Path: blob/main/sys/compat/freebsd32/freebsd32_capability.c
39478 views
/*-1* SPDX-License-Identifier: BSD-2-Clause2*3* Copyright (c) 2013 The FreeBSD Foundation4*5* This software was developed by Pawel Jakub Dawidek under sponsorship from6* the FreeBSD Foundation.7*8* Redistribution and use in source and binary forms, with or without9* modification, are permitted provided that the following conditions10* are met:11* 1. Redistributions of source code must retain the above copyright12* notice, this list of conditions and the following disclaimer.13* 2. Redistributions in binary form must reproduce the above copyright14* notice, this list of conditions and the following disclaimer in the15* documentation and/or other materials provided with the distribution.16*17* THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND18* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE19* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE20* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE21* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL22* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS23* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)24* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT25* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY26* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF27* SUCH DAMAGE.28*/2930#include <sys/cdefs.h>31#include "opt_capsicum.h"3233#include <sys/param.h>34#include <sys/capsicum.h>35#include <sys/filedesc.h>36#include <sys/limits.h>37#include <sys/malloc.h>38#include <sys/proc.h>39#include <sys/syscallsubr.h>40#include <sys/sysproto.h>4142#include <security/audit/audit.h>4344#include <compat/freebsd32/freebsd32_proto.h>4546#ifdef CAPABILITIES4748MALLOC_DECLARE(M_FILECAPS);4950int51freebsd32_cap_ioctls_limit(struct thread *td,52struct freebsd32_cap_ioctls_limit_args *uap)53{54u_long *cmds;55uint32_t *cmds32;56size_t ncmds;57u_int i;58int error;5960ncmds = uap->ncmds;6162if (ncmds > 256) /* XXX: Is 256 sane? */63return (EINVAL);6465if (ncmds == 0) {66cmds = NULL;67} else {68cmds32 = malloc(sizeof(cmds32[0]) * ncmds, M_FILECAPS, M_WAITOK);69error = copyin(uap->cmds, cmds32, sizeof(cmds32[0]) * ncmds);70if (error != 0) {71free(cmds32, M_FILECAPS);72return (error);73}74cmds = malloc(sizeof(cmds[0]) * ncmds, M_FILECAPS, M_WAITOK);75for (i = 0; i < ncmds; i++)76cmds[i] = cmds32[i];77free(cmds32, M_FILECAPS);78}7980return (kern_cap_ioctls_limit(td, uap->fd, cmds, ncmds));81}8283int84freebsd32_cap_ioctls_get(struct thread *td,85struct freebsd32_cap_ioctls_get_args *uap)86{87struct filedesc *fdp;88struct filedescent *fdep;89uint32_t *cmds32;90u_long *cmds;91size_t maxcmds;92int error, fd;93u_int i;9495fd = uap->fd;96cmds32 = uap->cmds;97maxcmds = uap->maxcmds;9899AUDIT_ARG_FD(fd);100101fdp = td->td_proc->p_fd;102FILEDESC_SLOCK(fdp);103104if (fget_noref(fdp, fd) == NULL) {105error = EBADF;106goto out;107}108109/*110* If all ioctls are allowed (fde_nioctls == -1 && fde_ioctls == NULL)111* the only sane thing we can do is to not populate the given array and112* return CAP_IOCTLS_ALL (actually, INT_MAX).113*/114115fdep = &fdp->fd_ofiles[fd];116cmds = fdep->fde_ioctls;117if (cmds32 != NULL && cmds != NULL) {118for (i = 0; i < MIN(fdep->fde_nioctls, maxcmds); i++) {119if (suword32(&cmds32[i], cmds[i]) != 0) {120error = EFAULT;121goto out;122}123}124}125if (fdep->fde_nioctls == -1)126td->td_retval[0] = INT_MAX;127else128td->td_retval[0] = fdep->fde_nioctls;129130error = 0;131out:132FILEDESC_SUNLOCK(fdp);133return (error);134}135136#else /* !CAPABILITIES */137138int139freebsd32_cap_ioctls_limit(struct thread *td,140struct freebsd32_cap_ioctls_limit_args *uap)141{142143return (ENOSYS);144}145146int147freebsd32_cap_ioctls_get(struct thread *td,148struct freebsd32_cap_ioctls_get_args *uap)149{150151return (ENOSYS);152}153154#endif /* CAPABILITIES */155156157