| procfs_mem.c (dc733423474fd7365890fcf290b2e017d9907635) | procfs_mem.c (afc6ea238fca8459050ec15d5d897354e1d0435a) |
|---|---|
| 1/* 2 * Copyright (c) 1993 Jan-Simon Pendry 3 * Copyright (c) 1993 Sean Eric Fagan 4 * Copyright (c) 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Jan-Simon Pendry and Sean Eric Fagan. --- 23 unchanged lines hidden (view full) --- 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)procfs_mem.c 8.5 (Berkeley) 6/15/94 39 * | 1/* 2 * Copyright (c) 1993 Jan-Simon Pendry 3 * Copyright (c) 1993 Sean Eric Fagan 4 * Copyright (c) 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Jan-Simon Pendry and Sean Eric Fagan. --- 23 unchanged lines hidden (view full) --- 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)procfs_mem.c 8.5 (Berkeley) 6/15/94 39 * |
| 40 * $Id: procfs_mem.c,v 1.30 1998/02/06 12:13:41 eivind Exp $ | 40 * $Id: procfs_mem.c,v 1.31 1998/04/17 22:36:55 des Exp $ |
| 41 */ 42 43/* 44 * This is a lightly hacked and merged version 45 * of sef's pread/pwrite functions 46 */ 47 48#include <sys/param.h> --- 7 unchanged lines hidden (view full) --- 56#include <sys/lock.h> 57#include <vm/pmap.h> 58#include <vm/vm_map.h> 59#include <vm/vm_kern.h> 60#include <vm/vm_object.h> 61#include <vm/vm_page.h> 62#include <vm/vm_extern.h> 63#include <sys/user.h> | 41 */ 42 43/* 44 * This is a lightly hacked and merged version 45 * of sef's pread/pwrite functions 46 */ 47 48#include <sys/param.h> --- 7 unchanged lines hidden (view full) --- 56#include <sys/lock.h> 57#include <vm/pmap.h> 58#include <vm/vm_map.h> 59#include <vm/vm_kern.h> 60#include <vm/vm_object.h> 61#include <vm/vm_page.h> 62#include <vm/vm_extern.h> 63#include <sys/user.h> |
| 64#include <sys/ptrace.h> |
|
| 64 | 65 |
| 65static int procfs_rwmem __P((struct proc *p, struct uio *uio)); | 66static int procfs_rwmem __P((struct proc *curp, 67 struct proc *p, struct uio *uio)); |
| 66 67static int | 68 69static int |
| 68procfs_rwmem(p, uio) | 70procfs_rwmem(curp, p, uio) 71 struct proc *curp; |
| 69 struct proc *p; 70 struct uio *uio; 71{ 72 int error; 73 int writing; 74 struct vmspace *vm; 75 vm_map_t map; 76 vm_object_t object = NULL; --- 48 unchanged lines hidden (view full) --- 125 /* 126 * How many bytes to copy 127 */ 128 len = min(PAGE_SIZE - page_offset, uio->uio_resid); 129 130 if (uva >= VM_MAXUSER_ADDRESS) { 131 vm_offset_t tkva; 132 | 72 struct proc *p; 73 struct uio *uio; 74{ 75 int error; 76 int writing; 77 struct vmspace *vm; 78 vm_map_t map; 79 vm_object_t object = NULL; --- 48 unchanged lines hidden (view full) --- 128 /* 129 * How many bytes to copy 130 */ 131 len = min(PAGE_SIZE - page_offset, uio->uio_resid); 132 133 if (uva >= VM_MAXUSER_ADDRESS) { 134 vm_offset_t tkva; 135 |
| 133 if (writing || (uva >= (VM_MAXUSER_ADDRESS + UPAGES * PAGE_SIZE))) { | 136 if (writing || 137 uva >= VM_MAXUSER_ADDRESS + UPAGES * PAGE_SIZE || 138 (ptrace_read_u_check(p, 139 uva - (vm_offset_t) VM_MAXUSER_ADDRESS, 140 (size_t) len) && 141 !procfs_kmemaccess(curp))) { |
| 134 error = 0; 135 break; 136 } 137 138 /* we are reading the "U area", force it into core */ 139 PHOLD(p); 140 141 /* sanity check */ --- 143 unchanged lines hidden (view full) --- 285 * for Pmem nodes, and only if it's reading. This is still not 286 * good, as it may still be possible to grab illicit data if 287 * a process somehow gets to be KMEM_GROUP. Note that this also 288 * means that KMEM_GROUP can't change without editing procfs.h! 289 * All in all, quite yucky. 290 */ 291 292 if (!CHECKIO(curp, p) && | 142 error = 0; 143 break; 144 } 145 146 /* we are reading the "U area", force it into core */ 147 PHOLD(p); 148 149 /* sanity check */ --- 143 unchanged lines hidden (view full) --- 293 * for Pmem nodes, and only if it's reading. This is still not 294 * good, as it may still be possible to grab illicit data if 295 * a process somehow gets to be KMEM_GROUP. Note that this also 296 * means that KMEM_GROUP can't change without editing procfs.h! 297 * All in all, quite yucky. 298 */ 299 300 if (!CHECKIO(curp, p) && |
| 293 !(curp->p_cred->pc_ucred->cr_gid == KMEM_GROUP && 294 uio->uio_rw == UIO_READ)) | 301 !(uio->uio_rw == UIO_READ && 302 procfs_kmemaccess(curp))) |
| 295 return EPERM; 296 | 303 return EPERM; 304 |
| 297 return (procfs_rwmem(p, uio)); | 305 return (procfs_rwmem(curp, p, uio)); |
| 298} 299 300/* 301 * Given process (p), find the vnode from which 302 * its text segment is being executed. 303 * 304 * It would be nice to grab this information from 305 * the VM system, however, there is no sure-fire --- 4 unchanged lines hidden (view full) --- 310 */ 311struct vnode * 312procfs_findtextvp(p) 313 struct proc *p; 314{ 315 316 return (p->p_textvp); 317} | 306} 307 308/* 309 * Given process (p), find the vnode from which 310 * its text segment is being executed. 311 * 312 * It would be nice to grab this information from 313 * the VM system, however, there is no sure-fire --- 4 unchanged lines hidden (view full) --- 318 */ 319struct vnode * 320procfs_findtextvp(p) 321 struct proc *p; 322{ 323 324 return (p->p_textvp); 325} |
| 326 327int procfs_kmemaccess(curp) 328 struct proc *curp; 329{ 330 int i; 331 struct ucred *cred; 332 333 cred = curp->p_cred->pc_ucred; 334 if (suser(cred, &curp->p_acflag)) 335 return 1; 336 337 for (i = 0; i < cred->cr_ngroups; i++) 338 if (cred->cr_groups[i] == KMEM_GROUP) 339 return 1; 340 341 return 0; 342} |
|