Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 2 Jul 2019 19:12:02 +0000 (UTC)
From:      Konstantin Belousov <kib@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r349610 - head/usr.bin/proccontrol
Message-ID:  <201907021912.x62JC2Cu096456@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: kib
Date: Tue Jul  2 19:12:02 2019
New Revision: 349610
URL: https://svnweb.freebsd.org/changeset/base/349610

Log:
  Add implicit PROT_MAX() knob to proccontrol(1).
  
  Reviewed by:	emaste, markj (previous version)
  Discussed with:	brooks
  Sponsored by:	The FreeBSD Foundation
  Differential revision:	https://reviews.freebsd.org/D20795

Modified:
  head/usr.bin/proccontrol/proccontrol.1
  head/usr.bin/proccontrol/proccontrol.c

Modified: head/usr.bin/proccontrol/proccontrol.1
==============================================================================
--- head/usr.bin/proccontrol/proccontrol.1	Tue Jul  2 19:07:17 2019	(r349609)
+++ head/usr.bin/proccontrol/proccontrol.1	Tue Jul  2 19:12:02 2019	(r349610)
@@ -66,6 +66,9 @@ Note that process is only allowed to enable tracing fo
 not for any other process.
 .It Ar trapcap
 Controls the signalling of capability mode access violations.
+.It Ar protmax
+Controls the implicit PROT_MAX application for
+.Xr mmap 2 .
 .It Ar kpti
 Controls the KPTI enable, AMD64 only.
 .El

Modified: head/usr.bin/proccontrol/proccontrol.c
==============================================================================
--- head/usr.bin/proccontrol/proccontrol.c	Tue Jul  2 19:07:17 2019	(r349609)
+++ head/usr.bin/proccontrol/proccontrol.c	Tue Jul  2 19:12:02 2019	(r349610)
@@ -43,6 +43,7 @@ enum {
 	MODE_INVALID,
 	MODE_TRACE,
 	MODE_TRAPCAP,
+	MODE_PROTMAX,
 #ifdef PROC_KPTI_CTL
 	MODE_KPTI,
 #endif
@@ -72,7 +73,7 @@ static void __dead2
 usage(void)
 {
 
-	fprintf(stderr, "Usage: proccontrol -m (aslr|trace|trapcap"
+	fprintf(stderr, "Usage: proccontrol -m (aslr|protmax|trace|trapcap"
 	    KPTI_USAGE") [-q] "
 	    "[-s (enable|disable)] [-p pid | command]\n");
 	exit(1);
@@ -94,6 +95,8 @@ main(int argc, char *argv[])
 		case 'm':
 			if (strcmp(optarg, "aslr") == 0)
 				mode = MODE_ASLR;
+			else if (strcmp(optarg, "protmax") == 0)
+				mode = MODE_PROTMAX;
 			else if (strcmp(optarg, "trace") == 0)
 				mode = MODE_TRACE;
 			else if (strcmp(optarg, "trapcap") == 0)
@@ -147,6 +150,9 @@ main(int argc, char *argv[])
 		case MODE_TRAPCAP:
 			error = procctl(P_PID, pid, PROC_TRAPCAP_STATUS, &arg);
 			break;
+		case MODE_PROTMAX:
+			error = procctl(P_PID, pid, PROC_PROTMAX_STATUS, &arg);
+			break;
 #ifdef PROC_KPTI_CTL
 		case MODE_KPTI:
 			error = procctl(P_PID, pid, PROC_KPTI_STATUS, &arg);
@@ -194,6 +200,23 @@ main(int argc, char *argv[])
 				break;
 			}
 			break;
+		case MODE_PROTMAX:
+			switch (arg & ~PROC_PROTMAX_ACTIVE) {
+			case PROC_PROTMAX_FORCE_ENABLE:
+				printf("force enabled");
+				break;
+			case PROC_PROTMAX_FORCE_DISABLE:
+				printf("force disabled");
+				break;
+			case PROC_PROTMAX_NOFORCE:
+				printf("not forced");
+				break;
+			}
+			if ((arg & PROC_PROTMAX_ACTIVE) != 0)
+				printf(", active\n");
+			else
+				printf(", not active\n");
+			break;
 #ifdef PROC_KPTI_CTL
 		case MODE_KPTI:
 			switch (arg & ~PROC_KPTI_STATUS_ACTIVE) {
@@ -227,6 +250,11 @@ main(int argc, char *argv[])
 			arg = enable ? PROC_TRAPCAP_CTL_ENABLE :
 			    PROC_TRAPCAP_CTL_DISABLE;
 			error = procctl(P_PID, pid, PROC_TRAPCAP_CTL, &arg);
+			break;
+		case MODE_PROTMAX:
+			arg = enable ? PROC_PROTMAX_FORCE_ENABLE :
+			    PROC_PROTMAX_FORCE_DISABLE;
+			error = procctl(P_PID, pid, PROC_PROTMAX_CTL, &arg);
 			break;
 #ifdef PROC_KPTI_CTL
 		case MODE_KPTI:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201907021912.x62JC2Cu096456>