CVS commit: src

Christoph Egger Tue, 17 Jan 2012 02:47:41 -0800

Module Name:    src
Committed By:   cegger
Date:           Tue Jan 17 10:47:28 UTC 2012


Modified Files:
        src/share/man/man9: kauth.9 secmodel_securelevel.9
        src/sys/kern: kern_cpu.c
        src/sys/secmodel/securelevel: secmodel_securelevel.c
        src/sys/secmodel/suser: secmodel_suser.c
        src/sys/sys: kauth.h

Log Message:
fix secmodel implementation of CPU_UCODE.
ok wiz@ for the manpages
ok elad@


To generate a diff of this commit:
cvs rdiff -u -r1.95 -r1.96 src/share/man/man9/kauth.9
cvs rdiff -u -r1.11 -r1.12 src/share/man/man9/secmodel_securelevel.9
cvs rdiff -u -r1.53 -r1.54 src/sys/kern/kern_cpu.c
cvs rdiff -u -r1.25 -r1.26 \
    src/sys/secmodel/securelevel/secmodel_securelevel.c
cvs rdiff -u -r1.37 -r1.38 src/sys/secmodel/suser/secmodel_suser.c
cvs rdiff -u -r1.67 -r1.68 src/sys/sys/kauth.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/share/man/man9/kauth.9
diff -u src/share/man/man9/kauth.9:1.95 src/share/man/man9/kauth.9:1.96
--- src/share/man/man9/kauth.9:1.95	Sun Dec  4 23:59:25 2011
+++ src/share/man/man9/kauth.9	Tue Jan 17 10:47:27 2012
@@ -1,4 +1,4 @@
-.\" $NetBSD: kauth.9,v 1.95 2011/12/04 23:59:25 jym Exp $
+.\" $NetBSD: kauth.9,v 1.96 2012/01/17 10:47:27 cegger Exp $
 .\"
 .\" Copyright (c) 2005, 2006 Elad Efrat <[email protected]>
 .\" All rights reserved.
@@ -25,7 +25,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd November 8, 2011
+.Dd January 16, 2012
 .Dt KAUTH 9
 .Os
 .Sh NAME
@@ -770,6 +770,12 @@ platforms.
 Below is a list of available actions, along with which platforms are affected
 by each.
 .Bl -tag -width compact
+.It Dv KAUTH_MACHDEP_CPU_UCODE_APPLY
+Request to apply a CPU microcode to a CPU.
+This is related to the
+.Em CPU_UCODE
+kernel config
+.Xr options 4 .
 .It Dv KAUTH_MACHDEP_CACHEFLUSH
 Request to flush the whole CPU cache.
 Affects

Index: src/share/man/man9/secmodel_securelevel.9
diff -u src/share/man/man9/secmodel_securelevel.9:1.11 src/share/man/man9/secmodel_securelevel.9:1.12
--- src/share/man/man9/secmodel_securelevel.9:1.11	Sun Dec  4 21:08:45 2011
+++ src/share/man/man9/secmodel_securelevel.9	Tue Jan 17 10:47:27 2012
@@ -1,4 +1,4 @@
-.\" $NetBSD: secmodel_securelevel.9,v 1.11 2011/12/04 21:08:45 jym Exp $
+.\" $NetBSD: secmodel_securelevel.9,v 1.12 2012/01/17 10:47:27 cegger Exp $
 .\"
 .\" Copyright (c) 2006 Elad Efrat <[email protected]>
 .\" Copyright (c) 2000 Hugh Graham
@@ -26,7 +26,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd December 4, 2011
+.Dd January 16, 2012
 .Dt SECMODEL_SECURELEVEL 9
 .Os
 .Sh NAME
@@ -154,6 +154,8 @@ The system clock may not be set backward
 Per-process coredump name may not be changed.
 .It
 Packet filtering and NAT rules may not be altered.
+.It
+CPU ucode loading is denied on platforms that support it.
 .El
 .El
 .Pp

Index: src/sys/kern/kern_cpu.c
diff -u src/sys/kern/kern_cpu.c:1.53 src/sys/kern/kern_cpu.c:1.54
--- src/sys/kern/kern_cpu.c:1.53	Fri Jan 13 16:05:15 2012
+++ src/sys/kern/kern_cpu.c	Tue Jan 17 10:47:27 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_cpu.c,v 1.53 2012/01/13 16:05:15 cegger Exp $	*/
+/*	$NetBSD: kern_cpu.c,v 1.54 2012/01/17 10:47:27 cegger Exp $	*/
 
 /*-
  * Copyright (c) 2007, 2008, 2009, 2010, 2012 The NetBSD Foundation, Inc.
@@ -56,7 +56,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_cpu.c,v 1.53 2012/01/13 16:05:15 cegger Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_cpu.c,v 1.54 2012/01/17 10:47:27 cegger Exp $");
 
