git: f239981ed58c - main - proc_rwmem check PRIV_PROC_MEM_WRITE when writing

Fri, 08 Nov 2024 16:13:04 -0800 

The branch main has been updated by sjg:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=f239981ed58ca632d4dba39b2229c3152dd32a15

commit f239981ed58ca632d4dba39b2229c3152dd32a15
Author:     Simon J. Gerraty <[email protected]>
AuthorDate: 2024-11-09 00:11:12 +0000
Commit:     Simon J. Gerraty <[email protected]>
CommitDate: 2024-11-09 00:11:33 +0000

    proc_rwmem check PRIV_PROC_MEM_WRITE when writing
    
    This will fail when mac_veriexec is enforced.
    
    Move the check from procfs_doprocmem to proc_rwmem to ensure all
    cases are covered.
    
    Reviewed by:    olce, markj
    Sponsored by:   Juniper Networks, Inc.
    Differential Revision:  https://reviews.freebsd.org/D47484
---
 sys/fs/procfs/procfs_mem.c | 2 --
 sys/kern/sys_process.c     | 6 ++++++
 sys/sys/priv.h             | 2 +-
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/sys/fs/procfs/procfs_mem.c b/sys/fs/procfs/procfs_mem.c
index 159b40785172..0020b8f8a8d8 100644
--- a/sys/fs/procfs/procfs_mem.c
+++ b/sys/fs/procfs/procfs_mem.c
@@ -62,8 +62,6 @@ procfs_doprocmem(PFS_FILL_ARGS)
 
        PROC_LOCK(p);
        error = p_candebug(td, p);
-       if (error == 0 && uio->uio_rw == UIO_WRITE)
-               error = priv_check(td, PRIV_PROC_MEM_WRITE);
        PROC_UNLOCK(p);
        if (error == 0)
                error = proc_rwmem(p, uio);
diff --git a/sys/kern/sys_process.c b/sys/kern/sys_process.c
index a3a7a22f4cd3..fe2e112dbcfa 100644
--- a/sys/kern/sys_process.c
+++ b/sys/kern/sys_process.c
@@ -361,6 +361,12 @@ proc_rwmem(struct proc *p, struct uio *uio)
        reqprot = writing ? VM_PROT_COPY | VM_PROT_READ : VM_PROT_READ;
        fault_flags = writing ? VM_FAULT_DIRTY : VM_FAULT_NORMAL;
 
+       if (writing) {
+               error = priv_check_cred(p->p_ucred, PRIV_PROC_MEM_WRITE);
+               if (error)
+                       return (error);
+       }
+
        /*
         * Only map in one page at a time.  We don't have to, but it
         * makes things easier.  This way is trivial - right?
diff --git a/sys/sys/priv.h b/sys/sys/priv.h
index 5e14fee2cce1..864fb5b9cdea 100644
--- a/sys/sys/priv.h
+++ b/sys/sys/priv.h
@@ -515,7 +515,7 @@
  */
 #define        PRIV_KMEM_READ          680     /* Open mem/kmem for reading. */
 #define        PRIV_KMEM_WRITE         681     /* Open mem/kmem for writing. */
-#define        PRIV_PROC_MEM_WRITE     682     /* Open /proc/<pid>/mem for 
writing. */
+#define        PRIV_PROC_MEM_WRITE     682     /* Writes via proc_rwmem */
 
 /*
  * Kernel debugger privileges.

Reply via email to