopen(dev_t dev, int flag, int mode, struct proc *p)
ap_open_count++;
break;
#endif
- default:
- return (ENXIO);
+ default:
+ return (ENXIO);
}
return (0);
}