1# 2# This file and its contents are supplied under the terms of the 3# Common Development and Distribution License ("CDDL"), version 1.0. 4# You may only use this file in accordance with the terms of version 5# 1.0 of the CDDL. 6# 7# A full copy of the text of the CDDL should have accompanied this 8# source. A copy of the CDDL is also available via the Internet at 9# http://www.illumos.org/license/CDDL. 10# 11 12# 13# Copyright (c) 2015, Joyent, Inc. All rights reserved. 14# 15 16err=/tmp/err.$$ 17 18ppriv -s A=basic,dtrace_user $$ 19 20# 21# When we lack dtrace_kernel, we expect to not be able to get at kernel memory 22# via any subroutine or other vector. 23# 24# trace(func((void *)&\`utsname)); } 25/usr/sbin/dtrace -wq -Cs /dev/stdin 2> $err <<EOF 26 27#define FAIL \ 28 printf("able to read kernel memory via %s!\n", badsubr); \ 29 exit(2); 30 31#define CANTREAD1(func) \ 32 BEGIN { badsubr = "func()"; func((void *)&\`utsname); FAIL } 33 34#define CANTREAD2(func, arg1) \ 35 BEGIN { badsubr = "func()"; func((void *)&\`utsname, arg1); FAIL } 36 37#define CANTREAD2ARG1(func, arg0) \ 38 BEGIN { badsubr = "func() (arg1)"; func(arg0, (void *)&\`utsname); FAIL } 39 40#define CANTREAD3(func, arg1, arg2) \ 41 BEGIN { badsubr = "func()"; func((void *)&\`utsname, arg1, arg2); FAIL } 42 43CANTREAD1(mutex_owned) 44CANTREAD1(mutex_owner) 45CANTREAD1(mutex_type_adaptive) 46CANTREAD1(mutex_type_spin) 47CANTREAD1(rw_read_held) 48CANTREAD1(rw_write_held) 49CANTREAD1(rw_iswriter) 50CANTREAD3(bcopy, alloca(1), 1) 51CANTREAD1(msgsize) 52CANTREAD1(msgdsize) 53CANTREAD1(strlen) 54CANTREAD2(strchr, '!') 55CANTREAD2(strrchr, '!') 56CANTREAD2(strstr, "doogle") 57CANTREAD2ARG1(strstr, "doogle") 58CANTREAD2(index, "bagnoogle") 59CANTREAD2ARG1(index, "bagnoogle") 60CANTREAD2(rindex, "bagnoogle") 61CANTREAD2ARG1(rindex, "bagnoogle") 62CANTREAD2(strtok, "doogle") 63CANTREAD2ARG1(strtok, "doogle") 64CANTREAD2(json, "doogle") 65CANTREAD2ARG1(json, "doogle") 66CANTREAD1(toupper) 67CANTREAD1(tolower) 68CANTREAD2(ddi_pathname, 1) 69CANTREAD2(strjoin, "doogle") 70CANTREAD2ARG1(strjoin, "doogle") 71CANTREAD1(strtoll) 72CANTREAD1(dirname) 73CANTREAD1(basename) 74CANTREAD1(cleanpath) 75 76#if defined(__amd64) 77CANTREAD3(copyout, uregs[R_R9], 1) 78CANTREAD3(copyoutstr, uregs[R_R9], 1) 79#else 80#if defined(__i386) 81CANTREAD3(copyout, uregs[R_ESP], 1) 82CANTREAD3(copyoutstr, uregs[R_ESP], 1) 83#endif 84#endif 85 86BEGIN 87{ 88 exit(0); 89} 90 91ERROR 92/arg4 != DTRACEFLT_KPRIV/ 93{ 94 printf("bad error code via %s (expected %d, found %d)\n", 95 badsubr, DTRACEFLT_KPRIV, arg4); 96 exit(3); 97} 98 99ERROR 100/arg4 == DTRACEFLT_KPRIV/ 101{ 102 printf("illegal kernel access properly prevented from %s\n", badsubr); 103} 104EOF 105 106status=$? 107 108if [[ $status -eq 1 ]]; then 109 cat $err 110fi 111 112exit $status 113