Date: Tue, 17 Sep 2013 20:48:20 +0000 (UTC) From: Jilles Tjoelker <jilles@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r255657 - head/sys/compat/freebsd32 Message-ID: <201309172048.r8HKmKSe081542@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jilles Date: Tue Sep 17 20:48:19 2013 New Revision: 255657 URL: http://svnweb.freebsd.org/changeset/base/255657 Log: Disallow cap_enter() in freebsd32 compatibility mode. The freebsd32 compatibility mode (for running 32-bit binaries on 64-bit kernels) does not currently allow any system calls in capability mode, but still permits cap_enter(). As a result, 32-bit binaries on 64-bit kernels that use capability mode do not work (they crash after being disallowed to call sys_exit()). Affected binaries include dhclient and uniq. The latter's crashes cause obscure build failures. This commit makes freebsd32 cap_enter() fail with [ENOSYS], as if capability mode was not compiled in. Applications deal with this by doing their work without capability mode. This commit does not fix the uncommon situation where a 64-bit process enters capability mode and then executes a 32-bit binary using fexecve(). This commit should be reverted when allowing the necessary freebsd32 system calls in capability mode. Reviewed by: pjd Approved by: re (hrs) Modified: head/sys/compat/freebsd32/freebsd32_capability.c head/sys/compat/freebsd32/syscalls.master Modified: head/sys/compat/freebsd32/freebsd32_capability.c ============================================================================== --- head/sys/compat/freebsd32/freebsd32_capability.c Tue Sep 17 20:33:42 2013 (r255656) +++ head/sys/compat/freebsd32/freebsd32_capability.c Tue Sep 17 20:48:19 2013 (r255657) @@ -49,6 +49,18 @@ __FBSDID("$FreeBSD$"); MALLOC_DECLARE(M_FILECAPS); int +freebsd32_cap_enter(struct thread *td, + struct freebsd32_cap_enter_args *uap) +{ + + /* + * We do not have an equivalent of capabilities.conf for freebsd32 + * compatibility, so do not allow capability mode for now. + */ + return (ENOSYS); +} + +int freebsd32_cap_ioctls_limit(struct thread *td, struct freebsd32_cap_ioctls_limit_args *uap) { @@ -136,6 +148,14 @@ out: #else /* !CAPABILITIES */ int +freebsd32_cap_enter(struct thread *td, + struct freebsd32_cap_enter_args *uap) +{ + + return (ENOSYS); +} + +int freebsd32_cap_ioctls_limit(struct thread *td, struct freebsd32_cap_ioctls_limit_args *uap) { Modified: head/sys/compat/freebsd32/syscalls.master ============================================================================== --- head/sys/compat/freebsd32/syscalls.master Tue Sep 17 20:33:42 2013 (r255656) +++ head/sys/compat/freebsd32/syscalls.master Tue Sep 17 20:48:19 2013 (r255657) @@ -973,7 +973,7 @@ 514 AUE_NULL OBSOL cap_new 515 AUE_CAP_RIGHTS_GET NOPROTO { int __cap_rights_get(int version, \ int fd, cap_rights_t *rightsp); } -516 AUE_CAP_ENTER NOPROTO { int cap_enter(void); } +516 AUE_CAP_ENTER STD { int freebsd32_cap_enter(void); } 517 AUE_CAP_GETMODE NOPROTO { int cap_getmode(u_int *modep); } 518 AUE_PDFORK NOPROTO { int pdfork(int *fdp, int flags); } 519 AUE_PDKILL NOPROTO { int pdkill(int fd, int signum); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201309172048.r8HKmKSe081542>