diff options
-rw-r--r-- | share/man/man4/man4.i386/xf86.4 | 21 | ||||
-rw-r--r-- | sys/arch/i386/i386/mem.c | 26 |
2 files changed, 39 insertions, 8 deletions
diff --git a/share/man/man4/man4.i386/xf86.4 b/share/man/man4/man4.i386/xf86.4 index 0e38a7924c3..77d8eab6d2c 100644 --- a/share/man/man4/man4.i386/xf86.4 +++ b/share/man/man4/man4.i386/xf86.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: xf86.4,v 1.11 2000/11/10 20:02:18 todd Exp $ +.\" $OpenBSD: xf86.4,v 1.12 2000/12/17 21:10:31 matthieu Exp $ .\" .\" Copyright (c) 1998 Matthieu Herrb .\" All rights reserved. @@ -47,11 +47,28 @@ Access to the .Pa /dev/xf86 device is allowed when the sysctl variable .Va machdep.allowaperture -= 1. +>= 1. This variable (which default value is 0) can only be manipulated when the security level is <= 0, so it should be set in .Pa /etc/sysctl.conf . +The possible values for +.Va machdep.allowaperture +are: +.Bl -tag -width Ds +.It 0 +the aperture driver is disabled. Opening it returns +.Dv EPERM. +.It 1 +the aperture driver allows access to standard VGA framebuffer and +BIOS. +.It 2 +the aperture driver allow access to the whole 1st megabyte of physical +memory, for the use of the int10 emulation in XFree86 4.0.x. +Note that this can cause some security problems, since the process that has +access to the aperture driver can also access part of the kernel +memory. +.El .Sh SEE ALSO .Xr XF86_Accel 1 , .Xr XF86_SVGA 1 , diff --git a/sys/arch/i386/i386/mem.c b/sys/arch/i386/i386/mem.c index f9c74f05c08..597f966112c 100644 --- a/sys/arch/i386/i386/mem.c +++ b/sys/arch/i386/i386/mem.c @@ -1,5 +1,5 @@ /* $NetBSD: mem.c,v 1.31 1996/05/03 19:42:19 christos Exp $ */ -/* $OpenBSD: mem.c,v 1.14 1999/11/20 11:11:28 matthieu Exp $ */ +/* $OpenBSD: mem.c,v 1.15 2000/12/17 21:10:31 matthieu Exp $ */ /* * Copyright (c) 1988 University of Utah. * Copyright (c) 1982, 1986, 1990, 1993 @@ -268,12 +268,26 @@ mmmmap(dev, off, prot) #ifdef APERTURE /* minor device 4 is aperture driver */ case 4: - if (allowaperture && - (((off >= VGA_START && off <= BIOS_END) || - (unsigned)off > (unsigned)ctob(physmem)))) - return i386_btop(off); - else + switch (allowaperture) { + case 1: + /* Allow mapping of the VGA framebuffer & BIOS only */ + if ((off >= VGA_START && off <= BIOS_END) || + (unsigned)off > (unsigned)ctob(physmem)) + return i386_btop(off); + else + return -1; + case 2: + /* Allow mapping of the whole 1st megabyte + for x86emu */ + if (off <= BIOS_END || + (unsigned)off > (unsigned)ctob(physmem)) + return i386_btop(off); + else + return -1; + default: return -1; + } + #endif default: return -1; |