 #include "opt_cpu_ucode.h"
 
@@ -258,11 +258,6 @@ cpuctl_ioctl(dev_t dev, u_long cmd, void
 		    NULL, NULL, NULL, NULL);
 		if (error != 0)
 			break;
-		error = kauth_authorize_system(l->l_cred,
-		    KAUTH_SYSTEM_CPU, KAUTH_REQ_SYSTEM_CPU_UCODE_APPLY,
-		    data, NULL, NULL);
-		if (error != 0)
-			break;
 		error = cpu_ucode_apply(data);
 		break;
 #endif

Index: src/sys/secmodel/securelevel/secmodel_securelevel.c
diff -u src/sys/secmodel/securelevel/secmodel_securelevel.c:1.25 src/sys/secmodel/securelevel/secmodel_securelevel.c:1.26
--- src/sys/secmodel/securelevel/secmodel_securelevel.c:1.25	Fri Jan 13 16:05:15 2012
+++ src/sys/secmodel/securelevel/secmodel_securelevel.c	Tue Jan 17 10:47:27 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_securelevel.c,v 1.25 2012/01/13 16:05:15 cegger Exp $ */
+/* $NetBSD: secmodel_securelevel.c,v 1.26 2012/01/17 10:47:27 cegger Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <[email protected]>
  * All rights reserved.
@@ -35,7 +35,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_securelevel.c,v 1.25 2012/01/13 16:05:15 cegger Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_securelevel.c,v 1.26 2012/01/17 10:47:27 cegger Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_insecure.h"
@@ -484,8 +484,8 @@ secmodel_securelevel_machdep_cb(kauth_cr
 		break;
 
 	case KAUTH_MACHDEP_CPU_UCODE_APPLY:
-		if (securelevel < 1)
-			result = KAUTH_RESULT_ALLOW;
+		if (securelevel > 1)
+			result = KAUTH_RESULT_DENY;
 		break;
 
 	default:

Index: src/sys/secmodel/suser/secmodel_suser.c
diff -u src/sys/secmodel/suser/secmodel_suser.c:1.37 src/sys/secmodel/suser/secmodel_suser.c:1.38
--- src/sys/secmodel/suser/secmodel_suser.c:1.37	Fri Jan 13 16:05:15 2012
+++ src/sys/secmodel/suser/secmodel_suser.c	Tue Jan 17 10:47:28 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_suser.c,v 1.37 2012/01/13 16:05:15 cegger Exp $ */
+/* $NetBSD: secmodel_suser.c,v 1.38 2012/01/17 10:47:28 cegger Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <[email protected]>
  * All rights reserved.
@@ -38,7 +38,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.37 2012/01/13 16:05:15 cegger Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.38 2012/01/17 10:47:28 cegger Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -248,7 +248,6 @@ secmodel_suser_system_cb(kauth_cred_t cr
 	case KAUTH_SYSTEM_CPU:
 		switch (req) {
 		case KAUTH_REQ_SYSTEM_CPU_SETSTATE:
-		case KAUTH_REQ_SYSTEM_CPU_UCODE_APPLY:
 			if (isroot)
 				result = KAUTH_RESULT_ALLOW;
 
@@ -701,6 +700,7 @@ secmodel_suser_machdep_cb(kauth_cred_t c
         result = KAUTH_RESULT_DEFER;
 
         switch (action) {
+	case KAUTH_MACHDEP_CPU_UCODE_APPLY:
 	case KAUTH_MACHDEP_IOPERM_GET:
 	case KAUTH_MACHDEP_LDT_GET:
 	case KAUTH_MACHDEP_LDT_SET:

Index: src/sys/sys/kauth.h
diff -u src/sys/sys/kauth.h:1.67 src/sys/sys/kauth.h:1.68
--- src/sys/sys/kauth.h:1.67	Fri Jan 13 16:05:16 2012
+++ src/sys/sys/kauth.h	Tue Jan 17 10:47:26 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: kauth.h,v 1.67 2012/01/13 16:05:16 cegger Exp $ */
+/* $NetBSD: kauth.h,v 1.68 2012/01/17 10:47:26 cegger Exp $ */
 
 /*-
  * Copyright (c) 2005, 2006 Elad Efrat <[email protected]>  
@@ -109,7 +109,6 @@ enum kauth_system_req {
 	KAUTH_REQ_SYSTEM_CHROOT_CHROOT=1,
 	KAUTH_REQ_SYSTEM_CHROOT_FCHROOT,
 	KAUTH_REQ_SYSTEM_CPU_SETSTATE,
-	KAUTH_REQ_SYSTEM_CPU_UCODE_APPLY,
 	KAUTH_REQ_SYSTEM_DEBUG_IPKDB,
 	KAUTH_REQ_SYSTEM_MOUNT_GET,
 	KAUTH_REQ_SYSTEM_MOUNT_NEW,

CVS commit: src

Reply via email to